last executing test programs: 34.250675528s ago: executing program 2 (id=851): mkdirat(0xffffffffffffff9c, 0x0, 0x0) r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@generic={0x0, 0x0, 0x8}, 0x18) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x4, &(0x7f0000000340)=@framed={{}, [@ldst={0x2, 0x0, 0x3, 0x1, 0x0, 0x18}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000001000270e00"/20, @ANYRES32=0x0, @ANYBLOB="2a130200b7580000140012800b00010067656e65766500000400028008002000070cf0ce"], 0x3c}}, 0x0) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000006200)='./bus\x00', &(0x7f0000000000), 0x4002, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0006}]}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f00000000c0)='cpu.idle\x00', 0x2, 0x0) fchdir(r0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001600)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x12, 0x0, {}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0xb}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x1], [0x0, 0x8, 0x0, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0x75}}]}, 0xac}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x4) getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, &(0x7f0000000300)=0x0, &(0x7f00000003c0)=0x4) r9 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0xf0b, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r10, {0x0, 0x7}, {0xfff1, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x961}, @qdisc_kind_options=@q_ingress={0xc}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000480)={'sit0\x00', &(0x7f0000000440)={'syztnl1\x00', 0x0, 0x80, 0x80, 0x80, 0x7, {{0x8, 0x4, 0x2, 0x0, 0x20, 0x64, 0x0, 0x8, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x2f}, @remote, {[@generic={0x7, 0xa, "0642cdf2b53f240d"}]}}}}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000580)={'ip6tnl0\x00', &(0x7f0000000500)={'syztnl0\x00', 0x0, 0x29, 0x4, 0x1, 0x9317, 0x10, @mcast1, @dev={0xfe, 0x80, '\x00', 0x14}, 0x7, 0x1, 0x5, 0x5}}) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000680)={&(0x7f00000005c0)={0x9c, 0x0, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x800}, 0x48010) write$cgroup_subtree(r5, &(0x7f00000007c0)=ANY=[], 0x27) close_range(r3, 0xffffffffffffffff, 0x0) 33.939458479s ago: executing program 2 (id=856): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e"]) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x4000) write$vhost_msg_v2(r0, &(0x7f0000000580)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48) migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272) 33.770894627s ago: executing program 2 (id=861): r0 = socket(0x10, 0x2, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) (async) io_setup(0x2, &(0x7f0000000200)=0x0) r7 = eventfd2(0x0, 0x0) io_submit(r6, 0x1, &(0x7f00000006c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0}]) (async) io_getevents(r6, 0x0, 0x2, &(0x7f0000000240)=[{}, {}], 0x0) io_submit(r6, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x3, r7}]) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r9, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r11, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c090000560333"], 0x398}, 0x1, 0x0, 0x0, 0x8010}, 0x0) close(r4) (async) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)) (async) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) (async) r12 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES8], 0x0) syz_usb_control_io$hid(r12, 0x0, 0x0) (async) syz_usb_control_io(r12, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) (async) r13 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGUSAGE(r13, 0xd01c4813, &(0x7f00000000c0)={0x2, 0x100, 0x0, 0x2, 0xfffffffd, 0x2}) ioctl$SIOCSIFHWADDR(r4, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/32], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f00000001c0)={0x70003, 0x0, [0x7, 0x9b, 0x40000ffffffff, 0x9, 0xfffffffffffffff7, 0x203, 0x3000000002, 0xd]}) (async) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, @empty, @empty, 0x40, 0x20, 0x2, 0x2}}) 33.260913845s ago: executing program 2 (id=866): bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000007640)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x34}}, 0x4000854) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r3, &(0x7f0000003480)={0x2020}, 0x2020) recvmmsg$unix(r2, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000600)=""/73, 0x49}, {&(0x7f0000000700)=""/252, 0xfc}, {&(0x7f0000000800)=""/184, 0xb8}, {&(0x7f00000008c0)=""/117, 0x75}, {&(0x7f0000000940)=""/250, 0xfa}], 0x5}}, {{0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000000c40)=""/238, 0xee}, {&(0x7f0000000d40)=""/4096, 0x1000}, {&(0x7f0000001d40)=""/191, 0xbf}, {&(0x7f0000001e00)=""/232, 0xe8}, {&(0x7f0000001f00)=""/162, 0xa2}, {&(0x7f0000001fc0)=""/109, 0x6d}], 0x6}}], 0x2, 0x10000, 0x0) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000ac0)=""/177, 0xb1}, {&(0x7f00000023c0)=""/186, 0xba}, {&(0x7f0000000540)=""/110, 0x3b}, {&(0x7f00000021c0)=""/248, 0xf8}, {&(0x7f0000002480)=""/217, 0xd9}], 0x5}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r5, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@ipv6_newrule={0x30, 0x20, 0x1, 0x70bd2c, 0x0, {0xa, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3}, [@FRA_DST={0x14, 0x1, @local}]}, 0x30}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000001000390400"/20, @ANYRES32=0x0, @ANYBLOB="00000000001000003c0012800b000100697036756e6c00002c00028014000300200100000000010000000000000000011400450200fc0200"/68], 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r7}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x5, &(0x7f0000000d80)=ANY=[@ANYRES8=r7], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$audio(0xffffffffffffff9c, &(0x7f00000005c0), 0x82000, 0x0) 33.073511627s ago: executing program 2 (id=869): mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000180)='./bus\x00', &(0x7f0000000200), 0x800000, &(0x7f0000000480)={'trans=virtio,', {[{@dfltuid}, {@uname={'uname', 0x3d, 'sysfs\x00'}}]}}) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r4, &(0x7f0000003480)={0x2020}, 0x2020) getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002140)=@delchain={0x34, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x9, 0xffe0}, {0x10, 0xffff}, {0xffe0}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x0) bind(r0, &(0x7f0000000040)=@can={0x1d, r5}, 0x80) 32.750150163s ago: executing program 2 (id=870): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000000000000000004000000000060000000000000001000040"]) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00') getdents64(r3, &(0x7f0000000340)=""/70, 0x46) r4 = fspick(r3, &(0x7f00000002c0)='./file0/../file0\x00', 0x1) getdents(r3, 0x0, 0x0) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) readv(r5, &(0x7f00000006c0)=[{&(0x7f0000000800)=""/51, 0x33}], 0x1) r6 = socket(0x2, 0x80805, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r6, 0x0, 0x61, 0x0, 0x0) lseek(r6, 0x200000000000, 0x3) r7 = syz_io_uring_setup(0x83e, &(0x7f0000000300)={0x0, 0xcd1d, 0x1, 0x1000000}, &(0x7f0000000040), &(0x7f0000000080)) io_uring_register$IORING_REGISTER_PBUF_RING(r7, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) io_uring_register$IORING_REGISTER_PBUF_STATUS(r7, 0x1a, &(0x7f0000000280)={0x8001}, 0x1) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000140)={{0x1, 0x1, 0x18, r4, {r7}}, './file0\x00'}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r3, 0x9, 0x1, r5}) chroot(&(0x7f0000000000)='./file0/../file0\x00') request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x2, 0x11}, &(0x7f0000001fee)='R\brust\xe3c*sgrVex:D0', 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x21854b1, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRESDEC, @ANYBLOB="05000000000000000000000000000a0018000303030303030000"], 0x20}, 0x1, 0x0, 0x0, 0x8801}, 0x0) sendmsg$NL80211_CMD_START_AP(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="68010000", @ANYRES16=r9, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r10, @ANYBLOB="37000e0080000000ffffffffffff080211000000ffffffffffff00000000000000000000ff0701000301030406f0027f0006a706020600004c002a00054606670324a72be992bfa317661653c0844d4e934fb37e0bfd0d873e9f400d1acf1a87a0272ef980413d321ad37366e781890c6a6a87dc24f37ae5781d1b9d4f23ca9c10d65793ae000f007e15feea020802110000000400000000800000000000007504010003003c040002ac010185baf7a750654c42aef847e6d410aa3fb66ecc860c4696a377ad611c103e7fcf858650ec50863609b55ddee251072d02b6a7f03a6d61ee618f5efeab7ff585d9ccaa6ef9c6f48c38f0792664da7bcb82532f722093d07a37c994ce2d8ed27bed16cf06e3b64950ccb259d31125572d5c02e2800e73af1b2d6210bf4798f70553c52c9adcccfa0000080026006c09000008000c006400000008000d0000000000"], 0x168}, 0x1, 0x0, 0x0, 0x20004090}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 32.717162545s ago: executing program 32 (id=870): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)=ANY=[@ANYBLOB="02000000000000000000004000000000060000000000000001000040"]) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00') getdents64(r3, &(0x7f0000000340)=""/70, 0x46) r4 = fspick(r3, &(0x7f00000002c0)='./file0/../file0\x00', 0x1) getdents(r3, 0x0, 0x0) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) readv(r5, &(0x7f00000006c0)=[{&(0x7f0000000800)=""/51, 0x33}], 0x1) r6 = socket(0x2, 0x80805, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r6, 0x0, 0x61, 0x0, 0x0) lseek(r6, 0x200000000000, 0x3) r7 = syz_io_uring_setup(0x83e, &(0x7f0000000300)={0x0, 0xcd1d, 0x1, 0x1000000}, &(0x7f0000000040), &(0x7f0000000080)) io_uring_register$IORING_REGISTER_PBUF_RING(r7, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) io_uring_register$IORING_REGISTER_PBUF_STATUS(r7, 0x1a, &(0x7f0000000280)={0x8001}, 0x1) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000140)={{0x1, 0x1, 0x18, r4, {r7}}, './file0\x00'}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r3, 0x9, 0x1, r5}) chroot(&(0x7f0000000000)='./file0/../file0\x00') request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x2, 0x11}, &(0x7f0000001fee)='R\brust\xe3c*sgrVex:D0', 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x21854b1, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRESDEC, @ANYBLOB="05000000000000000000000000000a0018000303030303030000"], 0x20}, 0x1, 0x0, 0x0, 0x8801}, 0x0) sendmsg$NL80211_CMD_START_AP(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="68010000", @ANYRES16=r9, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r10, @ANYBLOB="37000e0080000000ffffffffffff080211000000ffffffffffff00000000000000000000ff0701000301030406f0027f0006a706020600004c002a00054606670324a72be992bfa317661653c0844d4e934fb37e0bfd0d873e9f400d1acf1a87a0272ef980413d321ad37366e781890c6a6a87dc24f37ae5781d1b9d4f23ca9c10d65793ae000f007e15feea020802110000000400000000800000000000007504010003003c040002ac010185baf7a750654c42aef847e6d410aa3fb66ecc860c4696a377ad611c103e7fcf858650ec50863609b55ddee251072d02b6a7f03a6d61ee618f5efeab7ff585d9ccaa6ef9c6f48c38f0792664da7bcb82532f722093d07a37c994ce2d8ed27bed16cf06e3b64950ccb259d31125572d5c02e2800e73af1b2d6210bf4798f70553c52c9adcccfa0000080026006c09000008000c006400000008000d0000000000"], 0x168}, 0x1, 0x0, 0x0, 0x20004090}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 19.28899005s ago: executing program 0 (id=1024): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff}}, './file1\x00'}) r1 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2100, 0x24) linkat(r0, &(0x7f00000000c0)='./file0\x00', r1, &(0x7f0000000180)='./file0\x00', 0x1000) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30, 0x2d, 0x31, 0x3a]}}}, 0x4e}]}) chdir(&(0x7f00000001c0)='./file2\x00') 19.160318111s ago: executing program 0 (id=1025): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000500)={'hsr0\x00', &(0x7f00000004c0)=@ethtool_sfeatures={0x3b, 0x2, [{0x200, 0x4a39b33c}, {0x0, 0x9}]}}) (async) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', 0x0}) (async) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xa, [@fwd={0x7}, @typedef={0x6}]}, {0x0, [0x30, 0x0, 0x5f, 0x2e, 0x5f, 0x61, 0x61, 0x30]}}, &(0x7f0000000100)=""/8, 0x3a, 0x8, 0x1, 0xd, 0x10000, @value}, 0x28) (async, rerun: 32) r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0) (rerun: 32) sched_setscheduler(0xffffffffffffffff, 0x0, &(0x7f0000000440)=0x1) (async) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0xc, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50) (async) r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xfffffffb, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50) (async) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/uevent_seqnum', 0x0, 0x0) read$FUSE(r7, &(0x7f0000007040)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) (async) r9 = openat$sr(0xffffffffffffff9c, &(0x7f00000009c0), 0x40000, 0x0) (async) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$SG_SET_TIMEOUT(r9, 0x2201, &(0x7f0000000e40)=0xc) r10 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r11 = dup2(r10, r10) ioctl$BLKTRACESETUP(r11, 0xc0481273, &(0x7f0000000240)={'\x00', 0x5, 0x9, 0x6, 0x401, 0x7fffffffffffffff, r8}) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = ioctl$KVM_CREATE_VCPU(r14, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r15, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x6, 'dvmrp1\x00'}) (async) mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000000)) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=@newlink={0x44, 0x10, 0x409, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r17}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MCAST_FLOOD={0x5}]}}}]}, 0x44}}, 0x0) (async) ioctl$BLKTRACETEARDOWN(r11, 0x1276, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xb, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffff345}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, @jmp={0x5, 0x0, 0x9, 0x1, 0x9, 0xfffffffffffffffe}, @map_fd={0x18, 0xa, 0x1, 0x0, r1}]}, &(0x7f0000000040)='syzkaller\x00', 0x8000, 0x1000, &(0x7f0000000540)=""/4096, 0x40f00, 0x0, '\x00', r2, @fallback=0xc, r3, 0x8, &(0x7f0000000180)={0x5, 0x4}, 0x8, 0x10, &(0x7f00000001c0)={0x0, 0x2, 0x7, 0x8}, 0x10, 0x0, r4, 0x0, &(0x7f0000000340)=[r5, r6, r7, r9, r11, 0x1], 0x0, 0x10, 0x3, @void, @value}, 0x94) 18.999627047s ago: executing program 0 (id=1028): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r3, 0x29, 0x49, 0x0, &(0x7f0000001180)) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8}) setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x0, 0x800}, 0x20) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000000)={0x2}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_emit_ethernet(0x66, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd604292c800300000fe8000000000000000000000140000"], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r7 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$qrtrtun(r7, &(0x7f0000000300)="f7b920e49a48d1", 0x7) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r8, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=[0x1, 0x7], 0x0, 0x0, 0x2}}, 0x40) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x8, 0x0, 0xa1d, 0x68ff, 0x7, 0x0, 0x3, 0x5], 0x10000, 0x202}) ioctl$KVM_RUN(r6, 0xae80, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0) r9 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0) r10 = fsmount(r9, 0x0, 0x0) fchdir(r10) open(&(0x7f0000000140)='./file1\x00', 0x1e3042, 0x9c) link(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r11 = getpid() bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000480)={r0, r1, 0x20, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f0000000340)=[0x81], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x5, 0x3, 0x4], 0x40, 0x0, 0x1, r11}}, 0xfffffffffffffc5f) 18.848141199s ago: executing program 0 (id=1029): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x44) r1 = syz_io_uring_setup(0x7819, &(0x7f0000000300)={0x0, 0x736b, 0x8, 0x3, 0x2002e}, &(0x7f0000000100)=0x0, &(0x7f00000001c0)=0x0) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}) r6 = getpid() mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000000, 0x12, r1, 0x6fd0a000) syz_pidfd_open(r6, 0x0) r7 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r7, &(0x7f0000002a00)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x7f, 0xfffffffe}}, 0x120) write$UHID_INPUT2(r7, &(0x7f0000000240)=ANY=[@ANYBLOB="0c0000000000dd21f830fe8c45234221ed971a868e554048df17ff30436e63e10689bd598db36458be8a8b6c3e3f9b27b43a59ab23fd5ce6eb55e27e6b6d9b92ffbcbcf0412020"], 0x6) io_uring_enter(r1, 0x2d3e, 0x2936, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x9, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000080010000000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) umount2(&(0x7f0000000080)='./file0/../file0\x00', 0x1) 18.711107142s ago: executing program 0 (id=1033): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='skb_copy_datagram_iovec\x00', r1, 0x0, 0x2}, 0x18) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e0443050c"], 0x7) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettaction={0x20, 0x5a, 0x1, 0x0, 0x27dfdbfb, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc}]}, 0x20}}, 0x4000) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r2) socket$nl_route(0x10, 0x3, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x18, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='skb_copy_datagram_iovec\x00', r1, 0x0, 0x2}, 0x18) (async) syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) (async) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="040e0443050c"], 0x7) (async) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettaction={0x20, 0x5a, 0x1, 0x0, 0x27dfdbfb, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc}]}, 0x20}}, 0x4000) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r2) (async) 18.101339597s ago: executing program 0 (id=1041): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) pread64(r0, &(0x7f0000001440)=""/126, 0x7e, 0x41) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = socket(0x1, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r3, &(0x7f0000000100), &(0x7f00000001c0)=@tcp=r4}, 0x20) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x24, 0x1, 0x1, 0x103, 0x0, 0x0, {0x5, 0x0, 0x3}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x8000000}]}, 0x24}, 0x1, 0x0, 0x0, 0x8084}, 0x4040800) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r3, &(0x7f0000000100), &(0x7f0000000140)=@udp6=r2, 0x1}, 0x20) flock(r1, 0x2) 18.008817667s ago: executing program 33 (id=1041): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) pread64(r0, &(0x7f0000001440)=""/126, 0x7e, 0x41) r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = socket(0x1, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r3, &(0x7f0000000100), &(0x7f00000001c0)=@tcp=r4}, 0x20) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x24, 0x1, 0x1, 0x103, 0x0, 0x0, {0x5, 0x0, 0x3}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x8000000}]}, 0x24}, 0x1, 0x0, 0x0, 0x8084}, 0x4040800) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r3, &(0x7f0000000100), &(0x7f0000000140)=@udp6=r2, 0x1}, 0x20) flock(r1, 0x2) 6.118917443s ago: executing program 1 (id=1141): r0 = syz_open_dev$video(&(0x7f0000000000), 0x3, 0x0) ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc0e85667, &(0x7f00000000c0)={0x80000000, 0x4, "8941d65244f3992277727afa4405edbde207ba6d27e516fbbdace84fb846503f", 0xffffffffffff779e, 0x1, 0x2007, 0x1, 0x5, 0xffffffff, 0xffff, 0xfff, [0x4, 0x8, 0xfff, 0x9]}) ioctl$VIDIOC_DQEVENT(r0, 0x80885659, 0x0) r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x181801, 0x40) ioctl$TCSETS(r1, 0x5402, &(0x7f00000001c0)={0x9, 0x37, 0xffff, 0x8, 0x10, "9d8fe261ca37148923a7762921217f824debd7"}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x8000000, 0x980915, 0x3}) 5.220703893s ago: executing program 1 (id=1157): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_io_uring_setup(0x1728, &(0x7f00000001c0)={0x0, 0x435f, 0x80, 0x2, 0x96}, &(0x7f0000000100), &(0x7f0000000240)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = eventfd2(0x0, 0x80000) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000001340)={0x0, 0x0, 0x2, r4, 0x3}) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r5, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x747, 0x0, 0x3}, 0xc) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f00000000c0)={0x3, 0x0, 0x2, r4, 0xb}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)=""/82, 0x52}, {&(0x7f0000000300)=""/105, 0x69}, {&(0x7f0000000380)=""/86, 0x56}], 0x3) sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000000e060101000000000000000000"], 0x20}}, 0x40) r6 = socket$netlink(0x10, 0x3, 0x4) writev(r6, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000003590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1) r7 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040), 0x208080, 0x0) ioctl$IOCTL_CONFIG_SYS_RESOURCE_PARAMETERS(r7, 0x40096100, &(0x7f0000000080)={{}, 0xd}) 4.990840516s ago: executing program 1 (id=1160): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xc, 0x4, 0x4, 0x2, 0x0, 0x1, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) clock_adjtime(0x0, &(0x7f00000001c0)={0x8b8d, 0x9, 0x10, 0xfffffffffffffff9, 0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0xfffffffd, 0x1, 0xffffffffffffffff, 0x0, 0x2000000003, 0x0, 0x82c, 0x0, 0x81, 0x4, 0x0, 0x0, 0x5, 0xffffffffffffffff}) 4.890318247s ago: executing program 1 (id=1163): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x100001, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f00000002c0)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="8ac98d0f0000000000000000000000a2b7b2"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x2, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"]) chdir(&(0x7f00000000c0)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x4000) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r6) ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002100)=ANY=[@ANYBLOB="e0100000", @ANYRES16=r6, @ANYBLOB="0500000000000000000001000000060006004e240000901008809005008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000200fcbefe9641719404cc5c9ab2766dd4793e367b0ea55e65e2e3416ac9d4e68841240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691cb40409807c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030000000000f4000080060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000a00000014000200fc0200000000000000000000000000010500030000000000060001000200000008000200e00000020500030003000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030002000000060001000a00000014000200fc0200000000000000000000000000000500030003000000340000800600010002000000080002000a0101010500030004000000060001000200000008000200ac1414aa050003000300000064000080060001000a00000014000200200100000000000000000000000000000500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff010000000000000000000000000001050003000200000094000080060001000200000008000200ac1e00010500030002000000060001000200000008000200e00000010500030002000000060001000a00000014000200fc0000000000000000000000000000000500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200fe80000000000000000000000000000e050003000000000040000080060001000a00000014000200fc0200000000000000000000000000000500030002000000060001000200000008000200ac1414aa050003000000000064000080060001000a00000014000200200100000000000000000000000000020500030001000000060001000a00000014000200fc02000000000000000000000000000105000300020000000600010002000000080002000a010100050003000200000070000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200000000000000000000000000000000000500030002000000060001000a0000001400020000000000000000000000000000000001050003000000000000010080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000200000008000200000000000500030003000000060001000200000008000200640101000500030002000000060001000200000008000200640101010500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8000000000000000000000000000bb05000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000200000008000200640101010500030001000000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e1803008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39220600050005000000e802098058000080060001000200000008000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff05000300010000007c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414bb0500030002000000060001000a000000140002000000000000000000000000000000000105000300020000000600010002000000080002000a0101010500030003000000f4000080060001000a0000001400020000000000000000000000ffffac1414aa0500030003000000060001000200000008000200ac1414aa05000300000000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc01000000000000000000000000000005000300010000000600010002000000080002000a0101000500030000000000060001000200000008000200ac1e0101050003000200000094000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030002000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ffffffff050003000200000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff02000000000000000000000000000105000300020000007c000080200004000a004e2100000006fc0100000000000000000000000000010400000008000a00010000d4b9000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000300000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549780000800800030001000000080003000400000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000e4060080dc020980f4000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000200000008000200ffffffff0500030001000000060001000200000008000200ac1e00010500030001000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a00000014000200fc010000000000000000000000000001050003000300000034000080060001000200000008000200640101000500030001000000060001000200000008000200ac1414bb050003000200000000010080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc0100000000000000000000000000010500030000000000940000800600010002000000080002006401010005000300010000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000200000008000200e00000020500030003000000060001000200000008000200ac1414120500030002000000060001000200000008000200ac14142d05000300020000001c000080060001000200000008000200ffffffff05000300030000000800030002000000200004000a004e2000000005fc010000000000000000000000000001000000009403098094000080060001000a0000001400020000000000000000000000ffffac1414bb0500030003000000060001000a00000014000200fe8800000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200fe880000000000000000000000000101050003000100000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414bb0500030001000000060001000a0000001400020000000000000000000000ffffe00000020500030003000000f4000080060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000010500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe80000000000000000000000000003e05000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200ff0200000000000000000000000000010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200e0000001050003000000000058000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414410500030010000000060001000200000008000200ac1e00010500030001000000f4000080060001000200000008000200640101000500030002000000060001000a00000014000200200100000000000000000000000000000500030000000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000200000008000200ac1414aa0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414270500030000000000060001000a0000001400020020010000000000000000000000000002050003000100000058000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe8000000000000000000000000000140500030000000000060001000200000008000200e0000001050003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r7, @ANYRES16=r6], 0x10e0}}, 0x0) write$vhost_msg_v2(r4, &(0x7f0000000580)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48) migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272) r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r8, &(0x7f0000006380)={0x2020, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r8, &(0x7f0000004380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x4000000000000, {0x0, 0x200000000, 0x20000000, 0x4, 0x6, 0x0, {0x0, 0x10001, 0x0, 0xd, 0x0, 0x100, 0x10000, 0x2, 0x0, 0x0, 0xfffffffc, r9, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.341225192s ago: executing program 3 (id=1170): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x9}}, 0x0) r3 = socket$vsock_stream(0x28, 0x1, 0x0) clock_gettime(0x5, &(0x7f00000002c0)) bind$vsock_stream(r3, &(0x7f0000000140), 0x10) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000340)={r1, 0x10000, {0x0, 0x0, 0x0, 0x2ead, 0x7fff, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04da964a02447a7f8a69ea917deb7ba193b3e000000000000000300000600", "24431a1e77a68e174ff10000000008000000e2002c00"}}) writev(r2, &(0x7f0000000300)=[{&(0x7f00000000c0)='\b\r4V', 0x7e00}], 0x1) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01040400000300120002002800000019002d4400009b84136ef75afb83de066a5900e1baac341b61130000f2ff00000100"/85, 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0) 4.260623267s ago: executing program 3 (id=1172): r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0x80, 0x20203843, 0x3, [0x2], [0x80ffff], [], [0x400000000000001]}) read(r0, &(0x7f0000007180)=""/149, 0x95) syz_emit_ethernet(0x6e, &(0x7f0000000100)=ANY=[@ANYBLOB="ffffffffffff0000000000008100200008004500005c00000000002f907800000000e000000124808100000001100008000810000800000086dd080088be0000000010000000010000000000000052a722eb00000000200000000200000000000000000000000800655800000000087614a28b682871b343902c73d65e1efbe5229cfd0dc877606ace9ced9290b872e3469794db79d09082"], 0x0) r2 = socket$can_raw(0x1d, 0x3, 0x1) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = fsmount(r4, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r3, r5, 0x3, 0x0, @val=@perf_event={0x1}}, 0x18) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@cgroup=r5, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) sendmsg$can_raw(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0x10, &(0x7f0000000080)={&(0x7f0000000040)=@can={{0x0, 0x1}, 0x8, 0x0, 0x0, 0x0, "97ec68c8bef38851"}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x20040011) 3.810373133s ago: executing program 1 (id=1178): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) writev(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a11820fffff5bab", 0x18}], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2401, 0x0) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x2710, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x31}, @NFTA_SET_DATA_TYPE={0x8}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd8}}, 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x200000000000000, 0x0, 0x2], 0x0, 0x200}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r6, 0x0, 0x0, 0x1001f0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001700)={{r6, 0xffffffffffffffff}, &(0x7f00000001c0), &(0x7f00000016c0)=r6}, 0x20) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000001740)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r3, 0x5000943f, &(0x7f00000019c0)={{r7}, r8, 0x10, @inherit={0x60, &(0x7f0000001940)={0x0, 0x3, 0x81, 0x10000, {0xd, 0x2, 0x6, 0xe7c, 0x1}, [0x5, 0x4, 0x300]}}, @subvolid=0x19}) fallocate(r6, 0x1, 0x1, 0xfff) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000040)={&(0x7f00000006c0)=[0x6, 0x1, 0x3, 0x7, 0xdcf, 0x7ff, 0xe, 0xa, 0x0, 0x8, 0x4, 0x8001, 0x80000001, 0xfffffffb, 0x8, 0x4, 0x5, 0xad5, 0x3, 0x7ff, 0x3, 0x7, 0x5, 0x8000, 0xe6cd, 0xffffffff, 0x6, 0x7, 0x8, 0x2, 0x5, 0xac, 0x1ff, 0x7f, 0x7, 0xfffffffe, 0xe, 0x7, 0x3, 0x6, 0x1, 0x80000000, 0x1, 0x2, 0x0, 0x81, 0x8, 0x9e, 0x3, 0x401, 0x7c24, 0x6, 0x15b2, 0x5, 0xffff, 0x7, 0x7, 0x5, 0x2, 0x401, 0xf, 0x8000, 0x7fffffff, 0x7f, 0x7fffffff, 0x7, 0x7, 0x55, 0x3, 0x6b48a5bd, 0x5, 0x3ff, 0x0, 0x9, 0xffff, 0xfff, 0x80000001, 0x5, 0x5, 0x86, 0x4, 0x9e, 0x1, 0xa6, 0x8, 0x4, 0x1ff, 0x7, 0x0, 0x8, 0x6, 0xb, 0x10, 0x400, 0x2, 0x6, 0x3ff, 0x4, 0x1, 0x7, 0x4, 0x3, 0x80000, 0x7, 0xfffffffc, 0x197faf96, 0xb, 0x7, 0x7, 0xde, 0x7, 0xf, 0x40, 0x7, 0x8, 0x0, 0xe00000, 0x0, 0x470, 0x5, 0x81, 0x101, 0x3, 0x8001, 0x1, 0x0, 0x4, 0x3, 0xfff, 0x0, 0x8, 0x7fffffff, 0x800, 0x1, 0x2, 0x7, 0x5, 0x5, 0xdc8, 0x1, 0x6c, 0x6, 0x6, 0x9a, 0x9, 0x3, 0x9, 0x6, 0x7, 0x0, 0x0, 0x36, 0xacb, 0x100, 0x6, 0x2, 0x8d, 0x6, 0x5, 0x6, 0x7fffffff, 0xe, 0x8, 0x8, 0x2, 0x5, 0x6, 0x40, 0xa840, 0x10001, 0x40, 0xfff, 0x0, 0xea, 0x2, 0x8, 0x0, 0x2, 0x3, 0x3, 0x400, 0xfffffffd, 0xa4e, 0xfffff16e, 0x1000, 0x1, 0x81, 0x1000, 0x2, 0x9, 0x0, 0x1, 0x2, 0x7fffffff, 0x85, 0xfffffff8, 0x9, 0x7, 0x3, 0x7, 0x9, 0xe2ae, 0x5, 0x6, 0xff, 0x1, 0x6320, 0x80000001, 0x1, 0xb, 0x3, 0x8, 0xf3, 0xb, 0x0, 0xd, 0x6, 0x6, 0xcbbb, 0x6b, 0x4, 0x9, 0x1, 0x0, 0x5, 0xff, 0x800, 0xb, 0x1ff, 0x7, 0x2, 0x63, 0x5, 0xfffffff8, 0x4, 0x4, 0x1000, 0x0, 0xa, 0x100, 0xf, 0x6, 0x9, 0x1, 0xffffffff, 0x5, 0x4, 0x3, 0x1, 0x0, 0x8, 0x4, 0xfffffbff, 0x9, 0x57921413, 0x7ff, 0xd3, 0xcc2, 0x6, 0x3, 0xdb8f, 0x2, 0xa76, 0x9, 0x7, 0x800000, 0x3, 0x7, 0x1000, 0x8, 0x1ff, 0x2cc, 0x6f, 0x1, 0x6, 0xfffffeba, 0x6, 0x2, 0x7, 0x1000, 0x8000, 0x40, 0x7, 0x2, 0xa, 0x2, 0x3ff, 0x8, 0x3, 0x683e, 0x949, 0x1, 0xcb18, 0x7, 0x3452, 0x7, 0x5, 0x2, 0x1, 0x7, 0xfffffffd, 0x800, 0x2, 0x10000, 0x23, 0x6, 0x8, 0x4, 0xffffff81, 0x0, 0x2, 0xf695, 0x40, 0x7, 0x75cc, 0xcf07, 0x4, 0x7, 0xa00000, 0x7ff, 0x6, 0x400, 0x0, 0x6, 0x9, 0x9, 0x0, 0x8000, 0x9, 0x80, 0xa7, 0x6, 0x8, 0x3, 0x81, 0x81, 0xb2eb, 0xff, 0x2, 0xfffffffd, 0x1, 0x7, 0x8, 0xfffffff9, 0x45, 0x4, 0x9, 0xe, 0x3, 0x604a25e8, 0x7, 0x2, 0x6, 0x1e, 0x7, 0x51, 0x7cd7a5b, 0x8000, 0x3, 0x4, 0x3d0, 0xce, 0x4, 0x6, 0x6e8, 0x8, 0x4, 0x7fffffff, 0x8, 0x83d2, 0x200, 0x5, 0xfb45, 0x6, 0xb6, 0xffffffff, 0x7fffffff, 0x5, 0x4, 0x1, 0x7, 0xd, 0x0, 0x4, 0x3, 0x200, 0x0, 0x5, 0x0, 0x640d, 0xb568, 0x3, 0x8000, 0x9, 0x7, 0x1ff, 0x3, 0x3, 0xff, 0x7, 0x4, 0x3, 0x3, 0x100, 0xc130, 0xe024, 0x1, 0x5, 0x0, 0xe, 0x7f, 0x7, 0x9, 0xfffffad9, 0x80000004, 0x1, 0x80000000, 0x7, 0xa018, 0x0, 0x3, 0x80000000, 0x6, 0x0, 0x45, 0x3, 0x2, 0x4, 0x7, 0x5, 0xff, 0x81, 0x0, 0x8, 0x4, 0xffffffff, 0x7f, 0x80000000, 0x7fff, 0x8, 0x80000000, 0x6, 0x9, 0x3, 0x0, 0xfff, 0xae, 0xf6, 0x1, 0x2, 0x6, 0x119, 0x4248, 0x1, 0xd, 0xdda, 0x3, 0xaaf, 0x100, 0x5, 0x10, 0xc8c7, 0x2, 0xdc7, 0x8, 0x6, 0x69c, 0x5, 0x8, 0x33fb4947, 0x7fff, 0x7ff, 0x57f, 0xd0, 0x1, 0x61bb, 0x1, 0x8, 0x6, 0x3, 0x1, 0x7, 0x80000, 0x1a, 0x7, 0x2, 0x38a66d72, 0x81, 0x0, 0xd, 0xffff, 0x2, 0x8001, 0x0, 0x8, 0xfffffffa, 0x4, 0x10001, 0x2, 0x3, 0x8, 0xdbb, 0x8, 0x2, 0x8001, 0xfffffffb, 0x7fffffff, 0x1, 0x0, 0xfffffe00, 0x0, 0x9, 0x8, 0x4, 0x433, 0x7fff, 0xc, 0x8001, 0x2, 0x5, 0x1, 0x6, 0xa, 0x3, 0xfffffffe, 0x7ff, 0x8, 0x1, 0x6, 0x8, 0x7fffffff, 0x40, 0xfffffffa, 0x85d, 0x4, 0x6, 0x40, 0x20, 0x4, 0xa3, 0x6, 0x4, 0x1, 0x9, 0x7, 0x7, 0x1, 0x5c, 0x80000000, 0x9, 0x6, 0xde, 0x101, 0x6, 0x3, 0x3, 0xf51, 0x8, 0x2, 0x10, 0x8f4, 0x7, 0x82, 0x0, 0x5, 0x1, 0x1, 0x2, 0x10000, 0x15, 0xff, 0xf44, 0x5, 0x7, 0x5, 0xcc8, 0x7, 0x8, 0x7, 0x4, 0x6, 0x4, 0x0, 0x8001, 0xb08, 0x7f, 0x3ff, 0x3, 0x71, 0x8, 0x5, 0x3, 0x1947, 0xdc, 0x4, 0x6, 0x813f, 0xa, 0x9e33, 0x0, 0x8c87, 0x4, 0x40, 0x3, 0x8001, 0x0, 0x4, 0x8, 0x1, 0x0, 0x9, 0x9, 0x5ac2, 0x522, 0x1, 0x5, 0x6fb2, 0x7, 0x6, 0x200, 0x0, 0x1, 0x4, 0xc000, 0x3, 0x95, 0x2, 0x401, 0x0, 0x0, 0xfb, 0x7f, 0x3ff, 0x6, 0x7, 0x7, 0x488, 0x4, 0x60000000, 0xf, 0x6, 0xffff8000, 0xb, 0x9, 0x43, 0x7fff, 0x9, 0x4, 0x8, 0x1, 0x8, 0x40, 0x73f, 0x8, 0x9, 0x5, 0x36b5, 0xffffffff, 0x2, 0x7, 0x0, 0x5, 0x80, 0xd7e7, 0x2d14, 0xffffff81, 0x8001, 0x79, 0x800, 0x9, 0x2, 0x0, 0x8, 0x8, 0x2986, 0x9, 0x9e3, 0x4, 0x4, 0x61, 0x4, 0x80000000, 0x3, 0x1, 0x8, 0x7, 0x8, 0x3, 0x1400000, 0x1, 0xfffffff7, 0x7fff, 0x101, 0x0, 0x7, 0x99, 0x9, 0x7, 0x0, 0x2, 0xb896, 0x751, 0xefa3, 0x4, 0x7, 0xfffffffa, 0x7, 0x6, 0x9, 0x10, 0x0, 0x80000000, 0xcc, 0x5, 0x200, 0x3, 0x2, 0x2, 0xd31f, 0x2ae3, 0xfef, 0xdbb, 0x6, 0x7ff, 0xffff0000, 0xe, 0x0, 0x800, 0x101, 0x6, 0xffffff01, 0x6, 0x7, 0x800, 0x6, 0xa6b, 0x4d0e, 0xb, 0x3, 0x10001, 0x1, 0x0, 0x5, 0x800, 0xfffffffb, 0x9, 0x6, 0x29, 0x7, 0x9, 0x101, 0x2f, 0x4, 0x1, 0x9, 0x1, 0x8, 0x5, 0x1, 0x800, 0x6a5, 0x2, 0xfffffffe, 0x3, 0x2, 0x4db, 0x7, 0x6, 0x5, 0x9, 0x5e0ce1e1, 0x0, 0x2, 0x3, 0x6, 0x9, 0x63f, 0x7, 0xfffffffa, 0x8, 0x8, 0xb, 0x20000000, 0x6, 0xcff, 0x80000000, 0x1, 0x3, 0x1, 0x6, 0x8001, 0x9, 0x7, 0x0, 0x9, 0x660, 0x7fff, 0x10001, 0x8001, 0x1, 0x2, 0x7c, 0x5daa9f68, 0x3, 0x5, 0x4, 0x1, 0x200, 0x2a, 0xb4f, 0x964, 0x1, 0x8, 0x2, 0x8, 0x6, 0x455, 0x8001, 0x4, 0x1c, 0xb5, 0xa, 0x10001, 0xc04, 0x1000000, 0x7, 0xca, 0x8a, 0xb87, 0x6, 0xc92, 0x7, 0xb0d, 0xf0, 0x2a, 0x4d, 0x9, 0x7, 0x0, 0x1, 0xfffffff0, 0xf893, 0x180, 0x80, 0x2, 0x2, 0x5, 0x5, 0x3a, 0x10, 0x9, 0x8, 0x0, 0x10, 0x6, 0xfff, 0x3, 0x40, 0xffffffff, 0x81, 0x9, 0xe, 0x6c9f, 0x8001, 0x9, 0x6, 0xff, 0x1, 0x3, 0x0, 0x5, 0xab, 0x2, 0x7, 0x5, 0x0, 0x8, 0x33, 0x8000000, 0xfffffffc, 0x9, 0x8, 0x2, 0xc23, 0x5, 0x2, 0xfff, 0x6, 0x3, 0x1, 0x6, 0x430, 0x4, 0xd, 0x7, 0x2, 0x8, 0x5, 0x2, 0xa79, 0xb11, 0x7, 0x5, 0x5, 0x7fffffff, 0x7, 0x0, 0x6, 0xff, 0x3ff, 0x2, 0x400, 0x6, 0x40, 0x80, 0x1, 0x6, 0xfffffffb, 0x8d, 0x80, 0x6, 0x3, 0xb30, 0xf823, 0x54, 0x7, 0x7, 0x6, 0x8000, 0x4, 0xff, 0x1000, 0x7fffffff, 0x8, 0x6, 0x101, 0x4, 0x8, 0x2, 0x6, 0x492, 0x9, 0xd, 0x6, 0xb, 0x5c, 0xc2, 0x5, 0xfff, 0x1800000, 0x4, 0xc, 0xc, 0x9f9f, 0x9, 0x7, 0x8, 0x9, 0x7ff, 0xfc, 0x0, 0x4, 0x6e0, 0xfffffff7, 0xffff, 0x6, 0xf86, 0x2, 0x81, 0xfffffffa, 0x3, 0x8000, 0x8, 0xfffffffe, 0x28f05cd, 0x36dd, 0x8, 0x7, 0xa307, 0x8, 0x8, 0x573, 0x6, 0x3ff, 0x9, 0x7ff, 0xffff, 0x8, 0x5, 0x40, 0x3, 0x8001, 0x1ff, 0x0, 0x4, 0x7fffffff, 0x6, 0x8, 0x7, 0x401, 0x2, 0x9, 0x38, 0x6, 0x1000, 0x10001, 0x1000, 0x2, 0x4, 0xffff, 0x7fff, 0x0, 0x4, 0x0, 0xe, 0x4, 0x6, 0x7cda, 0x0, 0xc2b6, 0x7fffffff, 0x9, 0x75deeaad, 0xfffffffa], 0x4, 0x400, 0xfffffffc}) r9 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r9, 0x107, 0x14, 0x0, &(0x7f0000000180)) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@local}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000080)={&(0x7f0000000280)={{@host, 0x200120}, {@any, 0x2}, 0xfffffffffffffe96, "787cfba15d4e9f8e96bc11e2ca247a20c3e26661b174fe1825253be9e8480cb4f3524914f59ba189c1429727ef39b4164f93bb821987b3b7f73495bc8e745304668e0e46798c7f5917ea8428d41cab5612336f04000000000000008e9c1c86a394feb64fb06f77dadbcb20fc62741432b7dca37007d68e98fe46135d6a1c5ed42102908dc3ffa3aa7b61ec16d3d1209fc618f6c4532ea582628502ac46d167db6d53d8f3184df68414e6b6ec0109664c570e155654e03d58dadd0e5a7bab42bbb4a9afdefc115eb1609e7b50dbd94b94ba09000000000000001c9e4a41d3e16af21d6c897a1121bc14de16e78d6d7f2ae79db44e302539fd926e0b91e0fc589e2fa19b218d0508b5ce3ad40d03936693ca5aa41ddc07cf492874569ab037e0530e38245b98131ae0c9afd871df5f51331938764f5a7dd96890edd467b2fbc335ed081729b5ea722a98b34d0dac6de995de4ee263c81b2567b3f87e0897857edd5d7e97d61fc67076eab4846010d4828cc879f95cddb69ff6438f2a109285c46d8224c36069d30c3c9cf4a6800ae224111136bd9c1e06c4bfc4685d7bb6a72345772b3ce9bf105490743dc4b700f24ce6b250b95e6c383fe44967a55d140baf0ec339e3815b29a2246cb5c953048c43266485bbd9d0caecf00e9501a4433b54930cba54e06607ada2f5d818e4804294fcf53058e58e0d33d4aa6dc943811056908fe9116e65cdddac1d2fb24d1eacee389af38b7e5a7056d0de50c6b49fb38388cf28c2d6dd3dbbab84ffbef4b0c02a77f018e8a9749a557909e6aa96185d268dad7744b094d8c6134b8defe26674d65f908f9c3a8c201f661fc26efe0eff248d3a473fe32a5b3643bfad8f186c2af3fbaa1d38560c1244c79a0e48893eefb792af281650f34f6c2d9a6c622aba234b63586713cb66179a0897d98ee5228569c32c1a682807c8db7eb197ccbbd6549db86a6a9aebbf5dc14060f22e2b07d6166f43c25ae0c88be7a4dc38e7ed08972a355b0e5d6fc43b8e5594fa6b36a36a44bb94b75eaff11dc17105f54beda54da2a1ea1acfab354745057dd2e7725f148450b19fdf37e19f6ce43449e9191f5a5beb4a1bc176f6130052e83acefd8ff18d592bb75f15f86c9113e4bd67ad420c33ae706cdc10060277b83ef30a50d4ac19c9a791b309377aa20a4743bbb799abc3ba58071b628c9ba8103bbfe389939e55296ec9b4f8d3a03aff30ce9aa0dd6e5158a672be8f3da8349ed4ad82f6ca67ee29e8b234840cf7846e604e5b8135abd94d71fe0a79180e75d4e193ea8df466c087b660fe984943751a9f6df8545699701d478c2b3daa949155770e74835bcd972de27afd20b02ce0e504c15b0237437200"}, 0x418, 0xfffffffd}) 3.511071365s ago: executing program 1 (id=1181): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$dri(&(0x7f0000000000), 0x400, 0x280) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0500000000cd9e6b252841a450cf94ebaa69", @ANYRES32=r3, @ANYBLOB="14002c80080000006fe50000080000006fe50000"], 0x30}}, 0x0) 3.482281234s ago: executing program 34 (id=1181): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$dri(&(0x7f0000000000), 0x400, 0x280) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0500000000cd9e6b252841a450cf94ebaa69", @ANYRES32=r3, @ANYBLOB="14002c80080000006fe50000080000006fe50000"], 0x30}}, 0x0) 3.306426469s ago: executing program 3 (id=1185): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@metacopy_on}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000100)='./file1\x00', &(0x7f0000000180)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) 3.220971112s ago: executing program 3 (id=1187): mkdir(&(0x7f00000020c0)='./file0\x00', 0x46) r0 = fsopen(&(0x7f00000002c0)='iso9660\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='huge=']) 3.130872463s ago: executing program 3 (id=1188): syz_io_uring_setup(0x550a, &(0x7f0000000500)={0x0, 0x30c7, 0x400}, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@newtaction={0x84, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x70, 0x1, [@m_tunnel_key={0x6c, 0x1, 0x0, 0x0, {{0xf}, {0x3c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast1}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast1}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @empty}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x84}}, 0x0) r1 = syz_usb_connect(0x3, 0x2d, &(0x7f0000000240)=ANY=[], 0x0) syz_usb_control_io(r1, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000640)="f3420f38f66fab66a966410f3880694646b8663e0000000000000f23c00f21f83502000900660fc7370f0666b833010f00d8400f08673e44d014c0660f64c5b9730300007ff87d0000ba0000001b000f30c744240204000000ff1c24571aeb", 0x5f}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000200)={0x10201, 0x1, 0x4, 0x1000, &(0x7f0000466000/0x1000)=nil}) r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r4, &(0x7f0000000000)=""/73, 0x49) r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup(r5, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) r7 = dup(r6) r8 = openat$cgroup_ro(r7, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000002c0)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x9, 0x2, 0x9}) r11 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x80) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r11, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r11, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000180)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f0000000340)={r12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r11, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000040), 0x2, r13, 0xcccccccc}) ioctl$DRM_IOCTL_MODE_ATOMIC(r11, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000440)=[r13], &(0x7f0000000040), &(0x7f0000000600)=[r14], &(0x7f0000000200)}) ioctl$DRM_IOCTL_MODE_ATOMIC(r7, 0xc03864bc, &(0x7f0000000600)={0x80, 0x1, &(0x7f0000000300)=[r10], &(0x7f0000000340)=[0xfffffffe, 0x3, 0x76, 0x1a50, 0x0, 0x4, 0x0, 0x5], &(0x7f0000000380)=[r14], &(0x7f0000000400)=[0xd9], 0x0, 0x5}) syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x0, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0200"/14, @ANYRES8=r8, @ANYRESHEX=r9, @ANYBLOB="5cdbf217ec", @ANYRESOCT=0x0, @ANYRESOCT], 0x50) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000080000000000000000000005a6115725e83bcfdfd85cada0e8578184b3eb0e51f146f7cabc988c2e466555e2efc6d2eee07567ade736001503e0bdc9f0ecc0c2b88ba924097e2e47282fc32a206a3cc23ca2db80267df927737e66a9825be616bf3f914d490a5c09f2977efbdadd4621559cd795b4e6a1c72dd2c3fe958983f19da57ab24b8022e764d929952", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) 2.100711826s ago: executing program 5 (id=1196): r0 = socket$vsock_stream(0x28, 0x1, 0x0) recvmsg(r0, &(0x7f00000001c0)={&(0x7f0000000000)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/118, 0x76}], 0x1, &(0x7f0000000180)=""/42, 0x2a}, 0x20) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000080)=r2) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe) connect$vsock_stream(r0, &(0x7f0000000640), 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711208000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) shutdown(r0, 0x1) 2.010817283s ago: executing program 5 (id=1198): r0 = socket$kcm(0x10, 0x2, 0x4) r1 = add_key$user(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe) r2 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e302420e7fc5315861803024f921932a49a4283f6a7d8ab2cbd629e984582467fd6ca63598d554677517903644dc2ef01f8dec", 0xc0, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f0000000040)={r1, r2, r1}, &(0x7f0000000600)=""/100, 0x64, &(0x7f0000000180)={&(0x7f0000000400)={'xxhash64-generic\x00'}, &(0x7f00000005c0)="0900a9351a47", 0x6}) sendmsg$inet(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="5c00000014006b04000000d86e6c1d000a847ea6ea6567e75110623400cdd46b44dacff32c6e020075e300250002000f000000172f71d34460bc24eab5560000000ebab8bebf9367140051f60a64c9f4d4778037e786a6d0bdd70000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0xe70, 0x30, 0x25, 0x0, 0x0, {}, [{0xe5c, 0x1, [@m_pedit={0xe58, 0x1, 0x0, 0x0, {{0xa}, {0xe2c, 0x2, 0x0, 0x1, [@TCA_PEDIT_KEYS_EX={0x8, 0x5, 0x0, 0x1, [{0x4}]}, @TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {}, {}, {}, {}, {}, {0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x10}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x5ad8d0b5}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x0, 0x0, 0x20000000}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x8}, {0x0, 0x2}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {0x2, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe70}}, 0x0) r4 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0) ioctl$CEC_S_MODE(r4, 0x40046109, &(0x7f00000000c0)=0x32) ioctl$CEC_S_MODE(r4, 0x40046109, &(0x7f0000000000)=0x31) keyctl$instantiate_iov(0x14, r1, &(0x7f00000001c0)=[{&(0x7f00000002c0)="9fe6cf97b045f3df4012610bff41ff474b8f82f9b7b5ad042644da88c47692054610b3347de86320a25bcea412eb5a854e85434801579d31ffd5837760a296e8c70e69736ce86020c0d1215ca0d3c8eef3aa94f75b3e66ae59e4910a92bcc67ba63eff84f3f7aabcde78fd82912e9f2dad9c285b28272e1b3f3ea87446b70cbd06a6bfc304e1d4a7e87cc6dd03af79d597218a228ef397ec92f375ec854e1ee34f255433909811889ec06f368746f472d378c1b8170b386e2a7576ff7bc59c0cfb108b2876e285f4900db433a48571af5300eeebae48", 0xd6}, {&(0x7f00000000c0)="5ee7b70b3c47ca5d1db3e87d38527151286d801bba43db48dd2b87de060de0a153c5f1cc7f38ecd919dd02125d8c1edec71633e64fd8dc7c0eb30443945968c5e6785bc2ffcef28c920ff50d3b20ec2271f3b0786b6e45cebf12c017da6b669db393a654d179ee266b14c354d6a011f5eef63b54893a", 0x76}, {&(0x7f0000000140)="4cf0a950b0410b6d042f2ee2c8739bae0f1886e879e7638bddbe39048f796235a409", 0x22}], 0x3, r2) 849.285645ms ago: executing program 5 (id=1204): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080), 0x1000, &(0x7f0000000140)={[{@verity_off}, {@uuid_off}, {@uuid_null}, {@metacopy_on}]}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f0000000340)={0x2020}, 0xcb0a) 760.697261ms ago: executing program 5 (id=1205): syz_emit_ethernet(0x52, &(0x7f0000000000)={@local, @random, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0xd}, {[@lsrr={0x83, 0x7, 0xd7, [@multicast2]}, @timestamp={0x44, 0xc, 0x5, 0x3, 0x0, [0x7, 0x0]}, @cipso={0x86, 0x6}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r1, 0xfd) syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x14, 0x6, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newnexthop={0x2c, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080) 630.877346ms ago: executing program 4 (id=1207): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='kfree\x00', r0}, 0x18) epoll_create1(0x80000) r1 = socket(0x1e, 0x4, 0x0) ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f0000000000)=0x3) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10) r2 = socket(0x1e, 0x4, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f00000003c0)={0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r4, 0x201, 0x70bd26, 0xfffffffe, {{}, {}, {0xffffffffffffffdd, 0x11, 0x4}}}, 0x24}}, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) close(r2) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='kfree\x00', r0}, 0x18) (async) epoll_create1(0x80000) (async) socket(0x1e, 0x4, 0x0) (async) ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f0000000000)=0x3) (async) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10) (async) socket(0x1e, 0x4, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f00000003c0)={0x0, 0x4, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r4, 0x201, 0x70bd26, 0xfffffffe, {{}, {}, {0xffffffffffffffdd, 0x11, 0x4}}}, 0x24}}, 0x0) (async) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) (async) close(r2) (async) 628.599044ms ago: executing program 5 (id=1208): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="e5eb9615b4427b30f7764be21543851b326b7a04a67d8737208aa4d781b135524ef8beb0d47f0dd12f952b5adc77aa1f5f6a6d2457c5c52e816e1520ff8ecd0e65dab4edae95962708eae4f5121d4ae361b936ad43640288f93e8e778221c60a2955a6786ddf342f302eaf9bc159ed8bfd1102fcddb2070aa556c22ca074c858b6c8e8032ffce66e62591e3e681f5fff41563c4ccc0209b5998593d3f43bf7709602d8e0f9ee533d7e93c3dba002962bf8eec3aa78f1d64adf4732d00faff24cb78b9439f1ff5b8eb35864e011f5d01e41e65412b7cf67b5e67864ed167c442cc4b001193cdfeb3a8d26464145e602ff6072624277ae994d3acecbe715f176e8fb35a7f46d7f79f41dd19471c6e9cb1e72dc20e327a6e32bca1db43ae5b2e83596e94401672e5855efa8053ecf7c8ab3f05f86ea5179", @ANYBLOB="050000000000b64bfb004894e86308000300", @ANYRES32=r2, @ANYBLOB="0800050008000000"], 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000940)=ANY=[@ANYBLOB="44010000", @ANYRES16=r1, @ANYBLOB="02000000006c4f00000000002e0000000800", @ANYRES32=r5, @ANYBLOB="200151805c000080040006000400050009000100b7da5bfd0c0000000400060009000100d8039240270000000400040005000200040000000c000880040001000400010005000200030000001200040056f37457e6219e76d928ec84b0b80000940000800400060011000100087db341678690e54763093ef2000000110004003abb28ca719bc35fc9b0bf12490000002800088004000200040001000400020004000100040001000400020004000200040001000400020009000100cfdf82cc970000000500090001000000110004004d485b8d2d58a0a820b8a1178600000011000100d876bd5ef309f14885cc7b210a0000002c0000800800030005ac0f0005000200000000000800030005ac0f0004000500040005000400060004000500050019010c000000"], 0x144}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$NL80211_CMD_SET_KEY(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000227bd7000fedbdf250a0000000c009900020000007300000008006e80040001000800090001ac0f000800090005ac0f0011000700186dc40a0a3530d073bfb156c90000000800090001ac0f000800370001fdff00110007008a5640dfac5e9bb652d8216cfc000000"], 0x70}, 0x1, 0x0, 0x0, 0x40}, 0x8010) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0) r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000500), 0x101002, 0x0) mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r6, 0x80000000) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58) r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1a0682) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00', 0x8}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r6, 0x40bc5311, &(0x7f00000001c0)={0x80, 0x2, 'client1\x00', 0x80000004, "d62e980da99179ce", "20e4fffbf0003336f794d20352346f26a19d924cfc00"}) write$sndseq(r8, &(0x7f00000000c0)=[{0x5, 0x0, 0x0, 0x0, @time={0x0, 0x7ff}, {0x7f}, {0x86, 0x1}, @raw8={"2aae01006b3489dacf62e94e"}}], 0x1c) r9 = accept$alg(r7, 0x0, 0x0) setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0) recvmmsg(r9, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}, 0x200007}], 0x1, 0x100, 0x0) r10 = socket(0x10, 0x803, 0x0) r11 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x7c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r12, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x5, 0xd, 0x3, 0x4, 0x13, 0x2, 0x6, 0x7ffffffa, [{0x5, 0x500, 0x3, 0x6}, {0x8000, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0x8a9, 0x1}]}}, @TCA_U32_LINK={0x8, 0x3, 0x80000000}]}}]}, 0x7c}}, 0x24040084) r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0x6}, 0x1c) write$binfmt_script(r13, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r13, 0x0) 510.460597ms ago: executing program 4 (id=1209): socket(0xa, 0x3, 0x3a) (async) r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @private0, 0x809}, {0xa, 0x8, 0xfffffffc, @empty}, 0x0, {[0x0, 0x1, 0xfffffffe, 0x0, 0xffffffff]}}, 0x5c) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000005f40)={0x0, 0x0, &(0x7f0000005f00)={&(0x7f00000001c0)=@deltaction={0x138, 0x31, 0x4, 0x70bd29, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x100a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}]}, @TCA_ACT_TAB={0x54, 0x1, [{0xc, 0xd, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x26}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}, @TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2b}}]}, @TCA_ACT_TAB={0x40, 0x1, [{0xc, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0x14, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}]}, @TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x64}}]}, @TCA_ACT_TAB={0x30, 0x1, [{0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x10, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x44}, 0x0) 430.589444ms ago: executing program 4 (id=1210): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000180), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x40, &(0x7f0000000440)=ANY=[@ANYBLOB="78224fc427ed619f319b73733d616e792c63616368653d66736361636865"]) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x4000) write$vhost_msg_v2(r0, &(0x7f0000000580)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48) migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000080)=0x272) ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r0, 0x8002f515, &(0x7f0000000040)) 260.496344ms ago: executing program 4 (id=1211): mlockall(0x6) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0xe, &(0x7f0000000940)=ANY=[@ANYBLOB="b702000010008000bfa3000000000000070300000dfeffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e64030000000000360404000100edff1604000001000a00b7040000000100007b0af2fe00000000850000000c00000079a0f2fe0000000095000000000000009e17890efeee5e2b7ff8a8cdc218e784909b849d5550ad855dab54d8877a6db61d69f2ffcaa17f82e11cb97c8adf1b831f422543e78461e57b2798779207c9a0c4eeff9674c7fcffffff971e43405d621ffbc9a4fd39b0b56bfe6508ebb3c4631f6dde53b9a53608c10556e5c1e2b8fee684b251e2d107ba7947212e577540497661826c36c5c1df1451ce5413a12e2d9f8004e26b7fcc059c065012828d872b36388b595f6dba87b8031106fb0289ce67a66afd9ac3d09e29a9d542ca9d85b5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee41f5b2e7b91c61ced1eb57ad000000000000e8122a79c3e40000b59b0fc4917de6b0316dec3c080a802a000001000000000031b6a076555125aaffffa7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137e2524847d337ac976376d5074ce1d2638da3261c8362bb7c785d9b7c45218b100ee122040e11e3bdcb9d287ec31cd985841fe91212ee4a38af074c7e2ce006000000dc7777bfae5884e4ba1e9cc44846153ba0dec51a8e4abf07df093101c2c3bc4a59f22e46295a2d89a355bb9bba44f83fed3b2f96520100000040f1a8cde1fc1a1ef36c66880c8351cb06187641ed2f02835a8545a2374c09000000000000003c4e7b6d1a323c41a5d740b95d9317ff00000000000000f9db4a9a840000000033fbf7e9fa4f27245ca051d61c32bc3189af4ead1fca58746120fa0da48604000000000000003a6d824a7649c31576b3b69bd13f5a14c19790e24baf047fe3be299318f86ebb3094756894b2d1a4ff2fb76fed59c97ac9314408399485e659765d8e0000002000000000818d125c58a22151fabaaa7dc9eb40707927d240c6d29508fea81204e41040000000583ef12318bf8b2661f0df85a488f4068d95b59ec07e5aa144dbae3df0000000000000000035d764ee74ee870807942cbd6a28384f6ba7c5fccca601000000e4e9fd18460296d89cc847973955daae01bd99ea1862fdb38410145ade0cf000000055a5efc9ff92e6eb37c3922c8aa02b2dcb4c977a61d989cf088e5c45009d27e1744d9cf4dd50bef1609c13975833c038aee18ed0dcbe865d25e23c0864e50c5a2ed4cc3748672b7cd25067340a37475e0879fe9b3886dd054b43e7c485b2a43c3707d4c686bc5dea5b743d9e4b25adfb068e75b54c09481c8393e94053d99d0f7d67f7ed49b1c744d9f5b19c257136e6b2110000b5480a31359185c89956c2237e4c59d09b5aaab87f0e82802468398ffaac2fa66bb9afae6d449342aa30e443023f0554a756218077d418cf148af56491f0fa5b48582f1b13461fdf9fb9367f44d93d6ece0abe3e84b3279ab1a3f27d4afac67cf28594dd8ef5104c498a7bc63e2f6d3779c70d81c040b88451770eb988e9477d2de85be3555fe48e99d0880acd1c636dd3abff16db16594581d94dad70cc94c689707106000801a5cfad936253d110ca2aa3f13840b34ff956ee55602cad9bb209000000f32edea7a51515c035e55b31c91aeea878a8d51b4ce7bf9023b867ba3f450799f4dbfedad72c7dae607f9075877bd0db50fae9d0e0706c41ca92e71d81e06eaff63dab33c3cb3a8c28a6c2400f04412adeb9416ae3c8cfc8a7f6373247d903d8953de2a3cf07011db94b68af6176d0840a34a9aa493cfed41efc8377e294794771c4278caf7ad1c6c80fef4ae62a62499f9e301a085d14dc7049ddc965f0dabc5b29e972bb585758ac8867bb52cda4f2a73e44ef648d1c74f6ab97e646256a67e237664fa4942a0f1479c31bbeae1d7490d617b926a33d81143d4fe996c41ae118aef7140c3a241949f2b2d30db9f050808678ef13e7dcb87f01e1bcb1ab544057e93fb0a73bfa69e86ae2ef8cd23aaed097b2bd36da4cf9513975bc201647f350159abecb3582e091df2007e00b58936133fd9e349c956f69281b741279ab771af6892cbd61c1da6f2f5def751508591aab50e99753bc7195b234a0c5ebda488a636d42896010a9f8b7dc6c56bf82f5f9ca455f12"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) mlockall(0x6) 260.055332ms ago: executing program 5 (id=1212): r0 = socket$pppl2tp(0x18, 0x1, 0x1) sendfile(r0, r0, &(0x7f0000000100)=0x8, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x13e) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r1 = syz_io_uring_setup(0x7dca, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000007c0)={0x0, 0xd2bb, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000780)=0x0, &(0x7f0000000080)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_FADVISE={0x18, 0x40, 0x0, @fd_index=0x2, 0xcab, 0x0, 0x1000, 0x1}) io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r4, 0x0) setpgid(0x0, r4) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x68101, 0x40) mount$9p_fd(0x0, &(0x7f0000000280)='./file1\x00', 0x0, 0x10000, 0x0) ioctl$SIOCSIFMTU(r0, 0x8923, &(0x7f0000000040)={'wlan1\x00', 0xffffeb60}) 90.164345ms ago: executing program 4 (id=1213): setresgid(0x0, 0x0, 0xee00) r0 = socket$nl_route(0x10, 0x3, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x4000}, @TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x3}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) 89.154023ms ago: executing program 3 (id=1214): r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) getsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, 0x0) r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000240)={r3, 0x70, "301083007424e92f3b8937eef4640d0de114fd88bcbbb591260e33ebb5c36805d88e4f3a1f9e936c340b5bf99de25d68a836f534e0c557210789da19a05147bb80957d684af1f326556a6ca6939e1d63bcefd0dee7c848b0edcd1465731f6bc1b1bf265c652c9488bb5548f505028962"}, &(0x7f0000000080)=0x78) socket$key(0xf, 0x3, 0x2) socket$key(0xf, 0x3, 0x2) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="04230d00c800010209"], 0x10) capset(0x0, 0x0) setpriority(0x1, 0x0, 0x5) openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x80000, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$inet_udplite(0x2, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) epoll_create1(0x0) r4 = socket$inet(0x2, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x33, &(0x7f00000a2000)={0x0, &(0x7f0000000200)}, 0x10) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) syz_open_dev$dri(&(0x7f0000000040), 0xd22, 0x1a1802) capset(0x0, &(0x7f0000000100)={0x200000, 0x4, 0x4, 0x0, 0x6b20, 0x8}) write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x606c) 0s ago: executing program 4 (id=1215): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, 0x0, 0x0) (async) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000010c0)=@security={'security\x00', 0x64, 0x4, 0x558, 0x100000c, 0x0, 0xc8, 0xc8, 0xffffffff, 0xffffffff, 0x4c0, 0x4c0, 0x4c0, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @rand_addr, 0x0, 0x0, 'veth0_vlan\x00', 'syzkaller1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xa0, 0x100, 0x0, {}, [@common=@unspec=@cluster={{0x30}, {0x0, 0x7}}]}, @common=@SET={0x60}}, {{@ip={@empty, @private, 0x0, 0x0, 'wg2\x00', 'veth0\x00'}, 0x0, 0x2d0, 0x2f8, 0x0, {}, [@common=@unspec=@bpf0={{0x230}}, @common=@ah={{0x30}}]}, @common=@inet=@TCPMSS={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x5b8) (async) syz_clone(0x22024800, &(0x7f0000000300)="a590342e0f9e927d12d1459ed76aa41a65cc1449c3e175ed8bb2c2786e0af02046247bfe032c20c5c6d6fc37684a5e55edc96faaa4ad24526a37304d5addae3f6fec352374ebafcff2595439c5eecba04f71837784f115d816d3fc19b0208d510ac187638be87ef2014397d58aa48e3b90f056ac3913813d10dd92d44ec34a483350b375e72ce237ab32c2d8d4d2495b1ae94b4804b7df52b78604a0ce87e18b83505e9d262c463576c5511b95b45bcc5a607e931b355c0a38460307704dba82ef094572461b0a463d2186415dfe6855c9c3aa4bdf5040df0cff02fa0935c3741db11409cd321b64988a2773fc54a0c9d3913e5fb36023042927b370b8b433e617d4923f64574f5eebf2e338c7406d81e03dd9b4fb", 0x115, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="cd2e4f1abb7431f2504fcbdea1443297a1eda39dd3410ebd0253f82c3c26a03b267b6b05e7d2a8f29a2d5c9f09d5b8c26156675546c77bce660256a45cb2d0ecf3b355d8a1dd09f3eed79c0266183922191380a6d678783d6e2f81d9407e9dd2b4a409d8efd26afc45886181723b98be84dbeb3cf3d80e6abd5cfd6b1158d3e931d9b66e5e3e980200000000000021a3c07b59290cbc31aae4840e4e500dec261e942405c124868196f57529dcdfb953045e801ef6a7ace357777d8229256180a660d66c") (async, rerun: 32) r2 = getpid() (async, rerun: 32) r3 = inotify_init1(0x800) inotify_add_watch(r3, &(0x7f0000000000)='./file0\x00', 0x4000001) (async) r4 = syz_pidfd_open(r2, 0x0) setns(r4, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20) (async) fsync(r0) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/uevent_seqnum', 0x0, 0x0) read$FUSE(r5, &(0x7f0000007040)={0x2020}, 0x2020) r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) (rerun: 32) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) (async) write$tun(0xffffffffffffffff, 0x0, 0x0) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) (rerun: 64) sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000003000000400001802c00040014000100020000007f00000100000000000000001400020002000000e000000200000000000000000d0001003564703a73797a2200000000"], 0x54}}, 0x0) (async) sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x5c, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r7) socket$packet(0x11, 0x2, 0x300) (async) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) (async) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r10, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_SOCK={0x0, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL, @TIPC_NLA_SOCK_REF={0x0, 0x2, 0x4}, @TIPC_NLA_SOCK_HAS_PUBL, @TIPC_NLA_SOCK_ADDR={0x0, 0x1, 0x9}, @TIPC_NLA_SOCK_ADDR={0x0, 0x1, 0x5}]}]}, 0xb2}}, 0x0) kernel console output (not intermixed with test programs): : Unknown parameter 'mpoÓÏ’Ó'ùpÔ"' [ 124.412116][ T9163] netlink: 164 bytes leftover after parsing attributes in process `syz.1.987'. [ 124.415854][ T9163] netlink: 164 bytes leftover after parsing attributes in process `syz.1.987'. [ 124.418673][ T9163] netlink: 60 bytes leftover after parsing attributes in process `syz.1.987'. [ 124.522614][ T9160] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 124.524673][ T9160] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 124.527469][ T9160] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 124.529695][ T9160] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 124.531809][ T9160] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.537810][ T9168] ntfs3(sr0): Primary boot signature is not NTFS. [ 124.540267][ T9168] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 124.553922][ T9160] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 124.758926][ T9175] overlayfs: missing 'lowerdir' [ 124.917122][ T9193] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.996'. [ 125.014624][ T9194] IPVS: set_ctl: invalid protocol: 136 172.20.20.187:0 [ 125.017331][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 125.017738][ T2299] IPVS: starting estimator thread 0... [ 125.031477][ T9196] bridge1: entered allmulticast mode [ 125.048054][ T9199] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.1000'. [ 125.112102][ T9197] IPVS: using max 42 ests per chain, 100800 per kthread [ 125.156999][ T9201] netlink: 'syz.0.1001': attribute type 39 has an invalid length. [ 125.318324][ T9210] team0: entered allmulticast mode [ 125.319951][ T9210] team_slave_0: entered allmulticast mode [ 125.321822][ T9210] team_slave_1: entered allmulticast mode [ 125.472368][ T9221] overlayfs: missing 'lowerdir' [ 125.670136][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 125.786720][ T9231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1010'. [ 125.917551][ T9239] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1012'. [ 125.933912][ T5296] Bluetooth: hci3: unexpected event for opcode 0x080b [ 125.937668][ T9235] kvm: user requested TSC rate below hardware speed [ 126.204591][ T9248] overlayfs: missing 'workdir' [ 126.428234][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 126.553495][ T9254] binder: 9252:9254 ioctl c018620c 2000000000c0 returned -22 [ 126.605224][ T5296] Bluetooth: hci2: command 0x0c1a tx timeout [ 126.612221][ T5296] Bluetooth: hci1: command 0x0c1a tx timeout [ 126.614154][ T5296] Bluetooth: hci0: command 0x0c1a tx timeout [ 126.958132][ T9269] sp0: Synchronizing with TNC [ 126.961897][ T9269] sp0: Found TNC [ 127.023820][ T9273] xt_CT: You must specify a L4 protocol and not use inversions on it [ 127.024624][ T9276] tmpfs: Bad value for 'mpol' [ 127.184411][ T9282] overlay: ./bus is not a directory [ 127.279799][ T9282] netfs: Couldn't get user pages (rc=-14) [ 127.307699][ T9286] tipc: Cannot configure node identity twice [ 127.362136][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 127.673994][ T40] kauditd_printk_skb: 734 callbacks suppressed [ 127.674044][ T40] audit: type=1400 audit(127.590:11894): avc: denied { read write } for pid=5933 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.683238][ T40] audit: type=1400 audit(127.590:11895): avc: denied { read write open } for pid=5933 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.693461][ T40] audit: type=1400 audit(127.590:11896): avc: denied { ioctl } for pid=5933 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.709883][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 127.727562][ T9303] overlayfs: missing 'workdir' [ 127.727601][ T40] audit: type=1400 audit(127.640:11897): avc: denied { mounton } for pid=9302 comm="syz.3.1030" path="/277/bus" dev="tmpfs" ino=1530 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 127.747526][ T40] audit: type=1400 audit(127.660:11898): avc: denied { read write } for pid=5937 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.761266][ T40] audit: type=1400 audit(127.660:11899): avc: denied { read write open } for pid=5937 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.774738][ T40] audit: type=1400 audit(127.660:11900): avc: denied { ioctl } for pid=5937 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.793615][ T40] audit: type=1400 audit(127.700:11901): avc: denied { read write } for pid=5933 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.800838][ T40] audit: type=1400 audit(127.700:11902): avc: denied { read write open } for pid=5933 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.822372][ T40] audit: type=1400 audit(127.730:11903): avc: denied { ioctl } for pid=5933 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 127.889742][ T9308] __nla_validate_parse: 2 callbacks suppressed [ 127.889753][ T9308] netlink: 14601 bytes leftover after parsing attributes in process `syz.3.1037'. [ 127.954239][ T9311] 9pnet_fd: Insufficient options for proto=fd [ 127.956711][ T9310] netlink: 124 bytes leftover after parsing attributes in process `syz.3.1037'. [ 127.959968][ T9310] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1037'. [ 128.015964][ T9013] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 128.019156][ T9013] CPU: 3 UID: 0 PID: 9013 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 128.019171][ T9013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 128.019178][ T9013] Call Trace: [ 128.019182][ T9013] [ 128.019186][ T9013] dump_stack_lvl+0x16c/0x1f0 [ 128.019207][ T9013] dump_header+0x101/0x930 [ 128.019224][ T9013] oom_kill_process+0x270/0xa60 [ 128.019241][ T9013] out_of_memory+0x350/0x1700 [ 128.019259][ T9013] ? __pfx_out_of_memory+0x10/0x10 [ 128.019277][ T9013] mem_cgroup_out_of_memory+0x118/0x130 [ 128.019290][ T9013] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 128.019305][ T9013] ? do_raw_spin_unlock+0x172/0x230 [ 128.019320][ T9013] try_charge_memcg+0x72b/0xd50 [ 128.019338][ T9013] ? __pfx_try_charge_memcg+0x10/0x10 [ 128.019354][ T9013] ? find_held_lock+0x1/0x80 [ 128.019367][ T9013] ? rcu_read_unlock+0x17/0x60 [ 128.019388][ T9013] charge_memcg+0x8a/0x230 [ 128.019403][ T9013] __mem_cgroup_charge+0x2b/0x1e0 [ 128.019422][ T9013] shmem_alloc_and_add_folio+0x514/0xc20 [ 128.019440][ T9013] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 128.019455][ T9013] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 128.019471][ T9013] shmem_get_folio_gfp+0x67f/0x1600 [ 128.019488][ T9013] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 128.019502][ T9013] ? __pte_offset_map_lock+0x174/0x310 [ 128.019521][ T9013] shmem_write_begin+0x160/0x300 [ 128.019535][ T9013] ? find_held_lock+0x2b/0x80 [ 128.019548][ T9013] ? __pfx_shmem_write_begin+0x10/0x10 [ 128.019562][ T9013] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 128.019573][ T9013] ? __pfx_timestamp_truncate+0x10/0x10 [ 128.019591][ T9013] generic_perform_write+0x3d0/0x930 [ 128.019610][ T9013] ? __pfx_generic_perform_write+0x10/0x10 [ 128.019624][ T9013] ? inode_needs_update_time.part.0+0x191/0x270 [ 128.019645][ T9013] shmem_file_write_iter+0x10e/0x140 [ 128.019661][ T9013] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 128.019677][ T9013] __kernel_write_iter+0x31a/0xa90 [ 128.019692][ T9013] ? __pfx___kernel_write_iter+0x10/0x10 [ 128.019706][ T9013] ? cgroup_freezing+0x14b/0x3d0 [ 128.019720][ T9013] ? cgroup_freezing+0x155/0x3d0 [ 128.019734][ T9013] dump_user_range+0x41f/0xb60 [ 128.019751][ T9013] ? __pfx_dump_user_range+0x10/0x10 [ 128.019765][ T9013] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 128.019785][ T9013] ? __pfx_writenote+0x10/0x10 [ 128.019808][ T9013] elf_core_dump+0x288a/0x3a90 [ 128.019830][ T9013] ? __pfx_elf_core_dump+0x10/0x10 [ 128.019843][ T9013] ? kasan_save_stack+0x42/0x60 [ 128.019857][ T9013] ? kasan_save_stack+0x33/0x60 [ 128.019869][ T9013] ? kasan_save_track+0x14/0x30 [ 128.019881][ T9013] ? __kasan_kmalloc+0xaa/0xb0 [ 128.019894][ T9013] ? do_coredump+0x1c9a/0x4f10 [ 128.019905][ T9013] ? get_signal+0x22e3/0x26d0 [ 128.019918][ T9013] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 128.019933][ T9013] ? 0xffffffffff600000 [ 128.019965][ T9013] ? do_coredump+0x399f/0x4f10 [ 128.019977][ T9013] do_coredump+0x399f/0x4f10 [ 128.019995][ T9013] ? __pfx_do_coredump+0x10/0x10 [ 128.020008][ T9013] ? find_held_lock+0x2b/0x80 [ 128.020021][ T9013] ? is_bpf_text_address+0x8a/0x1a0 [ 128.020036][ T9013] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 128.020052][ T9013] ? is_bpf_text_address+0x94/0x1a0 [ 128.020065][ T9013] ? kernel_text_address+0x8d/0x100 [ 128.020076][ T9013] ? __kernel_text_address+0xd/0x40 [ 128.020087][ T9013] ? unwind_get_return_address+0x59/0xa0 [ 128.020128][ T9013] ? stack_depot_save_flags+0x28/0xa40 [ 128.020145][ T9013] ? __lock_acquire+0xb8a/0x1c90 [ 128.020163][ T9013] ? kasan_save_stack+0x42/0x60 [ 128.020175][ T9013] ? kasan_save_stack+0x33/0x60 [ 128.020188][ T9013] ? kasan_save_track+0x14/0x30 [ 128.020200][ T9013] ? kasan_save_free_info+0x3b/0x60 [ 128.020211][ T9013] ? __kasan_slab_free+0x51/0x70 [ 128.020224][ T9013] ? kmem_cache_free+0x2d1/0x4d0 [ 128.020236][ T9013] ? __sigqueue_free+0xba/0x2a0 [ 128.020250][ T9013] ? get_signal+0xcba/0x26d0 [ 128.020262][ T9013] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 128.020293][ T9013] ? proc_coredump_connector+0x2d1/0x4f0 [ 128.020307][ T9013] ? __pfx_proc_coredump_connector+0x10/0x10 [ 128.020322][ T9013] ? rcu_is_watching+0x12/0xc0 [ 128.020338][ T9013] get_signal+0x22e3/0x26d0 [ 128.020354][ T9013] ? force_sig_fault+0xc4/0x100 [ 128.020368][ T9013] ? __pfx_get_signal+0x10/0x10 [ 128.020385][ T9013] arch_do_signal_or_restart+0x8f/0x7d0 [ 128.020396][ T9013] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 128.020410][ T9013] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 128.020430][ T9013] irqentry_exit_to_user_mode+0x12a/0x270 [ 128.020448][ T9013] asm_exc_page_fault+0x26/0x30 [ 128.020459][ T9013] RIP: 0033:0x7f35db38e931 [ 128.020469][ T9013] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 128.020480][ T9013] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 128.020488][ T9013] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 128.020495][ T9013] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 128.020502][ T9013] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 128.020508][ T9013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.020514][ T9013] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 128.020528][ T9013] [ 128.020545][ T9013] memory: usage 307200kB, limit 307200kB, failcnt 9708 [ 128.082647][ T9314] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1040'. [ 128.130964][ T9013] memory+swap: usage 432164kB, limit 9007199254740988kB, failcnt 0 [ 128.204885][ T9013] kmem: usage 11568kB, limit 9007199254740988kB, failcnt 0 [ 128.207160][ T9013] Memory cgroup stats for /syz4: [ 128.207296][ T9013] cache 302628864 [ 128.210032][ T9013] rss 94208 [ 128.211048][ T9013] rss_huge 0 [ 128.212559][ T9013] shmem 302628864 [ 128.213745][ T9013] mapped_file 0 [ 128.214863][ T9013] dirty 0 [ 128.215807][ T9013] writeback 0 [ 128.216881][ T9013] workingset_refault_anon 10 [ 128.218330][ T9013] workingset_refault_file 15 [ 128.219805][ T9013] swap 127967232 [ 128.220953][ T9013] swapcached 28672 [ 128.223015][ T9013] pgpgin 108818 [ 128.224160][ T9013] pgpgout 34910 [ 128.225283][ T9013] pgfault 15068 [ 128.226427][ T9013] pgmajfault 35 [ 128.227543][ T9013] inactive_anon 26468352 [ 128.228910][ T9013] active_anon 275558400 [ 128.230273][ T9013] inactive_file 0 [ 128.231478][ T9013] active_file 0 [ 128.232648][ T9013] unevictable 0 [ 128.233766][ T9013] hierarchical_memory_limit 314572800 [ 128.236741][ T9013] hierarchical_memsw_limit 9223372036854771712 [ 128.238692][ T9013] total_cache 302628864 [ 128.240009][ T9013] total_rss 94208 [ 128.241181][ T9013] total_rss_huge 0 [ 128.265544][ T9013] total_shmem 302628864 [ 128.267391][ T9013] total_mapped_file 0 [ 128.269034][ T9013] total_dirty 0 [ 128.270467][ T9013] total_writeback 0 [ 128.279156][ T9013] total_workingset_refault_anon 10 [ 128.281303][ T9013] total_workingset_refault_file 15 [ 128.286205][ T9013] total_swap 127967232 [ 128.289426][ T9013] total_swapcached 28672 [ 128.290790][ T9013] total_pgpgin 108818 [ 128.296161][ T9013] total_pgpgout 34910 [ 128.297924][ T9013] total_pgfault 15068 [ 128.299217][ T9013] total_pgmajfault 35 [ 128.300469][ T9013] total_inactive_anon 26468352 [ 128.302072][ T9013] total_active_anon 275558400 [ 128.303554][ T9013] total_inactive_file 0 [ 128.304873][ T9013] total_active_file 0 [ 128.306154][ T9013] total_unevictable 0 [ 128.307873][ T9013] anon_cost 0 [ 128.309018][ T9013] file_cost 0 [ 128.310115][ T9013] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9028,uid=0 [ 128.320927][ T9013] Memory cgroup out of memory: Killed process 9028 (syz.4.942) total-vm:98240kB, anon-rss:1044kB, file-rss:52648kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000 [ 128.331891][ T1142] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.420550][ T9028] syz.4.942 (9028) used greatest stack depth: 18616 bytes left [ 128.432199][ T9013] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 128.435636][ T9013] CPU: 3 UID: 0 PID: 9013 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 128.435652][ T9013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 128.435659][ T9013] Call Trace: [ 128.435663][ T9013] [ 128.435680][ T9013] dump_stack_lvl+0x16c/0x1f0 [ 128.435700][ T9013] dump_header+0x101/0x930 [ 128.435718][ T9013] oom_kill_process+0x270/0xa60 [ 128.435735][ T9013] out_of_memory+0x350/0x1700 [ 128.435753][ T9013] ? __pfx_out_of_memory+0x10/0x10 [ 128.435772][ T9013] mem_cgroup_out_of_memory+0x118/0x130 [ 128.435785][ T9013] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 128.435804][ T9013] ? do_raw_spin_unlock+0x172/0x230 [ 128.435819][ T9013] try_charge_memcg+0x72b/0xd50 [ 128.435838][ T9013] ? __pfx_try_charge_memcg+0x10/0x10 [ 128.435853][ T9013] ? find_held_lock+0x1/0x80 [ 128.435867][ T9013] ? rcu_read_unlock+0x17/0x60 [ 128.435887][ T9013] charge_memcg+0x8a/0x230 [ 128.435902][ T9013] __mem_cgroup_charge+0x2b/0x1e0 [ 128.435921][ T9013] shmem_alloc_and_add_folio+0x514/0xc20 [ 128.435938][ T9013] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 128.435953][ T9013] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 128.435970][ T9013] shmem_get_folio_gfp+0x67f/0x1600 [ 128.435986][ T9013] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 128.436001][ T9013] ? __pte_offset_map_lock+0x174/0x310 [ 128.436020][ T9013] shmem_write_begin+0x160/0x300 [ 128.436034][ T9013] ? find_held_lock+0x2b/0x80 [ 128.436048][ T9013] ? __pfx_shmem_write_begin+0x10/0x10 [ 128.436062][ T9013] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 128.436074][ T9013] ? __pfx_timestamp_truncate+0x10/0x10 [ 128.436093][ T9013] generic_perform_write+0x3d0/0x930 [ 128.436112][ T9013] ? __pfx_generic_perform_write+0x10/0x10 [ 128.436126][ T9013] ? inode_needs_update_time.part.0+0x191/0x270 [ 128.436147][ T9013] shmem_file_write_iter+0x10e/0x140 [ 128.436164][ T9013] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 128.436180][ T9013] __kernel_write_iter+0x31a/0xa90 [ 128.436195][ T9013] ? __pfx___kernel_write_iter+0x10/0x10 [ 128.436209][ T9013] ? cgroup_freezing+0x14b/0x3d0 [ 128.436223][ T9013] ? cgroup_freezing+0x155/0x3d0 [ 128.436237][ T9013] dump_user_range+0x41f/0xb60 [ 128.436254][ T9013] ? __pfx_dump_user_range+0x10/0x10 [ 128.436268][ T9013] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 128.436296][ T9013] ? __pfx_writenote+0x10/0x10 [ 128.436318][ T9013] elf_core_dump+0x288a/0x3a90 [ 128.436340][ T9013] ? __pfx_elf_core_dump+0x10/0x10 [ 128.436353][ T9013] ? kasan_save_stack+0x42/0x60 [ 128.436366][ T9013] ? kasan_save_stack+0x33/0x60 [ 128.436379][ T9013] ? kasan_save_track+0x14/0x30 [ 128.436391][ T9013] ? __kasan_kmalloc+0xaa/0xb0 [ 128.436404][ T9013] ? do_coredump+0x1c9a/0x4f10 [ 128.436415][ T9013] ? get_signal+0x22e3/0x26d0 [ 128.436427][ T9013] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 128.436443][ T9013] ? 0xffffffffff600000 [ 128.436476][ T9013] ? do_coredump+0x399f/0x4f10 [ 128.436487][ T9013] do_coredump+0x399f/0x4f10 [ 128.436505][ T9013] ? __pfx_do_coredump+0x10/0x10 [ 128.436518][ T9013] ? find_held_lock+0x2b/0x80 [ 128.436531][ T9013] ? is_bpf_text_address+0x8a/0x1a0 [ 128.436547][ T9013] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 128.436563][ T9013] ? is_bpf_text_address+0x94/0x1a0 [ 128.436575][ T9013] ? kernel_text_address+0x8d/0x100 [ 128.436587][ T9013] ? __kernel_text_address+0xd/0x40 [ 128.436621][ T9013] ? unwind_get_return_address+0x59/0xa0 [ 128.436648][ T9013] ? stack_depot_save_flags+0x28/0xa40 [ 128.436665][ T9013] ? __lock_acquire+0xb8a/0x1c90 [ 128.436683][ T9013] ? kasan_save_stack+0x42/0x60 [ 128.436696][ T9013] ? kasan_save_stack+0x33/0x60 [ 128.436708][ T9013] ? kasan_save_track+0x14/0x30 [ 128.436721][ T9013] ? kasan_save_free_info+0x3b/0x60 [ 128.436731][ T9013] ? __kasan_slab_free+0x51/0x70 [ 128.436745][ T9013] ? kmem_cache_free+0x2d1/0x4d0 [ 128.436757][ T9013] ? __sigqueue_free+0xba/0x2a0 [ 128.436771][ T9013] ? get_signal+0xcba/0x26d0 [ 128.436783][ T9013] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 128.436819][ T9013] ? proc_coredump_connector+0x2d1/0x4f0 [ 128.436832][ T9013] ? __pfx_proc_coredump_connector+0x10/0x10 [ 128.436848][ T9013] ? rcu_is_watching+0x12/0xc0 [ 128.436863][ T9013] get_signal+0x22e3/0x26d0 [ 128.436879][ T9013] ? force_sig_fault+0xc4/0x100 [ 128.436893][ T9013] ? __pfx_get_signal+0x10/0x10 [ 128.436910][ T9013] arch_do_signal_or_restart+0x8f/0x7d0 [ 128.436922][ T9013] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 128.436936][ T9013] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 128.436957][ T9013] irqentry_exit_to_user_mode+0x12a/0x270 [ 128.436974][ T9013] asm_exc_page_fault+0x26/0x30 [ 128.436985][ T9013] RIP: 0033:0x7f35db38e931 [ 128.436995][ T9013] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 128.437005][ T9013] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 128.437014][ T9013] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 128.437021][ T9013] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 128.437027][ T9013] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 128.437034][ T9013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.437040][ T9013] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 128.437054][ T9013] [ 128.437069][ T9013] memory: usage 307200kB, limit 307200kB, failcnt 10419 [ 128.445975][ T5296] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 128.446775][ T9013] memory+swap: usage 432156kB, limit 9007199254740988kB, failcnt 0 [ 128.452223][ T5296] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 128.452553][ T9013] kmem: usage 11516kB, limit 9007199254740988kB, failcnt 0 [ 128.454894][ T5296] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 128.458312][ T9013] Memory cgroup stats for [ 128.463279][ T5296] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 128.464988][ T9013] /syz4 [ 128.467017][ T5296] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 128.468874][ T9013] : [ 128.550457][ T9332] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1044'. [ 128.555511][ T9013] cache 302628864 [ 128.555522][ T9013] rss 94208 [ 128.555526][ T9013] rss_huge 0 [ 128.555530][ T9013] shmem 302628864 [ 128.555534][ T9013] mapped_file 0 [ 128.555539][ T9013] dirty 0 [ 128.555543][ T9013] writeback 0 [ 128.555547][ T9013] workingset_refault_anon 10 [ 128.555552][ T9013] workingset_refault_file 15 [ 128.555557][ T9013] swap 127967232 [ 128.590562][ T9332] netfs: Couldn't get user pages (rc=-14) [ 128.592640][ T9013] swapcached 28672 [ 128.652878][ T9013] pgpgin 108818 [ 128.654008][ T9013] pgpgout 34910 [ 128.655138][ T9013] pgfault 15068 [ 128.656244][ T9013] pgmajfault 35 [ 128.657398][ T9013] inactive_anon 26468352 [ 128.658728][ T9013] active_anon 275996672 [ 128.660072][ T9013] inactive_file 0 [ 128.661314][ T9013] active_file 0 [ 128.662734][ T1142] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.663112][ T9013] unevictable 0 [ 128.667238][ T9013] hierarchical_memory_limit 314572800 [ 128.668943][ T9013] hierarchical_memsw_limit 9223372036854771712 [ 128.670863][ T9013] total_cache 302628864 [ 128.672250][ T9013] total_rss 94208 [ 128.673412][ T9013] total_rss_huge 0 [ 128.674620][ T9013] total_shmem 302628864 [ 128.675989][ T9013] total_mapped_file 0 [ 128.677505][ T9013] total_dirty 0 [ 128.678781][ T9013] total_writeback 0 [ 128.680372][ T9013] total_workingset_refault_anon 10 [ 128.682207][ T9013] total_workingset_refault_file 15 [ 128.683930][ T9013] total_swap 127967232 [ 128.685428][ T9013] total_swapcached 28672 [ 128.686787][ T9013] total_pgpgin 108818 [ 128.688124][ T9013] total_pgpgout 34910 [ 128.689453][ T9013] total_pgfault 15068 [ 128.690854][ T9013] total_pgmajfault 35 [ 128.692408][ T9013] total_inactive_anon 26468352 [ 128.694057][ T9013] total_active_anon 275996672 [ 128.695900][ T9013] total_inactive_file 0 [ 128.697770][ T9013] total_active_file 0 [ 128.699054][ T9013] total_unevictable 0 [ 128.700317][ T9013] anon_cost 0 [ 128.701399][ T9013] file_cost 0 [ 128.702540][ T9013] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9013,uid=0 [ 128.707462][ T9013] Memory cgroup out of memory: Killed process 9013 (syz.4.942) total-vm:98240kB, anon-rss:956kB, file-rss:52684kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000 [ 128.801821][ T1142] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.847627][ T9328] chnl_net:caif_netlink_parms(): no params data found [ 128.876902][ T9057] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 128.880087][ T9057] CPU: 1 UID: 0 PID: 9057 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 128.880101][ T9057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 128.880108][ T9057] Call Trace: [ 128.880112][ T9057] [ 128.880117][ T9057] dump_stack_lvl+0x16c/0x1f0 [ 128.880138][ T9057] dump_header+0x101/0x930 [ 128.880156][ T9057] oom_kill_process+0x270/0xa60 [ 128.880173][ T9057] out_of_memory+0x350/0x1700 [ 128.880191][ T9057] ? __pfx_out_of_memory+0x10/0x10 [ 128.880210][ T9057] mem_cgroup_out_of_memory+0x118/0x130 [ 128.880222][ T9057] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 128.880236][ T9057] ? do_raw_spin_unlock+0x172/0x230 [ 128.880251][ T9057] try_charge_memcg+0x72b/0xd50 [ 128.880270][ T9057] ? __pfx_try_charge_memcg+0x10/0x10 [ 128.880285][ T9057] ? find_held_lock+0x1/0x80 [ 128.880299][ T9057] ? rcu_read_unlock+0x17/0x60 [ 128.880320][ T9057] charge_memcg+0x8a/0x230 [ 128.880335][ T9057] __mem_cgroup_charge+0x2b/0x1e0 [ 128.880353][ T9057] shmem_alloc_and_add_folio+0x514/0xc20 [ 128.880371][ T9057] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 128.880386][ T9057] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 128.880402][ T9057] shmem_get_folio_gfp+0x67f/0x1600 [ 128.880419][ T9057] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 128.880433][ T9057] ? __pte_offset_map_lock+0x174/0x310 [ 128.880452][ T9057] shmem_write_begin+0x160/0x300 [ 128.880466][ T9057] ? find_held_lock+0x2b/0x80 [ 128.880478][ T9057] ? __pfx_shmem_write_begin+0x10/0x10 [ 128.880493][ T9057] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 128.880504][ T9057] ? __pfx_timestamp_truncate+0x10/0x10 [ 128.880522][ T9057] generic_perform_write+0x3d0/0x930 [ 128.880541][ T9057] ? __pfx_generic_perform_write+0x10/0x10 [ 128.880555][ T9057] ? inode_needs_update_time.part.0+0x191/0x270 [ 128.880575][ T9057] shmem_file_write_iter+0x10e/0x140 [ 128.880611][ T9057] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 128.880626][ T9057] __kernel_write_iter+0x31a/0xa90 [ 128.880642][ T9057] ? __pfx___kernel_write_iter+0x10/0x10 [ 128.880656][ T9057] ? cgroup_freezing+0x14b/0x3d0 [ 128.880670][ T9057] ? cgroup_freezing+0x155/0x3d0 [ 128.880684][ T9057] dump_user_range+0x41f/0xb60 [ 128.880701][ T9057] ? __pfx_dump_user_range+0x10/0x10 [ 128.880715][ T9057] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 128.880734][ T9057] ? __pfx_writenote+0x10/0x10 [ 128.880752][ T9057] elf_core_dump+0x288a/0x3a90 [ 128.880774][ T9057] ? __pfx_elf_core_dump+0x10/0x10 [ 128.880787][ T9057] ? kasan_save_stack+0x42/0x60 [ 128.880800][ T9057] ? kasan_save_stack+0x33/0x60 [ 128.880817][ T9057] ? kasan_save_track+0x14/0x30 [ 128.880829][ T9057] ? __kasan_kmalloc+0xaa/0xb0 [ 128.880842][ T9057] ? do_coredump+0x1c9a/0x4f10 [ 128.880853][ T9057] ? get_signal+0x22e3/0x26d0 [ 128.880865][ T9057] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 128.880881][ T9057] ? 0xffffffffff600000 [ 128.880913][ T9057] ? do_coredump+0x399f/0x4f10 [ 128.880925][ T9057] do_coredump+0x399f/0x4f10 [ 128.880942][ T9057] ? __pfx_do_coredump+0x10/0x10 [ 128.880956][ T9057] ? find_held_lock+0x2b/0x80 [ 128.880969][ T9057] ? is_bpf_text_address+0x8a/0x1a0 [ 128.880984][ T9057] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 128.881000][ T9057] ? is_bpf_text_address+0x94/0x1a0 [ 128.881012][ T9057] ? kernel_text_address+0x8d/0x100 [ 128.881024][ T9057] ? __kernel_text_address+0xd/0x40 [ 128.881035][ T9057] ? unwind_get_return_address+0x59/0xa0 [ 128.881061][ T9057] ? stack_depot_save_flags+0x28/0xa40 [ 128.881077][ T9057] ? __lock_acquire+0xb8a/0x1c90 [ 128.881095][ T9057] ? kasan_save_stack+0x42/0x60 [ 128.881107][ T9057] ? kasan_save_stack+0x33/0x60 [ 128.881119][ T9057] ? kasan_save_track+0x14/0x30 [ 128.881132][ T9057] ? kasan_save_free_info+0x3b/0x60 [ 128.881142][ T9057] ? __kasan_slab_free+0x51/0x70 [ 128.881155][ T9057] ? kmem_cache_free+0x2d1/0x4d0 [ 128.881168][ T9057] ? __sigqueue_free+0xba/0x2a0 [ 128.881182][ T9057] ? get_signal+0xcba/0x26d0 [ 128.881194][ T9057] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 128.881225][ T9057] ? proc_coredump_connector+0x2d1/0x4f0 [ 128.881238][ T9057] ? __pfx_proc_coredump_connector+0x10/0x10 [ 128.881253][ T9057] ? rcu_is_watching+0x12/0xc0 [ 128.881268][ T9057] get_signal+0x22e3/0x26d0 [ 128.881284][ T9057] ? force_sig_fault+0xc4/0x100 [ 128.881298][ T9057] ? __pfx_get_signal+0x10/0x10 [ 128.881315][ T9057] arch_do_signal_or_restart+0x8f/0x7d0 [ 128.881326][ T9057] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 128.881340][ T9057] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 128.881361][ T9057] irqentry_exit_to_user_mode+0x12a/0x270 [ 128.881378][ T9057] asm_exc_page_fault+0x26/0x30 [ 128.881389][ T9057] RIP: 0033:0x7f35db38e931 [ 128.881398][ T9057] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 128.881409][ T9057] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 128.881417][ T9057] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 128.881424][ T9057] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 128.881430][ T9057] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 128.881436][ T9057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.881442][ T9057] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 128.881456][ T9057] [ 128.881460][ T9057] memory: usage 307200kB, limit 307200kB, failcnt 11221 [ 129.074523][ T9057] memory+swap: usage 432136kB, limit 9007199254740988kB, failcnt 0 [ 129.076953][ T9057] kmem: usage 11276kB, limit 9007199254740988kB, failcnt 0 [ 129.079215][ T9057] Memory cgroup stats for /syz4: [ 129.079288][ T9057] cache 302690304 [ 129.082096][ T9057] rss 65536 [ 129.083112][ T9057] rss_huge 0 [ 129.084149][ T9057] shmem 302690304 [ 129.085318][ T9057] mapped_file 0 [ 129.086433][ T9057] dirty 0 [ 129.087376][ T9057] writeback 0 [ 129.088435][ T9057] workingset_refault_anon 10 [ 129.089895][ T9057] workingset_refault_file 15 [ 129.091336][ T9057] swap 127954944 [ 129.094423][ T9057] swapcached 28672 [ 129.095661][ T9057] pgpgin 108833 [ 129.096783][ T9057] pgpgout 34911 [ 129.097897][ T9057] pgfault 15068 [ 129.098997][ T9057] pgmajfault 35 [ 129.100106][ T9057] inactive_anon 26468352 [ 129.101450][ T9057] active_anon 276312064 [ 129.102822][ T9057] inactive_file 0 [ 129.103977][ T9057] active_file 0 [ 129.105089][ T9057] unevictable 0 [ 129.106534][ T9057] hierarchical_memory_limit 314572800 [ 129.108221][ T9057] hierarchical_memsw_limit 9223372036854771712 [ 129.110138][ T9057] total_cache 302690304 [ 129.111443][ T9057] total_rss 65536 [ 129.112697][ T9057] total_rss_huge 0 [ 129.113890][ T9057] total_shmem 302690304 [ 129.115197][ T9057] total_mapped_file 0 [ 129.116486][ T9057] total_dirty 0 [ 129.117609][ T9057] total_writeback 0 [ 129.118821][ T9057] total_workingset_refault_anon 10 [ 129.120413][ T9057] total_workingset_refault_file 15 [ 129.122083][ T9057] total_swap 127954944 [ 129.123362][ T9057] total_swapcached 28672 [ 129.124698][ T9057] total_pgpgin 108833 [ 129.125965][ T9057] total_pgpgout 34911 [ 129.127242][ T9057] total_pgfault 15068 [ 129.128501][ T9057] total_pgmajfault 35 [ 129.129801][ T9057] total_inactive_anon 26468352 [ 129.131304][ T9057] total_active_anon 276312064 [ 129.132895][ T9057] total_inactive_file 0 [ 129.134198][ T9057] total_active_file 0 [ 129.135445][ T9057] total_unevictable 0 [ 129.136705][ T9057] anon_cost 0 [ 129.137762][ T9057] file_cost 0 [ 129.138824][ T9057] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9022,uid=0 [ 129.143374][ T9057] Memory cgroup out of memory: Killed process 9022 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:50176kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000 [ 129.180435][ T9022] syz.4.942 (9022) used greatest stack depth: 18536 bytes left [ 129.214285][ T9045] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 129.217549][ T9045] CPU: 0 UID: 0 PID: 9045 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 129.217571][ T9045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.217582][ T9045] Call Trace: [ 129.217589][ T9045] [ 129.217597][ T9045] dump_stack_lvl+0x16c/0x1f0 [ 129.217624][ T9045] dump_header+0x101/0x930 [ 129.217641][ T9045] oom_kill_process+0x270/0xa60 [ 129.217658][ T9045] out_of_memory+0x350/0x1700 [ 129.217676][ T9045] ? __pfx_out_of_memory+0x10/0x10 [ 129.217695][ T9045] mem_cgroup_out_of_memory+0x118/0x130 [ 129.217707][ T9045] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 129.217722][ T9045] ? do_raw_spin_unlock+0x172/0x230 [ 129.217736][ T9045] try_charge_memcg+0x72b/0xd50 [ 129.217755][ T9045] ? __pfx_try_charge_memcg+0x10/0x10 [ 129.217771][ T9045] ? find_held_lock+0x1/0x80 [ 129.217784][ T9045] ? rcu_read_unlock+0x17/0x60 [ 129.217809][ T9045] charge_memcg+0x8a/0x230 [ 129.217824][ T9045] __mem_cgroup_charge+0x2b/0x1e0 [ 129.217842][ T9045] shmem_alloc_and_add_folio+0x514/0xc20 [ 129.217859][ T9045] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 129.217875][ T9045] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 129.217891][ T9045] shmem_get_folio_gfp+0x67f/0x1600 [ 129.217908][ T9045] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 129.217922][ T9045] ? timestamp_truncate+0x21e/0x2d0 [ 129.217941][ T9045] shmem_write_begin+0x160/0x300 [ 129.217956][ T9045] ? __pfx_shmem_write_begin+0x10/0x10 [ 129.217970][ T9045] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 129.217985][ T9045] generic_perform_write+0x3d0/0x930 [ 129.218003][ T9045] ? __pfx_generic_perform_write+0x10/0x10 [ 129.218018][ T9045] ? generic_update_time+0xcf/0xf0 [ 129.218034][ T9045] ? mnt_put_write_access_file+0x45/0xf0 [ 129.218053][ T9045] shmem_file_write_iter+0x10e/0x140 [ 129.218069][ T9045] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 129.218084][ T9045] __kernel_write_iter+0x31a/0xa90 [ 129.218100][ T9045] ? __pfx___kernel_write_iter+0x10/0x10 [ 129.218114][ T9045] ? cgroup_freezing+0x14b/0x3d0 [ 129.218127][ T9045] ? cgroup_freezing+0x155/0x3d0 [ 129.218141][ T9045] dump_user_range+0x41f/0xb60 [ 129.218158][ T9045] ? __pfx_dump_user_range+0x10/0x10 [ 129.218172][ T9045] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 129.218191][ T9045] ? __pfx_writenote+0x10/0x10 [ 129.218209][ T9045] elf_core_dump+0x288a/0x3a90 [ 129.218231][ T9045] ? __pfx_elf_core_dump+0x10/0x10 [ 129.218244][ T9045] ? kasan_save_stack+0x42/0x60 [ 129.218257][ T9045] ? kasan_save_stack+0x33/0x60 [ 129.218270][ T9045] ? kasan_save_track+0x14/0x30 [ 129.218282][ T9045] ? __kasan_kmalloc+0xaa/0xb0 [ 129.218294][ T9045] ? do_coredump+0x1c9a/0x4f10 [ 129.218306][ T9045] ? get_signal+0x22e3/0x26d0 [ 129.218318][ T9045] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 129.218333][ T9045] ? 0xffffffffff600000 [ 129.218366][ T9045] ? do_coredump+0x399f/0x4f10 [ 129.218377][ T9045] do_coredump+0x399f/0x4f10 [ 129.218395][ T9045] ? __pfx_do_coredump+0x10/0x10 [ 129.218408][ T9045] ? find_held_lock+0x2b/0x80 [ 129.218421][ T9045] ? is_bpf_text_address+0x8a/0x1a0 [ 129.218436][ T9045] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 129.218452][ T9045] ? is_bpf_text_address+0x94/0x1a0 [ 129.218464][ T9045] ? kernel_text_address+0x8d/0x100 [ 129.218476][ T9045] ? __kernel_text_address+0xd/0x40 [ 129.218486][ T9045] ? unwind_get_return_address+0x59/0xa0 [ 129.218513][ T9045] ? stack_depot_save_flags+0x28/0xa40 [ 129.218529][ T9045] ? __lock_acquire+0xb8a/0x1c90 [ 129.218546][ T9045] ? kasan_save_stack+0x42/0x60 [ 129.218559][ T9045] ? kasan_save_stack+0x33/0x60 [ 129.218571][ T9045] ? kasan_save_track+0x14/0x30 [ 129.218584][ T9045] ? kasan_save_free_info+0x3b/0x60 [ 129.218594][ T9045] ? __kasan_slab_free+0x51/0x70 [ 129.218607][ T9045] ? kmem_cache_free+0x2d1/0x4d0 [ 129.218623][ T9045] ? __sigqueue_free+0xba/0x2a0 [ 129.218645][ T9045] ? get_signal+0xcba/0x26d0 [ 129.218664][ T9045] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 129.218721][ T9045] ? proc_coredump_connector+0x2d1/0x4f0 [ 129.218740][ T9045] ? __pfx_proc_coredump_connector+0x10/0x10 [ 129.218755][ T9045] ? rcu_is_watching+0x12/0xc0 [ 129.218774][ T9045] get_signal+0x22e3/0x26d0 [ 129.218793][ T9045] ? force_sig_fault+0xc4/0x100 [ 129.218807][ T9045] ? __pfx_get_signal+0x10/0x10 [ 129.218824][ T9045] arch_do_signal_or_restart+0x8f/0x7d0 [ 129.218835][ T9045] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 129.218848][ T9045] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 129.218870][ T9045] irqentry_exit_to_user_mode+0x12a/0x270 [ 129.218888][ T9045] asm_exc_page_fault+0x26/0x30 [ 129.218898][ T9045] RIP: 0033:0x7f35db38e931 [ 129.218908][ T9045] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 129.218919][ T9045] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 129.218927][ T9045] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 129.218934][ T9045] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 129.218940][ T9045] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 129.218946][ T9045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.218951][ T9045] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 129.218966][ T9045] [ 129.218970][ T9045] memory: usage 307200kB, limit 307200kB, failcnt 11622 [ 129.273427][ T9337] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 129.275667][ T9045] memory+swap: usage 432120kB, limit 9007199254740988kB, failcnt 0 [ 129.277350][ T9337] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 129.278554][ T9045] kmem: usage 10860kB, limit 9007199254740988kB, failcnt 0 [ 129.278564][ T9045] Memory cgroup stats for /syz4: [ 129.278660][ T9045] cache 303181824 [ 129.280515][ T9337] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 129.282117][ T9045] rss 65536 [ 129.282125][ T9045] rss_huge 0 [ 129.282129][ T9045] shmem 303181824 [ 129.282133][ T9045] mapped_file 0 [ 129.282137][ T9045] dirty 0 [ 129.282142][ T9045] writeback 0 [ 129.302152][ T9337] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 129.303414][ T9045] workingset_refault_anon 10 [ 129.304828][ T9337] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 129.306363][ T9045] workingset_refault_file 15 [ 129.319594][ T9328] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.321467][ T9045] swap 127918080 [ 129.345613][ T9328] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.348175][ T9045] swapcached 28672 [ 129.352628][ T9328] bridge_slave_0: entered allmulticast mode [ 129.353927][ T9045] pgpgin 108953 [ 129.362507][ T9328] bridge_slave_0: entered promiscuous mode [ 129.365070][ T9045] pgpgout 34911 [ 129.365571][ T9337] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 129.439494][ T9045] pgfault 15075 [ 129.440603][ T9045] pgmajfault 35 [ 129.441720][ T9045] inactive_anon 26468352 [ 129.443234][ T9045] active_anon 276807680 [ 129.444462][ T9045] inactive_file 0 [ 129.445566][ T9045] active_file 0 [ 129.446631][ T9045] unevictable 0 [ 129.447727][ T9045] hierarchical_memory_limit 314572800 [ 129.449330][ T9045] hierarchical_memsw_limit 9223372036854771712 [ 129.451146][ T9045] total_cache 303181824 [ 129.452534][ T9045] total_rss 65536 [ 129.453667][ T9045] total_rss_huge 0 [ 129.454808][ T9045] total_shmem 303181824 [ 129.456132][ T9045] total_mapped_file 0 [ 129.457365][ T9045] total_dirty 0 [ 129.458414][ T9045] total_writeback 0 [ 129.459554][ T9045] total_workingset_refault_anon 10 [ 129.461076][ T9045] total_workingset_refault_file 15 [ 129.462736][ T9045] total_swap 127918080 [ 129.463966][ T9045] total_swapcached 28672 [ 129.465262][ T9045] total_pgpgin 108953 [ 129.466494][ T9045] total_pgpgout 34911 [ 129.467699][ T9045] total_pgfault 15075 [ 129.468894][ T9045] total_pgmajfault 35 [ 129.470095][ T9045] total_inactive_anon 26468352 [ 129.470567][ T1142] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.471543][ T9045] total_active_anon 276807680 [ 129.471550][ T9045] total_inactive_file 0 [ 129.477455][ T9045] total_active_file 0 [ 129.478673][ T9045] total_unevictable 0 [ 129.479883][ T9045] anon_cost 0 [ 129.481040][ T9045] file_cost 0 [ 129.482113][ T9045] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9016,uid=0 [ 129.487243][ T9045] Memory cgroup out of memory: Killed process 9016 (syz.4.942) total-vm:98240kB, anon-rss:1084kB, file-rss:49920kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000 [ 129.492085][ T9328] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.494640][ T9328] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.497479][ T9328] bridge_slave_1: entered allmulticast mode [ 129.501195][ T9328] bridge_slave_1: entered promiscuous mode [ 129.525454][ T9045] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 129.528437][ T9045] CPU: 2 UID: 0 PID: 9045 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 129.528451][ T9045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.528458][ T9045] Call Trace: [ 129.528462][ T9045] [ 129.528466][ T9045] dump_stack_lvl+0x16c/0x1f0 [ 129.528487][ T9045] dump_header+0x101/0x930 [ 129.528504][ T9045] oom_kill_process+0x270/0xa60 [ 129.528521][ T9045] out_of_memory+0x350/0x1700 [ 129.528539][ T9045] ? __pfx_out_of_memory+0x10/0x10 [ 129.528557][ T9045] mem_cgroup_out_of_memory+0x118/0x130 [ 129.528570][ T9045] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 129.528605][ T9045] ? do_raw_spin_unlock+0x172/0x230 [ 129.528623][ T9045] try_charge_memcg+0x72b/0xd50 [ 129.528641][ T9045] ? __pfx_try_charge_memcg+0x10/0x10 [ 129.528657][ T9045] ? find_held_lock+0x1/0x80 [ 129.528670][ T9045] ? rcu_read_unlock+0x17/0x60 [ 129.528691][ T9045] charge_memcg+0x8a/0x230 [ 129.528706][ T9045] __mem_cgroup_charge+0x2b/0x1e0 [ 129.528725][ T9045] shmem_alloc_and_add_folio+0x514/0xc20 [ 129.528742][ T9045] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 129.528759][ T9045] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 129.528776][ T9045] shmem_get_folio_gfp+0x67f/0x1600 [ 129.528793][ T9045] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 129.528808][ T9045] ? __pte_offset_map_lock+0x174/0x310 [ 129.528826][ T9045] shmem_write_begin+0x160/0x300 [ 129.528840][ T9045] ? find_held_lock+0x2b/0x80 [ 129.528853][ T9045] ? __pfx_shmem_write_begin+0x10/0x10 [ 129.528867][ T9045] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 129.528878][ T9045] ? __pfx_timestamp_truncate+0x10/0x10 [ 129.528897][ T9045] generic_perform_write+0x3d0/0x930 [ 129.528915][ T9045] ? __pfx_generic_perform_write+0x10/0x10 [ 129.528929][ T9045] ? inode_needs_update_time.part.0+0x191/0x270 [ 129.528950][ T9045] shmem_file_write_iter+0x10e/0x140 [ 129.528967][ T9045] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 129.528982][ T9045] __kernel_write_iter+0x31a/0xa90 [ 129.528998][ T9045] ? __pfx___kernel_write_iter+0x10/0x10 [ 129.529011][ T9045] ? cgroup_freezing+0x14b/0x3d0 [ 129.529029][ T9045] ? cgroup_freezing+0x155/0x3d0 [ 129.529042][ T9045] dump_user_range+0x41f/0xb60 [ 129.529059][ T9045] ? __pfx_dump_user_range+0x10/0x10 [ 129.529073][ T9045] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 129.529093][ T9045] ? __pfx_writenote+0x10/0x10 [ 129.529111][ T9045] elf_core_dump+0x288a/0x3a90 [ 129.529133][ T9045] ? __pfx_elf_core_dump+0x10/0x10 [ 129.529146][ T9045] ? kasan_save_stack+0x42/0x60 [ 129.529159][ T9045] ? kasan_save_stack+0x33/0x60 [ 129.529172][ T9045] ? kasan_save_track+0x14/0x30 [ 129.529184][ T9045] ? __kasan_kmalloc+0xaa/0xb0 [ 129.529196][ T9045] ? do_coredump+0x1c9a/0x4f10 [ 129.529208][ T9045] ? get_signal+0x22e3/0x26d0 [ 129.529220][ T9045] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 129.529235][ T9045] ? 0xffffffffff600000 [ 129.529268][ T9045] ? do_coredump+0x399f/0x4f10 [ 129.529279][ T9045] do_coredump+0x399f/0x4f10 [ 129.529297][ T9045] ? __pfx_do_coredump+0x10/0x10 [ 129.529310][ T9045] ? find_held_lock+0x2b/0x80 [ 129.529323][ T9045] ? is_bpf_text_address+0x8a/0x1a0 [ 129.529338][ T9045] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 129.529353][ T9045] ? is_bpf_text_address+0x94/0x1a0 [ 129.529366][ T9045] ? kernel_text_address+0x8d/0x100 [ 129.529377][ T9045] ? __kernel_text_address+0xd/0x40 [ 129.529388][ T9045] ? unwind_get_return_address+0x59/0xa0 [ 129.529414][ T9045] ? stack_depot_save_flags+0x28/0xa40 [ 129.529431][ T9045] ? __lock_acquire+0xb8a/0x1c90 [ 129.529448][ T9045] ? kasan_save_stack+0x42/0x60 [ 129.529461][ T9045] ? kasan_save_stack+0x33/0x60 [ 129.529473][ T9045] ? kasan_save_track+0x14/0x30 [ 129.529486][ T9045] ? kasan_save_free_info+0x3b/0x60 [ 129.529496][ T9045] ? __kasan_slab_free+0x51/0x70 [ 129.529509][ T9045] ? kmem_cache_free+0x2d1/0x4d0 [ 129.529522][ T9045] ? __sigqueue_free+0xba/0x2a0 [ 129.529536][ T9045] ? get_signal+0xcba/0x26d0 [ 129.529547][ T9045] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 129.529578][ T9045] ? proc_coredump_connector+0x2d1/0x4f0 [ 129.529591][ T9045] ? __pfx_proc_coredump_connector+0x10/0x10 [ 129.529606][ T9045] ? rcu_is_watching+0x12/0xc0 [ 129.529621][ T9045] get_signal+0x22e3/0x26d0 [ 129.529638][ T9045] ? force_sig_fault+0xc4/0x100 [ 129.529651][ T9045] ? __pfx_get_signal+0x10/0x10 [ 129.529668][ T9045] arch_do_signal_or_restart+0x8f/0x7d0 [ 129.529680][ T9045] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 129.529693][ T9045] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 129.529714][ T9045] irqentry_exit_to_user_mode+0x12a/0x270 [ 129.529732][ T9045] asm_exc_page_fault+0x26/0x30 [ 129.529742][ T9045] RIP: 0033:0x7f35db38e931 [ 129.529751][ T9045] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 129.529762][ T9045] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 129.529771][ T9045] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 129.529777][ T9045] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 129.529783][ T9045] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 129.529789][ T9045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.529795][ T9045] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 129.529809][ T9045] [ 129.529814][ T9045] memory: usage 307200kB, limit 307200kB, failcnt 11732 [ 129.685710][ T9352] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 129.687410][ T9045] memory+swap: usage 432108kB, limit 9007199254740988kB, failcnt 0 [ 129.703653][ T9045] kmem: usage 10628kB, limit 9007199254740988kB, failcnt 0 [ 129.704564][ T9348] team0: No ports can be present during mode change [ 129.705825][ T9045] Memory cgroup stats for /syz4: [ 129.705906][ T9045] cache 303415296 [ 129.705912][ T9045] rss 65536 [ 129.705916][ T9045] rss_huge 0 [ 129.705920][ T9045] shmem 303415296 [ 129.705925][ T9045] mapped_file 0 [ 129.705929][ T9045] dirty 0 [ 129.705933][ T9045] writeback 0 [ 129.705937][ T9045] workingset_refault_anon 10 [ 129.705942][ T9045] workingset_refault_file 15 [ 129.705947][ T9045] swap 127905792 [ 129.705951][ T9045] swapcached 28672 [ 129.705955][ T9045] pgpgin 109010 [ 129.705959][ T9045] pgpgout 34911 [ 129.705963][ T9045] pgfault 15078 [ 129.705968][ T9045] pgmajfault 35 [ 129.705972][ T9045] inactive_anon 26468352 [ 129.705976][ T9045] active_anon 277041152 [ 129.705981][ T9045] inactive_file 0 [ 129.705985][ T9045] active_file 0 [ 129.705989][ T9045] unevictable 0 [ 129.705994][ T9045] hierarchical_memory_limit 314572800 [ 129.705999][ T9045] hierarchical_memsw_limit 9223372036854771712 [ 129.706005][ T9045] total_cache 303415296 [ 129.706009][ T9045] total_rss 65536 [ 129.706013][ T9045] total_rss_huge 0 [ 129.706018][ T9045] total_shmem 303415296 [ 129.706026][ T9045] total_mapped_file 0 [ 129.706031][ T9045] total_dirty 0 [ 129.706035][ T9045] total_writeback 0 [ 129.706039][ T9045] total_workingset_refault_anon 10 [ 129.706044][ T9045] total_workingset_refault_file 15 [ 129.706049][ T9045] total_swap 127905792 [ 129.706054][ T9045] total_swapcached 28672 [ 129.706058][ T9045] total_pgpgin 109010 [ 129.706063][ T9045] total_pgpgout 34911 [ 129.706067][ T9045] total_pgfault 15078 [ 129.706072][ T9045] total_pgmajfault 35 [ 129.706076][ T9045] total_inactive_anon 26468352 [ 129.706081][ T9045] total_active_anon 277041152 [ 129.706086][ T9045] total_inactive_file 0 [ 129.706090][ T9045] total_active_file 0 [ 129.706095][ T9045] total_unevictable 0 [ 129.706099][ T9045] anon_cost 0 [ 129.706104][ T9045] file_cost 0 [ 129.706108][ T9045] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset= [ 129.738683][ T9351] overlay: filesystem on ./bus not supported as upperdir [ 129.739249][ T9045] /,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9011,uid=0 [ 129.775795][ T9045] Memory cgroup out of memory: Killed process 9011 (syz.4.942) total-vm:98108kB, anon-rss:956kB, file-rss:49280kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000 [ 129.785741][ T9351] tmpfs: Bad value for 'nr_inodes' [ 129.790626][ T9328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.795202][ T9354] tmpfs: Bad value for 'mpol' [ 129.811371][ T9328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 129.831394][ T9045] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 129.834782][ T9045] CPU: 2 UID: 0 PID: 9045 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 129.834797][ T9045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.834804][ T9045] Call Trace: [ 129.834809][ T9045] [ 129.834813][ T9045] dump_stack_lvl+0x16c/0x1f0 [ 129.834834][ T9045] dump_header+0x101/0x930 [ 129.834859][ T9045] oom_kill_process+0x270/0xa60 [ 129.834882][ T9045] out_of_memory+0x350/0x1700 [ 129.834906][ T9045] ? __pfx_out_of_memory+0x10/0x10 [ 129.834925][ T9045] mem_cgroup_out_of_memory+0x118/0x130 [ 129.834937][ T9045] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 129.834953][ T9045] ? do_raw_spin_unlock+0x172/0x230 [ 129.834967][ T9045] try_charge_memcg+0x72b/0xd50 [ 129.834986][ T9045] ? __pfx_try_charge_memcg+0x10/0x10 [ 129.835001][ T9045] ? find_held_lock+0x1/0x80 [ 129.835015][ T9045] ? rcu_read_unlock+0x17/0x60 [ 129.835040][ T9045] charge_memcg+0x8a/0x230 [ 129.835055][ T9045] __mem_cgroup_charge+0x2b/0x1e0 [ 129.835073][ T9045] shmem_alloc_and_add_folio+0x514/0xc20 [ 129.835090][ T9045] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 129.835106][ T9045] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 129.835122][ T9045] shmem_get_folio_gfp+0x67f/0x1600 [ 129.835139][ T9045] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 129.835153][ T9045] ? __pte_offset_map_lock+0x174/0x310 [ 129.835172][ T9045] shmem_write_begin+0x160/0x300 [ 129.835186][ T9045] ? find_held_lock+0x2b/0x80 [ 129.835199][ T9045] ? __pfx_shmem_write_begin+0x10/0x10 [ 129.835213][ T9045] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 129.835224][ T9045] ? __pfx_timestamp_truncate+0x10/0x10 [ 129.835243][ T9045] generic_perform_write+0x3d0/0x930 [ 129.835261][ T9045] ? __pfx_generic_perform_write+0x10/0x10 [ 129.835275][ T9045] ? inode_needs_update_time.part.0+0x191/0x270 [ 129.835296][ T9045] shmem_file_write_iter+0x10e/0x140 [ 129.835313][ T9045] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 129.835328][ T9045] __kernel_write_iter+0x31a/0xa90 [ 129.835344][ T9045] ? __pfx___kernel_write_iter+0x10/0x10 [ 129.835358][ T9045] ? cgroup_freezing+0x14b/0x3d0 [ 129.835372][ T9045] ? cgroup_freezing+0x155/0x3d0 [ 129.835386][ T9045] dump_user_range+0x41f/0xb60 [ 129.835402][ T9045] ? __pfx_dump_user_range+0x10/0x10 [ 129.835416][ T9045] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 129.835436][ T9045] ? __pfx_writenote+0x10/0x10 [ 129.835454][ T9045] elf_core_dump+0x288a/0x3a90 [ 129.835476][ T9045] ? __pfx_elf_core_dump+0x10/0x10 [ 129.835489][ T9045] ? kasan_save_stack+0x42/0x60 [ 129.835502][ T9045] ? kasan_save_stack+0x33/0x60 [ 129.835515][ T9045] ? kasan_save_track+0x14/0x30 [ 129.835527][ T9045] ? __kasan_kmalloc+0xaa/0xb0 [ 129.835540][ T9045] ? do_coredump+0x1c9a/0x4f10 [ 129.835551][ T9045] ? get_signal+0x22e3/0x26d0 [ 129.835563][ T9045] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 129.835579][ T9045] ? 0xffffffffff600000 [ 129.835611][ T9045] ? do_coredump+0x399f/0x4f10 [ 129.835623][ T9045] do_coredump+0x399f/0x4f10 [ 129.835652][ T9045] ? __pfx_do_coredump+0x10/0x10 [ 129.835667][ T9045] ? find_held_lock+0x2b/0x80 [ 129.835681][ T9045] ? is_bpf_text_address+0x8a/0x1a0 [ 129.835695][ T9045] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 129.835711][ T9045] ? is_bpf_text_address+0x94/0x1a0 [ 129.835724][ T9045] ? kernel_text_address+0x8d/0x100 [ 129.835735][ T9045] ? __kernel_text_address+0xd/0x40 [ 129.835746][ T9045] ? unwind_get_return_address+0x59/0xa0 [ 129.835773][ T9045] ? stack_depot_save_flags+0x28/0xa40 [ 129.835789][ T9045] ? __lock_acquire+0xb8a/0x1c90 [ 129.835807][ T9045] ? kasan_save_stack+0x42/0x60 [ 129.835820][ T9045] ? kasan_save_stack+0x33/0x60 [ 129.835832][ T9045] ? kasan_save_track+0x14/0x30 [ 129.835845][ T9045] ? kasan_save_free_info+0x3b/0x60 [ 129.835855][ T9045] ? __kasan_slab_free+0x51/0x70 [ 129.835868][ T9045] ? kmem_cache_free+0x2d1/0x4d0 [ 129.835880][ T9045] ? __sigqueue_free+0xba/0x2a0 [ 129.835894][ T9045] ? get_signal+0xcba/0x26d0 [ 129.835906][ T9045] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 129.835937][ T9045] ? proc_coredump_connector+0x2d1/0x4f0 [ 129.835950][ T9045] ? __pfx_proc_coredump_connector+0x10/0x10 [ 129.835965][ T9045] ? rcu_is_watching+0x12/0xc0 [ 129.835981][ T9045] get_signal+0x22e3/0x26d0 [ 129.835998][ T9045] ? force_sig_fault+0xc4/0x100 [ 129.836011][ T9045] ? __pfx_get_signal+0x10/0x10 [ 129.836032][ T9045] arch_do_signal_or_restart+0x8f/0x7d0 [ 129.836044][ T9045] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 129.836058][ T9045] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 129.836079][ T9045] irqentry_exit_to_user_mode+0x12a/0x270 [ 129.836097][ T9045] asm_exc_page_fault+0x26/0x30 [ 129.836107][ T9045] RIP: 0033:0x7f35db38e931 [ 129.836116][ T9045] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 129.836127][ T9045] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 129.836136][ T9045] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 129.836143][ T9045] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 129.836149][ T9045] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 129.836155][ T9045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.836161][ T9045] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 129.836175][ T9045] [ 129.836191][ T9045] memory: usage 307200kB, limit 307200kB, failcnt 12000 [ 130.002437][ T9045] memory+swap: usage 432052kB, limit 9007199254740988kB, failcnt 0 [ 130.002449][ T9045] kmem: usage 10576kB, limit 9007199254740988kB, failcnt 0 [ 130.002456][ T9045] Memory cgroup stats for /syz4: [ 130.002521][ T9045] cache 303415296 [ 130.002527][ T9045] rss 65536 [ 130.002532][ T9045] rss_huge 0 [ 130.002536][ T9045] shmem 303415296 [ 130.002540][ T9045] mapped_file 0 [ 130.002544][ T9045] dirty 0 [ 130.002549][ T9045] writeback 0 [ 130.002553][ T9045] workingset_refault_anon 10 [ 130.002558][ T9045] workingset_refault_file 15 [ 130.002562][ T9045] swap 127905792 [ 130.002567][ T9045] swapcached 28672 [ 130.002571][ T9045] pgpgin 109010 [ 130.002576][ T9045] pgpgout 34911 [ 130.002580][ T9045] pgfault 15078 [ 130.002584][ T9045] pgmajfault 35 [ 130.002588][ T9045] inactive_anon 26468352 [ 130.002593][ T9045] active_anon 277041152 [ 130.002598][ T9045] inactive_file 0 [ 130.002602][ T9045] active_file 0 [ 130.002606][ T9045] unevictable 0 [ 130.002611][ T9045] hierarchical_memory_limit 314572800 [ 130.002616][ T9045] hierarchical_memsw_limit 9223372036854771712 [ 130.002644][ T9045] total_cache 303415296 [ 130.002650][ T9045] total_rss 65536 [ 130.002654][ T9045] total_rss_huge 0 [ 130.002659][ T9045] total_shmem 303415296 [ 130.002663][ T9045] total_mapped_file 0 [ 130.002668][ T9045] total_dirty 0 [ 130.002672][ T9045] total_writeback 0 [ 130.002676][ T9045] total_workingset_refault_anon 10 [ 130.002681][ T9045] total_workingset_refault_file 15 [ 130.002687][ T9045] total_swap 127905792 [ 130.002691][ T9045] total_swapcached 28672 [ 130.002696][ T9045] total_pgpgin 109010 [ 130.002700][ T9045] total_pgpgout 34911 [ 130.002704][ T9045] total_pgfault 15078 [ 130.002709][ T9045] total_pgmajfault 35 [ 130.002713][ T9045] total_inactive_anon 26468352 [ 130.002718][ T9045] total_active_anon 277041152 [ 130.002723][ T9045] total_inactive_file 0 [ 130.002728][ T9045] total_active_file 0 [ 130.002733][ T9045] total_unevictable 0 [ 130.002737][ T9045] anon_cost 0 [ 130.002741][ T9045] file_cost 0 [ 130.002746][ T9045] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9061,uid=0 [ 130.002810][ T9045] Memory cgroup out of memory: Killed process 9061 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:49024kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000 [ 130.169064][ T9014] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 130.176106][ T9014] CPU: 2 UID: 0 PID: 9014 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 130.176121][ T9014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.176128][ T9014] Call Trace: [ 130.176132][ T9014] [ 130.176137][ T9014] dump_stack_lvl+0x16c/0x1f0 [ 130.176156][ T9014] dump_header+0x101/0x930 [ 130.176173][ T9014] oom_kill_process+0x270/0xa60 [ 130.176190][ T9014] out_of_memory+0x350/0x1700 [ 130.176208][ T9014] ? __pfx_out_of_memory+0x10/0x10 [ 130.176227][ T9014] mem_cgroup_out_of_memory+0x118/0x130 [ 130.176239][ T9014] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 130.176254][ T9014] ? do_raw_spin_unlock+0x172/0x230 [ 130.176269][ T9014] try_charge_memcg+0x72b/0xd50 [ 130.176287][ T9014] ? __pfx_try_charge_memcg+0x10/0x10 [ 130.176302][ T9014] ? find_held_lock+0x1/0x80 [ 130.176315][ T9014] ? rcu_read_unlock+0x17/0x60 [ 130.176335][ T9014] charge_memcg+0x8a/0x230 [ 130.176351][ T9014] __mem_cgroup_charge+0x2b/0x1e0 [ 130.176369][ T9014] shmem_alloc_and_add_folio+0x514/0xc20 [ 130.176386][ T9014] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 130.176401][ T9014] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 130.176417][ T9014] shmem_get_folio_gfp+0x67f/0x1600 [ 130.176434][ T9014] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 130.176448][ T9014] ? __pte_offset_map_lock+0x174/0x310 [ 130.176467][ T9014] shmem_write_begin+0x160/0x300 [ 130.176481][ T9014] ? find_held_lock+0x2b/0x80 [ 130.176494][ T9014] ? __pfx_shmem_write_begin+0x10/0x10 [ 130.176508][ T9014] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 130.176519][ T9014] ? __pfx_timestamp_truncate+0x10/0x10 [ 130.176537][ T9014] generic_perform_write+0x3d0/0x930 [ 130.176556][ T9014] ? __pfx_generic_perform_write+0x10/0x10 [ 130.176570][ T9014] ? inode_needs_update_time.part.0+0x191/0x270 [ 130.176607][ T9014] shmem_file_write_iter+0x10e/0x140 [ 130.176624][ T9014] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 130.176639][ T9014] __kernel_write_iter+0x31a/0xa90 [ 130.176654][ T9014] ? __pfx___kernel_write_iter+0x10/0x10 [ 130.176668][ T9014] ? cgroup_freezing+0x14b/0x3d0 [ 130.176683][ T9014] ? cgroup_freezing+0x155/0x3d0 [ 130.176696][ T9014] dump_user_range+0x41f/0xb60 [ 130.176713][ T9014] ? __pfx_dump_user_range+0x10/0x10 [ 130.176727][ T9014] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 130.176747][ T9014] ? __pfx_writenote+0x10/0x10 [ 130.176765][ T9014] elf_core_dump+0x288a/0x3a90 [ 130.176786][ T9014] ? __pfx_elf_core_dump+0x10/0x10 [ 130.176800][ T9014] ? kasan_save_stack+0x42/0x60 [ 130.176812][ T9014] ? kasan_save_stack+0x33/0x60 [ 130.176825][ T9014] ? kasan_save_track+0x14/0x30 [ 130.176837][ T9014] ? __kasan_kmalloc+0xaa/0xb0 [ 130.176849][ T9014] ? do_coredump+0x1c9a/0x4f10 [ 130.176861][ T9014] ? get_signal+0x22e3/0x26d0 [ 130.176873][ T9014] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 130.176888][ T9014] ? 0xffffffffff600000 [ 130.176921][ T9014] ? do_coredump+0x399f/0x4f10 [ 130.176932][ T9014] do_coredump+0x399f/0x4f10 [ 130.176950][ T9014] ? __pfx_do_coredump+0x10/0x10 [ 130.176963][ T9014] ? find_held_lock+0x2b/0x80 [ 130.176976][ T9014] ? is_bpf_text_address+0x8a/0x1a0 [ 130.176991][ T9014] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 130.177007][ T9014] ? is_bpf_text_address+0x94/0x1a0 [ 130.177023][ T9014] ? kernel_text_address+0x8d/0x100 [ 130.177036][ T9014] ? __kernel_text_address+0xd/0x40 [ 130.177046][ T9014] ? unwind_get_return_address+0x59/0xa0 [ 130.177073][ T9014] ? stack_depot_save_flags+0x28/0xa40 [ 130.177089][ T9014] ? __lock_acquire+0xb8a/0x1c90 [ 130.177107][ T9014] ? kasan_save_stack+0x42/0x60 [ 130.177120][ T9014] ? kasan_save_stack+0x33/0x60 [ 130.177132][ T9014] ? kasan_save_track+0x14/0x30 [ 130.177144][ T9014] ? kasan_save_free_info+0x3b/0x60 [ 130.177154][ T9014] ? __kasan_slab_free+0x51/0x70 [ 130.177168][ T9014] ? kmem_cache_free+0x2d1/0x4d0 [ 130.177180][ T9014] ? __sigqueue_free+0xba/0x2a0 [ 130.177194][ T9014] ? get_signal+0xcba/0x26d0 [ 130.177205][ T9014] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 130.177236][ T9014] ? proc_coredump_connector+0x2d1/0x4f0 [ 130.177249][ T9014] ? __pfx_proc_coredump_connector+0x10/0x10 [ 130.177264][ T9014] ? rcu_is_watching+0x12/0xc0 [ 130.177280][ T9014] get_signal+0x22e3/0x26d0 [ 130.177297][ T9014] ? force_sig_fault+0xc4/0x100 [ 130.177310][ T9014] ? __pfx_get_signal+0x10/0x10 [ 130.177327][ T9014] arch_do_signal_or_restart+0x8f/0x7d0 [ 130.177339][ T9014] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 130.177353][ T9014] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 130.177374][ T9014] irqentry_exit_to_user_mode+0x12a/0x270 [ 130.177392][ T9014] asm_exc_page_fault+0x26/0x30 [ 130.177402][ T9014] RIP: 0033:0x7f35db38e931 [ 130.177411][ T9014] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 130.177421][ T9014] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 130.177430][ T9014] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 130.177437][ T9014] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 130.177443][ T9014] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 130.177450][ T9014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.177455][ T9014] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 130.177469][ T9014] [ 130.177474][ T9014] memory: usage 307200kB, limit 307200kB, failcnt 12939 [ 130.345414][ T9014] memory+swap: usage 432036kB, limit 9007199254740988kB, failcnt 0 [ 130.345426][ T9014] kmem: usage 10348kB, limit 9007199254740988kB, failcnt 0 [ 130.345434][ T9014] Memory cgroup stats for /syz4: [ 130.345498][ T9014] cache 303652864 [ 130.345504][ T9014] rss 65536 [ 130.345509][ T9014] rss_huge 0 [ 130.345513][ T9014] shmem 303652864 [ 130.345517][ T9014] mapped_file 0 [ 130.345521][ T9014] dirty 0 [ 130.345525][ T9014] writeback 0 [ 130.345530][ T9014] workingset_refault_anon 10 [ 130.345534][ T9014] workingset_refault_file 15 [ 130.345539][ T9014] swap 127848448 [ 130.345543][ T9014] swapcached 24576 [ 130.345548][ T9014] pgpgin 109068 [ 130.345552][ T9014] pgpgout 34912 [ 130.345556][ T9014] pgfault 15081 [ 130.345560][ T9014] pgmajfault 35 [ 130.345565][ T9014] inactive_anon 26468352 [ 130.345569][ T9014] active_anon 277274624 [ 130.345574][ T9014] inactive_file 0 [ 130.345578][ T9014] active_file 0 [ 130.345582][ T9014] unevictable 0 [ 130.345586][ T9014] hierarchical_memory_limit 314572800 [ 130.345592][ T9014] hierarchical_memsw_limit 9223372036854771712 [ 130.345597][ T9014] total_cache 303652864 [ 130.345601][ T9014] total_rss 65536 [ 130.345606][ T9014] total_rss_huge 0 [ 130.345610][ T9014] total_shmem 303652864 [ 130.345614][ T9014] total_mapped_file 0 [ 130.345619][ T9014] total_dirty 0 [ 130.345623][ T9014] total_writeback 0 [ 130.345638][ T9014] total_workingset_refault_anon 10 [ 130.345643][ T9014] total_workingset_refault_file 15 [ 130.345648][ T9014] total_swap 127848448 [ 130.345653][ T9014] total_swapcached 24576 [ 130.345657][ T9014] total_pgpgin 109068 [ 130.345661][ T9014] total_pgpgout 34912 [ 130.345666][ T9014] total_pgfault 15081 [ 130.345670][ T9014] total_pgmajfault 35 [ 130.345675][ T9014] total_inactive_anon 26468352 [ 130.345680][ T9014] total_active_anon 277274624 [ 130.345684][ T9014] total_inactive_file 0 [ 130.345689][ T9014] total_active_file 0 [ 130.345693][ T9014] total_unevictable 0 [ 130.345698][ T9014] anon_cost 0 [ 130.345702][ T9014] file_cost 0 [ 130.345707][ T9014] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9044,uid=0 [ 130.345770][ T9014] Memory cgroup out of memory: Killed process 9044 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:48128kB, shmem-rss:0kB, UID:0 pgtables:168kB oom_score_adj:1000 [ 130.350056][ T9328] team0: Port device team_slave_0 added [ 130.354183][ T6552] udevd[6552]: setting mode of /dev/vcs26 to 020660 failed: Read-only file system [ 130.354224][ T6552] udevd[6552]: setting owner of /dev/vcs26 to uid=0, gid=5 failed: Read-only file system [ 130.354825][ T1142] bridge_slave_1: left allmulticast mode [ 130.354846][ T1142] bridge_slave_1: left promiscuous mode [ 130.354944][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.360283][ T5950] udevd[5950]: setting mode of /dev/vcsu26 to 020660 failed: Read-only file system [ 130.360323][ T5950] udevd[5950]: setting owner of /dev/vcsu26 to uid=0, gid=5 failed: Read-only file system [ 130.377058][ T1142] bridge_slave_0: left allmulticast mode [ 130.377079][ T1142] bridge_slave_0: left promiscuous mode [ 130.378451][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.383163][ T6552] udevd[6552]: setting mode of /dev/vcsa26 to 020660 failed: Read-only file system [ 130.383422][ T6552] udevd[6552]: setting owner of /dev/vcsa26 to uid=0, gid=5 failed: Read-only file system [ 130.386011][ T9049] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 130.386043][ T9049] CPU: 2 UID: 0 PID: 9049 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 130.386065][ T9049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.386075][ T9049] Call Trace: [ 130.386081][ T9049] [ 130.386090][ T9049] dump_stack_lvl+0x16c/0x1f0 [ 130.386121][ T9049] dump_header+0x101/0x930 [ 130.386143][ T9049] oom_kill_process+0x270/0xa60 [ 130.386160][ T9049] out_of_memory+0x350/0x1700 [ 130.386178][ T9049] ? __pfx_out_of_memory+0x10/0x10 [ 130.386196][ T9049] mem_cgroup_out_of_memory+0x118/0x130 [ 130.386209][ T9049] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 130.386224][ T9049] ? do_raw_spin_unlock+0x172/0x230 [ 130.386240][ T9049] try_charge_memcg+0x72b/0xd50 [ 130.386258][ T9049] ? __pfx_try_charge_memcg+0x10/0x10 [ 130.386289][ T9049] ? find_held_lock+0x1/0x80 [ 130.386302][ T9049] ? rcu_read_unlock+0x17/0x60 [ 130.386322][ T9049] charge_memcg+0x8a/0x230 [ 130.386338][ T9049] __mem_cgroup_charge+0x2b/0x1e0 [ 130.386356][ T9049] shmem_alloc_and_add_folio+0x514/0xc20 [ 130.386373][ T9049] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 130.386389][ T9049] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 130.386405][ T9049] shmem_get_folio_gfp+0x67f/0x1600 [ 130.386422][ T9049] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 130.386437][ T9049] ? __pte_offset_map_lock+0x174/0x310 [ 130.386455][ T9049] shmem_write_begin+0x160/0x300 [ 130.386470][ T9049] ? find_held_lock+0x2b/0x80 [ 130.386482][ T9049] ? __pfx_shmem_write_begin+0x10/0x10 [ 130.386497][ T9049] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 130.386507][ T9049] ? __pfx_timestamp_truncate+0x10/0x10 [ 130.386526][ T9049] generic_perform_write+0x3d0/0x930 [ 130.386544][ T9049] ? __pfx_generic_perform_write+0x10/0x10 [ 130.386559][ T9049] ? inode_needs_update_time.part.0+0x191/0x270 [ 130.386579][ T9049] shmem_file_write_iter+0x10e/0x140 [ 130.386596][ T9049] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 130.386611][ T9049] __kernel_write_iter+0x31a/0xa90 [ 130.386626][ T9049] ? __pfx___kernel_write_iter+0x10/0x10 [ 130.386640][ T9049] ? cgroup_freezing+0x14b/0x3d0 [ 130.386654][ T9049] ? cgroup_freezing+0x155/0x3d0 [ 130.386667][ T9049] dump_user_range+0x41f/0xb60 [ 130.386684][ T9049] ? __pfx_dump_user_range+0x10/0x10 [ 130.386698][ T9049] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 130.386718][ T9049] ? __pfx_writenote+0x10/0x10 [ 130.386736][ T9049] elf_core_dump+0x288a/0x3a90 [ 130.386764][ T9049] ? __pfx_elf_core_dump+0x10/0x10 [ 130.386779][ T9049] ? kasan_save_stack+0x42/0x60 [ 130.386792][ T9049] ? kasan_save_stack+0x33/0x60 [ 130.386804][ T9049] ? kasan_save_track+0x14/0x30 [ 130.386817][ T9049] ? __kasan_kmalloc+0xaa/0xb0 [ 130.386830][ T9049] ? do_coredump+0x1c9a/0x4f10 [ 130.386841][ T9049] ? get_signal+0x22e3/0x26d0 [ 130.386853][ T9049] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 130.386868][ T9049] ? 0xffffffffff600000 [ 130.386901][ T9049] ? do_coredump+0x399f/0x4f10 [ 130.386913][ T9049] do_coredump+0x399f/0x4f10 [ 130.386931][ T9049] ? __pfx_do_coredump+0x10/0x10 [ 130.386944][ T9049] ? find_held_lock+0x2b/0x80 [ 130.386957][ T9049] ? is_bpf_text_address+0x8a/0x1a0 [ 130.386972][ T9049] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 130.386987][ T9049] ? is_bpf_text_address+0x94/0x1a0 [ 130.386999][ T9049] ? kernel_text_address+0x8d/0x100 [ 130.387011][ T9049] ? __kernel_text_address+0xd/0x40 [ 130.387025][ T9049] ? unwind_get_return_address+0x59/0xa0 [ 130.387052][ T9049] ? stack_depot_save_flags+0x28/0xa40 [ 130.387069][ T9049] ? __lock_acquire+0xb8a/0x1c90 [ 130.387087][ T9049] ? kasan_save_stack+0x42/0x60 [ 130.387099][ T9049] ? kasan_save_stack+0x33/0x60 [ 130.387112][ T9049] ? kasan_save_track+0x14/0x30 [ 130.387124][ T9049] ? kasan_save_free_info+0x3b/0x60 [ 130.387138][ T9049] ? __kasan_slab_free+0x51/0x70 [ 130.387158][ T9049] ? kmem_cache_free+0x2d1/0x4d0 [ 130.387178][ T9049] ? __sigqueue_free+0xba/0x2a0 [ 130.387202][ T9049] ? get_signal+0xcba/0x26d0 [ 130.387221][ T9049] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 130.387267][ T9049] ? proc_coredump_connector+0x2d1/0x4f0 [ 130.387281][ T9049] ? __pfx_proc_coredump_connector+0x10/0x10 [ 130.387297][ T9049] ? rcu_is_watching+0x12/0xc0 [ 130.387312][ T9049] get_signal+0x22e3/0x26d0 [ 130.387329][ T9049] ? force_sig_fault+0xc4/0x100 [ 130.387342][ T9049] ? __pfx_get_signal+0x10/0x10 [ 130.387359][ T9049] arch_do_signal_or_restart+0x8f/0x7d0 [ 130.387371][ T9049] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 130.387385][ T9049] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 130.387406][ T9049] irqentry_exit_to_user_mode+0x12a/0x270 [ 130.387424][ T9049] asm_exc_page_fault+0x26/0x30 [ 130.387434][ T9049] RIP: 0033:0x7f35db38e931 [ 130.387443][ T9049] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 130.387454][ T9049] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 130.387463][ T9049] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 130.387470][ T9049] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 130.387476][ T9049] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 130.387482][ T9049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.387488][ T9049] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 130.387502][ T9049] [ 130.387919][ T9049] memory: usage 307200kB, limit 307200kB, failcnt 13186 [ 130.387929][ T9049] memory+swap: usage 432020kB, limit 9007199254740988kB, failcnt 0 [ 130.387937][ T9049] kmem: usage 10120kB, limit 9007199254740988kB, failcnt 0 [ 130.387944][ T9049] Memory cgroup stats for /syz4: [ 130.388007][ T9049] cache 303927296 [ 130.388012][ T9049] rss 65536 [ 130.388023][ T9049] rss_huge 0 [ 130.388027][ T9049] shmem 303927296 [ 130.388031][ T9049] mapped_file 0 [ 130.388035][ T9049] dirty 0 [ 130.388039][ T9049] writeback 0 [ 130.388043][ T9049] workingset_refault_anon 10 [ 130.388048][ T9049] workingset_refault_file 15 [ 130.388053][ T9049] swap 127815680 [ 130.388057][ T9049] swapcached 24576 [ 130.388062][ T9049] pgpgin 109135 [ 130.388066][ T9049] pgpgout 34912 [ 130.388070][ T9049] pgfault 15086 [ 130.388074][ T9049] pgmajfault 35 [ 130.388078][ T9049] inactive_anon 26468352 [ 130.388083][ T9049] active_anon 277508096 [ 130.388087][ T9049] inactive_file 0 [ 130.388092][ T9049] active_file 0 [ 130.388096][ T9049] unevictable 0 [ 130.388100][ T9049] hierarchical_memory_limit 314572800 [ 130.388106][ T9049] hierarchical_memsw_limit 9223372036854771712 [ 130.388111][ T9049] total_cache 303927296 [ 130.388115][ T9049] total_rss 65536 [ 130.388120][ T9049] total_rss_huge 0 [ 130.388124][ T9049] total_shmem 303927296 [ 130.388129][ T9049] total_mapped_file 0 [ 130.388133][ T9049] total_dirty 0 [ 130.388137][ T9049] total_writeback 0 [ 130.388141][ T9049] total_workingset_refault_anon 10 [ 130.388146][ T9049] total_workingset_refault_file 15 [ 130.388151][ T9049] total_swap 127815680 [ 130.388156][ T9049] total_swapcached 24576 [ 130.388161][ T9049] total_pgpgin 109135 [ 130.388165][ T9049] total_pgpgout 34912 [ 130.388169][ T9049] total_pgfault 15086 [ 130.388174][ T9049] total_pgmajfault 35 [ 130.388178][ T9049] total_inactive_anon 26468352 [ 130.388183][ T9049] total_active_anon 277508096 [ 130.388187][ T9049] total_inactive_file 0 [ 130.388192][ T9049] total_active_file 0 [ 130.388196][ T9049] total_unevictable 0 [ 130.388200][ T9049] anon_cost 0 [ 130.388205][ T9049] file_cost 0 [ 130.388209][ T9049] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9049,uid=0 [ 130.388266][ T9049] Memory cgroup out of memory: Killed process 9049 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:47232kB, shmem-rss:0kB, UID:0 pgtables:168kB oom_score_adj:1000 [ 130.392692][ T9362] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 130.425621][ T9017] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 130.763887][ T9017] CPU: 2 UID: 0 PID: 9017 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 130.763902][ T9017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.763909][ T9017] Call Trace: [ 130.763913][ T9017] [ 130.763918][ T9017] dump_stack_lvl+0x16c/0x1f0 [ 130.763939][ T9017] dump_header+0x101/0x930 [ 130.763956][ T9017] oom_kill_process+0x270/0xa60 [ 130.763973][ T9017] out_of_memory+0x350/0x1700 [ 130.763991][ T9017] ? __pfx_out_of_memory+0x10/0x10 [ 130.764009][ T9017] mem_cgroup_out_of_memory+0x118/0x130 [ 130.764021][ T9017] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 130.764043][ T9017] ? do_raw_spin_unlock+0x172/0x230 [ 130.764058][ T9017] try_charge_memcg+0x72b/0xd50 [ 130.764076][ T9017] ? __pfx_try_charge_memcg+0x10/0x10 [ 130.764092][ T9017] ? find_held_lock+0x1/0x80 [ 130.764105][ T9017] ? rcu_read_unlock+0x17/0x60 [ 130.764125][ T9017] charge_memcg+0x8a/0x230 [ 130.764141][ T9017] __mem_cgroup_charge+0x2b/0x1e0 [ 130.764159][ T9017] shmem_alloc_and_add_folio+0x514/0xc20 [ 130.764177][ T9017] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 130.764192][ T9017] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 130.764208][ T9017] shmem_get_folio_gfp+0x67f/0x1600 [ 130.764224][ T9017] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 130.764239][ T9017] ? __pte_offset_map_lock+0x174/0x310 [ 130.764258][ T9017] shmem_write_begin+0x160/0x300 [ 130.764272][ T9017] ? find_held_lock+0x2b/0x80 [ 130.764284][ T9017] ? __pfx_shmem_write_begin+0x10/0x10 [ 130.764298][ T9017] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 130.764309][ T9017] ? __pfx_timestamp_truncate+0x10/0x10 [ 130.764328][ T9017] generic_perform_write+0x3d0/0x930 [ 130.764346][ T9017] ? __pfx_generic_perform_write+0x10/0x10 [ 130.764360][ T9017] ? inode_needs_update_time.part.0+0x191/0x270 [ 130.764381][ T9017] shmem_file_write_iter+0x10e/0x140 [ 130.764397][ T9017] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 130.764412][ T9017] __kernel_write_iter+0x31a/0xa90 [ 130.764428][ T9017] ? __pfx___kernel_write_iter+0x10/0x10 [ 130.764442][ T9017] ? cgroup_freezing+0x14b/0x3d0 [ 130.764456][ T9017] ? cgroup_freezing+0x155/0x3d0 [ 130.764469][ T9017] dump_user_range+0x41f/0xb60 [ 130.764486][ T9017] ? __pfx_dump_user_range+0x10/0x10 [ 130.764500][ T9017] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 130.764519][ T9017] ? __pfx_writenote+0x10/0x10 [ 130.764537][ T9017] elf_core_dump+0x288a/0x3a90 [ 130.764559][ T9017] ? __pfx_elf_core_dump+0x10/0x10 [ 130.764593][ T9017] ? kasan_save_stack+0x42/0x60 [ 130.764607][ T9017] ? kasan_save_stack+0x33/0x60 [ 130.764620][ T9017] ? kasan_save_track+0x14/0x30 [ 130.764632][ T9017] ? __kasan_kmalloc+0xaa/0xb0 [ 130.764645][ T9017] ? do_coredump+0x1c9a/0x4f10 [ 130.764657][ T9017] ? get_signal+0x22e3/0x26d0 [ 130.764669][ T9017] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 130.764685][ T9017] ? 0xffffffffff600000 [ 130.764717][ T9017] ? do_coredump+0x399f/0x4f10 [ 130.764729][ T9017] do_coredump+0x399f/0x4f10 [ 130.764747][ T9017] ? __pfx_do_coredump+0x10/0x10 [ 130.764761][ T9017] ? find_held_lock+0x2b/0x80 [ 130.764774][ T9017] ? is_bpf_text_address+0x8a/0x1a0 [ 130.764789][ T9017] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 130.764804][ T9017] ? is_bpf_text_address+0x94/0x1a0 [ 130.764816][ T9017] ? kernel_text_address+0x8d/0x100 [ 130.764828][ T9017] ? __kernel_text_address+0xd/0x40 [ 130.764839][ T9017] ? unwind_get_return_address+0x59/0xa0 [ 130.764866][ T9017] ? stack_depot_save_flags+0x28/0xa40 [ 130.764882][ T9017] ? __lock_acquire+0xb8a/0x1c90 [ 130.764901][ T9017] ? kasan_save_stack+0x42/0x60 [ 130.764914][ T9017] ? kasan_save_stack+0x33/0x60 [ 130.764926][ T9017] ? kasan_save_track+0x14/0x30 [ 130.764939][ T9017] ? kasan_save_free_info+0x3b/0x60 [ 130.764949][ T9017] ? __kasan_slab_free+0x51/0x70 [ 130.764962][ T9017] ? kmem_cache_free+0x2d1/0x4d0 [ 130.764975][ T9017] ? __sigqueue_free+0xba/0x2a0 [ 130.764989][ T9017] ? get_signal+0xcba/0x26d0 [ 130.765001][ T9017] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 130.765035][ T9017] ? proc_coredump_connector+0x2d1/0x4f0 [ 130.765049][ T9017] ? __pfx_proc_coredump_connector+0x10/0x10 [ 130.765064][ T9017] ? rcu_is_watching+0x12/0xc0 [ 130.765080][ T9017] get_signal+0x22e3/0x26d0 [ 130.765097][ T9017] ? force_sig_fault+0xc4/0x100 [ 130.765111][ T9017] ? __pfx_get_signal+0x10/0x10 [ 130.765128][ T9017] arch_do_signal_or_restart+0x8f/0x7d0 [ 130.765140][ T9017] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 130.765153][ T9017] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 130.765174][ T9017] irqentry_exit_to_user_mode+0x12a/0x270 [ 130.765192][ T9017] asm_exc_page_fault+0x26/0x30 [ 130.765203][ T9017] RIP: 0033:0x7f35db38e931 [ 130.765212][ T9017] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 130.765223][ T9017] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 130.765232][ T9017] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 130.765239][ T9017] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 130.765246][ T9017] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 130.765252][ T9017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.765258][ T9017] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 130.765272][ T9017] [ 130.765276][ T9017] memory: usage 307200kB, limit 307200kB, failcnt 13397 [ 130.930396][ T9017] memory+swap: usage 432004kB, limit 9007199254740988kB, failcnt 0 [ 130.933054][ T9017] kmem: usage 9896kB, limit 9007199254740988kB, failcnt 0 [ 130.935333][ T9017] Memory cgroup stats for /syz4: [ 130.935406][ T9017] cache 304177152 [ 130.938204][ T9017] rss 65536 [ 130.939284][ T9017] rss_huge 0 [ 130.940356][ T9017] shmem 304177152 [ 130.941548][ T9017] mapped_file 0 [ 130.943018][ T9017] dirty 0 [ 130.943976][ T9017] writeback 0 [ 130.945052][ T9017] workingset_refault_anon 10 [ 130.946508][ T9017] workingset_refault_file 15 [ 130.947945][ T9017] swap 127799296 [ 130.949087][ T9017] swapcached 24576 [ 130.950687][ T9017] pgpgin 109196 [ 130.952081][ T9017] pgpgout 34912 [ 130.953354][ T9017] pgfault 15090 [ 130.954511][ T9017] pgmajfault 35 [ 130.955668][ T9017] inactive_anon 26468352 [ 130.957128][ T9017] active_anon 277798912 [ 130.958475][ T9017] inactive_file 0 [ 130.959810][ T9017] active_file 0 [ 130.960966][ T9017] unevictable 0 [ 130.963339][ T9017] hierarchical_memory_limit 314572800 [ 130.965117][ T9017] hierarchical_memsw_limit 9223372036854771712 [ 130.967135][ T9017] total_cache 304177152 [ 130.968488][ T9017] total_rss 65536 [ 130.969757][ T9017] total_rss_huge 0 [ 130.971125][ T9017] total_shmem 304177152 [ 130.974604][ T9017] total_mapped_file 0 [ 130.976053][ T9017] total_dirty 0 [ 130.977230][ T9017] total_writeback 0 [ 130.978475][ T9017] total_workingset_refault_anon 10 [ 130.981558][ T9017] total_workingset_refault_file 15 [ 130.985376][ T9017] total_swap 127799296 [ 130.986787][ T9017] total_swapcached 24576 [ 130.988212][ T9017] total_pgpgin 109196 [ 130.989527][ T9017] total_pgpgout 34912 [ 130.990823][ T9017] total_pgfault 15090 [ 130.992355][ T9017] total_pgmajfault 35 [ 130.995529][ T9017] total_inactive_anon 26468352 [ 130.997589][ T9017] total_active_anon 277798912 [ 130.999119][ T9017] total_inactive_file 0 [ 131.000496][ T9017] total_active_file 0 [ 131.001843][ T9017] total_unevictable 0 [ 131.004826][ T9017] anon_cost 0 [ 131.006056][ T9017] file_cost 0 [ 131.007343][ T9017] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9017,uid=0 [ 131.012684][ T9017] Memory cgroup out of memory: Killed process 9017 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:44672kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 131.050112][ T9014] syz.4.942 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 131.055429][ T9014] CPU: 1 UID: 0 PID: 9014 Comm: syz.4.942 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 131.055444][ T9014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 131.055451][ T9014] Call Trace: [ 131.055456][ T9014] [ 131.055460][ T9014] dump_stack_lvl+0x16c/0x1f0 [ 131.055481][ T9014] dump_header+0x101/0x930 [ 131.055498][ T9014] oom_kill_process+0x270/0xa60 [ 131.055526][ T9014] out_of_memory+0x350/0x1700 [ 131.055546][ T9014] ? __pfx_out_of_memory+0x10/0x10 [ 131.055565][ T9014] mem_cgroup_out_of_memory+0x118/0x130 [ 131.055577][ T9014] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 131.055593][ T9014] ? do_raw_spin_unlock+0x172/0x230 [ 131.055608][ T9014] try_charge_memcg+0x72b/0xd50 [ 131.055627][ T9014] ? __pfx_try_charge_memcg+0x10/0x10 [ 131.055642][ T9014] ? find_held_lock+0x1/0x80 [ 131.055656][ T9014] ? rcu_read_unlock+0x17/0x60 [ 131.055676][ T9014] charge_memcg+0x8a/0x230 [ 131.055692][ T9014] __mem_cgroup_charge+0x2b/0x1e0 [ 131.055710][ T9014] shmem_alloc_and_add_folio+0x514/0xc20 [ 131.055727][ T9014] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 131.055742][ T9014] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 131.055759][ T9014] shmem_get_folio_gfp+0x67f/0x1600 [ 131.055775][ T9014] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 131.055790][ T9014] ? __pte_offset_map_lock+0x174/0x310 [ 131.055809][ T9014] shmem_write_begin+0x160/0x300 [ 131.055823][ T9014] ? find_held_lock+0x2b/0x80 [ 131.055836][ T9014] ? __pfx_shmem_write_begin+0x10/0x10 [ 131.055850][ T9014] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 131.055861][ T9014] ? __pfx_timestamp_truncate+0x10/0x10 [ 131.055880][ T9014] generic_perform_write+0x3d0/0x930 [ 131.055898][ T9014] ? __pfx_generic_perform_write+0x10/0x10 [ 131.055913][ T9014] ? inode_needs_update_time.part.0+0x191/0x270 [ 131.055934][ T9014] shmem_file_write_iter+0x10e/0x140 [ 131.055950][ T9014] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 131.055965][ T9014] __kernel_write_iter+0x31a/0xa90 [ 131.055981][ T9014] ? __pfx___kernel_write_iter+0x10/0x10 [ 131.055994][ T9014] ? cgroup_freezing+0x14b/0x3d0 [ 131.056012][ T9014] ? cgroup_freezing+0x155/0x3d0 [ 131.056026][ T9014] dump_user_range+0x41f/0xb60 [ 131.056043][ T9014] ? __pfx_dump_user_range+0x10/0x10 [ 131.056057][ T9014] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 131.056076][ T9014] ? __pfx_writenote+0x10/0x10 [ 131.056094][ T9014] elf_core_dump+0x288a/0x3a90 [ 131.056116][ T9014] ? __pfx_elf_core_dump+0x10/0x10 [ 131.056129][ T9014] ? kasan_save_stack+0x42/0x60 [ 131.056143][ T9014] ? kasan_save_stack+0x33/0x60 [ 131.056155][ T9014] ? kasan_save_track+0x14/0x30 [ 131.056167][ T9014] ? __kasan_kmalloc+0xaa/0xb0 [ 131.056180][ T9014] ? do_coredump+0x1c9a/0x4f10 [ 131.056191][ T9014] ? get_signal+0x22e3/0x26d0 [ 131.056203][ T9014] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 131.056219][ T9014] ? 0xffffffffff600000 [ 131.056252][ T9014] ? do_coredump+0x399f/0x4f10 [ 131.056263][ T9014] do_coredump+0x399f/0x4f10 [ 131.056281][ T9014] ? __pfx_do_coredump+0x10/0x10 [ 131.056294][ T9014] ? find_held_lock+0x2b/0x80 [ 131.056307][ T9014] ? is_bpf_text_address+0x8a/0x1a0 [ 131.056321][ T9014] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 131.056337][ T9014] ? is_bpf_text_address+0x94/0x1a0 [ 131.056349][ T9014] ? kernel_text_address+0x8d/0x100 [ 131.056361][ T9014] ? __kernel_text_address+0xd/0x40 [ 131.056372][ T9014] ? unwind_get_return_address+0x59/0xa0 [ 131.056399][ T9014] ? stack_depot_save_flags+0x28/0xa40 [ 131.056415][ T9014] ? __lock_acquire+0xb8a/0x1c90 [ 131.056433][ T9014] ? kasan_save_stack+0x42/0x60 [ 131.056445][ T9014] ? kasan_save_stack+0x33/0x60 [ 131.056458][ T9014] ? kasan_save_track+0x14/0x30 [ 131.056470][ T9014] ? kasan_save_free_info+0x3b/0x60 [ 131.056480][ T9014] ? __kasan_slab_free+0x51/0x70 [ 131.056493][ T9014] ? kmem_cache_free+0x2d1/0x4d0 [ 131.056506][ T9014] ? __sigqueue_free+0xba/0x2a0 [ 131.056520][ T9014] ? get_signal+0xcba/0x26d0 [ 131.056531][ T9014] ? arch_do_signal_or_restart+0x8f/0x7d0 [ 131.056563][ T9014] ? proc_coredump_connector+0x2d1/0x4f0 [ 131.056599][ T9014] ? __pfx_proc_coredump_connector+0x10/0x10 [ 131.056621][ T9014] ? rcu_is_watching+0x12/0xc0 [ 131.056637][ T9014] get_signal+0x22e3/0x26d0 [ 131.056654][ T9014] ? force_sig_fault+0xc4/0x100 [ 131.056667][ T9014] ? __pfx_get_signal+0x10/0x10 [ 131.056684][ T9014] arch_do_signal_or_restart+0x8f/0x7d0 [ 131.056696][ T9014] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 131.056709][ T9014] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 131.056730][ T9014] irqentry_exit_to_user_mode+0x12a/0x270 [ 131.056748][ T9014] asm_exc_page_fault+0x26/0x30 [ 131.056759][ T9014] RIP: 0033:0x7f35db38e931 [ 131.056768][ T9014] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 131.056778][ T9014] RSP: 002b:00000000fffffe10 EFLAGS: 00010217 [ 131.056788][ T9014] RAX: 0000000000000000 RBX: 00007f35db5b6080 RCX: 00007f35db38e929 [ 131.056795][ T9014] RDX: 0000000000000000 RSI: 00000000fffffe10 RDI: 0000000000000000 [ 131.056801][ T9014] RBP: 00007f35db410b39 R08: 0000000000000000 R09: 0000000000000000 [ 131.056807][ T9014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.056813][ T9014] R13: 0000000000000001 R14: 00007f35db5b6080 R15: 00007ffc04116c98 [ 131.056827][ T9014] [ 131.056846][ T9014] memory: usage 307200kB, limit 307200kB, failcnt 13697 [ 131.107937][ T9365] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1053'. [ 131.112046][ T9014] memory+swap: usage 431988kB, limit 9007199254740988kB, failcnt 0 [ 131.250915][ T9014] kmem: usage 9512kB, limit 9007199254740988kB, failcnt 0 [ 131.255093][ T9014] Memory cgroup stats for /syz4: [ 131.255247][ T9014] cache 304578560 [ 131.258222][ T9014] rss 65536 [ 131.259282][ T9014] rss_huge 0 [ 131.260766][ T9014] shmem 304578560 [ 131.262670][ T9014] mapped_file 0 [ 131.264193][ T9014] dirty 0 [ 131.265461][ T9014] writeback 0 [ 131.266877][ T9014] workingset_refault_anon 10 [ 131.269082][ T9014] workingset_refault_file 15 [ 131.270747][ T9014] swap 127782912 [ 131.275451][ T9014] swapcached 24576 [ 131.276739][ T9014] pgpgin 109294 [ 131.278008][ T9014] pgpgout 34912 [ 131.279161][ T9014] pgfault 15097 [ 131.280288][ T9014] pgmajfault 35 [ 131.281435][ T9014] inactive_anon 26468352 [ 131.286472][ T9014] active_anon 278200320 [ 131.287910][ T9014] inactive_file 0 [ 131.289097][ T9014] active_file 0 [ 131.290246][ T9014] unevictable 0 [ 131.291368][ T9014] hierarchical_memory_limit 314572800 [ 131.293500][ T9014] hierarchical_memsw_limit 9223372036854771712 [ 131.296216][ T9014] total_cache 304578560 [ 131.297978][ T9014] total_rss 65536 [ 131.299570][ T9014] total_rss_huge 0 [ 131.300863][ T9014] total_shmem 304578560 [ 131.302874][ T9014] total_mapped_file 0 [ 131.304193][ T9014] total_dirty 0 [ 131.305315][ T9014] total_writeback 0 [ 131.306544][ T9014] total_workingset_refault_anon 10 [ 131.308162][ T9014] total_workingset_refault_file 15 [ 131.310321][ T9014] total_swap 127782912 [ 131.312056][ T9014] total_swapcached 24576 [ 131.313396][ T9014] total_pgpgin 109294 [ 131.314649][ T9014] total_pgpgout 34912 [ 131.315907][ T9014] total_pgfault 15097 [ 131.317173][ T9014] total_pgmajfault 35 [ 131.318524][ T9014] total_inactive_anon 26468352 [ 131.320138][ T9014] total_active_anon 278200320 [ 131.321657][ T9014] total_inactive_file 0 [ 131.322120][ T5296] Bluetooth: hci3: command 0x0c1a tx timeout [ 131.322151][ T63] Bluetooth: hci1: command 0x0c1a tx timeout [ 131.322177][ T63] Bluetooth: hci0: command 0x0c1a tx timeout [ 131.324705][ T9014] total_active_file 0 [ 131.325032][ T5948] Bluetooth: hci2: command 0x041b tx timeout [ 131.326831][ T9014] total_unevictable 0 [ 131.326837][ T9014] anon_cost 0 [ 131.326842][ T9014] file_cost 0 [ 131.336130][ T9014] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.942,pid=9033,uid=0 [ 131.341018][ T9014] Memory cgroup out of memory: Killed process 9033 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:43904kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 131.367751][ T8756] Memory cgroup out of memory: Killed process 9014 (syz.4.942) total-vm:98240kB, anon-rss:1084kB, file-rss:43904kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 131.408548][ T9057] Memory cgroup out of memory: Killed process 9057 (syz.4.942) total-vm:98240kB, anon-rss:1048kB, file-rss:43904kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 131.446955][ T9031] Memory cgroup out of memory: Killed process 9040 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:43136kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 131.499539][ T9046] Memory cgroup out of memory: Killed process 9046 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:42496kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 131.538075][ T9374] Memory cgroup out of memory: Killed process 9031 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:42112kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 131.557917][ T9045] Memory cgroup out of memory: Killed process 9045 (syz.4.942) total-vm:98240kB, anon-rss:1088kB, file-rss:36608kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 131.558428][ T9031] syz.4.942 (9031) used greatest stack depth: 17640 bytes left [ 131.755423][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 131.759249][ T1142] bond0 (unregistering): Released all slaves [ 131.768487][ T1142] bond1 (unregistering): (slave bond_slave_0): Releasing backup interface [ 131.773595][ T1142] bond1 (unregistering): Released all slaves [ 131.780298][ T9328] team0: Port device team_slave_1 added [ 131.865961][ T1142] tipc: Disabling bearer [ 131.868421][ T1142] tipc: Left network mode [ 131.869215][ T9328] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 131.875907][ T9328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.892033][ T9328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 131.909200][ T9328] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 131.916974][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 131.922081][ T9328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.931030][ T9328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 131.979611][ T9379] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.984744][ T9379] bond0: (slave rose0): Enslaving as an active interface with an up link [ 132.075162][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 132.104245][ T9328] hsr_slave_0: entered promiscuous mode [ 132.106481][ T9328] hsr_slave_1: entered promiscuous mode [ 132.108551][ T9328] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 132.110960][ T9328] Cannot create hsr debugfs directory [ 132.184655][ T1142] hsr_slave_0: left promiscuous mode [ 132.186939][ T1142] hsr_slave_1: left promiscuous mode [ 132.189014][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.191274][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 132.213336][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.222015][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 132.237076][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 132.250102][ T1142] veth1_macvtap: left promiscuous mode [ 132.262193][ T1142] veth0_macvtap: left allmulticast mode [ 132.263985][ T1142] veth0_macvtap: left promiscuous mode [ 132.297935][ T9395] netlink: 'syz.4.1060': attribute type 10 has an invalid length. [ 132.301519][ T9395] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1060'. [ 132.326464][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 132.525625][ T1424] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.527725][ T1424] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.776826][ T1142] team0 (unregistering): Port device team_slave_1 removed [ 132.838937][ T1142] team0 (unregistering): Port device team_slave_0 removed [ 133.155672][ T40] kauditd_printk_skb: 317 callbacks suppressed [ 133.155683][ T40] audit: type=1400 audit(133.070:12221): avc: denied { read write } for pid=5933 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 133.166029][ T40] audit: type=1400 audit(133.070:12222): avc: denied { read write open } for pid=5933 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 133.173753][ T40] audit: type=1400 audit(133.070:12223): avc: denied { ioctl } for pid=5933 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 133.213100][ T40] audit: type=1400 audit(133.130:12224): avc: denied { read write } for pid=9399 comm="syz.3.1062" name="udmabuf" dev="devtmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 133.220570][ T40] audit: type=1400 audit(133.130:12225): avc: denied { read write open } for pid=9399 comm="syz.3.1062" path="/dev/udmabuf" dev="devtmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 133.229985][ T40] audit: type=1400 audit(133.130:12226): avc: denied { ioctl } for pid=9399 comm="syz.3.1062" path="/dev/udmabuf" dev="devtmpfs" ino=713 ioctlcmd=0x7542 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 133.239228][ T40] audit: type=1400 audit(133.130:12227): avc: denied { module_request } for pid=9399 comm="syz.3.1062" kmod="rtnl-link-bridge_slave" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 133.273460][ T40] audit: type=1400 audit(133.190:12228): avc: denied { read write } for pid=9399 comm="syz.3.1062" name="udmabuf" dev="devtmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 133.282212][ T40] audit: type=1400 audit(133.190:12229): avc: denied { read write open } for pid=9399 comm="syz.3.1062" path="/dev/udmabuf" dev="devtmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 133.373498][ T9395] team0: entered promiscuous mode [ 133.375165][ T9395] team_slave_0: entered promiscuous mode [ 133.377069][ T9395] team_slave_1: entered promiscuous mode [ 133.379425][ T9395] bridge0: port 3(team0) entered blocking state [ 133.381737][ T9395] bridge0: port 3(team0) entered disabled state [ 133.383800][ T9395] team0: entered allmulticast mode [ 133.385420][ T9395] team_slave_0: entered allmulticast mode [ 133.387216][ T9395] team_slave_1: entered allmulticast mode [ 133.390376][ T9395] bridge0: port 3(team0) entered blocking state [ 133.392426][ T9395] bridge0: port 3(team0) entered forwarding state [ 133.411233][ T40] audit: type=1400 audit(133.320:12230): avc: denied { read write } for pid=8756 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 133.412063][ T5939] Bluetooth: hci3: command 0x0c1a tx timeout [ 133.420506][ T5948] Bluetooth: hci2: command 0x041b tx timeout [ 133.462030][ T9406] netlink: ct family unspecified [ 133.463638][ T9406] openvswitch: netlink: Actions may not be safe on all matching packets [ 133.534361][ T9328] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 133.539484][ T9328] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 133.548671][ T9328] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 133.554433][ T9328] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 133.633093][ T1142] IPVS: stop unused estimator thread 0... [ 133.657253][ T9328] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.679163][ T9328] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.690045][ T1176] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.692663][ T1176] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.710018][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.712384][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.024883][ T9328] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.202104][ T2299] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 134.352035][ T2299] usb 9-1: Using ep0 maxpacket: 8 [ 134.366055][ T2299] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 134.368530][ T2299] usb 9-1: config 0 has no interface number 0 [ 134.371181][ T2299] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 134.375561][ T2299] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 134.378448][ T2299] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.382757][ T2299] usb 9-1: config 0 descriptor?? [ 134.395488][ T2299] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 134.440238][ T9328] veth0_vlan: entered promiscuous mode [ 134.460077][ T9328] veth1_vlan: entered promiscuous mode [ 134.514381][ T9328] veth0_macvtap: entered promiscuous mode [ 134.524162][ T9328] veth1_macvtap: entered promiscuous mode [ 134.557279][ T9437] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1068'. [ 134.560463][ T9328] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.569057][ T9328] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.577848][ T9328] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.580925][ T9328] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.585975][ T9328] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.589512][ T9328] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.620994][ T9426] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 134.681871][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.684437][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.719535][ T87] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.722262][ T87] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.725031][ T10] usb 9-1: USB disconnect, device number 2 [ 135.152194][ T10] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 135.198083][ T9465] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.1077'. [ 135.324020][ T10] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 135.326922][ T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.329417][ T10] usb 9-1: Product: syz [ 135.330729][ T10] usb 9-1: Manufacturer: syz [ 135.332294][ T10] usb 9-1: SerialNumber: syz [ 135.336721][ T9467] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1078'. [ 135.346072][ T10] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 135.387242][ T6020] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 135.482107][ T5939] Bluetooth: hci3: command 0x0c1a tx timeout [ 135.482133][ T5948] Bluetooth: hci2: command 0x041b tx timeout [ 135.496030][ T9472] kvm: apic: phys broadcast and lowest prio [ 135.624785][ T10] usb 9-1: USB disconnect, device number 3 [ 135.681684][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 135.766830][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 135.768458][ T9480] Option 'Í'M•O§±' to dns_resolver key: bad/missing value [ 135.778990][ T9480] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 135.783441][ T9480] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 135.899637][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 135.983445][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 136.079012][ T9494] bridge0: entered allmulticast mode [ 136.083394][ T9494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1087'. [ 136.085673][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 136.107475][ T9494] netfs: Couldn't get user pages (rc=-14) [ 136.180961][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 136.259121][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 136.338817][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 136.450003][ T6020] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive [ 136.451523][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 136.452504][ T6020] ath9k_htc: Failed to initialize the device [ 136.452873][ T10] usb 9-1: ath9k_htc: USB layer deinitialized [ 136.564336][ T9516] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.1096'. [ 136.582275][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 136.812117][ T9530] netlink: 4768 bytes leftover after parsing attributes in process `syz.5.1099'. [ 136.845042][ T9533] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1100'. [ 137.246405][ T9552] netfs: Couldn't get user pages (rc=-14) [ 137.371347][ T9564] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 137.411307][ T9566] netlink: 186420 bytes leftover after parsing attributes in process `syz.3.1111'. [ 137.416177][ T9564] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 137.479103][ T9569] openvswitch: netlink: ct_state flags 0000ee01 unsupported [ 137.563387][ T5939] Bluetooth: hci2: command 0x041b tx timeout [ 137.592236][ T9] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 137.765161][ T9] usb 9-1: config index 0 descriptor too short (expected 46, got 36) [ 137.768785][ T9] usb 9-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 137.773767][ T9] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 137.776586][ T9] usb 9-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00 [ 137.779540][ T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.785900][ T9] usb 9-1: rejected 1 configuration due to insufficient available bus power [ 137.788655][ T9] usb 9-1: no configuration chosen from 1 choice [ 138.178904][ T40] kauditd_printk_skb: 912 callbacks suppressed [ 138.178913][ T40] audit: type=1400 audit(138.090:13143): avc: denied { write } for pid=9572 comm="syz.3.1114" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 138.192036][ T40] audit: type=1400 audit(138.090:13144): avc: denied { prog_load } for pid=9585 comm="syz.5.1119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 138.197761][ T40] audit: type=1400 audit(138.090:13145): avc: denied { bpf } for pid=9585 comm="syz.5.1119" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 138.220255][ T40] audit: type=1400 audit(138.090:13146): avc: denied { perfmon } for pid=9585 comm="syz.5.1119" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 138.232107][ T40] audit: type=1400 audit(138.090:13147): avc: denied { perfmon } for pid=9585 comm="syz.5.1119" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 138.238167][ T40] audit: type=1400 audit(138.090:13148): avc: denied { perfmon } for pid=9585 comm="syz.5.1119" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 138.246084][ T40] audit: type=1400 audit(138.090:13149): avc: denied { perfmon } for pid=9585 comm="syz.5.1119" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 138.255904][ T40] audit: type=1400 audit(138.110:13150): avc: denied { bpf } for pid=9585 comm="syz.5.1119" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 138.262816][ T40] audit: type=1400 audit(138.110:13151): avc: denied { bpf } for pid=9585 comm="syz.5.1119" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 138.270961][ T40] audit: type=1400 audit(138.110:13152): avc: denied { prog_run } for pid=9585 comm="syz.5.1119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 138.642507][ T9594] netlink: 'syz.5.1121': attribute type 1 has an invalid length. [ 138.646868][ T9594] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1121'. [ 138.649668][ T9594] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1121'. [ 138.914152][ T9609] netfs: Couldn't get user pages (rc=-14) [ 138.983965][ T9614] trusted_key: syz.3.1129 sent an empty control message without MSG_MORE. [ 139.153507][ T9622] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 139.156282][ T9622] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 139.158603][ T9622] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 139.160586][ T9622] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 139.435449][ T9642] binder: 9631:9642 ioctl c00c6211 0 returned -14 [ 139.438873][ T9642] binder: 9631:9642 ioctl c020f509 200000000140 returned -22 [ 139.631907][ T5939] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 139.767677][ T9651] fuse: Bad value for 'fd' [ 139.965574][ T9653] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 140.084907][ T9656] nvme_fabrics: missing parameter 'transport=%s' [ 140.087854][ T9656] nvme_fabrics: missing parameter 'nqn=%s' [ 140.209013][ T9662] __nla_validate_parse: 3 callbacks suppressed [ 140.209026][ T9662] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1142'. [ 140.285775][ T6085] usb 9-1: USB disconnect, device number 4 [ 140.516824][ T9679] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1145'. [ 140.559290][ T9682] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1148'. [ 140.649519][ T9686] netlink: 'syz.3.1150': attribute type 1 has an invalid length. [ 140.653377][ T9686] netlink: 'syz.3.1150': attribute type 1 has an invalid length. [ 140.655773][ T9686] netlink: 610 bytes leftover after parsing attributes in process `syz.3.1150'. [ 140.668357][ T9686] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.1150'. [ 140.764509][ T9688] netfs: Couldn't get user pages (rc=-14) [ 140.765158][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 140.994564][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 141.155531][ T9708] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1157'. [ 141.160925][ T9709] XFS (nullb0): Invalid superblock magic number [ 141.163084][ T5939] Bluetooth: hci2: command 0x041b tx timeout [ 141.163111][ T5939] Bluetooth: hci3: command 0x0c1a tx timeout [ 141.163129][ T5939] Bluetooth: hci1: command 0x0c1a tx timeout [ 141.163146][ T5939] Bluetooth: hci0: command 0x0c1a tx timeout [ 141.172516][ T9708] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=9708 comm=syz.1.1157 [ 141.337131][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 141.365799][ T9725] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1161'. [ 141.528142][ T9733] netfs: Couldn't get user pages (rc=-14) [ 141.537090][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 141.573583][ T9739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1165'. [ 141.576461][ T9739] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1165'. [ 141.672760][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 141.699935][ T9743] FAULT_INJECTION: forcing a failure. [ 141.699935][ T9743] name failslab, interval 1, probability 0, space 0, times 0 [ 141.705212][ T9743] CPU: 0 UID: 0 PID: 9743 Comm: syz.4.1166 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 141.705227][ T9743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.705234][ T9743] Call Trace: [ 141.705238][ T9743] [ 141.705242][ T9743] dump_stack_lvl+0x16c/0x1f0 [ 141.705277][ T9743] should_fail_ex+0x512/0x640 [ 141.705297][ T9743] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 141.705314][ T9743] should_failslab+0xc2/0x120 [ 141.705330][ T9743] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 141.705345][ T9743] ? getname_flags.part.0+0x4c/0x550 [ 141.705359][ T9743] getname_flags.part.0+0x4c/0x550 [ 141.705372][ T9743] getname_flags+0x93/0xf0 [ 141.705386][ T9743] do_sys_openat2+0xb8/0x1d0 [ 141.705397][ T9743] ? __pfx_do_sys_openat2+0x10/0x10 [ 141.705409][ T9743] ? __fget_files+0x20e/0x3c0 [ 141.705427][ T9743] __x64_sys_openat+0x174/0x210 [ 141.705438][ T9743] ? __pfx___x64_sys_openat+0x10/0x10 [ 141.705448][ T9743] ? ksys_write+0x1ac/0x250 [ 141.705467][ T9743] do_syscall_64+0xcd/0x4c0 [ 141.705485][ T9743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.705497][ T9743] RIP: 0033:0x7f35db38e929 [ 141.705506][ T9743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.705517][ T9743] RSP: 002b:00007f35dc239038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 141.705539][ T9743] RAX: ffffffffffffffda RBX: 00007f35db5b5fa0 RCX: 00007f35db38e929 [ 141.705545][ T9743] RDX: 0000000000000042 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 141.705552][ T9743] RBP: 00007f35dc239090 R08: 0000000000000000 R09: 0000000000000000 [ 141.705559][ T9743] R10: 00000000000001ff R11: 0000000000000246 R12: 0000000000000001 [ 141.705565][ T9743] R13: 0000000000000000 R14: 00007f35db5b5fa0 R15: 00007ffc04116c98 [ 141.705579][ T9743] [ 141.768992][ C0] vkms_vblank_simulate: vblank timer overrun [ 141.889619][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 141.933573][ T9749] netlink: 57 bytes leftover after parsing attributes in process `syz.3.1170'. [ 141.991451][ T6552] udevd[6552]: symlink '../../loop6' '/dev/disk/by-diskseq/86.tmp-b7:6' failed: Read-only file system [ 142.055729][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 142.136734][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 142.231639][ T5950] udevd[5950]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 142.287367][ T9760] 9pnet_virtio: no channels available for device syz [ 142.364371][ T9765] veth0: entered promiscuous mode [ 142.528974][ T9772] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9772 comm=syz.4.1179 [ 142.705973][ T1143] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.836793][ T1143] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.913983][ T1143] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.948763][ T5939] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 142.953243][ T5939] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 142.954589][ T9789] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 142.958357][ T5939] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 142.958613][ T9789] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 142.965074][ T5939] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 142.968046][ T5939] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 142.982674][ T1143] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.049219][ T9795] tmpfs: Bad value for 'huge' [ 143.132671][ T1143] bridge_slave_1: left allmulticast mode [ 143.134511][ T1143] bridge_slave_1: left promiscuous mode [ 143.136836][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.146731][ T1143] bridge_slave_0: left allmulticast mode [ 143.148643][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.233667][ T40] kauditd_printk_skb: 966 callbacks suppressed [ 143.233683][ T40] audit: type=1400 audit(143.150:14119): avc: denied { ioctl } for pid=9798 comm="syz.3.1188" path="/dev/raw-gadget" dev="devtmpfs" ino=850 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.246037][ T5939] Bluetooth: hci2: command 0x041b tx timeout [ 143.258655][ T1143] gretap0 (unregistering): left promiscuous mode [ 143.313439][ T40] audit: type=1400 audit(143.230:14120): avc: denied { ioctl } for pid=9798 comm="syz.3.1188" path="/dev/raw-gadget" dev="devtmpfs" ino=850 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.378741][ T40] audit: type=1400 audit(143.290:14121): avc: denied { read write } for pid=8756 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 143.386400][ T9] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 143.388905][ T40] audit: type=1400 audit(143.290:14122): avc: denied { read write open } for pid=8756 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 143.396748][ T40] audit: type=1400 audit(143.290:14123): avc: denied { ioctl } for pid=8756 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 143.405565][ T40] audit: type=1400 audit(143.300:14124): avc: denied { ioctl } for pid=9798 comm="syz.3.1188" path="/dev/raw-gadget" dev="devtmpfs" ino=850 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.415101][ T40] audit: type=1400 audit(143.300:14125): avc: denied { ioctl } for pid=9798 comm="syz.3.1188" path="/dev/raw-gadget" dev="devtmpfs" ino=850 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.424678][ T40] audit: type=1400 audit(143.300:14126): avc: denied { ioctl } for pid=9798 comm="syz.3.1188" path="/dev/raw-gadget" dev="devtmpfs" ino=850 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.451842][ T40] audit: type=1400 audit(143.360:14127): avc: denied { create } for pid=9801 comm="syz.4.1189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 143.459076][ T40] audit: type=1400 audit(143.370:14128): avc: denied { ioctl } for pid=9798 comm="syz.3.1188" path="/dev/raw-gadget" dev="devtmpfs" ino=850 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 143.476577][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 143.480710][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 143.497786][ T1143] bond0 (unregistering): (slave wlan1): Releasing backup interface [ 143.506807][ T1143] bond0 (unregistering): Released all slaves [ 143.512059][ T9] usb 8-1: device descriptor read/64, error -71 [ 143.512844][ T1143] bond1 (unregistering): Released all slaves [ 143.522514][ T1143] bond2 (unregistering): Released all slaves [ 143.536419][ T9788] chnl_net:caif_netlink_parms(): no params data found [ 143.625473][ T1143] tipc: Left network mode [ 143.627501][ T9788] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.630531][ T9788] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.633559][ T9788] bridge_slave_0: entered allmulticast mode [ 143.636376][ T9788] bridge_slave_0: entered promiscuous mode [ 143.650469][ T9788] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.653814][ T9788] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.656222][ T9788] bridge_slave_1: entered allmulticast mode [ 143.658955][ T9788] bridge_slave_1: entered promiscuous mode [ 143.719396][ T9788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 143.743554][ T9788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 143.752052][ T9] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 143.793353][ T9788] team0: Port device team_slave_0 added [ 143.803843][ T1143] batadv_slave_1: left promiscuous mode [ 143.821869][ T1143] hsr_slave_0: left promiscuous mode [ 143.829504][ T1143] hsr_slave_1: left promiscuous mode [ 143.850639][ T1143] veth1_macvtap: left promiscuous mode [ 143.852675][ T1143] veth0_macvtap: left promiscuous mode [ 143.855048][ T1143] veth1_vlan: left promiscuous mode [ 143.856944][ T1143] veth0_vlan: left promiscuous mode [ 143.882110][ T9] usb 8-1: device descriptor read/64, error -71 [ 143.921583][ T9817] o2cb: This node has not been configured. [ 143.923690][ T9817] o2cb: Cluster check failed. Fix errors before retrying. [ 143.926243][ T9817] (syz.4.1192,9817,0):user_dlm_register:674 ERROR: status = -22 [ 143.928608][ T9817] (syz.4.1192,9817,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0" [ 143.945095][ T9817] o2cb: This node has not been configured. [ 143.946945][ T9817] o2cb: Cluster check failed. Fix errors before retrying. [ 143.951984][ T9817] (syz.4.1192,9817,0):user_dlm_register:674 ERROR: status = -22 [ 143.954272][ T9817] (syz.4.1192,9817,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1" [ 143.994273][ T9] usb usb8-port1: attempt power cycle [ 144.332021][ T9] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 144.353803][ T9] usb 8-1: device descriptor read/8, error -71 [ 144.579393][ T1143] team_slave_1 (unregistering): left allmulticast mode [ 144.580911][ T9838] netfs: Couldn't get user pages (rc=-14) [ 144.585273][ T1143] team0 (unregistering): Port device team_slave_1 removed [ 144.602057][ T9] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 144.624660][ T9] usb 8-1: device descriptor read/8, error -71 [ 144.663138][ T1143] team_slave_0 (unregistering): left allmulticast mode [ 144.666437][ T1143] team0 (unregistering): Port device team_slave_0 removed [ 144.732435][ T9] usb usb8-port1: unable to enumerate USB device [ 145.002109][ T5939] Bluetooth: hci1: command tx timeout [ 145.275149][ T1143] team0 (unregistering): left allmulticast mode [ 145.308488][ T9849] __nla_validate_parse: 2 callbacks suppressed [ 145.308500][ T9849] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1203'. [ 145.326984][ T9788] team0: Port device team_slave_1 added [ 145.386071][ T9788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 145.388302][ T9788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.397104][ T9788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 145.413024][ T9788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 145.415894][ T9788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 145.418022][ T9849] netlink: 'syz.4.1203': attribute type 10 has an invalid length. [ 145.430229][ T9849] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1203'. [ 145.431252][ T9788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 145.444948][ T9849] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 145.447917][ T9849] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 145.453873][ T9849] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check. [ 145.565539][ T9788] hsr_slave_0: entered promiscuous mode [ 145.567752][ T9788] hsr_slave_1: entered promiscuous mode [ 145.580367][ T9856] No such timeout policy "syz1" [ 145.590785][ T9856] tipc: Enabling of bearer rejected, media not registered [ 145.847061][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 145.904137][ T9869] netfs: Couldn't get user pages (rc=-14) [ 145.925899][ T9788] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 145.937568][ T9788] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 145.946265][ T9788] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 145.951406][ T9788] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 146.025124][ T6552] udevd[6552]: symlink '../../loop5' '/dev/disk/by-diskseq/82.tmp-b7:5' failed: Read-only file system [ 146.083436][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 146.090423][ T9788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.131232][ T9788] 8021q: adding VLAN 0 to HW filter on device team0 [ 146.140578][ T1143] bridge0: port 1(bridge_slave_0) entered blocking state [ 146.143165][ T1143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 146.153203][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state [ 146.155438][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 146.170975][ T9884] mac80211_hwsim hwsim14 `ëÿÿ: renamed from wlan1 (while UP) [ 146.190365][ T5934] udevd[5934]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 146.260895][ T9887] ------------[ cut here ]------------ [ 146.262882][ T9887] WARNING: CPU: 0 PID: 9887 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x30b/0x23f0 [ 146.266410][ T9887] Modules linked in: [ 146.268342][ T9887] CPU: 0 UID: 0 PID: 9887 Comm: syz.3.1214 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 146.273261][ T9887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 146.276699][ T9887] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0 SYZFAIL: failed to recv rpc [ 146.278822][ T9887] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 83 6d 7a 0e 00 75 0b c6 05 7a 6d 7a 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8 [ 146.280587][ T6552] udevd[6552]: symlink '../../loop4' '/dev/disk/by-diskseq/83.tmp-b7:4' failed: Read-only file system [ 146.285164][ T9887] RSP: 0018:ffffc9000376f4f8 EFLAGS: 00010246 [ 146.285186][ T9887] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.285194][ T9887] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040dc0 [ 146.296021][ T9887] RBP: 0000000400000000 R08: 0000000000000005 R09: 0000000000000000 [ 146.298543][ T9887] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000016 [ 146.301093][ T9887] R13: 1ffff920006edeb4 R14: 0000000400000000 R15: 0000000000000016 fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 146.303679][ T9887] FS: 00007f84cedf66c0(0000) GS:ffff8880d6753000(0000) knlGS:0000000000000000 [ 146.306668][ T9887] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.308908][ T9887] CR2: 0000200000006000 CR3: 000000004b1f9000 CR4: 0000000000352ef0 [ 146.311463][ T9887] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000004144 [ 146.314115][ T9887] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 146.316668][ T9887] Call Trace: [ 146.317759][ T9887] [ 146.318740][ T9887] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 146.320795][ T9887] ? rcu_is_watching+0x12/0xc0 [ 146.322430][ T9887] ? trace_kmem_cache_alloc+0x28/0xc0 [ 146.324227][ T9887] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 146.326075][ T9887] ? hashtab_init+0x1b1/0x290 [ 146.327787][ T9887] __alloc_pages_noprof+0xb/0x1b0 [ 146.329410][ T9887] ___kmalloc_large_node+0x84/0x1e0 [ 146.331105][ T9887] ? hashtab_init+0x1b1/0x290 [ 146.332737][ T9887] __kmalloc_large_node_noprof+0x1c/0x70 [ 146.334509][ T9887] ? __pfx_ebitmap_read+0x10/0x10 [ 146.336178][ T9887] __kmalloc_noprof.cold+0xc/0x61 [ 146.337811][ T9887] hashtab_init+0x1b1/0x290 [ 146.339311][ T9887] ? __asan_memcpy+0x3c/0x60 [ 146.340811][ T9887] policydb_read+0x7b4/0x3220 [ 146.342563][ T9887] ? __pfx_policydb_read+0x10/0x10 [ 146.344354][ T9887] security_load_policy+0x15c/0x12c0 [ 146.346109][ T9887] ? irqentry_exit+0x3b/0x90 [ 146.347631][ T9887] ? __pfx_security_load_policy+0x10/0x10 [ 146.349475][ T9887] ? _copy_from_user+0x93/0xd0 [ 146.351052][ T9887] sel_write_load+0x332/0x1bd0 [ 146.352706][ T9887] ? __lock_acquire+0xb8a/0x1c90 [ 146.354333][ T9887] ? __pfx_sel_write_load+0x10/0x10 [ 146.356062][ T9887] ? __pfx_sel_write_load+0x10/0x10 [ 146.357754][ T9887] vfs_write+0x2a0/0x1150 [ 146.359201][ T9887] ? __pfx___mutex_lock+0x10/0x10 [ 146.360841][ T9887] ? __pfx_vfs_write+0x10/0x10 [ 146.362458][ T9887] ? __fget_files+0x20e/0x3c0 [ 146.364015][ T9887] ksys_write+0x12a/0x250 [ 146.365457][ T9887] ? __pfx_ksys_write+0x10/0x10 [ 146.367089][ T9887] do_syscall_64+0xcd/0x4c0 [ 146.368601][ T9887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.370479][ T9887] RIP: 0033:0x7f84d0f8e929 [ 146.371997][ T9887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.378360][ T9887] RSP: 002b:00007f84cedf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 146.381010][ T9887] RAX: ffffffffffffffda RBX: 00007f84d11b5fa0 RCX: 00007f84d0f8e929 [ 146.383637][ T9887] RDX: 000000000000606c RSI: 0000200000000000 RDI: 0000000000000003 [ 146.386207][ T9887] RBP: 00007f84d1010b39 R08: 0000000000000000 R09: 0000000000000000 [ 146.388757][ T9887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.391161][ T9887] R13: 0000000000000000 R14: 00007f84d11b5fa0 R15: 00007ffd0c89c0d8 [ 146.393706][ T9887] [ 146.394706][ T9887] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 146.397053][ T9887] CPU: 0 UID: 0 PID: 9887 Comm: syz.3.1214 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(full) [ 146.400223][ T9887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 146.403631][ T9887] Call Trace: [ 146.404694][ T9887] [ 146.405655][ T9887] dump_stack_lvl+0x3d/0x1f0 [ 146.407164][ T9887] panic+0x71c/0x800 [ 146.408524][ T9887] ? __pfx_panic+0x10/0x10 [ 146.409969][ T9887] ? show_trace_log_lvl+0x29b/0x3e0 [ 146.411646][ T9887] ? __alloc_frozen_pages_noprof+0x30b/0x23f0 [ 146.413594][ T9887] check_panic_on_warn+0xab/0xb0 [ 146.415516][ T9887] __warn+0xf6/0x3c0 [ 146.417198][ T9887] ? __alloc_frozen_pages_noprof+0x30b/0x23f0 [ 146.419624][ T9887] report_bug+0x3c3/0x580 [ 146.421313][ T9887] ? __alloc_frozen_pages_noprof+0x30b/0x23f0 [ 146.423547][ T9887] handle_bug+0x184/0x210 [ 146.424946][ T9887] exc_invalid_op+0x17/0x50 [ 146.426426][ T9887] asm_exc_invalid_op+0x1a/0x20 [ 146.427981][ T9887] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0 [ 146.430110][ T9887] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 83 6d 7a 0e 00 75 0b c6 05 7a 6d 7a 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8 [ 146.436178][ T9887] RSP: 0018:ffffc9000376f4f8 EFLAGS: 00010246 [ 146.438119][ T9887] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 146.440564][ T9887] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040dc0 [ 146.443083][ T9887] RBP: 0000000400000000 R08: 0000000000000005 R09: 0000000000000000 [ 146.445564][ T9887] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000016 [ 146.448071][ T9887] R13: 1ffff920006edeb4 R14: 0000000400000000 R15: 0000000000000016 [ 146.450604][ T9887] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 146.453030][ T9887] ? rcu_is_watching+0x12/0xc0 [ 146.454884][ T9887] ? trace_kmem_cache_alloc+0x28/0xc0 [ 146.457074][ T9887] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 146.459370][ T9887] ? hashtab_init+0x1b1/0x290 [ 146.461047][ T9887] __alloc_pages_noprof+0xb/0x1b0 [ 146.462675][ T9887] ___kmalloc_large_node+0x84/0x1e0 [ 146.464376][ T9887] ? hashtab_init+0x1b1/0x290 [ 146.466133][ T9887] __kmalloc_large_node_noprof+0x1c/0x70 [ 146.468144][ T9887] ? __pfx_ebitmap_read+0x10/0x10 [ 146.469769][ T9887] __kmalloc_noprof.cold+0xc/0x61 [ 146.471589][ T9887] hashtab_init+0x1b1/0x290 [ 146.473311][ T9887] ? __asan_memcpy+0x3c/0x60 [ 146.475080][ T9887] policydb_read+0x7b4/0x3220 [ 146.477065][ T9887] ? __pfx_policydb_read+0x10/0x10 [ 146.479159][ T9887] security_load_policy+0x15c/0x12c0 [ 146.481143][ T9887] ? irqentry_exit+0x3b/0x90 [ 146.483086][ T9887] ? __pfx_security_load_policy+0x10/0x10 [ 146.485501][ T9887] ? _copy_from_user+0x93/0xd0 [ 146.487492][ T9887] sel_write_load+0x332/0x1bd0 [ 146.489548][ T9887] ? __lock_acquire+0xb8a/0x1c90 [ 146.491674][ T9887] ? __pfx_sel_write_load+0x10/0x10 [ 146.493887][ T9887] ? __pfx_sel_write_load+0x10/0x10 [ 146.496056][ T9887] vfs_write+0x2a0/0x1150 [ 146.497889][ T9887] ? __pfx___mutex_lock+0x10/0x10 [ 146.499848][ T9887] ? __pfx_vfs_write+0x10/0x10 [ 146.501475][ T9887] ? __fget_files+0x20e/0x3c0 [ 146.503066][ T9887] ksys_write+0x12a/0x250 [ 146.504551][ T9887] ? __pfx_ksys_write+0x10/0x10 [ 146.506197][ T9887] do_syscall_64+0xcd/0x4c0 [ 146.507685][ T9887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.509660][ T9887] RIP: 0033:0x7f84d0f8e929 [ 146.511158][ T9887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.518085][ T9887] RSP: 002b:00007f84cedf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 146.521149][ T9887] RAX: ffffffffffffffda RBX: 00007f84d11b5fa0 RCX: 00007f84d0f8e929 [ 146.524332][ T9887] RDX: 000000000000606c RSI: 0000200000000000 RDI: 0000000000000003 [ 146.527487][ T9887] RBP: 00007f84d1010b39 R08: 0000000000000000 R09: 0000000000000000 [ 146.530052][ T9887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.532653][ T9887] R13: 0000000000000000 R14: 00007f84d11b5fa0 R15: 00007ffd0c89c0d8 [ 146.535525][ T9887] [ 146.537197][ T9887] Kernel Offset: disabled [ 146.538595][ T9887] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:10:38 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855ba255 RDI=ffffffff9b0893a0 RBP=ffffffff9b089360 RSP=ffffc9000376ee60 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000038 R14=ffffffff9b089360 R15=ffffffff855ba1f0 RIP=ffffffff855ba27f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f84cedf66c0 ffffffff 00c00000 GS =0000 ffff8880d6753000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000006000 CR3=000000004b1f9000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000004144 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1198e11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1198e11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1198e11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1198e11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1198e11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1198e11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1198f84488 00007f1198f84480 00007f1198f84478 00007f1198f84450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1199aed100 00007f1198f84440 00007f1198f80004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1198f84498 00007f1198f84490 00007f1198f84488 00007f1198f84480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 0000000000000080 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffed100ab90544 RBX=ffffed100ab90545 RCX=ffffffff820a2bc9 RDX=0000000000000001 RSI=0000000000000004 RDI=ffff888055c82a20 RBP=ffffed100ab90544 RSP=ffffc900045af678 R8 =0000000000000000 R9 =ffffed100ab90544 R10=ffff888055c82a23 R11=0000000000000001 R12=0000000000000001 R13=dffffc0000000000 R14=ffff88805b553520 R15=00007f35d9ca4000 RIP=ffffffff8222ec95 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00005555776d5500 ffffffff 00c00000 GS =0000 ffff8880d6853000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f35dc0e56c0 CR3=000000005995b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000010000000 Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000002c00000012 0004000000080024 0000000000280030 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000004c6 0000001000000000 0000000000000000 0000000000000014 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 707974742f766564 2f01ffffffffffff ffffe10801800338 0000112500000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a8e7b1b224688db5 7122c753ee5f82da c2133279dfee9f89 1dff35d369356ad3 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9d21189958ca8565 3160f67fd641e87e 5d170e9d554fc712 1dae0f7265d31541 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d777ab8a7342910d 7c37325bd2aefdca f9109c69b4bbcd7a 18f60803d2800303 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d28004038e800300 040010c182080001 800401c710000800 4a96006b746e6972 ZMM24=4a6e6d744a6e6d74 4a6e6d744a6e6d74 4a6e6d744a6e6d74 4a6e6d744a6e6d74 4a6e6d744a6e6d74 4a6e6d744a6e6d74 4a6e6d744a6e6d74 4a6e6d744a6e6d74 ZMM25=b615adc2b615adc2 b615adc2b615adc2 b615adc2b615adc2 b615adc2b615adc2 b615adc2b615adc2 b615adc2b615adc2 b615adc2b615adc2 b615adc2b615adc2 ZMM26=08b02fc208b02fc2 08b02fc208b02fc2 08b02fc208b02fc2 08b02fc208b02fc2 08b02fc208b02fc2 08b02fc208b02fc2 08b02fc208b02fc2 08b02fc208b02fc2 ZMM27=c21b12f8c21b12f8 c21b12f8c21b12f8 c21b12f8c21b12f8 c21b12f8c21b12f8 c21b12f8c21b12f8 c21b12f8c21b12f8 c21b12f8c21b12f8 c21b12f8c21b12f8 ZMM28=000000500000004f 0000004e0000004d 0000004c0000004b 0000004a00000049 0000004800000047 0000004600000045 0000004400000043 0000004200000041 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=8106000081060000 8106000081060000 8106000081060000 8106000081060000 8106000081060000 8106000081060000 8106000081060000 8106000081060000 info registers vcpu 2 CPU#2 RAX=0000000000000002 RBX=ffffffff8e5c4840 RCX=0000000000000002 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff8e5c4840 RBP=0000000000000002 RSP=ffffc9000cdaf6e0 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000006058 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81987cee RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6953000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055556bda6808 CR3=000000005bd19000 CR4=00352ef0 DR0=0000000000000007 DR1=000000000000009b DR2=00040000ffffffff DR3=0000000000000009 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004000100 Opmask01=0000000000001000 Opmask02=0000000003ffffff Opmask03=0000000000000000 Opmask04=00000000ffffdfff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd57c57d00 00007ffd57c57d00 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd57c57cd0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 00007ffd57c59810 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6e140357f0 00007f6e140357e0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff0000000000ff ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b7a4be64042ac66c 646431d434dc728e ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 64646464646464b5 6464646464646454 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e696c657300736d 6574737973656c69 662f636f72702f00 6563726f666e652f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b4c494056005648 4051565c5640494c 430a464a57550a00 4046574a434b400a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 0000000000000000 00007ffd57c59810 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e2e65726f632e74 656e2e6c74637379 73203034313d6873 657268745f676f64 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c6f736e6f6320 6164732f7665642f 3d746f6f7220313d 6e7261775f6e6f5f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 63696e6170203233 3d78616d5f736462 6e2032333d706f6f 6c5f78616d203233 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d6d756e2e646368 5f796d6d75642030 34313d736365735f 74756f656d69745f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7265747369676572 6e755f7665647465 6e2e65726f632e74 656e2e6c74637379 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000010 0000000000000030 0000000000000000 0000312f1365164d ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000002 RBX=0000000000000002 RCX=0000000096b9d87d RDX=0000000000000000 RSI=000000007fa922fa RDI=ffff888029790000 RBP=ffff888029790000 RSP=ffffc9000f49eed8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000050 R11=0000000000000001 R12=ffff888029790af0 R13=ffff888029790b40 R14=0000000000000002 R15=0000000000000001 RIP=ffffffff81985d52 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a53000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f84d117f678 CR3=000000004b175000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000020040 Opmask01=0000000041020820 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd600d4150 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e48a11ae7 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e48a11adf ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e48a11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e48a11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e48a11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e48a11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e48a11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5e48a11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c2578303d732520 2d3c205d736d756c 6c255b2064252300 202c00287325203e ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2d205d736d756c6c 255b206425230078 3230253a3a303865 660030667663696e ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000