last executing test programs: 2m3.49725853s ago: executing program 2 (id=682): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, r0, 0x1}, 0x14}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r2, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r5, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x30}}, 0x0) 2m2.633653104s ago: executing program 2 (id=697): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, 0x0) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001400)='/proc/asound/seq/timer\x00', 0x0, 0x0) read$char_usb(r5, &(0x7f00000001c0)=""/4068, 0xfe4) 2m1.698672484s ago: executing program 2 (id=706): pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000001c0)={0x41, 0x0, 0x3}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000001c0)={0x41, 0x0, 0x3}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x201, 0x0, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2m1.638978435s ago: executing program 2 (id=708): pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x406f413, 0x0) 2m1.638767048s ago: executing program 2 (id=709): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000008c0)={'wlan0\x00'}) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000027c0)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000002740)=[{&(0x7f0000000140)="80", 0x1}], 0x1}}], 0x2, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000180)='yeah\x00', 0x5) shutdown(0xffffffffffffffff, 0x2) 2m1.568568932s ago: executing program 2 (id=711): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sched_switch\x00', r3}, 0x18) r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8) write$cgroup_int(r5, &(0x7f00000001c0)=0x8200000000000000, 0xfffffdef) 2m1.184559155s ago: executing program 32 (id=711): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sched_switch\x00', r3}, 0x18) r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8) write$cgroup_int(r5, &(0x7f00000001c0)=0x8200000000000000, 0xfffffdef) 2.399793623s ago: executing program 0 (id=2092): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x10b}) r1 = socket$packet(0x11, 0x3, 0x300) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1, 0xff, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'rose0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r2], 0x20}}, 0x0) 2.149419411s ago: executing program 0 (id=2097): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) 1.968672058s ago: executing program 0 (id=2101): mkdir(&(0x7f0000000180)='./file1\x00', 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) open$dir(&(0x7f0000000000)='./file0\x00', 0x2881, 0x104) sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="01", 0x1, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000100), 0x6) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0) mknodat(r1, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') chmod(&(0x7f0000000080)='./file1\x00', 0x0) linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0) r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) r3 = openat(r2, &(0x7f0000000040)='.\x00', 0x0, 0x0) r4 = socket$inet6(0xa, 0x1, 0x0) getsockopt$SO_BINDTODEVICE(r4, 0x1, 0x45, 0x0, 0x20000000) mknodat$loop(r3, &(0x7f0000000100)='./bus\x00', 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={&(0x7f00000005c0)=@newtaction={0x74, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x60, 0x1, [@m_skbmod={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x30, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6}, @TCA_SKBMOD_PARMS={0x24}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0) r6 = open(&(0x7f0000000300)='.\x00', 0x10000, 0x0) r7 = socket(0x2, 0x80805, 0x0) r8 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000280)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c58b, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb, 0x2}}}}]}, 0x40}}, 0x0) renameat2(r6, &(0x7f00000004c0)='./bus\x00', r2, &(0x7f0000000500)='./file0\x00', 0x0) 1.848139969s ago: executing program 4 (id=2104): r0 = socket(0xb, 0x2, 0x2) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0x40400, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff5, 0xffff}}}, 0x24}}, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r5 = dup3(r4, r3, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0}}], 0x0, 0x0, 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x30, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xc}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x18, 0x2, [@TCA_FW_CLASSID={0x0, 0x1, {0xffff, 0x7}}]}}]}, 0x44}}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.654268947s ago: executing program 4 (id=2106): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x10b}) r1 = socket$packet(0x11, 0x3, 0x300) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1, 0xff, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'rose0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32=r2], 0x20}}, 0x0) 1.539441395s ago: executing program 0 (id=2108): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000004c0)="6b093db1947bc296cf697e335c7aa0e9afc07b5f0c819e3522eaad2a74224b7a5bed182fec91c96271033eec5d14ede20a6d1c36c3e7a445ccb5b158ffaec30b8b846de0d5b327a6b1d322a80d00b5c08428fb6ef0d6bdfef436fd9a0027a7cce11f65f633449199149e065a48b3f6bb51b5e305aa20ec347027ace732178271cb92f3e4bdda6732a10715efe7a7eae23413207a9cd1c24ea5ad8f333bfedf8e93e880fc51fb9051917d5488a13c22f1a575b1767424074c84444b29becb98de0e479ae50c12711cc5e26973d496458de4969e51dd5aee7ae9ca5da879f96737d626b447cdf675bc4af3e1ffec688c6945d0786b8ff146cab2e441e3438f3ddd2832b9ac4c9693141785b844f706c8137d0ebf12347ee82f9bd1968c51803a81998a149178952f712f57c09038a8f8a2e871a1f3b026ec617a77cb2163cea2164504b5ae989034b7ceb91545c2d968b9852181505afb7422606d1db2982240a7583260c32f5e3ea677edfeffc6cb30ef79c96938f7b571a3747042c4db17296ea799f65205b5cc2bf60f5921db65d28ae0a3ce76601fb0dfc04c7fa3900aff36af6c018df195fe6e97e6aa3a81c06130489c24b82c920681d3efb1fc33c73f8645ff0baa0be3a9a92b601f9602a2ef119e527c156bd8d8c91ec92baed92c43bc153fb5c7a5b08f8c8c03b0d266bcadbb061ae5e0f15eab9ba116923a27d961377383fae7b837a448e786371140ee20733f1fc82b565f4f1dc3859c49c5e9e18180e8511ddf854609ed7fcb50ca1c43934883488c9689e0de4f05ee35a254c900b2dee53673e959ae5adbc3f793917ad556654e4df993f2bbd4b9b9259efdcbd3c3c2d315cb1c92438cdea1792c390cef68d3926d44cd9361912518732211458bdc92f855c9c018e3a7b35da0d8c8f934dbc3cfba39a9fa99e1a76759d09e705e0e4d84a32987c661b2e3f58ca446ca835fabdaf163ae94f2a59481ab62298d4350ae9358fdbd2b1b20da4afaaf2982903c2805b6caf71719d0d74852ae8414baa491363af0d20a7ad133b81356c30e77d036ba519867fe35391c36ecd0464b40a3871637dc81af3c19f59f347749cb07ac25f96e0cbf84288d32aff6dcd9cd2ebbd905d53dc87b14002cf971df0b76c5171e392f78cd002fd34a28454a32531ab9fccb16820b462bd13005da9d2fbd0ed02a4a7527b9b40b939bbf0686d16fa3070f129ae48da709408dfdb12c661148e282d50794b34b2e15236bf2f967bba67a7c650a02743ec3b852b5511c1ab32efc7d85a97bb622935b72d5c06e7bde3f389172684a6e61c852f6ec2a323858f67f8f9dde9f9eaa26cfcf958dafe5ed23b6c06f094fa1550ce0a39447769218060cb9e78a0e6f61a08b629e2512d8972a2a337b0b6b97220d292af823b8800ef45e72089659a0b1cbc750d6491d55f9bde4d1c4abe796d6951be456b8ad327794ddc74042c9e303832ccbf2d2fcb6d01007b8cf0552b568af89adc9b198cbea6b8137ef70ad16919ade2bdbd29d23c78c04cce6dedf07598d33841d8f02f7ed5a349fddbc742ea7e742636a2cb4ff663192cb1102adcc019b92caac00f5a644afc2d03b68f933aa6b8eddd6c39a0de8913034a0b48ddabd39aee173350f3dfa0329c308fb94e3528e", 0x498}, {&(0x7f00000002c0)="1961e97441080000000a260b70d7ada8fffcc472dbeab05f20c7174500", 0x1d}, {&(0x7f0000000300)="d05d67afc746cff8fa10e483e9eaae867d31e22831b4bea09d2b9e867d06ab0eccd98dee45bbd11af441dc93334d0270f6527428cf0d1bef4f5789bf5acf2e44d415c2e774b8af25275915bdd38fe5a74b87a4d9a1848ed513f92bb0672d88425bcf9fdc7b07cdeb96451ccf522215e76dae12391d3fc0258ca86ea22eb857bfc7f9dc565f3e2dd7412060421997bb92", 0x90}, {&(0x7f0000000980)="21e35e62c07eb3b95754d4c8ae60419349648a512aab6c478d95c5f71f25ceb5079ce5da8adbc54a10dcc07e36d67d4b880ae396b5c3de2ab65094", 0x3b}], 0x4}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000040), 0x4) sendmsg$sock(r0, &(0x7f0000001e40)={0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000400)="dc", 0x1}], 0x1}, 0x0) recvmmsg(r0, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000000180)=""/160, 0xa0}], 0x1}}], 0x1, 0x20, 0x0) 1.357295808s ago: executing program 4 (id=2112): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = shmget$private(0x0, 0x1000, 0x4, &(0x7f0000ffb000/0x1000)=nil) r2 = socket$inet_udplite(0x2, 0x2, 0x88) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f00000001c0)='qnx4\x00', 0x208004, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r3, 0x0) shmctl$SHM_LOCK(r1, 0xb) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f00000001c0)={'wg2\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001800190e00000000000000000a000000000000000040000008000400", @ANYRES32=r5, @ANYBLOB="0600150008000000100016"], 0x3c}}, 0x2000c010) 1.260152976s ago: executing program 3 (id=2113): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000040)='./file0\x00', 0x100) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000080)={0x2, [0x0, 0x0]}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000100)={r3, 0x76, "2329cca7f0f583b568c55666eb831f0805120e39c94a25585c285f4d0cba39c59799cbff57a84264c06d711b61a52d5d4e7b85f8a11a10a7049f92074ab682b1e6f7ea3dfe80c9cfb9c6f5cc201da803d0a5d6107eada77260852b4ea38546fa3f322f746523f36387209644663a20db6c993c72c4bd"}, &(0x7f0000000180)=0x7e) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = dup(r4) syz_kvm_setup_cpu$x86(r1, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000008c0)=[@text32={0x20, 0x0}], 0x1, 0x68, 0x0, 0x0) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"]) ioctl$KVM_RUN(r4, 0xae80, 0x0) 1.259943945s ago: executing program 4 (id=2114): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x24, 0x2c, 0x605, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xffe0}, {}, {0x5, 0x5}}}, 0x24}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 7) 1.07885275s ago: executing program 4 (id=2116): r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x6805, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(0xffffffffffffffff, 0xc0605345, &(0x7f0000000400)={0x0, 0x1, {0x3, 0x1, 0x6, 0x1, 0xffffff01}, 0xfffffffc}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000080000044d56", @ANYRES32=r0, @ANYRESDEC=0x0]) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@dellinkprop={0x34, 0x6d, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'team_slave_0\x00'}]}, 0x34}}, 0x0) r4 = dup(r2) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r6 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r6, 0x8948, &(0x7f0000000580)={'vlan0\x00', 0x7}) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x1000, &(0x7f0000014000/0x1000)=nil}) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r7, @ANYBLOB="01002cbd7000fdffffff01000000040002800400018004000300840002802c0001800800010003000000080001000800000008000100060000000800010000000000080001000300000024000180080001000800000088e7a423ad5e6a6a0800010007000000080001000800000014000180080001000100000008000100000000001c000180080001000800000008000100000000000800010004000000"], 0xa4}}, 0x4000) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r7) r8 = socket$pppl2tp(0x18, 0x1, 0x1) r9 = socket$pppl2tp(0x18, 0x1, 0x1) r10 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r9, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r10, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e) connect$pppl2tp(r8, &(0x7f0000000180)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x2, 0x1, 0x1, 0x3, {0xa, 0x4e21, 0xa00, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1ff}}}, 0x32) ioctl$PPPIOCGL2TPSTATS(r9, 0x80487436, &(0x7f0000000340)="6cf798") ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f00000000c0)={0x1a, 0x1, 0x9}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r11 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB="180000006800010000000c0000000000021040000400000099ec022fbe2f82ccfb7b9720a2438432d757a7a881d631d86e36282af1c728670e54151e9c68e448e48f35b93350d7da44284b2a5d2e2a44ff500d6a38cc7c2d5e6dea3921a9b3"], 0x18}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) 1.07518517s ago: executing program 1 (id=2124): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={{0x14}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x409, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffd}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x31}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x8}]}}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x84}}, 0x0) (fail_nth: 6) 899.51091ms ago: executing program 3 (id=2117): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfa, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080) 890.12044ms ago: executing program 1 (id=2126): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (fail_nth: 23) 749.806393ms ago: executing program 3 (id=2118): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfff00002}, {0x16}]}, 0x10) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f0000000280)=0x7b, 0x4) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r1, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0) recvmsg(r1, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000035c0)=""/4099, 0x1003}], 0x1, 0x0, 0x0, 0x407006}, 0x104) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff) openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000040), 0x5000, 0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x28, r4, 0xb21, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'bridge0\x00'}}]}]}, 0x28}}, 0x0) sendmsg$TIPC_NL_KEY_FLUSH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x54, r4, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x80000}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40010}, 0x40) bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendmmsg$inet(r2, &(0x7f0000000480)=[{{&(0x7f0000000080)={0x2, 0x4e23, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r2, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0) 749.650186ms ago: executing program 1 (id=2119): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) 629.775501ms ago: executing program 3 (id=2120): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x4f}}, 0x0) 570.045392ms ago: executing program 1 (id=2121): r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6(0xa, 0x3, 0x8000000003c) syz_emit_ethernet(0x17e, &(0x7f0000000880)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd6000000001483afffe800000000000000000000000000008fe8000000000000000000000000000aa0622000000030000c910000000000000000000000000000000000502e701092bc5d0992c3785ad8c2f2197ce22fb15bc32c4d2c5070ebc9a802494a9d5d97da746aace84e2c25e75b56810f5d0b3eb8477b9b6931a39d8f96d8d6c800428395e98509d5dd30459518dc7102dfd7af50d1ef3c64cf5c004ac18f0d2c22e4ce0f7b5b9c8cc1313bcab22d9990d3403754095af3026e5bfbdf4b47d62327db4c3eda6723721bc624c3ffe48e49c910fb7d96fbb7c241ea4729ed72a0b7def7e92236cb7090e28bf0e168491a4e2599c4d09758eb208f175f07846f6208084f21f7e8220034141df65192170456920455aae06d7b8d0bae88024d45a495bffc91372d76d6fac4d05f804dba10d4afae252c0c8c97103cc44456c6681d5870f0000008900907800000000fc020000000000000000000000000001fe8000000000000000000000000000bb"], 0x0) 493.461194ms ago: executing program 0 (id=2122): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x7, 0x3000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = dup(r2) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x10}, {0x1, [{@none, 0x88, 0x1, 0x17, 'nf+', 0xffff, 0x4}]}}}, 0x13) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00') read$FUSE(r5, &(0x7f0000000040)={0x2020}, 0x2020) getsockopt$netrom_NETROM_N2(r5, 0x103, 0x3, &(0x7f0000000040)=0x6, &(0x7f00000000c0)=0x4) ioctl$KVM_RUN(r4, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000dc0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) 493.08872ms ago: executing program 3 (id=2123): openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x48}}, 0x0) (async, rerun: 32) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="30000000030601080000000000000000050000050500010007"], 0x30}}, 0x84) (async, rerun: 32) r1 = socket(0x10, 0x80002, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000240)={'sit0\x00', &(0x7f0000000140)={'erspan0\x00', 0x0, 0x7800, 0x7, 0xf, 0xd1c0, {{0x6, 0x4, 0x3, 0xe, 0x18, 0x65, 0x0, 0x0, 0x4, 0x0, @private=0xa010102, @private=0xa010100, {[@timestamp={0x44, 0x4, 0xa0, 0x0, 0x7}]}}}}}) (async, rerun: 32) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0x0, 0x401, 0x9, 0xff, 0x5}) (rerun: 32) syz_usb_connect(0x3, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff9909080561760fd502985b24e423238e81aa84e38274040c54f9b6d243725fb427d95b15d5acea9b5e3043c773354361dde21347b2ac3720646f3c508794da07a916b7e82a278e0448a731084de799c58e0d01cd899dc7a3aeaa25acf5b62ffdecadfb31ba0f170005738896c854cf0c00000000000000ed360b965dca92a7c5934018cfaea829e920a89659", @ANYRES32], &(0x7f0000000000)={0xffffffffffffffa3, 0x0, 0x0, 0x0}) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) (async) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x10, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000c3a0000050000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async) syz_usb_control_io$hid(r2, 0x0, 0x0) (async) syz_usb_control_io$hid(r2, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f0000000b574e69630bf85edacab3"], 0x0}, 0x0) (async, rerun: 32) syz_usb_control_io(r2, &(0x7f0000000e40)={0x2c, &(0x7f0000000b40)={0x20, 0x23, 0xfc, {0xfc, 0x8, "12b459f379c95cb791268f0b3d9e40700d765a887188b109f37239f2828ed25facbba9b30f00bad28d8c2d162a75beff46ddc4754e30751a61deec175231fa1adec4dd704d2f3f7cb9dca716279315f7aaa8876f3fc73be25ec7c5698d1f66afd355bcb5527e84d1350daad1dd372af08709a6b8b73e6347bd4a8014a2581cb6f6797f25ff68b7ac64beba87c1754bb82ee152e18d8b91c15ce74d8fe3ee1d6b1413b1e67f6f0017b08e13b1baad7b4a059af38bf755116ea9adb1a7db5b834b4617ed8c37e64773adefefce4639e27a807673bea1373640a2c5b6285e5cb9e369b8a54384ad5c7feb1ec4423d9a05b76658713a22f72eacd20a"}}, &(0x7f0000001400)=ANY=[@ANYBLOB="0003e9000000e903dd8fbf26b8edbce6e299d76a8353f4780888529c9494d9cad5371e969b83db6e290a65ef9aaf4ec4aa20c8b44502a8e03bfe552f6345f5e01939a311cdac834278d000bdfaddb69f331a464611df913c9d84a167202b2650a8a753c6350bc6bb46fda1b9fddc8a62c9ec17ebcd6c80148cddb3a56244541a8b3f921a9f457835bdbb767345190c9f32f59f6fd0dffe5c2492c84b2b2364ef7e5e9281ee5b8843675b13339c3e32ada286823bbb112d3c6dfe5feb11d67b34ede68a0d2b48c496349fce31ac69a517f5ce14702c50098a207e0f2fd2ded22cebdb2054a471e4cf3f1c7b33e00dd41bdcbabe70e848e092e82aa937c730a8e5c3eaf1a82c1f2c0fded1e6b057d605623198fb66587cffe7655a024d431c2f1f01fda5b83ecc0942ddf3c53c8ec6488729cc82cfef2a538d36fd6081c963419212963e4ade61a7e4b7340152c0696e054df518762d278508e5997659c5363cd1e17770"], &(0x7f0000000d80)={0x0, 0xf, 0x2b, {0x5, 0xf, 0x2b, 0x3, [@ptm_cap={0x3}, @ssp_cap={0x18, 0x10, 0xa, 0x81, 0x3, 0x81, 0xf, 0x756, [0x3fc0, 0x7, 0xffc03f]}, @wireless={0xb, 0x10, 0x1, 0x2, 0x0, 0x2, 0x4, 0x2}]}}, &(0x7f0000000dc0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x5, 0x0, 0x0, 0x8, "c1478766", "27a7186c"}}, &(0x7f0000000e00)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0xf7, 0x18, 0x3, 0x2, 0x20, 0x9, 0x4beb}}}, &(0x7f0000001300)={0x84, &(0x7f0000000e80)={0x20, 0x18, 0xb1, "ae3340ce8ccdb372b8c01bd51aa1cd5f90553a53215d565915d2baac64abe33d3505a95204d294a38785135ef9a5458bd4a91532ef61a76d7bb6036c77c48a069655a4f721f846d8850e126f2e91cacab9efd7e7f196469220f313a5fe82ee76e560f9dd5602d270981de178470d514eeee25538b07ca44462e17ca6aae755ae04a2e9d00b49d57df7449251b6de0bdb82c7889486334f10666e8faade475d8fa25588918b3c1cd2ea31b75a24e72664e1"}, &(0x7f0000000f40)={0x0, 0xa, 0x1, 0x7f}, &(0x7f0000000f80)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000fc0)={0x20, 0x0, 0x4, {0x1, 0x7}}, &(0x7f0000001000)={0x20, 0x0, 0x8, {0x1e0, 0x1, [0x0]}}, &(0x7f0000001040)={0x40, 0x7, 0x2, 0xd}, &(0x7f0000001080)={0x40, 0x9, 0x1, 0x5}, &(0x7f00000010c0)={0x40, 0xb, 0x2, '\"<'}, &(0x7f0000001100)={0x40, 0xf, 0x2, 0x3}, &(0x7f0000001140)={0x40, 0x13, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, &(0x7f0000001180)={0x40, 0x17, 0x6, @multicast}, &(0x7f00000011c0)={0x40, 0x19, 0x2, 'p`'}, &(0x7f0000001200)={0x40, 0x1a, 0x2, 0xe}, &(0x7f0000001240)={0x40, 0x1c, 0x1, 0x5}, &(0x7f0000001280)={0x40, 0x1e, 0x1, 0xa1}, &(0x7f00000012c0)={0x40, 0x21, 0x1, 0x7}}) (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b7050000000000007910a800000000007d0a0000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2a) r4 = openat$selinux_create(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) pwrite64(r4, &(0x7f00000010c0)="3703c70f70e244b7878fedf0c0c6c2ff2f524255d61dbfb25921e3d3686454b93e5842722103c5c67b0da4173b9e63544ee1f32fc67080b7b83c0a31241a900518bef75ab52d7df9d091c4c601dc1cb4f1c7ed7a1d442806cc98e32546", 0x5d, 0x2) (async) syz_usb_control_io(r2, &(0x7f0000000480)={0x2c, &(0x7f00000001c0)={0x20, 0x871db74313ebe315, 0x74, {0x74, 0x1, "1da360ce59c6fe8b0d3faf460dd1cf7d7cc537edfa14160811214b0589631eb58f13b2fcf8b16164f3391b080d3c541ce95869a1b293a3b50c40637ffd850b5639f43dc5ae759f86e8df8338d64a70897bd7a21db2a70649bf9cc97233eb947c2ab4587c5dddd6c6ca9832f0de3cbf278534"}}, &(0x7f0000000340)={0x0, 0x3, 0x7d, @string={0x7d, 0x3, "3a4b6e6d72963ce183dca93ae457e692102974aae8e5411d5e9d281466d4980b3ac8fba9e950d30d5d2f122150063c4eabc39e987dc98f9b169f8a03420c5f3bf549ecbe88175a0da747d43ee2398d5d158463c89004b270215c6ea90210ab1dcd080d0024c06f6cca1238517a42809452677008902b33f3a8dea2"}}, &(0x7f0000000a40)=ANY=[@ANYBLOB="000f2e000000050f2e00030a1003530f00054e070051141004014248e1d9e9781bc6c98f0ec43b50250000090300000000000000a369c2a343bbd921692b9ae98ef49f273006f600766c4b9b8d0ab8230802f2f4252ddf50a68f029b066d5c0cf5749bfe93cbef6a9e615461ceaee1244fcb5b0407dbd2d2abfe6586c7b22dc234e09a9de8e310515bc0f9f7aaf9b445efde1a71cea6c16783071498368283e420b562630a2469d6bf5ebda65cd879a3b3ac8698bb3e5fa43a0c30c4f4e071d54251668d5ea71e1922e4de451be5c0cde3d762d2c03294e9b027db91b8580b3150373cff467f468f523746849c6bcca9"], &(0x7f0000000400)={0x20, 0x29, 0xf, {0xf, 0x29, 0x0, 0x10, 0x1, 0x9, "7983b792", "12b3c5e0"}}, &(0x7f00000013c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x8, 0x0, 0x2, 0x4, 0x9, 0x0, 0x4}}}, &(0x7f0000000940)={0x84, &(0x7f00000004c0)={0x0, 0x18, 0xa4, "e42e3a5e86d06cb8957cd3be5a2ad0f186bfb91e804a634849f986e39214c500103e352ee12ebfdabd019d7b8341163315f5e9655f355c0dc0a35fed6c7be8671dcbb447308795628716f3ebfb7c6a1aff9638a6b4a70c66534354ad19f970feebc26e4680a31342cdf88d442a58082ab189c3cc95dae2eb90eb542ee472a83a026e49c8095d9e313b4f14be3c6b2dff66382002546f18b462b68bb1d5cadf57756b223f"}, &(0x7f0000000580)={0x0, 0xa, 0x1, 0x7}, &(0x7f00000005c0)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000600)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f0000000640)=ANY=[@ANYBLOB="0004000000a0000200"], &(0x7f0000000680)={0x40, 0x7, 0x2, 0x5}, &(0x7f00000006c0)={0x40, 0x9, 0x1, 0x2}, &(0x7f0000000700)={0x40, 0xb, 0x2, "ad07"}, &(0x7f0000000740)={0x40, 0xf, 0x2, 0xff}, &(0x7f0000000780)={0x40, 0x13, 0x6, @multicast}, &(0x7f00000007c0)={0x40, 0x17, 0x6, @local}, &(0x7f0000000800)={0x40, 0x19, 0x2, "b69f"}, &(0x7f0000000840)={0x40, 0x1a, 0x2, 0xfffd}, &(0x7f0000000880)={0x40, 0x1c, 0x1, 0x40}, &(0x7f00000008c0)={0x40, 0x1e, 0x1, 0x2}, &(0x7f0000000900)={0x40, 0x21, 0x1, 0x6}}) (async) r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r5, &(0x7f0000000040)="05996a2de85e5e6bc225b35bd223551a35fc56d88814979a6fdae8e6438e293ea14eb81e3321e66a4a74c9bda8742c77acfd1d68ff2d2fd41581b6f9f5d7b56437d33b427ee3f436e48622d4f3aa", 0x4e) pipe(&(0x7f0000000440)) (async) r6 = socket$nl_route(0x10, 0x3, 0x0) (async) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="d80100001c0001"], 0x1d8}}, 0x0) (async) r8 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r8, 0x8933, &(0x7f0000000500)={'team0\x00', 0x0}) (async) r10 = socket$netlink(0x10, 0x3, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @private}, "0400655800000200"}}}}}, 0x0) (async) sendmsg$nl_route_sched(r10, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r9, {0x0, 0xfff2}, {0xffff, 0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffe]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x6}]}]}]}}]}, 0xac}}, 0x0) (async) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@mpls_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_DST={0x8, 0x1, {0x8100}}]}, 0x24}}, 0x14) 439.925318ms ago: executing program 1 (id=2125): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000004c0)="6b093db1947bc296cf697e335c7aa0e9afc07b5f0c819e3522eaad2a74224b7a5bed182fec91c96271033eec5d14ede20a6d1c36c3e7a445ccb5b158ffaec30b8b846de0d5b327a6b1d322a80d00b5c08428fb6ef0d6bdfef436fd9a0027a7cce11f65f633449199149e065a48b3f6bb51b5e305aa20ec347027ace732178271cb92f3e4bdda6732a10715efe7a7eae23413207a9cd1c24ea5ad8f333bfedf8e93e880fc51fb9051917d5488a13c22f1a575b1767424074c84444b29becb98de0e479ae50c12711cc5e26973d496458de4969e51dd5aee7ae9ca5da879f96737d626b447cdf675bc4af3e1ffec688c6945d0786b8ff146cab2e441e3438f3ddd2832b9ac4c9693141785b844f706c8137d0ebf12347ee82f9bd1968c51803a81998a149178952f712f57c09038a8f8a2e871a1f3b026ec617a77cb2163cea2164504b5ae989034b7ceb91545c2d968b9852181505afb7422606d1db2982240a7583260c32f5e3ea677edfeffc6cb30ef79c96938f7b571a3747042c4db17296ea799f65205b5cc2bf60f5921db65d28ae0a3ce76601fb0dfc04c7fa3900aff36af6c018df195fe6e97e6aa3a81c06130489c24b82c920681d3efb1fc33c73f8645ff0baa0be3a9a92b601f9602a2ef119e527c156bd8d8c91ec92baed92c43bc153fb5c7a5b08f8c8c03b0d266bcadbb061ae5e0f15eab9ba116923a27d961377383fae7b837a448e786371140ee20733f1fc82b565f4f1dc3859c49c5e9e18180e8511ddf854609ed7fcb50ca1c43934883488c9689e0de4f05ee35a254c900b2dee53673e959ae5adbc3f793917ad556654e4df993f2bbd4b9b9259efdcbd3c3c2d315cb1c92438cdea1792c390cef68d3926d44cd9361912518732211458bdc92f855c9c018e3a7b35da0d8c8f934dbc3cfba39a9fa99e1a76759d09e705e0e4d84a32987c661b2e3f58ca446ca835fabdaf163ae94f2a59481ab62298d4350ae9358fdbd2b1b20da4afaaf2982903c2805b6caf71719d0d74852ae8414baa491363af0d20a7ad133b81356c30e77d036ba519867fe35391c36ecd0464b40a3871637dc81af3c19f59f347749cb07ac25f96e0cbf84288d32aff6dcd9cd2ebbd905d53dc87b14002cf971df0b76c5171e392f78cd002fd34a28454a32531ab9fccb16820b462bd13005da9d2fbd0ed02a4a7527b9b40b939bbf0686d16fa3070f129ae48da709408dfdb12c661148e282d50794b34b2e15236bf2f967bba67a7c650a02743ec3b852b5511c1ab32efc7d85a97bb622935b72d5c06e7bde3f389172684a6e61c852f6ec2a323858f67f8f9dde9f9eaa26cfcf958dafe5ed23b6c06f094fa1550ce0a39447769218060cb9e78a0e6f61a08b629e2512d8972a2a337b0b6b97220d292af823b8800ef45e72089659a0b1cbc750d6491d55f9bde4d1c4abe796d6951be456b8ad327794ddc74042c9e303832ccbf2d2fcb6d01007b8cf0552b568af89adc9b198cbea6b8137ef70ad16919ade2bdbd29d23c78c04cce6dedf07598d33841d8f02f7ed5a349fddbc742ea7e742636a2cb4ff663192cb1102adcc019b92caac00f5a644afc2d03b68f933aa6b8eddd6c39a0de8913034a0b48ddabd39aee173350f3dfa0329c308fb94e3528e", 0x498}, {&(0x7f00000002c0)="1961e97441080000000a260b70d7ada8fffcc472dbeab05f20c7174500", 0x1d}, {&(0x7f0000000300)="d05d67afc746cff8fa10e483e9eaae867d31e22831b4bea09d2b9e867d06ab0eccd98dee45bbd11af441dc93334d0270f6527428cf0d1bef4f5789bf5acf2e44d415c2e774b8af25275915bdd38fe5a74b87a4d9a1848ed513f92bb0672d88425bcf9fdc7b07cdeb96451ccf522215e76dae12391d3fc0258ca86ea22eb8", 0x7e}, {&(0x7f0000000980)="21e35e62c07eb3b95754d4c8ae60419349648a512aab6c478d95c5f71f25ceb5079ce5da8adbc54a10dcc07e36d67d4b880ae396b5c3de2ab65094fa", 0x3c}], 0x4}}], 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000040), 0x4) sendmsg$sock(r0, &(0x7f0000001e40)={0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000400)="dc", 0x1}], 0x1}, 0x0) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000000180)=""/160, 0xa0}], 0x1}}], 0x1, 0x20, 0x0) 278.457625ms ago: executing program 4 (id=2127): fsopen(&(0x7f0000000080)='ext3\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={[{@inode32}]}) r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$fscrypt_v1(&(0x7f0000000140), &(0x7f0000000180)={'fscrypt:', @desc2}, &(0x7f00000001c0)={0x0, "2f01c4fd8eabb5611b655e5f65991c3e1e6f89550928b713582f37d43e4b35a9f7a5b12d01438c9c419900b0e3001000"}, 0x48, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000640)='asymmetric\x00', &(0x7f0000000600)) keyctl$link(0x8, r1, r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = gettid() r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r4, 0x0) accept4$x25(r4, 0x0, 0x0, 0x80800) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) r9 = dup(r8) syz_usb_connect(0x2, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b000100000000090437"], 0x0) ioctl$KVM_SET_CPUID2(r9, 0x4008ae90, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000001000080"]) ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000280)=ANY=[@ANYBLOB="3b00000000000000410101c0"]) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="240020a5", @ANYRES16=r5, @ANYBLOB="000100000000000000000f00000008000300", @ANYRES32=r10, @ANYBLOB="0500380001000000"], 0x24}}, 0x0) openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r11 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r11, &(0x7f0000f5dfe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x10, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0xfffd, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000f0000000000000000a506b96727d21279a009bdf306349cbfb45c574e2a049cffe34000ebb178906da6446c010663b5c60c428fd049bd281db7cb71486c8ed50994c2e5ec6e0a16fd560d25"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r12 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r12, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 278.236867ms ago: executing program 1 (id=2128): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x1) ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0xffffffc0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xc0) 278.116364ms ago: executing program 3 (id=2129): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000dc0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) (fail_nth: 22) 0s ago: executing program 0 (id=2130): socket$packet(0x11, 0xa, 0x300) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)) ioctl$KVM_GET_MSRS(r2, 0xc048aeca, &(0x7f0000000200)) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0x401) listen(r4, 0x0) ioctl$sock_SIOCSPGRP(r4, 0x8902, &(0x7f0000000000)=0xffffffffffffffff) shutdown(r4, 0x0) r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000007c0), r3) sendmsg$DEVLINK_CMD_GET(r3, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000800)={0x14, r5, 0x309, 0x70bd2d, 0x25dfdbfc}, 0x14}}, 0x40) kernel console output (not intermixed with test programs): common_lsm_audit+0x33f/0x2250 [ 204.539999][T10892] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 204.541622][T10892] ? __pfx_common_lsm_audit+0x10/0x10 [ 204.543326][T10892] ? avc_denied+0x138/0x180 [ 204.544697][T10892] ? avc_denied+0x141/0x180 [ 204.546164][T10892] ? slow_avc_audit+0x17d/0x210 [ 204.547653][T10892] slow_avc_audit+0x17d/0x210 [ 204.549009][T10892] ? __pfx_slow_avc_audit+0x10/0x10 [ 204.550527][T10892] cred_has_capability.isra.0+0x26d/0x2f0 [ 204.552228][T10892] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 204.553953][T10892] ? avc_denied+0x138/0x180 [ 204.555175][T10892] ? avc_denied+0x141/0x180 [ 204.556593][T10892] ? cap_capable+0x1cf/0x240 [ 204.558311][T10892] security_capable+0xd3/0x260 [ 204.559736][T10892] ns_capable+0x70/0x110 [ 204.560872][T10892] bpf_token_capable+0xa0/0x140 [ 204.562158][T10892] bpf_prog_load+0x219/0x2660 [ 204.563410][T10892] ? __pfx_bpf_prog_load+0x10/0x10 [ 204.564809][T10892] ? avc_has_perm+0x198/0x1c0 [ 204.566084][T10892] ? selinux_bpf+0xde/0x130 [ 204.567349][T10892] __sys_bpf+0x4043/0x49c0 [ 204.568567][T10892] ? __pfx_lock_release+0x10/0x10 [ 204.569877][T10892] ? __pfx___sys_bpf+0x10/0x10 [ 204.571107][T10892] ? vfs_write+0x306/0x1150 [ 204.572298][T10892] ? __mutex_unlock_slowpath+0x164/0x690 [ 204.573857][T10892] ? fput+0x67/0x440 [ 204.574930][T10892] ? ksys_write+0x1ba/0x250 [ 204.576209][T10892] ? __pfx_ksys_write+0x10/0x10 [ 204.577591][T10892] __x64_sys_bpf+0x78/0xc0 [ 204.578828][T10892] ? lockdep_hardirqs_on+0x7c/0x110 [ 204.580228][T10892] do_syscall_64+0xcd/0x250 [ 204.581484][T10892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.583026][T10892] RIP: 0033:0x7f8f58f7e919 [ 204.584293][T10892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.589389][T10892] RSP: 002b:00007f8f59e49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 204.591589][T10892] RAX: ffffffffffffffda RBX: 00007f8f59135fa0 RCX: 00007f8f58f7e919 [ 204.593683][T10892] RDX: 0000000000000090 RSI: 0000000020000840 RDI: 0000000000000005 [ 204.595831][T10892] RBP: 00007f8f59e49090 R08: 0000000000000000 R09: 0000000000000000 [ 204.597951][T10892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 204.600093][T10892] R13: 0000000000000000 R14: 00007f8f59135fa0 R15: 00007ffd14d929d8 [ 204.602269][T10892] [ 204.722695][T10896] FAULT_INJECTION: forcing a failure. [ 204.722695][T10896] name failslab, interval 1, probability 0, space 0, times 0 [ 204.726427][T10896] CPU: 1 UID: 0 PID: 10896 Comm: syz.4.1727 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 204.729205][T10896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 204.732262][T10896] Call Trace: [ 204.733240][T10896] [ 204.734089][T10896] dump_stack_lvl+0x16c/0x1f0 [ 204.735380][T10896] should_fail_ex+0x497/0x5b0 [ 204.736859][T10896] ? fs_reclaim_acquire+0xae/0x150 [ 204.738258][T10896] should_failslab+0xc2/0x120 [ 204.739526][T10896] __kmalloc_noprof+0xcb/0x510 [ 204.740806][T10896] ? d_absolute_path+0x137/0x1b0 [ 204.742132][T10896] ? rcu_is_watching+0x12/0xc0 [ 204.743394][T10896] tomoyo_encode2+0x100/0x3e0 [ 204.744686][T10896] tomoyo_encode+0x29/0x50 [ 204.745917][T10896] tomoyo_realpath_from_path+0x19d/0x720 [ 204.747498][T10896] tomoyo_path_number_perm+0x248/0x590 [ 204.749046][T10896] ? tomoyo_path_number_perm+0x235/0x590 [ 204.750789][T10896] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 204.752611][T10896] ? __pfx_lock_release+0x10/0x10 [ 204.753941][T10896] ? trace_lock_acquire+0x146/0x1e0 [ 204.755327][T10896] ? lock_acquire+0x2f/0xb0 [ 204.756586][T10896] ? __fget_files+0x40/0x3a0 [ 204.757839][T10896] ? __fget_files+0x206/0x3a0 [ 204.759101][T10896] security_file_ioctl+0x9b/0x240 [ 204.760492][T10896] __x64_sys_ioctl+0xb7/0x200 [ 204.761828][T10896] do_syscall_64+0xcd/0x250 [ 204.763116][T10896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.764760][T10896] RIP: 0033:0x7f9d4897e919 [ 204.766158][T10896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.771903][T10896] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 204.774138][T10896] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 204.776260][T10896] RDX: 0000000020000300 RSI: 000000004004743a RDI: 0000000000000005 [ 204.778498][T10896] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 204.780630][T10896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.782751][T10896] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 204.784895][T10896] [ 204.793065][T10896] ERROR: Out of memory at tomoyo_realpath_from_path. [ 205.358712][T10915] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1732'. [ 205.443482][T10917] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1733'. [ 205.446119][T10917] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1733'. [ 206.003177][T10935] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1741'. [ 206.018624][T10937] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1742'. [ 206.298413][T10949] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1748'. [ 206.314530][T10949] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1748'. [ 206.588317][T10961] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1753'. [ 206.993089][ T5952] Bluetooth: hci1: sending frame failed (-49) [ 206.996988][ T5960] Bluetooth: hci1: Opcode 0x1003 failed: -49 [ 207.202234][T10980] FAULT_INJECTION: forcing a failure. [ 207.202234][T10980] name failslab, interval 1, probability 0, space 0, times 0 [ 207.205761][T10980] CPU: 0 UID: 0 PID: 10980 Comm: syz.3.1762 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 207.209059][T10980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 207.212195][T10980] Call Trace: [ 207.213209][T10980] [ 207.214146][T10980] dump_stack_lvl+0x16c/0x1f0 [ 207.215515][T10980] should_fail_ex+0x497/0x5b0 [ 207.216774][T10980] ? fs_reclaim_acquire+0xae/0x150 [ 207.218142][T10980] should_failslab+0xc2/0x120 [ 207.219445][T10980] __kmalloc_node_noprof+0xd1/0x510 [ 207.221003][T10980] ? __vmalloc_node_range_noprof+0x3d8/0x1530 [ 207.223099][T10980] __vmalloc_node_range_noprof+0x3d8/0x1530 [ 207.225372][T10980] ? __vcalloc_noprof+0x4d/0x80 [ 207.226962][T10980] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 207.228871][T10980] ? __mutex_lock+0x1cc/0xa60 [ 207.230272][T10980] ? kvm_set_memslot+0x34/0x13e0 [ 207.231760][T10980] ? __vcalloc_noprof+0x4d/0x80 [ 207.233223][T10980] __vmalloc_noprof+0x6d/0x90 [ 207.234449][T10980] ? __vcalloc_noprof+0x4d/0x80 [ 207.235729][T10980] __vcalloc_noprof+0x4d/0x80 [ 207.237026][T10980] kvm_arch_prepare_memory_region+0x2ee/0x850 [ 207.238752][T10980] kvm_set_memslot+0x139/0x13e0 [ 207.240070][T10980] ? kasan_save_track+0x14/0x30 [ 207.241362][T10980] __kvm_set_memory_region+0xe01/0x1580 [ 207.242737][T10980] ? __pfx___kvm_set_memory_region+0x10/0x10 [ 207.244322][T10980] ? __might_fault+0xe3/0x190 [ 207.245568][T10980] kvm_vm_ioctl+0x152e/0x3df0 [ 207.246967][T10980] ? security_file_ioctl+0x9b/0x240 [ 207.248561][T10980] ? do_syscall_64+0xcd/0x250 [ 207.249888][T10980] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.251705][T10980] ? hlock_class+0x4e/0x130 [ 207.252941][T10980] ? mark_lock+0xb5/0xc60 [ 207.254099][T10980] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 207.255554][T10980] ? __pfx_mark_lock+0x10/0x10 [ 207.256855][T10980] ? find_held_lock+0x2d/0x110 [ 207.258368][T10980] ? tomoyo_path_number_perm+0x298/0x590 [ 207.260287][T10980] ? __pfx_lock_release+0x10/0x10 [ 207.261975][T10980] ? tomoyo_path_number_perm+0x46d/0x590 [ 207.264011][T10980] ? tomoyo_path_number_perm+0x190/0x590 [ 207.265729][T10980] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 207.267339][T10980] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 207.269103][T10980] ? do_vfs_ioctl+0x513/0x1990 [ 207.270648][T10980] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 207.272044][T10980] ? selinux_file_ioctl+0x180/0x270 [ 207.273408][T10980] ? selinux_file_ioctl+0xb4/0x270 [ 207.274840][T10980] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 207.276299][T10980] __x64_sys_ioctl+0x190/0x200 [ 207.277677][T10980] do_syscall_64+0xcd/0x250 [ 207.278919][T10980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.280660][T10980] RIP: 0033:0x7f8e5457e51b [ 207.281870][T10980] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 207.287337][T10980] RSP: 002b:00007f8e553ad490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 207.289921][T10980] RAX: ffffffffffffffda RBX: 00007f8e553adbe0 RCX: 00007f8e5457e51b [ 207.292112][T10980] RDX: 00007f8e553adbe0 RSI: 000000004020ae46 RDI: 0000000000000005 [ 207.294346][T10980] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 207.296655][T10980] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000002 [ 207.298983][T10980] R13: 0000000020002000 R14: 0000000020000000 R15: 00000000fec00000 [ 207.301364][T10980] [ 207.302604][T10980] syz.3.1762: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 207.307346][T10980] CPU: 0 UID: 0 PID: 10980 Comm: syz.3.1762 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 207.310096][T10980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 207.312907][T10980] Call Trace: [ 207.313797][T10980] [ 207.314589][T10980] dump_stack_lvl+0x16c/0x1f0 [ 207.315854][T10980] warn_alloc+0x24d/0x3a0 [ 207.317008][T10980] ? __pfx_warn_alloc+0x10/0x10 [ 207.318404][T10980] ? dump_stack_lvl+0x1a1/0x1f0 [ 207.319928][T10980] ? rcu_is_watching+0x12/0xc0 [ 207.321433][T10980] ? trace_kmalloc+0x2d/0xd0 [ 207.322846][T10980] ? __kmalloc_node_noprof+0x23d/0x510 [ 207.324490][T10980] __vmalloc_node_range_noprof+0x1105/0x1530 [ 207.326451][T10980] ? __vcalloc_noprof+0x4d/0x80 [ 207.327933][T10980] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 207.329563][T10980] ? __mutex_lock+0x1cc/0xa60 [ 207.330811][T10980] ? kvm_set_memslot+0x34/0x13e0 [ 207.332136][T10980] ? __vcalloc_noprof+0x4d/0x80 [ 207.333422][T10980] __vmalloc_noprof+0x6d/0x90 [ 207.334697][T10980] ? __vcalloc_noprof+0x4d/0x80 [ 207.336035][T10980] __vcalloc_noprof+0x4d/0x80 [ 207.337245][T10980] kvm_arch_prepare_memory_region+0x2ee/0x850 [ 207.338870][T10980] kvm_set_memslot+0x139/0x13e0 [ 207.340155][T10980] ? kasan_save_track+0x14/0x30 [ 207.341447][T10980] __kvm_set_memory_region+0xe01/0x1580 [ 207.343071][T10980] ? __pfx___kvm_set_memory_region+0x10/0x10 [ 207.345014][T10980] ? __might_fault+0xe3/0x190 [ 207.346628][T10980] kvm_vm_ioctl+0x152e/0x3df0 [ 207.348090][T10980] ? security_file_ioctl+0x9b/0x240 [ 207.349449][T10980] ? do_syscall_64+0xcd/0x250 [ 207.350700][T10980] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.352330][T10980] ? hlock_class+0x4e/0x130 [ 207.353549][T10980] ? mark_lock+0xb5/0xc60 [ 207.354699][T10980] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 207.356039][T10980] ? __pfx_mark_lock+0x10/0x10 [ 207.357316][T10980] ? find_held_lock+0x2d/0x110 [ 207.358608][T10980] ? tomoyo_path_number_perm+0x298/0x590 [ 207.360107][T10980] ? __pfx_lock_release+0x10/0x10 [ 207.361460][T10980] ? tomoyo_path_number_perm+0x46d/0x590 [ 207.363051][T10980] ? tomoyo_path_number_perm+0x190/0x590 [ 207.364679][T10980] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 207.366415][T10980] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 207.368179][T10980] ? do_vfs_ioctl+0x513/0x1990 [ 207.369578][T10980] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 207.370972][T10980] ? selinux_file_ioctl+0x180/0x270 [ 207.372371][T10980] ? selinux_file_ioctl+0xb4/0x270 [ 207.373736][T10980] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 207.375112][T10980] __x64_sys_ioctl+0x190/0x200 [ 207.376514][T10980] do_syscall_64+0xcd/0x250 [ 207.377737][T10980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.379313][T10980] RIP: 0033:0x7f8e5457e51b [ 207.380505][T10980] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 207.385506][T10980] RSP: 002b:00007f8e553ad490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 207.387711][T10980] RAX: ffffffffffffffda RBX: 00007f8e553adbe0 RCX: 00007f8e5457e51b [ 207.389847][T10980] RDX: 00007f8e553adbe0 RSI: 000000004020ae46 RDI: 0000000000000005 [ 207.391999][T10980] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 207.394192][T10980] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000002 [ 207.396501][T10980] R13: 0000000020002000 R14: 0000000020000000 R15: 00000000fec00000 [ 207.398704][T10980] [ 207.405466][T10980] Mem-Info: [ 207.413616][T10980] active_anon:18457 inactive_anon:0 isolated_anon:0 [ 207.413616][T10980] active_file:7374 inactive_file:48677 isolated_file:0 [ 207.413616][T10980] unevictable:1768 dirty:569 writeback:0 [ 207.413616][T10980] slab_reclaimable:7198 slab_unreclaimable:72759 [ 207.413616][T10980] mapped:24798 shmem:2449 pagetables:863 [ 207.413616][T10980] sec_pagetables:307 bounce:0 [ 207.413616][T10980] kernel_misc_reclaimable:0 [ 207.413616][T10980] free:454221 free_pcp:2497 free_cma:0 [ 207.433581][T10980] Node 0 active_anon:73788kB inactive_anon:0kB active_file:29496kB inactive_file:194640kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:99224kB dirty:2276kB writeback:0kB shmem:6268kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12336kB pagetables:3452kB sec_pagetables:1240kB all_unreclaimable? no [ 207.447145][T10980] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 207.455583][T10980] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 207.456239][ T25] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 207.456336][ T980] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 207.464207][T10980] lowmem_reserve[]: 0 1212 0 0 0 [ 207.469043][T10980] Node 0 DMA32 free:203472kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:73788kB inactive_anon:0kB active_file:29496kB inactive_file:194640kB unevictable:3536kB writepending:2276kB present:2080628kB managed:1269924kB mlocked:0kB bounce:0kB free_pcp:8908kB local_pcp:3640kB free_cma:0kB [ 207.477429][T10980] lowmem_reserve[]: 0 0 0 0 0 [ 207.478913][T10980] Node 1 Normal free:1593952kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:2784kB local_pcp:0kB free_cma:0kB [ 207.487165][T10980] lowmem_reserve[]: 0 0 0 0 0 [ 207.488508][T10980] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 207.491833][T10980] Node 0 DMA32: 54*4kB (UM) 281*8kB (UME) 643*16kB (UME) 598*32kB (UME) 225*64kB (UME) 88*128kB (UME) 40*256kB (UME) 35*512kB (UME) 19*1024kB (UME) 16*2048kB (UME) 16*4096kB (UM) = 203472kB [ 207.496773][T10980] Node 1 Normal: 10*4kB (UE) 15*8kB (UME) 26*16kB (UME) 65*32kB (UME) 49*64kB (UME) 18*128kB (UME) 3*256kB (U) 6*512kB (UME) 5*1024kB (UE) 2*2048kB (UM) 384*4096kB (UM) = 1594016kB [ 207.501788][T10980] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 207.504645][T10980] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 207.508058][T10980] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 207.510619][T10980] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 207.512938][T10980] 58504 total pagecache pages [ 207.514103][T10980] 0 pages in swap cache [ 207.516386][T10980] Free swap = 124168kB [ 207.517465][T10980] Total swap = 124996kB [ 207.518556][T10980] 1048443 pages RAM [ 207.519557][T10980] 0 pages HighMem/MovableOnly [ 207.521032][T10980] 281641 pages reserved [ 207.522130][T10980] 0 pages cma reserved [ 207.606523][ T980] usb 9-1: Using ep0 maxpacket: 8 [ 207.617712][ T980] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 207.621803][ T980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 207.624607][ T980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 207.627973][ T980] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 207.630609][ T25] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 207.631106][ T980] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 207.634185][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 207.637840][ T980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.648952][ T25] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 207.652214][ T25] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 207.655052][ T25] usb 5-1: Manufacturer: syz [ 207.665045][ T25] usb 5-1: config 0 descriptor?? [ 207.865979][ T980] usb 9-1: GET_CAPABILITIES returned 0 [ 207.868866][ T980] usbtmc 9-1:16.0: can't read capabilities [ 207.936460][ T25] rc_core: IR keymap rc-hauppauge not found [ 207.938707][ T25] Registered IR keymap rc-empty [ 207.940801][ T25] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 207.944643][ T25] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input11 [ 208.088837][ T8] usb 9-1: USB disconnect, device number 7 [ 208.289513][T11001] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1770'. [ 208.291890][T11001] IPVS: Unknown mcast interface: vcan0 [ 208.542760][T11009] tmpfs: Bad value for 'mpol' [ 208.570289][T11009] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.677173][T11009] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.723357][T11009] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.793367][T11009] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.810687][T11014] syz.4.1774[11014] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 208.811360][T11014] syz.4.1774[11014] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 208.819880][T11014] syz.4.1774[11014] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 208.894914][T11009] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.912589][T11009] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.935387][T11009] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 208.952564][T11009] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 209.135051][ T39] kauditd_printk_skb: 663 callbacks suppressed [ 209.135062][ T39] audit: type=1400 audit(2000000019.221:4596): avc: denied { create } for pid=11018 comm="syz.4.1776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 209.142298][ T39] audit: type=1400 audit(2000000019.231:4597): avc: denied { ioctl } for pid=11018 comm="syz.4.1776" path="socket:[32745]" dev="sockfs" ino=32745 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 209.149231][ T39] audit: type=1400 audit(2000000019.231:4598): avc: denied { write } for pid=11018 comm="syz.4.1776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 209.155184][ T39] audit: type=1400 audit(2000000019.231:4599): avc: denied { read } for pid=11018 comm="syz.4.1776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 209.160625][ T39] audit: type=1400 audit(2000000019.231:4600): avc: denied { read } for pid=11018 comm="syz.4.1776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 209.165996][ T39] audit: type=1400 audit(2000000019.231:4601): avc: denied { write } for pid=11018 comm="syz.4.1776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 209.173721][ T39] audit: type=1400 audit(2000000019.261:4602): avc: denied { read write } for pid=8057 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 209.181000][ T39] audit: type=1400 audit(2000000019.261:4603): avc: denied { read write open } for pid=8057 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 209.187934][ T39] audit: type=1400 audit(2000000019.261:4604): avc: denied { ioctl } for pid=8057 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 209.240995][ T39] audit: type=1400 audit(2000000019.331:4605): avc: denied { read write } for pid=5957 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 209.403458][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 209.419897][T11026] FAULT_INJECTION: forcing a failure. [ 209.419897][T11026] name failslab, interval 1, probability 0, space 0, times 0 [ 209.423183][T11026] CPU: 0 UID: 0 PID: 11026 Comm: syz.4.1779 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 209.425853][T11026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 209.428935][T11026] Call Trace: [ 209.429951][T11026] [ 209.430821][T11026] dump_stack_lvl+0x16c/0x1f0 [ 209.432092][T11026] should_fail_ex+0x497/0x5b0 [ 209.433426][T11026] ? fs_reclaim_acquire+0xae/0x150 [ 209.434907][T11026] should_failslab+0xc2/0x120 [ 209.436369][T11026] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 209.438082][T11026] ? __alloc_skb+0x2b1/0x380 [ 209.439319][T11026] __alloc_skb+0x2b1/0x380 [ 209.440719][T11026] ? __pfx___alloc_skb+0x10/0x10 [ 209.442067][T11026] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 209.443629][T11026] netlink_alloc_large_skb+0x69/0x130 [ 209.445031][T11026] netlink_sendmsg+0x689/0xd70 [ 209.446363][T11026] ? __pfx_netlink_sendmsg+0x10/0x10 [ 209.447846][T11026] ____sys_sendmsg+0xaaf/0xc90 [ 209.449218][T11026] ? copy_msghdr_from_user+0x10b/0x160 [ 209.450961][T11026] ? __pfx_____sys_sendmsg+0x10/0x10 [ 209.452656][T11026] ___sys_sendmsg+0x135/0x1e0 [ 209.454144][T11026] ? __pfx____sys_sendmsg+0x10/0x10 [ 209.455648][T11026] ? __pfx_lock_release+0x10/0x10 [ 209.457492][T11026] ? trace_lock_acquire+0x146/0x1e0 [ 209.459210][T11026] ? __fget_files+0x206/0x3a0 [ 209.460565][T11026] __sys_sendmsg+0x16e/0x220 [ 209.461781][T11026] ? __pfx___sys_sendmsg+0x10/0x10 [ 209.463127][T11026] do_syscall_64+0xcd/0x250 [ 209.464331][T11026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.465895][T11026] RIP: 0033:0x7f9d4897e919 [ 209.467229][T11026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.472351][T11026] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 209.474515][T11026] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 209.476834][T11026] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000006 [ 209.479064][T11026] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 209.481438][T11026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 209.484012][T11026] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 209.486293][T11026] [ 209.626909][T11034] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1783'. [ 209.846120][ T1330] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 209.916235][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 209.916260][ T5960] Bluetooth: hci1: command 0x1003 tx timeout [ 209.944172][ T980] usb 5-1: USB disconnect, device number 14 [ 209.996053][ T1330] usb 6-1: Using ep0 maxpacket: 8 [ 210.005566][ T1330] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 210.014175][ T1330] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 210.017244][ T1330] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 210.020748][ T1330] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 210.024729][ T1330] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 210.028184][ T1330] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.228402][T11048] FAULT_INJECTION: forcing a failure. [ 210.228402][T11048] name failslab, interval 1, probability 0, space 0, times 0 [ 210.231861][T11048] CPU: 0 UID: 0 PID: 11048 Comm: syz.4.1790 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 210.234547][T11048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 210.237363][T11048] Call Trace: [ 210.238270][T11048] [ 210.239076][T11048] dump_stack_lvl+0x16c/0x1f0 [ 210.240352][T11048] should_fail_ex+0x497/0x5b0 [ 210.241797][T11048] should_failslab+0xc2/0x120 [ 210.243148][T11048] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 210.245040][T11048] ? sidtab_sid2str_get+0x17a/0x680 [ 210.246884][T11048] kmemdup_noprof+0x29/0x60 [ 210.248467][T11048] sidtab_sid2str_get+0x17a/0x680 [ 210.249844][T11048] sidtab_entry_to_string+0x33/0x110 [ 210.250574][ T1330] usb 6-1: GET_CAPABILITIES returned 0 [ 210.251464][T11048] security_sid_to_context_core+0x35c/0x640 [ 210.251494][T11048] avc_audit_post_callback+0x1ac/0x8c0 [ 210.251509][T11048] ? audit_log_format+0xe9/0x130 [ 210.253188][ T1330] usbtmc 6-1:16.0: can't read capabilities [ 210.254532][T11048] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 210.254549][T11048] ? skb_put+0x138/0x1b0 [ 210.254563][T11048] ? audit_log_n_string+0x251/0x540 [ 210.263103][T11048] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 210.264796][T11048] common_lsm_audit+0x33f/0x2250 [ 210.266191][T11048] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 210.267813][T11048] ? __pfx_common_lsm_audit+0x10/0x10 [ 210.269268][T11048] ? avc_denied+0x138/0x180 [ 210.270444][T11048] ? avc_denied+0x141/0x180 [ 210.271669][T11048] ? slow_avc_audit+0x17d/0x210 [ 210.272948][T11048] slow_avc_audit+0x17d/0x210 [ 210.274350][T11048] ? __pfx_slow_avc_audit+0x10/0x10 [ 210.275890][T11048] cred_has_capability.isra.0+0x26d/0x2f0 [ 210.277414][T11048] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 210.279060][T11048] ? avc_denied+0x138/0x180 [ 210.280265][T11048] ? avc_denied+0x141/0x180 [ 210.281583][T11048] ? cap_capable+0x1cf/0x240 [ 210.283039][T11048] security_capable+0xd3/0x260 [ 210.284319][T11048] ns_capable+0x70/0x110 [ 210.285456][T11048] bpf_token_capable+0xa0/0x140 [ 210.286860][T11048] bpf_prog_load+0x219/0x2660 [ 210.288347][T11048] ? __pfx_bpf_prog_load+0x10/0x10 [ 210.289909][T11048] ? avc_has_perm+0x198/0x1c0 [ 210.291210][T11048] ? selinux_bpf+0xde/0x130 [ 210.292428][T11048] __sys_bpf+0x4043/0x49c0 [ 210.293611][T11048] ? __pfx_lock_release+0x10/0x10 [ 210.294941][T11048] ? __pfx___sys_bpf+0x10/0x10 [ 210.296255][T11048] ? vfs_write+0x306/0x1150 [ 210.297502][T11048] ? __mutex_unlock_slowpath+0x164/0x690 [ 210.299063][T11048] ? fput+0x67/0x440 [ 210.300138][T11048] ? ksys_write+0x1ba/0x250 [ 210.301503][T11048] ? __pfx_ksys_write+0x10/0x10 [ 210.302833][T11048] __x64_sys_bpf+0x78/0xc0 [ 210.304255][T11048] ? lockdep_hardirqs_on+0x7c/0x110 [ 210.305916][T11048] do_syscall_64+0xcd/0x250 [ 210.307174][T11048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.308866][T11048] RIP: 0033:0x7f9d4897e919 [ 210.310066][T11048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.315116][T11048] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 210.317440][T11048] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 210.319577][T11048] RDX: 0000000000000090 RSI: 0000000020000840 RDI: 0000000000000005 [ 210.321879][T11048] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 210.324278][T11048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 210.326535][T11048] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 210.328789][T11048] [ 210.753407][T11057] __nla_validate_parse: 1 callbacks suppressed [ 210.753423][T11057] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1794'. [ 210.797988][T11059] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1795'. [ 210.813147][T11059] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 210.906594][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 211.286124][ T8] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 211.448633][ T8] usb 9-1: too many configurations: 9, using maximum allowed: 8 [ 211.456216][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 211.459068][ T8] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 211.461885][ T8] usb 9-1: config 0 interface 0 has no altsetting 0 [ 211.475413][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 211.485984][ T8] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 211.490036][ T8] usb 9-1: config 0 interface 0 has no altsetting 0 [ 211.501940][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 211.505798][ T8] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 211.511856][ T8] usb 9-1: config 0 interface 0 has no altsetting 0 [ 211.520773][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 211.524088][ T8] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 211.528325][ T8] usb 9-1: config 0 interface 0 has no altsetting 0 [ 211.536123][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 211.539355][ T8] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 211.543513][ T8] usb 9-1: config 0 interface 0 has no altsetting 0 [ 211.553172][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 211.556528][ T8] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 211.561030][ T8] usb 9-1: config 0 interface 0 has no altsetting 0 [ 211.571091][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 211.574513][ T8] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 211.578164][ T8] usb 9-1: config 0 interface 0 has no altsetting 0 [ 211.589056][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 211.592286][ T8] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 211.596459][ T8] usb 9-1: config 0 interface 0 has no altsetting 0 [ 211.614955][ T8] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 211.618171][ T8] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 211.621050][ T8] usb 9-1: Product: syz [ 211.622495][ T8] usb 9-1: Manufacturer: syz [ 211.624089][ T8] usb 9-1: SerialNumber: syz [ 211.632267][ T8] usb 9-1: config 0 descriptor?? [ 211.647657][ T8] yurex 9-1:0.0: USB YUREX device now attached to Yurex #1 [ 211.816588][T11091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1809'. [ 211.822754][T11091] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1809'. [ 211.847934][ T6007] usb 9-1: USB disconnect, device number 8 [ 211.851990][ T6007] yurex 9-1:0.0: USB YUREX #1 now disconnected [ 212.230957][T11099] FAULT_INJECTION: forcing a failure. [ 212.230957][T11099] name failslab, interval 1, probability 0, space 0, times 0 [ 212.234565][T11099] CPU: 1 UID: 0 PID: 11099 Comm: syz.3.1811 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 212.237235][T11099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 212.239970][T11099] Call Trace: [ 212.240854][T11099] [ 212.241639][T11099] dump_stack_lvl+0x16c/0x1f0 [ 212.242860][T11099] should_fail_ex+0x497/0x5b0 [ 212.244040][T11099] ? fs_reclaim_acquire+0xae/0x150 [ 212.245388][T11099] should_failslab+0xc2/0x120 [ 212.247557][T11099] __kmalloc_noprof+0xcb/0x510 [ 212.249529][T11099] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 212.252120][T11099] tomoyo_realpath_from_path+0xb9/0x720 [ 212.254415][T11099] ? tomoyo_path_number_perm+0x235/0x590 [ 212.256585][T11099] ? tomoyo_path_number_perm+0x235/0x590 [ 212.258676][T11099] tomoyo_path_number_perm+0x248/0x590 [ 212.260783][T11099] ? tomoyo_path_number_perm+0x235/0x590 [ 212.263040][T11099] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 212.265610][T11099] ? __pfx_lock_release+0x10/0x10 [ 212.267626][T11099] ? trace_lock_acquire+0x146/0x1e0 [ 212.269025][T11099] ? lock_acquire+0x2f/0xb0 [ 212.270243][T11099] ? __fget_files+0x40/0x3a0 [ 212.271452][T11099] ? __fget_files+0x206/0x3a0 [ 212.272680][T11099] security_file_ioctl+0x9b/0x240 [ 212.273950][T11099] __x64_sys_ioctl+0xb7/0x200 [ 212.275156][T11099] do_syscall_64+0xcd/0x250 [ 212.276718][T11099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.278721][T11099] RIP: 0033:0x7f8e5457e919 [ 212.280256][T11099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.287678][T11099] RSP: 002b:00007f8e553af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.291401][T11099] RAX: ffffffffffffffda RBX: 00007f8e54735fa0 RCX: 00007f8e5457e919 [ 212.294114][T11099] RDX: 0000000020000080 RSI: 00000000c0d05605 RDI: 0000000000000003 [ 212.296769][T11099] RBP: 00007f8e553af090 R08: 0000000000000000 R09: 0000000000000000 [ 212.299454][T11099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.302690][T11099] R13: 0000000000000000 R14: 00007f8e54735fa0 R15: 00007ffdec70a1a8 [ 212.305083][T11099] [ 212.306473][T11099] ERROR: Out of memory at tomoyo_realpath_from_path. [ 212.489213][ T7419] Bluetooth: Error in BCSP hdr checksum [ 212.593140][ T8] usb 6-1: USB disconnect, device number 11 [ 212.721197][T11115] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1816'. [ 212.788196][T11113] evm: overlay not supported [ 212.891595][T11120] FAULT_INJECTION: forcing a failure. [ 212.891595][T11120] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 212.895202][T11120] CPU: 1 UID: 0 PID: 11120 Comm: syz.3.1818 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 212.897986][T11120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 212.900967][T11120] Call Trace: [ 212.901912][T11120] [ 212.902683][T11120] dump_stack_lvl+0x16c/0x1f0 [ 212.903973][T11120] should_fail_ex+0x497/0x5b0 [ 212.905299][T11120] _copy_from_user+0x2e/0xd0 [ 212.906745][T11120] csum_and_copy_from_iter_full+0x218/0x1e20 [ 212.908431][T11120] ? rcu_is_watching+0x12/0xc0 [ 212.909803][T11120] ? trace_kmalloc+0x2d/0xd0 [ 212.911132][T11120] ? __pfx_csum_and_copy_from_iter_full+0x10/0x10 [ 212.912973][T11120] ? rcu_is_watching+0x1/0xc0 [ 212.914403][T11120] ? __alloc_skb+0x164/0x380 [ 212.915798][T11120] ? __asan_memset+0x23/0x50 [ 212.917128][T11120] ? __build_skb_around+0x278/0x3b0 [ 212.918667][T11120] ip_generic_getfrag+0x175/0x260 [ 212.920020][T11120] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 212.921475][T11120] ? skb_page_frag_refill+0x11b/0x350 [ 212.923081][T11120] ? sk_page_frag_refill+0x6c/0x300 [ 212.924629][T11120] __ip_append_data+0x1c51/0x4160 [ 212.926611][T11120] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 212.928978][T11120] ? __pfx___ip_append_data+0x10/0x10 [ 212.930479][T11120] ? udp_sendmsg+0x8a4/0x29e0 [ 212.931816][T11120] ip_append_data+0x10f/0x1a0 [ 212.933137][T11120] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 212.934679][T11120] udp_sendmsg+0x9b4/0x29e0 [ 212.936032][T11120] ? avc_has_perm_noaudit+0x61/0x3a0 [ 212.937528][T11120] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 212.939255][T11120] ? avc_has_perm_noaudit+0x143/0x3a0 [ 212.940922][T11120] ? __pfx_udp_sendmsg+0x10/0x10 [ 212.942555][T11120] ? avc_has_perm+0x11b/0x1c0 [ 212.944047][T11120] ? sock_has_perm+0x25a/0x2f0 [ 212.945376][T11120] ? __pfx_sock_has_perm+0x10/0x10 [ 212.946846][T11120] ? __fget_files+0x206/0x3a0 [ 212.948089][T11120] ? __pfx_udp_sendmsg+0x10/0x10 [ 212.949396][T11120] inet_sendmsg+0x105/0x140 [ 212.950592][T11120] __sys_sendto+0x42a/0x4f0 [ 212.951858][T11120] ? __pfx___sys_sendto+0x10/0x10 [ 212.953274][T11120] ? ksys_write+0x1ba/0x250 [ 212.954539][T11120] ? __pfx_ksys_write+0x10/0x10 [ 212.956081][T11120] __x64_sys_sendto+0xe0/0x1c0 [ 212.957351][T11120] ? do_syscall_64+0x91/0x250 [ 212.958604][T11120] ? lockdep_hardirqs_on+0x7c/0x110 [ 212.960000][T11120] do_syscall_64+0xcd/0x250 [ 212.961199][T11120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.963023][T11120] RIP: 0033:0x7f8e5457e919 [ 212.964308][T11120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.969572][T11120] RSP: 002b:00007f8e553af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 212.971919][T11120] RAX: ffffffffffffffda RBX: 00007f8e54735fa0 RCX: 00007f8e5457e919 [ 212.974055][T11120] RDX: 0000000000006200 RSI: 0000000020000c80 RDI: 0000000000000004 [ 212.976234][T11120] RBP: 00007f8e553af090 R08: 0000000000000000 R09: 0000000000000000 [ 212.978374][T11120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 212.980625][T11120] R13: 0000000000000000 R14: 00007f8e54735fa0 R15: 00007ffdec70a1a8 [ 212.982941][T11120] [ 213.465870][ T8] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 213.480244][T11139] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1826'. [ 213.655882][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 213.664891][ T8] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 213.672259][ T8] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 213.675305][ T8] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 213.686316][ T8] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 213.689681][ T8] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 213.692282][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.756722][T11151] netlink: 'syz.3.1831': attribute type 3 has an invalid length. [ 213.759441][T11151] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1831'. [ 213.917387][ T8] usb 6-1: GET_CAPABILITIES returned 0 [ 213.918880][ T8] usbtmc 6-1:16.0: can't read capabilities [ 214.127421][ T832] usb 6-1: USB disconnect, device number 12 [ 214.198539][ T39] kauditd_printk_skb: 675 callbacks suppressed [ 214.198551][ T39] audit: type=1400 audit(2000000024.291:5281): avc: denied { ioctl } for pid=11159 comm="syz.4.1834" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 214.268272][ T39] audit: type=1400 audit(2000000024.361:5282): avc: denied { ioctl } for pid=11159 comm="syz.4.1834" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 214.325869][ T8] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 214.329632][ T39] audit: type=1400 audit(2000000024.421:5283): avc: denied { ioctl } for pid=11159 comm="syz.4.1834" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 214.336134][ T39] audit: type=1400 audit(2000000024.421:5284): avc: denied { ioctl } for pid=11159 comm="syz.4.1834" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 214.343081][ T39] audit: type=1400 audit(2000000024.421:5285): avc: denied { ioctl } for pid=11159 comm="syz.4.1834" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 214.366422][ T39] audit: type=1400 audit(2000000024.461:5286): avc: denied { unmount } for pid=9487 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 214.397433][ T39] audit: type=1400 audit(2000000024.491:5287): avc: denied { ioctl } for pid=11159 comm="syz.4.1834" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 214.472244][ T39] audit: type=1400 audit(2000000024.561:5288): avc: denied { read write } for pid=9487 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 214.475919][ T8] usb 9-1: Using ep0 maxpacket: 32 [ 214.480374][ T39] audit: type=1400 audit(2000000024.561:5289): avc: denied { read write open } for pid=9487 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 214.490290][ T8] usb 9-1: config index 0 descriptor too short (expected 29220, got 36) [ 214.490921][ T39] audit: type=1400 audit(2000000024.561:5290): avc: denied { ioctl } for pid=9487 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 214.493800][ T8] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 214.504989][ T8] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 214.507584][ T8] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 214.511217][ T8] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 214.515086][ T8] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 214.519625][ T8] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 214.522796][ T8] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.532465][ T8] usb 9-1: config 0 descriptor?? [ 214.545889][ T5960] Bluetooth: hci1: command 0x1003 tx timeout [ 214.546143][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 214.548269][T11162] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1835'. [ 214.654719][T11165] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1836'. [ 214.659519][T11165] IPVS: Error joining to the multicast group [ 214.805514][ T8] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 214.981859][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 215.053951][ T6008] usb 9-1: USB disconnect, device number 9 [ 215.061448][ T6008] usblp0: removed [ 215.063710][T11181] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1843'. [ 215.128093][ T5960] Bluetooth: hci1: sending frame failed (-49) [ 215.130560][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -49 [ 215.280139][T11188] IPv6: NLM_F_CREATE should be specified when creating new route [ 215.416540][T11193] block nbd1: NBD_DISCONNECT [ 215.422266][T11187] kvm: emulating exchange as write [ 215.504490][ T6837] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x7d [ 215.518903][T11200] fuseblk: Bad value for 'user_id' [ 215.520418][T11200] fuseblk: Bad value for 'user_id' [ 216.135166][T11191] block nbd1: Disconnected due to user request. [ 216.137940][T11191] block nbd1: shutting down sockets [ 216.419516][T11214] __nla_validate_parse: 1 callbacks suppressed [ 216.419534][T11214] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1854'. [ 216.428633][T11214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1854'. [ 216.541898][T11218] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1856'. [ 216.968339][T11227] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.029482][T11241] FAULT_INJECTION: forcing a failure. [ 217.029482][T11241] name failslab, interval 1, probability 0, space 0, times 0 [ 217.033019][T11241] CPU: 0 UID: 0 PID: 11241 Comm: syz.4.1865 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 217.035730][T11241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 217.038599][T11241] Call Trace: [ 217.039538][T11241] [ 217.040493][T11241] dump_stack_lvl+0x16c/0x1f0 [ 217.042317][T11241] should_fail_ex+0x497/0x5b0 [ 217.044119][T11241] ? fs_reclaim_acquire+0xae/0x150 [ 217.045954][T11241] should_failslab+0xc2/0x120 [ 217.047634][T11241] __kmalloc_noprof+0xcb/0x510 [ 217.049320][T11241] ? d_absolute_path+0x137/0x1b0 [ 217.050648][T11241] ? rcu_is_watching+0x12/0xc0 [ 217.052212][T11241] tomoyo_encode2+0x100/0x3e0 [ 217.053576][T11241] tomoyo_encode+0x29/0x50 [ 217.054899][T11241] tomoyo_realpath_from_path+0x19d/0x720 [ 217.056417][T11241] tomoyo_path_number_perm+0x248/0x590 [ 217.057838][T11241] ? tomoyo_path_number_perm+0x235/0x590 [ 217.059256][T11241] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 217.060850][T11241] ? __pfx_lock_release+0x10/0x10 [ 217.062702][T11241] ? trace_lock_acquire+0x146/0x1e0 [ 217.064924][T11241] ? lock_acquire+0x2f/0xb0 [ 217.066672][T11241] ? __fget_files+0x40/0x3a0 [ 217.068449][T11241] ? __fget_files+0x206/0x3a0 [ 217.070109][T11241] security_file_ioctl+0x9b/0x240 [ 217.071884][T11241] __x64_sys_ioctl+0xb7/0x200 [ 217.073154][T11241] do_syscall_64+0xcd/0x250 [ 217.074461][T11241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.076292][T11241] RIP: 0033:0x7f9d4897e919 [ 217.077739][T11241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.083425][T11241] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.086657][T11241] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 217.089712][T11241] RDX: 0000000020000080 RSI: 00000000c0d05605 RDI: 0000000000000003 [ 217.092609][T11241] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 217.094638][T11241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 217.096671][T11241] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 217.098812][T11241] [ 217.100528][T11241] ERROR: Out of memory at tomoyo_realpath_from_path. [ 218.259042][T11250] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1869'. [ 218.542409][T11266] FAULT_INJECTION: forcing a failure. [ 218.542409][T11266] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 218.547002][T11266] CPU: 1 UID: 0 PID: 11266 Comm: syz.4.1875 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 218.549720][T11266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 218.552717][T11266] Call Trace: [ 218.553641][T11266] [ 218.554469][T11266] dump_stack_lvl+0x16c/0x1f0 [ 218.555693][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 218.556057][T11266] should_fail_ex+0x497/0x5b0 [ 218.556083][T11266] _copy_from_user+0x2e/0xd0 [ 218.556102][T11266] copy_msghdr_from_user+0x99/0x160 [ 218.561976][T11266] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 218.563777][T11266] ? __lock_acquire+0xcc5/0x3c40 [ 218.565276][T11266] ___sys_sendmsg+0xff/0x1e0 [ 218.566783][T11266] ? __pfx____sys_sendmsg+0x10/0x10 [ 218.568407][T11266] ? trace_lock_acquire+0x146/0x1e0 [ 218.569936][T11266] __sys_sendmmsg+0x201/0x420 [ 218.571201][T11266] ? __pfx___sys_sendmmsg+0x10/0x10 [ 218.572688][T11266] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 218.574255][T11266] ? fput+0x67/0x440 [ 218.575481][T11266] ? ksys_write+0x1ba/0x250 [ 218.576808][T11266] ? __pfx_ksys_write+0x10/0x10 [ 218.578268][T11266] __x64_sys_sendmmsg+0x9c/0x100 [ 218.579673][T11266] ? lockdep_hardirqs_on+0x7c/0x110 [ 218.581208][T11266] do_syscall_64+0xcd/0x250 [ 218.582414][T11266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.583961][T11266] RIP: 0033:0x7f9d4897e919 [ 218.585145][T11266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.590140][T11266] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 218.592319][T11266] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 218.594378][T11266] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 218.596837][T11266] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 218.599155][T11266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 218.601338][T11266] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 218.603479][T11266] [ 218.715073][T11270] overlayfs: failed to resolve './file0': -2 [ 218.762706][T11270] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1877'. [ 218.843407][T11273] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1876'. [ 218.846145][T11273] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1876'. [ 218.851414][T11273] gtp0: entered promiscuous mode [ 218.852805][T11273] gtp0: entered allmulticast mode [ 219.215642][ T39] kauditd_printk_skb: 591 callbacks suppressed [ 219.215653][ T39] audit: type=1400 audit(2000000029.301:5882): avc: denied { read write } for pid=5957 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 219.224274][ T39] audit: type=1400 audit(2000000029.301:5883): avc: denied { read write open } for pid=5957 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 219.265763][ T39] audit: type=1400 audit(2000000029.301:5884): avc: denied { ioctl } for pid=5957 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 219.272765][ T39] audit: type=1400 audit(2000000029.321:5885): avc: denied { create } for pid=11281 comm="syz.4.1880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 219.285185][ T39] audit: type=1400 audit(2000000029.331:5886): avc: denied { read write } for pid=11281 comm="syz.4.1880" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 219.293740][ T39] audit: type=1400 audit(2000000029.331:5887): avc: denied { read open } for pid=11281 comm="syz.4.1880" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 219.306852][ T39] audit: type=1400 audit(2000000029.331:5888): avc: denied { ioctl } for pid=11281 comm="syz.4.1880" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 219.315598][ T39] audit: type=1400 audit(2000000029.341:5889): avc: denied { read } for pid=5349 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 219.323681][ T39] audit: type=1400 audit(2000000029.351:5890): avc: denied { search } for pid=5349 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 219.334663][ T39] audit: type=1400 audit(2000000029.351:5891): avc: denied { append } for pid=5349 comm="syslogd" name="messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 219.372627][T11294] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1883'. [ 219.925759][ T6139] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 220.115451][ T6139] usb 8-1: Using ep0 maxpacket: 8 [ 220.124832][ T6139] usb 8-1: config index 0 descriptor too short (expected 5924, got 36) [ 220.132133][ T6139] usb 8-1: config 250 has an invalid interface number: 228 but max is -1 [ 220.135212][ T6139] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 220.138541][ T6139] usb 8-1: config 250 has no interface number 0 [ 220.140593][ T6139] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 220.143586][ T6139] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 220.146618][ T6139] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 220.149497][ T6139] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 220.152404][ T6139] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 220.156409][ T6139] usb 8-1: config 250 interface 228 has no altsetting 0 [ 220.164091][ T6139] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 220.166410][ T6139] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 220.168433][ T6139] usb 8-1: Product: syz [ 220.169482][ T6139] usb 8-1: SerialNumber: syz [ 220.190126][ T6139] hub 8-1:250.228: bad descriptor, ignoring hub [ 220.192357][ T6139] hub 8-1:250.228: probe with driver hub failed with error -5 [ 220.405087][ T6139] usblp 8-1:250.228: usblp0: USB Bidirectional printer dev 8 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 220.418698][T11311] Cannot find del_set index 4 as target [ 220.426452][ T6139] usb 8-1: USB disconnect, device number 8 [ 220.454245][ T6139] usblp0: removed [ 220.497530][T11313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 220.500645][T11313] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.825522][ T6139] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 220.975455][ T6139] usb 8-1: Using ep0 maxpacket: 32 [ 220.982732][ T6139] usb 8-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 220.985816][ T6139] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.993121][ T6139] usb 8-1: config 0 descriptor?? [ 221.004222][ T6139] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 221.204260][ T6139] gspca_sunplus: reg_w_riv err -71 [ 221.205931][ T6139] sunplus 8-1:0.0: probe with driver sunplus failed with error -71 [ 221.208379][ T6139] usb 8-1: USB disconnect, device number 9 [ 221.585623][ T65] Bluetooth: hci1: command 0x1003 tx timeout [ 221.586607][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 221.707318][T11324] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1894'. [ 221.905889][ T5960] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 221.913195][T11331] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1897'. [ 221.915770][T11331] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1897'. [ 222.288969][ T7419] Bluetooth: Error in BCSP hdr checksum [ 222.575529][ T5990] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 222.725479][ T5990] usb 6-1: Using ep0 maxpacket: 8 [ 222.736451][ T5990] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 222.740075][ T5990] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 222.746035][ T5990] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 222.748969][ T5990] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 222.752883][ T5990] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 222.755690][ T5990] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.978085][ T5990] usb 6-1: GET_CAPABILITIES returned 0 [ 222.979619][ T5990] usbtmc 6-1:16.0: can't read capabilities [ 223.185472][ T5949] usb 6-1: USB disconnect, device number 13 [ 223.940286][T11379] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1913'. [ 223.943352][T11379] IPVS: Unknown mcast interface: vcan0 [ 224.250250][ T39] kauditd_printk_skb: 489 callbacks suppressed [ 224.250261][ T39] audit: type=1400 audit(2000000034.341:6377): avc: denied { read write } for pid=9487 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 224.268388][ T39] audit: type=1400 audit(2000000034.351:6378): avc: denied { read write open } for pid=9487 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 224.275072][ T39] audit: type=1400 audit(2000000034.351:6379): avc: denied { ioctl } for pid=9487 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 224.298552][ T39] audit: type=1400 audit(2000000034.391:6380): avc: denied { sys_module } for pid=11385 comm="syz.4.1917" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 224.306269][ T5952] Bluetooth: hci1: command 0x1003 tx timeout [ 224.308641][ T5960] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 224.310999][ T39] audit: type=1400 audit(2000000034.391:6381): avc: denied { module_request } for pid=11385 comm="syz.4.1917" kmod="" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 224.340412][ T39] audit: type=1400 audit(2000000034.431:6382): avc: denied { create } for pid=11395 comm="syz.3.1920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 224.356888][ T39] audit: type=1400 audit(2000000034.441:6383): avc: denied { bind } for pid=11395 comm="syz.3.1920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 224.362134][ T39] audit: type=1400 audit(2000000034.441:6384): avc: denied { setopt } for pid=11395 comm="syz.3.1920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 224.364791][T11396] netlink: 'syz.3.1920': attribute type 2 has an invalid length. [ 224.372055][T11396] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=11396 comm=syz.3.1920 [ 224.378635][T11396] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1920'. [ 224.381443][T11396] IPVS: Error joining to the multicast group [ 224.382407][ T39] audit: type=1400 audit(2000000034.451:6385): avc: denied { create } for pid=11395 comm="syz.3.1920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 224.393833][ T39] audit: type=1400 audit(2000000034.451:6386): avc: denied { write } for pid=11395 comm="syz.3.1920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 224.864974][T11406] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.014979][T11415] FAULT_INJECTION: forcing a failure. [ 225.014979][T11415] name failslab, interval 1, probability 0, space 0, times 0 [ 225.022165][T11415] CPU: 0 UID: 0 PID: 11415 Comm: syz.4.1927 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 225.024867][T11415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 225.027860][T11415] Call Trace: [ 225.028788][T11415] [ 225.029613][T11415] dump_stack_lvl+0x16c/0x1f0 [ 225.030926][T11415] should_fail_ex+0x497/0x5b0 [ 225.032399][T11415] ? fs_reclaim_acquire+0xae/0x150 [ 225.034043][T11415] should_failslab+0xc2/0x120 [ 225.035697][T11415] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 225.037435][T11415] ? __alloc_skb+0x2b1/0x380 [ 225.038775][T11415] __alloc_skb+0x2b1/0x380 [ 225.040182][T11415] ? __pfx___alloc_skb+0x10/0x10 [ 225.041627][T11415] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 225.043319][T11415] netlink_alloc_large_skb+0x69/0x130 [ 225.044825][T11415] netlink_sendmsg+0x689/0xd70 [ 225.046371][T11415] ? __pfx_netlink_sendmsg+0x10/0x10 [ 225.047847][T11415] ____sys_sendmsg+0xaaf/0xc90 [ 225.049095][T11415] ? copy_msghdr_from_user+0x10b/0x160 [ 225.050509][T11415] ? __pfx_____sys_sendmsg+0x10/0x10 [ 225.051898][T11415] ___sys_sendmsg+0x135/0x1e0 [ 225.053129][T11415] ? __pfx____sys_sendmsg+0x10/0x10 [ 225.054490][T11415] ? __pfx_lock_release+0x10/0x10 [ 225.055858][T11415] ? trace_lock_acquire+0x146/0x1e0 [ 225.057234][T11415] ? __fget_files+0x206/0x3a0 [ 225.058590][T11415] __sys_sendmsg+0x16e/0x220 [ 225.059842][T11415] ? __pfx___sys_sendmsg+0x10/0x10 [ 225.061396][ T5952] Bluetooth: hci1: sending frame failed (-49) [ 225.061537][T11415] do_syscall_64+0xcd/0x250 [ 225.061563][T11415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.061579][T11415] RIP: 0033:0x7f9d4897e919 [ 225.061590][T11415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.064606][ T5960] Bluetooth: hci1: Opcode 0x1003 failed: -49 [ 225.065240][T11415] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 225.065255][T11415] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 225.065261][T11415] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 225.065268][T11415] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 225.065274][T11415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.065280][T11415] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 225.065293][T11415] [ 225.247418][T11423] Context (ID=0x1) not attached to queue pair (handle=0x1:0x71) [ 225.760979][T11437] netem: incorrect gi model size [ 225.762570][T11437] netem: change failed [ 226.001924][T11449] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1940'. [ 226.123402][T11456] FAULT_INJECTION: forcing a failure. [ 226.123402][T11456] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 226.127213][T11456] CPU: 0 UID: 0 PID: 11456 Comm: syz.3.1943 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 226.130075][T11456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 226.132946][T11456] Call Trace: [ 226.133827][T11456] [ 226.134608][T11456] dump_stack_lvl+0x16c/0x1f0 [ 226.135971][T11456] should_fail_ex+0x497/0x5b0 [ 226.137328][T11456] _copy_from_user+0x2e/0xd0 [ 226.138686][T11456] csum_and_copy_from_iter_full+0x218/0x1e20 [ 226.140309][T11456] ? rcu_is_watching+0x12/0xc0 [ 226.141668][T11456] ? trace_kmalloc+0x2d/0xd0 [ 226.142922][T11456] ? __pfx_csum_and_copy_from_iter_full+0x10/0x10 [ 226.144705][T11456] ? rcu_is_watching+0x1/0xc0 [ 226.145947][T11456] ? __alloc_skb+0x164/0x380 [ 226.147181][T11456] ? __asan_memset+0x23/0x50 [ 226.148471][T11456] ? __build_skb_around+0x278/0x3b0 [ 226.149842][T11456] ip_generic_getfrag+0x175/0x260 [ 226.151231][T11456] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 226.152680][T11456] ? skb_page_frag_refill+0x11b/0x350 [ 226.154067][T11456] ? sk_page_frag_refill+0x6c/0x300 [ 226.155421][T11456] __ip_append_data+0x1c51/0x4160 [ 226.157164][T11456] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 226.158757][T11456] ? __pfx___ip_append_data+0x10/0x10 [ 226.160280][T11456] ? udp_sendmsg+0x8a4/0x29e0 [ 226.161813][T11456] ip_append_data+0x10f/0x1a0 [ 226.163139][T11456] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 226.164805][T11456] udp_sendmsg+0x9b4/0x29e0 [ 226.166184][T11456] ? avc_has_perm_noaudit+0x61/0x3a0 [ 226.167598][T11456] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 226.169140][T11456] ? avc_has_perm_noaudit+0x143/0x3a0 [ 226.170543][T11456] ? __pfx_udp_sendmsg+0x10/0x10 [ 226.171845][T11456] ? avc_has_perm+0x11b/0x1c0 [ 226.173178][T11456] ? sock_has_perm+0x25a/0x2f0 [ 226.174444][T11456] ? __pfx_sock_has_perm+0x10/0x10 [ 226.175799][T11456] ? __fget_files+0x206/0x3a0 [ 226.177033][T11456] ? __pfx_udp_sendmsg+0x10/0x10 [ 226.178332][T11456] inet_sendmsg+0x105/0x140 [ 226.179537][T11456] __sys_sendto+0x42a/0x4f0 [ 226.180742][T11456] ? __pfx___sys_sendto+0x10/0x10 [ 226.182093][T11456] ? ksys_write+0x1ba/0x250 [ 226.183521][T11456] ? __pfx_ksys_write+0x10/0x10 [ 226.184890][T11456] __x64_sys_sendto+0xe0/0x1c0 [ 226.186281][T11456] ? do_syscall_64+0x91/0x250 [ 226.188168][T11456] ? lockdep_hardirqs_on+0x7c/0x110 [ 226.189773][T11456] do_syscall_64+0xcd/0x250 [ 226.191087][T11456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.192794][T11456] RIP: 0033:0x7f8e5457e919 [ 226.194043][T11456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.199089][T11456] RSP: 002b:00007f8e553af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 226.201273][T11456] RAX: ffffffffffffffda RBX: 00007f8e54735fa0 RCX: 00007f8e5457e919 [ 226.203332][T11456] RDX: 0000000000006200 RSI: 0000000020000c80 RDI: 0000000000000004 [ 226.205366][T11456] RBP: 00007f8e553af090 R08: 0000000000000000 R09: 0000000000000000 [ 226.207792][T11456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 226.210222][T11456] R13: 0000000000000000 R14: 00007f8e54735fa0 R15: 00007ffdec70a1a8 [ 226.212408][T11456] [ 226.237615][T11460] overlayfs: missing 'lowerdir' [ 226.601199][T11469] syzkaller1: entered promiscuous mode [ 226.602686][T11469] syzkaller1: entered allmulticast mode [ 226.826649][T11488] FAULT_INJECTION: forcing a failure. [ 226.826649][T11488] name failslab, interval 1, probability 0, space 0, times 0 [ 226.835108][T11488] CPU: 3 UID: 0 PID: 11488 Comm: syz.0.1954 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 226.838658][T11488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 226.842364][T11488] Call Trace: [ 226.843562][T11488] [ 226.844633][T11488] dump_stack_lvl+0x16c/0x1f0 [ 226.846455][T11488] should_fail_ex+0x497/0x5b0 [ 226.848434][T11488] ? fs_reclaim_acquire+0xae/0x150 [ 226.849746][T11488] should_failslab+0xc2/0x120 [ 226.851161][T11488] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 226.853200][T11488] ? __alloc_skb+0x2b1/0x380 [ 226.854683][T11488] __alloc_skb+0x2b1/0x380 [ 226.856026][T11488] ? __pfx___alloc_skb+0x10/0x10 [ 226.857287][T11488] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 226.858921][T11488] netlink_alloc_large_skb+0x69/0x130 [ 226.860825][T11488] netlink_sendmsg+0x689/0xd70 [ 226.862547][T11488] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.864356][T11488] ____sys_sendmsg+0xaaf/0xc90 [ 226.865783][T11488] ? copy_msghdr_from_user+0x10b/0x160 [ 226.867745][T11488] ? __pfx_____sys_sendmsg+0x10/0x10 [ 226.869661][T11488] ? __lock_acquire+0xcc5/0x3c40 [ 226.871096][T11488] ___sys_sendmsg+0x135/0x1e0 [ 226.872429][T11488] ? __pfx____sys_sendmsg+0x10/0x10 [ 226.873926][T11488] ? trace_lock_acquire+0x146/0x1e0 [ 226.875320][T11488] __sys_sendmmsg+0x201/0x420 [ 226.876872][T11488] ? __pfx___sys_sendmmsg+0x10/0x10 [ 226.878246][T11488] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 226.879825][T11488] ? fput+0x67/0x440 [ 226.881030][T11488] ? ksys_write+0x1ba/0x250 [ 226.882373][T11488] ? __pfx_ksys_write+0x10/0x10 [ 226.883662][T11488] __x64_sys_sendmmsg+0x9c/0x100 [ 226.884957][T11488] ? lockdep_hardirqs_on+0x7c/0x110 [ 226.886318][T11488] do_syscall_64+0xcd/0x250 [ 226.887531][T11488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.889092][T11488] RIP: 0033:0x7fa7f197e919 [ 226.890316][T11488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.895400][T11488] RSP: 002b:00007fa7f284c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 226.897642][T11488] RAX: ffffffffffffffda RBX: 00007fa7f1b35fa0 RCX: 00007fa7f197e919 [ 226.899707][T11488] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 226.901817][T11488] RBP: 00007fa7f284c090 R08: 0000000000000000 R09: 0000000000000000 [ 226.904018][T11488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 226.906340][T11488] R13: 0000000000000000 R14: 00007fa7f1b35fa0 R15: 00007ffebd54e008 [ 226.908694][T11488] [ 226.909620][ C3] vkms_vblank_simulate: vblank timer overrun [ 227.035240][ T980] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 227.134480][T11495] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1957'. [ 227.205180][ T980] usb 8-1: Using ep0 maxpacket: 8 [ 227.217457][ T980] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 227.221543][ T980] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 227.226354][ T980] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 227.229374][ T980] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 227.235138][ T980] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 227.245147][ T980] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.312556][T11502] FAULT_INJECTION: forcing a failure. [ 227.312556][T11502] name failslab, interval 1, probability 0, space 0, times 0 [ 227.317393][T11502] CPU: 2 UID: 0 PID: 11502 Comm: syz.1.1960 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 227.321401][T11502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 227.325424][T11502] Call Trace: [ 227.326631][T11502] [ 227.327720][T11502] dump_stack_lvl+0x16c/0x1f0 [ 227.329454][T11502] should_fail_ex+0x497/0x5b0 [ 227.331353][T11502] ? fs_reclaim_acquire+0xae/0x150 [ 227.333398][T11502] should_failslab+0xc2/0x120 [ 227.335280][T11502] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 227.337676][T11502] ? __alloc_skb+0x2b1/0x380 [ 227.339704][T11502] __alloc_skb+0x2b1/0x380 [ 227.341540][T11502] ? __pfx___alloc_skb+0x10/0x10 [ 227.343479][T11502] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 227.345586][T11502] netlink_alloc_large_skb+0x69/0x130 [ 227.347428][T11502] netlink_sendmsg+0x689/0xd70 [ 227.349055][T11502] ? __pfx_netlink_sendmsg+0x10/0x10 [ 227.351067][T11502] ____sys_sendmsg+0xaaf/0xc90 [ 227.352869][T11502] ? copy_msghdr_from_user+0x10b/0x160 [ 227.354748][T11502] ? __pfx_____sys_sendmsg+0x10/0x10 [ 227.356773][T11502] ___sys_sendmsg+0x135/0x1e0 [ 227.358483][T11502] ? __pfx____sys_sendmsg+0x10/0x10 [ 227.360453][T11502] ? __pfx_lock_release+0x10/0x10 [ 227.362369][T11502] ? trace_lock_acquire+0x146/0x1e0 [ 227.364410][T11502] ? __fget_files+0x206/0x3a0 [ 227.366156][T11502] __sys_sendmsg+0x16e/0x220 [ 227.367594][T11502] ? __pfx___sys_sendmsg+0x10/0x10 [ 227.368935][T11502] do_syscall_64+0xcd/0x250 [ 227.370129][T11502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.371670][T11502] RIP: 0033:0x7f8f58f7e919 [ 227.372801][T11502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.377970][T11502] RSP: 002b:00007f8f59e49038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 227.380305][T11502] RAX: ffffffffffffffda RBX: 00007f8f59135fa0 RCX: 00007f8f58f7e919 [ 227.382570][T11502] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003 [ 227.384785][T11502] RBP: 00007f8f59e49090 R08: 0000000000000000 R09: 0000000000000000 [ 227.387435][T11502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.389780][T11502] R13: 0000000000000000 R14: 00007f8f59135fa0 R15: 00007ffd14d929d8 [ 227.391844][T11502] [ 227.475757][ T980] usb 8-1: usb_control_msg returned -71 [ 227.477641][ T980] usbtmc 8-1:16.0: can't read capabilities [ 227.486566][ T980] usb 8-1: USB disconnect, device number 10 [ 227.676449][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.679317][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.682147][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.685782][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.688263][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.690385][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.692516][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.694592][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.696945][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.699027][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.701654][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.704687][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.708028][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.710122][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.712354][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.714641][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.717085][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.719076][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.721360][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.723637][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.726077][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.728257][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.730251][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.732332][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.734431][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.736754][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.739123][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.741580][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.743796][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.746189][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.748381][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.751660][ T5949] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 227.757081][ T5949] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz0] on syz0 [ 227.935069][ T832] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 227.985104][ T5952] Bluetooth: hci1: command 0x1003 tx timeout [ 227.985126][ T5960] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 228.128062][ T832] usb 6-1: config 0 has no interfaces? [ 228.129553][ T832] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 228.131940][ T832] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.140955][ T832] usb 6-1: config 0 descriptor?? [ 228.335308][T11523] FAULT_INJECTION: forcing a failure. [ 228.335308][T11523] name failslab, interval 1, probability 0, space 0, times 0 [ 228.338867][T11523] CPU: 1 UID: 0 PID: 11523 Comm: syz.4.1969 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 228.342086][T11523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 228.345363][T11523] Call Trace: [ 228.346592][T11523] [ 228.347616][T11523] dump_stack_lvl+0x16c/0x1f0 [ 228.349088][T11523] should_fail_ex+0x497/0x5b0 [ 228.350679][T11523] ? fs_reclaim_acquire+0xae/0x150 [ 228.352191][T11523] should_failslab+0xc2/0x120 [ 228.353583][T11523] __kmalloc_cache_noprof+0x68/0x410 [ 228.355025][T11523] ? bpf_prog_alloc_no_stats+0x54/0x620 [ 228.356663][T11523] ? __vmalloc_noprof+0x6d/0x90 [ 228.357991][T11523] bpf_prog_alloc_no_stats+0x107/0x620 [ 228.359490][T11523] bpf_prog_alloc+0x3b/0x230 [ 228.360759][T11523] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 228.362725][T11523] bpf_prog_load+0x159e/0x2660 [ 228.364428][T11523] ? __pfx_bpf_prog_load+0x10/0x10 [ 228.366167][T11523] ? avc_has_perm+0x198/0x1c0 [ 228.367768][T11523] ? selinux_bpf+0xde/0x130 [ 228.369504][T11523] __sys_bpf+0x4043/0x49c0 [ 228.371001][T11523] ? __pfx_lock_release+0x10/0x10 [ 228.372747][T11523] ? __pfx___sys_bpf+0x10/0x10 [ 228.374350][T11523] ? vfs_write+0x306/0x1150 [ 228.376014][T11523] ? __mutex_unlock_slowpath+0x164/0x690 [ 228.378114][T11523] ? fput+0x67/0x440 [ 228.379661][T11523] ? ksys_write+0x1ba/0x250 [ 228.381422][T11523] ? __pfx_ksys_write+0x10/0x10 [ 228.383317][T11523] __x64_sys_bpf+0x78/0xc0 [ 228.385211][T11523] ? lockdep_hardirqs_on+0x7c/0x110 [ 228.387096][T11523] do_syscall_64+0xcd/0x250 [ 228.388945][T11523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.391016][T11523] RIP: 0033:0x7f9d4897e919 [ 228.392588][T11523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.399387][T11523] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 228.401795][T11523] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 228.404822][T11523] RDX: 0000000000000090 RSI: 0000000020000840 RDI: 0000000000000005 [ 228.407613][T11523] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 228.410408][T11523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 228.410423][T11523] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 228.410446][T11523] [ 228.443765][ T832] usb 6-1: USB disconnect, device number 14 [ 228.835030][ T980] usb 9-1: new high-speed USB device number 10 using dummy_hcd [ 228.995105][ T980] usb 9-1: Using ep0 maxpacket: 8 [ 229.008834][ T980] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 229.014401][ T980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 229.017964][ T980] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 229.021362][ T980] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 229.027309][ T980] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 229.030529][ T980] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.259128][ T39] kauditd_printk_skb: 664 callbacks suppressed [ 229.259144][ T39] audit: type=1400 audit(2000000039.352:7051): avc: denied { map_create } for pid=11528 comm="syz.4.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 229.261362][ T980] usb 9-1: usb_control_msg returned -71 [ 229.261543][ T39] audit: type=1400 audit(2000000039.352:7052): avc: denied { map_read map_write } for pid=11528 comm="syz.4.1972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 229.274998][ T980] usbtmc 9-1:16.0: can't read capabilities [ 229.285523][ T980] usb 9-1: USB disconnect, device number 10 [ 229.297521][ T39] audit: type=1400 audit(2000000039.392:7053): avc: denied { ioctl } for pid=11533 comm="syz.1.1973" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 229.366164][ T39] audit: type=1400 audit(2000000039.462:7054): avc: denied { ioctl } for pid=11533 comm="syz.1.1973" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 229.415866][ T39] audit: type=1400 audit(2000000039.512:7055): avc: denied { read write } for pid=9487 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 229.426240][ T39] audit: type=1400 audit(2000000039.512:7056): avc: denied { read write open } for pid=9487 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 229.436581][ T35] usb 6-1: new low-speed USB device number 15 using dummy_hcd [ 229.437334][ T39] audit: type=1400 audit(2000000039.512:7057): avc: denied { ioctl } for pid=9487 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 229.448818][ T39] audit: type=1400 audit(2000000039.532:7058): avc: denied { ioctl } for pid=11533 comm="syz.1.1973" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 229.456700][ T39] audit: type=1400 audit(2000000039.532:7059): avc: denied { ioctl } for pid=11533 comm="syz.1.1973" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 229.462673][ T39] audit: type=1400 audit(2000000039.532:7060): avc: denied { ioctl } for pid=11533 comm="syz.1.1973" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 229.616739][ T35] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 229.620572][ T35] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 229.623953][ T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 229.628361][ T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.631819][ T35] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 229.635928][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.657392][ T35] hub 6-1:1.0: bad descriptor, ignoring hub [ 229.660083][ T35] hub 6-1:1.0: probe with driver hub failed with error -5 [ 229.662831][ T35] cdc_wdm 6-1:1.0: skipping garbage [ 229.664716][ T35] cdc_wdm 6-1:1.0: skipping garbage [ 229.676919][ T35] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 229.679321][ T35] cdc_wdm 6-1:1.0: Unknown control protocol [ 229.824036][T11541] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1977'. [ 229.968551][ T6139] usb 6-1: USB disconnect, device number 15 [ 230.317614][ T6008] usb 6-1: new low-speed USB device number 16 using dummy_hcd [ 230.336769][T11559] netlink: 'syz.4.1985': attribute type 10 has an invalid length. [ 230.351093][T11559] netlink: 'syz.4.1985': attribute type 10 has an invalid length. [ 230.354626][T11559] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 230.481890][ T6008] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 230.484589][ T6008] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 230.487235][ T6008] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 230.490706][ T6008] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 230.493142][ T6008] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.506797][ T6008] hub 6-1:1.0: bad descriptor, ignoring hub [ 230.509176][ T6008] hub 6-1:1.0: probe with driver hub failed with error -5 [ 230.512209][ T6008] cdc_wdm 6-1:1.0: skipping garbage [ 230.513852][ T6008] cdc_wdm 6-1:1.0: skipping garbage [ 230.515384][ T6008] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 230.825119][ T6008] usb 6-1: USB disconnect, device number 16 [ 231.265064][ T5952] Bluetooth: hci1: command 0x1003 tx timeout [ 231.265148][ T5960] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 231.698638][T11586] netlink: 'syz.0.1993': attribute type 11 has an invalid length. [ 232.163324][T11604] FAULT_INJECTION: forcing a failure. [ 232.163324][T11604] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 232.173407][T11604] CPU: 2 UID: 0 PID: 11604 Comm: syz.1.2002 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 232.176317][T11604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 232.179087][T11604] Call Trace: [ 232.179981][T11604] [ 232.180824][T11604] dump_stack_lvl+0x16c/0x1f0 [ 232.182249][T11604] should_fail_ex+0x497/0x5b0 [ 232.183762][T11604] _copy_from_user+0x2e/0xd0 [ 232.185304][T11604] bpf_prog_load+0x1bce/0x2660 [ 232.186861][T11604] ? __pfx_bpf_prog_load+0x10/0x10 [ 232.188401][T11604] ? avc_has_perm+0x198/0x1c0 [ 232.189646][T11604] ? selinux_bpf+0xde/0x130 [ 232.190846][T11604] __sys_bpf+0x4043/0x49c0 [ 232.192064][T11604] ? __pfx_lock_release+0x10/0x10 [ 232.193433][T11604] ? __pfx___sys_bpf+0x10/0x10 [ 232.194675][T11604] ? vfs_write+0x306/0x1150 [ 232.195862][T11604] ? __mutex_unlock_slowpath+0x164/0x690 [ 232.197857][T11604] ? fput+0x67/0x440 [ 232.198897][T11604] ? ksys_write+0x1ba/0x250 [ 232.200099][T11604] ? __pfx_ksys_write+0x10/0x10 [ 232.201313][T11604] __x64_sys_bpf+0x78/0xc0 [ 232.202436][T11604] ? lockdep_hardirqs_on+0x7c/0x110 [ 232.203799][T11604] do_syscall_64+0xcd/0x250 [ 232.204965][T11604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.206459][T11604] RIP: 0033:0x7f8f58f7e919 [ 232.207624][T11604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.212513][T11604] RSP: 002b:00007f8f59e49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 232.214670][T11604] RAX: ffffffffffffffda RBX: 00007f8f59135fa0 RCX: 00007f8f58f7e919 [ 232.216733][T11604] RDX: 0000000000000090 RSI: 0000000020000840 RDI: 0000000000000005 [ 232.218752][T11604] RBP: 00007f8f59e49090 R08: 0000000000000000 R09: 0000000000000000 [ 232.220771][T11604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 232.222896][T11604] R13: 0000000000000000 R14: 00007f8f59135fa0 R15: 00007ffd14d929d8 [ 232.225014][T11604] [ 232.524398][T11619] program syz.4.2007 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 232.866405][T11631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2009'. [ 232.868935][T11631] IPVS: Unknown mcast interface: vcan0 [ 233.461764][T11652] batadv_slave_1: entered promiscuous mode [ 233.474890][T11652] batadv_slave_1: left promiscuous mode [ 233.708881][T11660] FAULT_INJECTION: forcing a failure. [ 233.708881][T11660] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 233.713530][T11660] CPU: 2 UID: 0 PID: 11660 Comm: syz.1.2023 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 233.717422][T11660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 233.722150][T11660] Call Trace: [ 233.723542][T11660] [ 233.724630][T11660] dump_stack_lvl+0x16c/0x1f0 [ 233.726012][T11660] should_fail_ex+0x497/0x5b0 [ 233.727762][T11660] _copy_from_iter+0x2a1/0x1560 [ 233.729551][T11660] ? trace_lock_acquire+0x146/0x1e0 [ 233.731789][T11660] ? __alloc_skb+0x1fe/0x380 [ 233.733511][T11660] ? __pfx__copy_from_iter+0x10/0x10 [ 233.735464][T11660] ? __virt_addr_valid+0x1a4/0x590 [ 233.737342][T11660] ? __virt_addr_valid+0x5e/0x590 [ 233.739245][T11660] ? __phys_addr_symbol+0x30/0x80 [ 233.741196][T11660] ? __check_object_size+0x488/0x710 [ 233.743359][T11660] netlink_sendmsg+0x813/0xd70 [ 233.745286][T11660] ? __pfx_netlink_sendmsg+0x10/0x10 [ 233.747576][T11660] ____sys_sendmsg+0xaaf/0xc90 [ 233.749440][T11660] ? copy_msghdr_from_user+0x10b/0x160 [ 233.751105][T11660] ? __pfx_____sys_sendmsg+0x10/0x10 [ 233.752717][T11660] ___sys_sendmsg+0x135/0x1e0 [ 233.754252][T11660] ? __pfx____sys_sendmsg+0x10/0x10 [ 233.755951][T11660] ? __pfx_lock_release+0x10/0x10 [ 233.757799][T11660] ? trace_lock_acquire+0x146/0x1e0 [ 233.759635][T11660] ? __fget_files+0x206/0x3a0 [ 233.761248][T11660] __sys_sendmsg+0x16e/0x220 [ 233.762963][T11660] ? __pfx___sys_sendmsg+0x10/0x10 [ 233.765042][T11660] do_syscall_64+0xcd/0x250 [ 233.766666][T11660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.768752][T11660] RIP: 0033:0x7f8f58f7e919 [ 233.770302][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.777203][T11660] RSP: 002b:00007f8f59e49038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 233.780069][T11660] RAX: ffffffffffffffda RBX: 00007f8f59135fa0 RCX: 00007f8f58f7e919 [ 233.782070][T11660] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 233.784151][T11660] RBP: 00007f8f59e49090 R08: 0000000000000000 R09: 0000000000000000 [ 233.786431][T11660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 233.789122][T11660] R13: 0000000000000000 R14: 00007f8f59135fa0 R15: 00007ffd14d929d8 [ 233.791727][T11660] [ 233.875278][T11664] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2025'. [ 234.013266][T11664] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2025'. [ 234.018063][ C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 234.278149][ T39] kauditd_printk_skb: 868 callbacks suppressed [ 234.278167][ T39] audit: type=1400 audit(2000000044.372:7927): avc: denied { read write } for pid=8057 comm="syz-executor" name="loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.290744][ T39] audit: type=1400 audit(2000000044.372:7928): avc: denied { read write open } for pid=8057 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.298036][ T39] audit: type=1400 audit(2000000044.372:7929): avc: denied { ioctl } for pid=8057 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.332316][ T39] audit: type=1400 audit(2000000044.422:7930): avc: denied { read write } for pid=5957 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.347831][ T39] audit: type=1400 audit(2000000044.422:7931): avc: denied { read write open } for pid=5957 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.354245][ T39] audit: type=1400 audit(2000000044.422:7932): avc: denied { ioctl } for pid=5957 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.369312][ T39] audit: type=1400 audit(2000000044.442:7933): avc: denied { read write } for pid=9487 comm="syz-executor" name="loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.378921][ T39] audit: type=1400 audit(2000000044.442:7934): avc: denied { read write open } for pid=9487 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.388536][ T39] audit: type=1400 audit(2000000044.442:7935): avc: denied { ioctl } for pid=9487 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 234.396749][ T39] audit: type=1400 audit(2000000044.482:7936): avc: denied { name_bind } for pid=11676 comm="syz.4.2027" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 234.635604][T11685] Option 'Í'M•O§±' to dns_resolver key: bad/missing value [ 235.004790][ T832] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 235.092855][T11698] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2033'. [ 235.096960][T11698] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2033'. [ 235.184717][ T832] usb 8-1: Using ep0 maxpacket: 8 [ 235.214833][ T832] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 235.217768][ T832] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 235.220390][ T832] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 235.222928][ T832] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 235.239159][ T832] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 235.241745][ T832] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.423882][T11711] netlink: 184 bytes leftover after parsing attributes in process `syz.0.2036'. [ 235.481873][ T832] usb 8-1: GET_CAPABILITIES returned 0 [ 235.483384][ T832] usbtmc 8-1:16.0: can't read capabilities [ 235.695573][ T832] usb 8-1: USB disconnect, device number 11 [ 236.640463][T11736] team0: entered promiscuous mode [ 236.642023][T11736] team_slave_0: entered promiscuous mode [ 236.643794][T11736] team_slave_1: entered promiscuous mode [ 236.645574][T11736] bridge1: entered promiscuous mode [ 236.673043][T11735] team0: left promiscuous mode [ 236.677200][T11735] team_slave_0: left promiscuous mode [ 236.680261][T11735] team_slave_1: left promiscuous mode [ 236.681788][T11735] bridge1: left promiscuous mode [ 236.790592][T11742] netlink: 'syz.4.2049': attribute type 1 has an invalid length. [ 236.792940][T11742] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 236.794889][T11742] IPv6: NLM_F_CREATE should be set when creating new route [ 236.828911][T11742] netlink: 108 bytes leftover after parsing attributes in process `syz.4.2049'. [ 237.095570][T11750] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2053'. [ 237.097698][T11750] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2053'. [ 237.099773][T11750] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2053'. [ 237.142340][T11753] IPVS: Unknown mcast interface: vcan0 [ 238.168975][T11778] FAULT_INJECTION: forcing a failure. [ 238.168975][T11778] name failslab, interval 1, probability 0, space 0, times 0 [ 238.172613][T11778] CPU: 2 UID: 0 PID: 11778 Comm: syz.4.2061 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 238.175685][T11778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 238.178878][T11778] Call Trace: [ 238.179823][T11778] [ 238.180656][T11778] dump_stack_lvl+0x16c/0x1f0 [ 238.181964][T11778] should_fail_ex+0x497/0x5b0 [ 238.183228][T11778] ? fs_reclaim_acquire+0xae/0x150 [ 238.184566][T11778] should_failslab+0xc2/0x120 [ 238.186157][T11778] __kmalloc_noprof+0xcb/0x510 [ 238.188033][T11778] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 238.190114][T11778] tomoyo_realpath_from_path+0xb9/0x720 [ 238.191775][T11778] ? tomoyo_path_number_perm+0x235/0x590 [ 238.193377][T11778] ? tomoyo_path_number_perm+0x235/0x590 [ 238.195048][T11778] tomoyo_path_number_perm+0x248/0x590 [ 238.196518][T11778] ? tomoyo_path_number_perm+0x235/0x590 [ 238.198216][T11778] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 238.199923][T11778] ? __pfx_lock_release+0x10/0x10 [ 238.201362][T11778] ? trace_lock_acquire+0x146/0x1e0 [ 238.202764][T11778] ? lock_acquire+0x2f/0xb0 [ 238.204072][T11778] ? __fget_files+0x40/0x3a0 [ 238.205377][T11778] ? __fget_files+0x206/0x3a0 [ 238.206696][T11778] security_file_ioctl+0x9b/0x240 [ 238.208122][T11778] __x64_sys_ioctl+0xb7/0x200 [ 238.209435][T11778] do_syscall_64+0xcd/0x250 [ 238.210811][T11778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.212366][T11778] RIP: 0033:0x7f9d4897e919 [ 238.213598][T11778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.219480][T11778] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 238.221857][T11778] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 238.224064][T11778] RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000003 [ 238.226275][T11778] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 238.228615][T11778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 238.230794][T11778] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 238.233065][T11778] [ 238.239672][T11778] ERROR: Out of memory at tomoyo_realpath_from_path. [ 238.242672][T11778] Bluetooth: Short BCSP packet [ 238.256465][T11783] sp0: Synchronizing with TNC [ 238.418380][T11785] FAULT_INJECTION: forcing a failure. [ 238.418380][T11785] name failslab, interval 1, probability 0, space 0, times 0 [ 238.422074][T11785] CPU: 2 UID: 0 PID: 11785 Comm: syz.1.2064 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 238.424874][T11785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 238.427699][T11785] Call Trace: [ 238.428566][T11785] [ 238.429344][T11785] dump_stack_lvl+0x16c/0x1f0 [ 238.430639][T11785] should_fail_ex+0x497/0x5b0 [ 238.432056][T11785] should_failslab+0xc2/0x120 [ 238.433362][T11785] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 238.435101][T11785] ? sidtab_sid2str_get+0x17a/0x680 [ 238.436472][T11785] kmemdup_noprof+0x29/0x60 [ 238.437746][T11785] sidtab_sid2str_get+0x17a/0x680 [ 238.439157][T11785] sidtab_entry_to_string+0x33/0x110 [ 238.440653][T11785] security_sid_to_context_core+0x35c/0x640 [ 238.442268][T11785] avc_audit_post_callback+0x10b/0x8c0 [ 238.443933][T11785] ? audit_log_format+0xe9/0x130 [ 238.445249][T11785] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 238.446824][T11785] ? skb_put+0x138/0x1b0 [ 238.447983][T11785] ? audit_log_n_string+0x251/0x540 [ 238.449505][T11785] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 238.451353][T11785] common_lsm_audit+0x33f/0x2250 [ 238.452829][T11785] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 238.454626][T11785] ? __pfx_common_lsm_audit+0x10/0x10 [ 238.456160][T11785] ? avc_update_node.isra.0+0x49d/0x800 [ 238.457827][T11785] ? kmem_cache_free+0x152/0x4c0 [ 238.459271][T11785] ? slow_avc_audit+0x17d/0x210 [ 238.460786][T11785] slow_avc_audit+0x17d/0x210 [ 238.462040][T11785] ? __pfx_slow_avc_audit+0x10/0x10 [ 238.463407][T11785] ? avc_has_extended_perms+0x7c9/0xf70 [ 238.464837][T11785] ? avc_denied+0x138/0x180 [ 238.466050][T11785] ? avc_denied+0x141/0x180 [ 238.467337][T11785] avc_has_extended_perms+0x9a1/0xf70 [ 238.468840][T11785] ? find_held_lock+0x2d/0x110 [ 238.470229][T11785] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 238.471816][T11785] ? tomoyo_path_number_perm+0x298/0x590 [ 238.473516][T11785] ? __pfx_lock_release+0x10/0x10 [ 238.474952][T11785] ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 238.476713][T11785] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 238.478718][T11785] ? __pfx_lock_release+0x10/0x10 [ 238.480064][T11785] ? selinux_file_ioctl+0x180/0x270 [ 238.481414][T11785] selinux_file_ioctl+0x180/0x270 [ 238.482723][T11785] security_file_ioctl+0xc6/0x240 [ 238.484054][T11785] __x64_sys_ioctl+0xb7/0x200 [ 238.485304][T11785] do_syscall_64+0xcd/0x250 [ 238.486495][T11785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.488053][T11785] RIP: 0033:0x7f8f58f7e919 [ 238.489218][T11785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.494266][T11785] RSP: 002b:00007f8f59e49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 238.496905][T11785] RAX: ffffffffffffffda RBX: 00007f8f59135fa0 RCX: 00007f8f58f7e919 [ 238.499607][T11785] RDX: 0000000020000300 RSI: 000000004004743a RDI: 0000000000000005 [ 238.502400][T11785] RBP: 00007f8f59e49090 R08: 0000000000000000 R09: 0000000000000000 [ 238.505112][T11785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 238.507979][T11785] R13: 0000000000000000 R14: 00007f8f59135fa0 R15: 00007ffd14d929d8 [ 238.511130][T11785] [ 238.600715][T11787] __nla_validate_parse: 4 callbacks suppressed [ 238.600732][T11787] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2065'. [ 238.712712][T11790] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2067'. [ 238.716082][T11790] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2067'. [ 238.928533][T11796] xt_CT: You must specify a L4 protocol and not use inversions on it [ 239.326201][ T39] kauditd_printk_skb: 544 callbacks suppressed [ 239.326216][ T39] audit: type=1400 audit(2000000049.422:8479): avc: denied { create } for pid=11801 comm="syz.1.2072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 239.335775][ T39] audit: type=1400 audit(2000000049.422:8480): avc: denied { map_create } for pid=11801 comm="syz.1.2072" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 239.373732][ T39] audit: type=1400 audit(2000000049.462:8481): avc: denied { read write } for pid=5957 comm="syz-executor" name="loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 239.394445][ T39] audit: type=1400 audit(2000000049.482:8482): avc: denied { read write open } for pid=5957 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 239.402348][ T39] audit: type=1400 audit(2000000049.482:8483): avc: denied { ioctl } for pid=5957 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=659 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 239.562386][ T39] audit: type=1400 audit(2000000049.652:8484): avc: denied { read write } for pid=5948 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 239.570119][ T39] audit: type=1400 audit(2000000049.652:8485): avc: denied { read write open } for pid=5948 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 239.579667][ T39] audit: type=1400 audit(2000000049.652:8486): avc: denied { ioctl } for pid=5948 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=658 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 239.589800][ T39] audit: type=1400 audit(2000000049.672:8487): avc: denied { map_create } for pid=11806 comm="syz.1.2074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 239.597332][ T39] audit: type=1400 audit(2000000049.682:8488): avc: denied { map_create } for pid=11806 comm="syz.1.2074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 239.774848][T11816] FAULT_INJECTION: forcing a failure. [ 239.774848][T11816] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 239.779381][T11816] CPU: 0 UID: 0 PID: 11816 Comm: syz.0.2075 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 239.782742][T11816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 239.785701][T11816] Call Trace: [ 239.786827][T11816] [ 239.787831][T11816] dump_stack_lvl+0x16c/0x1f0 [ 239.789542][T11816] should_fail_ex+0x497/0x5b0 [ 239.791329][T11816] _copy_from_user+0x2e/0xd0 [ 239.792856][T11816] kvm_vm_ioctl+0x13bc/0x3df0 [ 239.794175][T11816] ? security_file_ioctl+0x9b/0x240 [ 239.795642][T11816] ? do_syscall_64+0xcd/0x250 [ 239.797197][T11816] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.799273][T11816] ? hlock_class+0x4e/0x130 [ 239.800715][T11816] ? mark_lock+0xb5/0xc60 [ 239.801981][T11816] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 239.803548][T11816] ? __pfx_mark_lock+0x10/0x10 [ 239.805321][T11816] ? find_held_lock+0x2d/0x110 [ 239.807053][T11816] ? tomoyo_path_number_perm+0x298/0x590 [ 239.808870][T11816] ? __pfx_lock_release+0x10/0x10 [ 239.810537][T11816] ? tomoyo_path_number_perm+0x46d/0x590 [ 239.812267][T11816] ? tomoyo_path_number_perm+0x190/0x590 [ 239.814069][T11816] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 239.816217][T11816] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 239.818243][T11816] ? do_vfs_ioctl+0x513/0x1990 [ 239.819933][T11816] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 239.821653][T11816] ? selinux_file_ioctl+0x180/0x270 [ 239.823271][T11816] ? selinux_file_ioctl+0xb4/0x270 [ 239.825540][T11816] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 239.827175][T11816] __x64_sys_ioctl+0x190/0x200 [ 239.828688][T11816] do_syscall_64+0xcd/0x250 [ 239.830534][T11816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.832909][T11816] RIP: 0033:0x7fa7f197e51b [ 239.834631][T11816] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 239.840649][T11816] RSP: 002b:00007fa7f284a490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 239.842964][T11816] RAX: ffffffffffffffda RBX: 00007fa7f284abe0 RCX: 00007fa7f197e51b [ 239.845238][T11816] RDX: 00007fa7f284abe0 RSI: 000000004020ae46 RDI: 0000000000000005 [ 239.847278][T11816] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 239.849589][T11816] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000003 [ 239.852394][T11816] R13: 0000000020003000 R14: 0000000020000000 R15: 00000000fec00000 [ 239.855174][T11816] [ 239.984625][ T35] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 239.986265][ T5960] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 240.145052][ T5952] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 240.145379][ T5960] Bluetooth: hci5: command 0x1003 tx timeout [ 240.167522][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 240.190642][T11820] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2078'. [ 240.193874][T11820] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2078'. [ 240.204258][ T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 240.209011][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 240.212423][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 240.222234][ T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 240.227232][ T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 240.229906][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.464744][ T35] usb 6-1: GET_CAPABILITIES returned 0 [ 240.466782][ T35] usbtmc 6-1:16.0: can't read capabilities [ 240.592007][T11842] hsr0: entered allmulticast mode [ 240.593497][T11842] hsr_slave_0: entered allmulticast mode [ 240.595279][T11842] hsr_slave_1: entered allmulticast mode [ 240.685137][ T6139] usb 6-1: USB disconnect, device number 17 [ 241.424015][T11867] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2091'. [ 241.434013][T11867] IPVS: Unknown mcast interface: vcan0 [ 241.816956][T11887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2099'. [ 241.848377][T11887] /dev/loop1: Can't open blockdev [ 242.001067][T11896] FAULT_INJECTION: forcing a failure. [ 242.001067][T11896] name failslab, interval 1, probability 0, space 0, times 0 [ 242.006341][T11896] CPU: 1 UID: 0 PID: 11896 Comm: syz.1.2102 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 242.009358][T11896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 242.012479][T11896] Call Trace: [ 242.012625][T11898] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2103'. [ 242.013341][T11896] [ 242.013348][T11896] dump_stack_lvl+0x16c/0x1f0 [ 242.015836][T11898] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2103'. [ 242.016626][T11896] should_fail_ex+0x497/0x5b0 [ 242.016655][T11896] should_failslab+0xc2/0x120 [ 242.023676][T11896] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 242.026267][T11896] ? sidtab_sid2str_get+0x17a/0x680 [ 242.027795][T11896] kmemdup_noprof+0x29/0x60 [ 242.029093][T11896] sidtab_sid2str_get+0x17a/0x680 [ 242.030569][T11896] sidtab_entry_to_string+0x33/0x110 [ 242.032117][T11896] security_sid_to_context_core+0x35c/0x640 [ 242.033848][T11896] avc_audit_post_callback+0x1ac/0x8c0 [ 242.035426][T11896] ? audit_log_format+0xe9/0x130 [ 242.036990][T11896] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 242.038712][T11896] ? skb_put+0x138/0x1b0 [ 242.039997][T11896] ? audit_log_n_string+0x251/0x540 [ 242.041503][T11896] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 242.043384][T11896] common_lsm_audit+0x33f/0x2250 [ 242.045524][T11896] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 242.048495][T11896] ? __pfx_common_lsm_audit+0x10/0x10 [ 242.050779][T11896] ? avc_update_node.isra.0+0x49d/0x800 [ 242.052578][T11896] ? kmem_cache_free+0x152/0x4c0 [ 242.054015][T11896] ? slow_avc_audit+0x17d/0x210 [ 242.055803][T11896] slow_avc_audit+0x17d/0x210 [ 242.057260][T11896] ? __pfx_slow_avc_audit+0x10/0x10 [ 242.058662][T11896] ? avc_has_extended_perms+0x7c9/0xf70 [ 242.060212][T11896] ? avc_denied+0x138/0x180 [ 242.061493][T11896] ? avc_denied+0x141/0x180 [ 242.062718][T11896] avc_has_extended_perms+0x9a1/0xf70 [ 242.064338][T11896] ? find_held_lock+0x2d/0x110 [ 242.065882][T11896] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 242.067576][T11896] ? tomoyo_path_number_perm+0x298/0x590 [ 242.069083][T11896] ? __pfx_lock_release+0x10/0x10 [ 242.070393][T11896] ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 242.072089][T11896] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 242.073956][T11896] ? __pfx_lock_release+0x10/0x10 [ 242.075924][T11896] ? selinux_file_ioctl+0x180/0x270 [ 242.077814][T11896] selinux_file_ioctl+0x180/0x270 [ 242.079284][T11896] security_file_ioctl+0xc6/0x240 [ 242.080658][T11896] __x64_sys_ioctl+0xb7/0x200 [ 242.081885][T11896] do_syscall_64+0xcd/0x250 [ 242.083060][T11896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.085080][T11896] RIP: 0033:0x7f8f58f7e919 [ 242.086347][T11896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.092021][T11896] RSP: 002b:00007f8f59e49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 242.094225][T11896] RAX: ffffffffffffffda RBX: 00007f8f59135fa0 RCX: 00007f8f58f7e919 [ 242.096285][T11896] RDX: 0000000020000300 RSI: 000000004004743a RDI: 0000000000000005 [ 242.098441][T11896] RBP: 00007f8f59e49090 R08: 0000000000000000 R09: 0000000000000000 [ 242.100639][T11896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 242.102973][T11896] R13: 0000000000000000 R14: 00007f8f59135fa0 R15: 00007ffd14d929d8 [ 242.105808][T11896] [ 242.540290][T11923] FAULT_INJECTION: forcing a failure. [ 242.540290][T11923] name failslab, interval 1, probability 0, space 0, times 0 [ 242.544712][T11923] CPU: 0 UID: 0 PID: 11923 Comm: syz.4.2114 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 242.547776][T11923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 242.551030][T11923] Call Trace: [ 242.551926][T11923] [ 242.552714][T11923] dump_stack_lvl+0x16c/0x1f0 [ 242.553966][T11923] should_fail_ex+0x497/0x5b0 [ 242.555310][T11923] should_failslab+0xc2/0x120 [ 242.556557][T11923] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 242.557994][T11923] ? skb_clone+0x190/0x3f0 [ 242.559217][T11923] skb_clone+0x190/0x3f0 [ 242.560310][T11923] netlink_deliver_tap+0xabd/0xd30 [ 242.561804][T11923] netlink_unicast+0x5e1/0x7f0 [ 242.563308][T11923] ? __pfx_netlink_unicast+0x10/0x10 [ 242.564863][T11923] netlink_sendmsg+0x8b8/0xd70 [ 242.566326][T11923] ? __pfx_netlink_sendmsg+0x10/0x10 [ 242.568103][T11923] ____sys_sendmsg+0xaaf/0xc90 [ 242.569481][T11923] ? copy_msghdr_from_user+0x10b/0x160 [ 242.571049][T11923] ? __pfx_____sys_sendmsg+0x10/0x10 [ 242.572484][T11923] ? __lock_acquire+0xcc5/0x3c40 [ 242.573809][T11923] ___sys_sendmsg+0x135/0x1e0 [ 242.575060][T11923] ? __pfx____sys_sendmsg+0x10/0x10 [ 242.576806][T11923] ? trace_lock_acquire+0x146/0x1e0 [ 242.578207][T11923] __sys_sendmmsg+0x201/0x420 [ 242.579615][T11923] ? __pfx___sys_sendmmsg+0x10/0x10 [ 242.581117][T11923] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 242.582690][T11923] ? fput+0x67/0x440 [ 242.583735][T11923] ? ksys_write+0x1ba/0x250 [ 242.584932][T11923] ? __pfx_ksys_write+0x10/0x10 [ 242.586292][T11923] __x64_sys_sendmmsg+0x9c/0x100 [ 242.587692][T11923] ? lockdep_hardirqs_on+0x7c/0x110 [ 242.589159][T11923] do_syscall_64+0xcd/0x250 [ 242.590450][T11923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.592113][T11923] RIP: 0033:0x7f9d4897e919 [ 242.593364][T11923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.598235][T11923] RSP: 002b:00007f9d497a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 242.600419][T11923] RAX: ffffffffffffffda RBX: 00007f9d48b35fa0 RCX: 00007f9d4897e919 [ 242.602510][T11923] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 242.604574][T11923] RBP: 00007f9d497a2090 R08: 0000000000000000 R09: 0000000000000000 [ 242.606604][T11923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 242.608661][T11923] R13: 0000000000000000 R14: 00007f9d48b35fa0 R15: 00007ffd9e4bc8c8 [ 242.610727][T11923] [ 243.303154][T11953] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2123'. [ 243.602878][T11964] FAULT_INJECTION: forcing a failure. [ 243.602878][T11964] name failslab, interval 1, probability 0, space 0, times 0 [ 243.614169][T11964] CPU: 1 UID: 0 PID: 11964 Comm: syz.3.2129 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 243.617240][T11964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 243.620269][T11964] Call Trace: [ 243.621308][T11964] [ 243.622064][T11964] dump_stack_lvl+0x16c/0x1f0 [ 243.623364][T11964] should_fail_ex+0x497/0x5b0 [ 243.624728][T11964] ? fs_reclaim_acquire+0xae/0x150 [ 243.626203][T11964] should_failslab+0xc2/0x120 [ 243.627894][T11964] __kmalloc_node_noprof+0xd1/0x510 [ 243.630153][T11964] ? __vmalloc_node_range_noprof+0x3d8/0x1530 [ 243.631906][T11964] __vmalloc_node_range_noprof+0x3d8/0x1530 [ 243.633784][T11964] ? lock_acquire.part.0+0x11b/0x380 [ 243.635430][T11964] ? __vcalloc_noprof+0x4d/0x80 [ 243.637054][T11964] ? kasan_save_track+0x14/0x30 [ 243.639219][T11964] ? kvm_set_memslot+0x34/0x13e0 [ 243.641253][T11964] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 243.643606][T11964] ? __mutex_lock+0x1cc/0xa60 [ 243.645381][T11964] ? kvm_set_memslot+0x34/0x13e0 [ 243.647215][T11964] ? __vcalloc_noprof+0x4d/0x80 [ 243.648961][T11964] __vmalloc_noprof+0x6d/0x90 [ 243.650699][T11964] ? __vcalloc_noprof+0x4d/0x80 [ 243.652880][T11964] __vcalloc_noprof+0x4d/0x80 [ 243.654867][T11964] kvm_arch_prepare_memory_region+0x2ee/0x850 [ 243.657451][T11964] kvm_set_memslot+0x139/0x13e0 [ 243.659667][T11964] ? kasan_save_track+0x14/0x30 [ 243.661583][T11964] __kvm_set_memory_region+0xe01/0x1580 [ 243.663858][T11964] ? __pfx___kvm_set_memory_region+0x10/0x10 [ 243.666131][T11964] ? __might_fault+0xe3/0x190 [ 243.667929][T11964] kvm_vm_ioctl+0x152e/0x3df0 [ 243.669798][T11964] ? security_file_ioctl+0x9b/0x240 [ 243.671759][T11964] ? do_syscall_64+0xcd/0x250 [ 243.673515][T11964] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.675820][T11964] ? hlock_class+0x4e/0x130 [ 243.677794][T11964] ? mark_lock+0xb5/0xc60 [ 243.679738][T11964] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 243.681655][T11964] ? __pfx_mark_lock+0x10/0x10 [ 243.683621][T11964] ? find_held_lock+0x2d/0x110 [ 243.685425][T11964] ? tomoyo_path_number_perm+0x298/0x590 [ 243.687557][T11964] ? __pfx_lock_release+0x10/0x10 [ 243.689461][T11964] ? tomoyo_path_number_perm+0x46d/0x590 [ 243.691551][T11964] ? tomoyo_path_number_perm+0x190/0x590 [ 243.693560][T11964] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 243.695707][T11964] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 243.698069][T11964] ? do_vfs_ioctl+0x513/0x1990 [ 243.699970][T11964] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 243.702033][T11964] ? selinux_file_ioctl+0x180/0x270 [ 243.704250][T11964] ? selinux_file_ioctl+0xb4/0x270 [ 243.706202][T11964] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 243.707953][T11964] __x64_sys_ioctl+0x190/0x200 [ 243.709765][T11964] do_syscall_64+0xcd/0x250 [ 243.711543][T11964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.714051][T11964] RIP: 0033:0x7f8e5457e51b [ 243.715820][T11964] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 243.723278][T11964] RSP: 002b:00007f8e553ad490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.726467][T11964] RAX: ffffffffffffffda RBX: 00007f8e553adbe0 RCX: 00007f8e5457e51b [ 243.729468][T11964] RDX: 00007f8e553adbe0 RSI: 000000004020ae46 RDI: 0000000000000005 [ 243.732521][T11964] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 243.735635][T11964] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000003 [ 243.738925][T11964] R13: 0000000020003000 R14: 0000000020000000 R15: 00000000fec00000 [ 243.742164][T11964] [ 243.747202][T11964] syz.3.2129: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1 [ 243.752193][T11964] CPU: 0 UID: 0 PID: 11964 Comm: syz.3.2129 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 243.755178][T11964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 243.759295][T11964] Call Trace: [ 243.760335][T11964] [ 243.761088][T11964] dump_stack_lvl+0x16c/0x1f0 [ 243.762422][T11964] warn_alloc+0x24d/0x3a0 [ 243.763907][T11964] ? __pfx_warn_alloc+0x10/0x10 [ 243.765226][T11964] ? dump_stack_lvl+0x1a1/0x1f0 [ 243.766877][T11964] ? rcu_is_watching+0x12/0xc0 [ 243.768180][T11964] ? trace_kmalloc+0x2d/0xd0 [ 243.769335][T11964] ? __kmalloc_node_noprof+0x23d/0x510 [ 243.770682][T11964] __vmalloc_node_range_noprof+0x1105/0x1530 [ 243.772337][T11964] ? lock_acquire.part.0+0x11b/0x380 [ 243.774197][T11964] ? __vcalloc_noprof+0x4d/0x80 [ 243.775975][T11964] ? kasan_save_track+0x14/0x30 [ 243.777651][T11964] ? kvm_set_memslot+0x34/0x13e0 [ 243.779450][T11964] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 243.781598][T11964] ? __mutex_lock+0x1cc/0xa60 [ 243.783232][T11964] ? kvm_set_memslot+0x34/0x13e0 [ 243.784888][T11964] ? __vcalloc_noprof+0x4d/0x80 [ 243.786527][T11964] __vmalloc_noprof+0x6d/0x90 [ 243.788180][T11964] ? __vcalloc_noprof+0x4d/0x80 [ 243.789983][T11964] __vcalloc_noprof+0x4d/0x80 [ 243.791939][T11964] kvm_arch_prepare_memory_region+0x2ee/0x850 [ 243.794207][T11964] kvm_set_memslot+0x139/0x13e0 [ 243.796027][T11964] ? kasan_save_track+0x14/0x30 [ 243.797921][T11964] __kvm_set_memory_region+0xe01/0x1580 [ 243.800008][T11964] ? __pfx___kvm_set_memory_region+0x10/0x10 [ 243.802113][T11964] ? __might_fault+0xe3/0x190 [ 243.803895][T11964] kvm_vm_ioctl+0x152e/0x3df0 [ 243.805575][T11964] ? security_file_ioctl+0x9b/0x240 [ 243.807422][T11964] ? do_syscall_64+0xcd/0x250 [ 243.809144][T11964] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.811380][T11964] ? hlock_class+0x4e/0x130 [ 243.812864][T11964] ? mark_lock+0xb5/0xc60 [ 243.814193][T11964] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 243.816027][T11964] ? __pfx_mark_lock+0x10/0x10 [ 243.817720][T11964] ? find_held_lock+0x2d/0x110 [ 243.819412][T11964] ? tomoyo_path_number_perm+0x298/0x590 [ 243.821414][T11964] ? __pfx_lock_release+0x10/0x10 [ 243.823030][T11964] ? tomoyo_path_number_perm+0x46d/0x590 [ 243.824959][T11964] ? tomoyo_path_number_perm+0x190/0x590 [ 243.826887][T11964] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 243.828963][T11964] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 243.830898][T11964] ? do_vfs_ioctl+0x513/0x1990 [ 243.832547][T11964] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 243.834279][T11964] ? selinux_file_ioctl+0x180/0x270 [ 243.836114][T11964] ? selinux_file_ioctl+0xb4/0x270 [ 243.837618][T11964] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 243.839231][T11964] __x64_sys_ioctl+0x190/0x200 [ 243.840951][T11964] do_syscall_64+0xcd/0x250 [ 243.842538][T11964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 243.844743][T11964] RIP: 0033:0x7f8e5457e51b [ 243.846366][T11964] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 243.853087][T11964] RSP: 002b:00007f8e553ad490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.855983][T11964] RAX: ffffffffffffffda RBX: 00007f8e553adbe0 RCX: 00007f8e5457e51b [ 243.858752][T11964] RDX: 00007f8e553adbe0 RSI: 000000004020ae46 RDI: 0000000000000005 [ 243.861666][T11964] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 243.864481][T11964] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000003 [ 243.867283][T11964] R13: 0000000020003000 R14: 0000000020000000 R15: 00000000fec00000 [ 243.870163][T11964] [ 243.878285][T11964] Mem-Info: [ 243.879536][T11964] active_anon:18614 inactive_anon:0 isolated_anon:0 [ 243.879536][T11964] active_file:7408 inactive_file:48693 isolated_file:0 [ 243.879536][T11964] unevictable:1768 dirty:424 writeback:0 [ 243.879536][T11964] slab_reclaimable:7239 slab_unreclaimable:72633 [ 243.879536][T11964] mapped:25021 shmem:2462 pagetables:928 [ 243.879536][T11964] sec_pagetables:309 bounce:0 [ 243.879536][T11964] kernel_misc_reclaimable:0 [ 243.879536][T11964] free:457152 free_pcp:1598 free_cma:0 [ 243.881026][T11972] [ 243.895515][T11972] ===================================================== [ 243.895770][T11964] Node 0 active_anon:74456kB inactive_anon:0kB active_file:29632kB inactive_file:194700kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100084kB dirty:1696kB writeback:0kB shmem:6312kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12528kB pagetables:3712kB sec_pagetables:1236kB all_unreclaimable? no [ 243.897389][T11972] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 243.897398][T11972] 6.12.0-syzkaller-09567-g7eef7e306d3c #0 Not tainted [ 243.897403][T11972] ----------------------------------------------------- [ 243.897407][T11972] syz.0.2130/11972 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 243.909304][T11964] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 243.911139][T11972] ffffffff8de0b098 (tasklist_lock){.+.+}-{3:3} [ 243.913643][T11964] Node 0 [ 243.917301][T11972] , at: send_sigio+0xb8/0x3e0 [ 243.917321][T11972] [ 243.917321][T11972] and this task is already holding: [ 243.917324][T11972] ffff8880236b8ca0 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x31/0x3e0 [ 243.917349][T11972] which would create a new lock dependency: [ 243.917352][T11972] (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3} [ 243.917372][T11972] [ 243.917372][T11972] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 243.917376][T11972] (&dev->event_lock#2){..-.}-{3:3} [ 243.917387][T11972] [ 243.917387][T11972] ... which became SOFTIRQ-irq-safe at: [ 243.917391][T11972] lock_acquire.part.0+0x11b/0x380 [ 243.917403][T11972] _raw_spin_lock_irqsave+0x3a/0x60 [ 243.917413][T11972] input_inject_event+0xa4/0x370 [ 243.921730][T11964] DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 243.928690][T11972] led_set_brightness+0x214/0x290 [ 243.928717][T11972] led_trigger_event+0xda/0x270 [ 243.928728][T11972] kbd_bh+0x21b/0x300 [ 243.928737][T11972] tasklet_action_common+0x251/0x3f0 [ 243.928751][T11972] handle_softirqs+0x213/0x8f0 [ 243.928762][T11972] run_ksoftirqd+0x3a/0x60 [ 243.928773][T11972] smpboot_thread_fn+0x661/0xa30 [ 243.928785][T11972] kthread+0x2c1/0x3a0 [ 243.928798][T11972] ret_from_fork+0x45/0x80 [ 243.931083][T11964] lowmem_reserve[]: [ 243.931886][T11972] ret_from_fork_asm+0x1a/0x30 [ 243.933622][T11964] 0 [ 243.935753][T11972] [ 243.935753][T11972] to a SOFTIRQ-irq-unsafe lock: [ 243.935761][T11972] (tasklist_lock){.+.+}-{3:3} [ 243.935772][T11972] [ 243.935772][T11972] ... which became SOFTIRQ-irq-unsafe at: [ 243.935776][T11972] ... [ 243.935778][T11972] lock_acquire.part.0+0x11b/0x380 [ 243.935791][T11972] _raw_read_lock+0x5f/0x70 [ 243.935801][T11972] __do_wait+0x105/0x890 [ 243.935815][T11972] do_wait+0x217/0x570 [ 243.935828][T11972] kernel_wait+0xa0/0x160 [ 243.935836][T11972] call_usermodehelper_exec_work+0xf1/0x170 [ 243.935848][T11972] process_one_work+0x9c5/0x1ba0 [ 243.935858][T11972] worker_thread+0x6c8/0xf00 [ 243.935867][T11972] kthread+0x2c1/0x3a0 [ 243.935879][T11972] ret_from_fork+0x45/0x80 [ 243.935889][T11972] ret_from_fork_asm+0x1a/0x30 [ 243.935902][T11972] [ 243.935902][T11972] other info that might help us debug this: [ 243.935902][T11972] [ 243.935906][T11972] Chain exists of: [ 243.935906][T11972] &dev->event_lock#2 --> &f_owner->lock --> tasklist_lock [ 243.935906][T11972] [ 243.935924][T11972] Possible interrupt unsafe locking scenario: [ 243.935924][T11972] [ 243.935927][T11972] CPU0 CPU1 [ 243.935930][T11972] ---- ---- [ 243.935932][T11972] lock(tasklist_lock); [ 243.935938][T11972] local_irq_disable(); [ 243.935941][T11972] lock(&dev->event_lock#2); [ 243.935951][T11972] lock(&f_owner->lock); [ 243.935958][T11972] [ 243.935960][T11972] lock(&dev->event_lock#2); [ 243.935969][T11972] [ 243.935969][T11972] *** DEADLOCK *** [ 243.935969][T11972] [ 243.935972][T11972] 5 locks held by syz.0.2130/11972: [ 243.935978][T11972] #0: ffff888028d88258 (sk_lock-AF_INET){+.+.}-{0:0}, at: inet_shutdown+0x67/0x440 [ 243.936005][T11972] #1: ffffffff8e1bba80 [ 243.940019][T11964] 1212 [ 243.940741][T11972] (rcu_read_lock){....}-{1:3} [ 243.943401][T11964] 0 [ 243.946019][T11972] , at: mptcp_close_wake_up+0x26f/0x600 [ 243.946041][T11972] #2: ffffffff8e1bba80 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x6d/0x520 [ 243.946070][T11972] #3: ffff888030a76210 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x520 [ 243.948822][T11964] 0 [ 243.949933][T11972] #4: ffff8880236b8ca0 [ 243.951880][T11964] 0 [ 243.953258][T11972] (&f_owner->lock){....}-{3:3} [ 243.955942][T11964] [ 243.962683][T11972] , at: send_sigio+0x31/0x3e0 [ 243.962705][T11972] [ 243.962705][T11972] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 243.965196][T11964] Node 0 [ 243.966037][T11972] -> (&dev->event_lock#2){..-.}-{3:3} { [ 243.966060][T11972] IN-SOFTIRQ-W at: [ 243.966067][T11972] lock_acquire.part.0+0x11b/0x380 [ 243.967600][T11964] DMA32 free:218496kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:74456kB inactive_anon:0kB active_file:29632kB inactive_file:194700kB unevictable:3536kB writepending:1696kB present:2080628kB managed:1269924kB mlocked:0kB bounce:0kB free_pcp:4524kB local_pcp:1460kB free_cma:0kB [ 243.968940][T11972] _raw_spin_lock_irqsave+0x3a/0x60 [ 243.970625][T11964] lowmem_reserve[]: [ 243.971909][T11972] input_inject_event+0xa4/0x370 [ 243.973628][T11964] 0 [ 243.974722][T11972] led_set_brightness+0x214/0x290 [ 243.974741][T11972] led_trigger_event+0xda/0x270 [ 243.974750][T11972] kbd_bh+0x21b/0x300 [ 243.974759][T11972] tasklet_action_common+0x251/0x3f0 [ 243.974771][T11972] handle_softirqs+0x213/0x8f0 [ 243.974782][T11972] run_ksoftirqd+0x3a/0x60 [ 243.974792][T11972] smpboot_thread_fn+0x661/0xa30 [ 243.974805][T11972] kthread+0x2c1/0x3a0 [ 243.974817][T11972] ret_from_fork+0x45/0x80 [ 243.977286][T11964] 0 [ 243.977409][T11972] ret_from_fork_asm+0x1a/0x30 [ 243.979159][T11964] 0 [ 243.979790][T11972] INITIAL USE at: [ 243.982191][T11964] 0 [ 243.983458][T11972] lock_acquire.part.0+0x11b/0x380 [ 243.987236][T11964] 0 [ 243.988120][T11972] _raw_spin_lock_irqsave+0x3a/0x60 [ 243.988135][T11972] input_inject_event+0xa4/0x370 [ 243.990255][T11964] [ 243.990893][T11972] led_set_brightness+0x214/0x290 [ 243.993028][T11964] Node 1 [ 243.993461][T11972] kbd_led_trigger_activate+0xcb/0x110 [ 243.993474][T11972] led_trigger_set+0x59a/0xc60 [ 243.996800][T11964] Normal free:1594240kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:2032kB local_pcp:0kB free_cma:0kB [ 243.996853][T11972] led_trigger_set_default+0x1bd/0x2a0 [ 243.998911][T11964] lowmem_reserve[]: [ 243.999582][T11972] led_classdev_register_ext+0x7bc/0xa10 [ 244.002479][T11964] 0 [ 244.002544][T11972] input_leds_connect+0x552/0x8e0 [ 244.006386][ T8] usb 9-1: new full-speed USB device number 11 using dummy_hcd [ 244.009646][T11972] input_attach_handler.isra.0+0x181/0x260 [ 244.009662][T11972] input_register_device+0xa84/0x1110 [ 244.009671][T11972] atkbd_connect+0x5d8/0xa10 [ 244.009682][T11972] serio_driver_probe+0x74/0xb0 [ 244.009690][T11972] really_probe+0x23e/0xa90 [ 244.011488][T11964] 0 0 0 0 [ 244.011513][T11964] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 244.011604][T11964] Node 0 DMA32: 858*4kB (UE) 725*8kB (UME) 738*16kB (UME) 650*32kB (UME) 316*64kB (UME) 113*128kB (UME) 50*256kB (UME) 30*512kB (UME) 15*1024kB (UME) 16*2048kB (UME) 16*4096kB (UM) = 218352kB [ 244.011728][T11964] Node 1 Normal: 55*4kB (UE) 25*8kB (UME) 8*16kB (UME) 57*32kB (UME) 55*64kB (UME) 19*128kB (UME) 3*256kB (U) 6*512kB (UME) 5*1024kB (UE) 2*2048kB (UM) 384*4096kB (UM) = 1594244kB [ 244.011854][T11964] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 244.011868][T11964] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 244.011881][T11964] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 244.011894][T11964] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 244.013298][T11972] __driver_probe_device+0x1de/0x440 [ 244.013311][T11972] driver_probe_device+0x4c/0x1b0 [ 244.013320][T11972] __driver_attach+0x283/0x580 [ 244.013329][T11972] bus_for_each_dev+0x13c/0x1d0 [ 244.013342][T11972] serio_handle_event+0x247/0xa00 [ 244.013350][T11972] process_one_work+0x9c5/0x1ba0 [ 244.013360][T11972] worker_thread+0x6c8/0xf00 [ 244.016575][T11964] 58563 total pagecache pages [ 244.018040][T11972] kthread+0x2c1/0x3a0 [ 244.018055][T11972] ret_from_fork+0x45/0x80 [ 244.018064][T11972] ret_from_fork_asm+0x1a/0x30 [ 244.018078][T11972] } [ 244.018081][T11972] ... key at: [] __key.7+0x0/0x40 [ 244.020652][T11964] 0 pages in swap cache [ 244.022059][T11972] -> (&client->buffer_lock){....}-{3:3} { [ 244.022076][T11972] INITIAL USE at: [ 244.022082][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.023256][T11964] Free swap = 124168kB [ 244.024281][T11972] _raw_spin_lock+0x2e/0x40 [ 244.024292][T11972] evdev_pass_values+0x10e/0x9b0 [ 244.024301][T11972] evdev_events+0x1bb/0x390 [ 244.024310][T11972] input_pass_values+0x738/0x880 [ 244.026996][T11964] Total swap = 124996kB [ 244.027581][T11972] input_handle_event+0xf0b/0x14d0 [ 244.027593][T11972] input_inject_event+0x1bb/0x370 [ 244.027603][T11972] evdev_write+0x44f/0x750 [ 244.030495][T11964] 1048443 pages RAM [ 244.031279][T11972] vfs_write+0x24c/0x1150 [ 244.032603][T11964] 0 pages HighMem/MovableOnly [ 244.033406][T11972] ksys_write+0x207/0x250 [ 244.034726][T11964] 281641 pages reserved [ 244.035649][T11972] do_syscall_64+0xcd/0x250 [ 244.035664][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.035677][T11972] } [ 244.035679][T11972] ... key at: [] __key.1+0x0/0x40 [ 244.035692][T11972] ... acquired at: [ 244.039359][T11964] 0 pages cma reserved [ 244.040853][T11972] _raw_spin_lock+0x2e/0x40 [ 244.040864][T11972] evdev_pass_values+0x10e/0x9b0 [ 244.040873][T11972] evdev_events+0x1bb/0x390 [ 244.167906][ T8] usb 9-1: config 0 has an invalid interface number: 55 but max is 0 [ 244.168993][T11972] input_pass_values+0x738/0x880 [ 244.170993][ T8] usb 9-1: config 0 has an invalid descriptor of length 247, skipping remainder of the config [ 244.171783][T11972] input_handle_event+0xf0b/0x14d0 [ 244.174155][ T8] usb 9-1: config 0 has no interface number 0 [ 244.175180][T11972] input_inject_event+0x1bb/0x370 [ 244.175192][T11972] evdev_write+0x44f/0x750 [ 244.177337][ T8] usb 9-1: too many endpoints for config 0 interface 55 altsetting 55: 212, using maximum allowed: 30 [ 244.178400][T11972] vfs_write+0x24c/0x1150 [ 244.180387][ T8] usb 9-1: config 0 interface 55 altsetting 55 has 0 endpoint descriptors, different from the interface descriptor's value: 212 [ 244.181373][T11972] ksys_write+0x207/0x250 [ 244.183144][ T8] usb 9-1: config 0 interface 55 has no altsetting 0 [ 244.185021][T11972] do_syscall_64+0xcd/0x250 [ 244.185044][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.185059][T11972] [ 244.185062][T11972] -> (&new->fa_lock){....}-{3:3} { [ 244.185078][T11972] INITIAL USE at: [ 244.185084][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.185098][T11972] _raw_write_lock_irq+0x36/0x50 [ 244.185108][T11972] fasync_remove_entry+0xb9/0x1e0 [ 244.248653][T11972] fasync_helper+0xaf/0xd0 [ 244.250290][T11972] sock_fasync+0x92/0x140 [ 244.252030][T11972] __fput+0x961/0xb60 [ 244.253539][T11972] task_work_run+0x14e/0x250 [ 244.255232][T11972] syscall_exit_to_user_mode+0x27b/0x2a0 [ 244.257171][T11972] do_syscall_64+0xda/0x250 [ 244.258842][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.260914][T11972] INITIAL READ USE at: [ 244.262106][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.264034][T11972] _raw_read_lock_irqsave+0x74/0x90 [ 244.265980][T11972] kill_fasync+0x138/0x520 [ 244.267736][T11972] evdev_pass_values+0x619/0x9b0 [ 244.269664][T11972] evdev_events+0x1bb/0x390 [ 244.271493][T11972] input_pass_values+0x738/0x880 [ 244.273357][T11972] input_handle_event+0xf0b/0x14d0 [ 244.275288][T11972] input_inject_event+0x1bb/0x370 [ 244.277186][T11972] evdev_write+0x44f/0x750 [ 244.278929][T11972] vfs_write+0x24c/0x1150 [ 244.280642][T11972] ksys_write+0x207/0x250 [ 244.282331][T11972] do_syscall_64+0xcd/0x250 [ 244.284107][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.286200][T11972] } [ 244.286902][T11972] ... key at: [] __key.0+0x0/0x40 [ 244.288811][T11972] ... acquired at: [ 244.289850][T11972] _raw_read_lock_irqsave+0x74/0x90 [ 244.291343][T11972] kill_fasync+0x138/0x520 [ 244.292655][T11972] evdev_pass_values+0x619/0x9b0 [ 244.294101][T11972] evdev_events+0x1bb/0x390 [ 244.295435][T11972] input_pass_values+0x738/0x880 [ 244.296865][T11972] input_handle_event+0xf0b/0x14d0 [ 244.298275][T11972] input_inject_event+0x1bb/0x370 [ 244.299667][T11972] evdev_write+0x44f/0x750 [ 244.300888][T11972] vfs_write+0x24c/0x1150 [ 244.302089][T11972] ksys_write+0x207/0x250 [ 244.303302][T11972] do_syscall_64+0xcd/0x250 [ 244.304552][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.306156][T11972] [ 244.306794][T11972] -> (&f_owner->lock){....}-{3:3} { [ 244.308193][T11972] INITIAL USE at: [ 244.309227][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.310978][T11972] _raw_write_lock_irq+0x36/0x50 [ 244.312692][T11972] __f_setown+0x67/0x3c0 [ 244.314231][T11972] generic_setlease+0xef8/0x1310 [ 244.315950][T11972] kernel_setlease+0x106/0x140 [ 244.317623][T11972] vfs_setlease+0x258/0x2d0 [ 244.319219][T11972] fcntl_setlease+0x3ee/0x5a0 [ 244.320889][T11972] do_fcntl+0x6fa/0x1530 [ 244.322455][T11972] __x64_sys_fcntl+0x170/0x200 [ 244.324232][T11972] do_syscall_64+0xcd/0x250 [ 244.325944][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.327995][T11972] INITIAL READ USE at: [ 244.329141][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.331014][T11972] _raw_read_lock_irqsave+0x74/0x90 [ 244.332909][T11972] send_sigio+0x31/0x3e0 [ 244.334563][T11972] kill_fasync+0x21a/0x520 [ 244.336149][ T39] kauditd_printk_skb: 727 callbacks suppressed [ 244.336161][ T39] audit: type=1400 audit(2000000054.433:9214): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.336242][T11972] sock_wake_async+0x132/0x160 [ 244.345019][T11972] mptcp_close_wake_up+0x2eb/0x600 [ 244.346735][T11972] __mptcp_close_ssk+0xd5c/0x14e0 [ 244.347727][ T39] audit: type=1400 audit(2000000054.443:9215): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.348503][T11972] mptcp_destroy_common+0x1bc/0x6c0 [ 244.348518][T11972] mptcp_disconnect+0x221/0x7f0 [ 244.348527][T11972] inet_shutdown+0x26c/0x440 [ 244.348539][T11972] __sys_shutdown+0x113/0x1a0 [ 244.361570][T11972] __x64_sys_shutdown+0x53/0x80 [ 244.363444][T11972] do_syscall_64+0xcd/0x250 [ 244.365108][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.366101][ T39] audit: type=1400 audit(2000000054.453:9216): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.367115][T11972] } [ 244.367120][T11972] ... key at: [] __key.1+0x0/0x40 [ 244.375420][T11972] ... acquired at: [ 244.376429][T11972] _raw_read_lock_irqsave+0x74/0x90 [ 244.377873][T11972] send_sigio+0x31/0x3e0 [ 244.379069][T11972] kill_fasync+0x21a/0x520 [ 244.380329][T11972] sock_wake_async+0x132/0x160 [ 244.381671][T11972] mptcp_close_wake_up+0x2eb/0x600 [ 244.383013][ T39] audit: type=1400 audit(2000000054.463:9217): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.383121][T11972] __mptcp_close_ssk+0xd5c/0x14e0 [ 244.390414][T11972] mptcp_destroy_common+0x1bc/0x6c0 [ 244.391846][T11972] mptcp_disconnect+0x221/0x7f0 [ 244.393169][T11972] inet_shutdown+0x26c/0x440 [ 244.394435][T11972] __sys_shutdown+0x113/0x1a0 [ 244.395737][T11972] __x64_sys_shutdown+0x53/0x80 [ 244.397182][T11972] do_syscall_64+0xcd/0x250 [ 244.398467][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.400079][T11972] [ 244.400720][T11972] [ 244.400720][T11972] the dependencies between the lock to be acquired [ 244.400725][T11972] and SOFTIRQ-irq-unsafe lock: [ 244.401443][ T39] audit: type=1400 audit(2000000054.473:9218): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.403020][T11972] -> (tasklist_lock){.+.+}-{3:3} { [ 244.403038][T11972] HARDIRQ-ON-R [ 244.410735][ T39] audit: type=1400 audit(2000000054.483:9219): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.410993][T11972] at: [ 244.416809][ T39] audit: type=1400 audit(2000000054.493:9220): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.417318][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.420822][ T39] audit: type=1400 audit(2000000054.503:9221): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.423812][T11972] _raw_read_lock+0x5f/0x70 [ 244.423828][T11972] __do_wait+0x105/0x890 [ 244.423842][T11972] do_wait+0x217/0x570 [ 244.423854][T11972] kernel_wait+0xa0/0x160 [ 244.423862][T11972] call_usermodehelper_exec_work+0xf1/0x170 [ 244.423874][T11972] process_one_work+0x9c5/0x1ba0 [ 244.434465][ T39] audit: type=1400 audit(2000000054.513:9222): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.434949][T11972] worker_thread+0x6c8/0xf00 [ 244.434969][T11972] kthread+0x2c1/0x3a0 [ 244.434982][T11972] ret_from_fork+0x45/0x80 [ 244.434992][T11972] ret_from_fork_asm+0x1a/0x30 [ 244.435007][T11972] SOFTIRQ-ON-R at: [ 244.438100][ T39] audit: type=1400 audit(2000000054.523:9223): avc: denied { accept } for pid=11961 comm="syz.4.2127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 244.438694][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.438711][T11972] _raw_read_lock+0x5f/0x70 [ 244.438721][T11972] __do_wait+0x105/0x890 [ 244.438735][T11972] do_wait+0x217/0x570 [ 244.467632][T11972] kernel_wait+0xa0/0x160 [ 244.469303][T11972] call_usermodehelper_exec_work+0xf1/0x170 [ 244.471464][T11972] process_one_work+0x9c5/0x1ba0 [ 244.473212][T11972] worker_thread+0x6c8/0xf00 [ 244.474867][T11972] kthread+0x2c1/0x3a0 [ 244.476385][T11972] ret_from_fork+0x45/0x80 [ 244.478001][T11972] ret_from_fork_asm+0x1a/0x30 [ 244.479725][T11972] INITIAL USE at: [ 244.480769][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.482521][T11972] _raw_write_lock_irq+0x36/0x50 [ 244.484248][T11972] copy_process+0x3fe6/0x8cc0 [ 244.485903][T11972] kernel_clone+0xfd/0x960 [ 244.487501][T11972] user_mode_thread+0xb4/0xf0 [ 244.489156][T11972] rest_init+0x23/0x2b0 [ 244.490665][T11972] start_kernel+0x3e4/0x4d0 [ 244.492283][T11972] x86_64_start_reservations+0x18/0x30 [ 244.494128][T11972] x86_64_start_kernel+0xb2/0xc0 [ 244.495756][T11972] common_startup_64+0x13e/0x148 [ 244.497436][T11972] INITIAL READ USE at: [ 244.498602][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.500476][T11972] _raw_read_lock+0x5f/0x70 [ 244.502188][T11972] __do_wait+0x105/0x890 [ 244.503838][T11972] do_wait+0x217/0x570 [ 244.505451][T11972] kernel_wait+0xa0/0x160 [ 244.507102][T11972] call_usermodehelper_exec_work+0xf1/0x170 [ 244.509204][T11972] process_one_work+0x9c5/0x1ba0 [ 244.511155][T11972] worker_thread+0x6c8/0xf00 [ 244.512937][T11972] kthread+0x2c1/0x3a0 [ 244.514548][T11972] ret_from_fork+0x45/0x80 [ 244.516298][T11972] ret_from_fork_asm+0x1a/0x30 [ 244.518055][T11972] } [ 244.518692][T11972] ... key at: [] tasklist_lock+0x18/0x40 [ 244.520708][T11972] ... acquired at: [ 244.521720][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.523125][T11972] _raw_read_lock+0x5f/0x70 [ 244.524383][T11972] send_sigio+0xb8/0x3e0 [ 244.525569][T11972] kill_fasync+0x21a/0x520 [ 244.526771][T11972] sock_wake_async+0x132/0x160 [ 244.528036][T11972] mptcp_close_wake_up+0x2eb/0x600 [ 244.529414][T11972] __mptcp_close_ssk+0xd5c/0x14e0 [ 244.530842][T11972] mptcp_destroy_common+0x1bc/0x6c0 [ 244.532309][T11972] mptcp_disconnect+0x221/0x7f0 [ 244.533733][T11972] inet_shutdown+0x26c/0x440 [ 244.535105][T11972] __sys_shutdown+0x113/0x1a0 [ 244.536434][T11972] __x64_sys_shutdown+0x53/0x80 [ 244.537788][T11972] do_syscall_64+0xcd/0x250 [ 244.539044][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.540676][T11972] [ 244.541332][T11972] [ 244.541332][T11972] stack backtrace: [ 244.542866][T11972] CPU: 2 UID: 0 PID: 11972 Comm: syz.0.2130 Not tainted 6.12.0-syzkaller-09567-g7eef7e306d3c #0 [ 244.545605][T11972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 244.548493][T11972] Call Trace: [ 244.549382][T11972] [ 244.550182][T11972] dump_stack_lvl+0x116/0x1f0 [ 244.551451][T11972] check_irq_usage+0xf22/0x1290 [ 244.552760][T11972] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 244.554318][T11972] ? __pfx_check_irq_usage+0x10/0x10 [ 244.555735][T11972] ? hlock_conflict+0x58/0x200 [ 244.557006][T11972] ? __bfs+0x2fa/0x670 [ 244.558082][T11972] ? __pfx_hlock_conflict+0x10/0x10 [ 244.559418][T11972] ? lockdep_lock+0xc6/0x200 [ 244.560593][T11972] ? __pfx_lockdep_lock+0x10/0x10 [ 244.561883][T11972] ? __lock_acquire+0x24b4/0x3c40 [ 244.563226][T11972] __lock_acquire+0x24b4/0x3c40 [ 244.564512][T11972] ? __pfx___lock_acquire+0x10/0x10 [ 244.565905][T11972] lock_acquire.part.0+0x11b/0x380 [ 244.567301][T11972] ? send_sigio+0xb8/0x3e0 [ 244.568532][T11972] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 244.570083][T11972] ? rcu_is_watching+0x12/0xc0 [ 244.571341][T11972] ? trace_lock_acquire+0x146/0x1e0 [ 244.572635][T11972] ? send_sigio+0x31/0x3e0 [ 244.573748][T11972] ? send_sigio+0xb8/0x3e0 [ 244.574854][T11972] ? lock_acquire+0x2f/0xb0 [ 244.576030][T11972] ? send_sigio+0xb8/0x3e0 [ 244.577185][T11972] _raw_read_lock+0x5f/0x70 [ 244.578383][T11972] ? send_sigio+0xb8/0x3e0 [ 244.579551][T11972] send_sigio+0xb8/0x3e0 [ 244.580649][T11972] kill_fasync+0x21a/0x520 [ 244.581805][T11972] sock_wake_async+0x132/0x160 [ 244.583042][T11972] mptcp_close_wake_up+0x2eb/0x600 [ 244.584397][T11972] __mptcp_close_ssk+0xd5c/0x14e0 [ 244.585684][T11972] ? __pfx___mptcp_close_ssk+0x10/0x10 [ 244.587062][T11972] ? lockdep_hardirqs_on+0x7c/0x110 [ 244.588440][T11972] ? mptcp_check_listen_stop.part.0+0x23f/0x2b0 [ 244.590011][T11972] mptcp_destroy_common+0x1bc/0x6c0 [ 244.591316][T11972] ? sk_stop_timer+0x26/0x80 [ 244.592527][T11972] mptcp_disconnect+0x221/0x7f0 [ 244.593766][T11972] ? __pfx_mptcp_disconnect+0x10/0x10 [ 244.595132][T11972] ? __local_bh_enable_ip+0xa4/0x120 [ 244.596444][T11972] inet_shutdown+0x26c/0x440 [ 244.597701][T11972] __sys_shutdown+0x113/0x1a0 [ 244.599015][T11972] __x64_sys_shutdown+0x53/0x80 [ 244.600347][T11972] do_syscall_64+0xcd/0x250 [ 244.601569][T11972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.603124][T11972] RIP: 0033:0x7fa7f197e919 [ 244.604285][T11972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.609779][T11972] RSP: 002b:00007fa7f284c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000030 [ 244.612564][T11972] RAX: ffffffffffffffda RBX: 00007fa7f1b35fa0 RCX: 00007fa7f197e919 [ 244.614989][T11972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000a [ 244.616973][T11972] RBP: 00007fa7f19f197e R08: 0000000000000000 R09: 0000000000000000 [ 244.619063][T11972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 244.621554][T11972] R13: 0000000000000000 R14: 00007fa7f1b35fa0 R15: 00007ffebd54e008 [ 244.624321][T11972] [ 244.625463][ T8] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 244.629056][ T8] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.634438][ T8] usb 9-1: config 0 descriptor?? [ 245.664195][ T5960] Bluetooth: hci1: command 0x1003 tx timeout [ 245.666075][ T5952] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 246.446479][ T8] usb 9-1: string descriptor 0 read error: -71 [ 246.448487][ T8] ldusb 9-1:0.55: Interrupt in endpoint not found [ 246.450753][ T8] usb 9-1: USB disconnect, device number 11 [ 250.910147][ T39] kauditd_printk_skb: 242 callbacks suppressed [ 250.910164][ T39] audit: type=1400 audit(2000000061.003:9466): avc: denied { read } for pid=5349 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 250.920516][ T39] audit: type=1400 audit(2000000061.003:9467): avc: denied { search } for pid=5349 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 250.928458][ T39] audit: type=1400 audit(2000000061.003:9468): avc: denied { append } for pid=5349 comm="syslogd" name="messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 250.935682][ T39] audit: type=1400 audit(2000000061.003:9469): avc: denied { append open } for pid=5349 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 250.942981][ T39] audit: type=1400 audit(2000000061.003:9470): avc: denied { getattr } for pid=5349 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 253.790387][ T39] audit: type=1400 audit(2000000063.883:9471): avc: denied { read } for pid=5349 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 253.796761][ T39] audit: type=1400 audit(2000000063.883:9472): avc: denied { search } for pid=5349 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 253.802641][ T39] audit: type=1400 audit(2000000063.883:9473): avc: denied { append } for pid=5349 comm="syslogd" name="messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 253.809152][ T39] audit: type=1400 audit(2000000063.883:9474): avc: denied { append open } for pid=5349 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 253.815402][ T39] audit: type=1400 audit(2000000063.883:9475): avc: denied { getattr } for pid=5349 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 VM DIAGNOSIS: 12:01:48 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000007 RCX=ffffffff816e72fa RDX=ffff888059298000 RSI=ffffffff816e72e6 RDI=0000000000000001 RBP=1ffff92000ac6e1c RSP=ffffc900056370d0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=732d302e32312e36 R12=0000000000000001 R13=0000000000000200 R14=ffff888027dd0000 R15=ffffc900056371b8 RIP=ffffffff816e72e8 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f8e553af6c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020000000 CR3=0000000040a42000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000001000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffebd54e3a0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f281b ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f2828 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f2822 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f2836 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f28bc ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f299a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff844a2e6d RDX=ffff88802bfac880 RSI=0000000000000004 RDI=ffffffff9a9eb268 RBP=ffff888051814068 RSP=ffffc90005c7f8d8 R8 =0000000000000005 R9 =0000000000000200 R10=00000000000001ac R11=00000000000a4001 R12=00000000000001ac R13=0000000000000000 R14=dffffc0000000000 R15=0000000000000206 RIP=ffffffff81f1bc00 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f16482b9500 ffffffff 00c01300 GS =0000 ffff88806a700000 ffffffff 00c01300 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055d23b579908 CR3=000000002b31c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000420 Opmask01=00000000ffffffff Opmask02=00000000fff80800 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffe12c1d00 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85106065 RDI=ffffffff9ab3da20 RBP=ffffffff9ab3d9e0 RSP=ffffc900262af268 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff85106000 R15=0000000000000000 RIP=ffffffff8510608f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fa7f284c6c0 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c280dfb CR3=00000000238b6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f281b ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f2828 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f2822 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f2836 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f28bc ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f19f299a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f1b0d488 00007fa7f1b0d480 00007fa7f1b0d478 00007fa7f1b0d450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f266d100 00007fa7f1b0d440 00007fa7f1b0d458 00007fa7f1b0d4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa7f1b0d498 00007fa7f1b0d490 00007fa7f1b0d488 00007fa7f1b0d480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000007 RBX=ffffffff9a9e76a8 RCX=1ffffffff20c1826 RDX=0000000000000000 RSI=ffffffff8bd1d580 RDI=ffffffff8b314d92 RBP=0000000000000206 RSP=ffffc90005f4f810 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff90608e17 R11=00000000000a4001 R12=0000000000000040 R13=0000000000000000 R14=dffffc0000000000 R15=0000000000000206 RIP=ffffffff8b2ebb24 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007fdc53cfb280 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f9d49760d58 CR3=0000000046254000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd9e4bcc60 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d489f281b ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d489f2828 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d489f2822 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d489f2836 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d489f28bc ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9d489f299a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000