last executing test programs: 2.59148289s ago: executing program 2 (id=99): r0 = socket(0x11, 0x3, 0x0) setsockopt(r0, 0x107, 0xf, &(0x7f0000000100)="00008634", 0x4) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', 0x0}) sendmsg(r0, &(0x7f0000000100)={&(0x7f00000003c0)=@xdp={0x2c, 0x8, r2, 0x2}, 0x80, &(0x7f0000000200)=[{&(0x7f00000006c0)="000502000b00000000002d3922ff65b4355e953d23d254f09cd2893ffd966d3b07110a5fb45458ac3384f783", 0x2c}], 0x1}, 0x818) 2.591288149s ago: executing program 2 (id=100): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) syz_clone(0x1144280, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x395e000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r2 = memfd_create(&(0x7f0000001000)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\bO9\x1b\x11\rv0<\xe5\xe2\xad\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\xb7>j0S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8ex', 0x5) timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x3fd4, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x8010002}) mlock2(&(0x7f000000e000/0x1000)=nil, 0x1000, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=@newtfilter={0xb0, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x7c, 0x2, [@TCA_U32_ACT={0x54, 0x7, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xf, 0x3}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x6, 0x9, 0x20000000, 0x1, 0xd6}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_U32_SEL={0x24, 0x5, {0x8, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x2, 0x20008000, 0x4, 0x1}]}}]}}, @TCA_RATE={0x4, 0x5, {0x2, 0xe}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x1}, 0x24040084) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000b00)={'gre0\x00', &(0x7f0000000340)={'ip_vti0\x00', 0x0, 0x8000, 0x40, 0x1000, 0xe8, {{0x1b, 0x4, 0x0, 0x0, 0x6c, 0x65, 0x0, 0x9, 0x2f, 0x0, @local, @private=0xa010101, {[@timestamp_addr={0x44, 0x34, 0x6e, 0x1, 0x1, [{@remote, 0x3ff}, {@empty, 0x9b}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3ff}, {@remote, 0x10000}, {@loopback}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x39}]}, @ssrr={0x89, 0xf, 0xc9, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @multicast2]}, @generic={0x83, 0x12, "3f50f7456d1709d9baef7392f28ddd9f"}]}}}}}) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000d80)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000b40)=ANY=[@ANYBLOB="d8010000", @ANYRES16=0x0, @ANYBLOB="000428bd7000fedbdf2504000000640001801400020076657468315f6d6163767461700000000800030002000000080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="14000200626f6e00"/32, @ANYRES32=0x0, @ANYBLOB="2000018008000100", @ANYRES32=0x0, @ANYBLOB="1400020076657468305f746f5f687372000000000c000180080001", @ANYRES32=0x0, @ANYBLOB="64000180140002006272696467655f736c6176655f3000001400020076657468315f746f5f6873720000000008000300030000001400020070696d3672656730000000000000000008000100", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000300010000000800030001000000140002006272696467655f736c6176655f300000140002006d61637674617030000000000000000014000200766574683100000000000000000000001c00018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB], 0x1d8}, 0x1, 0x0, 0x0, 0x4000001}, 0x20008010) read$FUSE(0xffffffffffffffff, &(0x7f0000002180)={0x2020}, 0x2020) 1.839499084s ago: executing program 2 (id=118): r0 = creat(&(0x7f0000000000)='./file0\x00', 0xb2) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0xc63, 0x81bbde0}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) io_setup(0x202, &(0x7f0000000200)=0x0) io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x700000f, 0x4, 0x1, 0x0, r1, 0x0}]) lseek(r0, 0x1fc, 0x4) 1.139445435s ago: executing program 3 (id=124): mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) fcntl$lock(r0, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d2, 0x1}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0) syz_clone(0x82000400, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002740)={0xffffffffffffffff, 0x0, 0x2c, 0x19, @val=@netfilter={0x5, 0x0, 0x2, 0x1}}, 0x20) 1.071244981s ago: executing program 3 (id=126): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0x4c8a1, 0xc000, 0x1, 0xc1}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x20) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/42, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000340)=0x1) 1.07111541s ago: executing program 0 (id=127): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0xa, 0x4) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x300000a, 0x11, r0, 0x646ea000) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x86, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @loopback, 0x1cd20940}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000200)=0xa, 0x4) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000100)=0x4, 0x4) recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)=""/4103, 0x1007}, 0x7ffffffe}], 0x1, 0x40002000, 0x0) 1.020167511s ago: executing program 3 (id=129): r0 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000400), 0x6, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000000)={0x0, {}, 0x0, {}, 0x7, 0x6, 0x17, 0x1, "615ba422b8cd415a4496ce07dd3081ccb9a88abe3c77c13ffffb461a34c722432f057da97e5acd032e9e2deed80662093f9b653975d7ae2f04351bb8eac50373", "9091011ca49d27b1e3fe286c8cdd541463caedfe82d251dd41e2b34f5e8a75c6", [0x4, 0x7]}) sendfile(r0, r1, 0x0, 0x40000000000007f) 1.020020008s ago: executing program 0 (id=130): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x22042, 0x0) fcntl$setstatus(r0, 0x4, 0x0) 1.019978009s ago: executing program 2 (id=131): semop(0x0, &(0x7f0000000040)=[{0x4, 0xfff8, 0x1000}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)=[0x4, 0x1, 0xd2, 0x100, 0x9]) 1.019830032s ago: executing program 3 (id=133): io_uring_setup(0x631f, &(0x7f0000000140)={0x0, 0xec9b, 0x100, 0x2002, 0x37c}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000200)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000080)=0x8) socket$inet6_sctp(0xa, 0x5, 0x84) prlimit64(0x0, 0x7, &(0x7f00000000c0)={0x7, 0x1b}, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000000c0)={r1, 0xfffffff7}, &(0x7f0000000040)=0x8) 1.019592016s ago: executing program 0 (id=134): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1) r0 = creat(&(0x7f0000000640)='./file0\x00', 0x2) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) 951.339566ms ago: executing program 0 (id=135): r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r0, 0x0) r1 = accept4$unix(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000003d80)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/107, 0x6b}], 0x1, &(0x7f0000000480)=""/172, 0xac}}], 0x1, 0x20022, 0x0) 940.204157ms ago: executing program 3 (id=137): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xa4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f", 0x85}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810", 0xdc}], 0x1}}], 0x2, 0x2090) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/4096, 0x1000, 0x1, 0x0}, &(0x7f0000000180)=0x40) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 641.270677ms ago: executing program 2 (id=147): sched_setscheduler(0x0, 0x2, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r1 = fcntl$dupfd(r0, 0x406, r0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200047f9, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10) recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000540)=""/202, 0xca}], 0x1, &(0x7f0000001300)=""/4096, 0x1000}, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x37) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x540) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r1) shutdown(r0, 0x1) 490.605314ms ago: executing program 2 (id=152): move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r0 = fsmount(0xffffffffffffffff, 0x0, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x4000090) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2000002, 0x4082172, 0xffffffffffffffff, 0xfffff000) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000006000/0x2000)=nil) io_setup(0x20, &(0x7f0000001140)) 161.301785ms ago: executing program 1 (id=157): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x1000200001ee0000, 0x3}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7}) 161.120721ms ago: executing program 1 (id=158): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) close(0x3) 110.708043ms ago: executing program 1 (id=159): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x68, 0x30, 0x9, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x8}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x2}}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x3b}}}}]}]}, 0x68}}, 0x0) 110.509904ms ago: executing program 0 (id=160): r0 = socket$packet(0x11, 0x3, 0x300) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000002, 0x11, r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, 0x0, 0x0) 110.41473ms ago: executing program 1 (id=161): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0) close(r0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x40000100) write$cgroup_pid(r0, &(0x7f0000000400), 0x12) 59.892235ms ago: executing program 0 (id=162): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x842, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000180), 0x10, 0x102) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = eventfd2(0xfffff000, 0x800) ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000280)={0x0, 0x4, 0x1, r5, 0x2}) r6 = fcntl$dupfd(r2, 0x0, r2) ioctl$KVM_GET_XCRS(r6, 0x401412fd, 0x0) syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000bfe000/0x400000)=nil) r7 = syz_open_dev$loop(&(0x7f0000000000), 0xffffffffff7ffff9, 0x185100) r8 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$LOOP_SET_FD(r7, 0x4c00, r8) ioctl$LOOP_CHANGE_FD(r7, 0x4c06, r8) 59.767822ms ago: executing program 3 (id=163): r0 = getpid() sched_setaffinity(r0, 0x1, &(0x7f0000000280)=0x4) r1 = creat(&(0x7f0000000000)='./file0\x00', 0xb2) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0xc63, 0x81bbde0}) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f00000043c0)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x10000, 0x0) sendmmsg$unix(r3, &(0x7f00000bd000), 0x492492492492846, 0x0) connect$unix(r2, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e) 194.013µs ago: executing program 1 (id=164): r0 = creat(&(0x7f00000012c0)='./file0\x00', 0x126) socket$inet_icmp_raw(0x2, 0x3, 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=165): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528) syz_emit_ethernet(0x12e9, &(0x7f0000001780)=ANY=[@ANYBLOB="93d4e0a5b6bfaaaaaaaaaa2086dd6dc365b212b31101fe880000000000000000000000000101ff020000000000000000000000000001670a04050800ff"], 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:50881' (ED25519) to the list of known hosts. [ 46.009033][ T40] audit: type=1400 audit(1770427433.319:62): avc: denied { name_bind } for pid=5908 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 46.042814][ T40] audit: type=1400 audit(1770427433.359:63): avc: denied { execute } for pid=5909 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 46.051285][ T40] audit: type=1400 audit(1770427433.359:64): avc: denied { execute_no_trans } for pid=5909 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 48.117375][ T40] audit: type=1400 audit(1770427435.429:65): avc: denied { mounton } for pid=5909 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 48.125514][ T40] audit: type=1400 audit(1770427435.439:66): avc: denied { mount } for pid=5909 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 48.127688][ T5909] cgroup: Unknown subsys name 'net' [ 48.257153][ T5909] cgroup: Unknown subsys name 'cpuset' [ 48.262005][ T5909] cgroup: Unknown subsys name 'rlimit' [ 48.520169][ T5917] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 49.194241][ T5909] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 52.065572][ T40] kauditd_printk_skb: 15 callbacks suppressed [ 52.065583][ T40] audit: type=1400 audit(1770427439.379:82): avc: denied { execmem } for pid=5923 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 52.270698][ T40] audit: type=1400 audit(1770427439.579:83): avc: denied { create } for pid=5927 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.283229][ T40] audit: type=1400 audit(1770427439.579:84): avc: denied { create } for pid=5928 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.289593][ T40] audit: type=1400 audit(1770427439.579:86): avc: denied { read write } for pid=5927 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.297287][ T40] audit: type=1400 audit(1770427439.579:85): avc: denied { read write } for pid=5928 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.298611][ T5941] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.304854][ T40] audit: type=1400 audit(1770427439.579:87): avc: denied { open } for pid=5927 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.308755][ T5941] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.309767][ T5943] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.314824][ T40] audit: type=1400 audit(1770427439.599:88): avc: denied { ioctl } for pid=5927 comm="syz-executor" path="socket:[3719]" dev="sockfs" ino=3719 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.317680][ T5944] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.318256][ T5941] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.320138][ T5941] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.327280][ T5943] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.331303][ T5941] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.333721][ T5944] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.335838][ T5941] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.337863][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.338188][ T5943] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.338861][ T5944] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.339138][ T5943] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.339461][ T5943] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.339708][ T5943] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.342417][ T5943] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.351751][ T40] audit: type=1400 audit(1770427439.659:89): avc: denied { read } for pid=5930 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.355120][ T64] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.355880][ T40] audit: type=1400 audit(1770427439.659:90): avc: denied { open } for pid=5930 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.358900][ T64] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.360256][ T40] audit: type=1400 audit(1770427439.659:91): avc: denied { mounton } for pid=5930 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 52.368468][ T64] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.552441][ T5930] chnl_net:caif_netlink_parms(): no params data found [ 52.657822][ T5930] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.660572][ T5930] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.663109][ T5930] bridge_slave_0: entered allmulticast mode [ 52.665769][ T5930] bridge_slave_0: entered promiscuous mode [ 52.669327][ T5927] chnl_net:caif_netlink_parms(): no params data found [ 52.676486][ T5932] chnl_net:caif_netlink_parms(): no params data found [ 52.689380][ T5930] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.693345][ T5930] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.695886][ T5930] bridge_slave_1: entered allmulticast mode [ 52.698516][ T5930] bridge_slave_1: entered promiscuous mode [ 52.709176][ T5928] chnl_net:caif_netlink_parms(): no params data found [ 52.778275][ T5930] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.786119][ T5930] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.869401][ T5930] team0: Port device team_slave_0 added [ 52.882415][ T5927] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.884726][ T5927] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.886993][ T5927] bridge_slave_0: entered allmulticast mode [ 52.889684][ T5927] bridge_slave_0: entered promiscuous mode [ 52.894407][ T5930] team0: Port device team_slave_1 added [ 52.896293][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.898694][ T5932] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.901036][ T5932] bridge_slave_0: entered allmulticast mode [ 52.904013][ T5932] bridge_slave_0: entered promiscuous mode [ 52.907260][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.909554][ T5932] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.912192][ T5932] bridge_slave_1: entered allmulticast mode [ 52.914850][ T5932] bridge_slave_1: entered promiscuous mode [ 52.923995][ T5927] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.926344][ T5927] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.928653][ T5927] bridge_slave_1: entered allmulticast mode [ 52.931393][ T5927] bridge_slave_1: entered promiscuous mode [ 52.952226][ T5927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.966827][ T5927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.969835][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.972364][ T5928] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.974714][ T5928] bridge_slave_0: entered allmulticast mode [ 52.977334][ T5928] bridge_slave_0: entered promiscuous mode [ 52.985718][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.987991][ T5928] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.990380][ T5928] bridge_slave_1: entered allmulticast mode [ 52.993075][ T5928] bridge_slave_1: entered promiscuous mode [ 52.997366][ T5932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.006584][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.008841][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.017174][ T5930] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.028566][ T5932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.045421][ T5930] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.047961][ T5930] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.056078][ T5930] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.073997][ T5927] team0: Port device team_slave_0 added [ 53.083171][ T5932] team0: Port device team_slave_0 added [ 53.087977][ T5928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.092972][ T5927] team0: Port device team_slave_1 added [ 53.096395][ T5932] team0: Port device team_slave_1 added [ 53.119802][ T5928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.150827][ T5928] team0: Port device team_slave_0 added [ 53.153153][ T5927] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.155386][ T5927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.163464][ T5927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.170006][ T5930] hsr_slave_0: entered promiscuous mode [ 53.172487][ T5930] hsr_slave_1: entered promiscuous mode [ 53.175242][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.177520][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.185958][ T5932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.190639][ T5928] team0: Port device team_slave_1 added [ 53.193132][ T5927] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.195363][ T5927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.203429][ T5927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.211178][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.214328][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.224994][ T5932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.259767][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.262116][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.270294][ T5928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.274672][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.276904][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.285100][ T5928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.303432][ T5932] hsr_slave_0: entered promiscuous mode [ 53.305748][ T5932] hsr_slave_1: entered promiscuous mode [ 53.307843][ T5932] debugfs: 'hsr0' already exists in 'hsr' [ 53.309719][ T5932] Cannot create hsr debugfs directory [ 53.363407][ T5927] hsr_slave_0: entered promiscuous mode [ 53.365730][ T5927] hsr_slave_1: entered promiscuous mode [ 53.367864][ T5927] debugfs: 'hsr0' already exists in 'hsr' [ 53.369687][ T5927] Cannot create hsr debugfs directory [ 53.418613][ T5928] hsr_slave_0: entered promiscuous mode [ 53.421984][ T5928] hsr_slave_1: entered promiscuous mode [ 53.425055][ T5928] debugfs: 'hsr0' already exists in 'hsr' [ 53.427491][ T5928] Cannot create hsr debugfs directory [ 53.652516][ T5932] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 53.659242][ T5932] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 53.664339][ T5932] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 53.677779][ T5932] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 53.717473][ T5930] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 53.724757][ T5930] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 53.728962][ T5930] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 53.734400][ T5930] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 53.788645][ T5927] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 53.794568][ T5927] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 53.799085][ T5927] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 53.803933][ T5927] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 53.851305][ T5932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.860539][ T5928] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 53.865088][ T5928] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 53.874780][ T5928] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 53.882497][ T5932] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.886275][ T5930] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.889749][ T5928] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 53.906176][ T91] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.908581][ T91] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.917580][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.920008][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.941953][ T5930] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.947123][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.949477][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.959110][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.961574][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.024011][ T5927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.028099][ T5928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.040033][ T5930] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.055528][ T5927] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.059366][ T5928] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.067654][ T91] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.070917][ T91] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.082146][ T91] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.084490][ T91] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.088893][ T91] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.091942][ T91] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.098495][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.100820][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.145193][ T5932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.177744][ T5932] veth0_vlan: entered promiscuous mode [ 54.194116][ T5930] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.198686][ T5932] veth1_vlan: entered promiscuous mode [ 54.254646][ T5930] veth0_vlan: entered promiscuous mode [ 54.267479][ T5930] veth1_vlan: entered promiscuous mode [ 54.274827][ T5932] veth0_macvtap: entered promiscuous mode [ 54.286399][ T5932] veth1_macvtap: entered promiscuous mode [ 54.313684][ T5928] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.320344][ T5927] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.325184][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.330189][ T5930] veth0_macvtap: entered promiscuous mode [ 54.334628][ T5930] veth1_macvtap: entered promiscuous mode [ 54.339129][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.348683][ T1260] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.361979][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.364796][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.368340][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.378155][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.382954][ T5930] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.397850][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.402112][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.416325][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.420284][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.432956][ T5935] Bluetooth: hci1: command tx timeout [ 54.435422][ T5935] Bluetooth: hci3: command tx timeout [ 54.437770][ T5935] Bluetooth: hci2: command tx timeout [ 54.440115][ T64] Bluetooth: hci0: command tx timeout [ 54.467672][ T5927] veth0_vlan: entered promiscuous mode [ 54.473813][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.476754][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.481495][ T5928] veth0_vlan: entered promiscuous mode [ 54.491142][ T5927] veth1_vlan: entered promiscuous mode [ 54.517781][ T5928] veth1_vlan: entered promiscuous mode [ 54.549024][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.554734][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.555223][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.558008][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.577827][ T5927] veth0_macvtap: entered promiscuous mode [ 54.590469][ T5927] veth1_macvtap: entered promiscuous mode [ 54.598308][ T1260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.602628][ T5928] veth0_macvtap: entered promiscuous mode [ 54.603433][ T1260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.613501][ T5928] veth1_macvtap: entered promiscuous mode [ 54.623459][ T5927] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.625794][ T5932] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 54.636244][ T5927] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.648817][ T60] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.660213][ T60] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.671181][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.681679][ T60] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.684627][ T60] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.713172][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.727853][ T60] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.730733][ T60] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.739531][ T60] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.742986][ T60] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.808057][ T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.810581][ T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.825092][ T91] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.827586][ T91] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.837925][ T1260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.840457][ T1260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.849418][ T1260] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.859523][ T1260] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.874833][ T6034] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 55.022077][ T6053] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.023989][ T6054] sock: sock_set_timeout: `syz.1.14' (pid 6054) tries to set negative timeout [ 55.131818][ T6059] Zero length message leads to an empty skb [ 55.175869][ T6063] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 55.197681][ T6067] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 55.200005][ T6067] overlayfs: failed to set xattr on upper [ 55.205690][ T6067] overlayfs: ...falling back to redirect_dir=nofollow. [ 55.208561][ T6067] overlayfs: ...falling back to index=off. [ 55.210532][ T6067] overlayfs: ...falling back to uuid=null. [ 55.405964][ T6082] process 'syz.0.27' launched '/dev/fd/4' with NULL argv: empty string added [ 56.242398][ T6105] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 56.511809][ T5291] Bluetooth: hci2: command tx timeout [ 56.514218][ T5291] Bluetooth: hci3: command tx timeout [ 56.516015][ T64] Bluetooth: hci0: command tx timeout [ 56.516498][ T5291] Bluetooth: hci1: command tx timeout [ 56.766737][ T6153] overlayfs: failed to clone upperpath [ 57.017578][ T6174] fuse: Bad value for 'fd' [ 57.078259][ T40] kauditd_printk_skb: 111 callbacks suppressed [ 57.078269][ T40] audit: type=1400 audit(1770427444.389:203): avc: denied { sys_module } for pid=6179 comm="syz.1.67" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 57.087464][ T40] audit: type=1400 audit(1770427444.389:204): avc: denied { audit_write } for pid=6182 comm="syz.0.69" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 57.094941][ T40] audit: type=1400 audit(1770427444.409:205): avc: denied { watch watch_reads } for pid=6182 comm="syz.0.69" path="/23" dev="tmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 57.146220][ T6190] xt_hashlimit: size too large, truncated to 1048576 [ 57.161727][ T40] audit: type=1326 audit(1770427444.469:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6191 comm="syz.2.72" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f6f9aeb9 code=0x7ff00000 [ 57.169806][ T40] audit: type=1326 audit(1770427444.469:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6191 comm="syz.2.72" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f6f9aeb9 code=0x7ff00000 [ 57.179235][ T40] audit: type=1326 audit(1770427444.469:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6191 comm="syz.2.72" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f6f9aeb9 code=0x7ff00000 [ 57.187592][ T40] audit: type=1326 audit(1770427444.469:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6191 comm="syz.2.72" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f6f9aeb9 code=0x7ff00000 [ 57.194991][ T40] audit: type=1326 audit(1770427444.469:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6191 comm="syz.2.72" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f6f9aeb9 code=0x7ff00000 [ 57.202039][ T40] audit: type=1326 audit(1770427444.469:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6191 comm="syz.2.72" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f6f9aeb9 code=0x7ff00000 [ 57.209606][ T40] audit: type=1326 audit(1770427444.469:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6191 comm="syz.2.72" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f01f6f9aeb9 code=0x7ff00000 [ 57.270538][ T6205] xt_TPROXY: Can be used only with -p tcp or -p udp [ 57.799271][ T6232] xt_hashlimit: size too large, truncated to 1048576 [ 58.497195][ T6277] xt_hashlimit: size too large, truncated to 1048576 [ 58.592069][ T5291] Bluetooth: hci0: command tx timeout [ 58.592110][ T5935] Bluetooth: hci3: command tx timeout [ 58.593884][ T5291] Bluetooth: hci2: command tx timeout [ 58.601615][ T5291] Bluetooth: hci1: command tx timeout [ 59.847373][ T6335] netlink: 4 bytes leftover after parsing attributes in process `syz.1.128'. [ 60.196244][ T6373] overlayfs: failed to clone upperpath [ 60.260610][ T6380] ======================================================= [ 60.260610][ T6380] WARNING: The mand mount option has been deprecated and [ 60.260610][ T6380] and is ignored by this kernel. Remove the mand [ 60.260610][ T6380] option from the mount to silence this warning. [ 60.260610][ T6380] ======================================================= [ 60.272626][ T6380] overlayfs: failed to clone upperpath [ 60.275735][ T6380] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 60.278768][ T6380] overlayfs: missing 'lowerdir' [ 60.671665][ T5291] Bluetooth: hci1: command tx timeout [ 60.671691][ T64] Bluetooth: hci3: command tx timeout [ 60.673577][ T5291] Bluetooth: hci0: command tx timeout [ 60.675271][ T64] Bluetooth: hci2: command tx timeout [ 60.845906][ T6411] loop1: detected capacity change from 0 to 8 [ 60.894372][ T6419] xt_hashlimit: size too large, truncated to 1048576 [ 60.912053][ T6411] [ 60.913217][ T6411] ====================================================== [ 60.916195][ T6411] WARNING: possible circular locking dependency detected [ 60.919187][ T6411] syzkaller #0 Not tainted [ 60.921294][ T6411] ------------------------------------------------------ [ 60.924281][ T6411] syz.0.162/6411 is trying to acquire lock: [ 60.926860][ T6411] ffff88801ca8f220 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9c/0xf0 [ 60.931229][ T6411] [ 60.931229][ T6411] but task is already holding lock: [ 60.934374][ T6411] ffff8881052f09e8 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 60.938585][ T6411] [ 60.938585][ T6411] which lock already depends on the new lock. [ 60.938585][ T6411] [ 60.941875][ T6411] [ 60.941875][ T6411] the existing dependency chain (in reverse order) is: [ 60.944741][ T6411] [ 60.944741][ T6411] -> #2 (&q->q_usage_counter(io)#18){++++}-{0:0}: [ 60.947454][ T6411] blk_alloc_queue+0x610/0x750 [ 60.949149][ T6411] blk_mq_alloc_queue+0x174/0x290 [ 60.950905][ T6411] __blk_mq_alloc_disk+0x29/0x120 [ 60.952690][ T6411] loop_add+0x498/0xb60 [ 60.954209][ T6411] loop_init+0x1d3/0x200 [ 60.955753][ T6411] do_one_initcall+0x11d/0x690 [ 60.957452][ T6411] kernel_init_freeable+0x6e5/0x790 [ 60.959228][ T6411] kernel_init+0x1f/0x1e0 [ 60.960779][ T6411] ret_from_fork+0x754/0xaf0 [ 60.962387][ T6411] ret_from_fork_asm+0x1a/0x30 [ 60.964071][ T6411] [ 60.964071][ T6411] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 60.966367][ T6411] fs_reclaim_acquire+0xc4/0x100 [ 60.968074][ T6411] kmem_cache_alloc_noprof+0x5b/0x780 [ 60.969966][ T6411] __kernfs_iattrs+0x126/0x400 [ 60.971657][ T6411] __kernfs_setattr+0x4d/0x3c0 [ 60.973364][ T6411] kernfs_iop_setattr+0xda/0x130 [ 60.975121][ T6411] notify_change+0xb25/0x12d0 [ 60.976781][ T6411] do_truncate+0x1df/0x240 [ 60.978360][ T6411] path_openat+0x29da/0x3120 [ 60.979979][ T6411] do_filp_open+0x1f7/0x420 [ 60.981593][ T6411] do_sys_openat2+0x12e/0x220 [ 60.983223][ T6411] __x64_sys_openat+0x12d/0x210 [ 60.984943][ T6411] do_syscall_64+0xc9/0xf80 [ 60.986507][ T6411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.988552][ T6411] [ 60.988552][ T6411] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}: [ 60.991188][ T6411] __lock_acquire+0x14b8/0x2630 [ 60.992933][ T6411] lock_acquire+0x17c/0x330 [ 60.994548][ T6411] down_read+0x99/0x460 [ 60.996053][ T6411] kernfs_iop_getattr+0x9c/0xf0 [ 60.997721][ T6411] vfs_getattr_nosec+0x2d4/0x430 [ 60.999452][ T6411] vfs_getattr+0x4a/0x60 [ 61.000990][ T6411] loop_query_min_dio_size.isra.0+0x117/0x250 [ 61.003071][ T6411] lo_ioctl+0x13aa/0x1bc0 [ 61.004699][ T6411] blkdev_ioctl+0x5ad/0x6f0 [ 61.006303][ T6411] __x64_sys_ioctl+0x18e/0x210 [ 61.007983][ T6411] do_syscall_64+0xc9/0xf80 [ 61.009593][ T6411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.011617][ T6411] [ 61.011617][ T6411] other info that might help us debug this: [ 61.011617][ T6411] [ 61.014840][ T6411] Chain exists of: [ 61.014840][ T6411] &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#18 [ 61.014840][ T6411] [ 61.019340][ T6411] Possible unsafe locking scenario: [ 61.019340][ T6411] [ 61.021684][ T6411] CPU0 CPU1 [ 61.023373][ T6411] ---- ---- [ 61.025113][ T6411] lock(&q->q_usage_counter(io)#18); [ 61.026830][ T6411] lock(fs_reclaim); [ 61.028893][ T6411] lock(&q->q_usage_counter(io)#18); [ 61.031366][ T6411] rlock(&root->kernfs_iattr_rwsem); [ 61.033067][ T6411] [ 61.033067][ T6411] *** DEADLOCK *** [ 61.033067][ T6411] [ 61.035622][ T6411] 3 locks held by syz.0.162/6411: [ 61.037226][ T6411] #0: ffff8881052eb448 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_global_lock_killable+0x30/0xb0 [ 61.040419][ T6411] #1: ffff8881052f09e8 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 61.044072][ T6411] #2: ffff8881052f0a20 (&q->q_usage_counter(queue)#2){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 61.047761][ T6411] [ 61.047761][ T6411] stack backtrace: [ 61.049745][ T6411] CPU: 3 UID: 0 PID: 6411 Comm: syz.0.162 Not tainted syzkaller #0 PREEMPT(full) [ 61.049760][ T6411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 61.049767][ T6411] Call Trace: [ 61.049772][ T6411] [ 61.049778][ T6411] dump_stack_lvl+0x100/0x190 [ 61.049794][ T6411] print_circular_bug.cold+0x178/0x1c7 [ 61.049813][ T6411] check_noncircular+0x146/0x160 [ 61.049833][ T6411] __lock_acquire+0x14b8/0x2630 [ 61.049847][ T6411] lock_acquire+0x17c/0x330 [ 61.049858][ T6411] ? kernfs_iop_getattr+0x9c/0xf0 [ 61.049874][ T6411] ? __pfx___might_resched+0x10/0x10 [ 61.049889][ T6411] down_read+0x99/0x460 [ 61.049903][ T6411] ? kernfs_iop_getattr+0x9c/0xf0 [ 61.049919][ T6411] ? find_held_lock+0x2b/0x80 [ 61.049933][ T6411] ? __pfx_down_read+0x10/0x10 [ 61.049946][ T6411] ? kernfs_root+0xee/0x2a0 [ 61.049962][ T6411] kernfs_iop_getattr+0x9c/0xf0 [ 61.049978][ T6411] vfs_getattr_nosec+0x2d4/0x430 [ 61.049993][ T6411] ? __pfx_kernfs_iop_getattr+0x10/0x10 [ 61.050010][ T6411] vfs_getattr+0x4a/0x60 [ 61.050024][ T6411] loop_query_min_dio_size.isra.0+0x117/0x250 [ 61.050040][ T6411] ? __pfx_loop_query_min_dio_size.isra.0+0x10/0x10 [ 61.050061][ T6411] lo_ioctl+0x13aa/0x1bc0 [ 61.050079][ T6411] ? __pfx_lo_ioctl+0x10/0x10 [ 61.050094][ T6411] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 61.050109][ T6411] ? lockdep_hardirqs_on+0x78/0x100 [ 61.050121][ T6411] ? blk_get_meta_cap+0xd4/0x6c0 [ 61.050131][ T6411] ? __pfx_blk_get_meta_cap+0x10/0x10 [ 61.050141][ T6411] ? tomoyo_path_number_perm+0x28f/0x580 [ 61.050160][ T6411] ? blkdev_common_ioctl+0x515/0x2ba0 [ 61.050172][ T6411] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 61.050184][ T6411] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 61.050201][ T6411] ? do_vfs_ioctl+0x226/0x13e0 [ 61.050210][ T6411] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 61.050219][ T6411] ? ioctl_has_perm.constprop.0.isra.0+0x380/0x540 [ 61.050232][ T6411] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 61.050246][ T6411] ? __pfx_lo_ioctl+0x10/0x10 [ 61.050261][ T6411] blkdev_ioctl+0x5ad/0x6f0 [ 61.050271][ T6411] ? __pfx_blkdev_ioctl+0x10/0x10 [ 61.050281][ T6411] ? selinux_file_ioctl+0x139/0x290 [ 61.050292][ T6411] ? selinux_file_ioctl+0xb4/0x290 [ 61.050303][ T6411] ? __pfx_blkdev_ioctl+0x10/0x10 [ 61.050313][ T6411] __x64_sys_ioctl+0x18e/0x210 [ 61.050323][ T6411] do_syscall_64+0xc9/0xf80 [ 61.050336][ T6411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.050354][ T6411] RIP: 0033:0x7f1ba0d9aeb9 [ 61.050364][ T6411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 61.050374][ T6411] RSP: 002b:00007f1ba1be0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 61.050386][ T6411] RAX: ffffffffffffffda RBX: 00007f1ba1015fa0 RCX: 00007f1ba0d9aeb9 [ 61.050393][ T6411] RDX: 000000000000000b RSI: 0000000000004c06 RDI: 000000000000000a [ 61.050399][ T6411] RBP: 00007f1ba0e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 61.050406][ T6411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 61.050413][ T6411] R13: 00007f1ba1016038 R14: 00007f1ba1015fa0 R15: 00007fffb702ab18 [ 61.050423][ T6411]