last executing test programs: 2.319989453s ago: executing program 3 (id=89): listxattr(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x148) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) r3 = open$dir(&(0x7f0000000180)='./file0\x00', 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r4, 0x2000009) sendfile(r3, r4, 0x0, 0x7ffff000) 2.316300751s ago: executing program 1 (id=90): getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x4}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000001c0)={0x5, 0x7, 0x8009, 0x6, 0x6, 0xfffffff9, 0xfffffffc, 0x80, r0}, 0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x1000000, 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') sendfile(r1, r1, 0x0, 0x4) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000003200)={'ip6tnl0\x00', &(0x7f0000003180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) r3 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000080)={0x5, 0x1, 0x1}) ioctl$vim2m_VIDIOC_QUERYBUF(r3, 0xc0585609, &(0x7f0000000100)=@userptr={0x0, 0x1, 0x4, 0x2000, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0xff, 0x0, "9436d20f"}, 0x0, 0x2, {0x0}}) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000012000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000580)="660f382941000f23d20fc79cb94e000000660f388131b9800000c00f3235002000000f30c74424005a22cb13c744240200800000c7442406000000000f0114240ff44d060f35b9800000c00f3235000800000f300f01c2", 0x57}], 0x1, 0x60, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)=':', 0x1, 0x4fed0) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r7, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r7, &(0x7f0000000000), 0xd) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000020e3312008f17fa444fd3b34fba71f27aaaf0c1bf258963be5b59b128e6ec3fd6ee07c2a2cf6302d8d07b705978d2f187bebf3921f2aaa5791e009447b6a0d743dc1f81c394e36398ab16e7458c4da7574096cd7f8f96d5f5b8788ddc23543482a8ffac77301ba4211ae41b503"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r9}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000800)=ANY=[@ANYBLOB="b70200000a000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bce5a6f087ae8f5e64be2c9d2d29db3d36dd015c7bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1c6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2982492abaa96665372831210e00d2bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f85b039d5430b3c6643e9146d2478ce31344b554aca78a"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100)={0x0, 0x2000, 0xff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r10, 0x1f2f, 0x17, 0x2f, &(0x7f00000007c0)="9f44948721919580684010a49e66", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23) connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @empty}, 0x10) 2.316054392s ago: executing program 3 (id=91): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000100)={{&(0x7f00006aa000/0x2000)=nil, 0x2000}}) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000080)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6e}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000040)) (async) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async) userfaultfd(0x80001) (async) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) (async) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) (async) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000100)={{&(0x7f00006aa000/0x2000)=nil, 0x2000}}) (async) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x4, &(0x7f0000000080)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6e}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async) 2.129650885s ago: executing program 1 (id=92): r0 = gettid() rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0x0, 0xfd, 0xffffffff}) 2.129386435s ago: executing program 3 (id=93): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000180)=0x80000001, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) creat(&(0x7f00000000c0)='./file0\x00', 0xe2) syz_emit_ethernet(0x32, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty, {[@timestamp={0x44, 0x4, 0x5e}]}}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001400add427323b472545b4560a117fffffff81000e224e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) r2 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0) r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x4, 0x183000) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x7, {{0x2, 0x0, @multicast2}}}, 0x88) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) ioctl$EVIOCSKEYCODE_V2(r3, 0x40284504, &(0x7f0000000180)={0x0, 0x8, 0x0, 0x5, "d88fd87f1ad6eeb75a957fe0213b2e100af028f0030b2eff0b61e6e66b8f37ff"}) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}]}]}, 0x5c}}, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000001040)='rose0\x00', 0x10) 2.051129437s ago: executing program 1 (id=96): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="6006000040000900fffffffffddbdf250100000099001f00460601"], 0x660}, 0x1, 0x0, 0x0, 0x8000}, 0x40010) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)) 2.050676319s ago: executing program 1 (id=97): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r0 = socket$unix(0x1, 0x1, 0x0) ioctl(r0, 0x8b01, &(0x7f0000000040)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000280)={&(0x7f0000000040), &(0x7f0000000080), &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000380)={&(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0], 0x9}) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$RTC_WKALM_SET(r5, 0x40187013, &(0x7f0000000140)={0x1, 0x0, {0x0, 0x0, 0x0, 0x15}}) ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000400)={0x6, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000d80)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001200)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000580)=[0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0], 0x6, 0x2, 0xa}) r7 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r7, 0x0, 0x0) syz_usb_control_io(r7, &(0x7f00000011c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) r9 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r9, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004001) setsockopt$sock_attach_bpf(r9, 0x6, 0x5, &(0x7f0000000040)=r8, 0x4) r10 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$KDSETKEYCODE(r10, 0x4b4d, &(0x7f0000000200)={0x70004, 0x4}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000540)={&(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0], 0x7, 0x0, 0xcccccccc}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000600)={&(0x7f0000000580), &(0x7f0000000e80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0xcccccccc}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000001140)={&(0x7f0000000640)=[0x0], &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000d40)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000900), 0x8, 0x7, 0x1}) sendmsg$NFNL_MSG_ACCT_DEL(r1, &(0x7f0000000e40)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000e00)={&(0x7f0000000940)=ANY=[@ANYBLOB="4000000000000a0000060cc90fb3aa866a3998352609000240000000000000000404ee0020fdff800c000640000000000000000508000540000000020000000000"], 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000a40)={0x200, 0x4, &(0x7f0000000440)=[r3, r4, 0x0, r6], &(0x7f0000000480)=[0x1749ac59, 0x5, 0xbe9, 0x15e4, 0x7, 0x5], &(0x7f00000009c0)=[r11, 0x0, r12], &(0x7f0000000a00)=[0xcf52, 0x0, 0x20000000000], 0x0, 0xd95}) sendmsg$NFT_BATCH(r1, &(0x7f0000005a00)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000059c0)={&(0x7f0000000f40)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a14000000080a050000000000000000000a00000034010000020a01020000000000000000020000040c00044000000000000000029d000600054f1bfc2366588508b7808dd0dced5ae74819d34cd21ca0e8a17d13af279202ab774b7bd6d8cf64ad4f3a81084d4574adf6f42dfe1f647e5a0624bcf5c536d921639e96bb33cf05b381d8367a9fae37a9cf64ac50f56b8d0c13ba94237f3edb0ff622e9e65e3c69b44e3aedc1ba4aa6b550cc39f37823d18dcc585b5b905c93f89416e6935299f682bea0ffeee96b07f616fcaf047dbfa7000000004a31cd6f00000000000000020c00044000000000000000024a0006009c82a54f8e169ffb9e2d1ce206deeec23431e8be95f40169053832ebbcb74f32d7be1de7a872b0ce956a03dc416c5da7b4f8dbec3db155a91e6aa3a0febe99b1bd2c33272f2a00000800024000000004080002400000000218000000120a0108000000000000000000000005040004803c0000000e0a03000000000000000000000000080900010073797a3000000000080004400000000208000440000000030900020073797a3000000000140000001100010000000000000000000a00000a"], 0x1c4}}, 0x64) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r14 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) r15 = dup(r14) ioctl$KVM_CREATE_VCPU(r15, 0xae41, 0x0) 900.530644ms ago: executing program 3 (id=113): socket$inet_udp(0x2, 0x2, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f00000018c0)=[{{&(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x22, 0x3, 0x4}}, 0x80, 0x0}}], 0x1, 0x4000800) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b"], 0xfc) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff}}, './file0\x00'}) r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r0, 0x4048aecb, &(0x7f0000000080)=ANY=[]) ioctl$KVM_GET_VCPU_EVENTS(r3, 0xc048aeca, &(0x7f0000000080)) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1400}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GENEVE_UDP_ZERO_CSUM6_RX={0x5}, @IFLA_GENEVE_PORT={0x6, 0x5, 0x4e24}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0xc014}, 0x0) r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100)) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r7, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000540)={0x24, r8, 0x1, 0x4000000, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}]}, 0x24}}, 0x0) ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) dup3(r6, r5, 0x80000) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/custom0\x00', 0x0, 0x0) gettid() 710.615549ms ago: executing program 3 (id=119): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) 710.414374ms ago: executing program 3 (id=120): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000180), 0xed) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x32) setresuid(0x0, r3, 0x0) r4 = socket$pppl2tp(0x18, 0x1, 0x1) r5 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r4, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r5, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32) ioctl$BTRFS_IOC_QGROUP_LIMIT(r4, 0x8030942b, &(0x7f00000002c0)={0x0, {0x21, 0x7a1a173f, 0xd6, 0x8000000000000000, 0x80000000}}) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r6, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f00000006c0)=""/212, 0xd4}, {&(0x7f00000004c0)=""/228, 0xe4}, {&(0x7f0000000a00)=""/247, 0xf7}, {&(0x7f00000007c0)=""/185, 0xb9}, {&(0x7f0000000400)=""/29, 0x1d}, {&(0x7f0000000940)=""/183, 0xb7}, {&(0x7f0000000c00)=""/110, 0x6e}, {&(0x7f0000005680)=""/4099, 0x1003}], 0x8}, 0x0) r7 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r8) r9 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000380)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth1_to_bond\x00'}}]}, 0x38}}, 0x0) setresuid(0xffffffffffffffff, 0x0, r8) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x44008, &(0x7f0000000100)={[{@noswap}, {@inode32}, {@inode32}, {@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x72, 0x34, 0x65]}}, {@nr_inodes={'nr_inodes', 0x3d, [0x65]}}, {@usrquota_inode_hardlimit={'usrquota_inode_hardlimit', 0x3d, [0x2e, 0x0]}}], [{@obj_type={'obj_type', 0x3d, 'memory.events.local\x00'}}, {@dont_appraise}, {@smackfsfloor={'smackfsfloor', 0x3d, 'memory.events.local\x00'}}, {@euid_gt={'euid>', r3}}, {@fowner_eq={'fowner', 0x3d, r8}}, {@uid_gt={'uid>', 0xffffffffffffffff}}]}) getsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, 0x0, &(0x7f0000000080)) 610.825168ms ago: executing program 2 (id=122): r0 = socket(0x2a, 0x2, 0x0) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xffff, 0x2}, {}, {0x10, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}}, 0x4) ioctl$VIDIOC_ENUMINPUT(0xffffffffffffffff, 0xc050561a, &(0x7f00000001c0)={0x3, "bff09f08ffda5bcc4fda2e464f651e10e258bb7d2206376dc8d729763f8dc6df", 0x1, 0x17f, 0x4, 0x3200e0, 0x2010800, 0x8}) r2 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r2, 0x0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x3580) 540.158691ms ago: executing program 0 (id=123): mkdir(&(0x7f0000000400)='./file1\x00', 0x0) (async) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00') mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000000300)={'trans=virtio,', {[{@access_uid}]}}) (async) read$FUSE(r0, &(0x7f0000000980)={0x2020}, 0x2020) (async) r1 = openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x2}) (async) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) ioctl$TCSETAF(r4, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0x0, 0xbfff, 0x0, "ec28a144f13d7607"}) (async) write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) (async) r5 = syz_open_pts(r4, 0x0) r6 = dup3(r5, r4, 0x0) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000000)=0x44) (async) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r7}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async) r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r8}, 0x8) close(r9) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async) r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x8, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r10}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f0000000840)={r11, 0x0, 0x0}, 0x10) (async) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r10}, &(0x7f0000000300), &(0x7f0000000400)=r7}, 0x20) (async) ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000200)) 539.943139ms ago: executing program 2 (id=124): listxattr(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x148) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r1 = dup(r0) write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f00000000c0)={0x14c}, 0x137) chmod(&(0x7f0000000340)='./file0\x00', 0x0) r2 = open$dir(&(0x7f0000000180)='./file0\x00', 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r3, 0x2000009) sendfile(r2, r3, 0x0, 0x7ffff000) 348.334672ms ago: executing program 0 (id=125): r0 = syz_io_uring_setup(0x2690, &(0x7f0000000580)={0x0, 0x4fe4, 0x400, 0x0, 0x15f}, &(0x7f0000000140)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_setup(0x7b54, &(0x7f0000000000)={0x0, 0x5523, 0x800, 0x0, 0x209, 0x0, r0}, &(0x7f00000000c0)=0x0, &(0x7f0000000100)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x0, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r4 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r4, &(0x7f00000000c0), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) sendmsg$can_bcm(r4, &(0x7f0000000280)={&(0x7f0000000040)={0x1d, r5}, 0x10, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000000100000000000000fd45fcbca05679967de018a0"], 0x48}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_REMOVE={0x7, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x403cdd, 0x0, 0x1, 0x0, 0x0) 347.674581ms ago: executing program 2 (id=126): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1) sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x18080010}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9ebf3d144edb2a5b992dda41aea414000000", @ANYRES16=r3, @ANYBLOB="200026bd7000fddbdf2582000000"], 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0x41) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', 0x0}) prctl$PR_GET_DUMPABLE(0x3) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)={0x28, r2, 0x1, 0x70bd2b, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000044}, 0x8800) 301.013723ms ago: executing program 1 (id=127): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0x80045300, 0xfffffffffffffffe) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 231.046985ms ago: executing program 0 (id=128): openat$mixer(0xffffffffffffff9c, &(0x7f0000000140), 0x4000, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1) mount(&(0x7f0000000080)=@sr0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='efs\x00', 0x483, 0x0) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @empty}, 0x10) sendmmsg$inet(r0, &(0x7f00000000c0), 0x0, 0x0) 230.750576ms ago: executing program 2 (id=129): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0xfffffffffffffd71, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0) (fail_nth: 16) 170.900877ms ago: executing program 0 (id=130): r0 = gettid() rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0x0, 0xf000, 0xffffffff}) 170.597167ms ago: executing program 0 (id=131): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)=':', 0x1, 0x4fed0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000080)={0x20, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0xc, 0x17, 0x0, 0x0, @u64=0x6}]}, 0x20}, 0x1, 0x0, 0x0, 0x8}, 0x20000000) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, 0x0, 0x0, 0x1adc51, 0x0) r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0) preadv(r6, &(0x7f0000000ac0)=[{&(0x7f0000000280)=""/8, 0x8}], 0x1, 0x0, 0x0) r7 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r7, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc) write(r7, 0x0, 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f00000001c0)='./file0/file0/file0\x00', 0x0, 0x12f451, 0x0) mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0) umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb) r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r8, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x30}}, 0x0) sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="600000002900010000000000fedbdf250800d0000300000048002b808e79180b5a529c53f7502ece33f5fdbf1657d194f0810ededefadaf8a9558b041d25aa63027bee1aaeb2bd3c364c4efefb3299e6e8ab98064b991e9bc0aa49856963e460"], 0x60}], 0x1}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@ipv4_newnexthop={0x80, 0x68, 0x300, 0x70bd28, 0x25dfdbff, {0x2, 0x0, 0x2, 0x0, 0x1}, [@NHA_ID={0x8, 0x1, 0x2}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}, @NHA_ID={0x8}, @NHA_RES_GROUP={0x1c, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0xe}, @NHA_RES_GROUP_UNBALANCED_TIMER={0x8, 0x3, 0xd}, @NHA_RES_GROUP_IDLE_TIMER={0x8, 0x2, 0x18}]}, @NHA_ID={0x8}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}, @NHA_RES_GROUP={0xc, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x6}]}, @NHA_GATEWAY={0x14, 0x6, @in6_addr=@mcast2}, @NHA_BLACKHOLE={0x4}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 90.977119ms ago: executing program 1 (id=132): r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="ae1b127c", 0x4, 0xffffffffffffffff) keyctl$setperm(0x5, r0, 0x800) keyctl$invalidate(0x15, r0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000005c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_STATION(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="21012cbd7000000000001400000008000300", @ANYRES32=r3, @ANYRESHEX=r2], 0x2c}}, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x121040, 0x0) mount(&(0x7f0000000380)=@filename='./file0\x00', &(0x7f0000000040)='./bus\x00', 0x0, 0x80, 0x0) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x20, &(0x7f0000000040)=0x2, 0x4) syz_usb_connect(0x0, 0x24, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001c80)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="57096e03936b0bfd0bd85adb9913e085d09664f17a80772fdd4b79ba138d0a1d4bd6d9e5f05f56b92de92427fe3419fc7b904d3c98b7eaecdd4c4acb14f195d2ed90a1d3ad5f", 0x46}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000004c0)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e76409f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720cbaa1b2eab45e3596ccc15f97df3bf6f8ad001d40702cbdbbf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d239206ddc3509f664052a6c66c62f62a49fde8fbe4c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b059144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3802ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f930763df331695024bd1e53369a87caf6894fce811a64dad315402678de7600"/917, 0x395}, {&(0x7f00000003c0)="439e9c06fc666cabc8569d63a866b31ff3ceda1e28f23f455e96a02001fc3fb019358707671a8e8491f87b5a77fab9f6ef5d3b9c6deec0eb8b7d35e1240f4ae4af773efdb315fc14c4df3d07113e65c9ceb0c83bce", 0x55}], 0x2}}], 0x60, 0x0) r6 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r6, 0xab00, r7) r8 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) sendmsg$AUDIT_USER_TTY(0xffffffffffffffff, 0x0, 0x4000011) ioctl$NBD_SET_FLAGS(r8, 0xab0a, 0x1000001000104) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x52, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYRESHEX], 0x20}}, 0x20000000) ioctl$NBD_SET_SOCK(r8, 0xab00, r7) ioctl$NBD_SET_SOCK(r6, 0xab00, r4) ioctl$NBD_DO_IT(r6, 0xab03) ioctl$NBD_CLEAR_SOCK(r8, 0xab04) unlink(&(0x7f0000000080)='./bus\x00') 981.25µs ago: executing program 2 (id=133): mknod$loop(&(0x7f0000000100)='./file0\x00', 0x8000, 0x1) (async) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='efs\x00', 0x483, 0x0) 692.967µs ago: executing program 0 (id=134): listxattr(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x148) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r1 = dup(r0) write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f00000000c0)={0x14c}, 0x137) chmod(&(0x7f0000000340)='./file0\x00', 0x0) r2 = open$dir(&(0x7f0000000180)='./file0\x00', 0x1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r3, 0x2000009) sendfile(r2, r3, 0x0, 0x7ffff000) 0s ago: executing program 2 (id=135): listxattr(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x148) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap']) chmod(&(0x7f0000000340)='./file0\x00', 0x0) r3 = open$dir(&(0x7f0000000180)='./file0\x00', 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r4, 0x2000009) sendfile(r3, r4, 0x0, 0x7ffff000) utime(&(0x7f0000003000)='./file0\x00', 0x0) (fail_nth: 4) kernel console output (not intermixed with test programs): [ 38.233831][ T40] audit: type=1400 audit(1734402985.275:81): avc: denied { rlimitinh } for pid=5920 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 38.240645][ T40] audit: type=1400 audit(1734402985.275:82): avc: denied { siginh } for pid=5920 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 39.182000][ T40] audit: type=1400 audit(1734402986.235:83): avc: denied { read } for pid=5337 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 39.187651][ T40] audit: type=1400 audit(1734402986.235:84): avc: denied { append } for pid=5337 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.193206][ T40] audit: type=1400 audit(1734402986.235:85): avc: denied { open } for pid=5337 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.199069][ T40] audit: type=1400 audit(1734402986.235:86): avc: denied { getattr } for pid=5337 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:57046' (ED25519) to the list of known hosts. [ 40.105906][ T40] audit: type=1400 audit(1734402987.165:87): avc: denied { name_bind } for pid=5925 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 41.820741][ T5927] cgroup: Unknown subsys name 'net' [ 41.966765][ T5927] cgroup: Unknown subsys name 'cpuset' [ 41.969775][ T5927] cgroup: Unknown subsys name 'rlimit' [ 42.163336][ T5932] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 42.758452][ T5927] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.209146][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 44.209161][ T40] audit: type=1400 audit(1734402991.265:105): avc: denied { execmem } for pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.354183][ T40] audit: type=1400 audit(1734402991.405:106): avc: denied { create } for pid=5938 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 44.361150][ T40] audit: type=1400 audit(1734402991.405:107): avc: denied { read write } for pid=5938 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 44.369696][ T40] audit: type=1400 audit(1734402991.405:108): avc: denied { open } for pid=5938 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 44.377756][ T40] audit: type=1400 audit(1734402991.415:109): avc: denied { ioctl } for pid=5939 comm="syz-executor" path="socket:[478]" dev="sockfs" ino=478 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 44.389393][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 44.403758][ T5944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 44.405431][ T5948] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 44.406851][ T5944] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 44.408898][ T5948] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 44.411744][ T5944] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 44.412949][ T5948] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 44.414752][ T5944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 44.416603][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 44.418455][ T5944] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 44.420716][ T5948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 44.421751][ T5951] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 44.422006][ T5944] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 44.422113][ T5944] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 44.423764][ T5944] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 44.423924][ T5948] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 44.424048][ T5948] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 44.426468][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 44.431487][ T40] audit: type=1400 audit(1734402991.485:110): avc: denied { read } for pid=5938 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 44.433043][ T5951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 44.434151][ T5948] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 44.434347][ T40] audit: type=1400 audit(1734402991.485:111): avc: denied { open } for pid=5938 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 44.436191][ T5951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 44.441486][ T40] audit: type=1400 audit(1734402991.485:112): avc: denied { mounton } for pid=5939 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 44.448151][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 44.461360][ T5951] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 44.463725][ T5951] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 44.558322][ T40] audit: type=1400 audit(1734402991.615:113): avc: denied { module_request } for pid=5939 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 44.571395][ T5939] chnl_net:caif_netlink_parms(): no params data found [ 44.648307][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 44.678010][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 44.690288][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.692195][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.694098][ T5939] bridge_slave_0: entered allmulticast mode [ 44.696552][ T5939] bridge_slave_0: entered promiscuous mode [ 44.700168][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.701983][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.703809][ T5939] bridge_slave_1: entered allmulticast mode [ 44.706017][ T5939] bridge_slave_1: entered promiscuous mode [ 44.719886][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 44.763949][ T5939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.770795][ T5939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.841967][ T5939] team0: Port device team_slave_0 added [ 44.843700][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.845695][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.847665][ T5938] bridge_slave_0: entered allmulticast mode [ 44.849663][ T5938] bridge_slave_0: entered promiscuous mode [ 44.855616][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.857514][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.859400][ T5938] bridge_slave_1: entered allmulticast mode [ 44.861437][ T5938] bridge_slave_1: entered promiscuous mode [ 44.864941][ T5939] team0: Port device team_slave_1 added [ 44.948679][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.950643][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.952937][ T5949] bridge_slave_0: entered allmulticast mode [ 44.955979][ T5949] bridge_slave_0: entered promiscuous mode [ 44.960160][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.962738][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.965440][ T5949] bridge_slave_1: entered allmulticast mode [ 44.968387][ T5949] bridge_slave_1: entered promiscuous mode [ 44.979384][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.982115][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.983959][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.990654][ T5939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.994093][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.996047][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.997966][ T5945] bridge_slave_0: entered allmulticast mode [ 44.999970][ T5945] bridge_slave_0: entered promiscuous mode [ 45.020190][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.023603][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.026573][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.028628][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.035694][ T5939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.038804][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.040632][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.042464][ T5945] bridge_slave_1: entered allmulticast mode [ 45.044609][ T5945] bridge_slave_1: entered promiscuous mode [ 45.074743][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.120317][ T5938] team0: Port device team_slave_0 added [ 45.126548][ T5949] team0: Port device team_slave_0 added [ 45.154440][ T5938] team0: Port device team_slave_1 added [ 45.171101][ T5949] team0: Port device team_slave_1 added [ 45.174048][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.187420][ T5939] hsr_slave_0: entered promiscuous mode [ 45.189717][ T5939] hsr_slave_1: entered promiscuous mode [ 45.216963][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.233393][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.235728][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.242410][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.265472][ T5945] team0: Port device team_slave_0 added [ 45.267553][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.270019][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.279193][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.296386][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.298275][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.305573][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.310841][ T5945] team0: Port device team_slave_1 added [ 45.319773][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.322197][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.330966][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.388070][ T5938] hsr_slave_0: entered promiscuous mode [ 45.389933][ T5938] hsr_slave_1: entered promiscuous mode [ 45.391724][ T5938] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.393807][ T5938] Cannot create hsr debugfs directory [ 45.396746][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.398699][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.405526][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.418817][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.420673][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.427974][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.454098][ T5949] hsr_slave_0: entered promiscuous mode [ 45.456150][ T5949] hsr_slave_1: entered promiscuous mode [ 45.458029][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.460030][ T5949] Cannot create hsr debugfs directory [ 45.539651][ T5945] hsr_slave_0: entered promiscuous mode [ 45.541610][ T5945] hsr_slave_1: entered promiscuous mode [ 45.544133][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.547353][ T5945] Cannot create hsr debugfs directory [ 45.663274][ T5939] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 45.669350][ T5939] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 45.674437][ T5939] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 45.683714][ T5939] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 45.699934][ T5949] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 45.705198][ T5949] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 45.708846][ T5949] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 45.716950][ T5949] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 45.732666][ T5938] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 45.737148][ T5938] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 45.741429][ T5938] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 45.744751][ T5938] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 45.774710][ T5945] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 45.777988][ T5945] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 45.781109][ T5945] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 45.785467][ T5945] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 45.809337][ T5939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.826785][ T5939] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.841211][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.843215][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.859753][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.861566][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.897030][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.903116][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.913288][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.918158][ T40] audit: type=1400 audit(1734402992.975:114): avc: denied { sys_module } for pid=5939 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 45.920966][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.925938][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.931662][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.939239][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.946524][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.949109][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.960054][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.961937][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.970541][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.975695][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.977617][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.986933][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.988865][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.998505][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.000412][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.015802][ T5939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.047848][ T5939] veth0_vlan: entered promiscuous mode [ 46.051843][ T5939] veth1_vlan: entered promiscuous mode [ 46.068548][ T5939] veth0_macvtap: entered promiscuous mode [ 46.071651][ T5939] veth1_macvtap: entered promiscuous mode [ 46.083265][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.088855][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.094368][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.099548][ T5939] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.102398][ T5939] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.106193][ T5939] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.108517][ T5939] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.118943][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.152010][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.157781][ T5938] veth0_vlan: entered promiscuous mode [ 46.172941][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.175906][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.180414][ T5938] veth1_vlan: entered promiscuous mode [ 46.187145][ T5949] veth0_vlan: entered promiscuous mode [ 46.199791][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.201664][ T5949] veth1_vlan: entered promiscuous mode [ 46.201840][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.207312][ T5945] veth0_vlan: entered promiscuous mode [ 46.214978][ T5945] veth1_vlan: entered promiscuous mode [ 46.226506][ T5938] veth0_macvtap: entered promiscuous mode [ 46.235754][ T5938] veth1_macvtap: entered promiscuous mode [ 46.239710][ T5939] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 46.240757][ T5945] veth0_macvtap: entered promiscuous mode [ 46.251800][ T5945] veth1_macvtap: entered promiscuous mode [ 46.261051][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.266565][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.271096][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.276980][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.279772][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.282367][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.286341][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.289761][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.293675][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.297230][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.300431][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.304848][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.307566][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.310089][ T5938] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.312790][ T5938] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.316321][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.318488][ T5949] veth0_macvtap: entered promiscuous mode [ 46.322990][ T5949] veth1_macvtap: entered promiscuous mode [ 46.326885][ T5945] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.329474][ T5945] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.331725][ T5945] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.334003][ T5945] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.340384][ T5938] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.342697][ T5938] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.346179][ T5938] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.348481][ T5938] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.356957][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.359680][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.362270][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.365247][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.367802][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.369768][ T6002] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6'. [ 46.370465][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.372551][ T6002] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6'. [ 46.375639][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.380320][ T6002] Zero length message leads to an empty skb [ 46.383721][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.386817][ T6004] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6'. [ 46.387534][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.389041][ T6004] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6'. [ 46.391547][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.398988][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.401570][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.405712][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.409485][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.413096][ T5949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.416177][ T5949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.418463][ T5949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.420719][ T5949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.461768][ T1053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.463955][ T1053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.465266][ T5943] Bluetooth: hci3: command tx timeout [ 46.466539][ T5951] Bluetooth: hci1: command tx timeout [ 46.475146][ T5951] Bluetooth: hci0: command tx timeout [ 46.479256][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.481303][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.487373][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.489398][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.498690][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.500801][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.515075][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.517253][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.532703][ T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.536530][ T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.540928][ T5951] Bluetooth: hci0: Malformed LE Event: 0x0b [ 46.544428][ T5951] Bluetooth: hci2: command tx timeout [ 46.607139][ T6020] netlink: 'syz.3.8': attribute type 23 has an invalid length. [ 46.609403][ T6020] FAULT_INJECTION: forcing a failure. [ 46.609403][ T6020] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 46.615200][ T6020] CPU: 2 UID: 0 PID: 6020 Comm: syz.3.8 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 46.618987][ T6020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 46.622474][ T6020] Call Trace: [ 46.623655][ T6020] [ 46.624685][ T6020] dump_stack_lvl+0x16c/0x1f0 [ 46.625895][ T6020] should_fail_ex+0x497/0x5b0 [ 46.627126][ T6020] ? fs_reclaim_acquire+0xae/0x150 [ 46.628446][ T6020] should_fail_alloc_page+0xe7/0x130 [ 46.629807][ T6020] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 46.631544][ T6020] ? wiphy_new_nm+0x701/0x2160 [ 46.633181][ T6020] __alloc_pages_noprof+0x190/0x25b0 [ 46.634991][ T6020] ? __pfx_mark_lock+0x10/0x10 [ 46.636664][ T6020] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 46.638703][ T6020] ? hlock_class+0x4e/0x130 [ 46.640322][ T6020] ? mark_lock+0xb5/0xc60 [ 46.641543][ T6020] ? wiphy_new_nm+0x701/0x2160 [ 46.643176][ T6020] ___kmalloc_large_node+0x84/0x1b0 [ 46.644783][ T6020] __kmalloc_large_node_noprof+0x1c/0x70 [ 46.646234][ T6020] ? lock_acquire.part.0+0x11b/0x380 [ 46.647624][ T6020] __kmalloc_noprof.cold+0xc/0x61 [ 46.648928][ T6020] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 46.650614][ T6020] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 46.652432][ T6020] wiphy_new_nm+0x701/0x2160 [ 46.653635][ T6020] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 46.655311][ T6020] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 46.657044][ T6020] ieee80211_alloc_hw_nm+0x1b7a/0x2260 [ 46.658483][ T6020] ? __local_bh_enable_ip+0xa4/0x120 [ 46.659873][ T6020] mac80211_hwsim_new_radio+0x1d6/0x54d0 [ 46.661334][ T6020] ? __pfx__printk+0x10/0x10 [ 46.662730][ T6020] ? __pfx____ratelimit+0x10/0x10 [ 46.664478][ T6020] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 46.666022][ T6020] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 46.667644][ T6020] hwsim_new_radio_nl+0xb42/0x12b0 [ 46.668971][ T6020] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 46.670407][ T6020] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 46.672528][ T6020] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 46.675410][ T6020] genl_family_rcv_msg_doit+0x202/0x2f0 [ 46.677457][ T6020] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 46.679690][ T6020] ? bpf_lsm_capable+0x9/0x10 [ 46.681213][ T6020] ? security_capable+0x7e/0x260 [ 46.682841][ T6020] ? ns_capable+0xd7/0x110 [ 46.684503][ T6020] genl_rcv_msg+0x565/0x800 [ 46.685729][ T6020] ? __pfx_genl_rcv_msg+0x10/0x10 [ 46.687048][ T6020] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 46.688530][ T6020] netlink_rcv_skb+0x16b/0x440 [ 46.689794][ T6020] ? __pfx_genl_rcv_msg+0x10/0x10 [ 46.691138][ T6020] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 46.692867][ T6020] ? down_read+0xc9/0x330 [ 46.693449][ T5951] Bluetooth: Unexpected continuation frame (len 4) [ 46.694459][ T6020] ? __pfx_down_read+0x10/0x10 [ 46.697993][ T6020] ? netlink_deliver_tap+0x1ae/0xd30 [ 46.699400][ T6020] genl_rcv+0x28/0x40 [ 46.700611][ T6020] netlink_unicast+0x53c/0x7f0 [ 46.701956][ T6020] ? __pfx_netlink_unicast+0x10/0x10 [ 46.703933][ T6020] netlink_sendmsg+0x8b8/0xd70 [ 46.705376][ T6020] ? __pfx_netlink_sendmsg+0x10/0x10 [ 46.706756][ T6020] ____sys_sendmsg+0xaaf/0xc90 [ 46.708061][ T6020] ? copy_msghdr_from_user+0x10b/0x160 [ 46.709479][ T6020] ? __pfx_____sys_sendmsg+0x10/0x10 [ 46.710895][ T6020] ___sys_sendmsg+0x135/0x1e0 [ 46.712168][ T6020] ? __pfx____sys_sendmsg+0x10/0x10 [ 46.713535][ T6020] ? __pfx_lock_release+0x10/0x10 [ 46.714853][ T6020] ? trace_lock_acquire+0x14e/0x1f0 [ 46.716232][ T6020] ? __fget_files+0x206/0x3a0 [ 46.717486][ T6020] __sys_sendmsg+0x16e/0x220 [ 46.718699][ T6020] ? __pfx___sys_sendmsg+0x10/0x10 [ 46.720063][ T6020] do_syscall_64+0xcd/0x250 [ 46.721265][ T6020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.722894][ T6020] RIP: 0033:0x7fbf19b85d19 [ 46.724098][ T6020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.729097][ T6020] RSP: 002b:00007fbf1a98f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 46.731258][ T6020] RAX: ffffffffffffffda RBX: 00007fbf19d75fa0 RCX: 00007fbf19b85d19 [ 46.733323][ T6020] RDX: 0000000020000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 46.735407][ T6020] RBP: 00007fbf1a98f090 R08: 0000000000000000 R09: 0000000000000000 [ 46.737467][ T6020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 46.739519][ T6020] R13: 0000000000000000 R14: 00007fbf19d75fa0 R15: 00007fffdc9ac778 [ 46.741576][ T6020] [ 46.745275][ T6020] Bluetooth: MGMT ver 1.23 [ 46.746686][ T6020] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 46.750246][ T6020] netlink: 'syz.3.8': attribute type 1 has an invalid length. [ 46.752390][ T6020] netlink: 224 bytes leftover after parsing attributes in process `syz.3.8'. [ 46.914276][ T6039] FAULT_INJECTION: forcing a failure. [ 46.914276][ T6039] name failslab, interval 1, probability 0, space 0, times 0 [ 46.917694][ T6039] CPU: 1 UID: 0 PID: 6039 Comm: syz.3.15 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 46.920401][ T6039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 46.923187][ T6039] Call Trace: [ 46.924064][ T6039] [ 46.924846][ T6039] dump_stack_lvl+0x16c/0x1f0 [ 46.926081][ T6039] should_fail_ex+0x497/0x5b0 [ 46.927337][ T6039] ? fs_reclaim_acquire+0xae/0x150 [ 46.928670][ T6039] should_failslab+0xc2/0x120 [ 46.929902][ T6039] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 46.931413][ T6039] ? __alloc_skb+0x2b1/0x380 [ 46.932626][ T6039] __alloc_skb+0x2b1/0x380 [ 46.933796][ T6039] ? __pfx___alloc_skb+0x10/0x10 [ 46.935097][ T6039] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 46.936436][ T6039] netlink_ack+0x15f/0xb80 [ 46.937637][ T6039] netlink_rcv_skb+0x348/0x440 [ 46.938897][ T6039] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 46.940324][ T6039] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 46.941703][ T6039] ? netlink_deliver_tap+0x1ae/0xd30 [ 46.943091][ T6039] netlink_unicast+0x53c/0x7f0 [ 46.944340][ T6039] ? __pfx_netlink_unicast+0x10/0x10 [ 46.945712][ T6039] netlink_sendmsg+0x8b8/0xd70 [ 46.946966][ T6039] ? __pfx_netlink_sendmsg+0x10/0x10 [ 46.948367][ T6039] ____sys_sendmsg+0xaaf/0xc90 [ 46.949619][ T6039] ? copy_msghdr_from_user+0x10b/0x160 [ 46.951033][ T6039] ? __pfx_____sys_sendmsg+0x10/0x10 [ 46.952408][ T6039] ? __lock_acquire+0xcc5/0x3c40 [ 46.953708][ T6039] ___sys_sendmsg+0x135/0x1e0 [ 46.954934][ T6039] ? __pfx____sys_sendmsg+0x10/0x10 [ 46.956290][ T6039] ? trace_lock_acquire+0x14e/0x1f0 [ 46.957677][ T6039] __sys_sendmmsg+0x201/0x420 [ 46.958907][ T6039] ? __pfx___sys_sendmmsg+0x10/0x10 [ 46.960266][ T6039] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 46.961824][ T6039] ? fput+0x67/0x440 [ 46.962855][ T6039] ? ksys_write+0x1ba/0x250 [ 46.964049][ T6039] ? __pfx_ksys_write+0x10/0x10 [ 46.965319][ T6039] __x64_sys_sendmmsg+0x9c/0x100 [ 46.966602][ T6039] ? lockdep_hardirqs_on+0x7c/0x110 [ 46.968003][ T6039] do_syscall_64+0xcd/0x250 [ 46.969195][ T6039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.970732][ T6039] RIP: 0033:0x7fbf19b85d19 [ 46.971907][ T6039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.976735][ T6039] RSP: 002b:00007fbf1a98f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 46.978907][ T6039] RAX: ffffffffffffffda RBX: 00007fbf19d75fa0 RCX: 00007fbf19b85d19 [ 46.980986][ T6039] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 46.982997][ T6039] RBP: 00007fbf1a98f090 R08: 0000000000000000 R09: 0000000000000000 [ 46.985035][ T6039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 46.987109][ T6039] R13: 0000000000000000 R14: 00007fbf19d75fa0 R15: 00007fffdc9ac778 [ 46.989191][ T6039] [ 47.314399][ T5979] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 47.484308][ T5979] usb 8-1: Using ep0 maxpacket: 8 [ 47.488351][ T5979] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 47.491248][ T5979] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 47.493617][ T5979] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 47.497458][ T5979] usb 8-1: config 0 descriptor?? [ 47.502295][ T5951] Bluetooth: Unexpected continuation frame (len 4) [ 47.703967][ T5979] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 47.771920][ T6063] netlink: 4 bytes leftover after parsing attributes in process `syz.2.32'. [ 47.772035][ T6062] Driver unsupported XDP return value 0 on prog (id 3) dev N/A, expect packet loss! [ 47.778424][ T6063] netlink: 404 bytes leftover after parsing attributes in process `syz.2.32'. [ 47.782966][ T6056] netlink: 40 bytes leftover after parsing attributes in process `syz.1.22'. [ 47.819969][ T5951] Bluetooth: Unexpected continuation frame (len 4) [ 47.948942][ T5951] Bluetooth: hci2: Malformed LE Event: 0x0b [ 48.106559][ T25] usb 8-1: USB disconnect, device number 2 [ 48.413900][ T6086] afs: Unknown parameter '½ ' [ 48.439320][ T6088] netlink: 12 bytes leftover after parsing attributes in process `syz.1.35'. [ 48.544679][ T5943] Bluetooth: hci3: command tx timeout [ 48.544852][ T5951] Bluetooth: hci0: command tx timeout [ 48.554442][ T5951] Bluetooth: hci1: command tx timeout [ 48.600830][ T6104] netlink: 15 bytes leftover after parsing attributes in process `syz.2.40'. [ 48.605363][ T6104] syz.2.40: attempt to access beyond end of device [ 48.605363][ T6104] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 48.608944][ T6104] syz.2.40: attempt to access beyond end of device [ 48.608944][ T6104] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0 [ 48.624476][ T5951] Bluetooth: hci2: command tx timeout [ 48.648055][ T5951] Bluetooth: Unexpected continuation frame (len 4) [ 48.692496][ T6115] xt_ipcomp: unknown flags 12 [ 48.711190][ T6118] netlink: 'syz.2.48': attribute type 23 has an invalid length. [ 48.733400][ T6118] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 48.737715][ T6118] netlink: 'syz.2.48': attribute type 1 has an invalid length. [ 48.894514][ T5951] Bluetooth: hci2: Malformed LE Event: 0x0b [ 49.063280][ T6142] bridge_slave_1: left allmulticast mode [ 49.071251][ T6142] bridge_slave_1: left promiscuous mode [ 49.073316][ T6142] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.095848][ T6142] bridge_slave_0: left allmulticast mode [ 49.097952][ T6142] bridge_slave_0: left promiscuous mode [ 49.100169][ T6142] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.543023][ T6153] FAULT_INJECTION: forcing a failure. [ 49.543023][ T6153] name failslab, interval 1, probability 0, space 0, times 0 [ 49.546873][ T6153] CPU: 3 UID: 0 PID: 6153 Comm: syz.1.62 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 49.549623][ T6153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 49.552342][ T6153] Call Trace: [ 49.553259][ T6153] [ 49.554006][ T6153] dump_stack_lvl+0x16c/0x1f0 [ 49.555251][ T6153] should_fail_ex+0x497/0x5b0 [ 49.556490][ T6153] ? fs_reclaim_acquire+0xae/0x150 [ 49.557855][ T6153] should_failslab+0xc2/0x120 [ 49.559091][ T6153] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 49.560462][ T6153] ? lockdep_init_map_type+0x16d/0x7d0 [ 49.561879][ T6153] ? security_inode_alloc+0x3b/0x2b0 [ 49.563585][ T6153] security_inode_alloc+0x3b/0x2b0 [ 49.565458][ T6153] inode_init_always_gfp+0xce4/0x1030 [ 49.567423][ T6153] alloc_inode+0x82/0x230 [ 49.568927][ T6153] sock_alloc+0x40/0x280 [ 49.570037][ T6153] __sock_create+0xc1/0x8d0 [ 49.571239][ T6153] udp_sock_create6+0xc8/0x6a0 [ 49.572970][ T6153] ? static_key_fast_inc_not_disabled+0x157/0x1e0 [ 49.575375][ T6153] ? __pfx_udp_sock_create6+0x10/0x10 [ 49.577469][ T6153] ? cpus_read_unlock+0x83/0x150 [ 49.579274][ T6153] wg_socket_init+0x52f/0xb40 [ 49.580969][ T6153] ? __pfx_wg_socket_init+0x10/0x10 [ 49.582794][ T6153] ? mark_lock+0xb5/0xc60 [ 49.584388][ T6153] ? __pfx_wg_receive+0x10/0x10 [ 49.586247][ T6153] ? find_held_lock+0x2d/0x110 [ 49.588028][ T6153] ? __pfx_lock_release+0x10/0x10 [ 49.589781][ T6153] ? mark_held_locks+0x9f/0xe0 [ 49.591449][ T6153] ? __local_bh_enable_ip+0xa4/0x120 [ 49.593324][ T6153] wg_set_device+0xda6/0x13e0 [ 49.595053][ T6153] ? __pfx_wg_set_device+0x10/0x10 [ 49.596903][ T6153] ? rcu_is_watching+0x12/0xc0 [ 49.598658][ T6153] ? __nla_parse+0x40/0x60 [ 49.600271][ T6153] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 49.602841][ T6153] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 49.605471][ T6153] genl_family_rcv_msg_doit+0x202/0x2f0 [ 49.607479][ T6153] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 49.609679][ T6153] ? bpf_lsm_capable+0x9/0x10 [ 49.611369][ T6153] ? security_capable+0x7e/0x260 [ 49.613006][ T6153] ? ns_capable+0xd7/0x110 [ 49.614104][ T6153] genl_rcv_msg+0x565/0x800 [ 49.615238][ T6153] ? __pfx_genl_rcv_msg+0x10/0x10 [ 49.616538][ T6153] ? __pfx_wg_set_device+0x10/0x10 [ 49.617937][ T6153] netlink_rcv_skb+0x16b/0x440 [ 49.619198][ T6153] ? __pfx_genl_rcv_msg+0x10/0x10 [ 49.620520][ T6153] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 49.621890][ T6153] ? down_read+0xc9/0x330 [ 49.623228][ T6153] ? __pfx_down_read+0x10/0x10 [ 49.624974][ T6153] ? netlink_deliver_tap+0x1ae/0xd30 [ 49.626924][ T6153] genl_rcv+0x28/0x40 [ 49.628400][ T6153] netlink_unicast+0x53c/0x7f0 [ 49.629786][ T6153] ? __pfx_netlink_unicast+0x10/0x10 [ 49.631175][ T6153] netlink_sendmsg+0x8b8/0xd70 [ 49.632421][ T6153] ? __pfx_netlink_sendmsg+0x10/0x10 [ 49.633828][ T6153] ____sys_sendmsg+0xaaf/0xc90 [ 49.635090][ T6153] ? copy_msghdr_from_user+0x10b/0x160 [ 49.636500][ T6153] ? __pfx_____sys_sendmsg+0x10/0x10 [ 49.637943][ T6153] ___sys_sendmsg+0x135/0x1e0 [ 49.639169][ T6153] ? __pfx____sys_sendmsg+0x10/0x10 [ 49.640504][ T6153] ? __pfx_lock_release+0x10/0x10 [ 49.641800][ T6153] ? trace_lock_acquire+0x14e/0x1f0 [ 49.643394][ T6153] ? __fget_files+0x206/0x3a0 [ 49.645104][ T6153] __sys_sendmsg+0x16e/0x220 [ 49.646778][ T6153] ? __pfx___sys_sendmsg+0x10/0x10 [ 49.648655][ T6153] do_syscall_64+0xcd/0x250 [ 49.650221][ T6153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 49.651756][ T6153] RIP: 0033:0x7f0439985d19 [ 49.652941][ T6153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 49.657731][ T6153] RSP: 002b:00007f043a826038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 49.659865][ T6153] RAX: ffffffffffffffda RBX: 00007f0439b75fa0 RCX: 00007f0439985d19 [ 49.661885][ T6153] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 49.664469][ T6153] RBP: 00007f043a826090 R08: 0000000000000000 R09: 0000000000000000 [ 49.667321][ T6153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 49.669764][ T6153] R13: 0000000000000000 R14: 00007f0439b75fa0 R15: 00007ffdfe8972b8 [ 49.671778][ T6153] [ 49.674733][ T6153] socket: no more sockets [ 49.677755][ T6153] wireguard: wg0: Could not create IPv6 socket [ 49.684325][ T40] kauditd_printk_skb: 98 callbacks suppressed [ 49.684334][ T40] audit: type=1400 audit(1734402996.735:213): avc: denied { unmount } for pid=5949 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 49.733948][ T6161] netlink: 'syz.1.65': attribute type 10 has an invalid length. [ 49.748984][ T6161] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 49.824383][ T1325] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 49.840221][ T6164] FAULT_INJECTION: forcing a failure. [ 49.840221][ T6164] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 49.843892][ T6164] CPU: 3 UID: 0 PID: 6164 Comm: syz.1.66 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 49.846654][ T6164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 49.849801][ T6164] Call Trace: [ 49.850942][ T6164] [ 49.851966][ T6164] dump_stack_lvl+0x16c/0x1f0 [ 49.853575][ T6164] should_fail_ex+0x497/0x5b0 [ 49.855246][ T6164] strncpy_from_user+0x3b/0x2d0 [ 49.856927][ T6164] getname_flags.part.0+0x8f/0x550 [ 49.858725][ T6164] getname_flags+0x93/0xf0 [ 49.860254][ T6164] user_path_at+0x24/0x60 [ 49.861680][ T6164] __x64_sys_utime+0x1c1/0x2c0 [ 49.863341][ T6164] ? __pfx___x64_sys_utime+0x10/0x10 [ 49.865145][ T6164] ? ksys_write+0x1ba/0x250 [ 49.866600][ T6164] do_syscall_64+0xcd/0x250 [ 49.868068][ T6164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 49.870099][ T6164] RIP: 0033:0x7f0439985d19 [ 49.871627][ T6164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 49.876640][ T6164] RSP: 002b:00007f043a805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 49.878808][ T6164] RAX: ffffffffffffffda RBX: 00007f0439b76080 RCX: 00007f0439985d19 [ 49.880811][ T6164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020003000 [ 49.882893][ T6164] RBP: 00007f043a805090 R08: 0000000000000000 R09: 0000000000000000 [ 49.885121][ T6164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 49.887252][ T6164] R13: 0000000000000001 R14: 00007f0439b76080 R15: 00007ffdfe8972b8 [ 49.889294][ T6164] [ 49.986297][ T1325] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 49.989293][ T1325] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 49.992595][ T1325] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 49.995790][ T1325] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 49.997936][ T1325] usb 5-1: Manufacturer: syz [ 50.004865][ T1325] usb 5-1: config 0 descriptor?? [ 50.054370][ T1325] rc_core: IR keymap rc-hauppauge not found [ 50.055922][ T1325] Registered IR keymap rc-empty [ 50.058496][ T1325] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 50.061885][ T1325] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input5 [ 50.069074][ T40] audit: type=1400 audit(1734402997.125:214): avc: denied { read } for pid=5340 comm="acpid" name="event4" dev="devtmpfs" ino=2789 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.079386][ T40] audit: type=1400 audit(1734402997.125:215): avc: denied { open } for pid=5340 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2789 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.086522][ T40] audit: type=1400 audit(1734402997.125:216): avc: denied { ioctl } for pid=5340 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2789 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.196637][ T40] audit: type=1400 audit(1734402997.255:217): avc: denied { read write } for pid=6167 comm="syz.1.67" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 50.202662][ T40] audit: type=1400 audit(1734402997.255:218): avc: denied { open } for pid=6167 comm="syz.1.67" path="/dev/uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 50.226556][ T40] audit: type=1400 audit(1734402997.285:219): avc: denied { ioctl } for pid=6154 comm="syz.0.61" path="/dev/input/event4" dev="devtmpfs" ino=2789 ioctlcmd=0x4504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 50.234421][ T6170] capability: warning: `syz.2.68' uses deprecated v2 capabilities in a way that may be insecure [ 50.241274][ T832] usb 5-1: USB disconnect, device number 2 [ 50.246126][ T40] audit: type=1400 audit(1734402997.305:220): avc: denied { name_bind } for pid=6169 comm="syz.2.68" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 50.255769][ T40] audit: type=1400 audit(1734402997.305:221): avc: denied { ioctl } for pid=6169 comm="syz.2.68" path="/dev/video1" dev="devtmpfs" ino=956 ioctlcmd=0x5608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 50.262068][ T40] audit: type=1400 audit(1734402997.315:222): avc: denied { setopt } for pid=6169 comm="syz.2.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 50.490766][ T6177] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 50.625011][ T5951] Bluetooth: hci0: command tx timeout [ 50.625094][ T5943] Bluetooth: hci1: command tx timeout [ 50.625111][ T5947] Bluetooth: hci3: command tx timeout [ 50.704647][ T5943] Bluetooth: hci2: command tx timeout [ 50.847938][ T5943] Bluetooth: hci2: Malformed LE Event: 0x0b [ 50.879386][ T6194] FAULT_INJECTION: forcing a failure. [ 50.879386][ T6194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 50.882676][ T6194] CPU: 3 UID: 0 PID: 6194 Comm: syz.1.76 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 50.885376][ T6194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 50.888188][ T6194] Call Trace: [ 50.889056][ T6194] [ 50.889814][ T6194] dump_stack_lvl+0x16c/0x1f0 [ 50.891003][ T6194] should_fail_ex+0x497/0x5b0 [ 50.892215][ T6194] _copy_from_user+0x2e/0xd0 [ 50.893363][ T6194] copy_msghdr_from_user+0x99/0x160 [ 50.894675][ T6194] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 50.896279][ T6194] ? __lock_acquire+0xcc5/0x3c40 [ 50.897595][ T6194] ___sys_sendmsg+0xff/0x1e0 [ 50.898775][ T6194] ? __pfx____sys_sendmsg+0x10/0x10 [ 50.900185][ T6194] ? trace_lock_acquire+0x14e/0x1f0 [ 50.901565][ T6194] __sys_sendmmsg+0x201/0x420 [ 50.902771][ T6194] ? __pfx___sys_sendmmsg+0x10/0x10 [ 50.904082][ T6194] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 50.905563][ T6194] ? fput+0x67/0x440 [ 50.906560][ T6194] ? ksys_write+0x1ba/0x250 [ 50.907783][ T6194] ? __pfx_ksys_write+0x10/0x10 [ 50.909060][ T6194] __x64_sys_sendmmsg+0x9c/0x100 [ 50.910269][ T6194] ? lockdep_hardirqs_on+0x7c/0x110 [ 50.911584][ T6194] do_syscall_64+0xcd/0x250 [ 50.912689][ T6194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.914132][ T6194] RIP: 0033:0x7f0439985d19 [ 50.915287][ T6194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.920022][ T6194] RSP: 002b:00007f043a826038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 50.922063][ T6194] RAX: ffffffffffffffda RBX: 00007f0439b75fa0 RCX: 00007f0439985d19 [ 50.923992][ T6194] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005 [ 50.926039][ T6194] RBP: 00007f043a826090 R08: 0000000000000000 R09: 0000000000000000 [ 50.928107][ T6194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.930159][ T6194] R13: 0000000000000000 R14: 00007f0439b75fa0 R15: 00007ffdfe8972b8 [ 50.932210][ T6194] [ 51.106366][ T1325] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 51.264830][ T1325] usb 7-1: Using ep0 maxpacket: 16 [ 51.271262][ T1325] usb 7-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 51.274534][ T1325] usb 7-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 51.276680][ T1325] usb 7-1: Product: syz [ 51.277858][ T1325] usb 7-1: Manufacturer: syz [ 51.279126][ T1325] usb 7-1: SerialNumber: syz [ 51.291612][ T1325] usb 7-1: config 0 descriptor?? [ 51.502587][ T1325] usb 7-1: USB disconnect, device number 2 [ 51.586740][ T6221] fuse: Unknown parameter 'á>¦}âêöáƒDÀ¥pM' [ 51.719004][ T6229] FAULT_INJECTION: forcing a failure. [ 51.719004][ T6229] name failslab, interval 1, probability 0, space 0, times 0 [ 51.722213][ T6229] CPU: 2 UID: 0 PID: 6229 Comm: syz.0.83 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 51.724939][ T6229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 51.727980][ T6229] Call Trace: [ 51.728859][ T6229] [ 51.729640][ T6229] dump_stack_lvl+0x16c/0x1f0 [ 51.730881][ T6229] should_fail_ex+0x497/0x5b0 [ 51.732171][ T6229] ? fs_reclaim_acquire+0xae/0x150 [ 51.733496][ T6229] should_failslab+0xc2/0x120 [ 51.734680][ T6229] __kmalloc_noprof+0xcb/0x510 [ 51.735948][ T6229] ? rcu_is_watching+0x12/0xc0 [ 51.737228][ T6229] tomoyo_encode2+0x100/0x3e0 [ 51.738491][ T6229] tomoyo_encode+0x29/0x50 [ 51.739679][ T6229] tomoyo_realpath_from_path+0x19d/0x720 [ 51.741147][ T6229] ? tomoyo_path_number_perm+0x235/0x590 [ 51.742751][ T6229] tomoyo_path_number_perm+0x248/0x590 [ 51.744182][ T6229] ? tomoyo_path_number_perm+0x235/0x590 [ 51.745645][ T6229] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 51.747262][ T6229] ? __pfx_lock_release+0x10/0x10 [ 51.748572][ T6229] ? trace_lock_acquire+0x14e/0x1f0 [ 51.749841][ T6229] ? lock_acquire+0x2f/0xb0 [ 51.750952][ T6229] ? __fget_files+0x40/0x3a0 [ 51.752115][ T6229] ? __fget_files+0x206/0x3a0 [ 51.753312][ T6229] security_file_ioctl+0x9b/0x240 [ 51.754629][ T6229] __x64_sys_ioctl+0xb7/0x200 [ 51.755886][ T6229] do_syscall_64+0xcd/0x250 [ 51.757042][ T6229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.758558][ T6229] RIP: 0033:0x7fb721f85d19 [ 51.759713][ T6229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.764613][ T6229] RSP: 002b:00007fb722e48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 51.766776][ T6229] RAX: ffffffffffffffda RBX: 00007fb722176080 RCX: 00007fb721f85d19 [ 51.768865][ T6229] RDX: 0000000020000000 RSI: 0000000000008916 RDI: 0000000000000008 [ 51.770926][ T6229] RBP: 00007fb722e48090 R08: 0000000000000000 R09: 0000000000000000 [ 51.773042][ T6229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.775198][ T6229] R13: 0000000000000000 R14: 00007fb722176080 R15: 00007ffc31ec91d8 [ 51.777310][ T6229] [ 51.780666][ T6229] ERROR: Out of memory at tomoyo_realpath_from_path. [ 52.094302][ T6251] netlink: set zone limit has 8 unknown bytes [ 52.135963][ T6253] warning: `syz.1.97' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 52.315341][ T4316] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 52.374411][ T5979] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 52.475664][ T4316] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 52.478740][ T4316] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 52.482832][ T4316] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 52.485708][ T4316] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 52.488123][ T4316] usb 8-1: Manufacturer: syz [ 52.491104][ T4316] usb 8-1: config 0 descriptor?? [ 52.504523][ T6255] __nla_validate_parse: 8 callbacks suppressed [ 52.504535][ T6255] netlink: 12 bytes leftover after parsing attributes in process `syz.0.98'. [ 52.535410][ T5979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 52.544338][ T5979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 52.547635][ T5979] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 52.549942][ T5979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.554293][ T4316] rc_core: IR keymap rc-hauppauge not found [ 52.556042][ T4316] Registered IR keymap rc-empty [ 52.559738][ T5979] usb 6-1: config 0 descriptor?? [ 52.562939][ T4316] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 52.564365][ T6258] FAULT_INJECTION: forcing a failure. [ 52.564365][ T6258] name failslab, interval 1, probability 0, space 0, times 0 [ 52.568696][ T4316] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input6 [ 52.569029][ T6258] CPU: 2 UID: 0 PID: 6258 Comm: syz.0.99 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 52.574628][ T6258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.577898][ T6258] Call Trace: [ 52.578961][ T6258] [ 52.579909][ T6258] dump_stack_lvl+0x16c/0x1f0 [ 52.581329][ T6258] should_fail_ex+0x497/0x5b0 [ 52.582829][ T6258] should_failslab+0xc2/0x120 [ 52.584533][ T6258] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 52.586268][ T6258] ? skb_clone+0x190/0x3f0 [ 52.587537][ T6258] skb_clone+0x190/0x3f0 [ 52.588684][ T5943] Bluetooth: hci1: Malformed LE Event: 0x0b [ 52.588725][ T6258] netlink_deliver_tap+0xabd/0xd30 [ 52.592344][ T6258] netlink_unicast+0x6b4/0x7f0 [ 52.594013][ T6258] ? __pfx_netlink_unicast+0x10/0x10 [ 52.595730][ T6258] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 52.597508][ T6258] netlink_ack+0x6ac/0xb80 [ 52.598825][ T6258] netlink_rcv_skb+0x348/0x440 [ 52.600078][ T6258] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 52.601409][ T6258] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 52.602755][ T6258] ? netlink_deliver_tap+0x1ae/0xd30 [ 52.604096][ T6258] netlink_unicast+0x53c/0x7f0 [ 52.605318][ T6258] ? __pfx_netlink_unicast+0x10/0x10 [ 52.606607][ T6258] netlink_sendmsg+0x8b8/0xd70 [ 52.607839][ T6258] ? __pfx_netlink_sendmsg+0x10/0x10 [ 52.609152][ T6258] ____sys_sendmsg+0xaaf/0xc90 [ 52.610361][ T6258] ? copy_msghdr_from_user+0x10b/0x160 [ 52.611703][ T6258] ? __pfx_____sys_sendmsg+0x10/0x10 [ 52.613046][ T6258] ? __lock_acquire+0xcc5/0x3c40 [ 52.614307][ T6258] ___sys_sendmsg+0x135/0x1e0 [ 52.615519][ T6258] ? __pfx____sys_sendmsg+0x10/0x10 [ 52.616758][ T6258] ? trace_lock_acquire+0x14e/0x1f0 [ 52.618064][ T6258] __sys_sendmmsg+0x201/0x420 [ 52.619234][ T6258] ? __pfx___sys_sendmmsg+0x10/0x10 [ 52.620561][ T6258] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 52.622078][ T6258] ? fput+0x67/0x440 [ 52.623076][ T6258] ? ksys_write+0x1ba/0x250 [ 52.624183][ T6258] ? __pfx_ksys_write+0x10/0x10 [ 52.625375][ T6258] __x64_sys_sendmmsg+0x9c/0x100 [ 52.626581][ T6258] ? lockdep_hardirqs_on+0x7c/0x110 [ 52.627886][ T6258] do_syscall_64+0xcd/0x250 [ 52.629035][ T6258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.630504][ T6258] RIP: 0033:0x7fb721f85d19 [ 52.631627][ T6258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.636283][ T6258] RSP: 002b:00007fb722e69038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 52.638310][ T6258] RAX: ffffffffffffffda RBX: 00007fb722175fa0 RCX: 00007fb721f85d19 [ 52.640311][ T6258] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 52.642224][ T6258] RBP: 00007fb722e69090 R08: 0000000000000000 R09: 0000000000000000 [ 52.644117][ T6258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.645978][ T6258] R13: 0000000000000000 R14: 00007fb722175fa0 R15: 00007ffc31ec91d8 [ 52.647891][ T6258] [ 52.705979][ T25] usb 8-1: USB disconnect, device number 3 [ 52.706042][ T5943] Bluetooth: hci3: command tx timeout [ 52.707871][ T5951] Bluetooth: hci0: command tx timeout [ 52.714394][ T5951] Bluetooth: hci1: command tx timeout [ 52.784348][ T5951] Bluetooth: hci2: command tx timeout [ 52.857644][ T6284] FAULT_INJECTION: forcing a failure. [ 52.857644][ T6284] name failslab, interval 1, probability 0, space 0, times 0 [ 52.860907][ T6284] CPU: 0 UID: 0 PID: 6284 Comm: syz.2.108 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 52.863683][ T6284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.866435][ T6284] Call Trace: [ 52.867309][ T6284] [ 52.868085][ T6284] dump_stack_lvl+0x16c/0x1f0 [ 52.869324][ T6284] should_fail_ex+0x497/0x5b0 [ 52.870564][ T6284] should_failslab+0xc2/0x120 [ 52.871861][ T6284] __kmalloc_cache_noprof+0x68/0x410 [ 52.873734][ T6284] ? stack_depot_init+0x39/0x120 [ 52.875509][ T6284] __hw_addr_add_ex+0x3c8/0x7c0 [ 52.877294][ T6284] ? __pfx___hw_addr_add_ex+0x10/0x10 [ 52.879224][ T6284] ? __mutex_unlock_slowpath+0x161/0x690 [ 52.881250][ T6284] dev_addr_init+0x162/0x250 [ 52.882916][ T6284] ? __pfx_dev_addr_init+0x10/0x10 [ 52.884771][ T6284] ? __pfx_macvlan_setup+0x10/0x10 [ 52.886597][ T6284] ? __pfx_macvlan_setup+0x10/0x10 [ 52.888425][ T6284] alloc_netdev_mqs+0x3ef/0x1510 [ 52.890215][ T6284] rtnl_create_link+0xc10/0xfa0 [ 52.891702][ T6284] rtnl_newlink+0x14c3/0x1d60 [ 52.893263][ T6284] ? __pfx_rtnl_newlink+0x10/0x10 [ 52.894620][ T6284] ? __pfx___lock_acquire+0x10/0x10 [ 52.895992][ T6284] ? cred_has_capability.isra.0+0x192/0x2f0 [ 52.897732][ T6284] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 52.899420][ T6284] ? find_held_lock+0x2d/0x110 [ 52.900674][ T6284] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 52.902130][ T6284] ? __pfx_lock_release+0x10/0x10 [ 52.903875][ T6284] ? trace_lock_acquire+0x14e/0x1f0 [ 52.905663][ T6284] ? __pfx_rtnl_newlink+0x10/0x10 [ 52.907416][ T6284] rtnetlink_rcv_msg+0x95b/0xea0 [ 52.909041][ T6284] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 52.910466][ T6284] netlink_rcv_skb+0x16b/0x440 [ 52.911752][ T6284] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 52.913620][ T6284] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 52.915478][ T6284] ? netlink_deliver_tap+0x1ae/0xd30 [ 52.917403][ T6284] netlink_unicast+0x53c/0x7f0 [ 52.919034][ T6284] ? __pfx_netlink_unicast+0x10/0x10 [ 52.920880][ T6284] netlink_sendmsg+0x8b8/0xd70 [ 52.922574][ T6284] ? __pfx_netlink_sendmsg+0x10/0x10 [ 52.924420][ T6284] ____sys_sendmsg+0xaaf/0xc90 [ 52.925939][ T6284] ? copy_msghdr_from_user+0x10b/0x160 [ 52.927798][ T6284] ? __pfx_____sys_sendmsg+0x10/0x10 [ 52.929690][ T6284] ___sys_sendmsg+0x135/0x1e0 [ 52.931278][ T6284] ? __pfx____sys_sendmsg+0x10/0x10 [ 52.932986][ T6284] ? __pfx_lock_release+0x10/0x10 [ 52.934758][ T6284] ? trace_lock_acquire+0x14e/0x1f0 [ 52.936650][ T6284] ? __fget_files+0x206/0x3a0 [ 52.938369][ T6284] __sys_sendmsg+0x16e/0x220 [ 52.939998][ T6284] ? __pfx___sys_sendmsg+0x10/0x10 [ 52.941701][ T6284] do_syscall_64+0xcd/0x250 [ 52.943068][ T6284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.944608][ T6284] RIP: 0033:0x7f57c1585d19 [ 52.945770][ T6284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.951152][ T6284] RSP: 002b:00007f57c23c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 52.953503][ T6284] RAX: ffffffffffffffda RBX: 00007f57c1775fa0 RCX: 00007f57c1585d19 [ 52.955512][ T6284] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000004 [ 52.957455][ T6284] RBP: 00007f57c23c3090 R08: 0000000000000000 R09: 0000000000000000 [ 52.959346][ T6284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.961637][ T6284] R13: 0000000000000000 R14: 00007f57c1775fa0 R15: 00007ffc9eb231e8 [ 52.964394][ T6284] [ 52.966243][ T5979] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor [ 52.971318][ T5979] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0926:3333.0002/input/input7 [ 53.058554][ T5979] keytouch 0003:0926:3333.0002: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 53.182753][ T6253] netlink: 116 bytes leftover after parsing attributes in process `syz.1.97'. [ 53.192394][ T6293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.112'. [ 53.218832][ T6292] Process accounting resumed [ 53.237744][ T5951] Bluetooth: hci3: Malformed LE Event: 0x0b [ 53.281529][ T6304] UHID_CREATE from different security context by process 61 (syz.0.116), this is not allowed. [ 53.306385][ T25] usb 6-1: USB disconnect, device number 2 [ 53.325859][ T6306] FAULT_INJECTION: forcing a failure. [ 53.325859][ T6306] name failslab, interval 1, probability 0, space 0, times 0 [ 53.329417][ T6306] CPU: 2 UID: 0 PID: 6306 Comm: syz.2.115 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 53.332065][ T6306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.334723][ T6306] Call Trace: [ 53.335611][ T6306] [ 53.336388][ T6306] dump_stack_lvl+0x16c/0x1f0 [ 53.337662][ T6306] should_fail_ex+0x497/0x5b0 [ 53.338910][ T6306] should_failslab+0xc2/0x120 [ 53.340186][ T6306] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 53.341605][ T6306] ? skb_clone+0x190/0x3f0 [ 53.342792][ T6306] skb_clone+0x190/0x3f0 [ 53.344042][ T6306] netlink_deliver_tap+0xabd/0xd30 [ 53.345385][ T6306] netlink_unicast+0x5e1/0x7f0 [ 53.346651][ T6306] ? __pfx_netlink_unicast+0x10/0x10 [ 53.348078][ T6306] netlink_sendmsg+0x8b8/0xd70 [ 53.349343][ T6306] ? __pfx_netlink_sendmsg+0x10/0x10 [ 53.350740][ T6306] ____sys_sendmsg+0xaaf/0xc90 [ 53.352061][ T6306] ? copy_msghdr_from_user+0x10b/0x160 [ 53.353930][ T6306] ? __pfx_____sys_sendmsg+0x10/0x10 [ 53.356167][ T6306] ___sys_sendmsg+0x135/0x1e0 [ 53.357858][ T6306] ? __pfx____sys_sendmsg+0x10/0x10 [ 53.359299][ T6306] ? __pfx_lock_release+0x10/0x10 [ 53.360586][ T6306] ? trace_lock_acquire+0x14e/0x1f0 [ 53.361978][ T6306] ? __fget_files+0x206/0x3a0 [ 53.363237][ T6306] __sys_sendmsg+0x16e/0x220 [ 53.364458][ T6306] ? __pfx___sys_sendmsg+0x10/0x10 [ 53.365809][ T6306] do_syscall_64+0xcd/0x250 [ 53.367027][ T6306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.368604][ T6306] RIP: 0033:0x7f57c1585d19 [ 53.369775][ T6306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.374591][ T6306] RSP: 002b:00007f57c23c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.376651][ T6306] RAX: ffffffffffffffda RBX: 00007f57c1775fa0 RCX: 00007f57c1585d19 [ 53.378627][ T6306] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 53.380485][ T6306] RBP: 00007f57c23c3090 R08: 0000000000000000 R09: 0000000000000000 [ 53.382534][ T6306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.384553][ T6306] R13: 0000000000000000 R14: 00007f57c1775fa0 R15: 00007ffc9eb231e8 [ 53.386632][ T6306] [ 53.388374][ T6306] netlink: 12 bytes leftover after parsing attributes in process `syz.2.115'. [ 53.423101][ T6312] FAULT_INJECTION: forcing a failure. [ 53.423101][ T6312] name failslab, interval 1, probability 0, space 0, times 0 [ 53.426539][ T6312] CPU: 3 UID: 0 PID: 6312 Comm: syz.2.118 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 53.428480][ T6314] netlink: 12 bytes leftover after parsing attributes in process `syz.3.119'. [ 53.429330][ T6312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.434412][ T6312] Call Trace: [ 53.435281][ T6312] [ 53.436049][ T6312] dump_stack_lvl+0x16c/0x1f0 [ 53.437386][ T6312] should_fail_ex+0x497/0x5b0 [ 53.438604][ T6312] ? fs_reclaim_acquire+0xae/0x150 [ 53.439927][ T6312] should_failslab+0xc2/0x120 [ 53.441146][ T6312] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 53.442601][ T6312] ? __alloc_skb+0x2b1/0x380 [ 53.443776][ T6312] __alloc_skb+0x2b1/0x380 [ 53.444920][ T6312] ? __pfx___alloc_skb+0x10/0x10 [ 53.446326][ T6312] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 53.447873][ T6312] netlink_alloc_large_skb+0x69/0x130 [ 53.449226][ T6312] netlink_sendmsg+0x689/0xd70 [ 53.450452][ T6312] ? __pfx_netlink_sendmsg+0x10/0x10 [ 53.451798][ T6312] ____sys_sendmsg+0xaaf/0xc90 [ 53.453025][ T6312] ? copy_msghdr_from_user+0x10b/0x160 [ 53.454425][ T6312] ? __pfx_____sys_sendmsg+0x10/0x10 [ 53.456159][ T6312] ? __lock_acquire+0xcc5/0x3c40 [ 53.457626][ T6312] ___sys_sendmsg+0x135/0x1e0 [ 53.458860][ T6312] ? __pfx____sys_sendmsg+0x10/0x10 [ 53.460197][ T6312] ? trace_lock_acquire+0x14e/0x1f0 [ 53.461536][ T6312] __sys_sendmmsg+0x201/0x420 [ 53.462756][ T6312] ? __pfx___sys_sendmmsg+0x10/0x10 [ 53.464088][ T6312] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 53.465603][ T6312] ? fput+0x67/0x440 [ 53.466623][ T6312] ? ksys_write+0x1ba/0x250 [ 53.467927][ T6312] ? __pfx_ksys_write+0x10/0x10 [ 53.469132][ T6312] __x64_sys_sendmmsg+0x9c/0x100 [ 53.470384][ T6312] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.471708][ T6312] do_syscall_64+0xcd/0x250 [ 53.472874][ T6312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.474358][ T6312] RIP: 0033:0x7f57c1585d19 [ 53.475477][ T6312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.480378][ T6312] RSP: 002b:00007f57c23c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 53.482419][ T6312] RAX: ffffffffffffffda RBX: 00007f57c1775fa0 RCX: 00007f57c1585d19 [ 53.484345][ T6312] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005 [ 53.486312][ T6312] RBP: 00007f57c23c3090 R08: 0000000000000000 R09: 0000000000000000 [ 53.488305][ T6312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.490265][ T6312] R13: 0000000000000000 R14: 00007f57c1775fa0 R15: 00007ffc9eb231e8 [ 53.492412][ T6312] [ 53.493340][ C3] vkms_vblank_simulate: vblank timer overrun [ 53.519052][ T6318] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 53.926319][ T6338] efs: device does not support 512 byte blocks [ 53.927976][ T6338] device does not support 512 byte blocks [ 53.927976][ T6338] [ 53.934659][ T6340] FAULT_INJECTION: forcing a failure. [ 53.934659][ T6340] name failslab, interval 1, probability 0, space 0, times 0 [ 53.938120][ T6340] CPU: 3 UID: 0 PID: 6340 Comm: syz.2.129 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 53.940839][ T6340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.943941][ T6340] Call Trace: [ 53.945013][ T6340] [ 53.946007][ T6340] dump_stack_lvl+0x16c/0x1f0 [ 53.947616][ T6340] should_fail_ex+0x497/0x5b0 [ 53.948892][ T6340] ? fs_reclaim_acquire+0xae/0x150 [ 53.950273][ T6340] should_failslab+0xc2/0x120 [ 53.951801][ T6340] __kmalloc_node_noprof+0xd1/0x510 [ 53.953513][ T6340] ? alloc_slab_obj_exts+0x41/0xa0 [ 53.955420][ T6340] alloc_slab_obj_exts+0x41/0xa0 [ 53.957156][ T6340] __memcg_slab_post_alloc_hook+0x2a7/0x9b0 [ 53.959319][ T6340] ? kasan_save_track+0x14/0x30 [ 53.961081][ T6340] kmem_cache_alloc_noprof+0x366/0x3d0 [ 53.963063][ T6340] ? sk_prot_alloc+0x60/0x2a0 [ 53.964810][ T6340] sk_prot_alloc+0x60/0x2a0 [ 53.966431][ T6340] sk_alloc+0x36/0xb90 [ 53.967919][ T6340] inet6_create+0x380/0x1320 [ 53.969547][ T6340] ? inet6_create+0x5d/0x1320 [ 53.971190][ T6340] __sock_create+0x335/0x8d0 [ 53.972836][ T6340] udp_sock_create6+0xc8/0x6a0 [ 53.974562][ T6340] ? static_key_fast_inc_not_disabled+0x157/0x1e0 [ 53.976830][ T6340] ? __pfx_udp_sock_create6+0x10/0x10 [ 53.978804][ T6340] ? cpus_read_unlock+0x83/0x150 [ 53.980569][ T6340] wg_socket_init+0x52f/0xb40 [ 53.982224][ T6340] ? __pfx_wg_socket_init+0x10/0x10 [ 53.984047][ T6340] ? mark_lock+0xb5/0xc60 [ 53.985555][ T6340] ? avc_has_perm_noaudit+0x143/0x3a0 [ 53.987485][ T6340] ? __pfx_wg_receive+0x10/0x10 [ 53.989197][ T6340] ? find_held_lock+0x2d/0x110 [ 53.990925][ T6340] ? __pfx_lock_release+0x10/0x10 [ 53.992692][ T6340] ? mark_held_locks+0x9f/0xe0 [ 53.994362][ T6340] ? __local_bh_enable_ip+0xa4/0x120 [ 53.996501][ T6340] wg_set_device+0xda6/0x13e0 [ 53.998186][ T6340] ? __pfx_wg_set_device+0x10/0x10 [ 53.999937][ T6340] ? rcu_is_watching+0x12/0xc0 [ 54.001525][ T6340] ? __nla_parse+0x40/0x60 [ 54.003046][ T6340] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 54.005507][ T6340] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 54.007954][ T6340] genl_family_rcv_msg_doit+0x202/0x2f0 [ 54.009370][ T6340] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 54.010984][ T6340] ? bpf_lsm_capable+0x9/0x10 [ 54.012477][ T6340] ? security_capable+0x7e/0x260 [ 54.014085][ T6340] ? ns_capable+0xd7/0x110 [ 54.015713][ T6340] genl_rcv_msg+0x565/0x800 [ 54.017236][ T6340] ? __pfx_genl_rcv_msg+0x10/0x10 [ 54.018822][ T6340] ? __pfx_wg_set_device+0x10/0x10 [ 54.020577][ T6340] netlink_rcv_skb+0x16b/0x440 [ 54.022201][ T6340] ? __pfx_genl_rcv_msg+0x10/0x10 [ 54.023890][ T6340] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 54.025689][ T6340] ? down_read+0xc9/0x330 [ 54.027139][ T6340] ? __pfx_down_read+0x10/0x10 [ 54.027947][ T6346] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 54.028724][ T6340] ? netlink_deliver_tap+0x1ae/0xd30 [ 54.032888][ T6340] genl_rcv+0x28/0x40 [ 54.034247][ T6340] netlink_unicast+0x53c/0x7f0 [ 54.035866][ T6340] ? __pfx_netlink_unicast+0x10/0x10 [ 54.037720][ T6340] netlink_sendmsg+0x8b8/0xd70 [ 54.039358][ T6340] ? __pfx_netlink_sendmsg+0x10/0x10 [ 54.041195][ T6340] ____sys_sendmsg+0xaaf/0xc90 [ 54.042817][ T6340] ? copy_msghdr_from_user+0x10b/0x160 [ 54.044689][ T6340] ? __pfx_____sys_sendmsg+0x10/0x10 [ 54.046483][ T6340] ___sys_sendmsg+0x135/0x1e0 [ 54.048135][ T6340] ? __pfx____sys_sendmsg+0x10/0x10 [ 54.049894][ T6340] ? __pfx_lock_release+0x10/0x10 [ 54.051615][ T6340] ? trace_lock_acquire+0x14e/0x1f0 [ 54.053408][ T6340] ? __fget_files+0x206/0x3a0 [ 54.054942][ T6340] __sys_sendmsg+0x16e/0x220 [ 54.056396][ T6340] ? __pfx___sys_sendmsg+0x10/0x10 [ 54.058088][ T6340] do_syscall_64+0xcd/0x250 [ 54.059592][ T6340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.061495][ T6340] RIP: 0033:0x7f57c1585d19 [ 54.062817][ T6340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.068518][ T6340] RSP: 002b:00007f57c23c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 54.071023][ T6340] RAX: ffffffffffffffda RBX: 00007f57c1775fa0 RCX: 00007f57c1585d19 [ 54.073536][ T6340] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 54.076046][ T6340] RBP: 00007f57c23c3090 R08: 0000000000000000 R09: 0000000000000000 [ 54.078321][ T6340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 54.080630][ T6340] R13: 0000000000000000 R14: 00007f57c1775fa0 R15: 00007ffc9eb231e8 [ 54.083056][ T6340] [ 54.084030][ C3] vkms_vblank_simulate: vblank timer overrun [ 54.091021][ T6346] ======================================================= [ 54.091021][ T6346] WARNING: The mand mount option has been deprecated and [ 54.091021][ T6346] and is ignored by this kernel. Remove the mand [ 54.091021][ T6346] option from the mount to silence this warning. [ 54.091021][ T6346] ======================================================= [ 54.102374][ T6345] netlink: 'syz.0.131': attribute type 23 has an invalid length. [ 54.144377][ T6354] syz.2.133: attempt to access beyond end of device [ 54.144377][ T6354] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 54.148542][ T6354] efs: cannot read volume header [ 54.237742][ T6357] FAULT_INJECTION: forcing a failure. [ 54.237742][ T6357] name failslab, interval 1, probability 0, space 0, times 0 [ 54.241371][ T6357] CPU: 3 UID: 0 PID: 6357 Comm: syz.2.135 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 54.244104][ T6357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.247226][ T6357] Call Trace: [ 54.248157][ T6357] [ 54.249020][ T6357] dump_stack_lvl+0x16c/0x1f0 [ 54.250239][ T6357] should_fail_ex+0x497/0x5b0 [ 54.251448][ T6357] ? fs_reclaim_acquire+0xae/0x150 [ 54.252747][ T6357] should_failslab+0xc2/0x120 [ 54.253916][ T6357] __kmalloc_cache_noprof+0x68/0x410 [ 54.255262][ T6357] ? __pfx___folio_start_writeback+0x10/0x10 [ 54.256857][ T6357] ? do_raw_spin_lock+0x12d/0x2c0 [ 54.258120][ T6357] netfs_buffer_make_space+0x432/0x6b0 [ 54.259563][ T6357] netfs_buffer_append_folio+0x298/0x360 [ 54.260893][ T6357] netfs_write_folio+0x540/0x1930 [ 54.262105][ T6357] netfs_writepages+0x29a/0x8f0 [ 54.263287][ T6357] ? __pfx_netfs_writepages+0x10/0x10 [ 54.264568][ T6357] ? __pfx___lock_acquire+0x10/0x10 [ 54.265828][ T6357] ? hlock_class+0x4e/0x130 [ 54.266944][ T6357] ? __pfx_netfs_writepages+0x10/0x10 [ 54.268248][ T6357] do_writepages+0x1b3/0x820 [ 54.269402][ T6357] ? __pfx_do_writepages+0x10/0x10 [ 54.270695][ T6357] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 54.272472][ T6357] ? __pfx_lock_release+0x10/0x10 [ 54.274072][ T6357] ? do_raw_spin_lock+0x12d/0x2c0 [ 54.275537][ T6357] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 54.277024][ T6357] ? lock_acquire+0x2f/0xb0 [ 54.278210][ T6357] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 54.279751][ T6357] ? do_raw_spin_unlock+0x172/0x230 [ 54.280994][ T6357] filemap_fdatawrite_wbc+0x104/0x160 [ 54.282355][ T6357] __filemap_fdatawrite_range+0xb3/0xf0 [ 54.283722][ T6357] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 54.285231][ T6357] ? v9fs_fid_lookup+0xe9/0xec0 [ 54.286416][ T6357] v9fs_vfs_setattr+0x93a/0xab0 [ 54.287633][ T6357] ? __pfx_v9fs_vfs_setattr+0x10/0x10 [ 54.288937][ T6357] ? selinux_inode_setattr+0x246/0x400 [ 54.290264][ T6357] ? evm_inode_setattr+0x65/0x680 [ 54.291496][ T6357] ? __pfx_make_vfsgid+0x10/0x10 [ 54.292718][ T6357] ? __pfx_v9fs_vfs_setattr+0x10/0x10 [ 54.294005][ T6357] notify_change+0x6a6/0x1230 [ 54.295167][ T6357] vfs_utimes+0x41d/0x850 [ 54.296192][ T6357] ? __pfx_vfs_utimes+0x10/0x10 [ 54.297422][ T6357] ? putname+0x13c/0x180 [ 54.298481][ T6357] __x64_sys_utime+0x1e3/0x2c0 [ 54.299726][ T6357] ? __pfx___x64_sys_utime+0x10/0x10 [ 54.301012][ T6357] ? ksys_write+0x1ba/0x250 [ 54.302193][ T6357] do_syscall_64+0xcd/0x250 [ 54.303331][ T6357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.304775][ T6357] RIP: 0033:0x7f57c1585d19 [ 54.305864][ T6357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.310490][ T6357] RSP: 002b:00007f57c23a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 54.312507][ T6357] RAX: ffffffffffffffda RBX: 00007f57c1776080 RCX: 00007f57c1585d19 [ 54.314389][ T6357] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020003000 [ 54.316330][ T6357] RBP: 00007f57c23a2090 R08: 0000000000000000 R09: 0000000000000000 [ 54.318303][ T6357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.320276][ T6357] R13: 0000000000000001 R14: 00007f57c1776080 R15: 00007ffc9eb231e8 [ 54.322189][ T6357] [ 54.323069][ C3] vkms_vblank_simulate: vblank timer overrun [ 54.325197][ T6357] ------------[ cut here ]------------ [ 54.326532][ T6357] WARNING: CPU: 3 PID: 6357 at lib/iov_iter.c:255 _copy_from_iter+0x3a0/0x1560 [ 54.328691][ T6357] Modules linked in: [ 54.329733][ T6357] CPU: 3 UID: 0 PID: 6357 Comm: syz.2.135 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 54.333559][ T6357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.336651][ T6357] RIP: 0010:_copy_from_iter+0x3a0/0x1560 [ 54.338516][ T6357] Code: 5f fd 0f 01 cb 48 89 d9 4c 89 f7 48 89 ee f3 a4 0f 1f 00 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 1e ff ff ff e8 31 5c fc fc 90 <0f> 0b 90 e9 ae fd ff ff e8 23 5c fc fc 89 ee bf 01 00 00 00 e8 f7 [ 54.343938][ T6357] RSP: 0018:ffffc900039fef08 EFLAGS: 00010293 [ 54.345814][ T6357] RAX: 0000000000000000 RBX: 0000000000007fec RCX: ffffffff849db528 [ 54.348106][ T6357] RDX: ffff888023602440 RSI: ffffffff849db80f RDI: 0000000000000001 [ 54.350168][ T6357] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 54.352327][ T6357] R10: 0000000000000000 R11: 0000000000000003 R12: ffff8880315a9460 [ 54.354518][ T6357] R13: ffffc900039ff2f8 R14: ffff8880315a9460 R15: dffffc0000000000 [ 54.357066][ T6357] FS: 00007f57c23a26c0(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000 [ 54.359935][ T6357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 54.361776][ T6357] CR2: 00007f57c23a1f98 CR3: 000000002e93c000 CR4: 0000000000352ef0 [ 54.363796][ T6357] Call Trace: [ 54.364709][ T6357] [ 54.365503][ T6357] ? __warn+0xea/0x3c0 [ 54.366573][ T6357] ? _copy_from_iter+0x3a0/0x1560 [ 54.367881][ T6357] ? report_bug+0x3c0/0x580 [ 54.369067][ T6357] ? handle_bug+0x54/0xa0 [ 54.370156][ T6357] ? exc_invalid_op+0x17/0x50 [ 54.371346][ T6357] ? asm_exc_invalid_op+0x1a/0x20 [ 54.372603][ T6357] ? _copy_from_iter+0xb8/0x1560 [ 54.373874][ T6357] ? _copy_from_iter+0x39f/0x1560 [ 54.375455][ T6357] ? _copy_from_iter+0x3a0/0x1560 [ 54.377114][ T6357] ? _copy_from_iter+0x39f/0x1560 [ 54.378814][ T6357] ? __pfx_lock_release+0x10/0x10 [ 54.380767][ T6357] ? trace_lock_acquire+0x14e/0x1f0 [ 54.382246][ T6357] ? __pfx__copy_from_iter+0x10/0x10 [ 54.383595][ T6357] ? __virt_addr_valid+0x1a4/0x590 [ 54.385190][ T6357] ? __virt_addr_valid+0x5e/0x590 [ 54.386465][ T6357] ? __phys_addr+0xc6/0x150 [ 54.387659][ T6357] ? __phys_addr_symbol+0x30/0x80 [ 54.388861][ T6357] ? __check_object_size+0x488/0x710 [ 54.390229][ T6357] p9pdu_vwritef+0x2d0/0x1cf0 [ 54.391439][ T6357] ? p9pdu_writef+0xc4/0x100 [ 54.392627][ T6357] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 54.393944][ T6357] ? __pfx_p9_tag_alloc+0x10/0x10 [ 54.395345][ T6357] ? mark_lock+0xb5/0xc60 [ 54.396431][ T6357] p9_client_prepare_req+0x244/0x4d0 [ 54.397774][ T6357] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 54.399264][ T6357] ? __kernel_text_address+0xd/0x40 [ 54.400548][ T6357] ? unwind_get_return_address+0x59/0xa0 [ 54.401975][ T6357] ? arch_stack_walk+0xa7/0x100 [ 54.403210][ T6357] p9_client_rpc+0x1c3/0xc10 [ 54.404434][ T6357] ? __lock_acquire+0xcc5/0x3c40 [ 54.405879][ T6357] ? __pfx_p9_client_rpc+0x10/0x10 [ 54.407191][ T6357] ? hlock_class+0x4e/0x130 [ 54.408332][ T6357] ? mark_lock+0xb5/0xc60 [ 54.409412][ T6357] p9_client_write+0x31f/0x680 [ 54.410636][ T6357] ? __pfx_p9_client_write+0x10/0x10 [ 54.412013][ T6357] ? mark_held_locks+0x9f/0xe0 [ 54.413234][ T6357] v9fs_issue_write+0xe2/0x180 [ 54.414547][ T6357] ? __pfx_v9fs_issue_write+0x10/0x10 [ 54.416300][ T6357] ? rcu_is_watching+0x12/0xc0 [ 54.417960][ T6357] ? trace_netfs_sreq+0x198/0x220 [ 54.419441][ T6357] netfs_do_issue_write+0x92/0x110 [ 54.420819][ T6357] netfs_advance_write+0x384/0xc80 [ 54.422190][ T6357] ? netfs_buffer_append_folio+0x276/0x360 [ 54.423767][ T6357] netfs_write_folio+0xc19/0x1930 [ 54.425202][ T6357] netfs_writepages+0x29a/0x8f0 [ 54.426841][ T6357] ? __pfx_netfs_writepages+0x10/0x10 [ 54.428672][ T6357] ? __pfx___lock_acquire+0x10/0x10 [ 54.430413][ T6357] ? hlock_class+0x4e/0x130 [ 54.431942][ T6357] ? __pfx_netfs_writepages+0x10/0x10 [ 54.433733][ T6357] do_writepages+0x1b3/0x820 [ 54.435494][ T6357] ? __pfx_do_writepages+0x10/0x10 [ 54.436912][ T6357] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 54.438393][ T6357] ? __pfx_lock_release+0x10/0x10 [ 54.439635][ T6357] ? do_raw_spin_lock+0x12d/0x2c0 [ 54.440839][ T6357] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 54.442166][ T6357] ? lock_acquire+0x2f/0xb0 [ 54.443281][ T6357] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 54.444776][ T6357] ? do_raw_spin_unlock+0x172/0x230 [ 54.446077][ T6357] filemap_fdatawrite_wbc+0x104/0x160 [ 54.447434][ T6357] __filemap_fdatawrite_range+0xb3/0xf0 [ 54.448806][ T6357] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 54.450371][ T6357] ? v9fs_fid_lookup+0xe9/0xec0 [ 54.451775][ T6357] v9fs_vfs_setattr+0x93a/0xab0 [ 54.452974][ T6357] ? __pfx_v9fs_vfs_setattr+0x10/0x10 [ 54.454350][ T6357] ? selinux_inode_setattr+0x246/0x400 [ 54.456007][ T6357] ? evm_inode_setattr+0x65/0x680 [ 54.457848][ T6357] ? __pfx_make_vfsgid+0x10/0x10 [ 54.459605][ T6357] ? __pfx_v9fs_vfs_setattr+0x10/0x10 [ 54.461255][ T6357] notify_change+0x6a6/0x1230 [ 54.462503][ T6357] vfs_utimes+0x41d/0x850 [ 54.463624][ T6357] ? __pfx_vfs_utimes+0x10/0x10 [ 54.465326][ T6357] ? putname+0x13c/0x180 [ 54.466964][ T6357] __x64_sys_utime+0x1e3/0x2c0 [ 54.468647][ T6357] ? __pfx___x64_sys_utime+0x10/0x10 [ 54.470422][ T6357] ? ksys_write+0x1ba/0x250 [ 54.471967][ T6357] do_syscall_64+0xcd/0x250 [ 54.473596][ T6357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.475673][ T6357] RIP: 0033:0x7f57c1585d19 [ 54.477180][ T6357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.483721][ T6357] RSP: 002b:00007f57c23a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 54.486933][ T6357] RAX: ffffffffffffffda RBX: 00007f57c1776080 RCX: 00007f57c1585d19 [ 54.489618][ T6357] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020003000 [ 54.492123][ T6357] RBP: 00007f57c23a2090 R08: 0000000000000000 R09: 0000000000000000 [ 54.494000][ T6357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.496011][ T6357] R13: 0000000000000001 R14: 00007f57c1776080 R15: 00007ffc9eb231e8 [ 54.497983][ T6357] [ 54.498761][ T6357] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 54.500541][ T6357] CPU: 3 UID: 0 PID: 6357 Comm: syz.2.135 Not tainted 6.13.0-rc3-syzkaller-00017-gf44d154d6e3d #0 [ 54.503124][ T6357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.505855][ T6357] Call Trace: [ 54.506728][ T6357] [ 54.507485][ T6357] dump_stack_lvl+0x3d/0x1f0 [ 54.508630][ T6357] panic+0x71d/0x800 [ 54.509630][ T6357] ? __pfx_panic+0x10/0x10 [ 54.510770][ T6357] ? show_trace_log_lvl+0x29d/0x3d0 [ 54.512153][ T6357] ? check_panic_on_warn+0x1f/0xb0 [ 54.513475][ T6357] ? _copy_from_iter+0x3a0/0x1560 [ 54.514744][ T6357] check_panic_on_warn+0xab/0xb0 [ 54.515989][ T6357] __warn+0xf6/0x3c0 [ 54.516955][ T6357] ? _copy_from_iter+0x3a0/0x1560 [ 54.518238][ T6357] report_bug+0x3c0/0x580 [ 54.519323][ T6357] handle_bug+0x54/0xa0 [ 54.520365][ T6357] exc_invalid_op+0x17/0x50 [ 54.521494][ T6357] asm_exc_invalid_op+0x1a/0x20 [ 54.522687][ T6357] RIP: 0010:_copy_from_iter+0x3a0/0x1560 [ 54.524144][ T6357] Code: 5f fd 0f 01 cb 48 89 d9 4c 89 f7 48 89 ee f3 a4 0f 1f 00 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 1e ff ff ff e8 31 5c fc fc 90 <0f> 0b 90 e9 ae fd ff ff e8 23 5c fc fc 89 ee bf 01 00 00 00 e8 f7 [ 54.529028][ T6357] RSP: 0018:ffffc900039fef08 EFLAGS: 00010293 [ 54.530615][ T6357] RAX: 0000000000000000 RBX: 0000000000007fec RCX: ffffffff849db528 [ 54.532675][ T6357] RDX: ffff888023602440 RSI: ffffffff849db80f RDI: 0000000000000001 [ 54.534731][ T6357] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 54.536782][ T6357] R10: 0000000000000000 R11: 0000000000000003 R12: ffff8880315a9460 [ 54.538867][ T6357] R13: ffffc900039ff2f8 R14: ffff8880315a9460 R15: dffffc0000000000 [ 54.540928][ T6357] ? _copy_from_iter+0xb8/0x1560 [ 54.542219][ T6357] ? _copy_from_iter+0x39f/0x1560 [ 54.543558][ T6357] ? _copy_from_iter+0x39f/0x1560 [ 54.544902][ T6357] ? __pfx_lock_release+0x10/0x10 [ 54.546344][ T6357] ? trace_lock_acquire+0x14e/0x1f0 [ 54.547756][ T6357] ? __pfx__copy_from_iter+0x10/0x10 [ 54.549144][ T6357] ? __virt_addr_valid+0x1a4/0x590 [ 54.550487][ T6357] ? __virt_addr_valid+0x5e/0x590 [ 54.551823][ T6357] ? __phys_addr+0xc6/0x150 [ 54.553021][ T6357] ? __phys_addr_symbol+0x30/0x80 [ 54.554340][ T6357] ? __check_object_size+0x488/0x710 [ 54.555742][ T6357] p9pdu_vwritef+0x2d0/0x1cf0 [ 54.557025][ T6357] ? p9pdu_writef+0xc4/0x100 [ 54.558268][ T6357] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 54.559624][ T6357] ? __pfx_p9_tag_alloc+0x10/0x10 [ 54.560953][ T6357] ? mark_lock+0xb5/0xc60 [ 54.562091][ T6357] p9_client_prepare_req+0x244/0x4d0 [ 54.563485][ T6357] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 54.565011][ T6357] ? __kernel_text_address+0xd/0x40 [ 54.566377][ T6357] ? unwind_get_return_address+0x59/0xa0 [ 54.567855][ T6357] ? arch_stack_walk+0xa7/0x100 [ 54.569140][ T6357] p9_client_rpc+0x1c3/0xc10 [ 54.570363][ T6357] ? __lock_acquire+0xcc5/0x3c40 [ 54.571677][ T6357] ? __pfx_p9_client_rpc+0x10/0x10 [ 54.573023][ T6357] ? hlock_class+0x4e/0x130 [ 54.574227][ T6357] ? mark_lock+0xb5/0xc60 [ 54.575380][ T6357] p9_client_write+0x31f/0x680 [ 54.576647][ T6357] ? __pfx_p9_client_write+0x10/0x10 [ 54.578076][ T6357] ? mark_held_locks+0x9f/0xe0 [ 54.579344][ T6357] v9fs_issue_write+0xe2/0x180 [ 54.580611][ T6357] ? __pfx_v9fs_issue_write+0x10/0x10 [ 54.582003][ T6357] ? rcu_is_watching+0x12/0xc0 [ 54.583267][ T6357] ? trace_netfs_sreq+0x198/0x220 [ 54.584594][ T6357] netfs_do_issue_write+0x92/0x110 [ 54.585928][ T6357] netfs_advance_write+0x384/0xc80 [ 54.587299][ T6357] ? netfs_buffer_append_folio+0x276/0x360 [ 54.588823][ T6357] netfs_write_folio+0xc19/0x1930 [ 54.590145][ T6357] netfs_writepages+0x29a/0x8f0 [ 54.591455][ T6357] ? __pfx_netfs_writepages+0x10/0x10 [ 54.592927][ T6357] ? __pfx___lock_acquire+0x10/0x10 [ 54.594286][ T6357] ? hlock_class+0x4e/0x130 [ 54.595505][ T6357] ? __pfx_netfs_writepages+0x10/0x10 [ 54.596914][ T6357] do_writepages+0x1b3/0x820 [ 54.598152][ T6357] ? __pfx_do_writepages+0x10/0x10 [ 54.599502][ T6357] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 54.600981][ T6357] ? __pfx_lock_release+0x10/0x10 [ 54.602463][ T6357] ? do_raw_spin_lock+0x12d/0x2c0 [ 54.603809][ T6357] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 54.605210][ T6357] ? lock_acquire+0x2f/0xb0 [ 54.606411][ T6357] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 54.607965][ T6357] ? do_raw_spin_unlock+0x172/0x230 [ 54.609333][ T6357] filemap_fdatawrite_wbc+0x104/0x160 [ 54.610752][ T6357] __filemap_fdatawrite_range+0xb3/0xf0 [ 54.612250][ T6357] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 54.613887][ T6357] ? v9fs_fid_lookup+0xe9/0xec0 [ 54.615228][ T6357] v9fs_vfs_setattr+0x93a/0xab0 [ 54.616512][ T6357] ? __pfx_v9fs_vfs_setattr+0x10/0x10 [ 54.617937][ T6357] ? selinux_inode_setattr+0x246/0x400 [ 54.619386][ T6357] ? evm_inode_setattr+0x65/0x680 [ 54.620709][ T6357] ? __pfx_make_vfsgid+0x10/0x10 [ 54.622100][ T6357] ? __pfx_v9fs_vfs_setattr+0x10/0x10 [ 54.623524][ T6357] notify_change+0x6a6/0x1230 [ 54.624765][ T6357] vfs_utimes+0x41d/0x850 [ 54.625906][ T6357] ? __pfx_vfs_utimes+0x10/0x10 [ 54.627207][ T6357] ? putname+0x13c/0x180 [ 54.628333][ T6357] __x64_sys_utime+0x1e3/0x2c0 [ 54.629595][ T6357] ? __pfx___x64_sys_utime+0x10/0x10 [ 54.630980][ T6357] ? ksys_write+0x1ba/0x250 [ 54.632216][ T6357] do_syscall_64+0xcd/0x250 [ 54.633414][ T6357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.634961][ T6357] RIP: 0033:0x7f57c1585d19 [ 54.636138][ T6357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.641139][ T6357] RSP: 002b:00007f57c23a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 54.643273][ T6357] RAX: ffffffffffffffda RBX: 00007f57c1776080 RCX: 00007f57c1585d19 [ 54.645219][ T6357] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020003000 [ 54.647134][ T6357] RBP: 00007f57c23a2090 R08: 0000000000000000 R09: 0000000000000000 [ 54.649079][ T6357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.651073][ T6357] R13: 0000000000000001 R14: 00007f57c1776080 R15: 00007ffc9eb231e8 [ 54.653291][ T6357] [ 54.654816][ T6357] Kernel Offset: disabled [ 54.656127][ T6357] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:36:41 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88801d44b1e0 RCX=ffffffff82086848 RDX=ffff888023b60000 RSI=ffffffff82085b7d RDI=ffff88801d44b1e0 RBP=ffff88801d44b1e0 RSP=ffffc90003e7f7a8 R8 =0000000000000006 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000003 R12=0000000000000001 R13=0000000000000001 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff82085b82 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f57c23c2f98 CR3=000000000df7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000080000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffdc9acb10 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf19c029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf19c029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf19c029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf19c029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf19c02a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fbf19c02b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000005bf8d RBX=0000000000000001 RCX=ffffffff8b293679 RDX=0000000000000000 RSI=ffffffff8b6cd860 RDI=ffffffff8bd1e860 RBP=ffffed1003ad1910 RSP=ffffc90000187e08 R8 =0000000000000001 R9 =ffffed100d4e6fed R10=ffff88806a737f6b R11=0000000000000000 R12=0000000000000001 R13=ffff88801d68c880 R14=ffffffff905f2c90 R15=0000000000000000 RIP=ffffffff8b294a5f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000561f809ab908 CR3=0000000034b50000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0fffc00 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000001df8a ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555ac3f3b1 000055555ac3f330 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055555ac3fa22 000055555ac3f7f0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffd1080a800300 1000021000068004 060633960030656c 69662f2e01ffffff ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 38e600656d69745f 746961775f6f692e 7166622e6f696b6c 6201ffffffffffff ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 8080921000010000 080806040105be00 0400019db408000a 800401c708000808 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 80030fffffc08010 0003ffffffff0401 0000080806010000 060806080144ea20 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0103ffffffff0401 c08004040160ca00 0008070030656c69 662f2e01ffffffff ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffef0801c0 80030fffffc08010 0003ffffffff0401 0000080806010000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 060806080144ea20 8080921000010000 080806040105be00 0400019db408000a ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 800401c708000808 38e600656d69745f 746961775f6f692e 7166622e6f696b6c ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000220753eb60 RBX=ffff88806a828400 RCX=00000000000006e0 RDX=0000000000000022 RSI=ffff88806a828400 RDI=0000000000053274 RBP=0000000000053274 RSP=ffffc90005da7b20 R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000001 R12=0000000000000001 R13=0000000000000019 R14=0000000000000001 R15=ffff88806a82ca00 RIP=ffffffff8146b0c5 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000555574f49500 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f57c23c2f98 CR3=000000002e93c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c16029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c16029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c16029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c16029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c1602a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c1602b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c174b488 00007f57c174b480 00007f57c174b478 00007f57c174b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c22ad100 00007f57c174b440 00007f57c174b458 00007f57c174b4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c174b498 00007f57c174b490 00007f57c174b488 00007f57c174b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851b91a5 RDI=ffffffff9ab0cc20 RBP=ffffffff9ab0cbe0 RSP=ffffc900039fe868 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007 R12=0000000000000000 R13=0000000000000064 R14=ffffffff851b9140 R15=0000000000000000 RIP=ffffffff851b91cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f57c23a26c0 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f57c23a1f98 CR3=000000002e93c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffffffe Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c23a2060 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c16029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c16029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c16029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c16029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c1602a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f57c1602b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 73697664616d2065 74616c75706f7000 757a253d657a6973 2070253d72747000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 564c534144480540 51444950554a5500 505f0018405f4c56 0555001857515500 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000