last executing test programs: 4.313524425s ago: executing program 0 (id=7): connect$inet(0xffffffffffffffff, 0x0, 0x0) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, 0x0) ioctl$IOMMU_DESTROY$hwpt(r0, 0x3b80, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05e13f000009058303", @ANYRESHEX], 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000140), 0xe, 0x480) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000240)=""/96) 2.530511805s ago: executing program 2 (id=19): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmmsg(r1, &(0x7f00000029c0), 0x400006d, 0x20000004) recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 2.479464618s ago: executing program 1 (id=20): sched_setscheduler(0x0, 0x2, 0x0) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e00000000"], 0xd) sched_setscheduler(0x0, 0x2, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c) listen(0xffffffffffffffff, 0x6) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r2 = accept(r0, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r4, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0) 2.390337676s ago: executing program 1 (id=21): socket(0x10, 0x3, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./bus\x00', 0x0, 0x0) fanotify_init(0x200, 0x0) syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a6f, 0x100, 0x22, 0x335}, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) socket$inet6(0xa, 0x3, 0xff) socket$inet6(0xa, 0x800000000000002, 0x0) syz_io_uring_setup(0x2436, &(0x7f0000000380)={0x0, 0x1017a3, 0x13090, 0x0, 0x3e4}, 0x0, 0x0) openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x42080) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1}) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x1e) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)}) 2.340232852s ago: executing program 2 (id=22): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x200, 0x0) chdir(&(0x7f0000000140)='./bus\x00') linkat(r0, &(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00') rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./bus\x00') 2.339918722s ago: executing program 1 (id=23): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000400)=@can_newroute={0x1c, 0x18, 0x1, 0x870bd26, 0x25dfdbfe, {}, [@CGW_LIM_HOPS={0x5, 0x12, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x840}, 0x0) 2.258697623s ago: executing program 2 (id=24): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=fscache']) r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22) writev(r3, &(0x7f0000000000)=[{&(0x7f00000006c0)='\t', 0x2003f}], 0x1) 2.258501179s ago: executing program 1 (id=25): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000780)={{0x7, 0x1, 0x0, 0x800, 'syz0\x00'}, 0x1, [0x0, 0x80, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x5, 0x0, 0x0, 0x2, 0x0, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x400, 0xffffffff, 0x0, 0x0, 0x42, 0x0, 0xfffffffffffffffd, 0x100000002, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0xd453, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffc, 0x9, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x7fffffff, 0x0, 0x0, 0x80000000000, 0x79, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xea, 0x8, 0x0, 0xb, 0x0, 0xfffffffffffffffd, 0x0, 0x80000, 0x0, 0xfffffffffffffffd, 0x4000000000000, 0x200, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffd, 0x2, 0x34, 0x0, 0x4, 0x0, 0x400, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x7ffffffc, 0x20b50d5b]}) socket$key(0xf, 0x3, 0x2) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000480)={{0x8, 0x6, 0x7fffffff, 0xa, 'syz0\x00', 0x9}, 0x5, 0x30000302, 0x1, 0x0, 0x0, 0x7, 'syz1\x00', 0x0}) setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000000000000000850000004100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000180000850000008200000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x0, 0xe, 0x0, &(0x7f0000000440)="92931f6e32e1ffa94914674af600", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) 2.200350991s ago: executing program 2 (id=26): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2, 0x6e}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108) getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, 0x0, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="fe"]) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$tty1(0xc, 0x4, 0x4) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x40, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x18, 0x3, "c6a41d106c720000000000000000000002000000"}, @NFTA_MATCH_NAME={0xa, 0x1, 'owner\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}}, 0x4048010) 2.003605669s ago: executing program 0 (id=27): syz_open_dev$dri(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) r1 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0) fcntl$setlease(r1, 0x400, 0x0) mq_open(0x0, 0x1, 0x8, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @remote, {[@ra={0x94, 0x4}, @cipso={0x86, 0x25, 0x0, [{0x0, 0x10, "f79eb4cf48b5a5788fc15a45b5b1"}, {0x0, 0xf, "749018c9a54b61394327f11535"}]}]}}}}}}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) 1.625359724s ago: executing program 3 (id=29): sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, 0x0, 0x40044) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffefffffffffffd, 0x0, 0xffffffff, 0x7f, 0x4002004c4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x6], 0xeeee8000, 0x241180}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000780)={0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000006f0000000000000066470f64dfc4a3255f1d040000000266baf80cb8ecdcf388ef66bafc0cb86b420000ef0fc76cf3b30f01f8c4619e5a72f8b9800000c00f3235010000000f30420f01c448b85a000000000000000f23c00f21f835020007000f23f843cd05c3010000000000000064000000000000000fc75a223e660f382a0f0f893b00000000000022c048b808000000000000000f23c80f21f8350000c0000f23f866ba410066ed430f0fa4da81966fb7a6c46255453ca60f005da4f2410f2b833e4b285a430f30c300000000000000001800000000000000030000000000000001000000000000006500000000000000b8010000000f01d9c40202"], 0x1b9}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.446527569s ago: executing program 3 (id=30): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GENEVE_UDP_CSUM={0x5}, @IFLA_GENEVE_UDP_ZERO_CSUM6_RX={0x5, 0xa, 0x1}]}}}]}, 0x44}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="190000"], 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={0x1, 0x0, &(0x7f0000001f00)=""/4073, 0x2482ac861b82b520}, 0x2d) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = socket$l2tp6(0xa, 0x2, 0x73) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) sendmsg$nl_route(r3, 0x0, 0x0) bind$l2tp6(r2, &(0x7f0000000140)={0xa, 0x0, 0x5, @dev={0xfe, 0x80, '\x00', 0x2c}, 0x0, 0x80000000}, 0x20) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r7 = dup3(r6, r5, 0x0) r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4}) ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f00000007c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf0, 0x0, 0x0, 0x0}, 0x1000}], 0x3, 0x0, &(0x7f0000000840)="093eda"}) connect$l2tp6(r2, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20) sendmmsg$inet6(r2, &(0x7f0000000ac0)=[{{0x0, 0x0, 0x0}}], 0x1, 0xff00) unlink(&(0x7f0000000000)='./file0\x00') 948.926732ms ago: executing program 1 (id=31): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 849.828098ms ago: executing program 0 (id=32): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x200, 0x0) chdir(&(0x7f0000000140)='./bus\x00') linkat(r0, &(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00') rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./bus\x00') 849.630176ms ago: executing program 2 (id=33): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs2/custom0\x00', 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSTI(r3, 0x5412, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f0000000040)) socket$kcm(0x10, 0x3, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0xfffffffffffffdec) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) close(r4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$SIOCSIFHWADDR(r4, 0x8b0f, &(0x7f0000000000)={'wlan1\x00', @random="0003230c1100"}) 719.187376ms ago: executing program 0 (id=34): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=fscache']) r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22) writev(r3, &(0x7f0000000000)=[{&(0x7f00000006c0)='\t', 0x2003f}], 0x1) 589.787954ms ago: executing program 0 (id=35): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000480)=@multiplanar_overlay={0xd, 0x3, 0x4, 0x800, 0xb, {0x77359400}, {0x5, 0x0, 0x7f, 0x85, 0x8b, 0x7, "b05edd79"}, 0x1629, 0x3, {0x0}, 0x8001}) 589.530869ms ago: executing program 1 (id=36): connect$inet(0xffffffffffffffff, 0x0, 0x0) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, 0x0) ioctl$IOMMU_DESTROY$hwpt(r0, 0x3b80, 0x0) syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05e13f000009058303", @ANYRESHEX], 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000140), 0xe, 0x480) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000240)=""/96) 489.343191ms ago: executing program 3 (id=37): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x87, @loopback, 0x4e24, 0x1, 'none\x00', 0x1, 0x32bd, 0x9}, {@loopback, 0x4e21, 0x2, 0xfffffffe, 0x4, 0x12d5c}}, 0x44) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) capset(&(0x7f0000000000)={0x20080522}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000020000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x69, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0x10d000}) syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 487.329126ms ago: executing program 0 (id=38): openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x1a1002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) fsmount(0xffffffffffffffff, 0x1, 0x1) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4) sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 410.38419ms ago: executing program 3 (id=39): bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x25, 0xc, @void}, 0x10) socket(0x11, 0x80a, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000180)={0x0, 0x0, 0xfffffffd}) ioctl$MON_IOCH_MFLUSH(r0, 0x9208, 0x0) 199.673702ms ago: executing program 3 (id=40): openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x34, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) 262.855µs ago: executing program 3 (id=41): syz_open_dev$dri(0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) r1 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0) fcntl$setlease(r1, 0x400, 0x0) mq_open(&(0x7f0000000b40)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x8, 0x0) sched_setscheduler(0x0, 0x2, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, @empty, @remote, {[@ra={0x94, 0x4}, @cipso={0x86, 0x25, 0x0, [{0x0, 0x10, "f79eb4cf48b5a5788fc15a45b5b1"}, {0x0, 0xf, "749018c9a54b61394327f11535"}]}]}}}}}}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) 0s ago: executing program 2 (id=42): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000003702000020febfff7a0af0fff8ff00f869a4f0ff00000000b70600001218d1fe2d640500000000001404000000ffffffdc04000040000000b7040000100000206a0700fe00000000850000002f000000b70000000a00000095000000000000006458c2c62fca868f0399d909a63396c113940c19aab9d607000000cb3924b611f5969f62c28b22edf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa8a23f1740637c48468766af54043000000ec44631ac2622cdcae18c3d14bfbe96dd87235b44174f7c034318508f49f09781dc7a2cfbb9a0f119e31975f551558055dc2dc2739e2e735d0ab961dac07f4f6d8aa1c3f16765d427c0e01000000fe4c16737d50d2a4bfc463450d524eacf2b734b0289c7a3a16eeca71296746681d61af491e4fa734318e0d72b8dbbc2b2b869af2f87903000000b6ecc7de09a2257e908cd92e664fa7aba7f07474863333c460e34caf0806a7e2575a56972b1bf8c4e872bba38160be9e92b6ddb90fc51b894917b50876b570ce9bc019084873ed07c0c59c4ba053fe77e0d37ccc3318da2e9fefaf025527e734ed1de5d12b4c56ca3b03dc121086071d1f26821a428d28eefa22ead6a3dab9388da53263b81ebe6be197a48a63440000a356240c4e2df57457000100000000000000000000008d2516510b29804b3cc034c19cef0d773f01064709edd63a185cbab8456c25283b9514b220fe401503ff536478088eb9fd932a0703a7bf9ea40429b2d49177824f210a69f8e5227fd32e7d5a2c7ecf57ac64509224b52e746d631637e596e5a55d2c805bf725b9d14756c8cfa292aae0872866cf9fe063317741a0db9081d4393a7f9bcc0917d60a11b4a9ece831660ce625de441cef915eba31255d163f7033045ceb97f8ea006efc5b84f75ca1fb74c9faef444eb12f46b435de87feb2f7f2d7fb659395e4b38178b5c67e6ac100000000000000001b2e77bd5de136fa1bec1a26c622bb9662d9ee70147acc5605aa2318855cb8b918000000c5f265dcb5dce05f94ea051c4e8dcdf37d01ad7aff64f84ce32b841c799f47c2949725285fc50f1dd3f5e264023082eec752704c1f598151aa7d29e0d79522df196278acf327a74777d1f658f50c27020198010000000000008050d56d4d195ad7a267c46b3348b0e03ed33b5bca13cafc304dc6da78d20f029742d8d2f36acfdd331081ca00c1d5c8b7bed2ef603d6e7f1764246aab2d7d531559a971939a038055ac28625ec837f824ff537cd67993a3589be73a18680da50287b9e962b1a0235c290346a21ca5de55c49c78e411c791617000ef8df75411a5d300000000000000e0ffffff004deb8d49806823655735bd6deb49edb2e42f4ed9e6e9080366660b847bf03c144f6796920726dcf29e9a6c808459e82cbb0000000000000000000000000000000000006b5530865aaa7aa6171f66f2bca881a4201588427bb65ed3d5e7a74e9b5ece44067d4a9875a310bc7ec42b844b9eb3c9083560ef5c92b8a01188d61573bebb74efbf70893d2eaf76517e990021fa5020a71023bca1194ad87cade480ba3dce8f57294e31ca24a8d18165e2b6d18ff2c58293c2e314a7447ed3a1c870908aa8e3b33e6a94c7381bce9fa71dcbb758451f247e38d80d66e03d7564a5cddfaf06574b05cefb2670f30c2d501ee625ce3ffc08f15b53d28ce552c1807bc6866f06098a0e5517068aa48f2a82496fe83ee85218fe7f52b48742c7055f2a144c13e9c54be60b0a4f979ef7eb216897875946dc6ca1571930b1cf7c93de103f5289f782ae538e02612c717a76c787a873936eb8dcf1bfe581cc8ef965a0424bc140939e3274e251e519d188f6af680402c49458065dccfcb4f0d4f2ec9cf6fb3cf0a1807e34fb8d0144587734c1d2bc6a9d32d2560a88bad976b6000100002b712e632eeca810fb73fc8aaef94acf8bde18b9149cadc688254eabbe91f943592ccf68e717bcc6852828bd621e3a9dcb1cc6f1a6d1915200d95087838c2dc0a002c3aa554f725b965714144652cdc14761b0236f1a05b7f50f4149057e63d713103b5a6c2919161efc165a2e6981d76d29c95ad9f180135fb8962f59495fd33be3a6d35274941790bc1bd9da5e9c67c39de2c9f6fe35b8f528edbf8ea2a77dccdc3fe247feb121d9440a3ea9012a9d23a7e3110b0f25c5f8bf803d688de4d92b5dfdbd69fb8b426b55c10ba01b5e18b10cce8d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) write$FUSE_NOTIFY_RETRIEVE(r2, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl']) kernel console output (not intermixed with test programs): [ 38.104409][ T40] audit: type=1400 audit(1750017473.970:61): avc: denied { siginh } for pid=5838 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:43422' (ED25519) to the list of known hosts. [ 39.021919][ T40] audit: type=1400 audit(1750017474.910:62): avc: denied { name_bind } for pid=5848 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 39.042732][ T40] audit: type=1400 audit(1750017474.930:63): avc: denied { write } for pid=5849 comm="sh" path="pipe:[7172]" dev="pipefs" ino=7172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 39.062552][ T40] audit: type=1400 audit(1750017474.950:64): avc: denied { execute } for pid=5849 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 39.069572][ T40] audit: type=1400 audit(1750017474.960:65): avc: denied { execute_no_trans } for pid=5849 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 41.092824][ T40] audit: type=1400 audit(1750017476.990:66): avc: denied { mounton } for pid=5849 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 41.095851][ T5849] cgroup: Unknown subsys name 'net' [ 41.267282][ T5849] cgroup: Unknown subsys name 'cpuset' [ 41.274125][ T5849] cgroup: Unknown subsys name 'rlimit' [ 41.515997][ T5865] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 42.190528][ T5849] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.442220][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 45.442230][ T40] audit: type=1400 audit(1750017481.330:80): avc: denied { execmem } for pid=5928 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.669718][ T40] audit: type=1400 audit(1750017481.560:81): avc: denied { create } for pid=5932 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.676545][ T40] audit: type=1400 audit(1750017481.560:82): avc: denied { read write } for pid=5932 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.687600][ T40] audit: type=1400 audit(1750017481.560:83): avc: denied { open } for pid=5932 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1292 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.696004][ T40] audit: type=1400 audit(1750017481.570:84): avc: denied { ioctl } for pid=5932 comm="syz-executor" path="socket:[5671]" dev="sockfs" ino=5671 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.726244][ T5936] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.730360][ T5936] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.734064][ T5936] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.737562][ T5936] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.741514][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.745147][ T5940] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.745552][ T5941] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.747634][ T5940] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.750307][ T5941] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.753647][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.758028][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.769490][ T5943] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.771359][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.773091][ T40] audit: type=1400 audit(1750017481.660:85): avc: denied { read } for pid=5935 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.773210][ T5943] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.774007][ T5943] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.774568][ T5943] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.775578][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.793257][ T40] audit: type=1400 audit(1750017481.660:86): avc: denied { open } for pid=5935 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.793773][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.805888][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.807186][ T40] audit: type=1400 audit(1750017481.660:87): avc: denied { mounton } for pid=5932 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 45.808904][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.023410][ T40] audit: type=1400 audit(1750017481.920:88): avc: denied { module_request } for pid=5935 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 46.110599][ T5935] chnl_net:caif_netlink_parms(): no params data found [ 46.139127][ T5939] chnl_net:caif_netlink_parms(): no params data found [ 46.153158][ T5932] chnl_net:caif_netlink_parms(): no params data found [ 46.214451][ T5944] chnl_net:caif_netlink_parms(): no params data found [ 46.296540][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.299494][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.301853][ T5935] bridge_slave_0: entered allmulticast mode [ 46.304801][ T5935] bridge_slave_0: entered promiscuous mode [ 46.315209][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.318076][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.320930][ T5935] bridge_slave_1: entered allmulticast mode [ 46.324673][ T5935] bridge_slave_1: entered promiscuous mode [ 46.342745][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.345119][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.347374][ T5939] bridge_slave_0: entered allmulticast mode [ 46.349954][ T5939] bridge_slave_0: entered promiscuous mode [ 46.407612][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.410636][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.413949][ T5939] bridge_slave_1: entered allmulticast mode [ 46.417010][ T5939] bridge_slave_1: entered promiscuous mode [ 46.517226][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.519498][ T5932] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.521737][ T5932] bridge_slave_0: entered allmulticast mode [ 46.525607][ T5932] bridge_slave_0: entered promiscuous mode [ 46.534118][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.538955][ T5939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.542104][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.545428][ T5932] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.549015][ T5932] bridge_slave_1: entered allmulticast mode [ 46.553029][ T5932] bridge_slave_1: entered promiscuous mode [ 46.600106][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.605480][ T5939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.644747][ T5932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.668169][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.671223][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.674449][ T5944] bridge_slave_0: entered allmulticast mode [ 46.677973][ T5944] bridge_slave_0: entered promiscuous mode [ 46.744410][ T5939] team0: Port device team_slave_0 added [ 46.748331][ T5932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.751643][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.754261][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.756635][ T5944] bridge_slave_1: entered allmulticast mode [ 46.759368][ T5944] bridge_slave_1: entered promiscuous mode [ 46.763758][ T5935] team0: Port device team_slave_0 added [ 46.767712][ T5939] team0: Port device team_slave_1 added [ 46.800882][ T5935] team0: Port device team_slave_1 added [ 46.857117][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.904824][ T5932] team0: Port device team_slave_0 added [ 46.909256][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.956493][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.959202][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.969074][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.974772][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.977014][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.985207][ T5939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.990999][ T5932] team0: Port device team_slave_1 added [ 47.014750][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.017504][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.027339][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.032217][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.035481][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.045656][ T5939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.080472][ T5944] team0: Port device team_slave_0 added [ 47.089080][ T5944] team0: Port device team_slave_1 added [ 47.096432][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.098603][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.108471][ T5932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.157472][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.159659][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.168344][ T5932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.177617][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.180502][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.191071][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.225732][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.228382][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.238803][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.274979][ T5935] hsr_slave_0: entered promiscuous mode [ 47.278217][ T5935] hsr_slave_1: entered promiscuous mode [ 47.338296][ T5932] hsr_slave_0: entered promiscuous mode [ 47.340518][ T5932] hsr_slave_1: entered promiscuous mode [ 47.342572][ T5932] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.346319][ T5932] Cannot create hsr debugfs directory [ 47.352831][ T5939] hsr_slave_0: entered promiscuous mode [ 47.355968][ T5939] hsr_slave_1: entered promiscuous mode [ 47.358820][ T5939] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.361950][ T5939] Cannot create hsr debugfs directory [ 47.416421][ T5944] hsr_slave_0: entered promiscuous mode [ 47.419563][ T5944] hsr_slave_1: entered promiscuous mode [ 47.422427][ T5944] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.425696][ T5944] Cannot create hsr debugfs directory [ 47.803550][ T5936] Bluetooth: hci0: command tx timeout [ 47.806265][ T5947] Bluetooth: hci2: command tx timeout [ 47.812823][ T5947] Bluetooth: hci1: command tx timeout [ 47.883212][ T5947] Bluetooth: hci3: command tx timeout [ 47.910204][ T5939] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.918115][ T5939] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.924632][ T5939] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.938961][ T5939] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.987394][ T5935] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.993830][ T5935] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.002150][ T5935] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.008955][ T5935] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.064749][ T5944] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.071261][ T5944] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.080534][ T5944] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.086398][ T5944] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.178274][ T5932] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.188265][ T5932] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.196014][ T5932] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.214317][ T5932] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.247796][ T5939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.286399][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.302811][ T5939] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.329761][ T5935] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.341297][ T89] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.344616][ T89] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.358599][ T1183] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.361164][ T1183] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.370033][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.376665][ T1192] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.379561][ T1192] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.388854][ T1192] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.391731][ T1192] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.418635][ T5944] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.435115][ T89] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.437354][ T89] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.465123][ T5932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.470492][ T1183] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.473471][ T1183] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.535752][ T5932] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.537541][ T40] audit: type=1400 audit(1750017484.430:89): avc: denied { sys_module } for pid=5935 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 48.556426][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.559576][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.581057][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.584185][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.655021][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.692468][ T5935] veth0_vlan: entered promiscuous mode [ 48.710166][ T5935] veth1_vlan: entered promiscuous mode [ 48.719890][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.730249][ T5939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.778272][ T5935] veth0_macvtap: entered promiscuous mode [ 48.783107][ T5939] veth0_vlan: entered promiscuous mode [ 48.792313][ T5939] veth1_vlan: entered promiscuous mode [ 48.795216][ T5935] veth1_macvtap: entered promiscuous mode [ 48.825331][ T5932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.829801][ T5944] veth0_vlan: entered promiscuous mode [ 48.841189][ T5944] veth1_vlan: entered promiscuous mode [ 48.849310][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.864288][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.871271][ T5935] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.875303][ T5935] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.878680][ T5935] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.881487][ T5935] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.890269][ T5939] veth0_macvtap: entered promiscuous mode [ 48.899870][ T5939] veth1_macvtap: entered promiscuous mode [ 48.937373][ T5944] veth0_macvtap: entered promiscuous mode [ 48.942036][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.965022][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.974340][ T5939] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.977406][ T5939] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.980392][ T5939] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.983504][ T5939] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.989377][ T5944] veth1_macvtap: entered promiscuous mode [ 48.992522][ T5932] veth0_vlan: entered promiscuous mode [ 49.001495][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.006078][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.036372][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.037501][ T5932] veth1_vlan: entered promiscuous mode [ 49.038846][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.048351][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.058419][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.072287][ T5944] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.076748][ T5944] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.080211][ T5944] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.084043][ T5944] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.116933][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.119535][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.124572][ T5932] veth0_macvtap: entered promiscuous mode [ 49.130167][ T5935] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 49.136058][ T5932] veth1_macvtap: entered promiscuous mode [ 49.154893][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.157450][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.179331][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.185676][ T6022] geneve2: entered promiscuous mode [ 49.187603][ T6022] geneve2: entered allmulticast mode [ 49.197428][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.201211][ T5932] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.202185][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.204493][ T5932] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.206759][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.209435][ T5932] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.209457][ T5932] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.233739][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.272544][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.272907][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.283476][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.337780][ T6024] binder: BINDER_SET_CONTEXT_MGR already set [ 49.340357][ T6024] binder: 6021:6024 ioctl 4018620d 200000000040 returned -16 [ 49.654248][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.676627][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.883209][ T5947] Bluetooth: hci1: command tx timeout [ 49.885674][ T5936] Bluetooth: hci2: command tx timeout [ 49.886463][ T5943] Bluetooth: hci0: command tx timeout [ 49.902767][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.909328][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.962713][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 49.962835][ T5947] Bluetooth: hci3: command tx timeout [ 50.130624][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 50.335768][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 50.699604][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.702109][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.752575][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 50.752590][ T40] audit: type=1400 audit(1750017486.640:126): avc: denied { read } for pid=6042 comm="syz.0.7" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.764626][ T40] audit: type=1400 audit(1750017486.650:127): avc: denied { open } for pid=6042 comm="syz.0.7" path="/dev/iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.773510][ T40] audit: type=1400 audit(1750017486.650:128): avc: denied { ioctl } for pid=6042 comm="syz.0.7" path="/dev/iommu" dev="devtmpfs" ino=632 ioctlcmd=0x3b81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.790793][ T40] audit: type=1400 audit(1750017486.650:129): avc: denied { write } for pid=6042 comm="syz.0.7" name="raw-gadget" dev="devtmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.800685][ T40] audit: type=1400 audit(1750017486.670:130): avc: denied { setopt } for pid=6041 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 50.808848][ T40] audit: type=1400 audit(1750017486.670:131): avc: denied { create } for pid=6041 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 50.817161][ T40] audit: type=1400 audit(1750017486.670:132): avc: denied { write } for pid=6041 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 50.827995][ T40] audit: type=1400 audit(1750017486.720:133): avc: denied { create } for pid=6046 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 50.847926][ T40] audit: type=1400 audit(1750017486.740:134): avc: denied { read } for pid=6041 comm="syz.3.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 50.873765][ T40] audit: type=1400 audit(1750017486.770:135): avc: denied { prog_load } for pid=6049 comm="syz.1.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 50.962829][ T6055] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10'. [ 50.966506][ T6055] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10'. [ 50.969533][ T6055] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10'. [ 50.973709][ T6055] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10'. [ 50.992719][ T6001] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 51.038505][ T6060] overlayfs: missing 'lowerdir' [ 51.045397][ T6061] Zero length message leads to an empty skb [ 51.142779][ T6001] usb 5-1: Using ep0 maxpacket: 8 [ 51.146765][ T6001] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 51.149665][ T6001] usb 5-1: config 179 has no interface number 0 [ 51.152017][ T6001] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 51.157476][ T6001] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 51.161920][ T6001] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 102, changing to 10 [ 51.173516][ T6001] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 24624, setting to 1024 [ 51.177586][ T6001] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 51.181751][ T6001] usb 5-1: config 179 interface 65 has no altsetting 0 [ 51.192683][ T6001] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 51.195711][ T6001] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.218388][ T6001] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:179.65/input/input5 [ 51.241322][ T6070] geneve2: entered promiscuous mode [ 51.245594][ T6070] geneve2: entered allmulticast mode [ 51.265278][ T5334] input input5: unable to receive magic message: -110 [ 51.292730][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 51.304057][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 51.307827][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.455896][ T5334] input input5: unable to receive magic message: -32 [ 51.468651][ T5334] input input5: unable to receive magic message: -32 [ 51.470535][ T6073] binder: BINDER_SET_CONTEXT_MGR already set [ 51.473592][ T6073] binder: 6069:6073 ioctl 4018620d 200000000040 returned -16 [ 51.481989][ T5334] input input5: unable to receive magic message: -32 [ 51.963374][ T5943] Bluetooth: hci1: command tx timeout [ 52.042802][ T5943] Bluetooth: hci3: command tx timeout [ 52.231369][ T6043] input input5: unable to receive magic message: -110 [ 52.497799][ C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 52.503511][ T6001] usb 5-1: USB disconnect, device number 2 [ 52.553609][ T6001] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 52.606417][ T5943] Bluetooth: hci3: unexpected event for opcode 0x0000 [ 52.610693][ T6086] netlink: 36 bytes leftover after parsing attributes in process `syz.1.20'. [ 52.613520][ T6086] netlink: 16 bytes leftover after parsing attributes in process `syz.1.20'. [ 52.616535][ T6086] netlink: 36 bytes leftover after parsing attributes in process `syz.1.20'. [ 52.619320][ T6086] netlink: 36 bytes leftover after parsing attributes in process `syz.1.20'. [ 52.849143][ T6098] Illegal XDP return value 4294967274 on prog (id 2) dev N/A, expect packet loss! [ 52.922797][ T5943] Bluetooth: hci0: command tx timeout [ 53.582409][ T6111] geneve2: entered promiscuous mode [ 53.584416][ T6111] geneve2: entered allmulticast mode [ 54.052806][ T5943] Bluetooth: hci1: command tx timeout [ 54.369331][ T6120] warning: `syz.2.33' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 54.732980][ T837] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 54.902902][ T837] usb 6-1: Using ep0 maxpacket: 8 [ 54.916068][ T837] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 54.919713][ T837] usb 6-1: config 179 has no interface number 0 [ 54.922833][ T837] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 54.927428][ T837] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 54.932337][ T837] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 102, changing to 10 [ 54.937589][ T837] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 24624, setting to 1024 [ 54.942745][ T837] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 54.949120][ T837] usb 6-1: config 179 interface 65 has no altsetting 0 [ 54.952905][ T837] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 54.956730][ T837] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.970331][ T837] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input6 [ 55.013380][ T5943] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 55.017352][ T5943] Bluetooth: hci2: Injecting HCI hardware error event [ 55.022568][ T5943] Bluetooth: hci2: hardware error 0x00 [ 55.028024][ T5334] input input6: unable to receive magic message: -110 [ 55.044936][ T5334] input input6: unable to receive magic message: -32 [ 55.049440][ T5334] input input6: unable to receive magic message: -32 [ 55.055095][ T5334] input input6: unable to receive magic message: -32 [ 55.058435][ T5334] input input6: unable to receive magic message: -32 [ 55.071583][ T6143] ------------[ cut here ]------------ [ 55.074014][ T6143] WARNING: CPU: 0 PID: 6143 at mm/page_alloc.c:4935 __alloc_frozen_pages_noprof+0x30b/0x23f0 [ 55.077159][ T6143] Modules linked in: [ 55.079326][ T6143] CPU: 0 UID: 0 PID: 6143 Comm: syz.2.42 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) [ 55.084507][ T6143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 55.087855][ T6143] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0 [ 55.089942][ T6143] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 83 6d 7a 0e 00 75 0b c6 05 7a 6d 7a 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8 [ 55.096598][ T6143] RSP: 0018:ffffc900056678d8 EFLAGS: 00010246 [ 55.100042][ T6143] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 55.102530][ T6143] RDX: 0000000000000000 RSI: 000000000000002a RDI: 0000000000040d40 [ 55.105201][ T6143] RBP: 0020000000078000 R08: 0000000000000007 R09: 0000000000000000 [ 55.107690][ T6143] R10: 0020000000078000 R11: 0000000000000001 R12: 000000000000002a [ 55.110206][ T6143] R13: 1ffff92000accf30 R14: 0020000000078000 R15: 000000000000002a [ 55.112811][ T6143] FS: 00007f8bd98096c0(0000) GS:ffff8880d6753000(0000) knlGS:0000000000000000 [ 55.115661][ T6143] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 55.117736][ T6143] CR2: 0000001b2ea1fffc CR3: 00000000365bf000 CR4: 0000000000352ef0 [ 55.120267][ T6143] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 55.122809][ T6143] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 55.125376][ T6143] Call Trace: [ 55.126433][ T6143] [ 55.127407][ T6143] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 55.129388][ T6143] ? kasan_quarantine_put+0x10a/0x240 [ 55.131089][ T6143] ? lockdep_hardirqs_on+0x7c/0x110 [ 55.132820][ T6143] ? kfree+0x2b4/0x4d0 [ 55.134153][ T6143] ? p9_client_clunk+0x12a/0x170 [ 55.135734][ T6143] ? p9_client_clunk+0x12f/0x170 [ 55.137297][ T6143] ? v9fs_fid_get_acl+0x7a/0x120 [ 55.138848][ T6143] __alloc_pages_noprof+0xb/0x1b0 [ 55.140461][ T6143] ___kmalloc_large_node+0x84/0x1e0 [ 55.142102][ T6143] ? v9fs_fid_get_acl+0x7a/0x120 [ 55.143751][ T6143] __kmalloc_large_node_noprof+0x1c/0x70 [ 55.145523][ T6143] __kmalloc_noprof.cold+0xc/0x61 [ 55.147516][ T6143] ? __pfx_iget5_locked+0x10/0x10 [ 55.149554][ T6143] ? v9fs_cache_inode_get_cookie+0x28f/0x3a0 [ 55.151497][ T6143] v9fs_fid_get_acl+0x7a/0x120 [ 55.153136][ T6143] v9fs_get_acl+0xee/0x530 [ 55.154605][ T6143] v9fs_inode_from_fid_dotl+0x264/0x2f0 [ 55.156434][ T6143] v9fs_mount+0x4fd/0xa30 [ 55.157828][ T6143] ? __pfx_v9fs_mount+0x10/0x10 [ 55.159459][ T6143] ? cap_capable+0xb3/0x250 [ 55.160959][ T6143] ? __pfx_v9fs_mount+0x10/0x10 [ 55.162586][ T6143] legacy_get_tree+0x10c/0x220 [ 55.164431][ T6143] vfs_get_tree+0x8b/0x340 [ 55.166005][ T6143] path_mount+0x1414/0x2020 [ 55.167516][ T6143] ? kmem_cache_free+0x2d1/0x4d0 [ 55.168300][ T6124] input input6: unable to receive magic message: -32 [ 55.169151][ T6143] ? __pfx_path_mount+0x10/0x10 [ 55.169420][ T6143] ? putname+0x154/0x1a0 [ 55.174728][ T6143] __x64_sys_mount+0x28d/0x310 [ 55.176319][ T6143] ? __pfx___x64_sys_mount+0x10/0x10 [ 55.178052][ T6143] do_syscall_64+0xcd/0x4c0 [ 55.180070][ T6143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.181944][ T6143] RIP: 0033:0x7f8bd898e929 [ 55.183586][ T6143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.189638][ T6143] RSP: 002b:00007f8bd9809038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 55.192325][ T6143] RAX: ffffffffffffffda RBX: 00007f8bd8bb5fa0 RCX: 00007f8bd898e929 [ 55.194974][ T6143] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000 [ 55.197487][ T6143] RBP: 00007f8bd8a10b39 R08: 0000200000000580 R09: 0000000000000000 [ 55.200055][ T6143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 55.202704][ T6143] R13: 0000000000000000 R14: 00007f8bd8bb5fa0 R15: 00007fff8992dfe8 [ 55.205266][ T6143] [ 55.206288][ T6143] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 55.208572][ T6143] CPU: 0 UID: 0 PID: 6143 Comm: syz.2.42 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full) [ 55.212219][ T6143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 55.215637][ T6143] Call Trace: [ 55.216781][ T6143] [ 55.217727][ T6143] dump_stack_lvl+0x3d/0x1f0 [ 55.219218][ T6143] panic+0x71c/0x800 [ 55.220471][ T6143] ? __pfx_panic+0x10/0x10 [ 55.221909][ T6143] ? show_trace_log_lvl+0x29b/0x3e0 [ 55.223608][ T6143] ? __alloc_frozen_pages_noprof+0x30b/0x23f0 [ 55.225523][ T6143] check_panic_on_warn+0xab/0xb0 [ 55.227100][ T6143] __warn+0xf6/0x3c0 [ 55.228345][ T6143] ? __alloc_frozen_pages_noprof+0x30b/0x23f0 [ 55.230240][ T6143] report_bug+0x3c3/0x580 [ 55.231624][ T6143] ? __alloc_frozen_pages_noprof+0x30b/0x23f0 [ 55.233579][ T6143] handle_bug+0x184/0x210 [ 55.234985][ T6143] exc_invalid_op+0x17/0x50 [ 55.236422][ T6143] asm_exc_invalid_op+0x1a/0x20 [ 55.237950][ T6143] RIP: 0010:__alloc_frozen_pages_noprof+0x30b/0x23f0 [ 55.240045][ T6143] Code: f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 83 fe 0a 0f 86 0a fe ff ff 80 3d 83 6d 7a 0e 00 75 0b c6 05 7a 6d 7a 0e 01 90 <0f> 0b 90 45 31 f6 eb 81 4d 85 f6 74 22 44 89 fa 89 ee 4c 89 f7 e8 [ 55.246000][ T6143] RSP: 0018:ffffc900056678d8 EFLAGS: 00010246 [ 55.247920][ T6143] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 55.250373][ T6143] RDX: 0000000000000000 RSI: 000000000000002a RDI: 0000000000040d40 [ 55.252869][ T6143] RBP: 0020000000078000 R08: 0000000000000007 R09: 0000000000000000 [ 55.255434][ T6143] R10: 0020000000078000 R11: 0000000000000001 R12: 000000000000002a [ 55.257874][ T6143] R13: 1ffff92000accf30 R14: 0020000000078000 R15: 000000000000002a [ 55.260356][ T6143] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 55.262355][ T6143] ? kasan_quarantine_put+0x10a/0x240 [ 55.264105][ T6143] ? lockdep_hardirqs_on+0x7c/0x110 [ 55.265751][ T6143] ? kfree+0x2b4/0x4d0 [ 55.267061][ T6143] ? p9_client_clunk+0x12a/0x170 [ 55.268638][ T6143] ? p9_client_clunk+0x12f/0x170 [ 55.270204][ T6143] ? v9fs_fid_get_acl+0x7a/0x120 [ 55.271782][ T6143] __alloc_pages_noprof+0xb/0x1b0 [ 55.273479][ T6143] ___kmalloc_large_node+0x84/0x1e0 [ 55.275584][ T6143] ? v9fs_fid_get_acl+0x7a/0x120 [ 55.277142][ T6143] __kmalloc_large_node_noprof+0x1c/0x70 [ 55.278916][ T6143] __kmalloc_noprof.cold+0xc/0x61 [ 55.280499][ T6143] ? __pfx_iget5_locked+0x10/0x10 [ 55.282089][ T6143] ? v9fs_cache_inode_get_cookie+0x28f/0x3a0 [ 55.284007][ T6143] v9fs_fid_get_acl+0x7a/0x120 [ 55.285516][ T6143] v9fs_get_acl+0xee/0x530 [ 55.286939][ T6143] v9fs_inode_from_fid_dotl+0x264/0x2f0 [ 55.288678][ T6143] v9fs_mount+0x4fd/0xa30 [ 55.290044][ T6143] ? __pfx_v9fs_mount+0x10/0x10 [ 55.291595][ T6143] ? cap_capable+0xb3/0x250 [ 55.293044][ T6143] ? __pfx_v9fs_mount+0x10/0x10 [ 55.294618][ T6143] legacy_get_tree+0x10c/0x220 [ 55.296153][ T6143] vfs_get_tree+0x8b/0x340 [ 55.297561][ T6143] path_mount+0x1414/0x2020 [ 55.299026][ T6143] ? kmem_cache_free+0x2d1/0x4d0 [ 55.300585][ T6143] ? __pfx_path_mount+0x10/0x10 [ 55.302137][ T6143] ? putname+0x154/0x1a0 [ 55.303515][ T6143] __x64_sys_mount+0x28d/0x310 [ 55.305125][ T6143] ? __pfx___x64_sys_mount+0x10/0x10 [ 55.306800][ T6143] do_syscall_64+0xcd/0x4c0 [ 55.308266][ T6143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.310117][ T6143] RIP: 0033:0x7f8bd898e929 [ 55.311547][ T6143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.317527][ T6143] RSP: 002b:00007f8bd9809038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 55.320149][ T6143] RAX: ffffffffffffffda RBX: 00007f8bd8bb5fa0 RCX: 00007f8bd898e929 [ 55.322615][ T6143] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000 [ 55.325111][ T6143] RBP: 00007f8bd8a10b39 R08: 0000200000000580 R09: 0000000000000000 [ 55.327584][ T6143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 55.330042][ T6143] R13: 0000000000000000 R14: 00007f8bd8bb5fa0 R15: 00007fff8992dfe8 [ 55.332548][ T6143] [ 55.334265][ T6143] Kernel Offset: disabled [ 55.335651][ T6143] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:58:11 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff855ba310 RDI=ffffffff9b0893a0 RBP=ffffffff9b089360 RSP=ffffc90005667198 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000060 R14=fffffbfff36112c6 R15=dffffc0000000000 RIP=ffffffff855ba337 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f8bd98096c0 ffffffff 00c00000 GS =0000 ffff8880d6753000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b2ea1fffc CR3=00000000365bf000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8992e370 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000000a4ecb RBX=0000000000000001 RCX=ffffffff8b801c19 RDX=0000000000000000 RSI=ffffffff8de19e08 RDI=ffffffff8c157920 RBP=ffffed1003c55488 RSP=ffffc90000177df8 R8 =0000000000000001 R9 =ffffed100d4a6645 R10=ffff88806a53322b R11=0000000000000001 R12=0000000000000001 R13=ffff88801e2aa440 R14=ffffffff90a81450 R15=0000000000000000 RIP=ffffffff8b80077f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6853000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000200000001000 CR3=0000000038239000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555572ff28e3 0000555572ff2640 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555572ff2284 0000555572ff2280 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555572ff65ee 0000555572ff6260 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000152a080280 0308098802050809 8000050010000980 0404014b820fffff ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 78a5b548cfb49ef7 1c08019403200200 0192030002000190 00080007000c0008 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4339614ba5c91890 741a0801b4031e02 0001b20300020001 b003b1b5455ac18f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0401d41000060171 b6281c000200040a 3003019044000200 040a48033515f127 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010cc0801000199a 8004010000040806 060154ec00100000 1000078004060473 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e00072736d2f232f 7570632f7665642f 01ffffffffffffff ffe1080780030fff ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff040410 000008000210007c 10000a014bda0b80 0410100000080006 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0156ea0410000b80 030fffffffffffff 04000401d4100006 0171b6281c000200 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000009ee75 RBX=0000000000000002 RCX=ffffffff8b801c19 RDX=0000000000000000 RSI=ffffffff8de19e08 RDI=ffffffff8c157920 RBP=ffffed1003c55910 RSP=ffffc90000187df8 R8 =0000000000000001 R9 =ffffed100d4c6645 R10=ffff88806a63322b R11=0000000000000001 R12=0000000000000002 R13=ffff88801e2ac880 R14=ffffffff90a81450 R15=0000000000000000 RIP=ffffffff8b80077f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6953000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8bd8ba3018 CR3=00000000365bf000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000001000001 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8a11c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8b84488 00007f8bd8b84480 00007f8bd8b84478 00007f8bd8b84450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd96ed100 00007f8bd8b84440 00007f8bd8b84458 00007f8bd8b844a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8bd8b84498 00007f8bd8b84490 00007f8bd8b84488 00007f8bd8b84480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000052c7b RBX=0000000000000003 RCX=ffffffff8b801c19 RDX=0000000000000000 RSI=ffffffff8de19e08 RDI=ffffffff8c157920 RBP=ffffed1003c58000 RSP=ffffc90000197df8 R8 =0000000000000001 R9 =ffffed100d4e6645 R10=ffff88806a73322b R11=0000000000000001 R12=0000000000000003 R13=ffff88801e2c0000 R14=ffffffff90a81450 R15=0000000000000000 RIP=ffffffff8b80077f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a53000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8bd8a4db82 CR3=000000003b9aa000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160107b ffffffff8160107b ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff8160107b ffffffff8160107b ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8160107b ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ec011b12 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ec011b1f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ec011b19 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ec011b2d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ec011bb3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ec011c91 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ec184488 00007f04ec184480 00007f04ec184478 00007f04ec184450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ecced100 00007f04ec184440 00007f0400040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f04ec184498 00007f04ec184490 00007f04ec184488 00007f04ec184480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000