last executing test programs: 1.611468699s ago: executing program 0 (id=1): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f00000003c0)={0xfffffff7, "ff0f0000000000ffffff7f016270fb00000009ffcdfe00"}) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f0000000100)={0x4, r2}) ioctl$DMA_BUF_SET_NAME_A(r4, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00') write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x12, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x7, 0x7f, 0xa6, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0x7, 0x2000005, 0x6, 0x0, 0x7, 0x3c5c, 0x1, 0x24, 0xd, 0x1, 0x0, 0xfffffffe, 0xe661, 0x4, 0x7, 0x10005, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x18e, 0x6, 0x6, 0x0, 0x6, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0xffffffff, 0x40], [0x10000007, 0xc, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0x11, 0x2c2, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0x6, 0x312, 0x66abcb92, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0xb37, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0x9, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x40, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x8, 0x3, 0x803, 0x4000009, 0x6, 0x0, 0x9, 0xbc45, 0x48c93690, 0x42, 0xcba7], [0x7, 0x408, 0x3ff, 0x5, 0xfffffffd, 0x100, 0x4, 0x45b, 0x5, 0x200, 0x0, 0x5, 0xb, 0x4, 0x7, 0x5, 0xfffffffd, 0x1ef, 0x5, 0x9, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x0, 0x2, 0x2, 0x3, 0x20000008, 0x10000004, 0x6d03, 0x6, 0x38, 0x200, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0x6, 0xac8, 0xbb, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x4, 0x1c, 0x120000, 0x407ff, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x7fff, 0x6, 0x6, 0x0, 0xb9, 0xce1, 0x1ff, 0x2, 0x57, 0x5, 0x8, 0x2, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x3, 0x5, 0x1, 0x2000002, 0x150, 0x60a7, 0x6, 0x16, 0xfffffffb, 0x80000000, 0x5, 0x5, 0xc0, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0x2, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x2, 0x530e, 0x6c1b, 0x2, 0x4, 0x5, 0x7ff, 0xd7, 0x200, 0xb, 0xfffffff8]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x20, 0x3, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0x0, 0x1c}}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004000}, 0x4) 1.541920658s ago: executing program 0 (id=5): socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x24040084) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)) r2 = socket$unix(0x1, 0x5, 0x0) getsockopt$sock_buf(r2, 0x1, 0x1c, 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) r3 = socket$nl_route(0x10, 0x3, 0x0) unshare(0x6a040000) mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = gettid() sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100000300"/20, @ANYRES32=r3, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r5], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) 1.363495802s ago: executing program 2 (id=6): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x1}, 0x0) (async, rerun: 64) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) (rerun: 64) ioctl$FS_IOC_GETFSLABEL(r1, 0x400452c8, &(0x7f0000000100)) (async, rerun: 64) r2 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) (rerun: 64) write$binfmt_format(r2, &(0x7f0000000100)='-1\x00', 0x2) close_range(r2, 0xffffffffffffffff, 0x0) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000480), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010700002e00000008000100"], 0x38}}, 0x0) 1.223123124s ago: executing program 2 (id=8): r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r0, 0x400, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) pread64(r1, &(0x7f0000001440)=""/126, 0x7e, 0x41) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x1f) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket(0x10, 0x803, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r5, r6, 0xfffffffffffffc01, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24, 0x66, 0x0, 0x0, 0x2000}, 0x24}}, 0x0) getsockname$packet(r3, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x401, 0x0, 0x1, {0x0, 0x0, 0x0, r8}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @mcast2}]}}}]}, 0x48}}, 0x0) r9 = syz_init_net_socket$x25(0x9, 0x5, 0x0) getsockopt$X25_QBITINCL(r9, 0x106, 0x1, 0x0, &(0x7f0000000040)) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newlink={0x40, 0x10, 0x401, 0x0, 0x100, {0x0, 0x0, 0x0, r8, 0x100, 0xac}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_ENCAP_FLAGS={0x6}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40001}, 0x20004090) r10 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r10, 0xc0405602, &(0x7f0000000040)={0x31, 0x1, 0x2, "1c13ebdaf2f20d55806b26b1d750185fd75a206da058e85b2197edb1439b1cc2", 0x32314d48}) 1.011790334s ago: executing program 0 (id=11): bind$netlink(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r1 = socket$inet6(0xa, 0x3, 0x5) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r2, 0x89f4, &(0x7f00000002c0)={'sit0\x00', &(0x7f0000000240)={@dev={0xac, 0x14, 0x14, 0xb}, 0x1, 0x0, 0x50, 0x0, [{@empty}, {@initdev}, {@multicast2}, {@broadcast}, {@loopback}]}}) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, &(0x7f0000000300), &(0x7f0000000340)=r0}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8, &(0x7f0000000640)=[0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xe1, &(0x7f00000006c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000700), &(0x7f0000000740), 0x8, 0xd2, 0x8, 0x8, &(0x7f0000000780)}}, 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000020180)={'#! ', './file0'}, 0xb) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000400), r5) ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000680)={'wpan0\x00', 0x0}) sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x44, 0x0, 0x207, 0x0, 0x0, {0x4b}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}}, 0x0) sendmsg$NL802154_CMD_NEW_SEC_DEV(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010028bd7000fbdbdf251a00000004002e8008000300", @ANYRES32=r8, @ANYBLOB='4\x00.'], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20040) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r4, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x1, 0xc, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000081000000000000000f000000182b0000", @ANYRES32, @ANYRESOCT=r1, @ANYRES32=0x1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000001b00000095000000000000001ad25831a80df6ebc988c38708491b1151127dabba8c44e60ec46eb04f59897017f43e2b07a25cb337312058f6"], &(0x7f0000000a00)='GPL\x00', 0xe04, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000a40)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000a80)={0x3, 0x7, 0x1, 0xda}, 0x10, 0xffffffffffffffff, r0, 0x3, &(0x7f0000000ac0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0x1], &(0x7f0000000b00)=[{0x80, 0x1, 0xe}, {0x4, 0x1, 0x8, 0x2}, {0x2, 0x2, 0x2, 0x5}], 0x10, 0xff0}, 0x94) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000c00), 0x4) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f0000000cc0)={0x0, r10}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x0, 0x1a, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x12200, 0x0, 0x0, 0x0, 0x214b}, {}, {}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @jmp={0x5, 0x0, 0x8, 0x6, 0xb, 0xffffffffffffffc0, 0xffffffffffffffff}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x4}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='syzkaller\x00', 0x8, 0xcf, &(0x7f0000000500)=""/207, 0x41100, 0x0, '\x00', r3, @fallback=0xf, r4, 0x8, &(0x7f0000000900)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000940)={0x2, 0xb, 0x4, 0x6}, 0x10, 0xffffffffffffffff, r9, 0x1, &(0x7f0000000c40), &(0x7f0000000c80)=[{0x5, 0x2, 0xe, 0x5}], 0x10, 0x4}, 0x94) syz_emit_ethernet(0x5e, &(0x7f0000000180)=ANY=[@ANYBLOB="cf702e8cf675aaaaaaaa18dc7af4ae9d02a100283afffe880000000000000000000000000001ff0200000000000000000000000000018900907800000000fe800000000000000000000000000000fe800000000000000000610000000000000b6e827af6b15cb69eee14e266e9ee02f310c7fca412bd34419013f3dd5dc6db474cd0352c521782f2c80a5f8ca64bb4b50bfc6bea959b1ab2aa2feb7c80d6d778e65b737569"], 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(0xffffffffffffffff, 0xfffffffc) syz_emit_ethernet(0xa6, &(0x7f0000000d80)={@random="53427c180ac6", @empty, @void, {@ipv6={0x86dd, @icmpv6={0x8, 0x6, "c38d83", 0x70, 0x3a, 0x1, @local, @local, {[@hopopts={0x2f, 0x0, '\x00', [@pad1]}, @fragment={0x2b, 0x0, 0x2a, 0x0, 0x0, 0x12, 0x66}, @srh={0x6, 0x6, 0x4, 0x3, 0x6, 0x10, 0x1, [@mcast2, @mcast2, @remote]}, @fragment={0x4, 0x0, 0xd, 0x1, 0x0, 0x1, 0x64}], @mld={0x82, 0x0, 0x0, 0x7, 0xa167, @ipv4={'\x00', '\xff\xff', @local}}}}}}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60ff00f500140600fe8000000000000000000000000000aaff02000000000000000000000000000100004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="633b075590780000"], 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=0x0) getpriority(0x2, r11) 911.867694ms ago: executing program 3 (id=14): sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c1) r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0xfffff000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 770.444824ms ago: executing program 0 (id=16): r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000000)={{0x7, 0x2}, 0x4}, 0x10) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000040)=0x1, 0x4) ppoll(&(0x7f0000000080)=[{r0, 0x24}, {r0, 0x134}, {r0, 0x1000}, {r0, 0x23a2}, {r0, 0x4000}], 0x5, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000100)={[0x3]}, 0x8) ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04) getsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000140), &(0x7f0000000180)=0xe) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) getsockopt$WPAN_SECURITY(r1, 0x0, 0x1, &(0x7f0000000200), &(0x7f0000000240)=0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'veth1_to_bridge\x00'}) r2 = syz_open_dev$video4linux(&(0x7f00000002c0), 0xffffffffffff7fff, 0x40) vmsplice(r2, &(0x7f0000000440)=[{&(0x7f0000000300)}, {&(0x7f0000000340)="c463573b7b5164d29d216b5bd14191aa57d7b8c7db805b46465b6685d21dfa81fdec938949825e2e1bf854473117f9278007c40839301650758a4cf3312eee8238fd9757d3f0e56639223baee586b3bc", 0x50}, {&(0x7f00000003c0)="4a8e8a67002a1a1b8557000b8fb990bb80077ebf5492e2511ca79a9363b2b425605982c5a310c3401c1e3ea74f7f240a2b0b9efb65afbca27f779cb7b128fcb0c35419b0aa279daddc3f6c7e7368461a70c04d575261720a161b04584db9c16d095f8141c6a3a1c87c357f69", 0x6c}], 0x3, 0x0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000480)={'mangle\x00', 0x0, [0x3, 0xd6d, 0xb38, 0x5, 0x5451]}, &(0x7f0000000500)=0x54) ioctl$SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f0000000540)={0x59, ""/89}) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect(r3, &(0x7f0000000600)=@llc={0x1a, 0x322, 0x7f, 0x9, 0x80, 0x40, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x29}}, 0x80) ioctl$IMGETDEVINFO(r1, 0x80044944, &(0x7f0000000680)={0xb7}) ioctl$UI_GET_SYSNAME(0xffffffffffffffff, 0x8040552c, &(0x7f00000006c0)) ioctl$SNDCTL_DSP_RESET(r1, 0x5000, 0x0) r4 = syz_io_uring_setup(0x2210, &(0x7f0000000700)={0x0, 0xbdc8, 0x40, 0x1, 0x31a}, &(0x7f0000000780)=0x0, &(0x7f00000007c0)) r6 = syz_io_uring_setup(0x481e, &(0x7f0000000800)={0x0, 0xc355, 0x4000, 0x3, 0x24d, 0x0, r1}, &(0x7f0000000880), &(0x7f00000008c0)=0x0) syz_io_uring_submit(r5, r7, &(0x7f0000000900)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x24, 0x4004, @fd_index=0x4, 0x2, 0x0, 0x0, 0x6, 0x1}) syz_open_dev$dri(&(0x7f0000000940), 0x2, 0x5d5000) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000009c0), r1) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000a00)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000b00)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x70, r8, 0x200, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x6, 0x26}}}}, [@NL80211_ATTR_HANDLE_DFS={0x4}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x1}, @NL80211_ATTR_MESH_SETUP={0x3c, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC={0x5, 0x2, 0x1}, @NL80211_MESH_SETUP_AUTH_PROTOCOL={0x5, 0x8, 0x2}, @NL80211_MESH_SETUP_USERSPACE_AUTH={0x4}, @NL80211_MESH_SETUP_USERSPACE_AUTH={0x4}, @NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5, 0x1, 0x1}, @NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL={0x5}, @NL80211_MESH_SETUP_AUTH_PROTOCOL={0x5, 0x8, 0xff}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}, @NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) close_range(r6, r2, 0x0) r10 = creat(&(0x7f0000000b40)='./file0\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r10, 0x40505331, &(0x7f0000000b80)={{0x8, 0x3}, {0x3, 0x4c}, 0x1, 0x4, 0x9}) io_uring_enter(r1, 0x467e, 0x41b3, 0x40, &(0x7f0000000c00)={[0x7]}, 0x8) fcntl$setpipe(r4, 0x407, 0x3) 770.218701ms ago: executing program 3 (id=17): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x80, 0xfffffffc, 0xdc67}}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000030a03000000000000001800020000020900030073797a32000000000c0004800b000140000000020900010073797a31"], 0x60}}, 0x4000) 768.026044ms ago: executing program 0 (id=18): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {}, {0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r7 = memfd_create(&(0x7f0000000540)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b%\xaa?\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV', 0x3) ftruncate(r7, 0xffff) fcntl$addseals(r7, 0x409, 0x7) r8 = ioctl$UDMABUF_CREATE(r6, 0x40187542, &(0x7f0000000000)={r7, 0x0, 0x0, 0x8000}) lseek(r8, 0x1000000000931f, 0x0) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000700)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_GET_WPAN_PHY(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x1c, r4, 0x7d243a6ea807936d, 0x12, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c881}, 0x4000080) 712.001605ms ago: executing program 3 (id=19): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48) creat(&(0x7f00000002c0)='./file0\x00', 0x0) fchmodat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xfffffe99) creat(&(0x7f0000000180)='./file0\x00', 0x0) r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1000001000005, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000000)={0x980915, 0x8}) bpf$MAP_CREATE(0x0, 0x0, 0x48) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='fd\x00') r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000004dc0)={0x0, 0x0, &(0x7f0000004d80)={&(0x7f0000000000)=@deltclass={0x3c, 0x29, 0x400, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x540f7e52ffe194b3}, {0xfff2, 0xa}, {0xfff3, 0xc}}, [@TCA_RATE={0x6, 0x5, {0x1, 0x4}}, @tclass_kind_options=@c_tbf={0x8}, @tclass_kind_options=@c_sfb={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x4080) readlinkat(r2, &(0x7f0000000040)='./file1\x00', &(0x7f00000021c0)=""/102372, 0x18fe4) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x24, 0x3c, 0x107, 0x0, 0x0, {0x2, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0xc000) bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r4}, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x8, 0x40, &(0x7f0000000480)=ANY=[@ANYBLOB="ed06412621c16d820f1eb79fcb1dd80b61e217279b94c04eaf356a8f4fee089c78e2becd56460a7e599c5848b4f09be65b23e95b520105c8df6046436388711ee96a8b96b621baa855fc4c4778917b8e218d33ddb302e6a6a584a6c1f6a68b78136971afbf31b082302d4aabf4f483bfb9cf9ac2518693f83cc7d4db6244787c8eac4c3cde0bdc474a7cbfff49efdffd0298bff344e7bb6e92eef38c5c25806b4289c58a726ba563f9a8403eaeb85b47e3a7638fdb65b7e55e12b63ed1267cd1d88f96de57e0b9e7f730d1bbd263947f3e3bb8b5bc7e9fdd01472562229dd372d367a345", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000037000000bf0900000000000055090100000000009500000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000076000000bf91000000000000b7020000000000001400000005000000b70000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffefd}, 0x94) 711.729723ms ago: executing program 3 (id=20): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x9403, 0x0, 0x2e0, 0x2c0, 0x410, 0x3d8, 0x3d8, 0x410, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0xffffffff, 0x1, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@ipv6={@empty, @local, [], [], 'ip6erspan0\x00', 'bridge_slave_1\x00'}, 0x0, 0xd0, 0x130, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@remote}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540) add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}}, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) 641.977946ms ago: executing program 0 (id=23): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x180) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r1 = open(&(0x7f0000000000)='./file0\x00', 0x860100, 0xc4) getdents(r1, &(0x7f0000001fc0)=""/184, 0x20002078) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) writev(r2, &(0x7f0000000100)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f88f7", 0x12}, {&(0x7f0000000040)="dd7fb78fb52ae97c75f16d067e11415380270996f3f4b616b45322a4415fdf5d003b", 0x22}], 0x2) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r7 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r7, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r7, 0x29, 0x30, &(0x7f00000003c0)=ANY=[@ANYBLOB="2b000000000000000a004e2000000000ff020000000000000000000000000001fcffffff000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x90) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xd, 0x8}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3}}]}}]}, 0x48}}, 0x0) r8 = socket(0x400000000010, 0x3, 0x0) r9 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff003, {0x0, 0x0, 0x0, r10, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x5}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800) 641.755788ms ago: executing program 3 (id=24): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0x3, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x192) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000006200)='./bus\x00', &(0x7f0000000000), 0x4002, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x11a) mknodat(r2, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./bus\x00') r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) lseek(r3, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x300, 0x61}, @ipv4=@tcp={{0x5, 0x4, 0x0, 0x3c, 0x63, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {{0x2200, 0x22eb, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x6}, {"4adcda08f6e83e2aa00e133f88a8349f88a8d34258b7ce59c9f907afa16494c9529c474f408faf3b9f94bd27baf2da8080408833ba4d60cbac74d7"}}}}, 0x71) 501.741276ms ago: executing program 1 (id=26): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newae={0x48, 0x1e, 0x301, 0x70bd2a, 0x25dfdbfe, {{@in=@rand_addr=0x64010100, 0x4d4, 0x2, 0x2b}, @in=@private=0xa010101, 0x3, 0x3500}, [@etimer_thresh={0x8, 0xc, 0x10001}]}, 0x48}, 0x1, 0x0, 0x0, 0x40004}, 0x0) r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000040), 0x2880, 0x0) ioctl$CDROMEJECT_SW(r3, 0x530f, 0x1) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000000c0)={0x2c, r1, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x4}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x2c}}, 0x20000000) 500.364339ms ago: executing program 1 (id=27): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x11, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) 433.302203ms ago: executing program 1 (id=28): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000580), r0) sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)={0x40, r1, 0x201, 0x4000000, 0x0, {0x3, 0x0, 0x26}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'sit0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010101}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x40}, 0x8, 0x3000000000002, 0x0, 0x885}, 0x24000090) r2 = accept4(0xffffffffffffffff, &(0x7f0000000640)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000005c0)=0x80, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r3) mkdir(&(0x7f00000003c0)='./file0\x00', 0x21) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000480)={0x0, 0x2, 0x24, 0x8f82}) mkdir(&(0x7f0000000200)='./bus\x00', 0x10) mount$overlay(0x0, &(0x7f0000000700)='./bus\x00', &(0x7f0000000080), 0x2108085, &(0x7f0000000940)={[{@volatile}, {@index_on}, {@upperdir={'upperdir', 0x3d, './file1'}}], [{@euid_lt}, {@euid_lt}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@obj_role={'obj_role', 0x3d, 'volatile'}}, {@flag='silent'}]}) chdir(&(0x7f0000000140)='./bus\x00') sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="58010000100001000000000000000000fc0100000000000000000000000000000800000000000000000000000000000008000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000ac1414aa00000000000000000000000003000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000cd000000000000001c0017000000000000000000000000000000000000000000000000004c001400636d6163286165732900"/272], 0x158}}, 0x0) rmdir(&(0x7f0000000040)='./bus\x00') sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="05a3ce00ffff000000000d800000"], 0x14}, 0x1, 0x0, 0x0, 0x24004804}, 0x20000000) sendmsg$BATADV_CMD_TP_METER_CANCEL(r2, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="100000000500380001000000080032001e0000000a000900bbbbbbbbbbbb000008002b00be0a0000050035005600000008003b0008000000080034007f00000002d34dd860386800f171b33007e5956b81f43770e49ef5a284e25c41"], 0x50}, 0x1, 0x0, 0x0, 0x400c000}, 0x4004014) openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x8240, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f00000000c0), &(0x7f0000000180)=0x14) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000022850000000e0000003f0001000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x1900000, &(0x7f0000000600)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@volatile}]}) creat(&(0x7f0000000440)='./file0/file0\x00', 0x188) lsetxattr$security_capability(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') creat(&(0x7f0000000140)='./file0\x00', 0x0) 362.093212ms ago: executing program 1 (id=29): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x4, @loopback, 0x9}, 0x39) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x12, r3, 0x10000) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x303}, "afa7f99466cd13c9", "372a31a11e03279cec094e071cc80f218d360356a936a7e3971a8c35c47e5804", "17adc808", "fffffffffffffffd"}, 0x38) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x19, {{0x2, 0x0, @multicast2}}}, 0x88) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_TUNNEL_DELETE(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x7}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x8001}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x9}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x4}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_DEBUG={0x8}]}, 0xa}, 0x1, 0x0, 0x0, 0x4040004}, 0x4004000) r5 = io_uring_setup(0x5bde, &(0x7f0000000380)={0x0, 0x5f41, 0x80, 0x0, 0xfffffffe}) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0) close_range(r5, 0xffffffffffffffff, 0x0) r6 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r6, 0x50009405, &(0x7f0000000180)) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f0000000280)={0x0, 0x64, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040090}, 0xc0) r7 = socket$inet_tcp(0x2, 0x1, 0x0) r8 = socket$netlink(0x10, 0x3, 0x15) writev(r8, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) close_range(r7, 0xffffffffffffffff, 0x0) ioctl$SG_GET_RESERVED_SIZE(r6, 0x2272, &(0x7f0000000240)) 361.633789ms ago: executing program 2 (id=30): socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x24040084) socket$netlink(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x68}, 0x1, 0x0, 0x0, 0xc821}, 0x800) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)) r3 = socket$unix(0x1, 0x5, 0x0) getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) r4 = socket$nl_route(0x10, 0x3, 0x0) unshare(0x6a040000) mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = gettid() sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r4, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r6], 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) 303.133443ms ago: executing program 1 (id=31): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x80000, 0x8) read$char_usb(r0, &(0x7f0000000040)=""/169, 0xa9) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0xcf) keyctl$restrict_keyring(0x1d, r2, 0x0, 0x0) socket(0x15, 0x5, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1000001, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000000)={0x980912}) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_MAX_THREADS(r4, 0x40046205, &(0x7f0000000000)=0x1) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000001a80)={0x4, 0x0, &(0x7f0000001900)=[@enter_looper], 0x1, 0x0, &(0x7f0000000040)="a1"}) r5 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2) ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f0000000000)=0x2) ioctl$VIDIOC_S_STD(r5, 0x40085618, &(0x7f00000000c0)=0x8000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 62.885684ms ago: executing program 2 (id=32): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) (fail_nth: 4) 61.135865ms ago: executing program 1 (id=33): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x80dd) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e"], 0x0) write$binfmt_script(r5, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 0x2}}, 0x2e) ioctl$KVM_RUN(r6, 0xae80, 0x0) getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r8 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r8, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000080)="88b0bae0e826425499f4d4ddb99bbe211a", 0x11}, 0x1, 0x0, 0x0, 0x8004}, 0x24044044) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r7, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0) sendto$packet(r0, &(0x7f0000000480)="7eeb99b6f78c67515ea2f0d01d76", 0xe, 0x94, &(0x7f0000000000)={0x11, 0x86dd, r7, 0x1, 0x6, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 60.933512ms ago: executing program 2 (id=34): set_mempolicy(0x8000, &(0x7f0000000040)=0x1001, 0x4) set_mempolicy(0x1, &(0x7f0000000000)=0x7fffffffffffffff, 0xa) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000) 1.104874ms ago: executing program 3 (id=35): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = socket$kcm(0x10, 0x400000002, 0x0) sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0) ioctl$sock_inet_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f00000000c0)={'lo\x00', {0x2, 0x4e23, @private=0xa010101}}) r2 = fsmount(r0, 0x0, 0x0) fchdir(r2) r3 = syz_open_dev$usbfs(&(0x7f0000000000), 0x203, 0x80002) r4 = dup(r3) ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000240)={0x20, 0x1, 0x2, 0x41, 0x0, 0x5, 0x0}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0xc2400, 0x10) lseek(r5, 0x2, 0x0) r6 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0) ioctl$I2C_SMBUS(r6, 0x720, &(0x7f00000000c0)={0x0, 0x0, 0x6, &(0x7f0000000080)={0x21, "cbc19de8d51fc1a057020ccfd7da422ceb02449515512b2bde3ea4bdb44a7af50b"}}) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r8, 0x800448d3, &(0x7f0000001540)) bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000180)={0x1, 0x0, [{0x4, 0x6, 0x2, 0x4, 0x8, 0x9, 0x1ff}]}) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000001000010800000000fddbdf2500000000", @ANYRES32=0x0, @ANYRES32=r7], 0x30}}, 0x4000000) write(r7, &(0x7f0000000040)="18000000010005", 0x7) r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0) r11 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r11, 0x4b4b, &(0x7f0000000040)={0x4, 0x0, 0x3, 0x1d, 0x100, 0x0}) pread64(r2, &(0x7f0000000340)=""/142, 0x8e, 0x401) ioctl$LOOP_SET_FD(r10, 0x4c00, r9) 0s ago: executing program 2 (id=36): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r2, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r0}, 0x20) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) syz_clone(0xc0080, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r4, 0x107, 0x13, 0x0, &(0x7f0000001400)) sendmsg$nl_generic(r3, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002640)={0x14, 0x38, 0x1, 0x70bd2c, 0x25dfdbff, {0x12}}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0xc804) sendmmsg$inet6(r0, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000600)="e2", 0x1}], 0x1}}, {{0x0, 0x1, &(0x7f0000000480), 0x14}}], 0x400, 0x10) kernel console output (not intermixed with test programs): [ 47.312343][ T40] audit: type=1400 audit(1752046243.022:61): avc: denied { siginh } for pid=5927 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:8673' (ED25519) to the list of known hosts. [ 48.318735][ T40] audit: type=1400 audit(1752046244.052:62): avc: denied { name_bind } for pid=5934 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 48.348583][ T40] audit: type=1400 audit(1752046244.082:63): avc: denied { execute } for pid=5935 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 48.358459][ T40] audit: type=1400 audit(1752046244.082:64): avc: denied { execute_no_trans } for pid=5935 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 50.342631][ T40] audit: type=1400 audit(1752046246.072:65): avc: denied { mounton } for pid=5935 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 50.347101][ T5935] cgroup: Unknown subsys name 'net' [ 50.349575][ T40] audit: type=1400 audit(1752046246.082:66): avc: denied { mount } for pid=5935 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 50.487301][ T5935] cgroup: Unknown subsys name 'cpuset' [ 50.492620][ T5935] cgroup: Unknown subsys name 'rlimit' [ 50.652846][ T5940] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 51.309479][ T5935] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 54.914871][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 54.914886][ T40] audit: type=1400 audit(1752046250.652:80): avc: denied { execmem } for pid=5942 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 55.214217][ T40] audit: type=1400 audit(1752046250.952:81): avc: denied { create } for pid=5946 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 55.224581][ T40] audit: type=1400 audit(1752046250.952:82): avc: denied { read write } for pid=5946 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 55.232022][ T40] audit: type=1400 audit(1752046250.952:83): avc: denied { open } for pid=5946 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 55.239381][ T40] audit: type=1400 audit(1752046250.952:84): avc: denied { ioctl } for pid=5946 comm="syz-executor" path="socket:[5706]" dev="sockfs" ino=5706 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 55.269545][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 55.272734][ T5960] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 55.275637][ T5958] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 55.279064][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 55.280009][ T5958] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 55.282282][ T5955] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 55.285602][ T5958] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 55.287685][ T5955] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 55.291420][ T5958] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 55.294644][ T5950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 55.295581][ T5958] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 55.297800][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 55.300810][ T5958] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 55.302188][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 55.307980][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 55.310250][ T5962] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 55.313668][ T5962] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 55.315632][ T40] audit: type=1400 audit(1752046251.052:85): avc: denied { read } for pid=5956 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 55.316574][ T5962] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 55.327622][ T5962] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 55.328622][ T40] audit: type=1400 audit(1752046251.052:86): avc: denied { open } for pid=5948 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 55.330073][ T5962] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 55.339305][ T40] audit: type=1400 audit(1752046251.052:87): avc: denied { mounton } for pid=5948 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 55.634711][ T40] audit: type=1400 audit(1752046251.372:88): avc: denied { module_request } for pid=5946 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 55.663863][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 55.720408][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 55.782174][ T5956] chnl_net:caif_netlink_parms(): no params data found [ 55.850192][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.852896][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.855508][ T5946] bridge_slave_0: entered allmulticast mode [ 55.858289][ T5946] bridge_slave_0: entered promiscuous mode [ 55.878676][ T5959] chnl_net:caif_netlink_parms(): no params data found [ 55.918190][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.921168][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.924277][ T5946] bridge_slave_1: entered allmulticast mode [ 55.926947][ T5946] bridge_slave_1: entered promiscuous mode [ 55.973239][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.976480][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.979547][ T5948] bridge_slave_0: entered allmulticast mode [ 55.983382][ T5948] bridge_slave_0: entered promiscuous mode [ 56.011319][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.015509][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.017780][ T5948] bridge_slave_1: entered allmulticast mode [ 56.020401][ T5948] bridge_slave_1: entered promiscuous mode [ 56.073420][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.107702][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.112536][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.122013][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.125039][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.127964][ T5956] bridge_slave_0: entered allmulticast mode [ 56.131780][ T5956] bridge_slave_0: entered promiscuous mode [ 56.185586][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.220621][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.223507][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.226926][ T5956] bridge_slave_1: entered allmulticast mode [ 56.230821][ T5956] bridge_slave_1: entered promiscuous mode [ 56.262978][ T5946] team0: Port device team_slave_0 added [ 56.268295][ T5946] team0: Port device team_slave_1 added [ 56.313323][ T5959] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.316372][ T5959] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.319175][ T5959] bridge_slave_0: entered allmulticast mode [ 56.322260][ T5959] bridge_slave_0: entered promiscuous mode [ 56.366537][ T5948] team0: Port device team_slave_0 added [ 56.369184][ T5959] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.371853][ T5959] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.374923][ T5959] bridge_slave_1: entered allmulticast mode [ 56.377555][ T5959] bridge_slave_1: entered promiscuous mode [ 56.383092][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.387813][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.390670][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.399627][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.405648][ T5948] team0: Port device team_slave_1 added [ 56.422886][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.429626][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.432351][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.443438][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.536875][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.539109][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.547338][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.552193][ T5959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.581507][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.583845][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.592009][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.596851][ T5959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.602937][ T5956] team0: Port device team_slave_0 added [ 56.657081][ T5956] team0: Port device team_slave_1 added [ 56.725740][ T5959] team0: Port device team_slave_0 added [ 56.773274][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.776370][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.786919][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.794602][ T5946] hsr_slave_0: entered promiscuous mode [ 56.797270][ T5946] hsr_slave_1: entered promiscuous mode [ 56.801771][ T5959] team0: Port device team_slave_1 added [ 56.829690][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.832645][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.844072][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.954257][ T5948] hsr_slave_0: entered promiscuous mode [ 56.956997][ T5948] hsr_slave_1: entered promiscuous mode [ 56.959587][ T5948] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.962958][ T5948] Cannot create hsr debugfs directory [ 56.995173][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.997482][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.007518][ T5959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.013145][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.015934][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.023849][ T5959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.048877][ T5956] hsr_slave_0: entered promiscuous mode [ 57.051513][ T5956] hsr_slave_1: entered promiscuous mode [ 57.054135][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.057082][ T5956] Cannot create hsr debugfs directory [ 57.244397][ T5959] hsr_slave_0: entered promiscuous mode [ 57.246668][ T5959] hsr_slave_1: entered promiscuous mode [ 57.248738][ T5959] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.251078][ T5959] Cannot create hsr debugfs directory [ 57.364761][ T5962] Bluetooth: hci0: command tx timeout [ 57.364766][ T5960] Bluetooth: hci1: command tx timeout [ 57.364770][ T5963] Bluetooth: hci2: command tx timeout [ 57.374092][ T5963] Bluetooth: hci3: command tx timeout [ 57.454700][ T5946] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 57.469765][ T5946] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 57.480807][ T5946] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 57.505518][ T5946] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 57.535661][ T5948] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.540114][ T5948] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.544637][ T5948] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.557975][ T5948] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.617762][ T5956] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 57.622303][ T5956] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 57.635236][ T5956] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 57.639367][ T5956] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 57.690105][ T5959] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 57.696005][ T5959] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 57.701082][ T5959] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 57.706465][ T5959] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 57.751898][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.782845][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.798401][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.801464][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.809265][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.817689][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.825986][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.828262][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.837119][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.851590][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.854367][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.868494][ T5956] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.874636][ T101] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.876991][ T101] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.891457][ T101] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.894622][ T101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.904703][ T5959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.911703][ T1143] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.914827][ T1143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.961658][ T5959] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.978659][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.981194][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.981533][ T40] audit: type=1400 audit(1752046253.712:89): avc: denied { sys_module } for pid=5946 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 57.993303][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.995789][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.088271][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.121281][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.142336][ T5946] veth0_vlan: entered promiscuous mode [ 58.152692][ T5946] veth1_vlan: entered promiscuous mode [ 58.182966][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.188295][ T5948] veth0_vlan: entered promiscuous mode [ 58.200091][ T5946] veth0_macvtap: entered promiscuous mode [ 58.210828][ T5948] veth1_vlan: entered promiscuous mode [ 58.216885][ T5946] veth1_macvtap: entered promiscuous mode [ 58.237932][ T5959] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.247956][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.257330][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.262139][ T5946] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.265544][ T5946] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.268301][ T5946] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.270990][ T5946] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.281748][ T5956] veth0_vlan: entered promiscuous mode [ 58.284927][ T5948] veth0_macvtap: entered promiscuous mode [ 58.290593][ T5948] veth1_macvtap: entered promiscuous mode [ 58.316091][ T5956] veth1_vlan: entered promiscuous mode [ 58.326609][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.340789][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.358017][ T5948] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.360763][ T5948] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.363435][ T5948] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.366740][ T5948] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.381338][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.383837][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.386161][ T5956] veth0_macvtap: entered promiscuous mode [ 58.399203][ T5956] veth1_macvtap: entered promiscuous mode [ 58.406507][ T5959] veth0_vlan: entered promiscuous mode [ 58.426697][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.430212][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.442332][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.451474][ T5959] veth1_vlan: entered promiscuous mode [ 58.467211][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.470457][ T101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.473821][ T101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.480584][ T5956] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.483395][ T5956] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.487061][ T5956] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.489816][ T5956] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.503107][ T5946] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 58.513572][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.517324][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.559596][ T5959] veth0_macvtap: entered promiscuous mode [ 58.569366][ T5959] veth1_macvtap: entered promiscuous mode [ 58.597927][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.601359][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.626280][ T6037] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3'. [ 58.631863][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.633032][ T6037] loop6: detected capacity change from 0 to 524287999 [ 58.635600][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.640945][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.650522][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.658904][ T5959] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.663463][ T5959] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.668436][ T5959] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.672005][ T5959] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.784012][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.786529][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.825116][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 58.834236][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.869239][ T6054] syz.3.7 uses obsolete (PF_INET,SOCK_PACKET) [ 58.939956][ T6058] process 'syz.1.2' launched './file2' with NULL argv: empty string added [ 59.153423][ T6069] input: syz1 as /devices/virtual/input/input5 [ 59.154064][ T6070] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 59.211820][ T6071] xt_hashlimit: size too large, truncated to 1048576 [ 59.217549][ T6073] netlink: 'syz.3.12': attribute type 4 has an invalid length. [ 59.220720][ T6073] netlink: 40 bytes leftover after parsing attributes in process `syz.3.12'. [ 59.269809][ T6077] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11'. [ 59.290312][ T6077] netlink: 'syz.0.11': attribute type 1 has an invalid length. [ 59.292834][ T6077] netlink: 'syz.0.11': attribute type 2 has an invalid length. [ 59.309013][ T6077] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11'. [ 59.349599][ T6081] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 59.362029][ T6081] Cannot find del_set index 0 as target [ 59.444348][ T5963] Bluetooth: hci0: command tx timeout [ 59.444814][ T5962] Bluetooth: hci3: command tx timeout [ 59.446569][ T5963] Bluetooth: hci2: command tx timeout [ 59.454261][ T5963] Bluetooth: hci1: command tx timeout [ 59.490911][ T6093] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535) [ 59.519605][ T6095] netlink: 88 bytes leftover after parsing attributes in process `syz.1.22'. [ 59.533587][ T6099] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 59.542766][ T6100] syzkaller1: entered promiscuous mode [ 59.546709][ T6100] syzkaller1: entered allmulticast mode [ 59.575430][ T6102] xt_ecn: cannot match TCP bits for non-tcp packets [ 59.726957][ T6112] ======================================================= [ 59.726957][ T6112] WARNING: The mand mount option has been deprecated and [ 59.726957][ T6112] and is ignored by this kernel. Remove the mand [ 59.726957][ T6112] option from the mount to silence this warning. [ 59.726957][ T6112] ======================================================= [ 60.200982][ T6132] netlink: 60 bytes leftover after parsing attributes in process `syz.3.35'. [ 60.206913][ T40] kauditd_printk_skb: 105 callbacks suppressed [ 60.206927][ T40] audit: type=1400 audit(1752046255.932:195): avc: denied { mount } for pid=6130 comm="syz.3.35" name="/" dev="ramfs" ino=8874 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 60.224304][ C3] ------------[ cut here ]------------ [ 60.226144][ C3] WARNING: CPU: 3 PID: 6106 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x684/0x830 [ 60.228943][ C3] Modules linked in: [ 60.230332][ C3] CPU: 3 UID: 0 PID: 6106 Comm: syz.0.23 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) [ 60.234946][ T40] audit: type=1400 audit(1752046255.952:196): avc: denied { write } for pid=6130 comm="syz.3.35" name="001" dev="devtmpfs" ino=755 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 60.235817][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.247242][ T6132] netlink: 16 bytes leftover after parsing attributes in process `syz.3.35'. [ 60.247918][ C3] RIP: 0010:inet_sock_destruct+0x684/0x830 [ 60.253270][ C3] Code: 0f 0b 90 e9 12 fe ff ff e8 a9 c0 b5 f7 90 0f 0b 90 e9 5e fe ff ff e8 9b c0 b5 f7 90 0f 0b 90 e9 94 fe ff ff e8 8d c0 b5 f7 90 <0f> 0b 90 e9 d3 fe ff ff e8 ef 9b 1c f8 e9 d7 fc ff ff 4c 89 ff e8 [ 60.259289][ C3] RSP: 0018:ffffc900006f8da8 EFLAGS: 00010246 [ 60.261189][ C3] RAX: 0000000000000000 RBX: ffff888036dfb600 RCX: ffffffff8a063557 [ 60.261666][ T40] audit: type=1400 audit(1752046255.982:197): avc: denied { ioctl } for pid=6130 comm="syz.3.35" path="socket:[8879]" dev="sockfs" ino=8879 ioctlcmd=0x48d3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 60.263643][ C3] RDX: ffff888027a42440 RSI: ffffffff8a063683 RDI: 0000000000000005 [ 60.263653][ C3] RBP: 0000000000000fff R08: 0000000000000005 R09: 0000000000000000 [ 60.272595][ T40] audit: type=1400 audit(1752046255.982:198): avc: denied { bind } for pid=6130 comm="syz.3.35" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 60.275071][ C3] R10: 0000000000000fff R11: 0000000000000001 R12: ffff888036dfb600 [ 60.275083][ C3] R13: ffff888036dfb690 R14: ffffc900006f8ea8 R15: 0000000000000002 [ 60.275090][ C3] FS: 00007fae0c8406c0(0000) GS:ffff8880d6a16000(0000) knlGS:0000000000000000 [ 60.275114][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 60.275123][ C3] CR2: 00007fe4235a1f98 CR3: 000000005a12a000 CR4: 0000000000352ef0 [ 60.282686][ T40] audit: type=1400 audit(1752046255.992:199): avc: denied { getopt } for pid=6129 comm="syz.2.36" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 60.283470][ C3] Call Trace: [ 60.299820][ T40] audit: type=1400 audit(1752046256.032:200): avc: denied { write } for pid=6130 comm="syz.3.35" path="socket:[8878]" dev="sockfs" ino=8878 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 60.299898][ T6136] Bluetooth: MGMT ver 1.23 [ 60.301687][ C3] [ 60.312996][ C3] ? inet6_cleanup_sock+0x117/0x210 [ 60.313021][ C3] ? __pfx_inet6_sock_destruct+0x10/0x10 [ 60.313038][ C3] __sk_destruct+0x81/0x980 [ 60.313052][ C3] ? rcu_core+0x797/0x14e0 [ 60.313066][ C3] rcu_core+0x79c/0x14e0 [ 60.313081][ C3] ? __pfx_rcu_core+0x10/0x10 [ 60.313096][ C3] ? mark_held_locks+0x49/0x80 [ 60.313114][ C3] handle_softirqs+0x219/0x8e0 [ 60.313130][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 60.313143][ C3] ? irqtime_account_irq+0x18d/0x2e0 [ 60.313160][ C3] ? scomp_acomp_comp_decomp+0x728/0xd20 [ 60.313175][ C3] do_softirq+0xb2/0xf0 [ 60.313188][ C3] [ 60.313192][ C3] [ 60.322595][ T40] audit: type=1400 audit(1752046256.052:201): avc: denied { create } for pid=6125 comm="syz.1.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 60.323141][ C3] __local_bh_enable_ip+0x100/0x120 [ 60.334975][ T40] audit: type=1400 audit(1752046256.072:202): avc: denied { write } for pid=6125 comm="syz.1.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 60.335255][ T6133] ieee802154 phy0 wpan0: encryption failed: -22 [ 60.335762][ T6133] netlink: 8 bytes leftover after parsing attributes in process `syz.1.33'. [ 60.340651][ C3] scomp_acomp_comp_decomp+0x728/0xd20 [ 60.340675][ C3] ? find_held_lock+0x2b/0x80 [ 60.340690][ C3] ? __pfx_scomp_acomp_comp_decomp+0x10/0x10 [ 60.342420][ T40] audit: type=1400 audit(1752046256.072:203): avc: denied { write } for pid=6125 comm="syz.1.33" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 60.348334][ C3] ? __virt_addr_valid+0x31c/0x610 [ 60.348357][ C3] crypto_acomp_decompress+0x149/0x520 [ 60.348371][ C3] ? __asan_memset+0x23/0x50 [ 60.348385][ C3] zswap_decompress+0x475/0x8c0 [ 60.370401][ C3] ? __pfx_zswap_decompress+0x10/0x10 [ 60.372096][ C3] ? __pfx_xa_load+0x10/0x10 [ 60.373570][ C3] ? swp_swap_info+0xce/0x130 [ 60.375146][ C3] zswap_load+0x1c9/0x640 [ 60.376572][ C3] swap_read_folio+0x41d/0x2170 [ 60.378114][ C3] ? __pfx_swap_read_folio+0x10/0x10 [ 60.379800][ C3] ? swp_swap_info+0x70/0x130 [ 60.381280][ C3] ? __pfx_swp_swap_info+0x10/0x10 [ 60.382901][ C3] swap_cluster_readahead+0x429/0x710 [ 60.384644][ C3] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 60.386510][ C3] ? __pfx_shmem_split_large_entry.isra.0+0x10/0x10 [ 60.388570][ C3] ? css_rstat_updated+0x9d/0xd30 [ 60.390153][ C3] ? find_held_lock+0x2b/0x80 [ 60.391647][ C3] ? shmem_swapin_folio+0x600/0x2370 [ 60.393308][ C3] shmem_swapin_folio+0x1a45/0x2370 [ 60.395018][ C3] ? __pfx_shmem_swapin_folio+0x10/0x10 [ 60.396772][ C3] ? __pfx_filemap_get_entry+0x10/0x10 [ 60.398564][ C3] ? xas_find+0x303/0x890 [ 60.399948][ C3] shmem_get_folio_gfp+0x2c5/0x1600 [ 60.401585][ C3] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 60.403340][ C3] ? filemap_map_pages+0xf6f/0x1680 [ 60.405033][ C3] shmem_fault+0x1fe/0xa30 [ 60.406481][ C3] ? __pfx_shmem_fault+0x10/0x10 [ 60.408051][ C3] ? __pfx_filemap_map_pages+0x10/0x10 [ 60.409769][ C3] __do_fault+0x10d/0x490 [ 60.411121][ C3] __handle_mm_fault+0x3c2a/0x5490 [ 60.412755][ C3] ? __pfx___handle_mm_fault+0x10/0x10 [ 60.414525][ C3] ? __pte_offset_map_lock+0x174/0x310 [ 60.416264][ C3] ? find_held_lock+0x2b/0x80 [ 60.417740][ C3] ? find_held_lock+0x2b/0x80 [ 60.419218][ C3] ? follow_page_pte+0x3af/0x14c0 [ 60.420801][ C3] handle_mm_fault+0x589/0xd10 [ 60.422302][ C3] __get_user_pages+0x589/0x3b80 [ 60.423869][ C3] ? __pfx_mt_find+0x10/0x10 [ 60.425383][ C3] ? __pfx___get_user_pages+0x10/0x10 [ 60.427098][ C3] populate_vma_page_range+0x278/0x3a0 [ 60.428812][ C3] ? __pfx_populate_vma_page_range+0x10/0x10 [ 60.430684][ C3] ? __pfx_find_vma_intersection+0x10/0x10 [ 60.432526][ C3] __mm_populate+0x1d8/0x380 [ 60.434030][ C3] ? __pfx___mm_populate+0x10/0x10 [ 60.435656][ C3] ? up_write+0x1b2/0x520 [ 60.437030][ C3] do_mlock+0x448/0x810 [ 60.438350][ C3] ? __pfx_do_mlock+0x10/0x10 [ 60.439851][ C3] ? __x64_sys_futex+0x1e0/0x4c0 [ 60.441406][ C3] ? __x64_sys_futex+0x1e9/0x4c0 [ 60.442976][ C3] ? fput+0x70/0xf0 [ 60.444263][ C3] ? xfd_validate_state+0x61/0x180 [ 60.445895][ C3] __x64_sys_mlock+0x59/0x80 [ 60.447358][ C3] do_syscall_64+0xcd/0x4c0 [ 60.448796][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.450637][ C3] RIP: 0033:0x7fae0b98e929 [ 60.452042][ C3] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.458049][ C3] RSP: 002b:00007fae0c840038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 60.460638][ C3] RAX: ffffffffffffffda RBX: 00007fae0bbb6080 RCX: 00007fae0b98e929 [ 60.463079][ C3] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000000000 [ 60.465582][ C3] RBP: 00007fae0ba10b39 R08: 0000000000000000 R09: 0000000000000000 [ 60.468040][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 60.470472][ C3] R13: 0000000000000000 R14: 00007fae0bbb6080 R15: 00007ffcc64662e8 [ 60.472943][ C3] [ 60.473999][ C3] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 60.476296][ C3] CPU: 3 UID: 0 PID: 6106 Comm: syz.0.23 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) [ 60.479890][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.483234][ C3] Call Trace: [ 60.484316][ C3] [ 60.485225][ C3] dump_stack_lvl+0x3d/0x1f0 [ 60.486716][ C3] panic+0x71c/0x800 [ 60.487969][ C3] ? __pfx_panic+0x10/0x10 [ 60.489383][ C3] ? show_trace_log_lvl+0x29b/0x3e0 [ 60.491014][ C3] ? check_panic_on_warn+0x1f/0xb0 [ 60.492632][ C3] ? inet_sock_destruct+0x684/0x830 [ 60.494242][ C3] check_panic_on_warn+0xab/0xb0 [ 60.495859][ C3] __warn+0xf6/0x3c0 [ 60.497089][ C3] ? inet_sock_destruct+0x684/0x830 [ 60.498704][ C3] report_bug+0x3c3/0x580 [ 60.500062][ C3] ? inet_sock_destruct+0x684/0x830 [ 60.501681][ C3] handle_bug+0x184/0x210 [ 60.503038][ C3] exc_invalid_op+0x17/0x50 [ 60.504483][ C3] asm_exc_invalid_op+0x1a/0x20 [ 60.506029][ C3] RIP: 0010:inet_sock_destruct+0x684/0x830 [ 60.507854][ C3] Code: 0f 0b 90 e9 12 fe ff ff e8 a9 c0 b5 f7 90 0f 0b 90 e9 5e fe ff ff e8 9b c0 b5 f7 90 0f 0b 90 e9 94 fe ff ff e8 8d c0 b5 f7 90 <0f> 0b 90 e9 d3 fe ff ff e8 ef 9b 1c f8 e9 d7 fc ff ff 4c 89 ff e8 [ 60.513756][ C3] RSP: 0018:ffffc900006f8da8 EFLAGS: 00010246 [ 60.515677][ C3] RAX: 0000000000000000 RBX: ffff888036dfb600 RCX: ffffffff8a063557 [ 60.518007][ C3] RDX: ffff888027a42440 RSI: ffffffff8a063683 RDI: 0000000000000005 [ 60.520389][ C3] RBP: 0000000000000fff R08: 0000000000000005 R09: 0000000000000000 [ 60.522834][ C3] R10: 0000000000000fff R11: 0000000000000001 R12: ffff888036dfb600 [ 60.525281][ C3] R13: ffff888036dfb690 R14: ffffc900006f8ea8 R15: 0000000000000002 [ 60.527776][ C3] ? inet_sock_destruct+0x557/0x830 [ 60.529410][ C3] ? inet_sock_destruct+0x683/0x830 [ 60.531041][ C3] ? inet_sock_destruct+0x683/0x830 [ 60.532711][ C3] ? inet6_cleanup_sock+0x117/0x210 [ 60.534338][ C3] ? __pfx_inet6_sock_destruct+0x10/0x10 [ 60.536137][ C3] __sk_destruct+0x81/0x980 [ 60.537580][ C3] ? rcu_core+0x797/0x14e0 [ 60.538993][ C3] rcu_core+0x79c/0x14e0 [ 60.540346][ C3] ? __pfx_rcu_core+0x10/0x10 [ 60.541833][ C3] ? mark_held_locks+0x49/0x80 [ 60.543362][ C3] handle_softirqs+0x219/0x8e0 [ 60.544878][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 60.546571][ C3] ? irqtime_account_irq+0x18d/0x2e0 [ 60.548241][ C3] ? scomp_acomp_comp_decomp+0x728/0xd20 [ 60.549994][ C3] do_softirq+0xb2/0xf0 [ 60.551346][ C3] [ 60.552296][ C3] [ 60.553256][ C3] __local_bh_enable_ip+0x100/0x120 [ 60.554885][ C3] scomp_acomp_comp_decomp+0x728/0xd20 [ 60.556653][ C3] ? find_held_lock+0x2b/0x80 [ 60.558147][ C3] ? __pfx_scomp_acomp_comp_decomp+0x10/0x10 [ 60.560032][ C3] ? __virt_addr_valid+0x31c/0x610 [ 60.561653][ C3] crypto_acomp_decompress+0x149/0x520 [ 60.563363][ C3] ? __asan_memset+0x23/0x50 [ 60.564830][ C3] zswap_decompress+0x475/0x8c0 [ 60.566394][ C3] ? __pfx_zswap_decompress+0x10/0x10 [ 60.568106][ C3] ? __pfx_xa_load+0x10/0x10 [ 60.569581][ C3] ? swp_swap_info+0xce/0x130 [ 60.571069][ C3] zswap_load+0x1c9/0x640 [ 60.572471][ C3] swap_read_folio+0x41d/0x2170 [ 60.574003][ C3] ? __pfx_swap_read_folio+0x10/0x10 [ 60.575692][ C3] ? swp_swap_info+0x70/0x130 [ 60.577185][ C3] ? __pfx_swp_swap_info+0x10/0x10 [ 60.578800][ C3] swap_cluster_readahead+0x429/0x710 [ 60.580504][ C3] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 60.582353][ C3] ? __pfx_shmem_split_large_entry.isra.0+0x10/0x10 [ 60.584430][ C3] ? css_rstat_updated+0x9d/0xd30 [ 60.586035][ C3] ? find_held_lock+0x2b/0x80 [ 60.587513][ C3] ? shmem_swapin_folio+0x600/0x2370 [ 60.589162][ C3] shmem_swapin_folio+0x1a45/0x2370 [ 60.590799][ C3] ? __pfx_shmem_swapin_folio+0x10/0x10 [ 60.592543][ C3] ? __pfx_filemap_get_entry+0x10/0x10 [ 60.594240][ C3] ? xas_find+0x303/0x890 [ 60.595632][ C3] shmem_get_folio_gfp+0x2c5/0x1600 [ 60.597266][ C3] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 60.599029][ C3] ? filemap_map_pages+0xf6f/0x1680 [ 60.600670][ C3] shmem_fault+0x1fe/0xa30 [ 60.602073][ C3] ? __pfx_shmem_fault+0x10/0x10 [ 60.603632][ C3] ? __pfx_filemap_map_pages+0x10/0x10 [ 60.605332][ C3] __do_fault+0x10d/0x490 [ 60.606711][ C3] __handle_mm_fault+0x3c2a/0x5490 [ 60.608319][ C3] ? __pfx___handle_mm_fault+0x10/0x10 [ 60.610024][ C3] ? __pte_offset_map_lock+0x174/0x310 [ 60.611744][ C3] ? find_held_lock+0x2b/0x80 [ 60.613235][ C3] ? find_held_lock+0x2b/0x80 [ 60.614724][ C3] ? follow_page_pte+0x3af/0x14c0 [ 60.616338][ C3] handle_mm_fault+0x589/0xd10 [ 60.617843][ C3] __get_user_pages+0x589/0x3b80 [ 60.619399][ C3] ? __pfx_mt_find+0x10/0x10 [ 60.620859][ C3] ? __pfx___get_user_pages+0x10/0x10 [ 60.622533][ C3] populate_vma_page_range+0x278/0x3a0 [ 60.624243][ C3] ? __pfx_populate_vma_page_range+0x10/0x10 [ 60.626125][ C3] ? __pfx_find_vma_intersection+0x10/0x10 [ 60.627968][ C3] __mm_populate+0x1d8/0x380 [ 60.629433][ C3] ? __pfx___mm_populate+0x10/0x10 [ 60.631039][ C3] ? up_write+0x1b2/0x520 [ 60.632417][ C3] do_mlock+0x448/0x810 [ 60.633728][ C3] ? __pfx_do_mlock+0x10/0x10 [ 60.635199][ C3] ? __x64_sys_futex+0x1e0/0x4c0 [ 60.636778][ C3] ? __x64_sys_futex+0x1e9/0x4c0 [ 60.638330][ C3] ? fput+0x70/0xf0 [ 60.639544][ C3] ? xfd_validate_state+0x61/0x180 [ 60.641140][ C3] __x64_sys_mlock+0x59/0x80 [ 60.642587][ C3] do_syscall_64+0xcd/0x4c0 [ 60.644018][ C3] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.645881][ C3] RIP: 0033:0x7fae0b98e929 [ 60.647279][ C3] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.653188][ C3] RSP: 002b:00007fae0c840038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 60.655784][ C3] RAX: ffffffffffffffda RBX: 00007fae0bbb6080 RCX: 00007fae0b98e929 [ 60.658235][ C3] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000000000 [ 60.660692][ C3] RBP: 00007fae0ba10b39 R08: 0000000000000000 R09: 0000000000000000 [ 60.663134][ C3] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 60.665588][ C3] R13: 0000000000000000 R14: 00007fae0bbb6080 R15: 00007ffcc64662e8 [ 60.668058][ C3] [ 60.669739][ C3] Kernel Offset: disabled [ 60.671099][ C3] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:30:56 Registers: info registers vcpu 0 CPU#0 RAX=00000000b8d75602 RBX=00000025b8d75572 RCX=0000000000000000 RDX=0000000000000025 RSI=ffffffff8c158ee0 RDI=ffffffff8c158f20 RBP=00000025b8d74234 RSP=ffffc900000d7ad8 R8 =0000000000000001 R9 =0000000000000007 R10=ffffe8ffffd7d007 R11=0000000000000000 R12=0000000000000000 R13=00000000000032c9 R14=0000000000000000 R15=0000000004222901 RIP=ffffffff8b8706e9 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6716000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00002000002ca000 CR3=0000000049244000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3461c11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3461c11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3461c11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3461c11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3461c11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3461c11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3461d85488 00007f3461d85480 00007f3461d85478 00007f3461d85450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f34628ed100 00007f3461d85440 00007f3461d85458 00007f3461d854a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3461d85498 00007f3461d85490 00007f3461d85488 00007f3461d85480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000012 0000000000000000 0000000000000000 00000000000005bc ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000008207edc4 RBX=00007f966a2e5720 RCX=ffffffff8207edc4 RDX=0000000000000dc4 RSI=ffffffff8207edc4 RDI=0000000000000008 RBP=ffffffff8207edc4 RSP=00007fff1ef34278 R8 =00007f96697a0000 R9 =00007f96697a2000 R10=000000008207edc8 R11=0000000000000008 R12=0000000000000008 R13=0000000000000000 R14=ffffffff8207edc4 R15=0000000000010ddd RIP=00007f966944d9c3 RFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055558404a500 ffffffff 00c00000 GS =0000 0000000000000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f96697b0b68 CR3=000000005a108000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9669611b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9669611b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9669611b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9669611b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9669611bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9669611c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9669785488 00007f9669785480 00007f9669785478 00007f9669785450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f966a2ed100 00007f9669785440 00007f9669780004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9669785498 00007f9669785490 00007f9669785488 00007f9669785480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000005 0000000000000000 0000000000000000 00000000000001b8 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=00000000000000fb RCX=ffffc90007b34000 RDX=0000000000000cfc RSI=ffffffff8b7b1f85 RDI=0000000000000005 RBP=0000000000000028 RSP=ffffc9000423f660 R8 =0000000000000005 R9 =0000000000000004 R10=0000000000000004 R11=0000000000000001 R12=0000000000000004 R13=ffffc9000423f708 R14=0000000000000246 R15=0000000000000000 RIP=ffffffff8b7b1f8b RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fe4235a26c0 ffffffff 00c00000 GS =0000 ffff8880d6916000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000110c438686 CR3=0000000027275000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffffc00 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe422811b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe422811b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe422811b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe422811b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe422811bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe422811c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000302d 6332692f7665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000130e 40114a0c5546470c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff855bc410 RDI=ffffffff9b0c42a0 RBP=ffffffff9b0c4260 RSP=ffffc900006f86b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff36188a6 R15=dffffc0000000000 RIP=ffffffff855bc437 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fae0c8406c0 ffffffff 00c00000 GS =0000 ffff8880d6a16000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe4235a1f98 CR3=000000005a12a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000001 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda831e41b 00007ffda831e41b ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda831e920 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffda831e920 0000003000000018 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 76616c735f766461 7461622065636166 7265746e6920676e 69737520746f4e00 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7661667355766461 7461622065636166 7265746463206764 6373752074654400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f223d656d616e20 2235332e332e7a79 73223d6d6d6f6320 303331363d646970 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 313d657669737369 6d726570206d6574 737973656c69663d 7373616c63742074 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f73666d61723a72 5f7463656a626f3a 755f6d6574737973 3d747865746e6f63 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7420745f6d646173 79733a725f6d6461 7379733a746f6f72 3d747865746e6f63 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7320343738383d6f 6e69202273666d61 72223d7665642022 2f223d656d616e20 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000