last executing test programs: 32.868848574s ago: executing program 1 (id=2191): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r1, 0x8, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x800) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') chmod(&(0x7f0000000040)='.\x00', 0x35e) setuid(0xee01) open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x1) r2 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000000)={0x52, 0x1, 0x2, "f83bebf45608e255d91c5debf11c7fffffffffffffff000400080000e9feff00", 0x31324d59}) 32.78981746s ago: executing program 1 (id=2192): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000017000000540006803c00040067636d286165732900000000000000000000000000000000000000000000000014000000e3de3d7b4cd07ec3ee777de774fc7987cca41989140003"], 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x4008014) (fail_nth: 2) 23.936966949s ago: executing program 1 (id=2193): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e00000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\b\x00'/18, @ANYRES32=0x0, @ANYBLOB='\x00'/23], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, 0x0, &(0x7f00000003c0)=r6}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x16, &(0x7f0000000540)={@local, @empty, @void, {@llc_tr={0x11, {@snap={0x0, 0xaa, '\x00', "bab435", 0x16}}}}}, 0x0) 16.539202923s ago: executing program 1 (id=2193): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e00000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\b\x00'/18, @ANYRES32=0x0, @ANYBLOB='\x00'/23], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, 0x0, &(0x7f00000003c0)=r6}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x16, &(0x7f0000000540)={@local, @empty, @void, {@llc_tr={0x11, {@snap={0x0, 0xaa, '\x00', "bab435", 0x16}}}}}, 0x0) 16.241265236s ago: executing program 0 (id=2383): r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r8 = socket$unix(0x1, 0x2, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x5}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xa, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x80, 0x0, 0x5, 0x1, 0xc}, 0xb, 0xfffffffe, 0x8, 0x5, 0x9, 0x2, 0x9, 0xd, 0x8, 0x1, {0xffff1c72, 0x3, 0x1000, 0x101, 0xfffffffe, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2001c061}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 15.999389303s ago: executing program 0 (id=2385): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='rdma.current\x00', 0x26e1, 0x0) close(r0) socket$alg(0x26, 0x5, 0x0) sendmmsg$alg(r0, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000340)="e8300e444d50a96912ee3881913fed00000000000000e48b6772", 0x1a}], 0x2, 0x0, 0x0, 0x8000}], 0x1, 0x41) ioctl$SIOCSIFHWADDR(r0, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"}) 15.950502567s ago: executing program 0 (id=2386): r0 = socket(0x2, 0x80805, 0x0) recvmsg$can_bcm(r0, &(0x7f0000001440)={0x0, 0x0, 0x0}, 0x2000) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f000009de00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@ipv6_getaddr={0x2c, 0x16, 0x1, 0x70bd2a, 0x0, {}, [@IFA_LOCAL={0x14, 0x2, @local}]}, 0x2c}}, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_recovery\x00', 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000001"], 0x38}}, 0x0) mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x11, r2, 0x100000000) socket(0x2, 0x80805, 0x0) (async) recvmsg$can_bcm(r0, &(0x7f0000001440)={0x0, 0x0, 0x0}, 0x2000) (async) socket$nl_route(0x10, 0x3, 0x0) (async) sendmsg$nl_route(r1, &(0x7f000009de00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@ipv6_getaddr={0x2c, 0x16, 0x1, 0x70bd2a, 0x0, {}, [@IFA_LOCAL={0x14, 0x2, @local}]}, 0x2c}}, 0x0) (async) socket$xdp(0x2c, 0x3, 0x0) (async) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) (async) openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_recovery\x00', 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) (async) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000001"], 0x38}}, 0x0) (async) mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x11, r2, 0x100000000) (async) 15.950288315s ago: executing program 0 (id=2387): bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0xd, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0, 0x0, 0x0, 0x0, 0x4000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @exit, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}, {0x85, 0x0, 0x0, 0xb4}}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000"], 0x7c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x1000000, {0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0x4040}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20040}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xd13a}, @TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={0x0, 0x21c}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002780)=@newqdisc={0x48, 0x14, 0xf0b, 0x4, 0x0, {0x2, 0x0, 0x0, 0x0, {0x4}, {0xb, 0x1}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0xfc, 0x200, 0x80000a, 0x0, 0x1, 0xc0000000}}, {0x4}}]}]}, 0x48}}, 0x0) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 15.849280739s ago: executing program 0 (id=2388): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = open(&(0x7f0000000000)='./file0\x00', 0x80001, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8}) fstat(r2, &(0x7f0000000300)) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000200)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xa, 0xf, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000bf0200000000000085000000cc000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94) 15.849070633s ago: executing program 0 (id=2389): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000000080)) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0x4}, {0xffff, 0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x408dc}, 0x4000080) 10.088028353s ago: executing program 1 (id=2193): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e00000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\b\x00'/18, @ANYRES32=0x0, @ANYBLOB='\x00'/23], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, 0x0, &(0x7f00000003c0)=r6}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x16, &(0x7f0000000540)={@local, @empty, @void, {@llc_tr={0x11, {@snap={0x0, 0xaa, '\x00', "bab435", 0x16}}}}}, 0x0) 7.140667365s ago: executing program 3 (id=2446): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$kcm(r1, 0x0, 0x20040000) sendmsg$inet(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000200)=[{0x0}], 0x1}, 0x20048040) sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc) sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000540)="a8", 0x1}], 0x1}, 0x4008084) r2 = io_uring_setup(0x741, &(0x7f0000000340)={0x0, 0x9d4, 0x1000, 0x3, 0xd6}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x25) r4 = syz_io_uring_setup(0x1594, &(0x7f00000003c0)={0x0, 0xbd49, 0x800, 0x4, 0x361, 0x0, r2}, &(0x7f00000000c0), &(0x7f00000001c0)) io_uring_setup(0x684b, &(0x7f0000000140)={0x0, 0x5bd2, 0x8, 0x1, 0x1b2, 0x0, r4}) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x34000}], 0x1) 7.047851025s ago: executing program 3 (id=2448): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r8 = socket$unix(0x1, 0x2, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x5}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xa, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x80, 0x0, 0x5, 0x1, 0xc}, 0xb, 0xfffffffe, 0x8, 0x5, 0x9, 0x2, 0x9, 0xd, 0x8, 0x1, {0xffff1c72, 0x3, 0x1000, 0x101, 0xfffffffe, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2001c061}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 6.925519638s ago: executing program 3 (id=2449): r0 = syz_usb_connect(0x2, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000544fb2f00090582eb1000000001020009050276"], 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) r1 = syz_init_net_socket$ax25(0x3, 0x5, 0xc5) ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000240)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xee00}) ioctl$SIOCAX25DELUID(r1, 0x89e2, &(0x7f0000000080)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f00000000c0)=ANY=[]) r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f0000000340)=[0x2a, 0x7]) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000440)=@nat={'nat\x00', 0x62, 0x5, 0x3e0, 0x0, 0x178, 0xffffffff, 0x0, 0x2a0, 0x348, 0x348, 0xffffffff, 0x348, 0x348, 0x5, 0x0, {[{{@uncond, 0x0, 0x98, 0xd0, 0x0, {0x22e}, [@common=@unspec=@state={{0x28}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x25, {0x3, @local, @broadcast}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @remote, @empty, @gre_key, @gre_key}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @remote, 0x0, 0x0, 'batadv0\x00', 'bond0\x00'}, 0x0, 0xf0, 0x128, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}, @common=@addrtype={{0x30}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @multicast1, @multicast2, @gre_key, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @local, @broadcast, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x440) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x200000b, 0x10, 0xffffffffffffffff, 0x0) ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f0000000200)=[0xa9c7, 0xff]) 3.851107311s ago: executing program 3 (id=2451): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) chdir(&(0x7f0000000540)='./cgroup\x00') r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0xd6) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$ax25(r2, &(0x7f0000000100)={{0x3, @default, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) kcmp(0x0, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0xffffffffffffffff) fcntl$notify(r1, 0x402, 0x8000003d) r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$chown(0x4, r3, 0xffffffffffffffff, 0xee00) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs2/binder0\x00', 0x800, 0x0) close_range(r1, 0xffffffffffffffff, 0x2) mkdir(&(0x7f0000000080)='./file0\x00', 0xff0c) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150020000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0) 3.844190321s ago: executing program 3 (id=2453): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) r2 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0) landlock_restrict_self(r2, 0x0) fcntl$setlease(r1, 0x400, 0x1) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000040)=0x2) syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x7}, @hci_rp_read_class_of_dev={{0x3}, {0x7, "d679e1"}}}}, 0xa) ioctl$KVM_RUN(r6, 0xae80, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) mlockall(0x7) mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000a80)='./file0\x00', &(0x7f0000000ac0)='xfs\x00', 0xa00000, &(0x7f0000000140)='grpquota') capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000280)={0x0, 0x3}) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x110, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x50, 0xe, {{{}, {}, @broadcast, @device_a, @random="13610680c4c9"}, 0x0, @default, 0x1, @void, @void, @void, @void, @val={0x6, 0x2, 0xce00}, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x800, 0x2, 0x3, 0x0, {0xe, 0x6, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2}, 0x1, 0xc9b9, 0xb}}, @void, @void, @val={0x76, 0x6, {0x0, 0x1, 0x2b, 0x4}}}}, @NL80211_ATTR_IE={0x94, 0x2a, [@preq={0x82, 0x8e, {{0x0, 0x1, 0x1, 0x0, 0x1}, 0x1, 0xfb, 0x6, @broadcast, 0x8, @value, 0x6, 0xdf90, 0xa, [{{0x1, 0x0, 0x1}, @broadcast, 0x6a}, {{0x1, 0x0, 0x1}, @broadcast, 0x9}, {{0x0, 0x0, 0x1}}, {{0x1, 0x0, 0x1}, @device_a, 0x8}, {{0x1}, @device_b, 0xffffffff}, {{0x1, 0x0, 0x1}, @device_b, 0x79}, {{0x0, 0x0, 0x1}, @device_b, 0xfffffff8}, {{}, @broadcast}, {{0x1, 0x0, 0x1}, @device_b, 0x9}, {{0x0, 0x0, 0x1}, @device_b, 0x35}]}}]}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x110}}, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000000)={'rose0\x00', {0x2, 0x0, @broadcast}}) dup(r1) 3.380707149s ago: executing program 1 (id=2193): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e00000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\b\x00'/18, @ANYRES32=0x0, @ANYBLOB='\x00'/23], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, 0x0, &(0x7f00000003c0)=r6}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x16, &(0x7f0000000540)={@local, @empty, @void, {@llc_tr={0x11, {@snap={0x0, 0xaa, '\x00', "bab435", 0x16}}}}}, 0x0) 2.849903529s ago: executing program 3 (id=2459): memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\x01\x04\x00\x00\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n [ 188.198182][T11832] dump_stack_lvl+0x16c/0x1f0 [ 188.198205][T11832] should_fail_ex+0x512/0x640 [ 188.198224][T11832] should_failslab+0xc2/0x120 [ 188.198235][T11832] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 188.198252][T11832] ? __alloc_skb+0x2b2/0x380 [ 188.198270][T11832] __alloc_skb+0x2b2/0x380 [ 188.198285][T11832] ? __pfx___alloc_skb+0x10/0x10 [ 188.198305][T11832] rose_write_internal+0xd1/0x1850 [ 188.198325][T11832] ? __local_bh_enable_ip+0xa4/0x120 [ 188.198338][T11832] ? __pfx_rose_write_internal+0x10/0x10 [ 188.198353][T11832] ? rose_find_socket+0xf4/0x130 [ 188.198364][T11832] ? __local_bh_enable_ip+0xa4/0x120 [ 188.198377][T11832] ? rose_route_free_lci+0xd6/0x160 [ 188.198394][T11832] rose_connect+0x8fe/0x1540 [ 188.198408][T11832] ? __pfx_rose_connect+0x10/0x10 [ 188.198424][T11832] ? selinux_netlbl_socket_connect+0x30/0x40 [ 188.198441][T11832] ? rcu_is_watching+0x12/0xc0 [ 188.198454][T11832] ? __local_bh_enable_ip+0xa4/0x120 [ 188.198466][T11832] ? lockdep_hardirqs_on+0x7c/0x110 [ 188.198482][T11832] ? selinux_netlbl_socket_connect+0x30/0x40 [ 188.198497][T11832] ? __local_bh_enable_ip+0xa4/0x120 [ 188.198510][T11832] ? selinux_netlbl_socket_connect+0x30/0x40 [ 188.198526][T11832] ? selinux_socket_connect+0x6b/0x80 [ 188.198543][T11832] ? __pfx_rose_connect+0x10/0x10 [ 188.198553][T11832] __sys_connect_file+0x13e/0x1a0 [ 188.198570][T11832] __sys_connect+0x13b/0x160 [ 188.198584][T11832] ? __pfx___sys_connect+0x10/0x10 [ 188.198603][T11832] ? __pfx_ksys_write+0x10/0x10 [ 188.198621][T11832] __x64_sys_connect+0x72/0xb0 [ 188.198635][T11832] ? lockdep_hardirqs_on+0x7c/0x110 [ 188.198650][T11832] do_syscall_64+0xcd/0x4c0 [ 188.198662][T11832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.198672][T11832] RIP: 0033:0x7fdf0f58e9a9 [ 188.198681][T11832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.198691][T11832] RSP: 002b:00007fdf10389038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 188.198702][T11832] RAX: ffffffffffffffda RBX: 00007fdf0f7b6080 RCX: 00007fdf0f58e9a9 [ 188.198709][T11832] RDX: 0000000000000040 RSI: 0000200000000100 RDI: 000000000000000d [ 188.198715][T11832] RBP: 00007fdf10389090 R08: 0000000000000000 R09: 0000000000000000 [ 188.198721][T11832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 188.198727][T11832] R13: 0000000000000000 R14: 00007fdf0f7b6080 R15: 00007ffeb3624778 [ 188.198740][T11832] [ 188.689612][ T60] team0 (unregistering): Port device team_slave_1 removed [ 188.760612][ T60] team0 (unregistering): Port device team_slave_0 removed [ 189.308013][T11836] FAULT_INJECTION: forcing a failure. [ 189.308013][T11836] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 189.312004][T11836] CPU: 3 UID: 0 PID: 11836 Comm: syz.2.2237 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 189.312018][T11836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 189.312025][T11836] Call Trace: [ 189.312029][T11836] [ 189.312033][T11836] dump_stack_lvl+0x16c/0x1f0 [ 189.312053][T11836] should_fail_ex+0x512/0x640 [ 189.312072][T11836] _copy_from_user+0x2e/0xd0 [ 189.312083][T11836] kstrtouint_from_user+0xd6/0x1d0 [ 189.312098][T11836] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 189.312111][T11836] ? __lock_acquire+0xb8a/0x1c90 [ 189.312127][T11836] proc_fail_nth_write+0x83/0x250 [ 189.312144][T11836] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 189.312162][T11836] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 189.312176][T11836] vfs_write+0x2a0/0x1150 [ 189.312194][T11836] ? __pfx___mutex_lock+0x10/0x10 [ 189.312205][T11836] ? __pfx_vfs_write+0x10/0x10 [ 189.312223][T11836] ? __fget_files+0x20e/0x3c0 [ 189.312236][T11836] ksys_write+0x12a/0x250 [ 189.312251][T11836] ? __pfx_ksys_write+0x10/0x10 [ 189.312270][T11836] do_syscall_64+0xcd/0x4c0 [ 189.312281][T11836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.312292][T11836] RIP: 0033:0x7fdf0f58d45f [ 189.312301][T11836] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 189.312311][T11836] RSP: 002b:00007fdf103aa030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 189.312321][T11836] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdf0f58d45f [ 189.312328][T11836] RDX: 0000000000000001 RSI: 00007fdf103aa0a0 RDI: 0000000000000003 [ 189.312334][T11836] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 189.312340][T11836] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 189.312346][T11836] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 189.312359][T11836] [ 189.456870][T11848] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2242'. [ 189.479446][T11848] netlink: 'syz.0.2242': attribute type 4 has an invalid length. [ 189.482609][T11848] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2242'. [ 189.500633][T11848] : renamed from bond0 (while UP) [ 189.511210][T11852] tipc: Enabled bearer , priority 0 [ 189.532898][T11852] tipc: Resetting bearer [ 189.551043][T11854] FAULT_INJECTION: forcing a failure. [ 189.551043][T11854] name failslab, interval 1, probability 0, space 0, times 0 [ 189.557067][T11854] CPU: 0 UID: 0 PID: 11854 Comm: syz.2.2244 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 189.557090][T11854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 189.557101][T11854] Call Trace: [ 189.557107][T11854] [ 189.557113][T11854] dump_stack_lvl+0x16c/0x1f0 [ 189.557147][T11854] should_fail_ex+0x512/0x640 [ 189.557173][T11854] ? fs_reclaim_acquire+0xae/0x150 [ 189.557196][T11854] ? tomoyo_encode2+0x100/0x3e0 [ 189.557215][T11854] should_failslab+0xc2/0x120 [ 189.557233][T11854] __kmalloc_noprof+0xd2/0x510 [ 189.557265][T11854] tomoyo_encode2+0x100/0x3e0 [ 189.557285][T11854] tomoyo_encode+0x29/0x50 [ 189.557301][T11854] tomoyo_realpath_from_path+0x18f/0x6e0 [ 189.557321][T11854] ? tomoyo_profile+0x47/0x60 [ 189.557343][T11854] tomoyo_path_number_perm+0x245/0x580 [ 189.557367][T11854] ? tomoyo_path_number_perm+0x237/0x580 [ 189.557394][T11854] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 189.557419][T11854] ? find_held_lock+0x2b/0x80 [ 189.557463][T11854] ? find_held_lock+0x2b/0x80 [ 189.557483][T11854] ? hook_file_ioctl_common+0x145/0x410 [ 189.557508][T11854] ? __fget_files+0x20e/0x3c0 [ 189.557528][T11854] security_file_ioctl+0x9b/0x240 [ 189.557547][T11854] __x64_sys_ioctl+0xb7/0x210 [ 189.557571][T11854] do_syscall_64+0xcd/0x4c0 [ 189.557590][T11854] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.557608][T11854] RIP: 0033:0x7fdf0f58e9a9 [ 189.557621][T11854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.557638][T11854] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 189.557663][T11854] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 189.557675][T11854] RDX: 00002000000000c0 RSI: 000000000000890b RDI: 0000000000000004 [ 189.557685][T11854] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 189.557696][T11854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 189.557706][T11854] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 189.557733][T11854] [ 189.557750][T11854] ERROR: Out of memory at tomoyo_realpath_from_path. [ 189.566490][T11851] tipc: Disabling bearer [ 189.570798][ T40] audit: type=1400 audit(7014645794.234:701): avc: denied { ioctl } for pid=11853 comm="syz.2.2244" path="socket:[42459]" dev="sockfs" ino=42459 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 189.686088][ T5960] Bluetooth: hci4: command tx timeout [ 189.832644][T11875] tipc: Enabled bearer , priority 0 [ 189.865490][T11875] tipc: Resetting bearer [ 189.880071][T11874] tipc: Disabling bearer [ 189.887072][T11881] FAULT_INJECTION: forcing a failure. [ 189.887072][T11881] name failslab, interval 1, probability 0, space 0, times 0 [ 189.887098][T11881] CPU: 2 UID: 0 PID: 11881 Comm: syz.3.2255 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 189.887116][T11881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 189.887126][T11881] Call Trace: [ 189.887131][T11881] [ 189.887137][T11881] dump_stack_lvl+0x16c/0x1f0 [ 189.887165][T11881] should_fail_ex+0x512/0x640 [ 189.887237][T11881] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 189.887263][T11881] should_failslab+0xc2/0x120 [ 189.887277][T11881] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 189.887298][T11881] ? __alloc_skb+0x2b2/0x380 [ 189.887324][T11881] __alloc_skb+0x2b2/0x380 [ 189.887345][T11881] ? __pfx___alloc_skb+0x10/0x10 [ 189.887364][T11881] ? selinux_socket_getpeersec_dgram+0x1a4/0x370 [ 189.887399][T11881] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 189.887425][T11881] netlink_alloc_large_skb+0x69/0x130 [ 189.887444][T11881] netlink_sendmsg+0x6a1/0xdd0 [ 189.887464][T11881] ? __pfx_netlink_sendmsg+0x10/0x10 [ 189.887487][T11881] ____sys_sendmsg+0xa98/0xc70 [ 189.887507][T11881] ? copy_msghdr_from_user+0x10a/0x160 [ 189.887522][T11881] ? __pfx_____sys_sendmsg+0x10/0x10 [ 189.887545][T11881] ___sys_sendmsg+0x134/0x1d0 [ 189.887556][T11881] ? __pfx____sys_sendmsg+0x10/0x10 [ 189.887565][T11881] ? __lock_acquire+0x622/0x1c90 [ 189.887590][T11881] __sys_sendmsg+0x16d/0x220 [ 189.887600][T11881] ? __pfx___sys_sendmsg+0x10/0x10 [ 189.887619][T11881] do_syscall_64+0xcd/0x4c0 [ 189.887631][T11881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.887642][T11881] RIP: 0033:0x7f52ab98e9a9 [ 189.887652][T11881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.887663][T11881] RSP: 002b:00007f52ac7ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 189.887673][T11881] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98e9a9 [ 189.887680][T11881] RDX: 0000000000040000 RSI: 0000200000002580 RDI: 0000000000000004 [ 189.887686][T11881] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 189.887693][T11881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 189.887699][T11881] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 189.887712][T11881] [ 189.931790][T11691] netdevsim netdevsim1 netdevsim0: renamed from eth2 [ 189.993536][T11691] netdevsim netdevsim1 netdevsim1: renamed from eth3 [ 190.008513][T11691] netdevsim netdevsim1 netdevsim2: renamed from eth4 [ 190.029990][T11691] netdevsim netdevsim1 netdevsim3: renamed from eth5 [ 190.168927][ T6014] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 190.183757][T11691] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.206209][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.208587][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.224980][T11905] FAULT_INJECTION: forcing a failure. [ 190.224980][T11905] name failslab, interval 1, probability 0, space 0, times 0 [ 190.229502][T11905] CPU: 3 UID: 0 PID: 11905 Comm: syz.2.2263 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 190.229517][T11905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 190.229524][T11905] Call Trace: [ 190.229527][T11905] [ 190.229531][T11905] dump_stack_lvl+0x16c/0x1f0 [ 190.229552][T11905] should_fail_ex+0x512/0x640 [ 190.229568][T11905] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 190.229586][T11905] should_failslab+0xc2/0x120 [ 190.229597][T11905] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 190.229613][T11905] ? __alloc_skb+0x2b2/0x380 [ 190.229635][T11905] __alloc_skb+0x2b2/0x380 [ 190.229651][T11905] ? __pfx___alloc_skb+0x10/0x10 [ 190.229667][T11905] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 190.229682][T11905] netlink_alloc_large_skb+0x69/0x130 [ 190.229695][T11905] netlink_sendmsg+0x6a1/0xdd0 [ 190.229709][T11905] ? __pfx_netlink_sendmsg+0x10/0x10 [ 190.229726][T11905] ____sys_sendmsg+0xa98/0xc70 [ 190.229739][T11905] ? copy_msghdr_from_user+0x10a/0x160 [ 190.229749][T11905] ? __pfx_____sys_sendmsg+0x10/0x10 [ 190.229768][T11905] ___sys_sendmsg+0x134/0x1d0 [ 190.229778][T11905] ? __pfx____sys_sendmsg+0x10/0x10 [ 190.229787][T11905] ? __lock_acquire+0x622/0x1c90 [ 190.229812][T11905] __sys_sendmsg+0x16d/0x220 [ 190.229822][T11905] ? __pfx___sys_sendmsg+0x10/0x10 [ 190.229840][T11905] do_syscall_64+0xcd/0x4c0 [ 190.229851][T11905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.229862][T11905] RIP: 0033:0x7fdf0f58e9a9 [ 190.229871][T11905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.229881][T11905] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 190.229891][T11905] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 190.229897][T11905] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004 [ 190.229904][T11905] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 190.229910][T11905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.229916][T11905] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 190.229929][T11905] [ 190.236419][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.326405][ T6014] usb 5-1: Using ep0 maxpacket: 8 [ 190.328487][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.331182][ T6014] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 190.338080][ T6014] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 190.341159][ T6014] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 10784, setting to 1024 [ 190.344596][ T6014] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 190.351363][ T6014] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 190.355433][ T6014] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 190.359615][ T6014] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.404697][T11910] tipc: Enabled bearer , priority 0 [ 190.435605][T11910] tipc: Resetting bearer [ 190.447002][T11909] tipc: Disabling bearer [ 190.559812][ T40] audit: type=1400 audit(7014645795.224:702): avc: denied { write } for pid=11917 comm="syz.2.2267" name="fb1" dev="devtmpfs" ino=640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 190.592884][T11691] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 190.596389][ T6014] usb 5-1: GET_CAPABILITIES returned 0 [ 190.598120][ T6014] usbtmc 5-1:16.0: can't read capabilities [ 190.688670][T11691] veth0_vlan: entered promiscuous mode [ 190.693218][T11691] veth1_vlan: entered promiscuous mode [ 190.739270][T11691] veth0_macvtap: entered promiscuous mode [ 190.757226][T11691] veth1_macvtap: entered promiscuous mode [ 190.774625][T11929] FAULT_INJECTION: forcing a failure. [ 190.774625][T11929] name failslab, interval 1, probability 0, space 0, times 0 [ 190.782684][T11929] CPU: 2 UID: 0 PID: 11929 Comm: syz.2.2271 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 190.782701][T11929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 190.782708][T11929] Call Trace: [ 190.782711][T11929] [ 190.782716][T11929] dump_stack_lvl+0x16c/0x1f0 [ 190.782738][T11929] should_fail_ex+0x512/0x640 [ 190.782754][T11929] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 190.782773][T11929] should_failslab+0xc2/0x120 [ 190.782783][T11929] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 190.782801][T11929] ? llcp_sock_bind+0x35d/0x6e0 [ 190.782814][T11929] kmemdup_noprof+0x29/0x60 [ 190.782830][T11929] llcp_sock_bind+0x35d/0x6e0 [ 190.782841][T11929] ? tomoyo_socket_bind_permission+0x14f/0x350 [ 190.782853][T11929] ? __pfx_llcp_sock_bind+0x10/0x10 [ 190.782872][T11929] __sys_bind+0x1a4/0x260 [ 190.782887][T11929] ? __pfx___sys_bind+0x10/0x10 [ 190.782900][T11929] ? __fget_files+0x20e/0x3c0 [ 190.782914][T11929] ? __pfx_ksys_write+0x10/0x10 [ 190.782932][T11929] __x64_sys_bind+0x72/0xb0 [ 190.782945][T11929] ? lockdep_hardirqs_on+0x7c/0x110 [ 190.782961][T11929] do_syscall_64+0xcd/0x4c0 [ 190.782972][T11929] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.782982][T11929] RIP: 0033:0x7fdf0f58e9a9 [ 190.782991][T11929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.783025][T11929] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 190.783035][T11929] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 190.783042][T11929] RDX: 0000000000000062 RSI: 0000200000000000 RDI: 0000000000000006 [ 190.783048][T11929] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 190.783054][T11929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.783060][T11929] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 190.783075][T11929] [ 190.799567][T11877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 190.803087][T11691] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 190.803536][T11877] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 190.853249][T11691] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 190.862187][T11691] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 190.862276][T11877] usbtmc 5-1:16.0: usbtmc488_ioctl_trigger returned -90 [ 190.874918][T11691] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 190.882528][T11691] wireguard: wg0: Could not create IPv4 socket [ 190.887639][T11691] wireguard: wg1: Could not create IPv4 socket [ 190.891606][T11691] wireguard: wg2: Could not create IPv4 socket [ 190.902013][T11935] FAULT_INJECTION: forcing a failure. [ 190.902013][T11935] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 190.909419][T11935] CPU: 1 UID: 0 PID: 11935 Comm: syz.2.2274 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 190.909444][T11935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 190.909455][T11935] Call Trace: [ 190.909461][T11935] [ 190.909468][T11935] dump_stack_lvl+0x16c/0x1f0 [ 190.909501][T11935] should_fail_ex+0x512/0x640 [ 190.909532][T11935] _copy_from_iter+0x29f/0x16f0 [ 190.909556][T11935] ? __pfx__copy_from_iter+0x10/0x10 [ 190.909572][T11935] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 190.909599][T11935] copy_page_from_iter+0xde/0x180 [ 190.909621][T11935] tun_build_skb.constprop.0+0x2e8/0x14f0 [ 190.909650][T11935] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 190.909683][T11935] ? __pfx__kstrtoull+0x10/0x10 [ 190.909709][T11935] tun_get_user+0x165f/0x3b80 [ 190.909734][T11935] ? __pfx_tun_get_user+0x10/0x10 [ 190.909750][T11935] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 190.909774][T11935] ? find_held_lock+0x2b/0x80 [ 190.909796][T11935] ? tun_get+0x191/0x370 [ 190.909818][T11935] tun_chr_write_iter+0xdc/0x210 [ 190.909838][T11935] vfs_write+0x6c4/0x1150 [ 190.909861][T11935] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 190.909877][T11935] ? __pfx_vfs_write+0x10/0x10 [ 190.909890][T11935] ? find_held_lock+0x2b/0x80 [ 190.909917][T11935] ksys_write+0x12a/0x250 [ 190.909939][T11935] ? __pfx_ksys_write+0x10/0x10 [ 190.909969][T11935] do_syscall_64+0xcd/0x4c0 [ 190.909987][T11935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.910006][T11935] RIP: 0033:0x7fdf0f58d45f [ 190.910021][T11935] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 190.910036][T11935] RSP: 002b:00007fdf103aa000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 190.910051][T11935] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58d45f [ 190.910062][T11935] RDX: 000000000000003a RSI: 0000200000001c00 RDI: 00000000000000c8 [ 190.910071][T11935] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 190.910081][T11935] R10: 000000000000003a R11: 0000000000000293 R12: 0000000000000001 [ 190.910090][T11935] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 190.910110][T11935] [ 191.099994][T11941] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 191.217716][T11951] team0: Port device vlan0 added [ 191.260442][T11955] tipc: Enabled bearer , priority 0 [ 191.263652][T11955] syzkaller0: entered promiscuous mode [ 191.265642][T11955] syzkaller0: entered allmulticast mode [ 191.277778][T11955] tipc: Resetting bearer [ 191.281218][T11953] tipc: Resetting bearer [ 191.290576][T11953] tipc: Disabling bearer [ 191.557771][T11973] FAULT_INJECTION: forcing a failure. [ 191.557771][T11973] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 191.561982][T11973] CPU: 2 UID: 0 PID: 11973 Comm: syz.2.2286 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 191.561997][T11973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 191.562004][T11973] Call Trace: [ 191.562008][T11973] [ 191.562013][T11973] dump_stack_lvl+0x16c/0x1f0 [ 191.562034][T11973] should_fail_ex+0x512/0x640 [ 191.562053][T11973] _copy_from_user+0x2e/0xd0 [ 191.562064][T11973] kstrtouint_from_user+0xd6/0x1d0 [ 191.562078][T11973] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 191.562097][T11973] ? __lock_acquire+0xb8a/0x1c90 [ 191.562123][T11973] proc_fail_nth_write+0x83/0x250 [ 191.562147][T11973] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 191.562167][T11973] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 191.562187][T11973] vfs_write+0x2a0/0x1150 [ 191.562213][T11973] ? __pfx___mutex_lock+0x10/0x10 [ 191.562229][T11973] ? __pfx_vfs_write+0x10/0x10 [ 191.562254][T11973] ? __fget_files+0x20e/0x3c0 [ 191.562267][T11973] ksys_write+0x12a/0x250 [ 191.562282][T11973] ? __pfx_ksys_write+0x10/0x10 [ 191.562301][T11973] do_syscall_64+0xcd/0x4c0 [ 191.562313][T11973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.562323][T11973] RIP: 0033:0x7fdf0f58d45f [ 191.562332][T11973] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 191.562343][T11973] RSP: 002b:00007fdf103aa030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 191.562353][T11973] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdf0f58d45f [ 191.562360][T11973] RDX: 0000000000000001 RSI: 00007fdf103aa0a0 RDI: 0000000000000003 [ 191.562366][T11973] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: fffffffffffffdfd [ 191.562373][T11973] R10: 0000000000003b00 R11: 0000000000000293 R12: 0000000000000001 [ 191.562379][T11973] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 191.562392][T11973] [ 191.640966][T11979] FAULT_INJECTION: forcing a failure. [ 191.640966][T11979] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 191.644880][T11979] CPU: 0 UID: 0 PID: 11979 Comm: syz.2.2287 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 191.644895][T11979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 191.644902][T11979] Call Trace: [ 191.644906][T11979] [ 191.644910][T11979] dump_stack_lvl+0x16c/0x1f0 [ 191.644931][T11979] should_fail_ex+0x512/0x640 [ 191.644949][T11979] _copy_from_iter+0x29f/0x16f0 [ 191.644964][T11979] ? __pfx__copy_from_iter+0x10/0x10 [ 191.644974][T11979] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 191.644990][T11979] copy_page_from_iter+0xde/0x180 [ 191.645003][T11979] tun_build_skb.constprop.0+0x2e8/0x14f0 [ 191.645020][T11979] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 191.645040][T11979] ? __pfx__kstrtoull+0x10/0x10 [ 191.645055][T11979] tun_get_user+0x165f/0x3b80 [ 191.645072][T11979] ? __pfx_tun_get_user+0x10/0x10 [ 191.645082][T11979] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 191.645096][T11979] ? find_held_lock+0x2b/0x80 [ 191.645110][T11979] ? tun_get+0x191/0x370 [ 191.645123][T11979] tun_chr_write_iter+0xdc/0x210 [ 191.645135][T11979] vfs_write+0x6c4/0x1150 [ 191.645151][T11979] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 191.645163][T11979] ? __pfx_vfs_write+0x10/0x10 [ 191.645177][T11979] ? find_held_lock+0x2b/0x80 [ 191.645198][T11979] ksys_write+0x12a/0x250 [ 191.645212][T11979] ? __pfx_ksys_write+0x10/0x10 [ 191.645230][T11979] do_syscall_64+0xcd/0x4c0 [ 191.645242][T11979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.645252][T11979] RIP: 0033:0x7fdf0f58d45f [ 191.645261][T11979] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 191.645271][T11979] RSP: 002b:00007fdf103aa000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 191.645281][T11979] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58d45f [ 191.645288][T11979] RDX: 0000000000000042 RSI: 00002000000002c0 RDI: 00000000000000c8 [ 191.645294][T11979] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 191.645300][T11979] R10: 0000000000000042 R11: 0000000000000293 R12: 0000000000000001 [ 191.645306][T11979] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 191.645319][T11979] [ 191.802330][T11990] 8021q: adding VLAN 0 to HW filter on device bond5 [ 192.802282][T12039] FAULT_INJECTION: forcing a failure. [ 192.802282][T12039] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 192.808355][T12039] CPU: 0 UID: 0 PID: 12039 Comm: syz.2.2292 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 192.808371][T12039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 192.808379][T12039] Call Trace: [ 192.808382][T12039] [ 192.808387][T12039] dump_stack_lvl+0x16c/0x1f0 [ 192.808409][T12039] should_fail_ex+0x512/0x640 [ 192.808427][T12039] _copy_to_user+0x32/0xd0 [ 192.808439][T12039] simple_read_from_buffer+0xcb/0x170 [ 192.808456][T12039] proc_fail_nth_read+0x197/0x270 [ 192.808473][T12039] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 192.808489][T12039] ? rw_verify_area+0xcf/0x680 [ 192.808502][T12039] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 192.808517][T12039] vfs_read+0x1e1/0xc60 [ 192.808534][T12039] ? __pfx___mutex_lock+0x10/0x10 [ 192.808545][T12039] ? __pfx_vfs_read+0x10/0x10 [ 192.808563][T12039] ? __fget_files+0x20e/0x3c0 [ 192.808576][T12039] ksys_read+0x12a/0x250 [ 192.808591][T12039] ? __pfx_ksys_read+0x10/0x10 [ 192.808609][T12039] do_syscall_64+0xcd/0x4c0 [ 192.808626][T12039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.808637][T12039] RIP: 0033:0x7fdf0f58d3bc [ 192.808647][T12039] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 192.808657][T12039] RSP: 002b:00007fdf103aa030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 192.808667][T12039] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58d3bc [ 192.808674][T12039] RDX: 000000000000000f RSI: 00007fdf103aa0a0 RDI: 0000000000000003 [ 192.808680][T12039] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 192.808686][T12039] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 192.808692][T12039] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 192.808706][T12039] [ 192.847214][ T5829] usb 5-1: USB disconnect, device number 32 [ 192.903535][T12049] FAULT_INJECTION: forcing a failure. [ 192.903535][T12049] name failslab, interval 1, probability 0, space 0, times 0 [ 192.910946][T12049] CPU: 0 UID: 0 PID: 12049 Comm: syz.2.2295 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 192.910962][T12049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 192.910968][T12049] Call Trace: [ 192.910972][T12049] [ 192.910976][T12049] dump_stack_lvl+0x16c/0x1f0 [ 192.910997][T12049] should_fail_ex+0x512/0x640 [ 192.911013][T12049] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 192.911031][T12049] should_failslab+0xc2/0x120 [ 192.911041][T12049] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 192.911057][T12049] ? __alloc_skb+0x2b2/0x380 [ 192.911076][T12049] __alloc_skb+0x2b2/0x380 [ 192.911091][T12049] ? __pfx___alloc_skb+0x10/0x10 [ 192.911106][T12049] ? selinux_socket_getpeersec_dgram+0x1a4/0x370 [ 192.911122][T12049] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 192.911164][T12049] netlink_alloc_large_skb+0x69/0x130 [ 192.911182][T12049] netlink_sendmsg+0x6a1/0xdd0 [ 192.911196][T12049] ? __pfx_netlink_sendmsg+0x10/0x10 [ 192.911213][T12049] ____sys_sendmsg+0xa98/0xc70 [ 192.911226][T12049] ? copy_msghdr_from_user+0x10a/0x160 [ 192.911236][T12049] ? __pfx_____sys_sendmsg+0x10/0x10 [ 192.911255][T12049] ___sys_sendmsg+0x134/0x1d0 [ 192.911266][T12049] ? __pfx____sys_sendmsg+0x10/0x10 [ 192.911275][T12049] ? __lock_acquire+0x622/0x1c90 [ 192.911300][T12049] __sys_sendmsg+0x16d/0x220 [ 192.911310][T12049] ? __pfx___sys_sendmsg+0x10/0x10 [ 192.911328][T12049] do_syscall_64+0xcd/0x4c0 [ 192.911339][T12049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.911351][T12049] RIP: 0033:0x7fdf0f58e9a9 [ 192.911359][T12049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.911370][T12049] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 192.911380][T12049] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 192.911387][T12049] RDX: 0000000000040010 RSI: 0000200000000980 RDI: 0000000000000004 [ 192.911393][T12049] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 192.911399][T12049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 192.911406][T12049] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 192.911418][T12049] [ 193.043050][T12059] netlink: 168592 bytes leftover after parsing attributes in process `syz.0.2298'. [ 193.062671][ T40] audit: type=1400 audit(7014645797.724:703): avc: denied { append } for pid=12064 comm="syz.2.2300" name="hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 193.077880][ T40] audit: type=1400 audit(7014645797.724:704): avc: denied { ioctl } for pid=12064 comm="syz.2.2300" path="/dev/uhid" dev="devtmpfs" ino=1296 ioctlcmd=0x9423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 193.170311][ T40] audit: type=1326 audit(7014645797.834:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12067 comm="syz.0.2301" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a92d8e9a9 code=0xffff0000 [ 193.386036][ T6209] usb 7-1: new high-speed USB device number 34 using dummy_hcd [ 193.546161][ T6209] usb 7-1: Using ep0 maxpacket: 8 [ 193.550669][ T6209] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 193.553650][ T6209] usb 7-1: config 179 has no interface number 0 [ 193.556326][ T6209] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 193.560205][ T6209] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 193.563679][ T6209] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 193.569021][ T6209] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 193.572540][ T6209] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 193.577104][ T6209] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 193.579821][ T6209] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.583872][T12078] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 193.966114][T12121] FAULT_INJECTION: forcing a failure. [ 193.966114][T12121] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 193.970897][T12121] CPU: 2 UID: 0 PID: 12121 Comm: syz.3.2307 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 193.970911][T12121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 193.970918][T12121] Call Trace: [ 193.970922][T12121] [ 193.970927][T12121] dump_stack_lvl+0x16c/0x1f0 [ 193.970949][T12121] should_fail_ex+0x512/0x640 [ 193.970967][T12121] _copy_from_user+0x2e/0xd0 [ 193.970978][T12121] copy_msghdr_from_user+0x98/0x160 [ 193.970990][T12121] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 193.971019][T12121] ___sys_sendmsg+0xfe/0x1d0 [ 193.971030][T12121] ? __pfx____sys_sendmsg+0x10/0x10 [ 193.971039][T12121] ? __lock_acquire+0x622/0x1c90 [ 193.971065][T12121] __sys_sendmsg+0x16d/0x220 [ 193.971075][T12121] ? __pfx___sys_sendmsg+0x10/0x10 [ 193.971093][T12121] do_syscall_64+0xcd/0x4c0 [ 193.971105][T12121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.971116][T12121] RIP: 0033:0x7f52ab98e9a9 [ 193.971124][T12121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 193.971154][T12121] RSP: 002b:00007f52ac7ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 193.971167][T12121] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98e9a9 [ 193.971173][T12121] RDX: 0000000002000000 RSI: 0000200000000400 RDI: 0000000000000006 [ 193.971179][T12121] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 193.971186][T12121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 193.971192][T12121] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 193.971206][T12121] [ 194.006854][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.015198][ T6209] usb 7-1: USB disconnect, device number 34 [ 194.017161][ C2] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 194.017182][ C2] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 194.017813][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.246608][ T40] audit: type=1400 audit(7014645798.904:706): avc: denied { create } for pid=12151 comm="syz.3.2315" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=blk_file permissive=1 [ 194.304422][ T5949] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 194.315476][ T5949] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 194.319329][ T5949] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 194.322164][ T5949] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 194.324659][ T5949] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 194.345454][T12170] openvswitch: netlink: IPv6 tunnel dst address is zero [ 194.357033][T12162] Failed to initialize the IGMP autojoin socket (err -2) [ 194.420263][T12177] FAULT_INJECTION: forcing a failure. [ 194.420263][T12177] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 194.424222][T12177] CPU: 0 UID: 0 PID: 12177 Comm: syz.3.2321 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 194.424237][T12177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 194.424244][T12177] Call Trace: [ 194.424248][T12177] [ 194.424252][T12177] dump_stack_lvl+0x16c/0x1f0 [ 194.424273][T12177] should_fail_ex+0x512/0x640 [ 194.424291][T12177] _copy_to_user+0x32/0xd0 [ 194.424303][T12177] simple_read_from_buffer+0xcb/0x170 [ 194.424320][T12177] proc_fail_nth_read+0x197/0x270 [ 194.424336][T12177] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 194.424351][T12177] ? rw_verify_area+0xcf/0x680 [ 194.424365][T12177] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 194.424380][T12177] vfs_read+0x1e1/0xc60 [ 194.424397][T12177] ? __pfx___mutex_lock+0x10/0x10 [ 194.424412][T12177] ? __pfx_vfs_read+0x10/0x10 [ 194.424430][T12177] ? __fget_files+0x20e/0x3c0 [ 194.424444][T12177] ksys_read+0x12a/0x250 [ 194.424459][T12177] ? __pfx_ksys_read+0x10/0x10 [ 194.424477][T12177] do_syscall_64+0xcd/0x4c0 [ 194.424489][T12177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.424500][T12177] RIP: 0033:0x7f52ab98d3bc [ 194.424509][T12177] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 194.424519][T12177] RSP: 002b:00007f52ac7ec030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 194.424530][T12177] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98d3bc [ 194.424537][T12177] RDX: 000000000000000f RSI: 00007f52ac7ec0a0 RDI: 0000000000000003 [ 194.424543][T12177] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 194.424549][T12177] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001 [ 194.424555][T12177] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 194.424569][T12177] [ 194.650440][T12201] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2328'. [ 194.655479][T12204] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=16400 sclass=netlink_route_socket pid=12204 comm=syz.3.2329 [ 194.713034][T12214] tipc: Enabled bearer , priority 0 [ 194.715824][T12214] syzkaller0: entered promiscuous mode [ 194.718381][T12214] syzkaller0: entered allmulticast mode [ 194.746261][T12214] tipc: Resetting bearer [ 194.752332][T12213] tipc: Resetting bearer [ 194.755863][ T40] audit: type=1400 audit(7014645799.414:707): avc: denied { mount } for pid=12198 comm="syz.0.2327" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 194.764093][T12213] tipc: Disabling bearer [ 194.765177][ T40] audit: type=1400 audit(7014645799.424:708): avc: denied { unmount } for pid=12198 comm="syz.0.2327" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 194.924498][T12229] netlink: 37 bytes leftover after parsing attributes in process `syz.0.2341'. [ 195.853719][T12162] netdevsim netdevsim1 netdevsim0: renamed from eth2 [ 195.873100][T12162] netdevsim netdevsim1 netdevsim1: renamed from eth3 [ 195.885177][T12162] netdevsim netdevsim1 netdevsim2: renamed from eth4 [ 195.900220][T12162] netdevsim netdevsim1 netdevsim3: renamed from eth5 [ 196.097675][T12162] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 196.104393][T12162] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 196.112140][T12162] wireguard: wg0: Could not create IPv4 socket [ 196.119390][T12162] wireguard: wg1: Could not create IPv4 socket [ 196.124066][T12162] wireguard: wg2: Could not create IPv4 socket [ 198.514615][T12399] FAULT_INJECTION: forcing a failure. [ 198.514615][T12399] name failslab, interval 1, probability 0, space 0, times 0 [ 198.519899][T12399] CPU: 2 UID: 0 PID: 12399 Comm: syz.3.2342 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 198.519915][T12399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 198.519922][T12399] Call Trace: [ 198.519926][T12399] [ 198.519931][T12399] dump_stack_lvl+0x16c/0x1f0 [ 198.519953][T12399] should_fail_ex+0x512/0x640 [ 198.519970][T12399] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 198.519989][T12399] should_failslab+0xc2/0x120 [ 198.520001][T12399] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 198.520017][T12399] ? __alloc_skb+0x2b2/0x380 [ 198.520036][T12399] __alloc_skb+0x2b2/0x380 [ 198.520053][T12399] ? __pfx___alloc_skb+0x10/0x10 [ 198.520071][T12399] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 198.520087][T12399] netlink_alloc_large_skb+0x69/0x130 [ 198.520101][T12399] netlink_sendmsg+0x6a1/0xdd0 [ 198.520116][T12399] ? __pfx_netlink_sendmsg+0x10/0x10 [ 198.520134][T12399] ____sys_sendmsg+0xa98/0xc70 [ 198.520160][T12399] ? copy_msghdr_from_user+0x10a/0x160 [ 198.520171][T12399] ? __pfx_____sys_sendmsg+0x10/0x10 [ 198.520190][T12399] ___sys_sendmsg+0x134/0x1d0 [ 198.520202][T12399] ? __pfx____sys_sendmsg+0x10/0x10 [ 198.520211][T12399] ? __lock_acquire+0x622/0x1c90 [ 198.520237][T12399] __sys_sendmsg+0x16d/0x220 [ 198.520248][T12399] ? __pfx___sys_sendmsg+0x10/0x10 [ 198.520267][T12399] do_syscall_64+0xcd/0x4c0 [ 198.520279][T12399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.520295][T12399] RIP: 0033:0x7f52ab98e9a9 [ 198.520305][T12399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.520316][T12399] RSP: 002b:00007f52ac7ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 198.520327][T12399] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98e9a9 [ 198.520334][T12399] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 198.520340][T12399] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 198.520347][T12399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 198.520353][T12399] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 198.520366][T12399] [ 198.791155][T12405] mmap: syz.3.2345 (12405) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 198.902751][T12421] FAULT_INJECTION: forcing a failure. [ 198.902751][T12421] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 198.906149][ T6014] usb 7-1: new high-speed USB device number 35 using dummy_hcd [ 198.907654][T12421] CPU: 2 UID: 0 PID: 12421 Comm: syz.3.2348 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 198.907670][T12421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 198.907677][T12421] Call Trace: [ 198.907681][T12421] [ 198.907686][T12421] dump_stack_lvl+0x16c/0x1f0 [ 198.907723][T12421] should_fail_ex+0x512/0x640 [ 198.907747][T12421] _copy_from_user+0x2e/0xd0 [ 198.907759][T12421] kstrtouint_from_user+0xd6/0x1d0 [ 198.907773][T12421] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 198.907786][T12421] ? __lock_acquire+0xb8a/0x1c90 [ 198.907803][T12421] proc_fail_nth_write+0x83/0x250 [ 198.907819][T12421] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 198.907838][T12421] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 198.907852][T12421] vfs_write+0x2a0/0x1150 [ 198.907872][T12421] ? __pfx___mutex_lock+0x10/0x10 [ 198.907887][T12421] ? __pfx_vfs_write+0x10/0x10 [ 198.907917][T12421] ? __fget_files+0x20e/0x3c0 [ 198.907940][T12421] ksys_write+0x12a/0x250 [ 198.907965][T12421] ? __pfx_ksys_write+0x10/0x10 [ 198.907994][T12421] do_syscall_64+0xcd/0x4c0 [ 198.908007][T12421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.908018][T12421] RIP: 0033:0x7f52ab98d45f [ 198.908027][T12421] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 198.908038][T12421] RSP: 002b:00007f52ac7ec030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 198.908054][T12421] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f52ab98d45f [ 198.908060][T12421] RDX: 0000000000000001 RSI: 00007f52ac7ec0a0 RDI: 0000000000000003 [ 198.908066][T12421] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 198.908073][T12421] R10: 0000200000000200 R11: 0000000000000293 R12: 0000000000000001 [ 198.908079][T12421] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 198.908092][T12421] [ 199.033228][ T40] audit: type=1400 audit(7014645803.694:709): avc: denied { lock } for pid=12433 comm="syz.3.2351" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 199.046364][T12434] Failed to initialize the IGMP autojoin socket (err -2) [ 199.177435][ T6014] usb 7-1: Using ep0 maxpacket: 8 [ 199.180220][ T6014] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 199.182704][ T6014] usb 7-1: config 179 has no interface number 0 [ 199.196015][ T6014] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 199.199547][ T6014] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 199.203614][ T6014] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 199.210117][ T6014] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 199.214750][ T6014] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 199.225711][ T6014] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 199.232126][ T6014] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.238536][T12404] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 199.395920][T12459] FAULT_INJECTION: forcing a failure. [ 199.395920][T12459] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 199.399968][T12459] CPU: 2 UID: 0 PID: 12459 Comm: syz.3.2356 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 199.399983][T12459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 199.399989][T12459] Call Trace: [ 199.399993][T12459] [ 199.399997][T12459] dump_stack_lvl+0x16c/0x1f0 [ 199.400018][T12459] should_fail_ex+0x512/0x640 [ 199.400037][T12459] _copy_from_user+0x2e/0xd0 [ 199.400048][T12459] kstrtouint_from_user+0xd6/0x1d0 [ 199.400062][T12459] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 199.400076][T12459] ? __lock_acquire+0xb8a/0x1c90 [ 199.400092][T12459] proc_fail_nth_write+0x83/0x250 [ 199.400109][T12459] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 199.400127][T12459] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 199.400154][T12459] vfs_write+0x2a0/0x1150 [ 199.400171][T12459] ? __pfx___mutex_lock+0x10/0x10 [ 199.400182][T12459] ? __pfx_vfs_write+0x10/0x10 [ 199.400200][T12459] ? __fget_files+0x20e/0x3c0 [ 199.400214][T12459] ksys_write+0x12a/0x250 [ 199.400229][T12459] ? __pfx_ksys_write+0x10/0x10 [ 199.400247][T12459] do_syscall_64+0xcd/0x4c0 [ 199.400259][T12459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.400269][T12459] RIP: 0033:0x7f52ab98d45f [ 199.400278][T12459] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 199.400288][T12459] RSP: 002b:00007f52ac7ec030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 199.400297][T12459] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f52ab98d45f [ 199.400308][T12459] RDX: 0000000000000001 RSI: 00007f52ac7ec0a0 RDI: 0000000000000005 [ 199.400314][T12459] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 000000000000001c [ 199.400320][T12459] R10: 0000000020000845 R11: 0000000000000293 R12: 0000000000000001 [ 199.400326][T12459] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 199.400339][T12459] [ 199.613862][T12472] FAULT_INJECTION: forcing a failure. [ 199.613862][T12472] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 199.618283][T12472] CPU: 2 UID: 0 PID: 12472 Comm: syz.3.2359 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 199.618298][T12472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 199.618305][T12472] Call Trace: [ 199.618309][T12472] [ 199.618313][T12472] dump_stack_lvl+0x16c/0x1f0 [ 199.618333][T12472] should_fail_ex+0x512/0x640 [ 199.618357][T12472] _copy_from_user+0x2e/0xd0 [ 199.618368][T12472] kstrtouint_from_user+0xd6/0x1d0 [ 199.618382][T12472] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 199.618395][T12472] ? __lock_acquire+0xb8a/0x1c90 [ 199.618412][T12472] proc_fail_nth_write+0x83/0x250 [ 199.618427][T12472] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 199.618446][T12472] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 199.618460][T12472] vfs_write+0x2a0/0x1150 [ 199.618477][T12472] ? __pfx___mutex_lock+0x10/0x10 [ 199.618488][T12472] ? __pfx_vfs_write+0x10/0x10 [ 199.618507][T12472] ? __fget_files+0x20e/0x3c0 [ 199.618520][T12472] ksys_write+0x12a/0x250 [ 199.618535][T12472] ? __pfx_ksys_write+0x10/0x10 [ 199.618553][T12472] do_syscall_64+0xcd/0x4c0 [ 199.618565][T12472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.618576][T12472] RIP: 0033:0x7f52ab98d45f [ 199.618584][T12472] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 199.618595][T12472] RSP: 002b:00007f52ac7ec030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 199.618605][T12472] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f52ab98d45f [ 199.618612][T12472] RDX: 0000000000000001 RSI: 00007f52ac7ec0a0 RDI: 0000000000000003 [ 199.618618][T12472] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 199.618624][T12472] R10: 00002000000001c0 R11: 0000000000000293 R12: 0000000000000001 [ 199.618630][T12472] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 199.618643][T12472] [ 199.649351][ T5829] usb 7-1: USB disconnect, device number 35 [ 199.649358][ C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 199.649397][ C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 199.751011][T12483] FAULT_INJECTION: forcing a failure. [ 199.751011][T12483] name failslab, interval 1, probability 0, space 0, times 0 [ 199.754943][T12483] CPU: 0 UID: 0 PID: 12483 Comm: syz.3.2361 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 199.754959][T12483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 199.754966][T12483] Call Trace: [ 199.754970][T12483] [ 199.754974][T12483] dump_stack_lvl+0x16c/0x1f0 [ 199.754997][T12483] should_fail_ex+0x512/0x640 [ 199.755013][T12483] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 199.755031][T12483] should_failslab+0xc2/0x120 [ 199.755042][T12483] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 199.755057][T12483] ? __alloc_skb+0x2b2/0x380 [ 199.755075][T12483] __alloc_skb+0x2b2/0x380 [ 199.755108][T12483] ? __pfx___alloc_skb+0x10/0x10 [ 199.755124][T12483] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 199.755140][T12483] netlink_alloc_large_skb+0x69/0x130 [ 199.755153][T12483] netlink_sendmsg+0x6a1/0xdd0 [ 199.755167][T12483] ? __pfx_netlink_sendmsg+0x10/0x10 [ 199.755184][T12483] ____sys_sendmsg+0xa98/0xc70 [ 199.755197][T12483] ? copy_msghdr_from_user+0x10a/0x160 [ 199.755207][T12483] ? __pfx_____sys_sendmsg+0x10/0x10 [ 199.755226][T12483] ___sys_sendmsg+0x134/0x1d0 [ 199.755237][T12483] ? __pfx____sys_sendmsg+0x10/0x10 [ 199.755245][T12483] ? __lock_acquire+0x622/0x1c90 [ 199.755271][T12483] __sys_sendmsg+0x16d/0x220 [ 199.755281][T12483] ? __pfx___sys_sendmsg+0x10/0x10 [ 199.755299][T12483] do_syscall_64+0xcd/0x4c0 [ 199.755311][T12483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.755322][T12483] RIP: 0033:0x7f52ab98e9a9 [ 199.755331][T12483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.755345][T12483] RSP: 002b:00007f52ac7ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 199.755355][T12483] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98e9a9 [ 199.755362][T12483] RDX: 0000000000008000 RSI: 00002000000002c0 RDI: 0000000000000004 [ 199.755368][T12483] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 199.755374][T12483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 199.755380][T12483] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 199.755393][T12483] [ 199.858373][T12489] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12489 comm=syz.3.2362 [ 199.891782][T12492] tipc: Enabling of bearer rejected, failed to enable media [ 200.144713][T12513] FAULT_INJECTION: forcing a failure. [ 200.144713][T12513] name failslab, interval 1, probability 0, space 0, times 0 [ 200.151113][T12513] CPU: 0 UID: 0 PID: 12513 Comm: syz.0.2365 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 200.151137][T12513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 200.151147][T12513] Call Trace: [ 200.151153][T12513] [ 200.151159][T12513] dump_stack_lvl+0x16c/0x1f0 [ 200.151190][T12513] should_fail_ex+0x512/0x640 [ 200.151215][T12513] ? fs_reclaim_acquire+0xae/0x150 [ 200.151236][T12513] ? tomoyo_encode2+0x100/0x3e0 [ 200.151251][T12513] should_failslab+0xc2/0x120 [ 200.151267][T12513] __kmalloc_noprof+0xd2/0x510 [ 200.151291][T12513] ? d_absolute_path+0x136/0x1a0 [ 200.151315][T12513] tomoyo_encode2+0x100/0x3e0 [ 200.151341][T12513] tomoyo_encode+0x29/0x50 [ 200.151356][T12513] tomoyo_realpath_from_path+0x18f/0x6e0 [ 200.151380][T12513] tomoyo_path_number_perm+0x245/0x580 [ 200.151403][T12513] ? tomoyo_path_number_perm+0x237/0x580 [ 200.151429][T12513] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 200.151454][T12513] ? find_held_lock+0x2b/0x80 [ 200.151498][T12513] ? find_held_lock+0x2b/0x80 [ 200.151517][T12513] ? hook_file_ioctl_common+0x145/0x410 [ 200.151542][T12513] ? __fget_files+0x20e/0x3c0 [ 200.151562][T12513] security_file_ioctl+0x9b/0x240 [ 200.151580][T12513] __x64_sys_ioctl+0xb7/0x210 [ 200.151602][T12513] do_syscall_64+0xcd/0x4c0 [ 200.151620][T12513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.151636][T12513] RIP: 0033:0x7f1a92d8e9a9 [ 200.151649][T12513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.151664][T12513] RSP: 002b:00007f1a93b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 200.151680][T12513] RAX: ffffffffffffffda RBX: 00007f1a92fb5fa0 RCX: 00007f1a92d8e9a9 [ 200.151691][T12513] RDX: 0000200000000180 RSI: 000000004010744d RDI: 0000000000000003 [ 200.151701][T12513] RBP: 00007f1a93b87090 R08: 0000000000000000 R09: 0000000000000000 [ 200.151710][T12513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 200.151720][T12513] R13: 0000000000000000 R14: 00007f1a92fb5fa0 R15: 00007ffe110ba0f8 [ 200.151742][T12513] [ 200.151756][T12513] ERROR: Out of memory at tomoyo_realpath_from_path. [ 200.247380][T12522] [U] zÍ»´iœùÊý®Ò[27| [ 200.249575][T12522] [U] ‘BsŠ«w×AÓer®ÇOU]~èAÖö`1e…ÊX™!Ój5iÓ5ÿ‰Ÿîßy2ÂÚ‚_îSÇ"qµh$²±ç¨ìÁ‘‰6íÎä\PÏ[2ç*/Ç£Wb_$þ0Aó’7Ì X¦Û–(wc# ‚ýÙÔ =¡ÁgÎö®<ï [ 200.255640][T12522] [U] µIø¸wØuõ¦b:l®‘EúeÜiBHÁ‹káï^¯VI|È¥Ä\x®dÕ„ [ 200.262799][T12522] [U] Ëòü­|KßIHŒƒ»Þú;F~ò{IÃÓŽ«¡ÿ‰ª=Mkq%„±°ÿhd9©!ë@aü*ŒøŒlzš’~`E‚Üõ=ýÅ[>me§ÚLh»c»ü`ÆÛ'°uùÅÛ~+Û¤±mþÍ·LÃÄçû×X—…³®‡ßæéXóðËÒ舂€i '„j«ž3€e=:3à/ÒCœ_ßͯ 81ë(FW [ 200.276388][T12522] [U] 8)¢¤XÍ)°YvxRÄ»¶øØb¡‰mªb®Ný@ox²;JD‡¶ ¹ƒ, [ 200.278398][T12522] [U] *CÃn¯3¿Àv7‰KE¯Xgt_3êê §ëé [ 200.280068][T12522] [U] D‰¶/QÊa‡¹ÏzÒ¬EàH‘ºgE1$_k½´£s«=óR@ [ 200.281935][T12522] [U] ‰ϼcEv‹û @ý [ 200.283255][T12522] [U] aÆ„% [ 200.286701][T12522] [U] ’@¿Ëø±·’äæëcÃ_-Ʊ¯¢Zþ¯Ë×&ý<Z9Íah§_ÏL@bKÈÔs¤3J¨JÓ5¿ÂÂÜD¹¤;wõWÑçˆUu–yL¾…¯bÒ³53ûż²ø{Õ4XRQº÷ÿr£H=M"ß/ç@ o›¬»ƒèáÀ¨p¢ÌS”¯´‹‡~{P¹‡–Ó¡ä~i*ÑT¨º‡~WìÔÉ)ÉQ¦~ȵåŠ_ßœ‰Í¬z—~VqàÛª` [ 200.293981][T12522] [U] éf1Ïp±3 [ 200.295354][T12522] [U] N0[L;aÛ_´îlÕ&ÍkÿMëCï× [ 200.298365][T12522] [U] Àr6w^âûæçg—©P$üu§í¶í4Œ~GC‰›“ÖßšpÊk½¾FtÍÚwÈç~Î@ùL1è [ 200.328579][ T40] audit: type=1400 audit(7014645804.994:710): avc: denied { connect } for pid=12527 comm="syz.0.2367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 200.362218][T12534] binder: BC_ATTEMPT_ACQUIRE not supported [ 200.364289][T12534] binder: 12533:12534 ioctl c0306201 200000000c40 returned -22 [ 200.434530][ T40] audit: type=1400 audit(7014645805.094:711): avc: denied { write } for pid=12533 comm="syz.0.2368" name="file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 200.435129][T12534] sd 0:0:0:0: PR command failed: 1026 [ 200.445105][T12534] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 200.447366][T12534] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 200.507253][T12546] netlink: 'syz.0.2371': attribute type 10 has an invalid length. [ 200.523217][T12548] netlink: 'syz.0.2371': attribute type 10 has an invalid length. [ 200.524714][T12546] batman_adv: batadv0: Adding interface: team0 [ 200.525731][T12548] netlink: 2 bytes leftover after parsing attributes in process `syz.0.2371'. [ 200.530431][T12546] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 200.534131][T12548] team0: entered promiscuous mode [ 200.535740][T12548] team_slave_0: entered promiscuous mode [ 200.540446][T12548] team_slave_1: entered promiscuous mode [ 200.543400][T12548] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.545609][T12548] batman_adv: batadv0: Interface activated: team0 [ 200.549724][T12548] batman_adv: batadv0: Interface deactivated: team0 [ 200.552138][T12548] batman_adv: batadv0: Removing interface: team0 [ 200.554784][T12548] bridge0: port 3(team0) entered blocking state [ 200.557774][T12548] bridge0: port 3(team0) entered disabled state [ 200.559785][T12548] team0: entered allmulticast mode [ 200.561401][T12548] team_slave_0: entered allmulticast mode [ 200.563228][T12548] team_slave_1: entered allmulticast mode [ 200.566376][T12548] bridge0: port 3(team0) entered blocking state [ 200.568471][T12548] bridge0: port 3(team0) entered forwarding state [ 200.570655][T12552] tipc: Enabling of bearer rejected, failed to enable media [ 200.598455][T12558] FAULT_INJECTION: forcing a failure. [ 200.598455][T12558] name failslab, interval 1, probability 0, space 0, times 0 [ 200.603155][T12558] CPU: 0 UID: 0 PID: 12558 Comm: syz.0.2373 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 200.603177][T12558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 200.603187][T12558] Call Trace: [ 200.603192][T12558] [ 200.603196][T12558] dump_stack_lvl+0x16c/0x1f0 [ 200.603229][T12558] should_fail_ex+0x512/0x640 [ 200.603253][T12558] ? __mutex_lock+0x1ca/0xb90 [ 200.603270][T12558] should_failslab+0xc2/0x120 [ 200.603282][T12558] __kmalloc_cache_noprof+0x6a/0x3e0 [ 200.603297][T12558] ? mark_held_locks+0x49/0x80 [ 200.603314][T12558] ? __io_queue_proc+0x2bb/0x920 [ 200.603330][T12558] __io_queue_proc+0x2bb/0x920 [ 200.603346][T12558] ? __pfx_io_poll_queue_proc+0x10/0x10 [ 200.603359][T12558] v4l2_m2m_poll+0xe3/0x640 [ 200.603378][T12558] v4l2_m2m_fop_poll+0xa2/0x110 [ 200.603394][T12558] ? __pfx_v4l2_m2m_fop_poll+0x10/0x10 [ 200.603410][T12558] v4l2_poll+0x160/0x320 [ 200.603426][T12558] __io_arm_poll_handler+0x442/0x1430 [ 200.603440][T12558] ? __pfx_v4l2_poll+0x10/0x10 [ 200.603457][T12558] io_poll_add+0xe0/0x1f0 [ 200.603471][T12558] ? __pfx_io_poll_add+0x10/0x10 [ 200.603484][T12558] ? find_held_lock+0x2b/0x80 [ 200.603497][T12558] ? __pfx_io_poll_queue_proc+0x10/0x10 [ 200.603513][T12558] ? __fget_files+0x20e/0x3c0 [ 200.603524][T12558] __io_issue_sqe+0xe5/0x7c0 [ 200.603537][T12558] io_issue_sqe+0x86/0xe50 [ 200.603556][T12558] io_submit_sqes+0x92d/0x2580 [ 200.603578][T12558] __do_sys_io_uring_enter+0xd6a/0x1630 [ 200.603595][T12558] ? __fget_files+0x20e/0x3c0 [ 200.603604][T12558] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 200.603620][T12558] ? fput+0x70/0xf0 [ 200.603631][T12558] ? ksys_write+0x1ac/0x250 [ 200.603646][T12558] ? __pfx_ksys_write+0x10/0x10 [ 200.603664][T12558] do_syscall_64+0xcd/0x4c0 [ 200.603676][T12558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.603686][T12558] RIP: 0033:0x7f1a92d8e9a9 [ 200.603695][T12558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.603706][T12558] RSP: 002b:00007f1a93b87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 200.603716][T12558] RAX: ffffffffffffffda RBX: 00007f1a92fb5fa0 RCX: 00007f1a92d8e9a9 [ 200.603723][T12558] RDX: 0000000000005bd5 RSI: 0000000000002d3b RDI: 0000000000000004 [ 200.603729][T12558] RBP: 00007f1a93b87090 R08: 0000000000000000 R09: 0000000000000000 [ 200.603735][T12558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 200.603742][T12558] R13: 0000000000000000 R14: 00007f1a92fb5fa0 R15: 00007ffe110ba0f8 [ 200.603755][T12558] [ 201.244578][T12589] syzkaller1: entered promiscuous mode [ 201.246849][T12589] syzkaller1: entered allmulticast mode [ 201.249901][T12589] FAULT_INJECTION: forcing a failure. [ 201.249901][T12589] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 201.254130][T12589] CPU: 3 UID: 0 PID: 12589 Comm: syz.0.2376 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 201.254152][T12589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 201.254161][T12589] Call Trace: [ 201.254167][T12589] [ 201.254174][T12589] dump_stack_lvl+0x16c/0x1f0 [ 201.254204][T12589] should_fail_ex+0x512/0x640 [ 201.254231][T12589] _copy_from_iter+0x29f/0x16f0 [ 201.254253][T12589] ? __pfx__copy_from_iter+0x10/0x10 [ 201.254271][T12589] ? _kstrtoull+0x145/0x200 [ 201.254291][T12589] ? __pfx__kstrtoull+0x10/0x10 [ 201.254315][T12589] tun_get_user+0x13da/0x3b80 [ 201.254342][T12589] ? __pfx_tun_get_user+0x10/0x10 [ 201.254366][T12589] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 201.254390][T12589] ? find_held_lock+0x2b/0x80 [ 201.254411][T12589] ? tun_get+0x191/0x370 [ 201.254433][T12589] tun_chr_write_iter+0xdc/0x210 [ 201.254454][T12589] vfs_write+0x6c4/0x1150 [ 201.254479][T12589] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 201.254500][T12589] ? __pfx_vfs_write+0x10/0x10 [ 201.254522][T12589] ? find_held_lock+0x2b/0x80 [ 201.254557][T12589] ksys_write+0x12a/0x250 [ 201.254581][T12589] ? __pfx_ksys_write+0x10/0x10 [ 201.254608][T12589] do_syscall_64+0xcd/0x4c0 [ 201.254626][T12589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.254643][T12589] RIP: 0033:0x7f1a92d8e9a9 [ 201.254657][T12589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.254672][T12589] RSP: 002b:00007f1a93b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 201.254689][T12589] RAX: ffffffffffffffda RBX: 00007f1a92fb5fa0 RCX: 00007f1a92d8e9a9 [ 201.254700][T12589] RDX: 000000000000fdef RSI: 0000200000000240 RDI: 0000000000000003 [ 201.254710][T12589] RBP: 00007f1a93b87090 R08: 0000000000000000 R09: 0000000000000000 [ 201.254720][T12589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 201.254730][T12589] R13: 0000000000000000 R14: 00007f1a92fb5fa0 R15: 00007ffe110ba0f8 [ 201.254754][T12589] [ 201.593702][T12598] syzkaller1: entered promiscuous mode [ 201.595509][T12598] syzkaller1: entered allmulticast mode [ 201.634401][T12600] FAULT_INJECTION: forcing a failure. [ 201.634401][T12600] name failslab, interval 1, probability 0, space 0, times 0 [ 201.639102][T12600] CPU: 1 UID: 0 PID: 12600 Comm: syz.2.2381 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 201.639119][T12600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 201.639126][T12600] Call Trace: [ 201.639130][T12600] [ 201.639134][T12600] dump_stack_lvl+0x16c/0x1f0 [ 201.639155][T12600] should_fail_ex+0x512/0x640 [ 201.639171][T12600] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 201.639189][T12600] should_failslab+0xc2/0x120 [ 201.639200][T12600] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 201.639215][T12600] ? __alloc_skb+0x2b2/0x380 [ 201.639234][T12600] __alloc_skb+0x2b2/0x380 [ 201.639249][T12600] ? __pfx___alloc_skb+0x10/0x10 [ 201.639266][T12600] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 201.639282][T12600] netlink_alloc_large_skb+0x69/0x130 [ 201.639295][T12600] netlink_sendmsg+0x6a1/0xdd0 [ 201.639309][T12600] ? __pfx_netlink_sendmsg+0x10/0x10 [ 201.639328][T12600] ____sys_sendmsg+0xa98/0xc70 [ 201.639341][T12600] ? copy_msghdr_from_user+0x10a/0x160 [ 201.639351][T12600] ? __pfx_____sys_sendmsg+0x10/0x10 [ 201.639370][T12600] ___sys_sendmsg+0x134/0x1d0 [ 201.639381][T12600] ? __pfx____sys_sendmsg+0x10/0x10 [ 201.639389][T12600] ? __lock_acquire+0x622/0x1c90 [ 201.639415][T12600] __sys_sendmsg+0x16d/0x220 [ 201.639425][T12600] ? __pfx___sys_sendmsg+0x10/0x10 [ 201.639440][T12600] ? fput+0x70/0xf0 [ 201.639453][T12600] do_syscall_64+0xcd/0x4c0 [ 201.639464][T12600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.639475][T12600] RIP: 0033:0x7fdf0f58e9a9 [ 201.639484][T12600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.639495][T12600] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 201.639505][T12600] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 201.639512][T12600] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 000000000000000b [ 201.639518][T12600] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 201.639524][T12600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 201.639530][T12600] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 201.639544][T12600] [ 201.719689][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 201.723185][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 201.726667][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 201.730268][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 201.733125][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 201.748523][T12601] Failed to initialize the IGMP autojoin socket (err -2) [ 201.753928][T12604] tipc: Enabling of bearer rejected, failed to enable media [ 202.020802][ T40] audit: type=1400 audit(7014645806.684:712): avc: denied { map } for pid=12625 comm="syz.0.2386" path="socket:[47351]" dev="sockfs" ino=47351 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 202.028149][ T40] audit: type=1400 audit(7014645806.684:713): avc: denied { read accept } for pid=12625 comm="syz.0.2386" path="socket:[47351]" dev="sockfs" ino=47351 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 202.367725][T12641] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=12641 comm=syz.2.2391 [ 202.410967][T12644] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2392'. [ 202.414640][T12644] nbd: socks must be embedded in a SOCK_ITEM attr [ 202.488622][T12601] netdevsim netdevsim1 netdevsim0: renamed from eth2 [ 202.507293][T12601] netdevsim netdevsim1 netdevsim1: renamed from eth3 [ 202.529293][T12601] netdevsim netdevsim1 netdevsim2: renamed from eth4 [ 202.548492][T12601] netdevsim netdevsim1 netdevsim3: renamed from eth5 [ 202.571077][T12652] tipc: Enabling of bearer rejected, failed to enable media [ 202.764215][T12601] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 202.775663][T12601] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 202.783162][T12601] wireguard: wg0: Could not create IPv4 socket [ 202.785009][T12672] FAULT_INJECTION: forcing a failure. [ 202.785009][T12672] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 202.787471][T12601] wireguard: wg1: Could not create IPv4 socket [ 202.790571][T12672] CPU: 3 UID: 0 PID: 12672 Comm: syz.2.2394 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 202.790587][T12672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 202.790593][T12672] Call Trace: [ 202.790597][T12672] [ 202.790601][T12672] dump_stack_lvl+0x16c/0x1f0 [ 202.790622][T12672] should_fail_ex+0x512/0x640 [ 202.790641][T12672] _copy_from_user+0x2e/0xd0 [ 202.790652][T12672] kstrtouint_from_user+0xd6/0x1d0 [ 202.790666][T12672] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 202.790679][T12672] ? __lock_acquire+0xb8a/0x1c90 [ 202.790695][T12672] proc_fail_nth_write+0x83/0x250 [ 202.790711][T12672] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 202.790730][T12672] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 202.790744][T12672] vfs_write+0x2a0/0x1150 [ 202.790761][T12672] ? __pfx___mutex_lock+0x10/0x10 [ 202.790773][T12672] ? __pfx_vfs_write+0x10/0x10 [ 202.790791][T12672] ? __fget_files+0x20e/0x3c0 [ 202.790805][T12672] ksys_write+0x12a/0x250 [ 202.790820][T12672] ? __pfx_ksys_write+0x10/0x10 [ 202.790839][T12672] do_syscall_64+0xcd/0x4c0 [ 202.790850][T12672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.790861][T12672] RIP: 0033:0x7fdf0f58d45f [ 202.790869][T12672] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 202.790879][T12672] RSP: 002b:00007fdf103aa030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 202.790889][T12672] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdf0f58d45f [ 202.790896][T12672] RDX: 0000000000000001 RSI: 00007fdf103aa0a0 RDI: 0000000000000003 [ 202.790902][T12672] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 202.790908][T12672] R10: 0000000000000020 R11: 0000000000000293 R12: 0000000000000001 [ 202.790915][T12672] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 202.790928][T12672] [ 202.856166][T12601] wireguard: wg2: Could not create IPv4 socket [ 202.915241][T12677] FAULT_INJECTION: forcing a failure. [ 202.915241][T12677] name failslab, interval 1, probability 0, space 0, times 0 [ 202.920710][T12677] CPU: 3 UID: 0 PID: 12677 Comm: syz.2.2395 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 202.920727][T12677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 202.920737][T12677] Call Trace: [ 202.920743][T12677] [ 202.920749][T12677] dump_stack_lvl+0x16c/0x1f0 [ 202.920775][T12677] should_fail_ex+0x512/0x640 [ 202.920797][T12677] ? fs_reclaim_acquire+0xae/0x150 [ 202.920811][T12677] ? tomoyo_encode2+0x100/0x3e0 [ 202.920821][T12677] should_failslab+0xc2/0x120 [ 202.920832][T12677] __kmalloc_noprof+0xd2/0x510 [ 202.920851][T12677] tomoyo_encode2+0x100/0x3e0 [ 202.920863][T12677] tomoyo_encode+0x29/0x50 [ 202.920872][T12677] tomoyo_realpath_from_path+0x18f/0x6e0 [ 202.920884][T12677] ? tomoyo_profile+0x47/0x60 [ 202.920897][T12677] tomoyo_path_number_perm+0x245/0x580 [ 202.920912][T12677] ? tomoyo_path_number_perm+0x237/0x580 [ 202.920928][T12677] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 202.920943][T12677] ? find_held_lock+0x2b/0x80 [ 202.920968][T12677] ? find_held_lock+0x2b/0x80 [ 202.920981][T12677] ? hook_file_ioctl_common+0x145/0x410 [ 202.920996][T12677] ? __fget_files+0x20e/0x3c0 [ 202.921008][T12677] security_file_ioctl+0x9b/0x240 [ 202.921019][T12677] __x64_sys_ioctl+0xb7/0x210 [ 202.921034][T12677] do_syscall_64+0xcd/0x4c0 [ 202.921046][T12677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.921057][T12677] RIP: 0033:0x7fdf0f58e9a9 [ 202.921066][T12677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.921077][T12677] RSP: 002b:00007fdf10389038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 202.921087][T12677] RAX: ffffffffffffffda RBX: 00007fdf0f7b6080 RCX: 00007fdf0f58e9a9 [ 202.921094][T12677] RDX: 00002000000003c0 RSI: 000000004010ae42 RDI: 0000000000000004 [ 202.921101][T12677] RBP: 00007fdf10389090 R08: 0000000000000000 R09: 0000000000000000 [ 202.921107][T12677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 202.921113][T12677] R13: 0000000000000000 R14: 00007fdf0f7b6080 R15: 00007ffeb3624778 [ 202.921126][T12677] [ 202.921137][T12677] ERROR: Out of memory at tomoyo_realpath_from_path. [ 203.127569][T12508] [U] Ô:¢äK!:¡¿Yå’‘Æ;R’ÿôôádmÿ¥–a9Ötb¨‹ð„õtýºû=‚ Òªï+ésS¼ i÷-íY©Jcà ø(š¼‡ðÒ‘„îxƒ|]k|§â_VÀí·ÀéÚÒ‰ÝTÒ8MN´i¢…–׎ͪ²´˜Y΃æzAMö"eÌv3¼KÄ›O0q]^Œ)”‘?ס8â…´ìõS°ñ ŸÜX†e´Ý¢êÝ%4°<¥g±!¼èØy.Öòçûw›µa©ûШ˜×¹‡ÉòÛ)³0¯Põ/óäQº¬Ý{»›‡n [ 203.138251][T12685] geneve2: entered promiscuous mode [ 203.140308][T12685] geneve2: entered allmulticast mode [ 203.219491][T12692] FAULT_INJECTION: forcing a failure. [ 203.219491][T12692] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 203.223783][T12692] CPU: 2 UID: 0 PID: 12692 Comm: syz.3.2399 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 203.223798][T12692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 203.223805][T12692] Call Trace: [ 203.223809][T12692] [ 203.223814][T12692] dump_stack_lvl+0x16c/0x1f0 [ 203.223835][T12692] should_fail_ex+0x512/0x640 [ 203.223854][T12692] _copy_from_iter+0x29f/0x16f0 [ 203.223868][T12692] ? __pfx__copy_from_iter+0x10/0x10 [ 203.223879][T12692] ? _kstrtoull+0x145/0x200 [ 203.223892][T12692] ? __pfx__kstrtoull+0x10/0x10 [ 203.223908][T12692] tun_get_user+0x13da/0x3b80 [ 203.223925][T12692] ? __pfx_tun_get_user+0x10/0x10 [ 203.223936][T12692] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 203.223950][T12692] ? find_held_lock+0x2b/0x80 [ 203.223965][T12692] ? tun_get+0x191/0x370 [ 203.223978][T12692] tun_chr_write_iter+0xdc/0x210 [ 203.223991][T12692] vfs_write+0x6c4/0x1150 [ 203.224007][T12692] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 203.224020][T12692] ? __pfx_vfs_write+0x10/0x10 [ 203.224033][T12692] ? find_held_lock+0x2b/0x80 [ 203.224054][T12692] ksys_write+0x12a/0x250 [ 203.224068][T12692] ? __pfx_ksys_write+0x10/0x10 [ 203.224084][T12692] ? fdget+0x187/0x210 [ 203.224095][T12692] do_syscall_64+0xcd/0x4c0 [ 203.224106][T12692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.224118][T12692] RIP: 0033:0x7f52ab98e9a9 [ 203.224126][T12692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.224136][T12692] RSP: 002b:00007f52ac7ec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 203.224147][T12692] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98e9a9 [ 203.224153][T12692] RDX: 0000000000000073 RSI: 0000200000000240 RDI: 0000000000000003 [ 203.224159][T12692] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 203.224165][T12692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 203.224171][T12692] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 203.224184][T12692] [ 203.303116][ C2] vkms_vblank_simulate: vblank timer overrun [ 203.385124][T12696] tipc: Enabled bearer , priority 0 [ 203.388586][T12696] syzkaller0: entered promiscuous mode [ 203.390849][T12696] syzkaller0: entered allmulticast mode [ 203.411432][T12696] FAULT_INJECTION: forcing a failure. [ 203.411432][T12696] name failslab, interval 1, probability 0, space 0, times 0 [ 203.417322][T12696] CPU: 1 UID: 0 PID: 12696 Comm: syz.2.2400 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 203.417347][T12696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 203.417358][T12696] Call Trace: [ 203.417364][T12696] [ 203.417371][T12696] dump_stack_lvl+0x16c/0x1f0 [ 203.417400][T12696] should_fail_ex+0x512/0x640 [ 203.417425][T12696] ? fs_reclaim_acquire+0xae/0x150 [ 203.417448][T12696] ? tomoyo_encode2+0x100/0x3e0 [ 203.417465][T12696] should_failslab+0xc2/0x120 [ 203.417482][T12696] __kmalloc_noprof+0xd2/0x510 [ 203.417519][T12696] tomoyo_encode2+0x100/0x3e0 [ 203.417537][T12696] tomoyo_encode+0x29/0x50 [ 203.417551][T12696] tomoyo_realpath_from_path+0x18f/0x6e0 [ 203.417570][T12696] ? tomoyo_profile+0x47/0x60 [ 203.417590][T12696] tomoyo_path_number_perm+0x245/0x580 [ 203.417614][T12696] ? tomoyo_path_number_perm+0x237/0x580 [ 203.417637][T12696] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 203.417661][T12696] ? find_held_lock+0x2b/0x80 [ 203.417702][T12696] ? find_held_lock+0x2b/0x80 [ 203.417720][T12696] ? hook_file_ioctl_common+0x145/0x410 [ 203.417742][T12696] ? __fget_files+0x20e/0x3c0 [ 203.417760][T12696] security_file_ioctl+0x9b/0x240 [ 203.417778][T12696] __x64_sys_ioctl+0xb7/0x210 [ 203.417803][T12696] do_syscall_64+0xcd/0x4c0 [ 203.417822][T12696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.417841][T12696] RIP: 0033:0x7fdf0f58e9a9 [ 203.417856][T12696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.417871][T12696] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 203.417888][T12696] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 203.417900][T12696] RDX: 0000200000002280 RSI: 0000000000008922 RDI: 0000000000000005 [ 203.417911][T12696] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 203.417921][T12696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 203.417931][T12696] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 203.417954][T12696] [ 203.417971][T12696] ERROR: Out of memory at tomoyo_realpath_from_path. [ 203.479627][T12699] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 203.487778][T12696] tipc: Resetting bearer [ 203.488505][T12699] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 203.489907][T12699] vhci_hcd vhci_hcd.0: Device attached [ 203.525184][T12695] tipc: Resetting bearer [ 203.529352][T12704] vhci_hcd: unknown pdu 1 [ 203.532325][ T40] audit: type=1400 audit(7014645808.194:714): avc: denied { setopt } for pid=12698 comm="syz.3.2401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 203.533882][ T1146] vhci_hcd: stop threads [ 203.544569][ T1146] vhci_hcd: release socket [ 203.548911][ T1146] vhci_hcd: disconnect device [ 203.555665][T12695] tipc: Disabling bearer [ 203.671177][T12713] tipc: Enabling of bearer rejected, failed to enable media [ 203.904200][T12732] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2404'. [ 203.912044][T12732] veth0_virt_wifi: entered promiscuous mode [ 203.952497][T12738] tipc: Enabled bearer , priority 0 [ 203.954904][T12738] syzkaller0: entered promiscuous mode [ 203.957105][T12738] syzkaller0: entered allmulticast mode [ 203.969785][T12738] netlink: 76 bytes leftover after parsing attributes in process `sfq'. [ 203.973487][T12738] syzkaller0: mtu greater than device maximum [ 203.980139][T12737] tipc: Resetting bearer [ 203.992237][T12737] tipc: Disabling bearer [ 204.101086][T12747] FAULT_INJECTION: forcing a failure. [ 204.101086][T12747] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 204.107029][T12747] CPU: 3 UID: 0 PID: 12747 Comm: syz.2.2407 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 204.107080][T12747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 204.107090][T12747] Call Trace: [ 204.107097][T12747] [ 204.107103][T12747] dump_stack_lvl+0x16c/0x1f0 [ 204.107133][T12747] should_fail_ex+0x512/0x640 [ 204.107164][T12747] _copy_from_user+0x2e/0xd0 [ 204.107182][T12747] kstrtouint_from_user+0xd6/0x1d0 [ 204.107202][T12747] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 204.107221][T12747] ? __lock_acquire+0xb8a/0x1c90 [ 204.107247][T12747] proc_fail_nth_write+0x83/0x250 [ 204.107270][T12747] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 204.107302][T12747] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 204.107322][T12747] vfs_write+0x2a0/0x1150 [ 204.107348][T12747] ? __pfx___mutex_lock+0x10/0x10 [ 204.107364][T12747] ? __pfx_vfs_write+0x10/0x10 [ 204.107392][T12747] ? __fget_files+0x20e/0x3c0 [ 204.107414][T12747] ksys_write+0x12a/0x250 [ 204.107435][T12747] ? __pfx_ksys_write+0x10/0x10 [ 204.107464][T12747] do_syscall_64+0xcd/0x4c0 [ 204.107481][T12747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.107497][T12747] RIP: 0033:0x7fdf0f58d45f [ 204.107511][T12747] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 204.107525][T12747] RSP: 002b:00007fdf103aa030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 204.107540][T12747] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdf0f58d45f [ 204.107551][T12747] RDX: 0000000000000001 RSI: 00007fdf103aa0a0 RDI: 0000000000000003 [ 204.107560][T12747] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 204.107569][T12747] R10: 0000000010008095 R11: 0000000000000293 R12: 0000000000000001 [ 204.107579][T12747] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 204.107602][T12747] [ 204.242878][T12761] FAULT_INJECTION: forcing a failure. [ 204.242878][T12761] name failslab, interval 1, probability 0, space 0, times 0 [ 204.248062][T12761] CPU: 2 UID: 0 PID: 12761 Comm: syz.2.2410 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 204.248086][T12761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 204.248097][T12761] Call Trace: [ 204.248103][T12761] [ 204.248110][T12761] dump_stack_lvl+0x16c/0x1f0 [ 204.248141][T12761] should_fail_ex+0x512/0x640 [ 204.248168][T12761] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 204.248196][T12761] should_failslab+0xc2/0x120 [ 204.248214][T12761] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 204.248240][T12761] ? __alloc_skb+0x2b2/0x380 [ 204.248270][T12761] __alloc_skb+0x2b2/0x380 [ 204.248295][T12761] ? __pfx___alloc_skb+0x10/0x10 [ 204.248329][T12761] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 204.248354][T12761] netlink_alloc_large_skb+0x69/0x130 [ 204.248376][T12761] netlink_sendmsg+0x6a1/0xdd0 [ 204.248400][T12761] ? __pfx_netlink_sendmsg+0x10/0x10 [ 204.248429][T12761] ____sys_sendmsg+0xa98/0xc70 [ 204.248451][T12761] ? copy_msghdr_from_user+0x10a/0x160 [ 204.248468][T12761] ? __pfx_____sys_sendmsg+0x10/0x10 [ 204.248501][T12761] ___sys_sendmsg+0x134/0x1d0 [ 204.248519][T12761] ? __pfx____sys_sendmsg+0x10/0x10 [ 204.248533][T12761] ? __lock_acquire+0x622/0x1c90 [ 204.248579][T12761] __sys_sendmsg+0x16d/0x220 [ 204.248597][T12761] ? __pfx___sys_sendmsg+0x10/0x10 [ 204.248630][T12761] do_syscall_64+0xcd/0x4c0 [ 204.248649][T12761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.248667][T12761] RIP: 0033:0x7fdf0f58e9a9 [ 204.248680][T12761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.248696][T12761] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 204.248713][T12761] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 204.248724][T12761] RDX: 0000000000008840 RSI: 00002000000000c0 RDI: 0000000000000004 [ 204.248735][T12761] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 204.248745][T12761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.248755][T12761] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 204.248779][T12761] [ 204.329026][ C2] vkms_vblank_simulate: vblank timer overrun [ 204.352023][T12767] tipc: Enabling of bearer rejected, failed to enable media [ 204.916438][T12800] FAULT_INJECTION: forcing a failure. [ 204.916438][T12800] name failslab, interval 1, probability 0, space 0, times 0 [ 204.920280][T12800] CPU: 3 UID: 0 PID: 12800 Comm: syz.2.2414 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 204.920294][T12800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 204.920301][T12800] Call Trace: [ 204.920305][T12800] [ 204.920309][T12800] dump_stack_lvl+0x16c/0x1f0 [ 204.920345][T12800] should_fail_ex+0x512/0x640 [ 204.920366][T12800] ? fs_reclaim_acquire+0xae/0x150 [ 204.920380][T12800] ? tomoyo_encode2+0x100/0x3e0 [ 204.920390][T12800] should_failslab+0xc2/0x120 [ 204.920401][T12800] __kmalloc_noprof+0xd2/0x510 [ 204.920420][T12800] tomoyo_encode2+0x100/0x3e0 [ 204.920431][T12800] tomoyo_encode+0x29/0x50 [ 204.920440][T12800] tomoyo_realpath_from_path+0x18f/0x6e0 [ 204.920453][T12800] ? tomoyo_profile+0x47/0x60 [ 204.920465][T12800] tomoyo_path_number_perm+0x245/0x580 [ 204.920480][T12800] ? tomoyo_path_number_perm+0x237/0x580 [ 204.920496][T12800] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 204.920511][T12800] ? find_held_lock+0x2b/0x80 [ 204.920540][T12800] ? find_held_lock+0x2b/0x80 [ 204.920553][T12800] ? hook_file_ioctl_common+0x145/0x410 [ 204.920569][T12800] ? __fget_files+0x20e/0x3c0 [ 204.920581][T12800] security_file_ioctl+0x9b/0x240 [ 204.920592][T12800] __x64_sys_ioctl+0xb7/0x210 [ 204.920607][T12800] do_syscall_64+0xcd/0x4c0 [ 204.920618][T12800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.920629][T12800] RIP: 0033:0x7fdf0f58e9a9 [ 204.920638][T12800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.920648][T12800] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 204.920663][T12800] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 204.920670][T12800] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 204.920676][T12800] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 204.920682][T12800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.920688][T12800] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 204.920701][T12800] [ 204.920710][T12800] ERROR: Out of memory at tomoyo_realpath_from_path. [ 205.115764][ T40] audit: type=1400 audit(7014645809.774:715): avc: denied { create } for pid=12808 comm="syz.2.2415" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 205.130417][ T40] audit: type=1400 audit(7014645809.784:716): avc: denied { setopt } for pid=12808 comm="syz.2.2415" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 205.222130][T12809] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 205.222130][T12809] The task syz.2.2415 (12809) triggered the difference, watch for misbehavior. [ 207.121480][T12889] tipc: Enabling of bearer rejected, failed to enable media [ 207.136417][T12887] FAULT_INJECTION: forcing a failure. [ 207.136417][T12887] name failslab, interval 1, probability 0, space 0, times 0 [ 207.141631][T12887] CPU: 1 UID: 0 PID: 12887 Comm: syz.3.2419 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 207.141655][T12887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 207.141665][T12887] Call Trace: [ 207.141671][T12887] [ 207.141678][T12887] dump_stack_lvl+0x16c/0x1f0 [ 207.141733][T12887] should_fail_ex+0x512/0x640 [ 207.141764][T12887] ? __kmalloc_noprof+0xbf/0x510 [ 207.141790][T12887] ? alloc_pipe_info+0x1ec/0x590 [ 207.141808][T12887] should_failslab+0xc2/0x120 [ 207.141825][T12887] __kmalloc_noprof+0xd2/0x510 [ 207.141854][T12887] alloc_pipe_info+0x1ec/0x590 [ 207.141875][T12887] splice_direct_to_actor+0x77d/0xa30 [ 207.141902][T12887] ? __pfx_direct_splice_actor+0x10/0x10 [ 207.141929][T12887] ? find_held_lock+0x2b/0x80 [ 207.141951][T12887] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 207.141975][T12887] ? get_pid_task+0xfc/0x250 [ 207.141997][T12887] do_splice_direct+0x174/0x240 [ 207.142024][T12887] ? __pfx_do_splice_direct+0x10/0x10 [ 207.142049][T12887] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 207.142078][T12887] ? rw_verify_area+0xcf/0x680 [ 207.142103][T12887] do_sendfile+0xb06/0xe50 [ 207.142131][T12887] ? __pfx_do_sendfile+0x10/0x10 [ 207.142155][T12887] ? __fget_files+0x20e/0x3c0 [ 207.142177][T12887] __x64_sys_sendfile64+0x1d8/0x220 [ 207.142195][T12887] ? ksys_write+0x1ac/0x250 [ 207.142218][T12887] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 207.142245][T12887] do_syscall_64+0xcd/0x4c0 [ 207.142264][T12887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.142282][T12887] RIP: 0033:0x7f52ab98e9a9 [ 207.142296][T12887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.142313][T12887] RSP: 002b:00007f52ac7ec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 207.142330][T12887] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98e9a9 [ 207.142341][T12887] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 207.142351][T12887] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 207.142360][T12887] R10: 0000000000007f04 R11: 0000000000000246 R12: 0000000000000001 [ 207.142370][T12887] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 207.142392][T12887] [ 207.410717][T12909] FAULT_INJECTION: forcing a failure. [ 207.410717][T12909] name failslab, interval 1, probability 0, space 0, times 0 [ 207.414254][T12909] CPU: 3 UID: 0 PID: 12909 Comm: syz.2.2423 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 207.414269][T12909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 207.414275][T12909] Call Trace: [ 207.414279][T12909] [ 207.414284][T12909] dump_stack_lvl+0x16c/0x1f0 [ 207.414305][T12909] should_fail_ex+0x512/0x640 [ 207.414321][T12909] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 207.414339][T12909] should_failslab+0xc2/0x120 [ 207.414349][T12909] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 207.414365][T12909] ? __alloc_skb+0x2b2/0x380 [ 207.414384][T12909] __alloc_skb+0x2b2/0x380 [ 207.414399][T12909] ? __pfx___alloc_skb+0x10/0x10 [ 207.414416][T12909] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 207.414431][T12909] netlink_alloc_large_skb+0x69/0x130 [ 207.414445][T12909] netlink_sendmsg+0x6a1/0xdd0 [ 207.414459][T12909] ? __pfx_netlink_sendmsg+0x10/0x10 [ 207.414479][T12909] ____sys_sendmsg+0xa98/0xc70 [ 207.414493][T12909] ? copy_msghdr_from_user+0x10a/0x160 [ 207.414502][T12909] ? __pfx_____sys_sendmsg+0x10/0x10 [ 207.414521][T12909] ___sys_sendmsg+0x134/0x1d0 [ 207.414532][T12909] ? __pfx____sys_sendmsg+0x10/0x10 [ 207.414540][T12909] ? __lock_acquire+0x622/0x1c90 [ 207.414567][T12909] __sys_sendmsg+0x16d/0x220 [ 207.414577][T12909] ? __pfx___sys_sendmsg+0x10/0x10 [ 207.414592][T12909] ? fdget+0x187/0x210 [ 207.414604][T12909] do_syscall_64+0xcd/0x4c0 [ 207.414616][T12909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.414627][T12909] RIP: 0033:0x7fdf0f58e9a9 [ 207.414636][T12909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.414646][T12909] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 207.414657][T12909] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 207.414663][T12909] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003 [ 207.414670][T12909] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 207.414676][T12909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.414682][T12909] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 207.414695][T12909] [ 207.502394][T12913] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2425'. [ 207.505287][T12913] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 207.530085][T12916] FAULT_INJECTION: forcing a failure. [ 207.530085][T12916] name failslab, interval 1, probability 0, space 0, times 0 [ 207.534888][T12916] CPU: 2 UID: 0 PID: 12916 Comm: syz.3.2424 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 207.534904][T12916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 207.534910][T12916] Call Trace: [ 207.534915][T12916] [ 207.534920][T12916] dump_stack_lvl+0x16c/0x1f0 [ 207.534941][T12916] should_fail_ex+0x512/0x640 [ 207.534958][T12916] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 207.534975][T12916] should_failslab+0xc2/0x120 [ 207.534986][T12916] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 207.535002][T12916] ? __alloc_skb+0x2b2/0x380 [ 207.535048][T12916] __alloc_skb+0x2b2/0x380 [ 207.535063][T12916] ? __pfx___alloc_skb+0x10/0x10 [ 207.535080][T12916] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 207.535096][T12916] netlink_alloc_large_skb+0x69/0x130 [ 207.535109][T12916] netlink_sendmsg+0x6a1/0xdd0 [ 207.535124][T12916] ? __pfx_netlink_sendmsg+0x10/0x10 [ 207.535141][T12916] ____sys_sendmsg+0xa98/0xc70 [ 207.535154][T12916] ? copy_msghdr_from_user+0x10a/0x160 [ 207.535164][T12916] ? __pfx_____sys_sendmsg+0x10/0x10 [ 207.535183][T12916] ___sys_sendmsg+0x134/0x1d0 [ 207.535194][T12916] ? __pfx____sys_sendmsg+0x10/0x10 [ 207.535207][T12916] ? __lock_acquire+0x622/0x1c90 [ 207.535233][T12916] __sys_sendmsg+0x16d/0x220 [ 207.535243][T12916] ? __pfx___sys_sendmsg+0x10/0x10 [ 207.535281][T12916] do_syscall_64+0xcd/0x4c0 [ 207.535295][T12916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.535322][T12916] RIP: 0033:0x7f52ab98e9a9 [ 207.535333][T12916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.535344][T12916] RSP: 002b:00007f52ac7ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 207.535354][T12916] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98e9a9 [ 207.535361][T12916] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 207.535367][T12916] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 207.535373][T12916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 207.535380][T12916] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 207.535393][T12916] [ 207.602556][T12921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2426'. [ 207.609372][T12921] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2426'. [ 207.829738][T12937] netlink: 'syz.3.2429': attribute type 2 has an invalid length. [ 207.886089][ T6014] usb 7-1: new high-speed USB device number 36 using dummy_hcd [ 208.016742][ T6014] usb 7-1: device descriptor read/64, error -71 [ 208.093977][T12952] tipc: Enabled bearer , priority 0 [ 208.104486][T12952] tipc: Resetting bearer [ 208.125013][T12951] tipc: Disabling bearer [ 208.131521][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 208.135513][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 208.141431][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 208.146260][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 208.148728][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 208.162984][T12954] Failed to initialize the IGMP autojoin socket (err -2) [ 208.241562][ T40] audit: type=1400 audit(7014645812.904:717): avc: denied { map } for pid=12961 comm="syz.3.2431" path="socket:[46886]" dev="sockfs" ino=46886 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 208.253570][ T40] audit: type=1400 audit(7014645812.904:718): avc: denied { read } for pid=12961 comm="syz.3.2431" path="socket:[46886]" dev="sockfs" ino=46886 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 208.267443][ T6014] usb 7-1: new high-speed USB device number 37 using dummy_hcd [ 208.399269][ T6014] usb 7-1: device descriptor read/64, error -71 [ 208.516955][ T6014] usb usb7-port1: attempt power cycle [ 208.857505][ T6014] usb 7-1: new high-speed USB device number 38 using dummy_hcd [ 208.878691][ T6014] usb 7-1: device descriptor read/8, error -71 [ 208.940921][T12954] netdevsim netdevsim1 netdevsim0: renamed from eth2 [ 208.961950][T12954] netdevsim netdevsim1 netdevsim1: renamed from eth3 [ 208.991101][T12954] netdevsim netdevsim1 netdevsim2: renamed from eth4 [ 209.007292][T12954] netdevsim netdevsim1 netdevsim3: renamed from eth5 [ 209.116728][ T6014] usb 7-1: new high-speed USB device number 39 using dummy_hcd [ 209.140135][ T6014] usb 7-1: device descriptor read/8, error -71 [ 209.177036][T12954] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 209.202226][T12954] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 209.209925][T12954] wireguard: wg0: Could not create IPv4 socket [ 209.213891][T12954] wireguard: wg1: Could not create IPv4 socket [ 209.216955][T12954] wireguard: wg2: Could not create IPv4 socket [ 209.247521][ T6014] usb usb7-port1: unable to enumerate USB device [ 209.259660][T13010] fuse: Unknown parameter '000000000000000000000030x0000000000000003' [ 209.307946][T13010] kvm: kvm [13009]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x40000074) [ 210.293252][T13048] input: syz0 as /devices/virtual/input/input19 [ 210.413726][T13060] FAULT_INJECTION: forcing a failure. [ 210.413726][T13060] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 210.419458][T13060] CPU: 1 UID: 0 PID: 13060 Comm: syz.3.2438 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 210.419474][T13060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 210.419480][T13060] Call Trace: [ 210.419484][T13060] [ 210.419489][T13060] dump_stack_lvl+0x16c/0x1f0 [ 210.419527][T13060] should_fail_ex+0x512/0x640 [ 210.419550][T13060] _copy_from_user+0x2e/0xd0 [ 210.419561][T13060] kstrtouint_from_user+0xd6/0x1d0 [ 210.419575][T13060] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 210.419589][T13060] ? __lock_acquire+0xb8a/0x1c90 [ 210.419605][T13060] proc_fail_nth_write+0x83/0x250 [ 210.419621][T13060] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 210.419639][T13060] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 210.419653][T13060] vfs_write+0x2a0/0x1150 [ 210.419671][T13060] ? __pfx___mutex_lock+0x10/0x10 [ 210.419682][T13060] ? __pfx_vfs_write+0x10/0x10 [ 210.419700][T13060] ? __fget_files+0x20e/0x3c0 [ 210.419714][T13060] ksys_write+0x12a/0x250 [ 210.419728][T13060] ? __pfx_ksys_write+0x10/0x10 [ 210.419747][T13060] do_syscall_64+0xcd/0x4c0 [ 210.419759][T13060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.419770][T13060] RIP: 0033:0x7f52ab98d45f [ 210.419779][T13060] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 210.419790][T13060] RSP: 002b:00007f52ac7ec030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 210.419800][T13060] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f52ab98d45f [ 210.419807][T13060] RDX: 0000000000000001 RSI: 00007f52ac7ec0a0 RDI: 0000000000000003 [ 210.419813][T13060] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 210.419819][T13060] R10: 0000000010008095 R11: 0000000000000293 R12: 0000000000000001 [ 210.419826][T13060] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 210.419839][T13060] [ 210.522196][T13065] tipc: Enabled bearer , priority 0 [ 210.531714][T13065] tipc: Resetting bearer [ 210.545836][T13063] tipc: Disabling bearer [ 210.713230][T13079] FAULT_INJECTION: forcing a failure. [ 210.713230][T13079] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 210.718192][T13079] CPU: 1 UID: 0 PID: 13079 Comm: syz.3.2443 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 210.718207][T13079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 210.718214][T13079] Call Trace: [ 210.718217][T13079] [ 210.718222][T13079] dump_stack_lvl+0x16c/0x1f0 [ 210.718242][T13079] should_fail_ex+0x512/0x640 [ 210.718267][T13079] _copy_to_user+0x32/0xd0 [ 210.718278][T13079] simple_read_from_buffer+0xcb/0x170 [ 210.718295][T13079] proc_fail_nth_read+0x197/0x270 [ 210.718311][T13079] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 210.718327][T13079] ? rw_verify_area+0xcf/0x680 [ 210.718341][T13079] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 210.718356][T13079] vfs_read+0x1e1/0xc60 [ 210.718372][T13079] ? __pfx___mutex_lock+0x10/0x10 [ 210.718383][T13079] ? __pfx_vfs_read+0x10/0x10 [ 210.718401][T13079] ? __fget_files+0x20e/0x3c0 [ 210.718415][T13079] ksys_read+0x12a/0x250 [ 210.718430][T13079] ? __pfx_ksys_read+0x10/0x10 [ 210.718448][T13079] do_syscall_64+0xcd/0x4c0 [ 210.718460][T13079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.718471][T13079] RIP: 0033:0x7f52ab98d3bc [ 210.718482][T13079] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 210.718497][T13079] RSP: 002b:00007f52ac7ec030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 210.718511][T13079] RAX: ffffffffffffffda RBX: 00007f52abbb5fa0 RCX: 00007f52ab98d3bc [ 210.718519][T13079] RDX: 000000000000000f RSI: 00007f52ac7ec0a0 RDI: 000000000000000e [ 210.718528][T13079] RBP: 00007f52ac7ec090 R08: 0000000000000000 R09: 0000000000000000 [ 210.718537][T13079] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001 [ 210.718546][T13079] R13: 0000000000000000 R14: 00007f52abbb5fa0 R15: 00007fffdf905b38 [ 210.718560][T13079] [ 210.728290][T13082] FAULT_INJECTION: forcing a failure. [ 210.728290][T13082] name failslab, interval 1, probability 0, space 0, times 0 [ 210.800263][T13082] CPU: 2 UID: 0 PID: 13082 Comm: syz.2.2442 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 210.800279][T13082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 210.800285][T13082] Call Trace: [ 210.800290][T13082] [ 210.800294][T13082] dump_stack_lvl+0x16c/0x1f0 [ 210.800315][T13082] should_fail_ex+0x512/0x640 [ 210.800332][T13082] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 210.800350][T13082] should_failslab+0xc2/0x120 [ 210.800375][T13082] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 210.800391][T13082] ? __alloc_skb+0x2b2/0x380 [ 210.800409][T13082] __alloc_skb+0x2b2/0x380 [ 210.800424][T13082] ? __pfx___alloc_skb+0x10/0x10 [ 210.800439][T13082] ? selinux_socket_getpeersec_dgram+0x1a4/0x370 [ 210.800457][T13082] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 210.800477][T13082] netlink_alloc_large_skb+0x69/0x130 [ 210.800490][T13082] netlink_sendmsg+0x6a1/0xdd0 [ 210.800505][T13082] ? __pfx_netlink_sendmsg+0x10/0x10 [ 210.800522][T13082] ____sys_sendmsg+0xa98/0xc70 [ 210.800535][T13082] ? copy_msghdr_from_user+0x10a/0x160 [ 210.800545][T13082] ? __pfx_____sys_sendmsg+0x10/0x10 [ 210.800565][T13082] ___sys_sendmsg+0x134/0x1d0 [ 210.800576][T13082] ? __pfx____sys_sendmsg+0x10/0x10 [ 210.800584][T13082] ? __lock_acquire+0x622/0x1c90 [ 210.800611][T13082] __sys_sendmsg+0x16d/0x220 [ 210.800622][T13082] ? __pfx___sys_sendmsg+0x10/0x10 [ 210.800637][T13082] ? fput+0x70/0xf0 [ 210.800650][T13082] do_syscall_64+0xcd/0x4c0 [ 210.800662][T13082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.800673][T13082] RIP: 0033:0x7fdf0f58e9a9 [ 210.800681][T13082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.800692][T13082] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 210.800702][T13082] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 210.800709][T13082] RDX: 0000000000008000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 210.800715][T13082] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 210.800722][T13082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 210.800728][T13082] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 210.800741][T13082] [ 210.912639][T13095] tipc: Enabled bearer , priority 0 [ 210.915234][T13095] syzkaller0: entered promiscuous mode [ 210.917526][T13095] syzkaller0: entered allmulticast mode [ 210.932724][T13095] tipc: Resetting bearer [ 210.934765][T13097] tipc: Enabled bearer , priority 0 [ 210.941995][T13097] tipc: Resetting bearer [ 210.944125][T13094] tipc: Resetting bearer [ 210.963103][T13094] tipc: Disabling bearer [ 210.981616][T13096] tipc: Disabling bearer [ 211.324595][ T6209] usb 7-1: new high-speed USB device number 40 using dummy_hcd [ 211.466033][ T6209] usb 7-1: device descriptor read/64, error -71 [ 211.726155][ T6209] usb 7-1: new high-speed USB device number 41 using dummy_hcd [ 211.871454][ T6209] usb 7-1: device descriptor read/64, error -71 [ 211.986205][ T6209] usb usb7-port1: attempt power cycle [ 212.356426][ T6209] usb 7-1: new high-speed USB device number 42 using dummy_hcd [ 212.377101][ T6209] usb 7-1: device descriptor read/8, error -71 [ 212.646361][ T6209] usb 7-1: new high-speed USB device number 43 using dummy_hcd [ 212.676866][ T6209] usb 7-1: device descriptor read/8, error -71 [ 212.786167][ T6209] usb usb7-port1: unable to enumerate USB device [ 214.191448][T13232] tipc: Enabled bearer , priority 0 [ 214.193763][T13232] syzkaller0: entered promiscuous mode [ 214.195573][T13232] syzkaller0: entered allmulticast mode [ 214.205904][T13232] FAULT_INJECTION: forcing a failure. [ 214.205904][T13232] name failslab, interval 1, probability 0, space 0, times 0 [ 214.211684][T13232] CPU: 3 UID: 0 PID: 13232 Comm: syz.2.2454 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 214.211700][T13232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 214.211707][T13232] Call Trace: [ 214.211711][T13232] [ 214.211715][T13232] dump_stack_lvl+0x16c/0x1f0 [ 214.211748][T13232] should_fail_ex+0x512/0x640 [ 214.211767][T13232] ? fs_reclaim_acquire+0xae/0x150 [ 214.211781][T13232] ? tomoyo_encode2+0x100/0x3e0 [ 214.211792][T13232] should_failslab+0xc2/0x120 [ 214.211802][T13232] __kmalloc_noprof+0xd2/0x510 [ 214.211821][T13232] tomoyo_encode2+0x100/0x3e0 [ 214.211833][T13232] tomoyo_encode+0x29/0x50 [ 214.211843][T13232] tomoyo_realpath_from_path+0x18f/0x6e0 [ 214.211855][T13232] ? tomoyo_profile+0x47/0x60 [ 214.211868][T13232] tomoyo_path_number_perm+0x245/0x580 [ 214.211883][T13232] ? tomoyo_path_number_perm+0x237/0x580 [ 214.211899][T13232] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 214.211915][T13232] ? find_held_lock+0x2b/0x80 [ 214.211940][T13232] ? find_held_lock+0x2b/0x80 [ 214.211952][T13232] ? hook_file_ioctl_common+0x145/0x410 [ 214.211967][T13232] ? __fget_files+0x20e/0x3c0 [ 214.211979][T13232] security_file_ioctl+0x9b/0x240 [ 214.211990][T13232] __x64_sys_ioctl+0xb7/0x210 [ 214.212006][T13232] do_syscall_64+0xcd/0x4c0 [ 214.212017][T13232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.212028][T13232] RIP: 0033:0x7fdf0f58e9a9 [ 214.212037][T13232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.212047][T13232] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 214.212057][T13232] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 214.212063][T13232] RDX: 0000200000002280 RSI: 0000000000008922 RDI: 0000000000000005 [ 214.212070][T13232] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 214.212076][T13232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 214.212082][T13232] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 214.212095][T13232] [ 214.212610][T13232] ERROR: Out of memory at tomoyo_realpath_from_path. [ 214.291990][T13232] tipc: Resetting bearer [ 214.295737][T13231] tipc: Resetting bearer [ 214.309885][T13231] tipc: Disabling bearer [ 214.420233][T13236] tipc: Enabled bearer , priority 0 [ 214.422914][T13236] syzkaller0: entered promiscuous mode [ 214.424512][T13236] syzkaller0: entered allmulticast mode [ 214.432070][T13236] tipc: Resetting bearer [ 214.436987][T13235] tipc: Resetting bearer [ 214.447951][T13235] tipc: Disabling bearer [ 214.572814][T13241] syzkaller0: entered promiscuous mode [ 214.575182][T13241] syzkaller0: entered allmulticast mode [ 215.169848][T13246] tipc: Enabled bearer , priority 0 [ 215.173046][T13246] syzkaller0: entered promiscuous mode [ 215.175326][T13246] syzkaller0: entered allmulticast mode [ 215.179458][T13246] FAULT_INJECTION: forcing a failure. [ 215.179458][T13246] name failslab, interval 1, probability 0, space 0, times 0 [ 215.184273][T13246] CPU: 1 UID: 0 PID: 13246 Comm: syz.2.2458 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 215.184295][T13246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 215.184305][T13246] Call Trace: [ 215.184310][T13246] [ 215.184317][T13246] dump_stack_lvl+0x16c/0x1f0 [ 215.184346][T13246] should_fail_ex+0x512/0x640 [ 215.184370][T13246] ? fs_reclaim_acquire+0xae/0x150 [ 215.184392][T13246] ? tomoyo_encode2+0x100/0x3e0 [ 215.184405][T13246] should_failslab+0xc2/0x120 [ 215.184422][T13246] __kmalloc_noprof+0xd2/0x510 [ 215.184452][T13246] tomoyo_encode2+0x100/0x3e0 [ 215.184471][T13246] tomoyo_encode+0x29/0x50 [ 215.184487][T13246] tomoyo_realpath_from_path+0x18f/0x6e0 [ 215.184506][T13246] ? tomoyo_profile+0x47/0x60 [ 215.184528][T13246] tomoyo_path_number_perm+0x245/0x580 [ 215.184551][T13246] ? tomoyo_path_number_perm+0x237/0x580 [ 215.184575][T13246] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 215.184599][T13246] ? find_held_lock+0x2b/0x80 [ 215.184644][T13246] ? find_held_lock+0x2b/0x80 [ 215.184665][T13246] ? hook_file_ioctl_common+0x145/0x410 [ 215.184689][T13246] ? __fget_files+0x20e/0x3c0 [ 215.184708][T13246] security_file_ioctl+0x9b/0x240 [ 215.184726][T13246] __x64_sys_ioctl+0xb7/0x210 [ 215.184750][T13246] do_syscall_64+0xcd/0x4c0 [ 215.184767][T13246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.184783][T13246] RIP: 0033:0x7fdf0f58e9a9 [ 215.184796][T13246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.184810][T13246] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 215.184826][T13246] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 215.184837][T13246] RDX: 0000200000002280 RSI: 0000000000008922 RDI: 0000000000000007 [ 215.184845][T13246] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 215.184854][T13246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 215.184863][T13246] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 215.184885][T13246] [ 215.184900][T13246] ERROR: Out of memory at tomoyo_realpath_from_path. [ 215.261592][T13246] tipc: Resetting bearer [ 215.265725][T13244] tipc: Resetting bearer [ 215.279667][T13244] tipc: Disabling bearer [ 215.331435][ T5949] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 215.346997][ T5949] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 215.350591][ T5949] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 215.355111][ T5949] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 215.358585][ T5949] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 215.381995][T13248] Failed to initialize the IGMP autojoin socket (err -2) [ 215.390793][T13251] tipc: Enabled bearer , priority 0 [ 215.395567][T13251] syzkaller0: entered promiscuous mode [ 215.398691][T13251] syzkaller0: entered allmulticast mode [ 215.418377][T13251] tipc: Resetting bearer [ 215.422793][T13250] tipc: Resetting bearer [ 215.431497][T13250] tipc: Disabling bearer [ 215.657659][T13254] kvm: kvm [13253]: vcpu2, guest rIP: 0x9131 Unhandled WRMSR(0x11e) = 0x0 [ 215.943252][T13257] FAULT_INJECTION: forcing a failure. [ 215.943252][T13257] name failslab, interval 1, probability 0, space 0, times 0 [ 215.947323][T13257] CPU: 1 UID: 0 PID: 13257 Comm: syz.2.2462 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 215.947338][T13257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 215.947344][T13257] Call Trace: [ 215.947348][T13257] [ 215.947352][T13257] dump_stack_lvl+0x16c/0x1f0 [ 215.947374][T13257] should_fail_ex+0x512/0x640 [ 215.947390][T13257] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 215.947410][T13257] should_failslab+0xc2/0x120 [ 215.947420][T13257] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 215.947436][T13257] ? __alloc_skb+0x2b2/0x380 [ 215.947454][T13257] __alloc_skb+0x2b2/0x380 [ 215.947469][T13257] ? __pfx___alloc_skb+0x10/0x10 [ 215.947486][T13257] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 215.947501][T13257] netlink_alloc_large_skb+0x69/0x130 [ 215.947515][T13257] netlink_sendmsg+0x6a1/0xdd0 [ 215.947529][T13257] ? __pfx_netlink_sendmsg+0x10/0x10 [ 215.947546][T13257] ____sys_sendmsg+0xa98/0xc70 [ 215.947560][T13257] ? copy_msghdr_from_user+0x10a/0x160 [ 215.947570][T13257] ? __pfx_____sys_sendmsg+0x10/0x10 [ 215.947588][T13257] ___sys_sendmsg+0x134/0x1d0 [ 215.947599][T13257] ? __pfx____sys_sendmsg+0x10/0x10 [ 215.947608][T13257] ? __lock_acquire+0x622/0x1c90 [ 215.947634][T13257] __sys_sendmsg+0x16d/0x220 [ 215.947644][T13257] ? __pfx___sys_sendmsg+0x10/0x10 [ 215.947662][T13257] do_syscall_64+0xcd/0x4c0 [ 215.947673][T13257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.947684][T13257] RIP: 0033:0x7fdf0f58e9a9 [ 215.947694][T13257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.947705][T13257] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 215.947714][T13257] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 215.947721][T13257] RDX: 0000000000004804 RSI: 0000200000000300 RDI: 0000000000000003 [ 215.947727][T13257] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 215.947733][T13257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 215.947739][T13257] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 215.947752][T13257] [ 216.071084][T13259] input: syz0 as /devices/virtual/input/input20 [ 216.077818][T13259] nfs4: Unknown parameter 'rdma/uinput' [ 216.139270][T13248] netdevsim netdevsim1 netdevsim0: renamed from eth2 [ 216.151627][T13248] netdevsim netdevsim1 netdevsim1: renamed from eth3 [ 216.165317][T13248] netdevsim netdevsim1 netdevsim2: renamed from eth4 [ 216.177575][T13248] netdevsim netdevsim1 netdevsim3: renamed from eth5 [ 216.377124][T13248] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 216.389493][T13248] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 216.400503][T13248] wireguard: wg0: Could not create IPv4 socket [ 216.407568][T13248] wireguard: wg1: Could not create IPv4 socket [ 216.411988][T13248] wireguard: wg2: Could not create IPv4 socket [ 217.007711][T13268] 9p filesystem being mounted at /611/file0 supports timestamps until 2106-02-07 (0xffffffff) [ 217.018689][ T40] audit: type=1400 audit(7014645821.684:719): avc: denied { write } for pid=13267 comm="syz.2.2465" name="/" dev="9p" ino=35913910 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 217.220338][T13271] syzkaller0: entered promiscuous mode [ 217.222474][T13271] syzkaller0: entered allmulticast mode [ 217.315896][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 217.320340][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 217.323165][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 217.325927][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 217.329375][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 217.349789][T13272] Failed to initialize the IGMP autojoin socket (err -2) [ 217.401284][T13275] FAULT_INJECTION: forcing a failure. [ 217.401284][T13275] name failslab, interval 1, probability 0, space 0, times 0 [ 217.405158][T13275] CPU: 1 UID: 0 PID: 13275 Comm: syz.2.2468 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 217.405173][T13275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 217.405180][T13275] Call Trace: [ 217.405184][T13275] [ 217.405189][T13275] dump_stack_lvl+0x16c/0x1f0 [ 217.405213][T13275] should_fail_ex+0x512/0x640 [ 217.405229][T13275] ? fs_reclaim_acquire+0xae/0x150 [ 217.405244][T13275] ? tomoyo_encode2+0x100/0x3e0 [ 217.405253][T13275] should_failslab+0xc2/0x120 [ 217.405265][T13275] __kmalloc_noprof+0xd2/0x510 [ 217.405284][T13275] tomoyo_encode2+0x100/0x3e0 [ 217.405295][T13275] tomoyo_encode+0x29/0x50 [ 217.405304][T13275] tomoyo_realpath_from_path+0x18f/0x6e0 [ 217.405316][T13275] ? tomoyo_profile+0x47/0x60 [ 217.405329][T13275] tomoyo_path_number_perm+0x245/0x580 [ 217.405344][T13275] ? tomoyo_path_number_perm+0x237/0x580 [ 217.405360][T13275] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 217.405375][T13275] ? find_held_lock+0x2b/0x80 [ 217.405401][T13275] ? find_held_lock+0x2b/0x80 [ 217.405413][T13275] ? hook_file_ioctl_common+0x145/0x410 [ 217.405428][T13275] ? __fget_files+0x20e/0x3c0 [ 217.405440][T13275] security_file_ioctl+0x9b/0x240 [ 217.405451][T13275] __x64_sys_ioctl+0xb7/0x210 [ 217.405466][T13275] do_syscall_64+0xcd/0x4c0 [ 217.405478][T13275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.405489][T13275] RIP: 0033:0x7fdf0f58e9a9 [ 217.405498][T13275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.405508][T13275] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.405518][T13275] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 217.405525][T13275] RDX: 0000200000000400 RSI: 00000000400442c8 RDI: 0000000000000005 [ 217.405531][T13275] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 217.405537][T13275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 217.405543][T13275] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 217.405556][T13275] [ 217.405566][T13275] ERROR: Out of memory at tomoyo_realpath_from_path. [ 217.614774][T13285] FAULT_INJECTION: forcing a failure. [ 217.614774][T13285] name failslab, interval 1, probability 0, space 0, times 0 [ 217.619089][T13285] CPU: 3 UID: 0 PID: 13285 Comm: syz.2.2472 Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 217.619103][T13285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 217.619110][T13285] Call Trace: [ 217.619117][T13285] [ 217.619122][T13285] dump_stack_lvl+0x16c/0x1f0 [ 217.619143][T13285] should_fail_ex+0x512/0x640 [ 217.619159][T13285] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 217.619177][T13285] should_failslab+0xc2/0x120 [ 217.619188][T13285] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 217.619203][T13285] ? __alloc_skb+0x2b2/0x380 [ 217.619221][T13285] __alloc_skb+0x2b2/0x380 [ 217.619236][T13285] ? __pfx___alloc_skb+0x10/0x10 [ 217.619253][T13285] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 217.619269][T13285] netlink_alloc_large_skb+0x69/0x130 [ 217.619282][T13285] netlink_sendmsg+0x6a1/0xdd0 [ 217.619296][T13285] ? __pfx_netlink_sendmsg+0x10/0x10 [ 217.619312][T13285] ____sys_sendmsg+0xa98/0xc70 [ 217.619326][T13285] ? copy_msghdr_from_user+0x10a/0x160 [ 217.619338][T13285] ? __pfx_____sys_sendmsg+0x10/0x10 [ 217.619357][T13285] ___sys_sendmsg+0x134/0x1d0 [ 217.619368][T13285] ? __pfx____sys_sendmsg+0x10/0x10 [ 217.619376][T13285] ? __lock_acquire+0x622/0x1c90 [ 217.619402][T13285] __sys_sendmsg+0x16d/0x220 [ 217.619412][T13285] ? __pfx___sys_sendmsg+0x10/0x10 [ 217.619430][T13285] do_syscall_64+0xcd/0x4c0 [ 217.619442][T13285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.619453][T13285] RIP: 0033:0x7fdf0f58e9a9 [ 217.619462][T13285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.619472][T13285] RSP: 002b:00007fdf103aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 217.619482][T13285] RAX: ffffffffffffffda RBX: 00007fdf0f7b5fa0 RCX: 00007fdf0f58e9a9 [ 217.619488][T13285] RDX: 0000000004008014 RSI: 0000200000000100 RDI: 0000000000000003 [ 217.619495][T13285] RBP: 00007fdf103aa090 R08: 0000000000000000 R09: 0000000000000000 [ 217.619501][T13285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 217.619506][T13285] R13: 0000000000000000 R14: 00007fdf0f7b5fa0 R15: 00007ffeb3624778 [ 217.619519][T13285] [ 217.716265][ T40] audit: type=1400 audit(7014645822.384:720): avc: denied { read } for pid=5344 comm="acpid" name="event4" dev="devtmpfs" ino=3273 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 217.722901][ T40] audit: type=1400 audit(7014645822.384:721): avc: denied { open } for pid=5344 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3273 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 217.745181][ T40] audit: type=1400 audit(7014645822.384:722): avc: denied { ioctl } for pid=5344 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3273 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 217.812897][ T1146] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.922542][ T1146] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.953996][T13272] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 217.961225][T13272] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 217.969484][T13272] wireguard: wg0: Could not create IPv4 socket [ 217.973377][T13272] wireguard: wg1: Could not create IPv4 socket [ 217.977161][T13272] wireguard: wg2: Could not create IPv4 socket [ 218.018584][T13272] ------------[ cut here ]------------ [ 218.021294][T13272] refcount_t: underflow; use-after-free. [ 218.023383][T13272] WARNING: CPU: 2 PID: 13272 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 [ 218.026768][T13272] Modules linked in: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 218.028330][T13272] CPU: 2 UID: 0 PID: 13272 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 218.034036][T13272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 218.037969][T13272] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 218.039947][T13272] Code: ff 89 de e8 f8 ef e0 fc 84 db 0f 85 66 ff ff ff e8 0b f5 e0 fc c6 05 d6 a9 b6 0b 01 90 48 c7 c7 a0 20 15 8c e8 77 fc 9f fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 e8 f4 e0 fc 0f b6 1d b1 a9 b6 0b 31 [ 218.046459][T13272] RSP: 0018:ffffc90004647968 EFLAGS: 00010286 [ 218.048508][T13272] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817af1a8 [ 218.051332][T13272] RDX: ffff888029ba4880 RSI: ffffffff817af1b5 RDI: 0000000000000001 [ 218.054059][T13272] RBP: ffff8880344ea478 R08: 0000000000000001 R09: 0000000000000000 [ 218.056831][T13272] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888059217c00 [ 218.059359][T13272] R13: ffff8880344ea478 R14: ffffffff8609d790 R15: ffffffff908c3ee0 [ 218.061899][T13272] FS: 0000000000000000(0000) GS:ffff8880d6920000(0000) knlGS:0000000000000000 [ 218.064893][T13272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 218.067162][T13272] CR2: 00007ffe2085a8c0 CR3: 000000003155d000 CR4: 0000000000352ef0 [ 218.069798][T13272] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000004144 [ 218.072816][T13272] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 218.075657][T13272] Call Trace: [ 218.076821][T13272] [ 218.077740][T13272] klist_put+0x11b/0x1b0 [ 218.079090][T13272] klist_remove+0x13f/0x2e0 [ 218.080537][T13272] ? __pfx_klist_remove+0x10/0x10 [ 218.082127][T13272] ? get_device_parent+0x1ed/0x4e0 [ 218.083704][T13272] device_move+0x12d/0x10d0 [ 218.085140][T13272] hci_conn_del_sysfs+0x81/0x180 [ 218.086775][T13272] hci_conn_del+0x566/0xdc0 [ 218.088214][T13272] hci_conn_hash_flush+0x186/0x260 [ 218.089834][T13272] hci_dev_close_sync+0x602/0x11d0 [ 218.091492][T13272] ? __pfx_hci_dev_close_sync+0x10/0x10 [ 218.093261][T13272] ? up_write+0x1b2/0x520 [ 218.094629][T13272] hci_dev_do_close+0x2e/0x90 [ 218.096222][T13272] hci_unregister_dev+0x227/0x640 [ 218.097839][T13272] ? __pfx_vhci_release+0x10/0x10 [ 218.099570][T13272] vhci_release+0x79/0xf0 [ 218.100971][T13272] __fput+0x3ff/0xb70 [ 218.102231][T13272] task_work_run+0x150/0x240 [ 218.103691][T13272] ? __pfx_task_work_run+0x10/0x10 [ 218.105300][T13272] ? switch_task_namespaces+0xeb/0x100 [ 218.107076][T13272] do_exit+0x86c/0x2bd0 [ 218.108392][T13272] ? do_raw_spin_lock+0x12c/0x2b0 [ 218.109972][T13272] ? __pfx_do_exit+0x10/0x10 [ 218.111451][T13272] ? rcu_is_watching+0x12/0xc0 [ 218.112953][T13272] do_group_exit+0xd3/0x2a0 [ 218.114383][T13272] __x64_sys_exit_group+0x3e/0x50 [ 218.116084][T13272] x64_sys_call+0x1530/0x1730 [ 218.117571][T13272] do_syscall_64+0xcd/0x4c0 [ 218.119021][T13272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.120907][T13272] RIP: 0033:0x7f3b41d8e9a9 [ 218.122324][T13272] Code: Unable to access opcode bytes at 0x7f3b41d8e97f. [ 218.124598][T13272] RSP: 002b:00007ffe2085ca98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.127313][T13272] RAX: ffffffffffffffda RBX: 00007f3b41e11b48 RCX: 00007f3b41d8e9a9 [ 218.129707][T13272] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 218.132167][T13272] RBP: 00007f3b41ded658 R08: 00007ffe2085a837 R09: 000000000000002d [ 218.134608][T13272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 218.137112][T13272] R13: 000000000000002d R14: 00007ffe2085cbd2 R15: 0000000000000024 [ 218.139966][T13272] [ 218.141185][T13272] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 218.143974][T13272] CPU: 2 UID: 0 PID: 13272 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller-00142-gb711733e89a3 #0 PREEMPT(full) [ 218.148081][T13272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 218.151409][T13272] Call Trace: [ 218.152479][T13272] [ 218.153430][T13272] dump_stack_lvl+0x3d/0x1f0 [ 218.154902][T13272] panic+0x71c/0x800 [ 218.156221][T13272] ? __pfx_panic+0x10/0x10 [ 218.157644][T13272] ? show_trace_log_lvl+0x29b/0x3e0 [ 218.159292][T13272] ? check_panic_on_warn+0x1f/0xb0 [ 218.160957][T13272] ? refcount_warn_saturate+0x14a/0x210 [ 218.162700][T13272] check_panic_on_warn+0xab/0xb0 [ 218.164285][T13272] __warn+0xf6/0x3c0 [ 218.165538][T13272] ? refcount_warn_saturate+0x14a/0x210 [ 218.167240][T13272] report_bug+0x3c3/0x580 [ 218.168758][T13272] ? refcount_warn_saturate+0x14a/0x210 [ 218.170951][T13272] handle_bug+0x184/0x210 [ 218.172673][T13272] exc_invalid_op+0x17/0x50 [ 218.174465][T13272] asm_exc_invalid_op+0x1a/0x20 [ 218.176200][T13272] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 218.178124][T13272] Code: ff 89 de e8 f8 ef e0 fc 84 db 0f 85 66 ff ff ff e8 0b f5 e0 fc c6 05 d6 a9 b6 0b 01 90 48 c7 c7 a0 20 15 8c e8 77 fc 9f fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 e8 f4 e0 fc 0f b6 1d b1 a9 b6 0b 31 [ 218.184066][T13272] RSP: 0018:ffffc90004647968 EFLAGS: 00010286 [ 218.185958][T13272] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817af1a8 [ 218.188424][T13272] RDX: ffff888029ba4880 RSI: ffffffff817af1b5 RDI: 0000000000000001 [ 218.190893][T13272] RBP: ffff8880344ea478 R08: 0000000000000001 R09: 0000000000000000 [ 218.193344][T13272] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888059217c00 [ 218.195791][T13272] R13: ffff8880344ea478 R14: ffffffff8609d790 R15: ffffffff908c3ee0 [ 218.198247][T13272] ? __pfx_klist_children_put+0x10/0x10 [ 218.199961][T13272] ? __warn_printk+0x198/0x350 [ 218.201522][T13272] ? __warn_printk+0x1a5/0x350 [ 218.203035][T13272] ? refcount_warn_saturate+0x149/0x210 [ 218.204762][T13272] klist_put+0x11b/0x1b0 [ 218.206072][T13272] klist_remove+0x13f/0x2e0 [ 218.207515][T13272] ? __pfx_klist_remove+0x10/0x10 [ 218.209101][T13272] ? get_device_parent+0x1ed/0x4e0 [ 218.210715][T13272] device_move+0x12d/0x10d0 [ 218.212176][T13272] hci_conn_del_sysfs+0x81/0x180 [ 218.213734][T13272] hci_conn_del+0x566/0xdc0 [ 218.215179][T13272] hci_conn_hash_flush+0x186/0x260 [ 218.216993][T13272] hci_dev_close_sync+0x602/0x11d0 [ 218.218606][T13272] ? __pfx_hci_dev_close_sync+0x10/0x10 [ 218.220388][T13272] ? up_write+0x1b2/0x520 [ 218.221764][T13272] hci_dev_do_close+0x2e/0x90 [ 218.223263][T13272] hci_unregister_dev+0x227/0x640 [ 218.224848][T13272] ? __pfx_vhci_release+0x10/0x10 [ 218.226468][T13272] vhci_release+0x79/0xf0 [ 218.227863][T13272] __fput+0x3ff/0xb70 [ 218.229155][T13272] task_work_run+0x150/0x240 [ 218.230628][T13272] ? __pfx_task_work_run+0x10/0x10 [ 218.232251][T13272] ? switch_task_namespaces+0xeb/0x100 [ 218.233957][T13272] do_exit+0x86c/0x2bd0 [ 218.235311][T13272] ? do_raw_spin_lock+0x12c/0x2b0 [ 218.236939][T13272] ? __pfx_do_exit+0x10/0x10 [ 218.238407][T13272] ? rcu_is_watching+0x12/0xc0 [ 218.239934][T13272] do_group_exit+0xd3/0x2a0 [ 218.241403][T13272] __x64_sys_exit_group+0x3e/0x50 [ 218.243027][T13272] x64_sys_call+0x1530/0x1730 [ 218.244625][T13272] do_syscall_64+0xcd/0x4c0 [ 218.246468][T13272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.248803][T13272] RIP: 0033:0x7f3b41d8e9a9 [ 218.250566][T13272] Code: Unable to access opcode bytes at 0x7f3b41d8e97f. [ 218.253123][T13272] RSP: 002b:00007ffe2085ca98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 218.255775][T13272] RAX: ffffffffffffffda RBX: 00007f3b41e11b48 RCX: 00007f3b41d8e9a9 [ 218.258241][T13272] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 218.260741][T13272] RBP: 00007f3b41ded658 R08: 00007ffe2085a837 R09: 000000000000002d [ 218.263216][T13272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 218.265730][T13272] R13: 000000000000002d R14: 00007ffe2085cbd2 R15: 0000000000000024 [ 218.268523][T13272] [ 218.270379][T13272] Kernel Offset: disabled [ 218.271835][T13272] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:08:38 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000665 RBX=0000000000000001 RCX=0000000000000000 RDX=0000000000000005 RSI=0000000000000001 RDI=ffff88802c08d398 RBP=ffff88802c08c880 RSP=ffffc900038f73e8 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000028 R11=0000000000000001 R12=ffff88802c08d370 R13=ffff88802c08d398 R14=0000000000000000 R15=0000000000000001 RIP=ffffffff81986783 RFL=00000007 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f2188f86740 ffffffff 00c00000 GS =0000 ffff8880d6720000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f2d3fbe7e9c CR3=000000003b065000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffffe0 Opmask01=000000000000000f Opmask02=000000000101002f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000563b3a56bcf0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f218915ab20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ffffff00 ff00ff00ff00ff00 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff00ffff0000 ff00000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0061616161616161 6161616161786e65 003000303d73656d 616e66692e74656e ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 005c5c5c5c5c5c5c 5c5c5c5c5c455358 000d000d004e5850 5c535b5413495853 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 96a8a75c2d7ec8e9 0000000563b3a56b 0000000000000051 000000376e616c77 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000053db000053db ffffffffffffffff 00060014c8d772fe ffefb0e000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000003000b0005 000000c000080008 000053db000053db ffffffffffffffff ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00060014c8d772fe ffefb0e000000000 000080fe00010014 0000014afdc0400a ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 b8392d3ca21b003d 0002001400000050 00000003000b0005 000000c000080008 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000053d9000053d9 ffffffffffffffff 000600147cf22dfe ff4fd8b800000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f5f2038340a6569 645f6420005f6520 3035206569206261 640a002020342061 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffff88806a53f560 RBX=ffffea0001306d00 RCX=0000000000000000 RDX=000000000003cc59 RSI=00000000ffffffff RDI=ffff88804c1b7000 RBP=ffffc900037f77b0 RSP=ffffc900037f7750 R8 =aa03c86e28078e0e R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000482cc0 R13=0000000000000200 R14=00000000ffffffff R15=ffff88801b849e00 RIP=ffffffff8216aa00 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f2188f86740 ffffffff 00c00000 GS =0000 ffff8880d6820000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fdf103a9f98 CR3=000000003b141000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001800000 Opmask01=0000000000008000 Opmask02=00000000ff9f333f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff6982fa18 00007fff6982fa18 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff6982ff20 0000003000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff0f 0e0d0c0b0a090807 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000031 0000726569666974 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b20657479622d32 3320646e61707865 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 66206e6f69746174 6963696c6f532072 6574756f5220676e 6979616c6564203a ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373657264646120 4c4c20726f66206e 6f69746174696369 6c6f532072657475 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 414b4056051f5600 0056564057414144 054c4c05574a4305 4b4a4c5144514c46 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30386566203a3673 67616c6672646461 5f6669203a737264 64616e7261656c5f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 39773b3a3633211c 1a0f0c060379010e 3701013563538263 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff 0101910101740050 e06bb5014ea6497b 1930010001009001 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bf60ff133dd00502 39773b3a3633211c 1a0f0c060379010e 3701013563538263 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f5f2038340a6569 645f6420005f6520 3035206569206261 640a002020342061 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855a57c5 RDI=ffffffff9b0b9e60 RBP=ffffffff9b0b9e20 RSP=ffffc900046472d0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9b0b9e20 R15=ffffffff855a5760 RIP=ffffffff855a57ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6920000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffe2085a8c0 CR3=000000003155d000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000004144 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffffc00 Opmask01=0000000000000000 Opmask02=0000000003ffffff Opmask03=0000000001041000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055c65a00e990 000055c650b78040 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055c65a00e990 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055c65a006f40 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055c659ffc9c0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5feb5f1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373f2 011c1e161e5e4373 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4203431e161e035c 431e161e035c1810 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 737365636f727020 756c6c2520716573 006e6f6974697472 6170006b636f6c62 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00302d78742f7365 756575712f307065 6e622f74656e2f6c 6175747269762f73 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003070 656e622f74656e2f 6c6175747269762f 736563697665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f6d697377685f31 3132303863616d2f 6c6175747269762f 736563697665642f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 772c30362c41352c 39352c38352c3135 2c303566736c6d2c 31312c30312c352c ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 342c332c322c312c 3061722c4533312c 4433312c4333312c 4233312c4133312c ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3733312c3633312c 3433312c3333312c 3133312c3033316b 2c35312c332c312c ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30652d4245453165 3141323070424132 317633303030623a 7475706e693d5341 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c4137312c393731 2c3837312c373731 2c3637312c353731 2c3437312c333731 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000001e52e3 RBX=0000000000000003 RCX=ffffffff8b869c99 RDX=0000000000000000 RSI=ffffffff8de3046a RDI=ffffffff8c1574e0 RBP=ffffed1003c57000 RSP=ffffc90000197df8 R8 =0000000000000001 R9 =ffffed100d4e6645 R10=ffff88806a73322b R11=0000000000000001 R12=0000000000000003 R13=ffff88801e2b8000 R14=ffffffff90a94250 R15=0000000000000000 RIP=ffffffff8b8687ff RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a20000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000200000000080 CR3=00000000531e1000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf0f611d42 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf0f611d4f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf0f611d49 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf0f611d5d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf0f611de3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf0f611ec1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf0f786488 00007fdf0f786480 00007fdf0f786478 00007fdf0f786450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf102ed100 00007fdf0f786440 00007fdf0f786458 00007fdf0f7864a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdf0f786498 00007fdf0f786490 00007fdf0f786488 00007fdf0f786480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000