last executing test programs: 7.525500596s ago: executing program 2 (id=409): r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x4}, @IFLA_BOND_UPDELAY={0x8, 0x4, 0x5}]}}}]}, 0x44}}, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r0, 0x40082102, &(0x7f0000000140)=r5) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x13, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008010}, 0x84) 7.344047645s ago: executing program 2 (id=412): syz_open_dev$sndctrl(&(0x7f0000000040), 0x6, 0x8800) r0 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000002f00)={0x0, 0x12, r1, 0x0}) ioctl$DRM_IOCTL_MODE_DIRTYFB(r0, 0xc01864d0, &(0x7f00000000c0)={r2, 0x2, 0xfffffffd, 0x0, 0x0}) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wg1\x00'}) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r5}) ioctl$DRM_IOCTL_MODE_CURSOR2(0xffffffffffffffff, 0xc02464bb, &(0x7f0000000300)={0x0, r5, 0xfffffff7, 0x6, 0x248b, 0x4, 0x10, 0x400, 0x1}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="210227bd7000fedbdf2505000000080002007017"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x800) r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r8, 0xc0945662, &(0x7f0000000440)={0x8, 0x0, '\x00', {0x0, @reserved}}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'dummy0\x00', 0x0}) socket$netlink(0x10, 0x3, 0x12) r10 = socket$alg(0x26, 0x5, 0x0) bind$alg(r10, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) r11 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VIDIOC_SUBDEV_G_EDID(r11, 0xc0285628, &(0x7f00000002c0)={0x0, 0xc, 0x6, '\x00', &(0x7f0000000240)=0x2}) r12 = accept4(r10, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r12) sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0) r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000000c0)='\x00', 0x0}, 0x50) setsockopt$inet6_icmp_ICMP_FILTER(r12, 0x1, 0x1, &(0x7f0000000180)={0xdc}, 0x4) 2.574070387s ago: executing program 0 (id=456): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x17, 0x0, 0x8400, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r2, 0x0, 0x20000000}, 0x20) bpf$MAP_DELETE_ELEM(0x15, &(0x7f0000000500)={r2, 0x0, 0x20000000}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r2, &(0x7f0000000080)="e8bb495154873d1b1da6a3da45fa1fd0b604c8643837302a45e0", &(0x7f0000000540)=""/211}, 0x20) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x48, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_HELP={0x10, 0x5, 0x0, 0x1, {0xa, 0x1, 'H.245\x00'}}]}, 0x48}}, 0x0) 2.499499819s ago: executing program 1 (id=458): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x40, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xb, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10) r4 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_vs_stats_percpu\x00') read(r4, &(0x7f0000001a00)=""/177, 0xb1) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000800)={@map=r2, 0x20, 0x0, 0xfffffff9, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000780)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)={@cgroup=r6, r5, 0x32, 0x0, 0x0, @void, @value=r1, @void, @void, r7}, 0x20) r8 = add_key$user(&(0x7f0000000240), &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe) r9 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000740)="69bf", 0x2, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f0000000280)={r8, r9, r9}, 0x0, 0x0, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) r10 = socket(0x11, 0x3, 0x0) r11 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r11, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000000766c616e30000000000000010001000000000068307b746f5f7465616d000000aaaaaaaaaabb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e0069df4e5100000000000000000000079ba31300000000000000000008000000000001010000000000000700636f6e6e6c6162656c0000000000000000000000000000000000000020000000080000000000000000000000000000004e46515445554500000000000000000000000000000000000000000000000000080000000000000000000000000000040000000000000000000000004b5d0000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000004000000000000000000000000000000000000000000000000000001000000feffffff010000000b000000000000000000626f6e643000000000000000000000007465616d300000000000000000000000626f6e64300000000000006c73c387735cc18268315f746f5f62726964676500aaaaaaaaaabb000000000000ffffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d41524b0000000000827900000000000000000000000000000800"/560]}, 0x2a8) bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0x7, 0x4, 0x700, 0x700, 0x2c, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r12 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r10, &(0x7f0000000180)={0x11, 0x0, r13, 0x1, 0x0, 0x6, @remote}, 0x14) setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x9, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @volatile={0x0, 0x0, 0x0, 0x9, 0x3}, @func={0x7}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e]}}, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) sendmsg$netlink(r10, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}, {&(0x7f0000000440)=ANY=[], 0x10}], 0x2}, 0x20040051) 2.333017213s ago: executing program 3 (id=459): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001880)=[{&(0x7f0000000180)="566a5a8ec253e57889ba328c65a1a001", 0x10}], 0x1, &(0x7f0000001600)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x24008090}, 0x8044) recvmmsg(r2, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f00000026c0)=""/4103, 0x1007}], 0x1}}], 0x1, 0x41, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=@bridge_delneigh={0x1c, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x3, 0xc6}}, 0x1c}}, 0x0) r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) fchdir(r4) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00') mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0) unshare(0x6020400) r5 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) setsockopt$bt_rfcomm_RFCOMM_LM(r5, 0x12, 0x3, &(0x7f0000000080)=0x18, 0x4) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2c, 0x1, 0x0, 0x0, "", [@nested={0x103, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c"]}]}, 0x114}], 0x1}, 0x0) 2.332647882s ago: executing program 0 (id=460): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000000000200001000000200000008003fe67a000000080061"], 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)=ANY=[@ANYBLOB="1e000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x6c00}, 0x0) syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x12000) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)={0x40, 0xb, 0x6, 0x3, 0x0, 0x0, {0x1, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_NAME={0x9, 0x12, 'syz1\x00'}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x7}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x44080}, 0x4000002) ioctl$sock_bt_hci(r5, 0x400448cb, &(0x7f00000002c0)="af2cfa12df4ef67bf2530a2e9a11bed636efde81c379e39a017edc881ae4ace1ce8002b23cc874cd9559c5e70e3c63e4f657db9b6e50724989755ad2d4511493d682fa75af842f474cd279763434660bb859768f92210bb7faa19c0fa31cac0ef2f9ef71449ef9c2693ed563e87451e0163c63ee308da06818a61c51fd1c5943da1576186bfd57") sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000000206010100000000140000000000000005000100070000000900020073797a30000000000c00078008001240000a0000050005000a000000050004000000000012000300686173683a6e65742c706f7274"], 0x58}}, 0x0) 2.298084397s ago: executing program 0 (id=461): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0xa, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp_addr={0x44, 0x14, 0x38, 0x1, 0x4, [{@rand_addr=0x64010102, 0xf}, {@loopback, 0x4}]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x14, 0xa, 0xaf31) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000040)=[@in6={0xa, 0x0, 0x0, @dev, 0x2}, @in={0x2, 0x0, @empty}], 0x2c) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000600)=0x1ff, 0x4) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'veth1_vlan\x00', 0x0}) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r2, 0xc080661a, &(0x7f00000003c0)={@desc={0x1, 0x0, @desc1}}) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x101, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r6}}, 0x20}}, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r7 = dup(r1) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$VIDIOC_S_FREQUENCY(r7, 0x402c5639, &(0x7f00000000c0)={0x80, 0x3, 0xcd0}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) write(0xffffffffffffffff, &(0x7f0000000000)="240000001e00ff3bd90ea6000008000f00160400"/30, 0x1e) ioctl$KVM_RUN(r8, 0xae80, 0x0) 2.137943242s ago: executing program 1 (id=462): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="c4000000190001000000000000000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ddff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00100001"], 0xc4}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newtaction={0x48, 0x30, 0x1, 0x0, 0x0, {}, [{0x34, 0x1, [@m_ctinfo={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4, 0x2, 0x0, 0x0}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001000000000000000003935c62000100000000000000d849c40fa7e1a50b94935a1fa075acc202d3d9da7a0e676226c84682"], 0x1c}}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) chdir(&(0x7f0000000140)='./file0\x00') creat(&(0x7f00000003c0)='./bus\x00', 0x0) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0) r4 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0) mlockall(0x2) ftruncate(r4, 0x2008002) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r3, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmmsg$alg(r6, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c2b30982dfc67b46cc9a5a07c33fc", 0xff6d}, {&(0x7f0000000100)="3a10bd003aba0c7026336b", 0xb}], 0x2, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a00000000180000000000000017010000040000000602000000400000180000000000000017010000030000000100000000000079240809000000ac87448793609bd8299d6dfc465829b711ce28eb8f568438917ebd0699be96bd1485f6aaa8486e00000000e301f2e09aebda6eeb1c61f96b6d3f91c0f8c1ffbb85cfdd5b8b437a3720ba4cdfb681516c3a240207b6bbdfb37747cc7411886fdba55bcbfa68226644556e8117f9f9fc5be3b7095b2ab7c19b0c6fada03a7f9b9172f0cc960ee263e82e3232edea82b9736d65309e0ad2922ecbb7cde9ce78555fabb941d114e83b37255d6b43b2927696e4f4cf3b23086021fe4e33d049de5318ef3803ceacddc02734c96a9765486a9bf8d65791b000000000000000000000000000000000000000009d97cea3f950d55b265e480ff02c27bda4848c64ca7dcbcd060b9c0dea483c6069d2cdc473cfacc9052cc2c9e3ee037042fd329173c5e7c9ef8800a51332df5a08602a72a553035711cb9159757303a5e7d389786df44441dc82a9d32c56db8a8b3578cd0faabfa23fb46e22b45a464e35315d8c2dd3fae8b530cf8eb0d8dcb682772bed766be5208e61eab965c6c9a217a4e13f0085626c0408f381205251c18a8f6a44"], 0x60}], 0x1, 0x8001) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x70bd26}, 0x34}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtaction={0x60, 0x30, 0xcac229faa96ee7df, 0x70bd26, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x3, 0xf, 0x1, 0x1000, 0xd}, 0x1}}]}, {0x4}, {0xc, 0x4, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000050}, 0x0) socket$netlink(0x10, 0x3, 0x0) 2.137464634s ago: executing program 3 (id=463): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10) (async) r1 = socket$tipc(0x1e, 0x5, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x50009404, &(0x7f0000000480)) (async) bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) (async) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x18) (async) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10) (async) bind$tipc(r0, &(0x7f0000000240)=@id={0x1e, 0x3, 0x0, {0x4e24, 0x4}}, 0x10) (async) syz_80211_inject_frame(&(0x7f0000000200)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="788d050079e395a667c8080211000000080211000001390002014441080211000001ffffffffffff9c0092704e50312f4cb91850d9bea4eb3d570375ff190caa017bb65a52ee23a6b6be115e11717bdf567908e4ca79339d8f5e0b454b557eb4e779889a5315852bf09e42eaca328d6e149b4087d5b575710bff8b8cb531bfb5e681cf4fd7af2abe2cd443302085ffec1b915d6e1697a9438e9318e8cec27bde13efa1dca0fca47105ccf555bbbb734f3ff57b660580a945d04a4f2166e14d679c186a2abfd70000080211000000080211000001ec008a4fdbee10eb67b01ab61759b1fb60650912eb24d4f39cc50ae914238048a9de656cd62b1be64ca3d40d466326c7ea1f1f18b522ee5b363a08afc9321177ff10c359b3c946339c5c5d14b1c6eb37e3d601d5c738c4b1879623e76ded76b98af50f530bad0f9d6adfd7d8a9026704951e7ab01169ca7fc2ce1cd5f4e3331c066680f20d5d5d1907efebcb3ed5b0b6314242b71d557a391311538f9472036c44b8fdcaea8d8132b3999e055cc6ddec9d47ca6029fb4f0e50eeb60b15d82ade0e1e8c0f6b59b2b28697b9bda0301bb061931183b379f1944143957d95178933212946915bbccc67ac5cc67ed19d0000"], 0x1c4) bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x3}}, 0x10) (async) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) (async) bind$tipc(r0, 0x0, 0x0) (async) r3 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0) landlock_restrict_self(r3, 0x0) (async) landlock_restrict_self(r3, 0x0) (async) landlock_restrict_self(r3, 0x0) (async) landlock_restrict_self(r3, 0x0) (async) landlock_restrict_self(r3, 0x0) r4 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0) landlock_restrict_self(r4, 0x0) (async) landlock_restrict_self(r4, 0x0) landlock_restrict_self(r3, 0x0) (async) landlock_restrict_self(r4, 0x0) (async) landlock_restrict_self(r4, 0x0) (async) landlock_restrict_self(r4, 0x0) (async) landlock_restrict_self(r4, 0x0) landlock_restrict_self(r4, 0x0) landlock_restrict_self(r4, 0x0) 2.062629812s ago: executing program 3 (id=464): syz_emit_ethernet(0xc6, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffff0000000000000800450000b800000000001190780000000000000000442c330000000002000000ffffffffff0000000400000008000007ff000000000000000300000006000002004414f1730a010100000000017f000001000007ff00001b59006490780200000000000000000000000002000000753904030405a024f0dd00000000000000000000000000000000009384bbeb3018ad591b661fe808b21b77694c9d5dfb1be5d2a005c4ac43661564a329d3a11bd5b6cc6a9471314a1d8c69"], 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioprio_get$pid(0x1, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x54, 0x0, 0x1, {0x8, 0x1}, {0x53, 0xfffe}, @period={0x5d, 0x8e, 0x5, 0x9, 0x101, {0x2, 0x9201, 0x5}, 0x0, 0x0}}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc)) timer_create(0x0, 0x0, &(0x7f0000000240)=0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000a000085000000ad0000009500000000000000b3cd91115eb8e652f2de1652464abeffe45ea5d02a47dd0af49d3cbdb819ac0afe07341685ca0461afbead16a3e9cb460665223ffb26b9fd6339402d71f59771e951e6ffa0e9"], &(0x7f0000000340)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) timer_settime(r0, 0x0, &(0x7f0000000340)={{0x77359400}, {0x0, 0x989680}}, 0x0) unshare(0x8040080) syz_clone3(&(0x7f0000000340)={0x40000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare(0x20040500) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x12d8) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000) ioctl$VIDIOC_CROPCAP(r2, 0xc02c563a, &(0x7f0000000100)={0x9, {0x9, 0x2, 0x74b, 0x8001}, {0x5, 0x0, 0x2b8, 0x5}, {0xdc, 0x2}}) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000380)=ANY=[@ANYBLOB="bbad4a0455138948d474517fb0c13c9f5835ab5f19124f3e9020168629944b25d46b5ce86c72c2bdb720ae73420d75752fd3cdfddd8cb9b4cbb2beb907871bab33152ccc4c74efe5230c386d01ff27ac319bfd91f30131b44aec489a0f3fefca1d49a42bd431950f4afbecfd45151e7860de32a033523a31037f4322608b120983004bd3b29db0786857cfe754bf29c71d787d90a462ebd8b37ca7437bb66cd88eaa2092a1be31ce7d8667e7b129dae4f1453364c88506ae1bf8ab3f98974612cc6ee8273d37d4ea47e94bc1b0a08ee17a43d435cf76cdb70daf9b8c3ded49fa305f48fad856dc28f3b306deb52436ab22cce0743f12f0173fe213", @ANYRES32, @ANYBLOB='+\x00\x00\x00\x00\x00\x00\x00\x00@\x00\x00', @ANYRESHEX, @ANYBLOB="06452cd639c08516b87443b65623fe2101387df2e7fbac06f29a22d86725459e75eff9f6826223fa5f3a186ab88cfbedbb353559285ef17250040e4069a704d07b8b8eb4df8f41fea829f1170e145e0201311c42576bc4d10e653cfbbb254779aaf28ccca7b7bb26f8", @ANYRES64=0x0], 0x10) 2.061557421s ago: executing program 2 (id=465): r0 = socket$inet6(0xa, 0x40000080806, 0xce) syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0xa) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x13) r2 = syz_open_dev$ptys(0xc, 0x3, 0x1) ioctl$TCXONC(r2, 0x540a, 0x3) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = eventfd2(0x69, 0x0) ioctl$KVM_HYPERV_EVENTFD(r4, 0x4020aeb2, &(0x7f0000000140)={0x0, r5}) openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x490000, 0x0) r6 = socket$alg(0x26, 0x5, 0x0) bind$alg(r6, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000340)="71e67a15", 0x4) r7 = accept4$alg(r6, 0x0, 0x0, 0x0) io_setup(0xff, &(0x7f0000000380)=0x0) sendmsg$alg(r7, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) io_submit(r8, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r7, &(0x7f0000000340), 0xfdef}]) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x80, 0x0, @mcast1, 0x25}, 0x1c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev}, 0x1c) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1}, 0x8) r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) r11 = dup3(r10, r9, 0x0) ioctl$BINDER_WRITE_READ(r11, 0xc0306201, &(0x7f0000000180)={0x50, 0x0, &(0x7f0000000400)=[@register_looper, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x60, 0x18, &(0x7f00000002c0)={@ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/60, 0x3c, 0x0, 0x27}, @fda={0x66646185, 0x1, 0x2, 0x2e}, @flat=@weak_handle={0x77682a85, 0x1000, 0x3}}, &(0x7f00000003c0)={0x0, 0x28, 0x48}}, 0x400}], 0x0, 0x0, 0x0}) write$binfmt_misc(r11, &(0x7f0000000180), 0x0) r12 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r12, &(0x7f0000000100)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) close(r0) 1.421782068s ago: executing program 1 (id=466): socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) (async) socket$netlink(0x10, 0x3, 0x10) (async) r0 = syz_io_uring_setup(0x6165, &(0x7f0000000300)={0x0, 0xd191, 0x10100, 0x0, 0xa4}, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) (async) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='9'], 0x38}}, 0x4000) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118) (async) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) r6 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$nl_xfrm(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)=@updsa={0x144, 0x10, 0x1, 0x0, 0x0, {{@in6=@dev, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}, {@in6=@private1, 0x0, 0x32}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @offload={0xc, 0x1c, {r7, 0x7}}]}, 0x144}}, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) (async) mkdirat(r4, &(0x7f00000000c0)='./file0\x00', 0x18) capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000002140)) (async) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async) socket(0x40000000015, 0x5, 0x0) (async) mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0) (async) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x402}}) (async) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 1.421452168s ago: executing program 2 (id=467): r0 = syz_io_uring_setup(0x11e, &(0x7f0000000140), &(0x7f0000000040)=0x0, &(0x7f0000000000)=0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = dup(r4) write$UHID_INPUT(r5, &(0x7f0000001040)={0x7, {"a2e3ad21ed0d52f91b38330987f70e06d038e7ff7fc6e5539b0d47078b089b34073b68090890e0878f0e1ac6e7049b334a959b669a240d5d67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07670936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70fe98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf1a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a97370614060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69b15c9f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaab1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106d26658b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c110000a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3f3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51090840517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4e004a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6ce1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c817e9177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d543902113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafcc009fc074bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5dc4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9f07b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e3ebb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4cddd5d0fc5a752f9000", 0x1000}}, 0x1006) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) getpid() r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000380)="851666ce20db", 0x0, 0xc, 0x39, 0x0, 0x0}) 1.367620236s ago: executing program 1 (id=468): r0 = socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) (async) r1 = socket$packet(0x11, 0x2, 0x300) semget$private(0x0, 0x207, 0x480) (async) r2 = semget$private(0x0, 0x207, 0x480) semctl$IPC_RMID(r2, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_to_team\x00', 0x0}) r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) sendto$inet(r4, &(0x7f0000000100)="62a3e0068fd1d0bf30d960f5d7bced44202df03c679dc404538956479a33e76d1151d0b774cffa0e09926c9c2abdeae07b759899d90bb0d1458b3280dbb55a82f59073011068d04d37f0d9009ffad051d54f6a8f7e3c2fb223be61", 0x5b, 0x40, &(0x7f0000000040)={0x2, 0x4e23, @remote}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ALPHA={0x8}]}}]}, 0x3c}}, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0) 1.282726277s ago: executing program 0 (id=469): mknod(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x4a700, 0x0) r1 = open(&(0x7f00000002c0)='./bus\x00', 0x42202, 0x0) splice(r0, 0x0, r1, 0x0, 0x114, 0x0) r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x101000, 0x118) fcntl$setpipe(r2, 0x407, 0x1000000) r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x481, 0x0) vmsplice(r3, &(0x7f0000000240)=[{&(0x7f0000000300)="10", 0x1}], 0x1, 0x0) 1.069248533s ago: executing program 3 (id=470): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}}}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) (async) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x5c, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x0, 0x81, 0x3, 0xb1, 0x7, 0x0, 0xfff4, 0x20000000, [{0x0, 0x6, 0x5, 0x1ff}, {0x2, 0x2, 0xe, 0x88}, {0x101, 0x18000000, 0x9, 0x7b000000}]}}, @TCA_U32_INDEV={0x14, 0x8, 'macvtap0\x00'}]}}]}, 0x88}}, 0x0) (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x5c, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0x0, 0x81, 0x3, 0xb1, 0x7, 0x0, 0xfff4, 0x20000000, [{0x0, 0x6, 0x5, 0x1ff}, {0x2, 0x2, 0xe, 0x88}, {0x101, 0x18000000, 0x9, 0x7b000000}]}}, @TCA_U32_INDEV={0x14, 0x8, 'macvtap0\x00'}]}}]}, 0x88}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000000)={0x2f}, 0x8) 1.004280479s ago: executing program 3 (id=471): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$vimc1(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000000c0)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xb, 0x3, 0xec}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)=@x86={0x3, 0x78, 0x1d, 0x0, 0x7f, 0xb, 0x4, 0xfc, 0xff, 0x1, 0x9, 0xf8, 0x0, 0x72a, 0x8, 0x3, 0x2c, 0x7, 0x0, '\x00', 0x4}) 1.002919058s ago: executing program 2 (id=472): r0 = socket$inet6_udp(0xa, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x24) setxattr$trusted_overlay_upper(&(0x7f0000000340)='./bus\x00', 0x0, 0x0, 0x0, 0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="600000000206010200000000000000000000000005000100070000000900020073797a300000000005000500020000001400078005001500020000000800124000000000050004000000000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0) mkdir(&(0x7f0000000140)='./file1\x00', 0xec9ad2fd408a4202) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=ANY=[@ANYRES8=r0, @ANYRES8, @ANYRES64, @ANYRES32=r0, @ANYRES16]) chdir(0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x4}}}}]}]}, 0x70}}, 0x20040000) r2 = syz_socket_connect_nvme_tcp() copy_file_range(r0, &(0x7f0000000000)=0x7, r2, 0x0, 0x10001, 0x0) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000002, 0x59032, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x801) set_mempolicy(0x2, &(0x7f0000000140)=0x8001, 0x2) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100)) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) dup3(r5, r4, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) 1.001759415s ago: executing program 0 (id=473): r0 = socket$inet6(0xa, 0x80002, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}, 0x1c) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) (async) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r2, @ANYRES16=r1, @ANYBLOB="01000000000000000000210000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c195f64726f70730000000008008e0000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) (async) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000800)=ANY=[@ANYBLOB='\x00-'], 0x170) (async) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000800)=ANY=[@ANYBLOB='\x00-'], 0x170) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) (async) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x34, r4, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x20, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffe}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x34}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x274, r4, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x400}]}, @TIPC_NLA_BEARER={0x124, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xa3, @empty, 0x4}}, {0x14, 0x2, @in={0x2, 0x4e24, @local}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xffffffff, @local, 0x2f9e}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0xf}, 0x3}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc6ab}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x2, @loopback, 0x5}}}}]}, @TIPC_NLA_NODE={0x60, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "c9b1a2b180bb8d59e8980c96710ec63f08f05c0468ee02b203fbfe3e8f177b43f804"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}]}, @TIPC_NLA_SOCK={0xa8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x400}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x100}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xa8e}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1ef5b02c}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x1451}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}]}]}, 0x274}, 0x1, 0x0, 0x0, 0x4050}, 0x40000) (async) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x274, r4, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x400}]}, @TIPC_NLA_BEARER={0x124, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xa3, @empty, 0x4}}, {0x14, 0x2, @in={0x2, 0x4e24, @local}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xffffffff, @local, 0x2f9e}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0xf}, 0x3}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x5}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc6ab}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000000}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x2, @loopback, 0x5}}}}]}, @TIPC_NLA_NODE={0x60, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "c9b1a2b180bb8d59e8980c96710ec63f08f05c0468ee02b203fbfe3e8f177b43f804"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1ff}]}, @TIPC_NLA_SOCK={0xa8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x400}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x100}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xa8e}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1ef5b02c}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_CON={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x1451}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffff}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}]}]}]}, 0x274}, 0x1, 0x0, 0x0, 0x4050}, 0x40000) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (async) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @any, 0x4}, 0xe) (async) bind$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @any, 0x4}, 0xe) connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed, 0x7ff}, 0xe) setsockopt$bt_BT_SECURITY(r5, 0x112, 0x4, &(0x7f0000000000)={0x2}, 0x2) r6 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x20000) ioctl$VIDIOC_LOG_STATUS(r7, 0x5646, 0x0) ioctl$CDROMREADAUDIO(r6, 0x31e, &(0x7f0000002140)={@msf={0xc5}, 0x0, 0x0, 0x0}) 1.001531516s ago: executing program 1 (id=474): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) (async, rerun: 64) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 64) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) (async, rerun: 64) r2 = gettid() (rerun: 64) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r2, r1, 0x0, 0x14, &(0x7f0000000300)='percpu_alloc_percpu\x00'}, 0x30) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x1000000, &(0x7f0000000840)=ANY=[@ANYBLOB="78226e6f65786163638173733d616e792c63616368653d66736361636865"]) (async, rerun: 32) chdir(&(0x7f0000000280)='./file0\x00') (async, rerun: 32) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0) write$FUSE_INIT(r3, &(0x7f0000000440)={0xffffffffffffff45, 0x0, 0x0, {0x7, 0x29, 0x0, 0x0, 0x2}}, 0x50) (async) openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) 844.623131ms ago: executing program 1 (id=475): mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs\x00', &(0x7f0000001e00), 0x8000, &(0x7f0000000000)={[{@max={'max', 0x3d, 0x8380}}]}) r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x9, 0x701800) syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000000)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r3 = landlock_create_ruleset(&(0x7f0000000080)={0x8000}, 0x10, 0x0) landlock_restrict_self(r3, 0x0) r4 = fsopen(&(0x7f0000000000)='pstore\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) r5 = socket$inet_smc(0x2b, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000100)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}, 0x3}, 0x0, 0x0, 0x1}) close_range(r0, r5, 0x2) 586.754428ms ago: executing program 3 (id=476): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000007b0110000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000000)) 470.335761ms ago: executing program 2 (id=477): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x172f, 0x34, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x60, 0x1, [{{0x9, 0x4, 0x0, 0x35, 0x1, 0x3, 0x1, 0x3, 0x6, {0x9, 0x21, 0x6, 0x4, 0x1, {0x22, 0xc6a}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x4, 0x7c, 0x8}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0xe}}]}}}]}}]}}, &(0x7f0000000800)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x310, 0x1, 0x1, 0x0, 0xff, 0x9}, 0x120, &(0x7f0000000380)={0x5, 0xf, 0x120, 0x4, [@ss_container_id={0x14, 0x10, 0x4, 0x4, "863ed6458eff9e23c84825bc7a8d02c9"}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "f266247dbb02465e2d23f0fc4c24a653"}, @generic={0xe9, 0x10, 0xa, "81dc9fa1fc8ca872f4bb1d2f60474b24c4015db86427953fc9da2689fd264163ea7a22c9e47bcc46f749507d594b02035a1171963d52880622f8e79150a0a24a86bd90d79c2ffa25f920517a71e1db9fdeed8c513e7d6bfcdbdd25858769786f53053f24c9b1d050d242094a8d84a9ca307cd9b3acb89d2ac8742484f760988de200d81d4fb396713e70a56c60a3ece463896b3eff5a00e788d4f13a42f8d393094f39cc3a138b9e7dc4ce5cf1a3a742f220cd7f59c049ea275b13f67138f782e0d15e79ca6f71b7fca152bbbfd833a124d77c47d21a217eb056401d6feb93130a0a0c26a394"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x6, 0x5, 0x3, 0xfff6}]}, 0x8, [{0xfe, &(0x7f00000004c0)=@string={0xfe, 0x3, "9aa12de409fe5babdcc50a790099cce703c6d74b332ff1353b4d8923b97684184920319e14bb242880262167c5ee32d344f52a8ec73bb3d2d6b598c9c4718147eb6a5218750e336077bf5dd0ccd0b5b6df111cddfbfabcc7e3e1913f97a4c6a6d6358fe658fbf40f912f515ba736b1cbcff58f97700db9c1d89b55f1395b227132bb5b31fd59d307ba348dd2f6cc9cee5a46457d278b9c5bc59627053383bac2b9400b3b8ade3b8783f1a43a24d64192c2f1adfaeb47d3eed692c1618368783ba03da1b98d89e983e68940683203d0a46265f7bb3ffa510a19a31342dfcfcf0537da0e3ba79049b16f7181a49e6a137f7c26f842f7dfde4a29607faa"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x44d}}, {0xe7, &(0x7f00000005c0)=@string={0xe7, 0x3, "ecee6bfad5dda31710907ee0c54383fde1e9b20a98789fbd942f298251d835f9f173e5f7233e17f2777f6d9eeda05b19524c70236e8c6c423ae306b2e292c9ea35ae765794556de475020899b260c033f762d578c1f8610f7e91059b19043d5da74205ab75ba64eabeef26b3e8325bff4f2002c68fae303dd3c4b686e0371258407e6973f12033801c918335cd12d8f9b1f44686cb4f61c978cc7fcbcde6a0fbf06005bbf1b703d38c04c28a99bf33a96c045ca550f2c1000907e675a45a84d4b5efafb010151ad9b6ab46aa025d796e4c0d51c73fc333eb5978549f3ab3138e5a59536f4d"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x2009}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x443}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4}}, {0xe7, &(0x7f00000006c0)=@string={0xe7, 0x3, "901d697bee62bf1b87d9491a4121f269626dc7bb0690a8c36bb3cdf0fe21c767d19c50b1d79607ecf6d9ae2d1b2ff6a69bd9d5ea11de40cc693394452aafed2e2eb72717397a6d89553b792c0c2742a3c9ac6dcc8286286e0011cec09e2a7e1730eda2b1bb6b10bc6c4e795bc44813446850ce49f57399f4cb2864ec3f7d34de20c4c8a457847f75426a8b7de00382c8ef454d1bebe52ff616323863a17a6c86e39baadc453970715117529b0418a88ae85cc7c7a368ded2f14452967ea9a9c294a9e394b4423b9b55b84c87a38dcfff977ee6b21445ad5145a0e96c378b0b710777a75b31"}}, {0x4, &(0x7f00000007c0)=@lang_id={0x4, 0x3, 0x1c09}}]}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @lookup={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_LOOKUP_SREG={0x8}, @NFTA_LOOKUP_SET={0x9, 0x1, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}}, 0x0) write(r0, &(0x7f0000000040)="09000000010000", 0x7) 0s ago: executing program 0 (id=478): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x800) bind$bt_hci(r2, 0x0, 0x0) (async) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r3, 0x0, 0x1a, 0x0, 0x0) (async) write(r0, &(0x7f0000000000)="240000001a005f0400f9f4070009040180202000000000000000000008001e0040000000", 0x24) kernel console output (not intermixed with test programs): led with error -71 [ 68.894640][ T6354] usb 5-1: USB disconnect, device number 6 [ 69.067578][ T7281] netlink: 'syz.0.339': attribute type 2 has an invalid length. [ 69.072606][ T7281] batadv0: entered promiscuous mode [ 69.096302][ T7281] team0: entered promiscuous mode [ 69.097733][ T7281] team_slave_0: entered promiscuous mode [ 69.099513][ T7281] team_slave_1: entered promiscuous mode [ 69.107499][ T7281] hsr1: entered promiscuous mode [ 69.108878][ T7281] hsr1: entered allmulticast mode [ 69.110250][ T7281] batadv0: entered allmulticast mode [ 69.111676][ T7281] team0: entered allmulticast mode [ 69.113037][ T7281] team_slave_0: entered allmulticast mode [ 69.114578][ T7281] team_slave_1: entered allmulticast mode [ 69.172870][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 69.172880][ T40] audit: type=1400 audit(1732606542.021:456): avc: denied { append } for pid=7287 comm="syz.0.341" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 69.459122][ T40] audit: type=1400 audit(1732606542.274:457): avc: denied { read } for pid=7299 comm="syz.1.342" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 69.465807][ T40] audit: type=1400 audit(1732606542.274:458): avc: denied { open } for pid=7299 comm="syz.1.342" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 69.475283][ T40] audit: type=1400 audit(1732606542.283:459): avc: denied { map } for pid=7299 comm="syz.1.342" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 69.492730][ T5989] usb 8-1: USB disconnect, device number 8 [ 69.492871][ C2] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 69.497071][ C2] dummy_hcd dummy_hcd.3: timer fired with no URBs pending? [ 69.497138][ T5989] xpad 8-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 69.656354][ T40] audit: type=1400 audit(1732606542.470:460): avc: denied { bind } for pid=7311 comm="syz.0.345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 69.669792][ T40] audit: type=1400 audit(1732606542.480:461): avc: denied { accept } for pid=7308 comm="syz.1.344" lport=48163 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 69.694230][ T40] audit: type=1400 audit(1732606542.480:462): avc: denied { write } for pid=7308 comm="syz.1.344" lport=48163 faddr=fc02:: scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 69.830538][ T40] audit: type=1400 audit(1732606542.629:463): avc: denied { name_bind } for pid=7318 comm="syz.0.346" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 69.972545][ T7332] netlink: 8 bytes leftover after parsing attributes in process `syz.3.350'. [ 69.977857][ T7271] syz.2.335 (7271) used greatest stack depth: 19792 bytes left [ 69.984415][ T7332] bridge0: port 3(macvlan2) entered blocking state [ 69.987392][ T7332] bridge0: port 3(macvlan2) entered disabled state [ 69.990542][ T7332] macvlan2: entered allmulticast mode [ 69.994535][ T7332] bridge0: entered allmulticast mode [ 69.998914][ T7332] macvlan2: left allmulticast mode [ 70.002006][ T7332] bridge0: left allmulticast mode [ 70.069378][ T40] audit: type=1400 audit(1732606542.863:464): avc: denied { write } for pid=7336 comm="syz.0.352" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 70.221235][ T7344] xt_CT: You must specify a L4 protocol and not use inversions on it [ 70.265004][ T7346] xt_hashlimit: size too large, truncated to 1048576 [ 70.327784][ T40] audit: type=1400 audit(1732606543.097:465): avc: denied { relabelfrom } for pid=7345 comm="syz.0.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 70.558270][ T7352] netlink: 4 bytes leftover after parsing attributes in process `syz.1.356'. [ 70.911952][ T7362] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 71.312795][ T7386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.365'. [ 71.319348][ T829] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 71.511613][ T829] usb 5-1: Using ep0 maxpacket: 32 [ 71.514736][ T829] usb 5-1: config 4 has an invalid interface number: 8 but max is 0 [ 71.517267][ T829] usb 5-1: config 4 has no interface number 0 [ 71.519017][ T829] usb 5-1: config 4 interface 8 has no altsetting 0 [ 71.523026][ T829] usb 5-1: New USB device found, idVendor=065a, idProduct=0009, bcdDevice=60.65 [ 71.525524][ T829] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 71.527691][ T829] usb 5-1: Product: syz [ 71.528902][ T829] usb 5-1: Manufacturer: syz [ 71.530089][ T829] usb 5-1: SerialNumber: syz [ 71.616433][ T7397] syzkaller1: entered promiscuous mode [ 71.618182][ T7397] syzkaller1: entered allmulticast mode [ 71.752256][ T829] opticon 5-1:4.8: opticon converter detected [ 71.762831][ T829] usb 5-1: opticon converter now attached to ttyUSB0 [ 71.774879][ T829] usb 5-1: USB disconnect, device number 7 [ 71.787001][ T829] opticon ttyUSB0: opticon converter now disconnected from ttyUSB0 [ 71.790509][ T829] opticon 5-1:4.8: device disconnected [ 72.972396][ T7440] netlink: 'syz.2.348': attribute type 10 has an invalid length. [ 73.001487][ T7440] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.016721][ T7440] bond0: (slave team0): Enslaving as an active interface with an up link [ 73.381422][ T7446] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.380'. [ 73.408842][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 73.410904][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 73.469764][ T7440] syz.2.348 (7440) used greatest stack depth: 18080 bytes left [ 73.548523][ T7454] (syz.1.383,7454,3):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 73.552181][ T7454] (syz.1.383,7454,3):ocfs2_fill_super:1178 ERROR: status = -22 [ 73.556472][ T7456] veth1_macvtap: left promiscuous mode [ 73.558259][ T7456] macsec0: entered promiscuous mode [ 73.559691][ T7456] macsec0: entered allmulticast mode [ 73.580670][ T7456] macsec0: left allmulticast mode [ 73.584018][ T7454] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 40 [ 73.587753][ T7454] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.383'. [ 73.598865][ T7454] xt_l2tp: invalid flags combination: c [ 73.674617][ T7460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.677494][ T7460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.680418][ T7460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.686044][ T7460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.688756][ T7460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.691513][ T7460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.769381][ T7469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 73.795633][ T7471] cgroup: fork rejected by pids controller in /syz1 [ 73.827485][ T7469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 73.889920][ T7469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 73.903097][ T7478] could not allocate digest TFM handle sha3-256-ce [ 73.970538][ T6354] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 74.173136][ T6354] usb 8-1: device descriptor read/64, error -71 [ 74.187212][ T5921] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.190991][ T5921] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.193768][ T5921] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.197596][ T5921] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.201747][ T5921] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.205998][ T5921] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.216378][ T5931] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 74.223859][ T5931] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 74.226505][ T5931] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 74.231654][ T5931] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 74.233680][ T5931] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 74.235609][ T5931] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 74.335695][ T7486] chnl_net:caif_netlink_parms(): no params data found [ 74.417404][ T7264] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 74.423174][ T7264] CPU: 2 UID: 0 PID: 7264 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 74.425863][ T7264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.428686][ T7264] Call Trace: [ 74.429594][ T7264] [ 74.430384][ T7264] dump_stack_lvl+0x16c/0x1f0 [ 74.431637][ T7264] dump_header+0x101/0x900 [ 74.432837][ T7264] oom_kill_process+0x270/0xa60 [ 74.434125][ T7264] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 74.435605][ T7264] out_of_memory+0x351/0x1700 [ 74.436837][ T7264] ? __pfx_out_of_memory+0x10/0x10 [ 74.438171][ T7264] ? rcu_read_unlock+0x17/0x60 [ 74.439432][ T7264] ? find_held_lock+0x2d/0x110 [ 74.440688][ T7264] mem_cgroup_out_of_memory+0x207/0x270 [ 74.442184][ T7264] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 74.443789][ T7264] ? do_raw_spin_unlock+0x172/0x230 [ 74.445175][ T7264] try_charge_memcg+0x53f/0xaf0 [ 74.446454][ T7264] ? __pfx_try_charge_memcg+0x10/0x10 [ 74.447867][ T7264] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 74.449292][ T7264] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 74.450726][ T7264] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 74.452203][ T7264] __mem_cgroup_charge+0x9b/0x280 [ 74.453530][ T7264] shmem_alloc_and_add_folio+0x507/0xc00 [ 74.455010][ T7264] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 74.456562][ T7264] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 74.458176][ T7264] ? shmem_huge_global_enabled+0x176/0x250 [ 74.459704][ T7264] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 74.461253][ T7264] shmem_get_folio_gfp+0x689/0x1530 [ 74.462692][ T7264] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 74.464154][ T7264] ? find_held_lock+0x2d/0x110 [ 74.465417][ T7264] shmem_write_begin+0x161/0x300 [ 74.466733][ T7264] ? __pfx_shmem_write_begin+0x10/0x10 [ 74.468222][ T7264] ? timestamp_truncate+0x21f/0x2e0 [ 74.469677][ T7264] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 74.471593][ T7264] generic_perform_write+0x2ba/0x920 [ 74.473008][ T7264] ? __pfx_generic_perform_write+0x10/0x10 [ 74.474464][ T7264] ? inode_needs_update_time.part.0+0x191/0x270 [ 74.476090][ T7264] shmem_file_write_iter+0x10e/0x140 [ 74.477476][ T7264] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 74.479004][ T7264] __kernel_write_iter+0x318/0xa80 [ 74.480338][ T7264] ? __pfx___kernel_write_iter+0x10/0x10 [ 74.481789][ T7264] ? get_dump_page+0x15b/0x230 [ 74.483088][ T7264] ? __pfx___might_resched+0x10/0x10 [ 74.484462][ T7264] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 74.485990][ T7264] dump_user_range+0x389/0x8c0 [ 74.487253][ T7264] ? __pfx_dump_user_range+0x10/0x10 [ 74.488615][ T7264] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 74.490206][ T7264] ? __pfx_writenote+0x10/0x10 [ 74.491464][ T7264] elf_core_dump+0x287c/0x3a50 [ 74.492757][ T7264] ? __pfx_elf_core_dump+0x10/0x10 [ 74.494082][ T7264] ? kasan_save_stack+0x33/0x60 [ 74.495346][ T7264] ? kasan_save_track+0x14/0x30 [ 74.496637][ T7264] ? __kasan_kmalloc+0xaa/0xb0 [ 74.497923][ T7264] ? __kmalloc_node_noprof+0x21f/0x510 [ 74.499396][ T7264] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 74.500860][ T7264] ? get_signal+0x230b/0x26c0 [ 74.502184][ T7264] ? arch_do_signal_or_restart+0x90/0x7e0 [ 74.503662][ T7264] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 74.505226][ T7264] ? rcu_is_watching+0x12/0xc0 [ 74.506481][ T7264] ? trace_lock_acquire+0x146/0x1e0 [ 74.507841][ T7264] ? __pfx_sort+0x10/0x10 [ 74.508979][ T7264] ? get_signal+0x230b/0x26c0 [ 74.510216][ T7264] ? do_coredump+0x3ad7/0x49e0 [ 74.511468][ T7264] do_coredump+0x3ad7/0x49e0 [ 74.512710][ T7264] ? __pfx_do_coredump+0x10/0x10 [ 74.514000][ T7264] ? stack_trace_save+0x95/0xd0 [ 74.515284][ T7264] ? __pfx_stack_trace_save+0x10/0x10 [ 74.516675][ T7264] ? hlock_class+0x4e/0x130 [ 74.517859][ T7264] ? stack_depot_save_flags+0x28/0x8f0 [ 74.519282][ T7264] ? kmem_cache_free+0x152/0x4c0 [ 74.520766][ T7264] ? __sigqueue_free+0xba/0x2a0 [ 74.522064][ T7264] ? get_signal+0xcbc/0x26c0 [ 74.523292][ T7264] ? arch_do_signal_or_restart+0x90/0x7e0 [ 74.524788][ T7264] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 74.526431][ T7264] ? find_held_lock+0x2d/0x110 [ 74.527701][ T7264] ? proc_coredump_connector+0x2d2/0x4f0 [ 74.529162][ T7264] ? __pfx_proc_coredump_connector+0x10/0x10 [ 74.530739][ T7264] get_signal+0x230b/0x26c0 [ 74.531977][ T7264] ? force_sig_fault+0xc5/0x110 [ 74.533653][ T7264] ? __pfx_get_signal+0x10/0x10 [ 74.534951][ T7264] arch_do_signal_or_restart+0x90/0x7e0 [ 74.536399][ T7264] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 74.538003][ T7264] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 74.539577][ T7264] ? __bad_area_nosemaphore+0x334/0x6a0 [ 74.540984][ T7264] ? do_user_addr_fault+0x920/0x13f0 [ 74.542450][ T7264] irqentry_exit_to_user_mode+0x13f/0x280 [ 74.543937][ T7264] asm_exc_page_fault+0x26/0x30 [ 74.545225][ T7264] RIP: 0033:0x0 [ 74.546202][ T7264] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 74.548107][ T7264] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 74.549675][ T7264] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 74.551831][ T7264] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 74.553943][ T7264] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 74.556008][ T7264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.558069][ T7264] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 74.560115][ T7264] [ 74.561465][ T6354] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 74.566187][ T7264] memory: usage 307200kB, limit 307200kB, failcnt 15078 [ 74.568420][ T7264] memory+swap: usage 432196kB, limit 9007199254740988kB, failcnt 0 [ 74.570857][ T7264] kmem: usage 6556kB, limit 9007199254740988kB, failcnt 0 [ 74.573494][ T7264] Memory cgroup stats for /syz2: [ 74.573664][ T7264] cache 306974720 [ 74.575931][ T7264] rss 860160 [ 74.576832][ T7264] rss_huge 0 [ 74.577948][ T7264] shmem 306970624 [ 74.579327][ T7264] mapped_file 0 [ 74.583530][ T7264] dirty 0 [ 74.584433][ T7264] writeback 0 [ 74.585422][ T7264] workingset_refault_anon 0 [ 74.586952][ T7264] workingset_refault_file 35 [ 74.588550][ T7264] swap 127995904 [ 74.591787][ T7264] swapcached 0 [ 74.593007][ T7264] pgpgin 113665 [ 74.593994][ T7264] pgpgout 38509 [ 74.595526][ T7264] pgfault 15371 [ 74.596548][ T7264] pgmajfault 6 [ 74.597481][ T7264] inactive_anon 300605440 [ 74.598676][ T7264] active_anon 7225344 [ 74.599785][ T7264] inactive_file 4096 [ 74.600885][ T7264] active_file 0 [ 74.602256][ T7264] unevictable 0 [ 74.603446][ T7264] hierarchical_memory_limit 314572800 [ 74.604679][ T7486] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.605031][ T7264] hierarchical_memsw_limit 9223372036854771712 [ 74.606907][ T7486] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.606970][ T7486] bridge_slave_0: entered allmulticast mode [ 74.607412][ T7486] bridge_slave_0: entered promiscuous mode [ 74.609160][ T7264] total_cache 306974720 [ 74.615620][ T7486] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.618434][ T7264] total_rss 860160 [ 74.620368][ T7486] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.620475][ T7486] bridge_slave_1: entered allmulticast mode [ 74.621596][ T7264] total_rss_huge 0 [ 74.624162][ T7486] bridge_slave_1: entered promiscuous mode [ 74.625167][ T7264] total_shmem 306970624 [ 74.628944][ T7264] total_mapped_file 0 [ 74.630121][ T7264] total_dirty 0 [ 74.631113][ T7264] total_writeback 0 [ 74.632174][ T7264] total_workingset_refault_anon 0 [ 74.634047][ T7264] total_workingset_refault_file 35 [ 74.638179][ T7264] total_swap 127995904 [ 74.639370][ T7264] total_swapcached 0 [ 74.640479][ T7264] total_pgpgin 113665 [ 74.641560][ T7264] total_pgpgout 38509 [ 74.642612][ T7264] total_pgfault 15371 [ 74.643670][ T7264] total_pgmajfault 6 [ 74.647181][ T7264] total_inactive_anon 300605440 [ 74.648977][ T7264] total_active_anon 7225344 [ 74.650274][ T7264] total_inactive_file 4096 [ 74.651533][ T7264] total_active_file 0 [ 74.652630][ T7264] total_unevictable 0 [ 74.653679][ T7264] anon_cost 0 [ 74.654627][ T7264] file_cost 0 [ 74.655558][ T7264] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7247,uid=0 [ 74.660829][ T7264] Memory cgroup out of memory: Killed process 7247 (syz.2.335) total-vm:97620kB, anon-rss:628kB, file-rss:30736kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 74.664077][ T7486] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.671086][ T7486] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.708146][ T6354] usb 8-1: device descriptor read/64, error -71 [ 74.825858][ T6354] usb usb8-port1: attempt power cycle [ 74.946371][ T7486] team0: Port device team_slave_0 added [ 74.949102][ T7486] team0: Port device team_slave_1 added [ 75.035606][ T7255] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 75.038234][ T7255] CPU: 3 UID: 0 PID: 7255 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 75.041025][ T7255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.044097][ T7255] Call Trace: [ 75.044995][ T7255] [ 75.045777][ T7255] dump_stack_lvl+0x16c/0x1f0 [ 75.047343][ T7255] dump_header+0x101/0x900 [ 75.048692][ T7255] oom_kill_process+0x270/0xa60 [ 75.049974][ T7255] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 75.051468][ T7255] out_of_memory+0x351/0x1700 [ 75.052723][ T7255] ? __pfx_out_of_memory+0x10/0x10 [ 75.054072][ T7255] ? rcu_read_unlock+0x17/0x60 [ 75.055397][ T7255] ? find_held_lock+0x2d/0x110 [ 75.057071][ T7255] mem_cgroup_out_of_memory+0x207/0x270 [ 75.058676][ T7255] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 75.060517][ T7255] ? do_raw_spin_unlock+0x172/0x230 [ 75.061962][ T7255] try_charge_memcg+0x53f/0xaf0 [ 75.063267][ T7255] ? __pfx_try_charge_memcg+0x10/0x10 [ 75.064958][ T7255] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 75.066769][ T7255] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 75.068630][ T7255] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 75.070177][ T7255] __mem_cgroup_charge+0x9b/0x280 [ 75.071508][ T7255] shmem_alloc_and_add_folio+0x507/0xc00 [ 75.072974][ T7255] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 75.074515][ T7255] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 75.076132][ T7255] ? shmem_huge_global_enabled+0x176/0x250 [ 75.078111][ T7255] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 75.079991][ T7255] shmem_get_folio_gfp+0x689/0x1530 [ 75.081501][ T7255] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 75.083510][ T7255] ? find_held_lock+0x2d/0x110 [ 75.085220][ T7255] shmem_write_begin+0x161/0x300 [ 75.086534][ T7255] ? __pfx_shmem_write_begin+0x10/0x10 [ 75.087970][ T7255] ? timestamp_truncate+0x21f/0x2e0 [ 75.089392][ T7255] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 75.091624][ T7255] generic_perform_write+0x2ba/0x920 [ 75.093040][ T7255] ? __pfx_generic_perform_write+0x10/0x10 [ 75.094580][ T7255] ? inode_needs_update_time.part.0+0x191/0x270 [ 75.096214][ T7255] shmem_file_write_iter+0x10e/0x140 [ 75.097605][ T7255] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 75.099481][ T7255] __kernel_write_iter+0x318/0xa80 [ 75.101224][ T7255] ? __pfx___kernel_write_iter+0x10/0x10 [ 75.103149][ T7255] ? get_dump_page+0x15b/0x230 [ 75.104463][ T7255] ? __pfx___might_resched+0x10/0x10 [ 75.106035][ T7255] ? dump_user_range+0x399/0x8c0 [ 75.107661][ T7255] ? dump_user_range+0x70a/0x8c0 [ 75.109276][ T7255] dump_user_range+0x389/0x8c0 [ 75.110731][ T7255] ? __pfx_dump_user_range+0x10/0x10 [ 75.112213][ T7255] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 75.113908][ T7255] ? __pfx_writenote+0x10/0x10 [ 75.115184][ T7255] elf_core_dump+0x287c/0x3a50 [ 75.116454][ T7255] ? __pfx_elf_core_dump+0x10/0x10 [ 75.117800][ T7255] ? kasan_save_stack+0x33/0x60 [ 75.119085][ T7255] ? kasan_save_track+0x14/0x30 [ 75.120473][ T7255] ? __kasan_kmalloc+0xaa/0xb0 [ 75.121979][ T7255] ? __kmalloc_node_noprof+0x21f/0x510 [ 75.123418][ T7255] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 75.124837][ T7255] ? get_signal+0x230b/0x26c0 [ 75.126084][ T7255] ? arch_do_signal_or_restart+0x90/0x7e0 [ 75.127572][ T7255] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 75.129189][ T7255] ? rcu_is_watching+0x12/0xc0 [ 75.130820][ T7255] ? trace_lock_acquire+0x146/0x1e0 [ 75.132550][ T7255] ? __pfx_sort+0x10/0x10 [ 75.133772][ T7255] ? get_signal+0x230b/0x26c0 [ 75.135112][ T7255] ? do_coredump+0x3ad7/0x49e0 [ 75.136435][ T7255] do_coredump+0x3ad7/0x49e0 [ 75.137683][ T7255] ? __pfx_do_coredump+0x10/0x10 [ 75.138988][ T7255] ? stack_trace_save+0x95/0xd0 [ 75.140265][ T7255] ? __pfx_stack_trace_save+0x10/0x10 [ 75.141665][ T7255] ? hlock_class+0x4e/0x130 [ 75.142872][ T7255] ? stack_depot_save_flags+0x28/0x8f0 [ 75.144303][ T7255] ? kmem_cache_free+0x152/0x4c0 [ 75.145607][ T7255] ? __sigqueue_free+0xba/0x2a0 [ 75.146895][ T7255] ? get_signal+0xcbc/0x26c0 [ 75.148102][ T7255] ? arch_do_signal_or_restart+0x90/0x7e0 [ 75.149582][ T7255] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 75.151219][ T7255] ? find_held_lock+0x2d/0x110 [ 75.152756][ T7255] ? proc_coredump_connector+0x2d2/0x4f0 [ 75.154323][ T7255] ? __pfx_proc_coredump_connector+0x10/0x10 [ 75.155909][ T7255] get_signal+0x230b/0x26c0 [ 75.157110][ T7255] ? force_sig_fault+0xc5/0x110 [ 75.158387][ T7255] ? __pfx_get_signal+0x10/0x10 [ 75.159848][ T7255] arch_do_signal_or_restart+0x90/0x7e0 [ 75.161562][ T7255] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 75.163261][ T7255] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 75.164975][ T7255] ? __bad_area_nosemaphore+0x334/0x6a0 [ 75.166683][ T7255] ? do_user_addr_fault+0x920/0x13f0 [ 75.168507][ T7255] irqentry_exit_to_user_mode+0x13f/0x280 [ 75.170370][ T7255] asm_exc_page_fault+0x26/0x30 [ 75.171668][ T7255] RIP: 0033:0x0 [ 75.172587][ T7255] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 75.174827][ T7255] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 75.176883][ T7255] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 75.179339][ T7255] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 75.181403][ T7255] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 75.183673][ T7255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.185974][ T7255] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 75.188330][ T7255] [ 75.192713][ T7486] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.192931][ T7255] memory: usage 306580kB, limit 307200kB, failcnt 16478 [ 75.195713][ T7486] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.198113][ T7255] memory+swap: usage 429736kB, limit 9007199254740988kB, failcnt 0 [ 75.207258][ T6354] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 75.207596][ T7486] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.210742][ T7255] kmem: usage 6524kB, limit 9007199254740988kB, failcnt 0 [ 75.217803][ T7486] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.220690][ T7255] Memory cgroup stats for /syz2: [ 75.223991][ T7255] cache 305840128 [ 75.225252][ T6354] usb 8-1: device descriptor read/8, error -71 [ 75.225357][ T7255] rss 815104 [ 75.225365][ T7255] rss_huge 0 [ 75.228371][ T7486] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.228785][ T7255] shmem 305840128 [ 75.229869][ T7486] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.241929][ T7255] mapped_file 0 [ 75.243249][ T7255] dirty 0 [ 75.244190][ T7255] writeback 0 [ 75.245225][ T7255] workingset_refault_anon 0 [ 75.247982][ T7255] workingset_refault_file 38 [ 75.251191][ T7255] swap 125796352 [ 75.252455][ T7255] swapcached 65536 [ 75.255086][ T7255] pgpgin 113695 [ 75.256166][ T7255] pgpgout 38812 [ 75.257168][ T7255] pgfault 15373 [ 75.258099][ T7255] pgmajfault 7 [ 75.259105][ T7255] inactive_anon 295174144 [ 75.260224][ T7255] active_anon 9310208 [ 75.261253][ T7255] inactive_file 0 [ 75.262202][ T7255] active_file 0 [ 75.263138][ T7255] unevictable 0 [ 75.264203][ T7255] hierarchical_memory_limit 314572800 [ 75.265799][ T7255] hierarchical_memsw_limit 9223372036854771712 [ 75.267618][ T7255] total_cache 305840128 [ 75.268818][ T7255] total_rss 815104 [ 75.269970][ T7255] total_rss_huge 0 [ 75.271059][ T7255] total_shmem 305840128 [ 75.272152][ T7255] total_mapped_file 0 [ 75.273356][ T7255] total_dirty 0 [ 75.274252][ T7486] hsr_slave_0: entered promiscuous mode [ 75.274518][ T7255] total_writeback 0 [ 75.277531][ T7255] total_workingset_refault_anon 0 [ 75.278488][ T7486] hsr_slave_1: entered promiscuous mode [ 75.279349][ T7255] total_workingset_refault_file 38 [ 75.282940][ T7255] total_swap 125796352 [ 75.284200][ T7486] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.284404][ T7255] total_swapcached 65536 [ 75.288929][ T7255] total_pgpgin 113695 [ 75.289378][ T7486] Cannot create hsr debugfs directory [ 75.291149][ T7255] total_pgpgout 38812 [ 75.293876][ T7255] total_pgfault 15373 [ 75.295391][ T7255] total_pgmajfault 7 [ 75.297609][ T7255] total_inactive_anon 295174144 [ 75.299092][ T7255] total_active_anon 9310208 [ 75.300423][ T7255] total_inactive_file 0 [ 75.301610][ T7255] total_active_file 0 [ 75.305262][ T7255] total_unevictable 0 [ 75.306326][ T7255] anon_cost 0 [ 75.313410][ T7255] file_cost 0 [ 75.314308][ T7255] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7249,uid=0 [ 75.319013][ T7255] Memory cgroup out of memory: Killed process 7249 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:30096kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 75.433739][ T7486] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.510183][ T6354] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 75.530493][ T7486] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.534132][ T6354] usb 8-1: device descriptor read/8, error -71 [ 75.604167][ T7500] program syz.0.396 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 75.633662][ T7486] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.660681][ T6354] usb usb8-port1: unable to enumerate USB device [ 75.707280][ T7498] syz.2.394: attempt to access beyond end of device [ 75.707280][ T7498] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 75.722271][ T7498] MINIX-fs: unable to read superblock [ 75.739411][ T7486] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.746703][ T7506] xfrm0: entered allmulticast mode [ 75.918775][ T7511] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 76.012511][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 76.012522][ T40] audit: type=1400 audit(1732606548.420:483): avc: denied { read } for pid=7516 comm="syz.0.401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 76.057697][ T7486] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 76.098136][ T7486] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 76.167542][ T7486] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 76.273700][ T7486] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 76.397893][ T5921] Bluetooth: hci1: command tx timeout [ 76.403617][ T7520] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 76.478024][ T7486] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.490836][ T7486] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.495901][ T7028] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.497778][ T7028] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.506787][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.508629][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.606373][ T7486] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.635095][ T7486] veth0_vlan: entered promiscuous mode [ 76.639994][ T7486] veth1_vlan: entered promiscuous mode [ 76.654072][ T7486] veth0_macvtap: entered promiscuous mode [ 76.657898][ T7486] veth1_macvtap: entered promiscuous mode [ 76.665849][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.668716][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.671465][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.674161][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.676760][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.679370][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.681804][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 76.684612][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.688383][ T7486] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.693707][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.696451][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.699046][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.701737][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.704368][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.708934][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.713080][ T7486] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.716696][ T7486] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.721686][ T7486] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.728701][ T7486] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.731213][ T7486] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.733883][ T7486] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.736205][ T7486] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.934488][ T40] audit: type=1400 audit(1732606549.280:484): avc: denied { append } for pid=7529 comm="syz.0.405" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 76.952963][ T7531] netlink: 'syz.0.405': attribute type 11 has an invalid length. [ 76.955354][ T7531] netlink: 20 bytes leftover after parsing attributes in process `syz.0.405'. [ 76.970839][ T7027] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.973043][ T7027] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.992069][ T7028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.995154][ T7028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.033450][ T40] audit: type=1400 audit(1732606549.374:485): avc: denied { mounton } for pid=7486 comm="syz-executor" path="/syzkaller.ZqDsTK/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 77.161155][ T7270] syz.2.335 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 77.185894][ T7270] CPU: 1 UID: 0 PID: 7270 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 77.188324][ T7270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.190780][ T7270] Call Trace: [ 77.191556][ T7270] [ 77.192238][ T7270] dump_stack_lvl+0x16c/0x1f0 [ 77.193323][ T7270] dump_header+0x101/0x900 [ 77.194353][ T7270] oom_kill_process+0x270/0xa60 [ 77.195471][ T7270] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 77.196836][ T7270] out_of_memory+0x351/0x1700 [ 77.197937][ T7270] ? __pfx_out_of_memory+0x10/0x10 [ 77.199122][ T7270] ? rcu_read_unlock+0x17/0x60 [ 77.200599][ T7270] ? find_held_lock+0x2d/0x110 [ 77.202167][ T7270] mem_cgroup_out_of_memory+0x207/0x270 [ 77.203882][ T7270] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 77.205452][ T7270] ? do_raw_spin_unlock+0x172/0x230 [ 77.206685][ T7270] try_charge_memcg+0x53f/0xaf0 [ 77.207804][ T7270] ? __pfx_try_charge_memcg+0x10/0x10 [ 77.209017][ T7270] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 77.210300][ T7270] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 77.211582][ T7270] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 77.212874][ T7270] __mem_cgroup_charge+0x9b/0x280 [ 77.214020][ T7270] filemap_add_folio+0x89/0x220 [ 77.215153][ T7270] ? __pfx_filemap_add_folio+0x10/0x10 [ 77.216435][ T7270] __filemap_get_folio+0x468/0xaf0 [ 77.217692][ T7270] filemap_fault+0x670/0x2820 [ 77.218877][ T7270] ? __pfx_filemap_fault+0x10/0x10 [ 77.220138][ T7270] ? do_pte_missing+0xddc/0x3e70 [ 77.221372][ T7270] ? __pfx_lock_release+0x10/0x10 [ 77.222628][ T7270] __do_fault+0x10a/0x490 [ 77.223683][ T7270] do_pte_missing+0xec2/0x3e70 [ 77.224802][ T7270] __handle_mm_fault+0x103c/0x2a40 [ 77.225978][ T7270] ? find_held_lock+0x2d/0x110 [ 77.227128][ T7270] ? __pfx___handle_mm_fault+0x10/0x10 [ 77.228361][ T7270] ? follow_page_pte+0x3c3/0x1b20 [ 77.229488][ T7270] ? __pfx_lock_release+0x10/0x10 [ 77.230678][ T7270] ? follow_page_pte+0x3f7/0x1b20 [ 77.231831][ T7270] handle_mm_fault+0x3fa/0xaa0 [ 77.232947][ T7270] __get_user_pages+0x8d9/0x3b50 [ 77.234091][ T7270] ? __pfx___get_user_pages+0x10/0x10 [ 77.235326][ T7270] ? down_read_killable+0xcc/0x380 [ 77.236523][ T7270] ? __pfx_down_read_killable+0x10/0x10 [ 77.237791][ T7270] ? shmem_file_write_iter+0xcf/0x140 [ 77.239051][ T7270] get_dump_page+0xff/0x230 [ 77.240117][ T7270] ? __pfx_get_dump_page+0x10/0x10 [ 77.241291][ T7270] ? __pfx___might_resched+0x10/0x10 [ 77.242514][ T7270] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 77.243885][ T7270] dump_user_range+0x135/0x8c0 [ 77.245044][ T7270] ? __pfx_dump_user_range+0x10/0x10 [ 77.246314][ T7270] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 77.247789][ T7270] ? __pfx_writenote+0x10/0x10 [ 77.248984][ T7270] elf_core_dump+0x287c/0x3a50 [ 77.250180][ T7270] ? __pfx_elf_core_dump+0x10/0x10 [ 77.251447][ T7270] ? kasan_save_stack+0x33/0x60 [ 77.252637][ T7270] ? kasan_save_track+0x14/0x30 [ 77.253790][ T7270] ? __kasan_kmalloc+0xaa/0xb0 [ 77.254938][ T7270] ? __kmalloc_node_noprof+0x21f/0x510 [ 77.256225][ T7270] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 77.257514][ T7270] ? get_signal+0x230b/0x26c0 [ 77.258647][ T7270] ? arch_do_signal_or_restart+0x90/0x7e0 [ 77.259992][ T7270] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 77.261409][ T7270] ? rcu_is_watching+0x12/0xc0 [ 77.262549][ T7270] ? trace_lock_acquire+0x146/0x1e0 [ 77.263742][ T7270] ? __pfx_sort+0x10/0x10 [ 77.264752][ T7270] ? get_signal+0x230b/0x26c0 [ 77.265890][ T7270] ? do_coredump+0x3ad7/0x49e0 [ 77.267111][ T7270] do_coredump+0x3ad7/0x49e0 [ 77.268291][ T7270] ? __pfx_do_coredump+0x10/0x10 [ 77.269568][ T7270] ? stack_trace_save+0x95/0xd0 [ 77.270800][ T7270] ? __pfx_stack_trace_save+0x10/0x10 [ 77.272104][ T7270] ? hlock_class+0x4e/0x130 [ 77.273156][ T7270] ? stack_depot_save_flags+0x28/0x8f0 [ 77.274416][ T7270] ? kmem_cache_free+0x152/0x4c0 [ 77.275553][ T7270] ? __sigqueue_free+0xba/0x2a0 [ 77.276685][ T7270] ? get_signal+0xcbc/0x26c0 [ 77.277741][ T7270] ? arch_do_signal_or_restart+0x90/0x7e0 [ 77.279023][ T7270] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 77.280402][ T7270] ? find_held_lock+0x2d/0x110 [ 77.281504][ T7270] ? proc_coredump_connector+0x2d2/0x4f0 [ 77.282822][ T7270] ? __pfx_proc_coredump_connector+0x10/0x10 [ 77.284194][ T7270] get_signal+0x230b/0x26c0 [ 77.285240][ T7270] ? force_sig_fault+0xc5/0x110 [ 77.286379][ T7270] ? __pfx_get_signal+0x10/0x10 [ 77.287426][ T7270] arch_do_signal_or_restart+0x90/0x7e0 [ 77.288541][ T7270] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 77.289839][ T7270] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 77.291276][ T7270] ? __bad_area_nosemaphore+0x334/0x6a0 [ 77.292605][ T7270] ? do_user_addr_fault+0x920/0x13f0 [ 77.293884][ T7270] irqentry_exit_to_user_mode+0x13f/0x280 [ 77.295256][ T7270] asm_exc_page_fault+0x26/0x30 [ 77.296409][ T7270] RIP: 0033:0x0 [ 77.297207][ T7270] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 77.298860][ T7270] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 77.300207][ T7270] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 77.302000][ T7270] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 77.303831][ T7270] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 77.305649][ T7270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.307502][ T7270] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 77.309872][ T7270] [ 77.310685][ C1] vkms_vblank_simulate: vblank timer overrun [ 77.321759][ T7270] memory: usage 306456kB, limit 307200kB, failcnt 21091 [ 77.326461][ T7270] memory+swap: usage 429456kB, limit 9007199254740988kB, failcnt 0 [ 77.328500][ T7270] kmem: usage 6096kB, limit 9007199254740988kB, failcnt 0 [ 77.330108][ T7270] Memory cgroup stats for /syz2: [ 77.330250][ T7270] cache 307351552 [ 77.334776][ T7270] rss 225280 [ 77.338204][ T7270] rss_huge 0 [ 77.339002][ T7270] shmem 307351552 [ 77.339851][ T7270] mapped_file 0 [ 77.340683][ T7270] dirty 0 [ 77.341401][ T7270] writeback 0 [ 77.355111][ T7270] workingset_refault_anon 10 [ 77.356222][ T7270] workingset_refault_file 410 [ 77.356815][ T40] audit: type=1400 audit(1732606549.673:486): avc: denied { setopt } for pid=7543 comm="syz.1.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 77.357452][ T7270] swap 125444096 [ 77.379269][ T7270] swapcached 86016 [ 77.380423][ T7270] pgpgin 123913 [ 77.381806][ T7270] pgpgout 48804 [ 77.382676][ T7270] pgfault 15641 [ 77.383497][ T7270] pgmajfault 22 [ 77.384489][ T7270] inactive_anon 252264448 [ 77.385549][ T7270] active_anon 53100544 [ 77.386557][ T7270] inactive_file 0 [ 77.398847][ T7270] active_file 0 [ 77.399785][ T7270] unevictable 0 [ 77.400922][ T7270] hierarchical_memory_limit 314572800 [ 77.402734][ T7270] hierarchical_memsw_limit 9223372036854771712 [ 77.404373][ T7270] total_cache 307351552 [ 77.405431][ T7270] total_rss 225280 [ 77.406322][ T7270] total_rss_huge 0 [ 77.407218][ T7270] total_shmem 307351552 [ 77.408231][ T7270] total_mapped_file 0 [ 77.423099][ T7270] total_dirty 0 [ 77.433994][ T7270] total_writeback 0 [ 77.435108][ T7270] total_workingset_refault_anon 10 [ 77.436375][ T7270] total_workingset_refault_file 410 [ 77.437603][ T7270] total_swap 125444096 [ 77.438593][ T7270] total_swapcached 86016 [ 77.439614][ T7270] total_pgpgin 123913 [ 77.451315][ T7270] total_pgpgout 48804 [ 77.452388][ T7270] total_pgfault 15641 [ 77.453427][ T7270] total_pgmajfault 22 [ 77.454469][ T7270] total_inactive_anon 252264448 [ 77.461916][ T7270] total_active_anon 53100544 [ 77.463021][ T7270] total_inactive_file 0 [ 77.463998][ T7270] total_active_file 0 [ 77.464957][ T7270] total_unevictable 0 [ 77.465973][ T7270] anon_cost 0 [ 77.477699][ T7270] file_cost 0 [ 77.479338][ T7270] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7255,uid=0 [ 77.486972][ T7270] Memory cgroup out of memory: Killed process 7255 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:25032kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 77.605272][ T944] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 77.664462][ T7548] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms [ 77.671819][ T7548] netlink: 'syz.2.409': attribute type 10 has an invalid length. [ 77.681072][ T7548] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.693433][ T7548] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.696374][ T7548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.705634][ T7548] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 77.708153][ T7530] orangefs_mount: mount request failed with -4 [ 77.746336][ T1253] bond0: (slave bridge0): link status definitely up, 0 Mbps full duplex [ 77.765845][ T944] usb 6-1: Using ep0 maxpacket: 32 [ 77.769806][ T944] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 77.772330][ T944] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 77.775648][ T944] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 77.780337][ T944] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 77.784878][ T944] usb 6-1: config 0 interface 0 has no altsetting 0 [ 77.790149][ T944] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 77.793581][ T944] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 77.796356][ T944] usb 6-1: Product: syz [ 77.797959][ T944] usb 6-1: Manufacturer: syz [ 77.799334][ T944] usb 6-1: SerialNumber: syz [ 77.802416][ T944] usb 6-1: config 0 descriptor?? [ 77.805665][ T944] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 77.810951][ T944] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 78.241678][ T40] audit: type=1400 audit(1732606550.496:487): avc: denied { write } for pid=7564 comm="syz.3.416" name="kcm" dev="proc" ino=4026533145 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 78.401636][ T7568] ldusb 6-1:0.0: Write buffer overflow, 1 bytes dropped [ 78.577757][ T7575] netlink: 8 bytes leftover after parsing attributes in process `syz.3.417'. [ 78.621475][ T5921] Bluetooth: hci1: command tx timeout [ 78.881400][ T25] cfg80211: failed to load regulatory.db [ 79.489655][ T70] usb 6-1: USB disconnect, device number 9 [ 79.492615][ T70] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 79.660770][ T42] oom_reaper: reaped process 7255 (syz.2.335), now anon-rss:132kB, file-rss:22528kB, shmem-rss:0kB [ 79.674914][ T7261] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 79.677520][ T7261] CPU: 2 UID: 0 PID: 7261 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 79.680287][ T7261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.683205][ T7261] Call Trace: [ 79.684163][ T7261] [ 79.685201][ T7261] dump_stack_lvl+0x16c/0x1f0 [ 79.686638][ T7261] dump_header+0x101/0x900 [ 79.687987][ T7261] oom_kill_process+0x270/0xa60 [ 79.689443][ T7261] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 79.691110][ T7261] out_of_memory+0x351/0x1700 [ 79.692378][ T7261] ? __pfx_out_of_memory+0x10/0x10 [ 79.693750][ T7261] ? rcu_read_unlock+0x17/0x60 [ 79.695333][ T7261] ? find_held_lock+0x2d/0x110 [ 79.696642][ T7261] mem_cgroup_out_of_memory+0x207/0x270 [ 79.698117][ T7261] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 79.700180][ T7261] ? do_raw_spin_unlock+0x172/0x230 [ 79.701912][ T7261] try_charge_memcg+0x53f/0xaf0 [ 79.703664][ T7261] ? __pfx_try_charge_memcg+0x10/0x10 [ 79.705489][ T7261] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 79.707387][ T7261] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 79.709313][ T7261] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 79.711383][ T7261] __mem_cgroup_charge+0x9b/0x280 [ 79.713379][ T7261] shmem_alloc_and_add_folio+0x507/0xc00 [ 79.715809][ T7261] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 79.717981][ T7261] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 79.719665][ T7261] ? shmem_huge_global_enabled+0x176/0x250 [ 79.721208][ T7261] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 79.722768][ T7261] shmem_get_folio_gfp+0x689/0x1530 [ 79.724138][ T7261] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 79.726099][ T7261] ? mark_held_locks+0x9f/0xe0 [ 79.727820][ T7261] ? timestamp_truncate+0x21f/0x2e0 [ 79.729671][ T7261] shmem_write_begin+0x161/0x300 [ 79.731446][ T7261] ? __pfx_shmem_write_begin+0x10/0x10 [ 79.733348][ T7261] ? inode_set_ctime_current+0x2a7/0x900 [ 79.734885][ T7261] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 79.736706][ T7261] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 79.738741][ T7261] generic_perform_write+0x2ba/0x920 [ 79.740673][ T7261] ? __pfx_generic_perform_write+0x10/0x10 [ 79.742833][ T7261] ? __mark_inode_dirty+0x2af/0xe60 [ 79.744922][ T7261] ? generic_update_time+0xcf/0xf0 [ 79.746691][ T7261] ? mnt_put_write_access_file+0x45/0xf0 [ 79.748351][ T7261] shmem_file_write_iter+0x10e/0x140 [ 79.749786][ T7261] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 79.751501][ T7261] __kernel_write_iter+0x318/0xa80 [ 79.752829][ T7261] ? __pfx___kernel_write_iter+0x10/0x10 [ 79.754334][ T7261] ? get_dump_page+0x15b/0x230 [ 79.755706][ T7261] ? __pfx___might_resched+0x10/0x10 [ 79.757534][ T7261] ? __kasan_check_write+0x8/0x20 [ 79.758899][ T7261] dump_user_range+0x389/0x8c0 [ 79.760158][ T7261] ? __pfx_dump_user_range+0x10/0x10 [ 79.761829][ T7261] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 79.764008][ T7261] ? __pfx_writenote+0x10/0x10 [ 79.765977][ T7261] elf_core_dump+0x287c/0x3a50 [ 79.767872][ T7261] ? __pfx_elf_core_dump+0x10/0x10 [ 79.769704][ T7261] ? kasan_save_stack+0x33/0x60 [ 79.771615][ T7261] ? kasan_save_track+0x14/0x30 [ 79.773526][ T7261] ? __kasan_kmalloc+0xaa/0xb0 [ 79.775477][ T7261] ? __kmalloc_node_noprof+0x21f/0x510 [ 79.777422][ T7261] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 79.779276][ T7261] ? get_signal+0x230b/0x26c0 [ 79.780974][ T7261] ? arch_do_signal_or_restart+0x90/0x7e0 [ 79.782936][ T7261] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 79.785114][ T7261] ? rcu_is_watching+0x12/0xc0 [ 79.786829][ T7261] ? trace_lock_acquire+0x146/0x1e0 [ 79.788521][ T7261] ? __pfx_sort+0x10/0x10 [ 79.790062][ T7261] ? get_signal+0x230b/0x26c0 [ 79.791728][ T7261] ? do_coredump+0x3ad7/0x49e0 [ 79.793465][ T7261] do_coredump+0x3ad7/0x49e0 [ 79.795172][ T7261] ? __pfx_do_coredump+0x10/0x10 [ 79.797020][ T7261] ? stack_trace_save+0x95/0xd0 [ 79.798822][ T7261] ? __pfx_stack_trace_save+0x10/0x10 [ 79.800693][ T7261] ? hlock_class+0x4e/0x130 [ 79.801891][ T7261] ? stack_depot_save_flags+0x28/0x8f0 [ 79.803356][ T7261] ? kmem_cache_free+0x152/0x4c0 [ 79.804858][ T7261] ? __sigqueue_free+0xba/0x2a0 [ 79.806279][ T7261] ? get_signal+0xcbc/0x26c0 [ 79.807513][ T7261] ? arch_do_signal_or_restart+0x90/0x7e0 [ 79.809121][ T7261] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 79.810738][ T7261] ? find_held_lock+0x2d/0x110 [ 79.811995][ T7261] ? proc_coredump_connector+0x2d2/0x4f0 [ 79.813548][ T7261] ? __pfx_proc_coredump_connector+0x10/0x10 [ 79.815664][ T7261] get_signal+0x230b/0x26c0 [ 79.817381][ T7261] ? force_sig_fault+0xc5/0x110 [ 79.819079][ T7261] ? __pfx_get_signal+0x10/0x10 [ 79.820820][ T7261] arch_do_signal_or_restart+0x90/0x7e0 [ 79.822712][ T7261] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 79.824432][ T7261] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 79.826565][ T7261] ? __bad_area_nosemaphore+0x334/0x6a0 [ 79.828407][ T7261] ? do_user_addr_fault+0x920/0x13f0 [ 79.830198][ T7261] irqentry_exit_to_user_mode+0x13f/0x280 [ 79.832154][ T7261] asm_exc_page_fault+0x26/0x30 [ 79.833489][ T7261] RIP: 0033:0x0 [ 79.834692][ T7261] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 79.837242][ T7261] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 79.839432][ T7261] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 79.841546][ T7261] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 79.843698][ T7261] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 79.846277][ T7261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.848811][ T7261] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 79.851111][ T7261] [ 79.859554][ T7261] memory: usage 307200kB, limit 307200kB, failcnt 32337 [ 79.862875][ T7261] memory+swap: usage 432196kB, limit 9007199254740988kB, failcnt 0 [ 79.865015][ T7261] kmem: usage 6096kB, limit 9007199254740988kB, failcnt 0 [ 79.866877][ T7261] Memory cgroup stats for /syz2: [ 79.866972][ T7261] cache 308129792 [ 79.869229][ T7261] rss 200704 [ 79.870126][ T7261] rss_huge 0 [ 79.871071][ T7261] shmem 308129792 [ 79.873282][ T7261] mapped_file 0 [ 79.874236][ T7261] dirty 0 [ 79.875036][ T7261] writeback 0 [ 79.875887][ T7261] workingset_refault_anon 19 [ 79.877071][ T7261] workingset_refault_file 1198 [ 79.878296][ T7261] swap 127995904 [ 79.879234][ T7261] swapcached 0 [ 79.880133][ T7261] pgpgin 132794 [ 79.881051][ T7261] pgpgout 57518 [ 79.881985][ T7261] pgfault 16132 [ 79.883951][ T7261] pgmajfault 44 [ 79.885253][ T7261] inactive_anon 187904000 [ 79.886693][ T7261] active_anon 120233984 [ 79.893260][ T7261] inactive_file 0 [ 79.894401][ T7261] active_file 0 [ 79.895331][ T7261] unevictable 0 [ 79.896238][ T7261] hierarchical_memory_limit 314572800 [ 79.897703][ T7261] hierarchical_memsw_limit 9223372036854771712 [ 79.899287][ T7261] total_cache 308129792 [ 79.900351][ T7261] total_rss 200704 [ 79.901316][ T7261] total_rss_huge 0 [ 79.902953][ T7261] total_shmem 308129792 [ 79.903063][ T40] audit: type=1400 audit(1732606552.049:488): avc: denied { accept } for pid=7625 comm="syz.3.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.909394][ T7261] total_mapped_file 0 [ 79.909405][ T7261] total_dirty 0 [ 79.909410][ T7261] total_writeback 0 [ 79.909415][ T7261] total_workingset_refault_anon 19 [ 79.909421][ T7261] total_workingset_refault_file 1198 [ 79.909426][ T7261] total_swap 127995904 [ 79.909432][ T7261] total_swapcached 0 [ 79.909437][ T7261] total_pgpgin 132794 [ 79.909442][ T7261] total_pgpgout 57518 [ 79.909447][ T7261] total_pgfault 16132 [ 79.909451][ T7261] total_pgmajfault 44 [ 79.909456][ T7261] total_inactive_anon 187904000 [ 79.909462][ T7261] total_active_anon 120233984 [ 79.909467][ T7261] total_inactive_file 0 [ 79.909472][ T7261] total_active_file 0 [ 79.909477][ T7261] total_unevictable 0 [ 79.909482][ T7261] anon_cost 0 [ 79.909487][ T7261] file_cost 0 [ 79.909493][ T7261] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7269,uid=0 [ 79.910048][ T7261] Memory cgroup out of memory: Killed process 7269 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:28360kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 79.915300][ T40] audit: type=1400 audit(1732606552.058:489): avc: denied { accept } for pid=7625 comm="syz.3.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 79.950899][ T7628] loop1: detected capacity change from 0 to 6 [ 79.958206][ T7628] Dev loop1: unable to read RDB block 6 [ 79.959789][ T7628] loop1: unable to read partition table [ 79.967941][ T7628] loop1: partition table beyond EOD, truncated [ 79.969683][ T7628] loop_reread_partitions: partition scan of loop1 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 79.969683][ T7628] ) failed (rc=-5) [ 80.012364][ T7258] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 80.016056][ T7258] CPU: 3 UID: 0 PID: 7258 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 80.018566][ T7258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.021218][ T7258] Call Trace: [ 80.022076][ T7258] [ 80.022831][ T7258] dump_stack_lvl+0x16c/0x1f0 [ 80.023970][ T7258] dump_header+0x101/0x900 [ 80.025089][ T7258] oom_kill_process+0x270/0xa60 [ 80.026296][ T7258] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 80.027721][ T7258] out_of_memory+0x351/0x1700 [ 80.028913][ T7258] ? __pfx_out_of_memory+0x10/0x10 [ 80.030232][ T7258] ? rcu_read_unlock+0x17/0x60 [ 80.031525][ T7258] ? find_held_lock+0x2d/0x110 [ 80.032798][ T7258] mem_cgroup_out_of_memory+0x207/0x270 [ 80.034227][ T7258] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 80.035727][ T7258] ? do_raw_spin_unlock+0x172/0x230 [ 80.037081][ T7258] try_charge_memcg+0x53f/0xaf0 [ 80.038320][ T7258] ? __pfx_try_charge_memcg+0x10/0x10 [ 80.039829][ T7258] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 80.041215][ T7258] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 80.042627][ T7258] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 80.044118][ T7258] __mem_cgroup_charge+0x9b/0x280 [ 80.045525][ T7258] shmem_alloc_and_add_folio+0x507/0xc00 [ 80.047110][ T7258] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 80.048830][ T7258] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 80.050574][ T7258] ? shmem_huge_global_enabled+0x176/0x250 [ 80.052142][ T7258] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 80.053760][ T7258] shmem_get_folio_gfp+0x689/0x1530 [ 80.055176][ T7258] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 80.056621][ T7258] ? find_held_lock+0x2d/0x110 [ 80.057827][ T7258] shmem_write_begin+0x161/0x300 [ 80.059069][ T7258] ? __pfx_shmem_write_begin+0x10/0x10 [ 80.060455][ T7258] ? timestamp_truncate+0x21f/0x2e0 [ 80.061780][ T7258] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 80.063525][ T7258] generic_perform_write+0x2ba/0x920 [ 80.065100][ T7258] ? __pfx_generic_perform_write+0x10/0x10 [ 80.066756][ T7258] ? inode_needs_update_time.part.0+0x191/0x270 [ 80.068350][ T7258] shmem_file_write_iter+0x10e/0x140 [ 80.069795][ T7258] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 80.071416][ T7258] __kernel_write_iter+0x318/0xa80 [ 80.072846][ T7258] ? __pfx___kernel_write_iter+0x10/0x10 [ 80.074369][ T7258] ? get_dump_page+0x15b/0x230 [ 80.075667][ T7258] ? __pfx___might_resched+0x10/0x10 [ 80.077071][ T7258] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 80.078542][ T7258] dump_user_range+0x389/0x8c0 [ 80.079763][ T7258] ? __pfx_dump_user_range+0x10/0x10 [ 80.081084][ T7258] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 80.082621][ T7258] ? __pfx_writenote+0x10/0x10 [ 80.083811][ T7258] elf_core_dump+0x287c/0x3a50 [ 80.085058][ T7258] ? __pfx_elf_core_dump+0x10/0x10 [ 80.086347][ T7258] ? kasan_save_stack+0x33/0x60 [ 80.087601][ T7258] ? kasan_save_track+0x14/0x30 [ 80.088802][ T7258] ? __kasan_kmalloc+0xaa/0xb0 [ 80.090043][ T7258] ? __kmalloc_node_noprof+0x21f/0x510 [ 80.091448][ T7258] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 80.092837][ T7258] ? get_signal+0x230b/0x26c0 [ 80.094029][ T7258] ? arch_do_signal_or_restart+0x90/0x7e0 [ 80.095460][ T7258] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 80.096951][ T7258] ? rcu_is_watching+0x12/0xc0 [ 80.098173][ T7258] ? trace_lock_acquire+0x146/0x1e0 [ 80.099492][ T7258] ? __pfx_sort+0x10/0x10 [ 80.100587][ T7258] ? get_signal+0x230b/0x26c0 [ 80.101777][ T7258] ? do_coredump+0x3ad7/0x49e0 [ 80.102992][ T7258] do_coredump+0x3ad7/0x49e0 [ 80.104171][ T7258] ? __pfx_do_coredump+0x10/0x10 [ 80.105427][ T7258] ? stack_trace_save+0x95/0xd0 [ 80.106659][ T7258] ? __pfx_stack_trace_save+0x10/0x10 [ 80.107995][ T7258] ? hlock_class+0x4e/0x130 [ 80.109217][ T7258] ? stack_depot_save_flags+0x28/0x8f0 [ 80.110643][ T7258] ? kmem_cache_free+0x152/0x4c0 [ 80.111980][ T7258] ? __sigqueue_free+0xba/0x2a0 [ 80.113331][ T7258] ? get_signal+0xcbc/0x26c0 [ 80.114604][ T7258] ? arch_do_signal_or_restart+0x90/0x7e0 [ 80.116079][ T7258] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 80.117550][ T7258] ? find_held_lock+0x2d/0x110 [ 80.118765][ T7258] ? proc_coredump_connector+0x2d2/0x4f0 [ 80.120178][ T7258] ? __pfx_proc_coredump_connector+0x10/0x10 [ 80.121705][ T7258] get_signal+0x230b/0x26c0 [ 80.122909][ T7258] ? force_sig_fault+0xc5/0x110 [ 80.124168][ T7258] ? __pfx_get_signal+0x10/0x10 [ 80.125407][ T7258] arch_do_signal_or_restart+0x90/0x7e0 [ 80.126803][ T7258] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 80.128323][ T7258] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 80.129911][ T7258] ? __bad_area_nosemaphore+0x334/0x6a0 [ 80.131406][ T7258] ? do_user_addr_fault+0x920/0x13f0 [ 80.132857][ T7258] irqentry_exit_to_user_mode+0x13f/0x280 [ 80.134266][ T7258] asm_exc_page_fault+0x26/0x30 [ 80.135494][ T7258] RIP: 0033:0x0 [ 80.136444][ T7258] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 80.138256][ T7258] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 80.139764][ T7258] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 80.141744][ T7258] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 80.143787][ T7258] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 80.145918][ T7258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.148134][ T7258] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 80.150271][ T7258] [ 80.152942][ T7258] memory: usage 272164kB, limit 307200kB, failcnt 32550 [ 80.154642][ T5988] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 80.155350][ T7258] memory+swap: usage 382008kB, limit 9007199254740988kB, failcnt 0 [ 80.159187][ T7258] kmem: usage 5760kB, limit 9007199254740988kB, failcnt 0 [ 80.161416][ T7258] Memory cgroup stats for /syz2: [ 80.161699][ T7258] cache 272613376 [ 80.163910][ T7258] rss 196608 [ 80.164928][ T7258] rss_huge 0 [ 80.165770][ T7258] shmem 269352960 [ 80.166721][ T7258] mapped_file 3211264 [ 80.167746][ T7258] dirty 0 [ 80.168796][ T7258] writeback 0 [ 80.169646][ T7258] workingset_refault_anon 19 [ 80.170846][ T7258] workingset_refault_file 1994 [ 80.172117][ T7258] swap 112222208 [ 80.173014][ T7258] swapcached 4096 [ 80.173957][ T7258] pgpgin 135953 [ 80.174989][ T7258] pgpgout 69207 [ 80.175869][ T7258] pgfault 16237 [ 80.176838][ T7258] pgmajfault 45 [ 80.177724][ T7258] inactive_anon 146915328 [ 80.178817][ T7258] active_anon 121679872 [ 80.180334][ T7258] inactive_file 0 [ 80.181441][ T7258] active_file 3260416 [ 80.190315][ T7258] unevictable 0 [ 80.214628][ T7258] hierarchical_memory_limit 314572800 [ 80.216652][ T7258] hierarchical_memsw_limit 9223372036854771712 [ 80.219049][ T7258] total_cache 272613376 [ 80.220607][ T7258] total_rss 196608 [ 80.221952][ T7258] total_rss_huge 0 [ 80.223333][ T7258] total_shmem 269352960 [ 80.254371][ T7258] total_mapped_file 3211264 [ 80.255903][ T7258] total_dirty 0 [ 80.272585][ T7258] total_writeback 0 [ 80.273751][ T7258] total_workingset_refault_anon 19 [ 80.275416][ T7258] total_workingset_refault_file 1994 [ 80.276998][ T7258] total_swap 112222208 [ 80.280774][ T7258] total_swapcached 4096 [ 80.280967][ T7637] 9pnet_virtio: no channels available for device syz [ 80.281883][ T40] audit: type=1400 audit(1732606552.414:490): avc: denied { mounton } for pid=7636 comm="syz.1.431" path="/2/file0" dev="9p" ino=37617765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 80.291808][ T7258] total_pgpgin 135953 [ 80.293479][ T7258] total_pgpgout 69207 [ 80.294977][ T7258] total_pgfault 16237 [ 80.296474][ T7258] total_pgmajfault 45 [ 80.298009][ T7258] total_inactive_anon 146915328 [ 80.304463][ T40] audit: type=1400 audit(1732606552.432:491): avc: denied { write } for pid=7636 comm="syz.1.431" name="/" dev="9p" ino=37617765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 80.310133][ T5988] usb 5-1: Using ep0 maxpacket: 8 [ 80.312249][ T40] audit: type=1400 audit(1732606552.432:492): avc: denied { add_name } for pid=7636 comm="syz.1.431" name="cpu.stat" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 80.314581][ T5988] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 80.331381][ T7258] total_active_anon 121679872 [ 80.331474][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 80.333200][ T7258] total_inactive_file 0 [ 80.335999][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 80.336019][ T5988] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 80.336050][ T5988] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 80.336062][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.337552][ T7258] total_active_file 3260416 [ 80.377783][ T7258] total_unevictable 0 [ 80.379228][ T7258] anon_cost 0 [ 80.380415][ T7258] file_cost 0 [ 80.381576][ T7258] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7252,uid=0 [ 80.401965][ T7258] Memory cgroup out of memory: Killed process 7252 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:30808kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 80.580558][ T5988] usb 5-1: GET_CAPABILITIES returned 0 [ 80.581994][ T5988] usbtmc 5-1:16.0: can't read capabilities [ 80.603583][ T7652] netlink: 44 bytes leftover after parsing attributes in process `syz.1.437'. [ 80.683222][ T7656] netlink: 52 bytes leftover after parsing attributes in process `syz.3.439'. [ 80.707843][ T7658] netlink: 8 bytes leftover after parsing attributes in process `syz.1.440'. [ 80.756607][ T7662] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 80.760403][ T7662] overlayfs: missing 'lowerdir' [ 80.797029][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.800109][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.802595][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.804900][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.807103][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.809294][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.811503][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.813735][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.815924][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.818122][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.820383][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.822794][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.825603][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.827947][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.830276][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.832615][ C3] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 80.839411][ T70] usb 5-1: USB disconnect, device number 8 [ 80.845283][ T5921] Bluetooth: hci1: command tx timeout [ 81.026493][ T5988] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 81.094308][ T7671] libceph: resolve '40' (ret=-3): failed [ 81.164845][ T7673] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 81.168020][ T7673] overlayfs: failed to resolve './file0': -2 [ 81.186600][ T5988] usb 8-1: Using ep0 maxpacket: 16 [ 81.190547][ T5988] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 81.196123][ T5988] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 81.198756][ T5988] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.200794][ T5988] usb 8-1: Product: syz [ 81.201873][ T5988] usb 8-1: Manufacturer: syz [ 81.203082][ T5988] usb 8-1: SerialNumber: syz [ 81.205390][ T5988] usb 8-1: config 0 descriptor?? [ 81.208260][ T5988] hub 8-1:0.0: bad descriptor, ignoring hub [ 81.209845][ T5988] hub 8-1:0.0: probe with driver hub failed with error -5 [ 81.212803][ T5988] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input7 [ 81.363239][ T7266] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 81.365818][ T7266] CPU: 3 UID: 0 PID: 7266 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 81.368434][ T7266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.371073][ T7266] Call Trace: [ 81.371904][ T7266] [ 81.372677][ T7266] dump_stack_lvl+0x16c/0x1f0 [ 81.373863][ T7266] dump_header+0x101/0x900 [ 81.374982][ T7266] oom_kill_process+0x270/0xa60 [ 81.376272][ T7266] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 81.377631][ T7266] out_of_memory+0x351/0x1700 [ 81.378775][ T7266] ? __pfx_out_of_memory+0x10/0x10 [ 81.380072][ T7266] ? rcu_read_unlock+0x17/0x60 [ 81.381275][ T7266] ? find_held_lock+0x2d/0x110 [ 81.382475][ T7266] mem_cgroup_out_of_memory+0x207/0x270 [ 81.383890][ T7266] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 81.385432][ T7266] ? do_raw_spin_unlock+0x172/0x230 [ 81.386725][ T7266] try_charge_memcg+0x53f/0xaf0 [ 81.387929][ T7266] ? __pfx_try_charge_memcg+0x10/0x10 [ 81.389261][ T7266] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 81.390673][ T7266] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 81.392057][ T7266] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 81.393443][ T7266] __mem_cgroup_charge+0x9b/0x280 [ 81.394667][ T7266] shmem_alloc_and_add_folio+0x507/0xc00 [ 81.396182][ T7266] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 81.397670][ T7266] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 81.399316][ T7266] ? shmem_huge_global_enabled+0x176/0x250 [ 81.400813][ T7266] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 81.402242][ T7680] sctp: [Deprecated]: syz.0.449 (pid 7680) Use of int in maxseg socket option. [ 81.402242][ T7680] Use struct sctp_assoc_value instead [ 81.402321][ T7266] shmem_get_folio_gfp+0x689/0x1530 [ 81.402344][ T7266] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 81.409108][ T7266] ? mark_held_locks+0x9f/0xe0 [ 81.410303][ T7266] ? timestamp_truncate+0x21f/0x2e0 [ 81.411720][ T7266] shmem_write_begin+0x161/0x300 [ 81.413286][ T7266] ? __pfx_shmem_write_begin+0x10/0x10 [ 81.414722][ T7266] ? inode_set_ctime_current+0x2a7/0x900 [ 81.416262][ T7266] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 81.418093][ T7266] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 81.419652][ T7266] generic_perform_write+0x2ba/0x920 [ 81.421039][ T7266] ? __pfx_generic_perform_write+0x10/0x10 [ 81.422560][ T7266] ? __mark_inode_dirty+0x2af/0xe60 [ 81.423923][ T7266] ? generic_update_time+0xcf/0xf0 [ 81.425273][ T7266] ? mnt_put_write_access_file+0x45/0xf0 [ 81.426737][ T7266] shmem_file_write_iter+0x10e/0x140 [ 81.428119][ T7266] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 81.429660][ T7266] __kernel_write_iter+0x318/0xa80 [ 81.431105][ T7266] ? __pfx___kernel_write_iter+0x10/0x10 [ 81.432633][ T7266] ? get_dump_page+0x15b/0x230 [ 81.433984][ T7266] ? __pfx___might_resched+0x10/0x10 [ 81.435352][ T7266] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 81.436839][ T7266] dump_user_range+0x389/0x8c0 [ 81.438074][ T7266] ? __pfx_dump_user_range+0x10/0x10 [ 81.439439][ T7266] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 81.441021][ T7266] ? __pfx_writenote+0x10/0x10 [ 81.442258][ T7266] elf_core_dump+0x287c/0x3a50 [ 81.443498][ T7266] ? __pfx_elf_core_dump+0x10/0x10 [ 81.444837][ T7266] ? kasan_save_stack+0x33/0x60 [ 81.446169][ T7266] ? kasan_save_track+0x14/0x30 [ 81.447499][ T7266] ? __kasan_kmalloc+0xaa/0xb0 [ 81.448861][ T7266] ? __kmalloc_node_noprof+0x21f/0x510 [ 81.450345][ T7266] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 81.451737][ T7266] ? get_signal+0x230b/0x26c0 [ 81.452944][ T7266] ? arch_do_signal_or_restart+0x90/0x7e0 [ 81.454392][ T7266] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 81.455920][ T7266] ? rcu_is_watching+0x12/0xc0 [ 81.457154][ T7266] ? trace_lock_acquire+0x146/0x1e0 [ 81.458484][ T7266] ? __pfx_sort+0x10/0x10 [ 81.459609][ T7266] ? get_signal+0x230b/0x26c0 [ 81.460821][ T7266] ? do_coredump+0x3ad7/0x49e0 [ 81.462052][ T7266] do_coredump+0x3ad7/0x49e0 [ 81.463249][ T7266] ? __pfx_do_coredump+0x10/0x10 [ 81.464517][ T7266] ? stack_trace_save+0x95/0xd0 [ 81.465766][ T7266] ? __pfx_stack_trace_save+0x10/0x10 [ 81.467172][ T7266] ? hlock_class+0x4e/0x130 [ 81.468360][ T7266] ? stack_depot_save_flags+0x28/0x8f0 [ 81.469775][ T7266] ? kmem_cache_free+0x152/0x4c0 [ 81.471063][ T7266] ? __sigqueue_free+0xba/0x2a0 [ 81.472340][ T7266] ? get_signal+0xcbc/0x26c0 [ 81.473519][ T7266] ? arch_do_signal_or_restart+0x90/0x7e0 [ 81.475221][ T7266] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 81.476789][ T7266] ? find_held_lock+0x2d/0x110 [ 81.478065][ T7266] ? proc_coredump_connector+0x2d2/0x4f0 [ 81.479769][ T7266] ? __pfx_proc_coredump_connector+0x10/0x10 [ 81.481326][ T7266] get_signal+0x230b/0x26c0 [ 81.482518][ T7266] ? force_sig_fault+0xc5/0x110 [ 81.483758][ T7266] ? __pfx_get_signal+0x10/0x10 [ 81.485009][ T7266] arch_do_signal_or_restart+0x90/0x7e0 [ 81.486414][ T7266] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 81.487974][ T7266] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 81.489551][ T7266] ? __bad_area_nosemaphore+0x334/0x6a0 [ 81.490960][ T7266] ? do_user_addr_fault+0x920/0x13f0 [ 81.491839][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 81.491851][ T40] audit: type=1400 audit(1732606553.518:502): avc: denied { listen } for pid=7683 comm="syz.0.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 81.492321][ T7266] irqentry_exit_to_user_mode+0x13f/0x280 [ 81.500114][ T7266] asm_exc_page_fault+0x26/0x30 [ 81.501393][ T7266] RIP: 0033:0x0 [ 81.502332][ T7266] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 81.504252][ T7266] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 81.505862][ T7266] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 81.507926][ T7266] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 81.509958][ T7266] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 81.511975][ T7266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.514024][ T7266] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 81.516084][ T7266] [ 81.517979][ T7266] memory: usage 307200kB, limit 307200kB, failcnt 37597 [ 81.519934][ T7266] memory+swap: usage 432188kB, limit 9007199254740988kB, failcnt 0 [ 81.521975][ T7266] kmem: usage 5836kB, limit 9007199254740988kB, failcnt 0 [ 81.523958][ T7266] Memory cgroup stats for /syz2: [ 81.524025][ T7266] cache 308281344 [ 81.526322][ T7266] rss 311296 [ 81.527203][ T7266] rss_huge 0 [ 81.528203][ T7266] shmem 308277248 [ 81.529226][ T7266] mapped_file 0 [ 81.530120][ T7266] dirty 0 [ 81.530911][ T7266] writeback 0 [ 81.531799][ T7266] workingset_refault_anon 31 [ 81.533002][ T7266] workingset_refault_file 2173 [ 81.534260][ T7266] swap 127987712 [ 81.535217][ T7266] swapcached 8192 [ 81.536232][ T7266] pgpgin 158595 [ 81.537159][ T7266] pgpgout 83254 [ 81.538079][ T7266] pgfault 16898 [ 81.539037][ T7266] pgmajfault 59 [ 81.540200][ T7266] inactive_anon 246820864 [ 81.541379][ T7266] active_anon 61767680 [ 81.542474][ T7266] inactive_file 4096 [ 81.543538][ T7266] active_file 0 [ 81.544786][ T7266] unevictable 0 [ 81.545728][ T7266] hierarchical_memory_limit 314572800 [ 81.547146][ T7266] hierarchical_memsw_limit 9223372036854771712 [ 81.548739][ T7266] total_cache 308281344 [ 81.549838][ T7266] total_rss 311296 [ 81.551034][ T7266] total_rss_huge 0 [ 81.552172][ T7266] total_shmem 308277248 [ 81.553270][ T7266] total_mapped_file 0 [ 81.554342][ T7266] total_dirty 0 [ 81.555359][ T7266] total_writeback 0 [ 81.556712][ T7266] total_workingset_refault_anon 31 [ 81.558239][ T7266] total_workingset_refault_file 2173 [ 81.559719][ T7266] total_swap 127987712 [ 81.560940][ T7266] total_swapcached 8192 [ 81.562083][ T7266] total_pgpgin 158595 [ 81.563352][ T7266] total_pgpgout 83254 [ 81.564392][ T7266] total_pgfault 16898 [ 81.565439][ T7266] total_pgmajfault 59 [ 81.566488][ T7266] total_inactive_anon 246820864 [ 81.567765][ T7266] total_active_anon 61767680 [ 81.568949][ T7266] total_inactive_file 4096 [ 81.570097][ T7266] total_active_file 0 [ 81.571185][ T7266] total_unevictable 0 [ 81.572429][ T7266] anon_cost 0 [ 81.573367][ T7266] file_cost 0 [ 81.574222][ T7266] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7267,uid=0 [ 81.578098][ T7266] Memory cgroup out of memory: Killed process 7267 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:34320kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 81.665441][ T7262] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 81.697017][ T7262] CPU: 2 UID: 0 PID: 7262 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 81.699791][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.702711][ T7262] Call Trace: [ 81.703658][ T7262] [ 81.704437][ T7262] dump_stack_lvl+0x16c/0x1f0 [ 81.705719][ T7262] dump_header+0x101/0x900 [ 81.706995][ T7262] oom_kill_process+0x270/0xa60 [ 81.708530][ T7262] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 81.710063][ T7262] out_of_memory+0x351/0x1700 [ 81.711330][ T7262] ? __pfx_out_of_memory+0x10/0x10 [ 81.712655][ T7262] ? rcu_read_unlock+0x17/0x60 [ 81.713915][ T7262] ? find_held_lock+0x2d/0x110 [ 81.715220][ T7262] mem_cgroup_out_of_memory+0x207/0x270 [ 81.716644][ T7262] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 81.718203][ T7262] ? do_raw_spin_unlock+0x172/0x230 [ 81.719556][ T7262] try_charge_memcg+0x53f/0xaf0 [ 81.720814][ T7262] ? __pfx_try_charge_memcg+0x10/0x10 [ 81.722266][ T7262] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 81.723742][ T7262] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 81.725168][ T7262] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 81.726640][ T7262] __mem_cgroup_charge+0x9b/0x280 [ 81.728001][ T7262] shmem_alloc_and_add_folio+0x507/0xc00 [ 81.729557][ T7262] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 81.731185][ T7262] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 81.732842][ T7262] ? shmem_huge_global_enabled+0x176/0x250 [ 81.734358][ T7262] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 81.735919][ T7262] shmem_get_folio_gfp+0x689/0x1530 [ 81.737436][ T7262] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 81.739415][ T7262] ? find_held_lock+0x2d/0x110 [ 81.741146][ T7262] shmem_write_begin+0x161/0x300 [ 81.742938][ T7262] ? __pfx_shmem_write_begin+0x10/0x10 [ 81.744898][ T7262] ? timestamp_truncate+0x21f/0x2e0 [ 81.746858][ T7262] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 81.749294][ T7262] generic_perform_write+0x2ba/0x920 [ 81.751195][ T7262] ? __pfx_generic_perform_write+0x10/0x10 [ 81.753256][ T7262] ? inode_needs_update_time.part.0+0x191/0x270 [ 81.755458][ T7262] shmem_file_write_iter+0x10e/0x140 [ 81.757355][ T7262] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 81.758984][ T7262] __kernel_write_iter+0x318/0xa80 [ 81.760429][ T7262] ? __pfx___kernel_write_iter+0x10/0x10 [ 81.761999][ T7262] ? get_dump_page+0x15b/0x230 [ 81.763477][ T7262] ? __pfx___might_resched+0x10/0x10 [ 81.764912][ T7262] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 81.766426][ T7262] dump_user_range+0x389/0x8c0 [ 81.767670][ T7262] ? __pfx_dump_user_range+0x10/0x10 [ 81.769035][ T7262] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 81.770820][ T7262] ? __pfx_writenote+0x10/0x10 [ 81.772366][ T7262] elf_core_dump+0x287c/0x3a50 [ 81.773625][ T7262] ? __pfx_elf_core_dump+0x10/0x10 [ 81.774968][ T7262] ? kasan_save_stack+0x33/0x60 [ 81.776273][ T7262] ? kasan_save_track+0x14/0x30 [ 81.777549][ T7262] ? __kasan_kmalloc+0xaa/0xb0 [ 81.778853][ T7262] ? __kmalloc_node_noprof+0x21f/0x510 [ 81.780270][ T7262] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 81.781684][ T7262] ? get_signal+0x230b/0x26c0 [ 81.782954][ T7262] ? arch_do_signal_or_restart+0x90/0x7e0 [ 81.784726][ T7262] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 81.786902][ T7262] ? rcu_is_watching+0x12/0xc0 [ 81.788608][ T7262] ? trace_lock_acquire+0x146/0x1e0 [ 81.790449][ T7262] ? __pfx_sort+0x10/0x10 [ 81.792048][ T7262] ? get_signal+0x230b/0x26c0 [ 81.793801][ T7262] ? do_coredump+0x3ad7/0x49e0 [ 81.795732][ T7262] do_coredump+0x3ad7/0x49e0 [ 81.797570][ T7262] ? __pfx_do_coredump+0x10/0x10 [ 81.799353][ T7262] ? stack_trace_save+0x95/0xd0 [ 81.801096][ T7262] ? __pfx_stack_trace_save+0x10/0x10 [ 81.803053][ T7262] ? hlock_class+0x4e/0x130 [ 81.804939][ T7262] ? stack_depot_save_flags+0x28/0x8f0 [ 81.806767][ T7262] ? kmem_cache_free+0x152/0x4c0 [ 81.808345][ T7262] ? __sigqueue_free+0xba/0x2a0 [ 81.809801][ T7262] ? get_signal+0xcbc/0x26c0 [ 81.811074][ T7262] ? arch_do_signal_or_restart+0x90/0x7e0 [ 81.812551][ T7262] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 81.814071][ T7262] ? find_held_lock+0x2d/0x110 [ 81.815335][ T7262] ? proc_coredump_connector+0x2d2/0x4f0 [ 81.816783][ T7262] ? __pfx_proc_coredump_connector+0x10/0x10 [ 81.818298][ T7262] get_signal+0x230b/0x26c0 [ 81.819465][ T7262] ? force_sig_fault+0xc5/0x110 [ 81.820936][ T7262] ? __pfx_get_signal+0x10/0x10 [ 81.822391][ T7262] arch_do_signal_or_restart+0x90/0x7e0 [ 81.823848][ T7262] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 81.825378][ T7262] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 81.826920][ T7262] ? __bad_area_nosemaphore+0x334/0x6a0 [ 81.828370][ T7262] ? do_user_addr_fault+0x920/0x13f0 [ 81.829791][ T7262] irqentry_exit_to_user_mode+0x13f/0x280 [ 81.831600][ T7262] asm_exc_page_fault+0x26/0x30 [ 81.833142][ T7262] RIP: 0033:0x0 [ 81.834135][ T7262] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 81.836058][ T7262] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 81.837675][ T7262] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 81.839827][ T7262] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 81.841874][ T7262] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 81.844237][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.846214][ T7262] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 81.848430][ T7262] [ 81.852768][ T40] audit: type=1400 audit(1732606553.854:503): avc: denied { create } for pid=7674 comm="syz.2.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1 [ 81.898804][ T7262] memory: usage 307200kB, limit 307200kB, failcnt 38684 [ 81.900906][ T7262] memory+swap: usage 432188kB, limit 9007199254740988kB, failcnt 0 [ 81.903473][ T7262] kmem: usage 5796kB, limit 9007199254740988kB, failcnt 0 [ 81.905324][ T7262] Memory cgroup stats for /syz2: [ 81.905399][ T7262] cache 308289536 [ 81.907556][ T7262] rss 348160 [ 81.908391][ T7262] rss_huge 0 [ 81.909276][ T7262] shmem 308289536 [ 81.910297][ T7262] mapped_file 0 [ 81.911197][ T7262] dirty 0 [ 81.911953][ T7262] writeback 0 [ 81.912782][ T7262] workingset_refault_anon 35 [ 81.914936][ T7262] workingset_refault_file 2547 [ 81.916169][ T7262] swap 127987712 [ 81.917116][ T7262] swapcached 8192 [ 81.918031][ T7262] pgpgin 161373 [ 81.918939][ T7262] pgpgout 86022 [ 81.919822][ T7262] pgfault 17011 [ 81.920751][ T7262] pgmajfault 69 [ 81.921681][ T7262] inactive_anon 65916928 [ 81.922750][ T7262] active_anon 241774592 [ 81.923859][ T7262] inactive_file 0 [ 81.925435][ T7262] active_file 0 [ 81.926370][ T7262] unevictable 0 [ 81.927259][ T7262] hierarchical_memory_limit 314572800 [ 81.928536][ T7262] hierarchical_memsw_limit 9223372036854771712 [ 81.930082][ T7262] total_cache 308289536 [ 81.931118][ T7262] total_rss 348160 [ 81.932109][ T7262] total_rss_huge 0 [ 81.933130][ T7262] total_shmem 308289536 [ 81.934161][ T7262] total_mapped_file 0 [ 81.935627][ T7262] total_dirty 0 [ 81.936507][ T7262] total_writeback 0 [ 81.937432][ T7262] total_workingset_refault_anon 35 [ 81.938754][ T7262] total_workingset_refault_file 2547 [ 81.940118][ T7262] total_swap 127987712 [ 81.941206][ T7262] total_swapcached 8192 [ 81.942308][ T7262] total_pgpgin 161373 [ 81.943340][ T7262] total_pgpgout 86022 [ 81.944324][ T7262] total_pgfault 17011 [ 81.945404][ T7262] total_pgmajfault 69 [ 81.946872][ T7262] total_inactive_anon 65916928 [ 81.948154][ T7262] total_active_anon 241774592 [ 81.949379][ T7262] total_inactive_file 0 [ 81.950425][ T7262] total_active_file 0 [ 81.951463][ T7262] total_unevictable 0 [ 81.952487][ T7262] anon_cost 0 [ 81.953356][ T7262] file_cost 0 [ 81.954246][ T7262] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7261,uid=0 [ 81.958754][ T7262] Memory cgroup out of memory: Killed process 7261 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:30720kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 81.960575][ T7688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.412'. [ 82.395783][ T1115] sr 2:0:0:0: [sr0] tag#5 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 82.398949][ T1115] sr 2:0:0:0: [sr0] tag#5 Sense Key : Illegal Request [current] [ 82.401135][ T1115] sr 2:0:0:0: [sr0] tag#5 Add. Sense: Invalid command operation code [ 82.403578][ T1115] sr 2:0:0:0: [sr0] tag#5 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00 [ 82.426750][ T1115] blk_print_req_error: 43 callbacks suppressed [ 82.426769][ T1115] critical target error, dev sr0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 2 prio class 0 [ 82.432991][ T1115] buffer_io_error: 43 callbacks suppressed [ 82.433003][ T1115] Buffer I/O error on dev sr0, logical block 0, lost async page write [ 82.448354][ T1115] Buffer I/O error on dev sr0, logical block 1, lost async page write [ 82.596400][ T40] audit: type=1400 audit(1732606554.575:504): avc: denied { nlmsg_write } for pid=7707 comm="syz.3.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 82.700946][ T7272] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 82.703450][ T7272] CPU: 1 UID: 0 PID: 7272 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 82.706469][ T7272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.709220][ T7272] Call Trace: [ 82.710128][ T7272] [ 82.711048][ T7272] dump_stack_lvl+0x16c/0x1f0 [ 82.712502][ T7272] dump_header+0x101/0x900 [ 82.714124][ T7272] oom_kill_process+0x270/0xa60 [ 82.716049][ T7272] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 82.718243][ T7272] out_of_memory+0x351/0x1700 [ 82.719992][ T7272] ? __pfx_out_of_memory+0x10/0x10 [ 82.721809][ T7272] ? rcu_read_unlock+0x17/0x60 [ 82.723519][ T7272] ? find_held_lock+0x2d/0x110 [ 82.725224][ T7272] mem_cgroup_out_of_memory+0x207/0x270 [ 82.727216][ T7272] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 82.729341][ T7272] ? do_raw_spin_unlock+0x172/0x230 [ 82.731180][ T7272] try_charge_memcg+0x53f/0xaf0 [ 82.732869][ T7272] ? __pfx_try_charge_memcg+0x10/0x10 [ 82.734817][ T7272] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 82.736753][ T7272] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 82.738644][ T7272] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 82.740547][ T7272] __mem_cgroup_charge+0x9b/0x280 [ 82.742266][ T7272] shmem_alloc_and_add_folio+0x507/0xc00 [ 82.744191][ T7272] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 82.746240][ T7272] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 82.748500][ T7272] ? shmem_huge_global_enabled+0x176/0x250 [ 82.750946][ T7272] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 82.752620][ T7272] shmem_get_folio_gfp+0x689/0x1530 [ 82.754025][ T7272] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 82.755558][ T7272] ? find_held_lock+0x2d/0x110 [ 82.756834][ T7272] shmem_write_begin+0x161/0x300 [ 82.758120][ T7272] ? __pfx_shmem_write_begin+0x10/0x10 [ 82.758852][ T7719] fuse: Bad value for 'fd' [ 82.759516][ T7272] ? timestamp_truncate+0x21f/0x2e0 [ 82.762044][ T7272] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 82.763841][ T7272] generic_perform_write+0x2ba/0x920 [ 82.765232][ T7272] ? __pfx_generic_perform_write+0x10/0x10 [ 82.766729][ T7272] ? inode_needs_update_time.part.0+0x191/0x270 [ 82.768382][ T7272] shmem_file_write_iter+0x10e/0x140 [ 82.769693][ T7272] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 82.771146][ T7272] __kernel_write_iter+0x318/0xa80 [ 82.772474][ T7272] ? __pfx___kernel_write_iter+0x10/0x10 [ 82.773857][ T7272] ? get_dump_page+0x15b/0x230 [ 82.775147][ T7272] ? __pfx___might_resched+0x10/0x10 [ 82.776500][ T7272] dump_user_range+0x389/0x8c0 [ 82.777740][ T7272] ? __pfx_dump_user_range+0x10/0x10 [ 82.779133][ T7272] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 82.780740][ T7272] ? __pfx_writenote+0x10/0x10 [ 82.782004][ T7272] elf_core_dump+0x287c/0x3a50 [ 82.783317][ T7272] ? __pfx_elf_core_dump+0x10/0x10 [ 82.784655][ T7272] ? kasan_save_stack+0x33/0x60 [ 82.785948][ T7272] ? kasan_save_track+0x14/0x30 [ 82.787272][ T7272] ? __kasan_kmalloc+0xaa/0xb0 [ 82.788524][ T7272] ? __kmalloc_node_noprof+0x21f/0x510 [ 82.789942][ T7272] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 82.791361][ T7272] ? get_signal+0x230b/0x26c0 [ 82.792572][ T7272] ? arch_do_signal_or_restart+0x90/0x7e0 [ 82.794072][ T7272] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 82.795640][ T7272] ? rcu_is_watching+0x12/0xc0 [ 82.796825][ T7272] ? trace_lock_acquire+0x146/0x1e0 [ 82.798126][ T7272] ? __pfx_sort+0x10/0x10 [ 82.799249][ T7272] ? get_signal+0x230b/0x26c0 [ 82.800449][ T7272] ? do_coredump+0x3ad7/0x49e0 [ 82.801671][ T7272] do_coredump+0x3ad7/0x49e0 [ 82.802845][ T7272] ? __pfx_do_coredump+0x10/0x10 [ 82.804098][ T7272] ? stack_trace_save+0x95/0xd0 [ 82.805391][ T7272] ? __pfx_stack_trace_save+0x10/0x10 [ 82.806795][ T7272] ? hlock_class+0x4e/0x130 [ 82.808004][ T7272] ? stack_depot_save_flags+0x28/0x8f0 [ 82.809459][ T7272] ? kmem_cache_free+0x152/0x4c0 [ 82.810818][ T7272] ? __sigqueue_free+0xba/0x2a0 [ 82.812085][ T7272] ? get_signal+0xcbc/0x26c0 [ 82.813283][ T7272] ? arch_do_signal_or_restart+0x90/0x7e0 [ 82.814750][ T7272] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 82.816521][ T7272] ? find_held_lock+0x2d/0x110 [ 82.817907][ T7272] ? proc_coredump_connector+0x2d2/0x4f0 [ 82.819368][ T7272] ? __pfx_proc_coredump_connector+0x10/0x10 [ 82.820894][ T7272] get_signal+0x230b/0x26c0 [ 82.822073][ T7272] ? force_sig_fault+0xc5/0x110 [ 82.823339][ T7272] ? __pfx_get_signal+0x10/0x10 [ 82.824602][ T7272] arch_do_signal_or_restart+0x90/0x7e0 [ 82.825986][ T7272] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 82.827607][ T7272] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 82.829174][ T7272] ? __bad_area_nosemaphore+0x334/0x6a0 [ 82.830609][ T7272] ? do_user_addr_fault+0x920/0x13f0 [ 82.831966][ T7272] irqentry_exit_to_user_mode+0x13f/0x280 [ 82.833452][ T7272] asm_exc_page_fault+0x26/0x30 [ 82.834714][ T7272] RIP: 0033:0x0 [ 82.835641][ T7272] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 82.837468][ T7272] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 82.839007][ T7272] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 82.840980][ T7272] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 82.843023][ T7272] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 82.845083][ T7272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.847170][ T7272] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 82.849212][ T7272] [ 82.850122][ C1] vkms_vblank_simulate: vblank timer overrun [ 82.860290][ T7272] memory: usage 307200kB, limit 307200kB, failcnt 40610 [ 82.861210][ T7722] netlink: 2 bytes leftover after parsing attributes in process `syz.0.460'. [ 82.863298][ T7272] memory+swap: usage 432172kB, limit 9007199254740988kB, failcnt 0 [ 82.867664][ T7272] kmem: usage 5468kB, limit 9007199254740988kB, failcnt 0 [ 82.869537][ T7272] Memory cgroup stats for /syz2: [ 82.869613][ T7272] cache 308596736 [ 82.871877][ T7272] rss 376832 [ 82.872729][ T7272] rss_huge 0 [ 82.873585][ T7272] shmem 308506624 [ 82.874607][ T7272] mapped_file 90112 [ 82.875684][ T7272] dirty 0 [ 82.876497][ T7272] writeback 0 [ 82.877405][ T7272] workingset_refault_anon 39 [ 82.878689][ T7272] workingset_refault_file 3570 [ 82.880004][ T7272] swap 127971328 [ 82.881001][ T7272] swapcached 24576 [ 82.881977][ T7272] pgpgin 179395 [ 82.882900][ T7272] pgpgout 103962 [ 82.883829][ T7272] pgfault 17779 [ 82.884738][ T7272] pgmajfault 81 [ 82.885697][ T7272] inactive_anon 87314432 [ 82.887618][ T7272] active_anon 219467776 [ 82.889207][ T7272] inactive_file 0 [ 82.890217][ T7272] active_file 0 [ 82.891148][ T7272] unevictable 0 [ 82.892048][ T7272] hierarchical_memory_limit 314572800 [ 82.893446][ T7272] hierarchical_memsw_limit 9223372036854771712 [ 82.895000][ T7272] total_cache 308596736 [ 82.896055][ T7272] total_rss 376832 [ 82.897101][ T7272] total_rss_huge 0 [ 82.898048][ T7272] total_shmem 308506624 [ 82.899109][ T7272] total_mapped_file 90112 [ 82.900202][ T7272] total_dirty 0 [ 82.901149][ T7272] total_writeback 0 [ 82.902128][ T7272] total_workingset_refault_anon 39 [ 82.903478][ T7272] total_workingset_refault_file 3570 [ 82.904889][ T7272] total_swap 127971328 [ 82.905995][ T7272] total_swapcached 24576 [ 82.907227][ T7272] total_pgpgin 179395 [ 82.923555][ T40] audit: type=1400 audit(1732606554.883:505): avc: denied { mounton } for pid=7718 comm="syz.3.459" path="/proc/377/cgroup" dev="proc" ino=19872 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 82.924783][ T7728] netlink: 'syz.3.459': attribute type 11 has an invalid length. [ 82.932466][ T7728] netlink: 224 bytes leftover after parsing attributes in process `syz.3.459'. [ 82.966563][ T7272] total_pgpgout 103962 [ 82.972778][ T7272] total_pgfault 17779 [ 83.005958][ T7272] total_pgmajfault 81 [ 83.007044][ T7272] total_inactive_anon 87314432 [ 83.008756][ T7272] total_active_anon 219467776 [ 83.010133][ T7272] total_inactive_file 0 [ 83.016830][ T7272] total_active_file 0 [ 83.019898][ T7272] total_unevictable 0 [ 83.021078][ T7272] anon_cost 0 [ 83.022043][ T7272] file_cost 0 [ 83.023210][ T7272] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7265,uid=0 [ 83.029079][ T7676] socket: no more sockets [ 83.043108][ T40] audit: type=1400 audit(1732606554.986:506): avc: denied { ioctl } for pid=7736 comm="syz.3.463" path="socket:[21735]" dev="sockfs" ino=21735 ioctlcmd=0x9404 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 83.056300][ T7272] Memory cgroup out of memory: Killed process 7265 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:42572kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 83.067767][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz.1.462'. [ 83.068228][ T5921] Bluetooth: hci1: command tx timeout [ 83.550286][ T7260] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 83.555543][ T7260] CPU: 3 UID: 0 PID: 7260 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 83.558201][ T7260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.561161][ T7260] Call Trace: [ 83.562088][ T7260] [ 83.562865][ T7260] dump_stack_lvl+0x16c/0x1f0 [ 83.564092][ T7260] dump_header+0x101/0x900 [ 83.565314][ T7260] oom_kill_process+0x270/0xa60 [ 83.566590][ T7260] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 83.568118][ T7260] out_of_memory+0x351/0x1700 [ 83.569403][ T7260] ? __pfx_out_of_memory+0x10/0x10 [ 83.570830][ T7260] ? rcu_read_unlock+0x17/0x60 [ 83.572127][ T7260] ? find_held_lock+0x2d/0x110 [ 83.573461][ T7260] mem_cgroup_out_of_memory+0x207/0x270 [ 83.575073][ T7260] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 83.576674][ T7260] ? do_raw_spin_unlock+0x172/0x230 [ 83.578031][ T7260] try_charge_memcg+0x53f/0xaf0 [ 83.579277][ T7260] ? __pfx_try_charge_memcg+0x10/0x10 [ 83.580582][ T7260] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 83.581919][ T7260] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 83.583266][ T7260] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 83.584687][ T7260] __mem_cgroup_charge+0x9b/0x280 [ 83.586012][ T7260] shmem_alloc_and_add_folio+0x507/0xc00 [ 83.587406][ T7260] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 83.588875][ T7260] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 83.590403][ T7260] ? shmem_huge_global_enabled+0x176/0x250 [ 83.591843][ T7260] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 83.593367][ T7260] shmem_get_folio_gfp+0x689/0x1530 [ 83.594714][ T7260] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 83.596154][ T7260] ? find_held_lock+0x2d/0x110 [ 83.597390][ T7260] shmem_write_begin+0x161/0x300 [ 83.598690][ T7260] ? __pfx_shmem_write_begin+0x10/0x10 [ 83.600122][ T7260] ? timestamp_truncate+0x21f/0x2e0 [ 83.601471][ T7260] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 83.603239][ T7260] generic_perform_write+0x2ba/0x920 [ 83.604614][ T7260] ? __pfx_generic_perform_write+0x10/0x10 [ 83.606143][ T7260] ? inode_needs_update_time.part.0+0x191/0x270 [ 83.607773][ T7260] shmem_file_write_iter+0x10e/0x140 [ 83.609169][ T7260] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 83.610738][ T7260] __kernel_write_iter+0x318/0xa80 [ 83.612118][ T7260] ? __pfx___kernel_write_iter+0x10/0x10 [ 83.613617][ T7260] ? get_dump_page+0x15b/0x230 [ 83.614909][ T7260] ? __pfx___might_resched+0x10/0x10 [ 83.616205][ T7260] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 83.617739][ T7260] dump_user_range+0x389/0x8c0 [ 83.619014][ T7260] ? __pfx_dump_user_range+0x10/0x10 [ 83.620336][ T7260] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 83.621915][ T7260] ? __pfx_writenote+0x10/0x10 [ 83.623168][ T7260] elf_core_dump+0x287c/0x3a50 [ 83.624429][ T7260] ? __pfx_elf_core_dump+0x10/0x10 [ 83.625725][ T7260] ? kasan_save_stack+0x33/0x60 [ 83.626979][ T7260] ? kasan_save_track+0x14/0x30 [ 83.628223][ T7260] ? __kasan_kmalloc+0xaa/0xb0 [ 83.629434][ T7260] ? __kmalloc_node_noprof+0x21f/0x510 [ 83.630877][ T7260] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 83.632222][ T7260] ? get_signal+0x230b/0x26c0 [ 83.633432][ T7260] ? arch_do_signal_or_restart+0x90/0x7e0 [ 83.634872][ T7260] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 83.636401][ T7260] ? rcu_is_watching+0x12/0xc0 [ 83.637609][ T7260] ? trace_lock_acquire+0x146/0x1e0 [ 83.638956][ T7260] ? __pfx_sort+0x10/0x10 [ 83.640127][ T7260] ? get_signal+0x230b/0x26c0 [ 83.641333][ T7260] ? do_coredump+0x3ad7/0x49e0 [ 83.642570][ T7260] do_coredump+0x3ad7/0x49e0 [ 83.643782][ T7260] ? __pfx_do_coredump+0x10/0x10 [ 83.645050][ T7260] ? stack_trace_save+0x95/0xd0 [ 83.646272][ T7260] ? __pfx_stack_trace_save+0x10/0x10 [ 83.647653][ T7260] ? hlock_class+0x4e/0x130 [ 83.648811][ T7260] ? stack_depot_save_flags+0x28/0x8f0 [ 83.650202][ T7260] ? kmem_cache_free+0x152/0x4c0 [ 83.651477][ T7260] ? __sigqueue_free+0xba/0x2a0 [ 83.652699][ T7260] ? get_signal+0xcbc/0x26c0 [ 83.653889][ T7260] ? arch_do_signal_or_restart+0x90/0x7e0 [ 83.655353][ T7260] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 83.656878][ T7260] ? find_held_lock+0x2d/0x110 [ 83.658062][ T7260] ? proc_coredump_connector+0x2d2/0x4f0 [ 83.659458][ T7260] ? __pfx_proc_coredump_connector+0x10/0x10 [ 83.660986][ T7260] get_signal+0x230b/0x26c0 [ 83.662150][ T7260] ? force_sig_fault+0xc5/0x110 [ 83.663371][ T7260] ? __pfx_get_signal+0x10/0x10 [ 83.664620][ T7260] arch_do_signal_or_restart+0x90/0x7e0 [ 83.666008][ T7260] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 83.667568][ T7260] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 83.669159][ T7260] ? __bad_area_nosemaphore+0x334/0x6a0 [ 83.670607][ T7260] ? do_user_addr_fault+0x920/0x13f0 [ 83.671942][ T7260] irqentry_exit_to_user_mode+0x13f/0x280 [ 83.673374][ T7260] asm_exc_page_fault+0x26/0x30 [ 83.674613][ T7260] RIP: 0033:0x0 [ 83.675517][ T7260] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 83.677398][ T7260] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 83.679017][ T7260] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 83.681052][ T7260] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 83.683032][ T7260] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 83.685046][ T7260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.686995][ T7260] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 83.688989][ T7260] [ 83.701574][ T7260] memory: usage 307200kB, limit 307200kB, failcnt 41553 [ 83.703400][ T7260] memory+swap: usage 432036kB, limit 9007199254740988kB, failcnt 0 [ 83.705431][ T7260] kmem: usage 5284kB, limit 9007199254740988kB, failcnt 0 [ 83.707273][ T7260] Memory cgroup stats for /syz2: [ 83.707345][ T7260] cache 308809728 [ 83.720662][ T7260] rss 352256 [ 83.721549][ T7260] rss_huge 0 [ 83.722392][ T7260] shmem 308785152 [ 83.723371][ T7260] mapped_file 0 [ 83.724320][ T7260] dirty 0 [ 83.725125][ T7260] writeback 0 [ 83.726004][ T7260] workingset_refault_anon 47 [ 83.727245][ T7260] workingset_refault_file 3585 [ 83.728494][ T7260] swap 127832064 [ 83.741666][ T7260] swapcached 12288 [ 83.742854][ T7260] pgpgin 191665 [ 83.743871][ T7260] pgpgout 116186 [ 83.744917][ T7260] pgfault 18196 [ 83.745915][ T7260] pgmajfault 90 [ 83.746916][ T7260] inactive_anon 137490432 [ 83.748093][ T7260] active_anon 171155456 [ 83.749205][ T7260] inactive_file 4096 [ 83.750253][ T7260] active_file 20480 [ 83.751316][ T7260] unevictable 0 [ 83.753120][ T7260] hierarchical_memory_limit 314572800 [ 83.769468][ T7260] hierarchical_memsw_limit 9223372036854771712 [ 83.771550][ T7260] total_cache 308809728 [ 83.772700][ T7260] total_rss 352256 [ 83.774613][ T7260] total_rss_huge 0 [ 83.775693][ T7260] total_shmem 308785152 [ 83.776832][ T7260] total_mapped_file 0 [ 83.777870][ T7260] total_dirty 0 [ 83.778865][ T7260] total_writeback 0 [ 83.779855][ T7260] total_workingset_refault_anon 47 [ 83.781179][ T7260] total_workingset_refault_file 3585 [ 83.782528][ T7260] total_swap 127832064 [ 83.783599][ T7260] total_swapcached 12288 [ 83.784900][ T7260] total_pgpgin 191665 [ 83.785942][ T7260] total_pgpgout 116186 [ 83.787017][ T7260] total_pgfault 18196 [ 83.788071][ T7260] total_pgmajfault 90 [ 83.790031][ T7260] total_inactive_anon 137490432 [ 83.791294][ T7260] total_active_anon 171155456 [ 83.792474][ T7260] total_inactive_file 4096 [ 83.793595][ T7260] total_active_file 20480 [ 83.794729][ T7260] total_unevictable 0 [ 83.795822][ T7260] anon_cost 0 [ 83.796670][ T7260] file_cost 0 [ 83.797520][ T7260] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7254,uid=0 [ 83.801184][ T7260] Memory cgroup out of memory: Killed process 7254 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:36240kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 83.889892][ T7264] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 83.906619][ T7264] CPU: 3 UID: 0 PID: 7264 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 83.909292][ T7264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.912070][ T7264] Call Trace: [ 83.912941][ T7264] [ 83.913717][ T7264] dump_stack_lvl+0x16c/0x1f0 [ 83.915022][ T7264] dump_header+0x101/0x900 [ 83.916192][ T7264] oom_kill_process+0x270/0xa60 [ 83.917463][ T7264] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 83.918930][ T7264] out_of_memory+0x351/0x1700 [ 83.920178][ T7264] ? __pfx_out_of_memory+0x10/0x10 [ 83.921512][ T7264] ? rcu_read_unlock+0x17/0x60 [ 83.922773][ T7264] ? find_held_lock+0x2d/0x110 [ 83.924088][ T7264] mem_cgroup_out_of_memory+0x207/0x270 [ 83.925529][ T7264] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 83.927111][ T7264] ? do_raw_spin_unlock+0x172/0x230 [ 83.928448][ T7264] try_charge_memcg+0x53f/0xaf0 [ 83.929699][ T7264] ? __pfx_try_charge_memcg+0x10/0x10 [ 83.931087][ T7264] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 83.932486][ T7264] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 83.933884][ T7264] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 83.935306][ T7264] __mem_cgroup_charge+0x9b/0x280 [ 83.936596][ T7264] shmem_alloc_and_add_folio+0x507/0xc00 [ 83.938036][ T7264] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 83.939563][ T7264] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 83.941139][ T7264] ? shmem_huge_global_enabled+0x176/0x250 [ 83.943328][ T7264] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 83.945401][ T7264] shmem_get_folio_gfp+0x689/0x1530 [ 83.947230][ T7264] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 83.948704][ T7264] ? find_held_lock+0x2d/0x110 [ 83.949943][ T7264] shmem_write_begin+0x161/0x300 [ 83.951248][ T7264] ? __pfx_shmem_write_begin+0x10/0x10 [ 83.952650][ T7264] ? timestamp_truncate+0x21f/0x2e0 [ 83.953985][ T7264] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 83.955775][ T7264] ? ns_to_timespec64+0x59/0xc0 [ 83.957027][ T7264] generic_perform_write+0x2ba/0x920 [ 83.958421][ T7264] ? __pfx_generic_perform_write+0x10/0x10 [ 83.959908][ T7264] ? inode_needs_update_time.part.0+0x191/0x270 [ 83.961530][ T7264] shmem_file_write_iter+0x10e/0x140 [ 83.962992][ T7264] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 83.964484][ T7264] __kernel_write_iter+0x318/0xa80 [ 83.965867][ T7264] ? __pfx___kernel_write_iter+0x10/0x10 [ 83.967863][ T7264] ? get_dump_page+0x15b/0x230 [ 83.969160][ T7264] ? __pfx___might_resched+0x10/0x10 [ 83.970589][ T7264] ? __sanitizer_cov_trace_pc+0x66/0x70 [ 83.972127][ T7264] dump_user_range+0x389/0x8c0 [ 83.973295][ T7264] ? __pfx_dump_user_range+0x10/0x10 [ 83.974712][ T7264] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 83.976261][ T7264] ? __pfx_writenote+0x10/0x10 [ 83.977492][ T7264] elf_core_dump+0x287c/0x3a50 [ 83.978712][ T7264] ? __pfx_elf_core_dump+0x10/0x10 [ 83.980004][ T7264] ? kasan_save_stack+0x33/0x60 [ 83.981230][ T7264] ? kasan_save_track+0x14/0x30 [ 83.982490][ T7264] ? __kasan_kmalloc+0xaa/0xb0 [ 83.983709][ T7264] ? __kmalloc_node_noprof+0x21f/0x510 [ 83.985108][ T7264] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 83.986507][ T7264] ? get_signal+0x230b/0x26c0 [ 83.987679][ T7264] ? arch_do_signal_or_restart+0x90/0x7e0 [ 83.989111][ T7264] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 83.990602][ T7264] ? rcu_is_watching+0x12/0xc0 [ 83.991781][ T7264] ? trace_lock_acquire+0x146/0x1e0 [ 83.993072][ T7264] ? __pfx_sort+0x10/0x10 [ 83.994152][ T7264] ? get_signal+0x230b/0x26c0 [ 83.995350][ T7264] ? do_coredump+0x3ad7/0x49e0 [ 83.996568][ T7264] do_coredump+0x3ad7/0x49e0 [ 83.997761][ T7264] ? __pfx_do_coredump+0x10/0x10 [ 83.999041][ T7264] ? stack_trace_save+0x95/0xd0 [ 84.000308][ T7264] ? __pfx_stack_trace_save+0x10/0x10 [ 84.001737][ T7264] ? hlock_class+0x4e/0x130 [ 84.003079][ T7264] ? stack_depot_save_flags+0x28/0x8f0 [ 84.004593][ T7264] ? kmem_cache_free+0x152/0x4c0 [ 84.005948][ T7264] ? __sigqueue_free+0xba/0x2a0 [ 84.007230][ T7264] ? get_signal+0xcbc/0x26c0 [ 84.008451][ T7264] ? arch_do_signal_or_restart+0x90/0x7e0 [ 84.009895][ T7264] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 84.011420][ T7264] ? find_held_lock+0x2d/0x110 [ 84.012638][ T7264] ? proc_coredump_connector+0x2d2/0x4f0 [ 84.014079][ T7264] ? __pfx_proc_coredump_connector+0x10/0x10 [ 84.015620][ T7264] get_signal+0x230b/0x26c0 [ 84.016810][ T7264] ? force_sig_fault+0xc5/0x110 [ 84.018061][ T7264] ? __pfx_get_signal+0x10/0x10 [ 84.019331][ T7264] arch_do_signal_or_restart+0x90/0x7e0 [ 84.020753][ T7264] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 84.022311][ T7264] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 84.023882][ T7264] ? __bad_area_nosemaphore+0x334/0x6a0 [ 84.025327][ T7264] ? do_user_addr_fault+0x920/0x13f0 [ 84.026693][ T7264] irqentry_exit_to_user_mode+0x13f/0x280 [ 84.028206][ T7264] asm_exc_page_fault+0x26/0x30 [ 84.029691][ T7264] RIP: 0033:0x0 [ 84.030717][ T7264] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 84.032788][ T7264] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 84.034620][ T7264] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 84.036651][ T7264] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 84.038963][ T7264] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 84.040977][ T7264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.043009][ T7264] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 84.045053][ T7264] [ 84.097483][ T7264] memory: usage 287744kB, limit 307200kB, failcnt 42284 [ 84.099378][ T7264] memory+swap: usage 403928kB, limit 9007199254740988kB, failcnt 0 [ 84.101411][ T7264] kmem: usage 5412kB, limit 9007199254740988kB, failcnt 0 [ 84.113844][ T7264] Memory cgroup stats for /syz2: [ 84.113928][ T7264] cache 283422720 [ 84.118902][ T7264] rss 339968 [ 84.119779][ T7264] rss_huge 0 [ 84.120682][ T7264] shmem 283418624 [ 84.121693][ T7264] mapped_file 53248 [ 84.122766][ T7264] dirty 0 [ 84.123800][ T7264] writeback 4096 [ 84.124839][ T7264] workingset_refault_anon 47 [ 84.126155][ T7264] workingset_refault_file 3585 [ 84.150684][ T7264] swap 119123968 [ 84.151683][ T7264] swapcached 20480 [ 84.152687][ T7264] pgpgin 192749 [ 84.153621][ T7264] pgpgout 123461 [ 84.154596][ T7264] pgfault 18376 [ 84.155526][ T7264] pgmajfault 90 [ 84.156457][ T7264] inactive_anon 72065024 [ 84.157585][ T7264] active_anon 211345408 [ 84.177780][ T7264] inactive_file 4096 [ 84.178865][ T7264] active_file 0 [ 84.179804][ T7264] unevictable 0 [ 84.181371][ T7264] hierarchical_memory_limit 314572800 [ 84.182903][ T7264] hierarchical_memsw_limit 9223372036854771712 [ 84.185690][ T7264] total_cache 283422720 [ 84.186935][ T7264] total_rss 339968 [ 84.187932][ T7264] total_rss_huge 0 [ 84.188919][ T7264] total_shmem 283418624 [ 84.190060][ T7264] total_mapped_file 53248 [ 84.212699][ T7264] total_dirty 0 [ 84.213668][ T7264] total_writeback 4096 [ 84.214749][ T7264] total_workingset_refault_anon 47 [ 84.216073][ T7264] total_workingset_refault_file 3585 [ 84.217431][ T7264] total_swap 119123968 [ 84.218498][ T7264] total_swapcached 20480 [ 84.219582][ T7264] total_pgpgin 192749 [ 84.220612][ T7264] total_pgpgout 123461 [ 84.221670][ T7264] total_pgfault 18376 [ 84.258687][ T7264] total_pgmajfault 90 [ 84.259776][ T7264] total_inactive_anon 72065024 [ 84.261015][ T7264] total_active_anon 211345408 [ 84.262221][ T7264] total_inactive_file 4096 [ 84.263391][ T7264] total_active_file 0 [ 84.264467][ T7264] total_unevictable 0 [ 84.265823][ T7264] anon_cost 0 [ 84.266715][ T7264] file_cost 0 [ 84.267588][ T7264] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7262,uid=0 [ 84.271329][ T7264] Memory cgroup out of memory: Killed process 7262 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:34128kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000 [ 84.312162][ T7777] Debayer A: ================= START STATUS ================= [ 84.314400][ T7777] Debayer A: Debayer Mean Window Size: 3 [ 84.316213][ T7777] Debayer A: ================== END STATUS ================== [ 84.324967][ T7777] ata3.00: invalid multi_count 1 ignored [ 84.806315][ T7273] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 84.808805][ T7273] CPU: 1 UID: 0 PID: 7273 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 84.812249][ T7273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.815911][ T7273] Call Trace: [ 84.817123][ T7273] [ 84.818208][ T7273] dump_stack_lvl+0x16c/0x1f0 [ 84.820002][ T7273] dump_header+0x101/0x900 [ 84.821757][ T7273] oom_kill_process+0x270/0xa60 [ 84.823491][ T7273] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 84.825507][ T7273] out_of_memory+0x351/0x1700 [ 84.827033][ T7273] ? __pfx_out_of_memory+0x10/0x10 [ 84.828540][ T7273] ? rcu_read_unlock+0x17/0x60 [ 84.829812][ T7273] ? find_held_lock+0x2d/0x110 [ 84.831148][ T7273] mem_cgroup_out_of_memory+0x207/0x270 [ 84.832544][ T7273] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 84.834772][ T7273] ? do_raw_spin_unlock+0x172/0x230 [ 84.836905][ T7273] try_charge_memcg+0x53f/0xaf0 [ 84.838547][ T7273] ? __pfx_try_charge_memcg+0x10/0x10 [ 84.839975][ T7273] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 84.841363][ T7273] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 84.843120][ T7273] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 84.844772][ T7273] __mem_cgroup_charge+0x9b/0x280 [ 84.846174][ T7273] shmem_alloc_and_add_folio+0x507/0xc00 [ 84.847663][ T7273] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 84.849215][ T7273] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 84.850867][ T7273] ? shmem_huge_global_enabled+0x176/0x250 [ 84.852455][ T7273] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 84.854497][ T7273] shmem_get_folio_gfp+0x689/0x1530 [ 84.856367][ T7273] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 84.857950][ T7273] ? find_held_lock+0x2d/0x110 [ 84.859256][ T7273] shmem_write_begin+0x161/0x300 [ 84.860549][ T7273] ? __pfx_shmem_write_begin+0x10/0x10 [ 84.861968][ T7273] ? timestamp_truncate+0x21f/0x2e0 [ 84.863420][ T7273] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 84.865290][ T7273] generic_perform_write+0x2ba/0x920 [ 84.866724][ T7273] ? __pfx_generic_perform_write+0x10/0x10 [ 84.868319][ T7273] ? inode_needs_update_time.part.0+0x191/0x270 [ 84.869984][ T7273] shmem_file_write_iter+0x10e/0x140 [ 84.871454][ T7273] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 84.873144][ T7273] __kernel_write_iter+0x318/0xa80 [ 84.874553][ T7273] ? __pfx___kernel_write_iter+0x10/0x10 [ 84.876047][ T7273] ? get_dump_page+0x15b/0x230 [ 84.877339][ T7273] ? __pfx___might_resched+0x10/0x10 [ 84.878752][ T7273] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 84.880273][ T7273] dump_user_range+0x389/0x8c0 [ 84.881570][ T7273] ? __pfx_dump_user_range+0x10/0x10 [ 84.883053][ T7273] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 84.885225][ T7273] ? __pfx_writenote+0x10/0x10 [ 84.886896][ T7273] elf_core_dump+0x287c/0x3a50 [ 84.888162][ T7273] ? __pfx_elf_core_dump+0x10/0x10 [ 84.889843][ T7273] ? kasan_save_stack+0x33/0x60 [ 84.891526][ T7273] ? kasan_save_track+0x14/0x30 [ 84.893151][ T7273] ? __kasan_kmalloc+0xaa/0xb0 [ 84.894773][ T7273] ? __kmalloc_node_noprof+0x21f/0x510 [ 84.896637][ T7273] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 84.898498][ T7273] ? get_signal+0x230b/0x26c0 [ 84.900095][ T7273] ? arch_do_signal_or_restart+0x90/0x7e0 [ 84.901557][ T7273] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 84.903117][ T7273] ? rcu_is_watching+0x12/0xc0 [ 84.904352][ T7273] ? trace_lock_acquire+0x146/0x1e0 [ 84.905640][ T7273] ? __pfx_sort+0x10/0x10 [ 84.906720][ T7273] ? get_signal+0x230b/0x26c0 [ 84.907943][ T7273] ? do_coredump+0x3ad7/0x49e0 [ 84.909184][ T7273] do_coredump+0x3ad7/0x49e0 [ 84.910366][ T7273] ? __pfx_do_coredump+0x10/0x10 [ 84.911639][ T7273] ? stack_trace_save+0x95/0xd0 [ 84.913002][ T7273] ? __pfx_stack_trace_save+0x10/0x10 [ 84.914887][ T7273] ? hlock_class+0x4e/0x130 [ 84.916453][ T7273] ? stack_depot_save_flags+0x28/0x8f0 [ 84.917995][ T7273] ? kmem_cache_free+0x152/0x4c0 [ 84.919258][ T7273] ? __sigqueue_free+0xba/0x2a0 [ 84.920494][ T7273] ? get_signal+0xcbc/0x26c0 [ 84.921664][ T7273] ? arch_do_signal_or_restart+0x90/0x7e0 [ 84.923153][ T7273] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 84.924698][ T7273] ? find_held_lock+0x2d/0x110 [ 84.925961][ T7273] ? proc_coredump_connector+0x2d2/0x4f0 [ 84.927441][ T7273] ? __pfx_proc_coredump_connector+0x10/0x10 [ 84.929578][ T7273] get_signal+0x230b/0x26c0 [ 84.931193][ T7273] ? force_sig_fault+0xc5/0x110 [ 84.932896][ T7273] ? __pfx_get_signal+0x10/0x10 [ 84.934707][ T7273] arch_do_signal_or_restart+0x90/0x7e0 [ 84.936571][ T7273] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 84.938692][ T7273] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 84.940763][ T7273] ? __bad_area_nosemaphore+0x334/0x6a0 [ 84.942655][ T7273] ? do_user_addr_fault+0x920/0x13f0 [ 84.944410][ T7273] irqentry_exit_to_user_mode+0x13f/0x280 [ 84.946325][ T7273] asm_exc_page_fault+0x26/0x30 [ 84.947986][ T7273] RIP: 0033:0x0 [ 84.949229][ T7273] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 84.951764][ T7273] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 84.953832][ T7273] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 84.956897][ T7273] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 84.959748][ T7273] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 84.962339][ T7273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 84.964809][ T7273] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 84.967506][ T7273] [ 84.968559][ C1] vkms_vblank_simulate: vblank timer overrun [ 84.971806][ T7273] memory: usage 307200kB, limit 307200kB, failcnt 44488 [ 84.974014][ T7273] memory+swap: usage 429164kB, limit 9007199254740988kB, failcnt 0 [ 84.976643][ T7273] kmem: usage 4900kB, limit 9007199254740988kB, failcnt 0 [ 84.978687][ T7273] Memory cgroup stats for /syz2: [ 84.978754][ T7273] cache 309305344 [ 84.980989][ T7273] rss 237568 [ 84.981894][ T7273] rss_huge 0 [ 84.982862][ T7273] shmem 309305344 [ 84.983821][ T7273] mapped_file 0 [ 84.984732][ T7273] dirty 0 [ 84.985516][ T7273] writeback 4096 [ 84.986445][ T7273] workingset_refault_anon 52 [ 84.987654][ T7273] workingset_refault_file 3861 [ 84.988894][ T7273] swap 124891136 [ 84.989826][ T7273] swapcached 16384 [ 84.990824][ T7273] pgpgin 211891 [ 84.991774][ T7273] pgpgout 136317 [ 84.992889][ T7273] pgfault 19494 [ 84.994166][ T7273] pgmajfault 97 [ 84.995571][ T7273] inactive_anon 48320512 [ 84.996684][ T7273] active_anon 261210112 [ 84.997765][ T7273] inactive_file 0 [ 84.998885][ T7273] active_file 0 [ 85.000283][ T7273] unevictable 0 [ 85.001510][ T7273] hierarchical_memory_limit 314572800 [ 85.002939][ T7273] hierarchical_memsw_limit 9223372036854771712 [ 85.004711][ T7273] total_cache 309305344 [ 85.005789][ T7273] total_rss 237568 [ 85.006760][ T7273] total_rss_huge 0 [ 85.007729][ T7273] total_shmem 309305344 [ 85.008815][ T7273] total_mapped_file 0 [ 85.010036][ T7273] total_dirty 0 [ 85.011344][ T7273] total_writeback 4096 [ 85.012880][ T7273] total_workingset_refault_anon 52 [ 85.014874][ T7273] total_workingset_refault_file 3861 [ 85.016809][ T7273] total_swap 124891136 [ 85.018293][ T7273] total_swapcached 16384 [ 85.019713][ T7273] total_pgpgin 211891 [ 85.021010][ T7273] total_pgpgout 136317 [ 85.022569][ T7273] total_pgfault 19494 [ 85.023691][ T7273] total_pgmajfault 97 [ 85.024824][ T7273] total_inactive_anon 48320512 [ 85.026106][ T7273] total_active_anon 261210112 [ 85.027328][ T7273] total_inactive_file 0 [ 85.028564][ T7273] total_active_file 0 [ 85.029688][ T7273] total_unevictable 0 [ 85.031166][ T7273] anon_cost 0 [ 85.032206][ T7273] file_cost 0 [ 85.033081][ T7273] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7264,uid=0 [ 85.037096][ T7273] Memory cgroup out of memory: Killed process 7264 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:47180kB, shmem-rss:0kB, UID:0 pgtables:172kB oom_score_adj:1000 [ 85.094497][ T7268] syz.2.335 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 85.121125][ T7268] CPU: 3 UID: 0 PID: 7268 Comm: syz.2.335 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 85.124686][ T7268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.128189][ T7268] Call Trace: [ 85.129124][ T7268] [ 85.129921][ T7268] dump_stack_lvl+0x16c/0x1f0 [ 85.131177][ T7268] dump_header+0x101/0x900 [ 85.132378][ T7268] oom_kill_process+0x270/0xa60 [ 85.133870][ T7268] ? mem_cgroup_out_of_memory+0x8d/0x270 [ 85.135865][ T7268] out_of_memory+0x351/0x1700 [ 85.137399][ T7268] ? __pfx_out_of_memory+0x10/0x10 [ 85.138745][ T7268] ? rcu_read_unlock+0x17/0x60 [ 85.140022][ T7268] ? find_held_lock+0x2d/0x110 [ 85.141267][ T7268] mem_cgroup_out_of_memory+0x207/0x270 [ 85.142708][ T7268] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 85.144423][ T7268] ? do_raw_spin_unlock+0x172/0x230 [ 85.145861][ T7268] try_charge_memcg+0x53f/0xaf0 [ 85.147140][ T7268] ? __pfx_try_charge_memcg+0x10/0x10 [ 85.148523][ T7268] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 85.149927][ T7268] ? get_mem_cgroup_from_mm+0x87/0x5f0 [ 85.151388][ T7268] ? get_mem_cgroup_from_mm+0x131/0x5f0 [ 85.152813][ T7268] __mem_cgroup_charge+0x9b/0x280 [ 85.154520][ T7268] shmem_alloc_and_add_folio+0x507/0xc00 [ 85.156573][ T7268] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 85.158225][ T7268] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 85.159915][ T7268] ? shmem_huge_global_enabled+0x176/0x250 [ 85.161472][ T7268] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 85.163079][ T7268] shmem_get_folio_gfp+0x689/0x1530 [ 85.164685][ T7268] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 85.166249][ T7268] ? find_held_lock+0x2d/0x110 [ 85.167579][ T7268] shmem_write_begin+0x161/0x300 [ 85.168881][ T7268] ? __pfx_shmem_write_begin+0x10/0x10 [ 85.170340][ T7268] ? timestamp_truncate+0x21f/0x2e0 [ 85.171709][ T7268] ? balance_dirty_pages_ratelimited_flags+0x92/0x1270 [ 85.173468][ T7268] generic_perform_write+0x2ba/0x920 [ 85.174931][ T7268] ? __pfx_generic_perform_write+0x10/0x10 [ 85.176455][ T7268] ? inode_needs_update_time.part.0+0x191/0x270 [ 85.178093][ T7268] shmem_file_write_iter+0x10e/0x140 [ 85.179500][ T7268] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 85.181047][ T7268] __kernel_write_iter+0x318/0xa80 [ 85.182382][ T7268] ? __pfx___kernel_write_iter+0x10/0x10 [ 85.183874][ T7268] ? get_dump_page+0x15b/0x230 [ 85.185238][ T7268] ? __pfx___might_resched+0x10/0x10 [ 85.186894][ T7268] ? copy_mc_enhanced_fast_string+0xa/0x13 [ 85.188425][ T7268] dump_user_range+0x389/0x8c0 [ 85.189687][ T7268] ? __pfx_dump_user_range+0x10/0x10 [ 85.191115][ T7268] ? elf_coredump_extra_notes_write+0xbe/0x430 [ 85.192753][ T7268] ? __pfx_writenote+0x10/0x10 [ 85.194108][ T7268] elf_core_dump+0x287c/0x3a50 [ 85.195803][ T7268] ? __pfx_elf_core_dump+0x10/0x10 [ 85.197693][ T7268] ? kasan_save_stack+0x33/0x60 [ 85.199341][ T7268] ? kasan_save_track+0x14/0x30 [ 85.200825][ T7268] ? __kasan_kmalloc+0xaa/0xb0 [ 85.202169][ T7268] ? __kmalloc_node_noprof+0x21f/0x510 [ 85.203640][ T7268] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 85.205147][ T7268] ? get_signal+0x230b/0x26c0 [ 85.206393][ T7268] ? arch_do_signal_or_restart+0x90/0x7e0 [ 85.207881][ T7268] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 85.209441][ T7268] ? rcu_is_watching+0x12/0xc0 [ 85.211071][ T7268] ? trace_lock_acquire+0x146/0x1e0 [ 85.213000][ T7268] ? __pfx_sort+0x10/0x10 [ 85.214659][ T7268] ? get_signal+0x230b/0x26c0 [ 85.216511][ T7268] ? do_coredump+0x3ad7/0x49e0 [ 85.217866][ T7268] do_coredump+0x3ad7/0x49e0 [ 85.219448][ T7268] ? __pfx_do_coredump+0x10/0x10 [ 85.221262][ T7268] ? stack_trace_save+0x95/0xd0 [ 85.222648][ T7268] ? __pfx_stack_trace_save+0x10/0x10 [ 85.224068][ T7268] ? hlock_class+0x4e/0x130 [ 85.225742][ T7268] ? stack_depot_save_flags+0x28/0x8f0 [ 85.227743][ T7268] ? kmem_cache_free+0x152/0x4c0 [ 85.229516][ T7268] ? __sigqueue_free+0xba/0x2a0 [ 85.231283][ T7268] ? get_signal+0xcbc/0x26c0 [ 85.232958][ T7268] ? arch_do_signal_or_restart+0x90/0x7e0 [ 85.234975][ T7268] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 85.237149][ T7268] ? find_held_lock+0x2d/0x110 [ 85.238902][ T7268] ? proc_coredump_connector+0x2d2/0x4f0 [ 85.240892][ T7268] ? __pfx_proc_coredump_connector+0x10/0x10 [ 85.243106][ T7268] get_signal+0x230b/0x26c0 [ 85.244736][ T7268] ? force_sig_fault+0xc5/0x110 [ 85.246433][ T7268] ? __pfx_get_signal+0x10/0x10 [ 85.248128][ T7268] arch_do_signal_or_restart+0x90/0x7e0 [ 85.250003][ T7268] ? trace_irq_disable.constprop.0+0xe6/0x140 [ 85.252063][ T7268] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 85.253677][ T7268] ? __bad_area_nosemaphore+0x334/0x6a0 [ 85.255214][ T7268] ? do_user_addr_fault+0x920/0x13f0 [ 85.256697][ T7268] irqentry_exit_to_user_mode+0x13f/0x280 [ 85.258627][ T7268] asm_exc_page_fault+0x26/0x30 [ 85.260279][ T7268] RIP: 0033:0x0 [ 85.261475][ T7268] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 85.263504][ T7268] RSP: 002b:00000000200002be EFLAGS: 00010217 [ 85.265145][ T7268] RAX: 0000000000000000 RBX: 0000000000000058 RCX: 00007faa9037e819 [ 85.267221][ T7268] RDX: 00007faa911fbf20 RSI: 0000000000000058 RDI: 00007faa911fbf20 [ 85.269311][ T7268] RBP: 00007faa903f175e R08: 0000000000000000 R09: 0000000000000058 [ 85.271427][ T7268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.273485][ T7268] R13: 0000000000000000 R14: 00007faa90535fa0 R15: 00007ffe117c5e68 [ 85.276105][ T7268] [ 85.281177][ T7268] memory: usage 290820kB, limit 307200kB, failcnt 44891 [ 85.311881][ T7268] memory+swap: usage 404560kB, limit 9007199254740988kB, failcnt 0 [ 85.314218][ T7268] kmem: usage 4696kB, limit 9007199254740988kB, failcnt 0 [ 85.316114][ T7268] Memory cgroup stats for /syz2: [ 85.316193][ T7268] cache 288026624 [ 85.318537][ T7268] rss 237568 [ 85.319449][ T7268] rss_huge 0 [ 85.320364][ T7268] shmem 288026624 [ 85.321451][ T7268] mapped_file 0 [ 85.322438][ T7268] dirty 0 [ 85.381138][ T7268] writeback 4096 [ 85.399024][ T7268] workingset_refault_anon 53 [ 85.400328][ T7268] workingset_refault_file 3861 [ 85.410164][ T7268] swap 120434688 [ 85.411308][ T7268] swapcached 53248 [ 85.412339][ T7268] pgpgin 212938 [ 85.413284][ T7268] pgpgout 142515 [ 85.414341][ T7268] pgfault 19516 [ 85.415641][ T7268] pgmajfault 98 [ 85.416926][ T7268] inactive_anon 38785024 [ 85.418434][ T7268] active_anon 248131584 [ 85.419897][ T7268] inactive_file 0 [ 85.421514][ T7268] active_file 0 [ 85.423595][ T7268] unevictable 0 [ 85.424893][ T7268] hierarchical_memory_limit 314572800 [ 85.452134][ T7268] hierarchical_memsw_limit 9223372036854771712 [ 85.454271][ T7268] total_cache 288026624 [ 85.467584][ T7268] total_rss 237568 [ 85.468981][ T7268] total_rss_huge 0 [ 85.470340][ T7268] total_shmem 288026624 [ 85.471857][ T7268] total_mapped_file 0 [ 85.473280][ T7268] total_dirty 0 [ 85.484377][ T7268] total_writeback 4096 [ 85.486145][ T7268] total_workingset_refault_anon 53 [ 85.487613][ T7268] total_workingset_refault_file 3861 [ 85.489090][ T7268] total_swap 120434688 [ 85.490277][ T7268] total_swapcached 53248 [ 85.491488][ T7268] total_pgpgin 212938 [ 85.492596][ T7268] total_pgpgout 142515 [ 85.493714][ T7268] total_pgfault 19516 [ 85.494826][ T7268] total_pgmajfault 98 [ 85.516357][ T7268] total_inactive_anon 38785024 [ 85.517745][ T7268] total_active_anon 248131584 [ 85.519058][ T7268] total_inactive_file 0 [ 85.520202][ T7268] total_active_file 0 [ 85.521300][ T7268] total_unevictable 0 [ 85.522391][ T7268] anon_cost 0 [ 85.537650][ T7268] file_cost 0 [ 85.538653][ T7268] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.335,pid=7260,uid=0 [ 85.542629][ T7268] Memory cgroup out of memory: Killed process 7260 (syz.2.335) total-vm:97752kB, anon-rss:756kB, file-rss:39000kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 85.591573][ T112] [ 85.592414][ T112] ====================================================== [ 85.594601][ T112] WARNING: possible circular locking dependency detected [ 85.596407][ T112] 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 Not tainted [ 85.598416][ T112] ------------------------------------------------------ [ 85.601809][ T112] kswapd0/112 is trying to acquire lock: [ 85.603515][ T112] ffff888107336278 (&q->q_usage_counter(io)#68){++++}-{0:0}, at: blk_mq_submit_bio+0x7ca/0x24c0 [ 85.606686][ T112] [ 85.606686][ T112] but task is already holding lock: [ 85.609085][ T112] ffffffff8e350560 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0 [ 85.612185][ T112] [ 85.612185][ T112] which lock already depends on the new lock. [ 85.612185][ T112] [ 85.614960][ T112] [ 85.614960][ T112] the existing dependency chain (in reverse order) is: [ 85.617230][ T112] [ 85.617230][ T112] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 85.619088][ T112] fs_reclaim_acquire+0x102/0x150 [ 85.620496][ T112] __kmalloc_node_noprof+0xb7/0x510 [ 85.621934][ T112] __kvmalloc_node_noprof+0xad/0x1a0 [ 85.623476][ T112] sbitmap_init_node+0x1ca/0x770 [ 85.624902][ T112] scsi_realloc_sdev_budget_map+0x2c7/0x610 [ 85.626579][ T112] scsi_add_lun+0x11b4/0x1fd0 [ 85.627931][ T112] scsi_probe_and_add_lun+0x4fa/0xda0 [ 85.629465][ T112] __scsi_add_device+0x24b/0x290 [ 85.630890][ T112] ata_scsi_scan_host+0x215/0x780 [ 85.632326][ T112] async_run_entry_fn+0x9c/0x530 [ 85.633769][ T112] process_one_work+0x9c5/0x1ba0 [ 85.635193][ T112] worker_thread+0x6c8/0xf00 [ 85.636519][ T112] kthread+0x2c1/0x3a0 [ 85.637729][ T112] ret_from_fork+0x45/0x80 [ 85.639017][ T112] ret_from_fork_asm+0x1a/0x30 [ 85.640384][ T112] [ 85.640384][ T112] -> #0 (&q->q_usage_counter(io)#68){++++}-{0:0}: [ 85.642604][ T112] __lock_acquire+0x249e/0x3c40 [ 85.644017][ T112] lock_acquire.part.0+0x11b/0x380 [ 85.645493][ T112] __bio_queue_enter+0x4c6/0x740 [ 85.646904][ T112] blk_mq_submit_bio+0x7ca/0x24c0 [ 85.648329][ T112] __submit_bio+0x384/0x540 [ 85.649633][ T112] submit_bio_noacct_nocheck+0x698/0xd70 [ 85.651241][ T112] submit_bio_noacct+0x93a/0x1e20 [ 85.652681][ T112] __swap_writepage+0x3a3/0xf50 [ 85.654067][ T112] swap_writepage+0x403/0x1120 [ 85.655552][ T112] pageout+0x3b2/0xaa0 [ 85.656735][ T112] shrink_folio_list+0x3025/0x42d0 [ 85.658204][ T112] evict_folios+0x6e3/0x19c0 [ 85.659572][ T112] try_to_shrink_lruvec+0x61e/0xa80 [ 85.661094][ T112] shrink_one+0x3e3/0x7b0 [ 85.662405][ T112] shrink_node+0x2763/0x3e60 [ 85.663862][ T112] balance_pgdat+0xc1f/0x18f0 [ 85.665217][ T112] kswapd+0x5f8/0xc30 [ 85.666417][ T112] kthread+0x2c1/0x3a0 [ 85.667583][ T112] ret_from_fork+0x45/0x80 [ 85.668853][ T112] ret_from_fork_asm+0x1a/0x30 [ 85.670205][ T112] [ 85.670205][ T112] other info that might help us debug this: [ 85.670205][ T112] [ 85.672796][ T112] Possible unsafe locking scenario: [ 85.672796][ T112] [ 85.674725][ T112] CPU0 CPU1 [ 85.676126][ T112] ---- ---- [ 85.677521][ T112] lock(fs_reclaim); [ 85.678576][ T112] lock(&q->q_usage_counter(io)#68); [ 85.680540][ T112] lock(fs_reclaim); [ 85.682105][ T112] rlock(&q->q_usage_counter(io)#68); [ 85.683497][ T112] [ 85.683497][ T112] *** DEADLOCK *** [ 85.683497][ T112] [ 85.685459][ T112] 1 lock held by kswapd0/112: [ 85.686638][ T112] #0: ffffffff8e350560 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat+0xcd9/0x18f0 [ 85.688897][ T112] [ 85.688897][ T112] stack backtrace: [ 85.690335][ T112] CPU: 1 UID: 0 PID: 112 Comm: kswapd0 Not tainted 6.12.0-syzkaller-09435-g2c22dc1ee3a1 #0 [ 85.692778][ T112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.695529][ T112] Call Trace: [ 85.696390][ T112] [ 85.697119][ T112] dump_stack_lvl+0x116/0x1f0 [ 85.698293][ T112] print_circular_bug+0x419/0x5d0 [ 85.699527][ T112] check_noncircular+0x31a/0x400 [ 85.700716][ T112] ? __pfx_check_noncircular+0x10/0x10 [ 85.702046][ T112] ? lockdep_lock+0xc6/0x200 [ 85.703243][ T112] ? __pfx_lockdep_lock+0x10/0x10 [ 85.704446][ T112] __lock_acquire+0x249e/0x3c40 [ 85.705622][ T112] ? __pfx___lock_acquire+0x10/0x10 [ 85.706895][ T112] lock_acquire.part.0+0x11b/0x380 [ 85.708149][ T112] ? blk_mq_submit_bio+0x7ca/0x24c0 [ 85.709438][ T112] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 85.710819][ T112] ? rcu_is_watching+0x12/0xc0 [ 85.712244][ T112] ? trace_lock_acquire+0x146/0x1e0 [ 85.713890][ T112] ? blk_mq_submit_bio+0x7ca/0x24c0 [ 85.715189][ T112] ? lock_acquire+0x2f/0xb0 [ 85.716327][ T112] ? blk_mq_submit_bio+0x7ca/0x24c0 [ 85.717587][ T112] __bio_queue_enter+0x4c6/0x740 [ 85.718823][ T112] ? blk_mq_submit_bio+0x7ca/0x24c0 [ 85.720237][ T112] ? __pfx___bio_queue_enter+0x10/0x10 [ 85.721656][ T112] ? blk_mq_submit_bio+0x7b5/0x24c0 [ 85.723019][ T112] ? __pfx_autoremove_wake_function+0x10/0x10 [ 85.724545][ T112] blk_mq_submit_bio+0x7ca/0x24c0 [ 85.725851][ T112] ? __pfx_blk_mq_submit_bio+0x10/0x10 [ 85.727243][ T112] ? __pfx_mark_lock+0x10/0x10 [ 85.728454][ T112] __submit_bio+0x384/0x540 [ 85.729584][ T112] ? __pfx___submit_bio+0x10/0x10 [ 85.730863][ T112] ? ktime_get+0x206/0x300 [ 85.732015][ T112] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.733372][ T112] ? submit_bio_noacct_nocheck+0x698/0xd70 [ 85.734836][ T112] submit_bio_noacct_nocheck+0x698/0xd70 [ 85.736256][ T112] ? __pfx_submit_bio_noacct_nocheck+0x10/0x10 [ 85.737781][ T112] ? __pfx___might_resched+0x10/0x10 [ 85.739165][ T112] ? __pfx___folio_start_writeback+0x10/0x10 [ 85.740919][ T112] submit_bio_noacct+0x93a/0x1e20 [ 85.742206][ T112] __swap_writepage+0x3a3/0xf50 [ 85.743483][ T112] swap_writepage+0x403/0x1120 [ 85.744716][ T112] ? folio_clear_dirty_for_io+0x112/0x800 [ 85.746261][ T112] pageout+0x3b2/0xaa0 [ 85.747296][ T112] ? __pfx_pageout+0x10/0x10 [ 85.748454][ T112] ? __pfx_try_to_unmap_one+0x10/0x10 [ 85.749840][ T112] ? __pfx_folio_not_mapped+0x10/0x10 [ 85.751221][ T112] ? __pfx_folio_lock_anon_vma_read+0x10/0x10 [ 85.752869][ T112] ? folio_mark_dirty+0xd8/0x150 [ 85.754264][ T112] shrink_folio_list+0x3025/0x42d0 [ 85.755555][ T112] ? __pfx_shrink_folio_list+0x10/0x10 [ 85.756886][ T112] ? isolate_folios+0x1c57/0x3830 [ 85.758158][ T112] ? hlock_class+0x4e/0x130 [ 85.759334][ T112] ? mark_lock+0xb5/0xc60 [ 85.760422][ T112] ? mark_held_locks+0x9f/0xe0 [ 85.761655][ T112] evict_folios+0x6e3/0x19c0 [ 85.762868][ T112] ? do_shrink_slab+0xb2e/0x11c0 [ 85.764158][ T112] ? __pfx_evict_folios+0x10/0x10 [ 85.765470][ T112] ? find_held_lock+0x2d/0x110 [ 85.766720][ T112] ? __pfx___might_resched+0x10/0x10 [ 85.768104][ T112] ? mem_cgroup_get_nr_swap_pages+0x20/0x120 [ 85.769654][ T112] ? sc_swappiness+0xd4/0x190 [ 85.770888][ T112] try_to_shrink_lruvec+0x61e/0xa80 [ 85.772244][ T112] ? find_held_lock+0x2d/0x110 [ 85.773510][ T112] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 85.775084][ T112] ? shrink_node+0x2743/0x3e60 [ 85.776342][ T112] shrink_one+0x3e3/0x7b0 [ 85.777479][ T112] ? shrink_node+0x2743/0x3e60 [ 85.778740][ T112] shrink_node+0x2763/0x3e60 [ 85.779953][ T112] ? shrink_node+0x24b0/0x3e60 [ 85.781203][ T112] ? __pfx_shrink_node+0x10/0x10 [ 85.782496][ T112] ? percpu_ref_put_many.constprop.0+0x1b/0x150 [ 85.784138][ T112] ? balance_pgdat+0xc1f/0x18f0 [ 85.785582][ T112] balance_pgdat+0xc1f/0x18f0 [ 85.787289][ T112] ? __pfx_balance_pgdat+0x10/0x10 [ 85.788983][ T112] ? __switch_to+0x749/0x1190 [ 85.790556][ T112] ? __schedule+0xe60/0x5ad0 [ 85.792079][ T112] ? __pfx___lock_acquire+0x10/0x10 [ 85.793747][ T112] ? __pfx___might_resched+0x10/0x10 [ 85.795449][ T112] ? set_pgdat_percpu_threshold+0xc3/0x330 [ 85.796897][ T112] kswapd+0x5f8/0xc30 [ 85.797931][ T112] ? __pfx_kswapd+0x10/0x10 [ 85.799115][ T112] ? __pfx_autoremove_wake_function+0x10/0x10 [ 85.800698][ T112] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.802048][ T112] ? __kthread_parkme+0x148/0x220 [ 85.803399][ T112] ? __pfx_kswapd+0x10/0x10 [ 85.804617][ T112] kthread+0x2c1/0x3a0 [ 85.805686][ T112] ? _raw_spin_unlock_irq+0x23/0x50 [ 85.807040][ T112] ? __pfx_kthread+0x10/0x10 [ 85.808234][ T112] ret_from_fork+0x45/0x80 [ 85.809393][ T112] ? __pfx_kthread+0x10/0x10 [ 85.810609][ T112] ret_from_fork_asm+0x1a/0x30 [ 85.811855][ T112] [ 85.812775][ C1] vkms_vblank_simulate: vblank timer overrun SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 86.084461][ T829] usb 8-1: USB disconnect, device number 13 [ 86.228792][ T7027] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.321379][ T7027] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.421997][ T7273] syz.2.335 (7273) used greatest stack depth: 17456 bytes left [ 86.431502][ T7027] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.502964][ T7027] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.571139][ T7027] bridge_slave_1: left allmulticast mode [ 86.572685][ T7027] bridge_slave_1: left promiscuous mode [ 86.574218][ T7027] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.577476][ T7027] bridge_slave_0: left allmulticast mode [ 86.578956][ T7027] bridge_slave_0: left promiscuous mode [ 86.580549][ T7027] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.775747][ T7027] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 86.779749][ T7027] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 86.783585][ T7027] bond0 (unregistering): Released all slaves [ 87.124850][ T7027] hsr_slave_0: left promiscuous mode [ 87.126600][ T7027] hsr_slave_1: left promiscuous mode [ 87.128493][ T7027] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 87.130455][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 87.132694][ T7027] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 87.134635][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 87.137679][ T7027] veth1_macvtap: left promiscuous mode [ 87.139131][ T7027] veth0_macvtap: left promiscuous mode [ 87.140586][ T7027] veth1_vlan: left promiscuous mode [ 87.142081][ T7027] veth0_vlan: left promiscuous mode [ 87.251492][ T7027] team0 (unregistering): Port device team_slave_1 removed [ 87.256612][ T7027] team0 (unregistering): Port device team_slave_0 removed [ 87.915551][ T7027] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.989287][ T7027] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.073876][ T7027] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.138723][ T7027] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.195182][ T7027] bridge_slave_1: left promiscuous mode [ 88.196886][ T7027] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.199496][ T7027] bridge_slave_0: left allmulticast mode [ 88.201580][ T7027] bridge_slave_0: left promiscuous mode [ 88.203574][ T7027] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.241140][ T7027] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 88.301102][ T7027] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 88.304460][ T7027] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 88.307720][ T7027] bond0 (unregistering): (slave team0): Releasing backup interface [ 88.310259][ T7027] bond0 (unregistering): Released all slaves [ 88.388936][ T7027] tipc: Disabling bearer [ 88.390384][ T7027] tipc: Left network mode [ 88.634380][ T7027] hsr_slave_0: left promiscuous mode [ 88.636336][ T7027] hsr_slave_1: left promiscuous mode [ 88.638600][ T7027] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 88.640615][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 88.642947][ T7027] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 88.644948][ T7027] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 88.648452][ T7027] veth1_macvtap: left promiscuous mode [ 88.650019][ T7027] veth0_macvtap: left promiscuous mode [ 88.651894][ T7027] veth1_vlan: left promiscuous mode [ 88.653800][ T7027] veth0_vlan: left promiscuous mode [ 88.831840][ T7027] team0 (unregistering): Port device team_slave_1 removed [ 88.864305][ T7027] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 06:53:20 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffffffff8e07c740 RCX=1ffffffff1c03f70 RDX=fffffbfff1c0f8e9 RSI=0000000000000008 RDI=0000000000000003 RBP=ffff888039d32440 RSP=ffffc9000321f738 R8 =0000000000000000 R9 =fffffbfff1c0f8e8 R10=ffffffff8e07c747 R11=00000000000a4001 R12=0000000000000000 R13=ffffed1005019488 R14=ffff8880280ca440 R15=dffffc0000000000 RIP=ffffffff8169f1bf RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fcc9515c6c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fcc9515bf98 CR3=000000005253e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc943f277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc9450c488 00007fcc9450c480 00007fcc9450c478 00007fcc9450c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc9506d100 00007fcc9450c440 00007fcc9450c458 00007fcc9450c4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcc9450c498 00007fcc9450c490 00007fcc9450c488 00007fcc9450c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85106065 RDI=ffffffff9ab3da20 RBP=ffffffff9ab3d9e0 RSP=ffffc90002796218 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000031 R14=ffffffff85106000 R15=0000000000000000 RIP=ffffffff8510608f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffe117c5880 CR3=000000004fbf0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc5ee33ba0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff888030130460 RCX=ffff888030130048 RDX=0000000000000000 RSI=0000000000000005 RDI=0000000000000005 RBP=00000000000031cd RSP=ffffc9000329f118 R8 =0000000000000005 R9 =0000000000000005 R10=0000000000000004 R11=ffff88806a828abc R12=0000000000000000 R13=0000000000000005 R14=00000000000031ce R15=000000000000000f RIP=ffffffff81ccaef2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555584805500 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007faa90535f78 CR3=000000003981a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe117c5fd0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa903f277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656d75736e6f6320 647a253d657a6973 000a747261745374 6f687370616e5300 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 404850564b4a4605 415f0018405f4c56 000a515744515351 4a4d5655444b5300 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000069d3e RBX=ffff88806a746880 RCX=ffffc90031603000 RDX=0000000000080000 RSI=ffffffff8182b576 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900038bfb18 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed100d4e8d11 R13=0000000000000001 R14=ffff88806a746888 R15=ffff88806a93fe40 RIP=ffffffff8182b578 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fde5f9f96c0 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fde5fb62320 CR3=0000000058a28000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000097 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffff000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde5fbf277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000396e6f6d 6273752f7665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000001a4d4c4e 4150560c5546470c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000