last executing test programs: 2.69639298s ago: executing program 3 (id=951): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000009f00)=ANY=[@ANYBLOB="1800000000000400000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r1, 0x3b88, 0x0) ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000040)={0x28, 0x0, r2, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000}) ioctl$IOMMU_VFIO_SET_IOMMU(r1, 0x3b66, 0x1) ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r1, 0x3b72, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000ff2f00000000000001"]) 2.554555205s ago: executing program 3 (id=953): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) syz_emit_ethernet(0x2e, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast=0xe0000001}, {0x0, 0x4e21, 0xc, 0x0, @opaque="3a5cf913"}}}}}, 0x0) r1 = socket$l2tp6(0xa, 0x2, 0x73) sendto$inet6(r1, &(0x7f0000000040)="d6d33ee6371e90e304aa94779942be959d40ee1d7a995b23f216a68a69", 0x1d, 0x40, &(0x7f0000000080)={0xa, 0x4e24, 0x4, @private2, 0x10000}, 0x1c) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x7) 2.47559582s ago: executing program 3 (id=954): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000001900010026bd7000fddb00f90a0009000008"], 0x4c}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = getpid() openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x440, 0x2a8, 0x2a8, 0x440, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x0, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0/../file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x538) r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002) ioctl$MON_IOCQ_URB_LEN(r3, 0x9201) ioctl$KVM_HYPERV_EVENTFD(0xffffffffffffffff, 0x4048aec9, &(0x7f0000000080)={0x6, 0xffffffffffffffff, 0x20000000}) process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$setsig(0xffffffffffffffff, 0xa, 0x16) ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r0, 0x8983, &(0x7f0000000180)={0x1, 'wg2\x00', {}, 0x8}) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2}, 0xffffffffffffff1a) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x0) listen(r5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095000000000000002d55715f11e961d1fde85cda4c8aae3a0c64e30cd8655910b3eb2d1451a6bf4b04dc0af703f4c87963ba1424815f140290fb3f659193ae297fdcd50b6dc8d41d9568a55e58cc6514e272e53a081168e74d7189f0e655f66e08f0e108968d80ea3cac636aa60bea16f5e27d5761f66d99ca89ad8cf4e13a2013988c4222d7cf1ff8682043d3d6f16b20de6f1ea6691dcee8e86fa2109aa7898fe15f2c973463c482db5da9926d158ee55592221796e273ccf22a74e8dd3674739087015098b80e9842e82aa484b0047773b358f02338ba5950707984fb201d101bfd1f78b0ea4f397c22d94b5a34491cf3f671af9dacdf409cc1f8d960358d99d506f9b3f52ce15d0cf72083819b4a3a6dfe62b510150dfe25ef1caf21e26954118b0c2dea8b744bed8de035a056fa2d0f7370b9df062c204e070015c5c544f5c74625ea73c563000000c1fcb5a25271"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x22}, 0x44) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r7, &(0x7f0000000140)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}, {&(0x7f0000000400)=""/224, 0xe0}], 0x2, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf200000000000002600020007ffffffbd0310000000000095002000000000006916000000000000bf6700000000000004070000b964b01a4607feff00200000540700000ee60000bf150000000000001d5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916fcecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3738270b315d362ed834f2af97787f696649a462e7e090000000000000045eac1f2014f720e83b7838e3eede14308d582685e1becd6f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559944cb9a62a29ab028acfc138cea0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbf909a2cabf5b8ea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f4a2575fbe943a6c40000000000000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca68c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233ba3d4ce26ed703dcb9fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c1ba322fd4d6fbf19e617d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be691c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7bcf6f8af41933cea0d0343261bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a901a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da04647aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ced4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b874cd004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b257b5a786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc1364640250136729ba4f763ff25c33e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a5628878040000000000000017b68afd95d4abf7920de9ebe1c89661f4adc3d83d72b1b778e30c2bf2efbbcd054cf51f5705ebf9a98a0d9f18135cb1d8d567c3436fa697b72c5035d98b9e4f7f3379c0b3339debc78352b2e65299223d7ef2bd540e78167b3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586360c3663531eb5995d228f011a10ffc8b17d716b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22d9669560d296287c13c92070000ee7553eb2df17839542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c8c0130187081c8d320642389f5f0c42dba0ff75a257310f2d92cb1d1e16468949f5675262ee6609cf26ae4a8f5eac0ebf318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0f72c4a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1ff01000000000000bdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee8072d1f88cb781e4cdb04af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98c5a471f3521956f8da6a4ccf2071095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5e8bac16e79da9c2444420900000000000000f888a94365b99b72796fca1b922fc9aefaf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837beeedba483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed08a29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c794846e403950bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be05a4fdde69c350e59f11f1d26a4d04d8c8b2c4a4d23ee931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f64705f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680f346ff0ffbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe056e2d686e796aaf09e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705116b2f4fc20d4e93882bdd6ccea97f3a08d3565b00"/3699], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10) socket$nl_route(0x10, 0x3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000500)=[{0x16}]}) 1.433998349s ago: executing program 2 (id=963): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) r1 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$int_in(r1, 0x5421, &(0x7f0000000100)=0x100000001) connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b70300001b0000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b9af8ff00000000b5090500000000007baaf0ff00000000bda804000000000007080000f8ffffffbfa000000000000007000000f0ffffffb70200000800000018220000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7050000080000006200000076000000bf91000000000000b6080000000000008500000085000000b7000000000000009500000000000000a7d179224cc40a8e38ae2c5abcea46aab455241574c7b943723032537a57f6eb645dbce1f16f99a63d966a9f81c999224d3ac95b0e8e4631c509d882351854"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r1) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000380)=@generic={&(0x7f0000000340)='./file0\x00'}, 0x18) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x2}, 0x48) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r8, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7e12ddc5a89047bf00"}) r9 = syz_open_pts(r8, 0x0) dup2(r9, r8) fcntl$setstatus(r9, 0x4, 0x2000) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000000000000bfa30000000000001403000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000007c000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac66ad029d1c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d6f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a7c31de7910d1ed4065a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db3503680e5e5971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dacfeb47479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3de8726c2a61ec45c19f97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9bdce38c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4af05c28308241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5490f6589880ed6eea7b9c670012be05e7de0940313c5870786554df2623d58f5ace92d028f2c71a6ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77962a2cd8a104e16b77d5f7f13b1640d43e11801140caf1a8b1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b905fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af0a77fbcf2cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf34117a82a96b2ced73abb8e4bb718d6ee7aebf9ef40662d7836d252c566f5ee938a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7eee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000001762e5f5a3a0bc33fdbe28a5ffc83f2f08544eb2794e7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f85d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d801002653c4d9818708e27c89b552d3fcd11ebce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff2a8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4000000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b850580994484305d7a1759782ae57773e0d8b0ab900edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0bd91e328b6a6f732a91f0e2e9120be61e58c79d497247d278888901d44bf77ff246605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c2d0836395fe39f0e11c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc71300000000000021000000b12f0ec0412268860027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b50f3ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861ddb54684cb73e7aeefae47fa09fd88e6043bd52ae84c1bb0c8a6b769f952283a1f4e3842edb3d42c68a2102fa1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e81163bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4c4b51b1f922a44ec675203bf8d1548e49262727c3de6daab3b4ed15aa99802e45d0620617e839b5237ddfcf103c91e61d174e3be6c9fd47398797e3b814e751ff31ecb42de6dd9d6b88121aaa680c236a303914e00150e1ec3f144ebc28287d5b51cfb8cabb844d12b140767d0fc24425590024b2e431722392489e3d43b3e31438a0138988083c47c61384d54e9a40fba01cac6e59ec82edc764840fe551c1d57442970cd8e59b9f41094e158c0a1ee855d8515599685486c2a21fa1c107531a0db8306441e8408b34aa90e9736e672d74cb8e78f8bdb93a23d024fc200796836ab396911a56231e953efad6cd83db32ffc595d970108e9547ea0000002730d5d1b70fe8b458ac1651135037b6cb9c8053299f77ab84c5b9fd2f764c3caa9c69377c397d310ddc7bc4bfa165def7b49e28ef196ae263b6829a8419d8860f56c86c288964ac4bc19839d96ff24b981c3a4fd6f93a000000ea9d6b06dafae4c91177"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) ioctl$BTRFS_IOC_SEND(r4, 0x40489426, &(0x7f0000000440)={{r5}, 0x0, 0x0, 0x7, 0x0, 0x1}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x50) ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246) syz_open_procfs(0xffffffffffffffff, 0x0) ioctl$PPPIOCSFLAGS1(r6, 0x4004743a, &(0x7f0000000300)) ioctl$PPPIOCDISCONN(r6, 0x7439) 1.433558593s ago: executing program 3 (id=964): unshare(0x2a020480) shmget$private(0x0, 0xfffffffffeffffff, 0x0, &(0x7f0000ffc000/0x3000)=nil) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) preadv(r0, 0x0, 0x0, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = gettid() socket(0x0, 0x3, 0x0) ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, 0x0) prctl$PR_SET_PTRACER(0x59616d61, r1) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$setopts(0x4206, r3, 0x100000000, 0x4) dup(0xffffffffffffffff) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000090400"/20, @ANYRES32=0x0, @ANYBLOB="c0050500401000002400128009000100626f6e64000000001400028008000a000000000008000b00", @ANYRES32=0x0, @ANYBLOB="01dbf502439935ad5bd02a832982dcaaaa1c81a3f2e55b724dacae191498a258447bc1b3a33d72ec9cfcf6b01b26613ea04783da84af5e3c43a2ecf294ad15f7501b7d87d84082aa1a10f39232abb4a29fcd"], 0x44}, 0x1, 0x0, 0x0, 0x4000880}, 0x0) ptrace$getregs(0xe, r1, 0x0, 0x0) io_setup(0x222, &(0x7f0000000180)=0x0) io_submit(r5, 0x2, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)='%', 0x1, 0x7}, 0x0]) 1.224878315s ago: executing program 1 (id=966): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x15) bind$bt_hci(r0, &(0x7f0000000580)={0x1f, 0x1}, 0x6) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e04de220c"], 0x7) 1.224615241s ago: executing program 2 (id=967): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0xfff5, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_ADDR_MIN={0x8}, @NFTA_NAT_TYPE={0x8}]}}}]}]}], {0x14}}, 0x78}}, 0x0) 1.221073878s ago: executing program 3 (id=968): syz_open_procfs(0x0, &(0x7f0000000540)='net/ip_mr_vif\x00') socket$inet(0x2, 0x0, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x1) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0x40505331, &(0x7f00000001c0)={0x700, 0x0, 0x0, 'queue0\x00'}) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYBLOB='7']) syz_fuse_handle_req(r1, &(0x7f00000002c0)="eb315d1529b3cd592af8c6a4c97ab2a4b89ae2ed93013bf251d601c9955a949e355001f79ee393c149244e65edd6606a770e1a9aab69e94664d13822a3ca478835b70a2f1d0abb9953e4a4a3062dbf62c1690f4419f5a9b5070b8d44a132c64f8148e7c1ebb304c08ae71d29d6a6c4ccac299f75520eeb5f6690d81f60604ebdc50ac3ebac9827c04edc9485772cc9e5bd5c7129d6c316560105b0e752a20b7052dd8867a830a388cfd95037c46d7f9a34fa6123c74a287143b5989ce1eb6c1967cc0bfc52ac2f49825df683df4c3890c5dea1f83f04b7b56f3e1c9a93710cd85c3e1454c056baa95e42896d3f8858293d88ea51df74e81731ae4b3a04fbfb452ddeada7c5c2d55520e9ea988e5a310865555edf4bb159aa7e6498ee7baf4a3925e2930c782c795a15a2c56ee9b45547c5d5b02f967e2cb39c2ef1ef4bf12def84d34df885102695751b0cd42c4ec1acd36cafee9221e43854bf29faa1fb8f82e39e158caf5abfe7d2cd28730b3510c8581fb129b52efcceac2306137dde95a312ad5eb009735dcea6d8b53e1c084fc8356cfb5ec329b250c75023496cfde1be0193d782501bc846880836bdfd152caabe80ef92f7ada911c9797c8375befda3ac24d8caa6b09f025cd936b0058a4e85df99ca6ac7253fd1309a3697a686f29364f9235a5c406f8823799fc8fa39649fc77a338ebcc590b7b2d4f5b637bdbac71ffe900311c078702e2476838f7c7e1177e9140a02ca7ebcd9a7bd293d521b413678fdd52f65275d43289c0e3c89d428ef370278ab1cf1878fee920043fa58674c131eeeec2f69779157d704d72e59c6edb430b208fb44ecf498762fbb3f7faddd3181d9a2607a0f301b64f274549f481dc68ba98eeb4c10bdd497bdcda0d346195a17500d49f046f2fb88f3e9de490cb12d47091af2b9c2a0defb590963918480409c18697fc306356bf32a772c5fa22810d7f078f9d0d052154cd8f0c365adf2a642da45fb6d33f8e7a25229398baacc4b992bd89210059334f997105347148fa2857702efe58eaec520adc3706cb0f0d622f91d7396708dd361f16a06aab67d50e1dbbf604e5f91030bb924b658efc18022584e3a32bb25c6c1576ffb95e6de82e667b731130019d02a9d7576e2e01fd8703cdae61b979c60c32f8048613167038bc2cf66c64fca185cd2899c2396f03764fd62d5479a25dd92db00d27486a49b5bf675de5064d5de300589ed48e4023b10cc8afb0bf874c90ae0a2be8ec42ab0d204d5074661b38342807223e7981bc989adce39fc8d75e3ebd4e517cdcee0ff25cd1a41882fdeadb227a7ca0f65f12f2f2e3a4eb718c55e66952507ae43403d9d864a37e0a39e7b89580d008cbdcca4d0f70842c91956fffa2031bedd9d572afca29e3661b6de4973159f5f1c7d818b0049a0b540added20f8daba42e6d43c7587215e6b91f79c4915e0796b068376ce2d889687217d90d868178215905139a4ac909ed3d8e955b76c6e1be807480a9ecae8df603439b5067d124680946d94232cd7c496e3f103c28bd69e4e828ac9a9248885f1e7823bfcf939044634395813b76beda4576bf9c6121587fe4eb6fb9a55ec0f39a2a0c93086d58a42e7e5cff103f32b1594f2111d7466976e77dfb2c297e20c68fd5504684867bcb8b34ab3ab776dd37b18ee44ce8c2033eddba8210b12ec85e2d7cc755dc6e672677ec967209d28fb45de8332a51dbeac54fcc0acbe62c7296489e77353956f8e146a518e3f4dd40f989bb15dff3e4fe7bcb8eca9f34179558f80295d9a27c7931e49cbd1da369c8f7bb7519d2fc86b90b46567e1ab7d06be6b60c34c59c81226c43a30e794627d3f69b6bff7c60b0bb03cb2651adc5235b19f2d0c38ef2871928d210170520ef9d7384b209bcfd2a419018f91cfc3c4f4013bafc13722e93c4149b65788d7651a8d6bfaf7c2f79f34ae83325c3b7da89b1f0966a3c80f3d01cee66c26e55215c90d4f4b4fb36317de33a854e56cd3ceb264e48f6b0e441578fcaa84e8187eff8e4e61659eeac180d229e617b6b1037194c25d2d76c7628e99577c58255de06260c19c3035bf75a665baf0b7a28a73f93cd9badd1b13e0af39a7889797dddcfbb33b8f8fb21b9b6ac7adf79626ea291c2173c86fe9f00b4d9fccc49ab8df06c4e581d88d7af48014a468896d6cced4cdeb7807c81d47f67228d684f86941ca102084c895488bd1eaa82ae2a1047de704f6a9d10f26af99c916e98a023504d506459bdd0d01936a492e735a5539b184ec0a4de206384184aa9cf6ffe5cc1756f5235fa3233c0a4d0362a757cd2d15a66ffb91bed99bd02b0f115a3ed47bf0e81e376ee7f2bc6b346d58f9d63e76b5b04ae5294178f04620755e6ed815f91899ab935958d5932d9a2aa3c77f254e913cf7758025f3a19bd40a85286e1f6fca687f5f4919b9173cd9780697a63343cfa3cc71aa743cf966365b20a8a2d687a39e6724427eacee28984736a81f685a6a65bf082c28e4842a53f31770613259c25186efac8cb6a4b88c2b717da87cbbb3f1e34ad859a502c8cb66871be752d48d5bfdb921569b0ab265b52e7dc3559527a48149950ea008ac114168bc95343f33bbcb148f45925d25dde9b0c3a276ac28565e5bd52bf66aabcb21dc4ccd163703f82172560543a35809e04b415c57d767946da38ec0767f95d26f3a36e188b4c18823af55586ed151db26cf4e1c93ef58532ddfd68be43b9b93b5ffd61ad7aec8c4aa122d746214c028d49e6ffe69d5bced8dbcdef91a0cc606c66bed7dd6be25f65784d18b2db6992b18a9186aba5aed63038e68afcd811669eb36fcf3cd18a5d57cd9b0e5b3f06c8e148ed90d88435b6240dc18d1d9ab223e0133d12d0770c959f3fd6981b7cf55ab362d0d8817f36d43f6493cda037e07471582edd5cdca9c2652a4d7189f54887f212187c389ed488688d773fe61beeb519f5ca7156b23622367ccc914c0cba406d8ff6052bc2e584fed4eecff2f8258636da6756e5b55b2ed4bd0345296faeac06f9a65aa29e51bd1d3997a2e128ba9da32c6d039c599a187b4e27c2408f251707a8a2cd7e606abd68edd80648f0e6b2af210595041a8c45e98c9ace39d8795d4b2295a3b548923b4def7f423bca3996ab5cb8e55ba813ca200ed5002352449c9697db3baaafc6495f1f933bb16fde1a84c72e7ecd6ab42fbaa62666b5c28b583b2d50d2b6a82d8e0ca961b39e60a10e1dc8356eef690dd07059a24ee74f7354ce1d8b3067ba8bdc0df84236d2343a350305e8b1ce7e26bdca33f62f5e130478f5dad2921199d7e6897fd291412059ad39fc9c46e4b2d7bbfbadb5610ec9a472288377c1f6fd599112b93e5ada8eb2fa71e4950a2bc8e8fef3f99cb9393e80e83d4eb5ee22a1f4796382439d9556fb641477b71c88eb731099af4f00528d4e15f08a09a25ceed4e22c159e12c2ca503a2e9371f610719c276eb1e1312b1b4ec54ebc5b2c00c6a0f12ba6de5a34e3952c7b0fef670726871452724fd37d714bd89b5f727e62d12159a559fadc671daf6b903905f4c7f6c8498455751928c78d908679a8f8bdc2efe60cb80fe5a96f7bc6b8398ffe4ca33577302e81a7d4ea622f5704c71c0c4b37e6ab3d4933eeb3b0e0bb8df4689c4a19f1545b10f4113bc7ecc0948b94577c5556f5b1bef207707aa32b64a90f639cf72fb4248e2dd148e83bf6278d75ca1a69fbc8bc3ad2fcc1ed8586669647390393f9d1e9515ad7cfe8665c41bc1789619c286386c63df01ab2f2416c2b12cbcb635aa4b1f3cc93dedded772df4f0ba5d74db9d10ef351b4142680abafb605493110b5ef9a7ea1e7d0bbec924989db8f6f69bfb5c80d42a51a185a0b61240e15bf574af2eec08c9e28f9c26216a920558e3a44ee91430fc370eee0408630fd7fdea9da8cd1b3b6c8d35b7133207835431b330375c5bbd090f7a3db28b0eac134a07d973a78648be23ccc7e94ddd4446dfdf8267b071bc720d810e8c10e922c41f1658f4813d6d863350467796c99e1862937910e796c264f0564cb3ef1359fe0cac10fd1c1773b592c8b6d17c3660b8902b04d815d72c8d725605042c957ddfd8ebda556b0b22227016bba21197fe02c5e0a0f1141f248f1105ec6c45f38b95b01e675b59b52550f592a7cc13fe3daba3b2edda764334eced8b17ea1373d9a3911870885372feffbfb46bec817cf25dae2523c49d548179d1777ca25e2ec465a0f4e9949816b912aa39dfd355a534e1d5d558f6f3cc825fc447a414de3df37d78687c549dea67be4b4cfe780eaac0feacdf17b246dfde06bcc7634b842818f5f05922e1188d86d858d4c8f90db80f73b33b32805101bb2c535048d6d9b5e46bcef431f4b684ef2dbde61c6efe8e4cf4e679bcb2ef5ea58a369ee1807c8b9095e0ac18ce8600bf89f281ddc55be7d01ceef3b8c80c02c0e2315981ef607b8303ed085c3259bdab17f0a1ae09cb49a2c817be96179f9ffad5d350d148967a33481bb634fc0108316057fdc580f7d94b08eb061418194cbd95cb98be0c762362daa2d2661168a4147cd529823e77893df30d8de12dc3266ebfec443ad282c9b5f6f0a7f60c16f82b516137d3be5f75b82502c857705ad506d4c49c7a4cff67710045307909eac060603cb1bed108cef750f254068d44d305a800b356b9746eff530fb83e115a31fe5b117a9088e421e10eec8c547f61edb8d77add757e0c4e996a6828eb616c5aca9dbbf07669416bba3c4f72421b09e780263cacea25d10d6649df832189cd2aca32c0edb1138700dfc24910e37429430ace032f3369d408fb1a23c766604f55c0e3aff843cfcda5c162e26f700ca4162fb999fe2ebff3ed0ec1df6fb318550c252d261ac86812359296dc94c71b92c36d21b6a3b1b59451d858b4fb04302f8d024f5e81693b42d6dcf306a7ab7ce9953186d3da2dafd4f46816dee7e34c38e548dfd6a8e64c6981cb7ad691980a2c3a873d564ea319b2eb0b68436924b1267f26fc666c698e4a3d1314b3320aef4d1fad4eec539cd244e171896962dc59ff42d2c45c6c9fd83666cbad78327cdb65dcaacfd28e1defb7a8878203d520ec951bff621159b1cb2441306f3fc11fdf2eefb98fe5600454a634e933a5ccc7e00570a5cc723b25f9cf910c1328f6366869ab3087f92438363ca0f5d01b6bf2fc02b01c62a3cc294121e47bae565648b8610a811433f7cf1c84b1108f56146427909343ed9fb66c2c4d3fe1f43b9c21a276fa975bcc079a45f3a2ca7242f4634d1c524d5fa393690c9c656dc64b6dc31133ef6f33a9df71cab6c5dac9fc62d9053a94ad222882e4f8f876bd7fd475ff82eb32bb1c2fa8f07dc69ccae7310a8d9a135e9adf3b1ccf9bf2fef3f66f57813efee315f1952578dfb2ad17b6e71a447394619c82776e91135c82d57e164b8fa0806e02bf09973f22a1eb5dbc546f3f92d3912d0c06a64d7d656fcd894a5b467bc29cf0c4ff8ca6b0329542769fb9ca0a9f8e4ff640a4310c229e84db87ac590bb30a18a67fc9f59967cee41bcb6707919a670642028aad1d581daee15c70eb54e9ba87973f194a3590ba4ee4d742b8b5122ca83d04aa6010873eee5f0299306d0e11b980998adb3e3ab488c1785c26efcd412c58497e1b2245d364138326698c912621508fd6fc3e149780918eb1cd1366f4d31e2cecae3e6f7728bd396c6e7e1b6a4e46205741d7e607379def888e548f1160e236f81002b25833a67cf926205e81805082ecd163eccb56a7f27488b0cb00337472fe60bab68ea01d5d92972d08c5e86f5da51d6608c498b465f997c886c94dd867f0e3a8a36d66334eed7a6ccc5bce835ba9bfff6871d810f26f0c6dfbe8985730691bf0ee46a9f5a8aaa917294ddc3c49dd7776ee9427ee3d6406594e86cf75131ea12b00337b5d4d47426d6d4436d9d01f7964c5df9fb1b77d5c8070e91d99f1f0e46f77c12a8ea5f721e6a4ccbb8d9d08fe07457071942cc97935ddb4dd2cbbbf83aacf46c7b1b7afc48f9afec8267c81b457c23aa4807f76236b3cae89c51cb8181e229046d6e8d6692f1de8090716fb0833f080077ed29d93ff125f57edfc8d838f17c8fb7339102b044f266c2cead03d04a57dcb769bdf474373ace023e4ecf96dc85a91a114b685bba03b33dd54e4c9168090579c7f3798d1c2b6e811f2419e16dcc5436d2a647c83fb42e57d81586eaa456e54983edb888ecb673a0a9f2a44b2fd5b68486874ae0a5110d92d7ca848cd9d05fc9110ed1d3d79c5cf54aadbf0d3f9c3123e39cd0486c75145d90d524143165defd0cc8dda16fe9b513c7f1d9ddfd49269ea0cfef81e1d60ad1d2597a11704b937c9487001c174f4c2fc31cf1521a6ca4cf84185d52d40f65b5df5b058ea79b4629219bf405ef7a140cbb0299e0d75701c01f06aca0d26c445c8de67eea8d971741e19a08b7c5cc5250eb1770c9071dfe00918020aa211ccdff178d7cbbe43a08974cf5ffff9467c7eb5ab05f282d80a904e9d046cd96a94fc70fae12b0d0548eb2052e2c9ebb0745a60c90322398ea84e9009eeb6b43b10fc09683319841d146232f6b8b90b945b241b75915b20037914d09165fce70f4bb8bdf6718e317d54035abcf1257a0b84844c2cdc63fe5b3e235924a71a260361352cf9c841f89791787838d0968a4f152aaccaf1fbe5b07d913dbe47faa772cd1face63e1d0550ada35b5a196bf307b6b7de8640878f5daeaee074f1882a0e51300cd9a84503b5ceb8895d48de24b4106c6e7b97db591df511b0da5b2cada32d7a10eb2a8e64ec1522d47e4deb3bf6435d36b9c2d66569030019153b8730491752c217b07e5101e3730cd39238e857eff89bb0fb829b050a52412394ef9af70fa2fb375f5db5bd7d8a10c4c06fa887f359192812ff4d9e4c1fd4f7bc12e6d3b97c705bd23613b99527202e9ceec81393fef996ecc3304d19879c4321bd083101880eecb396009eceefafb0d9a86f93f06f9caaefdf568b0ff5181041adc6b53e61d830f6f3e48fb3daa391bc78dcdceb72276e97df1ebedbffa2ddb45491cd3493ab04389b40530415cf1946d5c50eadd8bfd72af11b61b8f50cd00824bc04e0e43487ce0d25955a3fbecd912e01f0dda5dae8ca7b3fc7c70cf15761cea675f9ea7ac1bddaf2b70dc5de3db4722b49f56af92e880962f655002fd3776c099ba46083cd5adada1ea0cd488916fcfc240c1484922cd1251b4ddcb592a9bf78dfb24cee4c09e6fb4f679d6b0063f2e63b37da5224d66dd225da7e7b7a8fce956dccbc388116bbd8bf126a397483396eabf9c72ee76862a7f29a9f3f22393f0094f38476d162ab06d0d68d56fb431b0384b0b63314df356f0a2e1d8cb41cb212048f606a7ed5fde49f762f48fbd92d5d3a0f9e2bdb532f818ddd43e3924771b3edd8f4da5b871cfd32210df55b96bfe9edf250093d5f599fba67d5a735162de411c66ace30655c6e6f6512b1fdf5832f41892d1110eacd6963b8b46466e7b73162260a9ea32ac313d0404044c2edec1ebc9fa6b46bbca28a70484b8425375ce4f968a250384b8e590f9ab15a493e6a73bf5382e6c455ea3789cd80413911410b4d5419ee2dd83087f3d4d739fd71cd73894b21c886286203f1611778c72d119613b648c57db23a59e848aefdc866cac5d9cb0275fb577c24dcbf2c8074fcb38286febcdede66ba638b66a773d15a2196ef8d8f357253fdb0112218b1eaeade121326abed937194f3ec953fe24d24c539065da9887c7d239b31bf4a27050dc00016b780fafd1166e917b4fe7280800f8546ebd18bc61eb86916b9bd5117189ef0ea76003cbcd460f76da9178580dd85c0d4806314be0fbce77d647d22f3abbc386ea3615d0704cf5c1c3e5c4521dec4931dd54d7835824882eed0e21df8177fb9534f4aabed07fdf58f851865cafafd6a91d127797b2966f01105a682636dfb6f54a38709b5d27a7f91c88b4ed2681231e9f22f01b8a817f74effc52e9bcc17426d73c5e285601b1911b740552d39585a8b7eaf774e861531afe8788274356f6669394ed0d0d5329ac5a907b69771f8d88e9a834e0ab08bd6b1671b391d91d300483b7cdb3f584f4d18af8e1814ddd01a4aee79d0c40043bacd6b10b9711bba3205c2962a9f3756e2ae9cf8bfaa3e7b6cfadde5686360b95884b7f420abc080a478cb62a3ed72258940a410b995321c23a1a0aa151bf2436a268a36cca132f0895035eae1eabcf45b5eadad78fc2008f7480dce3db036855c3a6022ee8c9292b16c12afa900527f7ba3fcc63eb4b7006caba359870a46a6b75d642d4d7bf8df0e31fca057ded797d55523b7a477e69c3cf881b498f4823bdd38452df135899a7558f491d32c7cbce8388f44881c87ead4e21427319e27eb8b625d3b668d891e52c22ecfe7c2dcdf25cb6043c1c0dfa82fb9eb201225bb0dbc6846ea41c7d87d452ca789b0263b377faa88a119abea055c4c69030204a25c40ae302755452574e4d093b4f682fe5a2b027c68d9203ce093fd083891821c5c32a1db1d6dbc5ec0016ab6bcc3ce1dc445bf2b2bc67bcd5670320801d4f6ea2236ac5855fba373452f4a4d8e3d86afe53000656d83f0666cf6e7fabe675f0d58251aa9d4b286bc211faec908cb4f161f9d1138d2a36f9c17d99c3e9d76c8b8bb9635614dde5653a8eae2ace0165b6b3e146175e9ae2b00b9b48f94115f679bbf153ad346aa4f341f0bdf59debb9cc3df571c948b4ed0f91db74aa66cc75675feaab81aac3c9f9c413d242cbf14399c1d7a117ac206618af4af23eaa74a1129ccf02a71e3a72fbc4efdd241f4d5e49f3a9e85f494bda9da0a66385ca942593d33867f70b63ce5c22d72d0124b89631fbc6df7ef86548e9e80ff627f0a027c982f09147bfedc0e90a24acd4cd80967b5b721dba991b4deb4364f9cee04c6745af475addb6548574fce9fabaee4402c46383be63a716ad9748d8f1dc31d533ec969b29b111fde9faa9972b87e255d9fb5ef06c213697ff001291bfd93316b2b096fa35505597e63f04090a4fee18be8ed41fc3a451ae2117276498b8dc1fb089fd6649e97418be01b8a0ae97a76fb1b5bf61dc3e74c43ca582b6818ae978ff2221f19b73e8317e062aa89c9fa4f6d19d6f1a1a67f5861f49f08ede17db4ca5bdf537bde3ec83dfe409925acc4428622a8fe2214e1165b8eccf8467e87d9e858207d73e4b2e6ca474350625ac92fd6be15256b150000000000000000f844eab14eaa1ecb325513deacf0432d3167ccdf5cbdfb6a573dbfbcb7bf5c35ed5ffec474711f68c6ea598c5cfa63f7269e2b01abda9efd4ef410335cac1b09afb1e8e28886e66c0d8fb7904d595d22d1baa05199f56c2f04eb3f1a803d977bf110a77afce891e2df8025ddb10394d2b9570089ef4e2ecf80cbd54bb9607398a6d3d7750b24ed559040be5656a2c0961aca48abedcfd6ca0b1a32f24d117204a7e1d508738011c69799d200ec77d9312079e6a512c030518ae1f3b4f83c47c767711825d56c2603f45dafb49d89eb9ac193103599f3b4f0c7ecf33eb7f428babd23a921e1be39f55b8c658fadd7d8a05d4375ac377799086f00b6c464fb9b08c790854cbcbfde86c200976f050dbb3c460c7d86cec8bb998d39b69ed25c142dd57c78f5ac4de76d4efe6c7b0ab4919d2ac3439eff13f713fc84943497c233bfa168f7693432590fb48ad9d360cf7c2d553914079ef67ed6f2621e56104dbcdd2cd4373881a309e82de0f9d0bdca0be354fa775d311dc43a73935fd913019f82d680cc5b7d65fc0934c9232419590c217ce7001ead470b28c6fa1933e3e6c084b46d091115a06be8e9eabadc8bbfcaf02905818bf87a43242f168ad32907746d628ba5f015b61536ab0844e3f588e146a8f25a0667d1a76b1ed66e222be615785cbd9baf0bfe924b3253cd0fc9c2dda231b93e0418ff8120419f57beba16ef8637ec3598cc502fd88c87e1196eeec4955834aa5b3d5e665dde24f43778f2ee39f010685dda49a6f961cb37f737f809d9705c9f21f4ce62c983a98d387450331977131c641b72f8a9f9c7cbd784fa1dfcee78260c8fa0471c07874ea86a705674723fea63b1bdc1b12b0540cb47547bed44f9b394f67c0e6125ec9cb18f1900f84252beeccf50868a25cc20bbd476f9c620028277351c624afe45fc80d03462bcd364ca88a494b318b7958a678c4009913f54bfa30782cf6fd329053b1a223abb00d17f7d73895c22a555f43cd7bdd92ec46315953f448596018054fe44682187198068652b552638acdc2cc5c4ec7d2f43a469897ee2c89e6664451a213bc6858406c2b28529c619ba13a0433593470f001e924758fda2bab97f3bd955b6b52b06705a7fc863615abb8ed891c0648db0cc004602518f3a6ee65509efeb5fb3c7fc197d81e02ec3be56e9383a104df1905cecbf53dbb57b68aab08b2fd31f03e58d74c4e3cc6d260a1d9ff653b626ac9d81efc6b92b6c564feae2a313285b82506abdef60e1dde95c609168a76621b72bbc86f0bd00c663830eba00b77e07359a2e186bb7a98f2b16d5d7185d4f4c62b7f5e76b697f236aa57bd5d49bb4491e3566778d4046116afd50cdf9c20525068eb6782fb09b37c4d0b6042e073d7740b0ae90be92fa3b4eba6025a46e5751899d6e199e15ad367ded32c61010ab8470329c4db67e2ae9cab2892140d0d9ec2cf08a0591ba2dc84ef62f45e7c94baa01aa9ba60fa7fe6d334dc3fe63306236fd5e1e6077c15070cf80312ab00378d6dde96e68af5100e4da6cc1b364d3b1c902e4803b1e9580614f055dada7f251ffd3287d91848ca40b8d07ef8cc9fa1e97b45b1938cf014132cb042e12d66f46a55f9dade94ca003d266b81a21d9db0c3135f2ac09dfe42e43a76d05edcadcf8993a2e3ed8ea0b30f96f5d4ada9184b29c0424125425fb57f1ac339d238083cda6c0d4f6e04b1d2641d496abbca01bef2f36622f1a0b83bd55728feaed7e89dc061e48e07465fe0021c2ea9cd6c0037e363d60b33008f4af5c864cff5ca575a2b90d5d0238a243aa604f346bbd2e9d51b416b0865bf0bd00f9599ddb8e5c5af314a72dc1098205448aebf34b2481be8725d8c60eb13b4eeb840435ce17fca79883bd17de86c6a21677a87c5d5def74eff605218dd8f22e34c88241d006ce850e784e86eb42eea3bf467b0a18fdf1dc86980fd4470fd9dd8947c647862b661eb0d3c3bbcc74b79865a38c869307a497d3d3562c9ef3eb9e303d414d0d2311c53bc0f8310c2a8abf12f201fd563d28da29e92a961bfe2cc6c1ab611a0dd50a65a4b5819298d737f1687dfcc9d2947736a97a4342c4bd99768a7d90be784fd0c8777180a1201f7aec61a7b1d3215294e5aa9331dacfd03266c564a4d0a49d8e3e0ab4d16b781fe7b283db735b2318baf5c2057003456ea122671506ca0a3f59e2e66fea7c27149c37cf6bf7a96ad551627ff9a25ea5f1ba1d3c085aa1f77a2bbf35c7d68757cc43368a393e645a728553f922212c317d9c73d89364db436d6e9b", 0x2000, &(0x7f0000000080)={&(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x24}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) read$FUSE(r1, &(0x7f0000007000)={0x2020}, 0x2020) fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x100002, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = getpid() socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000002300)=[{&(0x7f0000002340)=""/95, 0x5f}], 0x1, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r5, 0x10e, 0xc, &(0x7f0000000240), 0x21) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="1800000056000106000000000000000007"], 0x18}], 0x1}, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x0) 1.05305341s ago: executing program 2 (id=970): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000009f00)=ANY=[@ANYBLOB="1800000000000400000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r1, 0x3b88, &(0x7f00000002c0)={0xc}) ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000040)={0x28, 0x0, r2, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000}) ioctl$IOMMU_VFIO_SET_IOMMU(r1, 0x3b66, 0x1) ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r1, 0x3b72, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000ff2f00000000000001"]) 1.052481293s ago: executing program 1 (id=972): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000014d564b00000000af"]) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (fail_nth: 8) 994.477918ms ago: executing program 2 (id=973): bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) r0 = getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff) ptrace$peekuser(0x3, 0x0, 0x3ff) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x5, 0x16, &(0x7f0000000240)=ANY=[@ANYRESOCT=r1], &(0x7f0000001580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a}, 0x90) socket(0x0, 0x80805, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r2 = userfaultfd(0x1) io_setup(0x3, &(0x7f0000000180)=0x0) io_submit(r3, 0x1, &(0x7f0000000200)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000f49856ac4af50f954af8a4228887de", @ANYRES16=0x0, @ANYBLOB='M~\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00\x00'], 0x14}, 0x4, 0x700000000000000}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ptrace$peeksig(0x4209, 0x0, 0x0, &(0x7f00000019c0)) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0xf, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000004000000182100000f1fedf6883cfe5ccd32e9db961b187a474f70e8761a575909546fc44bdb80468d69e7e0a2d857401cb83406e92d20888f121a71c909", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000ce000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000000000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00'}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r4 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000000c0), 0x2, 0x0) r5 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r5, &(0x7f00000006c0), 0x12) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) write$cgroup_freezer_state(r4, &(0x7f0000000400)='FROZEN\x00', 0x7) write$cgroup_freezer_state(r4, 0x0, 0x0) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000000840)=ANY=[@ANYBLOB="bc40c13a700782bd9d85d2c890c69d8ea4bdba4a37a66689cd11ecb25b8b208d53b49e57b5f60aff3e8d6e01b813d0491b355cdab27cb38aa73a1dcde667c2a32953301465660733139abd5c47c1d97147fd4231c1f68eef5b53bb6d17eeb5ee2a8db57da46a7e69da065fd3058da7780149d05849eccba7dd3137e1903c3478541c6f9a1b3de00a16410eceeda297b9597409af24fd738addabe7641ec9cf24e9c07665a60b01c7936c229fc7574cfae33cab7bc1afa9fd01202728a89f5db4fc732e9d", @ANYRES16=0x0, @ANYBLOB="040003000000fbdbdf25130000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000200000008000b00000000000600110075180000080001007063690011000200303030303a30303a31302e3000000000080003000300000008000b000000010006001100050000000e0001006e657464657673696d0000000f0002006e657464657673696d300000080003000000000007000b00050000000600110008000000080001007063690011000200303030303a30303a31302e3000000000080003000300000008000b00ff0000000600110002000000080001007063690011000200303030303a30303a31302e3000000000080003000000000008000b00bc0200000600110003000000"], 0x120}, 0x1, 0x0, 0x0, 0x8054}, 0x4) 661.810439ms ago: executing program 1 (id=977): openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff) r2 = socket$l2tp(0x2, 0x2, 0x73) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x3c, r1, 0x923, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp=r2}]}, 0x3c}}, 0x0) (async) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) r4 = getpid() process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/timer_list\x00', 0x0, 0x0) readv(r5, &(0x7f0000000380)=[{&(0x7f0000001840)=""/4083, 0xff3}], 0x1) (async) pread64(r5, &(0x7f0000000000)=""/16, 0x10, 0x0) (async) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) (async) socket$netlink(0x10, 0x3, 0x4) writev(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x4, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) close(0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, 0x0) (async) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"}) (async) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) (async) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async) sendto$inet6(0xffffffffffffffff, &(0x7f0000000240)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) (async) r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) flock(r7, 0x1) r8 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) flock(r8, 0x2) 534.759442ms ago: executing program 0 (id=979): openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) r1 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) 534.315384ms ago: executing program 0 (id=980): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = socket(0x40000000015, 0x5, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) r2 = socket$pppl2tp(0x18, 0x1, 0x1) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, 0x0, 0x4000040) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@bloom_filter={0x1e, 0x7cf, 0x3, 0xfffffff1, 0x1456, 0x1, 0x11a}, 0x48) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r5, 0x40047457, 0x0) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246) pwritev(r6, &(0x7f00000002c0)=[{&(0x7f00000010c0)="aabf", 0x2}], 0x1, 0x0, 0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r2, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32) r8 = syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1) bind$nfc_llcp(r8, &(0x7f0000000040)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "babb96b822ba5a1367f3a569fe39a4b5a0b0d1e5e513515efed0e3fb2c9cde14f0dce8ca8ed1e37acd4e9335abd743a1386596d2bd0ff7daf3ac16b8781b0d", 0x1}, 0x60) close_range(r0, 0xffffffffffffffff, 0x0) r9 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f0000000040)=0x40) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_ADDR_MIN={0x8}, @NFTA_NAT_TYPE={0x8}]}}}]}]}], {0x14}}, 0x78}}, 0x0) 444.404229ms ago: executing program 1 (id=981): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000009f00)=ANY=[@ANYBLOB="1800000000000400000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000200)={0x15, 0x0, 0x0}) ioctl$IOMMU_VFIO_IOAS$SET(r1, 0x3b88, &(0x7f00000002c0)={0xc}) ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000040)={0x28, 0x0, r2, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000}) ioctl$IOMMU_VFIO_SET_IOMMU(r1, 0x3b66, 0x1) ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r1, 0x3b72, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000ff2f00000000000001"]) 443.980607ms ago: executing program 0 (id=982): socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x561203) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f0000000280)={0x1, r0}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x0, 0x6, 0xbaa}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000940)="3f48ee289c2baf384d8ceb938f7bbf8c734f76c99a2f99db6fbb7d99946016350d3425fa85bfeccaba9e2dce6f179c76db05e345812c94f07097d1c41fffd37249ea427e46cb58c7d13be4decdba6146723d8be8ca14ce006a5b175223db67f0d3f7a3a7e9908c8f984ceaeec2e61e46df8ecf6f4b57de6a54d06638ddbe2c950c7b2c9244e81a45d0dc7526377b607e5a5da75e24885da0a04dcb35a38ca90c55def7fc075502fc99adc4c9cf2dcdba853535cbd925ce53480a69c6c4491bd366cdbb11f688fd411da684862a8c60b5b39e99931e24de27aae093e105e76700"/238, &(0x7f0000000380)="1831f1084a7fffad981d0158e9203de1f8812a11470ee9653254ffc558174a44c6a1a68c95c1cf62595fa5e8a3251823c192590506596f823bab1a379f6006df988addae9b0e2a9b0d5e68038731862a3a898d1a24b25f0c2072a6c5bd281de10c2e20658bfb2063c13215164c6bf10142cb801143712c3dfa1d2af7e477", 0x2, r1}, 0x38) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x85, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0xffff}, 0x90) r4 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000740)={0x53, 0x0, 0x6, 0x0, @scatter={0xfdbc, 0x0, 0x0}, &(0x7f0000000000)="a1f8a81b133d", 0x0, 0x0, 0x10012, 0x0, 0x0}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x2c, r7, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x3}, @NL802154_ATTR_CHANNEL={0x5}]}, 0x2c}}, 0x0) r9 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff, 0x4}, 0x12) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000006840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f20000000000a01010000000000000000050000000900010073797a31000000002c0000000c0a0103000000000000100005000000040003800900010073797a3100000000080004"], 0xd0}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b40000000000000069105b000000000004000000000000e29500000000000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r9, 0xc0305602, &(0x7f00000001c0)={0x0, 0x4, 0x3014}) getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)=""/3, &(0x7f0000000300)=0x3) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r11, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0) 394.352443ms ago: executing program 1 (id=983): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x15) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000580)={0x1f, 0x1}, 0x6) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e04de220c"], 0x7) 263.213171ms ago: executing program 3 (id=984): r0 = socket$kcm(0x29, 0x0, 0x0) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502) r1 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x16, '\x00', 0x0, 0x2, r1}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r2}, 0x10) openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000002080), 0x1, 0x0) write$binfmt_misc(r1, 0x0, 0x0) syz_emit_ethernet(0x7e, &(0x7f00000011c0)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r0], 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt(r3, 0x5, 0x3f, &(0x7f00000000c0)=""/4096, &(0x7f00000010c0)=0x1000) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000001340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x3, 0xdf, 0x7ffc1ffb}]}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b) preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x3, 0xe0, 0x103b, 0x1402, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x1005, 0x5, 0x3, 0xb}, 0x48) r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) readv(r5, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}, {0x0, 0x4}], 0x2) write$UHID_DESTROY(r5, &(0x7f0000000200), 0x4) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x6, 0x7, &(0x7f0000001100)=ANY=[@ANYRESOCT=r3, @ANYRES8=r3], &(0x7f0000001180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f0000000ac0)='mm_page_free_batched\x00', r6}, 0x10) symlinkat(0x0, 0xffffffffffffffff, 0x0) openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140), 0x4103, 0x0) r7 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r7, 0x84, 0x12, &(0x7f0000000080)=0x3, 0x4) bind$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r7, &(0x7f0000000300)="ab", 0x34000, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_GET(r8, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000001600)=ANY=[@ANYBLOB="6c030000", @ANYRES16=0x0, @ANYBLOB="01002bbd7000fddbdf250400000014000280080002000800000004000400040004002c0007800c000400a30000000000000008000100020000000c00030000000000000000000800010001000080640104801c000780080004000104000008000400b400000008000400030000000900010073797a30000000005400078008000100fbffffff080001001d000000080002000400000008000100040000000800040036350e51080003007b0000000800030009000000080001000d000000080004000100000008000200070000000900010073797a300000000034000780080001001c000000080001001900000008000200001000000800040007000000080002000400000008000200070000002c00078008000200020000000800040000000000080003006887000008000400ffff0000080002000d0000004c000780080001001b00000008000200080000000800040001000000080004000200000008000400f8ffffff08000300dc00000008000200ff000000080001001c00000008000200f1d5315d2c00078008000100180000000800020004000000080001000800000008000400010000000800020080000000c80004804400078008000100070000000800030009000000080003000800000008000200ff01000008000200070000000800020002000000080003003995000008000300090000001300010062726f6164636173742d6c696e6b00001300010062726f6164636173742d6c696e6b00000900010073797a31000000004c00078008000400010000000800010007000000080003000500000008000200050000000800030006000000080004000200000008000400010000000800040009000000080003000040a1082c00098008000200f7ffffff0800020001000000080001000100000008000200801d000008000200000000001c00078008000100060000000800020008000000080001000000000024000380080002000d000000080003000100008008000100ffffff7f08000300000000005400056d080001006574680008000100657468002c00028008000400ffffffff08000200080000000800030008000000080002000300000008000200c86100000c000280080004001b00000007000100696200002c00098008000200ab19ffff08000100b90904000000020009000000080002002dd30000080002003d000000ce77d7d0c10e9157b528c27c784a747f27795f48dd8e3d12489f7992d908f4f578279ae8c3392ede7fc81e11d1026de93aee9ba72d04bb60884aebeeac91c6a6b4ed71b23d4f0c349dd25d1a2b0f35f197862c0d2210be37d0ad60642f474f6b30db89ba473f5fa937653578772f4df40f"], 0x36c}, 0x1, 0x0, 0x0, 0x44}, 0x4) 262.913499ms ago: executing program 1 (id=985): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000014d564b00000000af"]) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000000, 0x0) 262.445163ms ago: executing program 2 (id=986): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) r1 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$int_in(r1, 0x5421, &(0x7f0000000100)=0x100000001) connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b70300001b0000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b9af8ff00000000b5090500000000007baaf0ff00000000bda804000000000007080000f8ffffffbfa000000000000007000000f0ffffffb70200000800000018220000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7050000080000006200000076000000bf91000000000000b6080000000000008500000085000000b7000000000000009500000000000000a7d179224cc40a8e38ae2c5abcea46aab455241574c7b943723032537a57f6eb645dbce1f16f99a63d966a9f81c999224d3ac95b0e8e4631c509d882351854"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(r1) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000380)=@generic={&(0x7f0000000340)='./file0\x00'}, 0x18) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x2}, 0x48) r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r8, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7e12ddc5a89047bf00"}) r9 = syz_open_pts(r8, 0x0) dup2(r9, r8) fcntl$setstatus(r9, 0x4, 0x2000) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000000000000bfa30000000000001403000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000007c000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac66ad029d1c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d6f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a7c31de7910d1ed4065a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db3503680e5e5971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dacfeb47479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3de8726c2a61ec45c19f97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9bdce38c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4af05c28308241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5490f6589880ed6eea7b9c670012be05e7de0940313c5870786554df2623d58f5ace92d028f2c71a6ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77962a2cd8a104e16b77d5f7f13b1640d43e11801140caf1a8b1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b905fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af0a77fbcf2cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf34117a82a96b2ced73abb8e4bb718d6ee7aebf9ef40662d7836d252c566f5ee938a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7eee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000001762e5f5a3a0bc33fdbe28a5ffc83f2f08544eb2794e7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f85d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d801002653c4d9818708e27c89b552d3fcd11ebce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff2a8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4000000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b850580994484305d7a1759782ae57773e0d8b0ab900edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0bd91e328b6a6f732a91f0e2e9120be61e58c79d497247d278888901d44bf77ff246605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c2d0836395fe39f0e11c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc71300000000000021000000b12f0ec0412268860027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b50f3ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861ddb54684cb73e7aeefae47fa09fd88e6043bd52ae84c1bb0c8a6b769f952283a1f4e3842edb3d42c68a2102fa1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e81163bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4c4b51b1f922a44ec675203bf8d1548e49262727c3de6daab3b4ed15aa99802e45d0620617e839b5237ddfcf103c91e61d174e3be6c9fd47398797e3b814e751ff31ecb42de6dd9d6b88121aaa680c236a303914e00150e1ec3f144ebc28287d5b51cfb8cabb844d12b140767d0fc24425590024b2e431722392489e3d43b3e31438a0138988083c47c61384d54e9a40fba01cac6e59ec82edc764840fe551c1d57442970cd8e59b9f41094e158c0a1ee855d8515599685486c2a21fa1c107531a0db8306441e8408b34aa90e9736e672d74cb8e78f8bdb93a23d024fc200796836ab396911a56231e953efad6cd83db32ffc595d970108e9547ea0000002730d5d1b70fe8b458ac1651135037b6cb9c8053299f77ab84c5b9fd2f764c3caa9c69377c397d310ddc7bc4bfa165def7b49e28ef196ae263b6829a8419d8860f56c86c288964ac4bc19839d96ff24b981c3a4fd6f93a000000ea9d6b06dafae4c91177"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) ioctl$BTRFS_IOC_SEND(r4, 0x40489426, &(0x7f0000000440)={{r5}, 0x0, 0x0, 0x7, 0x0, 0x1}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x50) ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246) syz_open_procfs(0xffffffffffffffff, 0x0) ioctl$PPPIOCSFLAGS1(r6, 0x4004743a, &(0x7f0000000300)) ioctl$PPPIOCDISCONN(r6, 0x7439) 157.601843ms ago: executing program 0 (id=987): mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='gid']) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) lstat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0/file0\x00', &(0x7f00000004c0), &(0x7f0000000500)={0x0, 0xfb, 0x59, 0x5, 0x81, "669dabbcb8d5de4e382d73916b4b7bc6", "a752ded7725c9e3038d06b73c01eb136b490ce1978b7695faed389356da492599c3dc02561a0fddd824e3045ea5ee35cf01e19f015eb17ce51e07d8ae5d3a1538b7da0ab"}, 0x59, 0x2) r2 = openat$tcp_mem(0xffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) fstat(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0xee00, r3) newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) r5 = socket(0x1, 0x3, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000200)=0xc) sched_getparam(r6, &(0x7f0000000240)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000200)={{0x1, r1, 0xee01, r3, r4, 0x0, 0xc86}, 0x0, 0x0, 0x7, 0x7, 0x0, 0x7, 0x1000, 0x8, 0x3ff, 0x5, r6}) mount$9p_tcp(&(0x7f0000000040), &(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0), 0x24008, &(0x7f0000000240)=ANY=[@ANYBLOB="7472616e733d7463702c706f72743d3001000000303030303030303030346532342c6c746769643d0000", @ANYRESHEX=r0, @ANYBLOB=',euid>', @ANYRESDEC=r1, @ANYBLOB=',fowner=', @ANYRESDEC=0xee01, @ANYBLOB=',appraise,\x00']) mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='ntfs3\x00', 0x0, &(0x7f0000000340)) 144.547418ms ago: executing program 2 (id=988): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000580)='debugfs\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) timerfd_create(0x0, 0x0) timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000440), 0x0) timerfd_create(0x0, 0x0) (async) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x3, &(0x7f0000000200), 0x0) (async) timerfd_settime(r2, 0x3, &(0x7f0000000200), 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x3}) (async) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x3}) getdents(r1, &(0x7f0000000240)=""/145, 0x91) lseek(r1, 0x0, 0x0) (async) lseek(r1, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_init_net_socket$ax25(0x3, 0x0, 0x0) (async) syz_init_net_socket$ax25(0x3, 0x0, 0x0) r4 = syz_io_uring_setup(0xeed, &(0x7f0000000780), &(0x7f00000001c0), 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) (async) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(r4, 0x567, 0x0, 0x0, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r6, 0x4b36) cachestat(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x10, 0xffffffffffffffff, 0x0) (async) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x10, 0xffffffffffffffff, 0x0) socket$can_raw(0x1d, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000007c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) write$cgroup_int(r7, &(0x7f0000000040)=0x3, 0x12) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"]) ioctl$KVM_RUN(r5, 0xae80, 0x0) (async) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x1}) 75.352744ms ago: executing program 0 (id=989): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) timer_create(0x0, &(0x7f0000000440)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r4, 0x0, r2, 0x0, 0xf3a, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r7, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)) close(r7) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r8, @ANYBLOB="000024000000000024001200140001006272696467655f736c617665800000000c000500080005"], 0x3}}, 0x0) splice(r6, 0x0, r7, 0x0, 0x10500, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) tee(r1, r5, 0xaf5, 0x0) write$binfmt_elf64(r3, &(0x7f0000003380)=ANY=[], 0x18c6) semtimedop(0x0, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x989680}) 0s ago: executing program 0 (id=990): syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e4e22560c"], 0x7) r0 = socket(0x0, 0x4, 0x3) syz_emit_vhci(&(0x7f00000007c0)=ANY=[@ANYBLOB="02c8003700330001001149020003000179020009000e0c000d0304080043cc49f500010500036e8a00ff7f00000200f404070104000700010100000041fc401807e1c8b7d3225233802497ab307ad2eee9d6acb75b6ab6e942da0e7ac2f8e5b2553e1eea41107fcb30cb2a6514a7bd3291f8946bbd832bcc7f9ff52eaf81231b3ba92bf40280671589d6d6ec46aa4a05f275ecdf48c58828f077b4de443c788f68e5547dacd90848d0405e5044aec2315b28ac3717f79d9afd31c8ad9e6ec83f00d999e0"], 0x3c) syz_emit_vhci(0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000980)={{{@in=@multicast2, @in=@initdev}}, {{@in6=@remote}, 0x0, @in=@remote}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r0, &(0x7f0000000180)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r1, @ANYBLOB="000425bd7000fedbdfa54f00000008000300", @ANYRES32=r2, @ANYBLOB="80007a80080004000000000008000400070000000c000300df23f700a8b50bf41c0002004902c9c0d5931e6915071370298d00000000000014000100948b3e98c8881f137f69cdb0770000a60c000300661f83ecad25a51e240001006ff889af5cf1ebe0d35a6817e13c3371fecdeb6d210a66b4bab53b8402d93f7228007a80080004000000000014000200f1dbfbce65c8d020c4157928ab3626c10800040000040020"], 0xc4}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) socket$packet(0x11, 0x2, 0x300) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000480)=0x5) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0) preadv(r3, &(0x7f0000000480), 0x0, 0x80000001, 0x6) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000640)="df9410e2b3956e80bc3aa4847ecce9e0ca44d5845e69669c9864104576daa895910737a5b6ec2bc98d8a83251946890552f9aa43ad2ac23aa0407d5c1b8b3671a1d0c0df1be9f97aeaf604cd0c9fdbf97e87f2b82cb2c17810658a5b9d4733506070cc26127b234861d673a4adc99acadb72f1d17635164a3e96d9b83a887deb0df0887b2e6121f80fda17d2f54842f26f491f53e04de7649f54e8e220148fa5a659821e28ccc41a5610a4e3410d5a7d1ac8430d0d4c8884c2eb5cdef28ac6be16656b35b3e3cc95", 0xc8}, {&(0x7f0000000a80)="4c3b4c3eb00ca4e04a96d329e6235871e209b97a13b37bc78e44eb4b9cccb7884e871d37567ac1f6f45d6c1715877d5c863acc1e0d8e6aeb1cb0d5e6f65984e29d08126acfd9a0891ddbc1b1c1bc6ae530348c72d1f670a1d3c26fd96b6c717b29b5226ceabecae2a04832ccb80f3df5a00908681e7badf50e24cf96c524190787c7b58bb35d20ef5a66823b38143571d0a4aaa8b59372e47cff9aab7dfc6134af3b5941402927caaa459de1879e749ecc30479b8b5a2ec63ac1109747371be97f0fc7dd0cbbc39f466d854fbe2f6e7b52d5643825a706db08238888576523115604bdcaa5ff223249c0c3be9a9c8778b52ed64d793478503752c8d0197f000df9638761bf63", 0x106}], 0x2}, 0x2000c001) sendmsg$NL80211_CMD_SET_PMKSA(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24) epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) bind$alg(0xffffffffffffffff, &(0x7f00000005c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-arm64\x00'}, 0x58) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x1, 0x3, 0x3, 0x0, 0x3f}, 0x20) r6 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') preadv(r6, &(0x7f0000000400)=[{&(0x7f0000000340)=""/134, 0x86}], 0x1, 0x68, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f0000000100)={0x0, 'vlan0\x00'}) kernel console output (not intermixed with test programs): [ 137.448750][ T6826] FAULT_INJECTION: forcing a failure. [ 137.448750][ T6826] name failslab, interval 1, probability 0, space 0, times 0 [ 137.458220][ T6826] CPU: 2 UID: 0 PID: 6826 Comm: syz.3.426 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 137.462722][ T6826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 137.467340][ T6826] Call Trace: [ 137.468819][ T6826] [ 137.473760][ T6826] dump_stack_lvl+0x16c/0x1f0 [ 137.476059][ T6826] should_fail_ex+0x497/0x5b0 [ 137.478173][ T6826] ? fs_reclaim_acquire+0xae/0x160 [ 137.480488][ T6826] should_failslab+0xc2/0x120 [ 137.482894][ T6826] __kmalloc_cache_noprof+0x6b/0x300 [ 137.485444][ T6826] ? netlbl_mgmt_add_common+0xb7a/0x1830 [ 137.488280][ T6826] netlbl_mgmt_add_common+0xb7a/0x1830 [ 137.491104][ T6826] netlbl_mgmt_adddef+0x21e/0x380 [ 137.493774][ T6826] ? __pfx_netlbl_mgmt_adddef+0x10/0x10 [ 137.497231][ T6826] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 137.502424][ T6826] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 137.507159][ T6826] genl_family_rcv_msg_doit+0x202/0x2f0 [ 137.510145][ T6826] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 137.514700][ T6826] ? security_capable+0x98/0xd0 [ 137.517370][ T6826] genl_rcv_msg+0x565/0x800 [ 137.519972][ T6826] ? __pfx_genl_rcv_msg+0x10/0x10 [ 137.522962][ T6826] ? __pfx___lock_acquire+0x10/0x10 [ 137.525256][ T6826] ? __pfx_netlbl_mgmt_adddef+0x10/0x10 [ 137.527403][ T6826] ? __pfx___lock_acquire+0x10/0x10 [ 137.529607][ T6826] netlink_rcv_skb+0x16b/0x440 [ 137.532497][ T6826] ? __pfx_genl_rcv_msg+0x10/0x10 [ 137.534843][ T6826] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 137.537541][ T6826] ? down_read+0xc9/0x330 [ 137.539500][ T6826] ? __pfx_down_read+0x10/0x10 [ 137.541549][ T6826] ? netlink_deliver_tap+0x1ae/0xd90 [ 137.543870][ T6826] genl_rcv+0x28/0x40 [ 137.545993][ T6826] netlink_unicast+0x544/0x830 [ 137.548544][ T6826] ? __pfx_netlink_unicast+0x10/0x10 [ 137.551090][ T6826] netlink_sendmsg+0x8b8/0xd70 [ 137.553194][ T6826] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.555170][ T6826] ? __import_iovec+0x1fd/0x6e0 [ 137.557237][ T6826] ____sys_sendmsg+0xab5/0xc90 [ 137.559287][ T6826] ? copy_msghdr_from_user+0x10b/0x160 [ 137.561542][ T6826] ? __pfx_____sys_sendmsg+0x10/0x10 [ 137.563553][ T6826] ? find_held_lock+0x2d/0x110 [ 137.565419][ T6826] ? __pfx___lock_acquire+0x10/0x10 [ 137.567595][ T6826] ___sys_sendmsg+0x135/0x1e0 [ 137.569699][ T6826] ? __pfx____sys_sendmsg+0x10/0x10 [ 137.572165][ T6826] ? ksys_write+0x21c/0x260 [ 137.574190][ T6826] ? __fget_light+0x173/0x210 [ 137.576256][ T6826] __sys_sendmsg+0x117/0x1f0 [ 137.578358][ T6826] ? __pfx___sys_sendmsg+0x10/0x10 [ 137.582819][ T6826] do_syscall_64+0xcd/0x250 [ 137.585296][ T6826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.587863][ T6826] RIP: 0033:0x7fd4399779f9 [ 137.589758][ T6826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.601509][ T6826] RSP: 002b:00007fd43a69e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 137.605041][ T6826] RAX: ffffffffffffffda RBX: 00007fd439b05f80 RCX: 00007fd4399779f9 [ 137.608581][ T6826] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 137.611843][ T6826] RBP: 00007fd43a69e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 137.615213][ T6826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 137.618958][ T6826] R13: 000000000000000b R14: 00007fd439b05f80 R15: 00007ffdc8d70ec8 [ 137.622717][ T6826] [ 137.624202][ C2] vkms_vblank_simulate: vblank timer overrun [ 137.694182][ T6830] 9pnet_fd: Insufficient options for proto=fd [ 137.729004][ T6830] process 'syz.0.427' launched './file0' with NULL argv: empty string added [ 137.820414][ T6831] À: renamed from syztnl0 [ 138.402570][ T39] kauditd_printk_skb: 140 callbacks suppressed [ 138.402586][ T39] audit: type=1326 audit(1722645472.173:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ba7f779f9 code=0x7ffc0000 [ 138.415824][ T39] audit: type=1326 audit(1722645472.173:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ba7f779f9 code=0x7ffc0000 [ 138.425946][ T39] audit: type=1326 audit(1722645472.183:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5ba7f779f9 code=0x7ffc0000 [ 138.435793][ T39] audit: type=1326 audit(1722645472.183:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ba7f779f9 code=0x7ffc0000 [ 138.447206][ T39] audit: type=1326 audit(1722645472.183:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ba7f779f9 code=0x7ffc0000 [ 138.458667][ T39] audit: type=1326 audit(1722645472.183:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5ba7f779f9 code=0x7ffc0000 [ 138.523752][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.537186][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.540721][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.548473][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.554058][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.571826][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.575197][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.579084][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.587504][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.590908][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.593688][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.604397][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.608444][ T5376] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 138.615335][ T5376] hid-generic 0000:0000:0000.0009: hidraw1: HID v0.00 Device [syz0] on syz1 [ 138.694291][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.732911][ T39] audit: type=1326 audit(1722645472.493:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ba7f779f9 code=0x7ffc0000 [ 138.743698][ T39] audit: type=1326 audit(1722645472.493:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6857 comm="syz.1.437" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ba7f779f9 code=0x7ffc0000 [ 138.885102][ T39] audit: type=1400 audit(1722645472.653:964): avc: denied { create } for pid=6862 comm="syz.3.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 138.895717][ T39] audit: type=1400 audit(1722645472.673:965): avc: denied { getopt } for pid=6862 comm="syz.3.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 138.911444][ T6867] netlink: 'syz.3.438': attribute type 4 has an invalid length. [ 138.968166][ T6867] netlink: 'syz.3.438': attribute type 4 has an invalid length. [ 139.059341][ T6873] netlink: 12 bytes leftover after parsing attributes in process `syz.2.439'. [ 139.082246][ T6875] openvswitch: netlink: Missing key (keys=100000040, expected=2000) [ 139.093006][ T4764] Bluetooth: hci0: unexpected event for opcode 0x0c22 [ 139.714096][ T6900] FAULT_INJECTION: forcing a failure. [ 139.714096][ T6900] name failslab, interval 1, probability 0, space 0, times 0 [ 139.719806][ T6900] CPU: 3 UID: 0 PID: 6900 Comm: syz.3.449 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 139.724519][ T6900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 139.729597][ T6900] Call Trace: [ 139.731288][ T6900] [ 139.732679][ T6900] dump_stack_lvl+0x16c/0x1f0 [ 139.735046][ T6900] should_fail_ex+0x497/0x5b0 [ 139.737820][ T6900] should_failslab+0xc2/0x120 [ 139.740080][ T6900] __kmalloc_node_track_caller_noprof+0xcf/0x430 [ 139.743014][ T6900] ? lockdep_init_map_type+0x16d/0x7d0 [ 139.745551][ T6900] ? nf_ct_ext_add+0x1a7/0x420 [ 139.748120][ T6900] krealloc_noprof+0x5d/0x100 [ 139.750452][ T6900] nf_ct_ext_add+0x1a7/0x420 [ 139.752507][ T6900] init_conntrack.constprop.0+0x5af/0x1080 [ 139.755617][ T6900] ? __pfx_init_conntrack.constprop.0+0x10/0x10 [ 139.758486][ T6900] ? lockdep_hardirqs_on+0x7c/0x110 [ 139.760849][ T6900] ? __local_bh_enable_ip+0xa4/0x120 [ 139.763393][ T6900] ? ip6t_do_table+0xd50/0x1d40 [ 139.765921][ T6900] nf_conntrack_in+0xa50/0x1860 [ 139.768119][ T6900] ? __pfx_nf_conntrack_in+0x10/0x10 [ 139.770313][ T6900] ? __pfx_ip6t_do_table+0xa/0x10 [ 139.772252][ T6900] ? netlbl_enabled+0x54/0x70 [ 139.774167][ T6900] ? __pfx_ipv6_conntrack_local+0x10/0x10 [ 139.777293][ T6900] nf_hook_slow+0xbb/0x200 [ 139.779518][ T6900] rawv6_sendmsg+0x2e1b/0x43f0 [ 139.781330][ T6900] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 139.783498][ T6900] ? avc_has_perm_noaudit+0x143/0x3a0 [ 139.785668][ T6900] ? avc_has_perm+0x11b/0x1c0 [ 139.787532][ T6900] ? __pfx_dst_output+0x10/0x10 [ 139.789651][ T6900] ? sock_has_perm+0x25a/0x2f0 [ 139.791839][ T6900] ? __pfx_sock_has_perm+0x10/0x10 [ 139.794374][ T6900] ? __might_fault+0xe3/0x190 [ 139.796736][ T6900] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 139.798952][ T6900] ? inet_sendmsg+0x119/0x140 [ 139.801073][ T6900] inet_sendmsg+0x119/0x140 [ 139.803327][ T6900] __sys_sendto+0x42c/0x4e0 [ 139.805375][ T6900] ? __pfx___sys_sendto+0x10/0x10 [ 139.807626][ T6900] ? ksys_write+0x1ab/0x260 [ 139.809791][ T6900] ? __pfx_ksys_write+0x10/0x10 [ 139.812349][ T6900] __x64_sys_sendto+0xe0/0x1c0 [ 139.814467][ T6900] ? do_syscall_64+0x91/0x250 [ 139.816421][ T6900] ? lockdep_hardirqs_on+0x7c/0x110 [ 139.818392][ T6900] do_syscall_64+0xcd/0x250 [ 139.820153][ T6900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.822773][ T6900] RIP: 0033:0x7fd4399779f9 [ 139.824701][ T6900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.833471][ T6900] RSP: 002b:00007fd43a69e048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 139.837156][ T6900] RAX: ffffffffffffffda RBX: 00007fd439b05f80 RCX: 00007fd4399779f9 [ 139.840491][ T6900] RDX: 0000000000000028 RSI: 0000000020000180 RDI: 0000000000000003 [ 139.843628][ T6900] RBP: 00007fd43a69e0a0 R08: 0000000020000080 R09: 0000000000000020 [ 139.846948][ T6900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.850701][ T6900] R13: 000000000000000b R14: 00007fd439b05f80 R15: 00007ffdc8d70ec8 [ 139.854117][ T6900] [ 139.900316][ T6902] netlink: 12 bytes leftover after parsing attributes in process `syz.1.450'. [ 140.041482][ T1112] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 140.398277][ T6934] netlink: 16 bytes leftover after parsing attributes in process `syz.0.461'. [ 140.685405][ T6954] FAULT_INJECTION: forcing a failure. [ 140.685405][ T6954] name failslab, interval 1, probability 0, space 0, times 0 [ 140.691479][ T6954] CPU: 0 UID: 0 PID: 6954 Comm: syz.3.470 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 140.696180][ T6954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 140.701045][ T6954] Call Trace: [ 140.702550][ T6954] [ 140.703876][ T6954] dump_stack_lvl+0x16c/0x1f0 [ 140.705979][ T6954] should_fail_ex+0x497/0x5b0 [ 140.708218][ T6954] ? fs_reclaim_acquire+0xae/0x160 [ 140.710513][ T6954] should_failslab+0xc2/0x120 [ 140.712631][ T6954] __kmalloc_noprof+0xcb/0x400 [ 140.717200][ T6954] ? __pfx_lock_acquire+0x10/0x10 [ 140.719501][ T6954] tomoyo_realpath_from_path+0xb9/0x720 [ 140.722879][ T6954] ? tomoyo_profile+0x47/0x60 [ 140.724926][ T6954] tomoyo_path_number_perm+0x245/0x590 [ 140.727287][ T6954] ? tomoyo_path_number_perm+0x232/0x590 [ 140.729765][ T6954] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 140.732467][ T6954] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 140.735146][ T6954] ? __fget_files+0x256/0x400 [ 140.737264][ T6954] security_file_ioctl+0x75/0xc0 [ 140.739568][ T6954] __x64_sys_ioctl+0xbb/0x220 [ 140.741717][ T6954] do_syscall_64+0xcd/0x250 [ 140.743968][ T6954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.747017][ T6954] RIP: 0033:0x7fd4399779f9 [ 140.749345][ T6954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.757779][ T6954] RSP: 002b:00007fd43a69e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 140.761358][ T6954] RAX: ffffffffffffffda RBX: 00007fd439b05f80 RCX: 00007fd4399779f9 [ 140.764607][ T6954] RDX: 0000000020000040 RSI: 0000000080104592 RDI: 0000000000000003 [ 140.768097][ T6954] RBP: 00007fd43a69e0a0 R08: 0000000000000000 R09: 0000000000000000 [ 140.771505][ T6954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 140.774825][ T6954] R13: 000000000000000b R14: 00007fd439b05f80 R15: 00007ffdc8d70ec8 [ 140.778367][ T6954] [ 140.784416][ T6954] ERROR: Out of memory at tomoyo_realpath_from_path. [ 140.876874][ T6959] netlink: 16 bytes leftover after parsing attributes in process `syz.2.471'. [ 140.938111][ T1108] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 141.203039][ T6983] Unknown options in mask 5 [ 141.300081][ T6989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.476'. [ 141.393264][ T6997] netlink: 16 bytes leftover after parsing attributes in process `syz.3.481'. [ 141.611738][ T7013] FAULT_INJECTION: forcing a failure. [ 141.611738][ T7013] name failslab, interval 1, probability 0, space 0, times 0 [ 141.618819][ T7013] CPU: 1 UID: 0 PID: 7013 Comm: syz.1.486 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 141.624704][ T7013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.629883][ T7013] Call Trace: [ 141.631651][ T7013] [ 141.633155][ T7013] dump_stack_lvl+0x16c/0x1f0 [ 141.635250][ T7013] should_fail_ex+0x497/0x5b0 [ 141.637358][ T7013] ? fs_reclaim_acquire+0xae/0x160 [ 141.639664][ T7013] should_failslab+0xc2/0x120 [ 141.641870][ T7013] __kmalloc_noprof+0xcb/0x400 [ 141.644103][ T7013] memcg_list_lru_alloc+0x24d/0xa90 [ 141.646484][ T7013] ? rcu_read_unlock+0x17/0x60 [ 141.648613][ T7013] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 141.651242][ T7013] __memcg_slab_post_alloc_hook+0x12c/0x9c0 [ 141.653845][ T7013] ? kasan_save_track+0x14/0x30 [ 141.655755][ T7013] kmem_cache_alloc_lru_noprof+0x2c1/0x2f0 [ 141.658076][ T7013] ? alloc_inode+0xba/0x230 [ 141.659835][ T7013] ? find_inode_fast+0x1e9/0x600 [ 141.661955][ T7013] alloc_inode+0xba/0x230 [ 141.663843][ T7013] iget_locked+0x18b/0x6c0 [ 141.665862][ T7013] kernfs_get_inode+0x48/0x460 [ 141.668183][ T7013] kernfs_iop_lookup+0x1ec/0x330 [ 141.670822][ T7013] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 141.673225][ T7013] lookup_open.isra.0+0x928/0x13c0 [ 141.675164][ T7013] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 141.677485][ T7013] ? __startup_64+0x120/0x2a0 [ 141.679740][ T7013] ? __startup_64+0x120/0x2a0 [ 141.681882][ T7013] ? lookup_fast+0x155/0x540 [ 141.683973][ T7013] path_openat+0xa3b/0x2d20 [ 141.686066][ T7013] ? __pfx_path_openat+0x10/0x10 [ 141.688371][ T7013] ? __pfx___lock_acquire+0x10/0x10 [ 141.690467][ T7013] ? find_held_lock+0x2d/0x110 [ 141.692306][ T7013] do_filp_open+0x1dc/0x430 [ 141.694172][ T7013] ? __pfx_do_filp_open+0x10/0x10 [ 141.696353][ T7013] ? find_held_lock+0x2d/0x110 [ 141.698641][ T7013] ? _raw_spin_unlock+0x28/0x50 [ 141.700800][ T7013] ? alloc_fd+0x2d7/0x6c0 [ 141.702695][ T7013] do_sys_openat2+0x17a/0x1e0 [ 141.704922][ T7013] ? __pfx_do_sys_openat2+0x10/0x10 [ 141.707124][ T7013] __x64_sys_openat+0x175/0x210 [ 141.709469][ T7013] ? __pfx___x64_sys_openat+0x10/0x10 [ 141.711761][ T7013] ? ksys_write+0x1ab/0x260 [ 141.713775][ T7013] do_syscall_64+0xcd/0x250 [ 141.715784][ T7013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.718849][ T7013] RIP: 0033:0x7f5ba7f779f9 [ 141.720788][ T7013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.729206][ T7013] RSP: 002b:00007f5ba8d41048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 141.732910][ T7013] RAX: ffffffffffffffda RBX: 00007f5ba8105f80 RCX: 00007f5ba7f779f9 [ 141.735921][ T7013] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 141.738728][ T7013] RBP: 00007f5ba8d410a0 R08: 0000000000000000 R09: 0000000000000000 [ 141.742321][ T7013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.746662][ T7013] R13: 000000000000000b R14: 00007f5ba8105f80 R15: 00007ffc08067058 [ 141.750422][ T7013] [ 141.876833][ T11] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 142.095037][ T7028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.491'. [ 142.779333][ T7058] netlink: 4 bytes leftover after parsing attributes in process `syz.2.502'. [ 142.814235][ T5345] Bluetooth: hci4: sending frame failed (-49) [ 142.818785][ T4764] Bluetooth: hci4: Entering manufacturer mode failed (-49) [ 142.828423][ T7058] Bluetooth: hci4: Frame reassembly failed (-84) [ 142.945717][ T7054] netlink: 4 bytes leftover after parsing attributes in process `syz.1.501'. [ 143.229799][ T13] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 143.230117][ T7071] FAULT_INJECTION: forcing a failure. [ 143.230117][ T7071] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.240937][ T7071] CPU: 2 UID: 0 PID: 7071 Comm: syz.3.505 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 143.250636][ T7071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.255129][ T7071] Call Trace: [ 143.256618][ T7071] [ 143.257915][ T7071] dump_stack_lvl+0x16c/0x1f0 [ 143.260111][ T7071] should_fail_ex+0x497/0x5b0 [ 143.263210][ T7071] _copy_from_iter+0x2a1/0x1150 [ 143.265594][ T7071] ? __alloc_skb+0x1fe/0x380 [ 143.267669][ T7071] ? __pfx__copy_from_iter+0x10/0x10 [ 143.269951][ T7071] ? __virt_addr_valid+0x5e/0x590 [ 143.271959][ T7071] ? __phys_addr_symbol+0x30/0x80 [ 143.274034][ T7071] ? __check_object_size+0x497/0x720 [ 143.276445][ T7071] netlink_sendmsg+0x813/0xd70 [ 143.278561][ T7071] ? __pfx_netlink_sendmsg+0x10/0x10 [ 143.281007][ T7071] ? __import_iovec+0x1fd/0x6e0 [ 143.283313][ T7071] ____sys_sendmsg+0xab5/0xc90 [ 143.285726][ T7071] ? copy_msghdr_from_user+0x10b/0x160 [ 143.288269][ T7071] ? __pfx_____sys_sendmsg+0x10/0x10 [ 143.290326][ T7071] ? find_held_lock+0x2d/0x110 [ 143.292378][ T7071] ? __pfx___lock_acquire+0x10/0x10 [ 143.294883][ T7071] ___sys_sendmsg+0x135/0x1e0 [ 143.297135][ T7071] ? __pfx____sys_sendmsg+0x10/0x10 [ 143.299594][ T7071] ? ksys_write+0x21c/0x260 [ 143.301778][ T7071] ? __fget_light+0x173/0x210 [ 143.304230][ T7071] __sys_sendmsg+0x117/0x1f0 [ 143.306338][ T7071] ? __pfx___sys_sendmsg+0x10/0x10 [ 143.308650][ T7071] do_syscall_64+0xcd/0x250 [ 143.311052][ T7071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.313615][ T7071] RIP: 0033:0x7fd4399779f9 [ 143.315517][ T7071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.323612][ T7071] RSP: 002b:00007fd43a67d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 143.327074][ T7071] RAX: ffffffffffffffda RBX: 00007fd439b06058 RCX: 00007fd4399779f9 [ 143.330394][ T7071] RDX: 0000000000000000 RSI: 0000000020003700 RDI: 0000000000000003 [ 143.333650][ T7071] RBP: 00007fd43a67d0a0 R08: 0000000000000000 R09: 0000000000000000 [ 143.337096][ T7071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.340782][ T7071] R13: 000000000000006e R14: 00007fd439b06058 R15: 00007ffdc8d70ec8 [ 143.344399][ T7071] [ 143.500113][ T39] kauditd_printk_skb: 85 callbacks suppressed [ 143.500128][ T39] audit: type=1326 audit(1722645477.263:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 143.514950][ T39] audit: type=1326 audit(1722645477.263:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 143.525711][ T39] audit: type=1326 audit(1722645477.283:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3022976390 code=0x7ffc0000 [ 143.530132][ T7086] netlink: 'syz.2.510': attribute type 25 has an invalid length. [ 143.536527][ T39] audit: type=1326 audit(1722645477.283:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f3022979187 code=0x7ffc0000 [ 143.546724][ T7086] netlink: 'syz.2.510': attribute type 7 has an invalid length. [ 143.561307][ T39] audit: type=1326 audit(1722645477.283:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 143.561357][ T39] audit: type=1326 audit(1722645477.283:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f3022979187 code=0x7ffc0000 [ 143.561401][ T39] audit: type=1326 audit(1722645477.283:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f302297668a code=0x7ffc0000 [ 143.561445][ T39] audit: type=1326 audit(1722645477.283:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 143.561487][ T39] audit: type=1326 audit(1722645477.283:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 143.561530][ T39] audit: type=1326 audit(1722645477.283:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7085 comm="syz.2.510" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 143.660257][ T7086] netlink: 8 bytes leftover after parsing attributes in process `syz.2.510'. [ 143.746926][ T5024] IPVS: starting estimator thread 0... [ 143.801377][ T7100] ipip0: entered promiscuous mode [ 143.860620][ T7098] IPVS: using max 20 ests per chain, 48000 per kthread [ 143.976601][ T1112] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 143.993765][ T30] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 144.054470][ T7119] netlink: 'syz.3.521': attribute type 25 has an invalid length. [ 144.057984][ T7119] netlink: 'syz.3.521': attribute type 7 has an invalid length. [ 144.066724][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.521'. [ 144.199362][ T30] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 144.206245][ T30] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 144.214824][ T30] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 144.238578][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.248989][ T7093] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 144.255477][ T30] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 144.305780][ T7130] openvswitch: netlink: Missing key (keys=100000040, expected=2000) [ 144.914060][ T7144] netlink: 36 bytes leftover after parsing attributes in process `syz.1.526'. [ 144.922069][ T7144] unsupported nla_type 238 [ 145.498783][ T3217] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 145.544708][ T7164] netlink: 'syz.1.534': attribute type 25 has an invalid length. [ 145.547703][ T7164] netlink: 'syz.1.534': attribute type 7 has an invalid length. [ 145.686209][ T7170] netlink: 12 bytes leftover after parsing attributes in process `syz.1.537'. [ 145.689992][ T7170] FAULT_INJECTION: forcing a failure. [ 145.689992][ T7170] name failslab, interval 1, probability 0, space 0, times 0 [ 145.695896][ T7170] CPU: 2 UID: 0 PID: 7170 Comm: syz.1.537 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 145.700858][ T7170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 145.705431][ T7170] Call Trace: [ 145.706876][ T7170] [ 145.708208][ T7170] dump_stack_lvl+0x16c/0x1f0 [ 145.710306][ T7170] should_fail_ex+0x497/0x5b0 [ 145.712340][ T7170] ? fs_reclaim_acquire+0xae/0x160 [ 145.714786][ T7170] should_failslab+0xc2/0x120 [ 145.716787][ T7170] __kmalloc_noprof+0xcb/0x400 [ 145.718851][ T7170] nft_trans_alloc_gfp+0x26/0x2e0 [ 145.721007][ T7170] nf_tables_newchain+0x1009/0x2810 [ 145.723265][ T7170] ? __nla_validate_parse+0x581/0x2880 [ 145.726200][ T7170] ? __pfx_nf_tables_newchain+0x10/0x10 [ 145.728672][ T7170] ? __pfx___nla_validate_parse+0x10/0x10 [ 145.731203][ T7170] ? __pfx_lock_release+0x10/0x10 [ 145.733399][ T7170] ? __nla_parse+0x40/0x60 [ 145.735391][ T7170] nfnetlink_rcv_batch+0x1a19/0x24e0 [ 145.737775][ T7170] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 145.740312][ T7170] ? find_held_lock+0x2d/0x110 [ 145.742546][ T7170] ? avc_has_perm_noaudit+0x119/0x3a0 [ 145.744913][ T7170] ? avc_has_perm_noaudit+0x143/0x3a0 [ 145.747288][ T7170] ? __nla_parse+0x40/0x60 [ 145.749246][ T7170] nfnetlink_rcv+0x3c3/0x430 [ 145.751219][ T7170] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 145.753491][ T7170] netlink_unicast+0x544/0x830 [ 145.755606][ T7170] ? __pfx_netlink_unicast+0x10/0x10 [ 145.757895][ T7170] netlink_sendmsg+0x8b8/0xd70 [ 145.760104][ T7170] ? __pfx_netlink_sendmsg+0x10/0x10 [ 145.762472][ T7170] ? __import_iovec+0x1fd/0x6e0 [ 145.764608][ T7170] ____sys_sendmsg+0xab5/0xc90 [ 145.766691][ T7170] ? copy_msghdr_from_user+0x10b/0x160 [ 145.769076][ T7170] ? __pfx_____sys_sendmsg+0x10/0x10 [ 145.771335][ T7170] ? find_held_lock+0x2d/0x110 [ 145.773311][ T7170] ? __pfx___lock_acquire+0x10/0x10 [ 145.775530][ T7170] ___sys_sendmsg+0x135/0x1e0 [ 145.777519][ T7170] ? __pfx____sys_sendmsg+0x10/0x10 [ 145.779763][ T7170] ? ksys_write+0x21c/0x260 [ 145.781737][ T7170] ? __fget_light+0x173/0x210 [ 145.783834][ T7170] __sys_sendmsg+0x117/0x1f0 [ 145.785828][ T7170] ? __pfx___sys_sendmsg+0x10/0x10 [ 145.788031][ T7170] do_syscall_64+0xcd/0x250 [ 145.790051][ T7170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.792671][ T7170] RIP: 0033:0x7f5ba7f779f9 [ 145.794901][ T7170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.801724][ T7171] netlink: 'syz.3.535': attribute type 13 has an invalid length. [ 145.803298][ T7170] RSP: 002b:00007f5ba8d41048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 145.810290][ T7170] RAX: ffffffffffffffda RBX: 00007f5ba8105f80 RCX: 00007f5ba7f779f9 [ 145.813372][ T7170] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 145.816409][ T7170] RBP: 00007f5ba8d410a0 R08: 0000000000000000 R09: 0000000000000000 [ 145.819764][ T7170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.823304][ T7170] R13: 000000000000000b R14: 00007f5ba8105f80 R15: 00007ffc08067058 [ 145.826822][ T7170] [ 146.432425][ T7187] netlink: 'syz.1.544': attribute type 25 has an invalid length. [ 146.436761][ T7187] netlink: 'syz.1.544': attribute type 7 has an invalid length. [ 146.499155][ T7189] netlink: 'syz.3.545': attribute type 25 has an invalid length. [ 146.509850][ T7189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.545'. [ 146.756044][ T5024] usb 7-1: USB disconnect, device number 5 [ 146.890615][ T35] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 146.976558][ T7211] netlink: 8 bytes leftover after parsing attributes in process `syz.2.555'. [ 147.081083][ T35] usb 6-1: Using ep0 maxpacket: 16 [ 147.112310][ T35] usb 6-1: config 1 interface 0 altsetting 14 endpoint 0x1 has invalid wMaxPacketSize 0 [ 147.116570][ T35] usb 6-1: config 1 interface 0 altsetting 14 bulk endpoint 0x1 has invalid maxpacket 0 [ 147.137125][ T35] usb 6-1: config 1 interface 0 altsetting 14 bulk endpoint 0x82 has invalid maxpacket 32 [ 147.147206][ T35] usb 6-1: config 1 interface 0 has no altsetting 0 [ 147.156891][ T35] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 147.161500][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.164939][ T35] usb 6-1: Product: syz [ 147.166608][ T35] usb 6-1: Manufacturer: syz [ 147.168454][ T35] usb 6-1: SerialNumber: syz [ 147.175137][ T7195] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 147.302929][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.306520][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.309616][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.319859][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.324065][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.327766][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.332857][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.336592][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.341018][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.344307][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.347813][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.351845][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.355613][ T5024] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 147.361968][ T5024] hid-generic 0000:0000:0000.000A: hidraw1: HID v0.00 Device [syz0] on syz1 [ 147.397060][ T35] usblp 6-1:1.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 14 proto 3 vid 0x0525 pid 0xA4A8 [ 147.410351][ T35] usb 6-1: USB disconnect, device number 3 [ 147.417380][ T35] usblp0: removed [ 147.606946][ T7238] netlink: 8 bytes leftover after parsing attributes in process `syz.0.564'. [ 147.894300][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.898035][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.901419][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.904557][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.907962][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.916656][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.920003][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.924518][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.927914][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.934239][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.938223][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.942542][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.945982][ T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 147.955259][ T10] hid-generic 0000:0000:0000.000B: hidraw1: HID v0.00 Device [syz0] on syz1 [ 148.533251][ T4764] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 148.534537][ T7265] FAULT_INJECTION: forcing a failure. [ 148.534537][ T7265] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 148.537384][ T4764] Bluetooth: hci2: Injecting HCI hardware error event [ 148.562843][ T5345] Bluetooth: hci2: hardware error 0x00 [ 148.565186][ T7265] CPU: 1 UID: 0 PID: 7265 Comm: syz.2.574 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 148.569087][ T7265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 148.573377][ T7265] Call Trace: [ 148.574870][ T7265] [ 148.575962][ T7265] dump_stack_lvl+0x16c/0x1f0 [ 148.577935][ T7265] should_fail_ex+0x497/0x5b0 [ 148.580152][ T7265] ? fs_reclaim_acquire+0xae/0x160 [ 148.582213][ T7265] should_fail_alloc_page+0xe7/0x130 [ 148.584287][ T7265] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 148.587413][ T7265] __alloc_pages_noprof+0x194/0x2460 [ 148.590150][ T7265] ? __alloc_pages_noprof+0x40c/0x2460 [ 148.592865][ T7265] ? hlock_class+0x4e/0x130 [ 148.594819][ T7265] ? hlock_class+0x4e/0x130 [ 148.596973][ T7265] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 148.601640][ T7265] ? __pfx___lock_acquire+0x10/0x10 [ 148.603951][ T7265] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 148.606785][ T7265] ? policy_nodemask+0xea/0x4e0 [ 148.608890][ T7265] alloc_pages_mpol_noprof+0x275/0x610 [ 148.611217][ T7265] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 148.613752][ T7265] ? do_raw_spin_lock+0x12d/0x2c0 [ 148.615757][ T7265] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 148.617822][ T7265] ? mark_held_locks+0x9f/0xe0 [ 148.619943][ T7265] __pmd_alloc+0x3f/0x820 [ 148.621954][ T7265] __handle_mm_fault+0x947/0x5660 [ 148.624085][ T7265] ? __pfx_mt_find+0x10/0x10 [ 148.626170][ T7265] ? __pfx_lock_release+0x10/0x10 [ 148.628305][ T7265] ? __pfx___handle_mm_fault+0x10/0x10 [ 148.630688][ T7265] ? no_page_table+0xc7/0x230 [ 148.632785][ T7265] ? vma_pgtable_walk_end+0x3d/0x70 [ 148.635641][ T7265] handle_mm_fault+0x44e/0x7b0 [ 148.637866][ T7265] __get_user_pages+0x475/0x15c0 [ 148.639950][ T7265] ? __pfx___get_user_pages+0x10/0x10 [ 148.642446][ T7265] get_user_pages_remote+0x25e/0xb30 [ 148.649543][ T7265] ? __pfx_get_user_pages_remote+0x10/0x10 [ 148.652758][ T7265] ? down_read+0xc9/0x330 [ 148.654989][ T7265] ? __might_fault+0x13b/0x190 [ 148.657788][ T7265] get_arg_page+0x13e/0x640 [ 148.660459][ T7265] ? __pfx_get_arg_page+0x10/0x10 [ 148.662644][ T7265] ? __might_fault+0xe3/0x190 [ 148.664728][ T7265] copy_string_kernel+0x199/0x240 [ 148.666851][ T7265] ? count.constprop.0.isra.0+0xf4/0x170 [ 148.669282][ T7265] do_execveat_common.isra.0+0x34e/0x630 [ 148.671765][ T7265] __x64_sys_execve+0x8c/0xb0 [ 148.673609][ T7265] do_syscall_64+0xcd/0x250 [ 148.675664][ T7265] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.678476][ T7265] RIP: 0033:0x7f30229779f9 [ 148.680721][ T7265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.688928][ T7265] RSP: 002b:00007f30223ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 148.691899][ T7265] RAX: ffffffffffffffda RBX: 00007f3022b05f80 RCX: 00007f30229779f9 [ 148.695335][ T7265] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000020000280 [ 148.698976][ T7265] RBP: 00007f30223ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 148.702671][ T7265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 148.707641][ T7265] R13: 000000000000000b R14: 00007f3022b05f80 R15: 00007ffdd8428b58 [ 148.710930][ T7265] [ 149.021377][ T5376] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 149.240363][ T5376] usb 8-1: Using ep0 maxpacket: 32 [ 149.245379][ T5376] usb 8-1: config 0 has no interfaces? [ 149.261310][ T5376] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 149.265158][ T5376] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.268787][ T5376] usb 8-1: Product: syz [ 149.271529][ T5376] usb 8-1: Manufacturer: syz [ 149.273634][ T5376] usb 8-1: SerialNumber: syz [ 149.287416][ T5376] usb 8-1: config 0 descriptor?? [ 149.587953][ T836] usb 8-1: USB disconnect, device number 2 [ 149.832608][ T7291] FAULT_INJECTION: forcing a failure. [ 149.832608][ T7291] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 149.838448][ T7291] CPU: 0 UID: 0 PID: 7291 Comm: syz.2.581 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 149.845959][ T7291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 149.850629][ T7291] Call Trace: [ 149.852171][ T7291] [ 149.853456][ T7291] dump_stack_lvl+0x16c/0x1f0 [ 149.855290][ T7291] should_fail_ex+0x497/0x5b0 [ 149.857209][ T7291] _copy_to_user+0x30/0xc0 [ 149.858939][ T7291] simple_read_from_buffer+0xd0/0x160 [ 149.860985][ T7291] proc_fail_nth_read+0x1b0/0x290 [ 149.863086][ T7291] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 149.865391][ T7291] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 149.867133][ T7291] vfs_read+0x1d4/0xbd0 [ 149.868549][ T7291] ? __fdget_pos+0xeb/0x180 [ 149.870667][ T7291] ? __pfx_vfs_read+0x10/0x10 [ 149.872935][ T7291] ? __pfx___mutex_lock+0x10/0x10 [ 149.875691][ T7291] ? __fget_files+0x256/0x400 [ 149.878365][ T7291] ksys_read+0x12f/0x260 [ 149.880860][ T7291] ? __pfx_ksys_read+0x10/0x10 [ 149.883462][ T7291] do_syscall_64+0xcd/0x250 [ 149.885899][ T7291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.888585][ T7291] RIP: 0033:0x7f302297643c [ 149.890877][ T7291] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 149.900972][ T7291] RSP: 002b:00007f30223ff040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 149.905204][ T7291] RAX: ffffffffffffffda RBX: 00007f3022b05f80 RCX: 00007f302297643c [ 149.908963][ T7291] RDX: 000000000000000f RSI: 00007f30223ff0b0 RDI: 0000000000000003 [ 149.915359][ T7291] RBP: 00007f30223ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 149.918908][ T7291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 149.921596][ T7291] R13: 000000000000000b R14: 00007f3022b05f80 R15: 00007ffdd8428b58 [ 149.925544][ T7291] [ 150.237358][ T7302] netlink: 20 bytes leftover after parsing attributes in process `syz.3.584'. [ 150.357859][ T7309] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 150.361659][ T7309] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 150.366046][ T7309] vhci_hcd vhci_hcd.0: Device attached [ 150.373926][ T7310] vhci_hcd: connection closed [ 150.377469][ T1108] vhci_hcd: stop threads [ 150.386310][ T1108] vhci_hcd: release socket [ 150.388511][ T1108] vhci_hcd: disconnect device [ 150.665533][ T7318] fuse: Bad value for 'fd' [ 150.773181][ T5345] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 151.139374][ T39] kauditd_printk_skb: 778 callbacks suppressed [ 151.139389][ T39] audit: type=1326 audit(1722645484.913:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 151.155688][ T7325] netlink: 8 bytes leftover after parsing attributes in process `syz.3.589'. [ 151.158614][ T39] audit: type=1326 audit(1722645484.913:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 151.174388][ T39] audit: type=1326 audit(1722645484.913:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd439976390 code=0x7ffc0000 [ 151.185875][ T39] audit: type=1326 audit(1722645484.913:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fd439979187 code=0x7ffc0000 [ 151.198326][ T39] audit: type=1326 audit(1722645484.913:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 151.209933][ T39] audit: type=1326 audit(1722645484.913:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fd439979187 code=0x7ffc0000 [ 151.220618][ T39] audit: type=1326 audit(1722645484.913:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd43997668a code=0x7ffc0000 [ 151.233108][ T39] audit: type=1326 audit(1722645484.913:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 151.250357][ T39] audit: type=1326 audit(1722645484.913:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 151.262673][ T39] audit: type=1326 audit(1722645484.923:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7324 comm="syz.3.589" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 151.747230][ T1112] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 152.380583][ T7360] netlink: 8 bytes leftover after parsing attributes in process `syz.3.601'. [ 153.197997][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.210308][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.213894][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.217173][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.220889][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.224301][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.227822][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.240361][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.243752][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.247214][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.254079][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.257495][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.260868][ T835] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 153.267719][ T835] hid-generic 0000:0000:0000.000C: hidraw1: HID v0.00 Device [syz0] on syz1 [ 153.500448][ T991] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 153.670894][ T1112] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 153.680566][ T991] usb 5-1: Using ep0 maxpacket: 8 [ 153.685372][ T991] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 153.689846][ T991] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 153.694309][ T991] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 153.698338][ T991] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 153.703890][ T991] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 153.707903][ T991] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.919765][ T991] usb 5-1: GET_CAPABILITIES returned 0 [ 153.922131][ T991] usbtmc 5-1:16.0: can't read capabilities [ 154.047270][ T7385] netlink: 8 bytes leftover after parsing attributes in process `syz.2.610'. [ 154.128699][ T835] usb 5-1: USB disconnect, device number 3 [ 154.370527][ T991] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 154.569505][ T991] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 154.576206][ T991] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 154.580829][ T991] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 154.584268][ T991] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 154.590046][ T991] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 154.594034][ T991] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 154.597023][ T991] usb 8-1: Manufacturer: syz [ 154.624000][ T991] usb 8-1: config 0 descriptor?? [ 154.760355][ T5381] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 154.940859][ T5381] usb 6-1: Using ep0 maxpacket: 8 [ 154.946097][ T5381] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 154.949905][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 154.956024][ T5381] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 154.961724][ T7413] openvswitch: netlink: Missing key (keys=100000040, expected=2000) [ 154.964474][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 154.970745][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 154.976924][ T5381] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 154.987271][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 154.993058][ T5381] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 154.998450][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 155.004326][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 155.016567][ T5381] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 155.019923][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 155.025102][ T5381] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 155.030855][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 155.035629][ T5381] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 155.044664][ T5381] usb 6-1: string descriptor 0 read error: -22 [ 155.048771][ T5381] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 155.053031][ T5381] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.081016][ T5381] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 155.289481][ T7390] mmap: syz.3.611 (7390): VmData 25841664 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data. [ 155.337067][ T991] usbhid 8-1:0.0: can't add hid device: -71 [ 155.339838][ T991] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 155.350146][ T991] usb 8-1: USB disconnect, device number 3 [ 155.396307][ T5381] usb 6-1: USB disconnect, device number 4 [ 156.222612][ T39] kauditd_printk_skb: 128 callbacks suppressed [ 156.222723][ T39] audit: type=1326 audit(1722645489.993:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 156.224359][ T7447] FAULT_INJECTION: forcing a failure. [ 156.224359][ T7447] name failslab, interval 1, probability 0, space 0, times 0 [ 156.240735][ T39] audit: type=1326 audit(1722645489.993:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 156.244077][ T7447] CPU: 3 UID: 0 PID: 7447 Comm: syz.2.630 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 156.259198][ T7447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 156.264060][ T7447] Call Trace: [ 156.265515][ T7447] [ 156.266803][ T7447] dump_stack_lvl+0x16c/0x1f0 [ 156.268799][ T7447] should_fail_ex+0x497/0x5b0 [ 156.270922][ T7447] ? fs_reclaim_acquire+0xae/0x160 [ 156.272950][ T7447] should_failslab+0xc2/0x120 [ 156.274815][ T7447] __kmalloc_cache_noprof+0x6b/0x300 [ 156.276878][ T7447] ? audit_log_d_path+0xce/0x1e0 [ 156.278865][ T7447] audit_log_d_path+0xce/0x1e0 [ 156.281109][ T7447] audit_log_d_path_exe+0x46/0x70 [ 156.283164][ T7447] audit_log_task+0x279/0x300 [ 156.284716][ T7447] ? __pfx_audit_log_task+0x10/0x10 [ 156.287338][ T7447] ? migrate_enable+0x1a8/0x260 [ 156.289618][ T7447] ? __pfx_migrate_enable+0x10/0x10 [ 156.291925][ T7447] audit_seccomp+0x7a/0x280 [ 156.293964][ T7447] __seccomp_filter+0x816/0xf40 [ 156.296012][ T7447] ? __pfx___seccomp_filter+0x10/0x10 [ 156.298383][ T7447] ? fput+0x32/0x390 [ 156.300231][ T7447] ? ksys_write+0x1ab/0x260 [ 156.302838][ T39] audit: type=1326 audit(1722645489.993:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 156.317687][ T7447] __secure_computing+0x26c/0x3f0 [ 156.317716][ T7447] syscall_trace_enter+0x8b/0x240 [ 156.317740][ T7447] do_syscall_64+0x1ee/0x250 [ 156.317760][ T7447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.317783][ T7447] RIP: 0033:0x7f30229779f9 [ 156.317797][ T7447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.317814][ T7447] RSP: 002b:00007f30223ff048 EFLAGS: 00000246 ORIG_RAX: 00000000000000bb [ 156.317832][ T7447] RAX: ffffffffffffffda RBX: 00007f3022b05f80 RCX: 00007f30229779f9 [ 156.317845][ T7447] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 156.317856][ T7447] RBP: 00007f30223ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 156.317867][ T7447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.317877][ T7447] R13: 000000000000000b R14: 00007f3022b05f80 R15: 00007ffdd8428b58 [ 156.317891][ T7447] [ 156.377689][ T39] audit: type=1326 audit(1722645489.993:1976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 156.409191][ T39] audit: type=1326 audit(1722645489.993:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 156.427809][ T39] audit: type=1326 audit(1722645489.993:1978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3022976390 code=0x7ffc0000 [ 156.441598][ T39] audit: type=1326 audit(1722645489.993:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f30229764df code=0x7ffc0000 [ 156.454489][ T39] audit: type=1326 audit(1722645489.993:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 156.466624][ T39] audit: type=1326 audit(1722645490.093:1981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f302297643c code=0x7ffc0000 [ 156.478138][ T39] audit: type=1326 audit(1722645490.103:1982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7446 comm="syz.2.630" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f30229764df code=0x7ffc0000 [ 156.665693][ T1112] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 156.670098][ T7460] validate_nla: 7 callbacks suppressed [ 156.670111][ T7460] netlink: 'syz.0.635': attribute type 25 has an invalid length. [ 156.676758][ T7460] netlink: 'syz.0.635': attribute type 7 has an invalid length. [ 156.762971][ T7466] netlink: 4 bytes leftover after parsing attributes in process `syz.3.634'. [ 156.857625][ T7466] Bluetooth: hci4: Frame reassembly failed (-84) [ 156.884033][ T3217] Bluetooth: hci4: Frame reassembly failed (-84) [ 157.103107][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.106620][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.110146][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.120284][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.124136][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.127461][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.135778][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.139015][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.143162][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.146553][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.149826][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.154125][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.164032][ T25] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 157.169965][ T25] hid-generic 0000:0000:0000.000D: hidraw1: HID v0.00 Device [syz0] on syz1 [ 157.852311][ T7505] netlink: 'syz.1.647': attribute type 25 has an invalid length. [ 157.856290][ T7505] netlink: 'syz.1.647': attribute type 7 has an invalid length. [ 157.979430][ T7508] netlink: 'syz.0.646': attribute type 13 has an invalid length. [ 158.940563][ T5345] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 158.944446][ T4764] Bluetooth: hci4: command 0xfc11 tx timeout [ 159.232584][ T7541] netlink: 9412 bytes leftover after parsing attributes in process `syz.3.658'. [ 160.294082][ T7560] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.665'. [ 161.267206][ T7574] netlink: 'syz.2.671': attribute type 25 has an invalid length. [ 161.279004][ T7574] netlink: 'syz.2.671': attribute type 7 has an invalid length. [ 161.374131][ T39] kauditd_printk_skb: 61 callbacks suppressed [ 161.374146][ T39] audit: type=1400 audit(1722645495.133:2044): avc: denied { append } for pid=7577 comm="syz.2.672" name="card1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 161.389059][ T39] audit: type=1326 audit(1722645495.153:2045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.400447][ T39] audit: type=1326 audit(1722645495.163:2046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.410745][ T39] audit: type=1326 audit(1722645495.163:2047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.428290][ T39] audit: type=1326 audit(1722645495.163:2048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.439834][ T39] audit: type=1326 audit(1722645495.163:2049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.449084][ T39] audit: type=1326 audit(1722645495.163:2050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.460392][ T39] audit: type=1326 audit(1722645495.163:2051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.470539][ T39] audit: type=1326 audit(1722645495.163:2052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.491014][ T39] audit: type=1326 audit(1722645495.163:2053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7577 comm="syz.2.672" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 161.690360][ T7588] netlink: 'syz.3.675': attribute type 10 has an invalid length. [ 161.761795][ T7588] batman_adv: batadv0: Adding interface: team0 [ 161.764510][ T7588] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 161.776100][ T7588] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 161.787048][ T7588] netlink: 'syz.3.675': attribute type 10 has an invalid length. [ 161.797969][ T7588] netlink: 2 bytes leftover after parsing attributes in process `syz.3.675'. [ 161.802046][ T7588] team0: entered promiscuous mode [ 161.805214][ T7588] team_slave_0: entered promiscuous mode [ 161.811681][ T7588] team_slave_1: entered promiscuous mode [ 161.819834][ T7588] 8021q: adding VLAN 0 to HW filter on device team0 [ 161.826012][ T7588] batman_adv: batadv0: Interface activated: team0 [ 161.829365][ T7588] batman_adv: batadv0: Interface deactivated: team0 [ 161.833351][ T7588] batman_adv: batadv0: Removing interface: team0 [ 161.888477][ T7588] bridge0: port 3(team0) entered blocking state [ 161.896753][ T7588] bridge0: port 3(team0) entered disabled state [ 161.914810][ T7588] team0: entered allmulticast mode [ 161.927628][ T7588] team_slave_0: entered allmulticast mode [ 161.931591][ T7588] team_slave_1: entered allmulticast mode [ 161.942860][ T7588] bridge0: port 3(team0) entered blocking state [ 161.948603][ T7588] bridge0: port 3(team0) entered forwarding state [ 162.622883][ T7604] netlink: 'syz.2.680': attribute type 25 has an invalid length. [ 162.626614][ T7604] netlink: 'syz.2.680': attribute type 7 has an invalid length. [ 162.894541][ T7617] FAULT_INJECTION: forcing a failure. [ 162.894541][ T7617] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 162.901210][ T7616] --map-set only usable from mangle table [ 162.905651][ T7617] CPU: 0 UID: 0 PID: 7617 Comm: syz.2.684 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 162.910175][ T7617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 162.914635][ T7617] Call Trace: [ 162.916199][ T7617] [ 162.917375][ T7617] dump_stack_lvl+0x16c/0x1f0 [ 162.919233][ T7617] should_fail_ex+0x497/0x5b0 [ 162.921150][ T7617] _copy_to_user+0x30/0xc0 [ 162.923501][ T7617] simple_read_from_buffer+0xd0/0x160 [ 162.926813][ T7617] proc_fail_nth_read+0x1b0/0x290 [ 162.929015][ T7617] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 162.931628][ T7617] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 162.934094][ T7617] vfs_read+0x1d4/0xbd0 [ 162.935990][ T7617] ? __fdget_pos+0xeb/0x180 [ 162.938549][ T7617] ? __pfx_vfs_read+0x10/0x10 [ 162.940737][ T7617] ? __pfx___mutex_lock+0x10/0x10 [ 162.942947][ T7617] ? __fget_files+0x256/0x400 [ 162.945058][ T7617] ksys_read+0x12f/0x260 [ 162.947097][ T7617] ? __pfx_ksys_read+0x10/0x10 [ 162.949232][ T7617] do_syscall_64+0xcd/0x250 [ 162.951275][ T7617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.953903][ T7617] RIP: 0033:0x7f302297643c [ 162.955893][ T7617] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 162.965202][ T7617] RSP: 002b:00007f30223de040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 162.968849][ T7617] RAX: ffffffffffffffda RBX: 00007f3022b06058 RCX: 00007f302297643c [ 162.972609][ T7617] RDX: 000000000000000f RSI: 00007f30223de0b0 RDI: 000000000000000a [ 162.976176][ T7617] RBP: 00007f30223de0a0 R08: 0000000000000000 R09: 0000000000000000 [ 162.979675][ T7617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 162.983195][ T7617] R13: 000000000000006e R14: 00007f3022b06058 R15: 00007ffdd8428b58 [ 162.986846][ T7617] [ 163.202031][ T7627] netlink: 'syz.2.689': attribute type 25 has an invalid length. [ 163.209531][ T7627] netlink: 'syz.2.689': attribute type 7 has an invalid length. [ 164.185463][ T7676] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 164.188113][ T7676] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 164.192690][ T7676] vhci_hcd vhci_hcd.0: Device attached [ 164.199530][ T7676] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 164.312951][ T7684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.706'. [ 164.322370][ T7684] bridge0: port 3(team0) entered disabled state [ 164.324900][ T7684] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.328815][ T7684] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.382262][ T35] vhci_hcd: vhci_device speed not set [ 164.480436][ T35] usb 17-1: new full-speed USB device number 2 using vhci_hcd [ 164.818839][ T7688] netlink: 8 bytes leftover after parsing attributes in process `syz.3.709'. [ 164.881626][ T5345] Bluetooth: min 3 > max 0 [ 164.997928][ T7679] vhci_hcd: connection reset by peer [ 165.014610][ T11] vhci_hcd: stop threads [ 165.016575][ T11] vhci_hcd: release socket [ 165.020008][ T11] vhci_hcd: disconnect device [ 165.450101][ T7710] FAULT_INJECTION: forcing a failure. [ 165.450101][ T7710] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 165.471534][ T7710] CPU: 3 UID: 0 PID: 7710 Comm: syz.1.716 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 165.475840][ T7710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 165.480456][ T7710] Call Trace: [ 165.481983][ T7710] [ 165.483471][ T7710] dump_stack_lvl+0x16c/0x1f0 [ 165.485367][ T7710] should_fail_ex+0x497/0x5b0 [ 165.487413][ T7710] __fpu_restore_sig+0xf5/0x1430 [ 165.489665][ T7710] ? __pfx_mark_lock+0x10/0x10 [ 165.491569][ T7710] ? __pfx___fpu_restore_sig+0x10/0x10 [ 165.493912][ T7710] ? __might_fault+0xe3/0x190 [ 165.495943][ T7710] fpu__restore_sig+0x102/0x180 [ 165.498544][ T7710] restore_sigcontext+0x4ca/0x6a0 [ 165.501436][ T7710] ? __pfx_restore_sigcontext+0x10/0x10 [ 165.504898][ T7710] ? _raw_spin_unlock_irq+0x23/0x50 [ 165.507419][ T7710] ? lockdep_hardirqs_on+0x7c/0x110 [ 165.509700][ T7710] __do_sys_rt_sigreturn+0x138/0x230 [ 165.512031][ T7710] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 165.514684][ T7710] do_syscall_64+0xcd/0x250 [ 165.516661][ T7710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.519802][ T7710] RIP: 0033:0x7f5ba7f779f7 [ 165.521788][ T7710] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 165.529769][ T7710] RSP: 002b:00007f5ba8d41048 EFLAGS: 00000246 [ 165.532018][ T7710] RAX: 0000000000000127 RBX: 00007f5ba8105f80 RCX: 00007f5ba7f779f9 [ 165.535533][ T7710] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003 [ 165.539186][ T7710] RBP: 00007f5ba8d410a0 R08: 0000000000000000 R09: 0000000000000000 [ 165.542456][ T7710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.545983][ T7710] R13: 000000000000000b R14: 00007f5ba8105f80 R15: 00007ffc08067058 [ 165.549589][ T7710] [ 165.755435][ T7716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.718'. [ 165.886345][ T7722] netlink: 64 bytes leftover after parsing attributes in process `syz.1.719'. [ 166.940585][ T5345] Bluetooth: hci1: command tx timeout [ 167.167929][ T39] kauditd_printk_skb: 47 callbacks suppressed [ 167.167940][ T39] audit: type=1326 audit(1722645500.933:2101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7732 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 167.181256][ T39] audit: type=1326 audit(1722645500.933:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7732 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 167.208274][ T39] audit: type=1326 audit(1722645500.943:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7732 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 167.219174][ T39] audit: type=1326 audit(1722645500.943:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7732 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 167.244034][ T39] audit: type=1326 audit(1722645500.943:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7732 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 167.322989][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.326229][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.329555][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.339848][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.343082][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.346191][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.349059][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.352487][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.356321][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.359179][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.362210][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.365248][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.368121][ T5379] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 167.381938][ T5379] hid-generic 0000:0000:0000.000E: hidraw1: HID v0.00 Device [syz0] on syz1 [ 167.558913][ T39] audit: type=1326 audit(1722645501.323:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7732 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 167.590381][ T39] audit: type=1326 audit(1722645501.323:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7732 comm="syz.3.723" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 167.784794][ T42] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 167.893251][ T5345] Bluetooth: hci3: unexpected event for opcode 0x0c22 [ 168.604953][ T7762] netlink: 4 bytes leftover after parsing attributes in process `syz.2.731'. [ 168.757853][ T7762] Bluetooth: hci4: Frame reassembly failed (-84) [ 168.786313][ T5376] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 168.835767][ T39] audit: type=1400 audit(1722645502.603:2108): avc: denied { unmount } for pid=5336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 168.838626][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 168.892761][ T7767] netlink: 'syz.1.732': attribute type 1 has an invalid length. [ 168.911821][ T7767] netlink: 9396 bytes leftover after parsing attributes in process `syz.1.732'. [ 169.000316][ T5376] usb 5-1: Using ep0 maxpacket: 8 [ 169.016133][ T7771] ieee802154 phy0 wpan0: encryption failed: -90 [ 169.017234][ T39] audit: type=1400 audit(1722645502.793:2109): avc: denied { write } for pid=7770 comm="syz.3.734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 169.018603][ T5376] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 169.018628][ T5376] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 169.018649][ T5376] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 169.018670][ T5376] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 169.018706][ T5376] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 169.018726][ T5376] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.023099][ T7771] ieee802154 phy0 wpan0: encryption failed: -22 [ 169.236094][ T5376] usb 5-1: GET_CAPABILITIES returned 0 [ 169.239349][ T5376] usbtmc 5-1:16.0: can't read capabilities [ 169.451693][ T991] usb 5-1: USB disconnect, device number 4 [ 169.570532][ T35] vhci_hcd: vhci_device speed not set [ 169.745671][ T39] audit: type=1326 audit(1722645503.513:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7779 comm="syz.3.738" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 169.766520][ T7780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.738'. [ 170.086655][ T4764] Bluetooth: hci0: unexpected event for opcode 0x0c22 [ 170.430773][ T5376] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 170.620658][ T5376] usb 8-1: Using ep0 maxpacket: 16 [ 170.627588][ T5376] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 170.634307][ T5376] usb 8-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 170.639482][ T5376] usb 8-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 170.644400][ T5376] usb 8-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 170.649090][ T5376] usb 8-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 170.653567][ T5376] usb 8-1: config 1 interface 0 has no altsetting 0 [ 170.656593][ T5376] usb 8-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 170.659910][ T5376] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.688040][ T5376] ums-sddr09 8-1:1.0: USB Mass Storage device detected [ 170.692572][ T7796] FAULT_INJECTION: forcing a failure. [ 170.692572][ T7796] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.700060][ T7796] CPU: 1 UID: 0 PID: 7796 Comm: syz.1.745 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 170.703896][ T7796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 170.708161][ T7796] Call Trace: [ 170.709582][ T7796] [ 170.710839][ T7796] dump_stack_lvl+0x16c/0x1f0 [ 170.712907][ T7796] should_fail_ex+0x497/0x5b0 [ 170.714893][ T7796] _copy_to_user+0x30/0xc0 [ 170.716871][ T7796] simple_read_from_buffer+0xd0/0x160 [ 170.719153][ T7796] proc_fail_nth_read+0x1b0/0x290 [ 170.721289][ T7796] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 170.723650][ T7796] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 170.726051][ T7796] vfs_read+0x1d4/0xbd0 [ 170.727828][ T7796] ? __fdget_pos+0xeb/0x180 [ 170.729592][ T7796] ? __pfx_vfs_read+0x10/0x10 [ 170.731423][ T7796] ? __pfx___mutex_lock+0x10/0x10 [ 170.733360][ T7796] ? __fget_files+0x256/0x400 [ 170.735184][ T7796] ksys_read+0x12f/0x260 [ 170.736814][ T7796] ? __pfx_ksys_read+0x10/0x10 [ 170.738663][ T7796] do_syscall_64+0xcd/0x250 [ 170.740313][ T7796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.742775][ T7796] RIP: 0033:0x7f5ba7f7643c [ 170.744564][ T7796] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 170.751425][ T7796] RSP: 002b:00007f5ba8d41040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 170.754798][ T7796] RAX: ffffffffffffffda RBX: 00007f5ba8105f80 RCX: 00007f5ba7f7643c [ 170.758273][ T7796] RDX: 000000000000000f RSI: 00007f5ba8d410b0 RDI: 0000000000000004 [ 170.761539][ T7796] RBP: 00007f5ba8d410a0 R08: 0000000000000000 R09: 0000000000000000 [ 170.764768][ T7796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 170.767796][ T7796] R13: 000000000000000b R14: 00007f5ba8105f80 R15: 00007ffc08067058 [ 170.770738][ T7796] [ 170.850433][ T5345] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 171.001434][ T5376] scsi host6: usb-storage 8-1:1.0 [ 171.088463][ T42] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 171.198007][ T5379] usb 8-1: USB disconnect, device number 4 [ 171.268193][ T7818] fuse: Bad value for 'fd' [ 171.644245][ T7825] netlink: 4 bytes leftover after parsing attributes in process `syz.2.750'. [ 171.893908][ T7835] netlink: 20 bytes leftover after parsing attributes in process `syz.3.753'. [ 172.170916][ T39] kauditd_printk_skb: 19 callbacks suppressed [ 172.171191][ T39] audit: type=1400 audit(1722645505.943:2128): avc: denied { bind } for pid=7841 comm="syz.3.756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 172.183619][ T39] audit: type=1400 audit(1722645505.943:2129): avc: denied { listen } for pid=7841 comm="syz.3.756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 172.194815][ T39] audit: type=1400 audit(1722645505.943:2130): avc: denied { connect } for pid=7841 comm="syz.3.756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 172.206592][ T39] audit: type=1400 audit(1722645505.963:2131): avc: denied { write } for pid=7841 comm="syz.3.756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 172.380388][ T5379] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 172.570318][ T5379] usb 6-1: Using ep0 maxpacket: 32 [ 172.577703][ T5379] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 172.582294][ T5379] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 172.588196][ T5379] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 172.595003][ T5379] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 172.604319][ T5379] usb 6-1: config 0 interface 0 has no altsetting 0 [ 172.611379][ T5379] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 172.616694][ T5379] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 172.636671][ T5379] usb 6-1: Product: syz [ 172.638547][ T5379] usb 6-1: Manufacturer: syz [ 172.640637][ T5379] usb 6-1: SerialNumber: syz [ 172.662609][ T5379] usb 6-1: config 0 descriptor?? [ 172.668301][ T5379] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 172.683358][ T5379] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 172.890351][ T7849] netlink: 4 bytes leftover after parsing attributes in process `syz.2.757'. [ 172.902729][ T7849] Bluetooth: hci4: Frame reassembly failed (-84) [ 173.102801][ T991] usb 6-1: USB disconnect, device number 5 [ 173.102899][ C0] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 173.148376][ T1108] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 173.172333][ T991] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 173.174211][ T1108] Bluetooth: hci4: Frame reassembly failed (-84) [ 173.309417][ T39] audit: type=1326 audit(1722645507.073:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7838 comm="syz.1.755" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ba7f779f9 code=0x0 [ 173.573129][ C1] hpet: Lost 1 RTC interrupts [ 173.655728][ T7860] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 173.686265][ T39] audit: type=1326 audit(1722645507.453:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7859 comm="syz.3.760" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 173.699506][ T39] audit: type=1326 audit(1722645507.453:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7859 comm="syz.3.760" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x7ffc0000 [ 173.712408][ T39] audit: type=1326 audit(1722645507.453:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7859 comm="syz.3.760" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd439976390 code=0x7ffc0000 [ 173.723027][ T39] audit: type=1326 audit(1722645507.453:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7859 comm="syz.3.760" exe="/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fd439979187 code=0x7ffc0000 [ 173.848045][ T7863] netlink: 8 bytes leftover after parsing attributes in process `syz.3.761'. [ 174.172624][ T7871] netlink: 'syz.3.763': attribute type 13 has an invalid length. [ 174.780434][ T5376] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 174.963154][ T5376] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 174.968211][ T5376] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 174.973786][ T5376] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 174.980042][ T5376] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 174.985082][ T5376] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.995546][ T5376] usb 5-1: config 0 descriptor?? [ 175.042093][ T7881] netlink: 12 bytes leftover after parsing attributes in process `syz.3.767'. [ 175.098872][ T42] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 175.170458][ T4764] Bluetooth: hci4: command 0xfc11 tx timeout [ 175.170815][ T5345] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 175.433293][ T5376] usbhid 5-1:0.0: can't add hid device: -71 [ 175.437160][ T5376] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 175.452102][ T5376] usb 5-1: USB disconnect, device number 5 [ 175.725136][ T7906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.774'. [ 175.800835][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.3.776'. [ 176.216023][ T42] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 176.513754][ T7944] fuse: Bad value for 'fd' [ 177.709948][ T39] kauditd_printk_skb: 14 callbacks suppressed [ 177.709960][ T39] audit: type=1326 audit(1722645511.473:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7965 comm="syz.3.791" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x0 [ 177.982441][ T3217] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 178.734503][ T7987] netlink: 4 bytes leftover after parsing attributes in process `syz.1.797'. [ 178.807583][ T7988] Bluetooth: hci4: Frame reassembly failed (-84) [ 178.918606][ T11] Bluetooth: hci4: Frame reassembly failed (-84) [ 179.422603][ T42] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 179.547181][ T8008] netlink: 'syz.0.801': attribute type 13 has an invalid length. [ 179.910369][ T8014] binder: BINDER_SET_CONTEXT_MGR already set [ 179.914269][ T39] audit: type=1400 audit(1722645513.673:2151): avc: denied { map } for pid=8012 comm="syz.2.805" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 179.931739][ C1] hpet: Lost 1 RTC interrupts [ 179.936836][ T8014] binder: 8012:8014 ioctl 4018620d 20000040 returned -16 [ 180.296493][ T8020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.806'. [ 180.367115][ T8021] Bluetooth: hci5: Frame reassembly failed (-84) [ 180.371490][ T3217] Bluetooth: hci5: Frame reassembly failed (-84) [ 180.812653][ T8029] netlink: 'syz.3.810': attribute type 1 has an invalid length. [ 180.817101][ T8029] netlink: 9260 bytes leftover after parsing attributes in process `syz.3.810'. [ 180.822336][ T8029] netlink: 76 bytes leftover after parsing attributes in process `syz.3.810'. [ 180.886006][ T8014] syz.2.805 (8014): drop_caches: 2 [ 180.930768][ T5345] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 180.933537][ T5350] Bluetooth: hci4: command 0xfc11 tx timeout [ 181.121465][ T1112] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 181.475880][ T8042] netlink: 12 bytes leftover after parsing attributes in process `syz.2.814'. [ 181.754639][ T39] audit: type=1326 audit(1722645515.523:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8060 comm="syz.2.820" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 181.767259][ T39] audit: type=1326 audit(1722645515.523:2153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8060 comm="syz.2.820" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 181.778502][ T39] audit: type=1326 audit(1722645515.523:2154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8060 comm="syz.2.820" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 181.804810][ T39] audit: type=1326 audit(1722645515.523:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8060 comm="syz.2.820" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 181.814753][ T39] audit: type=1326 audit(1722645515.523:2156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8060 comm="syz.2.820" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 181.826523][ T39] audit: type=1326 audit(1722645515.523:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8060 comm="syz.2.820" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 181.886099][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.890747][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.895019][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.900194][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.903689][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.906932][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.910986][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.914889][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.918883][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.923023][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.926272][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.929465][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.934556][ T10] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0 [ 181.943920][ T10] hid-generic 0000:0000:0000.000F: hidraw1: HID v0.00 Device [syz0] on syz1 [ 182.029828][ T39] audit: type=1326 audit(1722645515.793:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8060 comm="syz.2.820" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 182.371760][ T5345] Bluetooth: hci5: command 0xfc11 tx timeout [ 182.376162][ T4764] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 182.391567][ T8072] FAULT_INJECTION: forcing a failure. [ 182.391567][ T8072] name failslab, interval 1, probability 0, space 0, times 0 [ 182.397329][ T8072] CPU: 3 UID: 0 PID: 8072 Comm: syz.1.823 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 182.402295][ T8072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 182.407266][ T8072] Call Trace: [ 182.408376][ T8072] [ 182.409574][ T8072] dump_stack_lvl+0x16c/0x1f0 [ 182.411909][ T8072] should_fail_ex+0x497/0x5b0 [ 182.414098][ T8072] ? fs_reclaim_acquire+0xae/0x160 [ 182.416204][ T8072] should_failslab+0xc2/0x120 [ 182.418449][ T8072] __kmalloc_node_noprof+0xd1/0x430 [ 182.420919][ T8072] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 182.423521][ T8072] ? lockdep_init_map_type+0x16d/0x7d0 [ 182.426356][ T8072] __kvmalloc_node_noprof+0x9d/0x1a0 [ 182.428720][ T8072] bucket_table_alloc.isra.0+0x86/0x470 [ 182.431123][ T8072] rhashtable_init_noprof+0x41a/0x7e0 [ 182.433354][ T8072] rhltable_init_noprof+0x20/0x60 [ 182.435480][ T8072] nf_tables_newtable+0xfaa/0x1b20 [ 182.437620][ T8072] ? net_generic+0xea/0x2a0 [ 182.439447][ T8072] ? __pfx_nf_tables_newtable+0x10/0x10 [ 182.441562][ T8072] ? __nla_parse+0x40/0x60 [ 182.443423][ T8072] nfnetlink_rcv_batch+0x1a19/0x24e0 [ 182.445735][ T8072] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 182.448124][ T8072] ? find_held_lock+0x2d/0x110 [ 182.450254][ T8072] ? avc_has_perm_noaudit+0x119/0x3a0 [ 182.452497][ T8072] ? avc_has_perm_noaudit+0x143/0x3a0 [ 182.454797][ T8072] ? __nla_parse+0x40/0x60 [ 182.456769][ T8072] nfnetlink_rcv+0x3c3/0x430 [ 182.458559][ T8072] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 182.460741][ T8072] netlink_unicast+0x544/0x830 [ 182.462893][ T8072] ? __pfx_netlink_unicast+0x10/0x10 [ 182.465125][ T8072] netlink_sendmsg+0x8b8/0xd70 [ 182.467233][ T8072] ? __pfx_netlink_sendmsg+0x10/0x10 [ 182.469316][ T8072] ? __import_iovec+0x1fd/0x6e0 [ 182.471154][ T8072] ____sys_sendmsg+0xab5/0xc90 [ 182.472958][ T8072] ? copy_msghdr_from_user+0x10b/0x160 [ 182.474992][ T8072] ? __pfx_____sys_sendmsg+0x10/0x10 [ 182.477122][ T8072] ? find_held_lock+0x2d/0x110 [ 182.479191][ T8072] ? __pfx___lock_acquire+0x10/0x10 [ 182.481488][ T8072] ___sys_sendmsg+0x135/0x1e0 [ 182.483703][ T8072] ? __pfx____sys_sendmsg+0x10/0x10 [ 182.485968][ T8072] ? ksys_write+0x21c/0x260 [ 182.488148][ T8072] ? __fget_light+0x173/0x210 [ 182.490242][ T8072] __sys_sendmsg+0x117/0x1f0 [ 182.492284][ T8072] ? __pfx___sys_sendmsg+0x10/0x10 [ 182.494595][ T8072] do_syscall_64+0xcd/0x250 [ 182.496682][ T8072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.499325][ T8072] RIP: 0033:0x7f5ba7f779f9 [ 182.501102][ T8072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.509145][ T8072] RSP: 002b:00007f5ba8d41048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 182.512600][ T8072] RAX: ffffffffffffffda RBX: 00007f5ba8105f80 RCX: 00007f5ba7f779f9 [ 182.515788][ T8072] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 182.518693][ T8072] RBP: 00007f5ba8d410a0 R08: 0000000000000000 R09: 0000000000000000 [ 182.521747][ T8072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 182.524938][ T8072] R13: 000000000000000b R14: 00007f5ba8105f80 R15: 00007ffc08067058 [ 182.528100][ T8072] [ 182.618621][ T8075] netlink: 12 bytes leftover after parsing attributes in process `syz.0.824'. [ 182.699581][ T8078] netlink: 4 bytes leftover after parsing attributes in process `syz.1.825'. [ 182.712969][ T4764] Bluetooth: hci0: unexpected event for opcode 0x0c22 [ 183.030682][ T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 183.223587][ T25] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 183.226677][ T25] usb 5-1: can't read configurations, error -61 [ 183.380758][ T25] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 183.566243][ T25] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 183.569523][ T25] usb 5-1: can't read configurations, error -61 [ 183.573076][ T25] usb usb5-port1: attempt power cycle [ 183.926865][ T3217] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 183.980350][ T25] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 184.009595][ T8110] FAULT_INJECTION: forcing a failure. [ 184.009595][ T8110] name failslab, interval 1, probability 0, space 0, times 0 [ 184.015491][ T8110] CPU: 0 UID: 0 PID: 8110 Comm: syz.1.835 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 184.018177][ T25] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 184.020418][ T8110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 184.020433][ T8110] Call Trace: [ 184.020441][ T8110] [ 184.020448][ T8110] dump_stack_lvl+0x16c/0x1f0 [ 184.020479][ T8110] should_fail_ex+0x497/0x5b0 [ 184.020506][ T8110] ? fs_reclaim_acquire+0xae/0x160 [ 184.020525][ T8110] should_failslab+0xc2/0x120 [ 184.020548][ T8110] kmem_cache_alloc_node_noprof+0x71/0x310 [ 184.020570][ T8110] ? __alloc_skb+0x2b1/0x380 [ 184.020593][ T8110] __alloc_skb+0x2b1/0x380 [ 184.020616][ T8110] ? __pfx___alloc_skb+0x10/0x10 [ 184.025352][ T25] usb 5-1: can't read configurations, error -61 [ 184.029639][ T8110] ? __phys_addr_symbol+0x30/0x80 [ 184.029663][ T8110] pfkey_sendmsg+0x47f/0x840 [ 184.063494][ T8110] ____sys_sendmsg+0xab5/0xc90 [ 184.066502][ T8110] ? copy_msghdr_from_user+0x10b/0x160 [ 184.069754][ T8110] ? __pfx_____sys_sendmsg+0x10/0x10 [ 184.072829][ T8110] ? find_held_lock+0x2d/0x110 [ 184.074987][ T8110] ? __pfx___lock_acquire+0x10/0x10 [ 184.077815][ T8110] ___sys_sendmsg+0x135/0x1e0 [ 184.080418][ T8110] ? __pfx____sys_sendmsg+0x10/0x10 [ 184.083136][ T8110] ? ksys_write+0x21c/0x260 [ 184.085594][ T8110] ? __fget_light+0x173/0x210 [ 184.088296][ T8110] __sys_sendmsg+0x117/0x1f0 [ 184.091277][ T8110] ? __pfx___sys_sendmsg+0x10/0x10 [ 184.094569][ T8110] do_syscall_64+0xcd/0x250 [ 184.097372][ T8110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.100422][ T8110] RIP: 0033:0x7f5ba7f779f9 [ 184.102790][ T8110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.112475][ T8110] RSP: 002b:00007f5ba8d41048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 184.116857][ T8110] RAX: ffffffffffffffda RBX: 00007f5ba8105f80 RCX: 00007f5ba7f779f9 [ 184.120917][ T8110] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 184.124143][ T8110] RBP: 00007f5ba8d410a0 R08: 0000000000000000 R09: 0000000000000000 [ 184.127965][ T8110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 184.133206][ T8110] R13: 000000000000000b R14: 00007f5ba8105f80 R15: 00007ffc08067058 [ 184.138442][ T8110] [ 184.180624][ T25] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 184.214185][ T25] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 184.218749][ T25] usb 5-1: can't read configurations, error -61 [ 184.232899][ T25] usb usb5-port1: unable to enumerate USB device [ 184.265970][ T8117] netlink: 4 bytes leftover after parsing attributes in process `syz.1.836'. [ 184.411628][ T8126] fuse: Invalid rootmode [ 185.265503][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 185.267348][ T39] audit: type=1326 audit(1722645519.033:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8130 comm="syz.1.842" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ba7f779f9 code=0x0 [ 185.912606][ T8137] input: syz1 as /devices/virtual/input/input13 [ 185.994476][ T8139] FAULT_INJECTION: forcing a failure. [ 185.994476][ T8139] name failslab, interval 1, probability 0, space 0, times 0 [ 186.000190][ T8139] CPU: 3 UID: 0 PID: 8139 Comm: syz.0.845 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 186.004439][ T8139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 186.008808][ T8139] Call Trace: [ 186.010191][ T8139] [ 186.011501][ T8139] dump_stack_lvl+0x16c/0x1f0 [ 186.013574][ T8139] should_fail_ex+0x497/0x5b0 [ 186.015716][ T8139] ? fs_reclaim_acquire+0xae/0x160 [ 186.018066][ T8139] should_failslab+0xc2/0x120 [ 186.020270][ T8139] __kmalloc_cache_noprof+0x6b/0x300 [ 186.022617][ T8139] ? smc_pnet_add+0x48c/0x1750 [ 186.024839][ T8139] smc_pnet_add+0x48c/0x1750 [ 186.026821][ T8139] ? __pfx_smc_pnet_add+0x10/0x10 [ 186.029067][ T8139] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 186.032330][ T8139] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 186.035637][ T8139] genl_family_rcv_msg_doit+0x202/0x2f0 [ 186.038099][ T8139] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 186.040787][ T8139] ? security_capable+0x98/0xd0 [ 186.042785][ T8139] genl_rcv_msg+0x565/0x800 [ 186.044708][ T8139] ? __pfx_genl_rcv_msg+0x10/0x10 [ 186.046893][ T8139] ? __pfx___lock_acquire+0x10/0x10 [ 186.049241][ T8139] ? __pfx_smc_pnet_add+0x10/0x10 [ 186.051298][ T8139] ? __pfx___lock_acquire+0x10/0x10 [ 186.053553][ T8139] netlink_rcv_skb+0x16b/0x440 [ 186.055668][ T8139] ? __pfx_genl_rcv_msg+0x10/0x10 [ 186.057654][ T8139] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 186.059816][ T8139] ? down_read+0xc9/0x330 [ 186.061738][ T8139] ? __pfx_down_read+0x10/0x10 [ 186.063868][ T8139] ? netlink_deliver_tap+0x1ae/0xd90 [ 186.065922][ T8139] genl_rcv+0x28/0x40 [ 186.067489][ T8139] netlink_unicast+0x544/0x830 [ 186.069008][ T8139] ? __pfx_netlink_unicast+0x10/0x10 [ 186.071630][ T8139] netlink_sendmsg+0x8b8/0xd70 [ 186.073328][ T8139] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.075555][ T8139] ? __import_iovec+0x1fd/0x6e0 [ 186.077489][ T8139] ____sys_sendmsg+0xab5/0xc90 [ 186.079505][ T8139] ? copy_msghdr_from_user+0x10b/0x160 [ 186.081938][ T8139] ? __pfx_____sys_sendmsg+0x10/0x10 [ 186.084074][ T8139] ? find_held_lock+0x2d/0x110 [ 186.086106][ T8139] ? __pfx___lock_acquire+0x10/0x10 [ 186.088559][ T8139] ___sys_sendmsg+0x135/0x1e0 [ 186.090665][ T8139] ? __pfx____sys_sendmsg+0x10/0x10 [ 186.092906][ T8139] ? ksys_write+0x21c/0x260 [ 186.094847][ T8139] ? __fget_light+0x173/0x210 [ 186.096839][ T8139] __sys_sendmsg+0x117/0x1f0 [ 186.098838][ T8139] ? __pfx___sys_sendmsg+0x10/0x10 [ 186.101292][ T8139] do_syscall_64+0xcd/0x250 [ 186.103329][ T8139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.105845][ T8139] RIP: 0033:0x7f31de7779f9 [ 186.107736][ T8139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.116429][ T8139] RSP: 002b:00007f31df4be048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 186.119920][ T8139] RAX: ffffffffffffffda RBX: 00007f31de905f80 RCX: 00007f31de7779f9 [ 186.123058][ T8139] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004 [ 186.126146][ T8139] RBP: 00007f31df4be0a0 R08: 0000000000000000 R09: 0000000000000000 [ 186.129540][ T8139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.133238][ T8139] R13: 000000000000000b R14: 00007f31de905f80 R15: 00007ffffb434288 [ 186.137215][ T8139] [ 186.335877][ T8157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'. [ 186.482006][ T39] audit: type=1400 audit(1722645520.243:2162): avc: denied { create } for pid=8160 comm="syz.0.851" name="control" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 186.523003][ T39] audit: type=1400 audit(1722645520.293:2163): avc: denied { watch } for pid=8160 comm="syz.0.851" path="/205/file0/control" dev="9p" ino=36701624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 186.544585][ T8166] netlink: 4 bytes leftover after parsing attributes in process `syz.1.850'. [ 186.563810][ T8166] Bluetooth: hci4: Frame reassembly failed (-84) [ 186.567328][ T1112] Bluetooth: hci4: Frame reassembly failed (-84) [ 186.935813][ T8177] fuse: Invalid rootmode [ 187.240975][ T8185] netlink: 4 bytes leftover after parsing attributes in process `syz.2.859'. [ 187.387135][ T42] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xe5 [ 187.406344][ T39] audit: type=1326 audit(1722645521.173:2164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8203 comm="syz.2.864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 187.418395][ T39] audit: type=1326 audit(1722645521.173:2165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8203 comm="syz.2.864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 187.430337][ T39] audit: type=1326 audit(1722645521.183:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8203 comm="syz.2.864" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 187.442029][ T39] audit: type=1326 audit(1722645521.183:2167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8203 comm="syz.2.864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 187.456803][ T39] audit: type=1326 audit(1722645521.183:2168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8203 comm="syz.2.864" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 187.539074][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.550298][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.554005][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.557507][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.570290][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.574570][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.578214][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.581683][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.584913][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.588178][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.598022][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.601575][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.610166][ T35] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 187.630057][ T35] hid-generic 0000:0000:0000.0010: hidraw1: HID v0.00 Device [syz0] on syz1 [ 187.746753][ T39] audit: type=1326 audit(1722645521.503:2169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8203 comm="syz.2.864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 187.761853][ T39] audit: type=1326 audit(1722645521.503:2170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8203 comm="syz.2.864" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30229779f9 code=0x7ffc0000 [ 188.285420][ T8219] netlink: 12 bytes leftover after parsing attributes in process `syz.2.869'. [ 188.400444][ T8222] netlink: 12 bytes leftover after parsing attributes in process `syz.2.870'. [ 188.605867][ T8225] netlink: 4 bytes leftover after parsing attributes in process `syz.2.871'. [ 188.610900][ T5345] Bluetooth: hci4: command 0xfc11 tx timeout [ 188.617170][ T4764] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 188.871028][ T8239] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 188.940567][ T8240] netlink: 'syz.1.873': attribute type 1 has an invalid length. [ 188.942902][ T8243] netlink: 8 bytes leftover after parsing attributes in process `syz.2.877'. [ 188.959657][ T8240] netlink: 9260 bytes leftover after parsing attributes in process `syz.1.873'. [ 188.966403][ T8240] netlink: 76 bytes leftover after parsing attributes in process `syz.1.873'. [ 189.022824][ T8245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.878'. [ 189.281261][ T8253] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 189.805193][ T4764] Bluetooth: hci0: unexpected event 0x09 length: 10 > 3 [ 189.809591][ T4764] Bluetooth: hci0: SCO packet for unknown connection handle 1039 [ 189.868900][ T8261] Bluetooth: hci4: Frame reassembly failed (-84) [ 189.932650][ T1223] Bluetooth: hci4: Frame reassembly failed (-84) [ 189.937416][ T1223] Bluetooth: hci4: Frame reassembly failed (-84) [ 190.366468][ T8260] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 190.534400][ T8270] FAULT_INJECTION: forcing a failure. [ 190.534400][ T8270] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 190.572023][ T8270] CPU: 2 UID: 0 PID: 8270 Comm: syz.0.884 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 190.576633][ T8270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 190.581214][ T8270] Call Trace: [ 190.582707][ T8270] [ 190.584026][ T8270] dump_stack_lvl+0x16c/0x1f0 [ 190.598242][ T8270] should_fail_ex+0x497/0x5b0 [ 190.600339][ T8270] _copy_from_user+0x30/0xf0 [ 190.602358][ T8270] snd_rawmidi_kernel_write1+0x4f9/0x880 [ 190.604642][ T8270] snd_rawmidi_write+0x26d/0xc00 [ 190.606815][ T8270] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 190.609227][ T8270] ? avc_policy_seqno+0x9/0x20 [ 190.609883][ C1] hpet_rtc_timer_reinit: 18 callbacks suppressed [ 190.609897][ C1] hpet: Lost 1 RTC interrupts [ 190.626419][ T8270] ? selinux_file_permission+0x125/0x590 [ 190.626458][ T8270] ? __pfx_default_wake_function+0x10/0x10 [ 190.626483][ T8270] ? security_file_permission+0x98/0xc0 [ 190.626510][ T8270] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 190.626536][ T8270] vfs_write+0x29a/0x1140 [ 190.626556][ T8270] ? __pfx_vfs_write+0x10/0x10 [ 190.626573][ T8270] ? __fget_files+0x256/0x400 [ 190.626600][ T8270] ? __fget_light+0x173/0x210 [ 190.626626][ T8270] ksys_write+0x1f8/0x260 [ 190.626643][ T8270] ? __pfx_ksys_write+0x10/0x10 [ 190.626662][ T8270] do_syscall_64+0xcd/0x250 [ 190.626684][ T8270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.626711][ T8270] RIP: 0033:0x7f31de7779f9 [ 190.626725][ T8270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.626743][ T8270] RSP: 002b:00007f31df4be048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 190.626763][ T8270] RAX: ffffffffffffffda RBX: 00007f31de905f80 RCX: 00007f31de7779f9 [ 190.626776][ T8270] RDX: 00000000fffffd2c RSI: 0000000020000000 RDI: 0000000000000005 [ 190.626788][ T8270] RBP: 00007f31df4be0a0 R08: 0000000000000000 R09: 0000000000000000 [ 190.626801][ T8270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.626812][ T8270] R13: 000000000000000b R14: 00007f31de905f80 R15: 00007ffffb434288 [ 190.626828][ T8270] [ 190.753326][ C1] hpet: Lost 8 RTC interrupts [ 190.813136][ T8272] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 190.927053][ T39] audit: type=1326 audit(1722645524.693:2189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8274 comm="syz.0.886" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31de7779f9 code=0x7ffc0000 [ 190.947064][ T39] audit: type=1326 audit(1722645524.693:2190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8274 comm="syz.0.886" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f31de7779f9 code=0x7ffc0000 [ 190.963481][ T39] audit: type=1326 audit(1722645524.693:2191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8274 comm="syz.0.886" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31de7779f9 code=0x7ffc0000 [ 190.972965][ T39] audit: type=1326 audit(1722645524.693:2192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8274 comm="syz.0.886" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31de7779f9 code=0x7ffc0000 [ 190.989654][ T39] audit: type=1326 audit(1722645524.703:2193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8274 comm="syz.0.886" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f31de7779f9 code=0x7ffc0000 [ 191.121913][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.125282][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.128854][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.132098][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.135380][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.138512][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.150323][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.154309][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.157365][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.163595][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.174377][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.178863][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.182758][ T5381] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0 [ 191.187696][ T5381] hid-generic 0000:0000:0000.0011: hidraw1: HID v0.00 Device [syz0] on syz1 [ 191.225099][ T39] audit: type=1400 audit(1722645524.963:2194): avc: denied { read } for pid=8285 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 191.241687][ T39] audit: type=1400 audit(1722645524.963:2195): avc: denied { open } for pid=8285 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 191.258703][ T39] audit: type=1400 audit(1722645524.963:2196): avc: denied { getattr } for pid=8285 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1484 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 191.272003][ T67] Bluetooth: hci3: unexpected event 0x09 length: 10 > 3 [ 191.272126][ T67] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 191.276019][ T67] Bluetooth: hci3: SCO packet for unknown connection handle 1039 [ 191.405466][ T8295] __nla_validate_parse: 3 callbacks suppressed [ 191.413480][ T8295] netlink: 8 bytes leftover after parsing attributes in process `syz.2.889'. [ 191.902852][ T4764] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 191.970413][ T4764] Bluetooth: hci3: command 0x0405 tx timeout [ 191.980416][ T4764] Bluetooth: hci0: command 0x0401 tx timeout [ 192.750602][ T8292] Process accounting resumed [ 193.021064][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.028646][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.035474][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.065670][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.073586][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.087379][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.100385][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.166257][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.217182][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.241498][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.248712][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.253391][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.256695][ T836] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 193.279914][ T836] hid-generic 0000:0000:0000.0012: hidraw1: HID v0.00 Device [syz0] on syz1 [ 193.892174][ T8363] msdos: Unknown parameter 'b±Fs µÚì' [ 193.899009][ T8364] netlink: 'syz.2.899': attribute type 10 has an invalid length. [ 195.029005][ T8391] FAULT_INJECTION: forcing a failure. [ 195.029005][ T8391] name failslab, interval 1, probability 0, space 0, times 0 [ 195.034880][ T8391] CPU: 2 UID: 0 PID: 8391 Comm: syz.0.905 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 195.039415][ T8391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 195.043303][ T8391] Call Trace: [ 195.044561][ T8391] [ 195.045756][ T8391] dump_stack_lvl+0x16c/0x1f0 [ 195.047587][ T8391] should_fail_ex+0x497/0x5b0 [ 195.049491][ T8391] ? fs_reclaim_acquire+0xae/0x160 [ 195.051817][ T8391] should_failslab+0xc2/0x120 [ 195.053761][ T8391] kmem_cache_alloc_node_noprof+0x71/0x310 [ 195.056022][ T8391] ? __alloc_skb+0x2b1/0x380 [ 195.057843][ T8391] __alloc_skb+0x2b1/0x380 [ 195.059644][ T8391] ? __pfx___alloc_skb+0x10/0x10 [ 195.061772][ T8391] ? module_put+0xd/0x30 [ 195.063689][ T8391] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 195.066008][ T8391] netlink_ack+0x164/0xb90 [ 195.068011][ T8391] netlink_rcv_skb+0x348/0x440 [ 195.070202][ T8391] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 195.072660][ T8391] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 195.074986][ T8391] ? netlink_deliver_tap+0x1ae/0xd90 [ 195.077388][ T8391] netlink_unicast+0x544/0x830 [ 195.079585][ T8391] ? __pfx_netlink_unicast+0x10/0x10 [ 195.082086][ T8391] netlink_sendmsg+0x8b8/0xd70 [ 195.084252][ T8391] ? __pfx_netlink_sendmsg+0x10/0x10 [ 195.086567][ T8391] ? __import_iovec+0x1fd/0x6e0 [ 195.088702][ T8391] ____sys_sendmsg+0xab5/0xc90 [ 195.090764][ T8391] ? copy_msghdr_from_user+0x10b/0x160 [ 195.092762][ T8391] ? __pfx_____sys_sendmsg+0x10/0x10 [ 195.094894][ T8391] ? find_held_lock+0x2d/0x110 [ 195.097163][ T8391] ? __pfx___lock_acquire+0x10/0x10 [ 195.099316][ T8391] ___sys_sendmsg+0x135/0x1e0 [ 195.101450][ T8391] ? __pfx____sys_sendmsg+0x10/0x10 [ 195.103871][ T8391] ? ksys_write+0x21c/0x260 [ 195.106146][ T8391] ? __fget_light+0x173/0x210 [ 195.108244][ T8391] __sys_sendmsg+0x117/0x1f0 [ 195.110290][ T8391] ? __pfx___sys_sendmsg+0x10/0x10 [ 195.112536][ T8391] do_syscall_64+0xcd/0x250 [ 195.114553][ T8391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.117934][ T8391] RIP: 0033:0x7f31de7779f9 [ 195.119956][ T8391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.128542][ T8391] RSP: 002b:00007f31df4be048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 195.132615][ T8391] RAX: ffffffffffffffda RBX: 00007f31de905f80 RCX: 00007f31de7779f9 [ 195.136195][ T8391] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000003 [ 195.139692][ T8391] RBP: 00007f31df4be0a0 R08: 0000000000000000 R09: 0000000000000000 [ 195.143236][ T8391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 195.146594][ T8391] R13: 000000000000000b R14: 00007f31de905f80 R15: 00007ffffb434288 [ 195.150081][ T8391] [ 195.704590][ C1] hpet_rtc_timer_reinit: 29 callbacks suppressed [ 195.704609][ C1] hpet: Lost 1 RTC interrupts [ 195.848606][ T39] audit: type=1400 audit(1722645529.613:2221): avc: denied { write } for pid=8406 comm="syz.1.911" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 195.880053][ T8407] FAULT_INJECTION: forcing a failure. [ 195.880053][ T8407] name failslab, interval 1, probability 0, space 0, times 0 [ 195.890466][ T8407] CPU: 0 UID: 0 PID: 8407 Comm: syz.1.911 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 195.899099][ T8407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 195.904104][ T8407] Call Trace: [ 195.906406][ T8407] [ 195.907877][ T8407] dump_stack_lvl+0x16c/0x1f0 [ 195.910127][ T8407] should_fail_ex+0x497/0x5b0 [ 195.912781][ T8407] ? fs_reclaim_acquire+0xae/0x160 [ 195.915520][ T8407] should_failslab+0xc2/0x120 [ 195.917731][ T8407] __kmalloc_noprof+0xcb/0x400 [ 195.920403][ T8407] ? __pfx_lock_acquire+0x10/0x10 [ 195.923128][ T8407] tomoyo_realpath_from_path+0xb9/0x720 [ 195.925926][ T8407] ? tomoyo_profile+0x47/0x60 [ 195.928050][ T8407] tomoyo_path_number_perm+0x245/0x590 [ 195.931388][ T8407] ? tomoyo_path_number_perm+0x232/0x590 [ 195.933968][ T8407] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 195.937531][ T8407] ? find_held_lock+0x2d/0x110 [ 195.940558][ T8407] ? do_user_addr_fault+0xe50/0x13f0 [ 195.943397][ T8407] ? __fget_files+0x256/0x400 [ 195.945669][ T8407] security_file_ioctl+0x75/0xc0 [ 195.948136][ T8407] __x64_sys_ioctl+0xbb/0x220 [ 195.950380][ T8407] do_syscall_64+0xcd/0x250 [ 195.952246][ T8407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.954665][ T8407] RIP: 0033:0x7f5ba7f775fb [ 195.956421][ T8407] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 195.965235][ T8407] RSP: 002b:00007f5ba8d3f4a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 195.968787][ T8407] RAX: ffffffffffffffda RBX: 00007f5ba8d3fbf0 RCX: 00007f5ba7f775fb [ 195.971884][ T8407] RDX: 00007f5ba8d3fbf0 RSI: 000000004020ae46 RDI: 0000000000000006 [ 195.975802][ T8407] RBP: 0000000000000006 R08: 0000000000000001 R09: 0000000000000000 [ 195.979422][ T8407] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 195.983120][ T8407] R13: 0000000020fe9000 R14: 0000000020fe8000 R15: 00000000fec00000 [ 195.986693][ T8407] [ 195.988970][ T8407] ERROR: Out of memory at tomoyo_realpath_from_path. [ 196.551483][ T836] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 196.746041][ T836] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.751016][ T836] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.755390][ T836] usb 8-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 196.759255][ T836] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.776251][ T8435] netlink: 'syz.0.921': attribute type 1 has an invalid length. [ 196.779591][ T8435] netlink: 9396 bytes leftover after parsing attributes in process `syz.0.921'. [ 196.781139][ T836] usb 8-1: config 0 descriptor?? [ 196.946000][ T39] audit: type=1400 audit(1722645530.713:2222): avc: denied { map } for pid=8438 comm="syz.1.923" path="/dev/vcsa" dev="devtmpfs" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 197.346847][ T8452] FAULT_INJECTION: forcing a failure. [ 197.346847][ T8452] name failslab, interval 1, probability 0, space 0, times 0 [ 197.354802][ T8452] CPU: 1 UID: 0 PID: 8452 Comm: syz.2.927 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 197.359726][ T8452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 197.365003][ T8452] Call Trace: [ 197.366534][ T8452] [ 197.368370][ T8452] dump_stack_lvl+0x16c/0x1f0 [ 197.370890][ T8452] should_fail_ex+0x497/0x5b0 [ 197.373613][ T8452] ? fs_reclaim_acquire+0xae/0x160 [ 197.376181][ T8452] should_failslab+0xc2/0x120 [ 197.378693][ T8452] __kmalloc_node_noprof+0xd1/0x430 [ 197.381707][ T8452] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 197.384913][ T8452] __kvmalloc_node_noprof+0x9d/0x1a0 [ 197.387678][ T8452] bpf_check+0x5413/0xa210 [ 197.389654][ T8452] ? __sys_bpf+0x8e9/0x4a20 [ 197.391841][ T8452] ? __x64_sys_bpf+0x78/0xc0 [ 197.398054][ T8452] ? do_syscall_64+0xcd/0x250 [ 197.403251][ T8452] ? __pfx_bpf_check+0x10/0x10 [ 197.405785][ T8452] ? selinux_bpf_prog_load+0x15f/0x1c0 [ 197.409694][ T8452] bpf_prog_load+0xedb/0x2660 [ 197.411850][ T8452] ? __pfx_bpf_prog_load+0x10/0x10 [ 197.414233][ T8452] ? avc_has_perm+0x11b/0x1c0 [ 197.416242][ T8452] ? selinux_bpf+0xde/0x130 [ 197.418776][ T8452] ? security_bpf+0x8c/0xc0 [ 197.421117][ T8452] __sys_bpf+0x8e9/0x4a20 [ 197.423296][ T8452] ? ksys_write+0x21c/0x260 [ 197.425803][ T8452] ? reacquire_held_locks+0x3f0/0x4c0 [ 197.428291][ T8452] ? __pfx___sys_bpf+0x10/0x10 [ 197.430351][ T8452] ? vfs_write+0x14d/0x1140 [ 197.431870][ T8452] ? __mutex_unlock_slowpath+0x164/0x650 [ 197.434157][ T8452] ? fput+0x32/0x390 [ 197.435827][ T8452] ? ksys_write+0x1ab/0x260 [ 197.437775][ T8452] ? __pfx_ksys_write+0x10/0x10 [ 197.439838][ T8452] __x64_sys_bpf+0x78/0xc0 [ 197.442215][ T8452] ? lockdep_hardirqs_on+0x7c/0x110 [ 197.445491][ T8452] do_syscall_64+0xcd/0x250 [ 197.447517][ T8452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.450316][ T8452] RIP: 0033:0x7f30229779f9 [ 197.452952][ T8452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.461921][ T8452] RSP: 002b:00007f30223ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 197.465942][ T8452] RAX: ffffffffffffffda RBX: 00007f3022b05f80 RCX: 00007f30229779f9 [ 197.469804][ T8452] RDX: 0000000000000090 RSI: 0000000020000600 RDI: 0000000000000005 [ 197.473602][ T8452] RBP: 00007f30223ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 197.477552][ T8452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 197.481194][ T8452] R13: 000000000000000b R14: 00007f3022b05f80 R15: 00007ffdd8428b58 [ 197.485617][ T8452] [ 197.488246][ C1] hpet: Lost 7 RTC interrupts [ 197.576876][ T836] usb 8-1: string descriptor 0 read error: -71 [ 197.580850][ T836] uclogic 0003:256C:006D.0013: failed retrieving string descriptor #200: -71 [ 197.585360][ T836] uclogic 0003:256C:006D.0013: failed retrieving pen parameters: -71 [ 197.589910][ T836] uclogic 0003:256C:006D.0013: failed probing pen v2 parameters: -71 [ 197.594571][ T836] uclogic 0003:256C:006D.0013: failed probing parameters: -71 [ 197.597797][ T836] uclogic 0003:256C:006D.0013: probe with driver uclogic failed with error -71 [ 197.605023][ T836] usb 8-1: USB disconnect, device number 5 [ 198.301028][ T39] audit: type=1400 audit(1722645532.053:2223): avc: denied { getopt } for pid=8468 comm="syz.2.933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 198.327922][ T39] audit: type=1400 audit(1722645532.103:2224): avc: denied { write } for pid=8469 comm="syz.3.932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 198.476434][ T8472] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 198.482932][ T8472] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 198.541469][ T8483] netlink: 'syz.2.935': attribute type 1 has an invalid length. [ 200.108709][ T8505] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 200.113133][ T8505] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 200.137657][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 200.269493][ T39] audit: type=1400 audit(1722645534.023:2225): avc: denied { mount } for pid=8520 comm="syz.1.943" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 200.394746][ T5350] Bluetooth: hci3: unexpected event for opcode 0x0c22 [ 200.870175][ T8542] netlink: 48 bytes leftover after parsing attributes in process `syz.3.954'. [ 200.876222][ T39] audit: type=1400 audit(1722645534.643:2226): avc: denied { write } for pid=8541 comm="syz.3.954" name="usbmon9" dev="devtmpfs" ino=751 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 200.886399][ T39] audit: type=1400 audit(1722645534.643:2227): avc: denied { ioctl } for pid=8541 comm="syz.3.954" path="/dev/usbmon9" dev="devtmpfs" ino=751 ioctlcmd=0x9201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 201.072087][ T5350] Bluetooth: hci0: unexpected event for opcode 0x0c22 [ 201.196625][ C1] hpet: Lost 1 RTC interrupts [ 201.281598][ T39] audit: type=1326 audit(1722645535.053:2228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8541 comm="syz.3.954" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd4399779f9 code=0x0 [ 201.855835][ T8572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.962'. [ 201.956669][ T39] audit: type=1400 audit(1722645535.733:2229): avc: denied { read } for pid=8578 comm="syz.3.964" name="nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 201.981480][ T39] audit: type=1400 audit(1722645535.733:2230): avc: denied { open } for pid=8578 comm="syz.3.964" path="/dev/nullb0" dev="devtmpfs" ino=693 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 201.993558][ T8579] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 202.277646][ T5350] Bluetooth: hci3: unexpected event for opcode 0x0c22 [ 202.388750][ T8596] netlink: 4 bytes leftover after parsing attributes in process `syz.0.971'. [ 202.450666][ T8600] FAULT_INJECTION: forcing a failure. [ 202.450666][ T8600] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 202.458473][ T8600] CPU: 1 UID: 0 PID: 8600 Comm: syz.1.972 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 202.463938][ T8600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 202.468592][ T8600] Call Trace: [ 202.469988][ T8600] [ 202.471199][ T8600] dump_stack_lvl+0x16c/0x1f0 [ 202.473230][ T8600] should_fail_ex+0x497/0x5b0 [ 202.475222][ T8600] _copy_to_user+0x30/0xc0 [ 202.477121][ T8600] simple_read_from_buffer+0xd0/0x160 [ 202.479294][ T8600] proc_fail_nth_read+0x1b0/0x290 [ 202.481305][ T8600] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 202.483565][ T8600] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 202.486063][ T8600] vfs_read+0x1d4/0xbd0 [ 202.488011][ T8600] ? __fdget_pos+0xeb/0x180 [ 202.489781][ T8600] ? __pfx_vfs_read+0x10/0x10 [ 202.492825][ T8600] ? __pfx___mutex_lock+0x10/0x10 [ 202.495417][ T8600] ? __fget_files+0x256/0x400 [ 202.497784][ T8600] ksys_read+0x12f/0x260 [ 202.499821][ T8600] ? __pfx_ksys_read+0x10/0x10 [ 202.501995][ T8600] do_syscall_64+0xcd/0x250 [ 202.503923][ T8600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.506487][ T8600] RIP: 0033:0x7f5ba7f7643c [ 202.508752][ T8600] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 202.517678][ T8600] RSP: 002b:00007f5ba8d41040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 202.521332][ T8600] RAX: ffffffffffffffda RBX: 00007f5ba8105f80 RCX: 00007f5ba7f7643c [ 202.524921][ T8600] RDX: 000000000000000f RSI: 00007f5ba8d410b0 RDI: 0000000000000005 [ 202.528274][ T8600] RBP: 00007f5ba8d410a0 R08: 0000000000000000 R09: 0000000000000000 [ 202.531412][ T8600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 202.534749][ T8600] R13: 000000000000000b R14: 00007f5ba8105f80 R15: 00007ffc08067058 [ 202.538445][ T8600] [ 202.541441][ C1] hpet: Lost 5 RTC interrupts [ 202.544764][ T39] audit: type=1400 audit(1722645536.263:2231): avc: denied { name_bind } for pid=8611 comm="syz.0.975" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 202.553569][ T39] audit: type=1400 audit(1722645536.263:2232): avc: denied { append } for pid=8611 comm="syz.0.975" name="sg0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 202.575791][ C2] vkms_vblank_simulate: vblank timer overrun [ 202.849066][ T39] audit: type=1400 audit(1722645536.613:2233): avc: denied { connect } for pid=8631 comm="syz.0.980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 203.007893][ T5350] Bluetooth: hci3: unexpected event for opcode 0x0c22 [ 203.115461][ T8636] netlink: 4 bytes leftover after parsing attributes in process `syz.0.982'. [ 203.371724][ T5350] Bluetooth: hci0: unexpected event for opcode 0x0c56 [ 203.378824][ T8644] jump_label: Fatal kernel bug, unexpected op at vcpu_mmio_read+0x85/0x3f0 [ffffffff81115495] (e9 9b 01 00 00 != 0f 1f 44 00 00)) size:5 type:1 [ 203.387310][ T8644] ------------[ cut here ]------------ [ 203.391116][ T8644] kernel BUG at arch/x86/kernel/jump_label.c:73! [ 203.394142][ T8644] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 203.398651][ T8644] CPU: 3 UID: 0 PID: 8644 Comm: syz.1.985 Not tainted 6.11.0-rc1-syzkaller-00233-g948752d2e010 #0 [ 203.406570][ T8644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 203.411106][ T8644] RIP: 0010:__jump_label_patch+0x378/0x400 [ 203.413594][ T8644] Code: 48 c7 c3 60 40 24 93 e8 56 84 59 00 45 89 e1 49 89 d8 4c 89 f1 41 55 4c 89 f2 4c 89 f6 48 c7 c7 60 38 46 8b e8 89 f7 39 00 90 <0f> 0b e8 31 84 59 00 90 0f 0b e8 29 84 59 00 90 0f 0b 48 c7 c7 70 [ 203.423805][ T8644] RSP: 0018:ffffc9000361faa0 EFLAGS: 00010282 [ 203.427155][ T8644] RAX: 000000000000008d RBX: ffffffff8b466eea RCX: ffffffff816b0039 [ 203.430880][ T8644] RDX: 0000000000000000 RSI: ffffffff816b9416 RDI: 0000000000000005 [ 203.434590][ T8644] RBP: ffffc9000361fae8 R08: 0000000000000005 R09: 0000000000000000 [ 203.438671][ T8644] R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000005 [ 203.443354][ T8644] R13: 0000000000000001 R14: ffffffff81115495 R15: 00000000000000da [ 203.446884][ T8644] FS: 000055555ce07500(0000) GS:ffff88806b300000(0000) knlGS:0000000000000000 [ 203.450899][ T8644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.451976][ T5350] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 203.453917][ T8644] CR2: 000000110c3641e3 CR3: 000000002de50000 CR4: 0000000000352ef0 [ 203.453933][ T8644] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 203.462898][ T8644] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 203.466818][ T8644] Call Trace: [ 203.468667][ T8644] [ 203.470311][ T8644] ? show_regs+0x8c/0xa0 [ 203.473103][ T8644] ? die+0x36/0xa0 [ 203.474876][ T8644] ? do_trap+0x232/0x430 [ 203.476841][ T8644] ? __jump_label_patch+0x378/0x400 [ 203.479596][ T8644] ? __jump_label_patch+0x378/0x400 [ 203.482189][ T8644] ? do_error_trap+0xf4/0x230 [ 203.485099][ T8644] ? __jump_label_patch+0x378/0x400 [ 203.487595][ T8644] ? handle_invalid_op+0x34/0x40 [ 203.490138][ T8644] ? __jump_label_patch+0x378/0x400 [ 203.492993][ T8644] ? exc_invalid_op+0x2e/0x50 [ 203.495478][ T8644] ? asm_exc_invalid_op+0x1a/0x20 [ 203.497886][ T8644] ? vcpu_mmio_read+0x85/0x3f0 [ 203.500498][ T8644] ? __wake_up_klogd.part.0+0x99/0xf0 [ 203.503508][ T8644] ? vprintk+0x86/0xa0 [ 203.506010][ T8644] ? __jump_label_patch+0x378/0x400 [ 203.509071][ T8644] arch_jump_label_transform_queue+0x7e/0x120 [ 203.511992][ T8644] __jump_label_update+0x125/0x420 [ 203.514911][ T8644] jump_label_update+0x1d7/0x400 [ 203.518074][ T8644] __static_key_slow_dec_cpuslocked.part.0+0x4e/0x90 [ 203.522240][ T8644] static_key_slow_dec+0x7c/0xc0 [ 203.525516][ T8644] kvm_free_lapic+0x184/0x1c0 [ 203.528500][ T8644] kvm_arch_vcpu_destroy+0x110/0x2a0 [ 203.531816][ T8644] kvm_destroy_vcpus+0x114/0x2a0 [ 203.534277][ T8644] ? __pfx_kvm_destroy_vcpus+0x10/0x10 [ 203.537298][ T8644] ? kvm_arch_vcpu_put+0x668/0x9d0 [ 203.540775][ T8644] kvm_arch_destroy_vm+0x2ec/0x490 [ 203.544180][ T8644] ? __pfx_kvm_arch_destroy_vm+0x10/0x10 [ 203.547614][ T8644] kvm_put_kvm+0x510/0xb80 [ 203.549784][ T8644] ? __pfx_kvm_vm_release+0x10/0x10 [ 203.553214][ T8644] kvm_vm_release+0x42/0x60 [ 203.555682][ T8644] __fput+0x408/0xbb0 [ 203.557876][ T8644] task_work_run+0x14e/0x250 [ 203.560764][ T8644] ? __pfx_task_work_run+0x10/0x10 [ 203.563485][ T8644] syscall_exit_to_user_mode+0x27b/0x2a0 [ 203.566984][ T8644] do_syscall_64+0xda/0x250 [ 203.569673][ T8644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.572551][ T8644] RIP: 0033:0x7f5ba7f779f9 [ 203.574943][ T8644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.587037][ T8644] RSP: 002b:00007ffc080671b8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 203.591421][ T8644] RAX: 0000000000000000 RBX: 00007f5ba8107a80 RCX: 00007f5ba7f779f9 [ 203.595625][ T8644] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 203.599066][ T8644] RBP: 00007f5ba8107a80 R08: 00007f5ba80f2000 R09: 00007ffc0806749f [ 203.606480][ T8644] R10: 00000000003ffd94 R11: 0000000000000246 R12: 0000000000031c0a [ 203.610434][ T8644] R13: 00007ffc080672b0 R14: 00007ffc080672d0 R15: ffffffffffffffff [ 203.614975][ T8644] [ 203.616995][ T8644] Modules linked in: [ 203.632814][ T8644] ---[ end trace 0000000000000000 ]--- [ 203.645061][ T8644] RIP: 0010:__jump_label_patch+0x378/0x400 [ 203.647724][ T8644] Code: 48 c7 c3 60 40 24 93 e8 56 84 59 00 45 89 e1 49 89 d8 4c 89 f1 41 55 4c 89 f2 4c 89 f6 48 c7 c7 60 38 46 8b e8 89 f7 39 00 90 <0f> 0b e8 31 84 59 00 90 0f 0b e8 29 84 59 00 90 0f 0b 48 c7 c7 70 [ 203.661613][ T8644] RSP: 0018:ffffc9000361faa0 EFLAGS: 00010282 [ 203.664328][ T8644] RAX: 000000000000008d RBX: ffffffff8b466eea RCX: ffffffff816b0039 [ 203.667411][ T8644] RDX: 0000000000000000 RSI: ffffffff816b9416 RDI: 0000000000000005 [ 203.670167][ T8644] RBP: ffffc9000361fae8 R08: 0000000000000005 R09: 0000000000000000 [ 203.675475][ T8644] R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000005 [ 203.679113][ T8644] R13: 0000000000000001 R14: ffffffff81115495 R15: 00000000000000da [ 203.682632][ T8644] FS: 000055555ce07500(0000) GS:ffff88806b200000(0000) knlGS:0000000000000000 [ 203.686574][ T8644] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.689357][ T8644] CR2: 0000000020fff000 CR3: 000000002de50000 CR4: 0000000000352ef0 [ 203.694538][ T8644] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 203.697725][ T8644] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 203.702701][ T8644] Kernel panic - not syncing: Fatal exception [ 203.712960][ T8644] Kernel Offset: disabled [ 203.714603][ T8644] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:38:57 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=ffffc900035bf720 RCX=ffffffff81340d9e RDX=ffffc900035bf728 RSI=ffffffff81e7a0bb RDI=ffffc900035bf728 RBP=0000000000000002 RSP=ffffc900035bf638 R8 =0000000000000007 R9 =0000000000000000 R10=ffffffff81e7a0bb R11=0000000000000000 R12=ffffc900035bf660 R13=ffffffff81761170 R14=ffffc900035bf720 R15=ffff88801f76a440 RIP=ffffffff817611b6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f4ee3a0f108 CR3=0000000046828000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000008 RBX=ffffc9000371f140 RCX=0000000000000001 RDX=0000000000000005 RSI=ffffffff8b49d700 RDI=0000000000000005 RBP=ffffffff8b49d700 RSP=ffffc9000371f038 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000002 R11=dffffc0000000000 R12=0000000000000005 R13=0000000000000015 R14=ffffffff90a2b444 R15=ffffc9000371f175 RIP=ffffffff818a76a6 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fd43a69e6c0 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055f5b943a8e8 CR3=0000000021306000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555566e78a24 0000555566e78a20 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555566e6c490 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555566ee5bbb 0000555566ee3f00 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc9a8f52b0 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3ae200080002b803 7e040002b4030004 0002b00306040002 ac0306020002aa03 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffdb 0813800340100002 8004400800520800 0100000a08060a01 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8003138004000800 040c41f4006c6562 616c776f6c665f36 70692f74656e01ff ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0001d00800021000 1080040100000c08 060a012dde028c10 001090030d800410 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0104800404a68408 000100000e080606 0124d800040004e8 0300080004b80300 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000306e616c7601 ffffffffffffffff ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 cf08048803000800 0480030808880e05 0880040008000410 0002100008013fa6 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00080001d0080002 1000108004010000 0c08060a012dde02 8c10001090030d80 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000001b711f RBX=0000000000000002 RCX=ffffffff8b11c529 RDX=0000000000000000 RSI=ffffffff8b4cc500 RDI=ffffffff8bb08400 RBP=ffffed10030db000 RSP=ffffc90000197e08 R8 =0000000000000001 R9 =ffffed100d646fd9 R10=ffff88806b237ecb R11=0000000000000000 R12=0000000000000002 R13=ffff8880186d8000 R14=ffffffff9012b958 R15=0000000000000000 RIP=ffffffff8b11d91f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000038c0c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1e315690dd328927 897a4cbb3ef31861 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 9678c94c69f234de 4e7ffdf6eff706a0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 95eb24743cc723ed 482aeedcb26087ee ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c756f5ae4ba2f6f6 e603a6629a0e2347 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000008fc0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00b5bf5094257ed0 0000007c0000007c ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8fdebe40952f92f0 99a9c95298f66012 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 936547e40000007c 0000007c00000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007c0000007c 96b586700000007c ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3431873af64c9898 c70d9c9cf5b740df ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 844d111fa04b20e4 703347220ddfd05e ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3022ad6488 00007f3022ad6480 00007f3022ad6478 00007f3022ad6450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f302363d100 00007f3022ad6440 00007f3022ad6458 0004000b000c0008 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3022ad6498 00007f3022ad6490 00007f3022ad6488 00007f3022ad6480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fe2765 RDI=ffffffff9519d720 RBP=ffffffff9519d6e0 RSP=ffffc9000361f438 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043 R12=0000000000000000 R13=0000000000000020 R14=ffffffff84fe2700 R15=0000000000000000 RIP=ffffffff84fe278f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 000055555ce07500 ffffffff 00c01300 GS =0000 ffff88806b300000 ffffffff 00c01300 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3641e3 CR3=000000002de50000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000100001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdd8428ee0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30229e66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30229e66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30229e66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30229e66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30229e6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30229e6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000