last executing test programs: 4.4486008s ago: executing program 3 (id=240): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCGIDLE32(r1, 0x40047457, &(0x7f0000000400)) (fail_nth: 3) 4.271106058s ago: executing program 3 (id=242): r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) writev(r1, &(0x7f0000000140)=[{&(0x7f00000000c0)=']', 0x1}], 0x1) 2.402133527s ago: executing program 0 (id=284): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000001000000000010000000900010073797a300000000064000000030a01010000000000000000010000000900030073797a300000000014000480080002400000000208000140000000000900010073797a300000000008000a40000000021c0008800c00024000000000000000000c0001"], 0xac}}, 0x0) 2.350660807s ago: executing program 0 (id=286): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=@delneigh={0x1c, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r4}}, 0x1c}}, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x4a0, 0x0, 0x138, 0x210, 0x0, 0x138, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x2000000}}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000000000001000000000000000f0ffffffffffffff10"]) 2.231555384s ago: executing program 0 (id=288): syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x56a, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xfffc, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x2, 0x0, 0xfe}}}}}]}}]}}, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x81, 0x0) write$sequencer(r1, 0x0, 0x28) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f0000000bc0)={0x800100, 0x0, 0x0, 0x724f, 0x0, 0x55a}) 1.252254027s ago: executing program 3 (id=300): syz_emit_ethernet(0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c2000001316c"], 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x448}}, 0x0) 1.251928734s ago: executing program 3 (id=302): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@gettclass={0x24, 0x2a, 0x100, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x9, 0xf}, {0x4, 0xfff3}}}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0xf}, {}, {0x8}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}]}}]}, 0x3c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.20112722s ago: executing program 3 (id=304): setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x0, 0x6, 0xffffffff}, 0x10) r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000001f80)=[{{&(0x7f00000022c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000440)=[{&(0x7f0000002300)="ef", 0x1}], 0x1}}], 0x1, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000000)={r3, 0x6}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r3}, 0x8) r4 = socket$inet(0x2, 0x80001, 0x84) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_CREATE_BUFS(r6, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}}) syz_io_uring_setup(0x53e2, &(0x7f0000000140)={0x0, 0x804, 0x0, 0x8000, 0xfffffffe}, &(0x7f0000000240), 0x0) ioctl$VIDIOC_QBUF(r6, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8000"}, 0x0, 0x2, {}, 0x20800}) close_range(r5, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000180)={0x3, 0x6, 0x1f4bf1ba, 0x2, r7}, 0xfffffffd) 1.12845458s ago: executing program 1 (id=307): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) dup3(r1, r0, 0x0) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000001c0)) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x54, 0x0, &(0x7f0000001540)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) 1.064766344s ago: executing program 1 (id=308): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x44, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0) 1.063062609s ago: executing program 1 (id=309): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) 992.123006ms ago: executing program 0 (id=310): r0 = socket(0x2a, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)={0x34, r2, 0x1, 0x0, 0x0, {0x37}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@gettclass={0x24, 0x2a, 0x100, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x9, 0xf}, {0x4, 0xfff3}}}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xf}, {}, {0x8}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}]}}]}, 0x3c}}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000cc0)={0x20, r5, 0x2586ad4018a3b31b, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r6 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r6, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4000000002060101000000000000000002000002050005000000000011000300686133683a8f2afe6e6574740000000005000500020000000500040000000000000000"], 0x40}, 0x1, 0x0, 0x0, 0x44}, 0x4000005) setsockopt$MRT_DEL_MFC_PROXY(r6, 0x0, 0xd3, &(0x7f00000000c0)={@multicast2, @multicast2, 0x0, "c6cfe6ec8355b5dc4e305886d95f0867070e5a036900", 0x1}, 0x3c) r7 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) 991.910542ms ago: executing program 0 (id=311): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="150000"], 0x15) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) 954.400591ms ago: executing program 1 (id=312): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x3, 0x10101}, &(0x7f00000001c0)=0x0, &(0x7f0000000200)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd=r0, 0xffffffffffffffff, 0x0, 0xffffffffffffffea, 0xc}) io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4) 880.969092ms ago: executing program 1 (id=313): r0 = socket(0x2, 0x3, 0xff) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) (async) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendmsg$key(r0, &(0x7f0000000040)={0xa00, 0x0, &(0x7f0000000000)={0x0, 0x18}}, 0x20) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r2, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) setsockopt$sock_int(r2, 0x1, 0x9, &(0x7f0000000100)=0x8, 0x4) syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) (async) r3 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000100)='wg2\x00', 0x4) (async) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000100)='wg2\x00', 0x4) r4 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) (async) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000440)={r6, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000140)={r7}) (async) ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000140)={r7}) ioctl$DRM_IOCTL_MODE_ADDFB2(r3, 0xc06864b8, &(0x7f00000004c0)={0x0, 0xc2, 0x80, 0x20203843, 0x3, [r7], [0x80ffff, 0x1, 0x400000], [0x0, 0x2, 0xfffffffe, 0x5], [0x9]}) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000680)=@raw={'raw\x00', 0x3c1, 0x3, 0x5f0, 0x0, 0xffffff80, 0x178, 0x3b8, 0x178, 0x520, 0x22b, 0x258, 0x520, 0x258, 0x2034, 0x0, {[{{@uncond, 0x1d, 0x398, 0x3b8, 0x340, {0x1e0002a8, 0x7203000000000000}, [@common=@unspec=@bpf1={{0x230}, @bytecode={0x0, 0x1a, 0x64, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x6}]}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "e22e50439abb066265e088a63e13552b8b2fec412753ac647d17d2ebca69d17a9722bd2f5be411676d5993fb4cc74168209fb9f43b63bab2a88206d7dd8158d916b865d0f713f772c59ad6e6b572e9a6c498fb6459888a281e8c071a9a7229f9fe02cb8e9ba7637a2591a5367c770c87034734be6eda195ce135517efa85da52"}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1_to_bridge\x00', 'geneve1\x00'}, 0x0, 0x100, 0x168, 0x0, {}, [@common=@ah={{0x30}}, @common=@ipv6header={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x650) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000180)) (async) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r3, 0x80089419, &(0x7f0000000180)) 832.355411ms ago: executing program 2 (id=314): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x3, 0x10101}, &(0x7f00000001c0)=0x0, &(0x7f0000000200)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd=r0, 0xffffffffffffffff, 0x0, 0xffffffffffffffea, 0xc}) io_uring_enter(r1, 0x7a98, 0x30, 0x0, 0x0, 0x0) 762.064292ms ago: executing program 2 (id=315): socket$packet(0x11, 0x2, 0x300) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000080)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000001c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010025bd7000fbdbdf25070000000c0017ae654f60aaaaaaaaaa08000300", @ANYRES32=r3, @ANYBLOB="0a0004007770616e34000000080005"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4080080) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) read$msr(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) r6 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) ioctl$TIOCSRS485(r5, 0x542f, &(0x7f0000000040)={0x3, 0x3, 0x10000000}) setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4) bind$inet(r4, 0x0, 0x0) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000180), 0x181000, 0x0) ioctl$SOUND_MIXER_READ_RECSRC(r7, 0x80044dff, &(0x7f00000001c0)) close_range(r0, 0xffffffffffffffff, 0x0) 602.258857ms ago: executing program 2 (id=316): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/tcp6\x00') r1 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r0, 0x800, {0x2a00, 0x80010000, 0x0, 0x17, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c5512406c7f0000000000008000", [0x6, 0x40000000000000]}}) ioctl$LOOP_SET_STATUS64(r1, 0x4c00, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x5, 0x4000004, 0x0, 0xa, 0x8, 0x4, "4df449865f76c7f7c38ac455ef1dfd62368250a4b043fe03fe0b7f269ca0db9bcc5b2cb0194cb11718df549db44949016f9657da46e2018720149805f7376a3f", "b632a7bee94fc4c68f1dda0c44de9b59c53306cf207e622ef3390f715f4745a72aa0f469bac1c56c587fcb71b46df2a451353c99aaed689cd42cce97ac88bad7", "f7ad36867b77989e162f7a317998c48659e4c1574854a34440f34abd4206f29e", [0x9, 0x9]}) 601.965983ms ago: executing program 2 (id=317): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x181000, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000200)) (fail_nth: 3) 411.040976ms ago: executing program 2 (id=318): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001900)=@newlink={0x44, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0) 349.486027ms ago: executing program 2 (id=319): syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x56a, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0xfffc, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x2, 0x0, 0xfe}}}}}]}}]}}, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x81, 0x0) write$sequencer(r1, 0x0, 0x28) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f0000000bc0)={0x800100, 0x0, 0x0, 0x724f, 0x0, 0x55a}) 349.15179ms ago: executing program 3 (id=320): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x38, 0x2, {{0x2, 0x200000, 0x0, 0x0, 0xffffffff, 0x8003}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x80000003, 0x0, 0xfffffffd, 0x100000}}]}]}}}]}, 0x68}}, 0x0) r3 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0) r4 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x4040) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r5, 0xc08c5336, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) quotactl_fd$Q_GETINFO(r0, 0xffffffff80000502, 0xee00, &(0x7f0000000340)) getsockopt$SO_COOKIE(r6, 0x1, 0x39, &(0x7f0000000000), &(0x7f0000000040)=0x8) syz_usb_disconnect(r4) r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ee2d0102036827f410e3010902120001000000000904000050fef84d6f6d944a807facb9c82a8305cb562cc665c09e729769ecab1a24c118a75240a45c6b37e8f80bdd4c8ad1eb41fbaee9de66dee8505b788ea20c42a75eb8185e0000000000009f8d3e80eefed6b30f1d19661955a3eb9d715a2e8294788e21d4fc9925969e20921353e344084dfb28b8b74d61ad57b7bd7357f3e61f63964f9e5764735553ef2e890ad9469d265d988ee1f3857ed548b3bf2ae4c07b75b4367212d32b0168f30a8a37ccaf789d83fc0c9c72eebca67118428305fb67eaa2e185be8f9295e2b6398bfec9c11eca273322328ec20f0f2901aa47240927d48e0db380e8cfaafd667b5a229a4c978a000000000000"], 0x0) setrlimit(0x3, &(0x7f0000000380)={0x7fffffff, 0x1}) ioctl$EVIOCRMFF(r4, 0x550c, 0x0) syz_usb_control_io(r7, 0x0, 0x0) ioctl$EVIOCGLED(r5, 0x80404519, &(0x7f0000000240)=""/116) getsockopt$inet6_tcp_buf(r5, 0x6, 0x1a, &(0x7f00000002c0)=""/16, &(0x7f0000000300)=0x10) 632.511µs ago: executing program 1 (id=321): mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]}) r0 = creat(&(0x7f0000000340)='./file0/file0\x00', 0x0) chdir(&(0x7f0000000140)='./bus\x00') r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000002540)) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@GFS2_LARGE_FH_SIZE={0x20, 0x8, {{0x9, 0x0, 0xfffffff9, 0x9}, {0x7fff, 0x7, 0x3, 0xd06a}}}, 0x0, 0x600) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x1, &(0x7f0000000040)=@raw=[@ldst={0x0, 0x2, 0x4, 0x4, 0x5, 0xfffffffffffffff0, 0x4}], &(0x7f0000000180)='GPL\x00', 0x6, 0x40, &(0x7f00000001c0)=""/64, 0x41100, 0x0, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000200)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000240)={0x2, 0xb, 0xfffffffe, 0x4}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94) getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f0000000280)=0x0, &(0x7f00000002c0)=0x4) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r6 = dup(r5) write$FUSE_BMAP(r6, &(0x7f0000000300)={0x18, 0x0, 0x0, {0xfffffffffffffffa}}, 0x18) r7 = userfaultfd(0x801) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x200}) ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000100), 0xc06620, 0x4) ioctl$UFFDIO_COPY(r7, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000adb000/0x2000)=nil, &(0x7f0000fee000/0x11000)=nil, 0x2000}) write$FUSE_DIRENTPLUS(r6, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0) write$FUSE_DIRENTPLUS(r6, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10) mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@posixacl}]}}) ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f0000000000)=@userptr={0x4, 0xc, 0x4, 0x100000, 0x6, {0x77359400}, {0x1, 0x2, 0x4, 0x2, 0xba, 0xd6, "d9842457"}, 0x401, 0x2, {0x0}, 0x8000}) chdir(0x0) r8 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(r8, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r2, r3, 0x25, 0x0, @val=@iter={&(0x7f0000000380)=@cgroup={0x3, r6, 0x46c2}, 0x10}}, 0x20) 0s ago: executing program 0 (id=322): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) ioctl$KVM_RUN(r3, 0xae80, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) kernel console output (not intermixed with test programs): [ 38.233277][ T39] audit: type=1400 audit(1737769546.323:81): avc: denied { rlimitinh } for pid=5872 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.241347][ T39] audit: type=1400 audit(1737769546.323:82): avc: denied { siginh } for pid=5872 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.907756][ T39] audit: type=1400 audit(1737769547.013:83): avc: denied { read } for pid=5334 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 38.916514][ T39] audit: type=1400 audit(1737769547.013:84): avc: denied { append } for pid=5334 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.925304][ T39] audit: type=1400 audit(1737769547.013:85): avc: denied { open } for pid=5334 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.934138][ T39] audit: type=1400 audit(1737769547.013:86): avc: denied { getattr } for pid=5334 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:13617' (ED25519) to the list of known hosts. [ 40.404578][ T39] audit: type=1400 audit(1737769548.513:87): avc: denied { name_bind } for pid=5924 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 42.136623][ T5926] cgroup: Unknown subsys name 'net' [ 42.283249][ T5926] cgroup: Unknown subsys name 'cpuset' [ 42.286708][ T5926] cgroup: Unknown subsys name 'rlimit' [ 42.468151][ T5935] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 43.071292][ T5926] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.454096][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 45.454110][ T39] audit: type=1400 audit(1737769553.563:105): avc: denied { execmem } for pid=5937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 45.631955][ T39] audit: type=1400 audit(1737769553.743:106): avc: denied { create } for pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.655288][ T39] audit: type=1400 audit(1737769553.743:107): avc: denied { read write } for pid=5941 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.668293][ T39] audit: type=1400 audit(1737769553.753:108): avc: denied { open } for pid=5941 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 45.677968][ T39] audit: type=1400 audit(1737769553.753:109): avc: denied { ioctl } for pid=5941 comm="syz-executor" path="socket:[7425]" dev="sockfs" ino=7425 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.680151][ T5291] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.696951][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.699123][ T5952] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.700430][ T5946] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.702686][ T5952] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.706291][ T5946] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.707395][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.710407][ T5946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.712321][ T5952] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.714860][ T5946] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.717978][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.718923][ T5946] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.724193][ T5946] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 45.724454][ T5952] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 45.727201][ T5946] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.729388][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.731368][ T5946] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 45.734482][ T5956] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.736210][ T5946] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.740256][ T5956] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.742956][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.743043][ T39] audit: type=1400 audit(1737769553.853:110): avc: denied { read } for pid=5941 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.745258][ T5956] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.752569][ T39] audit: type=1400 audit(1737769553.853:111): avc: denied { open } for pid=5941 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 45.755927][ T5956] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 45.761960][ T39] audit: type=1400 audit(1737769553.853:112): avc: denied { mounton } for pid=5941 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 45.767380][ T5956] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.854469][ T39] audit: type=1400 audit(1737769553.963:113): avc: denied { module_request } for pid=5941 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 45.883664][ T5941] chnl_net:caif_netlink_parms(): no params data found [ 45.947183][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 45.997441][ T5951] chnl_net:caif_netlink_parms(): no params data found [ 46.018269][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.021610][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.024469][ T5941] bridge_slave_0: entered allmulticast mode [ 46.027421][ T5941] bridge_slave_0: entered promiscuous mode [ 46.034617][ T5955] chnl_net:caif_netlink_parms(): no params data found [ 46.048560][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.050985][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.053162][ T5941] bridge_slave_1: entered allmulticast mode [ 46.055677][ T5941] bridge_slave_1: entered promiscuous mode [ 46.112066][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.118601][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.120790][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.122813][ T5943] bridge_slave_0: entered allmulticast mode [ 46.124883][ T5943] bridge_slave_0: entered promiscuous mode [ 46.132104][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.160486][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.166108][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.168807][ T5943] bridge_slave_1: entered allmulticast mode [ 46.172282][ T5943] bridge_slave_1: entered promiscuous mode [ 46.206263][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.209185][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.212175][ T5955] bridge_slave_0: entered allmulticast mode [ 46.215255][ T5955] bridge_slave_0: entered promiscuous mode [ 46.274075][ T5941] team0: Port device team_slave_0 added [ 46.275946][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.277966][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.280125][ T5955] bridge_slave_1: entered allmulticast mode [ 46.282679][ T5955] bridge_slave_1: entered promiscuous mode [ 46.286320][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.290078][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.292273][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.294357][ T5951] bridge_slave_0: entered allmulticast mode [ 46.296469][ T5951] bridge_slave_0: entered promiscuous mode [ 46.299539][ T5941] team0: Port device team_slave_1 added [ 46.325795][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.328462][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.330477][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.332578][ T5951] bridge_slave_1: entered allmulticast mode [ 46.334709][ T5951] bridge_slave_1: entered promiscuous mode [ 46.356926][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.373904][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.376127][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.383779][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.388295][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.399682][ T5943] team0: Port device team_slave_0 added [ 46.402530][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.405516][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.407566][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.415085][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.434939][ T5943] team0: Port device team_slave_1 added [ 46.438197][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.451471][ T5955] team0: Port device team_slave_0 added [ 46.489526][ T5955] team0: Port device team_slave_1 added [ 46.507254][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.509402][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.516933][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.522454][ T5951] team0: Port device team_slave_0 added [ 46.532277][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.534307][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.541854][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.559663][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.561807][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.569575][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.573739][ T5951] team0: Port device team_slave_1 added [ 46.576232][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.578414][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.585956][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.594123][ T5941] hsr_slave_0: entered promiscuous mode [ 46.597063][ T5941] hsr_slave_1: entered promiscuous mode [ 46.632175][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.635050][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.645615][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.651482][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.654317][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.665708][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.687794][ T5955] hsr_slave_0: entered promiscuous mode [ 46.689736][ T5955] hsr_slave_1: entered promiscuous mode [ 46.691709][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.694045][ T5955] Cannot create hsr debugfs directory [ 46.735657][ T5943] hsr_slave_0: entered promiscuous mode [ 46.738049][ T5943] hsr_slave_1: entered promiscuous mode [ 46.740538][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.743540][ T5943] Cannot create hsr debugfs directory [ 46.827875][ T5951] hsr_slave_0: entered promiscuous mode [ 46.829762][ T5951] hsr_slave_1: entered promiscuous mode [ 46.833260][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.835437][ T5951] Cannot create hsr debugfs directory [ 47.004574][ T5941] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.011079][ T5941] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.016408][ T5941] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.024509][ T5941] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.047175][ T5943] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.051325][ T5943] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.055432][ T5943] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.070321][ T5943] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.086166][ T5955] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 47.091808][ T5955] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 47.096121][ T5955] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 47.099249][ T5955] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.133896][ T5951] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.141045][ T5951] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.144158][ T5951] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.149627][ T5951] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 47.186703][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.204047][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.219364][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.224379][ T1186] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.226691][ T1186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.238447][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.240712][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.253166][ T5955] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.257570][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.272390][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.279257][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.281932][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.289064][ T39] audit: type=1400 audit(1737769555.393:114): avc: denied { sys_module } for pid=5941 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 47.300534][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.303580][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.310459][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.319519][ T5951] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.324741][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.327367][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.339891][ T5955] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 47.343950][ T5955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.348809][ T222] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.351399][ T222] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.364548][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.366745][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.372633][ T222] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.374908][ T222] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.399373][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.436969][ T5941] veth0_vlan: entered promiscuous mode [ 47.443703][ T5941] veth1_vlan: entered promiscuous mode [ 47.455529][ T5941] veth0_macvtap: entered promiscuous mode [ 47.459897][ T5941] veth1_macvtap: entered promiscuous mode [ 47.475463][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.483006][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.491900][ T5941] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.495600][ T5941] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.498367][ T5941] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.501253][ T5941] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.523454][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.537223][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.577309][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.580458][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.589204][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.593658][ T5955] veth0_vlan: entered promiscuous mode [ 47.611810][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.614934][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.619877][ T5955] veth1_vlan: entered promiscuous mode [ 47.633927][ T5943] veth0_vlan: entered promiscuous mode [ 47.656961][ T5943] veth1_vlan: entered promiscuous mode [ 47.665976][ T5951] veth0_vlan: entered promiscuous mode [ 47.671547][ T5955] veth0_macvtap: entered promiscuous mode [ 47.676587][ T5955] veth1_macvtap: entered promiscuous mode [ 47.681462][ T5951] veth1_vlan: entered promiscuous mode [ 47.684663][ T5941] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.692333][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.695560][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.699270][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.703726][ T5943] veth0_macvtap: entered promiscuous mode [ 47.709826][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.713447][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.716781][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.724444][ T5943] veth1_macvtap: entered promiscuous mode [ 47.732134][ T5955] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.734661][ T5955] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.737152][ T5955] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.740302][ T5955] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.754134][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.758299][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.761508][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.765504][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.770298][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.777997][ T5951] veth0_macvtap: entered promiscuous mode [ 47.782583][ T5951] veth1_macvtap: entered promiscuous mode [ 47.784832][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.787847][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.792270][ T5956] Bluetooth: hci0: command tx timeout [ 47.794160][ T5956] Bluetooth: hci3: command tx timeout [ 47.795822][ T5956] Bluetooth: hci1: command tx timeout [ 47.796605][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.800323][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.800981][ T5956] Bluetooth: hci2: command tx timeout [ 47.804246][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.815970][ T5943] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.818508][ T5943] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.821878][ T5943] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.824448][ T5943] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.837217][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.841710][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.845509][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.850341][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.854814][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.858858][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.863487][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.869784][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.873592][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.876502][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.880163][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.883376][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.886561][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.890760][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.911278][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.913104][ T5951] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.913705][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.916429][ T5951] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.921358][ T5951] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.923884][ T5951] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.936526][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.937705][ T6012] Zero length message leads to an empty skb [ 47.938930][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.976191][ T1186] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.978630][ T1186] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.999229][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.003940][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.022539][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.024844][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.048059][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.050532][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.317550][ T6032] vlan2: entered promiscuous mode [ 48.482690][ T6046] SELinux: Context Ü is not valid (left unmapped). [ 48.691774][ T6066] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=254 sclass=netlink_route_socket pid=6066 comm=syz.1.25 [ 48.697625][ T6066] vlan2: entered promiscuous mode [ 48.879911][ T6077] syzkaller1: entered promiscuous mode [ 48.884427][ T6077] syzkaller1: entered allmulticast mode [ 48.911373][ T35] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 49.080748][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 49.087096][ T35] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 49.089669][ T35] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 49.092743][ T35] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 49.095763][ T35] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 49.098469][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 49.101501][ T35] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 49.105868][ T35] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 49.108718][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 49.115049][ T35] usb 7-1: config 0 descriptor?? [ 49.300495][ T6108] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=254 sclass=netlink_route_socket pid=6108 comm=syz.3.37 [ 49.307794][ T6108] vlan2: entered promiscuous mode [ 49.309431][ T6108] team0: Device vlan2 is already an upper device of the team interface [ 49.430788][ T6114] netlink: 4 bytes leftover after parsing attributes in process `syz.0.38'. [ 49.881179][ T5956] Bluetooth: hci2: command tx timeout [ 49.881913][ T5291] Bluetooth: hci1: command tx timeout [ 49.881958][ T5954] Bluetooth: hci3: command tx timeout [ 49.881987][ T5954] Bluetooth: hci0: command tx timeout [ 50.369034][ T6127] FAULT_INJECTION: forcing a failure. [ 50.369034][ T6127] name failslab, interval 1, probability 0, space 0, times 1 [ 50.372833][ T6127] CPU: 2 UID: 0 PID: 6127 Comm: syz.3.41 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 50.372845][ T6127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 50.372850][ T6127] Call Trace: [ 50.372853][ T6127] [ 50.372857][ T6127] dump_stack_lvl+0x16c/0x1f0 [ 50.372885][ T6127] should_fail_ex+0x497/0x5b0 [ 50.372903][ T6127] ? fs_reclaim_acquire+0xae/0x150 [ 50.372917][ T6127] should_failslab+0xc2/0x120 [ 50.372927][ T6127] __kmalloc_noprof+0xcb/0x510 [ 50.372935][ T6127] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 50.372951][ T6127] tomoyo_realpath_from_path+0xb9/0x720 [ 50.372962][ T6127] ? tomoyo_path_number_perm+0x235/0x590 [ 50.372972][ T6127] ? tomoyo_path_number_perm+0x235/0x590 [ 50.372982][ T6127] tomoyo_path_number_perm+0x248/0x590 [ 50.372990][ T6127] ? tomoyo_path_number_perm+0x235/0x590 [ 50.372999][ T6127] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 50.373018][ T6127] ? __pfx_lock_release+0x10/0x10 [ 50.373030][ T6127] ? trace_lock_acquire+0x14e/0x1f0 [ 50.373042][ T6127] ? lock_acquire+0x2f/0xb0 [ 50.373053][ T6127] ? __fget_files+0x40/0x3a0 [ 50.373068][ T6127] ? __fget_files+0x206/0x3a0 [ 50.373082][ T6127] security_file_ioctl+0x9b/0x240 [ 50.373093][ T6127] __x64_sys_ioctl+0xb7/0x200 [ 50.373105][ T6127] do_syscall_64+0xcd/0x250 [ 50.373119][ T6127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.373132][ T6127] RIP: 0033:0x7fb2c5d8cd29 [ 50.373139][ T6127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.373148][ T6127] RSP: 002b:00007fb2c6bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 50.373157][ T6127] RAX: ffffffffffffffda RBX: 00007fb2c5fa5fa0 RCX: 00007fb2c5d8cd29 [ 50.373163][ T6127] RDX: 0000000020000200 RSI: 00000000800454e1 RDI: 0000000000000003 [ 50.373168][ T6127] RBP: 00007fb2c6bb4090 R08: 0000000000000000 R09: 0000000000000000 [ 50.373173][ T6127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.373178][ T6127] R13: 0000000000000000 R14: 00007fb2c5fa5fa0 R15: 00007ffc246e8f48 [ 50.373189][ T6127] [ 50.373192][ T6127] ERROR: Out of memory at tomoyo_realpath_from_path. [ 50.668087][ T6147] netlink: 1068 bytes leftover after parsing attributes in process `syz.1.44'. [ 51.006391][ T39] kauditd_printk_skb: 79 callbacks suppressed [ 51.006405][ T39] audit: type=1400 audit(1737769559.113:194): avc: denied { map_create } for pid=6158 comm="syz.1.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 51.014318][ T39] audit: type=1400 audit(1737769559.113:195): avc: denied { map_read map_write } for pid=6158 comm="syz.1.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 51.027600][ T39] audit: type=1400 audit(1737769559.133:196): avc: denied { prog_run } for pid=6158 comm="syz.1.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 51.342668][ T6177] netlink: 1068 bytes leftover after parsing attributes in process `syz.1.54'. [ 51.619488][ T6183] netlink: 28 bytes leftover after parsing attributes in process `syz.1.56'. [ 51.626285][ T6183] vlan2: entered promiscuous mode [ 51.691971][ T835] usb 7-1: USB disconnect, device number 2 [ 51.702167][ T39] audit: type=1400 audit(1737769559.813:197): avc: denied { read write } for pid=6184 comm="syz.2.57" name="video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 51.710180][ T39] audit: type=1400 audit(1737769559.813:198): avc: denied { open } for pid=6184 comm="syz.2.57" path="/dev/video8" dev="devtmpfs" ino=976 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 51.733439][ T39] audit: type=1400 audit(1737769559.843:199): avc: denied { write } for pid=6186 comm="syz.3.58" name="tcp6" dev="proc" ino=4026533243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 51.735939][ T6187] FAULT_INJECTION: forcing a failure. [ 51.735939][ T6187] name failslab, interval 1, probability 0, space 0, times 0 [ 51.745442][ T6187] CPU: 2 UID: 0 PID: 6187 Comm: syz.3.58 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 51.745454][ T6187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 51.745460][ T6187] Call Trace: [ 51.745468][ T6187] [ 51.745472][ T6187] dump_stack_lvl+0x16c/0x1f0 [ 51.745501][ T6187] should_fail_ex+0x497/0x5b0 [ 51.745518][ T6187] ? fs_reclaim_acquire+0xae/0x150 [ 51.745532][ T6187] should_failslab+0xc2/0x120 [ 51.745542][ T6187] __kmalloc_noprof+0xcb/0x510 [ 51.745551][ T6187] ? d_absolute_path+0x137/0x1b0 [ 51.745561][ T6187] ? rcu_is_watching+0x12/0xc0 [ 51.745572][ T6187] tomoyo_encode2+0x100/0x3e0 [ 51.745585][ T6187] tomoyo_encode+0x29/0x50 [ 51.745594][ T6187] tomoyo_realpath_from_path+0x19d/0x720 [ 51.745608][ T6187] tomoyo_path_number_perm+0x248/0x590 [ 51.745616][ T6187] ? tomoyo_path_number_perm+0x235/0x590 [ 51.745626][ T6187] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 51.745645][ T6187] ? __pfx_lock_release+0x10/0x10 [ 51.745657][ T6187] ? trace_lock_acquire+0x14e/0x1f0 [ 51.745668][ T6187] ? lock_acquire+0x2f/0xb0 [ 51.745679][ T6187] ? __fget_files+0x40/0x3a0 [ 51.745693][ T6187] ? __fget_files+0x206/0x3a0 [ 51.745708][ T6187] security_file_ioctl+0x9b/0x240 [ 51.745719][ T6187] __x64_sys_ioctl+0xb7/0x200 [ 51.745731][ T6187] do_syscall_64+0xcd/0x250 [ 51.745746][ T6187] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.745758][ T6187] RIP: 0033:0x7fb2c5d8cd29 [ 51.745766][ T6187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.745774][ T6187] RSP: 002b:00007fb2c6bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 51.745784][ T6187] RAX: ffffffffffffffda RBX: 00007fb2c5fa5fa0 RCX: 00007fb2c5d8cd29 [ 51.745790][ T6187] RDX: 0000000020000580 RSI: 0000000000004c04 RDI: 0000000000000004 [ 51.745795][ T6187] RBP: 00007fb2c6bb4090 R08: 0000000000000000 R09: 0000000000000000 [ 51.745800][ T6187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.745805][ T6187] R13: 0000000000000000 R14: 00007fb2c5fa5fa0 R15: 00007ffc246e8f48 [ 51.745816][ T6187] [ 51.745823][ T6187] ERROR: Out of memory at tomoyo_realpath_from_path. [ 51.894724][ T6201] netlink: 1068 bytes leftover after parsing attributes in process `syz.3.63'. [ 51.909707][ T39] audit: type=1400 audit(1737769560.013:200): avc: denied { create } for pid=6190 comm="syz.1.60" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 51.921013][ T39] audit: type=1400 audit(1737769560.023:201): avc: denied { setopt } for pid=6190 comm="syz.1.60" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 51.927426][ T39] audit: type=1400 audit(1737769560.023:202): avc: denied { bind } for pid=6190 comm="syz.1.60" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 51.937692][ T39] audit: type=1400 audit(1737769560.023:203): avc: denied { name_bind } for pid=6190 comm="syz.1.60" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 51.952583][ T5291] Bluetooth: hci0: command tx timeout [ 51.954865][ T5291] Bluetooth: hci3: command tx timeout [ 51.957074][ T5291] Bluetooth: hci1: command tx timeout [ 51.962577][ T5291] Bluetooth: hci2: command tx timeout [ 52.031231][ T5958] Bluetooth: hci1: Malformed LE Event: 0x0b [ 52.046351][ T6212] netlink: 28 bytes leftover after parsing attributes in process `syz.1.68'. [ 52.051443][ T6212] vlan2: entered promiscuous mode [ 52.059554][ T6214] FAULT_INJECTION: forcing a failure. [ 52.059554][ T6214] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 52.065196][ T6214] CPU: 1 UID: 0 PID: 6214 Comm: syz.3.69 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 52.065212][ T6214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.065218][ T6214] Call Trace: [ 52.065221][ T6214] [ 52.065224][ T6214] dump_stack_lvl+0x16c/0x1f0 [ 52.065241][ T6214] should_fail_ex+0x497/0x5b0 [ 52.065255][ T6214] _copy_from_user+0x2e/0xd0 [ 52.065268][ T6214] copy_msghdr_from_user+0x99/0x160 [ 52.065278][ T6214] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 52.065286][ T6214] ? __lock_acquire+0xcc5/0x3c40 [ 52.065304][ T6214] ___sys_sendmsg+0xff/0x1e0 [ 52.065313][ T6214] ? __pfx____sys_sendmsg+0x10/0x10 [ 52.065327][ T6214] ? trace_lock_acquire+0x14e/0x1f0 [ 52.065344][ T6214] __sys_sendmmsg+0x201/0x420 [ 52.065354][ T6214] ? __pfx___sys_sendmmsg+0x10/0x10 [ 52.065366][ T6214] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 52.065385][ T6214] ? fput+0x67/0x440 [ 52.065402][ T6214] ? ksys_write+0x1ba/0x250 [ 52.065422][ T6214] ? __pfx_ksys_write+0x10/0x10 [ 52.065436][ T6214] __x64_sys_sendmmsg+0x9c/0x100 [ 52.065444][ T6214] ? lockdep_hardirqs_on+0x7c/0x110 [ 52.065456][ T6214] do_syscall_64+0xcd/0x250 [ 52.065471][ T6214] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.065484][ T6214] RIP: 0033:0x7fb2c5d8cd29 [ 52.065492][ T6214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.065500][ T6214] RSP: 002b:00007fb2c6bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 52.065509][ T6214] RAX: ffffffffffffffda RBX: 00007fb2c5fa5fa0 RCX: 00007fb2c5d8cd29 [ 52.065515][ T6214] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 52.065520][ T6214] RBP: 00007fb2c6bb4090 R08: 0000000000000000 R09: 0000000000000000 [ 52.065525][ T6214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.065530][ T6214] R13: 0000000000000000 R14: 00007fb2c5fa5fa0 R15: 00007ffc246e8f48 [ 52.065541][ T6214] [ 52.180350][ T6220] netlink: 36 bytes leftover after parsing attributes in process `syz.3.70'. [ 52.235554][ T6226] netlink: 1068 bytes leftover after parsing attributes in process `syz.1.72'. [ 52.296643][ T25] IPVS: starting estimator thread 0... [ 52.303448][ T5958] Bluetooth: hci2: Malformed LE Event: 0x0b [ 52.380822][ T6237] IPVS: using max 40 ests per chain, 96000 per kthread [ 52.648313][ T6259] netlink: 1068 bytes leftover after parsing attributes in process `syz.2.85'. [ 52.682527][ T5983] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 52.719817][ T5958] Bluetooth: hci3: Malformed LE Event: 0x0b [ 52.804555][ T6267] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 52.809228][ T6267] syz.2.89 uses obsolete (PF_INET,SOCK_PACKET) [ 52.860742][ T5983] usb 8-1: Using ep0 maxpacket: 16 [ 52.865058][ T5983] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 52.867322][ T6271] FAULT_INJECTION: forcing a failure. [ 52.867322][ T6271] name failslab, interval 1, probability 0, space 0, times 0 [ 52.868182][ T5983] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 52.872210][ T6271] CPU: 3 UID: 0 PID: 6271 Comm: syz.2.90 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 52.872224][ T6271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.872229][ T6271] Call Trace: [ 52.872233][ T6271] [ 52.872236][ T6271] dump_stack_lvl+0x16c/0x1f0 [ 52.872266][ T6271] should_fail_ex+0x497/0x5b0 [ 52.872283][ T6271] ? fs_reclaim_acquire+0xae/0x150 [ 52.872297][ T6271] should_failslab+0xc2/0x120 [ 52.872307][ T6271] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 52.872322][ T6271] ? __alloc_skb+0x2b1/0x380 [ 52.872338][ T6271] __alloc_skb+0x2b1/0x380 [ 52.872351][ T6271] ? __pfx___alloc_skb+0x10/0x10 [ 52.872365][ T6271] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 52.872378][ T6271] ? pid_vnr+0x133/0x220 [ 52.872390][ T6271] netlink_alloc_large_skb+0x69/0x130 [ 52.872403][ T6271] netlink_sendmsg+0x689/0xd70 [ 52.872418][ T6271] ? __pfx_netlink_sendmsg+0x10/0x10 [ 52.872443][ T6271] ____sys_sendmsg+0xaaf/0xc90 [ 52.872462][ T6271] ? copy_msghdr_from_user+0x10b/0x160 [ 52.872477][ T6271] ? __pfx_____sys_sendmsg+0x10/0x10 [ 52.872500][ T6271] ___sys_sendmsg+0x135/0x1e0 [ 52.872509][ T6271] ? __pfx____sys_sendmsg+0x10/0x10 [ 52.872522][ T6271] ? __pfx_lock_release+0x10/0x10 [ 52.872535][ T6271] ? trace_lock_acquire+0x14e/0x1f0 [ 52.872549][ T6271] ? __fget_files+0x206/0x3a0 [ 52.872565][ T6271] __sys_sendmsg+0x16e/0x220 [ 52.872574][ T6271] ? __pfx___sys_sendmsg+0x10/0x10 [ 52.872595][ T6271] do_syscall_64+0xcd/0x250 [ 52.872610][ T6271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.872623][ T6271] RIP: 0033:0x7faa0058cd29 [ 52.872630][ T6271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.872639][ T6271] RSP: 002b:00007fa9fe3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 52.872649][ T6271] RAX: ffffffffffffffda RBX: 00007faa007a5fa0 RCX: 00007faa0058cd29 [ 52.872654][ T6271] RDX: 0000000020004804 RSI: 0000000020000300 RDI: 0000000000000003 [ 52.872660][ T6271] RBP: 00007fa9fe3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 52.872665][ T6271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.872670][ T6271] R13: 0000000000000000 R14: 00007faa007a5fa0 R15: 00007ffc2dd7dc28 [ 52.872681][ T6271] [ 52.905474][ T6273] FAULT_INJECTION: forcing a failure. [ 52.905474][ T6273] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 52.906368][ T5983] usb 8-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 52.907529][ T6273] CPU: 3 UID: 0 PID: 6273 Comm: syz.2.91 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 52.907545][ T6273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.907554][ T6273] Call Trace: [ 52.907557][ T6273] [ 52.907561][ T6273] dump_stack_lvl+0x16c/0x1f0 [ 52.907578][ T6273] should_fail_ex+0x497/0x5b0 [ 52.907593][ T6273] _copy_from_iter+0x2a1/0x1560 [ 52.907609][ T6273] ? __pfx__copy_from_iter+0x10/0x10 [ 52.907622][ T6273] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 52.907634][ T6273] ? tun_build_skb.constprop.0+0x1b8/0x1120 [ 52.907646][ T6273] ? __pfx_lock_release+0x10/0x10 [ 52.907659][ T6273] ? trace_lock_acquire+0x14e/0x1f0 [ 52.907669][ T6273] ? __pfx_lock_release+0x10/0x10 [ 52.907682][ T6273] copy_page_from_iter+0xa5/0x120 [ 52.907696][ T6273] tun_build_skb.constprop.0+0x294/0x1120 [ 52.907709][ T6273] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 52.907722][ T6273] ? __pfx___lock_acquire+0x10/0x10 [ 52.907734][ T6273] ? register_lock_class+0xb1/0x1240 [ 52.907750][ T6273] ? __lock_acquire+0xcc5/0x3c40 [ 52.907764][ T6273] tun_get_user+0x870/0x3e50 [ 52.907779][ T6273] ? __pfx_tun_get_user+0x10/0x10 [ 52.907789][ T6273] ? find_held_lock+0x2d/0x110 [ 52.907801][ T6273] ? __pfx_lock_release+0x10/0x10 [ 52.907818][ T6273] tun_chr_write_iter+0xdc/0x210 [ 52.907829][ T6273] vfs_write+0x5ae/0x1150 [ 52.907843][ T6273] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 52.907854][ T6273] ? __pfx_vfs_write+0x10/0x10 [ 52.907875][ T6273] ? __fget_files+0x40/0x3a0 [ 52.907894][ T6273] ksys_write+0x12b/0x250 [ 52.907906][ T6273] ? __pfx_ksys_write+0x10/0x10 [ 52.907921][ T6273] do_syscall_64+0xcd/0x250 [ 52.907936][ T6273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.907949][ T6273] RIP: 0033:0x7faa0058b7df [ 52.907957][ T6273] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 52.907965][ T6273] RSP: 002b:00007fa9fe3f6000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 52.907974][ T6273] RAX: ffffffffffffffda RBX: 00007faa007a5fa0 RCX: 00007faa0058b7df [ 52.907980][ T6273] RDX: 000000000000009a RSI: 0000000020002340 RDI: 00000000000000c8 [ 52.907985][ T6273] RBP: 00007fa9fe3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 52.907990][ T6273] R10: 000000000000009a R11: 0000000000000293 R12: 0000000000000001 [ 52.907995][ T6273] R13: 0000000000000001 R14: 00007faa007a5fa0 R15: 00007ffc2dd7dc28 [ 52.908006][ T6273] [ 52.994827][ T6279] netlink: 1068 bytes leftover after parsing attributes in process `syz.2.94'. [ 52.996663][ T5983] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.043501][ T5983] usb 8-1: config 0 descriptor?? [ 53.063306][ T6287] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 53.155984][ T6295] FAULT_INJECTION: forcing a failure. [ 53.155984][ T6295] name failslab, interval 1, probability 0, space 0, times 0 [ 53.163176][ T6295] CPU: 0 UID: 0 PID: 6295 Comm: syz.0.101 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 53.163190][ T6295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.163196][ T6295] Call Trace: [ 53.163199][ T6295] [ 53.163203][ T6295] dump_stack_lvl+0x16c/0x1f0 [ 53.163220][ T6295] should_fail_ex+0x497/0x5b0 [ 53.163232][ T6295] ? fs_reclaim_acquire+0xae/0x150 [ 53.163246][ T6295] should_failslab+0xc2/0x120 [ 53.163257][ T6295] __kmalloc_noprof+0xcb/0x510 [ 53.163265][ T6295] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 53.163281][ T6295] tomoyo_realpath_from_path+0xb9/0x720 [ 53.163292][ T6295] ? tomoyo_path_number_perm+0x235/0x590 [ 53.163301][ T6295] ? tomoyo_path_number_perm+0x235/0x590 [ 53.163311][ T6295] tomoyo_path_number_perm+0x248/0x590 [ 53.163319][ T6295] ? tomoyo_path_number_perm+0x235/0x590 [ 53.163329][ T6295] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 53.163349][ T6295] ? __pfx_lock_release+0x10/0x10 [ 53.163360][ T6295] ? trace_lock_acquire+0x14e/0x1f0 [ 53.163372][ T6295] ? lock_acquire+0x2f/0xb0 [ 53.163383][ T6295] ? __fget_files+0x40/0x3a0 [ 53.163398][ T6295] ? __fget_files+0x206/0x3a0 [ 53.163412][ T6295] security_file_ioctl+0x9b/0x240 [ 53.163424][ T6295] __x64_sys_ioctl+0xb7/0x200 [ 53.163436][ T6295] do_syscall_64+0xcd/0x250 [ 53.163450][ T6295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.163463][ T6295] RIP: 0033:0x7f0bf198cd29 [ 53.163472][ T6295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.163480][ T6295] RSP: 002b:00007f0bf27be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 53.163489][ T6295] RAX: ffffffffffffffda RBX: 00007f0bf1ba5fa0 RCX: 00007f0bf198cd29 [ 53.163495][ T6295] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 53.163500][ T6295] RBP: 00007f0bf27be090 R08: 0000000000000000 R09: 0000000000000000 [ 53.163505][ T6295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.163510][ T6295] R13: 0000000000000000 R14: 00007f0bf1ba5fa0 R15: 00007ffd75eb5a28 [ 53.163521][ T6295] [ 53.163525][ T6295] ERROR: Out of memory at tomoyo_realpath_from_path. [ 53.260865][ T5983] usbhid 8-1:0.0: can't add hid device: -71 [ 53.271591][ T5983] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 53.279330][ T5983] usb 8-1: USB disconnect, device number 2 [ 53.476698][ T6312] dccp_close: ABORT with 2 bytes unread [ 53.510782][ T25] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 53.641752][ T25] usb 7-1: device descriptor read/64, error -71 [ 53.890952][ T25] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 54.020796][ T25] usb 7-1: device descriptor read/64, error -71 [ 54.031408][ T5958] Bluetooth: hci3: command tx timeout [ 54.033654][ T5958] Bluetooth: hci0: command tx timeout [ 54.035388][ T5958] Bluetooth: hci2: command tx timeout [ 54.037050][ T5291] Bluetooth: hci1: command tx timeout [ 54.059882][ T6332] vlan2: entered promiscuous mode [ 54.141002][ T25] usb usb7-port1: attempt power cycle [ 54.216514][ T6336] kvm: emulating exchange as write [ 54.468578][ T6351] FAULT_INJECTION: forcing a failure. [ 54.468578][ T6351] name failslab, interval 1, probability 0, space 0, times 0 [ 54.473706][ T6351] CPU: 2 UID: 0 PID: 6351 Comm: syz.1.121 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 54.473725][ T6351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.473735][ T6351] Call Trace: [ 54.473741][ T6351] [ 54.473746][ T6351] dump_stack_lvl+0x16c/0x1f0 [ 54.473788][ T6351] should_fail_ex+0x497/0x5b0 [ 54.473813][ T6351] ? fs_reclaim_acquire+0xae/0x150 [ 54.473838][ T6351] should_failslab+0xc2/0x120 [ 54.473853][ T6351] __kmalloc_noprof+0xcb/0x510 [ 54.473867][ T6351] ? d_absolute_path+0x137/0x1b0 [ 54.473892][ T6351] ? rcu_is_watching+0x12/0xc0 [ 54.473910][ T6351] tomoyo_encode2+0x100/0x3e0 [ 54.473933][ T6351] tomoyo_encode+0x29/0x50 [ 54.473949][ T6351] tomoyo_realpath_from_path+0x19d/0x720 [ 54.473992][ T6351] tomoyo_path_number_perm+0x248/0x590 [ 54.474007][ T6351] ? tomoyo_path_number_perm+0x235/0x590 [ 54.474022][ T6351] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 54.474065][ T6351] ? __pfx_lock_release+0x10/0x10 [ 54.474088][ T6351] ? trace_lock_acquire+0x14e/0x1f0 [ 54.474108][ T6351] ? lock_acquire+0x2f/0xb0 [ 54.474129][ T6351] ? __fget_files+0x40/0x3a0 [ 54.474154][ T6351] ? __fget_files+0x206/0x3a0 [ 54.474181][ T6351] security_file_ioctl+0x9b/0x240 [ 54.474199][ T6351] __x64_sys_ioctl+0xb7/0x200 [ 54.474221][ T6351] do_syscall_64+0xcd/0x250 [ 54.474244][ T6351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.474266][ T6351] RIP: 0033:0x7fab6cf8cd29 [ 54.474280][ T6351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.474293][ T6351] RSP: 002b:00007fab6dd72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 54.474308][ T6351] RAX: ffffffffffffffda RBX: 00007fab6d1a5fa0 RCX: 00007fab6cf8cd29 [ 54.474319][ T6351] RDX: 0000000020000480 RSI: 00000000c0386105 RDI: 0000000000000003 [ 54.474329][ T6351] RBP: 00007fab6dd72090 R08: 0000000000000000 R09: 0000000000000000 [ 54.474336][ T6351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.474345][ T6351] R13: 0000000000000000 R14: 00007fab6d1a5fa0 R15: 00007ffdacb01a18 [ 54.474366][ T6351] [ 54.474412][ T6351] ERROR: Out of memory at tomoyo_realpath_from_path. [ 54.561349][ T25] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 54.591247][ T25] usb 7-1: device descriptor read/8, error -71 [ 54.660744][ T5983] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 54.728639][ T6356] netlink: 'syz.3.123': attribute type 10 has an invalid length. [ 54.732465][ T6356] vlan0: entered allmulticast mode [ 54.737472][ T6356] veth0_vlan: entered allmulticast mode [ 54.746585][ T6356] team0: Port device vlan0 added [ 54.810794][ T5983] usb 5-1: Using ep0 maxpacket: 16 [ 54.816423][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 54.820549][ T5983] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 54.826184][ T5983] usb 5-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 54.829993][ T5983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.835355][ T5983] usb 5-1: config 0 descriptor?? [ 54.843467][ T25] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 54.862760][ T25] usb 7-1: device descriptor read/8, error -71 [ 54.980862][ T25] usb usb7-port1: unable to enumerate USB device [ 55.047375][ T5983] usbhid 5-1:0.0: can't add hid device: -71 [ 55.049808][ T5983] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 55.054974][ T5983] usb 5-1: USB disconnect, device number 2 [ 55.143112][ T6360] __nla_validate_parse: 1 callbacks suppressed [ 55.143124][ T6360] netlink: 8 bytes leftover after parsing attributes in process `syz.1.124'. [ 55.909816][ T6386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.134'. [ 56.186302][ T6394] netlink: 24 bytes leftover after parsing attributes in process `syz.0.138'. [ 56.270369][ T6396] FAULT_INJECTION: forcing a failure. [ 56.270369][ T6396] name failslab, interval 1, probability 0, space 0, times 0 [ 56.274453][ T6396] CPU: 1 UID: 0 PID: 6396 Comm: syz.1.139 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 56.274464][ T6396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.274470][ T6396] Call Trace: [ 56.274474][ T6396] [ 56.274478][ T6396] dump_stack_lvl+0x16c/0x1f0 [ 56.274507][ T6396] should_fail_ex+0x497/0x5b0 [ 56.274525][ T6396] ? rcu_is_watching+0x12/0xc0 [ 56.274536][ T6396] should_failslab+0xc2/0x120 [ 56.274547][ T6396] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 56.274561][ T6396] ? lock_acquire+0x2f/0xb0 [ 56.274572][ T6396] ? sctp_get_port_local+0x3af/0x1650 [ 56.274585][ T6396] ? sctp_get_port_local+0xba4/0x1650 [ 56.274599][ T6396] sctp_get_port_local+0xba4/0x1650 [ 56.274619][ T6396] ? __pfx_sctp_get_port_local+0x10/0x10 [ 56.274630][ T6396] ? lock_acquire+0x2f/0xb0 [ 56.274641][ T6396] ? sctp_bind_addr_match+0x43/0x300 [ 56.274654][ T6396] ? sctp_bind_addr_match+0x19d/0x300 [ 56.274666][ T6396] sctp_do_bind+0x223/0x700 [ 56.274681][ T6396] sctp_connect_new_asoc+0x5ff/0x790 [ 56.274692][ T6396] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 56.274703][ T6396] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 56.274715][ T6396] sctp_sendmsg+0x1610/0x1eb0 [ 56.274723][ T6396] ? avc_has_perm+0x11b/0x1c0 [ 56.274739][ T6396] ? __pfx_sctp_sendmsg+0x10/0x10 [ 56.274750][ T6396] ? __pfx_sock_has_perm+0x10/0x10 [ 56.274770][ T6396] ? __pfx_sctp_sendmsg+0x10/0x10 [ 56.274779][ T6396] inet_sendmsg+0x119/0x140 [ 56.274789][ T6396] __sys_sendto+0x42a/0x4f0 [ 56.274805][ T6396] ? __pfx___sys_sendto+0x10/0x10 [ 56.274827][ T6396] ? ksys_write+0x1ba/0x250 [ 56.274840][ T6396] ? __pfx_ksys_write+0x10/0x10 [ 56.274854][ T6396] __x64_sys_sendto+0xe0/0x1c0 [ 56.274867][ T6396] ? do_syscall_64+0x91/0x250 [ 56.274880][ T6396] ? lockdep_hardirqs_on+0x7c/0x110 [ 56.274892][ T6396] do_syscall_64+0xcd/0x250 [ 56.274906][ T6396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.274918][ T6396] RIP: 0033:0x7fab6cf8cd29 [ 56.274926][ T6396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.274935][ T6396] RSP: 002b:00007fab6dd72038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 56.274943][ T6396] RAX: ffffffffffffffda RBX: 00007fab6d1a5fa0 RCX: 00007fab6cf8cd29 [ 56.274949][ T6396] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000003 [ 56.274954][ T6396] RBP: 00007fab6dd72090 R08: 0000000020000200 R09: 000000000000001c [ 56.274959][ T6396] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001 [ 56.274964][ T6396] R13: 0000000000000000 R14: 00007fab6d1a5fa0 R15: 00007ffdacb01a18 [ 56.274976][ T6396] [ 56.365543][ C1] vkms_vblank_simulate: vblank timer overrun [ 56.368414][ T5983] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 56.384942][ T39] kauditd_printk_skb: 54 callbacks suppressed [ 56.384950][ T39] audit: type=1400 audit(1737769564.493:258): avc: denied { rename } for pid=5334 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.393770][ T39] audit: type=1400 audit(1737769564.493:259): avc: denied { unlink } for pid=5334 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.400388][ T39] audit: type=1400 audit(1737769564.493:260): avc: denied { create } for pid=5334 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.522386][ T5983] usb 8-1: Using ep0 maxpacket: 16 [ 56.527909][ T5983] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 56.532176][ T5983] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 56.538698][ T5983] usb 8-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 56.542986][ T5983] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.550133][ T5983] usb 8-1: config 0 descriptor?? [ 56.770512][ T5983] usbhid 8-1:0.0: can't add hid device: -71 [ 56.775824][ T5983] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 56.792403][ T5983] usb 8-1: USB disconnect, device number 3 [ 56.818147][ T39] audit: type=1400 audit(1737769564.923:261): avc: denied { create } for pid=6413 comm="syz.2.145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 56.828738][ T39] audit: type=1400 audit(1737769564.923:262): avc: denied { write } for pid=6413 comm="syz.2.145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 56.839196][ T39] audit: type=1400 audit(1737769564.923:263): avc: denied { nlmsg_write } for pid=6413 comm="syz.2.145" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 57.210725][ T5945] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 57.330730][ T39] audit: type=1400 audit(1737769565.433:264): avc: denied { setopt } for pid=6432 comm="syz.3.152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 57.338069][ T39] audit: type=1400 audit(1737769565.433:265): avc: denied { ioctl } for pid=6432 comm="syz.3.152" path="socket:[13464]" dev="sockfs" ino=13464 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 57.349110][ T5945] usb 7-1: device descriptor read/64, error -71 [ 57.590879][ T5945] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 57.720853][ T5945] usb 7-1: device descriptor read/64, error -71 [ 57.831027][ T5945] usb usb7-port1: attempt power cycle [ 57.920790][ T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 57.946260][ T6467] FAULT_INJECTION: forcing a failure. [ 57.946260][ T6467] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 57.950588][ T6467] CPU: 2 UID: 0 PID: 6467 Comm: syz.3.163 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 57.950599][ T6467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.950608][ T6467] Call Trace: [ 57.950611][ T6467] [ 57.950615][ T6467] dump_stack_lvl+0x16c/0x1f0 [ 57.950654][ T6467] should_fail_ex+0x497/0x5b0 [ 57.950674][ T6467] _copy_to_user+0x32/0xd0 [ 57.950689][ T6467] vivid_radio_rx_read+0x7c9/0xb90 [ 57.950707][ T6467] ? __pfx_vivid_radio_rx_read+0x10/0x10 [ 57.950722][ T6467] ? inode_security+0x101/0x130 [ 57.950743][ T6467] vivid_radio_read+0x86/0xc0 [ 57.950766][ T6467] v4l2_read+0x226/0x360 [ 57.950794][ T6467] ? __pfx_v4l2_read+0x10/0x10 [ 57.950811][ T6467] vfs_readv+0x6c2/0x8a0 [ 57.950826][ T6467] ? find_held_lock+0x2d/0x110 [ 57.950839][ T6467] ? __pfx_vfs_readv+0x10/0x10 [ 57.950850][ T6467] ? find_held_lock+0x2d/0x110 [ 57.950866][ T6467] ? __pfx_lock_release+0x10/0x10 [ 57.950894][ T6467] ? trace_lock_acquire+0x14e/0x1f0 [ 57.950908][ T6467] ? __fget_files+0x206/0x3a0 [ 57.950925][ T6467] ? do_readv+0x133/0x340 [ 57.950935][ T6467] do_readv+0x133/0x340 [ 57.950946][ T6467] ? __pfx_do_readv+0x10/0x10 [ 57.950961][ T6467] do_syscall_64+0xcd/0x250 [ 57.950975][ T6467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.950988][ T6467] RIP: 0033:0x7fb2c5d8cd29 [ 57.950996][ T6467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.951005][ T6467] RSP: 002b:00007fb2c6bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 57.951014][ T6467] RAX: ffffffffffffffda RBX: 00007fb2c5fa5fa0 RCX: 00007fb2c5d8cd29 [ 57.951020][ T6467] RDX: 0000000000000001 RSI: 0000000020000280 RDI: 0000000000000003 [ 57.951025][ T6467] RBP: 00007fb2c6bb4090 R08: 0000000000000000 R09: 0000000000000000 [ 57.951030][ T6467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.951035][ T6467] R13: 0000000000000000 R14: 00007fb2c5fa5fa0 R15: 00007ffc246e8f48 [ 57.951046][ T6467] [ 58.081788][ T39] audit: type=1400 audit(1737769566.183:266): avc: denied { ioctl } for pid=6468 comm="syz.3.164" path="socket:[14864]" dev="sockfs" ino=14864 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 58.110308][ T39] audit: type=1400 audit(1737769566.213:267): avc: denied { create } for pid=6468 comm="syz.3.164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 58.118898][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 58.127782][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 58.130989][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 58.136677][ T25] usb 5-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 58.139402][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.145354][ T25] usb 5-1: config 0 descriptor?? [ 58.170860][ T5945] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 58.193542][ T5945] usb 7-1: device descriptor read/8, error -71 [ 58.304895][ T6484] netlink: 28 bytes leftover after parsing attributes in process `syz.3.165'. [ 58.365711][ T25] usbhid 5-1:0.0: can't add hid device: -71 [ 58.367643][ T25] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 58.371382][ T25] usb 5-1: USB disconnect, device number 3 [ 58.430828][ T5945] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 58.461432][ T5945] usb 7-1: device descriptor read/8, error -71 [ 58.570895][ T5945] usb usb7-port1: unable to enumerate USB device [ 58.945524][ T6530] FAULT_INJECTION: forcing a failure. [ 58.945524][ T6530] name failslab, interval 1, probability 0, space 0, times 0 [ 58.950012][ T6530] CPU: 2 UID: 0 PID: 6530 Comm: syz.0.173 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 58.950023][ T6530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.950029][ T6530] Call Trace: [ 58.950032][ T6530] [ 58.950036][ T6530] dump_stack_lvl+0x16c/0x1f0 [ 58.950064][ T6530] should_fail_ex+0x497/0x5b0 [ 58.950085][ T6530] should_failslab+0xc2/0x120 [ 58.950096][ T6530] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 58.950111][ T6530] ? dst_alloc+0x99/0x1a0 [ 58.950125][ T6530] dst_alloc+0x99/0x1a0 [ 58.950138][ T6530] rt_dst_alloc+0x35/0x3a0 [ 58.950153][ T6530] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 58.950165][ T6530] ? __pfx___bfs+0x5/0x10 [ 58.950178][ T6530] ip_route_output_key_hash+0x138/0x2e0 [ 58.950188][ T6530] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 58.950201][ T6530] ? __pfx_lock_release+0x10/0x10 [ 58.950213][ T6530] ? trace_lock_acquire+0x14e/0x1f0 [ 58.950223][ T6530] ? find_held_lock+0x2d/0x110 [ 58.950234][ T6530] ip_route_output_flow+0x27/0x150 [ 58.950245][ T6530] udp_sendmsg+0x1bfc/0x2a30 [ 58.950261][ T6530] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 58.950276][ T6530] ? __pfx_udp_sendmsg+0x10/0x10 [ 58.950289][ T6530] ? avc_has_perm+0x11b/0x1c0 [ 58.950303][ T6530] ? __pfx___lock_acquire+0x10/0x10 [ 58.950318][ T6530] ? sock_has_perm+0x25a/0x2f0 [ 58.950332][ T6530] ? __pfx_sock_has_perm+0x10/0x10 [ 58.950351][ T6530] ? __pfx_udp_sendmsg+0x10/0x10 [ 58.950365][ T6530] inet_sendmsg+0x105/0x140 [ 58.950375][ T6530] ____sys_sendmsg+0x98c/0xc90 [ 58.950386][ T6530] ? copy_msghdr_from_user+0x10b/0x160 [ 58.950396][ T6530] ? __pfx_____sys_sendmsg+0x10/0x10 [ 58.950406][ T6530] ? __lock_acquire+0xcc5/0x3c40 [ 58.950423][ T6530] ___sys_sendmsg+0x135/0x1e0 [ 58.950433][ T6530] ? __pfx____sys_sendmsg+0x10/0x10 [ 58.950447][ T6530] ? trace_lock_acquire+0x14e/0x1f0 [ 58.950465][ T6530] __sys_sendmmsg+0x201/0x420 [ 58.950476][ T6530] ? __pfx___sys_sendmmsg+0x10/0x10 [ 58.950489][ T6530] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 58.950508][ T6530] ? fput+0x67/0x440 [ 58.950518][ T6530] ? ksys_write+0x1ba/0x250 [ 58.950536][ T6530] ? __pfx_ksys_write+0x10/0x10 [ 58.950551][ T6530] __x64_sys_sendmmsg+0x9c/0x100 [ 58.950563][ T6530] ? lockdep_hardirqs_on+0x7c/0x110 [ 58.950575][ T6530] do_syscall_64+0xcd/0x250 [ 58.950599][ T6530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.950619][ T6530] RIP: 0033:0x7f0bf198cd29 [ 58.950647][ T6530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.950662][ T6530] RSP: 002b:00007f0bf279d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 58.950678][ T6530] RAX: ffffffffffffffda RBX: 00007f0bf1ba6080 RCX: 00007f0bf198cd29 [ 58.950689][ T6530] RDX: 0400000000000077 RSI: 0000000020000180 RDI: 0000000000000003 [ 58.950699][ T6530] RBP: 00007f0bf279d090 R08: 0000000000000000 R09: 0000000000000000 [ 58.950709][ T6530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.950718][ T6530] R13: 0000000000000000 R14: 00007f0bf1ba6080 R15: 00007ffd75eb5a28 [ 58.950741][ T6530] [ 59.677968][ T6587] FAULT_INJECTION: forcing a failure. [ 59.677968][ T6587] name failslab, interval 1, probability 0, space 0, times 0 [ 59.682048][ T6587] CPU: 3 UID: 0 PID: 6587 Comm: syz.3.176 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 59.682059][ T6587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.682064][ T6587] Call Trace: [ 59.682068][ T6587] [ 59.682071][ T6587] dump_stack_lvl+0x16c/0x1f0 [ 59.682099][ T6587] should_fail_ex+0x497/0x5b0 [ 59.682116][ T6587] ? fs_reclaim_acquire+0xae/0x150 [ 59.682129][ T6587] should_failslab+0xc2/0x120 [ 59.682140][ T6587] __kmalloc_cache_noprof+0x68/0x410 [ 59.682156][ T6587] madvise_collapse+0x1cc/0xb10 [ 59.682167][ T6587] ? mas_prev_slot+0x4cb/0x2000 [ 59.682181][ T6587] ? __pfx_madvise_collapse+0x10/0x10 [ 59.682194][ T6587] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 59.682210][ T6587] madvise_vma_behavior+0xbb0/0x1da0 [ 59.682222][ T6587] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 59.682232][ T6587] ? find_vma_prev+0xdb/0x160 [ 59.682245][ T6587] ? __pfx_find_vma_prev+0x10/0x10 [ 59.682260][ T6587] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 59.682275][ T6587] ? do_madvise+0x2b3/0x7c0 [ 59.682286][ T6587] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 59.682296][ T6587] madvise_walk_vmas+0x1cf/0x2c0 [ 59.682306][ T6587] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 59.682319][ T6587] do_madvise+0x366/0x7c0 [ 59.682343][ T6587] ? __pfx_do_madvise+0x10/0x10 [ 59.682357][ T6587] ? ksys_write+0x1ba/0x250 [ 59.682369][ T6587] ? __pfx_ksys_write+0x10/0x10 [ 59.682383][ T6587] __x64_sys_madvise+0xa9/0x110 [ 59.682393][ T6587] ? lockdep_hardirqs_on+0x7c/0x110 [ 59.682406][ T6587] do_syscall_64+0xcd/0x250 [ 59.682420][ T6587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.682432][ T6587] RIP: 0033:0x7fb2c5d8cd29 [ 59.682441][ T6587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 59.682449][ T6587] RSP: 002b:00007fb2c6b72038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 59.682458][ T6587] RAX: ffffffffffffffda RBX: 00007fb2c5fa6160 RCX: 00007fb2c5d8cd29 [ 59.682463][ T6587] RDX: 0000000000000019 RSI: 0000000000600722 RDI: 0000000020000000 [ 59.682469][ T6587] RBP: 00007fb2c6b72090 R08: 0000000000000000 R09: 0000000000000000 [ 59.682474][ T6587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 59.682479][ T6587] R13: 0000000000000001 R14: 00007fb2c5fa6160 R15: 00007ffc246e8f48 [ 59.682490][ T6587] [ 60.060749][ T25] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 60.230752][ T25] usb 6-1: Using ep0 maxpacket: 16 [ 60.233758][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.236884][ T25] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 60.242155][ T25] usb 6-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 60.246005][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.252265][ T25] usb 6-1: config 0 descriptor?? [ 60.467461][ T25] usbhid 6-1:0.0: can't add hid device: -71 [ 60.470097][ T25] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 60.477777][ T25] usb 6-1: USB disconnect, device number 2 [ 61.020866][ T5984] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 61.091045][ T6614] netlink: 'syz.1.190': attribute type 1 has an invalid length. [ 61.190697][ T5984] usb 7-1: Using ep0 maxpacket: 8 [ 61.191135][ T5984] usb 7-1: no configurations [ 61.191144][ T5984] usb 7-1: can't read configurations, error -22 [ 61.305733][ T6630] FAULT_INJECTION: forcing a failure. [ 61.305733][ T6630] name failslab, interval 1, probability 0, space 0, times 0 [ 61.310480][ T6630] CPU: 2 UID: 0 PID: 6630 Comm: syz.3.196 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 61.310492][ T6630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.310498][ T6630] Call Trace: [ 61.310501][ T6630] [ 61.310505][ T6630] dump_stack_lvl+0x16c/0x1f0 [ 61.310522][ T6630] should_fail_ex+0x497/0x5b0 [ 61.310534][ T6630] ? fs_reclaim_acquire+0xae/0x150 [ 61.310548][ T6630] should_failslab+0xc2/0x120 [ 61.310558][ T6630] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 61.310577][ T6630] ? getname_flags.part.0+0x4c/0x550 [ 61.310589][ T6630] getname_flags.part.0+0x4c/0x550 [ 61.310603][ T6630] getname_flags+0x93/0xf0 [ 61.310616][ T6630] __x64_sys_mkdirat+0x76/0xb0 [ 61.310641][ T6630] do_syscall_64+0xcd/0x250 [ 61.310656][ T6630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.310669][ T6630] RIP: 0033:0x7fb2c5d8cd29 [ 61.310677][ T6630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.310686][ T6630] RSP: 002b:00007fb2c6bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 61.310695][ T6630] RAX: ffffffffffffffda RBX: 00007fb2c5fa5fa0 RCX: 00007fb2c5d8cd29 [ 61.310701][ T6630] RDX: 000000000000003a RSI: 00000000200021c0 RDI: ffffffffffffff9c [ 61.310706][ T6630] RBP: 00007fb2c6bb4090 R08: 0000000000000000 R09: 0000000000000000 [ 61.310711][ T6630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.310716][ T6630] R13: 0000000000000000 R14: 00007fb2c5fa5fa0 R15: 00007ffc246e8f48 [ 61.310727][ T6630] [ 61.360717][ T5984] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 61.399008][ T39] kauditd_printk_skb: 15 callbacks suppressed [ 61.399018][ T39] audit: type=1400 audit(1737769569.503:283): avc: denied { create } for pid=6631 comm="syz.3.197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 61.419952][ T6632] netlink: 'syz.3.197': attribute type 5 has an invalid length. [ 61.425751][ T39] audit: type=1400 audit(1737769569.533:284): avc: denied { write } for pid=6631 comm="syz.3.197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 61.432236][ T39] audit: type=1400 audit(1737769569.533:285): avc: denied { read } for pid=6631 comm="syz.3.197" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 61.442105][ T39] audit: type=1400 audit(1737769569.533:286): avc: denied { open } for pid=6631 comm="syz.3.197" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 61.490814][ T25] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 61.520870][ T5984] usb 7-1: Using ep0 maxpacket: 8 [ 61.524268][ T5984] usb 7-1: no configurations [ 61.525817][ T5984] usb 7-1: can't read configurations, error -22 [ 61.528020][ T5984] usb usb7-port1: attempt power cycle [ 61.640764][ T25] usb 6-1: Using ep0 maxpacket: 16 [ 61.645006][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 61.648995][ T25] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 61.654915][ T25] usb 6-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 61.658565][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.663654][ T25] usb 6-1: config 0 descriptor?? [ 61.690282][ T6640] netlink: 'syz.0.200': attribute type 1 has an invalid length. [ 61.860739][ T5984] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 61.872223][ T25] usbhid 6-1:0.0: can't add hid device: -71 [ 61.874133][ T25] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 61.882150][ T25] usb 6-1: USB disconnect, device number 3 [ 61.891508][ T5984] usb 7-1: Using ep0 maxpacket: 8 [ 61.894161][ T5984] usb 7-1: no configurations [ 61.895616][ T5984] usb 7-1: can't read configurations, error -22 [ 62.020871][ T5984] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 62.052830][ T5984] usb 7-1: Using ep0 maxpacket: 8 [ 62.055725][ T5984] usb 7-1: no configurations [ 62.057179][ T5984] usb 7-1: can't read configurations, error -22 [ 62.059188][ T5984] usb usb7-port1: unable to enumerate USB device [ 62.180798][ T837] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 62.330736][ T837] usb 8-1: Using ep0 maxpacket: 32 [ 62.333667][ T837] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 62.341208][ T837] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 62.343969][ T837] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 62.346352][ T837] usb 8-1: Product: syz [ 62.347611][ T837] usb 8-1: Manufacturer: syz [ 62.348985][ T837] usb 8-1: SerialNumber: syz [ 62.351416][ T837] usb 8-1: config 0 descriptor?? [ 62.353920][ T6648] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 62.411170][ T6652] FAULT_INJECTION: forcing a failure. [ 62.411170][ T6652] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 62.415180][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.0.203 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 62.415192][ T6652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.415198][ T6652] Call Trace: [ 62.415201][ T6652] [ 62.415205][ T6652] dump_stack_lvl+0x16c/0x1f0 [ 62.415232][ T6652] should_fail_ex+0x497/0x5b0 [ 62.415252][ T6652] _copy_from_user+0x2e/0xd0 [ 62.415265][ T6652] sctp_setsockopt+0x2050/0xb810 [ 62.415275][ T6652] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 62.415288][ T6652] ? __pfx_sctp_setsockopt+0x10/0x10 [ 62.415300][ T6652] ? selinux_socket_setsockopt+0x6a/0x80 [ 62.415314][ T6652] ? sock_common_setsockopt+0x2e/0xf0 [ 62.415326][ T6652] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 62.415337][ T6652] do_sock_setsockopt+0x222/0x480 [ 62.415348][ T6652] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 62.415359][ T6652] ? lock_acquire+0x2f/0xb0 [ 62.415377][ T6652] __sys_setsockopt+0x1a0/0x230 [ 62.415392][ T6652] __x64_sys_setsockopt+0xbd/0x160 [ 62.415405][ T6652] ? do_syscall_64+0x91/0x250 [ 62.415418][ T6652] ? lockdep_hardirqs_on+0x7c/0x110 [ 62.415430][ T6652] do_syscall_64+0xcd/0x250 [ 62.415443][ T6652] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.415456][ T6652] RIP: 0033:0x7f0bf198cd29 [ 62.415464][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.415472][ T6652] RSP: 002b:00007f0bf27be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 62.415481][ T6652] RAX: ffffffffffffffda RBX: 00007f0bf1ba5fa0 RCX: 00007f0bf198cd29 [ 62.415487][ T6652] RDX: 0000000000000022 RSI: 0000000000000084 RDI: 0000000000000003 [ 62.415492][ T6652] RBP: 00007f0bf27be090 R08: 0000000000000010 R09: 0000000000000000 [ 62.415497][ T6652] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001 [ 62.415502][ T6652] R13: 0000000000000000 R14: 00007f0bf1ba5fa0 R15: 00007ffd75eb5a28 [ 62.415513][ T6652] [ 62.524651][ T39] audit: type=1400 audit(1737769570.633:287): avc: denied { unlink } for pid=6658 comm="syz.0.208" name="#1" dev="tmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 62.536783][ T39] audit: type=1400 audit(1737769570.633:288): avc: denied { mount } for pid=6658 comm="syz.0.208" name="/" dev="overlay" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 62.619797][ T39] audit: type=1400 audit(1737769570.723:289): avc: denied { mounton } for pid=6647 comm="syz.3.202" path="/56/file0" dev="tmpfs" ino=316 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 62.620009][ T6664] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 63.099506][ T39] audit: type=1400 audit(1737769571.203:290): avc: denied { mount } for pid=6670 comm="syz.1.212" name="/" dev="autofs" ino=13151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 63.107082][ T39] audit: type=1400 audit(1737769571.213:291): avc: denied { ioctl } for pid=6670 comm="syz.1.212" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 63.291012][ T39] audit: type=1400 audit(1737769571.403:292): avc: denied { unmount } for pid=5951 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 63.390833][ T6003] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 63.560766][ T6003] usb 5-1: Using ep0 maxpacket: 16 [ 63.564683][ T6003] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 63.568390][ T6003] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 63.572940][ T6003] usb 5-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 63.576048][ T6003] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.580739][ T837] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 63.588176][ T6003] usb 5-1: config 0 descriptor?? [ 63.599984][ T6681] xt_ecn: cannot match TCP bits for non-tcp packets [ 63.602450][ T6681] capability: warning: `syz.2.216' uses 32-bit capabilities (legacy support in use) [ 63.665484][ T6681] tipc: Started in network mode [ 63.667529][ T6681] tipc: Node identity eac0f2ac03eb, cluster identity 4711 [ 63.670440][ T6681] tipc: Enabled bearer , priority 0 [ 63.674396][ T6681] +: renamed from syzkaller0 [ 63.677544][ T6681] tipc: Disabling bearer [ 63.732271][ T837] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 63.736697][ T837] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 63.739425][ T837] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.741992][ T837] usb 6-1: Product: syz [ 63.743377][ T837] usb 6-1: Manufacturer: syz [ 63.744777][ T837] usb 6-1: SerialNumber: syz [ 63.796074][ T6003] usbhid 5-1:0.0: can't add hid device: -71 [ 63.797968][ T6003] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 63.804545][ T6003] usb 5-1: USB disconnect, device number 4 [ 63.953633][ T837] usblp 6-1:1.0: usblp1: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 64.358646][ T6696] netlink: 'syz.0.220': attribute type 7 has an invalid length. [ 64.361464][ T6696] netlink: 8 bytes leftover after parsing attributes in process `syz.0.220'. [ 64.368935][ T6696] FAULT_INJECTION: forcing a failure. [ 64.368935][ T6696] name failslab, interval 1, probability 0, space 0, times 0 [ 64.372753][ T6696] CPU: 2 UID: 0 PID: 6696 Comm: syz.0.220 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 64.372765][ T6696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.372771][ T6696] Call Trace: [ 64.372774][ T6696] [ 64.372778][ T6696] dump_stack_lvl+0x16c/0x1f0 [ 64.372794][ T6696] should_fail_ex+0x497/0x5b0 [ 64.372806][ T6696] ? fs_reclaim_acquire+0xae/0x150 [ 64.372820][ T6696] should_failslab+0xc2/0x120 [ 64.372830][ T6696] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 64.372845][ T6696] ? __alloc_skb+0x2b1/0x380 [ 64.372861][ T6696] __alloc_skb+0x2b1/0x380 [ 64.372874][ T6696] ? __pfx___alloc_skb+0x10/0x10 [ 64.372886][ T6696] ? __lock_acquire+0xcc5/0x3c40 [ 64.372903][ T6696] alloc_skb_with_frags+0xe4/0x850 [ 64.372912][ T6696] ? __pfx___lock_acquire+0x10/0x10 [ 64.372924][ T6696] ? __pfx___lock_acquire+0x10/0x10 [ 64.372937][ T6696] sock_alloc_send_pskb+0x7f1/0x980 [ 64.372952][ T6696] ? find_held_lock+0x2d/0x110 [ 64.372964][ T6696] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 64.372978][ T6696] ? lock_acquire+0x2f/0xb0 [ 64.372989][ T6696] ? dev_get_by_index+0x37/0x380 [ 64.373005][ T6696] packet_sendmsg+0x1fd3/0x56c0 [ 64.373020][ T6696] ? avc_has_perm+0xf0/0x1c0 [ 64.373037][ T6696] ? sock_has_perm+0x25a/0x2f0 [ 64.373052][ T6696] ? __pfx_sock_has_perm+0x10/0x10 [ 64.373066][ T6696] ? __pfx_packet_sendmsg+0x10/0x10 [ 64.373085][ T6696] __sys_sendto+0x488/0x4f0 [ 64.373098][ T6696] ? __pfx___sys_sendto+0x10/0x10 [ 64.373120][ T6696] ? ksys_write+0x1ba/0x250 [ 64.373132][ T6696] ? __pfx_ksys_write+0x10/0x10 [ 64.373146][ T6696] __x64_sys_sendto+0xe0/0x1c0 [ 64.373159][ T6696] ? do_syscall_64+0x91/0x250 [ 64.373172][ T6696] ? lockdep_hardirqs_on+0x7c/0x110 [ 64.373184][ T6696] do_syscall_64+0xcd/0x250 [ 64.373197][ T6696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.373210][ T6696] RIP: 0033:0x7f0bf198cd29 [ 64.373218][ T6696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.373226][ T6696] RSP: 002b:00007f0bf27be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 64.373235][ T6696] RAX: ffffffffffffffda RBX: 00007f0bf1ba5fa0 RCX: 00007f0bf198cd29 [ 64.373240][ T6696] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 64.373246][ T6696] RBP: 00007f0bf27be090 R08: 0000000020000140 R09: 0000000000000014 [ 64.373251][ T6696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.373256][ T6696] R13: 0000000000000000 R14: 00007f0bf1ba5fa0 R15: 00007ffd75eb5a28 [ 64.373266][ T6696] [ 64.962949][ T6003] usb 8-1: USB disconnect, device number 4 [ 65.004404][ T6701] netlink: 'syz.3.222': attribute type 7 has an invalid length. [ 65.007270][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.3.222'. [ 65.069489][ T6705] netlink: 'syz.2.224': attribute type 7 has an invalid length. [ 65.073280][ T6705] netlink: 8 bytes leftover after parsing attributes in process `syz.2.224'. [ 65.195872][ T5958] Bluetooth: hci1: Malformed LE Event: 0x1b [ 65.410721][ T837] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 65.570747][ T837] usb 7-1: Using ep0 maxpacket: 16 [ 65.575014][ T837] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 65.578907][ T837] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 65.584021][ T837] usb 7-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 65.585803][ T5958] Bluetooth: Unexpected continuation frame (len 18) [ 65.587939][ T837] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.589755][ T837] usb 7-1: config 0 descriptor?? [ 65.628091][ T6724] binder: 6723:6724 ioctl 2276 20000080 returned -22 [ 65.631309][ T6724] netlink: 36 bytes leftover after parsing attributes in process `syz.0.231'. [ 65.805739][ T837] usbhid 7-1:0.0: can't add hid device: -71 [ 65.807667][ T837] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 65.812580][ T837] usb 7-1: USB disconnect, device number 15 [ 66.028924][ T6744] tunl0: entered promiscuous mode [ 66.032916][ T6744] team0: Device tunl0 is of different type [ 66.078377][ T6748] FAULT_INJECTION: forcing a failure. [ 66.078377][ T6748] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 66.086614][ T6748] CPU: 3 UID: 0 PID: 6748 Comm: syz.3.240 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 66.086637][ T6748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.086647][ T6748] Call Trace: [ 66.086652][ T6748] [ 66.086659][ T6748] dump_stack_lvl+0x16c/0x1f0 [ 66.086703][ T6748] should_fail_ex+0x497/0x5b0 [ 66.086737][ T6748] _copy_to_user+0x32/0xd0 [ 66.086763][ T6748] simple_read_from_buffer+0xd0/0x160 [ 66.086797][ T6748] proc_fail_nth_read+0x198/0x270 [ 66.086824][ T6748] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 66.086847][ T6748] ? rw_verify_area+0xcf/0x680 [ 66.086872][ T6748] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 66.086897][ T6748] vfs_read+0x1df/0xbf0 [ 66.086924][ T6748] ? __fget_files+0x1fc/0x3a0 [ 66.086953][ T6748] ? __pfx___mutex_lock+0x10/0x10 [ 66.086987][ T6748] ? __pfx_vfs_read+0x10/0x10 [ 66.087017][ T6748] ? __fget_files+0x206/0x3a0 [ 66.087048][ T6748] ksys_read+0x12b/0x250 [ 66.087071][ T6748] ? __pfx_ksys_read+0x10/0x10 [ 66.087101][ T6748] do_syscall_64+0xcd/0x250 [ 66.087129][ T6748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.087152][ T6748] RIP: 0033:0x7fb2c5d8b73c [ 66.087166][ T6748] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 66.087181][ T6748] RSP: 002b:00007fb2c6bb4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 66.087197][ T6748] RAX: ffffffffffffffda RBX: 00007fb2c5fa5fa0 RCX: 00007fb2c5d8b73c [ 66.087208][ T6748] RDX: 000000000000000f RSI: 00007fb2c6bb40a0 RDI: 0000000000000005 [ 66.087218][ T6748] RBP: 00007fb2c6bb4090 R08: 0000000000000000 R09: 0000000000000000 [ 66.087227][ T6748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.087237][ T6748] R13: 0000000000000000 R14: 00007fb2c5fa5fa0 R15: 00007ffc246e8f48 [ 66.087259][ T6748] [ 66.274383][ T6756] netlink: 'syz.0.243': attribute type 1 has an invalid length. [ 66.350986][ T837] usb 6-1: USB disconnect, device number 4 [ 66.353995][ T837] usblp1: removed [ 66.369132][ T6767] netlink: 36 bytes leftover after parsing attributes in process `syz.2.246'. [ 66.375796][ T6772] FAULT_INJECTION: forcing a failure. [ 66.375796][ T6772] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 66.376473][ T6771] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 66.379726][ T6772] CPU: 2 UID: 0 PID: 6772 Comm: syz.0.248 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 66.379746][ T6772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.379755][ T6772] Call Trace: [ 66.379761][ T6772] [ 66.379767][ T6772] dump_stack_lvl+0x16c/0x1f0 [ 66.379794][ T6772] should_fail_ex+0x497/0x5b0 [ 66.379817][ T6772] _copy_from_user+0x2e/0xd0 [ 66.379840][ T6772] cec_ioctl+0xf01/0x2920 [ 66.379862][ T6772] ? __pfx_cec_ioctl+0x10/0x10 [ 66.379884][ T6772] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 66.379910][ T6772] ? do_vfs_ioctl+0x513/0x1990 [ 66.379937][ T6772] ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450 [ 66.379958][ T6772] ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450 [ 66.379980][ T6772] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 66.380004][ T6772] ? __pfx_lock_release+0x10/0x10 [ 66.380034][ T6772] ? selinux_file_ioctl+0x180/0x270 [ 66.380053][ T6772] ? selinux_file_ioctl+0xb4/0x270 [ 66.380073][ T6772] ? __pfx_cec_ioctl+0x10/0x10 [ 66.380093][ T6772] __x64_sys_ioctl+0x190/0x200 [ 66.380113][ T6772] do_syscall_64+0xcd/0x250 [ 66.380138][ T6772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.380159][ T6772] RIP: 0033:0x7f0bf198cd29 [ 66.380171][ T6772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.380188][ T6772] RSP: 002b:00007f0bf27be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 66.380202][ T6772] RAX: ffffffffffffffda RBX: 00007f0bf1ba5fa0 RCX: 00007f0bf198cd29 [ 66.380215][ T6772] RDX: 0000000020000480 RSI: 00000000c0386105 RDI: 0000000000000003 [ 66.380223][ T6772] RBP: 00007f0bf27be090 R08: 0000000000000000 R09: 0000000000000000 [ 66.380232][ T6772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.380240][ T6772] R13: 0000000000000000 R14: 00007f0bf1ba5fa0 R15: 00007ffd75eb5a28 [ 66.380260][ T6772] [ 66.440822][ T56] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 66.455398][ T39] kauditd_printk_skb: 18 callbacks suppressed [ 66.455408][ T39] audit: type=1400 audit(1737769574.563:311): avc: denied { write } for pid=6779 comm="syz.2.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 66.485463][ T39] audit: type=1400 audit(1737769574.593:312): avc: denied { open } for pid=6781 comm="syz.1.252" path="/dev/ptyq7" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 66.492602][ T39] audit: type=1400 audit(1737769574.593:313): avc: denied { ioctl } for pid=6781 comm="syz.1.252" path="/dev/ptyq7" dev="devtmpfs" ino=134 ioctlcmd=0x5412 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 66.502918][ T6784] FAULT_INJECTION: forcing a failure. [ 66.502918][ T6784] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 66.506925][ T6784] CPU: 3 UID: 0 PID: 6784 Comm: syz.2.253 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 66.506938][ T6784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.506943][ T6784] Call Trace: [ 66.506946][ T6784] [ 66.506950][ T6784] dump_stack_lvl+0x16c/0x1f0 [ 66.506967][ T6784] should_fail_ex+0x497/0x5b0 [ 66.506982][ T6784] _copy_from_user+0x2e/0xd0 [ 66.506995][ T6784] io_openat2_prep+0xb4/0x150 [ 66.507005][ T6784] io_submit_sqes+0x853/0x25c0 [ 66.507023][ T6784] __do_sys_io_uring_enter+0xd60/0x1670 [ 66.507037][ T6784] ? __fget_files+0x206/0x3a0 [ 66.507051][ T6784] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 66.507065][ T6784] ? fput+0x67/0x440 [ 66.507075][ T6784] ? ksys_write+0x1ba/0x250 [ 66.507087][ T6784] ? __pfx_ksys_write+0x10/0x10 [ 66.507103][ T6784] do_syscall_64+0xcd/0x250 [ 66.507118][ T6784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.507130][ T6784] RIP: 0033:0x7faa0058cd29 [ 66.507138][ T6784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.507147][ T6784] RSP: 002b:00007fa9fe3f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 66.507155][ T6784] RAX: ffffffffffffffda RBX: 00007faa007a5fa0 RCX: 00007faa0058cd29 [ 66.507161][ T6784] RDX: 000000000000bacc RSI: 00000000000047f6 RDI: 0000000000000003 [ 66.507166][ T6784] RBP: 00007fa9fe3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 66.507171][ T6784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.507176][ T6784] R13: 0000000000000000 R14: 00007faa007a5fa0 R15: 00007ffc2dd7dc28 [ 66.507188][ T6784] [ 66.528915][ T39] audit: type=1400 audit(1737769574.633:314): avc: denied { ioctl } for pid=6785 comm="syz.1.254" path="socket:[17602]" dev="sockfs" ino=17602 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 66.609529][ T39] audit: type=1400 audit(1737769574.713:315): avc: denied { connect } for pid=6793 comm="syz.2.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 66.620874][ T56] usb 8-1: Using ep0 maxpacket: 32 [ 66.626343][ T56] usb 8-1: config index 0 descriptor too short (expected 29220, got 36) [ 66.629791][ T56] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 66.633340][ T56] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 66.636137][ T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 66.639012][ T56] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 66.643663][ T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 66.647520][ T56] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 66.652553][ T56] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 66.656030][ T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.660728][ T56] usb 8-1: config 0 descriptor?? [ 66.661222][ T39] audit: type=1400 audit(1737769574.763:316): avc: denied { write } for pid=6795 comm="syz.1.257" name="001" dev="devtmpfs" ino=764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 66.671886][ T39] audit: type=1400 audit(1737769574.783:317): avc: denied { create } for pid=6795 comm="syz.1.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 66.679698][ T39] audit: type=1400 audit(1737769574.783:318): avc: denied { write } for pid=6795 comm="syz.1.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 66.688215][ T39] audit: type=1400 audit(1737769574.783:319): avc: denied { ioctl } for pid=6795 comm="syz.1.257" path="socket:[15488]" dev="sockfs" ino=15488 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 66.730092][ T39] audit: type=1400 audit(1737769574.833:320): avc: denied { append } for pid=6793 comm="syz.2.256" name="video7" dev="devtmpfs" ino=974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 66.738927][ T6808] fuse: Bad value for 'fd' [ 66.779926][ T6812] FAULT_INJECTION: forcing a failure. [ 66.779926][ T6812] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 66.784744][ T6812] CPU: 2 UID: 0 PID: 6812 Comm: syz.1.261 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 66.784757][ T6812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.784763][ T6812] Call Trace: [ 66.784765][ T6812] [ 66.784769][ T6812] dump_stack_lvl+0x16c/0x1f0 [ 66.784786][ T6812] should_fail_ex+0x497/0x5b0 [ 66.784805][ T6812] _copy_from_user+0x2e/0xd0 [ 66.784819][ T6812] tun_set_ebpf+0x7d/0x140 [ 66.784828][ T6812] ? __pfx_tun_set_ebpf+0x10/0x10 [ 66.784838][ T6812] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 66.784854][ T6812] __tun_chr_ioctl+0x2b4b/0x4b80 [ 66.784866][ T6812] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 66.784882][ T6812] ? selinux_file_ioctl+0x180/0x270 [ 66.784893][ T6812] ? selinux_file_ioctl+0xb4/0x270 [ 66.784905][ T6812] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 66.784916][ T6812] __x64_sys_ioctl+0x190/0x200 [ 66.784928][ T6812] do_syscall_64+0xcd/0x250 [ 66.784943][ T6812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.784956][ T6812] RIP: 0033:0x7fab6cf8cd29 [ 66.784963][ T6812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.784972][ T6812] RSP: 002b:00007fab6dd72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 66.784981][ T6812] RAX: ffffffffffffffda RBX: 00007fab6d1a5fa0 RCX: 00007fab6cf8cd29 [ 66.784987][ T6812] RDX: 0000000020000200 RSI: 00000000800454e1 RDI: 0000000000000004 [ 66.784992][ T6812] RBP: 00007fab6dd72090 R08: 0000000000000000 R09: 0000000000000000 [ 66.784997][ T6812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.785002][ T6812] R13: 0000000000000000 R14: 00007fab6d1a5fa0 R15: 00007ffdacb01a18 [ 66.785013][ T6812] [ 67.520068][ T6839] netlink: 'syz.2.269': attribute type 1 has an invalid length. [ 67.660199][ T6848] bridge2: entered promiscuous mode [ 67.849799][ T6860] bond0: entered promiscuous mode [ 67.852774][ T6860] bond_slave_0: entered promiscuous mode [ 67.877454][ T6860] bond_slave_1: entered promiscuous mode [ 67.879988][ T6860] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 67.884709][ T6862] FAULT_INJECTION: forcing a failure. [ 67.884709][ T6862] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 67.885142][ T6860] bond0: left promiscuous mode [ 67.888841][ T6862] CPU: 3 UID: 0 PID: 6862 Comm: syz.2.279 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 67.888853][ T6862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.888859][ T6862] Call Trace: [ 67.888862][ T6862] [ 67.888865][ T6862] dump_stack_lvl+0x16c/0x1f0 [ 67.888894][ T6862] should_fail_ex+0x497/0x5b0 [ 67.888914][ T6862] _copy_to_user+0x32/0xd0 [ 67.888928][ T6862] vivid_radio_rx_read+0x7c9/0xb90 [ 67.888945][ T6862] ? __pfx_vivid_radio_rx_read+0x10/0x10 [ 67.888958][ T6862] ? inode_security+0x101/0x130 [ 67.888971][ T6862] vivid_radio_read+0x86/0xc0 [ 67.888984][ T6862] v4l2_read+0x226/0x360 [ 67.888996][ T6862] ? __pfx_v4l2_read+0x10/0x10 [ 67.889007][ T6862] vfs_readv+0x6c2/0x8a0 [ 67.889019][ T6862] ? find_held_lock+0x2d/0x110 [ 67.889032][ T6862] ? __pfx_vfs_readv+0x10/0x10 [ 67.889043][ T6862] ? find_held_lock+0x2d/0x110 [ 67.889054][ T6862] ? __pfx_lock_release+0x10/0x10 [ 67.889067][ T6862] ? trace_lock_acquire+0x14e/0x1f0 [ 67.889080][ T6862] ? __fget_files+0x206/0x3a0 [ 67.889097][ T6862] ? do_readv+0x133/0x340 [ 67.889107][ T6862] do_readv+0x133/0x340 [ 67.889118][ T6862] ? __pfx_do_readv+0x10/0x10 [ 67.889132][ T6862] do_syscall_64+0xcd/0x250 [ 67.889147][ T6862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.889160][ T6862] RIP: 0033:0x7faa0058cd29 [ 67.889169][ T6862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 67.889177][ T6862] RSP: 002b:00007fa9fe3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 67.889186][ T6862] RAX: ffffffffffffffda RBX: 00007faa007a5fa0 RCX: 00007faa0058cd29 [ 67.889192][ T6862] RDX: 0000000000000001 RSI: 0000000020000280 RDI: 0000000000000003 [ 67.889197][ T6862] RBP: 00007fa9fe3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 67.889202][ T6862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 67.889210][ T6862] R13: 0000000000000000 R14: 00007faa007a5fa0 R15: 00007ffc2dd7dc28 [ 67.889221][ T6862] [ 67.959342][ T6860] bond_slave_0: left promiscuous mode [ 67.961228][ T6860] bond_slave_1: left promiscuous mode [ 68.475367][ T6895] xt_CT: No such helper "pptp" [ 68.481647][ T6895] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 68.500915][ T5983] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 68.633321][ T6905] FAULT_INJECTION: forcing a failure. [ 68.633321][ T6905] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.638578][ T6905] CPU: 0 UID: 0 PID: 6905 Comm: syz.2.293 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 68.638597][ T6905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.638607][ T6905] Call Trace: [ 68.638611][ T6905] [ 68.638617][ T6905] dump_stack_lvl+0x16c/0x1f0 [ 68.638646][ T6905] should_fail_ex+0x497/0x5b0 [ 68.638670][ T6905] _copy_to_user+0x32/0xd0 [ 68.638699][ T6905] simple_read_from_buffer+0xd0/0x160 [ 68.638723][ T6905] proc_fail_nth_read+0x198/0x270 [ 68.638744][ T6905] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 68.638779][ T6905] ? rw_verify_area+0xcf/0x680 [ 68.638799][ T6905] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 68.638819][ T6905] vfs_read+0x1df/0xbf0 [ 68.638842][ T6905] ? __fget_files+0x1fc/0x3a0 [ 68.638865][ T6905] ? __pfx___mutex_lock+0x10/0x10 [ 68.638889][ T6905] ? __pfx_vfs_read+0x10/0x10 [ 68.638917][ T6905] ? __fget_files+0x206/0x3a0 [ 68.638945][ T6905] ksys_read+0x12b/0x250 [ 68.638968][ T6905] ? __pfx_ksys_read+0x10/0x10 [ 68.638996][ T6905] do_syscall_64+0xcd/0x250 [ 68.639021][ T6905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.639044][ T6905] RIP: 0033:0x7faa0058b73c [ 68.639058][ T6905] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 68.639072][ T6905] RSP: 002b:00007fa9fe3b4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 68.639087][ T6905] RAX: ffffffffffffffda RBX: 00007faa007a6160 RCX: 00007faa0058b73c [ 68.639098][ T6905] RDX: 000000000000000f RSI: 00007fa9fe3b40a0 RDI: 0000000000000005 [ 68.639108][ T6905] RBP: 00007fa9fe3b4090 R08: 0000000000000000 R09: 0000000000000000 [ 68.639117][ T6905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.639126][ T6905] R13: 0000000000000001 R14: 00007faa007a6160 R15: 00007ffc2dd7dc28 [ 68.639149][ T6905] [ 68.660745][ T5983] usb 5-1: Using ep0 maxpacket: 16 [ 68.705350][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 68.708301][ T5983] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 68.712141][ T5983] usb 5-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 68.714745][ T5983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.718213][ T5983] usb 5-1: config 0 descriptor?? [ 68.851439][ T6911] netlink: 12 bytes leftover after parsing attributes in process `syz.2.295'. [ 68.926985][ T5983] usbhid 5-1:0.0: can't add hid device: -71 [ 68.931980][ T5983] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 68.936619][ T5983] usb 5-1: USB disconnect, device number 5 [ 69.199772][ T25] usb 8-1: USB disconnect, device number 5 [ 69.228030][ T6928] netlink: 100 bytes leftover after parsing attributes in process `syz.2.301'. [ 69.240895][ T6928] netlink: 8 bytes leftover after parsing attributes in process `syz.2.301'. [ 69.277350][ T6932] FAULT_INJECTION: forcing a failure. [ 69.277350][ T6932] name failslab, interval 1, probability 0, space 0, times 0 [ 69.281637][ T6932] CPU: 2 UID: 0 PID: 6932 Comm: syz.2.303 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 69.281651][ T6932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.281656][ T6932] Call Trace: [ 69.281660][ T6932] [ 69.281663][ T6932] dump_stack_lvl+0x16c/0x1f0 [ 69.281680][ T6932] should_fail_ex+0x497/0x5b0 [ 69.281692][ T6932] ? fs_reclaim_acquire+0xae/0x150 [ 69.281706][ T6932] should_failslab+0xc2/0x120 [ 69.281717][ T6932] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 69.281732][ T6932] ? __alloc_skb+0x2b1/0x380 [ 69.281747][ T6932] __alloc_skb+0x2b1/0x380 [ 69.281760][ T6932] ? __pfx___alloc_skb+0x10/0x10 [ 69.281775][ T6932] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 69.281792][ T6932] netlink_alloc_large_skb+0x69/0x130 [ 69.281806][ T6932] netlink_sendmsg+0x689/0xd70 [ 69.281841][ T6932] ? __pfx_netlink_sendmsg+0x10/0x10 [ 69.281859][ T6932] ____sys_sendmsg+0xaaf/0xc90 [ 69.281870][ T6932] ? copy_msghdr_from_user+0x10b/0x160 [ 69.281879][ T6932] ? __pfx_____sys_sendmsg+0x10/0x10 [ 69.281890][ T6932] ? __lock_acquire+0xcc5/0x3c40 [ 69.281908][ T6932] ___sys_sendmsg+0x135/0x1e0 [ 69.281917][ T6932] ? __pfx____sys_sendmsg+0x10/0x10 [ 69.281931][ T6932] ? trace_lock_acquire+0x14e/0x1f0 [ 69.281949][ T6932] __sys_sendmmsg+0x201/0x420 [ 69.281959][ T6932] ? __pfx___sys_sendmmsg+0x10/0x10 [ 69.281971][ T6932] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 69.281989][ T6932] ? fput+0x67/0x440 [ 69.281999][ T6932] ? ksys_write+0x1ba/0x250 [ 69.282012][ T6932] ? __pfx_ksys_write+0x10/0x10 [ 69.282026][ T6932] __x64_sys_sendmmsg+0x9c/0x100 [ 69.282034][ T6932] ? lockdep_hardirqs_on+0x7c/0x110 [ 69.282046][ T6932] do_syscall_64+0xcd/0x250 [ 69.282060][ T6932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.282074][ T6932] RIP: 0033:0x7faa0058cd29 [ 69.282082][ T6932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.282090][ T6932] RSP: 002b:00007fa9fe3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 69.282099][ T6932] RAX: ffffffffffffffda RBX: 00007faa007a5fa0 RCX: 00007faa0058cd29 [ 69.282105][ T6932] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 69.282111][ T6932] RBP: 00007fa9fe3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 69.282116][ T6932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 69.282121][ T6932] R13: 0000000000000000 R14: 00007faa007a5fa0 R15: 00007ffc2dd7dc28 [ 69.282132][ T6932] [ 69.366262][ T6939] binder_alloc: 6938: binder_alloc_buf, no vma [ 69.400161][ T6944] netlink: 'syz.1.308': attribute type 1 has an invalid length. [ 69.411708][ T6944] vlan2: entered promiscuous mode [ 69.885129][ T6970] FAULT_INJECTION: forcing a failure. [ 69.885129][ T6970] name failslab, interval 1, probability 0, space 0, times 0 [ 69.889083][ T6970] CPU: 2 UID: 0 PID: 6970 Comm: syz.2.317 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 69.889095][ T6970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.889101][ T6970] Call Trace: [ 69.889104][ T6970] [ 69.889108][ T6970] dump_stack_lvl+0x16c/0x1f0 [ 69.889125][ T6970] should_fail_ex+0x497/0x5b0 [ 69.889137][ T6970] ? fs_reclaim_acquire+0xae/0x150 [ 69.889151][ T6970] should_failslab+0xc2/0x120 [ 69.889162][ T6970] __kmalloc_noprof+0xcb/0x510 [ 69.889171][ T6970] ? d_absolute_path+0x137/0x1b0 [ 69.889182][ T6970] ? rcu_is_watching+0x12/0xc0 [ 69.889193][ T6970] tomoyo_encode2+0x100/0x3e0 [ 69.889206][ T6970] tomoyo_encode+0x29/0x50 [ 69.889216][ T6970] tomoyo_realpath_from_path+0x19d/0x720 [ 69.889230][ T6970] tomoyo_path_number_perm+0x248/0x590 [ 69.889239][ T6970] ? tomoyo_path_number_perm+0x235/0x590 [ 69.889249][ T6970] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 69.889269][ T6970] ? __pfx_lock_release+0x10/0x10 [ 69.889281][ T6970] ? trace_lock_acquire+0x14e/0x1f0 [ 69.889293][ T6970] ? lock_acquire+0x2f/0xb0 [ 69.889304][ T6970] ? __fget_files+0x40/0x3a0 [ 69.889318][ T6970] ? __fget_files+0x206/0x3a0 [ 69.889333][ T6970] security_file_ioctl+0x9b/0x240 [ 69.889344][ T6970] __x64_sys_ioctl+0xb7/0x200 [ 69.889357][ T6970] do_syscall_64+0xcd/0x250 [ 69.889371][ T6970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.889384][ T6970] RIP: 0033:0x7faa0058cd29 [ 69.889392][ T6970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.889401][ T6970] RSP: 002b:00007fa9fe3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 69.889410][ T6970] RAX: ffffffffffffffda RBX: 00007faa007a5fa0 RCX: 00007faa0058cd29 [ 69.889416][ T6970] RDX: 0000000020000200 RSI: 00000000800454e1 RDI: 0000000000000003 [ 69.889421][ T6970] RBP: 00007fa9fe3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 69.889427][ T6970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 69.889432][ T6970] R13: 0000000000000000 R14: 00007faa007a5fa0 R15: 00007ffc2dd7dc28 [ 69.889443][ T6970] [ 69.889455][ T6970] ERROR: Out of memory at tomoyo_realpath_from_path. [ 70.064784][ T6972] netlink: 'syz.2.318': attribute type 1 has an invalid length. [ 70.090208][ T6972] vlan2: entered promiscuous mode [ 70.371149][ T835] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 70.530738][ T835] usb 7-1: Using ep0 maxpacket: 16 [ 70.534317][ T835] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 70.538274][ T835] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 70.543626][ T835] usb 7-1: New USB device found, idVendor=056a, idProduct=00d4, bcdDevice= 0.00 [ 70.547296][ T835] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.555032][ T835] usb 7-1: config 0 descriptor?? [ 70.556342][ T6984] ------------[ cut here ]------------ [ 70.559191][ T6984] WARNING: CPU: 0 PID: 6984 at mm/page_alloc.c:4729 __alloc_pages_noprof+0x1f66/0x2470 [ 70.562521][ T6984] Modules linked in: [ 70.563932][ T6984] CPU: 0 UID: 0 PID: 6984 Comm: syz.1.321 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 70.569462][ T6984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.573331][ T6984] RIP: 0010:__alloc_pages_noprof+0x1f66/0x2470 [ 70.575215][ T6984] Code: 24 38 41 89 c6 0f b6 c0 44 8b ac 24 84 00 00 00 89 44 24 18 e9 a8 f7 ff ff 90 0f 0b 90 e9 b6 f7 ff ff c6 05 ab 83 3a 0e 01 90 <0f> 0b 90 e9 d9 e4 ff ff 90 0f 0b 90 e9 4e fb ff ff 83 bc 24 80 00 [ 70.581337][ T6984] RSP: 0018:ffffc9000fe17908 EFLAGS: 00010246 [ 70.583410][ T6984] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.585898][ T6984] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000040d40 [ 70.588512][ T6984] RBP: 0000000900000000 R08: 0000000000000007 R09: 0000000000000000 [ 70.591631][ T6984] R10: 0000000900000000 R11: 0000000000000001 R12: 0000000000000018 [ 70.594185][ T6984] R13: 1ffff92001fc2f35 R14: 0000000900000000 R15: ffffffff837acbca [ 70.596682][ T6984] FS: 00007fab6dd516c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000 [ 70.599630][ T6984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.602215][ T6984] CR2: 0000000020001000 CR3: 00000000536a0000 CR4: 0000000000352ef0 [ 70.604794][ T6984] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.607192][ T6984] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 70.610173][ T6984] Call Trace: [ 70.611506][ T6984] [ 70.612503][ T6984] ? __warn+0xea/0x3c0 [ 70.613856][ T6984] ? __alloc_pages_noprof+0x1f66/0x2470 [ 70.615599][ T6984] ? report_bug+0x3c0/0x580 [ 70.617003][ T6984] ? handle_bug+0x54/0xa0 [ 70.618541][ T6984] ? exc_invalid_op+0x17/0x50 [ 70.620057][ T6984] ? asm_exc_invalid_op+0x1a/0x20 [ 70.621679][ T6984] ? v9fs_fid_get_acl+0x7a/0x120 [ 70.623339][ T6984] ? __alloc_pages_noprof+0x1f66/0x2470 [ 70.624987][ T6984] ? mark_held_locks+0x9f/0xe0 [ 70.626467][ T6984] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 70.628376][ T6984] ? kasan_quarantine_put+0x10a/0x240 [ 70.630596][ T6984] ? lockdep_hardirqs_on+0x7c/0x110 [ 70.632314][ T6984] ? p9_client_clunk+0x12a/0x170 [ 70.633921][ T6984] ? p9_client_clunk+0x12f/0x170 [ 70.635523][ T6984] ? v9fs_fid_get_acl+0x7a/0x120 [ 70.637017][ T6984] ___kmalloc_large_node+0x84/0x1b0 [ 70.638795][ T6984] __kmalloc_large_node_noprof+0x1c/0x70 [ 70.641051][ T6984] __kmalloc_noprof.cold+0xc/0x61 [ 70.642634][ T6984] ? lockdep_init_map_type+0x16d/0x7d0 [ 70.644300][ T6984] ? v9fs_cache_inode_get_cookie+0x290/0x3a0 [ 70.646173][ T6984] ? p9_req_put+0x1c6/0x250 [ 70.647580][ T6984] v9fs_fid_get_acl+0x7a/0x120 [ 70.649434][ T6984] v9fs_get_acl+0xee/0x530 [ 70.651132][ T6984] v9fs_inode_from_fid_dotl+0x264/0x2f0 [ 70.652826][ T6984] v9fs_mount+0x4fe/0xa30 [ 70.654175][ T6984] ? __pfx_v9fs_mount+0x10/0x10 [ 70.655697][ T6984] ? cap_capable+0xb3/0x250 [ 70.657100][ T6984] ? __pfx_v9fs_mount+0x10/0x10 [ 70.658720][ T6984] legacy_get_tree+0x109/0x220 [ 70.660183][ T6984] vfs_get_tree+0x8b/0x340 [ 70.660738][ T837] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 70.661689][ T6984] path_mount+0x14e6/0x1f10 [ 70.665990][ T6984] ? kmem_cache_free+0x152/0x4c0 [ 70.667874][ T6984] ? __pfx_path_mount+0x10/0x10 [ 70.669866][ T6984] ? putname+0x13c/0x180 [ 70.671619][ T6984] __x64_sys_mount+0x28f/0x310 [ 70.673104][ T6984] ? __pfx___x64_sys_mount+0x10/0x10 [ 70.674821][ T6984] do_syscall_64+0xcd/0x250 [ 70.676219][ T6984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.678066][ T6984] RIP: 0033:0x7fab6cf8cd29 [ 70.679509][ T6984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.685523][ T6984] RSP: 002b:00007fab6dd51038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 70.688092][ T6984] RAX: ffffffffffffffda RBX: 00007fab6d1a6080 RCX: 00007fab6cf8cd29 [ 70.691278][ T6984] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 70.693839][ T6984] RBP: 00007fab6d00e2a0 R08: 0000000020000500 R09: 0000000000000000 [ 70.696332][ T6984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.698993][ T6984] R13: 0000000000000000 R14: 00007fab6d1a6080 R15: 00007ffdacb01a18 [ 70.701618][ T6984] [ 70.702606][ T6984] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 70.704953][ T6984] CPU: 0 UID: 0 PID: 6984 Comm: syz.1.321 Not tainted 6.13.0-syzkaller-07048-gae8b53aac327 #0 [ 70.708122][ T6984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.712091][ T6984] Call Trace: [ 70.713122][ T6984] [ 70.714118][ T6984] dump_stack_lvl+0x3d/0x1f0 [ 70.715587][ T6984] panic+0x71d/0x800 [ 70.716807][ T6984] ? __pfx_panic+0x10/0x10 [ 70.718533][ T6984] ? show_trace_log_lvl+0x29d/0x3d0 [ 70.720631][ T6984] ? __alloc_pages_noprof+0x1f66/0x2470 [ 70.722863][ T6984] check_panic_on_warn+0xab/0xb0 [ 70.724969][ T6984] __warn+0xf6/0x3c0 [ 70.726642][ T6984] ? __alloc_pages_noprof+0x1f66/0x2470 [ 70.728950][ T6984] report_bug+0x3c0/0x580 [ 70.730841][ T6984] handle_bug+0x54/0xa0 [ 70.732645][ T6984] exc_invalid_op+0x17/0x50 [ 70.734590][ T6984] asm_exc_invalid_op+0x1a/0x20 [ 70.736647][ T6984] RIP: 0010:__alloc_pages_noprof+0x1f66/0x2470 [ 70.739216][ T6984] Code: 24 38 41 89 c6 0f b6 c0 44 8b ac 24 84 00 00 00 89 44 24 18 e9 a8 f7 ff ff 90 0f 0b 90 e9 b6 f7 ff ff c6 05 ab 83 3a 0e 01 90 <0f> 0b 90 e9 d9 e4 ff ff 90 0f 0b 90 e9 4e fb ff ff 83 bc 24 80 00 [ 70.746883][ T6984] RSP: 0018:ffffc9000fe17908 EFLAGS: 00010246 [ 70.749419][ T6984] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 70.752720][ T6984] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000040d40 [ 70.756064][ T6984] RBP: 0000000900000000 R08: 0000000000000007 R09: 0000000000000000 [ 70.759372][ T6984] R10: 0000000900000000 R11: 0000000000000001 R12: 0000000000000018 [ 70.762260][ T6984] R13: 1ffff92001fc2f35 R14: 0000000900000000 R15: ffffffff837acbca [ 70.765520][ T6984] ? v9fs_fid_get_acl+0x7a/0x120 [ 70.767544][ T6984] ? mark_held_locks+0x9f/0xe0 [ 70.769288][ T6984] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 70.771060][ T6984] ? kasan_quarantine_put+0x10a/0x240 [ 70.772754][ T6984] ? lockdep_hardirqs_on+0x7c/0x110 [ 70.774355][ T6984] ? p9_client_clunk+0x12a/0x170 [ 70.775968][ T6984] ? p9_client_clunk+0x12f/0x170 [ 70.777745][ T6984] ? v9fs_fid_get_acl+0x7a/0x120 [ 70.779630][ T6984] ___kmalloc_large_node+0x84/0x1b0 [ 70.781277][ T6984] __kmalloc_large_node_noprof+0x1c/0x70 [ 70.783031][ T6984] __kmalloc_noprof.cold+0xc/0x61 [ 70.784605][ T6984] ? lockdep_init_map_type+0x16d/0x7d0 [ 70.786303][ T6984] ? v9fs_cache_inode_get_cookie+0x290/0x3a0 [ 70.788156][ T6984] ? p9_req_put+0x1c6/0x250 [ 70.790069][ T6984] v9fs_fid_get_acl+0x7a/0x120 [ 70.792059][ T6984] v9fs_get_acl+0xee/0x530 [ 70.793891][ T6984] v9fs_inode_from_fid_dotl+0x264/0x2f0 [ 70.796169][ T6984] v9fs_mount+0x4fe/0xa30 [ 70.797687][ T6984] ? __pfx_v9fs_mount+0x10/0x10 [ 70.799616][ T6984] ? cap_capable+0xb3/0x250 [ 70.801243][ T6984] ? __pfx_v9fs_mount+0x10/0x10 [ 70.802772][ T6984] legacy_get_tree+0x109/0x220 [ 70.804265][ T6984] vfs_get_tree+0x8b/0x340 [ 70.805635][ T6984] path_mount+0x14e6/0x1f10 [ 70.807043][ T6984] ? kmem_cache_free+0x152/0x4c0 [ 70.808628][ T6984] ? __pfx_path_mount+0x10/0x10 [ 70.810137][ T6984] ? putname+0x13c/0x180 [ 70.811410][ T6984] __x64_sys_mount+0x28f/0x310 [ 70.812906][ T6984] ? __pfx___x64_sys_mount+0x10/0x10 [ 70.814536][ T6984] do_syscall_64+0xcd/0x250 [ 70.815968][ T6984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.817763][ T6984] RIP: 0033:0x7fab6cf8cd29 [ 70.819490][ T6984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.825738][ T6984] RSP: 002b:00007fab6dd51038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 70.828347][ T6984] RAX: ffffffffffffffda RBX: 00007fab6d1a6080 RCX: 00007fab6cf8cd29 [ 70.830700][ T6984] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 70.833206][ T6984] RBP: 00007fab6d00e2a0 R08: 0000000020000500 R09: 0000000000000000 [ 70.835626][ T6984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.838083][ T6984] R13: 0000000000000000 R14: 00007fab6d1a6080 R15: 00007ffdacb01a18 [ 70.841202][ T6984] [ 70.842880][ T6984] Kernel Offset: disabled [ 70.844272][ T6984] Rebooting in 86400 seconds.. VM DIAGNOSIS: 01:46:18 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853fc8c5 RDI=ffffffff9ab75e00 RBP=ffffffff9ab75dc0 RSP=ffffc9000fe17288 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=0000000000000039 R14=ffffffff853fc860 R15=0000000000000000 RIP=ffffffff853fc8ef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007fab6dd516c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020001000 CR3=00000000536a0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdacb01db0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f232 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f23f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f239 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f24d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f2d3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f3b1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000013c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 000000000000013c ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffffff96ebc1b8 RBX=0000000000080000 RCX=1ffffffff2dd784f RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff96ebc27c RBP=0000000000000000 RSP=ffffc900006b0c48 R8 =0000000000000000 R9 =fffffbfff2dd6f99 R10=ffffffff96eb7ccf R11=0000000000000000 R12=0000000000000000 R13=ffff88801da94880 R14=0000000000000053 R15=ffff88801da95388 RIP=ffffffff819673ac RFL=00000803 [-O----C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f0bf1983593 CR3=0000000032886000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000014 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555567b534f 00005555567b4ac0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555567b2166 00005555567b1f20 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffdf 082ce0030008002c d8030008002cd003 03ffffffff042cc0 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 90030008002d8803 0008002d80030000 0000000000000000 00000000000001ff ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030008002db80300 08002db00303ffff ffff042da0030008 002d98030108002d ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008002de8030008 002de0030008002d d8030008002dd003 03ffffffff042dc0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0102a810002c8004 0a1000060102de00 08002ea003000800 2e98030008002e90 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0303ffffffff042e 800303ffffffff04 2df0030008002de8 030008002de00300 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08002dd803000800 2dd00303ffffffff 042dc0030008002d b8030008002db003 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 03ffffffff042da0 030008002d980301 08002d9003000800 2d88030008002d80 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000007414f RBX=0000000000000002 RCX=ffffffff8b557239 RDX=0000000000000000 RSI=ffffffff8b6cd840 RDI=ffffffff8bd2e7c0 RBP=ffffed1003b55000 RSP=ffffc90000197e08 R8 =0000000000000001 R9 =ffffed100d506f7d R10=ffff88806a837beb R11=0000000000000000 R12=0000000000000002 R13=ffff88801daa8000 R14=ffffffff906231d0 R15=0000000000000000 RIP=ffffffff8b55861f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002018b000 CR3=000000002c1f8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f232 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f23f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f239 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f24d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f2d3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d00f3b1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d17c488 00007fab6d17c480 00007fab6d17c478 00007fab6d17c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6dcdd100 00007fab6d17c440 00007fab6d17c458 00007fab6d17c4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fab6d17c498 00007fab6d17c490 00007fab6d17c488 00007fab6d17c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 0000000000000000 0000000000000000 000000000000013c ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=fffffbfff2dd6f99 RBX=fffffbfff2dd6f99 RCX=ffffffff81967eb2 RDX=fffffbfff2dd6f99 RSI=0000000000000008 RDI=ffffffff96eb7cc0 RBP=fffffbfff2dd6f98 RSP=ffffc9000fe07700 R8 =0000000000000000 R9 =fffffbfff2dd6f98 R10=ffffffff96eb7cc7 R11=0000000000000000 R12=ffffed10044cea6b R13=ffff888022674880 R14=0000000000000004 R15=ffff8880226753d8 RIP=ffffffff821cca5f RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f0bf27be6c0 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002030e000 CR3=000000002c1f8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc2dd7dfc0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa0060f232 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa0060f23f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa0060f239 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa0060f24d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa0060f2d3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007faa0060f3b1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000