last executing test programs: 5.802817477s ago: executing program 2 (id=3): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f00000002c0)=0x200000000) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) 5.591737118s ago: executing program 2 (id=5): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) syslog(0x2, &(0x7f00000003c0)=""/164, 0xa4) 5.537579762s ago: executing program 1 (id=2): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0xc) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/igmp6\x00') preadv(r2, &(0x7f0000000100)=[{&(0x7f00000003c0)=""/4096, 0x1000}], 0x1, 0x82, 0xffffffff) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000800)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) 5.369499303s ago: executing program 2 (id=7): openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x8040, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f00000001c0)='.\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x111509e, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 5.320481015s ago: executing program 1 (id=8): r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x48d02, 0x0) writev(r0, &(0x7f0000001180)=[{&(0x7f0000000040)="8644ef45a9e6872877f6c22ffd0476068b08f1c8b9c54dba05e2ee5a5aa31d09837531e50943a3b59ed2a23e8314e95e9cb65fad94d92052770da0ac47281c5f78c89a0389a8c2ade6", 0x49}, {0x0}], 0x2) 5.243251375s ago: executing program 3 (id=4): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) preadv2(r0, &(0x7f0000000480)=[{&(0x7f0000001200)=""/72, 0x48}], 0x1, 0x10002, 0x2001be, 0x0) close(0x3) 5.189280106s ago: executing program 1 (id=9): r0 = syz_usb_connect(0x2, 0x80, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x1, 0x1, 0x86, 0x10, 0x20f4, 0xe05a, 0x6c6d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x69, 0x2, 0x2, 0xff, 0x5a, 0xa3, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) r1 = socket$kcm(0x29, 0x5, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000080)=0x8, 0x4) setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000340)=0x7, 0x4) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000840)={0x34, &(0x7f0000000700)={0x20, 0x9, 0x6, "a0b41ce04e4f"}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, &(0x7f0000000200)={0x14, &(0x7f00000000c0)={0x40, 0x5, 0x102, {0x102, 0x21, "000992028be0c5385a3c9515a3c94516a72756ef3bfdb67e201745e9e429e45b7825f6e953830a19f9834fb73b20745baf0bdf8cdef31db97d52d8994423bd7cd79e9a842ca1c605089cd5ac979ecb84101fce49f6ce57262a7118e16c3268a752f8ee97109a0c455eb67d016009157a0bbddeebb8ae3e81de1bddc75a375ad31339bd1fc282aff62cfc24de8d07e537ed74a8c16ee01675a1708e9a99bdcd7674bf97e5f199773514e57230420b41a0e4682ab60cc97436597f94af5875aeaf893bc3c54e2c74e6537c1b6f00522173d3a4b4f4338b191e0917bb3ac9225dd1e3a9b3c839b46159f61f7c2c9a22f6e475030b489080fdc34f0a5f34df198d5d"}}, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3836}}}, &(0x7f0000000400)={0x34, &(0x7f0000000240)={0x40, 0x5, 0x37, "4be5ddda541ef9b39cff31a4cc56bfb4215ad019df6052264a469bb7f7283b43e4a4a36250c704e8506c1b6f1e31b3fcf7d7c09e406891"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x80}, &(0x7f00000002c0)={0x0, 0x8, 0x1}, &(0x7f0000000300)={0x20, 0x0, 0x1e, {0x1c, "75be7f241c2f7f5f9ebb12561013d4e55a523dce1d3c1c034ce65c38"}}, &(0x7f0000000380)={0x20, 0x1, 0x1, 0x7}, &(0x7f00000003c0)={0x20, 0x0, 0x1, 0x84}}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000880)={0x2c, &(0x7f00000006c0)={0x40, 0x16, 0x1, '\v'}, 0x0, 0x0, 0x0, 0x0}) 5.162633386s ago: executing program 2 (id=10): mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd']) mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001d008104e00f80ecdb4cb9f207c804a00d000000880802fb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0) 4.957355199s ago: executing program 3 (id=12): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x44004000) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x54, 0x4, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x40, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TARGET_INFO={0x2c, 0x3, "7339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c700"/40}, @NFTA_TARGET_NAME={0x8, 0x1, 'TEE\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_COMPAT={0x4}]}], {0x14}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) sendmsg$IPSET_CMD_GET_BYINDEX(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xc4ecf4ad0e5bc72f}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0xf, 0x6, 0x5, 0x0, 0x0, {0x2, 0x0, 0x4}, [@IPSET_ATTR_INDEX={0x6, 0xb, 0xffffffffffffffff}, @IPSET_ATTR_INDEX={0x6, 0xb, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000080}, 0x8080) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000c80)={0x7, 0xca80, 0x8303, 0x8001, 0x94, 0x8, 0xd, 0x9, r2}, &(0x7f0000000cc0)=0x20) r3 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0xc0481273, 0x0) writev(r3, &(0x7f0000000040)=[{&(0x7f0000000000)="836829e46099b202d9c3e0f6f9cfa1af2c8e87d8692afd68b1122fd68d4366ff686616ce", 0x24}], 0x1) 4.876282882s ago: executing program 3 (id=13): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='rpc_pipefs\x00', 0x10, 0x0) chroot(&(0x7f0000000180)='./file0\x00') umount2(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r2, 0x4068aea3, &(0x7f0000000280)={0xbe, 0x0, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000140)="66baf80cb8044fdc87efed660f388059e0b805000000b91e4200000f01c10f20c035000000200f22c0f20fa20f01cb36263e660f381efc660f7c150c000000b805000000b9210000000f01c1c4e17929d8", 0x51}], 0x1, 0x11, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x3, @rand_addr=' \x01\x00'}, 0x1c) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) write$uinput_user_dev(r3, &(0x7f0000000380)={'syz0\x00', {0xff, 0x6, 0x7fff, 0x8d5}, 0x2, [0x10000, 0xeba, 0x7, 0x9, 0x8, 0x1, 0x6, 0x7ff, 0x54, 0x7fffdfff, 0x2, 0xc, 0x8, 0x9, 0x9, 0xfffffff7, 0x7, 0x40000, 0x842, 0x26, 0x2, 0x0, 0x3ff, 0xfffffff4, 0x1, 0xda6, 0x6, 0xa7, 0x4, 0x2, 0x9, 0x76c9, 0x200, 0xa6, 0x1, 0x1, 0x7, 0x80009, 0x1000f, 0xb, 0x9, 0x7ffffffc, 0x9, 0xb50, 0x0, 0x800, 0x3, 0x0, 0x7, 0xfffffffe, 0xfffffffa, 0x8, 0x24, 0x7fff, 0x8, 0x1, 0x200, 0x0, 0x0, 0xfffffffd, 0x964e, 0x2d5, 0x149, 0x4001], [0x266ac, 0xfffffff9, 0x4, 0x3, 0x8e, 0x7, 0x80000001, 0x6, 0x4, 0x85, 0x0, 0x7, 0x6, 0x8001, 0x6, 0x8, 0x2, 0x5, 0xb, 0x7ff, 0x7ff, 0x5, 0x800, 0xc00, 0x89, 0x7ff, 0x0, 0x1, 0x10000, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x7, 0xfffffffc, 0x4, 0x4c, 0x9, 0x8, 0x5, 0xe66, 0x8, 0x2, 0x81, 0x4b, 0x7d, 0x26, 0xb, 0x4, 0x9, 0x1, 0x8d1, 0x100008fd, 0x1, 0xe0, 0x8a, 0x10001, 0x4, 0x401, 0xade, 0x7f, 0x9], [0x5, 0x7, 0x10000, 0x9, 0x8000, 0x1, 0x80000009, 0xe, 0x8, 0xff, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8001, 0x7, 0x3, 0x6, 0x5, 0x2, 0xcb, 0x2, 0x0, 0x0, 0x2, 0x8001, 0xc, 0x5, 0xb0f, 0x1e, 0x2, 0x800, 0x80008, 0x9, 0x3, 0x200, 0xfc, 0x4, 0xe, 0x464b, 0x6, 0x2e7, 0x7ff, 0x3cd6, 0x6, 0x7c, 0x2, 0x7fffffff, 0xffffffff, 0x4, 0xffff, 0xd5d, 0xa0c787d, 0xffffff4e, 0x9, 0x4, 0x40, 0x8, 0x0, 0x1fc1, 0x9, 0x1, 0x6], [0x10000010, 0x7, 0x9, 0x2, 0xa5e, 0xfe, 0xff, 0x6, 0x80000000, 0x0, 0xe, 0x2, 0x4, 0x7, 0x7, 0x0, 0xfffffffd, 0x7ff, 0xdaa, 0x4, 0x3, 0x103, 0x6, 0xcc, 0x6, 0x4000400, 0xffffffff, 0xfffffffb, 0x40, 0x80000000, 0x4, 0x7, 0xfff, 0x4, 0x9, 0x0, 0x9, 0x1, 0x0, 0x7, 0x8ac1, 0xffffffff, 0x1, 0x80000002, 0x80040002, 0xff, 0x6, 0x3, 0xfffff801, 0xffefffff, 0x37d, 0xfffffff8, 0xd, 0x7, 0xd, 0x8, 0x6eaf, 0x0, 0x8, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r3, 0x5501) recvmmsg(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x425229b4}], 0x1, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0xd, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) lsetxattr$system_posix_acl(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='system.posix_acl_access\x00', &(0x7f0000000b00)=ANY=[], 0x2c, 0x0) chdir(&(0x7f0000000140)='./bus\x00') r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b040000000000000000020000004c000480240001800b000100736f636b657400001400028008000240000000030800014000000002240001800b0001007470726f7879000014000280080001400000000208000340000000100900010073797a30000000000900020073797a320000000014000000110001"], 0xa0}}, 0x40880) creat(&(0x7f0000000ac0)='./file0\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4) 4.771298762s ago: executing program 3 (id=14): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f024}) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000380)={0x2, @pix={0x0, 0xa, 0x4f424752, 0x2, 0x0, 0x1a18e3f7, 0x8, 0x81, 0x0, 0x0, 0x1, 0x61d03986f8975690}}) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil) munmap(&(0x7f0000ff6000/0x4000)=nil, 0x4000) openat$sysfs(0xffffffffffffff9c, 0x0, 0x8a883, 0xf) r1 = socket$kcm(0x23, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="d40000001a0001002abd7000000000000a00fc003a2a5e247b000000b7006100a1041831d476f4cf691541a3aec483a46abe4fe6425e0889f5a58e53f258e2b86332685bc70e11bad118f07f8c3cba7f95dae940288c6de4a097320a80db56479e7908778f6953ed3b30df8e753d4aa549a5635b8cf4512fb3f33d7c3e0668826a54f3b241fed2ba27456391d6850c0920a59cc0c1f54705184ecb6242feb41d9a0ac33bafd3526cb3298d29a09202a68b1f6012ae086829a9ad34c4b32b91a7882debf98ba0993918b800"], 0xd4}], 0x1, 0x0, 0x0, 0x20400}, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000040)=0x81) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2) ioctl$AUTOFS_IOC_FAIL(r4, 0x40087543, 0x200000000000) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x15) 4.337831684s ago: executing program 2 (id=15): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x30}, 0x1, 0x0, 0xffffffffffffffef}, 0x0) 3.989310506s ago: executing program 32 (id=15): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x30}, 0x1, 0x0, 0xffffffffffffffef}, 0x0) 2.840358137s ago: executing program 0 (id=18): r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x3a) flock(r0, 0x5) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r2, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) 2.060490115s ago: executing program 1 (id=19): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) landlock_create_ruleset(0x0, 0x0, 0x4) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) ioctl$RTC_WKALM_SET(r1, 0x4028700f, 0x0) 1.304911834s ago: executing program 0 (id=20): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x101a02, 0x0) sendfile(r0, r0, 0x0, 0x9) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x4, 0x1010, r0, 0x0) 1.104550165s ago: executing program 0 (id=21): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) syz_emit_vhci(&(0x7f00000007c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x1, 0x2016}}}, 0x7) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) 1.034403047s ago: executing program 1 (id=22): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6(0xa, 0x3, 0x8) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e24, 0x2, @empty}, 0x1c) setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000100)=ANY=[@ANYRES16=r2, @ANYRESDEC, @ANYRESDEC=r2, @ANYRES64, @ANYRESHEX], 0xd8) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/fib_triestat\x00') preadv(r3, 0x0, 0x0, 0x4b6, 0x5) sendmmsg(r2, &(0x7f00000092c0), 0x4ff, 0x0) 935.138974ms ago: executing program 0 (id=23): syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="0413ffff"], 0x8) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) 788.307423ms ago: executing program 0 (id=24): openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x42, 0x153) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mount$fuseblk(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x9}}, {@blksize={'blksize', 0x3d, 0x1000}}]}}) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') read$FUSE(r1, &(0x7f0000002480)={0x2020}, 0x2020) syz_usb_connect(0x0, 0x36, 0x0, 0x0) 38.6324ms ago: executing program 1 (id=25): unshare(0x22020400) r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2) r1 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) ftruncate(r1, 0xffff) fcntl$addseals(r1, 0x409, 0x7) r2 = ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000140)={r1, 0x1, 0x0, 0x4000}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x11, r2, 0x0) fcntl$getownex(r1, 0x10, &(0x7f00000002c0)) 0s ago: executing program 0 (id=26): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) syz_emit_vhci(&(0x7f00000007c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x7, 0x1, 0x2016}}}, 0x7) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.45' (ED25519) to the list of known hosts. [ 85.654574][ T5853] cgroup: Unknown subsys name 'net' [ 85.755661][ T5853] cgroup: Unknown subsys name 'cpuset' [ 85.765153][ T5853] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 87.540460][ T5853] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 89.940403][ T5866] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 89.948888][ T5866] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 89.956893][ T5866] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 89.975453][ T5866] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 89.983477][ T5866] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.032054][ T5866] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.042141][ T5866] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.049929][ T5866] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.062773][ T5866] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.073827][ T5866] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.107988][ T5866] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.116400][ T5866] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.134812][ T5866] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.143041][ T5866] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.160017][ T5866] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.176749][ T5185] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.190865][ T5185] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.199366][ T5185] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.208716][ T5185] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.216975][ T5185] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.645240][ T5862] chnl_net:caif_netlink_parms(): no params data found [ 90.703049][ T5867] chnl_net:caif_netlink_parms(): no params data found [ 90.852139][ T5870] chnl_net:caif_netlink_parms(): no params data found [ 90.936490][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.944009][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.951542][ T5862] bridge_slave_0: entered allmulticast mode [ 90.959523][ T5862] bridge_slave_0: entered promiscuous mode [ 90.994233][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.001955][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.009473][ T5862] bridge_slave_1: entered allmulticast mode [ 91.017355][ T5862] bridge_slave_1: entered promiscuous mode [ 91.073929][ T5872] chnl_net:caif_netlink_parms(): no params data found [ 91.104907][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.112245][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.119666][ T5867] bridge_slave_0: entered allmulticast mode [ 91.127863][ T5867] bridge_slave_0: entered promiscuous mode [ 91.166406][ T5862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.176408][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.183683][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.190857][ T5867] bridge_slave_1: entered allmulticast mode [ 91.198891][ T5867] bridge_slave_1: entered promiscuous mode [ 91.235314][ T5862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.263985][ T5870] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.271218][ T5870] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.278514][ T5870] bridge_slave_0: entered allmulticast mode [ 91.286267][ T5870] bridge_slave_0: entered promiscuous mode [ 91.331205][ T5870] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.338866][ T5870] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.346208][ T5870] bridge_slave_1: entered allmulticast mode [ 91.354625][ T5870] bridge_slave_1: entered promiscuous mode [ 91.376688][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.389662][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.429686][ T5862] team0: Port device team_slave_0 added [ 91.476324][ T5862] team0: Port device team_slave_1 added [ 91.495739][ T5872] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.503032][ T5872] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.510309][ T5872] bridge_slave_0: entered allmulticast mode [ 91.517875][ T5872] bridge_slave_0: entered promiscuous mode [ 91.528384][ T5870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.557642][ T5867] team0: Port device team_slave_0 added [ 91.564034][ T5872] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.571199][ T5872] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.578785][ T5872] bridge_slave_1: entered allmulticast mode [ 91.586384][ T5872] bridge_slave_1: entered promiscuous mode [ 91.596521][ T5870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.633405][ T5867] team0: Port device team_slave_1 added [ 91.640419][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.647488][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.673495][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.727083][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.734337][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.761335][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.803914][ T5870] team0: Port device team_slave_0 added [ 91.812940][ T5872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.843191][ T5872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.867351][ T5870] team0: Port device team_slave_1 added [ 91.874204][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.881173][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.907332][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.956511][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.963914][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.990535][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.012314][ T5866] Bluetooth: hci0: command tx timeout [ 92.026487][ T5872] team0: Port device team_slave_0 added [ 92.052736][ T5862] hsr_slave_0: entered promiscuous mode [ 92.059542][ T5862] hsr_slave_1: entered promiscuous mode [ 92.068317][ T5872] team0: Port device team_slave_1 added [ 92.075226][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.082302][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.109679][ T5870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.114459][ T9] cfg80211: failed to load regulatory.db [ 92.124637][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.133539][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.160030][ T5870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.181838][ T5866] Bluetooth: hci2: command tx timeout [ 92.181846][ T5185] Bluetooth: hci1: command tx timeout [ 92.252726][ T5866] Bluetooth: hci3: command tx timeout [ 92.273279][ T5867] hsr_slave_0: entered promiscuous mode [ 92.279881][ T5867] hsr_slave_1: entered promiscuous mode [ 92.286441][ T5867] debugfs: 'hsr0' already exists in 'hsr' [ 92.292900][ T5867] Cannot create hsr debugfs directory [ 92.302574][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.309598][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.336374][ T5872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.379538][ T5870] hsr_slave_0: entered promiscuous mode [ 92.386701][ T5870] hsr_slave_1: entered promiscuous mode [ 92.393074][ T5870] debugfs: 'hsr0' already exists in 'hsr' [ 92.398847][ T5870] Cannot create hsr debugfs directory [ 92.406036][ T5872] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.413367][ T5872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.439441][ T5872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.642649][ T5872] hsr_slave_0: entered promiscuous mode [ 92.649326][ T5872] hsr_slave_1: entered promiscuous mode [ 92.655912][ T5872] debugfs: 'hsr0' already exists in 'hsr' [ 92.662421][ T5872] Cannot create hsr debugfs directory [ 93.009354][ T5862] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.023431][ T5862] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.054091][ T5862] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.065523][ T5862] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.127715][ T5867] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.138894][ T5867] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.153301][ T5867] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 93.168708][ T5867] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 93.285601][ T5870] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.300915][ T5870] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.313094][ T5870] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.325491][ T5870] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.447365][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.469488][ T5872] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 93.480519][ T5872] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 93.493047][ T5872] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 93.507942][ T5872] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 93.555304][ T5862] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.580147][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.605749][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.613275][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.626069][ T79] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.633291][ T79] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.660208][ T5867] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.699206][ T79] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.706465][ T79] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.738348][ T1152] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.745578][ T1152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 93.820744][ T5870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.896543][ T5870] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.928623][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.935911][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.971148][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.978384][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.026587][ T5872] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.094196][ T5866] Bluetooth: hci0: command tx timeout [ 94.148221][ T5872] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.190325][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.197578][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.247122][ T1152] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.252778][ T5866] Bluetooth: hci2: command tx timeout [ 94.254417][ T1152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.267181][ T5866] Bluetooth: hci1: command tx timeout [ 94.334057][ T5866] Bluetooth: hci3: command tx timeout [ 94.364940][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.528338][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.560032][ T5870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.585715][ T5862] veth0_vlan: entered promiscuous mode [ 94.644662][ T5862] veth1_vlan: entered promiscuous mode [ 94.727276][ T5867] veth0_vlan: entered promiscuous mode [ 94.755209][ T5870] veth0_vlan: entered promiscuous mode [ 94.768966][ T5862] veth0_macvtap: entered promiscuous mode [ 94.785533][ T5867] veth1_vlan: entered promiscuous mode [ 94.798365][ T5862] veth1_macvtap: entered promiscuous mode [ 94.818238][ T5870] veth1_vlan: entered promiscuous mode [ 94.841933][ T5872] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.863368][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.886411][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.934605][ T37] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.950420][ T5867] veth0_macvtap: entered promiscuous mode [ 94.961163][ T37] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.972203][ T1152] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.982799][ T1152] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.995165][ T5867] veth1_macvtap: entered promiscuous mode [ 95.005349][ T5870] veth0_macvtap: entered promiscuous mode [ 95.028001][ T5870] veth1_macvtap: entered promiscuous mode [ 95.067050][ T5872] veth0_vlan: entered promiscuous mode [ 95.082791][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.100837][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.118345][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.138293][ T5872] veth1_vlan: entered promiscuous mode [ 95.152143][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.167664][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.177054][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.209894][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.226693][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.257794][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.289394][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.299121][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.324815][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.335677][ T5872] veth0_macvtap: entered promiscuous mode [ 95.358019][ T1152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.369203][ T1152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.375203][ T5872] veth1_macvtap: entered promiscuous mode [ 95.449914][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.467299][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.470009][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.506658][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.515421][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.529363][ T5872] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.561599][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.569491][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.586958][ T37] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.597254][ T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.625516][ T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.634459][ T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.668678][ T5862] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 95.717665][ T1152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.727653][ T1152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.814436][ T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.840304][ T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.892186][ T5950] syz.0.1 uses obsolete (PF_INET,SOCK_PACKET) [ 95.942246][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.950135][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.105881][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.121550][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.172592][ T5866] Bluetooth: hci0: command tx timeout [ 96.235115][ T5960] netlink: 'syz.0.6': attribute type 4 has an invalid length. [ 96.332656][ T5866] Bluetooth: hci1: command tx timeout [ 96.338499][ T5185] Bluetooth: hci2: command tx timeout [ 96.344171][ T5965] netlink: 'syz.0.6': attribute type 4 has an invalid length. [ 96.413110][ T5185] Bluetooth: hci3: command tx timeout [ 96.791809][ T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 96.942257][ T938] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 96.963820][ T9] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 96.982660][ T9] usb 2-1: config 1 has no interface number 0 [ 96.990899][ T9] usb 2-1: config 1 interface 105 has no altsetting 0 [ 97.001581][ T9] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 97.010986][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.020381][ T9] usb 2-1: Product: syz [ 97.025152][ T9] usb 2-1: Manufacturer: syz [ 97.029786][ T9] usb 2-1: SerialNumber: syz [ 97.101927][ T938] usb 1-1: Using ep0 maxpacket: 16 [ 97.109672][ T938] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.120248][ T938] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 97.130574][ T938] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.153119][ T938] usb 1-1: config 0 descriptor?? [ 97.250894][ T1152] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.366944][ T1152] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.475389][ T1152] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.610255][ T1152] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.615793][ T938] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 97.650160][ T938] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 97.670427][ T938] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 97.689322][ T938] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 97.707856][ T938] mcp2221 0003:04D8:00DD.0001: unknown main item tag 0x0 [ 97.723676][ T938] mcp2221 0003:04D8:00DD.0001: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 97.865795][ T938] usb 1-1: USB disconnect, device number 2 [ 97.902227][ T9] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32 [ 98.170784][ T9] aqc111 2-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, a0:b4:1c:e0:4e:4f [ 98.186812][ T1152] bridge_slave_1: left allmulticast mode [ 98.202151][ T1152] bridge_slave_1: left promiscuous mode [ 98.209404][ T1152] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.253636][ T5185] Bluetooth: hci0: command tx timeout [ 98.311647][ T1152] bridge_slave_0: left allmulticast mode [ 98.319999][ T1152] bridge_slave_0: left promiscuous mode [ 98.347873][ T5866] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 98.358475][ T5866] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 98.367070][ T5866] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 98.378930][ T5866] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 98.387046][ T5866] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 98.400642][ T9] usb 2-1: USB disconnect, device number 2 [ 98.407392][ T1152] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.416205][ T5185] Bluetooth: hci1: command tx timeout [ 98.423287][ T9] aqc111 2-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter [ 98.492560][ T5185] Bluetooth: hci3: command tx timeout [ 99.212034][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.292894][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 99.395212][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 100.214658][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 100.305472][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.314362][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.326501][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.391818][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.414054][ T5185] Bluetooth: hci2: command tx timeout [ 100.612447][ T1152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 100.649328][ T1152] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 100.675319][ T1152] bond0 (unregistering): Released all slaves [ 100.704498][ T5185] Bluetooth: hci0: Malformed Event: 0x13 [ 100.802128][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.810720][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.896372][ T9] aqc111 2-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 100.921698][ T9] aqc111 2-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 100.960090][ T9] aqc111 2-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 101.663176][ T6029] ------------[ cut here ]------------ [ 101.668888][ T6029] WARNING: fs/exec.c:119 at path_noexec+0x1af/0x200, CPU#0: syz.1.25/6029 [ 101.677537][ T6029] Modules linked in: [ 101.681754][ T6029] CPU: 0 UID: 0 PID: 6029 Comm: syz.1.25 Not tainted syzkaller #0 PREEMPT(full) [ 101.690907][ T6029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 101.701517][ T6029] RIP: 0010:path_noexec+0x1af/0x200 [ 101.706781][ T6029] Code: 02 31 ff 48 89 de e8 50 ba 86 ff d1 eb eb 07 e8 67 b5 86 ff b3 01 89 d8 5b 41 5e 41 5f 5d e9 d8 5e 51 09 cc e8 52 b5 86 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 101.727739][ T6029] RSP: 0018:ffffc9000aaefbd8 EFLAGS: 00010287 [ 101.734230][ T6029] RAX: ffffffff8239e5ce RBX: ffff8880343613c0 RCX: 0000000000080000 [ 101.742875][ T6029] RDX: ffffc9000bd9a000 RSI: 000000000000006b RDI: 000000000000006c [ 101.751618][ T6029] RBP: 0000000000080000 R08: ffff88807b4d1e40 R09: 0000000000000003 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 101.759638][ T6029] R10: 0000000000000003 R11: 0000000000000002 R12: 0000000000000011 [ 101.768416][ T6029] R13: 1ffff9200155df90 R14: 0000000000000000 R15: dffffc0000000000 [ 101.778306][ T6029] FS: 00007fc791cc36c0(0000) GS:ffff8881257b7000(0000) knlGS:0000000000000000 [ 101.788733][ T6029] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 101.796131][ T6029] CR2: 000000110c27a875 CR3: 0000000061036000 CR4: 00000000003526f0 [ 101.804603][ T6029] Call Trace: [ 101.807934][ T6029] [ 101.810901][ T6029] do_mmap+0xa43/0x10d0 [ 101.815234][ T6029] ? __pfx_do_mmap+0x10/0x10 [ 101.819879][ T6029] ? down_write_killable+0x178/0x230 [ 101.826059][ T6029] ? __pfx_down_write_killable+0x10/0x10 [ 101.831918][ T6029] ? common_file_perm+0x1b5/0x230 [ 101.838362][ T6029] vm_mmap_pgoff+0x2a6/0x4d0 [ 101.843128][ T6029] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 101.848288][ T6029] ? __fget_files+0x2a/0x420 [ 101.853640][ T6029] ? __fget_files+0x2a/0x420 [ 101.858297][ T6029] ? __fget_files+0x2a/0x420 [ 101.863576][ T6029] ksys_mmap_pgoff+0x51f/0x760 [ 101.868412][ T6029] do_syscall_64+0xfa/0xfa0 [ 101.873028][ T6029] ? lockdep_hardirqs_on+0x9c/0x150 [ 101.878359][ T6029] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.884527][ T6029] ? clear_bhb_loop+0x60/0xb0 [ 101.889248][ T6029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.895266][ T6029] RIP: 0033:0x7fc790d8eec9 [ 101.899734][ T6029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.919673][ T6029] RSP: 002b:00007fc791cc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 101.928285][ T6029] RAX: ffffffffffffffda RBX: 00007fc790fe5fa0 RCX: 00007fc790d8eec9 [ 101.937168][ T6029] RDX: 0000000003000007 RSI: 0000000000003000 RDI: 0000200000000000 [ 101.945306][ T6029] RBP: 00007fc790e11f91 R08: 0000000000000005 R09: 0000000000000000 [ 101.953402][ T6029] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 101.961913][ T6029] R13: 00007fc790fe6038 R14: 00007fc790fe5fa0 R15: 00007ffeb0dcd888 [ 101.970310][ T6029] [ 101.973467][ T6029] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 101.980778][ T6029] CPU: 0 UID: 0 PID: 6029 Comm: syz.1.25 Not tainted syzkaller #0 PREEMPT(full) [ 101.989903][ T6029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 101.999968][ T6029] Call Trace: [ 102.003256][ T6029] [ 102.006193][ T6029] dump_stack_lvl+0x99/0x250 [ 102.010812][ T6029] ? __asan_memcpy+0x40/0x70 [ 102.015482][ T6029] ? __pfx_dump_stack_lvl+0x10/0x10 [ 102.020723][ T6029] ? __pfx__printk+0x10/0x10 [ 102.025350][ T6029] vpanic+0x237/0x6d0 [ 102.029355][ T6029] ? __pfx_vpanic+0x10/0x10 [ 102.033906][ T6029] ? is_bpf_text_address+0x26/0x2b0 [ 102.039134][ T6029] panic+0xb9/0xc0 [ 102.042874][ T6029] ? __pfx_panic+0x10/0x10 [ 102.047327][ T6029] __warn+0x334/0x4c0 [ 102.051319][ T6029] ? path_noexec+0x1af/0x200 [ 102.055926][ T6029] ? path_noexec+0x1af/0x200 [ 102.060547][ T6029] report_bug+0x2be/0x4f0 [ 102.064905][ T6029] ? path_noexec+0x1af/0x200 [ 102.069524][ T6029] ? path_noexec+0x1af/0x200 [ 102.074134][ T6029] ? path_noexec+0x1b1/0x200 [ 102.078744][ T6029] handle_bug+0x84/0x160 [ 102.083011][ T6029] exc_invalid_op+0x1a/0x50 [ 102.087535][ T6029] asm_exc_invalid_op+0x1a/0x20 [ 102.092409][ T6029] RIP: 0010:path_noexec+0x1af/0x200 [ 102.097638][ T6029] Code: 02 31 ff 48 89 de e8 50 ba 86 ff d1 eb eb 07 e8 67 b5 86 ff b3 01 89 d8 5b 41 5e 41 5f 5d e9 d8 5e 51 09 cc e8 52 b5 86 ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 102.117343][ T6029] RSP: 0018:ffffc9000aaefbd8 EFLAGS: 00010287 [ 102.123428][ T6029] RAX: ffffffff8239e5ce RBX: ffff8880343613c0 RCX: 0000000000080000 [ 102.131427][ T6029] RDX: ffffc9000bd9a000 RSI: 000000000000006b RDI: 000000000000006c [ 102.139499][ T6029] RBP: 0000000000080000 R08: ffff88807b4d1e40 R09: 0000000000000003 [ 102.147497][ T6029] R10: 0000000000000003 R11: 0000000000000002 R12: 0000000000000011 [ 102.155482][ T6029] R13: 1ffff9200155df90 R14: 0000000000000000 R15: dffffc0000000000 [ 102.163509][ T6029] ? path_noexec+0x1ae/0x200 [ 102.168135][ T6029] ? path_noexec+0x1ae/0x200 [ 102.172744][ T6029] do_mmap+0xa43/0x10d0 [ 102.176924][ T6029] ? __pfx_do_mmap+0x10/0x10 [ 102.181528][ T6029] ? down_write_killable+0x178/0x230 [ 102.186870][ T6029] ? __pfx_down_write_killable+0x10/0x10 [ 102.192523][ T6029] ? common_file_perm+0x1b5/0x230 [ 102.197570][ T6029] vm_mmap_pgoff+0x2a6/0x4d0 [ 102.202178][ T6029] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 102.207302][ T6029] ? __fget_files+0x2a/0x420 [ 102.211909][ T6029] ? __fget_files+0x2a/0x420 [ 102.216519][ T6029] ? __fget_files+0x2a/0x420 [ 102.221129][ T6029] ksys_mmap_pgoff+0x51f/0x760 [ 102.225918][ T6029] do_syscall_64+0xfa/0xfa0 [ 102.230471][ T6029] ? lockdep_hardirqs_on+0x9c/0x150 [ 102.235681][ T6029] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.241769][ T6029] ? clear_bhb_loop+0x60/0xb0 [ 102.246461][ T6029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.252359][ T6029] RIP: 0033:0x7fc790d8eec9 [ 102.256871][ T6029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.276490][ T6029] RSP: 002b:00007fc791cc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 102.285097][ T6029] RAX: ffffffffffffffda RBX: 00007fc790fe5fa0 RCX: 00007fc790d8eec9 [ 102.293084][ T6029] RDX: 0000000003000007 RSI: 0000000000003000 RDI: 0000200000000000 [ 102.301064][ T6029] RBP: 00007fc790e11f91 R08: 0000000000000005 R09: 0000000000000000 [ 102.309055][ T6029] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 102.317051][ T6029] R13: 00007fc790fe6038 R14: 00007fc790fe5fa0 R15: 00007ffeb0dcd888 [ 102.325057][ T6029] [ 102.328375][ T6029] Kernel Offset: disabled [ 102.332713][ T6029] Rebooting in 86400 seconds..