last executing test programs: 1.273742613s ago: executing program 0 (id=700): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000100)={0x20, r1, 0x2, 0x0, &(0x7f0000000140)=[{}, {}]}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x20, r1, 0x2, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}, {0x3, 0x5}]}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x1, r1, 0x0, &(0x7f0000000240)='LLLLFLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x1c}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000280)={0x18, r1}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x7, r1, 0x0, &(0x7f0000000300)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2}) ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000340)={0x18, r1, 0x2, 0x1c}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f00000003c0)={0x18, r1}) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r1, 0x0, &(0x7f0000000480)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2}) ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000004c0)={0x28, 0x7, r2, r1, 0x1c, 0x3, 0x2}) ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000500)={0x18, r2, 0x3, 0x1c}) ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000540)={0x8, r2}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000580)={0x18, r1}) ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000005c0)={0x18, 0x0, 0x1}) ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x1, 0x0, r1}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000640)={0x18, r2, 0x4, 0x0, &(0x7f0000000040)=[{0x8, 0x401}, {0x3, 0x403}, {0x4d94, 0x8000}, {0x7}]}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r1, 0x0, 0x4, 0x2000}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1, 0x0, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000680)={0x28, 0x7, 0x0, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1004000}) ioctl$IOMMU_TEST_OP_MD_CHECK_MAP(r0, 0x3ba0, &(0x7f0000000800)={0x48, 0x3, r4, 0x0, 0x1004000, 0x1000, &(0x7f0000ffc000)}) ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r0, 0x3ba0, &(0x7f0000000880)={0xffffffcb, 0x4, 0x0, 0x0, 0x1000, &(0x7f0000ffc000), 0x1}) ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000900)={0x18, r1, 0x1000, 0x1004000}) ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f0000000940)={0x8, r3}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000980)={0x48, 0x5, r1, 0x0, 0x0, 0x1}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000a00)={0x28, 0x7, r1, 0x0, &(0x7f00000a0000)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1000}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000a40)={0x48, 0x7, r5, 0x0, 0x0, 0x0, 0x0, 0x1000}) ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000ac0)={0x48, 0x8, r5, 0x0, 0x0, 0x1c, &(0x7f0000000b40)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL'}) ioctl$IOMMU_TEST_OP_DESTROY_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000b80)={0x48, 0x6, r5, 0x0, r6}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c00)={0x18, r1}) close(r5) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c40)={0xffffffffffffff10, r1}) ioctl$IOMMU_TEST_OP_SET_TEMP_MEMORY_LIMIT(r0, 0x3ba0, &(0x7f0000000c80)={0x48, 0x9, 0x0, 0x0, 0x10}) ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000d00)={0x8, r1}) close(r0) 1.203563636s ago: executing program 0 (id=708): socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$CDROM_SEND_PACKET(r1, 0x5304, &(0x7f0000000440)={'\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x8003, 0xfffffffd, 0x0}) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040)={0x1}) 1.15467432s ago: executing program 2 (id=710): r0 = syz_open_dev$evdev(&(0x7f0000000200), 0x0, 0x0) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fchmod(r0, 0x0) r1 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$CDROMEJECT(r1, 0x5309) 984.162888ms ago: executing program 2 (id=711): open(&(0x7f0000000040)='./bus\x00', 0x14957e, 0x0) mount(0x0, &(0x7f0000000280)='./bus\x00', &(0x7f0000000000)='ocfs2\x00', 0x8cffffff, 0x0) 982.382711ms ago: executing program 0 (id=712): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$packet(0x11, 0x2, 0x300) socket$nl_route(0x10, 0x3, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) socket(0x10, 0x3, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r5, 0x0, 0x80) 925.158046ms ago: executing program 3 (id=713): r0 = socket$inet6(0xa, 0x3, 0x5) (async) r1 = socket$l2tp6(0xa, 0x2, 0x73) dup3(r1, r0, 0x0) (async) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000040)={0x5e}, 0x8) (async) sendmmsg(r0, &(0x7f00000002c0)=[{{&(0x7f0000000340)=@l2tp6={0xa, 0x500, 0x80000, @dev, 0x0, 0x20000000}, 0x80, 0x0}, 0x5b4}], 0x1, 0x0) 924.867627ms ago: executing program 2 (id=714): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mountinfo\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000084040000000000000002"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000000c00000002000000002000000000001304000080"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r1 = socket$inet(0x2, 0x2, 0x1) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @private}, 0x10, &(0x7f0000000280)=[{&(0x7f00000001c0)="08001efbb07d586e", 0x8}], 0x1, 0x0, 0x0, 0x60000000}, 0x0) r2 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8936, &(0x7f0000000000)={'nicvf0\x00', 0x0}) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15) bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10) ioctl$TCFLSH(r2, 0x404c4701, 0x20000000) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000000c0)=0xf9) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x3) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0) unshare(0x2a000400) read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020) 924.211633ms ago: executing program 3 (id=716): r0 = socket$kcm(0x10, 0x2, 0x0) recvmsg(r0, &(0x7f0000000480)={0x0, 0x4800, 0x0}, 0x100) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33) 795.176751ms ago: executing program 3 (id=718): socket(0x2, 0x80805, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="3640f0002600913e"], 0xfe33) 794.720583ms ago: executing program 3 (id=719): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) r1 = socket$inet6(0xa, 0x6, 0x0) listen(r1, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040)) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r4 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x106}}, 0x20) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r4, 0xc0884113, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x100000000008, 0x401, 0x0, 0x1, 0x0, 0x0, 0x5, 0xfffffffe, 0x2}) write$UHID_SET_REPORT_REPLY(r4, 0x0, 0xc6) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) close(r0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0) r7 = dup3(r6, r5, 0x80000) ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000005c0)={0xc, 0x0, &(0x7f0000000700)=[@dead_binder_done], 0x0, 0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r7, 0xc0a85320, &(0x7f0000000180)={{0x2, 0xc}, 'port1\x00', 0x3, 0x8, 0x0, 0xffffffff, 0x4ad, 0x7, 0x74, 0x0, 0x7, 0xf0}) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={0xffffffffffffffff}, 0x2, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r7, &(0x7f0000000300)={0x5, 0x10, 0xfa00, {&(0x7f0000000740), r8, 0x1}}, 0x18) sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="01", 0x1, 0x0, 0x0, 0x0) r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r9, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r9, &(0x7f0000000100), 0x6) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYRESOCT=r0, @ANYRES32=r7, @ANYBLOB='\x00'/20, @ANYRES32=r3, @ANYRES32=0x0, @ANYBLOB="47ea45e6f0a08f4e2a31392fb694f8004020fe4000d0880006"], 0x50) sendmsg$DCCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c0000001300250500000000000000000000000300"/56, @ANYRES32=0x0, @ANYRESDEC=r0], 0x4c}}, 0x0) 794.333759ms ago: executing program 0 (id=720): r0 = socket(0x0, 0x0, 0x3ff) socket$inet_tcp(0x2, 0x1, 0x0) (async) r1 = socket$inet_tcp(0x2, 0x1, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000c40)="af", 0x1}], 0x1, &(0x7f00000003c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES16=r1, @ANYBLOB="00bf9100"], 0x18}, 0x0) syz_clone3(&(0x7f00000005c0)={0x30000000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0), {0x3}, &(0x7f00000004c0)=""/108, 0x6c, &(0x7f0000000540)=""/92, &(0x7f0000000200)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2, {r2}}, 0x58) (async) r6 = syz_clone3(&(0x7f00000005c0)={0x30000000, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0), {0x3}, &(0x7f00000004c0)=""/108, 0x6c, &(0x7f0000000540)=""/92, &(0x7f0000000200)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2, {r2}}, 0x58) r7 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000200)={'vxcan1\x00', 0x0}) bind$can_j1939(r7, &(0x7f0000000000)={0x1d, r8}, 0x18) (async) bind$can_j1939(r7, &(0x7f0000000000)={0x1d, r8}, 0x18) sendmsg$can_j1939(r7, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1d, 0x0, 0x0, {0x0, 0x1ee}}, 0x18, &(0x7f00000004c0)={&(0x7f0000000140)='\x00', 0x8}}, 0x0) (async) sendmsg$can_j1939(r7, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1d, 0x0, 0x0, {0x0, 0x1ee}}, 0x18, &(0x7f00000004c0)={&(0x7f0000000140)='\x00', 0x8}}, 0x0) stat(&(0x7f0000000240)='./bus\x00', &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f00000000c0)='./bus\x00', r9, 0x0) (async) lchown(&(0x7f00000000c0)='./bus\x00', r9, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000280)=0x0) ioctl$NS_GET_OWNER_UID(r3, 0xb704, &(0x7f0000000300)=0x0) sendmsg$nl_netfilter(r4, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000380)={&(0x7f0000000c80)=ANY=[@ANYBLOB="240300000304050029bd7000fddbdf2502000004bbb0f69a3d6ce6e030be054ba2332707d16ac23567d0c53a02f7b81ef1611971e287f83e49039a7dff70a5679a0dbca76c4480b3c88ed1d0c7f1280c8e767cab74f8eb9153a2add8636c4fd8e646fb00b7174ddd564f8073a22336207cce5bca7dba231ef3c11a0a8cff6a402fd6383639eaae3e166ed44f9acfd981e01f9882f6b2ef66a7ddb0706affe6e42ac7a7841f68ea0f582a7460d2c17d17c4597204c9a321832a5a255c17ef91774c6cc26fd2dfe5e6d6454b2ce77db537e8dbf8dbe8f6cbf3268e478795b874fb459ae2896d178d91f4fd76a486db186b95a3218964e1d7a9f7a27339ac1400258008004200100b00000800bd00", @ANYRES32=r6, @ANYBLOB="1300d4003a2d7b7b233a255c242d7bc02827000008009b00e000000208004400", @ANYRES32=r9, @ANYBLOB="08001d00", @ANYRES32=r10, @ANYBLOB="ae4bcd1a65a94b0a57bcfdbd51db9a948ed916c8c54481fec2a8531128341a8f1135529277367596d2cfecc3e153e2483c6a2c20a28ef7a5046e81de75efa7e366e42c1c2dde27e8e12d1c6217b6f48e2e27b1153f729bd898002564aaabbe74a13fe6bcf5be75f6cb341cc6c8435260d4cd501d8fa94f33adcd3c54c41504ac3945c0710c245104c854380bb7cec71f50967ed72b62b85fff040b810c41daacd3f240b9f7567156309c7f1884b070d2d737595c2ec06e5b96bea7a91b0fd1eb93c633b82881e9dbcb90874fbe09cad2437a0eb45cde697bd44a75d64982e164ca5c6ce4d5da1400098008001400", @ANYRES32=r0, @ANYBLOB="08009600", @ANYRES32=r11, @ANYBLOB="eb00058008001c00ac1e00013bb444778bead0184f6d00313bac3e6003638ce769da0bd2d497e712f0d96f7f67a72285ab4066fa17cf70fc3e32a2f28f6dbd5003f6934202ca4838384b92de7489760d6f6f64946f5319a794f826b88dd5bec173fe58a2ab713c6a514ef53a1231359d2b67dbe65eee8ced6fd8625fe42739572d131980d3966c9324e62d0a2782c8cbe128a91cd1bb3f6f3e5e83c94b6e984b9fd9d3d293d395e9c6df73f0d57c607103c1d8a30c0018000300000000000000d62e05d84be01091eb91e3189db781000000d5b595826b09a579000000000000008c836575da6ae963a982438e3f8f612d3626e6028a6a5b1f8aa4bab6a5666371fedab61df07d2a4f7697d47581892805c28eb5691788623caa13e44a768a3f347459dad98a8379f7f7ece55e0c78d63745c4c1d64ea06f02da248bb54c31d999ed7f90c09113ab325a01d6129a5a002d72aa6597d755b05c551ef5576ce1a764bcb1b3907d3dd550051fa63dadc90a01ffe14b82d4ce14c3d15756a89af2e46a13c1f2422b4fd5816cf30f02b24f633face09c278153a99073a5215844ca125dd8fda2c5c37ff5fb1f62d624a94c56f5d9ff6d155cc8d85c43cacb1ae2a8b66f959dc7849c0c3032366accb8365b929c87b9bbfb47b6dce56d6cb06174dd7c5cf50516e6423e91801c153a2262fdd6c4d06c6c7eb5a7ff5a39b91bc77673c2e68e06dd877000"/530], 0x324}, 0x1, 0x0, 0x0, 0xb050}, 0x0) splice(r4, 0x0, r3, 0x0, 0x80, 0x0) (async) splice(r4, 0x0, r3, 0x0, 0x80, 0x0) r12 = socket$kcm(0x10, 0x2, 0x10) r13 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r13, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x8014) r14 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r14, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@deltaction={0x24, 0x31, 0x38ac2e76ffe355d7, 0x70bd2a, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x90) recvmsg$kcm(r13, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000014c0)=""/4097, 0x1001}], 0x1}, 0x0) (async) recvmsg$kcm(r13, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000014c0)=""/4097, 0x1001}], 0x1}, 0x0) sendmsg$kcm(r12, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020030000b02d25a806f8c2d94f90424fc602f1a04000a740100053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x0) ioctl$KDGETKEYCODE(r1, 0x5450, 0x0) (async) ioctl$KDGETKEYCODE(r1, 0x5450, 0x0) getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000040), &(0x7f0000000080)=0xc) 794.061835ms ago: executing program 3 (id=721): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) pipe2(&(0x7f00000002c0)={0xffffffffffffffff}, 0x80000) close_range(r0, r1, 0x2) pipe(&(0x7f0000000e80)) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000080)="6a685a1064e64a36d2002f5f6f47415830f757b8", 0x8) r5 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x270, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@IFLA_AF_SPEC={0x110, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x5, 0x0, 0x1, {0x4, 0x5, 0x0, 0x1, [{0x8}]}}]}, @IFLA_VF_PORTS={0x8, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "714abbd2547de97cbbf6efb226f19bf9"}, @IFLA_PORT_PROFILE={0xd, 0x2, ':(\x8e^[[Z@\x00'}]}, {0x60, 0x7, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "293a02149f3b75a67093c28fd6f55a23"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "e48f01e49713f0c2d839f940d9f088d8"}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_PROFILE={0x7, 0x2, '):\x00'}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "4d2906d0880fc8acc30fe2020f984967"}]}, {0x50, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "a1085e7df341b9dc3d8008a2fe5bdaad"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "9c7e472c916020fe41bcc5aa8f56c947"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "80ab8be51421cfa3c9e5cbfe8217e0af"}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}]}, {0x60, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0xc, 0x2, 'syztnl0\x00'}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e078d277f38ed3a40a448f3f6b6763e8"}]}, {0x3c, 0xc, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x2c, 0x1}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x19, "02dd96197aca85b64424a37dbda7b694"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x8, "eb052fcd3dd4d3e8bbcbf1de857c0e1c"}]}, {0x3c, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "b2112a97bf9704ee57915340334b8271"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e8635392a70f36f95f4b9b352920ebec"}]}]}, @IFLA_GSO_MAX_SEGS={0x8}, @IFLA_AF_SPEC={0x60, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET6={0x34, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @local}, @IFLA_INET6_TOKEN={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_BRIDGE={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x1e, 0x7, @remote}, @IFLA_INET6_TOKEN={0x0, 0x7, @loopback}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @private2}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1}]}]}]}, 0x270}}, 0x0) openat$iommufd(0xffffffffffffff9c, &(0x7f0000000ec0), 0x8000, 0x0) ioctl$IOMMU_VFIO_IOAS$GET(r1, 0x3b88, &(0x7f0000000f00)={0xc}) 792.68483ms ago: executing program 1 (id=722): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000100)={0x20, r1, 0x2, 0x0, &(0x7f0000000140)=[{}, {}]}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x20, r1, 0x2, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}, {0x3, 0x5}]}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x7, r1, 0x0, &(0x7f0000000240)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x1c}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000280)={0x18, r1}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x7, r1, 0x0, &(0x7f0000000300)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2}) ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000340)={0x18, r1, 0x2, 0x1c}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f00000003c0)={0x18, r1}) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r2, 0x0, &(0x7f0000000480)="4c4c4c4c4c6dc3ba4c4c4c4c4c4c4c4c4c4c4c4c0400", 0xffffffffffffff56, 0x6}) ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000004c0)={0x28, 0x7, r2, r1, 0x1c, 0x3, 0x2}) ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000500)={0x18, r2, 0x3, 0x1c}) ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000540)={0x8, r2}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000580)={0x18, r1}) ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000005c0)={0x18, 0x0, 0x1}) ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x1, 0x0, r1}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000640)={0x20, r1, 0x0, 0x0, &(0x7f0000000680)}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r2, 0x0, 0xa72, 0x2000}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1, 0x0, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1004000}) ioctl$IOMMU_TEST_OP_MD_CHECK_MAP(r0, 0x3ba0, &(0x7f0000000800)={0x48, 0x3, r4, 0x0, 0x1004000, 0x1000, &(0x7f0000ffc000)}) ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000900)={0x18, r1, 0x1000, 0x1004000}) ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f0000000940)={0x8, r3}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000980)={0x48, 0x5, r1, 0x0, 0x0, 0x1}) ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, &(0x7f0000000040)={0x28, 0x6, r1, 0x0, &(0x7f0000000680)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000a40)={0x48, 0x7, r5, 0x0, 0x0, 0x0, 0x0, 0x1000}) ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000ac0)={0x48, 0x8, r5, 0x0, 0x0, 0x10, &(0x7f0000000b40)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL'}) ioctl$IOMMU_TEST_OP_DESTROY_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000b80)={0x48, 0x6, r5, 0x0, r6}) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c00)={0x18, r1}) close(r5) ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c40)={0x18, r1}) ioctl$IOMMU_TEST_OP_SET_TEMP_MEMORY_LIMIT(r0, 0x3ba0, &(0x7f0000000c80)={0x48, 0x9, 0x0, 0x0, 0x10}) io_uring_setup(0x524e, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1c0}) r7 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2) write$binfmt_script(r7, &(0x7f0000000380)={'#! ', './file0'}, 0xb) 704.511405ms ago: executing program 3 (id=723): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8080}, 0x0) (async) r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000040), 0x10) (async) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x309001, 0x0) ioctl$SNDCTL_SYNTH_ID(r1, 0xc08c5114, &(0x7f00000001c0)={"25838aa1cde3fa5c9218382991739bd022decbf734f4260e22700370ea8b", 0x5, 0x2, 0x1, 0x3, 0x7ff, 0xe, 0x2, 0x5, [0x3, 0x99c, 0x1, 0x3, 0x2, 0x0, 0x6d83fd6a, 0x5b58, 0x7, 0x2, 0x9ae5, 0x7, 0x9, 0x0, 0x56b, 0x1, 0x1, 0x0, 0x8]}) (async) sendmsg$can_bcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="05000000030c00"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0xea60, @ANYBLOB="0000004001"], 0x80}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYRESHEX=r3, @ANYRES16=r0, @ANYRESDEC=0x0, @ANYRESDEC=r2], 0x48) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000020ac050f022200018283010902240001010000000904000002030102000921000500012200000905"], 0x0) (async) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x105c40) 704.25142ms ago: executing program 1 (id=724): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup(r0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0xe, 0x0, &(0x7f0000000040)) r2 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x40) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000640), r3) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x9) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x50, r4, 0xc31, 0x70bd2b, 0x25dfdbff, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8}, {0x6, 0x16, 0xc}, {0x5}}]}, 0x50}, 0x1, 0x0, 0x0, 0x8084}, 0x4010) ioctl$VIDIOC_CROPCAP(r2, 0xc02c563a, &(0x7f0000000080)={0x9, {0x6, 0x7, 0x101, 0x7}, {0x8, 0x7, 0x8, 0x7ff}, {0x60ed}}) 644.467095ms ago: executing program 0 (id=725): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000001a) fcntl$notify(r0, 0x402, 0x100000019) r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) fcntl$notify(r2, 0x402, 0x80000003) r3 = openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$CDROM_SET_OPTIONS(r3, 0x324, 0x3000000) fcntl$notify(r0, 0x402, 0x0) 644.171106ms ago: executing program 2 (id=726): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x23, 0x4, 0x0, 0x2, 0x8c, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x4, 0x0, 0x0, 0x9}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0xe, [{@private=0xa010102}, {@multicast1, 0x1}, {@remote, 0x8000}, {@multicast1, 0x65c}, {@broadcast}, {@empty}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x34, 0x9c, 0x3, 0x8, [{@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101, 0xfffffffc}, {@broadcast, 0x52b1}, {@remote, 0x71}]}, @noop, @noop, @noop]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) (fail_nth: 3) 640.845429ms ago: executing program 0 (id=727): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000200)=0x2010003, 0x4) sendto$inet6(r0, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x48, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000005b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 584.904256ms ago: executing program 1 (id=728): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) socket$packet(0x11, 0x2, 0x300) socket$nl_route(0x10, 0x3, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) socket(0x10, 0x3, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x80) 294.011592ms ago: executing program 1 (id=729): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1) r1 = socket$inet(0x2, 0x2, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, 0x0, &(0x7f0000000100)=0x1e) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="3000000020000f0700000000000000000a00739083b7000012000100140002"], 0x30}}, 0x0) syz_emit_ethernet(0xfc0, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60"], 0x0) (async) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) (async) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x0, 0x8, 0x0, 0x0, 0xf}) ioctl$int_in(r0, 0x5452, &(0x7f00000001c0)=0xb2) (async) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) 293.773384ms ago: executing program 1 (id=730): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) r3 = socket$kcm(0x10, 0x2, 0x4) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000009fff514a000000003a810000850000000700000085000000d000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='contention_end\x00', r4}, 0x10) close(r3) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="5c0000007a006bcd9e3fe3dc6e080000070200007a0000007ea60864160af36504005425198bc3488bc3a0e69ee517d34460bc24eab556a705251e6182949a3651f668c3664402682fb6e27bbfa83b5cae0300c9f4d1938037e786a6", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) write$binfmt_script(r2, &(0x7f0000000400), 0x4) r5 = open(&(0x7f0000000000)='./file0\x00', 0x101000, 0x86) r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r7, 0xc0045516, &(0x7f0000000000)=0xffb) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r7, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) close_range(r6, 0xffffffffffffffff, 0x0) ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x15) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r8 = dup(r1) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) connect$pptp(r9, &(0x7f0000000080)={0x18, 0x2, {0x1, @private=0xa010100}}, 0x1e) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_NMI(r9, 0xae9a) ioctl$KVM_RUN(r9, 0xae80, 0x0) 183.239331ms ago: executing program 2 (id=731): r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000000)={'veth1_vlan\x00', 0x4ff}) (fail_nth: 4) 253.371µs ago: executing program 2 (id=732): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7}) ioctl$sock_netdev_private(r0, 0x8949, &(0x7f0000000000)) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000340)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="cf0400000000000000f71200000008000300", @ANYRES32=r3, @ANYBLOB="0400130006001200000000000600b500850100000a00060008021100000100000c0081000500010040"], 0x48}}, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x105443, 0x0) 0s ago: executing program 1 (id=733): r0 = socket$pppl2tp(0x18, 0x1, 0x1) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) creat(&(0x7f0000000340)='./file0/file0\x00', 0x0) chdir(&(0x7f0000000140)='./bus\x00') close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fdatasync(r1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f00000008c0)={'team0\x00', 0x4ff}) kernel console output (not intermixed with test programs): 14][ T6756] ? __pfx_ksys_read+0x10/0x10 [ 64.040243][ T6756] do_syscall_64+0xcd/0x250 [ 64.040257][ T6756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.040273][ T6756] RIP: 0033:0x7f4ab517d15c [ 64.040282][ T6756] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 64.040292][ T6756] RSP: 002b:00007f4ab5fcf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 64.040302][ T6756] RAX: ffffffffffffffda RBX: 00007f4ab5335f80 RCX: 00007f4ab517d15c [ 64.040309][ T6756] RDX: 000000000000000f RSI: 00007f4ab5fcf0a0 RDI: 0000000000000004 [ 64.040315][ T6756] RBP: 00007f4ab5fcf090 R08: 0000000000000000 R09: 0000000000000000 [ 64.040325][ T6756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.040331][ T6756] R13: 0000000000000000 R14: 00007f4ab5335f80 R15: 00007ffcea833428 [ 64.040344][ T6756] [ 64.070727][ T1320] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.074251][ T1320] usb 7-1: config 0 descriptor?? [ 64.165499][ T5988] usbhid 5-1:0.0: can't add hid device: -71 [ 64.167180][ T5988] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 64.172994][ T5988] usb 5-1: USB disconnect, device number 7 [ 64.278954][ T6745] FAULT_INJECTION: forcing a failure. [ 64.278954][ T6745] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 64.282890][ T6745] CPU: 0 UID: 0 PID: 6745 Comm: syz.2.249 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 64.285668][ T6745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.289070][ T6745] Call Trace: [ 64.290326][ T6745] [ 64.291367][ T6745] dump_stack_lvl+0x16c/0x1f0 [ 64.292612][ T6745] should_fail_ex+0x497/0x5b0 [ 64.293882][ T6745] _copy_from_user+0x2e/0xd0 [ 64.295112][ T6745] copy_msghdr_from_user+0x99/0x160 [ 64.296483][ T6745] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 64.298176][ T6745] ? __pfx___lock_acquire+0x10/0x10 [ 64.299638][ T6745] ___sys_sendmsg+0xff/0x1e0 [ 64.301116][ T6745] ? __pfx____sys_sendmsg+0x10/0x10 [ 64.302576][ T6745] ? lock_acquire+0x2f/0xb0 [ 64.303941][ T6745] ? __fget_files+0x40/0x3f0 [ 64.305565][ T6745] ? fdget+0x176/0x210 [ 64.306759][ T6745] __sys_sendmmsg+0x1a1/0x450 [ 64.308306][ T6745] ? __pfx___sys_sendmmsg+0x10/0x10 [ 64.308499][ T6762] dccp_v6_rcv: dropped packet with invalid checksum [ 64.310227][ T6745] ? vfs_write+0x306/0x1150 [ 64.310276][ T6745] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 64.315695][ T6745] ? fput+0x30/0x390 [ 64.316775][ T6745] ? ksys_write+0x1ad/0x260 [ 64.318239][ T6745] ? __pfx_ksys_write+0x10/0x10 [ 64.319787][ T6745] __x64_sys_sendmmsg+0x9c/0x100 [ 64.321230][ T6745] ? lockdep_hardirqs_on+0x7c/0x110 [ 64.322836][ T6745] do_syscall_64+0xcd/0x250 [ 64.324193][ T6745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.326015][ T6745] RIP: 0033:0x7f515497e719 [ 64.327279][ T6745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.333240][ T6745] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 64.335611][ T6745] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 64.337745][ T6745] RDX: 0000000000000001 RSI: 0000000020000440 RDI: 000000000000000c [ 64.340629][ T6745] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 64.343410][ T6745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.344551][ T6762] netfs: Couldn't get user pages (rc=-14) [ 64.345454][ T6745] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 64.345476][ T6745] [ 64.355032][ T1320] usbhid 7-1:0.0: can't add hid device: -71 [ 64.357528][ T1320] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 64.362141][ T1320] usb 7-1: USB disconnect, device number 6 [ 64.701073][ T6774] FAULT_INJECTION: forcing a failure. [ 64.701073][ T6774] name failslab, interval 1, probability 0, space 0, times 0 [ 64.705808][ T6774] CPU: 1 UID: 0 PID: 6774 Comm: syz.0.259 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 64.708636][ T6774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.711524][ T6774] Call Trace: [ 64.712422][ T6774] [ 64.713214][ T6774] dump_stack_lvl+0x16c/0x1f0 [ 64.714482][ T6774] should_fail_ex+0x497/0x5b0 [ 64.715716][ T6774] ? fs_reclaim_acquire+0xae/0x150 [ 64.717128][ T6774] should_failslab+0xc2/0x120 [ 64.718433][ T6774] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 64.719925][ T6774] ? __anon_vma_prepare+0x344/0x5e0 [ 64.721401][ T6774] __anon_vma_prepare+0x344/0x5e0 [ 64.722891][ T6774] uprobe_write_opcode+0xbf8/0xec0 [ 64.724370][ T6774] ? __pfx_uprobe_write_opcode+0x10/0x10 [ 64.725896][ T6774] ? prepare_uprobe+0x7b/0x4d0 [ 64.727321][ T6774] install_breakpoint.part.0+0xf8/0x140 [ 64.728918][ T6774] register_for_each_vma+0x93c/0xd20 [ 64.730610][ T6774] uprobe_register+0x7cb/0xaf0 [ 64.732071][ T6774] bpf_uprobe_multi_link_attach+0x872/0xf50 [ 64.733680][ T6774] ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10 [ 64.735688][ T6774] ? __fget_files+0x244/0x3f0 [ 64.737264][ T6774] ? fput+0x30/0x390 [ 64.738338][ T6774] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 64.740071][ T6774] __sys_bpf+0x3c4a/0x49a0 [ 64.741271][ T6774] ? ksys_write+0x21e/0x260 [ 64.742530][ T6774] ? reacquire_held_locks+0x470/0x4c0 [ 64.743957][ T6774] ? __pfx___sys_bpf+0x10/0x10 [ 64.745280][ T6774] ? vfs_write+0x306/0x1150 [ 64.746560][ T6774] ? __mutex_unlock_slowpath+0x164/0x650 [ 64.748208][ T6774] ? fput+0x30/0x390 [ 64.749290][ T6774] ? ksys_write+0x1ad/0x260 [ 64.750772][ T6774] ? __pfx_ksys_write+0x10/0x10 [ 64.752242][ T6774] __x64_sys_bpf+0x78/0xc0 [ 64.753947][ T6774] ? lockdep_hardirqs_on+0x7c/0x110 [ 64.755446][ T6774] do_syscall_64+0xcd/0x250 [ 64.756698][ T6774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.758415][ T6774] RIP: 0033:0x7f86b777e719 [ 64.759648][ T6774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.764926][ T6774] RSP: 002b:00007f86b856b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 64.767242][ T6774] RAX: ffffffffffffffda RBX: 00007f86b7935f80 RCX: 00007f86b777e719 [ 64.769713][ T6774] RDX: 000000000000003c RSI: 00000000200012c0 RDI: 000000000000001c [ 64.772273][ T6774] RBP: 00007f86b856b090 R08: 0000000000000000 R09: 0000000000000000 [ 64.774904][ T6774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 64.777264][ T6774] R13: 0000000000000000 R14: 00007f86b7935f80 R15: 00007fff1d278b28 [ 64.779508][ T6774] [ 64.835523][ T6778] gre1: entered promiscuous mode [ 64.837980][ T6778] team0: Device gre1 is of different type [ 64.888293][ T6779] netlink: 'syz.0.261': attribute type 4 has an invalid length. [ 65.168538][ T6795] FAULT_INJECTION: forcing a failure. [ 65.168538][ T6795] name failslab, interval 1, probability 0, space 0, times 0 [ 65.173300][ T6795] CPU: 3 UID: 0 PID: 6795 Comm: syz.0.266 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 65.176144][ T6795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.179301][ T6795] Call Trace: [ 65.180445][ T6795] [ 65.181300][ T6795] dump_stack_lvl+0x16c/0x1f0 [ 65.182601][ T6795] should_fail_ex+0x497/0x5b0 [ 65.183890][ T6795] ? fs_reclaim_acquire+0xae/0x150 [ 65.185260][ T6795] should_failslab+0xc2/0x120 [ 65.186534][ T6795] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 65.187960][ T6795] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 65.190140][ T6795] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 65.192228][ T6795] mmu_topup_memory_caches+0x22/0xd0 [ 65.194022][ T6795] kvm_mmu_load+0xda/0x20d0 [ 65.195782][ T6795] ? mark_held_locks+0x9f/0xe0 [ 65.197538][ T6795] ? kvm_apic_has_interrupt+0xb6/0x190 [ 65.199917][ T6795] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 65.201882][ T6795] ? kvm_guest_time_update+0x780/0xeb0 [ 65.203391][ T6795] ? clear_pending_if_disabled+0xa9/0x210 [ 65.204924][ T6795] ? __pfx_kvm_mmu_load+0x10/0x10 [ 65.206413][ T6795] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 65.208022][ T6795] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 65.209725][ T6795] vcpu_run+0x337c/0x4f80 [ 65.210923][ T6795] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 65.212456][ T6795] ? __pfx_vcpu_run+0x10/0x10 [ 65.213954][ T6795] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 65.216092][ T6795] ? rcu_is_watching+0x12/0xc0 [ 65.217490][ T6795] ? trace_lock_acquire+0x14a/0x1d0 [ 65.219009][ T6795] ? __local_bh_enable_ip+0xa4/0x120 [ 65.220729][ T6795] ? kvm_arch_vcpu_ioctl_run+0x14d/0x1730 [ 65.222332][ T6795] ? kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 65.223974][ T6795] kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 65.225525][ T6795] kvm_vcpu_ioctl+0x6c7/0x1510 [ 65.226956][ T6795] ? do_vfs_ioctl+0x513/0x1990 [ 65.228450][ T6795] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 65.230005][ T6795] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 65.232119][ T6795] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 65.234145][ T6795] ? trace_lock_acquire+0x14a/0x1d0 [ 65.235521][ T6795] ? selinux_file_ioctl+0x180/0x270 [ 65.236863][ T6795] ? selinux_file_ioctl+0xb4/0x270 [ 65.238185][ T6795] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 65.239527][ T6795] __x64_sys_ioctl+0x18f/0x220 [ 65.240811][ T6795] do_syscall_64+0xcd/0x250 [ 65.242005][ T6795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.243591][ T6795] RIP: 0033:0x7f86b777e719 [ 65.244787][ T6795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.250222][ T6795] RSP: 002b:00007f86b856b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 65.252733][ T6795] RAX: ffffffffffffffda RBX: 00007f86b7935f80 RCX: 00007f86b777e719 [ 65.254919][ T6795] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 65.257037][ T6795] RBP: 00007f86b856b090 R08: 0000000000000000 R09: 0000000000000000 [ 65.257579][ T39] kauditd_printk_skb: 11 callbacks suppressed [ 65.257590][ T39] audit: type=1400 audit(1731459026.835:307): avc: denied { name_bind } for pid=6799 comm="syz.2.268" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 65.259134][ T6795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 65.263666][ T39] audit: type=1400 audit(1731459026.845:308): avc: denied { watch watch_reads } for pid=6799 comm="syz.2.268" path="/49/file0" dev="tmpfs" ino=284 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 65.266394][ T6795] R13: 0000000000000000 R14: 00007f86b7935f80 R15: 00007fff1d278b28 [ 65.266418][ T6795] [ 65.278650][ T39] audit: type=1400 audit(1731459026.845:309): avc: denied { ioctl } for pid=6788 comm="syz.1.264" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 65.319372][ T2296] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 65.336334][ T39] audit: type=1400 audit(1731459026.915:310): avc: denied { read } for pid=6801 comm="syz.2.269" name="iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 65.345406][ T39] audit: type=1400 audit(1731459026.915:311): avc: denied { open } for pid=6801 comm="syz.2.269" path="/dev/iommu" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 65.382910][ T39] audit: type=1400 audit(1731459026.965:312): avc: denied { bind } for pid=6804 comm="syz.0.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 65.387972][ T39] audit: type=1400 audit(1731459026.965:313): avc: denied { name_bind } for pid=6804 comm="syz.0.271" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 65.394965][ T39] audit: type=1400 audit(1731459026.965:314): avc: denied { node_bind } for pid=6804 comm="syz.0.271" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 65.401109][ T39] audit: type=1400 audit(1731459026.965:315): avc: denied { connect } for pid=6804 comm="syz.0.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 65.406109][ T39] audit: type=1400 audit(1731459026.965:316): avc: denied { name_connect } for pid=6804 comm="syz.0.271" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 65.449450][ T6809] netlink: 'syz.0.272': attribute type 16 has an invalid length. [ 65.449846][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.452593][ T6809] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.458403][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 65.489309][ T2296] usb 6-1: Using ep0 maxpacket: 8 [ 65.491880][ T2296] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 65.494073][ T2296] usb 6-1: config 179 has no interface number 0 [ 65.495723][ T2296] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 65.498770][ T2296] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 65.502937][ T2296] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 65.505828][ T2296] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 65.509003][ T2296] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 65.513775][ T2296] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 65.516088][ T2296] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.519979][ T6789] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 65.729780][ T6822] FAULT_INJECTION: forcing a failure. [ 65.729780][ T6822] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 65.733059][ T6822] CPU: 2 UID: 0 PID: 6822 Comm: syz.0.276 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 65.735897][ T6822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.738389][ T2296] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input19 [ 65.739639][ T6822] Call Trace: [ 65.739670][ T6822] [ 65.739678][ T6822] dump_stack_lvl+0x16c/0x1f0 [ 65.739705][ T6822] should_fail_ex+0x497/0x5b0 [ 65.739728][ T6822] _copy_from_user+0x2e/0xd0 [ 65.747724][ T6822] kstrtouint_from_user+0xd7/0x1c0 [ 65.749112][ T6822] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 65.750707][ T6822] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 65.752126][ T6822] proc_fail_nth_write+0x84/0x250 [ 65.753418][ T6822] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 65.755156][ T6822] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 65.756784][ T6822] vfs_write+0x24c/0x1150 [ 65.758129][ T6822] ? __fget_files+0x23a/0x3f0 [ 65.759752][ T6822] ? fdget_pos+0x24c/0x360 [ 65.761616][ T6822] ? __pfx_lock_release+0x10/0x10 [ 65.763250][ T6822] ? trace_lock_acquire+0x14a/0x1d0 [ 65.764663][ T6822] ? __pfx_vfs_write+0x10/0x10 [ 65.765942][ T6822] ? __pfx___mutex_lock+0x10/0x10 [ 65.767238][ T6822] ? __fget_files+0x244/0x3f0 [ 65.768439][ T6822] ksys_write+0x12f/0x260 [ 65.769563][ T6822] ? __pfx_ksys_write+0x10/0x10 [ 65.770811][ T6822] do_syscall_64+0xcd/0x250 [ 65.771948][ T6822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.773378][ T6822] RIP: 0033:0x7f86b777d1ff [ 65.774543][ T6822] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 65.779633][ T6822] RSP: 002b:00007f86b856b030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 65.781739][ T6822] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f86b777d1ff [ 65.783784][ T6822] RDX: 0000000000000001 RSI: 00007f86b856b0a0 RDI: 0000000000000004 [ 65.785777][ T6822] RBP: 00007f86b856b090 R08: 0000000000000000 R09: 0000000000000000 [ 65.787825][ T6822] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 65.789844][ T6822] R13: 0000000000000000 R14: 00007f86b7935f80 R15: 00007fff1d278b28 [ 65.791862][ T6822] [ 66.391985][ T2296] usb 6-1: USB disconnect, device number 7 [ 66.394323][ C3] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 66.394360][ C3] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 66.409424][ T2296] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 66.498338][ T6836] dccp_v6_rcv: dropped packet with invalid checksum [ 66.517645][ T6836] netfs: Couldn't get user pages (rc=-14) [ 66.668954][ T6840] binder: 6839:6840 ioctl c00c6211 0 returned -14 [ 66.903317][ T6863] 9pnet_virtio: no channels available for device syz [ 67.349389][ T2296] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 67.499362][ T2296] usb 5-1: Using ep0 maxpacket: 8 [ 67.504656][ T2296] usb 5-1: config 0 has an invalid interface number: 52 but max is 0 [ 67.507092][ T2296] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 67.509889][ T2296] usb 5-1: config 0 has no interface number 0 [ 67.511564][ T2296] usb 5-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 67.514654][ T2296] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 67.517592][ T2296] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0 [ 67.520276][ T2296] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 67.523738][ T2296] usb 5-1: config 0 interface 52 has no altsetting 0 [ 67.525566][ T2296] usb 5-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 67.527984][ T2296] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.531188][ T2296] usb 5-1: config 0 descriptor?? [ 67.737807][ T2296] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.52/input/input20 [ 67.742529][ T5349] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 67.746280][ T5349] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 67.751822][ T5349] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 67.755006][ T5349] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 67.782122][ T6027] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 67.785425][ T5349] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 67.793016][ T5349] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 68.339604][ T2296] usb 8-1: new low-speed USB device number 3 using dummy_hcd [ 68.359565][ T6906] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 68.501847][ T2296] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 68.509379][ T2296] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 68.515111][ T2296] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 68.518606][ T2296] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 68.528358][ T2296] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 68.536146][ T2296] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.542195][ T2296] hub 8-1:1.0: bad descriptor, ignoring hub [ 68.544317][ T2296] hub 8-1:1.0: probe with driver hub failed with error -5 [ 68.547142][ T2296] cdc_wdm 8-1:1.0: skipping garbage [ 68.548977][ T2296] cdc_wdm 8-1:1.0: skipping garbage [ 68.551813][ T2296] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 68.553624][ T2296] cdc_wdm 8-1:1.0: Unknown control protocol [ 68.626657][ T6921] FAULT_INJECTION: forcing a failure. [ 68.626657][ T6921] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.631248][ T6921] CPU: 0 UID: 0 PID: 6921 Comm: syz.1.312 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 68.634729][ T6921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.637835][ T6921] Call Trace: [ 68.638833][ T6921] [ 68.639757][ T6921] dump_stack_lvl+0x16c/0x1f0 [ 68.641289][ T6921] should_fail_ex+0x497/0x5b0 [ 68.642565][ T6921] _copy_to_user+0x32/0xd0 [ 68.643881][ T6921] simple_read_from_buffer+0xd0/0x160 [ 68.645330][ T6921] proc_fail_nth_read+0x198/0x270 [ 68.646680][ T6921] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 68.648168][ T6921] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 68.649683][ T6921] vfs_read+0x1df/0xbe0 [ 68.650792][ T6921] ? __fget_files+0x23a/0x3f0 [ 68.652030][ T6921] ? fdget_pos+0x24c/0x360 [ 68.653224][ T6921] ? __pfx_lock_release+0x10/0x10 [ 68.654649][ T6921] ? trace_lock_acquire+0x14a/0x1d0 [ 68.656146][ T6921] ? __pfx_vfs_read+0x10/0x10 [ 68.657859][ T6921] ? __pfx___mutex_lock+0x10/0x10 [ 68.659200][ T6921] ? __fget_files+0x244/0x3f0 [ 68.660474][ T6921] ksys_read+0x12f/0x260 [ 68.661598][ T6921] ? __pfx_ksys_read+0x10/0x10 [ 68.662872][ T6921] do_syscall_64+0xcd/0x250 [ 68.664060][ T6921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.665596][ T6921] RIP: 0033:0x7f4ab517d15c [ 68.666781][ T6921] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 68.671786][ T6921] RSP: 002b:00007f4ab5fcf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 68.673954][ T6921] RAX: ffffffffffffffda RBX: 00007f4ab5335f80 RCX: 00007f4ab517d15c [ 68.676002][ T6921] RDX: 000000000000000f RSI: 00007f4ab5fcf0a0 RDI: 0000000000000004 [ 68.678066][ T6921] RBP: 00007f4ab5fcf090 R08: 0000000000000000 R09: 0000000000000000 [ 68.680115][ T6921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.682223][ T6921] R13: 0000000000000000 R14: 00007f4ab5335f80 R15: 00007ffcea833428 [ 68.684513][ T6921] [ 69.329417][ T828] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 69.350053][ T6931] usb 8-1: reset low-speed USB device number 3 using dummy_hcd [ 69.492253][ T828] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 69.494866][ T828] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 69.498267][ T828] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 69.501046][ T828] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 69.503191][ T828] usb 6-1: Manufacturer: syz [ 69.505376][ T828] usb 6-1: config 0 descriptor?? [ 69.560194][ T828] rc_core: IR keymap rc-hauppauge not found [ 69.561860][ T828] Registered IR keymap rc-empty [ 69.563762][ T828] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0 [ 69.567324][ T828] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input21 [ 69.579075][ T6946] __nla_validate_parse: 62 callbacks suppressed [ 69.579088][ T6946] netlink: 36 bytes leftover after parsing attributes in process `syz.2.320'. [ 69.583780][ T6946] netlink: 16 bytes leftover after parsing attributes in process `syz.2.320'. [ 69.586158][ T6946] netlink: 36 bytes leftover after parsing attributes in process `syz.2.320'. [ 69.588526][ T6946] netlink: 36 bytes leftover after parsing attributes in process `syz.2.320'. [ 69.643071][ T6931] usb 8-1: device firmware changed [ 69.646314][ T6931] cdc_wdm 8-1:1.0: Error autopm - -16 [ 69.646465][ T25] usb 8-1: USB disconnect, device number 3 [ 69.710439][ T6942] synaptics_usb 5-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 69.754210][ T5988] usb 6-1: USB disconnect, device number 8 [ 69.809405][ T25] usb 8-1: new low-speed USB device number 4 using dummy_hcd [ 69.972907][ T25] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 69.976448][ T25] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 69.979097][ T25] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 69.983277][ T25] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 69.985903][ T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.992307][ T25] hub 8-1:1.0: bad descriptor, ignoring hub [ 69.993892][ T25] hub 8-1:1.0: probe with driver hub failed with error -5 [ 69.995955][ T25] cdc_wdm 8-1:1.0: skipping garbage [ 69.997321][ T25] cdc_wdm 8-1:1.0: skipping garbage [ 69.998831][ T25] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 70.127969][ T1320] usb 5-1: USB disconnect, device number 8 [ 70.315728][ T6962] loop0: detected capacity change from 0 to 7 [ 70.322975][ T6962] Dev loop0: unable to read RDB block 7 [ 70.325196][ T6962] loop0: AHDI p4 [ 70.326583][ T6962] loop0: partition table partially beyond EOD, truncated [ 71.142188][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.144060][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.330406][ T6019] usb 8-1: USB disconnect, device number 4 [ 71.341185][ T6977] trusted_key: syz.3.330 sent an empty control message without MSG_MORE. [ 71.349352][ T39] kauditd_printk_skb: 26 callbacks suppressed [ 71.349367][ T39] audit: type=1400 audit(1731459032.925:343): avc: denied { write } for pid=6976 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 71.358583][ T39] audit: type=1400 audit(1731459032.925:344): avc: denied { read } for pid=6976 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 71.418056][ T6986] FAULT_INJECTION: forcing a failure. [ 71.418056][ T6986] name failslab, interval 1, probability 0, space 0, times 0 [ 71.422665][ T6986] CPU: 3 UID: 0 PID: 6986 Comm: syz.1.332 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 71.425443][ T6986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.428249][ T6986] Call Trace: [ 71.429426][ T6986] [ 71.430232][ T6986] dump_stack_lvl+0x16c/0x1f0 [ 71.431487][ T6986] should_fail_ex+0x497/0x5b0 [ 71.432728][ T6986] ? fs_reclaim_acquire+0xae/0x150 [ 71.434090][ T6986] should_failslab+0xc2/0x120 [ 71.435341][ T6986] __kmalloc_noprof+0xcb/0x400 [ 71.436618][ T6986] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 71.438115][ T6986] tomoyo_realpath_from_path+0xb9/0x720 [ 71.439595][ T6986] ? tomoyo_path_number_perm+0x232/0x590 [ 71.441094][ T6986] tomoyo_path_number_perm+0x245/0x590 [ 71.442555][ T6986] ? tomoyo_path_number_perm+0x232/0x590 [ 71.444042][ T6986] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 71.445626][ T6986] ? trace_lock_acquire+0x14a/0x1d0 [ 71.446999][ T6986] ? lock_acquire+0x2f/0xb0 [ 71.448245][ T6986] ? __fget_files+0x40/0x3f0 [ 71.449471][ T6986] ? __fget_files+0x244/0x3f0 [ 71.450737][ T6986] security_file_ioctl+0x9b/0x240 [ 71.452073][ T6986] __x64_sys_ioctl+0xbb/0x220 [ 71.453327][ T6986] do_syscall_64+0xcd/0x250 [ 71.454549][ T6986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.456121][ T6986] RIP: 0033:0x7f4ab517e719 [ 71.457292][ T6986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.462377][ T6986] RSP: 002b:00007f4ab5fcf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 71.464567][ T6986] RAX: ffffffffffffffda RBX: 00007f4ab5335f80 RCX: 00007f4ab517e719 [ 71.466665][ T6986] RDX: 0000000020000380 RSI: 0000000000008915 RDI: 0000000000000003 [ 71.468771][ T6986] RBP: 00007f4ab5fcf090 R08: 0000000000000000 R09: 0000000000000000 [ 71.470916][ T6986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.472876][ T6986] R13: 0000000000000000 R14: 00007f4ab5335f80 R15: 00007ffcea833428 [ 71.474946][ T6986] [ 71.476282][ T6986] ERROR: Out of memory at tomoyo_realpath_from_path. [ 71.498691][ T6990] netlink: 'syz.1.335': attribute type 1 has an invalid length. [ 71.501104][ T6990] netlink: 32 bytes leftover after parsing attributes in process `syz.1.335'. [ 72.543559][ T39] audit: type=1400 audit(1731459034.125:345): avc: denied { create } for pid=7014 comm="syz.1.343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 72.548431][ T39] audit: type=1400 audit(1731459034.125:346): avc: denied { setopt } for pid=7014 comm="syz.1.343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 72.553193][ T39] audit: type=1400 audit(1731459034.125:347): avc: denied { ioctl } for pid=7014 comm="syz.1.343" path="socket:[16996]" dev="sockfs" ino=16996 ioctlcmd=0x894c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 72.553753][ T7015] ntfs3(nullb0): Primary boot signature is not NTFS. [ 72.559502][ T39] audit: type=1400 audit(1731459034.125:348): avc: denied { connect } for pid=7014 comm="syz.1.343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 72.567265][ T39] audit: type=1400 audit(1731459034.145:349): avc: denied { search } for pid=5346 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 72.567327][ T7015] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00 [ 72.695354][ T7024] netlink: 28 bytes leftover after parsing attributes in process `syz.1.345'. [ 72.780704][ T7030] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 73.217077][ T7052] netlink: 28 bytes leftover after parsing attributes in process `syz.0.356'. [ 73.791969][ T7058] dccp_v6_rcv: dropped packet with invalid checksum [ 73.813945][ T7058] netfs: Couldn't get user pages (rc=-14) [ 73.977610][ T39] audit: type=1400 audit(1731459035.555:350): avc: denied { connect } for pid=7059 comm="syz.1.360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 73.977959][ T7060] netlink: 20 bytes leftover after parsing attributes in process `syz.1.360'. [ 74.004805][ T39] audit: type=1400 audit(1731459035.585:351): avc: denied { ioctl } for pid=7069 comm="syz.3.361" path="socket:[20023]" dev="sockfs" ino=20023 ioctlcmd=0x9360 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 74.183724][ T7076] FAULT_INJECTION: forcing a failure. [ 74.183724][ T7076] name failslab, interval 1, probability 0, space 0, times 0 [ 74.186807][ T7076] CPU: 3 UID: 0 PID: 7076 Comm: syz.0.363 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 74.189486][ T7076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.192085][ T7076] Call Trace: [ 74.192901][ T7076] [ 74.193627][ T7076] dump_stack_lvl+0x16c/0x1f0 [ 74.194803][ T7076] should_fail_ex+0x497/0x5b0 [ 74.195955][ T7076] should_failslab+0xc2/0x120 [ 74.197088][ T7076] kmem_cache_alloc_node_noprof+0x71/0x310 [ 74.198664][ T7076] ? __alloc_skb+0x2b1/0x380 [ 74.199793][ T7076] __alloc_skb+0x2b1/0x380 [ 74.200895][ T7076] ? __pfx___alloc_skb+0x10/0x10 [ 74.202149][ T7076] ? __pfx___lock_acquire+0x10/0x10 [ 74.203415][ T7076] ? __pfx_mark_lock+0x10/0x10 [ 74.204667][ T7076] ? __pfx_lock_release+0x10/0x10 [ 74.205897][ T7076] ? trace_lock_acquire+0x14a/0x1d0 [ 74.207144][ T7076] __ipv6_ifa_notify+0x1fb/0xe20 [ 74.208582][ T7076] ? __pfx___ipv6_ifa_notify+0x10/0x10 [ 74.210153][ T7076] ? inet6_rtm_newaddr+0xd36/0x1aa0 [ 74.211465][ T7076] ? mark_held_locks+0x9f/0xe0 [ 74.212655][ T7076] ? inet6_rtm_newaddr+0xd36/0x1aa0 [ 74.213913][ T7076] ? inet6_rtm_newaddr+0x125b/0x1aa0 [ 74.215158][ T7076] inet6_rtm_newaddr+0x125b/0x1aa0 [ 74.216384][ T7076] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 74.217633][ T7076] ? __mutex_lock+0x1a6/0x9c0 [ 74.218719][ T7076] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 74.219990][ T7076] rtnetlink_rcv_msg+0x3c7/0xea0 [ 74.221167][ T7076] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 74.222490][ T7076] netlink_rcv_skb+0x16b/0x440 [ 74.223637][ T7076] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 74.224934][ T7076] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 74.226212][ T7076] ? netlink_deliver_tap+0x1ae/0xd90 [ 74.227466][ T7076] netlink_unicast+0x53c/0x7f0 [ 74.228808][ T7076] ? __pfx_netlink_unicast+0x10/0x10 [ 74.230434][ T7076] netlink_sendmsg+0x8b8/0xd70 [ 74.231601][ T7076] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.232877][ T7076] ____sys_sendmsg+0xaaf/0xc90 [ 74.234105][ T7076] ? copy_msghdr_from_user+0x10b/0x160 [ 74.235627][ T7076] ? __pfx_____sys_sendmsg+0x10/0x10 [ 74.236979][ T7076] ? hlock_class+0x4e/0x130 [ 74.238163][ T7076] ? __lock_acquire+0x163e/0x3ce0 [ 74.239435][ T7076] ___sys_sendmsg+0x135/0x1e0 [ 74.240772][ T7076] ? __pfx____sys_sendmsg+0x10/0x10 [ 74.242037][ T7076] ? __pfx___lock_acquire+0x10/0x10 [ 74.243295][ T7076] ? __pfx___might_resched+0x10/0x10 [ 74.244632][ T7076] ? __might_fault+0xe3/0x190 [ 74.245799][ T7076] __sys_sendmmsg+0x1a1/0x450 [ 74.246984][ T7076] ? __pfx___sys_sendmmsg+0x10/0x10 [ 74.248411][ T7076] ? vfs_write+0x306/0x1150 [ 74.249764][ T7076] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 74.251219][ T7076] ? fput+0x30/0x390 [ 74.252175][ T7076] ? ksys_write+0x1ad/0x260 [ 74.253286][ T7076] ? __pfx_ksys_write+0x10/0x10 [ 74.254624][ T7076] __x64_sys_sendmmsg+0x9c/0x100 [ 74.255845][ T7076] ? lockdep_hardirqs_on+0x7c/0x110 [ 74.257126][ T7076] do_syscall_64+0xcd/0x250 [ 74.258353][ T7076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.260322][ T7076] RIP: 0033:0x7f86b777e719 [ 74.261829][ T7076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.266480][ T7076] RSP: 002b:00007f86b856b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 74.268588][ T7076] RAX: ffffffffffffffda RBX: 00007f86b7935f80 RCX: 00007f86b777e719 [ 74.270471][ T7076] RDX: 04000000000001f2 RSI: 0000000020000000 RDI: 0000000000000003 [ 74.272377][ T7076] RBP: 00007f86b856b090 R08: 0000000000000000 R09: 0000000000000000 [ 74.274258][ T7076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 74.276134][ T7076] R13: 0000000000000000 R14: 00007f86b7935f80 R15: 00007fff1d278b28 [ 74.278079][ T7076] [ 74.301389][ T1328] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 74.459484][ T1328] usb 8-1: Using ep0 maxpacket: 32 [ 74.462720][ T1328] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 74.464941][ T1328] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 74.467830][ T1328] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 74.471625][ T1328] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 74.475057][ T1328] usb 8-1: config 0 interface 0 has no altsetting 0 [ 74.478312][ T1328] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 74.482510][ T1328] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 74.485707][ T1328] usb 8-1: Product: syz [ 74.486912][ T1328] usb 8-1: Manufacturer: syz [ 74.488251][ T1328] usb 8-1: SerialNumber: syz [ 74.491722][ T1328] usb 8-1: config 0 descriptor?? [ 74.494822][ T1328] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 74.499844][ T1328] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 74.875111][ T7103] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.372'. [ 74.878133][ T7101] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.372'. [ 74.992046][ T7107] netlink: 12 bytes leftover after parsing attributes in process `syz.2.373'. [ 74.995155][ T7107] netlink: 198184 bytes leftover after parsing attributes in process `syz.2.373'. [ 74.997624][ T7107] openvswitch: netlink: Tunnel attr 0 has unexpected len 1 expected 8 [ 75.270175][ T1320] usb 8-1: USB disconnect, device number 5 [ 75.279879][ T1320] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 75.290664][ T39] audit: type=1400 audit(1731459036.875:352): avc: denied { create } for pid=7115 comm="syz.0.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 75.419608][ T7124] netlink: 12 bytes leftover after parsing attributes in process `syz.1.380'. [ 76.261640][ T73] cfg80211: failed to load regulatory.db [ 76.725916][ T7155] netlink: 12 bytes leftover after parsing attributes in process `syz.1.391'. [ 76.866852][ T7170] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "g" [ 76.871004][ T7170] program syz.0.395 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 76.873814][ T7170] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.395'. [ 76.948828][ T7177] FAULT_INJECTION: forcing a failure. [ 76.948828][ T7177] name failslab, interval 1, probability 0, space 0, times 0 [ 76.953143][ T7177] CPU: 2 UID: 0 PID: 7177 Comm: syz.0.399 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 76.955927][ T7177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.958887][ T7177] Call Trace: [ 76.959859][ T7177] [ 76.960657][ T7177] dump_stack_lvl+0x16c/0x1f0 [ 76.961957][ T7177] should_fail_ex+0x497/0x5b0 [ 76.963231][ T7177] ? fs_reclaim_acquire+0xae/0x150 [ 76.964592][ T7177] should_failslab+0xc2/0x120 [ 76.965846][ T7177] __kmalloc_noprof+0xcb/0x400 [ 76.967109][ T7177] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 76.968686][ T7177] tomoyo_realpath_from_path+0xb9/0x720 [ 76.970351][ T7177] ? tomoyo_path_number_perm+0x232/0x590 [ 76.972269][ T7177] tomoyo_path_number_perm+0x245/0x590 [ 76.974149][ T7177] ? tomoyo_path_number_perm+0x232/0x590 [ 76.976057][ T7177] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 76.978118][ T7177] ? trace_lock_acquire+0x14a/0x1d0 [ 76.979889][ T7177] ? lock_acquire+0x2f/0xb0 [ 76.981442][ T7177] ? __fget_files+0x40/0x3f0 [ 76.983036][ T7177] ? __fget_files+0x244/0x3f0 [ 76.984691][ T7177] security_file_ioctl+0x9b/0x240 [ 76.986087][ T7177] __x64_sys_ioctl+0xbb/0x220 [ 76.987431][ T7177] do_syscall_64+0xcd/0x250 [ 76.988678][ T7177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.990694][ T7177] RIP: 0033:0x7f86b777e719 [ 76.991898][ T7177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.996989][ T7177] RSP: 002b:00007f86b856b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 76.999110][ T7177] RAX: ffffffffffffffda RBX: 00007f86b7935f80 RCX: 00007f86b777e719 [ 77.001177][ T7177] RDX: 0000000020000000 RSI: 0000000000008922 RDI: 0000000000000003 [ 77.003262][ T7177] RBP: 00007f86b856b090 R08: 0000000000000000 R09: 0000000000000000 [ 77.005351][ T7177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.007418][ T7177] R13: 0000000000000000 R14: 00007f86b7935f80 R15: 00007fff1d278b28 [ 77.009540][ T7177] [ 77.010436][ C2] vkms_vblank_simulate: vblank timer overrun [ 77.012458][ T7177] ERROR: Out of memory at tomoyo_realpath_from_path. [ 77.019797][ T73] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 77.066839][ T7181] sch_fq: defrate 0 ignored. [ 77.183189][ T73] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 77.186261][ T73] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 77.190182][ T73] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 77.193065][ T73] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 77.196434][ T73] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 77.198816][ T73] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.202452][ T73] usb 6-1: config 0 descriptor?? [ 77.204425][ T7163] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 77.420203][ T7196] FAULT_INJECTION: forcing a failure. [ 77.420203][ T7196] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.423788][ T7196] CPU: 2 UID: 0 PID: 7196 Comm: syz.0.405 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 77.426724][ T7196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.429659][ T7196] Call Trace: [ 77.429672][ T7196] [ 77.429679][ T7196] dump_stack_lvl+0x16c/0x1f0 [ 77.429703][ T7196] should_fail_ex+0x497/0x5b0 [ 77.429727][ T7196] _copy_from_user+0x2e/0xd0 [ 77.429751][ T7196] copy_msghdr_from_user+0x99/0x160 [ 77.429774][ T7196] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 77.429800][ T7196] ? kfree+0x274/0x4b0 [ 77.429820][ T7196] ? __pfx___lock_acquire+0x10/0x10 [ 77.429842][ T7196] ___sys_recvmsg+0xdc/0x1a0 [ 77.429864][ T7196] ? __pfx____sys_recvmsg+0x10/0x10 [ 77.429885][ T7196] ? find_held_lock+0x2d/0x110 [ 77.429918][ T7196] ? lock_acquire+0x2f/0xb0 [ 77.429936][ T7196] ? __pfx___might_resched+0x10/0x10 [ 77.429957][ T7196] ? __might_fault+0xe3/0x190 [ 77.451151][ T7196] do_recvmmsg+0x2ba/0x750 [ 77.452412][ T7196] ? __pfx_do_recvmmsg+0x10/0x10 [ 77.453855][ T7196] ? vfs_write+0x306/0x1150 [ 77.455148][ T7196] ? __mutex_unlock_slowpath+0x164/0x650 [ 77.456640][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 77.456651][ T39] audit: type=1400 audit(1731459039.035:356): avc: denied { read write } for pid=7200 comm="syz.3.407" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 77.456743][ T7196] ? __fget_files+0x244/0x3f0 [ 77.456764][ T7196] __x64_sys_recvmmsg+0x239/0x290 [ 77.458527][ T39] audit: type=1400 audit(1731459039.035:357): avc: denied { ioctl open } for pid=7200 comm="syz.3.407" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 77.460048][ T7201] netlink: 'syz.3.407': attribute type 10 has an invalid length. [ 77.460699][ T7201] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.461458][ T7201] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.461566][ T7201] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.461612][ T7201] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.463509][ T7201] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 77.464800][ T7196] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 77.464824][ T7196] do_syscall_64+0xcd/0x250 [ 77.464836][ T7196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.464852][ T7196] RIP: 0033:0x7f86b777e719 [ 77.464862][ T7196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.464872][ T7196] RSP: 002b:00007f86b856b038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 77.464883][ T7196] RAX: ffffffffffffffda RBX: 00007f86b7935f80 RCX: 00007f86b777e719 [ 77.464890][ T7196] RDX: 040000000000012d RSI: 0000000020000080 RDI: 0000000000000003 [ 77.464896][ T7196] RBP: 00007f86b856b090 R08: 0000000000000000 R09: 0000000000000000 [ 77.464902][ T7196] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 77.464908][ T7196] R13: 0000000000000000 R14: 00007f86b7935f80 R15: 00007fff1d278b28 [ 77.464920][ T7196] [ 77.464980][ C2] vkms_vblank_simulate: vblank timer overrun [ 77.517060][ C2] vkms_vblank_simulate: vblank timer overrun [ 77.559982][ T39] audit: type=1326 audit(1731459039.145:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.0.408" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b777e719 code=0x7ffc0000 [ 77.566186][ T39] audit: type=1326 audit(1731459039.145:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.0.408" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b777e719 code=0x7ffc0000 [ 77.573254][ T39] audit: type=1326 audit(1731459039.145:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.0.408" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f86b777e719 code=0x7ffc0000 [ 77.579783][ T39] audit: type=1326 audit(1731459039.145:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.0.408" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b777e719 code=0x7ffc0000 [ 77.586019][ T39] audit: type=1326 audit(1731459039.145:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.0.408" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b777e719 code=0x7ffc0000 [ 77.592815][ T39] audit: type=1326 audit(1731459039.145:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.0.408" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86b777e719 code=0x7ffc0000 [ 77.598828][ T39] audit: type=1326 audit(1731459039.145:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.0.408" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b777e719 code=0x7ffc0000 [ 77.605185][ T39] audit: type=1326 audit(1731459039.145:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.0.408" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86b777e719 code=0x7ffc0000 [ 77.614559][ T73] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 77.616786][ T73] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 77.618773][ T73] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 77.620953][ T73] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 77.622955][ T73] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 77.625127][ T73] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 77.631393][ T73] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 77.651825][ T7212] process 'syz.3.412' launched '/dev/fd/5/./file0' with NULL argv: empty string added [ 77.790877][ T7221] FAULT_INJECTION: forcing a failure. [ 77.790877][ T7221] name failslab, interval 1, probability 0, space 0, times 0 [ 77.795483][ T7221] CPU: 2 UID: 0 PID: 7221 Comm: syz.0.415 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 77.799245][ T7221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.803060][ T7221] Call Trace: [ 77.804306][ T7221] [ 77.805477][ T7221] dump_stack_lvl+0x16c/0x1f0 [ 77.807323][ T7221] should_fail_ex+0x497/0x5b0 [ 77.809115][ T7221] ? fs_reclaim_acquire+0xae/0x150 [ 77.811031][ T7221] should_failslab+0xc2/0x120 [ 77.812736][ T7221] __kmalloc_noprof+0xcb/0x400 [ 77.814532][ T7221] tomoyo_realpath_from_path+0xb9/0x720 [ 77.816572][ T7221] tomoyo_check_open_permission+0x2a7/0x3b0 [ 77.818800][ T7221] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 77.821183][ T7221] ? __pfx___lock_acquire+0x10/0x10 [ 77.823119][ T7221] ? __pfx___lock_acquire+0x10/0x10 [ 77.825048][ T7221] ? mnt_get_write_access+0x6a/0x300 [ 77.827030][ T7221] ? __pfx_hook_file_open+0x10/0x10 [ 77.828991][ T7221] tomoyo_file_open+0x6b/0x90 [ 77.831014][ T7221] security_file_open+0x64c/0x9d0 [ 77.832889][ T7221] ? mnt_get_write_access+0x20c/0x300 [ 77.834885][ T7221] do_dentry_open+0x57c/0x1530 [ 77.836662][ T7221] vfs_open+0x82/0x3f0 [ 77.838243][ T7221] ? may_open+0x1f2/0x400 [ 77.839861][ T7221] path_openat+0x1e6a/0x2d60 [ 77.841538][ T7221] ? __pfx_path_openat+0x10/0x10 [ 77.843365][ T7221] ? __pfx___lock_acquire+0x10/0x10 [ 77.845287][ T7221] do_filp_open+0x1dc/0x430 [ 77.846957][ T7221] ? __pfx_do_filp_open+0x10/0x10 [ 77.848758][ T7221] ? _raw_spin_unlock+0x28/0x50 [ 77.850705][ T7221] ? alloc_fd+0x2d7/0x6c0 [ 77.852315][ T7221] do_sys_openat2+0x17a/0x1e0 [ 77.854082][ T7221] ? __pfx_do_sys_openat2+0x10/0x10 [ 77.855996][ T7221] ? __fget_files+0x244/0x3f0 [ 77.857875][ T7221] __x64_sys_open+0x154/0x1e0 [ 77.859593][ T7221] ? __pfx___x64_sys_open+0x10/0x10 [ 77.861474][ T7221] do_syscall_64+0xcd/0x250 [ 77.863087][ T7221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.865216][ T7221] RIP: 0033:0x7f86b777e719 [ 77.866861][ T7221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.873918][ T7221] RSP: 002b:00007f86b856b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 77.876959][ T7221] RAX: ffffffffffffffda RBX: 00007f86b7935f80 RCX: 00007f86b777e719 [ 77.879839][ T7221] RDX: 0000000000000000 RSI: 000000000014957e RDI: 0000000020000040 [ 77.882727][ T7221] RBP: 00007f86b856b090 R08: 0000000000000000 R09: 0000000000000000 [ 77.885607][ T7221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 77.888500][ T7221] R13: 0000000000000001 R14: 00007f86b7935f80 R15: 00007fff1d278b28 [ 77.891375][ T7221] [ 77.893705][ T7221] ERROR: Out of memory at tomoyo_realpath_from_path. [ 77.960700][ T7163] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 77.964030][ T7163] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 78.297990][ T7246] FAULT_INJECTION: forcing a failure. [ 78.297990][ T7246] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.301518][ T7246] CPU: 1 UID: 0 PID: 7246 Comm: syz.2.422 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 78.304281][ T7246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.307094][ T7246] Call Trace: [ 78.307993][ T7246] [ 78.308791][ T7246] dump_stack_lvl+0x16c/0x1f0 [ 78.310078][ T7246] should_fail_ex+0x497/0x5b0 [ 78.311327][ T7246] _copy_from_user+0x2e/0xd0 [ 78.312555][ T7246] video_usercopy+0xed4/0x1600 [ 78.313829][ T7246] ? __pfx___video_do_ioctl+0x10/0x10 [ 78.315232][ T7246] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 78.317067][ T7246] ? __pfx_video_usercopy+0x10/0x10 [ 78.318439][ T7246] v4l2_ioctl+0x1ba/0x250 [ 78.319608][ T7246] ? __pfx_v4l2_ioctl+0x10/0x10 [ 78.320908][ T7246] __x64_sys_ioctl+0x18f/0x220 [ 78.322189][ T7246] do_syscall_64+0xcd/0x250 [ 78.323389][ T7246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.324967][ T7246] RIP: 0033:0x7f515497e719 [ 78.326154][ T7246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.331131][ T7246] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 78.333315][ T7246] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 78.335437][ T7246] RDX: 0000000020000040 RSI: 000000004014563c RDI: 0000000000000003 [ 78.337514][ T7246] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 78.339570][ T7246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.341577][ T7246] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 78.343648][ T7246] [ 78.411821][ T7250] FAULT_INJECTION: forcing a failure. [ 78.411821][ T7250] name failslab, interval 1, probability 0, space 0, times 0 [ 78.415306][ T7250] CPU: 2 UID: 0 PID: 7250 Comm: syz.2.424 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 78.417963][ T7250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.420819][ T7250] Call Trace: [ 78.421704][ T7250] [ 78.422486][ T7250] dump_stack_lvl+0x16c/0x1f0 [ 78.423715][ T7250] should_fail_ex+0x497/0x5b0 [ 78.424938][ T7250] ? fs_reclaim_acquire+0xae/0x150 [ 78.426280][ T7250] should_failslab+0xc2/0x120 [ 78.427529][ T7250] __kmalloc_cache_noprof+0x6b/0x300 [ 78.428940][ T7250] ? squashfs_init_fs_context+0x43/0x140 [ 78.430459][ T7250] squashfs_init_fs_context+0x43/0x140 [ 78.431814][ T7250] ? __pfx_squashfs_init_fs_context+0x10/0x10 [ 78.433380][ T7250] alloc_fs_context+0x54a/0x9c0 [ 78.434673][ T7250] path_mount+0xb08/0x1f20 [ 78.435838][ T7250] ? kmem_cache_free+0x152/0x4b0 [ 78.437117][ T7250] ? __pfx_path_mount+0x10/0x10 [ 78.438418][ T7250] ? putname+0x12e/0x170 [ 78.439963][ T7250] __x64_sys_mount+0x294/0x320 [ 78.441480][ T7250] ? __pfx___x64_sys_mount+0x10/0x10 [ 78.442911][ T7250] do_syscall_64+0xcd/0x250 [ 78.444120][ T7250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.445629][ T7250] RIP: 0033:0x7f515497e719 [ 78.446833][ T7250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.452043][ T7250] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 78.454310][ T7250] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 78.456369][ T7250] RDX: 0000000020000080 RSI: 00000000200001c0 RDI: 0000000020000000 [ 78.458433][ T7250] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 78.460716][ T7250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 78.462788][ T7250] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 78.464850][ T7250] [ 79.050176][ T828] usb 6-1: reset high-speed USB device number 9 using dummy_hcd [ 79.787959][ T7163] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 79.827600][ T7282] netlink: 12 bytes leftover after parsing attributes in process `syz.2.436'. [ 79.831843][ T7282] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.834104][ T7282] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.903196][ T7285] dccp_v6_rcv: dropped packet with invalid checksum [ 79.945653][ T7290] netlink: 'syz.1.440': attribute type 3 has an invalid length. [ 79.952030][ T7285] netfs: Couldn't get user pages (rc=-14) [ 79.974443][ T7300] netlink: 5312 bytes leftover after parsing attributes in process `syz.1.442'. [ 79.976877][ T7300] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 80.034755][ T7305] netlink: 'syz.1.445': attribute type 1 has an invalid length. [ 80.037863][ T7305] netlink: 224 bytes leftover after parsing attributes in process `syz.1.445'. [ 80.041111][ T7305] xt_hashlimit: size too large, truncated to 1048576 [ 80.056164][ T7307] FAULT_INJECTION: forcing a failure. [ 80.056164][ T7307] name failslab, interval 1, probability 0, space 0, times 0 [ 80.061695][ T7307] CPU: 3 UID: 0 PID: 7307 Comm: syz.3.446 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 80.064613][ T7305] x_tables: ip6_tables: recent.0 match: invalid size 216 (kernel) != (user) 232 [ 80.065262][ T7307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.065276][ T7307] Call Trace: [ 80.065282][ T7307] [ 80.065289][ T7307] dump_stack_lvl+0x16c/0x1f0 [ 80.074043][ T7307] should_fail_ex+0x497/0x5b0 [ 80.075279][ T7307] ? fs_reclaim_acquire+0xae/0x150 [ 80.076544][ T7307] should_failslab+0xc2/0x120 [ 80.077797][ T7307] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 80.079216][ T7307] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 80.080808][ T7307] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 80.082384][ T7307] mmu_topup_memory_caches+0x22/0xd0 [ 80.083776][ T7307] kvm_mmu_load+0xda/0x20d0 [ 80.084985][ T7307] ? mark_held_locks+0x9f/0xe0 [ 80.086353][ T7307] ? kvm_apic_has_interrupt+0xb6/0x190 [ 80.087765][ T7307] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 80.089327][ T7307] ? kvm_guest_time_update+0x780/0xeb0 [ 80.091003][ T7307] ? clear_pending_if_disabled+0xa9/0x210 [ 80.092512][ T7307] ? __pfx_kvm_mmu_load+0x10/0x10 [ 80.093870][ T7307] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 80.095396][ T7307] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 80.096982][ T7307] vcpu_run+0x337c/0x4f80 [ 80.098119][ T7307] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 80.099587][ T7307] ? __pfx_vcpu_run+0x10/0x10 [ 80.100810][ T7307] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 80.102273][ T7307] ? rcu_is_watching+0x12/0xc0 [ 80.103514][ T7307] ? trace_lock_acquire+0x14a/0x1d0 [ 80.104876][ T7307] ? __local_bh_enable_ip+0xa4/0x120 [ 80.106317][ T7307] ? kvm_arch_vcpu_ioctl_run+0x14d/0x1730 [ 80.107964][ T7307] ? kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 80.109490][ T7307] kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 80.110944][ T7307] kvm_vcpu_ioctl+0x6c7/0x1510 [ 80.112201][ T7307] ? do_vfs_ioctl+0x513/0x1990 [ 80.113455][ T7307] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 80.114819][ T7307] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 80.116508][ T7307] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 80.118257][ T7307] ? trace_lock_acquire+0x14a/0x1d0 [ 80.119886][ T7307] ? selinux_file_ioctl+0x180/0x270 [ 80.121270][ T7307] ? selinux_file_ioctl+0xb4/0x270 [ 80.122617][ T7307] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 80.123961][ T7307] __x64_sys_ioctl+0x18f/0x220 [ 80.125226][ T7307] do_syscall_64+0xcd/0x250 [ 80.126402][ T7307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.127915][ T7307] RIP: 0033:0x7f97a657e719 [ 80.129085][ T7307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.134023][ T7307] RSP: 002b:00007f97a7435038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 80.136176][ T7307] RAX: ffffffffffffffda RBX: 00007f97a6735f80 RCX: 00007f97a657e719 [ 80.138201][ T7307] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 80.140208][ T7307] RBP: 00007f97a7435090 R08: 0000000000000000 R09: 0000000000000000 [ 80.142288][ T7307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 80.144297][ T7307] R13: 0000000000000000 R14: 00007f97a6735f80 R15: 00007ffc378d8dc8 [ 80.146391][ T7307] [ 80.151223][ T7315] Bluetooth: hci4: Frame reassembly failed (-84) [ 80.155433][ T484] Bluetooth: hci4: Frame reassembly failed (-84) [ 80.479285][ T2296] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 80.620574][ T2296] usb 8-1: device descriptor read/64, error -71 [ 80.635302][ T7326] syz.0.450: attempt to access beyond end of device [ 80.635302][ T7326] nbd0: rw=0, sector=1, nr_sectors = 1 limit=0 [ 80.639247][ T7326] VFS: could not find a valid V7 on nbd0. [ 80.653063][ T5988] usb 6-1: USB disconnect, device number 9 [ 80.655989][ T7328] dccp_v6_rcv: dropped packet with invalid checksum [ 80.682185][ T7328] netfs: Couldn't get user pages (rc=-14) [ 80.824209][ T7344] tipc: Started in network mode [ 80.825699][ T7344] tipc: Node identity ac14140f, cluster identity 4711 [ 80.827762][ T7344] tipc: New replicast peer: 255.255.255.255 [ 80.829787][ T7344] tipc: Enabled bearer , priority 10 [ 80.863378][ T2296] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 80.989351][ T2296] usb 8-1: device descriptor read/64, error -71 [ 81.109588][ T2296] usb usb8-port1: attempt power cycle [ 81.289363][ T6019] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 81.439255][ T6019] usb 5-1: Using ep0 maxpacket: 8 [ 81.441865][ T6019] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 81.445326][ T6019] usb 5-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00 [ 81.447983][ T6019] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.451423][ T6019] usb 5-1: config 0 descriptor?? [ 81.459401][ T2296] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 81.482821][ T2296] usb 8-1: device descriptor read/8, error -71 [ 81.664639][ T6019] usbhid 5-1:0.0: can't add hid device: -71 [ 81.666320][ T6019] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 81.670362][ T6019] usb 5-1: USB disconnect, device number 9 [ 81.719391][ T2296] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 81.739760][ T2296] usb 8-1: device descriptor read/8, error -71 [ 81.849594][ T2296] usb usb8-port1: unable to enumerate USB device [ 81.962943][ T1320] tipc: Node number set to 2886997007 [ 82.180117][ T5957] Bluetooth: hci4: command 0x1003 tx timeout [ 82.181538][ T7382] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.182146][ T65] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 82.220184][ T7389] FAULT_INJECTION: forcing a failure. [ 82.220184][ T7389] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.223430][ T7389] CPU: 2 UID: 0 PID: 7389 Comm: syz.2.478 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 82.226520][ T7389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.229677][ T7389] Call Trace: [ 82.230634][ T7389] [ 82.231481][ T7389] dump_stack_lvl+0x16c/0x1f0 [ 82.232718][ T7389] should_fail_ex+0x497/0x5b0 [ 82.233967][ T7389] _copy_from_user+0x2e/0xd0 [ 82.235183][ T7389] sg_write+0x2cd/0xe00 [ 82.236280][ T7389] ? __pfx_sg_write+0x10/0x10 [ 82.237527][ T7389] ? find_held_lock+0x2d/0x110 [ 82.238786][ T7389] ? bpf_lsm_file_permission+0x9/0x10 [ 82.240289][ T7389] ? security_file_permission+0x71/0x210 [ 82.241856][ T7389] ? __pfx_sg_write+0x10/0x10 [ 82.243119][ T7389] vfs_write+0x24c/0x1150 [ 82.244267][ T7389] ? __fget_files+0x23a/0x3f0 [ 82.245524][ T7389] ? __pfx_lock_release+0x10/0x10 [ 82.246994][ T7389] ? trace_lock_acquire+0x14a/0x1d0 [ 82.248475][ T7389] ? __pfx_vfs_write+0x10/0x10 [ 82.249826][ T7389] ? lock_acquire+0x2f/0xb0 [ 82.250473][ T7392] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 82.251021][ T7389] ? __fget_files+0x40/0x3f0 [ 82.255185][ T7389] ? __fget_files+0x244/0x3f0 [ 82.256465][ T7389] ksys_write+0x12f/0x260 [ 82.257650][ T7389] ? __pfx_ksys_write+0x10/0x10 [ 82.259423][ T7389] do_syscall_64+0xcd/0x250 [ 82.261204][ T7389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.263052][ T7389] RIP: 0033:0x7f515497e719 [ 82.264250][ T7389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.269285][ T7389] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 82.271444][ T7389] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 82.273487][ T7389] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 0000000000000003 [ 82.275554][ T7389] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 82.277757][ T7389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.280075][ T7389] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 82.282164][ T7389] [ 83.166320][ T7414] netlink: 2028 bytes leftover after parsing attributes in process `syz.1.486'. [ 83.168759][ T7414] netlink: 20 bytes leftover after parsing attributes in process `syz.1.486'. [ 83.258567][ T39] kauditd_printk_skb: 48 callbacks suppressed [ 83.258578][ T39] audit: type=1400 audit(1731459044.835:414): avc: denied { create } for pid=7417 comm="syz.3.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 83.265448][ T39] audit: type=1400 audit(1731459044.835:415): avc: denied { bind } for pid=7417 comm="syz.3.488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 83.656770][ T39] audit: type=1400 audit(1731459045.235:416): avc: denied { read } for pid=7444 comm="syz.3.496" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 83.663829][ T39] audit: type=1400 audit(1731459045.235:417): avc: denied { open } for pid=7444 comm="syz.3.496" path="/135/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 83.664562][ T7446] block device autoloading is deprecated and will be removed. [ 83.674547][ T39] audit: type=1400 audit(1731459045.255:418): avc: denied { ioctl } for pid=7444 comm="syz.3.496" path="/135/file0/file0" dev="fuse" ino=0 ioctlcmd=0x125d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 84.463398][ T39] audit: type=1400 audit(1731459046.045:419): avc: denied { name_connect } for pid=7471 comm="syz.2.506" dest=20011 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 84.515675][ T7472] netlink: 134744 bytes leftover after parsing attributes in process `syz.2.506'. [ 84.542122][ T39] audit: type=1400 audit(1731459046.125:420): avc: denied { map } for pid=7479 comm="syz.0.509" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 84.699320][ T73] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 84.851109][ T73] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 84.854471][ T73] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 84.857476][ T73] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 84.860792][ T73] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 84.864339][ T73] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 84.866906][ T73] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.871248][ T73] usb 8-1: config 0 descriptor?? [ 84.873210][ T7477] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 85.079555][ T73] usbhid 8-1:0.0: can't add hid device: -71 [ 85.081256][ T73] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 85.088243][ T73] usb 8-1: USB disconnect, device number 10 [ 85.607517][ T7508] netlink: 36 bytes leftover after parsing attributes in process `syz.1.516'. [ 85.610850][ T7508] netlink: 16 bytes leftover after parsing attributes in process `syz.1.516'. [ 85.614004][ T7508] netlink: 36 bytes leftover after parsing attributes in process `syz.1.516'. [ 85.616872][ T7508] netlink: 36 bytes leftover after parsing attributes in process `syz.1.516'. [ 85.628144][ T7513] netlink: set zone limit has 8 unknown bytes [ 85.661036][ T7517] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.663162][ T7517] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.681439][ T7513] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=646617714 (646617714 ns) > initial count (190 ns). Using initial count to start timer. [ 85.941677][ T7538] geneve2: entered promiscuous mode [ 85.943131][ T7538] geneve2: entered allmulticast mode [ 85.980588][ T7540] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.982570][ T7540] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.019997][ T7546] FAULT_INJECTION: forcing a failure. [ 86.019997][ T7546] name failslab, interval 1, probability 0, space 0, times 0 [ 86.024328][ T7546] CPU: 0 UID: 0 PID: 7546 Comm: syz.3.531 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 86.027413][ T7546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.030256][ T7546] Call Trace: [ 86.031147][ T7546] [ 86.031947][ T7546] dump_stack_lvl+0x16c/0x1f0 [ 86.033228][ T7546] should_fail_ex+0x497/0x5b0 [ 86.034497][ T7546] ? fs_reclaim_acquire+0xae/0x150 [ 86.035858][ T7546] should_failslab+0xc2/0x120 [ 86.037107][ T7546] __kmalloc_noprof+0xcb/0x400 [ 86.038369][ T7546] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 86.039837][ T7546] tomoyo_realpath_from_path+0xb9/0x720 [ 86.041303][ T7546] ? tomoyo_path_number_perm+0x232/0x590 [ 86.042788][ T7546] tomoyo_path_number_perm+0x245/0x590 [ 86.044270][ T7546] ? tomoyo_path_number_perm+0x232/0x590 [ 86.045720][ T7546] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 86.047269][ T7546] ? trace_lock_acquire+0x14a/0x1d0 [ 86.048657][ T7546] ? lock_acquire+0x2f/0xb0 [ 86.049887][ T7546] ? __fget_files+0x40/0x3f0 [ 86.050995][ T7548] netlink: 16 bytes leftover after parsing attributes in process `syz.0.532'. [ 86.051083][ T7546] ? __fget_files+0x244/0x3f0 [ 86.054413][ T7546] security_file_ioctl+0x9b/0x240 [ 86.055751][ T7546] __x64_sys_ioctl+0xbb/0x220 [ 86.057042][ T7546] do_syscall_64+0xcd/0x250 [ 86.058262][ T7546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.059812][ T7546] RIP: 0033:0x7f97a657e719 [ 86.060955][ T7546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.065878][ T7546] RSP: 002b:00007f97a7435038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.068054][ T7546] RAX: ffffffffffffffda RBX: 00007f97a6735f80 RCX: 00007f97a657e719 [ 86.070164][ T7546] RDX: 0000000000000000 RSI: 000000000000894c RDI: 0000000000000003 [ 86.072230][ T7546] RBP: 00007f97a7435090 R08: 0000000000000000 R09: 0000000000000000 [ 86.074293][ T7546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.076346][ T7546] R13: 0000000000000000 R14: 00007f97a6735f80 R15: 00007ffc378d8dc8 [ 86.078420][ T7546] [ 86.080454][ T7546] ERROR: Out of memory at tomoyo_realpath_from_path. [ 86.088520][ T39] audit: type=1400 audit(1731459047.665:421): avc: denied { bind } for pid=7547 comm="syz.0.532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 86.098780][ T39] audit: type=1400 audit(1731459047.665:422): avc: denied { listen } for pid=7547 comm="syz.0.532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 86.103718][ T39] audit: type=1400 audit(1731459047.665:423): avc: denied { connect } for pid=7547 comm="syz.0.532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 86.365956][ T7572] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.483466][ T7581] FAULT_INJECTION: forcing a failure. [ 86.483466][ T7581] name failslab, interval 1, probability 0, space 0, times 0 [ 86.487045][ T7581] CPU: 0 UID: 0 PID: 7581 Comm: syz.3.543 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 86.490067][ T7581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.492846][ T7581] Call Trace: [ 86.493729][ T7581] [ 86.494531][ T7581] dump_stack_lvl+0x116/0x1f0 [ 86.495797][ T7581] should_fail_ex+0x497/0x5b0 [ 86.497060][ T7581] ? __pfx_lock_release+0x10/0x10 [ 86.498462][ T7581] should_failslab+0xc2/0x120 [ 86.499717][ T7581] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 86.501140][ T7581] ? __sigqueue_alloc+0x247/0x6b0 [ 86.502490][ T7581] __sigqueue_alloc+0x247/0x6b0 [ 86.503787][ T7581] __send_signal_locked+0x74b/0x11c0 [ 86.505185][ T7581] force_sig_info_to_task+0x31d/0x660 [ 86.506609][ T7581] force_sig_fault+0xc5/0x110 [ 86.507930][ T7581] ? __pfx_force_sig_fault+0x10/0x10 [ 86.509945][ T7581] ? fixup_vdso_exception+0x34b/0x400 [ 86.511796][ T7581] __bad_area_nosemaphore+0x30d/0x6a0 [ 86.513216][ T7581] ? lock_mm_and_find_vma+0xa6/0x6a0 [ 86.514634][ T7581] do_user_addr_fault+0x920/0x13f0 [ 86.515990][ T7581] ? trace_irq_disable.constprop.0+0xe4/0x130 [ 86.517678][ T7581] exc_page_fault+0x5c/0xc0 [ 86.519012][ T7581] asm_exc_page_fault+0x26/0x30 [ 86.520350][ T7581] RIP: 0033:0x20000005 [ 86.521423][ T7581] Code: Unable to access opcode bytes at 0x1fffffdb. [ 86.523082][ T7581] RSP: 002b:00007f97a7434338 EFLAGS: 00010202 [ 86.524699][ T7581] RAX: 0000000000000000 RBX: 00007f97a6735f80 RCX: 00007f97a657e719 [ 86.526762][ T7581] RDX: 00007f97a7434340 RSI: 00007f97a7434470 RDI: 000000000000000d [ 86.529403][ T7581] RBP: 00007f97a7435090 R08: 0000000000000000 R09: 0000000000000000 [ 86.532104][ T7581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.534339][ T7581] R13: 0000000000000000 R14: 00007f97a6735f80 R15: 00007ffc378d8dc8 [ 86.536498][ T7581] [ 87.062050][ T7614] program syz.1.554 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 87.207757][ T7628] futex_wake_op: syz.1.560 tries to shift op by 32; fix this program [ 87.212558][ T7628] fuse: Unknown parameter '0x00000000000000030x0000000000000003' [ 87.236168][ T7630] ÿ: renamed from team0 (while UP) [ 87.271329][ T7634] FAULT_INJECTION: forcing a failure. [ 87.271329][ T7634] name failslab, interval 1, probability 0, space 0, times 0 [ 87.274616][ T7634] CPU: 3 UID: 0 PID: 7634 Comm: syz.3.563 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 87.277352][ T7634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.280126][ T7634] Call Trace: [ 87.281008][ T7634] [ 87.281800][ T7634] dump_stack_lvl+0x16c/0x1f0 [ 87.283061][ T7634] should_fail_ex+0x497/0x5b0 [ 87.284316][ T7634] ? fs_reclaim_acquire+0xae/0x150 [ 87.285674][ T7634] should_failslab+0xc2/0x120 [ 87.286916][ T7634] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 87.288395][ T7634] ? __d_alloc+0x31/0xaa0 [ 87.289435][ T7634] __d_alloc+0x31/0xaa0 [ 87.290540][ T7634] ? hlock_class+0x4e/0x130 [ 87.291723][ T7634] d_alloc_pseudo+0x1c/0xc0 [ 87.292879][ T7634] alloc_file_pseudo+0xdc/0x210 [ 87.294260][ T7634] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 87.295691][ T7634] ? __pfx_idr_alloc_u32+0x10/0x10 [ 87.297046][ T7634] ? find_held_lock+0x2d/0x110 [ 87.298336][ T7634] ? find_held_lock+0x2d/0x110 [ 87.299600][ T7634] __anon_inode_getfile+0x136/0x3d0 [ 87.301051][ T7634] ? __pfx___anon_inode_getfile+0x10/0x10 [ 87.302544][ T7634] ? bpf_link_prime+0x8a/0x4d0 [ 87.304069][ T7634] ? __local_bh_enable_ip+0xa4/0x120 [ 87.305469][ T7634] bpf_link_prime+0x202/0x4d0 [ 87.306728][ T7634] bpf_uprobe_multi_link_attach+0xcee/0xf50 [ 87.308289][ T7634] ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10 [ 87.310236][ T7634] ? __fget_files+0x244/0x3f0 [ 87.311706][ T7634] ? fput+0x30/0x390 [ 87.312739][ T7634] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 87.314344][ T7634] __sys_bpf+0x3c4a/0x49a0 [ 87.315514][ T7634] ? ksys_write+0x21e/0x260 [ 87.316704][ T7634] ? reacquire_held_locks+0x470/0x4c0 [ 87.318112][ T7634] ? __pfx___sys_bpf+0x10/0x10 [ 87.319385][ T7634] ? vfs_write+0x306/0x1150 [ 87.320575][ T7634] ? __mutex_unlock_slowpath+0x164/0x650 [ 87.322075][ T7634] ? fput+0x30/0x390 [ 87.323123][ T7634] ? ksys_write+0x1ad/0x260 [ 87.324315][ T7634] ? __pfx_ksys_write+0x10/0x10 [ 87.325599][ T7634] __x64_sys_bpf+0x78/0xc0 [ 87.326766][ T7634] ? lockdep_hardirqs_on+0x7c/0x110 [ 87.328179][ T7634] do_syscall_64+0xcd/0x250 [ 87.329420][ T7634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.330970][ T7634] RIP: 0033:0x7f97a657e719 [ 87.332144][ T7634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.337110][ T7634] RSP: 002b:00007f97a7435038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 87.339278][ T7634] RAX: ffffffffffffffda RBX: 00007f97a6735f80 RCX: 00007f97a657e719 [ 87.341326][ T7634] RDX: 000000000000003c RSI: 00000000200012c0 RDI: 000000000000001c [ 87.343405][ T7634] RBP: 00007f97a7435090 R08: 0000000000000000 R09: 0000000000000000 [ 87.345460][ T7634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 87.347493][ T7634] R13: 0000000000000000 R14: 00007f97a6735f80 R15: 00007ffc378d8dc8 [ 87.349583][ T7634] [ 87.354682][ T7635] overlay: Bad value for 'verity' [ 87.356948][ T7635] Malformed UNC in devname [ 87.356948][ T7635] [ 87.358978][ T7635] CIFS: VFS: Malformed UNC in devname [ 87.363340][ T7635] netlink: 'syz.1.562': attribute type 3 has an invalid length. [ 87.365368][ T7635] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.562'. [ 87.410691][ T7638] FAULT_INJECTION: forcing a failure. [ 87.410691][ T7638] name failslab, interval 1, probability 0, space 0, times 0 [ 87.414196][ T7638] CPU: 1 UID: 0 PID: 7638 Comm: syz.3.564 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 87.416982][ T7638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.419985][ T7638] Call Trace: [ 87.420850][ T7638] [ 87.421652][ T7638] dump_stack_lvl+0x16c/0x1f0 [ 87.422906][ T7638] should_fail_ex+0x497/0x5b0 [ 87.424165][ T7638] ? fs_reclaim_acquire+0xae/0x150 [ 87.425528][ T7638] should_failslab+0xc2/0x120 [ 87.426759][ T7638] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 87.428313][ T7638] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 87.429951][ T7638] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 87.431470][ T7638] mmu_topup_memory_caches+0x22/0xd0 [ 87.432817][ T7638] kvm_mmu_load+0xda/0x20d0 [ 87.433980][ T7638] ? mark_held_locks+0x9f/0xe0 [ 87.435215][ T7638] ? kvm_apic_has_interrupt+0xb6/0x190 [ 87.436646][ T7638] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 87.438257][ T7638] ? kvm_guest_time_update+0x780/0xeb0 [ 87.439677][ T7638] ? clear_pending_if_disabled+0xa9/0x210 [ 87.441437][ T7638] ? __pfx_kvm_mmu_load+0x10/0x10 [ 87.442753][ T7638] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 87.444289][ T7638] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 87.445861][ T7638] vcpu_run+0x337c/0x4f80 [ 87.447026][ T7638] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 87.448871][ T7638] ? __pfx_vcpu_run+0x10/0x10 [ 87.450538][ T7638] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 87.452074][ T7638] ? rcu_is_watching+0x12/0xc0 [ 87.453261][ T7638] ? trace_lock_acquire+0x14a/0x1d0 [ 87.454571][ T7638] ? __local_bh_enable_ip+0xa4/0x120 [ 87.455936][ T7638] ? kvm_arch_vcpu_ioctl_run+0x14d/0x1730 [ 87.457392][ T7638] ? kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 87.459032][ T7638] kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 87.460462][ T7638] kvm_vcpu_ioctl+0x6c7/0x1510 [ 87.461665][ T7638] ? do_vfs_ioctl+0x513/0x1990 [ 87.462896][ T7638] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 87.464234][ T7638] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 87.465899][ T7638] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 87.467653][ T7638] ? trace_lock_acquire+0x14a/0x1d0 [ 87.469551][ T7638] ? selinux_file_ioctl+0x180/0x270 [ 87.471302][ T7638] ? selinux_file_ioctl+0xb4/0x270 [ 87.472584][ T7638] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 87.473938][ T7638] __x64_sys_ioctl+0x18f/0x220 [ 87.475188][ T7638] do_syscall_64+0xcd/0x250 [ 87.476399][ T7638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.478056][ T7638] RIP: 0033:0x7f97a657e719 [ 87.479194][ T7638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.483899][ T7638] RSP: 002b:00007f97a7435038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.485969][ T7638] RAX: ffffffffffffffda RBX: 00007f97a6735f80 RCX: 00007f97a657e719 [ 87.488063][ T7638] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 87.490169][ T7638] RBP: 00007f97a7435090 R08: 0000000000000000 R09: 0000000000000000 [ 87.492185][ T7638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 87.494127][ T7638] R13: 0000000000000000 R14: 00007f97a6735f80 R15: 00007ffc378d8dc8 [ 87.496064][ T7638] [ 87.645861][ T7645] team0: mtu less than device minimum [ 87.750429][ T7654] dccp_v6_rcv: dropped packet with invalid checksum [ 87.770042][ T7654] netfs: Couldn't get user pages (rc=-14) [ 88.342223][ T7672] netlink: 20 bytes leftover after parsing attributes in process `syz.1.577'. [ 88.352763][ T7672] syz.1.577 (7672) used obsolete PPPIOCDETACH ioctl [ 88.652297][ T7687] dccp_v6_rcv: dropped packet with invalid checksum [ 88.681283][ T7687] netfs: Couldn't get user pages (rc=-14) [ 88.779149][ T7701] program syz.3.584 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 88.782705][ T7701] ata1.00: invalid transfer count 0 [ 88.787818][ T7701] tmpfs: Bad value for 'mpol' [ 88.827087][ T39] kauditd_printk_skb: 22 callbacks suppressed [ 88.827108][ T39] audit: type=1400 audit(1731459050.405:446): avc: denied { listen } for pid=7704 comm="syz.0.591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 88.997396][ T7718] netlink: 12 bytes leftover after parsing attributes in process `syz.0.594'. [ 89.021131][ T39] audit: type=1400 audit(1731459050.605:447): avc: denied { read } for pid=7712 comm="syz.2.593" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 89.027719][ T39] audit: type=1400 audit(1731459050.605:448): avc: denied { open } for pid=7712 comm="syz.2.593" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 89.036271][ T39] audit: type=1400 audit(1731459050.615:449): avc: denied { read } for pid=7720 comm="syz.0.595" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 89.044580][ T39] audit: type=1400 audit(1731459050.615:450): avc: denied { open } for pid=7720 comm="syz.0.595" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 89.049891][ T5988] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 89.064218][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 89.074997][ T7721] netlink: 8 bytes leftover after parsing attributes in process `syz.0.595'. [ 89.113010][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 89.129869][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 89.131074][ T7725] FAULT_INJECTION: forcing a failure. [ 89.131074][ T7725] name failslab, interval 1, probability 0, space 0, times 0 [ 89.136825][ T7725] CPU: 3 UID: 0 PID: 7725 Comm: syz.0.596 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 89.139879][ T7725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.143032][ T7725] Call Trace: [ 89.143971][ T7725] [ 89.144738][ T7725] dump_stack_lvl+0x16c/0x1f0 [ 89.145972][ T7725] should_fail_ex+0x497/0x5b0 [ 89.147187][ T7725] ? fs_reclaim_acquire+0xae/0x150 [ 89.148564][ T7725] should_failslab+0xc2/0x120 [ 89.149807][ T7725] __kmalloc_noprof+0xcb/0x400 [ 89.151083][ T7725] fib6_info_alloc+0x40/0x160 [ 89.152363][ T7725] ip6_route_info_create+0x337/0x1910 [ 89.154015][ T7725] ? __pfx_ip6_route_info_create+0x10/0x10 [ 89.155611][ T7725] ? __pfx_lock_release+0x10/0x10 [ 89.157317][ T7725] ? trace_lock_acquire+0x14a/0x1d0 [ 89.158876][ T7725] ip6_route_add+0x26/0x1c0 [ 89.160201][ T7725] addrconf_prefix_route+0x2fe/0x510 [ 89.161751][ T7725] ? __pfx_addrconf_prefix_route+0x10/0x10 [ 89.163437][ T7725] ? nlmsg_notify+0xac/0x220 [ 89.164806][ T7725] ? mark_held_locks+0x9f/0xe0 [ 89.166131][ T7725] ? inet6_rtm_newaddr+0xd36/0x1aa0 [ 89.167501][ T7725] inet6_rtm_newaddr+0xe98/0x1aa0 [ 89.168818][ T7725] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 89.170224][ T7725] ? __mutex_lock+0x1a6/0x9c0 [ 89.171465][ T7725] ? __pfx_inet6_rtm_newaddr+0x10/0x10 [ 89.172947][ T7725] rtnetlink_rcv_msg+0x3c7/0xea0 [ 89.174282][ T7725] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 89.175708][ T7725] netlink_rcv_skb+0x16b/0x440 [ 89.176975][ T7725] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 89.178448][ T7725] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 89.180080][ T7725] ? netlink_deliver_tap+0x1ae/0xd90 [ 89.181722][ T7725] netlink_unicast+0x53c/0x7f0 [ 89.182946][ T7725] ? __pfx_netlink_unicast+0x10/0x10 [ 89.184960][ T7725] netlink_sendmsg+0x8b8/0xd70 [ 89.186349][ T7725] ? __pfx_netlink_sendmsg+0x10/0x10 [ 89.187814][ T7725] ____sys_sendmsg+0xaaf/0xc90 [ 89.189190][ T7725] ? copy_msghdr_from_user+0x10b/0x160 [ 89.190853][ T7725] ? __pfx_____sys_sendmsg+0x10/0x10 [ 89.192280][ T7725] ? hlock_class+0x4e/0x130 [ 89.193497][ T7725] ? __lock_acquire+0x163e/0x3ce0 [ 89.194887][ T7725] ___sys_sendmsg+0x135/0x1e0 [ 89.196153][ T7725] ? __pfx____sys_sendmsg+0x10/0x10 [ 89.197700][ T7725] ? __pfx___lock_acquire+0x10/0x10 [ 89.199226][ T7725] ? __pfx___might_resched+0x10/0x10 [ 89.200718][ T7725] ? __might_fault+0xe3/0x190 [ 89.202040][ T7725] __sys_sendmmsg+0x1a1/0x450 [ 89.203314][ T7725] ? __pfx___sys_sendmmsg+0x10/0x10 [ 89.204781][ T7725] ? vfs_write+0x306/0x1150 [ 89.206055][ T7725] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 89.207672][ T7725] ? fput+0x30/0x390 [ 89.208742][ T7725] ? ksys_write+0x1ad/0x260 [ 89.209647][ T5988] usb 8-1: Using ep0 maxpacket: 16 [ 89.209989][ T7725] ? __pfx_ksys_write+0x10/0x10 [ 89.210011][ T7725] __x64_sys_sendmmsg+0x9c/0x100 [ 89.210023][ T7725] ? lockdep_hardirqs_on+0x7c/0x110 [ 89.210037][ T7725] do_syscall_64+0xcd/0x250 [ 89.210048][ T7725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.210064][ T7725] RIP: 0033:0x7f86b777e719 [ 89.210075][ T7725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.210085][ T7725] RSP: 002b:00007f86b856b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 89.210097][ T7725] RAX: ffffffffffffffda RBX: 00007f86b7935f80 RCX: 00007f86b777e719 [ 89.210104][ T7725] RDX: 04000000000001f2 RSI: 0000000020000000 RDI: 0000000000000003 [ 89.215145][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 89.216044][ T7725] RBP: 00007f86b856b090 R08: 0000000000000000 R09: 0000000000000000 [ 89.220855][ T5988] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.225576][ T7725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 89.225592][ T7725] R13: 0000000000000000 R14: 00007f86b7935f80 R15: 00007fff1d278b28 [ 89.225608][ T7725] [ 89.249019][ T5988] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 89.253778][ T5988] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 89.257849][ T5988] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.293629][ T5988] usb 8-1: config 0 descriptor?? [ 89.349323][ T73] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 89.359260][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 89.382318][ T39] audit: type=1400 audit(1731459050.965:451): avc: denied { shutdown } for pid=7729 comm="syz.0.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 89.389402][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 89.485463][ T39] audit: type=1400 audit(1731459051.065:452): avc: denied { ioctl } for pid=7729 comm="syz.0.598" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0xae41 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 89.509335][ T73] usb 6-1: Using ep0 maxpacket: 8 [ 89.512227][ T73] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11 [ 89.516042][ T73] usb 6-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00 [ 89.518676][ T73] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.522963][ T73] usb 6-1: config 0 descriptor?? [ 89.559724][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 89.719313][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 89.742166][ T73] usbhid 6-1:0.0: can't add hid device: -71 [ 89.750408][ T73] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 89.761158][ T73] usb 6-1: USB disconnect, device number 10 [ 90.350628][ T65] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 90.353155][ T65] Bluetooth: hci3: Injecting HCI hardware error event [ 90.356007][ T65] Bluetooth: hci3: hardware error 0x00 [ 90.390903][ T7746] netlink: 8 bytes leftover after parsing attributes in process `syz.0.604'. [ 90.521895][ T1320] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 90.680777][ T1320] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 90.684988][ T1320] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 90.688848][ T1320] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 90.694089][ T1320] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 90.698836][ T1320] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 90.702240][ T1320] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.706528][ T1320] usb 6-1: config 0 descriptor?? [ 90.708772][ T7740] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 90.915910][ T1320] usbhid 6-1:0.0: can't add hid device: -71 [ 90.919783][ T1320] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 90.927128][ T1320] usb 6-1: USB disconnect, device number 11 [ 90.970900][ T7756] netlink: 'syz.2.608': attribute type 10 has an invalid length. [ 90.981165][ T7756] team0: Port device netdevsim0 added [ 91.014737][ T7758] dccp_v6_rcv: dropped packet with invalid checksum [ 91.042894][ T7758] netfs: Couldn't get user pages (rc=-14) [ 91.208940][ T7762] __nla_validate_parse: 3 callbacks suppressed [ 91.208957][ T7762] netlink: 40 bytes leftover after parsing attributes in process `syz.2.611'. [ 91.236359][ T7764] FAULT_INJECTION: forcing a failure. [ 91.236359][ T7764] name failslab, interval 1, probability 0, space 0, times 0 [ 91.239791][ T7764] CPU: 2 UID: 0 PID: 7764 Comm: syz.2.612 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 91.242681][ T7764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.246259][ T7764] Call Trace: [ 91.247654][ T7764] [ 91.248745][ T7764] dump_stack_lvl+0x16c/0x1f0 [ 91.250394][ T7764] should_fail_ex+0x497/0x5b0 [ 91.252021][ T7764] ? fs_reclaim_acquire+0xae/0x150 [ 91.254007][ T7764] should_failslab+0xc2/0x120 [ 91.255782][ T7764] __kmalloc_noprof+0xcb/0x400 [ 91.257687][ T7764] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 91.259485][ T7764] tomoyo_realpath_from_path+0xb9/0x720 [ 91.261222][ T7764] ? tomoyo_path_number_perm+0x232/0x590 [ 91.263011][ T7764] tomoyo_path_number_perm+0x245/0x590 [ 91.264701][ T7764] ? tomoyo_path_number_perm+0x232/0x590 [ 91.266488][ T7764] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 91.268497][ T7764] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 91.270475][ T7764] security_file_ioctl+0x9b/0x240 [ 91.272330][ T7764] __x64_sys_ioctl+0xbb/0x220 [ 91.274019][ T7764] do_syscall_64+0xcd/0x250 [ 91.275509][ T7764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.277335][ T7764] RIP: 0033:0x7f515497e719 [ 91.278643][ T7764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.284078][ T7764] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 91.286355][ T7764] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 91.288481][ T7764] RDX: 0000000020000f00 RSI: 0000000000003b88 RDI: 0000000000000005 [ 91.290563][ T7764] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 91.292606][ T7764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.294786][ T7764] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 91.297264][ T7764] [ 91.298576][ T7764] ERROR: Out of memory at tomoyo_realpath_from_path. [ 91.300397][ T39] audit: type=1400 audit(1731459052.885:453): avc: denied { write } for pid=5346 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 91.307045][ T39] audit: type=1400 audit(1731459052.885:454): avc: denied { remove_name } for pid=5346 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 91.315240][ T39] audit: type=1400 audit(1731459052.885:455): avc: denied { add_name } for pid=5346 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 91.685175][ T5988] usbhid 8-1:0.0: can't add hid device: -71 [ 91.687047][ T5988] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 91.696611][ T5988] usb 8-1: USB disconnect, device number 11 [ 91.841804][ T7804] netlink: 20 bytes leftover after parsing attributes in process `syz.2.628'. [ 92.395174][ T7820] netlink: 36 bytes leftover after parsing attributes in process `syz.2.635'. [ 92.397584][ T7820] netlink: 16 bytes leftover after parsing attributes in process `syz.2.635'. [ 92.400408][ T7820] netlink: 36 bytes leftover after parsing attributes in process `syz.2.635'. [ 92.402995][ T7820] netlink: 36 bytes leftover after parsing attributes in process `syz.2.635'. [ 92.419350][ T65] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 92.601034][ T7831] netlink: 24 bytes leftover after parsing attributes in process `syz.2.639'. [ 92.629559][ T7834] FAULT_INJECTION: forcing a failure. [ 92.629559][ T7834] name failslab, interval 1, probability 0, space 0, times 0 [ 92.632871][ T7834] CPU: 3 UID: 0 PID: 7834 Comm: syz.2.640 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 92.635623][ T7834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.638394][ T7834] Call Trace: [ 92.639305][ T7834] [ 92.640131][ T7834] dump_stack_lvl+0x16c/0x1f0 [ 92.641487][ T7834] should_fail_ex+0x497/0x5b0 [ 92.642758][ T7834] ? fs_reclaim_acquire+0xae/0x150 [ 92.644125][ T7834] should_failslab+0xc2/0x120 [ 92.645386][ T7834] __kmalloc_noprof+0xcb/0x400 [ 92.646689][ T7834] tomoyo_encode2+0x100/0x3e0 [ 92.648174][ T7834] tomoyo_encode+0x29/0x50 [ 92.649358][ T7834] tomoyo_realpath_from_path+0x19d/0x720 [ 92.650798][ T7834] ? tomoyo_path_number_perm+0x232/0x590 [ 92.652352][ T7834] tomoyo_path_number_perm+0x245/0x590 [ 92.653836][ T7834] ? tomoyo_path_number_perm+0x232/0x590 [ 92.655353][ T7834] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 92.656959][ T7834] ? trace_lock_acquire+0x14a/0x1d0 [ 92.658355][ T7834] ? lock_acquire+0x2f/0xb0 [ 92.659586][ T7834] ? __fget_files+0x40/0x3f0 [ 92.660837][ T7834] ? __fget_files+0x244/0x3f0 [ 92.662128][ T7834] security_file_ioctl+0x9b/0x240 [ 92.663475][ T7834] __x64_sys_ioctl+0xbb/0x220 [ 92.664066][ T7838] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7838 comm=syz.1.641 [ 92.664716][ T7834] do_syscall_64+0xcd/0x250 [ 92.668429][ T7838] netlink: 'syz.1.641': attribute type 1 has an invalid length. [ 92.669161][ T7834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.669183][ T7834] RIP: 0033:0x7f515497e719 [ 92.669194][ T7834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.669204][ T7834] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 [ 92.677544][ T7838] 8021q: adding VLAN 0 to HW filter on device bond1 [ 92.679261][ T7834] ORIG_RAX: 0000000000000010 [ 92.679273][ T7834] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 92.679281][ T7834] RDX: 0000000000000000 RSI: 000000000000894c RDI: 0000000000000003 [ 92.679287][ T7834] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 92.679293][ T7834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.679299][ T7834] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 92.679312][ T7834] [ 92.679793][ T7834] ERROR: Out of memory at tomoyo_realpath_from_path. [ 92.701760][ T7838] 8021q: adding VLAN 0 to HW filter on device bond1 [ 92.703624][ T7838] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 92.706799][ T7838] bond1: (slave vcan1): Error -95 calling set_mac_address [ 92.872078][ T7864] bond0: up delay (5) is not a multiple of miimon (4), value rounded to 4 ms [ 92.875660][ T7864] netlink: 'syz.2.648': attribute type 10 has an invalid length. [ 92.878899][ T7864] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.880813][ T7864] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.882840][ T7864] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.884989][ T7864] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.891558][ T7864] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 92.923354][ T7843] bond0: (slave bridge0): link status definitely up, 0 Mbps full duplex [ 92.942303][ T7871] dccp_v6_rcv: dropped packet with invalid checksum [ 92.965658][ T7871] netfs: Couldn't get user pages (rc=-14) [ 93.169429][ T1320] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 93.284050][ T7896] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.661'. [ 93.286894][ T7891] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.661'. [ 93.317110][ T7900] FAULT_INJECTION: forcing a failure. [ 93.317110][ T7900] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 93.321071][ T7900] CPU: 3 UID: 0 PID: 7900 Comm: syz.3.663 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 93.323850][ T7900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.326646][ T7900] Call Trace: [ 93.327529][ T7900] [ 93.328334][ T7900] dump_stack_lvl+0x16c/0x1f0 [ 93.329695][ T7900] should_fail_ex+0x497/0x5b0 [ 93.331113][ T7900] copy_fpstate_to_sigframe+0x858/0xaf0 [ 93.331571][ T1320] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 93.332576][ T7900] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 93.336699][ T1320] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 93.338377][ T7900] ? find_held_lock+0x2d/0x110 [ 93.343555][ T1320] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 93.343811][ T7900] get_sigframe+0x4aa/0x9c0 [ 93.347515][ T1320] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 93.348741][ T7900] ? __pfx_get_sigframe+0x10/0x10 [ 93.352957][ T1320] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 93.353928][ T7900] ? _raw_spin_unlock_irq+0x23/0x50 [ 93.356308][ T1320] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.357662][ T7900] ? siginfo_layout+0x177/0x290 [ 93.361734][ T7900] x64_setup_rt_frame+0x129/0xcf0 [ 93.362380][ T1320] usb 5-1: config 0 descriptor?? [ 93.363072][ T7900] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 93.365341][ T7870] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 93.366361][ T7900] arch_do_signal_or_restart+0x5e6/0x7e0 [ 93.369972][ T7900] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 93.371641][ T7900] ? __bad_area_nosemaphore+0x334/0x6a0 [ 93.373108][ T7900] ? do_user_addr_fault+0x920/0x13f0 [ 93.374518][ T7900] irqentry_exit_to_user_mode+0x13f/0x280 [ 93.376018][ T7900] asm_exc_page_fault+0x26/0x30 [ 93.377312][ T7900] RIP: 0033:0x20000005 [ 93.378424][ T7900] Code: Unable to access opcode bytes at 0x1fffffdb. [ 93.380184][ T7900] RSP: 002b:00007f97a7434338 EFLAGS: 00010202 [ 93.381807][ T7900] RAX: 0000000000000000 RBX: 00007f97a6735f80 RCX: 00007f97a657e719 [ 93.383751][ T7900] RDX: 00007f97a7434340 RSI: 00007f97a7434470 RDI: 000000000000000d [ 93.385660][ T7900] RBP: 00007f97a7435090 R08: 0000000000000000 R09: 0000000000000000 [ 93.387640][ T7900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 93.389588][ T7900] R13: 0000000000000000 R14: 00007f97a6735f80 R15: 00007ffc378d8dc8 [ 93.391787][ T7900] [ 93.778383][ T1320] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 93.782723][ T1320] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 93.784749][ T1320] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 93.786806][ T1320] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 93.788851][ T1320] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 93.792574][ T1320] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 93.796482][ T1320] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 93.891977][ T7917] netlink: 8 bytes leftover after parsing attributes in process `syz.1.669'. [ 94.030034][ T7870] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 94.032377][ T7870] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.089244][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 94.089261][ T39] audit: type=1400 audit(1731459055.665:459): avc: denied { map } for pid=7924 comm="syz.2.671" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 94.178425][ T7937] dccp_v6_rcv: dropped packet with invalid checksum [ 94.196996][ T7937] netfs: Couldn't get user pages (rc=-14) [ 94.286525][ T7949] FAULT_INJECTION: forcing a failure. [ 94.286525][ T7949] name failslab, interval 1, probability 0, space 0, times 0 [ 94.291006][ T7949] CPU: 0 UID: 0 PID: 7949 Comm: syz.3.681 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 94.293794][ T7949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.296580][ T7949] Call Trace: [ 94.297520][ T7949] [ 94.298327][ T7949] dump_stack_lvl+0x16c/0x1f0 [ 94.299647][ T7949] should_fail_ex+0x497/0x5b0 [ 94.301140][ T7949] ? fs_reclaim_acquire+0xae/0x150 [ 94.303050][ T7949] should_failslab+0xc2/0x120 [ 94.303739][ T7952] FAULT_INJECTION: forcing a failure. [ 94.303739][ T7952] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.304774][ T7949] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 94.310918][ T7949] ? __kernfs_new_node+0xd3/0x890 [ 94.312448][ T7949] __kernfs_new_node+0xd3/0x890 [ 94.313771][ T7949] ? __pfx___kernfs_new_node+0x10/0x10 [ 94.315176][ T7949] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 94.316648][ T7949] ? rwsem_read_trylock+0x12d/0x250 [ 94.318032][ T7949] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 94.319421][ T7949] kernfs_new_node+0x186/0x240 [ 94.320828][ T7949] __kernfs_create_file+0x53/0x350 [ 94.322204][ T7949] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 94.323623][ T7949] sysfs_merge_group+0x1b1/0x340 [ 94.324919][ T7949] ? __pfx_sysfs_merge_group+0x10/0x10 [ 94.326312][ T7949] ? do_raw_spin_unlock+0x172/0x230 [ 94.327680][ T7949] dpm_sysfs_add+0x237/0x280 [ 94.328917][ T7949] device_add+0x9a8/0x1a70 [ 94.330174][ T7949] ? __pfx_device_add+0x10/0x10 [ 94.331469][ T7949] ? __init_waitqueue_head+0xca/0x150 [ 94.332890][ T7949] iommufd_test+0x12df/0x4190 [ 94.334160][ T7949] ? __pfx_iommufd_test+0x10/0x10 [ 94.335481][ T7949] ? trace_lock_acquire+0x14a/0x1d0 [ 94.336846][ T7949] ? lock_acquire+0x2f/0xb0 [ 94.338050][ T7949] ? __might_fault+0xe3/0x190 [ 94.339291][ T7949] ? __might_fault+0xe3/0x190 [ 94.340632][ T7949] iommufd_fops_ioctl+0x359/0x4f0 [ 94.341976][ T7949] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.343476][ T7949] ? trace_lock_acquire+0x14a/0x1d0 [ 94.344894][ T7949] ? selinux_file_ioctl+0x180/0x270 [ 94.346368][ T7949] ? selinux_file_ioctl+0xb4/0x270 [ 94.347789][ T7949] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 94.349647][ T7949] __x64_sys_ioctl+0x18f/0x220 [ 94.351036][ T7949] do_syscall_64+0xcd/0x250 [ 94.352259][ T7949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.353934][ T7949] RIP: 0033:0x7f97a657e719 [ 94.355148][ T7949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.360400][ T7949] RSP: 002b:00007f97a7435038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.362582][ T7949] RAX: ffffffffffffffda RBX: 00007f97a6735f80 RCX: 00007f97a657e719 [ 94.364721][ T7949] RDX: 0000000020000740 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 94.366865][ T7949] RBP: 00007f97a7435090 R08: 0000000000000000 R09: 0000000000000000 [ 94.368991][ T7949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 94.371269][ T7949] R13: 0000000000000000 R14: 00007f97a6735f80 R15: 00007ffc378d8dc8 [ 94.373343][ T7949] [ 94.374191][ T7952] CPU: 3 UID: 0 PID: 7952 Comm: syz.2.678 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 94.374251][ C0] vkms_vblank_simulate: vblank timer overrun [ 94.377105][ T7952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.381667][ T7952] Call Trace: [ 94.382564][ T7952] [ 94.383361][ T7952] dump_stack_lvl+0x16c/0x1f0 [ 94.384617][ T7952] should_fail_ex+0x497/0x5b0 [ 94.387149][ T7952] _copy_from_user+0x2e/0xd0 [ 94.388480][ T7952] copy_mount_options+0x76/0x190 [ 94.389851][ T7952] __x64_sys_mount+0x1ad/0x320 [ 94.391131][ T7952] ? __pfx___x64_sys_mount+0x10/0x10 [ 94.392610][ T7952] do_syscall_64+0xcd/0x250 [ 94.393936][ T7952] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.395636][ T7952] RIP: 0033:0x7f515497e719 [ 94.397186][ T7952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.403922][ T7952] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 94.406190][ T7952] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 94.408391][ T7952] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000 [ 94.410615][ T7952] RBP: 00007f51557ce090 R08: 0000000020000100 R09: 0000000000000000 [ 94.412703][ T7952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.414880][ T7952] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 94.416970][ T7952] [ 94.448534][ T7961] netlink: 'syz.3.684': attribute type 3 has an invalid length. [ 94.466071][ T39] audit: type=1400 audit(1731459056.035:460): avc: denied { audit_write } for pid=7956 comm="syz.3.684" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 94.571683][ T5990] usb 5-1: USB disconnect, device number 10 [ 94.684469][ T39] audit: type=1400 audit(1731459056.265:461): avc: denied { connect } for pid=7975 comm="syz.3.690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 95.170864][ T7987] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 95.177978][ T7987] CIFS mount error: No usable UNC path provided in device string! [ 95.177978][ T7987] [ 95.181903][ T7987] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 95.185648][ T7987] sg_write: data in/out 12/60 bytes for SCSI command 0x0-- guessing data in; [ 95.185648][ T7987] program syz.1.692 not setting count and/or reply_len properly [ 95.274781][ T7994] netlink: 'syz.0.695': attribute type 2 has an invalid length. [ 95.277064][ T7994] netlink: 'syz.0.695': attribute type 1 has an invalid length. [ 95.284373][ T7996] netlink: 'syz.0.695': attribute type 2 has an invalid length. [ 95.286904][ T7996] netlink: 'syz.0.695': attribute type 1 has an invalid length. [ 95.479756][ T39] audit: type=1400 audit(1731459057.055:462): avc: denied { create } for pid=8011 comm="syz.2.702" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 95.490863][ T8013] (syz.2.702,8013,2):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 95.493191][ T8013] (syz.2.702,8013,2):ocfs2_fill_super:1178 ERROR: status = -22 [ 95.585316][ T8022] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 95.588350][ T39] audit: type=1400 audit(1731459057.165:463): avc: denied { setattr } for pid=8034 comm="syz.2.710" name="event0" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 95.589719][ T8022] FAULT_INJECTION: forcing a failure. [ 95.589719][ T8022] name failslab, interval 1, probability 0, space 0, times 0 [ 95.598237][ T8022] CPU: 1 UID: 0 PID: 8022 Comm: syz.3.706 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 95.601744][ T8022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.604750][ T8022] Call Trace: [ 95.605872][ T8022] [ 95.606651][ T8022] dump_stack_lvl+0x16c/0x1f0 [ 95.607836][ T8022] should_fail_ex+0x497/0x5b0 [ 95.609098][ T8022] ? fs_reclaim_acquire+0xae/0x150 [ 95.610631][ T8022] should_failslab+0xc2/0x120 [ 95.611904][ T8022] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 95.613441][ T8022] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 95.615123][ T8022] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 95.616772][ T8022] mmu_topup_memory_caches+0x22/0xd0 [ 95.618241][ T8022] kvm_mmu_load+0xda/0x20d0 [ 95.619638][ T8022] ? kvm_apic_has_interrupt+0xb6/0x190 [ 95.621631][ T8022] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 95.623262][ T8022] ? vmx_get_rflags+0x90/0x1c0 [ 95.624584][ T8022] ? kvm_apic_accept_pic_intr+0xe8/0x1a0 [ 95.626163][ T8022] ? __pfx_kvm_mmu_load+0x10/0x10 [ 95.627546][ T8022] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 95.629188][ T8022] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 95.630922][ T8022] vcpu_run+0x337c/0x4f80 [ 95.632130][ T8022] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 95.633660][ T8022] ? __pfx_vcpu_run+0x10/0x10 [ 95.635043][ T8022] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 95.636589][ T8022] ? rcu_is_watching+0x12/0xc0 [ 95.637928][ T8022] ? trace_lock_acquire+0x14a/0x1d0 [ 95.639387][ T8022] ? __local_bh_enable_ip+0xa4/0x120 [ 95.641121][ T8022] ? kvm_arch_vcpu_ioctl_run+0x14d/0x1730 [ 95.642746][ T8022] ? kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 95.644346][ T8022] kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 95.645881][ T8022] kvm_vcpu_ioctl+0x6c7/0x1510 [ 95.647168][ T8022] ? do_vfs_ioctl+0x513/0x1990 [ 95.648529][ T8022] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 95.650188][ T8022] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 95.652064][ T8022] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 95.654112][ T8022] ? trace_lock_acquire+0x14a/0x1d0 [ 95.655761][ T8022] ? selinux_file_ioctl+0x180/0x270 [ 95.657247][ T8022] ? selinux_file_ioctl+0xb4/0x270 [ 95.658679][ T8022] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 95.660180][ T8022] __x64_sys_ioctl+0x18f/0x220 [ 95.661518][ T8022] do_syscall_64+0xcd/0x250 [ 95.662780][ T8022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.664426][ T8022] RIP: 0033:0x7f97a657e719 [ 95.665711][ T8022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.671325][ T8022] RSP: 002b:00007f97a7435038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.673658][ T8022] RAX: ffffffffffffffda RBX: 00007f97a6735f80 RCX: 00007f97a657e719 [ 95.675822][ T8022] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 95.677992][ T8022] RBP: 00007f97a7435090 R08: 0000000000000000 R09: 0000000000000000 [ 95.680176][ T8022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 95.682368][ T8022] R13: 0000000000000000 R14: 00007f97a6735f80 R15: 00007ffc378d8dc8 [ 95.684531][ T8022] [ 95.867309][ T8055] dccp_v6_rcv: dropped packet with invalid checksum [ 95.938908][ T8055] netfs: Couldn't get user pages (rc=-14) [ 95.943936][ T8066] binder: 8065:8066 ioctl c0a85320 20000180 returned -22 [ 95.980797][ T8071] netlink: 'syz.3.721': attribute type 25 has an invalid length. [ 95.982934][ T8071] netlink: 'syz.3.721': attribute type 8 has an invalid length. [ 95.983920][ T8072] vxcan1: tx address claim with dest, not broadcast [ 95.991489][ T8068] vxcan1: tx address claim with dest, not broadcast [ 96.008506][ T39] audit: type=1400 audit(1731459057.585:464): avc: denied { append } for pid=8074 comm="syz.3.723" name="mice" dev="devtmpfs" ino=939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 96.221915][ T8087] FAULT_INJECTION: forcing a failure. [ 96.221915][ T8087] name failslab, interval 1, probability 0, space 0, times 0 [ 96.225211][ T8087] CPU: 0 UID: 0 PID: 8087 Comm: syz.2.726 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 96.227931][ T8087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.230672][ T8087] Call Trace: [ 96.231559][ T8087] [ 96.232512][ T8087] dump_stack_lvl+0x16c/0x1f0 [ 96.233844][ T8087] should_fail_ex+0x497/0x5b0 [ 96.235099][ T8087] ? fs_reclaim_acquire+0xae/0x150 [ 96.236569][ T8087] should_failslab+0xc2/0x120 [ 96.238583][ T8087] __kmalloc_node_noprof+0xd1/0x430 [ 96.240415][ T8087] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 96.242259][ T8087] ? __pfx_mark_lock+0x10/0x10 [ 96.244051][ T8087] __kvmalloc_node_noprof+0xad/0x1a0 [ 96.245934][ T8087] __kvm_mmu_topup_memory_cache+0x451/0x600 [ 96.248057][ T8087] ? vcpu_run+0x1a8e/0x4f80 [ 96.249391][ T1320] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 96.249741][ T8087] mmu_topup_memory_caches+0x22/0xd0 [ 96.253195][ T8087] kvm_mmu_load+0xda/0x20d0 [ 96.254586][ T8087] ? mark_held_locks+0x9f/0xe0 [ 96.255911][ T8087] ? kvm_apic_has_interrupt+0xb6/0x190 [ 96.257449][ T8087] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 96.259210][ T8087] ? vmx_flush_tlb_guest+0x113/0x2e0 [ 96.260641][ T8087] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 96.262184][ T8087] ? __pfx_kvm_mmu_load+0x10/0x10 [ 96.263547][ T8087] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 96.265142][ T8087] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 96.266827][ T8087] vcpu_run+0x337c/0x4f80 [ 96.268050][ T8087] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 96.269556][ T8087] ? __pfx_vcpu_run+0x10/0x10 [ 96.270829][ T8087] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 96.272329][ T8087] ? rcu_is_watching+0x12/0xc0 [ 96.273629][ T8087] ? trace_lock_acquire+0x14a/0x1d0 [ 96.275020][ T8087] ? __local_bh_enable_ip+0xa4/0x120 [ 96.276574][ T8087] ? kvm_arch_vcpu_ioctl_run+0x14d/0x1730 [ 96.278413][ T8087] ? kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 96.279945][ T8087] kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 96.281550][ T8087] kvm_vcpu_ioctl+0x6c7/0x1510 [ 96.282879][ T8087] ? do_vfs_ioctl+0x513/0x1990 [ 96.284207][ T8087] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 96.285650][ T8087] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 96.287503][ T8087] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 96.289411][ T8087] ? trace_lock_acquire+0x14a/0x1d0 [ 96.290853][ T8087] ? selinux_file_ioctl+0x180/0x270 [ 96.292270][ T8087] ? selinux_file_ioctl+0xb4/0x270 [ 96.293670][ T8087] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 96.295091][ T8087] __x64_sys_ioctl+0x18f/0x220 [ 96.296507][ T8087] do_syscall_64+0xcd/0x250 [ 96.297833][ T8087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.299438][ T8087] RIP: 0033:0x7f515497e719 [ 96.300654][ T8087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.305775][ T8087] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 96.308085][ T8087] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 96.310248][ T8087] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 96.312415][ T8087] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 96.314683][ T8087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 96.316920][ T8087] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 96.319049][ T8087] [ 96.319990][ C0] vkms_vblank_simulate: vblank timer overrun [ 96.399324][ T1320] usb 8-1: Using ep0 maxpacket: 32 [ 96.402208][ T1320] usb 8-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 96.405516][ T1320] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 96.411556][ T1320] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 96.414643][ T1320] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 96.416825][ T1320] usb 8-1: Product: syz [ 96.417934][ T1320] usb 8-1: Manufacturer: syz [ 96.419145][ T1320] usb 8-1: SerialNumber: syz [ 96.422755][ T1320] appletouch 8-1:1.0: Could not find int-in endpoint [ 96.424537][ T1320] appletouch 8-1:1.0: probe with driver appletouch failed with error -5 [ 96.427089][ T1320] usbhid 8-1:1.0: couldn't find an input interrupt endpoint [ 96.511611][ T8101] FAULT_INJECTION: forcing a failure. [ 96.511611][ T8101] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 96.515657][ T8101] CPU: 1 UID: 0 PID: 8101 Comm: syz.2.731 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 96.518447][ T8101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.521459][ T8101] Call Trace: [ 96.522434][ T8101] [ 96.523200][ T8101] dump_stack_lvl+0x16c/0x1f0 [ 96.524417][ T8101] should_fail_ex+0x497/0x5b0 [ 96.525619][ T8101] _copy_from_user+0x2e/0xd0 [ 96.526775][ T8101] get_user_ifreq+0xf1/0x250 [ 96.528087][ T8101] sock_do_ioctl+0x16c/0x280 [ 96.529663][ T8101] ? __pfx_sock_do_ioctl+0x10/0x10 [ 96.531697][ T8101] ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 96.533436][ T8101] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 96.535718][ T8101] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 96.537954][ T8101] sock_ioctl+0x228/0x6c0 [ 96.539455][ T8101] ? __pfx_sock_ioctl+0x10/0x10 [ 96.540989][ T8101] ? selinux_file_ioctl+0x180/0x270 [ 96.542371][ T8101] ? selinux_file_ioctl+0xb4/0x270 [ 96.543676][ T8101] ? __pfx_sock_ioctl+0x10/0x10 [ 96.545048][ T8101] __x64_sys_ioctl+0x18f/0x220 [ 96.546736][ T8101] do_syscall_64+0xcd/0x250 [ 96.548276][ T8101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.550285][ T8101] RIP: 0033:0x7f515497e719 [ 96.551478][ T8101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.556601][ T8101] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 96.559180][ T8101] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 96.561325][ T8101] RDX: 0000000020000000 RSI: 0000000000008922 RDI: 0000000000000003 [ 96.564089][ T8101] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 96.566332][ T8101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 96.568429][ T8101] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 96.570437][ T8101] [ 96.627963][ T5990] usb 8-1: USB disconnect, device number 12 [ 96.635802][ T8105] evm: overlay not supported [ 96.703078][ T39] audit: type=1400 audit(1731459058.285:465): avc: denied { append } for pid=8102 comm="syz.2.732" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 96.736043][ T39] audit: type=1400 audit(1731459058.315:466): avc: denied { search } for pid=8110 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.743949][ T1320] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 96.745860][ T39] audit: type=1400 audit(1731459058.325:467): avc: denied { read } for pid=8111 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.759357][ T39] audit: type=1400 audit(1731459058.325:468): avc: denied { open } for pid=8111 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1768 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.783251][ T8115] FAULT_INJECTION: forcing a failure. [ 96.783251][ T8115] name failslab, interval 1, probability 0, space 0, times 0 [ 96.786804][ T8115] CPU: 0 UID: 0 PID: 8115 Comm: syz.2.735 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 96.789630][ T8115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.791789][ T8117] __nla_validate_parse: 8 callbacks suppressed [ 96.791800][ T8117] netlink: 76 bytes leftover after parsing attributes in process `syz.1.734'. [ 96.792447][ T8115] Call Trace: [ 96.792455][ T8115] [ 96.792461][ T8115] dump_stack_lvl+0x16c/0x1f0 [ 96.799742][ T8115] should_fail_ex+0x497/0x5b0 [ 96.801094][ T8115] ? fs_reclaim_acquire+0xae/0x150 [ 96.802548][ T8115] should_failslab+0xc2/0x120 [ 96.803932][ T8115] __kmalloc_noprof+0xcb/0x400 [ 96.805238][ T8115] ? d_absolute_path+0x137/0x1b0 [ 96.806594][ T8115] tomoyo_encode2+0x100/0x3e0 [ 96.807946][ T8115] tomoyo_encode+0x29/0x50 [ 96.809595][ T8115] tomoyo_realpath_from_path+0x19d/0x720 [ 96.811722][ T8115] tomoyo_path_number_perm+0x245/0x590 [ 96.813774][ T8115] ? tomoyo_path_number_perm+0x232/0x590 [ 96.815762][ T8115] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 96.817371][ T8115] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 96.819023][ T8115] security_file_ioctl+0x9b/0x240 [ 96.820494][ T8115] __x64_sys_ioctl+0xbb/0x220 [ 96.821943][ T8115] do_syscall_64+0xcd/0x250 [ 96.823201][ T8115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.824783][ T8115] RIP: 0033:0x7f515497e719 [ 96.825981][ T8115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.831237][ T8115] RSP: 002b:00007f51557ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 96.833377][ T8115] RAX: ffffffffffffffda RBX: 00007f5154b35f80 RCX: 00007f515497e719 [ 96.835515][ T8115] RDX: 0000000020000f00 RSI: 0000000000003b88 RDI: 0000000000000005 [ 96.837611][ T8115] RBP: 00007f51557ce090 R08: 0000000000000000 R09: 0000000000000000 [ 96.839753][ T8115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 96.842161][ T8115] R13: 0000000000000000 R14: 00007f5154b35f80 R15: 00007ffdacb2d5a8 [ 96.844325][ T8115] [ 96.845377][ C0] vkms_vblank_simulate: vblank timer overrun [ 96.848575][ T8115] ERROR: Out of memory at tomoyo_realpath_from_path. [ 96.975536][ T8124] syz.2.736 (8124) used greatest stack depth: 21056 bytes left [ 97.258350][ T1132] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.334777][ T1132] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.421597][ T1132] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.524836][ T1132] team0: Port device netdevsim0 removed [ 97.527693][ T1132] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.610537][ T1132] bridge_slave_1: left allmulticast mode [ 97.612481][ T1132] bridge_slave_1: left promiscuous mode [ 97.614968][ T1132] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.619382][ T1132] bridge_slave_0: left allmulticast mode [ 97.620926][ T1132] bridge_slave_0: left promiscuous mode [ 97.623061][ T1132] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.629736][ T69] [ 97.629927][ T1132] BUG: spinlock bad magic on CPU#0, kworker/u32:7/1132 [ 97.630520][ T69] ============================= [ 97.632340][ T1132] Oops: general protection fault, probably for non-canonical address 0xe0001bffe00020b9: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 97.633753][ T69] WARNING: suspicious RCU usage [ 97.633764][ T69] 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 Not tainted [ 97.638854][ T1132] KASAN: maybe wild-memory-access in range [0x0000ffff000105c8-0x0000ffff000105cf] [ 97.640232][ T69] ----------------------------- [ 97.642167][ T1132] CPU: 0 UID: 0 PID: 1132 Comm: kworker/u32:7 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 97.645134][ T69] net/sched/sch_generic.c:1290 suspicious rcu_dereference_protected() usage! [ 97.646419][ T1132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.646431][ T1132] Workqueue: netns cleanup_net [ 97.650308][ T69] [ 97.650308][ T69] other info that might help us debug this: [ 97.650308][ T69] [ 97.652585][ T1132] [ 97.652592][ T1132] RIP: 0010:spin_bug+0x100/0x1d0 [ 97.655391][ T69] [ 97.655391][ T69] rcu_scheduler_active = 2, debug_locks = 1 [ 97.656652][ T1132] Code: 08 84 d2 0f 85 db 00 00 00 48 85 ed 44 8b 4b 08 74 7d 48 8d bd c8 05 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 04 3c 03 7e 68 44 8b 85 c8 05 00 00 48 8d 8d [ 97.659594][ T69] 8 locks held by kworker/u32:3/69: [ 97.660175][ T1132] RSP: 0018:ffffc90005ff77e0 EFLAGS: 00010002 [ 97.661992][ T69] #0: [ 97.664112][ T1132] [ 97.664120][ T1132] RAX: dffffc0000000000 RBX: ffff8881072ac020 RCX: ffffffff816d3e69 [ 97.671091][ T69] ffff88804bcf9148 [ 97.672521][ T1132] RDX: 00001fffe00020b9 RSI: ffffffff816de786 RDI: 0000ffff000105c8 [ 97.674707][ T69] ((wq_completion)bond0 [ 97.675442][ T1132] RBP: 0000ffff00010000 R08: 0000000000000005 R09: 0000000000000001 [ 97.676324][ T69] #2 [ 97.678379][ T1132] R10: 0000000080000001 R11: 697073203a475542 R12: ffffffff8b6d3760 [ 97.679877][ T69] ){+.+.}-{0:0} [ 97.682113][ T1132] R13: ffff8880272a2440 R14: ffffc90005ff7920 R15: 0000000000000001 [ 97.683666][ T69] , at: process_one_work+0x129b/0x1ba0 [ 97.685805][ T1132] FS: 0000000000000000(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000 [ 97.686755][ T69] #1: [ 97.688811][ T1132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.690212][ T69] ffffc90000d67d80 [ 97.692362][ T1132] CR2: 00005611a14a2000 CR3: 0000000024b68000 CR4: 0000000000352ef0 [ 97.693814][ T69] ((work_completion)(&(&bond->mii_work)->work) [ 97.696403][ T1132] Call Trace: [ 97.697156][ T69] ){+.+.}-{0:0} [ 97.699401][ T1132] [ 97.699415][ T1132] ? die_addr+0x3b/0xa0 [ 97.699438][ T1132] ? exc_general_protection+0x155/0x230 [ 97.700485][ T69] , at: process_one_work+0x921/0x1ba0 [ 97.703156][ T1132] ? asm_exc_general_protection+0x26/0x30 [ 97.704826][ T69] #2: [ 97.705721][ T1132] ? __wake_up_klogd.part.0+0x99/0xf0 [ 97.706764][ T69] ffffffff8e1b8340 [ 97.707538][ T1132] ? vprintk+0x86/0xa0 [ 97.708639][ T69] (rcu_read_lock [ 97.710082][ T1132] ? spin_bug+0x100/0x1d0 [ 97.710104][ T1132] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 97.710114][ T1132] do_raw_spin_lock+0x225/0x2c0 [ 97.710125][ T1132] ? trace_lock_acquire+0x14a/0x1d0 [ 97.710137][ T1132] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 97.710148][ T1132] ? lock_acquire+0x2f/0xb0 [ 97.710156][ T1132] ? down+0x2a/0xa0 [ 97.710166][ T1132] _raw_spin_lock_irqsave+0x42/0x60 [ 97.712136][ T69] ){....}-{1:2} [ 97.713630][ T1132] ? down+0x2a/0xa0 [ 97.714907][ T69] , at: bond_mii_monitor+0x140/0x2d90 [ 97.716117][ T1132] down+0x2a/0xa0 [ 97.717527][ T69] #3: [ 97.718600][ T1132] ? lockdep_rtnl_is_held+0x26/0x40 [ 97.719776][ T69] ffffffff8e1a5a40 [ 97.720742][ T1132] netpoll_poll_disable+0x79/0x110 [ 97.722247][ T69] (console_lock [ 97.723567][ T1132] __dev_close_many+0xd9/0x310 [ 97.724962][ T69] ){+.+.}-{0:0} [ 97.726390][ T1132] ? __pfx___dev_close_many+0x10/0x10 [ 97.727634][ T69] , at: vprintk+0x7f/0xa0 [ 97.728688][ T1132] ? kasan_save_stack+0x42/0x60 [ 97.730675][ T69] #4: [ 97.731831][ T1132] ? __call_rcu_common.constprop.0+0x99/0x7a0 [ 97.733108][ T69] ffffffff8e1a5ab0 [ 97.734481][ T1132] ? nexthop_net_exit_batch_rtnl+0xc8/0x290 [ 97.735367][ T69] (console_srcu [ 97.736076][ T1132] ? cleanup_net+0x548/0xb40 [ 97.737424][ T69] ){....}-{0:0} [ 97.738408][ T1132] ? process_one_work+0x9c5/0x1ba0 [ 97.739820][ T69] , at: console_flush_all+0x159/0xc60 [ 97.740721][ T1132] ? worker_thread+0x6c8/0xf00 [ 97.741985][ T69] #5: [ 97.742948][ T1132] dev_close_many+0x24c/0x6a0 [ 97.744329][ T69] ffffffff8e0c5600 [ 97.745457][ T1132] ? mark_lock+0xb5/0xc60 [ 97.746735][ T69] (console_owner [ 97.747493][ T1132] ? __pfx_dev_close_many+0x10/0x10 [ 97.749231][ T69] ){-...}-{0:0} [ 97.750363][ T1132] ? __pfx_mark_lock+0x10/0x10 [ 97.751898][ T69] , at: console_lock_spinning_enable+0x9f/0xd0 [ 97.752836][ T1132] unregister_netdevice_many_notify+0x489/0x1e50 [ 97.754047][ T69] #6: ffffffff8e0c5500 [ 97.754961][ T1132] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 97.756301][ T69] ( [ 97.757701][ T1132] ? __call_rcu_common.constprop.0+0x36e/0x7a0 [ 97.758977][ T69] printk_legacy_map-wait-type-override [ 97.759714][ T1132] ? __pfx___might_resched+0x10/0x10 [ 97.759736][ T1132] ? nexthop_net_exit_batch_rtnl+0x1c6/0x290 [ 97.759750][ T1132] cleanup_net+0x58c/0xb40 [ 97.759763][ T1132] ? __pfx_cleanup_net+0x10/0x10 [ 97.760994][ T69] ){....}-{3:3} [ 97.761956][ T1132] ? trace_lock_acquire+0x14a/0x1d0 [ 97.763082][ T69] , at: console_flush_all+0x7bd/0xc60 [ 97.764226][ T1132] ? process_one_work+0x921/0x1ba0 [ 97.765598][ T69] #7: ffffffff9aaebc18 [ 97.766882][ T1132] ? lock_acquire+0x2f/0xb0 [ 97.768182][ T69] (&port_lock_key){-.-.}-{2:2} [ 97.770377][ T1132] ? process_one_work+0x921/0x1ba0 [ 97.770405][ T1132] process_one_work+0x9c5/0x1ba0 [ 97.770424][ T1132] ? __pfx_batadv_nc_worker+0x10/0x10 [ 97.772075][ T69] , at: serial8250_console_write+0xb56/0x17c0 [ 97.773173][ T1132] ? __pfx_process_one_work+0x10/0x10 [ 97.774907][ T69] [ 97.774907][ T69] stack backtrace: [ 97.774915][ T69] CPU: 3 UID: 0 PID: 69 Comm: kworker/u32:3 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 [ 97.775658][ T1132] ? assign_work+0x1a0/0x250 [ 97.777845][ T69] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.779330][ T1132] worker_thread+0x6c8/0xf00 [ 97.781166][ T69] Workqueue: bond0 bond_mii_monitor [ 97.782746][ T1132] ? __pfx_worker_thread+0x10/0x10 [ 97.784356][ T69] [ 97.785657][ T1132] kthread+0x2c1/0x3a0 [ 97.786916][ T69] Call Trace: [ 97.788269][ T1132] ? _raw_spin_unlock_irq+0x23/0x50 [ 97.790186][ T69] [ 97.791527][ T1132] ? __pfx_kthread+0x10/0x10 [ 97.793046][ T69] dump_stack_lvl+0x16c/0x1f0 [ 97.794270][ T1132] ret_from_fork+0x45/0x80 [ 97.795703][ T69] lockdep_rcu_suspicious+0x210/0x3c0 [ 97.797018][ T1132] ? __pfx_kthread+0x10/0x10 [ 97.798343][ T69] dev_deactivate_queue+0x167/0x190 [ 97.799811][ T1132] ret_from_fork_asm+0x1a/0x30 [ 97.801521][ T69] dev_deactivate_many+0xe7/0xb20 [ 97.803006][ T1132] [ 97.803012][ T1132] Modules linked in: [ 97.805113][ T69] dev_deactivate+0xf9/0x1c0 [ 97.807936][ T1132] [ 97.807946][ T1132] ---[ end trace 0000000000000000 ]--- [ 97.809182][ T69] ? __pfx_dev_deactivate+0x10/0x10 [ 97.812352][ T1132] RIP: 0010:spin_bug+0x100/0x1d0 [ 97.813581][ T69] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 97.815016][ T1132] Code: 08 84 d2 0f 85 db 00 00 00 48 85 ed 44 8b 4b 08 74 7d 48 8d bd c8 05 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 04 3c 03 7e 68 44 8b 85 c8 05 00 00 48 8d 8d [ 97.816351][ T69] linkwatch_do_dev+0x11e/0x160 [ 97.816979][ T1132] RSP: 0018:ffffc90005ff77e0 EFLAGS: 00010002 [ 97.818049][ T69] linkwatch_sync_dev+0x181/0x210 [ 97.818919][ T1132] [ 97.818926][ T1132] RAX: dffffc0000000000 RBX: ffff8881072ac020 RCX: ffffffff816d3e69 [ 97.820534][ T69] ? __pfx_ethtool_op_get_link+0x10/0x10 [ 97.821330][ T1132] RDX: 00001fffe00020b9 RSI: ffffffff816de786 RDI: 0000ffff000105c8 [ 97.822954][ T69] ethtool_op_get_link+0x1d/0x70 [ 97.824190][ T1132] RBP: 0000ffff00010000 R08: 0000000000000005 R09: 0000000000000001 [ 97.825350][ T69] bond_check_dev_link+0x197/0x490 [ 97.826744][ T1132] R10: 0000000080000001 R11: 697073203a475542 R12: ffffffff8b6d3760 [ 97.827981][ T69] ? __pfx_bond_check_dev_link+0x10/0x10 [ 97.829335][ T1132] R13: ffff8880272a2440 R14: ffffc90005ff7920 R15: 0000000000000001 [ 97.830656][ T69] ? rcu_is_watching+0x12/0xc0 [ 97.831974][ T1132] FS: 0000000000000000(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000 [ 97.832789][ T69] bond_mii_monitor+0x3c1/0x2d90 [ 97.833758][ T1132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 97.834974][ T69] ? __pfx_bond_mii_monitor+0x10/0x10 [ 97.835652][ T1132] CR2: 00005611a14a2000 CR3: 0000000024b68000 CR4: 0000000000352ef0 [ 97.837597][ T69] ? rcu_is_watching+0x12/0xc0 [ 97.838972][ T1132] Kernel panic - not syncing: Fatal exception [ 97.881496][ T1132] Kernel Offset: disabled [ 97.882653][ T1132] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:50:59 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000079 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff850b9b15 RDI=ffffffff9aaebc40 RBP=ffffffff9aaebc00 RSP=ffffc90005ff7188 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6567203a73706f4f R12=0000000000000000 R13=0000000000000079 R14=ffffffff850b9ab0 R15=0000000000000000 RIP=ffffffff850b9b3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005611a14a2000 CR3=0000000024b68000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004000000 Opmask01=00000000ffffffff Opmask02=00000000fff80800 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff9f7088e0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000094fac RBX=0000000000000001 RCX=ffffffff8b238489 RDX=ffffed100d4e7026 RSI=ffffffff8bd1b3c0 RDI=ffffffff816477cc RBP=ffffed1003b58910 RSP=ffffc90000187e08 R8 =0000000000000000 R9 =ffffed100d4e7025 R10=ffff88806a73812b R11=0000000000000000 R12=0000000000000001 R13=ffff88801dac4880 R14=ffffffff905f5988 R15=0000000000000000 RIP=ffffffff8b23986f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fa915b32060 CR3=00000000351b8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004080 Opmask01=0000000000000081 Opmask02=000000007ffeffff Opmask03=2040000404420020 Opmask04=00000000ffffffdf Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5b58b12f3022a6ab ae2f04ee9a40a4d2 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d5a16f78796c4a14 ac2b821f4b64c710 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6fae29ed23ba33a2 894c3be577e14551 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6fe09ca08194b9a0 30dc9daa844a2061 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000080 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003c3ef1ef3c 0000003cb4deeb51 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7f5615110f03d0fa 0000003c1b239282 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b7fe0000055d232a 003c3e700ddd4586 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 24e2000040b00362 003c403b33c189e4 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8655b28e87cd2bf2 82799fccdc6b0375 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e8552173b63dae99 9ed2a4c9042c8aaa ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 54003d534b4e494c 564544003d4d4554 535953425553003d 4854415056454400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 540018534b4e494c 56454400184d4554 5359534255530018 4854415056454400 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0000000000000000 00000000302d7872 2f7365756575712f ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005611a1568208 00005611a1568208 0000000000000041 75642f6d7200302e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005611a1542980 00007f49a5df2280 0000000000012fc1 0000003177617264 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a2433273f397b27 697a787c69303b7e 69305f474f5b647c 69303a2433273f39 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88806a646a00 RCX=ffffffff81815ffc RDX=ffff8880274d8000 RSI=ffffffff81815fd6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900061a7998 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed100d4c8d41 R13=0000000000000001 R14=ffff88806a646a08 R15=ffff88806a840100 RIP=ffffffff81815fdd RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055fd461c76d8 CR3=000000000df7c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fefeffd0 Opmask01=0000000001100000 Opmask02=000000000fffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000030687465 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf09d5870 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ffffff00 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000081 0000000000000020 0000000000000000 000055f800646461 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055fd00000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055c0461b1b0d 000055c04618000d 5300000d004e5850 5c535b5413495853 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d421f7667b1d5a3 000055f819cea1ac 0000000000000181 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055f819cef85b 0000000000000021 00000000316e616c ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 000055fd237d3233 73656d5f70636864 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0f6496037661 72610f7ffa6d737f 656775ff737d7fff 7f7f7d7f75777965 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000037 RCX=ffffffff816da35a RDX=ffff8880208c0000 RSI=ffffffff816da346 RDI=0000000000000001 RBP=1ffff920001acee7 RSP=ffffc90000d67728 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=3d3d3d3d3d3d3d3d R12=0000000000000001 R13=0000000000000200 R14=ffff8880272a2440 R15=ffffc90000d67810 RIP=ffffffff816da348 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f5155668710 CR3=0000000024b68000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004000400 Opmask01=00000000ffffffff Opmask02=00000000fff80800 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff9f7088e0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000