last executing test programs: 2.84944646s ago: executing program 0 (id=23): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x104}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x7}) r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r4, 0x4040534e, &(0x7f0000000180)={0x13, @time={0x65757100, 0x4}, 0x0, {}, 0xfe}) r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x10}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000240)=ANY=[], 0x0, 0x0) r6 = syz_usb_connect$cdc_ecm(0x2, 0x90, &(0x7f0000000240)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7e, 0x1, 0x1, 0x6f, 0xc0, 0x7, [{{0x9, 0x4, 0x0, 0xe, 0x3, 0x2, 0x6, 0x0, 0x9, {{0xa, 0x24, 0x6, 0x0, 0x0, "e85bc79325"}, {0x5, 0x24, 0x0, 0xe}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x6, 0x9, 0xc8}, [@network_terminal={0x7, 0x24, 0xa, 0xff, 0x2, 0x8f, 0xa}, @mbim_extended={0x8, 0x24, 0x1c, 0xae7c, 0x9, 0x3}, @mdlm={0x15, 0x24, 0x12, 0x1b4}, @obex={0x5}, @mbim={0xc, 0x24, 0x1b, 0x2, 0x7, 0x4, 0x7, 0x8000, 0xb}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x40, 0x4, 0x10, 0x8}}], {{0x9, 0x5, 0x82, 0x2, 0x10, 0x7f, 0x90, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0xe6, 0x0, 0x8}}}}}]}}]}}, &(0x7f00000004c0)={0xa, &(0x7f0000000380)={0xa, 0x6, 0x110, 0xf7, 0xc6, 0xf8, 0x40}, 0x42, &(0x7f00000003c0)={0x5, 0xf, 0x42, 0x5, [@ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0x6, 0x2, 0xb}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "396e7b418db0d62f43dc61c922ca0e2e"}, @ptm_cap={0x3}, @ssp_cap={0x1c, 0x10, 0xa, 0x13, 0x4, 0x959, 0x7800, 0x401, [0xff0090, 0x0, 0xf, 0x0]}]}, 0x2, [{0x30, &(0x7f0000000440)=@string={0x30, 0x3, "9b4c6e3c65a1734a830e582987f80236d0918365dd36c11da141d278e20a839b846ec4f00185c48c09767b231bdd"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x300a}}]}) syz_usb_control_io(r6, &(0x7f0000000680)={0x2c, &(0x7f0000000500)={0x20, 0x23, 0x2a, {0x2a, 0x21, "d6cc9e248ddc4d30e6ac4ae953847ab29fba6cb2d7b550223bdba83340dd1495bf9562615a60b081"}}, &(0x7f0000000540)={0x0, 0x3, 0x3b, @string={0x3b, 0x3, "33b2f3e0a8dede7b258534d132abde1c9946ff236909bf250317bed265c8888a8ea6a534ad9a1a963b6813c928f8d4729196729fa0cc61aa5d"}}, &(0x7f00000005c0)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000000600)={0x20, 0x29, 0xf, {0xf, 0x29, 0x7, 0x4, 0x96, 0x3, "7f81d911", "a7ab1b0a"}}, &(0x7f0000000640)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x10, 0xcc, 0x1, 0x8, 0x6, 0xc783}}}, &(0x7f0000000b00)={0x84, &(0x7f00000006c0)={0x0, 0x16, 0x69, "1dc32256e3507127e2a03987f0a8bfc0a6684eebd9f8776c430c1ea4aa12774e33203b32708f373939f6547eb5f9ee126b110bed62737699357cf1f347e5fb13feddf9b4d7a60021b2e2b892d3ffd39c91f509ae99fa0aa8dc83ab17dd38d0ad4bfd790077001f6d9a"}, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x87}, &(0x7f0000000780)={0x0, 0x8, 0x1, 0x4}, &(0x7f00000007c0)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f0000000800)={0x20, 0x0, 0x8, {0x40, 0x5682e9f7d4c7677d, [0xf00]}}, &(0x7f0000000840)={0x40, 0x7, 0x2, 0x6}, &(0x7f0000000880)={0x40, 0x9, 0x1, 0x3}, &(0x7f00000008c0)={0x40, 0xb, 0x2, 'k0'}, &(0x7f0000000900)={0x40, 0xf, 0x2, 0x1}, &(0x7f0000000940)={0x40, 0x13, 0x6, @random="2de79ace001d"}, &(0x7f0000000980)={0x40, 0x17, 0x6, @random="93fa85ecd046"}, &(0x7f00000009c0)={0x40, 0x19, 0x2, "e02a"}, &(0x7f0000000a00)={0x40, 0x1a, 0x2, 0x9}, &(0x7f0000000a40)={0x40, 0x1c, 0x1, 0x33}, &(0x7f0000000a80)={0x40, 0x1e, 0x1, 0x7f}, &(0x7f0000000ac0)={0x40, 0x21, 0x1, 0xf9}}) r7 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000000)={0x8, 0x2, 0x7}) close(r0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4}) r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x248802) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r8, 0xc04c5349, &(0x7f00000001c0)={0x2, 0x6, 0x3}) r9 = socket$netlink(0x10, 0x3, 0x4) write(r9, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) recvmmsg(r9, &(0x7f0000002500)=[{{&(0x7f0000000bc0)=@isdn, 0x80, &(0x7f0000001e40)=[{&(0x7f0000000c40)=""/85, 0x55}, {&(0x7f0000000cc0)=""/4096, 0x1000}, {&(0x7f0000001cc0)=""/93, 0x5d}, {&(0x7f0000001d40)=""/229, 0xe5}], 0x4, &(0x7f0000001e80)=""/199, 0xc7}, 0x8}, {{&(0x7f0000001f80)=@nfc, 0x80, &(0x7f0000002380)=[{&(0x7f0000002000)=""/96, 0x60}, {&(0x7f0000002080)=""/148, 0x94}, {&(0x7f0000002140)=""/190, 0xbe}, {&(0x7f0000002200)=""/241, 0xf1}, {&(0x7f0000002300)=""/107, 0x6b}], 0x5, &(0x7f0000002400)=""/205, 0xcd}, 0x6}], 0x2, 0x0, &(0x7f0000002580)) dup(r2) close_range(r0, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f00000025c0), 0x0, 0x20000) 2.330714936s ago: executing program 3 (id=35): r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32) syz_emit_vhci(&(0x7f00000001c0)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (rerun: 32) symlinkat(0x0, 0xffffffffffffff9c, 0x0) (async, rerun: 32) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000010400000000feffffff00000000", @ANYRES32=0x0, @ANYBLOB="4605000001a00100d0090300706c616e3100000000000000000000000a0001000180b7000094457d3f26caa972"], 0x40}, 0x1, 0x0, 0x0, 0x4010}, 0x0) (rerun: 32) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0xbb11a2b331a808af, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) (async, rerun: 32) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYRES16=0x0], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0) (rerun: 32) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000000c0)={0x0, 0x0, 0x3}, 0x65) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="b0000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000c0000009c00058008000100756470001c000280080003000000000008000200000000000800020000000000080001006574680008000100756470000800030065746800140002800800030000000000080002000000000014000280080004"], 0xb0}}, 0x0) 1.529625642s ago: executing program 3 (id=37): bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073"], 0xd8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2) socket$packet(0x11, 0x3, 0x300) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000003}, 0x80) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x7, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x15}]}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.360185708s ago: executing program 0 (id=38): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x7, @remote}, r2}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000480)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0xa, 0x4e23, 0xb21, @mcast1}, r2, 0x8}}, 0x48) write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000080)={0x12, 0x10, 0xfa00, {0x0, r2, r1}}, 0x18) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000240)={0x10, 0x30, 0xfa00, {&(0x7f0000000200), 0x2, {0xa, 0x4e24, 0xfffffff7, @loopback, 0x8}, r2}}, 0x38) r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x8, &(0x7f0000000080)=0xff, 0x4) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405610, &(0x7f0000000040)={0x2}) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) r6 = socket(0x10, 0x803, 0x0) r7 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) dup2(r5, r3) sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=@newqdisc={0x494, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x468, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x10000}, @TCA_TBF_PARMS={0x28, 0x1, {{0xe2, 0x0, 0x84, 0x3, 0x4, 0x6}, {0x7f, 0x1, 0x3ffc, 0x7, 0x7, 0xcb75}, 0x10001, 0x800, 0xd5b}}, @TCA_TBF_PBURST={0x8, 0x7, 0xf23}, @TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x3, 0x7ff, 0x5, 0x1, 0x80000001}, {0x10, 0x0, 0x484, 0x6, 0x2, 0x101}, 0xffffff00, 0xbb2, 0x9b6}}, @TCA_TBF_RTAB={0x404, 0x2, [0xec, 0x9, 0x9, 0x800, 0x1, 0x8, 0x8, 0x3, 0x9, 0x80, 0x100, 0xef4a, 0x7ef, 0x7, 0xfe61, 0x8, 0x1c47, 0x7f, 0x0, 0x5, 0x4, 0x10001, 0x9, 0xa, 0x5, 0xb86, 0x4, 0x7, 0x40, 0x3, 0x4449, 0x40, 0x80000000, 0x77a8, 0x7ff, 0x1, 0x6, 0x5, 0x0, 0x0, 0x9, 0x10000, 0xfffffffd, 0x8, 0x1, 0x8, 0x80, 0x2, 0x2, 0x7, 0x101, 0x8, 0x8000, 0x0, 0x5, 0x7, 0x8b3d, 0xfffffffd, 0xfffffffa, 0xc, 0x8, 0x6b3, 0x5, 0x7, 0x6, 0x0, 0xffff7fff, 0x2, 0xabb, 0x9, 0x80000000, 0x5, 0x8, 0x5, 0x1cc760cd, 0x26, 0x1, 0x9, 0x3, 0xfffffff7, 0x8000, 0x80009, 0x2, 0x6, 0x80000001, 0x2ecd, 0xff, 0xfff, 0x0, 0x8000, 0x7, 0x1ff, 0x5, 0x0, 0x2, 0x7, 0xfffffff8, 0x4, 0x8000, 0x10, 0x2, 0x0, 0xc98, 0x7ff, 0x7, 0x1, 0x0, 0xa, 0x9dc, 0x2, 0x5, 0x2, 0x2, 0x5, 0x7f, 0x1, 0xa43d, 0x3, 0x911a, 0x8, 0x4, 0x4, 0x51, 0x2738951, 0x1, 0x7, 0xd6, 0x1, 0x7ff, 0xe, 0xc, 0x4, 0x3, 0xb8e, 0x1, 0x8001, 0x6, 0xb, 0x9, 0xe5, 0x3, 0x4, 0xf, 0x2, 0x7, 0x0, 0x401, 0x922, 0x34e, 0x9, 0x4, 0x40, 0x10001, 0x1, 0x0, 0xfffffffc, 0x6b8a9a31, 0xc33, 0x0, 0x2, 0x2, 0xe9, 0x1, 0x4, 0x4, 0x28, 0x5, 0x0, 0x10, 0x9, 0x1, 0x6d, 0x9, 0x3, 0x10001, 0x4, 0xffff, 0x0, 0x5, 0x9, 0x5, 0x5d7, 0x3d4, 0x5, 0x1000, 0x235, 0x80, 0x1, 0x4, 0x7, 0x3, 0x1, 0xfffffff7, 0x8, 0x7f, 0x3, 0x3, 0xe, 0x1ff, 0x81, 0x0, 0x14, 0x0, 0x8, 0xdbd, 0x9, 0xfffffffa, 0xffffe90f, 0x0, 0x7, 0xfffff000, 0x6, 0x4, 0xe60, 0x5, 0x28000, 0x7, 0x6, 0x3ff, 0x9, 0x2ff, 0xd03, 0x2c, 0x4, 0x25d, 0x1, 0x0, 0xc4100000, 0x8f, 0x2, 0x8, 0xaa, 0x80000000, 0x6, 0x3, 0x0, 0xffffffff, 0x7, 0x7fffffff, 0x523, 0xfffffffc, 0x1, 0x80000000, 0x8, 0x9, 0x80, 0x7ff, 0x7, 0xbbc5, 0x4, 0xffff7fff, 0x3, 0x3bb4, 0x9, 0x16, 0x8]}]}}]}, 0x494}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd26, 0x8000002, {0x0, 0x0, 0x0, r8, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008004}, 0x0) r9 = socket(0x10, 0x803, 0x0) r10 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd26, 0x2, {0x0, 0x0, 0x0, r11, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x42040}, 0x0) r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r12, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r13 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r13, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) 1.299809707s ago: executing program 0 (id=40): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0xffa1, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 1.23063525s ago: executing program 0 (id=41): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 9) 1.230285916s ago: executing program 1 (id=42): r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0), 0x20242, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000100)={0x1, 0xff}, 0x2) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc436a", 0x10) (async) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$nl_route_sched_retired(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000011d80)=@newtfilter={0x104c, 0x2c, 0x400, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x3, 0xfff1}, {0x9, 0xfff1}, {0xfff3, 0x7}}, [@f_rsvp6={{0xa}, {0x101c, 0x2, [@TCA_RSVP_POLICE={0x80c, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x0, 0x1, 0x21, 0x6, 0x4, 0x9, 0xa, 0x6, 0x3, 0xe23f, 0x243c, 0x58b, 0x1000, 0x2, 0x5, 0x6, 0x80000000, 0x1, 0x80000000, 0x7, 0x1, 0x7, 0xc7, 0x7, 0x5, 0x7, 0x200, 0x7, 0x7, 0xde7, 0x3, 0x88f00000, 0x30000000, 0x2, 0x6, 0x3, 0x5, 0xd3a, 0x3, 0x5, 0x4, 0x0, 0x0, 0x6, 0x39f0, 0x72, 0x7, 0x0, 0x28, 0x91, 0x4, 0x2, 0xffff, 0x3, 0x7, 0x1, 0xcc9, 0x6, 0x10000, 0x0, 0x1, 0x2, 0x9, 0xfffffffb, 0x7, 0x1, 0x0, 0x9a, 0xe25, 0x5, 0x9, 0x80, 0x200, 0xffff, 0x0, 0x7ff, 0x4027, 0xa, 0x1, 0x4, 0x8, 0x700, 0x0, 0xe97, 0x5, 0x4, 0x4, 0x6, 0x0, 0x10001, 0x4, 0x7, 0xb36, 0xe, 0x6, 0x6, 0x9, 0x7, 0x8000, 0x2, 0x3, 0x20, 0x0, 0x0, 0x101, 0x7, 0x13, 0x10, 0x2, 0xc, 0x5, 0x7, 0x4, 0xfffffffa, 0x9, 0x1, 0x1, 0x8, 0x81, 0x2, 0x0, 0xa, 0xffffffff, 0x6, 0x6, 0x8, 0x8, 0x8, 0x6a0ff34, 0xfffffff8, 0x0, 0x3, 0x7, 0x36, 0x401, 0xfffffff5, 0xac4, 0x5, 0x40, 0x80000000, 0x1, 0x85f, 0x3, 0x8, 0xfffffffc, 0x0, 0x4, 0x3, 0x5, 0x3, 0x300000, 0x1, 0x0, 0x8cb, 0x0, 0x9a89, 0x3, 0x1, 0xd, 0xfffffff8, 0xffff, 0xfffff1b5, 0x94f, 0x7, 0x2, 0x45, 0x8, 0x7, 0x2, 0x7fff, 0x2, 0x401, 0x0, 0x10000, 0x0, 0x4, 0x0, 0x6, 0x3, 0x1, 0x6, 0xffffffff, 0x1ff, 0x9, 0x951e, 0x10000, 0x2, 0x7fffffff, 0x6, 0x3, 0x6, 0x9, 0x1, 0x7, 0x3, 0x9, 0x2, 0x3, 0x4, 0x5, 0xa, 0x7d8, 0xff, 0x6, 0x2, 0x5, 0x11, 0x2e0c, 0x1ff, 0x0, 0x8, 0x6, 0x4, 0x3, 0x80000000, 0x9, 0x4, 0x5, 0xd, 0x6899, 0x2d87, 0x2, 0x8, 0x8, 0x8, 0x5, 0x4, 0x9, 0x1, 0x3, 0x6, 0x9, 0xff, 0x2000, 0x4, 0x75, 0x1, 0x4, 0x4, 0x0, 0xd, 0x5, 0x433, 0x9, 0x4, 0x5, 0x7ff, 0x200, 0x84, 0xfffffffb, 0x6, 0x5, 0x7, 0x7ff, 0x80000001]}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x964, 0x2, 0x5, 0x0, 0x3, 0x24000000, 0x3, 0x8, 0x307, 0x6, 0x80, 0x3, 0x3, 0x8000, 0x832b, 0x6, 0x10000, 0x0, 0x0, 0x5, 0x5, 0x1, 0x6, 0x93c, 0xf75f, 0x7, 0x7f, 0x0, 0x2800000, 0x6, 0x9, 0x3, 0xa, 0x6, 0x7, 0x3, 0x0, 0xaa3, 0x2, 0x101, 0x3, 0x9, 0x1, 0xe, 0x4, 0xfffffc01, 0x101, 0x8, 0x2, 0x3, 0x4, 0xffff, 0x7fffffff, 0x6, 0x5, 0x4a, 0xbcc, 0xff, 0x8, 0x5, 0xff, 0xff, 0x6, 0x9b4, 0x3, 0x2, 0x2, 0x1, 0x2, 0x0, 0x0, 0x0, 0x4, 0x81, 0x4, 0x8, 0x10000, 0x74f, 0x5, 0x7fffffff, 0x2, 0x4, 0x8, 0xfffffffa, 0x80, 0x1000, 0x400, 0x7, 0xd2a, 0x3, 0x400, 0x1b, 0x400, 0x4, 0x8, 0x10000, 0x1ff, 0x1, 0xad99, 0xff, 0xb, 0x3, 0x2, 0xa99, 0x4, 0xa, 0x6609, 0x5, 0x3, 0x4, 0x101, 0x7, 0x7, 0x21, 0x8, 0x8, 0x2, 0x1000, 0xc, 0x0, 0x5, 0x7fffffff, 0xffffffff, 0x9, 0xc, 0x1, 0x7ff, 0x9, 0x1, 0xff, 0x8, 0x7, 0xc, 0x5, 0x6, 0x8000, 0xc, 0x8, 0x37, 0x55, 0x4, 0x4, 0xefaf, 0x80000001, 0x4, 0x6, 0x0, 0x3, 0x1, 0x1, 0x9, 0xd25e, 0xc, 0x5a44, 0xd3, 0x3, 0x8, 0x6, 0x2, 0x4, 0x2d, 0xab, 0x6, 0xffff, 0x5, 0xb, 0x5, 0xffff6e32, 0x4, 0x800, 0xffff, 0x3, 0x1ff, 0x3da9, 0x6, 0x8, 0x2, 0x6, 0xf, 0x5, 0x78, 0x0, 0x7, 0x200000, 0xfff, 0x8001, 0x5, 0x1ff, 0x90000000, 0x7968a3e5, 0x5, 0x9, 0x7fff, 0x2, 0x81, 0x0, 0x100, 0x0, 0xfff, 0x6, 0x4, 0x10, 0x1ff, 0x7f, 0x9, 0x7, 0x10, 0x3, 0x3b, 0x2, 0xfffffff8, 0x9, 0x2, 0xffff7597, 0xc, 0x8, 0xfffffffb, 0x1, 0x2, 0xc, 0x9, 0x65c, 0xd, 0x7, 0x7, 0x5, 0x5, 0x2, 0x5, 0x0, 0x1, 0x0, 0x5, 0x9, 0x4, 0x1, 0x5, 0x8000, 0x1, 0x7, 0x21f, 0x24000000, 0x2, 0x8, 0x9, 0x4, 0x4bf, 0x1, 0x1, 0x6d9, 0x1, 0x0, 0x4, 0x0, 0x9]}]}, @TCA_RSVP_POLICE={0x80c, 0x5, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7, 0x6, 0xc, 0x80, 0x40, 0x7, 0x1, 0x7ed, 0x9, 0x9, 0x34b, 0x5, 0x7ff, 0x400, 0x7a8d, 0x4, 0x74e8b26a, 0x81, 0x2, 0x3, 0x6, 0x3, 0x9, 0x9, 0x7, 0xf, 0x5279, 0x10000, 0x7, 0x4, 0x9, 0x1, 0x25, 0x81f, 0xf, 0x9, 0x8, 0x1, 0x80000000, 0x8, 0x5, 0xe, 0xd37, 0x7, 0x800, 0x4, 0x10, 0x2, 0x2, 0xffffffff, 0x8001, 0x6, 0x3, 0xee99, 0x474, 0x10000, 0x9, 0x9, 0x8cce, 0x100, 0x2, 0x4, 0x7, 0xffffffff, 0x0, 0x6, 0xfffffff8, 0x8, 0x2, 0x1, 0x7, 0x1, 0xac, 0x3, 0x9, 0xfffffffc, 0x80, 0x10, 0x7fff, 0x7, 0x4, 0x2, 0x101, 0x78b, 0x7ff, 0x8, 0x78000000, 0x101, 0xc, 0x5, 0x3, 0xf534, 0x4, 0x2, 0x4000, 0x14ac, 0x64ebc947, 0x10001, 0xacd, 0x6, 0x6, 0xfffffffd, 0x0, 0x4, 0x2c, 0x0, 0x5, 0x7, 0x13a6, 0xb9, 0x1, 0x8, 0x1, 0x6, 0x5, 0x8, 0x1, 0x0, 0x80000000, 0xf73, 0x10001, 0x5, 0x10001, 0x9, 0x7, 0x8fcf, 0x63165378, 0x9, 0x8, 0x6, 0x6, 0x3, 0xf33, 0x3, 0x9, 0x498, 0x6, 0x9, 0xffff41fd, 0x2, 0x8, 0x4, 0x6, 0x6, 0x4, 0x7, 0x200, 0x0, 0x1, 0xff, 0x9, 0x5, 0xfffffff8, 0x7, 0x5, 0x6, 0x4, 0x0, 0x9, 0x1, 0x6, 0x3, 0x14f4, 0x8, 0x6, 0x9, 0x954, 0xc, 0x7fffffff, 0xffffffff, 0x480000, 0x8, 0x7, 0x8, 0x4401, 0x6, 0xe6, 0x4, 0x9, 0x0, 0xffffffff, 0xe9, 0x32, 0xf1, 0x800, 0x20080, 0x9, 0x1, 0x976, 0x0, 0x7, 0x8, 0x9, 0xffffc69c, 0xbb2, 0x4, 0x3, 0x9, 0x7fff, 0x16, 0xd, 0x3, 0x6, 0x1, 0x1ff, 0x80000001, 0x7, 0xb, 0x3c0b, 0xffffffff, 0x4, 0x3caa, 0x100, 0x2, 0x1, 0xfffffff9, 0x4, 0xd6c7, 0xffffe53f, 0x99, 0x0, 0x3, 0x7, 0xf, 0x7701, 0x7, 0x7, 0xfff, 0x280, 0x2, 0xc12, 0x7, 0x9, 0x1, 0x3, 0x3, 0x40000000, 0xff, 0x4, 0x3ff, 0x8, 0xe2e4, 0xf, 0x5, 0x200, 0x9, 0x0, 0x9, 0x5, 0x0, 0x3, 0x8, 0x0, 0x401, 0x9, 0xff]}, @TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x5, 0x100, 0xffffffff, 0x407, 0x8, 0xb8, 0x0, 0x80000000, 0x2, 0x1, 0x1, 0x9, 0x5, 0xffffff6a, 0xd09, 0x4, 0x3, 0x2, 0x6a, 0x6, 0x1, 0x9, 0x1, 0xfffffff8, 0x4, 0xde39, 0x2, 0x7f, 0x4837, 0x0, 0x92, 0x1, 0x8000000, 0x5, 0x9, 0x5, 0x9, 0x3, 0xffff, 0x81, 0x4, 0x8, 0x3ff, 0x3, 0xdac, 0x8, 0x7ff, 0x5, 0x634, 0x10001, 0x9, 0x4, 0x0, 0x1, 0x3, 0x5, 0x9, 0x400, 0x1, 0x86b0, 0x9, 0x4, 0x2, 0x6, 0x3, 0x101, 0xff, 0xc, 0x9, 0xfff, 0x2, 0x7, 0x4f0, 0x9, 0x80000001, 0x4, 0x0, 0x0, 0x4, 0xcab5, 0xed, 0x6, 0x7f, 0x40, 0x6, 0x9, 0x2, 0xb4, 0x7, 0x4, 0x7ff, 0xb2, 0x0, 0x5, 0x1, 0x7, 0xebe, 0x9, 0x2, 0x9, 0x0, 0x7, 0x6a, 0x680, 0x34a, 0x200, 0x4, 0x4d, 0x2, 0x1, 0x1, 0x3, 0x3, 0x6, 0x7, 0x2, 0x7fff, 0xf, 0xfe, 0x3, 0x9, 0x3, 0x6, 0x4, 0x800, 0xd9, 0xe, 0x1, 0xde2, 0x5, 0x1, 0x5d, 0xf17, 0x5, 0x6, 0x7, 0x9, 0x9, 0x2, 0x59, 0x1010, 0xd, 0x100, 0x680acdce, 0x9, 0x8, 0x2, 0x0, 0x7, 0xa41d, 0xb3, 0x40, 0x7, 0xffffff4a, 0x6, 0x0, 0x8, 0x6, 0x8, 0xa4, 0xd, 0x101, 0xfff, 0x78, 0x7, 0xb, 0x80000000, 0x8, 0x7f, 0xa, 0x7, 0x7, 0x8, 0x8b, 0x4, 0x1, 0x558, 0xc6f2, 0x7, 0x8, 0x3, 0x639, 0x6, 0x400, 0x10000, 0x9, 0xa05, 0x2, 0x4d58, 0x4, 0x6, 0x1, 0x9, 0x8, 0x5, 0x8000, 0xfffffff7, 0x3ff, 0x2, 0xb, 0x3, 0x9, 0x4a, 0x9, 0x7fff, 0x8, 0x1000, 0x6, 0x3, 0x9, 0x7c25, 0x6, 0x68, 0x9a0, 0x9, 0xfffffffe, 0x800a, 0xa60, 0x10001, 0xd76c, 0x9, 0x1, 0x6, 0xffff, 0x6e7, 0xad2, 0x1000, 0x40, 0x7, 0x65301570, 0x4, 0x7ff, 0xb676, 0x5, 0xe, 0x8, 0x3, 0x6340, 0x5, 0xa0f7, 0x6, 0x0, 0x1, 0x4, 0x8000, 0x40, 0x2, 0xefa2, 0x0, 0xf2c, 0xb, 0x8, 0x100, 0x8f3776d, 0x8]}]}]}}]}, 0x104c}, 0x1, 0x0, 0x0, 0x20044010}, 0x81) (async) recvmmsg$unix(r2, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000003c0)=""/4116, 0x1014}], 0x1}}], 0x1, 0x10000, 0x0) (async) write$USERIO_CMD_REGISTER(r0, &(0x7f00000004c0)={0x0, 0x4}, 0x2) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000140)={0x1, 0x73}, 0x2) 1.229272989s ago: executing program 1 (id=43): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x8003}}}}]}, 0x4c}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRES64=r3, @ANYRES32=0x0, @ANYBLOB="5b80010000000000140012800a000100767863616e00000004000280693e5bc8ba05b65d9bac59e6618636d984002229c927e1c415e7b7cb03f0ba98bb95d03a18ec051aef583ab04b68a700bcc2277f993481b17ef9a2ab5335945b19a234ef48f342313509f9f026f38e6a6883c7a11e7e80aa6f96154d2bfa019c17552d791f", @ANYRESHEX=r3, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x2004c895}, 0x850) 1.100161089s ago: executing program 1 (id=44): fanotify_init(0x4c, 0x800) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETGEN(r0, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000d40)={0x14, 0x10, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0xa}}, 0x14}}, 0x24000004) unshare(0x20000400) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e21, 0x7, @initdev={0xfe, 0x88, '\x00', 0x4, 0x0}, 0x5}, 0x1c) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e21, 0x6, @loopback}, 0x1c) r2 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r2, 0xc00864bf, &(0x7f0000000240)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r2, 0xc02864c3, &(0x7f0000000400)={&(0x7f00000001c0)=[r3], 0x800000000000002, 0x1, 0xb}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r2, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000080)=[r3], 0x0, 0x1}) r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000940), 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r4, 0xc0145401, &(0x7f0000000000)={{0x3, 0x2, 0xfffffffd, 0x2}, 0x0, 0x0, 'id0\x00', 'timer1\x00'}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x8, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0x8}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008081}, 0x20048004) r6 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x0) ioctl$F2FS_IOC_RESIZE_FS(r6, 0x4008f510, &(0x7f0000000140)=0x85) 1.099806045s ago: executing program 0 (id=45): r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) r1 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480) ioctl$LOOP_SET_DIRECT_IO(r1, 0xc0401289, 0x6e) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) getpid() fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) unshare(0x68040200) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0) prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000000), 0x400000, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x1268, &(0x7f0000000080)={0xffffffffffffffff, 0x300, {0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, "4874ef0904271a78949178fd825b775b5e55210c4037a557f88c97b6097ea4e9fdd1d167064e969100ff97aa6b42687995845c8c3ce42e76d6db19d5f4f5f283", "eba9d749fdc2dedff9641c2773c54efce1fa87820dae06070446988b8770438b12e6b80c265fdce83841f0f230d1f4fe7b5ba021316c17fb5112d7d0f278e48a", "993216b316a23f839af552fb85026e43c8ad3e80603200a6c188ec22bd7c4549"}}) r4 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_INFO(r4, 0x29, 0x40, &(0x7f00000000c0)={'nat\x00', 0x0, [0x0, 0xb3f, 0x20000005, 0x9, 0x9]}, &(0x7f0000000040)=0x54) ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0x40086200, &(0x7f00000000c0)=0x6) timer_create(0x7, &(0x7f0000000680)={0x0, 0x23, 0x0, @tid=r2}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 970.936229ms ago: executing program 3 (id=46): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004"], 0x328}}, 0x84) readv(r1, &(0x7f0000000740)=[{&(0x7f0000000180)=""/198, 0xc6}], 0x1) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x12, 0x1}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5488efdb7182c56410f69381af513b52f621ff6bd66f05b9874a87acc20c545fe588c98e90804865fa96f8330337b609d0e91d2e9de836899260d1e1c3535593f4178b6d7c5d26ff457f4b7f02bd6f775a0b2f684cf671e05d9d596961ecc2f8477d5d607400458904779df1fa47b5e0a58a19eea356e20fbdcc67eb1fa4f11071899c6f07081c26c3142c0326e9f54b468b4a8e52dfaaa851184e77af7ac6aff9282a435b8792cebca82b00514c5049f7613fc23448b73f3196134587cc34a4986454102e394e9037915982dad9a895381de74beef6097c6e7e9a96ba4cb3f062860d35b2cc0d8584"], 0x60}, 0x1, 0x0, 0x0, 0x4008840}, 0x2400c8d4) 915.589934ms ago: executing program 3 (id=47): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x21, &(0x7f0000000000)=0xff, 0x4) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x200001, 0x39) getdents64(r1, &(0x7f0000000180)=""/191, 0xbf) mount(&(0x7f0000000040)=@sr0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='iso9660\x00', 0x405, 0x0) 915.31231ms ago: executing program 3 (id=48): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000ccb000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r3 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000180)={r1, r2}) sendmmsg$inet(r3, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000027c0)="43debca6338a8b1838a1a65fd73830c3ee879d2f94322892ab8b314a19f75f8d71840095092ffb8ba0d8161ea6476f3e0ef318b11e0452aa352d0c446421c4992cd30bedce6cb5a569198f302eb25a1b87a81aec71bef0adff83a299fcdb46b6251d8d4deee3070f74698e8ddf4e9dc52a0a4bcf51d6a0b7ae6e24edf3c2a837676b5f8773d537be1fed0c2891a37b8956749e0fa5796441247250ce14746ec268eee341f15ea5bf51e6195ee5227ffe2e1909651138a22d6c25f920fbab5d65998791c5e99073ec367781aa360ed3b372f99059fe18538e882c9adfd057612a8374368f47ffc053437d7aee37f18d782dcf15369d0cd33d92f9f515e8da292c0fa85ed8ec89ffcd2488ce917bd625f420d23a90cedb8315c35f478e2a43a690db3e826324da886d61afb2269b6d2d34ab7d55aca651883eb10628286935d49ebb55c91babef12e311ff1b28ad5218f514f3467264b3ded13622be0cebd6579309e0a867f4126f5cf4514c6af331239bc7f28892730339c9116e24c15536e7236abdefcae3", 0x185}], 0x1}}], 0x1, 0x50) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=@ipv6_newroute={0x38, 0x18, 0x1, 0x70bd2c, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x2, 0xff}, [@RTA_OIF={0x8, 0x4, r5}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWT_BPF_XMIT_HEADROOM={0x8, 0x4, 0x66}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4901}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) ioctl$HIDIOCGNAME(r1, 0x80404806, &(0x7f00000002c0)) 829.886016ms ago: executing program 3 (id=51): syz_emit_ethernet(0x9e, &(0x7f0000000640)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004c00009000000000100690780a010100ac1414ff444c90e30000000000000002ac1e00010000ffff0a01010100000005ac1414aa004000007f000001000080010a010100000018c8ac1414aa001b0001ac1414aa000000050a010101720dca5a070fd9ac1e0001e000000200000000000091b987cce083725347350b6d8b083e22d28980e093434beaf3905a623b53882cecbfcc3a5a6cb2c8475b278741339ba6175b736da5dbbcade676d9aa6c0af21a8cf7b2c05ab6a6221525ecee8f4ade72949fd23d92d846d4aa6ade685234211c499c831d45618079b799ea95fc496ff58051d3129f936cd18f9aea89186e2445ddff4ea621b6d7891e235b2e46af548a64303e1639cc3a698d6d1731fa0d6cad7c0cda26c72ce8a7ada636da64ed4aa374ce0f3531a58a6901527cf30f3cb389fe78488b000e370ccc75341df211379600"/348, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="8000000090780000fe0bf989698d5d906a999d01"], 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) write$rfkill(r4, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000003f00000008000300", @ANYRES32=r3, @ANYBLOB="1c005e800800020001000000080001"], 0x38}, 0x1, 0x0, 0x0, 0x20048000}, 0x0) sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="8700002200", @ANYRES16=r1, @ANYBLOB="00042dbd7000fedbdf25030000000800040007000000080006000700000038000280080008007f0000001400010000000000000000000000000000000000080005000100000006000f0003000000080006000b0000003000028006000b000000000014000100e0000002000000000000000000000000080007000900000008000600060000001c00028006000f000400000006000f007906000006000f000dd600000800040003000000"], 0xb0}, 0x1, 0x0, 0x0, 0x20048014}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="380000005400010004000000fddbdf2507000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="000000007f00000a00000000000500000000000008"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40080) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f00000000c0)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0xc) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@verity_require}]}) r6 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x188) chdir(&(0x7f0000000140)='./bus\x00') write$binfmt_script(r6, &(0x7f0000000040), 0x4) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, 0x0) r7 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r7, 0x40049366, 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000380)={&(0x7f0000000280), 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="64008d40", @ANYRES16=r1, @ANYBLOB="200026bd7000fcdbdf250900000008000600040000004000018008000b007369700008000b0073697000080008000300000007000600736800000800050004000000140003007f0000010000000000000000000000000800060045050000"], 0x64}, 0x1, 0x0, 0x0, 0x4800}, 0x4000000) 720.051751ms ago: executing program 2 (id=52): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff, 0x6}) (async) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)=ANY=[@ANYBLOB="140100002d00010000000000fcdbdf250401f2800800180002ac0f"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) (async) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200001e00080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa40000000000000704000000feffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000300)='GPL\x00', 0x8, 0x1005, &(0x7f000001b180)=""/4101, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 718.767752ms ago: executing program 2 (id=53): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r2, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) sendto$netrom(r2, 0x0, 0x12, 0x0, &(0x7f0000000000)={{0x6, @rose}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000080)={0x3}) 379.766035ms ago: executing program 2 (id=54): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000140), 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'geneve0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r2}, 0x10, &(0x7f0000000100)={&(0x7f0000000080)={0x6, 0x28c, 0x1, {}, {}, {0x3, 0x0, 0x0, 0x1}, 0x1, @can={{0x1, 0x1, 0x1}, 0x5, 0x4, 0x0, 0x0, "2400e8fff15fe295"}}, 0x48}, 0x1, 0x0, 0x0, 0x4004014}, 0x20040841) r3 = socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}}) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETS(r5, 0x89f3, &(0x7f00000000c0)={0x4, 0x0, 0x0, 0x7ff, 0xa, "5dee000000594000"}) ioctl$SOUND_MIXER_READ_VOLUME(r4, 0x40086603, &(0x7f0000000040)) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x5c, 0x1, 0x1, 0x301, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x4ad}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @remote}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000850}, 0x20040040) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r7, 0x8983, &(0x7f0000000000)={0x0, 'hsr0\x00', {}, 0x1c0}) r8 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x89e2, &(0x7f0000000100)={r8}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r9, 0x11d, 0xf, 0x0, &(0x7f0000000240)) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x103003, 0x0) 251.044432ms ago: executing program 2 (id=55): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 10) 248.190878ms ago: executing program 1 (id=56): bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073"], 0xd8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ec3ca1c0c"], 0x7) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x7, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x15}]}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 159.239285ms ago: executing program 2 (id=57): r0 = socket(0x25, 0x2, 0xf1) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000000)=0x1, 0x4) (async) write$nbd(r0, &(0x7f0000000040)={0x67446698, 0x1, 0x4, 0x0, 0x2, "d318d6e235855a33d22361135a38e6ce910ebda72923237c7dae9f0ea4d023a2fd66830b6391d87caebf9549e61f7aca8e9f92c4fff95f9f180bb3a879b95aa64398180c129fd232ac43c7302c9968a857e071c12bffa792c552eaaec63bed99017f1d8465949ff924"}, 0x79) r1 = accept4$vsock_stream(r0, &(0x7f00000000c0)={0x28, 0x0, 0x0, @local}, 0x10, 0x180800) (async) r2 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000100), 0x400000, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000140)={r1, r2}) (async) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000180)=0xe04) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f00000001c0)={"4a1111a1cdbd889c53bf8de4f42d7475", 0x0, 0x0, {0x7, 0x80000000}, {0x55dd, 0x5}, 0x0, [0x5, 0x7, 0xffffffffffffffff, 0x80000001, 0x0, 0x100000001, 0x5, 0x400, 0x98, 0x8001, 0x2, 0x9, 0x9, 0x7, 0x7fff, 0x5]}) ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f00000002c0)=r3) ioctl$SNDCTL_SYNTH_ID(r2, 0xc08c5114, &(0x7f0000000300)={"5217872da338b1e0d22ea5ec86e031402fdc2634efcabecaf1665db79918", 0x0, 0x2, 0x0, 0x2, 0x9, 0x80, 0xe, 0x4, [0x9bc9, 0x9, 0x18b0, 0x8, 0x5, 0x3, 0x401, 0x10001, 0x8, 0x5ab, 0x7, 0x5, 0x10, 0x1e, 0xe, 0x0, 0x8, 0x80000000, 0x5]}) (async) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@remote}}, &(0x7f00000004c0)=0xe8) quotactl_fd$Q_QUOTAON(r0, 0xffffffff80000200, r5, &(0x7f0000000500)='./file0\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000540)={0x10004, 0x1, 0x11a002, 0x2000, &(0x7f0000ffc000/0x2000)=nil}) (async) syz_open_dev$sndmidi(&(0x7f0000000580), 0xec, 0x141080) (async) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f00000005c0)={0x0, 0x7}, &(0x7f0000000600)=0x8) (async) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000640)={0x0, 0x8e, 0x10}, &(0x7f0000000680)=0xc) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000006c0)={r6, 0x9, 0x6, 0x200, 0x8, 0xd315, 0xfff9, 0x6e, {r7, @in={{0x2, 0x4e22, @broadcast}}, 0x0, 0x81, 0x4, 0x81, 0x9}}, &(0x7f0000000780)=0xb0) sendmsg$kcm(r2, &(0x7f00000009c0)={&(0x7f00000007c0)=@isdn={0x22, 0x1, 0x1b, 0x5, 0x3}, 0x80, &(0x7f0000000840), 0x0, &(0x7f0000000880)=[{0xc0, 0xff, 0xa, "0718dd5172c184ff90c6b4ac5981829819f4125c128bf8f00431a9a16c9b32060fb4bd6625ad343e31793ee582f3742afe7164189d29087b467156a64a13af9bec465c930f977ffeafecbb30f43a162b097c5614fce5c3a19c9d54d33c41932b11446574d077107734aa65aa6ac94a7bcb19e827287b0ae37a5ae8b35c2fa79bc49e9cea7ddab338dca4a393087436d461ff6e11fc4055d39ea1811f4b0835a9422dd4525a936db713b4ff719468da80"}, {0x78, 0x6, 0xfffffff9, "d08a8ec9cbb6681f3a72c7b0ce5f3dcc3cae74d7f1f5b7734968acd259f4c2c21bd24cad544051b2373762797f89b56685c27700e70d9b9a9ac45e2fb6a83338c8f83fb44679a53b21c868977ee9724e8bb3c26b7fdf5f6d5c2fdff17e8cd7d2c15ab4c25c60dae0"}], 0x138}, 0x20040800) (async) r8 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000a00), 0x842401, 0x0) ioctl$I2C_FUNCS(r8, 0x705, &(0x7f0000000a40)=0x10000) (async) setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f0000000a80)=0x7, 0x4) (async, rerun: 32) r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000b40)=0xffffffffffffffff, 0x4) (rerun: 32) bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x5, 0x7fff, 0xdd7, 0x3, 0x4c83c, r2, 0x8001, '\x00', 0x0, r2, 0x1, 0x4, 0x2, 0x0, @value=r9, @void, @void, @value}, 0x50) ioctl$MEDIA_IOC_DEVICE_INFO(r8, 0xc1007c00, &(0x7f0000000b80)) (async) r10 = accept4$ax25(r8, 0x0, &(0x7f0000000c80), 0x800) accept4$ax25(r10, &(0x7f0000000cc0)={{0x3, @netrom}, [@null, @remote, @bcast, @bcast, @null, @remote, @default, @netrom]}, &(0x7f0000000d40)=0x48, 0x80000) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=@base={0x1c, 0x0, 0x1, 0x8, 0x200, 0x1, 0x0, '\x00', r4, r8, 0x2, 0x1, 0x5, 0x0, @void, @value, @void, @value}, 0x50) (async, rerun: 32) r11 = epoll_create(0x0) (rerun: 32) epoll_ctl$EPOLL_CTL_DEL(r11, 0x2, 0xffffffffffffffff) 80.609666ms ago: executing program 1 (id=58): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0xf0ffff, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 80.299208ms ago: executing program 0 (id=59): openat$nullb(0xffffffffffffff9c, &(0x7f00000045c0), 0x0, 0x0) r0 = syz_io_uring_setup(0x7440, &(0x7f00000004c0)={0x0, 0xa6e9, 0x10100, 0x2, 0xfffffffb}, &(0x7f0000000140)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0xce, 0x0, 0x1}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x0, [0x2, 0xd0, 0xffff]}, &(0x7f0000000000)=0x44) r5 = dup2(r4, 0xffffffffffffffff) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) r7 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40400) ioctl$HCIINQUIRY(r5, 0x800448f0, &(0x7f0000000240)={0xffffffffffffffff, 0x3, "608a72", 0x7f, 0xff}) ioctl$VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000100)={0x9, @sdr={0x52424752, 0xff}}) ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000200)={'vxcan1\x00', @broadcast}) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r8) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)={0x24, r9, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0xad}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x40) ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000340)={0x0, 0x10002, 0x4, {0x1, @win={{}, 0x3, 0x6, 0x0, 0x0, 0x0}}, 0x8000}) 80.009585ms ago: executing program 1 (id=60): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x1) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/24, 0xfd90}], 0x1) (async) r1 = fcntl$dupfd(r0, 0x0, r0) (async) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x0, 0x11, 0x148, 0x340, 0x0, 0x428, 0x2a8, 0x2a8, 0x428, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x20000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x26, 0x0, [{0x3, 0xff, 0x1, 0xfff}, {0x6, 0x8c, 0x3, 0x8}, {0x9, 0x2, 0xe, 0x3}, {0xfaf, 0x2, 0x1, 0xec}, {0x9, 0x9, 0xe, 0x7f}, {0xf523, 0x7, 0xf, 0x2}, {0x7ed, 0x1, 0x6, 0x58}, {0xbbd5, 0x82, 0x9, 0x81}, {0x9, 0x1, 0x0, 0xff9}, {0x5, 0x5, 0x1, 0x5}, {0x8, 0x3, 0x4, 0x8}, {0x7, 0x8, 0x5}, {0xc, 0xe7, 0xa, 0x66}, {0x5, 0x1, 0x5}, {0x623a, 0x0, 0x8, 0x8}, {0x2, 0x7, 0xa5, 0x7}, {0x7, 0x7, 0x6, 0x8}, {0x81, 0x4, 0x1, 0xa}, {0x5, 0xdc, 0x7}, {0x0, 0xff, 0xe7, 0x3}, {0x7, 0x5, 0x8f, 0xce}, {0x1, 0x1, 0x9, 0x3}, {0xfff8, 0x5, 0x80, 0x1}, {0x4d42, 0x7a, 0x9, 0x5}, {0x4, 0x5, 0x9, 0x80}, {0x9f, 0x2, 0xde, 0x8}, {0x0, 0x2, 0x51, 0x4}, {0x6, 0x5, 0x5, 0x20a}, {0x800, 0x40, 0x80, 0x953}, {0x4, 0x2e, 0xb, 0x10}, {0x0, 0x3, 0x6b}, {0x8, 0x4, 0x5, 0x6}, {0x2, 0xc3, 0x7, 0x1a17}, {0x3bc4, 0x8, 0xf, 0x2}, {0x7ff, 0xcb, 0xc, 0x1ff}, {0x7, 0x79, 0x4, 0x1}, {0x6, 0x9, 0x97, 0x10000}, {0x3ff, 0xc, 0xff, 0x2}, {0x3, 0xf, 0x0, 0x3}, {0x2, 0xc0, 0x4}, {0x6, 0x0, 0x6, 0x8001}, {0x6, 0x6, 0xff, 0x8}, {0x92, 0xf7, 0x3, 0x3ff}, {0x2, 0xfd, 0xd, 0xfffffff8}, {0xfde1, 0x6, 0x0, 0x8}, {0x5, 0x1, 0x6, 0x9}, {0xc0, 0x5, 0x3, 0x1000}, {0x0, 0x6, 0x2, 0x1}, {0x0, 0x8, 0x0, 0x6}, {0x1, 0x7, 0x9, 0x3}, {0xc000, 0x0, 0x8, 0x1}, {0x9, 0x7, 0xff, 0x401}, {0xb1aa, 0x3, 0xd4}, {0x3, 0x87, 0xbf}, {0xa, 0x7, 0xf, 0xfffffffd}, {0xf, 0x4, 0x1}, {0x9, 0x10, 0x2, 0xfffffff7}, {0x3, 0x43, 0x7, 0x8}, {0x9, 0xe0, 0xad}, {0x8, 0x10, 0x40, 0xffff}, {0x6, 0x2, 0x9, 0x4}, {0x6, 0x7, 0xe, 0xfffffffb}, {0x40, 0x7, 0xe2, 0x8}, {0x200, 0x7f, 0x9, 0xedd}], {0xfffffffffffffffb}}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00', {}, {}, 0x33}, 0x0, 0xc0, 0xe8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@ttl={{0x28}, {0x2, 0xa0}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x3, 0x4, 0x2}, {0x3, 0x3, 0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x520) (async) write$sndseq(r1, &(0x7f0000000400)=[{0x0, 0x0, 0xfe, 0x0, @tick=0x5, {0x0, 0xb8}, {0x4, 0x6}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x4, @time={0x7f, 0xa77d}, {0x6, 0x4}, {}, @time=@tick=0xb}, {0x52, 0x5, 0xb, 0x1, @tick=0xffff0d3a, {0x3, 0x7b}, {0x0, 0xb}, @control={0x0, 0x1, 0x4}}], 0x54) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES16=r1, @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) (async, rerun: 64) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) (async, rerun: 64) r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r7 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x2) write$qrtrtun(r6, &(0x7f0000000300)="1b6ac0506313b3e8", 0x8) (async) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0) (async) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(r8, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) (async, rerun: 64) setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d4", 0x5) (async, rerun: 64) r9 = accept4(r8, 0x0, 0x0, 0x0) r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r9) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x84, r10, 0x8, 0x70bd2c, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x6}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x6}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffffe}}]}, 0x84}, 0x1, 0x0, 0x0, 0x113559f048225d67}, 0x20000800) (async) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r11, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40) (async) dup2(r4, r5) 0s ago: executing program 2 (id=61): r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x7c) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETCARRIER(r1, 0x400454e2, &(0x7f0000000180)=0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000017010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x1) getsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, 0x0, &(0x7f00000000c0)) unlink(&(0x7f0000000240)='./file0\x00') kernel console output (not intermixed with test programs): [ 38.126641][ T40] audit: type=1400 audit(1749584989.429:61): avc: denied { siginh } for pid=5846 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:24306' (ED25519) to the list of known hosts. [ 39.030735][ T40] audit: type=1400 audit(1749584990.349:62): avc: denied { name_bind } for pid=5853 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 39.052260][ T40] audit: type=1400 audit(1749584990.379:63): avc: denied { write } for pid=5854 comm="sh" path="pipe:[3836]" dev="pipefs" ino=3836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 39.063914][ T40] audit: type=1400 audit(1749584990.389:64): avc: denied { execute } for pid=5854 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 39.070519][ T40] audit: type=1400 audit(1749584990.389:65): avc: denied { execute_no_trans } for pid=5854 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 41.085332][ T40] audit: type=1400 audit(1749584992.409:66): avc: denied { mounton } for pid=5854 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 41.088353][ T5854] cgroup: Unknown subsys name 'net' [ 41.255350][ T5854] cgroup: Unknown subsys name 'cpuset' [ 41.259796][ T5854] cgroup: Unknown subsys name 'rlimit' [ 41.471964][ T5877] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 42.245642][ T5854] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.940247][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 44.940263][ T40] audit: type=1400 audit(1749584996.259:80): avc: denied { execmem } for pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.144015][ T40] audit: type=1400 audit(1749584996.469:81): avc: denied { create } for pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.149968][ T40] audit: type=1400 audit(1749584996.469:82): avc: denied { read write } for pid=5938 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.160728][ T40] audit: type=1400 audit(1749584996.469:83): avc: denied { open } for pid=5938 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.167873][ T40] audit: type=1400 audit(1749584996.479:84): avc: denied { ioctl } for pid=5938 comm="syz-executor" path="socket:[3029]" dev="sockfs" ino=3029 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.178679][ T5940] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.182021][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.184408][ T5940] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.189432][ T5945] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.192364][ T5946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.194771][ T5946] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.197624][ T5946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.200312][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.203077][ T5946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.205668][ T5946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.208085][ T5946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.217354][ T5953] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.218365][ T5951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.219233][ T40] audit: type=1400 audit(1749584996.539:85): avc: denied { read } for pid=5949 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.219262][ T40] audit: type=1400 audit(1749584996.539:86): avc: denied { open } for pid=5949 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.219283][ T40] audit: type=1400 audit(1749584996.539:87): avc: denied { mounton } for pid=5949 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 45.219745][ T5953] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.221617][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.222652][ T5951] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.223043][ T5951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.253746][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.256925][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.259326][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.373060][ T40] audit: type=1400 audit(1749584996.699:88): avc: denied { module_request } for pid=5942 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 45.426680][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 45.489105][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 45.603934][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.606125][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.608503][ T5942] bridge_slave_0: entered allmulticast mode [ 45.611135][ T5942] bridge_slave_0: entered promiscuous mode [ 45.660823][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.663471][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.665848][ T5942] bridge_slave_1: entered allmulticast mode [ 45.668503][ T5942] bridge_slave_1: entered promiscuous mode [ 45.672120][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 45.738113][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 45.759051][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.761417][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.763723][ T5949] bridge_slave_0: entered allmulticast mode [ 45.766257][ T5949] bridge_slave_0: entered promiscuous mode [ 45.770796][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.779332][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.788993][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.791184][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.793754][ T5949] bridge_slave_1: entered allmulticast mode [ 45.796388][ T5949] bridge_slave_1: entered promiscuous mode [ 45.921443][ T5942] team0: Port device team_slave_0 added [ 45.927228][ T5942] team0: Port device team_slave_1 added [ 45.944218][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.016005][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.018829][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.020970][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.023788][ T5947] bridge_slave_0: entered allmulticast mode [ 46.026818][ T5947] bridge_slave_0: entered promiscuous mode [ 46.029714][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.031969][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.039768][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.043888][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.046133][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.048396][ T5938] bridge_slave_0: entered allmulticast mode [ 46.051055][ T5938] bridge_slave_0: entered promiscuous mode [ 46.068586][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.070747][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.073195][ T5947] bridge_slave_1: entered allmulticast mode [ 46.075753][ T5947] bridge_slave_1: entered promiscuous mode [ 46.078438][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.081224][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.091322][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.102248][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.105228][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.108197][ T5938] bridge_slave_1: entered allmulticast mode [ 46.112557][ T5938] bridge_slave_1: entered promiscuous mode [ 46.180450][ T5949] team0: Port device team_slave_0 added [ 46.198768][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.203157][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.208344][ T5949] team0: Port device team_slave_1 added [ 46.226484][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.230998][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.254759][ T5942] hsr_slave_0: entered promiscuous mode [ 46.257234][ T5942] hsr_slave_1: entered promiscuous mode [ 46.304402][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.306581][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.314339][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.347938][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.350416][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.359098][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.364435][ T5947] team0: Port device team_slave_0 added [ 46.368306][ T5938] team0: Port device team_slave_0 added [ 46.387945][ T5947] team0: Port device team_slave_1 added [ 46.391394][ T5938] team0: Port device team_slave_1 added [ 46.423444][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.425536][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.433349][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.471442][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.473596][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.481095][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.555291][ T5949] hsr_slave_0: entered promiscuous mode [ 46.557423][ T5949] hsr_slave_1: entered promiscuous mode [ 46.559416][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.561775][ T5949] Cannot create hsr debugfs directory [ 46.564662][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.566748][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.574490][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.581853][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.583941][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.591581][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.634611][ T5938] hsr_slave_0: entered promiscuous mode [ 46.636699][ T5938] hsr_slave_1: entered promiscuous mode [ 46.638654][ T5938] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.640960][ T5938] Cannot create hsr debugfs directory [ 46.734407][ T5947] hsr_slave_0: entered promiscuous mode [ 46.736688][ T5947] hsr_slave_1: entered promiscuous mode [ 46.738822][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.741205][ T5947] Cannot create hsr debugfs directory [ 46.952988][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.981973][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.990996][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.001146][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.044296][ T5949] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.048990][ T5949] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.056641][ T5949] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.060451][ T5949] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 47.117010][ T5947] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 47.122412][ T5947] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 47.126400][ T5947] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 47.131109][ T5947] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.184749][ T5938] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.192215][ T5938] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.198552][ T5938] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.205072][ T5938] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.223541][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.252990][ T5940] Bluetooth: hci3: command tx timeout [ 47.261119][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.262899][ T5940] Bluetooth: hci0: command tx timeout [ 47.262919][ T5952] Bluetooth: hci1: command tx timeout [ 47.267400][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.284089][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.286401][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.301715][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.306313][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.308512][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.332062][ T5940] Bluetooth: hci2: command tx timeout [ 47.333292][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.336589][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.353695][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.356606][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.406802][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.418376][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.434994][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.442271][ T40] audit: type=1400 audit(1749584998.769:89): avc: denied { sys_module } for pid=5949 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 47.450218][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.452781][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.457034][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.459302][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.463909][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.469095][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.471521][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.485129][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.487428][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.542449][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.558905][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.580297][ T5949] veth0_vlan: entered promiscuous mode [ 47.585526][ T5949] veth1_vlan: entered promiscuous mode [ 47.604581][ T5942] veth0_vlan: entered promiscuous mode [ 47.612398][ T5942] veth1_vlan: entered promiscuous mode [ 47.626557][ T5949] veth0_macvtap: entered promiscuous mode [ 47.634751][ T5949] veth1_macvtap: entered promiscuous mode [ 47.640615][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.647159][ T5942] veth0_macvtap: entered promiscuous mode [ 47.654297][ T5942] veth1_macvtap: entered promiscuous mode [ 47.665635][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.677893][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.684367][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.700994][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.704121][ T5949] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.706859][ T5949] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.709443][ T5949] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.713252][ T5949] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.727449][ T5947] veth0_vlan: entered promiscuous mode [ 47.730699][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.744643][ T5942] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.747389][ T5942] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.749998][ T5942] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.753198][ T5942] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.763856][ T5947] veth1_vlan: entered promiscuous mode [ 47.812175][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.814646][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.829998][ T5938] veth0_vlan: entered promiscuous mode [ 47.838232][ T5947] veth0_macvtap: entered promiscuous mode [ 47.841196][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.845231][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.847794][ T5947] veth1_macvtap: entered promiscuous mode [ 47.856600][ T5938] veth1_vlan: entered promiscuous mode [ 47.869052][ T1196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.871562][ T1196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.885412][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.887958][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.892999][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.900520][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.904882][ T5938] veth0_macvtap: entered promiscuous mode [ 47.913603][ T5949] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.914459][ T5947] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.921278][ T5947] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.924858][ T5947] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.927518][ T5947] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.940804][ T5938] veth1_macvtap: entered promiscuous mode [ 47.966596][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.974582][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.986670][ T5938] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.989342][ T5938] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.995519][ T5938] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.998436][ T5938] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.021248][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.024937][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.046098][ T6034] process 'syz.1.6' launched './file0' with NULL argv: empty string added [ 48.062276][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.065548][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.106422][ T6042] FAULT_INJECTION: forcing a failure. [ 48.106422][ T6042] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 48.110527][ T6042] CPU: 3 UID: 0 PID: 6042 Comm: syz.0.9 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 48.110541][ T6042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 48.110548][ T6042] Call Trace: [ 48.110552][ T6042] [ 48.110556][ T6042] dump_stack_lvl+0x16c/0x1f0 [ 48.110576][ T6042] should_fail_ex+0x512/0x640 [ 48.110593][ T6042] strncpy_from_user+0x3b/0x2e0 [ 48.110609][ T6042] getname_flags.part.0+0x8f/0x550 [ 48.110622][ T6042] getname_flags+0x93/0xf0 [ 48.110636][ T6042] user_path_at+0x24/0x60 [ 48.110650][ T6042] __x64_sys_mount+0x1fc/0x310 [ 48.110667][ T6042] ? __pfx___x64_sys_mount+0x10/0x10 [ 48.110688][ T6042] do_syscall_64+0xcd/0x4c0 [ 48.110705][ T6042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.110716][ T6042] RIP: 0033:0x7f8dbed8e929 [ 48.110725][ T6042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.110735][ T6042] RSP: 002b:00007f8dbfcdc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 48.110745][ T6042] RAX: ffffffffffffffda RBX: 00007f8dbefb5fa0 RCX: 00007f8dbed8e929 [ 48.110752][ T6042] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 48.110758][ T6042] RBP: 00007f8dbfcdc090 R08: 0000200000000180 R09: 0000000000000000 [ 48.110764][ T6042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 48.110770][ T6042] R13: 0000000000000000 R14: 00007f8dbefb5fa0 R15: 00007ffee90f4598 [ 48.110783][ T6042] [ 48.130168][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.173680][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.197130][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.200291][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.250410][ T6048] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 48.334993][ T6066] Zero length message leads to an empty skb [ 48.377339][ T6070] FAULT_INJECTION: forcing a failure. [ 48.377339][ T6070] name failslab, interval 1, probability 0, space 0, times 1 [ 48.381192][ T6070] CPU: 3 UID: 0 PID: 6070 Comm: syz.0.19 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 48.381208][ T6070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 48.381215][ T6070] Call Trace: [ 48.381220][ T6070] [ 48.381224][ T6070] dump_stack_lvl+0x16c/0x1f0 [ 48.381245][ T6070] should_fail_ex+0x512/0x640 [ 48.381260][ T6070] ? fs_reclaim_acquire+0xae/0x150 [ 48.381272][ T6070] ? tomoyo_encode2+0x100/0x3e0 [ 48.381287][ T6070] should_failslab+0xc2/0x120 [ 48.381303][ T6070] __kmalloc_noprof+0xd2/0x510 [ 48.381320][ T6070] tomoyo_encode2+0x100/0x3e0 [ 48.381337][ T6070] tomoyo_encode+0x29/0x50 [ 48.381351][ T6070] tomoyo_mount_acl+0x144/0x850 [ 48.381365][ T6070] ? kernel_text_address+0x8d/0x100 [ 48.381376][ T6070] ? __kernel_text_address+0xd/0x40 [ 48.381387][ T6070] ? unwind_get_return_address+0x59/0xa0 [ 48.381405][ T6070] ? arch_stack_walk+0xa6/0x100 [ 48.381416][ T6070] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 48.381434][ T6070] ? stack_trace_save+0x8e/0xc0 [ 48.381458][ T6070] ? tomoyo_domain+0xbb/0x150 [ 48.381468][ T6070] ? tomoyo_profile+0x47/0x60 [ 48.381486][ T6070] tomoyo_mount_permission+0x16d/0x420 [ 48.381499][ T6070] ? tomoyo_mount_permission+0x14f/0x420 [ 48.381514][ T6070] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 48.381540][ T6070] security_sb_mount+0x9b/0x260 [ 48.381556][ T6070] path_mount+0x128/0x2020 [ 48.381573][ T6070] ? kmem_cache_free+0x2d1/0x4d0 [ 48.381586][ T6070] ? __pfx_path_mount+0x10/0x10 [ 48.381604][ T6070] ? putname+0x154/0x1a0 [ 48.381622][ T6070] __x64_sys_mount+0x28d/0x310 [ 48.381639][ T6070] ? __pfx___x64_sys_mount+0x10/0x10 [ 48.381660][ T6070] do_syscall_64+0xcd/0x4c0 [ 48.381678][ T6070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.381688][ T6070] RIP: 0033:0x7f8dbed8e929 [ 48.381697][ T6070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.381707][ T6070] RSP: 002b:00007f8dbfcdc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 48.381718][ T6070] RAX: ffffffffffffffda RBX: 00007f8dbefb5fa0 RCX: 00007f8dbed8e929 [ 48.381725][ T6070] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 48.381731][ T6070] RBP: 00007f8dbfcdc090 R08: 0000200000000180 R09: 0000000000000000 [ 48.381737][ T6070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 48.381743][ T6070] R13: 0000000000000000 R14: 00007f8dbefb5fa0 R15: 00007ffee90f4598 [ 48.381756][ T6070] [ 48.470709][ T6080] ipvlan2: entered promiscuous mode [ 48.476024][ T6080] bridge0: port 3(ipvlan2) entered blocking state [ 48.478089][ T6080] bridge0: port 3(ipvlan2) entered disabled state [ 48.480746][ T6080] ipvlan2: entered allmulticast mode [ 48.482977][ T6080] bridge0: entered allmulticast mode [ 48.485771][ T6080] ipvlan2: left allmulticast mode [ 48.487383][ T6080] bridge0: left allmulticast mode [ 48.720666][ T6109] FAULT_INJECTION: forcing a failure. [ 48.720666][ T6109] name failslab, interval 1, probability 0, space 0, times 0 [ 48.725198][ T6109] CPU: 0 UID: 0 PID: 6109 Comm: syz.2.31 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 48.725221][ T6109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 48.725227][ T6109] Call Trace: [ 48.725231][ T6109] [ 48.725235][ T6109] dump_stack_lvl+0x16c/0x1f0 [ 48.725258][ T6109] should_fail_ex+0x512/0x640 [ 48.725274][ T6109] ? fs_reclaim_acquire+0xae/0x150 [ 48.725286][ T6109] ? tomoyo_encode2+0x100/0x3e0 [ 48.725300][ T6109] should_failslab+0xc2/0x120 [ 48.725316][ T6109] __kmalloc_noprof+0xd2/0x510 [ 48.725333][ T6109] tomoyo_encode2+0x100/0x3e0 [ 48.725350][ T6109] tomoyo_encode+0x29/0x50 [ 48.725364][ T6109] tomoyo_mount_acl+0x144/0x850 [ 48.725377][ T6109] ? kernel_text_address+0x8d/0x100 [ 48.725389][ T6109] ? __kernel_text_address+0xd/0x40 [ 48.725400][ T6109] ? unwind_get_return_address+0x59/0xa0 [ 48.725417][ T6109] ? arch_stack_walk+0xa6/0x100 [ 48.725429][ T6109] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 48.725447][ T6109] ? stack_trace_save+0x8e/0xc0 [ 48.725472][ T6109] ? tomoyo_domain+0xbb/0x150 [ 48.725481][ T6109] ? tomoyo_profile+0x47/0x60 [ 48.725499][ T6109] tomoyo_mount_permission+0x16d/0x420 [ 48.725513][ T6109] ? tomoyo_mount_permission+0x14f/0x420 [ 48.725528][ T6109] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 48.725550][ T6109] security_sb_mount+0x9b/0x260 [ 48.725565][ T6109] path_mount+0x128/0x2020 [ 48.725584][ T6109] ? kmem_cache_free+0x2d1/0x4d0 [ 48.725596][ T6109] ? __pfx_path_mount+0x10/0x10 [ 48.725615][ T6109] ? putname+0x154/0x1a0 [ 48.725633][ T6109] __x64_sys_mount+0x28d/0x310 [ 48.725650][ T6109] ? __pfx___x64_sys_mount+0x10/0x10 [ 48.725667][ T6109] ? getname_flags.part.0+0x1c5/0x550 [ 48.725681][ T6109] do_syscall_64+0xcd/0x4c0 [ 48.725699][ T6109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.725709][ T6109] RIP: 0033:0x7f5434f8e929 [ 48.725719][ T6109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.725729][ T6109] RSP: 002b:00007f5435ea5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 48.725740][ T6109] RAX: ffffffffffffffda RBX: 00007f54351b5fa0 RCX: 00007f5434f8e929 [ 48.725746][ T6109] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 48.725752][ T6109] RBP: 00007f5435ea5090 R08: 0000200000000180 R09: 0000000000000000 [ 48.725758][ T6109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 48.725764][ T6109] R13: 0000000000000000 R14: 00007f54351b5fa0 R15: 00007ffc578f18d8 [ 48.725777][ T6109] [ 48.815586][ T5974] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 48.824983][ T6111] netlink: 16 bytes leftover after parsing attributes in process `syz.3.30'. [ 48.829312][ T6111] netlink: 12 bytes leftover after parsing attributes in process `syz.3.30'. [ 48.921967][ T6114] capability: warning: `syz.2.32' uses 32-bit capabilities (legacy support in use) [ 48.941907][ T6006] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 48.965683][ T5974] usb 5-1: not running at top speed; connect to a high speed hub [ 48.969968][ T5974] usb 5-1: config 1 interface 0 has no altsetting 0 [ 48.976512][ T5974] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 48.980039][ T5974] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 48.983746][ T5974] usb 5-1: Product: syz [ 48.985551][ T5974] usb 5-1: Manufacturer: 《 [ 48.987451][ T5974] usb 5-1: SerialNumber: syz [ 49.027888][ T6120] netlink: 52 bytes leftover after parsing attributes in process `syz.3.35'. [ 49.030905][ T6120] netlink: 8 bytes leftover after parsing attributes in process `syz.3.35'. [ 49.033960][ T6120] tipc: MTU too low for tipc bearer [ 49.122125][ T6006] usb 6-1: Using ep0 maxpacket: 8 [ 49.127495][ T6006] usb 6-1: config 1 interface 0 altsetting 8 bulk endpoint 0x82 has invalid maxpacket 8 [ 49.130494][ T6006] usb 6-1: config 1 interface 0 altsetting 8 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 49.134633][ T6006] usb 6-1: config 1 interface 0 has no altsetting 0 [ 49.138287][ T6006] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 49.140969][ T6006] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 49.143600][ T6006] usb 6-1: Product: syz [ 49.144882][ T6006] usb 6-1: Manufacturer: ఄ [ 49.146313][ T6006] usb 6-1: SerialNumber: syz [ 49.150561][ T6107] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 49.153811][ T6107] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 49.342012][ T34] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 49.342961][ T5940] Bluetooth: hci1: command tx timeout [ 49.345215][ T5952] Bluetooth: hci0: command tx timeout [ 49.346150][ T5303] Bluetooth: hci3: command tx timeout [ 49.364684][ T5940] Bluetooth: hci4: sending frame failed (-49) [ 49.367492][ T5303] Bluetooth: hci4: Entering manufacturer mode failed (-49) [ 49.420719][ T5974] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71 [ 49.423440][ T5303] Bluetooth: hci2: command tx timeout [ 49.435244][ T5974] usb 5-1: USB disconnect, device number 2 [ 49.440457][ T6107] sp0: Synchronizing with TNC [ 49.452263][ T6006] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22 [ 49.462828][ T6006] usb 6-1: USB disconnect, device number 2 [ 49.515394][ T34] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 49.518909][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 49.522418][ T34] usb 7-1: Product: syz [ 49.524123][ T34] usb 7-1: Manufacturer: syz [ 49.525955][ T34] usb 7-1: SerialNumber: syz [ 49.529268][ T34] usb 7-1: config 0 descriptor?? [ 49.736900][ T5974] usb 7-1: USB disconnect, device number 2 [ 49.980310][ T40] kauditd_printk_skb: 84 callbacks suppressed [ 49.980326][ T40] audit: type=1400 audit(1749585001.299:174): avc: denied { read write } for pid=6164 comm="syz.0.38" name="rdma_cm" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 49.993304][ T40] audit: type=1400 audit(1749585001.319:175): avc: denied { open } for pid=6164 comm="syz.0.38" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1295 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 50.062639][ T40] audit: type=1400 audit(1749585001.389:176): avc: denied { append } for pid=6166 comm="syz.1.39" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 50.110229][ T40] audit: type=1400 audit(1749585001.429:177): avc: denied { create } for pid=6172 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 50.115306][ T6175] misc userio: Can't change port type on an already running userio instance [ 50.116835][ T40] audit: type=1400 audit(1749585001.429:178): avc: denied { bind } for pid=6172 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 50.125516][ T40] audit: type=1400 audit(1749585001.429:179): avc: denied { setopt } for pid=6172 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 50.131254][ T40] audit: type=1400 audit(1749585001.429:180): avc: denied { accept } for pid=6172 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 50.138382][ T40] audit: type=1400 audit(1749585001.439:181): avc: denied { read } for pid=6172 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 50.145342][ T40] audit: type=1400 audit(1749585001.439:182): avc: denied { write } for pid=6172 comm="syz.1.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 50.239812][ T6179] FAULT_INJECTION: forcing a failure. [ 50.239812][ T6179] name failslab, interval 1, probability 0, space 0, times 0 [ 50.243961][ T6179] CPU: 0 UID: 0 PID: 6179 Comm: syz.0.41 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 50.243987][ T6179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 50.243999][ T6179] Call Trace: [ 50.244006][ T6179] [ 50.244012][ T6179] dump_stack_lvl+0x16c/0x1f0 [ 50.244044][ T6179] should_fail_ex+0x512/0x640 [ 50.244069][ T6179] ? fs_reclaim_acquire+0xae/0x150 [ 50.244085][ T6179] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 50.244111][ T6179] should_failslab+0xc2/0x120 [ 50.244151][ T6179] __kmalloc_noprof+0xd2/0x510 [ 50.244175][ T6179] ? trace_kmalloc+0x2b/0xd0 [ 50.244200][ T6179] ? __kmalloc_noprof+0x242/0x510 [ 50.244227][ T6179] tomoyo_realpath_from_path+0xc2/0x6e0 [ 50.244255][ T6179] ? tomoyo_fill_path_info+0x233/0x420 [ 50.244277][ T6179] tomoyo_mount_acl+0x1ae/0x850 [ 50.244299][ T6179] ? kernel_text_address+0x8d/0x100 [ 50.244320][ T6179] ? __kernel_text_address+0xd/0x40 [ 50.244334][ T6179] ? unwind_get_return_address+0x59/0xa0 [ 50.244363][ T6179] ? arch_stack_walk+0xa6/0x100 [ 50.244384][ T6179] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 50.244414][ T6179] ? stack_trace_save+0x8e/0xc0 [ 50.244466][ T6179] ? tomoyo_domain+0xbb/0x150 [ 50.244482][ T6179] ? tomoyo_profile+0x47/0x60 [ 50.244513][ T6179] tomoyo_mount_permission+0x16d/0x420 [ 50.244536][ T6179] ? tomoyo_mount_permission+0x14f/0x420 [ 50.244561][ T6179] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 50.244599][ T6179] security_sb_mount+0x9b/0x260 [ 50.244625][ T6179] path_mount+0x128/0x2020 [ 50.244654][ T6179] ? kmem_cache_free+0x2d1/0x4d0 [ 50.244677][ T6179] ? __pfx_path_mount+0x10/0x10 [ 50.244709][ T6179] ? putname+0x154/0x1a0 [ 50.244741][ T6179] __x64_sys_mount+0x28d/0x310 [ 50.244768][ T6179] ? __pfx___x64_sys_mount+0x10/0x10 [ 50.244796][ T6179] ? getname_flags.part.0+0x1c5/0x550 [ 50.244819][ T6179] do_syscall_64+0xcd/0x4c0 [ 50.244848][ T6179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.244867][ T6179] RIP: 0033:0x7f8dbed8e929 [ 50.244883][ T6179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.244900][ T6179] RSP: 002b:00007f8dbfcdc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 50.244918][ T6179] RAX: ffffffffffffffda RBX: 00007f8dbefb5fa0 RCX: 00007f8dbed8e929 [ 50.244930][ T6179] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 50.244942][ T6179] RBP: 00007f8dbfcdc090 R08: 0000200000000180 R09: 0000000000000000 [ 50.244953][ T6179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.244963][ T6179] R13: 0000000000000000 R14: 00007f8dbefb5fa0 R15: 00007ffee90f4598 [ 50.244989][ T6179] [ 50.245012][ T6179] ERROR: Out of memory at tomoyo_realpath_from_path. [ 50.246218][ T40] audit: type=1400 audit(1749585001.569:183): avc: denied { connect } for pid=6180 comm="syz.1.44" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 50.373812][ T6184] netlink: 788 bytes leftover after parsing attributes in process `syz.3.46'. [ 50.421160][ T6007] libceph: connect (1)[c::]:6789 error -101 [ 50.423516][ T6007] libceph: mon0 (1)[c::]:6789 connect error [ 50.437181][ T6190] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32 [ 50.474805][ T6193] netlink: 'syz.3.48': attribute type 4 has an invalid length. [ 50.477196][ T6193] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 50.479547][ T6193] IPv6: NLM_F_CREATE should be set when creating new route [ 50.577192][ T6208] overlay: filesystem on ./bus not supported [ 50.683121][ T6007] libceph: connect (1)[c::]:6789 error -101 [ 50.685108][ T6007] libceph: mon0 (1)[c::]:6789 connect error [ 51.103589][ T6238] FAULT_INJECTION: forcing a failure. [ 51.103589][ T6238] name failslab, interval 1, probability 0, space 0, times 0 [ 51.108475][ T6238] CPU: 1 UID: 0 PID: 6238 Comm: syz.2.55 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 51.108498][ T6238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 51.108508][ T6238] Call Trace: [ 51.108514][ T6238] [ 51.108522][ T6238] dump_stack_lvl+0x16c/0x1f0 [ 51.108552][ T6238] should_fail_ex+0x512/0x640 [ 51.108572][ T6238] ? fs_reclaim_acquire+0xae/0x150 [ 51.108592][ T6238] ? tomoyo_encode2+0x100/0x3e0 [ 51.108614][ T6238] should_failslab+0xc2/0x120 [ 51.108638][ T6238] __kmalloc_noprof+0xd2/0x510 [ 51.108666][ T6238] tomoyo_encode2+0x100/0x3e0 [ 51.108692][ T6238] tomoyo_encode+0x29/0x50 [ 51.108713][ T6238] tomoyo_mount_acl+0x314/0x850 [ 51.108733][ T6238] ? kernel_text_address+0x8d/0x100 [ 51.108752][ T6238] ? __kernel_text_address+0xd/0x40 [ 51.108772][ T6238] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 51.108800][ T6238] ? stack_trace_save+0x8e/0xc0 [ 51.108840][ T6238] ? tomoyo_domain+0xbb/0x150 [ 51.108855][ T6238] ? tomoyo_profile+0x47/0x60 [ 51.108883][ T6238] tomoyo_mount_permission+0x16d/0x420 [ 51.108904][ T6238] ? tomoyo_mount_permission+0x14f/0x420 [ 51.108927][ T6238] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 51.108962][ T6238] security_sb_mount+0x9b/0x260 [ 51.108986][ T6238] path_mount+0x128/0x2020 [ 51.109013][ T6238] ? kmem_cache_free+0x2d1/0x4d0 [ 51.109032][ T6238] ? __pfx_path_mount+0x10/0x10 [ 51.109060][ T6238] ? putname+0x154/0x1a0 [ 51.109088][ T6238] __x64_sys_mount+0x28d/0x310 [ 51.109114][ T6238] ? __pfx___x64_sys_mount+0x10/0x10 [ 51.109146][ T6238] do_syscall_64+0xcd/0x4c0 [ 51.109179][ T6238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.109197][ T6238] RIP: 0033:0x7f5434f8e929 [ 51.109210][ T6238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.109227][ T6238] RSP: 002b:00007f5435ea5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 51.109244][ T6238] RAX: ffffffffffffffda RBX: 00007f54351b5fa0 RCX: 00007f5434f8e929 [ 51.109254][ T6238] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 51.109263][ T6238] RBP: 00007f5435ea5090 R08: 0000200000000180 R09: 0000000000000000 [ 51.109287][ T6238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 51.109297][ T6238] R13: 0000000000000000 R14: 00007f54351b5fa0 R15: 00007ffc578f18d8 [ 51.109320][ T6238] [ 51.206570][ T6007] libceph: connect (1)[c::]:6789 error -101 [ 51.208483][ T6007] libceph: mon0 (1)[c::]:6789 connect error [ 51.244615][ T6186] ceph: No mds server is up or the cluster is laggy [ 51.351071][ T6198] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 51.351433][ T6263] xt_hashlimit: max too large, truncated to 1048576 [ 51.353554][ T6198] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 51.361565][ T6263] xt_bpf: check failed: parse error [ 51.367142][ T6198] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 51.369069][ T6198] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 51.377592][ T6198] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 51.383510][ T6198] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 51.417268][ T6198] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 51.419185][ T6198] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 51.514036][ T54] e1000 0000:00:06.0 eth0: Reset adapter [ 51.562216][ T6280] FAULT_INJECTION: forcing a failure. [ 51.562216][ T6280] name failslab, interval 1, probability 0, space 0, times 0 [ 51.566443][ T6280] CPU: 0 UID: 0 PID: 6280 Comm: syz.0.65 Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 51.566458][ T6280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 51.566465][ T6280] Call Trace: [ 51.566469][ T6280] [ 51.566474][ T6280] dump_stack_lvl+0x16c/0x1f0 [ 51.566498][ T6280] should_fail_ex+0x512/0x640 [ 51.566512][ T6280] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 51.566526][ T6280] should_failslab+0xc2/0x120 [ 51.566543][ T6280] __kmalloc_cache_noprof+0x6a/0x3e0 [ 51.566555][ T6280] ? alloc_fs_context+0x57/0x9c0 [ 51.566573][ T6280] alloc_fs_context+0x57/0x9c0 [ 51.566591][ T6280] path_mount+0xaf8/0x2020 [ 51.566608][ T6280] ? kmem_cache_free+0x2d1/0x4d0 [ 51.566620][ T6280] ? __pfx_path_mount+0x10/0x10 [ 51.566638][ T6280] ? putname+0x154/0x1a0 [ 51.566657][ T6280] __x64_sys_mount+0x28d/0x310 [ 51.566673][ T6280] ? __pfx___x64_sys_mount+0x10/0x10 [ 51.566690][ T6280] ? getname_flags.part.0+0x1c5/0x550 [ 51.566704][ T6280] do_syscall_64+0xcd/0x4c0 [ 51.566722][ T6280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.566733][ T6280] RIP: 0033:0x7f8dbed8e929 [ 51.566741][ T6280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.566751][ T6280] RSP: 002b:00007f8dbfcdc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 51.566762][ T6280] RAX: ffffffffffffffda RBX: 00007f8dbefb5fa0 RCX: 00007f8dbed8e929 [ 51.566769][ T6280] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000 [ 51.566775][ T6280] RBP: 00007f8dbfcdc090 R08: 0000200000000180 R09: 0000000000000000 [ 51.566781][ T6280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 51.566787][ T6280] R13: 0000000000000000 R14: 00007f8dbefb5fa0 R15: 00007ffee90f4598 [ 51.566800][ T6280] [ 51.682850][ T54] e1000 0000:00:06.0 eth0: Reset adapter [ 51.684547][ T6281] syzkaller1: entered promiscuous mode [ 51.686308][ T6281] syzkaller1: entered allmulticast mode [ 51.726022][ T6286] Bluetooth: MGMT ver 1.23 [ 53.894069][ T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 163.281977][ C0] ------------[ cut here ]------------ [ 163.284192][ C0] WARNING: CPU: 0 PID: 5939 at kernel/rcu/tree_stall.h:1015 rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 163.287653][ C0] Modules linked in: [ 163.289257][ C0] CPU: 0 UID: 0 PID: 5939 Comm: udevd Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 163.294590][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 163.297888][ C0] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 163.300033][ C0] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 c0 6f dc 9a e8 f0 09 81 00 b8 01 00 00 00 87 05 25 97 3a 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 44 3e a8 90 48 81 fd c0 f6 5c 8e 74 5a 48 b8 00 [ 163.305860][ C0] RSP: 0000:ffffc90000007df0 EFLAGS: 00010046 [ 163.307850][ C0] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81a1d890 [ 163.310460][ C0] RDX: fffffbfff35b8df8 RSI: 0000000000000004 RDI: ffffffff9adc6fc0 [ 163.312858][ C0] RBP: ffffffff8e5cf6c0 R08: 0000000000000001 R09: fffffbfff35b8df8 [ 163.315142][ C0] R10: 0000000000000003 R11: 0000000000000001 R12: 1ffffffff1c42240 [ 163.317531][ C0] R13: 0000000000000246 R14: ffffffff8e5cf6c0 R15: ffff88806a43cc92 [ 163.320006][ C0] FS: 00007f5f1e552880(0000) GS:ffff8880d6754000(0000) knlGS:0000000000000000 [ 163.322806][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.324782][ C0] CR2: 000055dea6b9bfe8 CR3: 000000004f3fb000 CR4: 0000000000352ef0 [ 163.327513][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 163.330390][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 163.333015][ C0] Call Trace: [ 163.334067][ C0] [ 163.334963][ C0] rcu_core+0x4cf/0x14e0 [ 163.336275][ C0] ? sched_clock+0x38/0x60 [ 163.337672][ C0] ? sched_clock_cpu+0x6c/0x530 [ 163.339204][ C0] ? __pfx_rcu_core+0x10/0x10 [ 163.340654][ C0] ? mark_held_locks+0x49/0x80 [ 163.342167][ C0] handle_softirqs+0x219/0x8e0 [ 163.343662][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 163.345271][ C0] __irq_exit_rcu+0x109/0x170 [ 163.346858][ C0] irq_exit_rcu+0x9/0x30 [ 163.348332][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 163.350206][ C0] [ 163.351204][ C0] [ 163.352210][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 163.354133][ C0] RIP: 0010:smp_call_function_many_cond+0xd7b/0x1510 [ 163.356146][ C0] Code: e8 1a 17 0c 00 45 85 ed 74 46 48 8b 14 24 49 89 d6 49 89 d5 49 c1 ee 03 41 83 e5 07 4d 01 e6 41 83 c5 03 e8 b7 1b 0c 00 f3 90 <41> 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff [ 163.362022][ C0] RSP: 0000:ffffc900045f7808 EFLAGS: 00000293 [ 163.363972][ C0] RAX: 0000000000000000 RBX: ffff88806a5417e0 RCX: ffffffff81b0011d [ 163.366636][ C0] RDX: ffff888036a72440 RSI: ffffffff81b000f9 RDI: 0000000000000005 [ 163.369064][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 163.371491][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 163.373935][ C0] R13: 0000000000000003 R14: ffffed100d4a82fd R15: ffff88806a43cf40 [ 163.376347][ C0] ? smp_call_function_many_cond+0xd9d/0x1510 [ 163.378294][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 163.380183][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 163.382204][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 163.384069][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 163.386472][ C0] ? __lock_acquire+0x622/0x1c90 [ 163.388019][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 163.389612][ C0] ? __pfx_should_flush_tlb+0x10/0x10 [ 163.391281][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 163.392875][ C0] kvm_flush_tlb_multi+0x266/0x3b0 [ 163.394485][ C0] ? __pfx_kvm_flush_tlb_multi+0x10/0x10 [ 163.396166][ C0] ? __print_lock_name+0xd1/0xe0 [ 163.397723][ C0] ? get_flush_tlb_info+0x192/0x2b0 [ 163.399285][ C0] flush_tlb_mm_range+0x4a0/0x1790 [ 163.400796][ C0] ? page_table_check_clear+0x362/0x740 [ 163.402461][ C0] ? __page_table_check_pte_clear+0xa9/0x100 [ 163.404267][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 163.406034][ C0] ? __pfx_pte_mkwrite+0x10/0x10 [ 163.407635][ C0] ptep_clear_flush+0x136/0x180 [ 163.409284][ C0] do_wp_page+0x1683/0x4f20 [ 163.410783][ C0] ? __pfx_do_wp_page+0x10/0x10 [ 163.412371][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 163.414020][ C0] __handle_mm_fault+0x2223/0x5490 [ 163.415564][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 163.417194][ C0] ? lock_vma_under_rcu+0x47d/0x970 [ 163.418741][ C0] ? lock_vma_under_rcu+0x47d/0x970 [ 163.420310][ C0] handle_mm_fault+0x589/0xd10 [ 163.421858][ C0] ? __pkru_allows_pkey+0x21/0xb0 [ 163.423389][ C0] do_user_addr_fault+0x60c/0x1370 [ 163.424936][ C0] ? rcu_is_watching+0x12/0xc0 [ 163.426467][ C0] exc_page_fault+0x5c/0xb0 [ 163.427903][ C0] asm_exc_page_fault+0x26/0x30 [ 163.429664][ C0] RIP: 0033:0x7f5f1deb5db7 [ 163.431348][ C0] Code: 00 00 00 41 55 48 89 d0 49 89 fd 41 54 49 89 f4 53 4c 89 c3 48 83 ec 10 48 39 4f 60 0f 84 c1 00 00 00 42 f6 44 01 08 01 74 59 <48> 83 61 08 fe 48 3d ff 03 00 00 76 69 49 8b 55 70 49 8d 75 60 48 [ 163.437270][ C0] RSP: 002b:00007ffcc63166f0 EFLAGS: 00010202 [ 163.439117][ C0] RAX: 0000000000006010 RBX: 00000000000001f0 RCX: 000055dea6b9bfe0 [ 163.441489][ C0] RDX: 0000000000006010 RSI: 000055dea6b95fd0 RDI: 00007f5f1dff1ac0 [ 163.443942][ C0] RBP: 00007f5f1dff1ac0 R08: 00000000000001f0 R09: 0000000000000000 [ 163.446501][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 000055dea6b95fd0 [ 163.449353][ C0] R13: 00007f5f1dff1ac0 R14: 00000000000001f0 R15: 00007f5f1dff1ac0 [ 163.452132][ C0] [ 163.453270][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 163.455527][ C0] CPU: 0 UID: 0 PID: 5939 Comm: udevd Not tainted 6.16.0-rc1-syzkaller-00003-gf09079bd04a9 #0 PREEMPT(full) [ 163.459107][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 163.462423][ C0] Call Trace: [ 163.463477][ C0] [ 163.464391][ C0] dump_stack_lvl+0x3d/0x1f0 [ 163.465853][ C0] panic+0x71c/0x800 [ 163.467129][ C0] ? __pfx_panic+0x10/0x10 [ 163.468548][ C0] ? show_trace_log_lvl+0x29b/0x3e0 [ 163.470320][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 163.472086][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 163.474263][ C0] check_panic_on_warn+0xab/0xb0 [ 163.475845][ C0] __warn+0xf6/0x3c0 [ 163.477100][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 163.479063][ C0] report_bug+0x3c3/0x580 [ 163.480424][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 163.482420][ C0] handle_bug+0x184/0x210 [ 163.483781][ C0] exc_invalid_op+0x17/0x50 [ 163.485216][ C0] asm_exc_invalid_op+0x1a/0x20 [ 163.486752][ C0] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 163.488915][ C0] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 c0 6f dc 9a e8 f0 09 81 00 b8 01 00 00 00 87 05 25 97 3a 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 44 3e a8 90 48 81 fd c0 f6 5c 8e 74 5a 48 b8 00 [ 163.495145][ C0] RSP: 0000:ffffc90000007df0 EFLAGS: 00010046 [ 163.497068][ C0] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81a1d890 [ 163.499523][ C0] RDX: fffffbfff35b8df8 RSI: 0000000000000004 RDI: ffffffff9adc6fc0 [ 163.501996][ C0] RBP: ffffffff8e5cf6c0 R08: 0000000000000001 R09: fffffbfff35b8df8 [ 163.504471][ C0] R10: 0000000000000003 R11: 0000000000000001 R12: 1ffffffff1c42240 [ 163.506893][ C0] R13: 0000000000000246 R14: ffffffff8e5cf6c0 R15: ffff88806a43cc92 [ 163.509363][ C0] ? rcu_check_gp_start_stall.part.0+0x1b0/0x4b0 [ 163.511411][ C0] rcu_core+0x4cf/0x14e0 [ 163.512786][ C0] ? sched_clock+0x38/0x60 [ 163.514271][ C0] ? sched_clock_cpu+0x6c/0x530 [ 163.515921][ C0] ? __pfx_rcu_core+0x10/0x10 [ 163.517485][ C0] ? mark_held_locks+0x49/0x80 [ 163.519028][ C0] handle_softirqs+0x219/0x8e0 [ 163.520544][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 163.522239][ C0] __irq_exit_rcu+0x109/0x170 [ 163.523717][ C0] irq_exit_rcu+0x9/0x30 [ 163.525069][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 163.526842][ C0] [ 163.527797][ C0] [ 163.528772][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 163.530664][ C0] RIP: 0010:smp_call_function_many_cond+0xd7b/0x1510 [ 163.532737][ C0] Code: e8 1a 17 0c 00 45 85 ed 74 46 48 8b 14 24 49 89 d6 49 89 d5 49 c1 ee 03 41 83 e5 07 4d 01 e6 41 83 c5 03 e8 b7 1b 0c 00 f3 90 <41> 0f b6 06 41 38 c5 7c 08 84 c0 0f 85 6f 05 00 00 8b 43 08 31 ff [ 163.538641][ C0] RSP: 0000:ffffc900045f7808 EFLAGS: 00000293 [ 163.540525][ C0] RAX: 0000000000000000 RBX: ffff88806a5417e0 RCX: ffffffff81b0011d [ 163.542983][ C0] RDX: ffff888036a72440 RSI: ffffffff81b000f9 RDI: 0000000000000005 [ 163.545425][ C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 163.547868][ C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000 [ 163.550326][ C0] R13: 0000000000000003 R14: ffffed100d4a82fd R15: ffff88806a43cf40 [ 163.552977][ C0] ? smp_call_function_many_cond+0xd9d/0x1510 [ 163.555005][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 163.556981][ C0] ? smp_call_function_many_cond+0xd79/0x1510 [ 163.558813][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 163.560442][ C0] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 163.562413][ C0] ? __lock_acquire+0x622/0x1c90 [ 163.563973][ C0] ? __pfx_flush_tlb_func+0x10/0x10 [ 163.565637][ C0] ? __pfx_should_flush_tlb+0x10/0x10 [ 163.567331][ C0] on_each_cpu_cond_mask+0x40/0x90 [ 163.568913][ C0] kvm_flush_tlb_multi+0x266/0x3b0 [ 163.570522][ C0] ? __pfx_kvm_flush_tlb_multi+0x10/0x10 [ 163.572300][ C0] ? __print_lock_name+0xd1/0xe0 [ 163.573869][ C0] ? get_flush_tlb_info+0x192/0x2b0 [ 163.575563][ C0] flush_tlb_mm_range+0x4a0/0x1790 [ 163.577225][ C0] ? page_table_check_clear+0x362/0x740 [ 163.578969][ C0] ? __page_table_check_pte_clear+0xa9/0x100 [ 163.580847][ C0] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 163.582608][ C0] ? __pfx_pte_mkwrite+0x10/0x10 [ 163.584189][ C0] ptep_clear_flush+0x136/0x180 [ 163.585779][ C0] do_wp_page+0x1683/0x4f20 [ 163.587275][ C0] ? __pfx_do_wp_page+0x10/0x10 [ 163.588827][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 163.590552][ C0] __handle_mm_fault+0x2223/0x5490 [ 163.592151][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 163.593887][ C0] ? lock_vma_under_rcu+0x47d/0x970 [ 163.595509][ C0] ? lock_vma_under_rcu+0x47d/0x970 [ 163.597152][ C0] handle_mm_fault+0x589/0xd10 [ 163.598654][ C0] ? __pkru_allows_pkey+0x21/0xb0 [ 163.600188][ C0] do_user_addr_fault+0x60c/0x1370 [ 163.601800][ C0] ? rcu_is_watching+0x12/0xc0 [ 163.603332][ C0] exc_page_fault+0x5c/0xb0 [ 163.604814][ C0] asm_exc_page_fault+0x26/0x30 [ 163.606421][ C0] RIP: 0033:0x7f5f1deb5db7 [ 163.607883][ C0] Code: 00 00 00 41 55 48 89 d0 49 89 fd 41 54 49 89 f4 53 4c 89 c3 48 83 ec 10 48 39 4f 60 0f 84 c1 00 00 00 42 f6 44 01 08 01 74 59 <48> 83 61 08 fe 48 3d ff 03 00 00 76 69 49 8b 55 70 49 8d 75 60 48 [ 163.613802][ C0] RSP: 002b:00007ffcc63166f0 EFLAGS: 00010202 [ 163.615680][ C0] RAX: 0000000000006010 RBX: 00000000000001f0 RCX: 000055dea6b9bfe0 [ 163.618118][ C0] RDX: 0000000000006010 RSI: 000055dea6b95fd0 RDI: 00007f5f1dff1ac0 [ 163.620456][ C0] RBP: 00007f5f1dff1ac0 R08: 00000000000001f0 R09: 0000000000000000 [ 163.622848][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 000055dea6b95fd0 [ 163.625300][ C0] R13: 00007f5f1dff1ac0 R14: 00000000000001f0 R15: 00007f5f1dff1ac0 [ 163.627885][ C0] [ 164.695574][ C0] Shutting down cpus with NMI [ 164.697675][ C0] Kernel Offset: disabled [ 164.699040][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:51:54 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855b5315 RDI=ffffffff9b0883a0 RBP=ffffffff9b088360 RSP=ffffc90000007760 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000039 R14=ffffffff9b088360 R15=ffffffff855b52b0 RIP=ffffffff855b533f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f5f1e552880 ffffffff 00c00000 GS =0000 ffff8880d6754000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055dea6b9bfe8 CR3=000000004f3fb000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000081f9f998 Opmask01=00000000003fffff Opmask02=0000000033bfffff Opmask03=0000000000000000 Opmask04=00000000ffffdfff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055dea6c1c5b0 000055dea6c1c5b0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055dea6ba6630 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f1dff1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f1df52c80 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f00003078 303d4e4f53414552 5f4b434f4c425f57 485f4c4c494b4652 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000425f00000d45 0d004e4f53414552 5f4b434f4c425f57 485f4c4c494b4652 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7361647c2a737369 63637c2a65686361 63627c2a6476787c 2a64767c2a64737c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a756b733a322e 392d3533712d6370 7276633a3174633a 554d45516e76633a ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a2939 3030322c39484349 2b35335128435064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70627e322d33 2e36312e312d6e61 696265642d332e36 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00414132302c3841 32302c344132302c 314132302c323832 302c463532302c44 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000103 RBX=ffff888024b454a8 RCX=ffffffff81a8f3e0 RDX=ffff88801de8a440 RSI=ffffffff81a8f43e RDI=0000000000000001 RBP=ffff88806a627d00 RSP=ffffc900006a0900 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffed1004968a9b R13=0000000000000001 R14=dffffc0000000000 R15=ffff888024b454d8 RIP=ffffffff81bc1cda RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6854000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fff7f6e9000 CR3=000000000e382000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0400000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055892e0fe600 000055892e0fe600 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd415ce540 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 624d203030303120 7055207369206b6e 694c2043494e2030 687465203a303030 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3834203130203938 2034362038642037 6620666620666620 6666203861203163 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2037632038342033 6320313020333720 6666206666203066 203130206433203e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 38343c2035302066 3020383020343220 6334206238206334 2038632039382064 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3420326320393820 6434206163203938 2038342036642039 3820383420376620 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080010004 RBX=0000000000000003 RCX=ffffffff816a2366 RDX=ffff88801de8c880 RSI=ffffffff816a53bc RDI=0000000000000000 RBP=ffff88810555c348 RSP=ffffc90000648b28 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000001 R12=0000000000000003 R13=0000000000000003 R14=ffff88806a63cc00 R15=ffffed1020aab869 RIP=ffffffff816a53bd RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6954000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055594d45bce8 CR3=000000000e382000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f06a9384d00 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555add4347 000055555add3bc0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555adcb490 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555add4347 000055555add3bc0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000a08064b800311 b810006280040100 0008080606017bdc 919f76f0cba8cf7b ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffef080580030580 044ba0030008004b 98036008004b9003 00080007000c0008 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4bc00311b810000f 80030f80044bb003 0030656c69662f2e 01ffffffffffffff ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0608064bf0030208 004be8030208004b e0030010004bd003 0fffffffffffff04 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100001080001 0000000806060103 f60180040880a5bd c208000100000408 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 06060129841fffff fffe080001800320 10001780041e1000 060102800fffffff ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff0417900300 0800178803010000 0c08061780030180 10004b8004381000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 060c028800000006 08064bf003020800 4be8030208004be0 030010004bd0030f ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffff88806a543a60 RCX=ffffffff81b0011d RDX=ffff88803a2cc880 RSI=ffffffff81b000f9 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc90004ca7808 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=0000000000000003 R14=ffffed100d4a874d R15=ffff88806a73cf40 RIP=ffffffff81b000fb RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f5f1e552880 ffffffff 00c00000 GS =0000 ffff8880d6a54000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055dea6b9bfe8 CR3=0000000058e55000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fefeffd0 Opmask01=0000000000004211 Opmask02=000000007ffeffff Opmask03=0000000000000000 Opmask04=00000000ffffdfff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44455a494c414954 494e495f43455355 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 000055dea6ba6670 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f1dff1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff00000000 ff00000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffff00ffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2e2f2f2f7a 2f2f2f2f2f2f2f2f ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c696620732520 6465746165726300 0a73253a47000a73 253d73253a45000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40494c4305560005 4140514440574600 0a56001f47000a56 001856001f45000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c6c6174735f7563 725f78616d006c74 6373797300313d65 6c62616e65000031 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 400000000000ffff 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055dea0bb3fb7 00007ffcc63122d0 40007ffcc631dd0f 000055dea6bb6580 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdfbeffbfbf 69647ffdef7f6bf5 64b7ffffdff1ff6f 716e7fffeeffe7fe ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000