last executing test programs: 6.987539354s ago: executing program 2 (id=371): r0 = memfd_create(&(0x7f0000000840)='security.seli\x85ux\x00A?6\x19[C\x9c\xfc\x05\x81S\xfb\x7f\xaf]>\xe2tJ\xcd\x0f\xfbf:\xbc\v\x9cjYd\xedZ\xbc\x01\x1d`\xab\xa3b)\xc2\xa6E}OA\v\x11\xc43\xe0\x0f\xc0k\x12[\xc3v\x1bT\xd2\x89\x13\x90\xce\xf5\x86\x12\xfe\xfb\x19\xde\xf66\x8f\x17\xe2n7\x92\xf5@=\xb58\xf0*\xad\xf0\xac\x00\x04\xa1T\x03\xc0\xb0\xce<\x92\xb9C\x97-9\x96o\xa6\xc0\xe4\xf2\x17\xfd\xdb\x17qP\xe1\x90\x1ak~\x8f', 0x10) (async) prctl$PR_SET_SECUREBITS(0x1c, 0x2c) setuid(0xee00) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x30f002, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000480)='system.posix_acl_default\x00', &(0x7f00000004c0)=ANY=[@ANYRES8=r0, @ANYRES32=0x0, @ANYRESHEX=r0], 0x2c, 0x3) (async, rerun: 64) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async, rerun: 64) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000240), 0x12) (async) r4 = syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e", @ANYRESDEC=0x0], 0x0) syz_usb_control_io(r4, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async) r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async) r6 = syz_clone(0x108000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32) r7 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 32) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3d2}}, 0x0) (async) getsockname$packet(r1, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000800)=0x14) sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x501, 0x0, 0x0, {0x0, 0x0, 0x0, r10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r10}]}}}]}, 0x3c}}, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TTL={0x5, 0x4, 0x2}]}}}]}, 0x3c}}, 0x0) (async) setpgid(r6, r6) (async) ioctl$FS_IOC_GETVERSION(r5, 0x80015b18, 0x0) (async) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000440)={@dev, 0x0, 0x2}, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000001c0000000000000000009500000000000000718c6ed47a0595f3ac8b01145ed887c1a5dadd19c1a2c9c42e8880cf88aaa99c3ce0950f6f3a02ed48e7912abad8668f0d50ebc2b7550f651314b549c6635e01916e10e5e4855472c13f9bedddc3128297c3701e8cdff26bc6332cb81c01dfce12a02797e2511aee37d8c7241364c7a22d310421242c98fd8aabaffdc6e1260c31ebddd2d121949dec38f365a432cbbb2ba032a69d19e84a40c637312e0342ba3b4727993330e9af9bc3129801c3bf22d9b19115315b6c6feb8290d5d11c"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r5, {0x1}}, './file0\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='mm_compaction_kcompactd_sleep\x00', r11, 0x0, 0x4}, 0x18) (async, rerun: 32) r12 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) (rerun: 32) ioctl$FS_IOC_GETFSLABEL(r12, 0x400452c8, &(0x7f0000000100)) (async) r13 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x15, 0xd, &(0x7f0000000600)=ANY=[@ANYRES32, @ANYRES8=r2, @ANYRESDEC=r1, @ANYRESHEX=r13, @ANYRES32=r5, @ANYRES32, @ANYBLOB="78715b2d1cf9c2ee7d6a2de4e4cdf7f8b9c99d928c37bf39cb131930844c1357dbcf17631868609e1b7d0281671811f0901fae2466f9adc1e9f9985d3608b9f7e63a91e080b0e7f90254643781f2bb5add4a66d336b40f33e427fac059f151a043dc94ee90f47305294d168e7ca52d5eb8de7e4bca286a9db47a4f", @ANYRESOCT=r1, @ANYRES8=r0, @ANYRES32], &(0x7f00000005c0)='syzkaller\x00', 0xd, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 4.03825892s ago: executing program 0 (id=385): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61123c00000000006113500000000000bf200000000000001500000008ffffffbd03010000000000cf000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0x1) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 3.839066619s ago: executing program 2 (id=386): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) r2 = landlock_create_ruleset(&(0x7f0000000040)={0xd351}, 0x10, 0x0) landlock_restrict_self(r2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0) openat$audio1(0xffffff9c, &(0x7f0000000040), 0xbfaafea3a8346deb, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000380)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file1\x00'}) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002000000000000000000000006001d004e21000008001900", @ANYRES32=r5, @ANYBLOB="5e1eac92559e0e200b427240523ef5afb5725b196de959ed69653818c60ac6daddb28dbb71f74674e88530a711e16275ada4ddb5679018a0909ab10b56a4e749ac240d8af5c9"], 0x2c}, 0x1, 0x0, 0x0, 0x20}, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='./file1/file0\x00', &(0x7f0000000240), 0xa0100a, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@ignoreqv}, {@fscache}, {@uname={'uname', 0x3d, '*/@\\j!'}}, {@loose}, {@cache_loose}], [{@smackfsroot={'smackfsroot', 0x3d, '!.$(>/.+{^&-'}}, {@permit_directio}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@fowner_lt={'fowner<', r5}}, {@context={'context', 0x3d, 'system_u'}}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_clone(0xc285a00, 0x0, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r8}, 0x38) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x6000000, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000000800070001040000080005000000000008000f00f7ffffff08000600040000000800110009000000080002"], 0x5c}}, 0x0) 3.699629675s ago: executing program 0 (id=388): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b0000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)) r4 = dup3(0xffffffffffffffff, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) dup3(r4, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7be17000) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_writev(r5, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) 3.098347842s ago: executing program 0 (id=391): socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$key(0xf, 0x3, 0x2) close(r0) syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000600)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x0, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x8000006, 0x7, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100}, &(0x7f0000000140), &(0x7f00000001c0)) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={0xffffffffffffffff}, 0x111, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f00000002c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7ab2}, {0xa, 0x4e22, 0x200, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x5}, r4, 0x2}}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r9 = openat$cgroup_ro(r8, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0) write$cgroup_int(r9, &(0x7f0000000200)=0x1, 0x12) 2.910094339s ago: executing program 2 (id=392): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x8001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, 0x0, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, 0x0, 0x4000) r4 = syz_clone(0xb00200, 0x0, 0x23, 0x0, 0x0, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r5) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r5, 0x40505412, 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r6 = syz_open_procfs(r4, &(0x7f0000000040)='stat\x00') setreuid(0xee01, 0xee01) sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x0) pread64(r6, &(0x7f0000000140)=""/15, 0xf, 0x4) r7 = syz_io_uring_setup(0x23a, &(0x7f0000000380)={0x0, 0x1ffffe, 0x80, 0x3, 0xf4, 0x0, r5}, &(0x7f0000000100)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$lock(r10, 0x6, &(0x7f0000002000)={0x1, 0x0, 0x0, 0x1}) r11 = socket$nl_route(0x10, 0x3, 0x0) r12 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) sendmsg$nl_route(r11, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="d400000010000d0400"/20, @ANYRES32=r13, @ANYBLOB="0000000000000000b400128009000100766c616e00000000a4000280e56804000380100004800c000100f60914b14f2300000000000000005800edd3324a4ee6fd037172cd3ba0079ceaa3b5ba1b9297165a038c9a408d01af6ab8fe096e2a3531321eeeafb6509d17362e61c0a41def6dfd60e330b060641fd98b2fdf3eae760d8ab18d5d0a2f7c6a6c2289fe03fa97a973e02a"], 0xd4}}, 0x0) fcntl$lock(r10, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x2}) 2.079383829s ago: executing program 0 (id=400): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) r2 = landlock_create_ruleset(&(0x7f0000000040)={0xd351}, 0x10, 0x0) landlock_restrict_self(r2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0) openat$audio1(0xffffff9c, &(0x7f0000000040), 0xbfaafea3a8346deb, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000380)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file1\x00'}) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002000000000000000000000006001d004e21000008001900", @ANYRES32=r5, @ANYBLOB="5e1eac92559e0e200b427240523ef5afb5725b196de959ed69653818c60ac6daddb28dbb71f74674e88530a711e16275ada4ddb5679018a0909ab10b56a4e749ac240d8af5c9"], 0x2c}, 0x1, 0x0, 0x0, 0x20}, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='./file1/file0\x00', &(0x7f0000000240), 0xa0100a, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@ignoreqv}, {@fscache}, {@uname={'uname', 0x3d, '*/@\\j!'}}, {@loose}, {@cache_loose}], [{@smackfsroot={'smackfsroot', 0x3d, '!.$(>/.+{^&-'}}, {@permit_directio}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@fowner_lt={'fowner<', r5}}, {@context={'context', 0x3d, 'system_u'}}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_clone(0xc285a00, 0x0, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r8}, 0x38) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x6000000, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000000800070001040000080005000000000008000f00f7ffffff08000600040000000800110009000000080002"], 0x5c}}, 0x0) 2.07128221s ago: executing program 2 (id=401): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)={0x88, r2, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@void, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}], @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x5}, @NL80211_ATTR_SSID={0xf, 0x34, @random="24213d715ceba9f0199475"}, @key_params=[@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "6243e38daf"}], @key_params=[@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "a318546b48f23a02ee7e40d8fa"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x2}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]]}, 0x88}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x24, r2, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="f7"}]}, 0x24}}, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x800, 0x0, 0x25dfdbfc, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_emit_ethernet(0x7f, &(0x7f0000000300)=ANY=[@ANYBLOB="ffffffffffff00230000000086dd60f2a40000492f00fe880000000000000000000000000001fe8000000000000000000000000000aa342088be0005000054812cbd3b00000800000086dd430588be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000"], 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) ptrace$poke(0x4, 0xffffffffffffffff, &(0x7f0000000280), 0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) times(&(0x7f00000001c0)) socket$nl_xfrm(0x10, 0x3, 0x6) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) ioctl$sock_TIOCINQ(r6, 0x541b, &(0x7f0000000100)) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) r8 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000180)={'wg2\x00', 0x0}) setsockopt$inet_mreqn(r8, 0x0, 0x20, &(0x7f00000001c0)={@multicast1, @dev={0xac, 0x14, 0x14, 0x2e}, r9}, 0xc) 1.529571539s ago: executing program 1 (id=404): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) socket$unix(0x1, 0x1, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x20, r0, 0x1, 0x70bd2d, 0x0, {{}, {@void, @val={0xc, 0x99, {0x2, 0x3c}}}}}, 0x20}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x3a241, 0x0) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0x0, 0xbfff, 0x0, "ec28a144f13d7607"}) (async) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xf, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791000000000000005000095000500"/32], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async) write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b) r4 = gettid() (async, rerun: 64) r5 = epoll_create(0x400) (async, rerun: 64) r6 = eventfd(0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000000)) (async) kcmp$KCMP_EPOLL_TFD(r4, r4, 0x7, r6, 0x0) (async) io_uring_setup(0x41b7, &(0x7f0000000340)={0x0, 0x838c, 0xa4, 0x2, 0xff}) (async) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc) (async) bind$inet6(r7, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0xa500, 0x0) (async) openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81) socket$inet_smc(0x2b, 0x1, 0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r8 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) socket$rxrpc(0x21, 0x2, 0xa) (async) r9 = dup(r8) write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffd2c) (async) socket$alg(0x26, 0x5, 0x0) (async, rerun: 32) r10 = socket$inet6_sctp(0xa, 0x5, 0x84) (rerun: 32) shutdown(r10, 0x0) 1.399993728s ago: executing program 1 (id=405): r0 = socket$alg(0x26, 0x5, 0x0) (async) syz_io_uring_setup(0xd1, 0x0, 0x0, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) (async) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) (async) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, 0x0, 0x0) chdir(&(0x7f0000000480)='./file0\x00') (async) iopl(0x3) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=0x0) timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) mq_timedreceive(0xffffffffffffffff, &(0x7f0000000340)=""/221, 0xdd, 0x0, 0x0) (async) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mkdir(&(0x7f0000000140)='./file\x00', 0x12) (async) mkdir(&(0x7f0000000380)='./file0\x00', 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7) (async) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5) (async) mmap(&(0x7f00009c2000/0x4000)=nil, 0x4000, 0xb635773f06ebbeee, 0x50, 0xffffffffffffffff, 0x0) (async) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) (async) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) (async) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) close(0xffffffffffffffff) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x9, 0x1, 0x6}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.399773627s ago: executing program 1 (id=406): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x6, 0x1, 0x2, 0xfffffffe}, {0x0, 0x1, 0x5, 0x4}]}) bpf$MAP_CREATE(0x0, 0x0, 0x0) ptrace(0x10, r1) ptrace$setsig(0x4203, r1, 0x1000, &(0x7f00000002c0)={0x2d, 0xd5, 0x80}) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="5885d8871443222c6cb902fd5074498847911298940e82e5953645b1c8b169c6805d07f82f156856ea41f199b6913e59100e7b5bf0cc1b2b81ff5aa1fbac7bafb1f8fcf46933969f45a9d352c53035e5afef27250f2d0336a0e5289399885c5d86b6eddf35e001e41777ce8db0b8cc12d47fdf4ee22f4b2f503723c68efe8d5df849c8f32fa0568319f8992a496e21f99d9b7d0a032607b82ad37f736b269e466230f78aaa404e988491f49ea06599af2528e3fef6232c3f4ccccd845d38113ee87b39ddfc1223d001912e390f9da296d8e30cffc6d07bdc0dac27bd212e0fdca946f7949f4dcc7131ceb3fb00c0d147c027fa70ae2bb3edaa76c80c10c046b8d2c9264c504423eed839d55496b387696d89b0c0496515cfe51f887e4791d060a12be08617a9bdc0d0be3496b6ec8739fec25f7d9a381e5f9efa55a96723be11906eaacac9e3942eb7fb32ef8f103f5d10ec1e0838337c4ae30ed5712e23971bd80c667e5c416f3d4a3d9356ad62a91e1653ac3a18dd74bc1dffbd5ae64c0a6d07d2c6100cbfe6cdc500db197a2153b89967b86ff5a940a40dac0c0531b3d962e3f4841a8429e39848cc2e2a5aaaa8a9e925564f3b8258ecdaa13eb98a4a166c47b1257229d9d0cb278f5f767c034e272f79d373f4bd07d974806198bd7d3349adc504054d4963dfad20be2c5e7f2a677e69cdbaae6c4bcf327b21538c30c42a1a5db462d17c7744d1e2f408d093c5c48e596ddacf195eab2496d2fdbfb59d64c5797300453108b2cc363677a13ca72451abb16fdbfe87f594e3fdf6dd089fea7cd13b295e76707772513b6872578053bb8140107bea7a853e88738f8bcbd198e2e973334b5b5fe903e50b25e577acdeadeba4fb8cdf26057490ee5b071728297b1e4bdc4f81345efd0f9873eb25a51a7c832eb7dc28eb68cc1fa2d6c6f6d005b1965b21a28b48854ee0fed235669888520a1a93478760837e7160c7b3b6072e5fd6048c2f3c676f64a82fef72565ceaec270007a2750921034b56ee750a614770f86d03144b4120d10dabab07de77d0e42bcf072b55028eb22d942953fdc58d9875f378fbfc04d061271ac2b825e0ea53fe5caa85fdbcc4109f675140e1d1ad40c83669edf2ea603c52cfe19b624c7547d2783ad1c10e155ef4f358a5b019516a483f50bda76fb8c348dffeb6ae4f5f127642ea5511641aee3a5e4c28b910521de2ce91559fd853be13dc0a4212343e2293aabd99602b45088b6452b7b6d84e0a8d71bba4499ff6c3a927a5478f5127ecda9be6156ee0d25952b80097aa363689274df79b7157a363ff0e32e70654e1f2d09f93541ed62b9423512cf6cc827195b88976d4b7c5abc011c70d2a5cd41e810c111d6aa4f9846f2202163b7dc364bdb2380dc78942ce22de64d00fc9c3fbae296763ac54ef4eccde12dd5ee1415ac5684553310fed4b5ae057eed3fba6afb2efc52ffa54e9de719fe1a40ccf92289c7971868455c9e3547015e4558f090126133b2b27f4cc5ee19eeb8d5eceabf93a4cd8c58334a0bb361c2052d7d01797ba3703eebd0977a234e49b6b2e7bd96abdc7d81366cc5635fde2422edfed7e9eac8abc9daab34bfdea90119cbfe077f9b79693efefa112f77c3f02058f5fda2af9bbfd4cba2b3f33dac19f04ade779cdf92703fa5d85e6532495ba2b5717fef2b8c937c9e215f6952bd78e9afdb89e36ca6503eaefb408da11a04937a4a2ab305c39b41555fbbc3a3baf6dcf2553864f3ccde9609e9f03f6940896ee3be19840e7eb6a1536b3f10fedc4b52bc7e0ce7491094a09eff5da3d2fcab14844f7699465dffc8dda91926cbcbaa80ba5db2a0685b77bf46b62c34d87a08e53fb69b97e4f9c8013fb8e77cc2eaa5e8beeb6d67af99416507668149e6c8c4af26cd69f8f240a53031a86c253e9ca45744f9c5eb00daeaffeeac1d9d9c94fa654900f662d681a715e10229166d565348310b09abe67e3f4a9909514884fba72acfe0b55bfcc2fd064b1fdb770ec6f97a8b6a8b04472390cbaf429e4027cb9bf56b2fd468c443b11580cc1a0d48d82e1e3e5676a1bd4865b8d68ba69b5a808e2d1ad31f6c1c975229c4b1afa116676f301ed7cf0b5bdcef5585ff4f280e36254b45e767a722ad8b4fecf7f725c494d082d987218216735e305868d56550efcf69d311bc1c145309d9f28c5216e6181f7a714c768fe4def56d0459f3c537e84c8d36879f9ac1397d4e69865e633708ab6cad1bfcd773188a9489d3d5c99ab937b6e54b1b284a360f7c3a466b7e07d7f6aa8d3ae3165f86a5d841208d11d3341b9186ff64b109fd2ddaa52d4a04b78aaf3b323223702a6d9a0f6b4d906e5d7eb4989121ab2c1d2a30f1b9e5cf3f5263b47d07ba905900ba4f5549951b9ed8d0dc16e79cd406a7c7627c9c46ccc18e71725eed18c6704531d4e782562f79eb7d0b1c0d1630616a691230540b4b75346baa4a1b1242bad575d64113e5e127650687b8260c8a6e971ba1baf849e28cc418366029bd844739a2dd21184b5d296f204785f459764d0eb9ffec51b7c22812c9d96f355d0528c26491b8c54309f330eaab89b49bff7c5380104accc01d97803eb53ee26eec9367afcf872859b5b7b3b0679f2ab6affb4629b9de0fb8e4c4a5e61be424e2326438dee6ae6b87ea4e6ab2ec7ae9f3d429644f4f83816a5758ed8dc4c5ef49afdd1c81bc6490c162228eb06feef1cdca1879e26ed9b852ba6358f35763840e894ab56e9f38684b2fa6082702db4a61a39299b5fa80fda5ba4a2b8d281110bd77e4d182c75128b9d4595678e6bb5fd37b9d01ec57b5f9bb7c9cd03eb53c2716b226dfa9b3bb39a553c070db866a2ad06e3f7dd28c1160ff5cffee6e711312b100d19237d750fd968a1a48600d919ffe26589afab86ded3258a5f19d3e85ec7afb33957462c67808431cb890f6e43254c911c0149e567a74e4105a901aba6173a75b4942e5963a1be81bddb57a0b265a061f30e2efbc7f1f7f8a5c843331164c38b67ea46a1236d51e45b4755fef05e10e46c742b8e92abdaed0568a2d6dc75083c8f859bc53dd853f9f312a1afb4d8ed4610699d015faef34992b2a2d1d0aee954d20f486e8bd9e1c551c80ba3caeaf26d380b4dad98ec3b9377dfec190162d77f3294f8e4ba18ab79d8e371ebf10757e81d1ff6d6c8e62ce8bd405b418fd835395fa9bebc2f38a19ca0b84d7566dc232df51109b6d9108e4a62425588e14cb297ef9cd27c5a67c8e35c0ba8568bff6b7b8a904a47397ca58188bcabefaaa567e7b8a6fd24ac40cbc3412fca94b9c2cec659cb7b4c6d1b37d877852eb01f6850fae979665b24c5b9c5916e25840b6ebe24e66fafdddd02ca8bc24042593c8aa914fb21e1407f7dc48eebaa40a378a8c9947706e80bbda090d310f8de4854c0b09d0ab590b8e2c24b0dfbb0203d209c6cce75908a48913eb2cbfcdf668fd6a3a123c00d610f86fb096e84982b957c3aad9eb66ead286a19262c23b3874df2ed1136fb267534651790223fa6a79bb93ea56ec4268c31fa608d3952b52fcfdf8b0429b038e53fe3de0854d4c43e4b5e6c79bcd885975a415bdfd62cd52f85b64f70ce83de048f3a8b0befccd370092ffc86dc324e44e256b60c6a9c2f8db962627db894b6055cd2d7c13be9172861ede25e37057e225cbf630998c62d838c0524e43cc0f4062fe7c2573fe630ecd05e264c48d7113b7c6a1994b8ab798057af1c7cd84763e4bfb746a36f11c31a5b591fef32c4a7a8bf14a40723a7be929f6a285c03ebbd33508c41d25c5d1f66216ea152cc9f549af75f310451b6fc5bc6555a112162a3eaeee94fc070a7548018f477049532ef0829017ef4af36c8cc3df940c61488fd0fd095bbfe817378b177ab03d17dab26b408e04004968ae17c8410c17b35f460ebca0a4d59804cf365e4a7cdd114924d3945edd6289a0777960ff948c04ccc20f422332320309f3779f96fa8bca9dad18b9c7c761f82cfb9ec716c077cb8712b32fffa0130e54e0d1a7ec0ba4b9bd88a8dcd43febf7f7b4558b73a221bbde1c43a52956000aa5113a2e9682952da4dc9abdf3f760dba813bb8ce1d11bd3be4aa8d96e432fdf1c453d00b561a97066891ab1e3b5dc72b2bbdb3c501c006a8d9c1cb5500e067495371524b6139eeb5ce670aa16cc31a4ae18bd0858abf9b3c4506afbfbc19f696c0db806735147ef7901181c8f0b3da83b1e9adbca39d8c00b7133088a6c50cdf59776b45e6c2d53d1b7109cc71268e0f7a52c106385ca0dc323bdf97cb2b4dff46ab1f9c207d90f0c57ea87d08bd195560b2823b8749f09222f45dc040f745ad33320c1249a7e677ba79495e3c5a4f43e326856ce780dfb7cf5005f1b40d995e297654a6b0117641defe5d2c5f873b829a7eddfa09c5e3fbd3bec970ac4b539444ba90b623b4dff443791f7cad74372d8080995839d9f8d5b85259e66b4a65d98ef145e8caa3eef089298ce34df09d9920510d326ed4d32bbc6eee7ef5fd98b042531fa0a75ff70c26fb1e8ab80a782e77d7fe58704675aeaad596f163c403007ace5b2facd607734d818219d951d2a10f40323084b2edc65b75d1380e9322ec47cb4407dc93d050a760d3442caee9b49deb17d66d42c6c1fb4fc2950e4382ec2fe0732fa78a284030cd323ec8cf7d03fca27275f7329ef294b06d91ccc92dc0a9e0cb76b28bdf23812a1d5f3f34a67c75ff7005530fbc6f74ca4adf1a3adbc3bc959d3170b9fd8ade8458e531b8a32440a5fa64682b466aa1cac8677ab9088775ff6284c7dbda76490d03b647d4e65a0bdaca89fee300ab14379b529fcda5d665fa790801f582d2a744eed55d8bcd34927b63b1ef475b5f1cbb2886e57dd5eba73bd0cdecb970abb5493b317db57d14f59b0b59c3c31dd9d1614db4eab9b4ca4219c16781c220c37856b4d568707f843b339c79406a11ec1ddb17674bd64396f5e04c894b1bb8555807930d95d6bf4eaafa9145c7e33baa1172b5d42494f83d25f037780f5bf8942805f02e58298d6477ff66feee42c76e46df8cef58be663ddf7d0aa78a76292f0415785e45a74cdeaa579d6e143e8b9636b2b3c4254c1300f3e04557c8284dd8e17d97bb05a94956157d9bd68d109530c6bd1b24117fb8e9cf60421be2f81c0ce94947d124940f693af83be9ceb76dfc6ba7ce43ad8c821a8d17ed1331e55aba255e96d8adef1189fceb666189e0ac5223ac36a2e2f6e9f6abe62113c366883a5d79e8880e210070698435d992d0b5436a7fbae87dd049c2cf86522e0da2b76052f0defb2822e7344adb72fa407a98d915d13c2020cd4a0d76811b661c2e5a9a15a9bf6458e87063e80212bb5e1f4775c44685890a2e8702a2c99b38a5bfef62a530fd6ede9dc36f142449a7be850aa369bef753f35c290732d32f13d4f6b514efc9f965412a60757e12ad8e59773c85a5d54d87f2689493aaee5f7901e58e33f60af6df720f00b1ec0ab7b2998ee94827a412a6fe8795783789ad4360b551c6fdf8fce4f38e83b58c41d53a4d81eab0bc56db149a5255b94a056eed75addbef2789060e785408f81afd1d4123ed55ce856f3db01388b3cd1e9a1cd61a876b8bd77b91685b861b2a9ca54b893f0ad0290526e1624117a87670cc09fcb46d47ff516d3501bd642b549d990f51120e4dcc98ee427dc8cef84c2ec4e474efc34c3f1e04a79aabed01dd89da320bad788e77563e2fa4e22ed4179eb8d0ff75cecafdbfff78023e88437d9ead235efcc299c0c4", 0x1000) dup(r0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) r4 = fsopen(&(0x7f0000000000)='exfat\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r2, 0x1, 0x0, &(0x7f0000001500)='\x00\x00!\x00\x00t\x11\x1d\xb0\xeb\xb0\x87\x0f\xbf3.cd_^\x84\x0ed>\xe3y;\xf4\x84\x019}4\xb4~\x9b\xd8\x91\x8e\xb0\x15%\"\x8fW\x99L\xd6\x93\x16cq\x1f\xd4\x8a\x93\x86\xa8I\x94\x15_\xa9\xc9\xf8\xcb\xf4\xb3\x8b\xe8\xcb\x14Eq;\xd0\xb0\xfa\xf4\t)\"\nO\x84\xccOSJ\x8e_\x7fGN\x85\xdd\t\xdc\x8bJ\x87RY\xe7U\xe2fq\xbbj\xe9\xc7\aBz\xea\xc0\x02+\xb3\xba\x801\xbd\'1\xb1\x06#G\x93\xaf\xdc\xdb \x0e*\x86M\x19\xf0\x9el\xd4\xf9M\x9f\xd5\xba\xe5}\xa4j\a[\x1e\v\x90w\x17\x95j\xad\r\xbe\xec\xf79y\x87\x9c\tvJ8Xy\xa5\xd8\x1c1\xea\xdd}x8{\xce\xa0\xc6\xdcD\xd0+N\xe5[T\x8eu\x8adTs\x84\x9f\xbd{\x18\x9cn\x89D\x8e\xd7u\xb4&s\x05\x18\x98\xc2\x92\x18\xf5\xf7\xf0\x99\xf7\xac\xe2\x86\x1da\t\x18lC\x9d\x8e\xda\xc3\xe65 \xdf}xt\xdd\x9dC<\xf3\\\x00\x94h\xc6\t,\xd9\x9c\xa7\xfd4>\xc2qz\xb9\xcb\x7f]\xe1\xe1~\xb1\xf1\x91\xef\x19]\xad\x13H\x9f\x99\xad\xa98\x9f`(\x98\xc0\x8b\xe7\xbd\x91!\x1a\x9a\xf5\x80J\xcd7\x01\r\xd3=W\xe5\x04\xd2\x80z\t\x8f\xad\x9aO\xfc\x884\xf1o\xe7!Q\x16\xf8n\x9eY\xf6&\xad5F\xdeY\x11\xa4\xc5\xa1\x18\xd1*_P\xd5g\xa9\xd0\f\x14\xe8]\xfe\x8f\x00'/378, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xe) setsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, 0x8) bind$alg(r2, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(rfc4309(morus640-generic))\x00'}, 0x58) socket$kcm(0x10, 0x400000002, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) pipe2$watch_queue(&(0x7f0000000080), 0x80) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r5, 0x0, 0x0, 0x0, 0x0) 1.300223679s ago: executing program 1 (id=407): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000040)=@v={0x93, 0x0, 0x90, 0x0, @generic}) r1 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r1, &(0x7f0000000000), 0x10) setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f00000000c0)=0x3, 0x4) setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f0000000080), 0x4) r2 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x4) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r3, 0x1, 0x45, &(0x7f0000000040)=0x1, 0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000200010000000000666700009b00000000000010e36dd307b7ef88ba2db24808"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000001440)='contention_end\x00', r4}, 0x10) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="0432456b910d5409ffd4f3ffffffffffff2edf0d8957592267ca5a00b97503dbd283094c441d0f0d00f2f921c6ce2dccc67ba5c96c35122d54de1585e62ce1ec526f4ace1a44810611c8994c4e4bae6499e59cea0422d34ce62e368818065cbe068908f527d9040b69b0debbda9f80191c18500574638589e9139d33e3208281"], 0xc) fdatasync(r2) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) 1.249952429s ago: executing program 1 (id=408): r0 = socket$packet(0x11, 0x3, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) (async) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) (async) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f00000002c0)={'syzkaller0\x00', @broadcast}) (async) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'}) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4) (async) r7 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYRES16=r5, @ANYRES32=r8, @ANYRES16=r6], 0x34}}, 0x40040) (async) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setgid(0x0) (async) ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002301020007006000000002000020d3"]) (async) capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)) (async) shutdown(0xffffffffffffffff, 0x0) (async) close_range(r10, 0xffffffffffffffff, 0x0) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x2, 0xe, &(0x7f0000000f00)=ANY=[@ANYRESOCT=r7], &(0x7f0000000340)='syzkaller\x00', 0xa6abcc15, 0x0, 0x0, 0x0, 0x4, '\x00', r8, @fallback=0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0xffffffffffffffff) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r11, 0x18000000000002a0, 0xe80, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0003000000700008877fbac0c1416e000030a89079f03b18000440c0511e0845013f2325f000708050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xfffffffe}, 0x2c) 1.165329968s ago: executing program 2 (id=410): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27, 0x0, 0x3}, 0x58) mkdir(&(0x7f0000000100)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r3, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r2}, './file0\x00'}) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00101}]}) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) ioctl$BTRFS_IOC_SNAP_CREATE(r4, 0x50002103, 0x0) 1.095258828s ago: executing program 0 (id=411): prctl$PR_GET_NAME(0x10, &(0x7f00000024c0)=""/124) socketpair(0x9, 0x20000000000001, 0x1000, &(0x7f0000000100)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000012c0), 0x10000, &(0x7f0000001500)=ANY=[@ANYBLOB='f`=', @ANYRESHEX, @ANYRES32=r1, @ANYRESDEC=0x0, @ANYBLOB="2cf7ffff3d0000000000", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) read$FUSE(r2, &(0x7f00000029c0)={0x2020}, 0x2072) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$getregset(0x4205, r3, 0x201, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00') read$FUSE(r4, &(0x7f0000000980)={0x2020}, 0x2020) r5 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) socket(0x10, 0x400000000080803, 0x0) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) r8 = openat$cgroup_devices(r7, &(0x7f0000000080)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r8, &(0x7f0000000000)={'a', ' *:* ', 'w\x00'}, 0x8) r9 = openat$cgroup_devices(r7, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r9, &(0x7f00000000c0)={'c', ' *:* ', 'rwm\x00'}, 0xa) write$cgroup_devices(r9, &(0x7f0000000200)={'c', ' *:* ', 'rwm\x00'}, 0xa) mkdir(&(0x7f0000001200)='./control\x00', 0x0) chmod(&(0x7f0000000940)='./control\x00', 0x9c32f69e6caa24ef) lchown(&(0x7f0000000000)='./control\x00', 0x0, 0xee00) open(&(0x7f0000000080)='./control\x00', 0x551a01, 0x408) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x3000001, 0x12, r5, 0x0) 1.095061164s ago: executing program 3 (id=412): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181c0000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100030000009500000000000000bf71000000000000b7020000000000008500000000000000b70000000000ae0095"], &(0x7f0000000200)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.028642639s ago: executing program 3 (id=413): creat(&(0x7f0000000300)='./file1\x00', 0x1b2) mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='efs\x00', 0x9, 0x0) 908.358422ms ago: executing program 3 (id=414): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0) write$binfmt_aout(r0, &(0x7f0000000380)=ANY=[], 0xff2e) (async) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "a05c7b5d00008023e9c5bcf5ff7700"}) (async) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x15) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) (async) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000340)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x3, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="070000000400000008"], 0x48) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) (async) syz_usb_connect(0x2, 0x46, &(0x7f0000003900)={{0x12, 0x1, 0x110, 0xed, 0x9c, 0x8, 0x8, 0xace, 0x1611, 0xc463, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x34, 0x1, 0x0, 0x6, 0x40, 0x4, [{{0x9, 0x4, 0xf1, 0x2, 0x3, 0x16, 0x31, 0xd0, 0x5, [], [{{0x9, 0x5, 0x5, 0x0, 0x20, 0x7, 0x7, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x180, 0x6, 0x4}]}}, {{0x9, 0x5, 0x4, 0x0, 0x40, 0xf2, 0x8, 0x4}}, {{0x9, 0x5, 0x1, 0x2, 0x8, 0xf9, 0x7f, 0x1}}]}}]}}]}}, 0x0) r6 = epoll_create1(0x80000) (async) r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f00000002c0)={0x20000000}) (async) write$FUSE_NOTIFY_RESEND(r7, &(0x7f0000000300)={0x14}, 0x14) (async) getsockopt$inet6_mtu(r5, 0x29, 0x17, 0x0, &(0x7f0000000200)) (async) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="01000000", @ANYRES16=0x0, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=0x0, @ANYBLOB="080005000b000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x24, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x24}}, 0x0) 857.78248ms ago: executing program 3 (id=415): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xab3, 0x2d0142) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000240)=0xffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x4, 0xffffffffffffffff, r0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x810, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x0, 0x40000) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000200)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000280)={@local}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r4, 0x7a9, &(0x7f0000000180)={{@any, 0xffffffff}, 0x0, 0x1, 0x0, 0x0, 0xffffffff, 0x800, 0x6, 0x2000020000005}) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) socket$inet6_sctp(0xa, 0x5, 0x84) mkdir(&(0x7f0000000080)='./bus\x00', 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000080)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') chown(&(0x7f0000000280)='./file0\x00', 0x0, 0xffffffffffffffff) symlink(&(0x7f0000000380)='./file1\x00', &(0x7f0000000780)='./bus\x00') 699.984712ms ago: executing program 3 (id=416): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x84, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x64, 0x37, 0x0, 0x1, @bond={{0x9}, {0x54, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_ACTOR_SYSTEM={0x8, 0x1a, @local}, @IFLA_BOND_AD_ACTOR_SYSTEM={0x8, 0x1a, @remote}, @IFLA_BOND_AD_LACP_RATE={0x5}, @IFLA_BOND_PRIMARY_RESELECT={0x5, 0xc, 0x1}, @IFLA_BOND_ARP_IP_TARGET={0x28, 0x8, 0x0, 0x1, [@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, @loopback, @multicast1, @rand_addr=0x64010101, @broadcast, @loopback, @multicast1, @empty]}, @IFLA_BOND_MIIMON={0x8, 0x3, 0x8}]}}}]}, 0x84}}, 0x0) 220.008649ms ago: executing program 2 (id=417): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_usbip_server_init(0x3) write$usbip_server(r1, &(0x7f0000000080)=@ret_unlink={{0x4, 0x5, 0x0, 0x0, 0x3}, {0x5}}, 0x30) sendmsg$nl_route_sched(r0, &(0x7f0000005000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b80)=@newtaction={0x12c, 0x30, 0xeaa3ef926154e70d, 0x0, 0x0, {}, [{0x118, 0x1, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_sample={0xc8, 0x2, 0x0, 0x0, {{0xb}, {0x7c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x3, 0xd, 0x10000000, 0x0, 0x3}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x100008, 0x4d82, 0xffffffffffffffff, 0x7ff, 0x4}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xfff, 0x88, 0x6, 0x3, 0x1}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffffffff}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x8}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x5}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x9, 0x9e07, 0x5, 0x3, 0x9}}]}, {0x22, 0x6, "b993a266d04d68c578a189161d7b3605ae1ad871dbd78a555343b82aff5a"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x12c}}, 0x0) 91.976938ms ago: executing program 0 (id=418): ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @sliced={0x983, [0x1, 0xe, 0x5, 0x10, 0xfffe, 0x3, 0x4, 0x3, 0xf, 0xa7d, 0x77, 0x5, 0xfffb, 0x6, 0xfffc, 0x22, 0x0, 0x8, 0xfff7, 0xf9f, 0x6, 0x3, 0x0, 0x1, 0x1, 0x4, 0x1, 0x0, 0x81, 0x1, 0x1, 0x343b, 0x3, 0x7, 0x40, 0x6, 0xf, 0xb400, 0x8000, 0xfa81, 0x5, 0x4f, 0x6, 0xff, 0x5, 0x191, 0x8e, 0x800], 0xffffff80}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)) r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r3, 0xab00, r4) r5 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0) ioctl$NBD_SET_FLAGS(r5, 0xab0a, 0x1000001000104) r6 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x200) ioctl$NBD_SET_SOCK(r6, 0xab00, r4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r6, 0xab00, r7) ioctl$NBD_DO_IT(r5, 0xab03) ioctl$NBD_CLEAR_SOCK(r5, 0xab04) syz_usbip_server_init(0x4) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000015000200071b1700bd030100000000009500000000000000bc26080000000000bf67000000000000070300000fff0700670200000300000016060a000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) unshare(0x20020680) 91.043393ms ago: executing program 3 (id=419): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) r2 = landlock_create_ruleset(&(0x7f0000000040)={0xd351}, 0x10, 0x0) landlock_restrict_self(r2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0) openat$audio1(0xffffff9c, &(0x7f0000000040), 0xbfaafea3a8346deb, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000380)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file1\x00'}) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c0000001a000100000000000000000002000000000000000000000006001d004e21000008001900", @ANYRES32=r5, @ANYBLOB="5e1eac92559e0e200b427240523ef5afb5725b196de959ed69653818c60ac6daddb28dbb71f74674e88530a711e16275ada4ddb5679018a0909ab10b56a4e749ac240d8af5c9"], 0x2c}, 0x1, 0x0, 0x0, 0x20}, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='./file1/file0\x00', &(0x7f0000000240), 0xa0100a, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@ignoreqv}, {@fscache}, {@uname={'uname', 0x3d, '*/@\\j!'}}, {@loose}, {@cache_loose}], [{@smackfsroot={'smackfsroot', 0x3d, '!.$(>/.+{^&-'}}, {@permit_directio}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@fowner_lt={'fowner<', r5}}, {@context={'context', 0x3d, 'system_u'}}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_clone(0xc285a00, 0x0, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r8}, 0x38) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x6000000, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000000800070001040000080005000000000008000f00f7ffffff08000600040000000800110009000000080002"], 0x5c}}, 0x0) 0s ago: executing program 1 (id=420): r0 = openat$binfmt(0xffffff9c, 0x0, 0x41, 0x1ff) write$binfmt_script(r0, &(0x7f0000000100)={'#! ', './cgroup/../file0', [{0x20, 'tasks\x00'}, {0x20, 'tasks\x00'}, {0x20, '^+-]'}, {0x20, 'tasks\x00'}, {}, {0x20, 'tasks\x00'}], 0xa, "7ba239b6611a209cb2a5f5b603c2c2bbfc3f1e188a1bac7e51c5d38ec39a94e125869a976cfb1e8494b9a3b6522d7eb72e8fbb55911164a3a627"}, 0x71) (async, rerun: 64) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x109) (async, rerun: 64) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='tasks\x00', 0x2, 0x0) (async, rerun: 32) rmdir(&(0x7f00000000c0)='./cgroup/../file0\x00') (rerun: 32) r3 = socket$inet6(0xa, 0x2, 0x3a) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x8, @local, 0xffffeffb}, 0x1c) ppoll(&(0x7f0000000080)=[{r2}], 0x1, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:17528' (ED25519) to the list of known hosts. [ 34.485814][ T5864] cgroup: Unknown subsys name 'net' [ 34.641995][ T5864] cgroup: Unknown subsys name 'cpuset' [ 34.646258][ T5864] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 35.402745][ T5864] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 37.980255][ T5940] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 37.986595][ T5954] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 37.989081][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 37.992268][ T5954] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 37.994897][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 37.997522][ T5954] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 38.000115][ T5954] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 38.001242][ T5950] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 38.002441][ T5954] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 38.005528][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 38.006702][ T5954] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 38.009350][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 38.010535][ T5951] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 38.011115][ T5951] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 38.012138][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 38.013211][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 38.015242][ T5950] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 38.015293][ T5954] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 38.015702][ T5947] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 38.015921][ T5947] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 38.017227][ T5298] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 38.021960][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 38.023872][ T5298] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 38.036876][ T5298] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 38.219370][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 38.284951][ T5952] chnl_net:caif_netlink_parms(): no params data found [ 38.353714][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.356736][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.361826][ T5946] bridge_slave_0: entered allmulticast mode [ 38.364208][ T5946] bridge_slave_0: entered promiscuous mode [ 38.367695][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.370221][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.372211][ T5946] bridge_slave_1: entered allmulticast mode [ 38.374328][ T5946] bridge_slave_1: entered promiscuous mode [ 38.442604][ T5939] chnl_net:caif_netlink_parms(): no params data found [ 38.450260][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.452688][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.454580][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.456456][ T5952] bridge_slave_0: entered allmulticast mode [ 38.459227][ T5952] bridge_slave_0: entered promiscuous mode [ 38.465454][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.467241][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.470909][ T5952] bridge_slave_1: entered allmulticast mode [ 38.473527][ T5952] bridge_slave_1: entered promiscuous mode [ 38.476187][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 38.481463][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.559231][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.565783][ T5946] team0: Port device team_slave_0 added [ 38.569878][ T5946] team0: Port device team_slave_1 added [ 38.599985][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.639326][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.641824][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.644373][ T5939] bridge_slave_0: entered allmulticast mode [ 38.647092][ T5939] bridge_slave_0: entered promiscuous mode [ 38.668048][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.669911][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.676677][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.698074][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.700021][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.702033][ T5939] bridge_slave_1: entered allmulticast mode [ 38.704962][ T5939] bridge_slave_1: entered promiscuous mode [ 38.715288][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.717086][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.725057][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.734457][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.736809][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.739460][ T5942] bridge_slave_0: entered allmulticast mode [ 38.742005][ T5942] bridge_slave_0: entered promiscuous mode [ 38.773066][ T5952] team0: Port device team_slave_0 added [ 38.776100][ T5952] team0: Port device team_slave_1 added [ 38.787762][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.790489][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.793074][ T5942] bridge_slave_1: entered allmulticast mode [ 38.796068][ T5942] bridge_slave_1: entered promiscuous mode [ 38.813882][ T5939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.859175][ T5939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.863932][ T5946] hsr_slave_0: entered promiscuous mode [ 38.865992][ T5946] hsr_slave_1: entered promiscuous mode [ 38.868987][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.870893][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.877909][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.882629][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.905483][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.907310][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.914995][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.921441][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.935420][ T5939] team0: Port device team_slave_0 added [ 38.942139][ T5939] team0: Port device team_slave_1 added [ 38.964283][ T5942] team0: Port device team_slave_0 added [ 38.967485][ T5942] team0: Port device team_slave_1 added [ 39.026209][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.028945][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.037586][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.042434][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.044914][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.053583][ T5939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.071558][ T5952] hsr_slave_0: entered promiscuous mode [ 39.073462][ T5952] hsr_slave_1: entered promiscuous mode [ 39.075261][ T5952] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.077344][ T5952] Cannot create hsr debugfs directory [ 39.079980][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.082212][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.091202][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.095568][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.097386][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.105807][ T5939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.209711][ T5939] hsr_slave_0: entered promiscuous mode [ 39.212584][ T5939] hsr_slave_1: entered promiscuous mode [ 39.214610][ T5939] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.216536][ T5939] Cannot create hsr debugfs directory [ 39.226956][ T5942] hsr_slave_0: entered promiscuous mode [ 39.230004][ T5942] hsr_slave_1: entered promiscuous mode [ 39.231773][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.233730][ T5942] Cannot create hsr debugfs directory [ 39.348571][ T5946] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 39.367098][ T5946] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 39.373693][ T5946] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 39.379532][ T5946] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 39.489109][ T5952] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 39.493817][ T5952] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 39.499156][ T5952] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 39.503774][ T5952] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.524303][ T5942] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 39.533463][ T5942] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 39.537213][ T5942] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 39.545943][ T5942] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 39.554514][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.576599][ T5939] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 39.585238][ T5939] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 39.589601][ T5939] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 39.594208][ T5939] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 39.598916][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.617145][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.619137][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.633165][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.635027][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.658717][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.695688][ T5952] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.704827][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.712816][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.714683][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.721492][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.723335][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.729734][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.742738][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.745152][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.750919][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.753293][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.775281][ T5952] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 39.778203][ T5952] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.787177][ T5939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.799072][ T5939] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.809653][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.812013][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.816736][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.819276][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.835151][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.864495][ T5946] veth0_vlan: entered promiscuous mode [ 39.881118][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.883800][ T5946] veth1_vlan: entered promiscuous mode [ 39.899729][ T5946] veth0_macvtap: entered promiscuous mode [ 39.904386][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.909987][ T5946] veth1_macvtap: entered promiscuous mode [ 39.929623][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.933129][ T5952] veth0_vlan: entered promiscuous mode [ 39.939637][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.946357][ T5939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.949954][ T5942] veth0_vlan: entered promiscuous mode [ 39.953185][ T5946] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.955497][ T5946] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.957622][ T5946] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.960466][ T5946] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.967408][ T5952] veth1_vlan: entered promiscuous mode [ 39.974292][ T5942] veth1_vlan: entered promiscuous mode [ 39.997255][ T5952] veth0_macvtap: entered promiscuous mode [ 40.001060][ T5952] veth1_macvtap: entered promiscuous mode [ 40.026179][ T5939] veth0_vlan: entered promiscuous mode [ 40.031971][ T5942] veth0_macvtap: entered promiscuous mode [ 40.036098][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.040300][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.043281][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.046791][ T5939] veth1_vlan: entered promiscuous mode [ 40.047634][ T165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.049634][ T5298] Bluetooth: hci3: command tx timeout [ 40.049642][ T65] Bluetooth: hci1: command tx timeout [ 40.049912][ T65] Bluetooth: hci2: command tx timeout [ 40.051084][ T165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.055529][ T5942] veth1_macvtap: entered promiscuous mode [ 40.061871][ T5952] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.065254][ T5952] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.069992][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.081956][ T5952] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.084733][ T5952] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.087667][ T5952] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.090945][ T5952] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.096439][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.097442][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.102291][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.104783][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.105254][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.107503][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.108421][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.115824][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.118913][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.121608][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.124282][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.127291][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.129103][ T5298] Bluetooth: hci0: command tx timeout [ 40.135678][ T5942] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.138489][ T5942] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.140842][ T5942] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.143076][ T5942] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.157804][ T5946] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 40.161900][ T5939] veth0_macvtap: entered promiscuous mode [ 40.172338][ T5939] veth1_macvtap: entered promiscuous mode [ 40.204389][ T6007] netlink: 'syz.3.4': attribute type 32 has an invalid length. [ 40.206145][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.206880][ T6007] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4'. [ 40.211505][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.211518][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.211523][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.211530][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.211535][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.211541][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.212368][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.214890][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.215096][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.235575][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.239872][ T6007] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 40.259385][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.262100][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.264560][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.267213][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.270068][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.272726][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.276366][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.289499][ T6007] warning: `syz.3.4' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 40.293839][ T5939] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.296135][ T5939] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.298600][ T5939] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.300856][ T5939] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.306499][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.309794][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.315772][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.319076][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.374338][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.375246][ T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.376385][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.381979][ T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.463411][ T6016] sctp: [Deprecated]: syz.3.6 (pid 6016) Use of struct sctp_assoc_value in delayed_ack socket option. [ 40.463411][ T6016] Use struct sctp_sack_info instead [ 40.598347][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.601399][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.604269][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 40.610131][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 40.612635][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 40.615287][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 40.617476][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 40.620059][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 41.332042][ T6037] /dev/nullb0: Can't open blockdev [ 41.519216][ T6040] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11'. [ 41.738122][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 41.788290][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 42.118073][ T5298] Bluetooth: hci3: command tx timeout [ 42.118179][ T5940] Bluetooth: hci2: command tx timeout [ 42.120306][ T5298] Bluetooth: hci1: command tx timeout [ 42.198236][ T65] Bluetooth: hci0: command tx timeout [ 42.911463][ T6064] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 42.980222][ T6064] bridge_slave_1: left allmulticast mode [ 42.982251][ T6064] bridge_slave_1: left promiscuous mode [ 42.985145][ T6064] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.002319][ T6064] bridge_slave_0: left allmulticast mode [ 43.003866][ T6064] bridge_slave_0: left promiscuous mode [ 43.005404][ T6064] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.140621][ T6067] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 43.145924][ T6067] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 44.198054][ T65] Bluetooth: hci2: command tx timeout [ 44.198501][ T5298] Bluetooth: hci3: command tx timeout [ 44.208173][ T5298] Bluetooth: hci1: command tx timeout [ 44.278532][ T5298] Bluetooth: hci0: command tx timeout [ 46.278117][ T5298] Bluetooth: hci2: command tx timeout [ 46.288315][ T5298] Bluetooth: hci1: command tx timeout [ 46.288338][ T65] Bluetooth: hci3: command tx timeout [ 46.358150][ T65] Bluetooth: hci0: command tx timeout [ 48.187172][ T6161] netlink: 20 bytes leftover after parsing attributes in process `syz.1.39'. [ 50.343002][ T6198] syzkaller0: entered promiscuous mode [ 50.345074][ T6198] syzkaller0: entered allmulticast mode [ 50.349937][ T1141] syzkaller0: tun_net_xmit 48 [ 50.380389][ T6198] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 50.381919][ T6198] syzkaller0: Linktype set failed because interface is up [ 50.389785][ T6006] IPVS: starting estimator thread 0... [ 50.488224][ T6199] IPVS: using max 37 ests per chain, 88800 per kthread [ 51.188749][ T6208] Driver unsupported XDP return value 0 on prog (id 12) dev N/A, expect packet loss! [ 51.193449][ T6208] syz.2.49 uses obsolete (PF_INET,SOCK_PACKET) [ 51.862173][ T6219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.51'. [ 53.056325][ T6226] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 53.169234][ T65] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 53.171582][ T65] Bluetooth: hci1: Injecting HCI hardware error event [ 53.174270][ T65] Bluetooth: hci1: hardware error 0x00 [ 53.495038][ T6233] Zero length message leads to an empty skb [ 53.847738][ T6248] binder: BINDER_SET_CONTEXT_MGR already set [ 53.877353][ T6248] binder: 6243:6248 ioctl 4018620d 20000040 returned -16 [ 54.518820][ T6265] xt_connbytes: Forcing CT accounting to be enabled [ 54.521386][ T6265] Cannot find del_set index 0 as target [ 55.248719][ T65] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 55.840208][ T6300] /dev/sr0: Can't open blockdev [ 55.929982][ T6302] /dev/sr0: Can't open blockdev [ 56.592644][ T6337] netlink: 'syz.2.81': attribute type 32 has an invalid length. [ 56.594763][ T6337] netlink: 8 bytes leftover after parsing attributes in process `syz.2.81'. [ 56.597121][ T6337] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 57.710619][ T6362] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 59.728623][ T39] audit: type=1326 audit(1733592772.260:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6390 comm="syz.3.94" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f16579 code=0x0 [ 60.514641][ T6409] netlink: 'syz.2.99': attribute type 32 has an invalid length. [ 60.517462][ T6409] netlink: 8 bytes leftover after parsing attributes in process `syz.2.99'. [ 60.520735][ T6409] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 60.598082][ T5298] Bluetooth: hci3: command 0x0405 tx timeout [ 60.608109][ T6004] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 60.754939][ T6413] input: syz0 as /devices/virtual/input/input5 [ 60.758435][ T6004] usb 6-1: Using ep0 maxpacket: 8 [ 60.762183][ T6004] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 60.764774][ T6004] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 60.778706][ T6004] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 60.781277][ T6004] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 60.784920][ T6004] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 60.787278][ T6004] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.008570][ T6004] usb 6-1: GET_CAPABILITIES returned 0 [ 61.010295][ T6004] usbtmc 6-1:16.0: can't read capabilities [ 61.179036][ T6422] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 61.180750][ T6422] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 61.192134][ T6422] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 61.193777][ T6422] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 61.203367][ T6422] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 61.205082][ T6422] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 61.210643][ T6403] usb 6-1: usbtmc_ioctl_clear_in_halt returned -32 [ 61.216989][ T6004] usb 6-1: USB disconnect, device number 2 [ 61.367890][ T6439] netlink: 24 bytes leftover after parsing attributes in process `syz.2.105'. [ 61.529628][ T6453] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 61.542819][ T6453] ipvlan2: entered promiscuous mode [ 61.546965][ T6453] bridge0: port 3(ipvlan2) entered blocking state [ 61.548863][ T6453] bridge0: port 3(ipvlan2) entered disabled state [ 61.551353][ T6453] ipvlan2: entered allmulticast mode [ 61.552868][ T6453] bridge0: entered allmulticast mode [ 61.557398][ T6453] ipvlan2: left allmulticast mode [ 61.568489][ T6453] bridge0: left allmulticast mode [ 62.210237][ T6474] /dev/sr0: Can't open blockdev [ 62.299918][ T6478] /dev/sr0: Can't open blockdev [ 63.380893][ T6515] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 63.383275][ T6515] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 63.387492][ T6515] vhci_hcd vhci_hcd.0: Device attached [ 63.408186][ T6517] vhci_hcd: connection closed [ 63.418083][ T77] vhci_hcd: stop threads [ 63.418259][ T6525] serio: Serial port pts1 [ 63.419654][ T77] vhci_hcd: release socket [ 63.423262][ T77] vhci_hcd: disconnect device [ 63.548971][ T6530] ======================================================= [ 63.548971][ T6530] WARNING: The mand mount option has been deprecated and [ 63.548971][ T6530] and is ignored by this kernel. Remove the mand [ 63.548971][ T6530] option from the mount to silence this warning. [ 63.548971][ T6530] ======================================================= [ 63.567515][ T6530] MINIX-fs: blocksize too small for device [ 63.648126][ T6006] usb 8-1: new low-speed USB device number 2 using dummy_hcd [ 63.960657][ T6006] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 63.964070][ T6006] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 63.967078][ T6006] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 63.971034][ T6006] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 63.973850][ T6006] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 63.976346][ T6006] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.984519][ T6006] hub 8-1:1.0: bad descriptor, ignoring hub [ 63.986105][ T6006] hub 8-1:1.0: probe with driver hub failed with error -5 [ 63.988284][ T6006] cdc_wdm 8-1:1.0: skipping garbage [ 63.989836][ T6006] cdc_wdm 8-1:1.0: skipping garbage [ 63.992715][ T6006] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 63.994399][ T6533] netlink: 4 bytes leftover after parsing attributes in process `syz.0.126'. [ 63.996741][ T6006] cdc_wdm 8-1:1.0: Unknown control protocol [ 64.233709][ T6542] IPVS: set_ctl: invalid protocol: 43 224.0.0.1:20000 [ 64.298620][ T6539] nbd1: detected capacity change from 0 to 22 [ 64.302637][ T6544] block nbd1: shutting down sockets [ 64.302672][ T5943] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.307284][ T5943] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.309671][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.313426][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.316754][ T5943] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.319182][ T5943] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.321420][ T5943] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.323744][ T5943] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.325787][ T5943] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.328204][ T5943] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.330483][ T6545] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.333928][ T6545] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.337034][ T5943] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.339743][ T5943] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.342531][ T5943] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.345333][ T5943] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.348185][ T5943] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.348492][ T6539] netlink: 'syz.1.128': attribute type 32 has an invalid length. [ 64.350523][ T5943] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.350571][ T5943] ldm_validate_partition_table(): Disk read failed. [ 64.353424][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.1.128'. [ 64.355429][ T5943] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 64.357863][ T6539] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 64.360570][ T5943] Buffer I/O error on dev nbd1, logical block 0, async page read [ 64.367859][ T5943] Dev nbd1: unable to read RDB block 0 [ 64.369861][ T5943] nbd1: unable to read partition table [ 64.371384][ T5943] nbd1: partition table beyond EOD, truncated [ 64.378298][ T5943] ldm_validate_partition_table(): Disk read failed. [ 64.381813][ T5943] Dev nbd1: unable to read RDB block 0 [ 64.383619][ T5943] nbd1: unable to read partition table [ 64.385461][ T5943] nbd1: partition table beyond EOD, truncated [ 64.468057][ T5985] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 64.499094][ T6552] nfs: Unknown parameter '%' [ 64.565796][ T6556] process 'syz.0.133' launched './file0' with NULL argv: empty string added [ 64.620544][ T5985] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 64.623364][ T5985] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 64.627430][ T5985] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 64.630588][ T5985] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64 [ 64.634272][ T5985] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 64.639517][ T5985] usb 7-1: config 0 interface 0 has no altsetting 0 [ 64.643756][ T5985] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 64.646189][ T5985] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 64.649154][ T5985] usb 7-1: Product: syz [ 64.650659][ T5985] usb 7-1: Manufacturer: syz [ 64.651886][ T5985] usb 7-1: SerialNumber: syz [ 64.657689][ T5985] usb 7-1: config 0 descriptor?? [ 64.660256][ T6542] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 64.663354][ T5985] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 64.688526][ T6562] /dev/sr0: Can't open blockdev [ 64.740794][ T6520] usb 8-1: reset low-speed USB device number 2 using dummy_hcd [ 64.778494][ T6564] /dev/sr0: Can't open blockdev [ 64.868347][ T6541] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 65.040980][ T6520] cdc_wdm 8-1:1.0: Error submitting int urb - -90 [ 65.049074][ T5985] ldusb 7-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 65.138418][ T6541] cdc_wdm 8-1:1.0: Error submitting int urb - -90 [ 65.142472][ T57] usb 7-1: USB disconnect, device number 2 [ 65.146969][ T57] ldusb 7-1:0.0: LD USB Device #1 now disconnected [ 65.338250][ T6006] usb 8-1: USB disconnect, device number 2 [ 65.431665][ C3] vcan0: j1939_tp_rxtimer: 0xffff8880529f8000: rx timeout, send abort [ 65.436307][ C3] vcan0: j1939_xtp_rx_abort_one: 0xffff8880529f8000: 0x30000: (3) A timeout occurred and this is the connection abort to close the session. [ 65.728074][ T5985] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 65.918068][ T5985] usb 6-1: Using ep0 maxpacket: 32 [ 65.921681][ T5985] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 65.924601][ T5985] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 65.927230][ T5985] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 65.930755][ T5985] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 65.933192][ T5985] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.938688][ T5985] usb 6-1: config 0 descriptor?? [ 66.349063][ T39] audit: type=1326 audit(1733592778.890:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6570 comm="syz.1.138" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x0 [ 66.468765][ T5985] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5011.0002/input/input6 [ 66.478565][ T5985] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5011.0002/input/input7 [ 66.486416][ T6587] netlink: 'syz.0.142': attribute type 32 has an invalid length. [ 66.488601][ T6587] netlink: 8 bytes leftover after parsing attributes in process `syz.0.142'. [ 66.490941][ T6587] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 66.492335][ T5985] kye 0003:0458:5011.0002: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.1-1/input0 [ 66.779119][ T6601] /dev/sr0: Can't open blockdev [ 66.889444][ T6604] /dev/sr0: Can't open blockdev [ 66.956211][ T39] audit: type=1326 audit(1733592779.490:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 66.964146][ T39] audit: type=1326 audit(1733592779.490:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 66.971402][ T39] audit: type=1326 audit(1733592779.490:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=132 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 66.976960][ T39] audit: type=1326 audit(1733592779.490:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 66.983366][ T39] audit: type=1326 audit(1733592779.490:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 66.990998][ T39] audit: type=1326 audit(1733592779.490:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 66.998785][ T39] audit: type=1326 audit(1733592779.490:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 67.006343][ T39] audit: type=1326 audit(1733592779.490:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 67.013906][ T39] audit: type=1326 audit(1733592779.490:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.3.147" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 67.551691][ C2] kye 0003:0458:5011.0002: usb_submit_urb(ctrl) failed: -1 [ 67.692300][ T5984] usb 6-1: reset high-speed USB device number 3 using dummy_hcd [ 67.838104][ T5984] usb 6-1: device descriptor read/64, error -32 [ 68.149574][ T5984] usb 6-1: reset high-speed USB device number 3 using dummy_hcd [ 68.278484][ T5984] usb 6-1: device descriptor read/64, error -32 [ 68.602101][ T1336] libceph: connect (1)[c::]:6789 error -101 [ 68.604724][ T1336] libceph: mon0 (1)[c::]:6789 connect error [ 68.608139][ T5984] usb 6-1: reset high-speed USB device number 3 using dummy_hcd [ 68.673990][ T6653] ceph: No mds server is up or the cluster is laggy [ 68.818006][ T5984] usb 6-1: device not accepting address 3, error -71 [ 69.074620][ T6687] overlayfs: failed to resolve './file1': -2 [ 69.604300][ T35] usb 6-1: USB disconnect, device number 3 [ 69.619902][ T6692] capability: warning: `syz.1.169' uses deprecated v2 capabilities in a way that may be insecure [ 69.641661][ T6694] ALSA: mixer_oss: invalid OSS volume 'u' [ 69.848329][ T8] IPVS: starting estimator thread 0... [ 69.939315][ T6711] IPVS: using max 38 ests per chain, 91200 per kthread [ 70.632472][ T6735] netlink: 28 bytes leftover after parsing attributes in process `syz.0.179'. [ 70.703072][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.705396][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.825219][ T6757] syzkaller0: entered promiscuous mode [ 71.830404][ T6757] syzkaller0: entered allmulticast mode [ 75.803276][ T9] cfg80211: failed to load regulatory.db [ 87.455835][ T6777] XFS (sr0): Invalid superblock magic number [ 87.500341][ T6777] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 87.503107][ T6777] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 87.505605][ T6777] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 87.507853][ T6777] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 87.522517][ T6777] vxlan0: entered promiscuous mode [ 87.523889][ T6777] vxlan0: entered allmulticast mode [ 87.540702][ T6777] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 87.543621][ T6777] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 87.545949][ T6777] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 87.548324][ T6777] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 88.951648][ T6826] syz.0.196: attempt to access beyond end of device [ 88.951648][ T6826] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 88.954761][ T6826] SQUASHFS error: Failed to read block 0x0: -5 [ 88.956229][ T6826] unable to read squashfs_super_block [ 91.709769][ T6875] netlink: 'syz.3.208': attribute type 1 has an invalid length. [ 92.648802][ T6905] binder: 6901:6905 ioctl c0306201 20000680 returned -14 [ 93.635422][ T6944] netlink: 'syz.1.222': attribute type 39 has an invalid length. [ 93.733969][ T6947] block device autoloading is deprecated and will be removed. [ 93.924440][ T6946] /dev/sr0: Can't open blockdev [ 94.048879][ T6948] /dev/sr0: Can't open blockdev [ 94.341175][ T6965] capability: warning: `syz.0.226' uses 32-bit capabilities (legacy support in use) [ 94.480532][ T6971] netlink: 'syz.0.228': attribute type 1 has an invalid length. [ 94.482629][ T6971] netlink: 'syz.0.228': attribute type 3 has an invalid length. [ 94.484968][ T6971] netlink: 224 bytes leftover after parsing attributes in process `syz.0.228'. [ 94.488152][ T6971] NCSI netlink: No device for ifindex 0 [ 94.495539][ T6972] netlink: 4 bytes leftover after parsing attributes in process `syz.0.228'. [ 94.809329][ T6962] mmap: syz.2.225 (6962) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 95.914235][ T6981] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11) [ 95.916737][ T6981] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 95.920682][ T6981] vhci_hcd vhci_hcd.0: Device attached [ 96.080429][ T6996] netlink: 12 bytes leftover after parsing attributes in process `syz.2.233'. [ 96.121982][ T74] vhci_hcd: vhci_device speed not set [ 96.218105][ T74] usb 39-1: new full-speed USB device number 2 using vhci_hcd [ 96.652305][ T6993] vhci_hcd: connection reset by peer [ 96.660337][ T1141] vhci_hcd: stop threads [ 96.661881][ T1141] vhci_hcd: release socket [ 96.668857][ T1141] vhci_hcd: disconnect device [ 97.222717][ T7009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.237'. [ 97.225794][ T7009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.237'. [ 97.230145][ T7009] block nbd0: Unsupported socket: shutdown callout must be supported. [ 97.549099][ T39] kauditd_printk_skb: 34 callbacks suppressed [ 97.549114][ T39] audit: type=1326 audit(1733592810.070:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7010 comm="syz.0.238" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7fc00000 [ 99.068087][ T7055] netlink: 20 bytes leftover after parsing attributes in process `syz.1.246'. [ 99.295157][ T7062] usb usb7: selecting invalid altsetting 6 [ 100.308683][ T7070] /dev/sr0: Can't open blockdev [ 100.401226][ T7071] /dev/sr0: Can't open blockdev [ 100.436767][ T7079] netlink: 'syz.0.254': attribute type 21 has an invalid length. [ 100.439247][ T7079] netlink: 'syz.0.254': attribute type 1 has an invalid length. [ 100.588612][ T7086] netlink: 148 bytes leftover after parsing attributes in process `syz.1.252'. [ 101.308071][ T74] vhci_hcd: vhci_device speed not set [ 101.416372][ T7109] ubi0: attaching mtd0 [ 101.423026][ T7109] ubi0: scanning is finished [ 101.424693][ T7109] ubi0: empty MTD device detected [ 101.486423][ T7109] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 101.488674][ T7109] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 101.491017][ T7109] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 101.493548][ T7109] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 101.496167][ T7109] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 101.498767][ T7109] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 101.501815][ T7109] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2191449449 [ 101.504817][ T7109] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 101.508826][ T7111] ubi0: background thread "ubi_bgt0d" started, PID 7111 [ 101.816939][ T7116] blktrace: Concurrent blktraces are not allowed on sg0 [ 102.972295][ T7140] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2 [ 102.974810][ T7140] netdevsim netdevsim2: Falling back to sysfs fallback for: ./file0 [ 103.135885][ T7148] netlink: 36 bytes leftover after parsing attributes in process `syz.2.267'. [ 103.146286][ T7148] netlink: 16 bytes leftover after parsing attributes in process `syz.2.267'. [ 103.149495][ T7148] netlink: 36 bytes leftover after parsing attributes in process `syz.2.267'. [ 103.151873][ T7148] netlink: 36 bytes leftover after parsing attributes in process `syz.2.267'. [ 103.628987][ T7154] /dev/sr0: Can't open blockdev [ 103.728888][ T7155] /dev/sr0: Can't open blockdev [ 103.828785][ T7158] /dev/sr0: Can't open blockdev [ 103.933830][ T7161] /dev/sr0: Can't open blockdev [ 105.877384][ T7214] netlink: 'syz.1.286': attribute type 1 has an invalid length. [ 105.884259][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.286'. [ 106.059509][ T7226] FAULT_INJECTION: forcing a failure. [ 106.059509][ T7226] name failslab, interval 1, probability 0, space 0, times 1 [ 106.063505][ T7226] CPU: 1 UID: 0 PID: 7226 Comm: syz.1.289 Not tainted 6.13.0-rc1-syzkaller-00316-gb5f217084ab3 #0 [ 106.066251][ T7226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 106.069068][ T7226] Call Trace: [ 106.069946][ T7226] [ 106.070722][ T7226] dump_stack_lvl+0x16c/0x1f0 [ 106.071951][ T7226] should_fail_ex+0x497/0x5b0 [ 106.073194][ T7226] ? fs_reclaim_acquire+0xae/0x150 [ 106.074546][ T7226] should_failslab+0xc2/0x120 [ 106.075773][ T7226] __kmalloc_node_noprof+0xd1/0x520 [ 106.077133][ T7226] ? __get_vm_area_node+0x1dc/0x2f0 [ 106.078483][ T7226] ? __vmalloc_node_range_noprof+0x3d8/0x1530 [ 106.080098][ T7226] __vmalloc_node_range_noprof+0x3d8/0x1530 [ 106.081957][ T7226] ? translate_table+0x770/0x1f00 [ 106.083633][ T7226] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 106.085287][ T7226] ? stack_trace_save+0x95/0xd0 [ 106.086566][ T7226] ? translate_table+0x770/0x1f00 [ 106.087888][ T7226] vmalloc_noprof+0x6b/0x90 [ 106.089122][ T7226] ? translate_table+0x770/0x1f00 [ 106.090447][ T7226] translate_table+0x770/0x1f00 [ 106.091742][ T7226] ? kasan_save_track+0x14/0x30 [ 106.093006][ T7226] ? kfree+0x14f/0x4b0 [ 106.094080][ T7226] ? vfree+0x33b/0x890 [ 106.095142][ T7226] ? compat_do_replace+0x4a8/0x750 [ 106.096464][ T7226] ? do_ebt_set_ctl+0x4af/0x580 [ 106.097738][ T7226] ? nf_setsockopt+0x8a/0xf0 [ 106.098919][ T7226] ? ip_setsockopt+0xcb/0xf0 [ 106.100157][ T7226] ? hlock_class+0x4e/0x130 [ 106.101516][ T7226] ? __pfx_translate_table+0x10/0x10 [ 106.103356][ T7226] ? __pfx_mark_lock+0x10/0x10 [ 106.104604][ T7226] ? find_held_lock+0x2d/0x110 [ 106.105859][ T7226] do_replace_finish+0x9a7/0x22b0 [ 106.107188][ T7226] ? __pfx_do_replace_finish+0x10/0x10 [ 106.108603][ T7226] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 106.110199][ T7226] ? vfree+0x33b/0x890 [ 106.111262][ T7226] ? compat_do_replace+0x353/0x750 [ 106.112583][ T7226] compat_do_replace+0x4c7/0x750 [ 106.113880][ T7226] ? __pfx_compat_do_replace+0x10/0x10 [ 106.115280][ T7226] ? aa_get_newest_label+0x376/0x680 [ 106.116655][ T7226] ? __pfx_aa_get_newest_label+0x10/0x10 [ 106.118116][ T7226] ? bpf_lsm_capable+0x9/0x10 [ 106.119385][ T7226] ? security_capable+0x7e/0x260 [ 106.120684][ T7226] do_ebt_set_ctl+0x4af/0x580 [ 106.122021][ T7226] ? sockopt_release_sock+0x52/0x60 [ 106.123379][ T7226] ? __pfx_do_ebt_set_ctl+0x10/0x10 [ 106.124750][ T7226] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 106.126184][ T7226] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 106.127748][ T7226] nf_setsockopt+0x8a/0xf0 [ 106.129013][ T7226] ip_setsockopt+0xcb/0xf0 [ 106.130213][ T7226] udp_setsockopt+0x7d/0xd0 [ 106.131454][ T7226] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 106.132984][ T7226] do_sock_setsockopt+0x222/0x480 [ 106.134285][ T7226] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 106.135717][ T7226] ? lock_acquire+0x2f/0xb0 [ 106.136906][ T7226] __sys_setsockopt+0x1a0/0x230 [ 106.138187][ T7226] __ia32_sys_setsockopt+0xbc/0x160 [ 106.139573][ T7226] ? lockdep_hardirqs_on+0x7c/0x110 [ 106.140954][ T7226] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 106.142874][ T7226] __do_fast_syscall_32+0x73/0x120 [ 106.144223][ T7226] do_fast_syscall_32+0x32/0x80 [ 106.145712][ T7226] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 106.147915][ T7226] RIP: 0023:0xf7fe4579 [ 106.149361][ T7226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 106.155054][ T7226] RSP: 002b:00000000f516657c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 106.157364][ T7226] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 106.160328][ T7226] RDX: 0000000000000080 RSI: 0000000020000100 RDI: 0000000000000218 [ 106.163099][ T7226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 106.165916][ T7226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 106.168746][ T7226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 106.171522][ T7226] [ 106.174331][ T7226] syz.1.289: vmalloc error: size 4096, failed to allocated page array size 8, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 106.179014][ T7226] CPU: 1 UID: 0 PID: 7226 Comm: syz.1.289 Not tainted 6.13.0-rc1-syzkaller-00316-gb5f217084ab3 #0 [ 106.182361][ T7226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 106.185911][ T7226] Call Trace: [ 106.187078][ T7226] [ 106.188105][ T7226] dump_stack_lvl+0x16c/0x1f0 [ 106.189743][ T7226] warn_alloc+0x24d/0x3a0 [ 106.191324][ T7226] ? __pfx_warn_alloc+0x10/0x10 [ 106.193139][ T7226] ? dump_stack_lvl+0x1a3/0x1f0 [ 106.195038][ T7226] ? rcu_is_watching+0x12/0xc0 [ 106.196793][ T7226] ? trace_kmalloc+0x2d/0xd0 [ 106.198480][ T7226] ? __get_vm_area_node+0x1dc/0x2f0 [ 106.200375][ T7226] __vmalloc_node_range_noprof+0x1105/0x1530 [ 106.202550][ T7226] ? translate_table+0x770/0x1f00 [ 106.204310][ T7226] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 106.206532][ T7226] ? stack_trace_save+0x95/0xd0 [ 106.208303][ T7226] ? translate_table+0x770/0x1f00 [ 106.210141][ T7226] vmalloc_noprof+0x6b/0x90 [ 106.211758][ T7226] ? translate_table+0x770/0x1f00 [ 106.213581][ T7226] translate_table+0x770/0x1f00 [ 106.215289][ T7226] ? kasan_save_track+0x14/0x30 [ 106.216646][ T7226] ? kfree+0x14f/0x4b0 [ 106.217707][ T7226] ? vfree+0x33b/0x890 [ 106.218767][ T7226] ? compat_do_replace+0x4a8/0x750 [ 106.220087][ T7226] ? do_ebt_set_ctl+0x4af/0x580 [ 106.221481][ T7226] ? nf_setsockopt+0x8a/0xf0 [ 106.223099][ T7226] ? ip_setsockopt+0xcb/0xf0 [ 106.224646][ T7226] ? hlock_class+0x4e/0x130 [ 106.225834][ T7226] ? __pfx_translate_table+0x10/0x10 [ 106.227191][ T7226] ? __pfx_mark_lock+0x10/0x10 [ 106.228443][ T7226] ? find_held_lock+0x2d/0x110 [ 106.229692][ T7226] do_replace_finish+0x9a7/0x22b0 [ 106.231009][ T7226] ? __pfx_do_replace_finish+0x10/0x10 [ 106.232962][ T7226] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 106.234739][ T7226] ? vfree+0x33b/0x890 [ 106.235794][ T7226] ? compat_do_replace+0x353/0x750 [ 106.237125][ T7226] compat_do_replace+0x4c7/0x750 [ 106.238472][ T7226] ? __pfx_compat_do_replace+0x10/0x10 [ 106.239884][ T7226] ? aa_get_newest_label+0x376/0x680 [ 106.241252][ T7226] ? __pfx_aa_get_newest_label+0x10/0x10 [ 106.242692][ T7226] ? bpf_lsm_capable+0x9/0x10 [ 106.243928][ T7226] ? security_capable+0x7e/0x260 [ 106.245218][ T7226] do_ebt_set_ctl+0x4af/0x580 [ 106.246439][ T7226] ? sockopt_release_sock+0x52/0x60 [ 106.247739][ T7226] ? __pfx_do_ebt_set_ctl+0x10/0x10 [ 106.249070][ T7226] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 106.250394][ T7226] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 106.251931][ T7226] nf_setsockopt+0x8a/0xf0 [ 106.253109][ T7226] ip_setsockopt+0xcb/0xf0 [ 106.254404][ T7226] udp_setsockopt+0x7d/0xd0 [ 106.255585][ T7226] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 106.257102][ T7226] do_sock_setsockopt+0x222/0x480 [ 106.258555][ T7226] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 106.259994][ T7226] ? lock_acquire+0x2f/0xb0 [ 106.261170][ T7226] __sys_setsockopt+0x1a0/0x230 [ 106.262511][ T7226] __ia32_sys_setsockopt+0xbc/0x160 [ 106.263928][ T7226] ? lockdep_hardirqs_on+0x7c/0x110 [ 106.265303][ T7226] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 106.266974][ T7226] __do_fast_syscall_32+0x73/0x120 [ 106.268334][ T7226] do_fast_syscall_32+0x32/0x80 [ 106.269617][ T7226] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 106.271239][ T7226] RIP: 0023:0xf7fe4579 [ 106.272288][ T7226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 106.277125][ T7226] RSP: 002b:00000000f516657c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 106.279182][ T7226] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 106.281204][ T7226] RDX: 0000000000000080 RSI: 0000000020000100 RDI: 0000000000000218 [ 106.283236][ T7226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 106.285244][ T7226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 106.287251][ T7226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 106.289689][ T7226] [ 106.291884][ T7226] Mem-Info: [ 106.293051][ T7226] active_anon:6431 inactive_anon:0 isolated_anon:0 [ 106.293051][ T7226] active_file:11548 inactive_file:36666 isolated_file:0 [ 106.293051][ T7226] unevictable:1768 dirty:413 writeback:0 [ 106.293051][ T7226] slab_reclaimable:9957 slab_unreclaimable:54903 [ 106.293051][ T7226] mapped:25139 shmem:3809 pagetables:696 [ 106.293051][ T7226] sec_pagetables:299 bounce:0 [ 106.293051][ T7226] kernel_misc_reclaimable:0 [ 106.293051][ T7226] free:57861 free_pcp:1499 free_cma:0 [ 106.307711][ T7226] Node 0 active_anon:4516kB inactive_anon:0kB active_file:0kB inactive_file:14612kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5356kB dirty:8kB writeback:0kB shmem:4736kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9328kB pagetables:632kB sec_pagetables:1112kB all_unreclaimable? yes [ 106.318359][ T7226] Node 1 active_anon:15812kB inactive_anon:0kB active_file:46192kB inactive_file:132052kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:90100kB dirty:1644kB writeback:0kB shmem:5204kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2840kB pagetables:2052kB sec_pagetables:84kB all_unreclaimable? no [ 106.328147][ T7226] Node 0 DMA free:2984kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:128kB inactive_anon:0kB active_file:0kB inactive_file:1544kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:400kB local_pcp:16kB free_cma:0kB [ 106.337131][ T7226] lowmem_reserve[]: 0 273 0 0 0 [ 106.340070][ T7226] Node 0 DMA32 free:22180kB boost:4096kB min:18000kB low:21476kB high:24952kB reserved_highatomic:4096KB active_anon:4388kB inactive_anon:0kB active_file:0kB inactive_file:13068kB unevictable:3536kB writepending:8kB present:1032196kB managed:306332kB mlocked:0kB bounce:0kB free_pcp:1244kB local_pcp:332kB free_cma:0kB [ 106.352735][ T7226] lowmem_reserve[]: 0 0 0 0 0 [ 106.354834][ T7226] Node 1 DMA32 free:211732kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:15912kB inactive_anon:0kB active_file:46192kB inactive_file:132052kB unevictable:3536kB writepending:1644kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:3364kB local_pcp:1048kB free_cma:0kB [ 106.367436][ T7226] lowmem_reserve[]: 0 0 0 0 0 [ 106.369555][ T7226] Node 0 DMA: 24*4kB (U) 57*8kB (U) 54*16kB (U) 45*32kB (U) 2*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2984kB [ 106.374818][ T7226] Node 0 DMA32: 413*4kB (UH) 200*8kB (UMH) 33*16kB (UEH) 175*32kB (UMH) 78*64kB (UME) 17*128kB (UM) 10*256kB (UME) 4*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 22180kB [ 106.380444][ T7226] Node 1 DMA32: 315*4kB (UME) 552*8kB (UME) 525*16kB (UME) 422*32kB (ME) 406*64kB (UME) 111*128kB (UME) 56*256kB (UME) 31*512kB (UME) 15*1024kB (UME) 10*2048kB (UM) 19*4096kB (UM) = 211644kB [ 106.386351][ T7226] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 106.389085][ T7226] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 106.391784][ T7226] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 106.395948][ T7226] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 106.398887][ T7226] 50699 total pagecache pages [ 106.400337][ T7226] 0 pages in swap cache [ 106.401922][ T7226] Free swap = 124440kB [ 106.403566][ T7226] Total swap = 124996kB [ 106.405264][ T7226] 524155 pages RAM [ 106.406544][ T7226] 0 pages HighMem/MovableOnly [ 106.408065][ T7226] 206669 pages reserved [ 106.409613][ T7226] 0 pages cma reserved [ 107.581148][ T7271] hfs: can't find a HFS filesystem on dev sr0 [ 107.650467][ T7273] netlink: 'syz.0.302': attribute type 4 has an invalid length. [ 107.853780][ T6112] libceph: connect (1)[c::]:6789 error -101 [ 107.855995][ T6112] libceph: mon0 (1)[c::]:6789 connect error [ 108.033778][ T7276] ceph: No mds server is up or the cluster is laggy [ 108.138204][ T1015] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 108.300840][ T1015] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 108.303510][ T1015] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.305642][ T1015] usb 5-1: Product: syz [ 108.314245][ T1015] usb 5-1: Manufacturer: syz [ 108.315918][ T1015] usb 5-1: SerialNumber: syz [ 108.321679][ T1015] usb 5-1: config 0 descriptor?? [ 108.356340][ T7287] program syz.3.305 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 108.534353][ T35] usb 5-1: USB disconnect, device number 2 [ 108.748684][ T7310] /dev/sr0: Can't open blockdev [ 108.792654][ T39] audit: type=1326 audit(1733592821.330:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.797824][ T39] audit: type=1326 audit(1733592821.330:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.807384][ T39] audit: type=1326 audit(1733592821.330:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=144 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.817512][ T39] audit: type=1326 audit(1733592821.330:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.829575][ T39] audit: type=1326 audit(1733592821.330:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.837854][ T39] audit: type=1326 audit(1733592821.330:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.844272][ T39] audit: type=1326 audit(1733592821.330:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.852209][ T39] audit: type=1326 audit(1733592821.330:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.858491][ T39] audit: type=1326 audit(1733592821.340:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.863947][ T39] audit: type=1326 audit(1733592821.390:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7281 comm="syz.0.304" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf746e579 code=0x7ffc0000 [ 108.875749][ T7313] /dev/sr0: Can't open blockdev [ 108.889766][ T7317] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 108.891481][ T7317] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 108.899757][ T7317] vhci_hcd vhci_hcd.0: Device attached [ 109.308947][ T6112] vhci_hcd: vhci_device speed not set [ 109.356000][ T7312] block nbd1: shutting down sockets [ 109.388097][ T6112] usb 39-1: new full-speed USB device number 3 using vhci_hcd [ 110.197998][ T7318] vhci_hcd: connection reset by peer [ 110.200987][ T1136] vhci_hcd: stop threads [ 110.202563][ T1136] vhci_hcd: release socket [ 110.204227][ T1136] vhci_hcd: disconnect device [ 110.528275][ T7347] random: crng reseeded on system resumption [ 110.612111][ T9] IPVS: starting estimator thread 0... [ 110.708153][ T7348] IPVS: using max 38 ests per chain, 91200 per kthread [ 110.975558][ T7351] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 111.773882][ T8] libceph: connect (1)[c::]:6789 error -101 [ 111.775527][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 111.802092][ T7377] netlink: 8 bytes leftover after parsing attributes in process `syz.2.327'. [ 111.984172][ T7358] ceph: No mds server is up or the cluster is laggy [ 112.086495][ T7387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.329'. [ 112.111574][ T7395] netlink: 72 bytes leftover after parsing attributes in process `syz.1.329'. [ 115.013472][ T6112] vhci_hcd: vhci_device speed not set [ 115.099911][ T7408] netlink: 'syz.1.335': attribute type 1 has an invalid length. [ 115.102095][ T7408] netlink: 'syz.1.335': attribute type 2 has an invalid length. [ 115.811972][ T7435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.341'. [ 115.819524][ T7435] netlink: 20 bytes leftover after parsing attributes in process `syz.3.341'. [ 115.981516][ T7441] Invalid option length (1025206) for dns_resolver key [ 115.990142][ T7441] binder: BINDER_SET_CONTEXT_MGR already set [ 115.993680][ T7441] binder: 7439:7441 ioctl 4018620d 20000300 returned -16 [ 116.187035][ T7446] netlink: 'syz.1.345': attribute type 1 has an invalid length. [ 116.189438][ T7446] netlink: 'syz.1.345': attribute type 2 has an invalid length. [ 116.230010][ T9] IPVS: starting estimator thread 0... [ 116.328152][ T7451] IPVS: using max 38 ests per chain, 91200 per kthread [ 117.197153][ T7475] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 117.198286][ T77] IPVS: stop unused estimator thread 0... [ 117.204091][ T7475] CIFS: Unable to determine destination address [ 117.430382][ T7482] netlink: 96 bytes leftover after parsing attributes in process `syz.3.354'. [ 117.430383][ T7481] netlink: 96 bytes leftover after parsing attributes in process `syz.3.354'. [ 117.465087][ T7484] netlink: 'syz.0.355': attribute type 1 has an invalid length. [ 117.468424][ T7484] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.355'. [ 117.476297][ T7484] overlayfs: missing 'lowerdir' [ 117.929061][ T7502] /dev/sr0: Can't open blockdev [ 118.009111][ T7504] /dev/sr0: Can't open blockdev [ 118.495993][ T65] block nbd3: Receive control failed (result -32) [ 118.498315][ T5940] block nbd3: Receive control failed (result -32) [ 118.498318][ T5298] block nbd3: Receive control failed (result -32) [ 118.501707][ T7503] block nbd3: shutting down sockets [ 118.518069][ T1336] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 118.552305][ T7519] CIFS: iocharset name too long [ 118.628614][ T7517] /dev/sr0: Can't open blockdev [ 118.688021][ T1336] usb 5-1: Using ep0 maxpacket: 8 [ 118.691093][ T1336] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 118.693598][ T1336] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 118.696284][ T1336] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 118.698939][ T1336] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 118.702245][ T1336] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 118.704563][ T1336] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.728589][ T7522] /dev/sr0: Can't open blockdev [ 118.760647][ T7528] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 118.918182][ T1336] usb 5-1: GET_CAPABILITIES returned 0 [ 118.919662][ T1336] usbtmc 5-1:16.0: can't read capabilities [ 119.127507][ T7512] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.134734][ T7512] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 119.227837][ T7553] mkiss: ax0: crc mode is auto. [ 119.377701][ T6006] usb 5-1: USB disconnect, device number 3 [ 121.950961][ T7588] syz.3.383 (7588): drop_caches: 2 [ 122.788061][ T35] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 122.939612][ T35] usb 6-1: config index 0 descriptor too short (expected 45, got 36) [ 122.941758][ T35] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 122.944926][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 122.947913][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 122.953628][ T35] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 122.957152][ T35] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 122.959661][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.966085][ T35] usb 6-1: config 0 descriptor?? [ 122.969282][ T7616] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 123.372357][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 123.372372][ T39] audit: type=1326 audit(1733592835.910:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.380338][ T35] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd [ 123.386699][ T35] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 123.390479][ T35] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 123.403417][ T39] audit: type=1326 audit(1733592835.910:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.409324][ T39] audit: type=1326 audit(1733592835.920:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=218 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.414796][ T39] audit: type=1326 audit(1733592835.920:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.420475][ T39] audit: type=1326 audit(1733592835.920:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.425969][ T39] audit: type=1326 audit(1733592835.920:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.431636][ T39] audit: type=1326 audit(1733592835.920:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.437011][ T39] audit: type=1326 audit(1733592835.920:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.442805][ T39] audit: type=1326 audit(1733592835.920:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=274 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.448611][ T39] audit: type=1326 audit(1733592835.930:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7630 comm="syz.3.394" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x7ffc0000 [ 123.475497][ T7378] usb 6-1: USB disconnect, device number 4 [ 123.659253][ T7643] /dev/sr0: Can't open blockdev [ 123.788808][ T7648] /dev/sr0: Can't open blockdev [ 124.380474][ T7659] /dev/sr0: Can't open blockdev [ 124.500297][ T7661] /dev/sr0: Can't open blockdev [ 124.542369][ T7690] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 124.548851][ T7688] syzkaller0: entered promiscuous mode [ 124.550308][ T7688] syzkaller0: entered allmulticast mode [ 124.715422][ T7700] fuse: Unknown parameter 'f`' [ 124.822256][ T7703] efs: device does not support 512 byte blocks [ 124.828365][ T7703] device does not support 512 byte blocks [ 124.828365][ T7703] [ 124.925470][ T7712] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 124.980492][ T7712] evm: overlay not supported [ 125.673200][ T7715] netlink: 'syz.3.416': attribute type 1 has an invalid length. [ 125.675201][ T7715] netlink: 'syz.3.416': attribute type 2 has an invalid length. [ 125.983689][ T7724] [ 125.984524][ T7724] ====================================================== [ 125.986385][ T7724] WARNING: possible circular locking dependency detected [ 125.988182][ T7724] 6.13.0-rc1-syzkaller-00316-gb5f217084ab3 #0 Not tainted [ 125.991091][ T7724] ------------------------------------------------------ [ 125.993688][ T7724] syz.0.418/7724 is trying to acquire lock: [ 125.995210][ T7724] ffff88801f0518b8 (&eq->sysfs_lock){+.+.}-{4:4}, at: elevator_disable+0xb5/0x490 [ 125.997662][ T7724] [ 125.997662][ T7724] but task is already holding lock: [ 125.999535][ T7724] ffff88804351dde0 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x446/0x1460 [ 126.002169][ T7724] [ 126.002169][ T7724] which lock already depends on the new lock. [ 126.002169][ T7724] [ 126.004790][ T7724] [ 126.004790][ T7724] the existing dependency chain (in reverse order) is: [ 126.007269][ T7724] [ 126.007269][ T7724] -> #5 (&q->sysfs_lock){+.+.}-{4:4}: [ 126.009803][ T7724] __mutex_lock+0x19b/0xa60 [ 126.011527][ T7724] __blk_mq_update_nr_hw_queues+0x446/0x1460 [ 126.013713][ T7724] blk_mq_update_nr_hw_queues+0x2a/0x40 [ 126.015781][ T7724] nbd_start_device+0x15b/0xd70 [ 126.017612][ T7724] nbd_ioctl+0x21a/0xfd0 [ 126.019228][ T7724] compat_blkdev_ioctl+0x2f7/0x750 [ 126.020987][ T7724] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 126.022481][ T7724] __do_fast_syscall_32+0x73/0x120 [ 126.023909][ T7724] do_fast_syscall_32+0x32/0x80 [ 126.025322][ T7724] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 126.026931][ T7724] [ 126.026931][ T7724] -> #4 (&q->q_usage_counter(io)#50){++++}-{0:0}: [ 126.028957][ T7724] blk_mq_submit_bio+0x1fb6/0x24c0 [ 126.030544][ T7724] __submit_bio+0x384/0x540 [ 126.031894][ T7724] submit_bio_noacct_nocheck+0x698/0xd70 [ 126.033518][ T7724] submit_bio_noacct+0x93a/0x1e20 [ 126.034958][ T7724] block_read_full_folio+0x812/0xa50 [ 126.036586][ T7724] filemap_read_folio+0xc6/0x2a0 [ 126.038021][ T7724] filemap_get_pages+0x155f/0x1be0 [ 126.039507][ T7724] filemap_read+0x3ca/0xd70 [ 126.040859][ T7724] blkdev_read_iter+0x187/0x480 [ 126.042272][ T7724] vfs_read+0x87f/0xbe0 [ 126.043501][ T7724] ksys_pread64+0x170/0x1a0 [ 126.044853][ T7724] __do_fast_syscall_32+0x73/0x120 [ 126.046363][ T7724] do_fast_syscall_32+0x32/0x80 [ 126.048192][ T7724] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 126.050266][ T7724] [ 126.050266][ T7724] -> #3 (mapping.invalidate_lock#2){++++}-{4:4}: [ 126.052738][ T7724] down_read+0x9a/0x330 [ 126.054315][ T7724] page_cache_ra_unbounded+0x173/0x750 [ 126.056170][ T7724] page_cache_ra_order+0x7d9/0xc90 [ 126.058081][ T7724] filemap_fault+0x14a5/0x2820 [ 126.059831][ T7724] __do_fault+0x10a/0x490 [ 126.061463][ T7724] do_pte_missing+0x99f/0x3e00 [ 126.063289][ T7724] __handle_mm_fault+0x103c/0x2a40 [ 126.065329][ T7724] handle_mm_fault+0x3fa/0xaa0 [ 126.067235][ T7724] __get_user_pages+0x8d9/0x3b50 [ 126.069130][ T7724] __gup_longterm_locked+0x5ff/0x1870 [ 126.071089][ T7724] pin_user_pages+0x13f/0x160 [ 126.072806][ T7724] xdp_umem_create+0x73c/0x1270 [ 126.074550][ T7724] xsk_setsockopt+0x7e7/0xac0 [ 126.076265][ T7724] do_sock_setsockopt+0x222/0x480 [ 126.077922][ T7724] __sys_setsockopt+0x1a0/0x230 [ 126.079331][ T7724] __ia32_sys_setsockopt+0xbc/0x160 [ 126.080974][ T7724] __do_fast_syscall_32+0x73/0x120 [ 126.082519][ T7724] do_fast_syscall_32+0x32/0x80 [ 126.084061][ T7724] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 126.085952][ T7724] [ 126.085952][ T7724] -> #2 (&mm->mmap_lock){++++}-{4:4}: [ 126.088062][ T7724] __might_fault+0x11b/0x190 [ 126.089455][ T7724] _copy_from_user+0x29/0xd0 [ 126.090909][ T7724] __blk_trace_setup+0xa8/0x180 [ 126.092472][ T7724] blk_trace_setup+0x47/0x70 [ 126.093921][ T7724] sg_ioctl+0x7a3/0x26b0 [ 126.095272][ T7724] compat_ptr_ioctl+0x6b/0xa0 [ 126.096786][ T7724] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 126.098792][ T7724] __do_fast_syscall_32+0x73/0x120 [ 126.100334][ T7724] do_fast_syscall_32+0x32/0x80 [ 126.101818][ T7724] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 126.103682][ T7724] [ 126.103682][ T7724] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}: [ 126.105801][ T7724] __mutex_lock+0x19b/0xa60 [ 126.107256][ T7724] blk_mq_exit_sched+0xd1/0x310 [ 126.108812][ T7724] elevator_exit+0x58/0x80 [ 126.110182][ T7724] del_gendisk+0x568/0xad0 [ 126.111526][ T7724] nbd_dev_remove+0x3b/0xe0 [ 126.112925][ T7724] process_one_work+0x958/0x1b30 [ 126.114428][ T7724] worker_thread+0x6c8/0xf00 [ 126.115805][ T7724] kthread+0x2c1/0x3a0 [ 126.117255][ T7724] ret_from_fork+0x45/0x80 [ 126.118634][ T7724] ret_from_fork_asm+0x1a/0x30 [ 126.120072][ T7724] [ 126.120072][ T7724] -> #0 (&eq->sysfs_lock){+.+.}-{4:4}: [ 126.122283][ T7724] __lock_acquire+0x249e/0x3c40 [ 126.124045][ T7724] lock_acquire.part.0+0x11b/0x380 [ 126.125824][ T7724] __mutex_lock+0x19b/0xa60 [ 126.127510][ T7724] elevator_disable+0xb5/0x490 [ 126.129162][ T7724] __blk_mq_update_nr_hw_queues+0x3bb/0x1460 [ 126.130865][ T7724] blk_mq_update_nr_hw_queues+0x2a/0x40 [ 126.132487][ T7724] nbd_start_device+0x15b/0xd70 [ 126.133900][ T7724] nbd_ioctl+0x21a/0xfd0 [ 126.135161][ T7724] compat_blkdev_ioctl+0x2f7/0x750 [ 126.136705][ T7724] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 126.138316][ T7724] __do_fast_syscall_32+0x73/0x120 [ 126.140361][ T7724] do_fast_syscall_32+0x32/0x80 [ 126.142317][ T7724] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 126.144799][ T7724] [ 126.144799][ T7724] other info that might help us debug this: [ 126.144799][ T7724] [ 126.148280][ T7724] Chain exists of: [ 126.148280][ T7724] &eq->sysfs_lock --> &q->q_usage_counter(io)#50 --> &q->sysfs_lock [ 126.148280][ T7724] [ 126.152339][ T7724] Possible unsafe locking scenario: [ 126.152339][ T7724] [ 126.154921][ T7724] CPU0 CPU1 [ 126.156847][ T7724] ---- ---- [ 126.158628][ T7724] lock(&q->sysfs_lock); [ 126.159766][ T7724] lock(&q->q_usage_counter(io)#50); [ 126.162125][ T7724] lock(&q->sysfs_lock); [ 126.164496][ T7724] lock(&eq->sysfs_lock); [ 126.165919][ T7724] [ 126.165919][ T7724] *** DEADLOCK *** [ 126.165919][ T7724] [ 126.168052][ T7724] 5 locks held by syz.0.418/7724: [ 126.169392][ T7724] #0: ffff8880241eb998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x151/0xfd0 [ 126.172474][ T7724] #1: ffff8880241eb8d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0x20/0x40 [ 126.175738][ T7724] #2: ffff88804351d8b0 (&q->q_usage_counter(io)#49){+.+.}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x1fc/0x1460 [ 126.178801][ T7724] #3: ffff88804351d8e8 (&q->q_usage_counter(queue)#33){+.+.}-{0:0}, at: __blk_mq_update_nr_hw_queues+0x1fc/0x1460 [ 126.181989][ T7724] #4: ffff88804351dde0 (&q->sysfs_lock){+.+.}-{4:4}, at: __blk_mq_update_nr_hw_queues+0x446/0x1460 [ 126.184769][ T7724] [ 126.184769][ T7724] stack backtrace: [ 126.186302][ T7724] CPU: 2 UID: 0 PID: 7724 Comm: syz.0.418 Not tainted 6.13.0-rc1-syzkaller-00316-gb5f217084ab3 #0 [ 126.189024][ T7724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 126.192536][ T7724] Call Trace: [ 126.193806][ T7724] [ 126.194704][ T7724] dump_stack_lvl+0x116/0x1f0 [ 126.195942][ T7724] print_circular_bug+0x41c/0x610 [ 126.197283][ T7724] check_noncircular+0x31a/0x400 [ 126.198587][ T7724] ? __pfx_check_noncircular+0x10/0x10 [ 126.199993][ T7724] ? lockdep_lock+0xc6/0x200 [ 126.201448][ T7724] ? __pfx_lockdep_lock+0x10/0x10 [ 126.202774][ T7724] ? __lock_acquire+0xcc5/0x3c40 [ 126.204092][ T7724] __lock_acquire+0x249e/0x3c40 [ 126.205386][ T7724] ? __pfx___lock_acquire+0x10/0x10 [ 126.206759][ T7724] ? find_held_lock+0x2d/0x110 [ 126.208026][ T7724] lock_acquire.part.0+0x11b/0x380 [ 126.209370][ T7724] ? elevator_disable+0xb5/0x490 [ 126.210849][ T7724] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 126.212925][ T7724] ? rcu_is_watching+0x12/0xc0 [ 126.214427][ T7724] ? trace_lock_acquire+0x14e/0x1f0 [ 126.215786][ T7724] ? elevator_disable+0xb5/0x490 [ 126.217072][ T7724] ? lock_acquire+0x2f/0xb0 [ 126.218249][ T7724] ? elevator_disable+0xb5/0x490 [ 126.219537][ T7724] __mutex_lock+0x19b/0xa60 [ 126.220811][ T7724] ? elevator_disable+0xb5/0x490 [ 126.222273][ T7724] ? elevator_disable+0xb5/0x490 [ 126.223563][ T7724] ? __pfx___mutex_lock+0x10/0x10 [ 126.224879][ T7724] ? __pfx_blk_mq_sched_free_rqs+0x10/0x10 [ 126.226396][ T7724] ? mark_held_locks+0x9f/0xe0 [ 126.227664][ T7724] ? elevator_disable+0xb5/0x490 [ 126.228958][ T7724] elevator_disable+0xb5/0x490 [ 126.230213][ T7724] __blk_mq_update_nr_hw_queues+0x3bb/0x1460 [ 126.231967][ T7724] ? lock_acquire.part.0+0x11b/0x380 [ 126.233351][ T7724] ? __mutex_trylock_common+0xea/0x250 [ 126.234767][ T7724] ? __pfx___mutex_trylock_common+0x10/0x10 [ 126.236300][ T7724] ? blk_mq_update_nr_hw_queues+0x20/0x40 [ 126.237778][ T7724] ? rcu_is_watching+0x12/0xc0 [ 126.239028][ T7724] ? __pfx___blk_mq_update_nr_hw_queues+0x10/0x10 [ 126.240762][ T7724] ? preempt_schedule_common+0x44/0xc0 [ 126.242176][ T7724] ? blk_mq_update_nr_hw_queues+0x20/0x40 [ 126.243651][ T7724] ? preempt_schedule_thunk+0x1a/0x30 [ 126.245053][ T7724] ? __pfx___mutex_lock+0x10/0x10 [ 126.246365][ T7724] ? __mutex_lock+0x30d/0xa60 [ 126.247610][ T7724] ? nbd_ioctl+0x151/0xfd0 [ 126.248891][ T7724] ? __pfx___mutex_lock+0x10/0x10 [ 126.250234][ T7724] blk_mq_update_nr_hw_queues+0x2a/0x40 [ 126.251695][ T7724] nbd_start_device+0x15b/0xd70 [ 126.252970][ T7724] ? bpf_lsm_capable+0x9/0x10 [ 126.254205][ T7724] nbd_ioctl+0x21a/0xfd0 [ 126.255311][ T7724] ? __pfx_nbd_ioctl+0x10/0x10 [ 126.256574][ T7724] ? lockdep_hardirqs_on+0x7c/0x110 [ 126.258053][ T7724] ? __pfx_nbd_ioctl+0x10/0x10 [ 126.259567][ T7724] compat_blkdev_ioctl+0x2f7/0x750 [ 126.261001][ T7724] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 126.262454][ T7724] ? hook_file_ioctl_compat+0x70/0x1e0 [ 126.263862][ T7724] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 126.265335][ T7724] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 126.266726][ T7724] __do_fast_syscall_32+0x73/0x120 [ 126.268130][ T7724] do_fast_syscall_32+0x32/0x80 [ 126.269411][ T7724] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 126.271093][ T7724] RIP: 0023:0xf746e579 [ 126.272160][ T7724] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 126.277171][ T7724] RSP: 002b:00000000f513557c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 126.279306][ T7724] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000000000ab03 [ 126.281455][ T7724] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 126.283460][ T7724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 126.285527][ T7724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.287580][ T7724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 126.289604][ T7724] [ 126.293211][ T7728] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 126.294931][ T7728] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 126.302446][ T7728] vhci_hcd vhci_hcd.0: Device attached [ 126.399296][ T7725] block nbd0: shutting down sockets [ 126.518048][ T9] vhci_hcd: vhci_device speed not set [ 126.578041][ T9] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 126.598013][ T65] Bluetooth: hci0: command tx timeout [ 126.911624][ T7730] vhci_hcd: connection reset by peer [ 126.913795][ T77] vhci_hcd: stop threads [ 126.914947][ T77] vhci_hcd: release socket [ 126.918120][ T77] vhci_hcd: disconnect device [ 131.708087][ T9] vhci_hcd: vhci_device speed not set [ 132.128856][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.130583][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 VM DIAGNOSIS: 17:33:58 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b428a30 RCX=ffffffff818ad338 RDX=ffffffff8da977c0 RSI=ffffffff8bb13700 RDI=0000000000000000 RBP=1ffff92000000fe6 RSP=ffffc90000007ee8 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=ffffc90000007ff8 R12=0000000000028a30 R13=ffffffff8da977c0 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8199408c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5054da4 CR3=00000000276f2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000f5054b40 RBX=ffff8880227d4880 RCX=1ffff1100438ec26 RDX=dffffc0000000000 RSI=ffffffff813b3c56 RDI=ffff888021c76130 RBP=ffff888021c74880 RSP=ffffc90030cc76f8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffff888021c76126 R13=ffff888021c76124 R14=0000000000000001 R15=ffff888021c76100 RIP=ffffffff81994080 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020020000 CR3=00000000262e0000 CR4=00352ef0 DR0=0000000000000680 DR1=00000003cc000000 DR2=fffffffffffffffd DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff85153295 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc90003b56fb0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000000 R14=ffffffff9a6682d0 R15=000000000000004e RIP=ffffffff851532bf RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5114da4 CR3=00000000262e0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f000000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000019cd99 RBX=0000000000000003 RCX=ffffffff8b1ae889 RDX=0000000000000000 RSI=ffffffff8b4cd0e0 RDI=ffffffff8bb13780 RBP=ffffed1003a59488 RSP=ffffc9000049fe08 R8 =0000000000000001 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000001 R12=0000000000000003 R13=ffff88801d2ca440 R14=ffffffff901cbb90 R15=0000000000000000 RIP=ffffffff8b1afc6f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f74a6188 CR3=0000000029aaa000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000