last executing test programs: 4.043089375s ago: executing program 0 (id=444): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'essiv(cbc(aes),sha256)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)="d4acd37aecb8903a6aa32a7f401dfa35", 0x10}], 0x1}, 0x8090) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) sendmsg$NL80211_CMD_JOIN_OCB(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYBLOB="010028bd7000ffdbdf256c00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900020000008000000008002600710900000800270003000000"], 0x38}, 0x1, 0x0, 0x0, 0x24004015}, 0x448d0) 3.922648819s ago: executing program 0 (id=445): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0}) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000000c0)=0x0, &(0x7f0000000280)=0x0) syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x41, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}) r6 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0x7, @mcast1, 0x6}, 0x1c) sendto$inet6(r6, &(0x7f0000000100)="80000fdc2208a1ce", 0x8, 0x0, 0x0, 0x0) recvmmsg(r6, &(0x7f0000006280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000300)={0xffffffffffffffff, 0x9, 0x8}, 0xc) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000380)={'ip6gre0\x00', &(0x7f0000000480)={'ip6tnl0\x00', 0x0, 0x4, 0x2, 0x80, 0xea3d, 0x413c24e7ec163e75, @remote, @mcast2, 0x8, 0x80, 0xa}}) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@bloom_filter={0x1e, 0x10, 0x8, 0x20ef, 0x120, r7, 0x40a2, '\x00', r8, r6, 0x0, 0x1, 0x5, 0x4, @void, @value, @void, @value}, 0x50) 3.009812704s ago: executing program 0 (id=455): syz_emit_vhci(&(0x7f0000000b40)=ANY=[], 0x2fe) 2.950094293s ago: executing program 0 (id=456): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000800)={r4, 0x0, 0x0, 0xffffff2c, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) syz_clone3(&(0x7f0000000200)={0x100000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = syz_open_dev$dri(&(0x7f0000000280), 0x7, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x7e) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='bpf\x00', 0x0, &(0x7f0000000100)='gid=1\x00nk]e') r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') r7 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) sendfile(r7, r6, 0x0, 0x80000000) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) 2.458234955s ago: executing program 0 (id=459): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00'}, 0x10) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x3c0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000050000000200000004000000050000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) dup2(0xffffffffffffffff, 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6(0xa, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00'}) bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x20004809, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 2.371718407s ago: executing program 0 (id=461): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) r2 = syz_open_procfs(0xffffffffffffffff, 0x0) write$cgroup_int(r2, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00', 0x0}) r4 = openat$sr(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x309, &(0x7f0000000200)=ANY=[]) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x100, 0x20, 0x6, 0xc1, r2, 0xfff, '\x00', r3, r4, 0x0, 0x2, 0x5, 0xa, @void, @value, @void, @value}, 0x48) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_emit_ethernet(0x46, &(0x7f00000001c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd600000000000000000bbff02000000000000000000000000000186009078ff00000000000000000000004044e5d0bbd00b7367c76b89bd259200"/85], 0x0) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="64000000020605000a0000000000000000000009100003806269746d61703a706f72740005000400000000000900020073797a30000a0000050005000000000005000100060000001c000780080006409effff7d06000440fe20000006000540"], 0x64}}, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r6 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r6) syz_usb_connect(0x4, 0x24, &(0x7f0000000180)=ANY=[], 0x0) ioctl$EVIOCRMFF(r6, 0x5501, &(0x7f0000000400)) r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000010ef170960000000000001090224000100fd2400090400000103000000092100000001220500090581030000260000"], 0x0) syz_usb_control_io$hid(r7, 0x0, 0x0) syz_usb_control_io$hid(r7, &(0x7f0000001440)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="474bdcf7f162b557fc5df922050000000b741cb976"], 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000080)={0x0, "fe79ca3351f25129c1ca0c4b310f855c55392fde21c7d98aef39b24985c9c778"}) socket$packet(0x11, 0x2, 0x300) sendmsg$IPSET_CMD_RENAME(r5, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x54, 0x5, 0x6, 0x5, 0x0, 0x0, {0x3, 0x0, 0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x8040}, 0x4040) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) inotify_init1(0x0) 2.057844906s ago: executing program 2 (id=464): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0}) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000000c0)=0x0, &(0x7f0000000280)=0x0) syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x41, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}) r6 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r6, &(0x7f0000000040)={0xa, 0x0, 0x7, @mcast1, 0x6}, 0x1c) sendto$inet6(r6, &(0x7f0000000100)="80000fdc2208a1ce", 0x8, 0x0, 0x0, 0x0) recvmmsg(r6, &(0x7f0000006280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000300)={0xffffffffffffffff, 0x9, 0x8}, 0xc) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000380)={'ip6gre0\x00', &(0x7f0000000480)={'ip6tnl0\x00', 0x0, 0x4, 0x2, 0x80, 0xea3d, 0x413c24e7ec163e75, @remote, @mcast2, 0x8, 0x80, 0xa}}) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@bloom_filter={0x1e, 0x10, 0x8, 0x20ef, 0x120, r7, 0x40a2, '\x00', r8, r6, 0x0, 0x1, 0x5, 0x4, @void, @value, @void, @value}, 0x50) 1.882990312s ago: executing program 3 (id=466): openat$autofs(0xffffff9c, &(0x7f0000000000), 0x200142, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) socket$netlink(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan1\x00'}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc}, @NFTA_LIMIT_UNIT={0xc}]}}}, {0x14, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd4}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a30"], 0x4b0}}, 0x0) r2 = dup(r0) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = socket$inet6(0xa, 0x806, 0x0) bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) listen(r3, 0x3) r4 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r4, &(0x7f0000772000)={0x2, 0x4e23}, 0x10) r5 = accept4(r3, 0x0, 0x0, 0x0) recvmmsg(r4, &(0x7f0000007940), 0x55, 0x0, 0x0) sendmmsg(r5, &(0x7f0000001500), 0x588, 0x0) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="500000000101010300000000000000000a0000000c001980080002f4c5050000300002802c00018014000300fc010014000400fc0100000000000000000000000000008a62e100fde382613d6076d9bcf075098adbb46e77af4ddc5dd21370a66be0e30118cfe30ab234748d4834e1a57d8cb0bb071600bf37b559ffe89de3396224486f2e37de27866fa61c33aa482b8382a6dc3e4834566f03ba13150197a5f33d224102bf526b77b846af7cccae92c79a0f9ebec5c0b5ea1073c7b789a1ec4153da4336b233fd2a21f51810d2314440f9eba017061a79ba0a6fbf95ec7f77498601685f759e5acf898a106b3f80cda4ac0126e9da3821d45cec2a5164612c7d397fa3e2ef97d5cb2cd82f3b7eebddd76a07b63d907931bde86584a19ace41be5f227bd06744"], 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)=ANY=[@ANYRES8=r2], 0x28}}, 0x24000080) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00000000000000000000090000000c000180080001"], 0x20}}, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="d81400003d00010027bd82000000000002"], 0x14d8}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, 0x0) chdir(&(0x7f0000000280)='./file0\x00') 1.583350678s ago: executing program 1 (id=467): r0 = syz_io_uring_setup(0x46bb, 0x0, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000680)={&(0x7f0000000500)=@sco={0x1f, @none}, 0x80, 0x0}}) io_uring_enter(r0, 0x291c, 0x0, 0x0, 0x0, 0x0) 1.58308912s ago: executing program 1 (id=468): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0}) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000000c0)=0x0, &(0x7f0000000280)=0x0) r6 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad0000abfa"], 0x125) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x41, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}) r7 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x7, @mcast1, 0x6}, 0x1c) sendto$inet6(r7, &(0x7f0000000100)="80000fdc2208a1ce", 0x8, 0x0, 0x0, 0x0) recvmmsg(r7, &(0x7f0000006280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 1.44291958s ago: executing program 3 (id=469): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00'}, 0x10) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x3c0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000050000000200000004000000050000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) dup2(0xffffffffffffffff, 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6(0xa, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00'}) bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x20004809, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 1.279122164s ago: executing program 3 (id=470): chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00') umount2(&(0x7f0000000240)='./file0/../file0/../file0\x00', 0x0) 1.278799489s ago: executing program 3 (id=471): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0}) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000000c0)=0x0, &(0x7f0000000280)=0x0) r6 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x40042) write$binfmt_aout(r6, &(0x7f0000000200)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad0000abfa"], 0x125) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x41, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}) r7 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$sock_int(r7, 0x1, 0x1d, &(0x7f0000000000)=0x5, 0x4) connect$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x7, @mcast1, 0x6}, 0x1c) sendto$inet6(r7, &(0x7f0000000100)="80000fdc2208a1ce", 0x8, 0x0, 0x0, 0x0) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 872.614413ms ago: executing program 2 (id=472): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000680)={0x0, 0x0, 0x0}}) io_uring_enter(0xffffffffffffffff, 0x291c, 0x0, 0x0, 0x0, 0x0) 872.325976ms ago: executing program 2 (id=473): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000800)={r3, 0x0, 0x0, 0xffffff2c, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) syz_clone3(&(0x7f0000000200)={0x100000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = syz_open_dev$dri(&(0x7f0000000280), 0x7, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)=0x7e) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='bpf\x00', 0x0, &(0x7f0000000100)='gid=1\x00nk]e') r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') r7 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) sendfile(r7, r6, 0x0, 0x80000000) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) 656.142408ms ago: executing program 1 (id=474): syz_emit_vhci(&(0x7f0000000b40)=ANY=[@ANYBLOB], 0x2fe) 655.946039ms ago: executing program 1 (id=475): socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r1, &(0x7f0000000240)=""/203, 0xcb) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335, @tick=0x4}) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0xc04c5349, &(0x7f0000000340)) tkill(r0, 0x7) ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, 0x0) ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, 0x0) 477.462513ms ago: executing program 3 (id=476): r0 = syz_io_uring_setup(0x46bb, 0x0, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000680)={&(0x7f0000000500)=@sco={0x1f, @none}, 0x80, 0x0}}) io_uring_enter(r0, 0x291c, 0x0, 0x0, 0x0, 0x0) 474.574774ms ago: executing program 1 (id=477): openat$autofs(0xffffff9c, &(0x7f0000000000), 0x200142, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) socket$netlink(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0500000000000000000044000000080003005135aea60b913c9d1ef638bb795b1403252a7ca92a94c988badb90619bdf7076fc21503941e09f4fda84282fdc67b03af9ddcafee7a8eab1d5983c3e4ea39145a5ca5287c13e777f124a8899145597c12eeda43e45756b410df1df60a387a9dfdcaec9f004288c32f6ebf9e61c82556fb560a5eb44d773b67ebb2ab80c738d6158c96f9bc4358296021b85299d2568d279f5ef556ce0b0e0792c4702de753dbd8853d3e94ea85352b8e8d6f3", @ANYRESOCT=r0], 0x34}}, 0x800) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc}, @NFTA_LIMIT_UNIT={0xc}]}}}, {0x14, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd4}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a30"], 0x4b0}}, 0x0) r3 = dup(r0) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$inet6(0xa, 0x806, 0x0) bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) listen(r4, 0x3) r5 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10) r6 = accept4(r4, 0x0, 0x0, 0x0) recvmmsg(r5, &(0x7f0000007940), 0x55, 0x0, 0x0) sendmmsg(r6, &(0x7f0000001500), 0x588, 0x0) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="500000000101010300000000000000000a0000000c001980080002f4c5050000300002802c00018014000300fc010014000400fc0100000000000000000000000000008a62e100fde382613d6076d9bcf075098adbb46e77af4ddc5dd21370a66be0e30118cfe30ab234748d4834e1a57d8cb0bb071600bf37b559ffe89de3396224486f2e37de27866fa61c33aa482b8382a6dc3e4834566f03ba13150197a5f33d224102bf526b77b846af7cccae92c79a0f9ebec5c0b5ea1073c7b789a1ec4153da4336b233fd2a21f51810d2314440f9eba017061a79ba0a6fbf95ec7f77498601685f759e5acf898a106b3f80cda4ac0126e9da3821d45cec2a5164612c7d397fa3e2ef97d5cb2cd82f3b7eebddd76a07b63d907931bde86584a19ace41be5f227bd06744"], 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)=ANY=[@ANYRES8=r3], 0x28}}, 0x24000080) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00000000000000000000090000000c000180080001"], 0x20}}, 0x0) sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="d81400003d00010027bd82000000000002"], 0x14d8}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x2, 0x0) chdir(&(0x7f0000000280)='./file0\x00') 289.869721ms ago: executing program 2 (id=478): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00'}, 0x10) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, 0x0, 0x3c0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000005000000020000000400000005000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x48) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) dup2(0xffffffffffffffff, 0xffffffffffffffff) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6(0xa, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00'}) bind$inet6(r3, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r3, 0x0, 0x0, 0x20004809, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 289.528686ms ago: executing program 3 (id=479): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000800", @ANYRES32=0x0, @ANYBLOB='\x00'/13, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000005a8a6aee00000000007f684bed126e8c77310937dae51c9d6e03000000c9a5a9e12993ec47dcb102e5531a4b703fae74d014f90c89e116fe12a0873d7133dd7a8ca60d5423144172870ff9c0ee9f11ab6f66c500"/115], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000800)={r4, 0x0, 0x0, 0xffffff2c, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) syz_clone3(&(0x7f0000000200)={0x100000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = syz_open_dev$dri(&(0x7f0000000280), 0x7, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0x7e) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='bpf\x00', 0x0, &(0x7f0000000100)='gid=1\x00nk]e') r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') r8 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) sendfile(r8, r7, 0x0, 0x80000000) syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) 289.049937ms ago: executing program 2 (id=480): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'essiv(cbc(aes),sha256)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000140)="d4acd37aecb8903a6aa32a7f401dfa35", 0x10}], 0x1}, 0x8090) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) sendmsg$NL80211_CMD_JOIN_OCB(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESHEX, @ANYRES16=0x0, @ANYBLOB="010028bd7000ffdbdf256c00000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900020000008000000008002600710900000800270003000000"], 0x38}, 0x1, 0x0, 0x0, 0x24004015}, 0x448d0) 163.086005ms ago: executing program 2 (id=481): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1c) mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f00000002c0)='./file0\x00') r0 = socket$nl_route(0x10, 0x3, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000006, 0x31, 0xffffffffffffffff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0x8, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000) getpid() r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x68a500, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) close(r4) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) close(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000000280)={'syzkaller0\x00'}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000580)=ANY=[], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000400)=ANY=[@ANYRESDEC=r7, @ANYRESOCT=r6, @ANYRES16=r5], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10) r10 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r10, 0x1, &(0x7f0000000580)=ANY=[@ANYRES16=r8, @ANYRES64, @ANYBLOB="7172c07cd3aa1dad5ad736b801a7f483512afabbb431127db0228219e8071c5d324aa84cbb19bb79d7a1b97cf906daee171ee355147e2e3d092c98dc8c3cfbcd6aaba580977d1dbf65c4787a4a26a4e31574bf5c0510092cea776a0c46277d474d6c9df3c8974132eb44b921e461d78c7199ecfb50d483906874b0c9a4a159d97a02a2679dce8525f3264c31d7f72f3bf5c2d228acab6dd3900caf69e0782f2624bbfd4c46aa12aa32eaacfc76ffe4b76163df1d6d"]) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000010000104000000000005000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010062726964676500001400028005002c0002000000080004"], 0x44}}, 0x0) 0s ago: executing program 1 (id=482): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="163e6cce65ffff000000000800395032303030"], 0x15) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff0180"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x30) write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="7f450700000053c407cd"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000036c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any}, {@nodevmap}], [], 0x6b}}) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1) chdir(&(0x7f0000000200)='./file0\x00') open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:65311' (ED25519) to the list of known hosts. [ 34.031018][ T5332] cgroup: Unknown subsys name 'net' [ 34.158757][ T5332] cgroup: Unknown subsys name 'cpuset' [ 34.163206][ T5332] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 34.983875][ T5332] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 37.557220][ T5357] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 37.559999][ T5357] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 37.562701][ T5357] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 37.565117][ T5357] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 37.566643][ T5358] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 37.567243][ T5357] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 37.569451][ T5358] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 37.571615][ T5357] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 37.572046][ T5359] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 37.572982][ T5358] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 37.572988][ T5359] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 37.574673][ T5357] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 37.575942][ T5359] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 37.576201][ T5359] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 37.576596][ T5358] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 37.577888][ T5358] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 37.578089][ T5358] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 37.578197][ T5358] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 37.578327][ T5357] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 37.579361][ T5360] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 37.580148][ T5360] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 37.580272][ T5359] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 37.580556][ T5359] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 37.583509][ T5355] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 37.755280][ T5347] chnl_net:caif_netlink_parms(): no params data found [ 37.768742][ T5352] chnl_net:caif_netlink_parms(): no params data found [ 37.786992][ T5354] chnl_net:caif_netlink_parms(): no params data found [ 37.900121][ T5347] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.902404][ T5347] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.904621][ T5347] bridge_slave_0: entered allmulticast mode [ 37.908351][ T5347] bridge_slave_0: entered promiscuous mode [ 37.913005][ T5345] chnl_net:caif_netlink_parms(): no params data found [ 37.946819][ T5347] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.949032][ T5347] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.950971][ T5347] bridge_slave_1: entered allmulticast mode [ 37.953414][ T5347] bridge_slave_1: entered promiscuous mode [ 37.978679][ T5352] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.981097][ T5352] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.983431][ T5352] bridge_slave_0: entered allmulticast mode [ 37.986404][ T5352] bridge_slave_0: entered promiscuous mode [ 38.006691][ T5347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.013203][ T5352] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.015455][ T5352] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.017419][ T5352] bridge_slave_1: entered allmulticast mode [ 38.019368][ T5352] bridge_slave_1: entered promiscuous mode [ 38.030584][ T5354] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.032411][ T5354] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.034202][ T5354] bridge_slave_0: entered allmulticast mode [ 38.036734][ T5354] bridge_slave_0: entered promiscuous mode [ 38.040117][ T5347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.078592][ T5354] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.080501][ T5354] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.082373][ T5354] bridge_slave_1: entered allmulticast mode [ 38.084390][ T5354] bridge_slave_1: entered promiscuous mode [ 38.103973][ T5345] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.105994][ T5345] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.107833][ T5345] bridge_slave_0: entered allmulticast mode [ 38.109890][ T5345] bridge_slave_0: entered promiscuous mode [ 38.113347][ T5352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.117024][ T5352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.137395][ T5347] team0: Port device team_slave_0 added [ 38.140096][ T5347] team0: Port device team_slave_1 added [ 38.141706][ T5345] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.143501][ T5345] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.145608][ T5345] bridge_slave_1: entered allmulticast mode [ 38.148641][ T5345] bridge_slave_1: entered promiscuous mode [ 38.173952][ T5354] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.206492][ T5345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.226371][ T5354] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.229741][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.231634][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.238377][ T5347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.242393][ T5347] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.244175][ T5347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.250850][ T5347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.254682][ T5345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.267083][ T5352] team0: Port device team_slave_0 added [ 38.302021][ T5345] team0: Port device team_slave_0 added [ 38.304841][ T5352] team0: Port device team_slave_1 added [ 38.308501][ T5354] team0: Port device team_slave_0 added [ 38.310798][ T5345] team0: Port device team_slave_1 added [ 38.337808][ T5354] team0: Port device team_slave_1 added [ 38.361813][ T5352] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.363583][ T5352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.370488][ T5352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.381803][ T5345] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.383541][ T5345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.390557][ T5345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.395994][ T5347] hsr_slave_0: entered promiscuous mode [ 38.398064][ T5347] hsr_slave_1: entered promiscuous mode [ 38.400557][ T5352] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.402328][ T5352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.408552][ T5352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.419665][ T5345] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.421459][ T5345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.428022][ T5345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.436058][ T5354] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.437868][ T5354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.444313][ T5354] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.448209][ T5354] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.449998][ T5354] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.456738][ T5354] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.509017][ T5345] hsr_slave_0: entered promiscuous mode [ 38.510780][ T5345] hsr_slave_1: entered promiscuous mode [ 38.512427][ T5345] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.514438][ T5345] Cannot create hsr debugfs directory [ 38.543366][ T5354] hsr_slave_0: entered promiscuous mode [ 38.545988][ T5354] hsr_slave_1: entered promiscuous mode [ 38.547765][ T5354] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.549787][ T5354] Cannot create hsr debugfs directory [ 38.552794][ T5352] hsr_slave_0: entered promiscuous mode [ 38.554585][ T5352] hsr_slave_1: entered promiscuous mode [ 38.556568][ T5352] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.558447][ T5352] Cannot create hsr debugfs directory [ 38.716086][ T5347] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 38.720512][ T5347] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 38.723501][ T5347] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 38.727590][ T5347] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 38.761531][ T5345] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 38.764979][ T5345] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 38.769288][ T5345] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 38.772184][ T5345] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 38.790530][ T5354] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.794760][ T5354] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.799289][ T5354] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.802158][ T5354] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 38.835331][ T5352] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 38.838514][ T5352] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 38.844661][ T5352] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 38.850164][ T5352] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 38.869468][ T5347] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.891497][ T5347] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.899354][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.901260][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.913635][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.915514][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.926344][ T5345] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.949960][ T5354] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.959331][ T5345] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.970858][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.972697][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.978545][ T5354] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.993159][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.995403][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.999071][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.000930][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.008503][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.010431][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.043243][ T5354] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 39.048328][ T5354] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.058364][ T5345] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.067670][ T5352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.073749][ T5347] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.080206][ T5352] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.086123][ T95] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.088118][ T95] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.098093][ T95] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.100151][ T95] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.121320][ T5347] veth0_vlan: entered promiscuous mode [ 39.133156][ T5347] veth1_vlan: entered promiscuous mode [ 39.146101][ T5354] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.149591][ T5345] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.163430][ T5347] veth0_macvtap: entered promiscuous mode [ 39.171280][ T5347] veth1_macvtap: entered promiscuous mode [ 39.186879][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.189754][ T5354] veth0_vlan: entered promiscuous mode [ 39.192921][ T5345] veth0_vlan: entered promiscuous mode [ 39.197922][ T5347] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.204501][ T5347] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.207756][ T5347] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.209964][ T5347] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.212071][ T5347] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.224272][ T5345] veth1_vlan: entered promiscuous mode [ 39.227536][ T5354] veth1_vlan: entered promiscuous mode [ 39.238586][ T5352] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.253308][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.256699][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.278148][ T5345] veth0_macvtap: entered promiscuous mode [ 39.281220][ T97] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.283179][ T97] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.285075][ T5354] veth0_macvtap: entered promiscuous mode [ 39.288599][ T5345] veth1_macvtap: entered promiscuous mode [ 39.296512][ T5354] veth1_macvtap: entered promiscuous mode [ 39.303453][ T5352] veth0_vlan: entered promiscuous mode [ 39.310305][ T5354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.310907][ T5347] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 39.313172][ T5354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.320315][ T5354] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.324783][ T5354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.327509][ T5354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.330805][ T5354] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.333510][ T5352] veth1_vlan: entered promiscuous mode [ 39.338869][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.341577][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.344023][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.347504][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.351625][ T5345] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.354735][ T5354] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.357522][ T5354] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.359841][ T5354] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.360975][ T5408] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3'. [ 39.362019][ T5354] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.370335][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.373066][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.375609][ T5345] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.378320][ T5345] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.384275][ T5345] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.384926][ T5408] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3'. [ 39.394075][ T5345] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.399997][ T5345] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.403099][ T5345] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.406444][ T5345] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.422810][ T5352] veth0_macvtap: entered promiscuous mode [ 39.431870][ T5352] veth1_macvtap: entered promiscuous mode [ 39.448379][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.451011][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.453457][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.456436][ T5409] netlink: 5304 bytes leftover after parsing attributes in process `syz.2.3'. [ 39.457419][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.461201][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.464349][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.468499][ T5352] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.480958][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.483662][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.490752][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.493504][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.499273][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.502007][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.506955][ T5352] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.513534][ T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.515367][ T97] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.517403][ T97] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.518003][ T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.530509][ T5352] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.532807][ T5352] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.535361][ T5352] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.537597][ T5352] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.550079][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.552193][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.553940][ T97] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.559642][ T97] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.580331][ T97] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.582421][ T97] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.606427][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.608591][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.625458][ T4781] Bluetooth: hci0: command tx timeout [ 39.630948][ T5412] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 39.635146][ T4781] Bluetooth: hci1: command tx timeout [ 39.635997][ T5355] Bluetooth: hci2: command tx timeout [ 39.636702][ T4781] Bluetooth: hci3: command tx timeout [ 39.672553][ T5414] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1'. [ 39.678332][ T5414] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1'. [ 39.817258][ T5418] 9pnet_virtio: no channels available for device syz [ 40.477077][ T56] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 40.486944][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 40.884877][ T56] usb 6-1: Using ep0 maxpacket: 16 [ 40.888639][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 40.891567][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 40.894074][ T56] usb 6-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 40.896963][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 40.900609][ T56] usb 6-1: config 0 descriptor?? [ 41.564263][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 41.715671][ T4781] Bluetooth: hci2: command tx timeout [ 41.716042][ T5351] Bluetooth: hci3: command tx timeout [ 41.717062][ T5355] Bluetooth: hci1: command tx timeout [ 41.717090][ T5355] Bluetooth: hci0: command tx timeout [ 41.815091][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 41.910304][ T56] usb 6-1: string descriptor 0 read error: -71 [ 41.917656][ T56] usbhid 6-1:0.0: can't add hid device: -71 [ 41.920176][ T56] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 41.925541][ T56] usb 6-1: USB disconnect, device number 2 [ 42.722749][ T5481] syzkaller0: entered promiscuous mode [ 42.724297][ T5481] syzkaller0: entered allmulticast mode [ 42.819335][ T5484] program syz.0.16 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 43.784954][ T5351] Bluetooth: hci2: command tx timeout [ 43.784987][ T4781] Bluetooth: hci0: command tx timeout [ 43.785021][ T5359] Bluetooth: hci1: command tx timeout [ 43.785044][ T5359] Bluetooth: hci3: command tx timeout [ 44.985135][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 44.995143][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 45.065220][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 45.082698][ T5529] netlink: 24 bytes leftover after parsing attributes in process `syz.1.25'. [ 45.095444][ T5529] netlink: 48 bytes leftover after parsing attributes in process `syz.1.25'. [ 45.129866][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 45.193728][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 45.247394][ T5530] netlink: 5304 bytes leftover after parsing attributes in process `syz.1.25'. [ 45.324858][ T35] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 45.389368][ T5532] 9pnet_virtio: no channels available for device syz [ 45.405597][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 45.489688][ T5533] syzkaller0: entered promiscuous mode [ 45.491669][ T5533] syzkaller0: entered allmulticast mode [ 45.514913][ T35] usb 5-1: Using ep0 maxpacket: 16 [ 45.520916][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 45.523970][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 45.527235][ T35] usb 5-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 45.529691][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 45.533137][ T35] usb 5-1: config 0 descriptor?? [ 45.536235][ T5535] netlink: 24 bytes leftover after parsing attributes in process `syz.1.27'. [ 45.574451][ T5535] netlink: 48 bytes leftover after parsing attributes in process `syz.1.27'. [ 45.580560][ T5533] program syz.3.26 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 45.689586][ T5536] netlink: 5304 bytes leftover after parsing attributes in process `syz.1.27'. [ 45.866908][ T4781] Bluetooth: hci2: command tx timeout [ 45.867373][ T5351] Bluetooth: hci3: command tx timeout [ 45.869040][ T5355] Bluetooth: hci0: command tx timeout [ 45.870492][ T5351] Bluetooth: hci1: command tx timeout [ 46.176892][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 46.314385][ T35] usb 5-1: string descriptor 0 read error: -71 [ 46.319028][ T35] usbhid 5-1:0.0: can't add hid device: -71 [ 46.320624][ T35] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 46.324892][ T35] usb 5-1: USB disconnect, device number 2 [ 46.919827][ T5559] netlink: 24 bytes leftover after parsing attributes in process `syz.0.33'. [ 47.032188][ T5561] netlink: 48 bytes leftover after parsing attributes in process `syz.0.33'. [ 47.182109][ T5555] syz.1.32 (5555) used greatest stack depth: 21456 bytes left [ 47.355839][ T5567] netlink: 5304 bytes leftover after parsing attributes in process `syz.0.33'. [ 47.569494][ T5585] 9pnet_virtio: no channels available for device syz [ 47.854916][ T5586] syzkaller0: entered promiscuous mode [ 47.856381][ T5586] syzkaller0: entered allmulticast mode [ 47.923391][ T5591] program syz.1.39 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 48.404721][ T95] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.518115][ T5359] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 48.520648][ T5359] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 48.522814][ T5359] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 48.531923][ T5359] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 48.542315][ T5359] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 48.545458][ T5359] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 48.940880][ T5620] netlink: 24 bytes leftover after parsing attributes in process `syz.0.49'. [ 49.615278][ T95] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.716910][ T5611] chnl_net:caif_netlink_parms(): no params data found [ 49.760288][ T5611] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.762223][ T5611] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.764252][ T5611] bridge_slave_0: entered allmulticast mode [ 49.768137][ T5611] bridge_slave_0: entered promiscuous mode [ 49.770711][ T5611] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.772520][ T5611] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.774314][ T5611] bridge_slave_1: entered allmulticast mode [ 49.776406][ T5611] bridge_slave_1: entered promiscuous mode [ 49.809564][ T95] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.818683][ T5611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.822398][ T5611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.843116][ T5611] team0: Port device team_slave_0 added [ 49.847109][ T5611] team0: Port device team_slave_1 added [ 49.864611][ T5611] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.866569][ T5611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.873288][ T5611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.877795][ T5611] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.879539][ T5611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.886872][ T5611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.939189][ T95] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.941896][ T39] audit: type=1326 audit(1729552755.599:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 49.955061][ T39] audit: type=1326 audit(1729552755.599:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 49.960421][ T39] audit: type=1326 audit(1729552755.599:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 49.966426][ T39] audit: type=1326 audit(1729552755.599:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 49.972995][ T39] audit: type=1326 audit(1729552755.599:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 49.979787][ T5611] hsr_slave_0: entered promiscuous mode [ 49.979825][ T39] audit: type=1326 audit(1729552755.599:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 49.986806][ T5611] hsr_slave_1: entered promiscuous mode [ 49.988002][ T39] audit: type=1326 audit(1729552755.599:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 49.993764][ T39] audit: type=1326 audit(1729552755.599:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 49.994485][ T5611] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.000510][ T39] audit: type=1326 audit(1729552755.599:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 50.008232][ T39] audit: type=1326 audit(1729552755.609:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.3.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 50.011518][ T5611] Cannot create hsr debugfs directory [ 50.110230][ T95] bridge_slave_1: left allmulticast mode [ 50.111819][ T95] bridge_slave_1: left promiscuous mode [ 50.113757][ T95] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.125671][ T95] bridge_slave_0: left allmulticast mode [ 50.127147][ T95] bridge_slave_0: left promiscuous mode [ 50.128877][ T95] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.351882][ T95] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 50.358746][ T95] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 50.363009][ T95] bond0 (unregistering): Released all slaves [ 50.595755][ T5351] Bluetooth: hci1: command tx timeout [ 50.740124][ T95] hsr_slave_0: left promiscuous mode [ 50.747615][ T95] hsr_slave_1: left promiscuous mode [ 50.749717][ T95] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 50.751635][ T95] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 50.758145][ T95] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 50.760008][ T95] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 50.777231][ T95] veth1_macvtap: left promiscuous mode [ 50.778802][ T95] veth0_macvtap: left promiscuous mode [ 50.780310][ T95] veth1_vlan: left promiscuous mode [ 50.781702][ T95] veth0_vlan: left promiscuous mode [ 51.288567][ T95] team0 (unregistering): Port device team_slave_1 removed [ 51.343701][ T95] team0 (unregistering): Port device team_slave_0 removed [ 51.555633][ T5669] __nla_validate_parse: 1 callbacks suppressed [ 51.555719][ T5669] netlink: 24 bytes leftover after parsing attributes in process `syz.3.55'. [ 51.609519][ T5672] netlink: 48 bytes leftover after parsing attributes in process `syz.3.55'. [ 52.106951][ T5611] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 52.121695][ T5611] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 52.136161][ T5611] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 52.149648][ T5611] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 52.205896][ T5611] 8021q: adding VLAN 0 to HW filter on device bond0 [ 52.214502][ T5611] 8021q: adding VLAN 0 to HW filter on device team0 [ 52.219450][ T97] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.221365][ T97] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.237693][ T97] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.239628][ T97] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.254283][ T5611] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 52.259125][ T5611] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 52.334391][ T5611] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.362022][ T5611] veth0_vlan: entered promiscuous mode [ 52.369484][ T5611] veth1_vlan: entered promiscuous mode [ 52.383461][ T5699] netlink: 24 bytes leftover after parsing attributes in process `syz.3.58'. [ 52.396432][ T5699] netlink: 48 bytes leftover after parsing attributes in process `syz.3.58'. [ 52.402049][ T5611] veth0_macvtap: entered promiscuous mode [ 52.406772][ T5611] veth1_macvtap: entered promiscuous mode [ 52.436379][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.439084][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.441604][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.444283][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.447130][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.449820][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.453061][ T5611] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.456254][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.458898][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.461381][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.464898][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.467489][ T5611] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.470144][ T5611] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.473423][ T5611] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.482475][ T5611] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.484678][ T5611] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.487062][ T5611] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.489251][ T5611] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.520316][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.522328][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.535744][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.539162][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.550987][ T5707] netlink: 24 bytes leftover after parsing attributes in process `syz.0.60'. [ 52.557231][ T5707] netlink: 48 bytes leftover after parsing attributes in process `syz.0.60'. [ 52.664187][ T5714] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 52.668906][ T5714] overlayfs: failed to set xattr on upper [ 52.670781][ T5714] overlayfs: ...falling back to redirect_dir=nofollow. [ 52.672999][ T5714] overlayfs: ...falling back to index=off. [ 52.674598][ T5714] overlayfs: ...falling back to uuid=null. [ 52.704953][ T5351] Bluetooth: hci1: command tx timeout [ 52.745889][ T5351] Bluetooth: hci0: command tx timeout [ 52.749399][ T5712] netlink: 5312 bytes leftover after parsing attributes in process `syz.0.60'. [ 52.957940][ T5708] netlink: 5312 bytes leftover after parsing attributes in process `syz.3.58'. [ 52.965785][ T5708] 9pnet_virtio: no channels available for device syz [ 53.155625][ T5722] netlink: 24 bytes leftover after parsing attributes in process `syz.0.62'. [ 53.160201][ T5722] netlink: 48 bytes leftover after parsing attributes in process `syz.0.62'. [ 54.745542][ T5351] Bluetooth: hci1: command tx timeout [ 54.825433][ T5351] Bluetooth: hci0: command tx timeout [ 54.841801][ T5761] 9pnet_virtio: no channels available for device syz [ 55.705018][ T831] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 55.865023][ T831] usb 6-1: Using ep0 maxpacket: 16 [ 55.869003][ T831] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 55.871844][ T831] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.874318][ T831] usb 6-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 55.908145][ T831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.911142][ T831] usb 6-1: config 0 descriptor?? [ 56.824914][ T5351] Bluetooth: hci1: command tx timeout [ 56.976559][ T831] usb 6-1: string descriptor 0 read error: -71 [ 56.982619][ T831] usbhid 6-1:0.0: can't add hid device: -71 [ 56.984318][ T831] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 56.988689][ T831] usb 6-1: USB disconnect, device number 3 [ 57.222062][ T5829] __nla_validate_parse: 21 callbacks suppressed [ 57.222080][ T5829] netlink: 16 bytes leftover after parsing attributes in process `syz.3.89'. [ 57.226620][ T5351] Bluetooth: hci3: command tx timeout [ 57.332294][ T5842] netlink: 8 bytes leftover after parsing attributes in process `syz.0.94'. [ 57.350183][ T5844] netlink: 4 bytes leftover after parsing attributes in process `syz.3.95'. [ 57.355283][ T5844] Zero length message leads to an empty skb [ 57.465991][ T5854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.99'. [ 57.566900][ T5870] netlink: 8 bytes leftover after parsing attributes in process `syz.0.106'. [ 57.575840][ T5872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.107'. [ 57.693980][ T5882] netlink: 24 bytes leftover after parsing attributes in process `syz.0.110'. [ 58.057021][ T5906] syzkaller0: entered promiscuous mode [ 58.058602][ T5906] syzkaller0: entered allmulticast mode [ 58.062358][ T5908] netlink: 8 bytes leftover after parsing attributes in process `syz.2.117'. [ 58.093486][ T5911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.118'. [ 58.096175][ T5906] program syz.3.115 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 58.997276][ T5936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.127'. [ 60.090433][ T5983] syzkaller0: entered promiscuous mode [ 60.091938][ T5983] syzkaller0: entered allmulticast mode [ 60.126447][ T5983] program syz.0.143 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 61.287890][ T39] kauditd_printk_skb: 7275 callbacks suppressed [ 61.287905][ T39] audit: type=1326 audit(1729552766.949:7287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.295611][ T39] audit: type=1326 audit(1729552766.949:7288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.301523][ T39] audit: type=1326 audit(1729552766.949:7289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.304896][ T5351] Bluetooth: hci0: command tx timeout [ 61.308732][ T39] audit: type=1326 audit(1729552766.949:7290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.315804][ T39] audit: type=1326 audit(1729552766.949:7291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.321052][ T39] audit: type=1326 audit(1729552766.949:7292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.326647][ T39] audit: type=1326 audit(1729552766.949:7293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.332219][ T39] audit: type=1326 audit(1729552766.949:7294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.338148][ T39] audit: type=1326 audit(1729552766.949:7295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.343586][ T39] audit: type=1326 audit(1729552766.949:7296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6032 comm="syz.0.161" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 61.942443][ T6068] syzkaller0: entered promiscuous mode [ 61.943739][ T6068] syzkaller0: entered allmulticast mode [ 61.997379][ T6068] program syz.3.172 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 63.317472][ T6075] __nla_validate_parse: 7 callbacks suppressed [ 63.317490][ T6075] netlink: 4 bytes leftover after parsing attributes in process `syz.2.177'. [ 63.394219][ T5351] Bluetooth: hci0: command tx timeout [ 63.411848][ T6105] netlink: 24 bytes leftover after parsing attributes in process `syz.2.187'. [ 63.624891][ T5351] Bluetooth: hci1: command tx timeout [ 63.723624][ T6120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.193'. [ 63.850657][ T6130] netlink: 24 bytes leftover after parsing attributes in process `syz.0.196'. [ 63.854279][ T6130] netlink: 48 bytes leftover after parsing attributes in process `syz.0.196'. [ 63.916520][ T6131] netlink: 5304 bytes leftover after parsing attributes in process `syz.0.196'. [ 63.959311][ T6133] 9pnet_virtio: no channels available for device syz [ 64.040344][ T6134] syzkaller0: entered promiscuous mode [ 64.041843][ T6134] syzkaller0: entered allmulticast mode [ 64.096414][ T6134] program syz.3.197 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 65.029144][ T6148] netlink: 4 bytes leftover after parsing attributes in process `syz.1.203'. [ 65.078000][ T6159] netlink: 24 bytes leftover after parsing attributes in process `syz.0.207'. [ 65.211652][ T6166] netlink: 24 bytes leftover after parsing attributes in process `syz.1.209'. [ 65.217266][ T6166] netlink: 48 bytes leftover after parsing attributes in process `syz.1.209'. [ 65.465062][ T5351] Bluetooth: hci0: command tx timeout [ 66.004246][ T6185] 9pnet_virtio: no channels available for device syz [ 66.108282][ T6190] syzkaller0: entered promiscuous mode [ 66.110485][ T6190] syzkaller0: entered allmulticast mode [ 66.262435][ T6198] program syz.0.216 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.362790][ T5351] Bluetooth: hci3: command tx timeout [ 66.522994][ T6207] 9pnet_fd: Insufficient options for proto=fd [ 67.364480][ T39] kauditd_printk_skb: 248 callbacks suppressed [ 67.364491][ T39] audit: type=1326 audit(1729552773.019:7545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.372215][ T39] audit: type=1326 audit(1729552773.019:7546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.385119][ T39] audit: type=1326 audit(1729552773.029:7547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.390581][ T39] audit: type=1326 audit(1729552773.029:7548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.399958][ T39] audit: type=1326 audit(1729552773.029:7549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.405637][ T39] audit: type=1326 audit(1729552773.029:7550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.411672][ T39] audit: type=1326 audit(1729552773.029:7551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.417399][ T39] audit: type=1326 audit(1729552773.029:7552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.422824][ T39] audit: type=1326 audit(1729552773.029:7553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.428548][ T39] audit: type=1326 audit(1729552773.039:7554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6224 comm="syz.0.229" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f33579 code=0x7ffc0000 [ 67.503125][ T6237] 9pnet_fd: Insufficient options for proto=fd [ 68.674917][ T5351] Bluetooth: hci0: command tx timeout [ 68.732074][ T6249] __nla_validate_parse: 7 callbacks suppressed [ 68.732085][ T6249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.236'. [ 68.902174][ T6271] 9pnet_fd: Insufficient options for proto=fd [ 68.934320][ T6278] netlink: 4 bytes leftover after parsing attributes in process `syz.1.246'. [ 68.968928][ T6281] netlink: 24 bytes leftover after parsing attributes in process `syz.1.247'. [ 68.973213][ T6281] netlink: 48 bytes leftover after parsing attributes in process `syz.1.247'. [ 69.073926][ T6281] netlink: 5304 bytes leftover after parsing attributes in process `syz.1.247'. [ 69.370612][ T6314] netlink: 4 bytes leftover after parsing attributes in process `syz.0.255'. [ 69.914921][ T5351] Bluetooth: hci2: command tx timeout [ 70.290107][ T6330] netlink: 24 bytes leftover after parsing attributes in process `syz.3.262'. [ 70.293353][ T6330] netlink: 48 bytes leftover after parsing attributes in process `syz.3.262'. [ 70.412965][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.267'. [ 70.456911][ T6337] netlink: 5304 bytes leftover after parsing attributes in process `syz.3.262'. [ 70.677124][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.678865][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.264909][ T5351] Bluetooth: hci3: command tx timeout [ 72.990469][ T5351] Bluetooth: hci0: command tx timeout [ 73.504964][ T39] kauditd_printk_skb: 241 callbacks suppressed [ 73.504974][ T39] audit: type=1326 audit(1729552779.139:7796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.512109][ T39] audit: type=1326 audit(1729552779.139:7797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.519270][ T39] audit: type=1326 audit(1729552779.139:7798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.524715][ T39] audit: type=1326 audit(1729552779.139:7799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.531004][ T39] audit: type=1326 audit(1729552779.139:7800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.538269][ T39] audit: type=1326 audit(1729552779.139:7801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.543757][ T39] audit: type=1326 audit(1729552779.149:7802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.549464][ T39] audit: type=1326 audit(1729552779.149:7803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.555276][ T39] audit: type=1326 audit(1729552779.149:7804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 73.560833][ T39] audit: type=1326 audit(1729552779.149:7805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6451 comm="syz.3.298" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 74.419541][ T6477] syzkaller0: entered promiscuous mode [ 74.421056][ T6477] syzkaller0: entered allmulticast mode [ 74.456824][ T6477] program syz.2.305 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 74.582276][ T6479] __nla_validate_parse: 11 callbacks suppressed [ 74.582286][ T6479] netlink: 24 bytes leftover after parsing attributes in process `syz.3.306'. [ 74.590023][ T6479] netlink: 48 bytes leftover after parsing attributes in process `syz.3.306'. [ 74.695367][ T6479] netlink: 5304 bytes leftover after parsing attributes in process `syz.3.306'. [ 75.787253][ T981] cfg80211: failed to load regulatory.db [ 76.070679][ T6516] netlink: 24 bytes leftover after parsing attributes in process `syz.0.316'. [ 76.123151][ T6517] netlink: 48 bytes leftover after parsing attributes in process `syz.0.316'. [ 76.353519][ T6526] netlink: 24 bytes leftover after parsing attributes in process `syz.2.320'. [ 76.356821][ T6526] netlink: 48 bytes leftover after parsing attributes in process `syz.2.320'. [ 76.473524][ T6526] netlink: 5304 bytes leftover after parsing attributes in process `syz.2.320'. [ 76.980470][ T6545] syzkaller0: entered promiscuous mode [ 76.981891][ T6545] syzkaller0: entered allmulticast mode [ 77.056179][ T6545] program syz.1.325 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 77.248911][ T6559] netlink: 24 bytes leftover after parsing attributes in process `syz.3.331'. [ 77.466213][ T6561] netlink: 5304 bytes leftover after parsing attributes in process `syz.3.331'. [ 78.575471][ T39] kauditd_printk_skb: 153 callbacks suppressed [ 78.575526][ T39] audit: type=1326 audit(1729552784.229:7959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.582850][ T39] audit: type=1326 audit(1729552784.229:7960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.593454][ T39] audit: type=1326 audit(1729552784.229:7961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.599349][ T39] audit: type=1326 audit(1729552784.229:7962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.605611][ T39] audit: type=1326 audit(1729552784.229:7963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.611727][ T39] audit: type=1326 audit(1729552784.229:7964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.618526][ T39] audit: type=1326 audit(1729552784.229:7965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.624184][ T39] audit: type=1326 audit(1729552784.229:7966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.629845][ T39] audit: type=1326 audit(1729552784.229:7967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 78.635999][ T39] audit: type=1326 audit(1729552784.239:7968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6582 comm="syz.3.336" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 79.478653][ T6603] syzkaller0: entered promiscuous mode [ 79.480291][ T6603] syzkaller0: entered allmulticast mode [ 79.518304][ T6603] program syz.2.342 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 81.391698][ T6648] __nla_validate_parse: 2 callbacks suppressed [ 81.391708][ T6648] netlink: 24 bytes leftover after parsing attributes in process `syz.2.353'. [ 81.551333][ T6649] netlink: 5304 bytes leftover after parsing attributes in process `syz.2.353'. [ 82.015697][ T6670] netlink: 24 bytes leftover after parsing attributes in process `syz.2.360'. [ 82.018760][ T6670] netlink: 48 bytes leftover after parsing attributes in process `syz.2.360'. [ 82.151823][ T6683] syzkaller0: entered promiscuous mode [ 82.153308][ T6683] syzkaller0: entered allmulticast mode [ 82.169814][ T6679] netlink: 5304 bytes leftover after parsing attributes in process `syz.2.360'. [ 82.189769][ T6683] program syz.3.361 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 82.517971][ T5351] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 82.560372][ T6691] netlink: 24 bytes leftover after parsing attributes in process `syz.1.364'. [ 82.568743][ T6691] netlink: 48 bytes leftover after parsing attributes in process `syz.1.364'. [ 82.732242][ T6693] netlink: 5304 bytes leftover after parsing attributes in process `syz.1.364'. [ 83.103832][ T6707] netlink: 24 bytes leftover after parsing attributes in process `syz.1.370'. [ 83.159135][ T6708] netlink: 48 bytes leftover after parsing attributes in process `syz.1.370'. [ 83.844904][ T831] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 84.004916][ T831] usb 7-1: Using ep0 maxpacket: 16 [ 84.008110][ T831] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 84.011036][ T831] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.013632][ T831] usb 7-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 84.017852][ T831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.024034][ T831] usb 7-1: config 0 descriptor?? [ 84.509744][ T831] usb 7-1: string descriptor 0 read error: -71 [ 84.518670][ T831] usbhid 7-1:0.0: can't add hid device: -71 [ 84.520536][ T831] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 84.555167][ T831] usb 7-1: USB disconnect, device number 2 [ 84.558618][ T39] kauditd_printk_skb: 128 callbacks suppressed [ 84.558626][ T39] audit: type=1326 audit(1729552790.219:8097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.565776][ T39] audit: type=1326 audit(1729552790.219:8098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.571238][ T39] audit: type=1326 audit(1729552790.219:8099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.577480][ T39] audit: type=1326 audit(1729552790.219:8100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.583137][ T39] audit: type=1326 audit(1729552790.219:8101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.588827][ T39] audit: type=1326 audit(1729552790.219:8102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.594268][ T39] audit: type=1326 audit(1729552790.219:8103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.600734][ T39] audit: type=1326 audit(1729552790.219:8104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.606363][ T39] audit: type=1326 audit(1729552790.219:8105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 84.611834][ T39] audit: type=1326 audit(1729552790.219:8106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.3.375" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf740e579 code=0x7ffc0000 [ 85.452138][ T6751] 9pnet_virtio: no channels available for device syz [ 85.784864][ T5351] Bluetooth: hci0: command tx timeout [ 85.795208][ T6752] syzkaller0: entered promiscuous mode [ 85.796671][ T6752] syzkaller0: entered allmulticast mode [ 85.853796][ T6752] program syz.1.383 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 87.525606][ T5359] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.528916][ T5359] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.531646][ T5359] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.535057][ T5359] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.537434][ T5359] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 87.539665][ T5359] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 87.617092][ T6805] chnl_net:caif_netlink_parms(): no params data found [ 87.747365][ T6805] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.749543][ T6805] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.751631][ T6805] bridge_slave_0: entered allmulticast mode [ 87.753837][ T6805] bridge_slave_0: entered promiscuous mode [ 87.757622][ T6805] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.759913][ T6805] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.762129][ T6805] bridge_slave_1: entered allmulticast mode [ 87.764308][ T6805] bridge_slave_1: entered promiscuous mode [ 87.788470][ T6805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.792624][ T6805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.814579][ T6805] team0: Port device team_slave_0 added [ 87.818918][ T6805] team0: Port device team_slave_1 added [ 87.858034][ T6805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.867228][ T6805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.873829][ T6805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.877623][ T6805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.879625][ T6805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.886497][ T6805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.931873][ T6805] hsr_slave_0: entered promiscuous mode [ 87.934875][ T6805] hsr_slave_1: entered promiscuous mode [ 88.012582][ T6828] syzkaller0: entered promiscuous mode [ 88.014088][ T6828] syzkaller0: entered allmulticast mode [ 88.060268][ T6805] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.252606][ T6828] program syz.1.396 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.261627][ T6805] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.425313][ T5359] Bluetooth: hci1: command tx timeout [ 88.568812][ T6805] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.642742][ T6805] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.547105][ T5359] Bluetooth: hci4: command tx timeout [ 89.712098][ T6845] __nla_validate_parse: 7 callbacks suppressed [ 89.712202][ T6845] netlink: 24 bytes leftover after parsing attributes in process `syz.2.401'. [ 89.732268][ T6805] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 89.744357][ T6805] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.747951][ T6805] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 89.752927][ T6805] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 89.789306][ T6805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.799800][ T6805] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.815646][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.817583][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.820816][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.822634][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.946488][ T6805] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.963654][ T6805] veth0_vlan: entered promiscuous mode [ 89.969396][ T6805] veth1_vlan: entered promiscuous mode [ 90.066032][ T6805] veth0_macvtap: entered promiscuous mode [ 90.249054][ T6805] veth1_macvtap: entered promiscuous mode [ 90.268619][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.272639][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.275263][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.278064][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.281486][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.285563][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.289610][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.293299][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.299570][ T6805] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.307104][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.309863][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.312411][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.315187][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.317731][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.320572][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.323158][ T6805] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.326125][ T6805] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.330296][ T6805] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.334633][ T6805] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.337518][ T6805] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.339872][ T6805] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.342220][ T6805] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.371665][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.373702][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.382700][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.384960][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.443805][ T6887] netlink: 24 bytes leftover after parsing attributes in process `syz.0.392'. [ 90.446947][ T6887] netlink: 48 bytes leftover after parsing attributes in process `syz.0.392'. [ 90.512641][ T5359] Bluetooth: hci1: command tx timeout [ 91.021027][ T6887] netlink: 5304 bytes leftover after parsing attributes in process `syz.0.392'. [ 91.024576][ T39] kauditd_printk_skb: 92 callbacks suppressed [ 91.024585][ T39] audit: type=1326 audit(1729552796.679:8199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.034561][ T39] audit: type=1326 audit(1729552796.689:8200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.041392][ T39] audit: type=1326 audit(1729552796.689:8201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.064540][ T39] audit: type=1326 audit(1729552796.689:8202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.072996][ T39] audit: type=1326 audit(1729552796.689:8203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.079145][ T39] audit: type=1326 audit(1729552796.689:8204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.086885][ T39] audit: type=1326 audit(1729552796.689:8205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.103223][ T39] audit: type=1326 audit(1729552796.699:8206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.112580][ T39] audit: type=1326 audit(1729552796.699:8207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.120417][ T39] audit: type=1326 audit(1729552796.699:8208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.2.410" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 91.539217][ T6928] netlink: 24 bytes leftover after parsing attributes in process `syz.2.415'. [ 91.542878][ T6928] netlink: 48 bytes leftover after parsing attributes in process `syz.2.415'. [ 91.624957][ T5359] Bluetooth: hci4: command tx timeout [ 91.695041][ T981] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 91.700853][ T6930] netlink: 5304 bytes leftover after parsing attributes in process `syz.2.415'. [ 91.855018][ T981] usb 6-1: Using ep0 maxpacket: 16 [ 91.868450][ T981] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 91.871220][ T981] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 91.873806][ T981] usb 6-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 91.876577][ T981] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.887226][ T981] usb 6-1: config 0 descriptor?? [ 93.132821][ T981] usb 6-1: string descriptor 0 read error: -71 [ 93.139724][ T981] usbhid 6-1:0.0: can't add hid device: -71 [ 93.141426][ T981] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 93.144484][ T981] usb 6-1: USB disconnect, device number 4 [ 93.514057][ T7005] netlink: 24 bytes leftover after parsing attributes in process `syz.3.425'. [ 93.716249][ T5359] Bluetooth: hci4: command tx timeout [ 93.743857][ T7014] netlink: 5304 bytes leftover after parsing attributes in process `syz.3.425'. [ 95.447019][ T7074] syzkaller0: entered promiscuous mode [ 95.448602][ T7074] syzkaller0: entered allmulticast mode [ 95.508095][ T7074] program syz.1.436 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 95.794980][ T5359] Bluetooth: hci4: command tx timeout [ 95.804875][ T981] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 95.893356][ T7077] netlink: 5304 bytes leftover after parsing attributes in process `syz.0.438'. [ 95.954926][ T981] usb 7-1: Using ep0 maxpacket: 16 [ 95.957956][ T981] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 95.960941][ T981] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.963462][ T981] usb 7-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 95.965971][ T981] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.968905][ T981] usb 7-1: config 0 descriptor?? [ 96.116433][ T39] kauditd_printk_skb: 65 callbacks suppressed [ 96.116444][ T39] audit: type=1326 audit(1729552801.779:8274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.123481][ T39] audit: type=1326 audit(1729552801.779:8275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.134224][ T39] audit: type=1326 audit(1729552801.779:8276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.143370][ T39] audit: type=1326 audit(1729552801.779:8277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.154754][ T39] audit: type=1326 audit(1729552801.779:8278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.212485][ T39] audit: type=1326 audit(1729552801.779:8279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.223346][ T39] audit: type=1326 audit(1729552801.779:8280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.230921][ T39] audit: type=1326 audit(1729552801.779:8281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.239462][ T39] audit: type=1326 audit(1729552801.779:8282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 96.248030][ T39] audit: type=1326 audit(1729552801.779:8283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.0.439" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 97.080684][ T981] usb 7-1: string descriptor 0 read error: -71 [ 97.084549][ T981] usbhid 7-1:0.0: can't add hid device: -71 [ 97.086300][ T981] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 97.094571][ T981] usb 7-1: USB disconnect, device number 3 [ 97.302879][ T7109] netlink: 5304 bytes leftover after parsing attributes in process `syz.1.447'. [ 97.891277][ T5359] Bluetooth: hci4: command tx timeout [ 98.373402][ T7166] netlink: 24 bytes leftover after parsing attributes in process `syz.2.462'. [ 98.378380][ T7166] netlink: 48 bytes leftover after parsing attributes in process `syz.2.462'. [ 98.845038][ T35] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 99.107146][ T35] usb 5-1: Using ep0 maxpacket: 16 [ 99.112221][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 99.115336][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.118051][ T35] usb 5-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 99.121630][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.128270][ T35] usb 5-1: config 0 descriptor?? [ 99.186278][ T7186] netlink: 5304 bytes leftover after parsing attributes in process `syz.3.466'. [ 100.331723][ T7223] netlink: 24 bytes leftover after parsing attributes in process `syz.1.477'. [ 100.377864][ T35] usb 5-1: string descriptor 0 read error: -71 [ 100.381878][ T35] usbhid 5-1:0.0: can't add hid device: -71 [ 100.406249][ T35] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 100.409480][ T35] usb 5-1: USB disconnect, device number 3 [ 100.491784][ T7225] netlink: 5304 bytes leftover after parsing attributes in process `syz.1.477'. [ 100.796079][ T7243] ------------[ cut here ]------------ [ 100.797732][ T7243] kmem_cache of name '9p-fcall-cache-(null)' already exists [ 100.799734][ T7243] WARNING: CPU: 3 PID: 7243 at mm/slab_common.c:107 __kmem_cache_create_args+0xb0/0x3c0 [ 100.802294][ T7243] Modules linked in: [ 100.803285][ T7241] syzkaller0: entered promiscuous mode SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 100.803810][ T7243] CPU: 3 UID: 0 PID: 7243 Comm: syz.1.482 Not tainted 6.12.0-rc4-syzkaller #0 [ 100.806394][ T7241] syzkaller0: entered allmulticast mode [ 100.809503][ T7243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.809513][ T7243] RIP: 0010:__kmem_cache_create_args+0xb0/0x3c0 [ 100.816185][ T7243] Code: 98 48 3d d0 bb f1 8d 74 25 48 8b 7b 60 48 89 ee e8 65 ee 34 09 85 c0 75 e0 90 48 c7 c7 10 33 58 8d 48 89 ee e8 41 a6 7e ff 90 <0f> 0b 90 90 be 20 00 00 00 48 89 ef e8 ef ef 34 09 48 85 c0 0f 85 [ 100.821401][ T7243] RSP: 0018:ffffc9000383f8f0 EFLAGS: 00010286 [ 100.823004][ T7243] RAX: 0000000000000000 RBX: ffff88801f684f00 RCX: ffffc90003aa2000 [ 100.825208][ T7243] RDX: 0000000000040000 RSI: ffffffff814e38c6 RDI: 0000000000000001 [ 100.827326][ T7243] RBP: ffff88806b4b65c0 R08: 0000000000000001 R09: 0000000000000000 [ 100.829425][ T7243] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 100.831520][ T7243] R13: 0000000000008001 R14: ffffc9000383f9e0 R15: 0000000000020018 [ 100.833582][ T7243] FS: 0000000000000000(0000) GS:ffff88802b700000(0063) knlGS:00000000f5706b40 [ 100.836062][ T7243] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 100.837807][ T7243] CR2: 0000000020004000 CR3: 0000000069ba4000 CR4: 0000000000352ef0 [ 100.839912][ T7243] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 100.841979][ T7243] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 100.844047][ T7243] Call Trace: [ 100.845114][ T7243] [ 100.845909][ T7243] ? __warn+0xea/0x3d0 [ 100.847211][ T7243] ? __kmem_cache_create_args+0xb0/0x3c0 [ 100.848697][ T7243] ? report_bug+0x3c0/0x580 [ 100.849918][ T7243] ? handle_bug+0x54/0xa0 [ 100.851087][ T7243] ? exc_invalid_op+0x17/0x50 [ 100.852338][ T7243] ? asm_exc_invalid_op+0x1a/0x20 [ 100.853675][ T7243] ? __warn_printk+0x1a6/0x350 [ 100.855070][ T7243] ? __kmem_cache_create_args+0xb0/0x3c0 [ 100.856580][ T7243] p9_client_create+0xe27/0x1190 [ 100.857894][ T7243] ? __pfx_p9_client_create+0x10/0x10 [ 100.859347][ T7243] ? __raw_spin_lock_init+0x3a/0x110 [ 100.860750][ T7243] v9fs_session_init+0x1f8/0x1a80 [ 100.862106][ T7243] ? __pfx_v9fs_session_init+0x10/0x10 [ 100.863560][ T7243] ? kasan_save_track+0x14/0x30 [ 100.864926][ T7243] v9fs_mount+0xc6/0xa50 [ 100.866084][ T7243] ? __pfx_v9fs_mount+0x10/0x10 [ 100.867388][ T7243] ? __pfx_v9fs_mount+0x10/0x10 [ 100.868680][ T7243] legacy_get_tree+0x109/0x220 [ 100.869966][ T7243] vfs_get_tree+0x8f/0x380 [ 100.871175][ T7243] path_mount+0x6e1/0x1f10 [ 100.872399][ T7243] ? kmem_cache_free+0x152/0x4b0 [ 100.873727][ T7243] ? __pfx_path_mount+0x10/0x10 [ 100.875102][ T7243] ? putname+0x12e/0x170 [ 100.876254][ T7243] __ia32_sys_mount+0x292/0x310 [ 100.877543][ T7243] ? __pfx___ia32_sys_mount+0x10/0x10 [ 100.878964][ T7243] __do_fast_syscall_32+0x73/0x120 [ 100.880356][ T7243] do_fast_syscall_32+0x32/0x80 [ 100.881681][ T7243] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 100.883369][ T7243] RIP: 0023:0xf7f86579 [ 100.884461][ T7243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 100.890748][ T7243] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 100.893587][ T7243] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000080 [ 100.896356][ T7243] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 00000000200036c0 [ 100.899019][ T7243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 100.901680][ T7243] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 100.904366][ T7243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 100.907114][ T7243] [ 100.908185][ T7243] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 100.910637][ T7243] CPU: 3 UID: 0 PID: 7243 Comm: syz.1.482 Not tainted 6.12.0-rc4-syzkaller #0 [ 100.913631][ T7243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.917263][ T7243] Call Trace: [ 100.918409][ T7243] [ 100.919420][ T7243] dump_stack_lvl+0x3d/0x1f0 [ 100.921007][ T7243] panic+0x71d/0x800 [ 100.922342][ T7243] ? __pfx_panic+0x10/0x10 [ 100.923874][ T7243] ? show_trace_log_lvl+0x29d/0x3d0 [ 100.925645][ T7243] ? __kmem_cache_create_args+0xb0/0x3c0 [ 100.927666][ T7243] check_panic_on_warn+0xab/0xb0 [ 100.929379][ T7243] __warn+0xf6/0x3d0 [ 100.930733][ T7243] ? __kmem_cache_create_args+0xb0/0x3c0 [ 100.932673][ T7243] report_bug+0x3c0/0x580 [ 100.934158][ T7243] handle_bug+0x54/0xa0 [ 100.935586][ T7243] exc_invalid_op+0x17/0x50 [ 100.937133][ T7243] asm_exc_invalid_op+0x1a/0x20 [ 100.938785][ T7243] RIP: 0010:__kmem_cache_create_args+0xb0/0x3c0 [ 100.940910][ T7243] Code: 98 48 3d d0 bb f1 8d 74 25 48 8b 7b 60 48 89 ee e8 65 ee 34 09 85 c0 75 e0 90 48 c7 c7 10 33 58 8d 48 89 ee e8 41 a6 7e ff 90 <0f> 0b 90 90 be 20 00 00 00 48 89 ef e8 ef ef 34 09 48 85 c0 0f 85 [ 100.947427][ T7243] RSP: 0018:ffffc9000383f8f0 EFLAGS: 00010286 [ 100.949498][ T7243] RAX: 0000000000000000 RBX: ffff88801f684f00 RCX: ffffc90003aa2000 [ 100.952198][ T7243] RDX: 0000000000040000 RSI: ffffffff814e38c6 RDI: 0000000000000001 [ 100.954885][ T7243] RBP: ffff88806b4b65c0 R08: 0000000000000001 R09: 0000000000000000 [ 100.957568][ T7243] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000 [ 100.960263][ T7243] R13: 0000000000008001 R14: ffffc9000383f9e0 R15: 0000000000020018 [ 100.962938][ T7243] ? __warn_printk+0x1a6/0x350 [ 100.964594][ T7243] p9_client_create+0xe27/0x1190 [ 100.966288][ T7243] ? __pfx_p9_client_create+0x10/0x10 [ 100.968131][ T7243] ? __raw_spin_lock_init+0x3a/0x110 [ 100.969930][ T7243] v9fs_session_init+0x1f8/0x1a80 [ 100.971676][ T7243] ? __pfx_v9fs_session_init+0x10/0x10 [ 100.973570][ T7243] ? kasan_save_track+0x14/0x30 [ 100.975255][ T7243] v9fs_mount+0xc6/0xa50 [ 100.976709][ T7243] ? __pfx_v9fs_mount+0x10/0x10 [ 100.978377][ T7243] ? __pfx_v9fs_mount+0x10/0x10 [ 100.980044][ T7243] legacy_get_tree+0x109/0x220 [ 100.981682][ T7243] vfs_get_tree+0x8f/0x380 [ 100.983214][ T7243] path_mount+0x6e1/0x1f10 [ 100.984747][ T7243] ? kmem_cache_free+0x152/0x4b0 [ 100.986492][ T7243] ? __pfx_path_mount+0x10/0x10 [ 100.988172][ T7243] ? putname+0x12e/0x170 [ 100.989629][ T7243] __ia32_sys_mount+0x292/0x310 [ 100.991312][ T7243] ? __pfx___ia32_sys_mount+0x10/0x10 [ 100.993150][ T7243] __do_fast_syscall_32+0x73/0x120 [ 100.994896][ T7243] do_fast_syscall_32+0x32/0x80 [ 100.996572][ T7243] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 100.998720][ T7243] RIP: 0023:0xf7f86579 [ 101.000119][ T7243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 101.006600][ T7243] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 101.009417][ T7243] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000080 [ 101.012116][ T7243] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 00000000200036c0 [ 101.014788][ T7243] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 101.017468][ T7243] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 101.020153][ T7243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 101.022778][ T7243] [ 101.024275][ T7243] Kernel Offset: disabled [ 101.025814][ T7243] Rebooting in 86400 seconds.. VM DIAGNOSIS: 23:20:06 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffffc900074dfb60 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff84b965b4 RDI=ffffc900074dfb60 RBP=ffffc900074dfb20 RSP=ffffc900074dfa80 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=0000000000000000 R13=ffffc900074dfb60 R14=ffffc900074dfb28 R15=0000000000000000 RIP=ffffffff84b965dd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002003b000 CR3=000000006b470000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=0546fcd322df9b5f 17e5dea32b6b656a 0546fcd322df9b5f 17e5dea32b6b656a 0546fcd322df9b5f 17e5dea32b6b656a 0546fcd322df9b5f 17e5dea32b6b656a ZMM18=cb907630480ac05c 579bd643de9178a9 cb907630480ac05c 579bd643de9178a9 cb907630480ac05c 579bd643de9178a9 cb907630480ac05c 579bd643de9178a9 ZMM19=9b04000000000000 0000000000000030 9b04000000000000 000000000000002f 9b04000000000000 000000000000002e 9b04000000000000 000000000000002d ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=17e5dea317e5dea3 17e5dea317e5dea3 17e5dea317e5dea3 17e5dea317e5dea3 17e5dea317e5dea3 17e5dea317e5dea3 17e5dea317e5dea3 17e5dea317e5dea3 ZMM22=22df9b5f22df9b5f 22df9b5f22df9b5f 22df9b5f22df9b5f 22df9b5f22df9b5f 22df9b5f22df9b5f 22df9b5f22df9b5f 22df9b5f22df9b5f 22df9b5f22df9b5f ZMM23=0546fcd30546fcd3 0546fcd30546fcd3 0546fcd30546fcd3 0546fcd30546fcd3 0546fcd30546fcd3 0546fcd30546fcd3 0546fcd30546fcd3 0546fcd30546fcd3 ZMM24=de9178a9de9178a9 de9178a9de9178a9 de9178a9de9178a9 de9178a9de9178a9 de9178a9de9178a9 de9178a9de9178a9 de9178a9de9178a9 de9178a9de9178a9 ZMM25=579bd643579bd643 579bd643579bd643 579bd643579bd643 579bd643579bd643 579bd643579bd643 579bd643579bd643 579bd643579bd643 579bd643579bd643 ZMM26=480ac05c480ac05c 480ac05c480ac05c 480ac05c480ac05c 480ac05c480ac05c 480ac05c480ac05c 480ac05c480ac05c 480ac05c480ac05c 480ac05c480ac05c ZMM27=cb907630cb907630 cb907630cb907630 cb907630cb907630 cb907630cb907630 cb907630cb907630 cb907630cb907630 cb907630cb907630 cb907630cb907630 ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=9b0400009b040000 9b0400009b040000 9b0400009b040000 9b0400009b040000 9b0400009b040000 9b0400009b040000 9b0400009b040000 9b0400009b040000 info registers vcpu 1 CPU#1 RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8503ecf5 RDI=ffffffff9a640260 RBP=ffffffff9a640220 RSP=ffffc9000386f3b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000063 R14=ffffffff8503ec90 R15=0000000000000000 RIP=ffffffff8503ed1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000c3d32ce CR3=000000006b470000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000002056a1 RBX=0000000000000002 RCX=ffffffff8b139ef9 RDX=0000000000000000 RSI=ffffffff8b4cc940 RDI=ffffffff8bb12d60 RBP=ffffed100376a000 RSP=ffffc90000487e08 R8 =0000000000000001 R9 =ffffed10056c7025 R10=ffff88802b63812b R11=0000000000000000 R12=0000000000000002 R13=ffff88801bb50000 R14=ffffffff901ce5c8 R15=0000000000000000 RIP=ffffffff8b13b2df RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff44161c430 CR3=000000005e1c4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8503ecf5 RDI=ffffffff9a640260 RBP=ffffffff9a640220 RSP=ffffc9000383f258 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000020 R14=ffffffff8503ec90 R15=0000000000000000 RIP=ffffffff8503ed1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020004000 CR3=0000000069ba4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000