last executing test programs: 1.224087019s ago: executing program 1 (id=2): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) pipe(&(0x7f0000000500)) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff4000/0xa000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000006c0)=ANY=[@ANYBLOB="1201000000000040c41090ea8000000000010902"], 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000000400)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@default_permissions}]}}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x42, &(0x7f0000000140)=[@vmwrite={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}], 0x1) ioctl$KVM_RUN(r6, 0xae80, 0x0) 1.184549762s ago: executing program 2 (id=3): socket$inet_tcp(0x2, 0x1, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) (async) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) (async) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) (async) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0) (async) write$binfmt_elf32(r2, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x6b, 0x9, 0x24, 0x40, 0x8, 0x2, 0x3, 0x7, 0x27a, 0x38, 0x361, 0x7, 0xdc8, 0x20, 0x4, 0x5, 0x80, 0x80}, [{0x1, 0x3, 0x9, 0x8, 0x0, 0xfffffffe, 0x8, 0x6}, {0x6, 0x6, 0x4, 0x2, 0x10000000, 0x6, 0xfffffffa, 0x7}, {0x60000000, 0xf, 0x8, 0x6, 0x4, 0x4, 0x1, 0x1ff}, {0x5, 0xf, 0x6, 0x40abfd6b, 0x2, 0x8, 0x10000, 0xfffffff8}], "d2fd06b5cd1a2d81f399320f4e68be38839c219cde3b73b7dd9e3eaa4459798b70e377e425421b63d8510669f3a330448e209b7a5cf5e94b63d1643eb92eb5c6b9f1aeaa7ff674e2c7893300f17104d45d954d8585e9c0247819a431e5c4b9839bd9b247237c729fe1785c2151ff2d9eeecbc188dc4f9f8f11974ea61e5254d4cfabd1a8e9b54ceb90a090de91b23cdaaf28ebb590bb3a95a618d5cd90b68eefa5293d84b3671361936eeaf51debe762fe7ca9ca05e8c481e7568721c4b5c5455b55754a587d071919", ['\x00', '\x00', '\x00']}, 0x481) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0) (async) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14) (async) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r4, 0xae04) (async) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020605000000000000000000000000001400078005001400090000000800124008001f000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x58}}, 0x0) (async) socket$nl_netfilter(0x10, 0x3, 0xc) 1.095831215s ago: executing program 3 (id=4): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x2}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x9}}}, 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8004}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x68}}, 0x0) (async) sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="40000000210a018800000000000000000a0000010900020073797a31000000000900010073797a310000000014000380100000800c000180060001"], 0x40}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) 1.020510983s ago: executing program 2 (id=5): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.01957628s ago: executing program 0 (id=1): r0 = syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r0, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=[@wrmsr={0x65, 0x20, {0x40000000, 0x3}}, @wrmsr={0x65, 0x20, {0x40000001, 0x3f}}], 0x40}) ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r3, 0x4068aea3, &(0x7f00000000c0)={0xc7, 0x0, 0x1}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x3, 0x31237648, 0x6, 0x2, 0x80}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000bfd000/0x400000)=nil) ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r3, 0x4068aea3, &(0x7f00000002c0)={0xc7, 0x0, 0x1}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x7, 0xb, 0x800000003, 0x208, 0x409, 0x8, 0x80, 0x11, 0x84, 0x8000000000000000, 0x2, 0x0, 0x3, 0x2, 0x3, 0xffffffffffffffff], 0x0, 0x194d40}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 950.346308ms ago: executing program 3 (id=6): r0 = syz_usb_connect(0x0, 0x2b0, &(0x7f0000000300)={{0x12, 0x1, 0x201, 0x66, 0x7a, 0xc0, 0x10, 0x4e2, 0x1402, 0x9377, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x247, 0x1, 0x0, 0x0, 0x80, 0x0, "", [{{0x9, 0x4, 0x28, 0x2, 0xc, 0x96, 0xf8, 0xb, 0xa2, [], [{{0x9, 0x5, 0x9, 0x0, 0x40, 0x1, 0x0, 0x5}}, {{0x9, 0x5, 0x3, 0x2, 0x3ff, 0x2, 0x3, 0xf7, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0x9, 0x8000}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x6, 0x6647}]}}, {{0x9, 0x5, 0x0, 0x1, 0x400, 0x9, 0x3, 0x5}}, {{0x9, 0x5, 0x2, 0x0, 0x3ff, 0xc, 0x60, 0x19, [@generic={0x4, 0x23, '-&'}]}}, {{0x9, 0x5, 0xd, 0x0, 0x20, 0x5, 0xf, 0x7e, [@generic={0x14, 0x5, "eb6f44fc2f457153a254a81ef3a2987b2136"}]}}, {{0x9, 0x5, 0xe, 0x0, 0x40, 0x7, 0x8, 0x3, [@generic={0x9d, 0x22, "f22e5d7fe1d7206b999fc3e083b21f2f6c9c23b8a77df7d201d783bc205a4ab78c0f00cdd0e146c34dacce9885e2e4a78fb24053b66667f03cc5ea9a150bc018f17f6e72c7c2adc007c35b9349b13079d7a463dc17a955862b302ac2ea2b042a05bc74083d0b009aaaebaab35c43de3926bbbc2ab95fdf6e2f7091ce21f5a69a6f7c01d8ed0529faa69c6cfd2418acfc42a2b79bac60ed93ff6114"}, @generic={0x99, 0x8, "365d4ad3f41a7a124882c382111a348a9fe193f0421fa15a92847459f881bc3654b565fe7bc9c9c5197ef1e5a3337c29e108afbace0c278c2707fbf96ef284edce94ee71c2705065a23b2e436a62fcfffc3b1f497e4f516b46765345461a080452821dfaf08cec9d181e25d745481901d5f11927a6389806ddafd381dcaefa5be59f5c277212abf4e9edecf121bf5c77e5d59678b6fec3"}]}}, {{0x9, 0x5, 0xb, 0x10, 0x200, 0x4, 0x5, 0x7f, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0x8, 0x5}, @uac_iso={0x7, 0x25, 0x1, 0x4, 0x4, 0xe763}]}}, {{0x9, 0x5, 0x80, 0x0, 0x20, 0xf8, 0x3, 0x2}}, {{0x9, 0x5, 0x9, 0x0, 0x20, 0x3, 0x2, 0x7}}, {{0x9, 0x5, 0xc, 0x2, 0x400, 0x8, 0x20, 0x5}}, {{0x9, 0x5, 0x4, 0x0, 0x20, 0xd, 0x0, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0xc, 0x8000}]}}, {{0x9, 0x5, 0x80, 0x0, 0x20, 0x0, 0xd, 0x6, [@generic={0x51, 0xe, "b3b07e3967487c257a50f074cacff27ca5b3afb978815df2428707b7a75bc73c5a8cf30ac040c274e6217b83ed7cd8c40a984b5295e000832b0be0c833f4d4f62b8c9ee8e2eddcbc917d08932728f7"}, @uac_iso={0x7, 0x25, 0x1, 0xc, 0x6, 0x1}]}}]}}]}}]}}, 0x0) syz_usb_ep_write(r0, 0x7, 0x9, &(0x7f0000000000)="98314defba91f692b7") 799.80639ms ago: executing program 2 (id=7): syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x100, 0x0) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'sit0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000380)=@newqdisc={0x78, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x5, 0x0, 0x386561e9, 0x4000000}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x2, 0xf, 0xb4, 0x0, 0x1c56, 0x8}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x8080) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = dup(r4) ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r5, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0x1, 0x3f, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'caif0\x00'}) r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r1) sendmsg$BATADV_CMD_SET_VLAN(r7, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x3c, r8, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x9}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x400}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8a9}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x801}, 0x0) pwrite64(r6, &(0x7f0000000480)="736e8c6fc4db1e7e16254040a6f619d722a78ccab6efbd8fde538d0f379b8833ab2c4103e869113386700dc894854aee29c6e4e167780b4ef9c78ce754c2f738d6a3b171122b74bec8a1c124783f139629cbb52a370630b9938f287b63625bfe356102e3333c2a295d7de7cae6836c8a443c397b5be0ea25b4052fc10e9f1c34dd88f5ec9ff742b244e5a0f4274b6aba6144835d016e96376cf3d4a495d2e47da3d6ecb1435c48d3f989e9dd9fcd", 0xae, 0x9) r9 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r9, 0x10e, 0xc, &(0x7f00000000c0)={0x9}, 0x10) sendmsg$nl_route_sched(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@gettaction={0x1c, 0x5a, 0xc6b747b6bf1c6b95, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0x1c}}, 0x0) 18.114739ms ago: executing program 3 (id=8): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000001c0)={{0x8000000, 0x3000, 0xb, 0x9, 0x4, 0x8, 0x40, 0x17, 0x0, 0x5, 0x19}, {0x58000, 0x50000, 0x3, 0x0, 0x22, 0x5, 0x79, 0x6, 0x5, 0xb4, 0x3}, {0xeeef0003, 0xa000, 0x0, 0x5, 0x3, 0x3, 0x0, 0x19, 0x1, 0x6, 0x5, 0x81}, {0x3000, 0x1, 0x44e41e77284b2876, 0x1, 0x0, 0x42, 0xb, 0x0, 0x6, 0x7, 0xc}, {0x11f6593269eab9dc, 0x41000, 0xc, 0x3, 0x15, 0x19, 0xab, 0x7f, 0x7, 0x80, 0x8, 0x83}, {0x8000000, 0x0, 0xc, 0xa3, 0xad, 0x5, 0x1, 0xf7, 0x8, 0x5, 0xf7}, {0x80a0000, 0x1, 0x4, 0x7, 0x8, 0x5, 0x9, 0x5, 0x5, 0x7f, 0x1, 0x6d}, {0x100000, 0x1, 0x10, 0x5, 0xb, 0x7, 0x0, 0x34, 0x2, 0xb, 0x3, 0x9}, {0xa000, 0x30}, {0x1, 0x9}, 0x80000031, 0x0, 0xeeef0000, 0x1200d, 0x3, 0x8000, 0x200000, [0x6800000000000000, 0x4, 0x61, 0x5]}) close(0x3) 0s ago: executing program 0 (id=9): r0 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000140)={0x0, 0x1}) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r2, 0xc00864bf, &(0x7f0000000200)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_QUERY(r2, 0xc01864cb, &(0x7f0000000100)={&(0x7f0000000040)=[r3], &(0x7f0000000080), 0x1, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r0, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000080)=[r1, r3], 0x0, 0x3ffffffffffffefe}) r4 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0x800) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r0, 0xc02064cc, &(0x7f00000001c0)={r5, r5, 0x0, 0x71a5, 0x2}) kernel console output (not intermixed with test programs): [ 44.011049][ T40] audit: type=1400 audit(1777686067.574:60): avc: denied { rlimitinh } for pid=5636 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.020832][ T40] audit: type=1400 audit(1777686067.574:61): avc: denied { siginh } for pid=5636 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.034241][ T5633] sshd-session (5633) used greatest stack depth: 19352 bytes left Warning: Permanently added '[localhost]:42334' (ED25519) to the list of known hosts. [ 45.752970][ T40] audit: type=1400 audit(1777686069.334:62): avc: denied { name_bind } for pid=5663 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 45.794130][ T40] audit: type=1400 audit(1777686069.374:63): avc: denied { execute } for pid=5665 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 45.802004][ T40] audit: type=1400 audit(1777686069.374:64): avc: denied { execute_no_trans } for pid=5665 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 47.853753][ T40] audit: type=1400 audit(1777686071.434:65): avc: denied { mounton } for pid=5665 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 47.863775][ T40] audit: type=1400 audit(1777686071.434:66): avc: denied { getattr } for pid=5705 comm="rm" path="/run/dhcpcd/hook-state/resolv.conf.lapb4.ipv4ll" dev="tmpfs" ino=1890 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 47.866968][ T5665] cgroup: Unknown subsys name 'net' [ 48.005625][ T5665] cgroup: Unknown subsys name 'cpuset' [ 48.010882][ T5665] cgroup: Unknown subsys name 'rlimit' [ 48.275997][ T5717] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 48.990628][ T5665] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 52.649296][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 52.649307][ T40] audit: type=1400 audit(1777686076.224:85): avc: denied { execmem } for pid=5726 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 52.776786][ T40] audit: type=1400 audit(1777686076.354:86): avc: denied { create } for pid=5730 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.790807][ T40] audit: type=1400 audit(1777686076.354:87): avc: denied { read write } for pid=5730 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.798510][ T40] audit: type=1400 audit(1777686076.354:88): avc: denied { open } for pid=5730 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 52.800062][ T5733] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 52.808543][ T40] audit: type=1400 audit(1777686076.364:89): avc: denied { ioctl } for pid=5730 comm="syz-executor" path="socket:[6580]" dev="sockfs" ino=6580 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.814568][ T5733] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.816479][ T5736] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.824366][ T5737] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.827525][ T5733] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.829127][ T5737] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.832040][ T5733] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.833822][ T5737] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.836108][ T5733] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.839513][ T5737] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.840993][ T5733] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.844469][ T5737] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.845907][ T5745] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.847252][ T5745] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.848263][ T5733] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.850719][ T5746] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.851144][ T5746] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.853110][ T5745] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.856235][ T40] audit: type=1400 audit(1777686076.434:90): avc: denied { read } for pid=5730 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.857487][ T5746] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.862355][ T5733] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.870087][ T40] audit: type=1400 audit(1777686076.434:91): avc: denied { open } for pid=5730 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 52.895889][ T40] audit: type=1400 audit(1777686076.434:92): avc: denied { mounton } for pid=5730 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 52.915063][ T40] audit: type=1400 audit(1777686076.444:93): avc: denied { module_request } for pid=5740 comm="syz-executor" kmod="netdev-nr1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 52.923481][ T40] audit: type=1400 audit(1777686076.454:94): avc: denied { sys_module } for pid=5740 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 53.337541][ T5740] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.340453][ T5740] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.343379][ T5740] bridge_slave_0: entered allmulticast mode [ 53.346070][ T5740] bridge_slave_0: entered promiscuous mode [ 53.371546][ T5740] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.378065][ T5740] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.381289][ T5740] bridge_slave_1: entered allmulticast mode [ 53.385463][ T5740] bridge_slave_1: entered promiscuous mode [ 53.454721][ T5740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.474422][ T5740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.483563][ T5730] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.486066][ T5730] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.488488][ T5730] bridge_slave_0: entered allmulticast mode [ 53.491159][ T5730] bridge_slave_0: entered promiscuous mode [ 53.494662][ T5730] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.497028][ T5730] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.499494][ T5730] bridge_slave_1: entered allmulticast mode [ 53.502122][ T5730] bridge_slave_1: entered promiscuous mode [ 53.547273][ T5739] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.550147][ T5739] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.553100][ T5739] bridge_slave_0: entered allmulticast mode [ 53.556444][ T5739] bridge_slave_0: entered promiscuous mode [ 53.562372][ T5740] team0: Port device team_slave_0 added [ 53.567362][ T5730] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.572827][ T5730] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.581588][ T5739] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.584132][ T5739] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.586556][ T5739] bridge_slave_1: entered allmulticast mode [ 53.589215][ T5739] bridge_slave_1: entered promiscuous mode [ 53.598803][ T5740] team0: Port device team_slave_1 added [ 53.616689][ T5732] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.618984][ T5732] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.621273][ T5732] bridge_slave_0: entered allmulticast mode [ 53.624096][ T5732] bridge_slave_0: entered promiscuous mode [ 53.649938][ T5732] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.652452][ T5732] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.654822][ T5732] bridge_slave_1: entered allmulticast mode [ 53.657749][ T5732] bridge_slave_1: entered promiscuous mode [ 53.668751][ T5739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.674090][ T5730] team0: Port device team_slave_0 added [ 53.677228][ T5740] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.680232][ T5740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.691633][ T5740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.710217][ T5739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.715398][ T5730] team0: Port device team_slave_1 added [ 53.718864][ T5740] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.721755][ T5740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.732777][ T5740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.739779][ T5732] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.780691][ T5732] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.790578][ T5739] team0: Port device team_slave_0 added [ 53.794162][ T5739] team0: Port device team_slave_1 added [ 53.801955][ T5730] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.804765][ T5730] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.814132][ T5730] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.851602][ T5730] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.853933][ T5730] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.862067][ T5730] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.868974][ T5740] hsr_slave_0: entered promiscuous mode [ 53.872612][ T5740] hsr_slave_1: entered promiscuous mode [ 53.876717][ T5732] team0: Port device team_slave_0 added [ 53.879216][ T5739] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.882121][ T5739] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.893752][ T5739] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.904214][ T5739] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.907156][ T5739] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.917960][ T5739] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.930798][ T5732] team0: Port device team_slave_1 added [ 53.947155][ T5732] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.949340][ T5732] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.957423][ T5732] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.961997][ T5732] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.964279][ T5732] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.972329][ T5732] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.055143][ T5730] hsr_slave_0: entered promiscuous mode [ 54.057227][ T5730] hsr_slave_1: entered promiscuous mode [ 54.059340][ T5730] debugfs: 'hsr0' already exists in 'hsr' [ 54.061245][ T5730] Cannot create hsr debugfs directory [ 54.069643][ T5739] hsr_slave_0: entered promiscuous mode [ 54.071963][ T5739] hsr_slave_1: entered promiscuous mode [ 54.074206][ T5739] debugfs: 'hsr0' already exists in 'hsr' [ 54.076091][ T5739] Cannot create hsr debugfs directory [ 54.090665][ T5732] hsr_slave_0: entered promiscuous mode [ 54.092990][ T5732] hsr_slave_1: entered promiscuous mode [ 54.095243][ T5732] debugfs: 'hsr0' already exists in 'hsr' [ 54.097133][ T5732] Cannot create hsr debugfs directory [ 54.351450][ T5740] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.357251][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 54.360180][ T5740] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.364985][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 54.373418][ T5740] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.379029][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 54.382433][ T5740] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.386010][ T5740] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 54.415518][ T5739] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 54.420235][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 54.423216][ T5739] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 54.426845][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 54.430652][ T5739] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 54.434971][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 54.438724][ T5739] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 54.442745][ T5739] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 54.500130][ T5730] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.506280][ T5730] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 54.510035][ T5730] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.515926][ T5730] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 54.525363][ T5730] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.531432][ T5730] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 54.535374][ T5730] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.538967][ T5730] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 54.586256][ T5732] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.590502][ T5732] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 54.597251][ T5732] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.601227][ T5732] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 54.604538][ T5732] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.609588][ T5732] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 54.614134][ T5732] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 54.620063][ T5732] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 54.635049][ T5740] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.665776][ T5740] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.674447][ T5739] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.678467][ T1164] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.681090][ T1164] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.691224][ T1164] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.693616][ T1164] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.713429][ T5739] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.725590][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.728044][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.742450][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.744888][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.764940][ T5730] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.789995][ T5730] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.800048][ T5732] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.809255][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.812423][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.830144][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.832492][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.838503][ T5732] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.851990][ T87] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.854481][ T87] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.858088][ T87] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.860445][ T87] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.863754][ T62] Bluetooth: hci3: command tx timeout [ 54.942750][ T5736] Bluetooth: hci1: command tx timeout [ 54.945113][ T5733] Bluetooth: hci0: command tx timeout [ 54.947071][ T62] Bluetooth: hci2: command tx timeout [ 55.010010][ T5740] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.041329][ T5739] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.059893][ T5740] veth0_vlan: entered promiscuous mode [ 55.070520][ T5740] veth1_vlan: entered promiscuous mode [ 55.090371][ T5739] veth0_vlan: entered promiscuous mode [ 55.099552][ T5739] veth1_vlan: entered promiscuous mode [ 55.105412][ T5740] veth0_macvtap: entered promiscuous mode [ 55.111032][ T5740] veth1_macvtap: entered promiscuous mode [ 55.115178][ T5730] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.120928][ T5732] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 55.156143][ T5740] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.160789][ T5739] veth0_macvtap: entered promiscuous mode [ 55.172720][ T5740] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.182758][ T5739] veth1_macvtap: entered promiscuous mode [ 55.189804][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.198738][ T5732] veth0_vlan: entered promiscuous mode [ 55.200853][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.204984][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.214120][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.224646][ T5739] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.232031][ T5732] veth1_vlan: entered promiscuous mode [ 55.236738][ T5730] veth0_vlan: entered promiscuous mode [ 55.248458][ T5739] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.254129][ T5730] veth1_vlan: entered promiscuous mode [ 55.271961][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.275372][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.284977][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.288677][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.335380][ T5730] veth0_macvtap: entered promiscuous mode [ 55.341202][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.344424][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.348396][ T5732] veth0_macvtap: entered promiscuous mode [ 55.359144][ T5730] veth1_macvtap: entered promiscuous mode [ 55.373868][ T5732] veth1_macvtap: entered promiscuous mode [ 55.379525][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.382107][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.401163][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.404039][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.411133][ T5730] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.416564][ T5732] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.431904][ T5732] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.435758][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.438277][ T5730] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.439193][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.452258][ T60] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.456047][ T60] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.467130][ T60] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.471605][ T60] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.486613][ T5739] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 55.487804][ T46] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.495690][ T60] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.503761][ T60] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.506942][ T60] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.533766][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.539500][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.585541][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.593306][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.616375][ T87] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.621028][ T87] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.649461][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.653419][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.942519][ T5510] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 56.022966][ T5823] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 56.104918][ T5510] usb 6-1: config 0 has no interfaces? [ 56.108159][ T5510] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 56.112015][ T5510] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.120304][ T5510] usb 6-1: config 0 descriptor?? [ 56.172278][ T5877] usb 7-1: new low-speed USB device number 2 using dummy_hcd [ 56.182473][ T5823] usb 8-1: Using ep0 maxpacket: 16 [ 56.187937][ T5823] usb 8-1: unable to get BOS descriptor or descriptor too short [ 56.194646][ T5823] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 56.197695][ T5823] usb 8-1: can't read configurations, error -71 [ 56.334070][ T62] Bluetooth: hci3: Unknown advertising packet type: 0x14 [ 56.339045][ T5877] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 56.345843][ T5877] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 56.350502][ T5877] usb 7-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 56.357439][ T5877] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 56.360706][ T5877] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 56.365646][ T5877] usb 7-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 56.373348][ T5877] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 56.376706][ T5877] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 56.381346][ T5877] usb 7-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 56.395478][ T5877] usb 7-1: string descriptor 0 read error: -22 [ 56.397877][ T5877] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 56.401036][ T5877] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.413380][ T5877] adutux 7-1:168.0: interrupt endpoints not found [ 56.429356][ T39] usb 6-1: USB disconnect, device number 2 [ 56.758672][ T5905] ------------[ cut here ]------------ [ 56.760844][ T5905] 1 [ 56.760853][ T5905] WARNING: mm/page_alloc.c:5202 at __alloc_frozen_pages_noprof+0x23da/0x2bc0, CPU#0: syz.0.9/5905 [ 56.766697][ T5905] Modules linked in: [ 56.768457][ T5905] CPU: 0 UID: 0 PID: 5905 Comm: syz.0.9 Not tainted syzkaller #0 PREEMPT(full) [ 56.770960][ T29] usb 7-1: USB disconnect, device number 2 [ 56.773304][ T5905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 56.779729][ T5905] RIP: 0010:__alloc_frozen_pages_noprof+0x23da/0x2bc0 [ 56.782918][ T5905] Code: 00 45 31 c9 49 83 bc 24 78 05 00 00 00 4c 89 4c 24 50 0f 85 64 f8 ff ff c6 44 24 10 00 e9 f2 ea ff ff c6 05 34 4d 57 0e 01 90 <0f> 0b 90 e9 79 df ff ff 83 7c 24 40 03 41 bc 04 00 00 00 7f 06 41 [ 56.790768][ T5905] RSP: 0018:ffffc90005367760 EFLAGS: 00010246 [ 56.793443][ T5905] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 56.796982][ T5905] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040cc0 [ 56.799957][ T5905] RBP: 0000000000000016 R08: 0000000000000005 R09: 0000000000000009 [ 56.803777][ T5905] R10: 0000000000000016 R11: 0000000000000000 R12: 0000000000040cc0 [ 56.806949][ T5905] R13: 1ffff92000a6cf3b R14: 0000000000000016 R15: 1ffff92000a6cf05 [ 56.810562][ T5905] FS: 00007f2adb3896c0(0000) GS:ffff8880d6376000(0000) knlGS:0000000000000000 [ 56.814796][ T5905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.817776][ T5905] CR2: 00007f2ada586400 CR3: 000000005a7df000 CR4: 0000000000352ef0 [ 56.820854][ T5905] Call Trace: [ 56.822706][ T5905] [ 56.824100][ T5905] ? find_held_lock+0x2b/0x80 [ 56.826253][ T5905] ? is_bpf_text_address+0x8a/0x1a0 [ 56.828362][ T5905] ? is_bpf_text_address+0x8a/0x1a0 [ 56.830737][ T5905] ? bpf_ksym_find+0x128/0x1c0 [ 56.832797][ T5905] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 56.835608][ T5905] ? is_bpf_text_address+0x94/0x1a0 [ 56.837850][ T5905] ? kernel_text_address+0x8d/0x100 [ 56.839958][ T5905] ? __pfx_widen_string+0x10/0x10 [ 56.842247][ T5905] ? __kernel_text_address+0xd/0x30 [ 56.844640][ T5905] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 56.847119][ T5905] ? arch_stack_walk+0xa6/0xf0 [ 56.849239][ T5905] ? stack_trace_save+0x8e/0xc0 [ 56.851419][ T5905] ? __pfx_stack_trace_save+0x10/0x10 [ 56.853741][ T5905] ? stack_depot_save_flags+0x27/0x9d0 [ 56.856189][ T5905] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 56.858488][ T5905] ? policy_nodemask+0xed/0x4f0 [ 56.860785][ T5905] alloc_pages_mpol+0x1fb/0x540 [ 56.863160][ T5905] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 56.865186][ T5905] ? drm_syncobj_array_find+0x34/0x3b0 [ 56.867698][ T5905] ___kmalloc_large_node+0xe5/0x120 [ 56.869903][ T5905] __kmalloc_large_node_noprof+0x1c/0x70 [ 56.872237][ T5905] __kmalloc_noprof+0x5be/0x850 [ 56.874517][ T5905] drm_syncobj_array_find+0x34/0x3b0 [ 56.876877][ T5905] drm_syncobj_timeline_signal_ioctl+0x22a/0x8d0 [ 56.879742][ T5905] ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10 [ 56.882438][ T5905] ? drm_dev_exit+0x41/0x60 [ 56.884533][ T5905] ? drm_dev_exit+0x41/0x60 [ 56.886550][ T5905] drm_ioctl_kernel+0x1f3/0x3e0 [ 56.888787][ T5905] ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10 [ 56.891561][ T5905] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 56.893999][ T5905] drm_ioctl+0x5e6/0xc60 [ 56.895917][ T5905] ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10 [ 56.898535][ T5905] ? __pfx_drm_ioctl+0x10/0x10 [ 56.900674][ T5905] ? selinux_file_ioctl+0x13b/0x290 [ 56.903204][ T5905] ? selinux_file_ioctl+0xb6/0x290 [ 56.905137][ T5905] ? __pfx_drm_ioctl+0x10/0x10 [ 56.907285][ T5905] __x64_sys_ioctl+0x18e/0x210 [ 56.909474][ T5905] do_syscall_64+0x10b/0xf80 [ 56.911156][ T5905] ? clear_bhb_loop+0x40/0x90 [ 56.913539][ T5905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.915942][ T5905] RIP: 0033:0x7f2ada59cdd9 [ 56.917794][ T5905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 56.925937][ T5905] RSP: 002b:00007f2adb389028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 56.929305][ T5905] RAX: ffffffffffffffda RBX: 00007f2ada815fa0 RCX: 00007f2ada59cdd9 [ 56.933294][ T5905] RDX: 0000200000000180 RSI: 00000000c01864cd RDI: 0000000000000003 [ 56.936797][ T5905] RBP: 00007f2ada632d69 R08: 0000000000000000 R09: 0000000000000000 [ 56.940005][ T5905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 56.945013][ T5905] R13: 00007f2ada816038 R14: 00007f2ada815fa0 R15: 00007ffc2d458258 [ 56.945042][ T62] Bluetooth: hci3: command tx timeout [ 56.948573][ T5905] [ 56.948583][ T5905] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 56.948593][ T5905] CPU: 0 UID: 0 PID: 5905 Comm: syz.0.9 Not tainted syzkaller #0 PREEMPT(full) [ 56.948609][ T5905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 56.948617][ T5905] Call Trace: [ 56.948621][ T5905] [ 56.948626][ T5905] dump_stack_lvl+0x100/0x190 [ 56.948644][ T5905] vpanic+0x552/0x970 [ 56.948658][ T5905] ? __pfx_vpanic+0x10/0x10 [ 56.948673][ T5905] panic+0xd1/0xe0 [ 56.948686][ T5905] ? __pfx_panic+0x10/0x10 [ 56.948703][ T5905] check_panic_on_warn.cold+0x19/0x34 [ 56.948717][ T5905] ? __alloc_frozen_pages_noprof+0x23da/0x2bc0 [ 56.948735][ T5905] __warn.cold+0x191/0x328 [ 56.948747][ T5905] __report_bug+0x296/0x3d0 [ 56.948759][ T5905] ? __alloc_frozen_pages_noprof+0x23da/0x2bc0 [ 56.948778][ T5905] ? __pfx___report_bug+0x10/0x10 [ 56.948789][ T5905] ? __lock_acquire+0x4a5/0x2630 [ 56.948806][ T5905] ? __lock_acquire+0x4a5/0x2630 [ 56.948821][ T5905] ? __alloc_frozen_pages_noprof+0x23da/0x2bc0 [ 56.948839][ T5905] report_bug+0xb2/0x220 [ 56.948850][ T5905] ? __alloc_frozen_pages_noprof+0x23da/0x2bc0 [ 56.948870][ T5905] handle_bug+0x16a/0x2a0 [ 56.948886][ T5905] exc_invalid_op+0x17/0x50 [ 56.948901][ T5905] asm_exc_invalid_op+0x1a/0x20 [ 56.948912][ T5905] RIP: 0010:__alloc_frozen_pages_noprof+0x23da/0x2bc0 [ 56.948929][ T5905] Code: 00 45 31 c9 49 83 bc 24 78 05 00 00 00 4c 89 4c 24 50 0f 85 64 f8 ff ff c6 44 24 10 00 e9 f2 ea ff ff c6 05 34 4d 57 0e 01 90 <0f> 0b 90 e9 79 df ff ff 83 7c 24 40 03 41 bc 04 00 00 00 7f 06 41 [ 56.948940][ T5905] RSP: 0018:ffffc90005367760 EFLAGS: 00010246 [ 56.948949][ T5905] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 56.948956][ T5905] RDX: 0000000000000000 RSI: 0000000000000016 RDI: 0000000000040cc0 [ 56.948963][ T5905] RBP: 0000000000000016 R08: 0000000000000005 R09: 0000000000000009 [ 56.948969][ T5905] R10: 0000000000000016 R11: 0000000000000000 R12: 0000000000040cc0 [ 56.948976][ T5905] R13: 1ffff92000a6cf3b R14: 0000000000000016 R15: 1ffff92000a6cf05 [ 56.948989][ T5905] ? find_held_lock+0x2b/0x80 [ 56.948999][ T5905] ? is_bpf_text_address+0x8a/0x1a0 [ 56.949014][ T5905] ? is_bpf_text_address+0x8a/0x1a0 [ 56.949028][ T5905] ? bpf_ksym_find+0x128/0x1c0 [ 56.949044][ T5905] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 56.949057][ T5905] ? is_bpf_text_address+0x94/0x1a0 [ 56.949071][ T5905] ? kernel_text_address+0x8d/0x100 [ 56.949086][ T5905] ? __pfx_widen_string+0x10/0x10 [ 56.949102][ T5905] ? __kernel_text_address+0xd/0x30 [ 56.949117][ T5905] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 56.949134][ T5905] ? arch_stack_walk+0xa6/0xf0 [ 56.949154][ T5905] ? stack_trace_save+0x8e/0xc0 [ 56.949166][ T5905] ? __pfx_stack_trace_save+0x10/0x10 [ 56.949177][ T5905] ? stack_depot_save_flags+0x27/0x9d0 [ 56.949197][ T5905] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 56.949210][ T5905] ? policy_nodemask+0xed/0x4f0 [ 56.949223][ T5905] alloc_pages_mpol+0x1fb/0x540 [ 56.949236][ T5905] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 56.949250][ T5905] ? drm_syncobj_array_find+0x34/0x3b0 [ 56.949264][ T5905] ___kmalloc_large_node+0xe5/0x120 [ 56.949278][ T5905] __kmalloc_large_node_noprof+0x1c/0x70 [ 56.949293][ T5905] __kmalloc_noprof+0x5be/0x850 [ 56.949409][ T5905] drm_syncobj_array_find+0x34/0x3b0 [ 56.949444][ T5905] drm_syncobj_timeline_signal_ioctl+0x22a/0x8d0 [ 56.949466][ T5905] ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10 [ 56.949483][ T5905] ? drm_dev_exit+0x41/0x60 [ 56.949498][ T5905] ? drm_dev_exit+0x41/0x60 [ 56.949516][ T5905] drm_ioctl_kernel+0x1f3/0x3e0 [ 56.949531][ T5905] ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10 [ 56.949550][ T5905] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 56.949568][ T5905] drm_ioctl+0x5e6/0xc60 [ 56.949585][ T5905] ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10 [ 56.949605][ T5905] ? __pfx_drm_ioctl+0x10/0x10 [ 56.949629][ T5905] ? selinux_file_ioctl+0x13b/0x290 [ 56.949653][ T5905] ? selinux_file_ioctl+0xb6/0x290 [ 56.949682][ T5905] ? __pfx_drm_ioctl+0x10/0x10 [ 56.949704][ T5905] __x64_sys_ioctl+0x18e/0x210 [ 56.949726][ T5905] do_syscall_64+0x10b/0xf80 [ 56.949748][ T5905] ? clear_bhb_loop+0x40/0x90 [ 56.949771][ T5905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.949793][ T5905] RIP: 0033:0x7f2ada59cdd9 [ 56.949810][ T5905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 56.949826][ T5905] RSP: 002b:00007f2adb389028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 56.949844][ T5905] RAX: ffffffffffffffda RBX: 00007f2ada815fa0 RCX: 00007f2ada59cdd9 [ 56.949857][ T5905] RDX: 0000200000000180 RSI: 00000000c01864cd RDI: 0000000000000003 [ 56.949868][ T5905] RBP: 00007f2ada632d69 R08: 0000000000000000 R09: 0000000000000000 [ 56.949878][ T5905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 56.949888][ T5905] R13: 00007f2ada816038 R14: 00007f2ada815fa0 R15: 00007ffc2d458258 [ 56.949912][ T5905] [ 56.951091][ T5905] Kernel Offset: disabled