[ 51.691623][ T39] audit: type=1400 audit(1661446178.220:74): avc: denied { write } for pid=3618 comm="sh" path="pipe:[30796]" dev="pipefs" ino=30796 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:initrc_t tclass=fifo_file permissive=1 Warning: Permanently added '[localhost]:43207' (ECDSA) to the list of known hosts. [ 54.311581][ T39] audit: type=1400 audit(1661446180.860:75): avc: denied { execute } for pid=3667 comm="sh" name="syz-fuzzer" dev="sda1" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 54.325858][ T39] audit: type=1400 audit(1661446180.860:76): avc: denied { execute_no_trans } for pid=3667 comm="sh" path="/syz-fuzzer" dev="sda1" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 2022/08/25 16:49:41 fuzzer started 2022/08/25 16:49:41 dialing manager at localhost:40007 [ 55.430362][ T39] audit: type=1400 audit(1661446181.980:77): avc: denied { mounton } for pid=3680 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 55.443323][ T3680] cgroup: Unknown subsys name 'net' [ 55.445459][ T39] audit: type=1400 audit(1661446181.980:78): avc: denied { mount } for pid=3680 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 55.463510][ T39] audit: type=1400 audit(1661446182.000:79): avc: denied { unmount } for pid=3680 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 55.624619][ T3680] cgroup: Unknown subsys name 'rlimit' [ 55.774574][ T39] audit: type=1400 audit(1661446182.320:80): avc: denied { mounton } for pid=3680 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 2022/08/25 16:49:42 syscalls: 3757 2022/08/25 16:49:42 code coverage: enabled 2022/08/25 16:49:42 comparison tracing: enabled 2022/08/25 16:49:42 extra coverage: enabled 2022/08/25 16:49:42 delay kcov mmap: enabled 2022/08/25 16:49:42 setuid sandbox: enabled 2022/08/25 16:49:42 namespace sandbox: enabled 2022/08/25 16:49:42 Android sandbox: enabled 2022/08/25 16:49:42 fault injection: enabled 2022/08/25 16:49:42 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2022/08/25 16:49:42 net packet injection: enabled 2022/08/25 16:49:42 net device setup: enabled 2022/08/25 16:49:42 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/08/25 16:49:42 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/08/25 16:49:42 USB emulation: enabled 2022/08/25 16:49:42 hci packet injection: enabled 2022/08/25 16:49:42 wifi device emulation: failed to parse kernel version (6.0.0-rc2-syzkaller-00054-gc40e8341e3b3) 2022/08/25 16:49:42 802.15.4 emulation: enabled [ 55.792133][ T39] audit: type=1400 audit(1661446182.320:81): avc: denied { mount } for pid=3680 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 2022/08/25 16:49:42 fetching corpus: 0, signal 0/2000 (executing program) [ 55.811898][ T39] audit: type=1400 audit(1661446182.330:82): avc: denied { setattr } for pid=3680 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=760 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 2022/08/25 16:49:42 fetching corpus: 50, signal 37987/41568 (executing program) 2022/08/25 16:49:42 fetching corpus: 100, signal 58937/64007 (executing program) 2022/08/25 16:49:43 fetching corpus: 150, signal 72502/78983 (executing program) 2022/08/25 16:49:43 fetching corpus: 200, signal 80664/88569 (executing program) 2022/08/25 16:49:43 fetching corpus: 249, signal 91414/100558 (executing program) 2022/08/25 16:49:44 fetching corpus: 299, signal 99939/110284 (executing program) 2022/08/25 16:49:44 fetching corpus: 349, signal 106062/117608 (executing program) 2022/08/25 16:49:44 fetching corpus: 398, signal 111737/124468 (executing program) 2022/08/25 16:49:44 fetching corpus: 448, signal 116306/130219 (executing program) 2022/08/25 16:49:45 fetching corpus: 498, signal 123180/138107 (executing program) 2022/08/25 16:49:45 fetching corpus: 548, signal 129762/145618 (executing program) 2022/08/25 16:49:45 fetching corpus: 598, signal 135050/151777 (executing program) 2022/08/25 16:49:45 fetching corpus: 647, signal 139119/156816 (executing program) 2022/08/25 16:49:45 fetching corpus: 697, signal 143428/162057 (executing program) 2022/08/25 16:49:46 fetching corpus: 747, signal 146522/166098 (executing program) 2022/08/25 16:49:46 fetching corpus: 797, signal 151238/171603 (executing program) 2022/08/25 16:49:46 fetching corpus: 847, signal 156068/177182 (executing program) 2022/08/25 16:49:46 fetching corpus: 897, signal 158808/180846 (executing program) 2022/08/25 16:49:47 fetching corpus: 946, signal 161254/184194 (executing program) 2022/08/25 16:49:47 fetching corpus: 995, signal 163489/187297 (executing program) 2022/08/25 16:49:47 fetching corpus: 1045, signal 167542/192013 (executing program) 2022/08/25 16:49:47 fetching corpus: 1095, signal 169933/195172 (executing program) 2022/08/25 16:49:47 fetching corpus: 1145, signal 172521/198490 (executing program) 2022/08/25 16:49:48 fetching corpus: 1195, signal 176014/202602 (executing program) 2022/08/25 16:49:48 fetching corpus: 1245, signal 178525/205839 (executing program) 2022/08/25 16:49:48 fetching corpus: 1295, signal 180994/209001 (executing program) 2022/08/25 16:49:48 fetching corpus: 1345, signal 183085/211833 (executing program) 2022/08/25 16:49:48 fetching corpus: 1395, signal 185403/214826 (executing program) 2022/08/25 16:49:49 fetching corpus: 1445, signal 187346/217451 (executing program) 2022/08/25 16:49:49 fetching corpus: 1495, signal 191024/221468 (executing program) 2022/08/25 16:49:49 fetching corpus: 1545, signal 194192/225042 (executing program) 2022/08/25 16:49:49 fetching corpus: 1595, signal 196275/227745 (executing program) 2022/08/25 16:49:50 fetching corpus: 1645, signal 198700/230672 (executing program) 2022/08/25 16:49:50 fetching corpus: 1695, signal 200940/233400 (executing program) 2022/08/25 16:49:50 fetching corpus: 1745, signal 203139/236076 (executing program) 2022/08/25 16:49:50 fetching corpus: 1795, signal 205844/239180 (executing program) 2022/08/25 16:49:50 fetching corpus: 1845, signal 207304/241284 (executing program) 2022/08/25 16:49:50 fetching corpus: 1895, signal 209262/243748 (executing program) 2022/08/25 16:49:51 fetching corpus: 1945, signal 211243/246179 (executing program) 2022/08/25 16:49:51 fetching corpus: 1995, signal 213556/248902 (executing program) 2022/08/25 16:49:51 fetching corpus: 2045, signal 215631/251378 (executing program) 2022/08/25 16:49:51 fetching corpus: 2095, signal 217741/253868 (executing program) 2022/08/25 16:49:51 fetching corpus: 2145, signal 219440/255998 (executing program) 2022/08/25 16:49:52 fetching corpus: 2195, signal 221377/258270 (executing program) 2022/08/25 16:49:52 fetching corpus: 2245, signal 222530/259959 (executing program) 2022/08/25 16:49:52 fetching corpus: 2295, signal 224733/262396 (executing program) 2022/08/25 16:49:52 fetching corpus: 2345, signal 226769/264689 (executing program) 2022/08/25 16:49:52 fetching corpus: 2395, signal 228727/266873 (executing program) 2022/08/25 16:49:53 fetching corpus: 2445, signal 231033/269305 (executing program) 2022/08/25 16:49:53 fetching corpus: 2495, signal 232297/271005 (executing program) 2022/08/25 16:49:53 fetching corpus: 2545, signal 233338/272495 (executing program) 2022/08/25 16:49:53 fetching corpus: 2595, signal 234935/274409 (executing program) 2022/08/25 16:49:54 fetching corpus: 2645, signal 236538/276312 (executing program) 2022/08/25 16:49:54 fetching corpus: 2695, signal 238031/278096 (executing program) 2022/08/25 16:49:54 fetching corpus: 2745, signal 239104/279599 (executing program) 2022/08/25 16:49:54 fetching corpus: 2795, signal 240366/281222 (executing program) 2022/08/25 16:49:54 fetching corpus: 2845, signal 242285/283289 (executing program) 2022/08/25 16:49:55 fetching corpus: 2895, signal 244124/285261 (executing program) 2022/08/25 16:49:55 fetching corpus: 2945, signal 245733/287080 (executing program) 2022/08/25 16:49:55 fetching corpus: 2995, signal 247042/288705 (executing program) 2022/08/25 16:49:55 fetching corpus: 3045, signal 248352/290303 (executing program) 2022/08/25 16:49:55 fetching corpus: 3095, signal 249539/291717 (executing program) 2022/08/25 16:49:56 fetching corpus: 3145, signal 250546/293022 (executing program) 2022/08/25 16:49:56 fetching corpus: 3195, signal 251673/294401 (executing program) 2022/08/25 16:49:56 fetching corpus: 3245, signal 252977/295849 (executing program) 2022/08/25 16:49:57 fetching corpus: 3295, signal 254213/297323 (executing program) 2022/08/25 16:49:57 fetching corpus: 3345, signal 255621/298794 (executing program) 2022/08/25 16:49:57 fetching corpus: 3395, signal 257023/300314 (executing program) 2022/08/25 16:49:58 fetching corpus: 3445, signal 258548/301964 (executing program) 2022/08/25 16:49:58 fetching corpus: 3495, signal 259574/303264 (executing program) 2022/08/25 16:49:59 fetching corpus: 3545, signal 260958/304737 (executing program) 2022/08/25 16:49:59 fetching corpus: 3595, signal 262602/306297 (executing program) 2022/08/25 16:49:59 fetching corpus: 3645, signal 263736/307595 (executing program) 2022/08/25 16:49:59 fetching corpus: 3695, signal 265003/308987 (executing program) 2022/08/25 16:49:59 fetching corpus: 3745, signal 266108/310278 (executing program) 2022/08/25 16:50:00 fetching corpus: 3795, signal 267111/311463 (executing program) 2022/08/25 16:50:00 fetching corpus: 3845, signal 267996/312526 (executing program) 2022/08/25 16:50:00 fetching corpus: 3895, signal 269420/313937 (executing program) 2022/08/25 16:50:00 fetching corpus: 3945, signal 271575/315755 (executing program) 2022/08/25 16:50:00 fetching corpus: 3995, signal 272691/316946 (executing program) 2022/08/25 16:50:01 fetching corpus: 4045, signal 273512/317994 (executing program) 2022/08/25 16:50:01 fetching corpus: 4095, signal 274747/319177 (executing program) 2022/08/25 16:50:01 fetching corpus: 4145, signal 275927/320363 (executing program) 2022/08/25 16:50:01 fetching corpus: 4195, signal 276932/321406 (executing program) 2022/08/25 16:50:01 fetching corpus: 4245, signal 278168/322634 (executing program) 2022/08/25 16:50:02 fetching corpus: 4295, signal 279158/323725 (executing program) 2022/08/25 16:50:02 fetching corpus: 4345, signal 279995/324677 (executing program) 2022/08/25 16:50:02 fetching corpus: 4395, signal 281057/325769 (executing program) 2022/08/25 16:50:02 fetching corpus: 4445, signal 282073/326737 (executing program) 2022/08/25 16:50:03 fetching corpus: 4495, signal 282965/327714 (executing program) 2022/08/25 16:50:03 fetching corpus: 4545, signal 284302/328885 (executing program) 2022/08/25 16:50:03 fetching corpus: 4595, signal 285503/329941 (executing program) 2022/08/25 16:50:03 fetching corpus: 4645, signal 286570/330928 (executing program) 2022/08/25 16:50:03 fetching corpus: 4695, signal 287694/331922 (executing program) [ 77.403250][ T1352] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.413288][ T1352] ieee802154 phy1 wpan1: encryption failed: -22 2022/08/25 16:50:04 fetching corpus: 4745, signal 288570/332802 (executing program) 2022/08/25 16:50:04 fetching corpus: 4795, signal 289938/333876 (executing program) 2022/08/25 16:50:04 fetching corpus: 4845, signal 290767/334729 (executing program) 2022/08/25 16:50:04 fetching corpus: 4894, signal 291680/335615 (executing program) 2022/08/25 16:50:04 fetching corpus: 4944, signal 292823/336586 (executing program) 2022/08/25 16:50:04 fetching corpus: 4994, signal 293656/337402 (executing program) 2022/08/25 16:50:05 fetching corpus: 5044, signal 294550/338238 (executing program) 2022/08/25 16:50:05 fetching corpus: 5094, signal 295821/339241 (executing program) 2022/08/25 16:50:05 fetching corpus: 5144, signal 296819/340121 (executing program) 2022/08/25 16:50:05 fetching corpus: 5194, signal 297939/341006 (executing program) 2022/08/25 16:50:06 fetching corpus: 5244, signal 298939/341898 (executing program) 2022/08/25 16:50:06 fetching corpus: 5294, signal 299922/342696 (executing program) 2022/08/25 16:50:07 fetching corpus: 5344, signal 300977/343547 (executing program) 2022/08/25 16:50:07 fetching corpus: 5394, signal 302286/344494 (executing program) 2022/08/25 16:50:07 fetching corpus: 5444, signal 303126/345222 (executing program) 2022/08/25 16:50:07 fetching corpus: 5494, signal 303756/345856 (executing program) 2022/08/25 16:50:08 fetching corpus: 5544, signal 305039/346836 (executing program) 2022/08/25 16:50:08 fetching corpus: 5594, signal 308218/348574 (executing program) 2022/08/25 16:50:08 fetching corpus: 5644, signal 308852/349190 (executing program) 2022/08/25 16:50:08 fetching corpus: 5694, signal 309416/349752 (executing program) 2022/08/25 16:50:09 fetching corpus: 5744, signal 310688/350563 (executing program) 2022/08/25 16:50:09 fetching corpus: 5794, signal 311872/351341 (executing program) 2022/08/25 16:50:09 fetching corpus: 5844, signal 312571/351937 (executing program) 2022/08/25 16:50:09 fetching corpus: 5894, signal 313742/352661 (executing program) 2022/08/25 16:50:09 fetching corpus: 5944, signal 314457/353219 (executing program) 2022/08/25 16:50:10 fetching corpus: 5994, signal 315314/353865 (executing program) 2022/08/25 16:50:10 fetching corpus: 6044, signal 316091/354441 (executing program) 2022/08/25 16:50:11 fetching corpus: 6094, signal 316798/354980 (executing program) 2022/08/25 16:50:11 fetching corpus: 6144, signal 318066/355748 (executing program) 2022/08/25 16:50:11 fetching corpus: 6194, signal 318715/356298 (executing program) 2022/08/25 16:50:11 fetching corpus: 6244, signal 319479/356868 (executing program) 2022/08/25 16:50:11 fetching corpus: 6294, signal 320390/357454 (executing program) 2022/08/25 16:50:12 fetching corpus: 6344, signal 321062/357954 (executing program) 2022/08/25 16:50:12 fetching corpus: 6394, signal 321807/358498 (executing program) 2022/08/25 16:50:12 fetching corpus: 6444, signal 322491/358995 (executing program) 2022/08/25 16:50:12 fetching corpus: 6494, signal 323028/359417 (executing program) 2022/08/25 16:50:13 fetching corpus: 6544, signal 323867/359937 (executing program) 2022/08/25 16:50:13 fetching corpus: 6594, signal 324672/360444 (executing program) 2022/08/25 16:50:13 fetching corpus: 6644, signal 325469/360897 (executing program) 2022/08/25 16:50:13 fetching corpus: 6694, signal 326101/361327 (executing program) [ 87.638547][ T50] cfg80211: failed to load regulatory.db 2022/08/25 16:50:14 fetching corpus: 6744, signal 327207/361868 (executing program) 2022/08/25 16:50:14 fetching corpus: 6794, signal 328603/362489 (executing program) 2022/08/25 16:50:15 fetching corpus: 6844, signal 329385/362927 (executing program) 2022/08/25 16:50:15 fetching corpus: 6894, signal 330235/363379 (executing program) 2022/08/25 16:50:15 fetching corpus: 6944, signal 331031/363814 (executing program) 2022/08/25 16:50:15 fetching corpus: 6994, signal 331831/364252 (executing program) 2022/08/25 16:50:16 fetching corpus: 7044, signal 332311/364581 (executing program) 2022/08/25 16:50:16 fetching corpus: 7094, signal 333131/365005 (executing program) 2022/08/25 16:50:16 fetching corpus: 7144, signal 333977/365411 (executing program) 2022/08/25 16:50:16 fetching corpus: 7194, signal 334532/365759 (executing program) 2022/08/25 16:50:16 fetching corpus: 7244, signal 335534/366197 (executing program) 2022/08/25 16:50:17 fetching corpus: 7294, signal 337086/366766 (executing program) 2022/08/25 16:50:17 fetching corpus: 7344, signal 337889/367158 (executing program) 2022/08/25 16:50:17 fetching corpus: 7394, signal 338519/367487 (executing program) 2022/08/25 16:50:17 fetching corpus: 7444, signal 339227/367808 (executing program) 2022/08/25 16:50:18 fetching corpus: 7494, signal 339988/368111 (executing program) 2022/08/25 16:50:18 fetching corpus: 7544, signal 340447/368382 (executing program) 2022/08/25 16:50:18 fetching corpus: 7594, signal 341241/368726 (executing program) 2022/08/25 16:50:18 fetching corpus: 7644, signal 341769/368973 (executing program) 2022/08/25 16:50:18 fetching corpus: 7694, signal 342551/369280 (executing program) 2022/08/25 16:50:19 fetching corpus: 7744, signal 343184/369558 (executing program) 2022/08/25 16:50:19 fetching corpus: 7794, signal 343819/369825 (executing program) 2022/08/25 16:50:19 fetching corpus: 7844, signal 344307/370067 (executing program) 2022/08/25 16:50:19 fetching corpus: 7894, signal 344869/370341 (executing program) 2022/08/25 16:50:20 fetching corpus: 7944, signal 345341/370563 (executing program) 2022/08/25 16:50:20 fetching corpus: 7994, signal 345873/370792 (executing program) 2022/08/25 16:50:20 fetching corpus: 8044, signal 346582/371041 (executing program) 2022/08/25 16:50:20 fetching corpus: 8094, signal 347238/371269 (executing program) 2022/08/25 16:50:20 fetching corpus: 8144, signal 348243/371522 (executing program) 2022/08/25 16:50:21 fetching corpus: 8194, signal 349090/371759 (executing program) 2022/08/25 16:50:21 fetching corpus: 8244, signal 349792/372000 (executing program) 2022/08/25 16:50:21 fetching corpus: 8294, signal 350505/372222 (executing program) 2022/08/25 16:50:21 fetching corpus: 8344, signal 351079/372394 (executing program) 2022/08/25 16:50:21 fetching corpus: 8394, signal 351943/372587 (executing program) 2022/08/25 16:50:21 fetching corpus: 8444, signal 352659/372769 (executing program) 2022/08/25 16:50:22 fetching corpus: 8494, signal 353213/372922 (executing program) 2022/08/25 16:50:22 fetching corpus: 8544, signal 353960/373092 (executing program) 2022/08/25 16:50:22 fetching corpus: 8594, signal 354548/373279 (executing program) 2022/08/25 16:50:22 fetching corpus: 8644, signal 355250/373459 (executing program) 2022/08/25 16:50:23 fetching corpus: 8694, signal 355908/373606 (executing program) 2022/08/25 16:50:23 fetching corpus: 8744, signal 356430/373738 (executing program) 2022/08/25 16:50:23 fetching corpus: 8794, signal 357248/373891 (executing program) 2022/08/25 16:50:23 fetching corpus: 8844, signal 357869/373997 (executing program) 2022/08/25 16:50:23 fetching corpus: 8894, signal 358469/374095 (executing program) 2022/08/25 16:50:24 fetching corpus: 8944, signal 358970/374189 (executing program) 2022/08/25 16:50:24 fetching corpus: 8994, signal 360014/374309 (executing program) 2022/08/25 16:50:24 fetching corpus: 9044, signal 360422/374414 (executing program) 2022/08/25 16:50:24 fetching corpus: 9094, signal 361136/374505 (executing program) 2022/08/25 16:50:25 fetching corpus: 9144, signal 361719/374585 (executing program) 2022/08/25 16:50:25 fetching corpus: 9194, signal 362067/374615 (executing program) 2022/08/25 16:50:25 fetching corpus: 9244, signal 362485/374627 (executing program) 2022/08/25 16:50:25 fetching corpus: 9294, signal 363111/374655 (executing program) 2022/08/25 16:50:25 fetching corpus: 9344, signal 363654/374655 (executing program) 2022/08/25 16:50:26 fetching corpus: 9394, signal 364263/374655 (executing program) 2022/08/25 16:50:26 fetching corpus: 9444, signal 364937/374655 (executing program) 2022/08/25 16:50:26 fetching corpus: 9494, signal 365683/374754 (executing program) 2022/08/25 16:50:26 fetching corpus: 9544, signal 366206/374754 (executing program) 2022/08/25 16:50:27 fetching corpus: 9594, signal 366744/374758 (executing program) 2022/08/25 16:50:27 fetching corpus: 9644, signal 367369/374780 (executing program) 2022/08/25 16:50:27 fetching corpus: 9684, signal 367966/374780 (executing program) 2022/08/25 16:50:27 fetching corpus: 9684, signal 367966/374780 (executing program) 2022/08/25 16:50:31 starting 4 fuzzer processes 16:50:31 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x7a}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0xb, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x74}}, 0x0) 16:50:31 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:31 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = dup2(r0, r0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x34}}, 0x0) 16:50:31 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) [ 105.099800][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 105.099817][ T39] audit: type=1400 audit(1661446231.650:86): avc: denied { execmem } for pid=3701 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 105.499033][ T39] audit: type=1400 audit(1661446232.050:88): avc: denied { mounton } for pid=3708 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 105.518028][ T39] audit: type=1400 audit(1661446232.050:87): avc: denied { mounton } for pid=3707 comm="syz-executor.2" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 105.535567][ T39] audit: type=1400 audit(1661446232.050:89): avc: denied { mount } for pid=3707 comm="syz-executor.2" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 105.550420][ T39] audit: type=1400 audit(1661446232.050:90): avc: denied { create } for pid=3707 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 105.562759][ T39] audit: type=1400 audit(1661446232.050:91): avc: denied { read write } for pid=3707 comm="syz-executor.2" name="vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 105.577930][ T39] audit: type=1400 audit(1661446232.050:92): avc: denied { open } for pid=3707 comm="syz-executor.2" path="/dev/vhci" dev="devtmpfs" ino=1104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 106.531893][ T39] audit: type=1400 audit(1661446233.080:93): avc: denied { ioctl } for pid=3707 comm="syz-executor.2" path="socket:[30068]" dev="sockfs" ino=30068 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 106.557433][ T3715] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 106.558568][ T3717] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 106.565815][ T3715] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 106.571177][ T3717] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 106.577425][ T3715] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 106.581914][ T3717] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 106.589204][ T3716] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 106.592463][ T3717] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 106.607965][ T3720] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 106.608136][ T3717] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 106.614493][ T3720] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 106.618680][ T3717] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 106.623090][ T3720] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 106.625744][ T3721] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 106.629308][ T3723] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 106.630250][ T3722] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 106.631309][ T3722] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 106.633642][ T3717] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 106.634011][ T3721] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 106.634355][ T3721] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 106.634509][ T3721] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 106.641220][ T3722] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 106.650023][ T39] audit: type=1400 audit(1661446233.200:94): avc: denied { read } for pid=3710 comm="syz-executor.3" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 106.651310][ T3717] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 106.656944][ T39] audit: type=1400 audit(1661446233.200:95): avc: denied { open } for pid=3710 comm="syz-executor.3" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 106.664165][ T3717] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 107.031359][ T3710] chnl_net:caif_netlink_parms(): no params data found [ 107.054453][ T3708] chnl_net:caif_netlink_parms(): no params data found [ 107.159507][ T3707] chnl_net:caif_netlink_parms(): no params data found [ 107.430981][ T3709] chnl_net:caif_netlink_parms(): no params data found [ 107.446759][ T3710] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.454587][ T3710] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.464485][ T3710] device bridge_slave_0 entered promiscuous mode [ 107.538147][ T3710] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.542376][ T3710] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.550752][ T3710] device bridge_slave_1 entered promiscuous mode [ 107.677730][ T3707] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.682307][ T3707] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.688122][ T3707] device bridge_slave_0 entered promiscuous mode [ 107.704491][ T3708] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.712082][ T3708] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.726415][ T3708] device bridge_slave_0 entered promiscuous mode [ 107.760267][ T3707] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.765300][ T3707] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.772630][ T3707] device bridge_slave_1 entered promiscuous mode [ 107.790507][ T3708] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.796511][ T3708] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.803849][ T3708] device bridge_slave_1 entered promiscuous mode [ 107.843549][ T3710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 107.937420][ T3710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 107.980025][ T3707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.048563][ T3708] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.059802][ T3707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.102055][ T3710] team0: Port device team_slave_0 added [ 108.145823][ T3708] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.186760][ T3710] team0: Port device team_slave_1 added [ 108.190716][ T3709] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.194833][ T3709] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.201724][ T3709] device bridge_slave_0 entered promiscuous mode [ 108.240068][ T3707] team0: Port device team_slave_0 added [ 108.251625][ T3707] team0: Port device team_slave_1 added [ 108.307682][ T3709] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.313038][ T3709] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.320215][ T3709] device bridge_slave_1 entered promiscuous mode [ 108.359866][ T3708] team0: Port device team_slave_0 added [ 108.424274][ T3710] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.429486][ T3710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.451702][ T3710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.496713][ T3708] team0: Port device team_slave_1 added [ 108.505456][ T3707] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.518467][ T3707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.537587][ T3707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.547037][ T3710] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.552806][ T3710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.575209][ T3710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.644239][ T3707] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.649759][ T3707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.673402][ T3707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.684464][ T3400] Bluetooth: hci0: command 0x0409 tx timeout [ 108.692838][ T3709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.701414][ T3400] Bluetooth: hci1: command 0x0409 tx timeout [ 108.707308][ T3400] Bluetooth: hci2: command 0x0409 tx timeout [ 108.756378][ T1390] Bluetooth: hci3: command 0x0409 tx timeout [ 108.756954][ T3709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.820384][ T3708] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.829000][ T3708] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.847197][ T3708] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.946339][ T3710] device hsr_slave_0 entered promiscuous mode [ 108.952722][ T3710] device hsr_slave_1 entered promiscuous mode [ 108.960704][ T3708] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.964900][ T3708] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.983404][ T3708] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.996831][ T3707] device hsr_slave_0 entered promiscuous mode [ 109.003748][ T3707] device hsr_slave_1 entered promiscuous mode [ 109.009389][ T3707] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.014760][ T3707] Cannot create hsr debugfs directory [ 109.021527][ T3709] team0: Port device team_slave_0 added [ 109.061957][ T3709] team0: Port device team_slave_1 added [ 109.240301][ T3709] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.245614][ T3709] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.264559][ T3709] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.277805][ T3708] device hsr_slave_0 entered promiscuous mode [ 109.284889][ T3708] device hsr_slave_1 entered promiscuous mode [ 109.294920][ T3708] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.312287][ T3708] Cannot create hsr debugfs directory [ 109.363237][ T3709] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.369628][ T3709] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.389362][ T3709] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.581993][ T3709] device hsr_slave_0 entered promiscuous mode [ 109.587201][ T3709] device hsr_slave_1 entered promiscuous mode [ 109.595051][ T3709] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.602690][ T3709] Cannot create hsr debugfs directory [ 109.821335][ T3710] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 109.832017][ T3710] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 109.868745][ T3710] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 109.884014][ T3710] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 109.930074][ T3708] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 109.940718][ T3708] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 109.951302][ T3708] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 109.965530][ T3708] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 110.060451][ T3707] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 110.074832][ T3707] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 110.091809][ T3707] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 110.100540][ T3707] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 110.190771][ T3709] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 110.202239][ T3709] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 110.223026][ T3709] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 110.242791][ T3709] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 110.285817][ T3708] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.301032][ T3710] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.335049][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 110.344862][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 110.362718][ T3708] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.370176][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 110.378462][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 110.391130][ T3710] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.409782][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 110.417850][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 110.424818][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.430703][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.461820][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 110.469594][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 110.477907][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 110.486803][ T3747] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.492213][ T3747] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.498536][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 110.506561][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 110.514440][ T3747] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.520585][ T3747] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.532214][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 110.539274][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 110.547488][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 110.554807][ T3747] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.561192][ T3747] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.592049][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 110.600704][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 110.610280][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 110.620052][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 110.629494][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 110.661774][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 110.679084][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 110.688535][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 110.695750][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 110.719675][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 110.727981][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 110.736947][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 110.744913][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 110.753675][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 110.768736][ T40] Bluetooth: hci2: command 0x041b tx timeout [ 110.771574][ T3707] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.772529][ T40] Bluetooth: hci1: command 0x041b tx timeout [ 110.780180][ T3708] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 110.783809][ T40] Bluetooth: hci0: command 0x041b tx timeout [ 110.790884][ T3708] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 110.802075][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 110.809441][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 110.834480][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 110.842156][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 110.846269][ T40] Bluetooth: hci3: command 0x041b tx timeout [ 110.865870][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 110.872034][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 110.878843][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 110.885201][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 110.894310][ T3707] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.914555][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 110.924350][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 110.938174][ T3710] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 110.958283][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 110.964782][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 110.971237][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.976306][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.981896][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 110.989265][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 111.001554][ T3708] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.015625][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 111.021811][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 111.027743][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 111.033226][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.038443][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.063688][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 111.063705][ T39] audit: type=1400 audit(1661446237.600:97): avc: denied { module_request } for pid=3708 comm="syz-executor.0" kmod="netdev-xfrm0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 111.087369][ T3707] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 111.103925][ T3707] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 111.109754][ T39] audit: type=1400 audit(1661446237.660:98): avc: denied { sys_module } for pid=3708 comm="syz-executor.0" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 111.142550][ T3709] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.150234][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 111.160377][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 111.165155][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 111.171720][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 111.178018][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 111.184422][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 111.191328][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 111.199098][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 111.204467][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 111.210950][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 111.216867][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 111.222905][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 111.232733][ T3710] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.259640][ T3709] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.266268][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 111.273468][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 111.281571][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 111.288968][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 111.313958][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 111.322244][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 111.330577][ T40] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.336576][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.360090][ T3707] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.370533][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 111.377849][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 111.384167][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 111.390504][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 111.398915][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 111.405728][ T3749] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.411083][ T3749] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.417918][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 111.434039][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 111.457747][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 111.464003][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 111.471719][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 111.480845][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 111.487069][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 111.494064][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 111.500907][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 111.527374][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 111.534610][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 111.542010][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 111.547466][ T3745] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 111.565223][ T3708] device veth0_vlan entered promiscuous mode [ 111.580557][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 111.587362][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 111.593992][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 111.601205][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 111.608667][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 111.615530][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 111.628478][ T3709] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 111.638040][ T3708] device veth1_vlan entered promiscuous mode [ 111.656191][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 111.662894][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 111.672519][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 111.718014][ T3710] device veth0_vlan entered promiscuous mode [ 111.725562][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 111.733630][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 111.742058][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 111.754645][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 111.762489][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 111.777005][ T3710] device veth1_vlan entered promiscuous mode [ 111.804199][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 111.812425][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 111.819870][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 111.830938][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 111.836632][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 111.842982][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 111.861738][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 111.869796][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 111.877591][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 111.885655][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 111.893271][ T3707] device veth0_vlan entered promiscuous mode [ 111.902209][ T3708] device veth0_macvtap entered promiscuous mode [ 111.923572][ T3708] device veth1_macvtap entered promiscuous mode [ 111.933828][ T3709] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.947424][ T3707] device veth1_vlan entered promiscuous mode [ 111.984197][ T3708] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.001097][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 112.007810][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 112.014217][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 112.021509][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 112.028263][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 112.035597][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 112.045017][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 112.053067][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 112.064808][ T3708] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.085127][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 112.093238][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 112.104560][ T3708] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.112898][ T3708] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.121256][ T3708] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.128943][ T3708] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.145143][ T3710] device veth0_macvtap entered promiscuous mode [ 112.159628][ T3710] device veth1_macvtap entered promiscuous mode [ 112.183355][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 112.191345][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 112.200969][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 112.208333][ T50] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 112.227364][ T3710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 112.237894][ T3710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.248067][ T3710] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.255025][ T3707] device veth0_macvtap entered promiscuous mode [ 112.263826][ T3707] device veth1_macvtap entered promiscuous mode [ 112.282759][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 112.292030][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 112.301361][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 112.308546][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 112.353417][ T3707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 112.364742][ T3707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.373354][ T3707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 112.381758][ T3707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.394331][ T3707] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 112.408284][ T3710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 112.409262][ T39] audit: type=1400 audit(1661446238.960:99): avc: denied { mounton } for pid=3708 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=2383 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 112.414781][ T3710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.435418][ T39] audit: type=1400 audit(1661446238.960:100): avc: denied { mount } for pid=3708 comm="syz-executor.0" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 112.446456][ T3710] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.472842][ T3710] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.482440][ T3710] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.491188][ T3710] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.499696][ T3710] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.511274][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 112.525281][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 112.532842][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 112.539664][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 112.546885][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 112.554926][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 112.575402][ T3707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 112.584201][ T3707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.596090][ T3707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 112.604253][ T3707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 112.618845][ T3707] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 112.629829][ T3707] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.638639][ T3707] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.646853][ T3707] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.655054][ T3707] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.680254][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 112.708253][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 112.732222][ T39] audit: type=1400 audit(1661446239.280:101): avc: denied { read write } for pid=3708 comm="syz-executor.0" name="loop0" dev="devtmpfs" ino=656 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 112.753472][ T39] audit: type=1400 audit(1661446239.280:102): avc: denied { open } for pid=3708 comm="syz-executor.0" path="/dev/loop0" dev="devtmpfs" ino=656 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 112.775194][ T3780] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 112.786897][ T39] audit: type=1400 audit(1661446239.280:103): avc: denied { ioctl } for pid=3708 comm="syz-executor.0" path="/dev/loop0" dev="devtmpfs" ino=656 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 16:50:39 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x7a}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0xb, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x74}}, 0x0) [ 112.806070][ T39] audit: type=1400 audit(1661446239.320:104): avc: denied { create } for pid=3779 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 112.833802][ T39] audit: type=1400 audit(1661446239.320:105): avc: denied { write } for pid=3779 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 112.836557][ T3749] Bluetooth: hci0: command 0x040f tx timeout [ 112.859809][ T3749] Bluetooth: hci1: command 0x040f tx timeout [ 112.866241][ T3749] Bluetooth: hci2: command 0x040f tx timeout [ 112.869656][ T3709] device veth0_vlan entered promiscuous mode [ 112.877713][ T3782] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 112.892629][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready 16:50:39 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x7a}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0xb, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x74}}, 0x0) [ 112.901553][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 112.924727][ T3784] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 112.928052][ T3749] Bluetooth: hci3: command 0x040f tx timeout 16:50:39 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x7a}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0xb, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x74}}, 0x0) [ 112.962170][ T3709] device veth1_vlan entered promiscuous mode [ 112.979867][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 112.984527][ T3786] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 112.990434][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 113.000949][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 113.010921][ T3746] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready 16:50:39 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x9ea9b152e589555a) [ 113.045753][ T39] audit: type=1400 audit(1661446239.590:106): avc: denied { read write } for pid=3787 comm="syz-executor.0" name="video3" dev="devtmpfs" ino=879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 16:50:39 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x9ea9b152e589555a) [ 113.061501][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 113.078734][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 113.098901][ T3709] device veth0_macvtap entered promiscuous mode [ 113.111682][ T3709] device veth1_macvtap entered promiscuous mode [ 113.137601][ T3709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 113.147481][ T3709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.155527][ T3709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 113.163915][ T3709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.165804][ T3794] input: syz1 as /devices/virtual/input/input5 [ 113.171360][ T3709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 113.171376][ T3709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.173508][ T3709] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.199784][ T3709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 113.207228][ T3709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.214032][ T3709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 113.221697][ T3709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.229891][ T3709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 113.236721][ T3709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.244441][ T3709] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.252074][ T3725] udevd[3725]: setting owner of /dev/input/event4 to uid=0, gid=1003 failed: No such file or directory [ 113.254476][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 113.267584][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 113.273088][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 113.279518][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 113.285716][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 113.291585][ T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 113.306400][ T3709] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.312896][ T3709] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.322009][ T3709] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.327737][ T3709] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 16:50:40 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = dup2(r0, r0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x34}}, 0x0) 16:50:40 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x9ea9b152e589555a) 16:50:40 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) [ 114.321310][ T3803] input: syz1 as /devices/virtual/input/input6 16:50:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = dup2(r0, r0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x34}}, 0x0) 16:50:40 executing program 0: r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000000)=0x9ea9b152e589555a) 16:50:40 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = dup2(r0, r0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x2}]}, 0x34}}, 0x0) 16:50:40 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) [ 114.421390][ T3815] input: syz1 as /devices/virtual/input/input7 [ 114.922159][ T40] Bluetooth: hci2: command 0x0419 tx timeout [ 114.927486][ T40] Bluetooth: hci1: command 0x0419 tx timeout [ 114.935081][ T40] Bluetooth: hci0: command 0x0419 tx timeout [ 114.997673][ T40] Bluetooth: hci3: command 0x0419 tx timeout 16:50:41 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:41 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:41 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:41 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) [ 115.249083][ T3821] input: syz1 as /devices/virtual/input/input8 16:50:41 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:43 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:43 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:43 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:43 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) [ 116.630225][ T39] kauditd_printk_skb: 22 callbacks suppressed [ 116.630241][ T39] audit: type=1804 audit(1661446243.180:129): pid=3847 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir4034665972/syzkaller.4CaoM6/3/bus" dev="sda1" ino=1158 res=1 errno=0 [ 116.665003][ T39] audit: type=1804 audit(1661446243.210:130): pid=3850 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/syzkaller-testdir2297149727/syzkaller.HZN42Z/9/bus" dev="sda1" ino=1164 res=1 errno=0 [ 116.688716][ T39] audit: type=1800 audit(1661446243.210:131): pid=3850 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1164 res=0 errno=0 [ 116.705863][ T39] audit: type=1800 audit(1661446243.210:132): pid=3847 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1158 res=0 errno=0 [ 116.762397][ T39] audit: type=1804 audit(1661446243.310:133): pid=3855 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/syzkaller-testdir1651365775/syzkaller.UfOxKa/5/bus" dev="sda1" ino=1166 res=1 errno=0 [ 116.785451][ T39] audit: type=1800 audit(1661446243.310:134): pid=3855 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1166 res=0 errno=0 [ 117.287729][ T39] audit: type=1804 audit(1661446243.840:135): pid=3856 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/syzkaller-testdir1702895691/syzkaller.sSWxR3/5/bus" dev="sda1" ino=1165 res=1 errno=0 [ 117.311484][ T39] audit: type=1800 audit(1661446243.840:136): pid=3856 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1165 res=0 errno=0 16:50:44 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:44 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:44 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:44 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) [ 117.708361][ T39] audit: type=1804 audit(1661446244.260:137): pid=3863 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/syzkaller-testdir4034665972/syzkaller.4CaoM6/4/bus" dev="sda1" ino=1146 res=1 errno=0 [ 117.759314][ T39] audit: type=1800 audit(1661446244.260:138): pid=3863 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1146 res=0 errno=0 16:50:45 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:45 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:45 executing program 2: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:45 executing program 0: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:45 executing program 2: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:45 executing program 2: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:46 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:46 executing program 0: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:46 executing program 2: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:46 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:46 executing program 2: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:47 executing program 0: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:47 executing program 2: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:47 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:47 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) stat(&(0x7f00000026c0)='./bus\x00', 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002800)=[{{&(0x7f0000000140)=@file={0x0, './bus\x00'}, 0x6e, 0x0}}], 0x1, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ftruncate(r2, 0x800) lseek(r2, 0x200, 0x0) creat(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rcu_utilization\x00', r3}, 0x10) r4 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r5, 0x4b6c, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)="1e0616c67be84bf0a0637423546a3f67ad51b54e2a66d7619e4aaea8b7b43144524bef853c2d0ecf4775766dc315990b059ba8ef690d55a418046198bf1a1131d928a64186bd2f8e849c835481e74b629876af85da8f545257c509fe7bd51d0ed617f68711077bc3bc48260d604d1cbca0b40a1bbe1720338a32f6f93795c764afd6a43486ee5ece8427ddc4f77dc46fd1b4bdc9207b4830068fb80faf0f3ae025f1256e7a76b148a4188f5eb1bd39e8e8a86e2b1a73eeb985291338d8d1e9a23c4bebc70a4fc880eb0c2d6471766614be81c29f160695b15bff597c266634cebf2ba8e0db204862ccd391c7356e4b4dc61a51c28e71ef4f5e8f2bc65614c8bdb501e1dcaf030720d8d2d93324d4660a11148f7ce995df8938a49d4017fad42127874b9d1793266eefb835685662fc5c0be50e71b12f9ee456ca7c983ddee4e39ad4afc587fe46bd3c3acbdcf967a8b4e3f59b52002430ad73e8bc4405d19828cbd9dc63331232ff529265e0c35c1436a2126878190d1d022613e3cf85632424bb2792574a0b6d42b14ad48bf8784d63ddba24570aea131a66c5b7d4850ef1a3d2f39f240f2510a51ab6328774ebf6a1dfb9200a38522d75c228b013f62d1b53b53bbe8122ef012236a8263398352ba57b103600369f6f1fa9efa385becd803b2b5c90952e2a737f5b6f4c89636e33e5aa13062fe879f3b4f1c043eb6fe24e3fd9e798b9e30a207714fd6c767da1cbe0e9fff9786104fce17a44590c71d074c87dcc8cf3cee85d705aba39c056344731ca1d8461740e4d4b972d5ef377d765301182331f1008c8aeed1e6eae9b45ad42be669464441ceedc0d01e1d4fb66b8c6bafabb173b4b15d111e80c11ae4538457a802806c90b74d149013a1c95f5a066819297a4a528dd65779d81a7e41e6e2ac06316fb659fb0864612e394a60aa9278c84fbaa143a7998b7ea1a39bbd070891982787ab36478676b24b4ae5c91f9cdb9d5413112b415e9bee836106113e9bb08c0577d9943238b542ca15ec86099db7b2045bcef946ef44687b49b02833c51f0e926b110775b790f137efc989e4e58d7cf8281a69ac197cc811ef5a8a8ca37e74713b32dd2c3a5a1273545486644072bd5c703c72a84e8eea7a9ca82d7e43349406ba3fa639ab970b43660278b03065c72fe6082bd701a1f28f59461c2242b4b6344c291ff57273e19e5c4c2630362439f4243684c3dc6aee63506a86271cada4a77a5ad1bd54d76ae29230b836760ccc61e3f9af079648a7e69917f9151ab4b900349d4440c3430f436be85c90109fe70299df9ab5decc112efdcfb4ebe8d1c28d7fbcf45e7ed80742f200a53f93b63f6e5ac8de663cafad004780a71c89ce0214d5b3f30b63cfda1b7bb748637a5e29a18a1890786d4d529b89ad616c47695a0774fa703afd5b9fe5b39a9f4260f"}) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9}, [@generic={0x0, 0xe, 0x2, 0x81, 0xd3}]}, &(0x7f0000000540)='syzkaller\x00', 0x3, 0xab, &(0x7f0000000580)=""/171, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x8, 0x1, 0xffffff56}, 0x10}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000080)='xprtrdma_decode_seg\x00', r6}, 0x10) sendfile(r2, r4, 0x0, 0x10000) 16:50:48 executing program 0: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:48 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:48 executing program 2: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:48 executing program 3: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:48 executing program 2: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:49 executing program 3: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:49 executing program 1: syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@nodevmap}, {@cache_loose}, {@loose}, {@nodevmap}, {@cache_none}, {@mmap}, {@access_client}, {@access_client}]}}) write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="15000000feffff018000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000140)=ANY=[], 0x208e24b) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 16:50:49 executing program 0: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:49 executing program 3: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:49 executing program 2: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:49 executing program 0: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:49 executing program 2: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:49 executing program 3: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:49 executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000b2000000000000000000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x5) fcntl$notify(r1, 0x402, 0x3b) 16:50:49 executing program 0: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) [ 123.361470][ T39] kauditd_printk_skb: 20 callbacks suppressed [ 123.361488][ T39] audit: type=1400 audit(1661446249.910:159): avc: denied { watch watch_reads } for pid=3988 comm="syz-executor.1" path="/syzkaller-testdir4034665972/syzkaller.4CaoM6/10" dev="sda1" ino=1146 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 16:50:49 executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000b2000000000000000000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x5) fcntl$notify(r1, 0x402, 0x3b) 16:50:49 executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000b2000000000000000000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x5) fcntl$notify(r1, 0x402, 0x3b) 16:50:50 executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000b2000000000000000000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x5) fcntl$notify(r1, 0x402, 0x3b) 16:50:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_modinfo={0x51, 0x0, 0xfffffffe}}) [ 123.527998][ T39] audit: type=1400 audit(1661446250.080:160): avc: denied { ioctl } for pid=4000 comm="syz-executor.1" path="socket:[33806]" dev="sockfs" ino=33806 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 16:50:50 executing program 3: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_modinfo={0x51, 0x0, 0xfffffffe}}) 16:50:50 executing program 2: getpgrp(0xffffffffffffffff) sched_setaffinity(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) mount$cgroup(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)={[{@release_agent={'release_agent', 0x3d, './file0'}}, {@release_agent={'release_agent', 0x3d, './file0'}}]}) [ 123.678731][ T39] audit: type=1400 audit(1661446250.230:161): avc: denied { mounton } for pid=4020 comm="syz-executor.2" path="/syzkaller-testdir1702895691/syzkaller.sSWxR3/17/file0" dev="sda1" ino=1155 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 123.698932][ T4021] cgroup: release_agent respecified 16:50:50 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_PIE_OFF(r0, 0x7006) 16:50:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_modinfo={0x51, 0x0, 0xfffffffe}}) 16:50:50 executing program 2: getpgrp(0xffffffffffffffff) sched_setaffinity(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) mount$cgroup(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)={[{@release_agent={'release_agent', 0x3d, './file0'}}, {@release_agent={'release_agent', 0x3d, './file0'}}]}) [ 123.731908][ T39] audit: type=1400 audit(1661446250.270:162): avc: denied { read } for pid=4023 comm="syz-executor.0" name="rtc0" dev="devtmpfs" ino=864 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 123.762766][ T39] audit: type=1400 audit(1661446250.280:163): avc: denied { open } for pid=4023 comm="syz-executor.0" path="/dev/rtc0" dev="devtmpfs" ino=864 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 16:50:50 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x9, 0x1, 0x78}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x23) [ 123.787395][ T4029] cgroup: release_agent respecified 16:50:50 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_modinfo={0x51, 0x0, 0xfffffffe}}) [ 123.796282][ T39] audit: type=1400 audit(1661446250.300:164): avc: denied { ioctl } for pid=4023 comm="syz-executor.0" path="/dev/rtc0" dev="devtmpfs" ino=864 ioctlcmd=0x7006 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 16:50:50 executing program 2: getpgrp(0xffffffffffffffff) sched_setaffinity(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) mount$cgroup(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)={[{@release_agent={'release_agent', 0x3d, './file0'}}, {@release_agent={'release_agent', 0x3d, './file0'}}]}) 16:50:50 executing program 3: unshare(0x6c060000) unshare(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='memory.stat\x00', 0x0, 0x0) unshare(0x42000000) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0xbfb, 0x4) r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet6(r1, 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0) unshare(0x8000200) bind$inet6(r0, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = creat(0x0, 0x18) write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30a794a41964ac05e4fd7dde65a81148f9f614ccefa90168bd6c61a71d1dd1217394e89fa7c3a0cf6e31948455f5ff4030b8fd061bc9b42d9bae9f44b4a235b8db9fdb79449946052720484a8b517dd3dc28065ecee4f75c7b0fa9b395ee50e02e685e2274625149554c2d21040895f9ea343f18cc3e2e6fb176712bc99653b10fa2f3dff191e67959f9ffffffff5390b0eb882b7978b61483e0da40c1e23e9d26516a3e86c0ffd28e6362091b77ecbc412b62fe523c96f14d51304d121c4f10"], 0xac) r4 = accept4(r2, 0x0, &(0x7f0000000540), 0x800) bind$inet6(r4, &(0x7f0000000580)={0xa, 0x4e23, 0x4da, @remote}, 0x1c) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000001c0)='vegas\x00', 0x6) getpeername$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000000)=0x200101, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x24000004, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000040)) 16:50:50 executing program 1: syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000026c0), 0x0, &(0x7f00000027c0)={[{@gqnoenforce}, {@attr2}, {@ikeep}, {@uqnoenforce}, {}]}) 16:50:50 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x9, 0x1, 0x78}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x23) [ 123.960399][ T4040] XFS: attr2 mount option is deprecated. [ 123.962965][ T4039] cgroup: release_agent respecified [ 123.964178][ T4040] XFS: ikeep mount option is deprecated. 16:50:50 executing program 2: getpgrp(0xffffffffffffffff) sched_setaffinity(0x0, 0x0, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) mount$cgroup(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)={[{@release_agent={'release_agent', 0x3d, './file0'}}, {@release_agent={'release_agent', 0x3d, './file0'}}]}) 16:50:50 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x9, 0x1, 0x78}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x23) 16:50:50 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x9, 0x1, 0x78}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x23) [ 124.019819][ T4046] cgroup: release_agent respecified 16:50:50 executing program 0: socket$netlink(0x10, 0x3, 0x8000000004) syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[]) chdir(&(0x7f0000000080)='./file0\x00') r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16) sendfile(r0, r0, &(0x7f0000000240), 0x7fff) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x9, 0x7, &(0x7f0000000140)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4de, 0x0, 0x0, 0x0, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6}]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r3, 0xf50f, 0x0) ftruncate(0xffffffffffffffff, 0x1) setsockopt$nfc_llcp_NFC_LLCP_RW(0xffffffffffffffff, 0x118, 0x0, &(0x7f0000000180)=0x7, 0x4) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0) sendfile(r1, r2, 0x0, 0xe200) 16:50:50 executing program 2: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000e80), 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc0d05640, &(0x7f0000000ec0)={0x8}) [ 124.067856][ T4040] XFS (loop1): Invalid superblock magic number [ 124.076231][ T39] audit: type=1400 audit(1661446250.630:165): avc: denied { create } for pid=4056 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 124.085796][ T4058] loop0: detected capacity change from 0 to 320 [ 124.091545][ T3132] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 16:50:50 executing program 2: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000e80), 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc0d05640, &(0x7f0000000ec0)={0x8}) [ 124.105216][ T3132] Buffer I/O error on dev loop0, logical block 0, async page read [ 124.114754][ T39] audit: type=1400 audit(1661446250.630:166): avc: denied { create } for pid=4056 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 124.124320][ T3132] loop0: [ 124.180205][ T39] audit: type=1400 audit(1661446250.730:167): avc: denied { write } for pid=4056 comm="syz-executor.0" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 124.195230][ T39] audit: type=1400 audit(1661446250.730:168): avc: denied { add_name } for pid=4056 comm="syz-executor.0" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 16:50:50 executing program 2: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000e80), 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc0d05640, &(0x7f0000000ec0)={0x8}) 16:50:50 executing program 1: syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000026c0), 0x0, &(0x7f00000027c0)={[{@gqnoenforce}, {@attr2}, {@ikeep}, {@uqnoenforce}, {}]}) 16:50:50 executing program 2: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000e80), 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc0d05640, &(0x7f0000000ec0)={0x8}) 16:50:50 executing program 3: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000e80), 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc0d05640, &(0x7f0000000ec0)={0x8}) [ 124.250359][ T4065] XFS: attr2 mount option is deprecated. [ 124.255030][ T4065] XFS: ikeep mount option is deprecated. 16:50:50 executing program 3: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000e80), 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc0d05640, &(0x7f0000000ec0)={0x8}) [ 124.298042][ T4065] XFS (loop1): Invalid superblock magic number 16:50:51 executing program 0: socket$netlink(0x10, 0x3, 0x8000000004) syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[]) chdir(&(0x7f0000000080)='./file0\x00') r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16) sendfile(r0, r0, &(0x7f0000000240), 0x7fff) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x9, 0x7, &(0x7f0000000140)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4de, 0x0, 0x0, 0x0, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6}]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r3, 0xf50f, 0x0) ftruncate(0xffffffffffffffff, 0x1) setsockopt$nfc_llcp_NFC_LLCP_RW(0xffffffffffffffff, 0x118, 0x0, &(0x7f0000000180)=0x7, 0x4) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0) sendfile(r1, r2, 0x0, 0xe200) 16:50:51 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) io_uring_setup(0x1de0, &(0x7f0000000000)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000), 0xc, 0x0}, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 16:50:51 executing program 3: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000e80), 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r0, 0xc0d05640, &(0x7f0000000ec0)={0x8}) 16:50:51 executing program 1: syz_mount_image$xfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000026c0), 0x0, &(0x7f00000027c0)={[{@gqnoenforce}, {@attr2}, {@ikeep}, {@uqnoenforce}, {}]}) [ 124.602065][ T4084] XFS: attr2 mount option is deprecated. [ 124.606707][ T4086] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 124.620140][ T4084] XFS: ikeep mount option is deprecated. [ 124.634645][ T4088] ------------[ cut here ]------------ 16:50:51 executing program 3: socket$netlink(0x10, 0x3, 0x8000000004) syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0xd, &(0x7f0000000200)=[{&(0x7f0000010000)="eb769045584641542020200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000010000000000008000000008000000880000000f00000005000000341234120001000009030180", 0x70}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x1e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x3e0}, {&(0x7f0000010300)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x5e0}, {&(0x7f0000010400)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x7e0}, {&(0x7f0000010500)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x9e0}, {&(0x7f0000010600)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xbe0}, {&(0x7f0000010700)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xde0}, {&(0x7f0000010800)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0xfe0}, {&(0x7f0000010900)="00000000000000000000000000000000000000000000000000000000000055aa", 0x20, 0x11e0}, {&(0x7f0000010a00)="00ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac191100ac1911", 0x200, 0x1600}, {&(0x7f0000011800)="f8ffffffffffffffffffffff04000000ffffffffffffffff", 0x18, 0x10000}, {&(0x7f0000013100)="030000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000200000002", 0x39, 0x14000}], 0x0, &(0x7f0000013b00)=ANY=[]) chdir(&(0x7f0000000080)='./file0\x00') r0 = open(&(0x7f0000000040)='./file0\x00', 0x141042, 0x0) write$P9_RREADLINK(r0, &(0x7f0000002580)=ANY=[], 0x16) sendfile(r0, r0, &(0x7f0000000240), 0x7fff) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x800) lseek(r1, 0x200, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x24000, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x9, 0x7, &(0x7f0000000140)=@framed={{}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x4de, 0x0, 0x0, 0x0, 0x2}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6}]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r3, 0xf50f, 0x0) ftruncate(0xffffffffffffffff, 0x1) setsockopt$nfc_llcp_NFC_LLCP_RW(0xffffffffffffffff, 0x118, 0x0, &(0x7f0000000180)=0x7, 0x4) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0) sendfile(r1, r2, 0x0, 0xe200) [ 124.642943][ T4088] WARNING: CPU: 1 PID: 4088 at kernel/cpu.c:347 lockdep_assert_cpus_held+0xbd/0xe0 [ 124.653268][ T4088] Modules linked in: [ 124.658087][ T4088] CPU: 1 PID: 4088 Comm: kvm-nx-lpage-re Not tainted 6.0.0-rc2-syzkaller-00054-gc40e8341e3b3 #0 [ 124.669158][ T4088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 124.677122][ T4088] RIP: 0010:lockdep_assert_cpus_held+0xbd/0xe0 [ 124.682052][ T4088] Code: e8 88 11 34 00 be ff ff ff ff 48 c7 c7 70 39 e3 8b e8 b7 14 38 08 31 ff 89 c3 89 c6 e8 2c 0e 34 00 85 db 75 d5 e8 63 11 34 00 <0f> 0b eb cc 48 c7 c7 04 c4 dd 8d e8 93 b7 7f 00 e9 62 ff ff ff 48 [ 124.694466][ T4088] RSP: 0018:ffffc9000349fc28 EFLAGS: 00010293 [ 124.698555][ T4088] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.703712][ T4088] RDX: ffff8880430be0c0 RSI: ffffffff814728bd RDI: 0000000000000005 [ 124.708790][ T4088] RBP: ffff88801b3f7800 R08: 0000000000000005 R09: 0000000000000000 [ 124.713746][ T4088] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc9000349fde0 [ 124.718414][ T4088] R13: ffffffff8bfd96e0 R14: 1ffff92000693f8c R15: ffffc9000349fe04 [ 124.723232][ T4088] FS: 0000000000000000(0000) GS:ffff88802c900000(0000) knlGS:0000000000000000 [ 124.728716][ T4088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.732886][ T4088] CR2: 00007fc6adb9d0b0 CR3: 000000006f897000 CR4: 0000000000152ee0 [ 124.737998][ T4088] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 124.742952][ T4088] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 124.747964][ T4088] Call Trace: [ 124.749811][ T4088] [ 124.751465][ T4088] cpuset_attach+0x92/0x520 [ 124.760103][ T4088] ? guarantee_online_cpus+0x4d0/0x4d0 [ 124.763111][ T4088] ? _raw_spin_unlock_irq+0x1f/0x40 [ 124.775173][ T4088] ? _raw_spin_unlock_irq+0x1f/0x40 [ 124.778901][ T4088] cgroup_migrate_execute+0xbc7/0x1220 [ 124.782582][ T4088] cgroup_attach_task+0x416/0x7c0 [ 124.786653][ T4088] ? cgroup_migrate+0x1f0/0x1f0 [ 124.790930][ T4088] ? preempt_schedule_thunk+0x16/0x18 [ 124.795243][ T4088] cgroup_attach_task_all+0xde/0x140 [ 124.799959][ T4088] kvm_vm_worker_thread+0xdd/0x5a0 [ 124.804215][ T4088] ? kvm_mmu_pte_write+0xdc0/0xdc0 [ 124.808771][ T4088] ? __bpf_trace_kvm_unmap_hva_range+0xe0/0xe0 [ 124.813050][ T4088] kthread+0x2e4/0x3a0 [ 124.816188][ T4088] ? kthread_complete_and_exit+0x40/0x40 [ 124.820367][ T4088] ret_from_fork+0x1f/0x30 [ 124.823509][ T4088] [ 124.825720][ T4088] Kernel panic - not syncing: panic_on_warn set ... [ 124.830575][ T4088] CPU: 1 PID: 4088 Comm: kvm-nx-lpage-re Not tainted 6.0.0-rc2-syzkaller-00054-gc40e8341e3b3 #0 [ 124.838656][ T4088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 124.845132][ T4088] Call Trace: [ 124.847796][ T4088] [ 124.849649][ T4088] dump_stack_lvl+0xcd/0x134 [ 124.852798][ T4088] panic+0x2c8/0x627 [ 124.855148][ T4088] ? panic_print_sys_info.part.0+0x10b/0x10b [ 124.858579][ T4088] ? __warn.cold+0x248/0x2c4 [ 124.861587][ T4088] ? lockdep_assert_cpus_held+0xbd/0xe0 [ 124.864957][ T4088] __warn.cold+0x259/0x2c4 [ 124.867844][ T4088] ? lockdep_assert_cpus_held+0xbd/0xe0 [ 124.871398][ T4088] report_bug+0x1bc/0x210 [ 124.874695][ T4088] handle_bug+0x3c/0x60 [ 124.877296][ T4088] exc_invalid_op+0x14/0x40 [ 124.880260][ T4088] asm_exc_invalid_op+0x16/0x20 [ 124.883628][ T4088] RIP: 0010:lockdep_assert_cpus_held+0xbd/0xe0 [ 124.887658][ T4088] Code: e8 88 11 34 00 be ff ff ff ff 48 c7 c7 70 39 e3 8b e8 b7 14 38 08 31 ff 89 c3 89 c6 e8 2c 0e 34 00 85 db 75 d5 e8 63 11 34 00 <0f> 0b eb cc 48 c7 c7 04 c4 dd 8d e8 93 b7 7f 00 e9 62 ff ff ff 48 [ 124.900894][ T4088] RSP: 0018:ffffc9000349fc28 EFLAGS: 00010293 [ 124.904993][ T4088] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.910128][ T4088] RDX: ffff8880430be0c0 RSI: ffffffff814728bd RDI: 0000000000000005 [ 124.916250][ T4088] RBP: ffff88801b3f7800 R08: 0000000000000005 R09: 0000000000000000 [ 124.922621][ T4088] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc9000349fde0 [ 124.929379][ T4088] R13: ffffffff8bfd96e0 R14: 1ffff92000693f8c R15: ffffc9000349fe04 [ 124.935642][ T4088] ? lockdep_assert_cpus_held+0xbd/0xe0 [ 124.940304][ T4088] ? lockdep_assert_cpus_held+0xbd/0xe0 [ 124.944882][ T4088] cpuset_attach+0x92/0x520 [ 124.947744][ T4088] ? guarantee_online_cpus+0x4d0/0x4d0 [ 124.950918][ T4088] ? _raw_spin_unlock_irq+0x1f/0x40 [ 124.955007][ T4088] ? _raw_spin_unlock_irq+0x1f/0x40 [ 124.958953][ T4088] cgroup_migrate_execute+0xbc7/0x1220 [ 124.963178][ T4088] cgroup_attach_task+0x416/0x7c0 [ 124.966984][ T4088] ? cgroup_migrate+0x1f0/0x1f0 [ 124.970022][ T4088] ? preempt_schedule_thunk+0x16/0x18 [ 124.974116][ T4088] cgroup_attach_task_all+0xde/0x140 [ 124.977620][ T4088] kvm_vm_worker_thread+0xdd/0x5a0 [ 124.980534][ T4088] ? kvm_mmu_pte_write+0xdc0/0xdc0 [ 124.984154][ T4088] ? __bpf_trace_kvm_unmap_hva_range+0xe0/0xe0 [ 124.988956][ T4088] kthread+0x2e4/0x3a0 [ 124.992527][ T4088] ? kthread_complete_and_exit+0x40/0x40 [ 124.996929][ T4088] ret_from_fork+0x1f/0x30 [ 125.000118][ T4088] [ 125.003024][ T4088] Kernel Offset: disabled [ 125.006442][ T4088] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:50:51 Registers: info registers vcpu 0 RAX=000000000006f3ef RBX=ffffffff8bcbc980 RCX=ffffffff897f4825 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff8bc07e18 R8 =0000000000000001 R9 =ffff88802c834c4b R10=ffffed1005906989 R11=0000000000000001 R12=fffffbfff1797930 R13=0000000000000000 R14=ffffffff8dddf3d0 R15=0000000000000000 RIP=ffffffff89824e5b RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2eecf6d058 CR3=0000000063984000 CR4=00152ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000006e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff846141b1 RDI=ffffffff914810c0 RBP=ffffffff91481080 RSP=ffffc9000349f580 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=000000000000006e R14=ffffffff84614150 R15=0000000000000000 RIP=ffffffff846141db RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c900000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc6aebc4000 CR3=0000000064328000 CR4=00152ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000000 RDX=ffff888042f46240 RSI=ffffffff81b6074e RDI=ffff888024ed5168 RBP=ffff888024ed5168 RSP=ffffc90002f9f9b8 R8 =0000000000000006 R9 =000000001ffff000 R10=000000001ffff000 R11=0000000000000000 R12=ffff888024ed5148 R13=000000001ffff000 R14=dffffc0000000000 R15=000000001ffff000 RIP=ffffffff8421c550 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055555613d400 ffffffff 00c00000 GS =0000 ffff88802ca00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b33322000 CR3=0000000063b22000 CR4=00152ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000000000000000000000000000001a4 XMM01=7f0eee216293276916c4e36d9ecc2449 XMM02=30c42708a5c92505aa23751f77652b03 XMM03=b3b48c80eb04deccf10da998ffec5673 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=0d0c0f0e09080b0a0504070601000302 XMM07=0e0d0c0f0a09080b0605040702010003 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=ffff7fffffffffff RBX=0000000000000003 RCX=ffffffff815ea1d1 RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff8dddf3d0 RBP=ffffffff8dddf3d0 RSP=ffffc90002e0fb38 R8 =0000000000000000 R9 =ffffffff8dddf3d7 R10=ffffed100339343d R11=0000000000000000 R12=ffff88801241bd08 R13=ffffc90002e0fc58 R14=ffff88801241bd30 R15=ffff88801241bcf0 RIP=ffffffff81c6de07 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fea82758840 ffffffff 00c00000 GS =0000 ffff88802cb00000 ffffffff 00c00000 LDT=0000 0000000000000000 00000000 00000000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcb78618718 CR3=000000001bc73000 CR4=00152ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00ff000000000000ff00000000000000 XMM02=ffffffffffffff00ffffff0000000000 XMM03=000000000000000000000000ff0000ff XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=65726168732f6372732f2e2e2f2e2e00 XMM09=00000000000000000000000000000000 XMM10=73737373737371f27373737373737373 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000