last executing test programs: 3.064746749s ago: executing program 1 (id=249): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x800, 0x2) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000680)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}}) r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) r2 = socket(0x2, 0x2, 0x0) r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') lstat(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r5 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @local}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xb, 0x0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00Q', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x50) write$tun(r4, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x4e) ioctl$NBD_DO_IT(r3, 0xab03) ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x6) socket$nl_generic(0x10, 0x3, 0x10) ioctl$NBD_CLEAR_SOCK(r1, 0x125f) 3.005737093s ago: executing program 2 (id=251): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)=0x3) syz_io_uring_setup(0x400024fc, &(0x7f0000000400)={0x0, 0xda58, 0x400}, 0x0, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) syz_open_dev$video(&(0x7f00000000c0), 0x9, 0x0) r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x8, 0x98040) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0585605, &(0x7f0000000080)={0x1, 0x1, @stop_pts=0x81}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x40048d1}, 0x0) pselect6(0xffffffffffffff7f, &(0x7f0000000300)={0xfc, 0x7fffffffffffffff, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) clock_gettime(0x2, &(0x7f0000000280)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000340)={0x0}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x8, 0x3, 0x300, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x230, 0xffffffff, 0xffffffff, 0x230, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@common=@dst={{0x48}}, @common=@inet=@tos={{0x28}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x360) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000100)={r4}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000200)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000611040000000000095000000009ce57a7ef22ce2622c152fa0f4000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) mknod(&(0x7f0000000540)='./file1\x00', 0x0, 0x0) mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='qnx6\x00', 0x4, 0x0) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='tasks\x00', 0x2, 0x0) 2.611738216s ago: executing program 1 (id=256): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000800)=[{&(0x7f0000000380)=""/134, 0x86}, {&(0x7f0000000540)=""/95, 0x5f}, {&(0x7f00000005c0)=""/165, 0xa5}, {&(0x7f00000007c0)=""/9, 0x9}, {&(0x7f00000006c0)=""/103, 0x67}, {&(0x7f0000000440)=""/23, 0x17}, {&(0x7f0000000200)=""/25, 0x19}], 0x7, 0xb, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080), 0x52082, 0x0) r4 = eventfd2(0x3a, 0x1) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = dup(r6) ioctl$KVM_CAP_DIRTY_LOG_RING(r7, 0x4068aea3, &(0x7f0000000080)={0xc0, 0x0, 0x10000}) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r8, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) dup(r8) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000740)={0x18, 0x0, 0x0, {0x8}}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0x0, 0x0, 0x4}}, 0x30) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x800, &(0x7f0000000780)=ANY=[@ANYRES8=0x0, @ANYRES8=r3, @ANYRES32=r2, @ANYRES16=r6, @ANYRES32=r8, @ANYRESHEX=r4]) openat$vnet(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f0000000180)=""/37, 0x0, 0xfff}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000880)=ANY=[@ANYRES16=r4, @ANYRESDEC=r4, @ANYRES32=r4, @ANYRESOCT=r8], 0x118) 2.376414716s ago: executing program 1 (id=257): socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000000)={0x0, &(0x7f00000000c0)=""/98, 0x0, 0x0}, 0x38) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) mount$fuse(0x0, 0x0, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0x40107446, 0x20000000) socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x543100, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) syz_open_dev$video4linux(0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_io_uring_setup(0x2402, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f00000002c0)=ANY=[@ANYBLOB="67d2f301a730b88247177d8f5b470e2eaecd5befd2684ce30b7ffacb97d47b14fbb51c13d73d09ea2abb447ac358ff73a050b40dee76e3fd015951f7b6dcffcfe84153605f6832174b3d8f49e311b926b79b5af9d0334a11a152ad88a318a83f5f54b409892ca76bdc9f2cfae0fe3560174bd20f7574ee89f921ab4ace4f3c88de34342a91bdef1bf0d4472258a6f19e009ab4d227232af8c4681695b74cf5b2f6cee96814b80fd3e3b9e17f", @ANYRES8=r1, @ANYRES16=0x0, @ANYRES16=r4, @ANYBLOB="b8b8a15eddde78c6bc0349ac0f3c709f8857f0b73b4a53978856140c5c2f126675e1082e", @ANYRES32=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) write$tun(r1, &(0x7f00000001c0)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES64], 0x15) sendmsg$inet6(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000003c0)="f5115209301656fa8acdd0fbe5af9edf19b75aaa4202bd704838a15c6f1e123a1b8692526f5d8fc7cee8417aa0631544600b47198a6015d4d011ddfeb2bb1d8dfa63813d75bae180ee70985419501616d0ecf881d5a9ba408a5e313bc66ab80e135e06ea2e540c8c4ceda5a70a831a63d4f1ada783fbf2f3887c1eae1688037d99deb3df9c0394194eeef34046abeaca24cdcd6d26cd891b907ca7b40b7271738d3615c216b59eb845aa7a24206db466eee09d5f8660b65835e2401ae92ff7f8bf966043e7540ae87188c6f0432f2cff53d415d2385139538f30c8533a105716e34aa7b49514e83dba572027a1b266b9f6e3e8c6257cf6535f184ac822367ed5711e37b1ab237e95e2559fa2f6ca823bd957e506c0fef626c27b798991ae9c8949222bdb73083b1db1c1fafb72c1fb5cbbf455a9fc82be19aa97965edd18894a1f6a8d7d14a8fc706e0ed5d87928e5019d793ee1a086b38f8b8c89995e82e21ee9fc5391cde867605aee8752e1c339dffb3a5085e2a3d6872d6e45e7ff76e60f0aae1735833b7c0f26645d1e73f68946468e9b0bf3594e4cc16e926dece5ccfc25731f27b8e11b6a09b2a865dc869a5a895a0ec4ccf5218354d29bae67d01e8917cf36ba058c0381859fecdf3f0edca2d24f7eacc2daa1d0329311de9602902b16ee8b3048b294088328b43a2d7f48570a5c167ee73e184fcc7d6c4abc4fcc0df900a207ba310e82ebaa9ceb5a941ae764f893e60d357e4c782304b62b9b9726e3a8dadf1a85463039163bd6da5ecc9a9fda38733484b3376583de5c8d76228129c9634f6c5636f85469a45ff00f605bfa07228b143cffca09ff93f3b1c8e2db13ef836ef7f7813d5d5c886e49fc61fbd544a696938a58b099fb4af770f3fe55658e8cc0e3716aa46f6fe9e64a14bb461b52c7a196990f4d2003620fda918383aac7cc10c5d4da3cbd59c2abbd03fb9de81ef5f4d17321a5c83bee6fd09594aeb98f453d19d8826d71f97aa5328233f37bc476b9b5f87f8bfea44e0267438b7681852e1aaf57f4f0bf25d4588980ccb5f8e45bb2fdd1ce24852adcbfad9ff3d68e201e2c3485f75df947a18cb871b6baee96602867718944652bc4861a518cd97ec43c7a3a181df0d53f1448e5579beafbf97a133054d9d560016a75e63175b0e4478fce871dc16d8e86aa800ff42f1964129089cc62a996119e31c6966fe5d17a32b9ceaf93d2e220a9a28abe3403bb33f9f5436dee1d44b9d6e51a1de586aa1d01201a9ecea70a7193f7bdb86b4fba49bb378942a18b153b06cdc7fed45fdab1a8cfdc4a92097d5bf5dcdc37bf9320fde8a96c97786466c946f2202d9f21e5993bafc2dc39d37c93508dcf3309748fe80a1528e0ef60b0dcb6e0791c18923ea192fafaf43207a6f05bc2c2f9f18ad2051c902174fda3b55e5192c03e567cf128180c1493193cd8d72d8fb94548f97c309ce4eb2255084b3095f5095dd6facd89245065b46bf20fe3510b0494f7f45f29fc70fe55dce84f83e71daa4a7582b2d98729c3c6c45d5cfd143c98f52f897f0cfac6760da06c8eebfad167cfdb02281a06194abadae59540ae8a8c5ab15749ca0d19c6032ee04a06255fcd25565be7640ed810c9b31e565af4adbf79e98025855674559e51050d8e50f08533dbed7983ad0ba4df799adf7ee066bdd65f2f5ae2d334e4184a5c137defe88da41a9ba7108057a16319b5c1c252b53c1d8f9bf72a40d1424d35ea6d77de47fdc2315fda1e75caf89a4b94d01fc69d2b8ed75fad9068349093047f27aa536b9c537d743499d12d55f54f3a600e20fd50c33af364101e0cdd88b5be0513c59c5f4edaf6b20c76dafec4a4c37944aa3b288c91c9759200dd065d34f6f1b332547247206e75e4571720554acca8745840a62a172b7b963539279495e9e286dad4e937e805179f2b27fafb04fd66d58d8789d88596f0bf7b2e81bb441e4ac10534a5dee78bd50e068853de201eb6891a6d4424c14056e0df210965a2897f58c56a94f1ef9a656d1424fb7260bf949339d0ff7963f5528b1436d7078910ac7eb0a6fc2dbc31aa8d9ba1e377ea2c7cbc1f79a7c2a8d5cea006c4c48f805d6e98a86cd321a33ab9f84b5a6f11f5405c006f9b006912eba99655fe0d9a2560d0d6ec8d9bffeeb2115660447e229d81db1c862fa25ce79e721d433dc4cd59b503a701412bf0e5208da0bfe0e9175c315255a094cf69c369dfbc219ebbed2554a030252457401ecf6b088cfad13864dae64c76f44d64d1f2739274798b1df9ff2af906187efda7095493a249cd40d06dc11015941931306536b484174a4f044f2efbcb97e45fd3531f1410e0e3ecae53029ccc0ac99dd246b4d27e05de2fc76fa29da7c4b8baa77319de0aa2e8cec3fe8793945d5fc37a6fa760338b319cdfefaa8f64a0a0da7b8b1059a45ef0b2ec1e505a093d01ad8405fbb7a761a511583432a21bed9ffd1d903add79168d78aed7b8634568e5bda2c9bf0f6da0f9c11703ceacf0f4cfdc568b6e56a1fade863404dfb03caa64fb2f4994e58a445dc87fb0ffca0513d3bcf78eaef375e4a0de831b78555d3d5eba8bdd4acd72012e1f01c9a8319d9e5700c89e8754871a380682f57466cd50b22fa0cc60d33d1d8ed5b88c8439b71248cad8068c44bfc96fdb585a0d4bf657dcb8f00b1972a080d282ffd58086ac74e3f328e271ad8e82dbef137e94d837f323752949e520f1173e18e29f0734f03f52e90b482a0be99f5a28fc6fe4fadd4eefd0e6230a4f1731377db8a58462677e9447c9910ed2872d87369946c43817ee7926706b4b8b88251a35d037df568fae1be93859130240fa40c5300ebe4d0f6012603e747019ff837c2f012d2f7dcdd959d5570737d43469135981ab96077def6d32d2a916838d78016797e083905739d7202cd9d72f876ebc47f5fc6c1f43acd67c92c62fb4b73a74203bf1b320c2305f02f444d59527e213245f5dc917cd9e0769ec7134dd5394b45d6752cc60f46950a1e1b122c018bc402b5793a80b685a6e2f684b24cf818497c9915b010f8d2147c2d87eacd8538a982eb3522b211b7cdea65d079f934b4a700044b3afbafc8e3442459452721ac34fa3f3c9ec7d293da323dc7eda9f8575bd54272769eb135c4b96d93ab7ad98e57107eb79b699f681b0c5ad004693ead27d8b85c84290cffc4e4d7a907f5c6c6b11c988d3d3ab60584cee2fec2c92071f2a0835d3ab6611c81bb9d458527bbbe7513f2e89c1c4da2c9dd344fe676a5f6605f3492c3bfba71ecae8bee202bbe17e2aed85e73b8ccd59e65b2628917e912c80147c289e880ce3aaf30ccca3a8cb45b222f8f354f888a8ed01cbb454433620a42a272d0ab90b9d7a5ef55ac8d5d8321be9624602090a58657fea7696ad057584bfdc565eae1e3c1766be173e99b421621ae409b15e4cecdcd39f234b1eda81a999f75b83c9bf737da645e55c26ae8450f2f6b81a7d0bafbed40ea5688f8fa998082f7803a49071087c2a69c39a69f45015ae35735f42f0143ca1f3ac572d6a6771dd6c00620eda75d8a71fadd516c6c1910a1aa17983f271789660b07173ab83f4699008c3ebb24257365af815316247277719cd89b4009802dddea76aacf2650ae5b2eb28426f74676553d1ef98e69c9f390d6452ea21453a540a6e8ae1fcb3fb24643eca3be9421fb5392ad278d1f2b0223b75aee91e43e8677de6a32b4875b44f277122d2e27d4508028988ac497a25d5be3488a979d04c080cdd564ed999b2cae6d75a42e2789159c1a61d1cc1bc7abc4975a25bf5b9a92dedccf6d328429e0c972a738fabefd11775b97300eda608f7c1735167c7dd691879c3afba63e1b844c3180ee65b51a0863166814bd0d5f09cd8836cfeffa171c74f38441f00bee271af44018189b2edba4ecc00e2c5981ac3098d1bdfec80d3df47b3f91f86c70545b9d49e08b735b70ce8d2cb34c34e76be550d31018ed61fd611f97e8beeb66f4ee004e1e60097723c948b3f4f1efa50839b4ce2aaf2342167abe6bbc1167222677b9d334e386ebfcbd466dbf6f2c53ccff8109f2288d7720be1cc32f1a3d92784cea1877605d81840baf8a28a7d87a33d10ec4c4e6fb5c144706de8eeb13cc35111badca673618e2f0ac7bfd479c71e9a0572a4b3293e9fbaea3f37499cd539a35bd2828505e8c576d196973b864a3a916190b31b7dadba856cb8ef94a417cd36027a7feee226d2c4e14f9be1d64c44ff47cc23674bdb3c161cdf6bf6d08fb147fa87a2a815655f8906e8ec65821ba2eb220e91ed5d5c5111056ca6828b5f907647d24d8f5c93c6b93b6d617d7079bdbd6037e04dc68c435d75786275cdcb7eeec1f99da30a0a018899ac6372dc0464a5c14046d1fb3c3965e9ecb9aab68fd8bc83fe5bbc20cbdc401581fc8183a87d3c08f52126c0b005207b45da8679e72fccd7bbfb5165df0dcc04f7fe9438ca5141515856880f07b5f6e724a595ef886d5629392fbbc2d71a14155f06cf8b5176d1b663a4feecaeb6999e94a8bc8875ec83d8cfae8ef548f4d8e4bdb8093c4df8741809bba0c8ee50435d74c2dfb13a99620383629598c2b5bd0ef464390fcaed8c6b8a24f8be2f2edea2379e757b88162ad6a10f05e0dd34febd3afb2db34a4cfabd9ce29761bf934d55fdbc15a720273a16969e3ddc2e74c6ca796d9428945751ea983a156cc5ac3f7ceb28c45f28be80d66f1d3b9f661275c3f6c3324abe6757722df89c447bd250c1decb6431be7514e9c3c1d083e8f78732e9ce7f43d153e1499fde483df3aa23f30fa0834988ed3711a6fdd85c77bdeef3477a9ed4f0a584da09bd8a2884b61fc68283ed4aa8193245333e561f814449822774c38f400b09a20be421f0e43fc6fbd1211c41adb8f26feab1dc6dac798a00798a9b82c444e49477f236656754d6a517ae5ce363d1c616a080c178e12f0a3cffff3f675478aa4e4fd2d24b5a07262bf7e31676d31cfe464831975a4d5f38a6620c173c9a231c9d7b5538447f971f3ef5849803eceda7cd3f21e87f273664e3ec39425fe2b289cbcab11bea97b3e07fba0d12acf6ca5acc69871d3b3e8a8d8f18cdfe11a427054dfad66916db7d2f542fed93c2fb0562de14d50e02a405d939ae444e7fd4aa97227bb01e2dd5f9fdf4d96b59dfd4479ab4972e3adc03ace691558d11fd06464d6ef1f4c4659fd5326655bc486953df667e78acc794290c50cb29f55ff1af4ddb738c04399358e72d353cd22b5268fc8f07fec704edcc255448f853a4c5beeac1e79011728d72ccf4d0daff0483b1911ca08fc95716733458cea4abe72635a4231e6c288fc82dd7162fe194eec7d4aaa1e37d0a95a9656e1c8531c66f67eca4d262eb461e4511e7fdcd4f1e958d291efbec4b094a8138587cdcf6fec0e6fb6106b188e0ead6cf6b93d9a5ccea7df944b50c2e5f4adea055c2d5e4f41cdc9a8235e4f062464d691d2cc52d8d488727cefea75d00b7474bd93a694f5da0de0ff6c3ffc0ab37cd96f25ad7f5c3ec6ea70fc02ec1b98d4ca19cc476616d94ed37253133efac9a00884229d1ba19ed39bb871dbd8b2d932a7715992929880606d1aa51947614f1436779ce2f978d261d66c3379e345d88228adf191703bb15fca64a462fe54604f897f01964e97b9c2db2f5fc67e5696dea4a61bf3c4b78d4f529366b255d19f1dccd92fada5191f68f3f68ea565dc347100c775a3ea3a5242ed3de4dacc79ffb79e92c69eea64e081c20df14bd14c7b4cabe9be77658", 0x1000}, {&(0x7f00000013c0)="d20eb273de826fb2d50efe938b52e223b7c177a6314a59cb05daa793d8e5343ef5a39304de01aaa5e5c680b9b9fa6aeff998c97d1688bd93aca2c48ed245cae3ab446c79fc954436df6b172feee7608dccb7c30320a82a5f03", 0x59}], 0x2, &(0x7f0000001580)=ANY=[@ANYBLOB="000000000000290000000b0000000000000900000000d00000000000000029000000370000000817000000000000071a8ab891f29bbb0ce7d98a16d2419fb92b9161c1d51793f5446fa8040103050200000730000000020a01070000000000000000007f000000000000000d00000000000000010000000000000004000000000000000758000000029a963cd784d573140006004c06000000000000080000000000000002000000040000000100000000000000080000000000000002000000000000000900000000000000050000000000000002000000000000000100000000000000c204000000780001000000"], 0xe8}, 0x40048c4) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r7, 0x0) 2.179865545s ago: executing program 1 (id=260): socket$inet6(0xa, 0x800000000000002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x4008031, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000280)='./file1\x00') bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0xffff0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x50) read$msr(0xffffffffffffffff, &(0x7f0000032680)=""/102400, 0x19000) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[], 0xd4}}, 0x4008000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = socket$l2tp(0x2, 0x2, 0x73) r4 = userfaultfd(0x80801) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x7d}) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) munmap(&(0x7f0000151000/0x4000)=nil, 0x4000) close_range(r3, 0xffffffffffffffff, 0x0) syz_init_net_socket$llc(0x1a, 0x801, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff) getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000001c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000580)={'wg0\x00'}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'sit0\x00', &(0x7f00000004c0)={'syztnl2\x00', 0x0, 0x7, 0x301, 0x9, 0x0, {{0x1b, 0x4, 0x0, 0xd, 0x6c, 0x67, 0x0, 0x80, 0x4, 0x0, @empty, @multicast1, {[@timestamp_prespec={0x44, 0xc, 0xb9, 0x3, 0x7, [{@dev={0xac, 0x14, 0x14, 0x23}, 0x9}]}, @timestamp={0x44, 0x24, 0xa, 0x0, 0x7, [0x2, 0x5, 0x1c51, 0x3, 0x7, 0x0, 0x5, 0x8]}, @noop, @ssrr={0x89, 0x3, 0x49}, @timestamp_prespec={0x44, 0x24, 0x83, 0x3, 0xa, [{@empty, 0x8008}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}, {@rand_addr=0x64010101, 0x1}, {@private=0xa010100, 0x4}]}]}}}}}) 2.102304361s ago: executing program 2 (id=261): bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r0, 0x8b19, &(0x7f0000000080)={'wlan1\x00', @random="02000010000a"}) 2.101927801s ago: executing program 2 (id=262): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_emit_ethernet(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x18}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) close(r1) 1.936235988s ago: executing program 0 (id=265): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000800)=[{&(0x7f0000000380)=""/134, 0x86}, {&(0x7f0000000540)=""/95, 0x5f}, {&(0x7f00000005c0)=""/165, 0xa5}, {&(0x7f00000007c0)=""/9, 0x9}, {&(0x7f00000006c0)=""/103, 0x67}, {&(0x7f0000000440)=""/23, 0x17}, {&(0x7f0000000200)=""/25, 0x19}], 0x7, 0xb, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080), 0x52082, 0x0) r4 = eventfd2(0x3a, 0x1) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = dup(r6) ioctl$KVM_CAP_DIRTY_LOG_RING(r7, 0x4068aea3, &(0x7f0000000080)={0xc0, 0x0, 0x10000}) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r8, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) dup(r8) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000740)={0x18, 0x0, 0x0, {0x8}}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0x0, 0x0, 0x4}}, 0x30) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x800, &(0x7f0000000780)=ANY=[@ANYRES8=0x0, @ANYRES8=r3, @ANYRES32=r2, @ANYRES16=r6, @ANYRES32=r8, @ANYRESHEX=r4]) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r7) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f0000000180)=""/37, 0x0, 0xfff}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000880)=ANY=[@ANYRES16=r4, @ANYRESDEC=r4, @ANYRES32=r4, @ANYRESOCT=r8], 0x118) 1.765763683s ago: executing program 2 (id=266): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000007c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1fe8ffff000000000f003b00000008000300", @ANYRES32=r2, @ANYBLOB="21003300d0800000080211000000080211000001505050505050000000000000", @ANYRESOCT=r0], 0x40}, 0x1, 0x0, 0x0, 0x4000084}, 0x0) io_uring_setup(0x6a1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3, 0x4}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)=ANY=[@ANYBLOB="148071334d000900000000000000000001600000"], 0x14}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r4 = syz_io_uring_setup(0x4b6, &(0x7f0000000080), &(0x7f0000ff0000), &(0x7f0000000000)) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000002200)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f0000000640)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000004c0000000e0001006e657464657673696d00000022ff02006e657464657673696d3000000f00b2007365e36f6e646e616d650000521ae72c0f3a0ba2b47a30674dbdf8dfb594327175f1d954c4898be893bc091dd7c9b6887771054b0bdb030bffb88a51b52b1f19c3b3f46eee44577b1c30a041f6a1e7224969c3362ed9bb910d38e14788866dd05925adb003f2c393e51ecd9211432d39fc7980f5774293feedcb56528b0edbb9628af941af75e4da8dff7c34358dc2c31633cf16"], 0x44}}, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f0000000600)={0xfffffffe, 0x0, &(0x7f0000000140)=[{0x0}, {&(0x7f0000000200)=""/14, 0xe}], &(0x7f00000002c0)=[0x1600000000000000, 0x0, 0x1, 0x7, 0x7fff, 0x9, 0x40e, 0x1], 0x2}, 0x20) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02020409100000000000004c9e00000002001300027f0000000000000000004105000600200000000a000000000000000005000201080f00e0001f080000000000092000000000000200010020e9ffeeffff0702000098a805000500ea0000000a"], 0x80}}, 0x0) sendmmsg(r7, &(0x7f0000000180), 0x393, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000040ef17676000000000000109022400010000000c090400000103000000092100000001220500090581030000000000"], 0x0) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r10, 0xc00caee0, &(0x7f0000000040)={0x4, 0xffffffffffffffff}) ioctl$KVM_GET_DEVICE_ATTR(r11, 0x4018aee2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000440), 0x2}}, 0x20) syz_usb_control_io$hid(r8, 0x0, 0x0) 1.65610068s ago: executing program 0 (id=267): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x4, 0x4, 0x4, 0x10005, 0x800}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r0, 0x58, &(0x7f0000000340)={0x0, 0x0}}, 0x10) r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={r1}, 0xc) close(r2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001380)='/proc/asound/timers\x00', 0x0, 0x0) read$hiddev(r4, &(0x7f00000000c0)=""/4092, 0xffc) 1.655666327s ago: executing program 3 (id=268): r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x5, 0x2e3042) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0xc1485544, 0xfffffffffffffffe) 1.655270051s ago: executing program 3 (id=269): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)=0x3) syz_io_uring_setup(0x400024fc, &(0x7f0000000400)={0x0, 0xda58, 0x400}, 0x0, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) syz_open_dev$video(&(0x7f00000000c0), 0x9, 0x0) r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x8, 0x98040) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0585605, &(0x7f0000000080)={0x1, 0x1, @stop_pts=0x81}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x40048d1}, 0x0) pselect6(0xffffffffffffff7f, &(0x7f0000000300)={0xfc, 0x7fffffffffffffff, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) clock_gettime(0x2, &(0x7f0000000280)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000340)={0x0}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x8, 0x3, 0x300, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x230, 0xffffffff, 0xffffffff, 0x230, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@common=@dst={{0x48}}, @common=@inet=@tos={{0x28}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x360) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000100)={r4}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000200)) mknod(&(0x7f0000000540)='./file1\x00', 0x0, 0x0) mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='qnx6\x00', 0x4, 0x0) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='tasks\x00', 0x2, 0x0) 1.376056283s ago: executing program 0 (id=270): ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e21, 0x81, @mcast1}, 0x1c) listen(r0, 0xfff) socket$inet6_udplite(0xa, 0x2, 0x88) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CAP_VM_COPY_ENC_CONTEXT_FROM(r1, 0x4068aea3, &(0x7f0000000200)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r2, 0x107, 0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setreuid(0x0, r5) sendmsg$NFT_BATCH(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="310000000000000000000000000000000000000a2c000000050a0300007dfa247a00000000000000020000000c00024000000000000000010900010073797a30000000002c000000030a01020000000000000000020000000900017b0b1b3a4d0073797a30000000000900030073797a32000000001400000011000100000000000000"], 0x80}}, 0x0) r6 = getpid() r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r7}, 0x10) process_vm_readv(r6, &(0x7f00000001c0)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/147, 0xfffffffffffffed2}], 0x2, &(0x7f0000000600)=[{&(0x7f0000000380)=""/114}, {&(0x7f0000000400)=""/96}, {&(0x7f0000000480)=""/51}, {&(0x7f0000000b40)=""/4096}], 0x0, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105842, 0x0) r9 = epoll_create1(0x0) r10 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100), 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="7472004000006664ff849b3679f4ec5133842d6734718388", @ANYRESHEX=r10, @ANYBLOB=',wfdno=', @ANYRESHEX=r9, @ANYBLOB="2c0020774fdc92a3e21fe495f70a86ab96cfabc2c69725bdbb9242ba18a9daaed87db181b3d0d60618a2ab044843b8c130f8af621ab80386a7deb8cdabbf94c7ca775708f6cc4c82f6974fe3a64c1f848a9373f83f1cad6b3f8b8caad9d6550c3f5858cedb4586b73d3f0344b9bac1f4c8c2cb0b096552346347c0dcb46414aec622cddbfb267e49489d20254591724958c88187b1c1b74b11972adec5ed62ad825f979f4a501b888d51ce51d048121229a1016d6fb1130d1986d416755c6d52976cc1626f815730a54033293256278c1492af5e0fe4e41f87fcb2470fa6c530dd1b47d7e76caf79d1397c54ebc8855d9517d4272ed42d53c312682926cafe7cddf2d9097ae700a21b635a34911f11a287acc022d8190d8d0a7528b98ad83814b186185a1e0cafd2f8811f47cd24c6ab3da4f863c8de07d9a1978d7eb27e7afa83afd26d9b48b41b80c8970935a57e1cb492f8d5ed20ca19f565a07357f7f374d41a4d5c49fb9ea525ac803cce8fdde7cb110e"]) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@bloom_filter={0x1e, 0xfff, 0x0, 0x5, 0x100, r8, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4, 0x3, 0x3}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000000c0)={0x0, &(0x7f0000000000)=""/103, &(0x7f0000000600), &(0x7f0000001b40), 0x80, r11, 0x0, 0x7}, 0x38) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1.305578503s ago: executing program 0 (id=271): r0 = socket(0x15, 0x5, 0x0) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$bt_hci(r1, 0x84, 0x80, &(0x7f0000000000)=""/4102, &(0x7f0000001080)=0x1006) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = socket$tipc(0x1e, 0x5, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000380)={0x1ff, 0x2, 0x2000, 0x2000, &(0x7f0000feb000/0x2000)=nil}) r6 = openat$capi20(0xffffffffffffff9c, &(0x7f00000010c0), 0x101200, 0x0) ioctl$CAPI_NCCI_OPENCOUNT(r6, 0x80044326, 0x0) syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r8}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r9 = getpid() process_vm_readv(r9, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r10, 0x800452d2, &(0x7f0000000100)) r11 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCL_GETMOUSEREPORTING(r11, 0x5412, 0x0) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, &(0x7f0000000200)="650f09dc6a8166b81e018ee88fc978c7c966b822008ee8b8010000000f01d9f266f30f2295b97f0800000f32b9370200000f320f35", 0x35}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10) process_mrelease(r2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, &(0x7f00000002c0)={0x0, 'batadv0\x00', {0x4}, 0x1}) syz_emit_ethernet(0x5e, &(0x7f0000001100)={@empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@val={0x88a8, 0x2, 0x1, 0x3}, {0x8100, 0x2}}, {@canfd={0xd, {{0x0, 0x0, 0x1, 0x1}, 0x25, 0x1, 0x0, 0x0, "66211c7503d92c169f090b6b43540c7ef5c5c204cb630ed71920fd3c61021afe68f78c03c0d27fd1a06df2aea1cd9acf43441f6c6a55f212291c511ab6cfe90f"}}}}, &(0x7f0000001040)={0x0, 0x1, [0xb5c, 0x270, 0x747, 0x516]}) 1.105153658s ago: executing program 1 (id=272): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) r1 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) symlinkat(&(0x7f0000000180)='./file0\x00', r2, &(0x7f00000001c0)='./file0\x00') write$binfmt_elf64(r0, &(0x7f00000006c0)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e00008818000000000000000000400000000000000000000000000000000000000000003800010000000000000003000000000000000000000000000000000000000000000000000000000000001c"], 0x78) close(r0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x3fffe, 0x0, 0xffffffffffffffff, 0x2000000, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x48) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@deltaction={0x0, 0x31, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@TCA_ACT_TAB={0x0, 0x1, [{0x0, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'nat\x00'}}, {0x0, 0x6, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x5}}, {0x0, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'mirred\x00'}}, {0x0, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x2}}, {0x0, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x7ff}}, {0x0, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'bpf\x00'}}, {0x0, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0xffffffff}}, {0x0, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x9}}]}, @TCA_ACT_TAB={0x0, 0x1, [{0x0, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'sample\x00'}}, {0x0, 0x10, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'csum\x00'}}, {0x0, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x6}}, {0x0, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'skbedit\x00'}}]}, @TCA_ACT_TAB={0x0, 0x1, [{0x0, 0x17, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'skbedit\x00'}}, {0x0, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'xt\x00'}}, {0x0, 0x2, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'ife\x00'}}, {0xffffffffffffff8e, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'connmark\x00'}}, {0x0, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0x0, 0x1, 'sample\x00'}}, {0x0, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0xfffff0ee}}, {0x0, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x0, 0x3, 0x1}}]}]}, 0x19c}}, 0x0) signalfd4(r3, &(0x7f00000002c0)={[0x2]}, 0x8, 0x800) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x4e, &(0x7f0000000040)=0x5) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) getcwd(&(0x7f0000000f00)=""/4096, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff, '\x00', 0x0, 0x0, 0x5}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) socket$packet(0x11, 0x2, 0x300) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000f00000000000000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 722.090082ms ago: executing program 3 (id=273): mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') lchown(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0, 0x0) 605.565822ms ago: executing program 3 (id=274): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000a40)="2e9b3d0007", 0x5}, {&(0x7f0000000040)="cc4003cdda2e24d2eba4607743", 0xd}], 0x2) 415.995978ms ago: executing program 0 (id=275): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_emit_ethernet(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x18}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) close(r1) 415.514579ms ago: executing program 3 (id=276): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000800)=[{&(0x7f0000000380)=""/134, 0x86}, {&(0x7f0000000540)=""/95, 0x5f}, {&(0x7f00000005c0)=""/165, 0xa5}, {&(0x7f00000007c0)=""/9, 0x9}, {&(0x7f00000006c0)=""/103, 0x67}, {&(0x7f0000000440)=""/23, 0x17}, {&(0x7f0000000200)=""/25, 0x19}], 0x7, 0xb, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080), 0x52082, 0x0) r4 = eventfd2(0x3a, 0x1) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = dup(r6) ioctl$KVM_CAP_DIRTY_LOG_RING(r7, 0x4068aea3, &(0x7f0000000080)={0xc0, 0x0, 0x10000}) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r8, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) dup(r8) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000740)={0x18, 0x0, 0x0, {0x8}}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f00000000c0)={0x30, 0x5, 0x0, {0x0, 0x0, 0x0, 0x4}}, 0x30) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x800, &(0x7f0000000780)=ANY=[@ANYRES8=0x0, @ANYRES8=r3, @ANYRES32=r2, @ANYRES16=r6, @ANYRES32=r8, @ANYRESHEX=r4]) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r7) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f0000000180)=""/37, 0x0, 0xfff}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000880)=ANY=[@ANYRES16=r4, @ANYRESDEC=r4, @ANYRES32=r4, @ANYRESOCT=r8], 0x118) 155.005387ms ago: executing program 1 (id=277): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$vim2m(0x0, 0x800, 0x2) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000680)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}}) r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) r2 = socket(0x2, 0x2, 0x0) r3 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000001180)='./bus\x00') lstat(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r5 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @local}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xb, 0x0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00Q', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x50) write$tun(r4, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x4e) ioctl$NBD_DO_IT(r3, 0xab03) ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x6) socket$nl_generic(0x10, 0x3, 0x10) ioctl$NBD_CLEAR_SOCK(r1, 0x125f) 91.226335ms ago: executing program 0 (id=278): add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_init_net_socket$x25(0x9, 0x5, 0x0) r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) bind$x25(0xffffffffffffffff, &(0x7f00000000c0), 0x12) bind$x25(r0, &(0x7f0000000100), 0x12) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4) read(r2, 0x0, 0x300) sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000100", @ANYRES16=r3], 0x1c}}, 0x801) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000011c0)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfe, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0xb, @loopback}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000030000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000080)='kfree\x00', r7}, 0x10) r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_REAPURB(r8, 0x4008550c, &(0x7f0000002680)) ioctl$USBDEVFS_FREE_STREAMS(r8, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"]) add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000140)="c5", 0x1, 0x0) add_key$user(0x0, 0x0, &(0x7f0000000200), 0x0, 0x0) add_key$user(0x0, &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000480)="03", 0x1, 0xfffffffffffffffe) capset(0x0, 0x0) r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSBRKP(r9, 0x5425, 0x0) ioctl$TIOCSETD(r9, 0x5423, 0x0) ioctl$TCSETSW2(r9, 0x540e, 0x0) 3.319167ms ago: executing program 2 (id=279): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchmod(r2, 0x0) 2.808051ms ago: executing program 3 (id=280): r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$P9_RMKNOD(r0, &(0x7f0000000040)={0x14}, 0x14) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r2, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x1}}, 0x40) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r3, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x1}}, 0x40) (fail_nth: 8) 0s ago: executing program 2 (id=281): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)=0x3) syz_io_uring_setup(0x400024fc, &(0x7f0000000400)={0x0, 0xda58, 0x400}, 0x0, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) syz_open_dev$video(&(0x7f00000000c0), 0x9, 0x0) r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x8, 0x98040) ioctl$VIDIOC_TRY_DECODER_CMD(r1, 0xc0585605, &(0x7f0000000080)={0x1, 0x1, @stop_pts=0x81}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x40048d1}, 0x0) pselect6(0xffffffffffffff7f, &(0x7f0000000300)={0xfc, 0x7fffffffffffffff, 0x4, 0x1, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) clock_gettime(0x2, &(0x7f0000000280)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000340)={0x0}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000a40)=@raw={'raw\x00', 0x8, 0x3, 0x300, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x230, 0xffffffff, 0xffffffff, 0x230, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@common=@dst={{0x48}}, @common=@inet=@tos={{0x28}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x360) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000100)={r4}) mknod(&(0x7f0000000540)='./file1\x00', 0x0, 0x0) mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='qnx6\x00', 0x4, 0x0) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='tasks\x00', 0x2, 0x0) kernel console output (not intermixed with test programs): [ 37.907464][ T39] audit: type=1400 audit(1723141504.810:80): avc: denied { write } for pid=5241 comm="sh" path="pipe:[6163]" dev="pipefs" ino=6163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 37.915514][ T39] audit: type=1400 audit(1723141504.810:81): avc: denied { rlimitinh } for pid=5241 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 37.922168][ T39] audit: type=1400 audit(1723141504.810:82): avc: denied { siginh } for pid=5241 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 39.276804][ T39] audit: type=1400 audit(1723141506.200:83): avc: denied { read } for pid=4811 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 39.286430][ T39] audit: type=1400 audit(1723141506.200:84): avc: denied { append } for pid=4811 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.296107][ T39] audit: type=1400 audit(1723141506.200:85): avc: denied { open } for pid=4811 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 39.305928][ T39] audit: type=1400 audit(1723141506.200:86): avc: denied { getattr } for pid=4811 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 Warning: Permanently added '[localhost]:28533' (ED25519) to the list of known hosts. [ 40.475430][ T39] audit: type=1400 audit(1723141507.390:87): avc: denied { name_bind } for pid=5269 comm="sshd" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 42.901417][ T5276] cgroup: Unknown subsys name 'net' [ 42.905266][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 42.905279][ T39] audit: type=1400 audit(1723141509.830:92): avc: denied { unmount } for pid=5276 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 43.050835][ T5276] cgroup: Unknown subsys name 'rlimit' [ 43.197218][ T39] audit: type=1400 audit(1723141510.120:93): avc: denied { setattr } for pid=5276 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=763 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 43.207252][ T39] audit: type=1400 audit(1723141510.120:94): avc: denied { create } for pid=5276 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 43.215831][ T39] audit: type=1400 audit(1723141510.120:95): avc: denied { write } for pid=5276 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 43.225175][ T39] audit: type=1400 audit(1723141510.120:96): avc: denied { read } for pid=5276 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 43.233896][ T39] audit: type=1400 audit(1723141510.140:97): avc: denied { mounton } for pid=5276 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 43.245019][ T39] audit: type=1400 audit(1723141510.140:98): avc: denied { mount } for pid=5276 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 43.256522][ T39] audit: type=1400 audit(1723141510.140:99): avc: denied { read } for pid=5049 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 43.269875][ T5320] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 43.274778][ T39] audit: type=1400 audit(1723141510.200:100): avc: denied { relabelto } for pid=5320 comm="mkswap" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 43.286093][ T39] audit: type=1400 audit(1723141510.200:101): avc: denied { write } for pid=5320 comm="mkswap" path="/swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.216477][ T5276] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 48.281929][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 48.281939][ T39] audit: type=1400 audit(1723141515.210:105): avc: denied { execmem } for pid=5329 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 48.899418][ T39] audit: type=1400 audit(1723141515.830:106): avc: denied { mounton } for pid=5333 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 48.912145][ T39] audit: type=1400 audit(1723141515.830:107): avc: denied { mount } for pid=5333 comm="syz-executor" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 48.921114][ T39] audit: type=1400 audit(1723141515.840:108): avc: denied { create } for pid=5333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 48.931122][ T39] audit: type=1400 audit(1723141515.840:109): avc: denied { read write } for pid=5333 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 48.939941][ T39] audit: type=1400 audit(1723141515.840:110): avc: denied { open } for pid=5333 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 48.948557][ T39] audit: type=1400 audit(1723141515.850:111): avc: denied { ioctl } for pid=5333 comm="syz-executor" path="socket:[3799]" dev="sockfs" ino=3799 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 48.979877][ T5346] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 48.980185][ T5347] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 48.984672][ T5346] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 48.985393][ T5348] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 48.987482][ T5348] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 48.987938][ T5347] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 48.988443][ T5347] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 48.990182][ T5346] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 48.990194][ T5347] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 48.990979][ T5347] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 48.991286][ T5347] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 48.994533][ T5347] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 48.997915][ T39] audit: type=1400 audit(1723141515.920:112): avc: denied { read } for pid=5333 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 49.002832][ T4767] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 49.004173][ T39] audit: type=1400 audit(1723141515.920:113): avc: denied { open } for pid=5333 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 49.008681][ T5347] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 49.008865][ T5349] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 49.010312][ T39] audit: type=1400 audit(1723141515.930:114): avc: denied { mounton } for pid=5333 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 49.014419][ T5349] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 49.014435][ T5347] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 49.014857][ T5347] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 49.015897][ T5347] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 49.017328][ T5347] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 49.028213][ T5349] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 49.032589][ T66] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 49.040401][ T5349] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 49.089109][ T5349] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 49.298945][ T5333] chnl_net:caif_netlink_parms(): no params data found [ 49.384062][ T5335] chnl_net:caif_netlink_parms(): no params data found [ 49.437719][ T5334] chnl_net:caif_netlink_parms(): no params data found [ 49.489094][ T5333] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.492143][ T5333] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.495318][ T5333] bridge_slave_0: entered allmulticast mode [ 49.500876][ T5333] bridge_slave_0: entered promiscuous mode [ 49.582095][ T5333] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.585236][ T5333] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.588310][ T5333] bridge_slave_1: entered allmulticast mode [ 49.592313][ T5333] bridge_slave_1: entered promiscuous mode [ 49.698606][ T5333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.778340][ T5334] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.781688][ T5334] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.784862][ T5334] bridge_slave_0: entered allmulticast mode [ 49.788878][ T5334] bridge_slave_0: entered promiscuous mode [ 49.795555][ T5333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.800083][ T5334] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.803284][ T5334] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.806488][ T5334] bridge_slave_1: entered allmulticast mode [ 49.812078][ T5334] bridge_slave_1: entered promiscuous mode [ 49.815802][ T5335] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.818944][ T5335] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.821659][ T5335] bridge_slave_0: entered allmulticast mode [ 49.825534][ T5335] bridge_slave_0: entered promiscuous mode [ 49.830018][ T5336] chnl_net:caif_netlink_parms(): no params data found [ 49.913646][ T5335] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.916848][ T5335] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.920306][ T5335] bridge_slave_1: entered allmulticast mode [ 49.924240][ T5335] bridge_slave_1: entered promiscuous mode [ 49.954356][ T5333] team0: Port device team_slave_0 added [ 50.044822][ T5335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.051079][ T5333] team0: Port device team_slave_1 added [ 50.055881][ T5334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.066098][ T5335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.132712][ T5334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.172394][ T5335] team0: Port device team_slave_0 added [ 50.230424][ T5333] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.233452][ T5333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.244344][ T5333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.273953][ T5335] team0: Port device team_slave_1 added [ 50.308167][ T5334] team0: Port device team_slave_0 added [ 50.312620][ T5333] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.315659][ T5333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.324258][ T5333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.360615][ T5334] team0: Port device team_slave_1 added [ 50.368259][ T5336] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.370818][ T5336] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.373221][ T5336] bridge_slave_0: entered allmulticast mode [ 50.376127][ T5336] bridge_slave_0: entered promiscuous mode [ 50.379383][ T5335] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.382317][ T5335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.391377][ T5335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.397165][ T5335] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.399943][ T5335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.408656][ T5335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.442847][ T5336] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.445324][ T5336] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.447761][ T5336] bridge_slave_1: entered allmulticast mode [ 50.450632][ T5336] bridge_slave_1: entered promiscuous mode [ 50.491748][ T5333] hsr_slave_0: entered promiscuous mode [ 50.494615][ T5333] hsr_slave_1: entered promiscuous mode [ 50.498481][ T5334] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.503632][ T5334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.513950][ T5334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.565019][ T5336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.572369][ T5336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.576976][ T5334] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.580226][ T5334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.591710][ T5334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.729830][ T5335] hsr_slave_0: entered promiscuous mode [ 50.733099][ T5335] hsr_slave_1: entered promiscuous mode [ 50.736175][ T5335] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.739807][ T5335] Cannot create hsr debugfs directory [ 50.787630][ T5336] team0: Port device team_slave_0 added [ 50.793193][ T5336] team0: Port device team_slave_1 added [ 50.821880][ T5334] hsr_slave_0: entered promiscuous mode [ 50.824530][ T5334] hsr_slave_1: entered promiscuous mode [ 50.826911][ T5334] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.829873][ T5334] Cannot create hsr debugfs directory [ 50.866974][ T5336] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.871079][ T5336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.879601][ T5336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.884929][ T5336] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.887268][ T5336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.895768][ T5336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.019847][ T5345] Bluetooth: hci0: command tx timeout [ 51.099342][ T5345] Bluetooth: hci1: command tx timeout [ 51.099383][ T5349] Bluetooth: hci3: command tx timeout [ 51.099500][ T66] Bluetooth: hci2: command tx timeout [ 51.124130][ T5336] hsr_slave_0: entered promiscuous mode [ 51.126610][ T5336] hsr_slave_1: entered promiscuous mode [ 51.128971][ T5336] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 51.132154][ T5336] Cannot create hsr debugfs directory [ 51.295921][ T5333] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 51.305745][ T5333] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 51.314865][ T5333] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 51.325007][ T5333] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 51.407544][ T5335] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 51.414757][ T5335] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 51.423049][ T5335] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 51.427328][ T5335] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 51.481898][ T5334] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 51.493408][ T5334] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 51.503093][ T5334] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 51.518158][ T5334] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 51.579378][ T5336] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 51.586149][ T5336] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 51.592863][ T5336] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 51.599516][ T5336] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 51.650493][ T5333] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.677551][ T5335] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.687300][ T5333] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.727049][ T5335] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.734687][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.737414][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.742133][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.744726][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.758444][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.761460][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.775710][ T1997] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.778253][ T1997] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.785750][ T5334] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.843602][ T5336] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.862489][ T5334] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.879627][ T5336] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.888477][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.891526][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.896661][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.899751][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.912403][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.914889][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.918855][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.921326][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.012236][ T5335] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.034962][ T5333] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.091096][ T5335] veth0_vlan: entered promiscuous mode [ 52.101098][ T5333] veth0_vlan: entered promiscuous mode [ 52.110067][ T5335] veth1_vlan: entered promiscuous mode [ 52.115449][ T5333] veth1_vlan: entered promiscuous mode [ 52.150512][ T5334] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.180096][ T5336] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.184380][ T5335] veth0_macvtap: entered promiscuous mode [ 52.191049][ T5335] veth1_macvtap: entered promiscuous mode [ 52.220081][ T5333] veth0_macvtap: entered promiscuous mode [ 52.228663][ T5335] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.235988][ T5335] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.244035][ T5335] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.247912][ T5335] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.252005][ T5335] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.255153][ T5335] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.267463][ T5333] veth1_macvtap: entered promiscuous mode [ 52.290293][ T5334] veth0_vlan: entered promiscuous mode [ 52.318386][ T5333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.323993][ T5333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.331094][ T5333] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.334807][ T5334] veth1_vlan: entered promiscuous mode [ 52.341652][ T5333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.345544][ T5333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.351954][ T5333] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.382331][ T5333] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.386125][ T5333] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.391363][ T5333] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.395204][ T5333] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.404784][ T5336] veth0_vlan: entered promiscuous mode [ 52.440342][ T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.443522][ T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.448963][ T5334] veth0_macvtap: entered promiscuous mode [ 52.474508][ T5336] veth1_vlan: entered promiscuous mode [ 52.480611][ T44] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.481118][ T5334] veth1_macvtap: entered promiscuous mode [ 52.484005][ T44] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.504045][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.508566][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.513007][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.517457][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.525009][ T5334] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.547108][ T5336] veth0_macvtap: entered promiscuous mode [ 52.555949][ T5336] veth1_macvtap: entered promiscuous mode [ 52.563203][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.567625][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.573959][ T5334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.578502][ T5334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.584475][ T5334] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.615915][ T5334] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.621294][ T5334] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.625245][ T5334] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.630023][ T5334] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.651097][ T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.654408][ T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.698691][ T5336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.703567][ T5336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.707838][ T5336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.713013][ T5336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.716802][ T5336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.721613][ T5336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.727894][ T5336] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.746022][ T5336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.750761][ T5400] 9pnet: p9_errstr2errno: server reported unknown error @í΂ÿÿÿÿÿÿÿÿ [ 52.755741][ T5336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.760660][ T5336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.765868][ T5336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.770700][ T5336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.775301][ T5336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.782775][ T5336] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.798432][ T1109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.803431][ T5336] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.804763][ T1109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.806963][ T5336] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.813500][ T5336] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.816623][ T5336] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.898839][ T44] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.903847][ T44] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.933191][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 52.936668][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 52.941261][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 52.975337][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.980721][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.001734][ T5406] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 53.022057][ T5406] evm: overlay not supported [ 53.035698][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 53.040477][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.043973][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.069989][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.077156][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.081914][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.099446][ T5376] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 53.103967][ T5349] Bluetooth: hci0: command tx timeout [ 53.115382][ T5406] syz.3.4 uses obsolete (PF_INET,SOCK_PACKET) [ 53.123419][ T5406] syzkaller1: entered allmulticast mode [ 53.169377][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.173079][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.179975][ T5345] Bluetooth: hci2: command tx timeout [ 53.180016][ T66] Bluetooth: hci1: command tx timeout [ 53.189459][ T66] Bluetooth: hci3: command tx timeout [ 53.229953][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.249290][ T5409] nbd3: detected capacity change from 0 to 12 [ 53.257018][ T5343] block nbd3: Send control failed (result -89) [ 53.262316][ T5343] block nbd3: Request send failed, requeueing [ 53.268439][ T5349] block nbd3: Receive control failed (result -32) [ 53.274406][ T122] block nbd3: Dead connection, failed to find a fallback [ 53.277622][ T122] block nbd3: shutting down sockets [ 53.280318][ T122] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.284747][ T122] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.286861][ T5376] usb 7-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 53.289527][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.292787][ T5376] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 53.296141][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.301962][ T5376] usb 7-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 53.310026][ T5376] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 53.313952][ T5376] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.314149][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.319311][ T5413] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1'. [ 53.332706][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.344939][ T39] kauditd_printk_skb: 31 callbacks suppressed [ 53.344951][ T39] audit: type=1400 audit(1723141520.240:146): avc: denied { create } for pid=5407 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 53.348512][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.362425][ T5413] hub 9-0:1.0: USB hub found [ 53.365287][ T5413] hub 9-0:1.0: 1 port detected [ 53.390160][ T5376] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 53.396971][ T5376] usb 7-1: invalid MIDI out EP 0 [ 53.399492][ T5414] 9pnet: p9_errstr2errno: server reported unknown error Çi6rµŠÞH [ 53.405275][ T39] audit: type=1400 audit(1723141520.260:147): avc: denied { map_create } for pid=5407 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 53.416116][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.424968][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.429136][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.434340][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.438521][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.444609][ T39] audit: type=1400 audit(1723141520.380:148): avc: denied { map_read map_write } for pid=5410 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 53.450256][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.457917][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.462703][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.466745][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.470662][ T5343] ldm_validate_partition_table(): Disk read failed. [ 53.470731][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.478371][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.483956][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.486386][ T39] audit: type=1400 audit(1723141520.410:149): avc: denied { create } for pid=5410 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 53.488646][ T5343] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 53.499360][ T5343] Buffer I/O error on dev nbd3, logical block 0, async page read [ 53.502583][ T5343] Dev nbd3: unable to read RDB block 0 [ 53.504805][ T5343] nbd3: unable to read partition table [ 53.507031][ T5376] snd-usb-audio 7-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 53.512118][ T39] audit: type=1400 audit(1723141520.430:150): avc: denied { read } for pid=5410 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 53.525329][ T5343] nbd3: partition table beyond EOD, truncated [ 53.529501][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.537994][ T5343] ldm_validate_partition_table(): Disk read failed. [ 53.543127][ T5343] Dev nbd3: unable to read RDB block 0 [ 53.549925][ T5343] nbd3: unable to read partition table [ 53.556354][ T5343] nbd3: partition table beyond EOD, truncated [ 53.566821][ T5414] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2'. [ 53.608574][ T39] audit: type=1400 audit(1723141520.530:151): avc: denied { map } for pid=5398 comm="syz.2.3" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=6645 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 53.645529][ T39] audit: type=1400 audit(1723141520.540:153): avc: denied { unmount } for pid=5333 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 53.673973][ T39] audit: type=1400 audit(1723141520.530:152): avc: denied { read write } for pid=5398 comm="syz.2.3" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=6645 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 53.676142][ T5418] udevd[5418]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 54.009242][ T39] audit: type=1400 audit(1723141520.930:154): avc: denied { ioctl } for pid=5425 comm="syz.3.7" path="socket:[6660]" dev="sockfs" ino=6660 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 54.046320][ T39] audit: type=1400 audit(1723141520.940:155): avc: denied { read } for pid=5425 comm="syz.3.7" name="ppp" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 54.338827][ T5432] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8'. [ 54.415269][ T5434] batadv0: mtu less than device minimum [ 54.426426][ T5434] syz.0.9: attempt to access beyond end of device [ 54.426426][ T5434] nbd0: rw=0, sector=16, nr_sectors = 1 limit=0 [ 54.447543][ T5434] qnx6: unable to read the first superblock [ 54.451825][ T5434] syz.0.9: attempt to access beyond end of device [ 54.451825][ T5434] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 54.452072][ T5437] netlink: 132 bytes leftover after parsing attributes in process `syz.1.10'. [ 54.456198][ T5434] qnx6: unable to read the first superblock [ 54.469605][ T5434] qnx6: unable to read the first superblock [ 54.498617][ T5437] hub 9-0:1.0: USB hub found [ 54.503280][ T5437] hub 9-0:1.0: 1 port detected [ 55.179174][ T5349] Bluetooth: hci0: command tx timeout [ 55.259401][ T5349] Bluetooth: hci2: command tx timeout [ 55.269236][ T5349] Bluetooth: hci3: command tx timeout [ 55.269926][ T66] Bluetooth: hci1: command tx timeout [ 55.308919][ T5446] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 55.415606][ T5446] syzkaller1: entered allmulticast mode [ 55.549298][ T5450] nbd1: detected capacity change from 0 to 12 [ 55.555670][ T5343] block nbd1: Send control failed (result -89) [ 55.558663][ T5343] block nbd1: Request send failed, requeueing [ 55.563640][ T66] block nbd1: Receive control failed (result -32) [ 55.563769][ T70] block nbd1: Dead connection, failed to find a fallback [ 55.571032][ T70] block nbd1: shutting down sockets [ 55.574257][ T5343] ldm_validate_partition_table(): Disk read failed. [ 55.581426][ T5343] Dev nbd1: unable to read RDB block 0 [ 55.585568][ T5343] nbd1: unable to read partition table [ 55.588895][ T5343] nbd1: partition table beyond EOD, truncated [ 55.621688][ T5343] ldm_validate_partition_table(): Disk read failed. [ 55.625590][ T5343] Dev nbd1: unable to read RDB block 0 [ 55.627687][ T5343] nbd1: unable to read partition table [ 55.632693][ T10] usb 7-1: USB disconnect, device number 2 [ 55.637581][ T5343] nbd1: partition table beyond EOD, truncated [ 55.729962][ T5452] Cannot find add_set index 0 as target [ 55.881280][ T5465] netlink: 132 bytes leftover after parsing attributes in process `syz.1.19'. [ 55.897499][ T5465] hub 9-0:1.0: USB hub found [ 55.900627][ T5465] hub 9-0:1.0: 1 port detected [ 56.158934][ T5477] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 56.194519][ T5474] batadv0: mtu less than device minimum [ 56.212891][ T5479] overlayfs: failed to resolve './file1': -2 [ 56.220604][ T5481] syz.2.25[5481] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.220786][ T5481] syz.2.25[5481] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.241172][ T5481] netlink: 4 bytes leftover after parsing attributes in process `syz.2.25'. [ 56.270178][ T5483] FAULT_INJECTION: forcing a failure. [ 56.270178][ T5483] name failslab, interval 1, probability 0, space 0, times 0 [ 56.275159][ T5483] CPU: 3 UID: 0 PID: 5483 Comm: syz.0.26 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 56.279406][ T5483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.283284][ T5483] Call Trace: [ 56.284685][ T5483] [ 56.285921][ T5483] dump_stack_lvl+0x16c/0x1f0 [ 56.287904][ T5483] should_fail_ex+0x497/0x5b0 [ 56.289829][ T5483] ? fs_reclaim_acquire+0xae/0x160 [ 56.291975][ T5483] should_failslab+0xc2/0x120 [ 56.293954][ T5483] __kmalloc_cache_noprof+0x6b/0x300 [ 56.295816][ T5483] ? __mutex_unlock_slowpath+0x164/0x650 [ 56.297646][ T5483] ? led_tg_check+0x1c1/0x4a0 [ 56.299220][ T5483] led_tg_check+0x1c1/0x4a0 [ 56.300991][ T5483] ? __pfx_led_tg_check+0x10/0x10 [ 56.302973][ T5483] xt_check_target+0x272/0xa30 [ 56.304625][ T5483] ? __pfx_xt_check_target+0x10/0x10 [ 56.306655][ T5483] ? xt_find_target+0x1ee/0x290 [ 56.308372][ T5483] ? xt_find_target+0x1ee/0x290 [ 56.310050][ T5483] find_check_entry.constprop.0+0x82f/0xa20 [ 56.312043][ T5483] ? __pfx_find_check_entry.constprop.0+0x10/0x10 [ 56.314263][ T5483] ? lockdep_hardirqs_on+0x7c/0x110 [ 56.315978][ T5483] ? kvfree+0x47/0x50 [ 56.317325][ T5483] translate_table+0xd06/0x17b0 [ 56.319128][ T5483] ? __pfx_translate_table+0x10/0x10 [ 56.321300][ T5483] do_ip6t_set_ctl+0x605/0xc40 [ 56.323322][ T5483] ? trace_contention_end+0xea/0x140 [ 56.325426][ T5483] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 56.327662][ T5483] ? __pfx___mutex_lock+0x10/0x10 [ 56.329795][ T5483] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 56.332399][ T5483] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 56.334885][ T5483] nf_setsockopt+0x8a/0xf0 [ 56.336774][ T5483] ipv6_setsockopt+0x133/0x1a0 [ 56.338759][ T5483] udpv6_setsockopt+0x7d/0xd0 [ 56.340747][ T5483] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 56.343144][ T5483] do_sock_setsockopt+0x222/0x480 [ 56.345223][ T5483] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 56.347575][ T5483] ? __fget_light+0x173/0x210 [ 56.349599][ T5483] __sys_setsockopt+0x1a4/0x270 [ 56.351700][ T5483] ? __pfx___sys_setsockopt+0x10/0x10 [ 56.353991][ T5483] ? fput+0x32/0x390 [ 56.355665][ T5483] ? ksys_write+0x1ab/0x260 [ 56.357417][ T5483] ? __pfx_ksys_write+0x10/0x10 [ 56.359471][ T5483] __x64_sys_setsockopt+0xbd/0x160 [ 56.361636][ T5483] ? do_syscall_64+0x91/0x250 [ 56.363618][ T5483] ? lockdep_hardirqs_on+0x7c/0x110 [ 56.365804][ T5483] do_syscall_64+0xcd/0x250 [ 56.367585][ T5483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.370037][ T5483] RIP: 0033:0x7fb774f779f9 [ 56.371994][ T5483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.379792][ T5483] RSP: 002b:00007fb775c6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 56.383293][ T5483] RAX: ffffffffffffffda RBX: 00007fb775105f80 RCX: 00007fb774f779f9 [ 56.386255][ T5483] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000004 [ 56.389301][ T5483] RBP: 00007fb775c6c090 R08: 0000000000000590 R09: 0000000000000000 [ 56.392594][ T5483] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002 [ 56.395870][ T5483] R13: 0000000000000000 R14: 00007fb775105f80 R15: 00007fffbe0eaf48 [ 56.399183][ T5483] [ 56.446576][ T5488] Cannot find add_set index 0 as target [ 56.497694][ T5490] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 56.571033][ T5490] syzkaller1: entered allmulticast mode [ 56.669121][ T5493] nbd0: detected capacity change from 0 to 12 [ 56.672578][ T5493] block nbd0: Send control failed (result -89) [ 56.674939][ T5493] block nbd0: Request send failed, requeueing [ 56.677229][ T51] block nbd0: Dead connection, failed to find a fallback [ 56.677492][ T66] block nbd0: Receive control failed (result -32) [ 56.679890][ T51] block nbd0: shutting down sockets [ 56.680383][ T5493] ldm_validate_partition_table(): Disk read failed. [ 56.688760][ T5493] Dev nbd0: unable to read RDB block 0 [ 56.691596][ T5493] nbd0: unable to read partition table [ 56.694553][ T5493] nbd0: partition table beyond EOD, truncated [ 56.701795][ T5418] ldm_validate_partition_table(): Disk read failed. [ 56.704976][ T5418] Dev nbd0: unable to read RDB block 0 [ 56.708224][ T5418] nbd0: unable to read partition table [ 56.713163][ T5418] nbd0: partition table beyond EOD, truncated [ 56.720445][ T5418] ldm_validate_partition_table(): Disk read failed. [ 56.723965][ T5418] Dev nbd0: unable to read RDB block 0 [ 56.727050][ T5418] nbd0: unable to read partition table [ 56.730603][ T5418] nbd0: partition table beyond EOD, truncated [ 56.849334][ T5499] program syz.3.32 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 57.005905][ T5506] futex_wake_op: syz.3.33 tries to shift op by -1; fix this program [ 57.211325][ T5509] overlayfs: failed to resolve './file1': -2 [ 57.260223][ T66] Bluetooth: hci0: command tx timeout [ 57.350613][ T66] Bluetooth: hci3: command tx timeout [ 57.353689][ T66] Bluetooth: hci1: command tx timeout [ 57.356234][ T66] Bluetooth: hci2: command tx timeout [ 57.458784][ T5515] FAULT_INJECTION: forcing a failure. [ 57.458784][ T5515] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 57.464628][ T5515] CPU: 0 UID: 0 PID: 5515 Comm: syz.3.36 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 57.469216][ T5515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.473925][ T5515] Call Trace: [ 57.475470][ T5515] [ 57.476792][ T5515] dump_stack_lvl+0x16c/0x1f0 [ 57.478963][ T5515] should_fail_ex+0x497/0x5b0 [ 57.481076][ T5515] _copy_from_iter+0x2a1/0x1150 [ 57.483256][ T5515] ? __alloc_skb+0x1fe/0x380 [ 57.485327][ T5515] ? __pfx__copy_from_iter+0x10/0x10 [ 57.487721][ T5515] ? __virt_addr_valid+0x5e/0x590 [ 57.489966][ T5515] ? __phys_addr_symbol+0x30/0x80 [ 57.492195][ T5515] ? __check_object_size+0x497/0x720 [ 57.494548][ T5515] netlink_sendmsg+0x813/0xd70 [ 57.496672][ T5515] ? __pfx_netlink_sendmsg+0x10/0x10 [ 57.498961][ T5515] ? __import_iovec+0x1fd/0x6e0 [ 57.501059][ T5515] ____sys_sendmsg+0xab5/0xc90 [ 57.503137][ T5515] ? copy_msghdr_from_user+0x10b/0x160 [ 57.505631][ T5515] ? __pfx_____sys_sendmsg+0x10/0x10 [ 57.507992][ T5515] ? find_held_lock+0x2d/0x110 [ 57.510134][ T5515] ? __pfx___lock_acquire+0x10/0x10 [ 57.511977][ T5515] ___sys_sendmsg+0x135/0x1e0 [ 57.513695][ T5515] ? __pfx____sys_sendmsg+0x10/0x10 [ 57.515677][ T5515] ? ksys_write+0x21c/0x260 [ 57.517219][ T5515] ? __fget_light+0x173/0x210 [ 57.518851][ T5515] __sys_sendmsg+0x117/0x1f0 [ 57.520629][ T5515] ? __pfx___sys_sendmsg+0x10/0x10 [ 57.522424][ T5515] do_syscall_64+0xcd/0x250 [ 57.524238][ T5515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.526459][ T5515] RIP: 0033:0x7f03d39779f9 [ 57.527985][ T5515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.534770][ T5515] RSP: 002b:00007f03d47c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 57.537558][ T5515] RAX: ffffffffffffffda RBX: 00007f03d3b05f80 RCX: 00007f03d39779f9 [ 57.539928][ T5515] RDX: 0000000000004040 RSI: 0000000020000180 RDI: 0000000000000003 [ 57.543047][ T5515] RBP: 00007f03d47c7090 R08: 0000000000000000 R09: 0000000000000000 [ 57.546377][ T5515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.549896][ T5515] R13: 0000000000000000 R14: 00007f03d3b05f80 R15: 00007ffea41d4918 [ 57.553337][ T5515] [ 57.554929][ C0] vkms_vblank_simulate: vblank timer overrun [ 57.717771][ T5522] netlink: 132 bytes leftover after parsing attributes in process `syz.3.38'. [ 57.743524][ T5522] hub 9-0:1.0: USB hub found [ 57.745565][ T5522] hub 9-0:1.0: 1 port detected [ 58.243250][ T5526] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 58.364450][ T5526] syzkaller1: entered allmulticast mode [ 58.381233][ T39] kauditd_printk_skb: 80 callbacks suppressed [ 58.381247][ T39] audit: type=1400 audit(1723141525.310:236): avc: denied { name_bind } for pid=5528 comm="syz.1.40" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 58.447257][ T39] audit: type=1400 audit(1723141525.370:237): avc: denied { append } for pid=5528 comm="syz.1.40" name="card1" dev="devtmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 58.477769][ T39] audit: type=1400 audit(1723141525.400:238): avc: denied { create } for pid=5528 comm="syz.1.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 58.480397][ T5527] nbd3: detected capacity change from 0 to 12 [ 58.488147][ T39] audit: type=1400 audit(1723141525.400:239): avc: denied { write } for pid=5528 comm="syz.1.40" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 58.491085][ T5532] block nbd3: Send control failed (result -89) [ 58.499436][ T5532] block nbd3: Request send failed, requeueing [ 58.502664][ T5349] block nbd3: Receive control failed (result -32) [ 58.502842][ T122] block nbd3: Dead connection, failed to find a fallback [ 58.508701][ T122] block nbd3: shutting down sockets [ 58.511052][ T122] blk_print_req_error: 110 callbacks suppressed [ 58.511063][ T122] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.517352][ T122] buffer_io_error: 110 callbacks suppressed [ 58.517361][ T122] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.523944][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.527296][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.530380][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.534295][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.537657][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.542077][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.545462][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.551553][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.555278][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.559447][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.562955][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.568179][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.571790][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.575843][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.579393][ T5532] ldm_validate_partition_table(): Disk read failed. [ 58.582320][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.585854][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.589284][ T5532] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.593250][ T5532] Buffer I/O error on dev nbd3, logical block 0, async page read [ 58.596868][ T5532] Dev nbd3: unable to read RDB block 0 [ 58.599599][ T5532] nbd3: unable to read partition table [ 58.602315][ T5532] nbd3: partition table beyond EOD, truncated [ 58.605960][ T5343] ldm_validate_partition_table(): Disk read failed. [ 58.608560][ T5343] Dev nbd3: unable to read RDB block 0 [ 58.612629][ T5343] nbd3: unable to read partition table [ 58.615298][ T5343] nbd3: partition table beyond EOD, truncated [ 58.621525][ T5343] ldm_validate_partition_table(): Disk read failed. [ 58.624645][ T5343] Dev nbd3: unable to read RDB block 0 [ 58.627297][ T5343] nbd3: unable to read partition table [ 58.630096][ T5343] nbd3: partition table beyond EOD, truncated [ 58.873035][ T5538] netlink: 4 bytes leftover after parsing attributes in process `syz.3.42'. [ 58.877719][ T5538] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 58.881428][ T5538] IPv6: NLM_F_CREATE should be set when creating new route [ 58.888306][ T39] audit: type=1400 audit(1723141525.820:240): avc: denied { bind } for pid=5537 comm="syz.3.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 58.888841][ T5538] netlink: 4 bytes leftover after parsing attributes in process `syz.3.42'. [ 58.896247][ T39] audit: type=1400 audit(1723141525.820:241): avc: denied { listen } for pid=5537 comm="syz.3.42" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 58.916959][ T5540] overlayfs: failed to resolve './file1': -2 [ 58.946652][ T5542] vivid-006: disconnect [ 58.952672][ T5541] vivid-006: reconnect [ 59.075425][ T39] audit: type=1400 audit(1723141526.000:242): avc: denied { create } for pid=5547 comm="syz.3.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 59.082390][ T39] audit: type=1400 audit(1723141526.000:243): avc: denied { connect } for pid=5547 comm="syz.3.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 59.093556][ T39] audit: type=1400 audit(1723141526.010:244): avc: denied { write } for pid=5547 comm="syz.3.47" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 59.138872][ T39] audit: type=1400 audit(1723141526.060:245): avc: denied { create } for pid=5550 comm="syz.2.48" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 59.531309][ T5560] fuse: Unknown parameter 'group_id500000000000000000000' [ 59.693484][ T5562] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 59.953371][ T5564] nbd0: detected capacity change from 0 to 12 [ 59.961363][ T5343] block nbd0: Send control failed (result -89) [ 59.969598][ T5343] block nbd0: Request send failed, requeueing [ 59.972516][ T5349] block nbd0: Receive control failed (result -32) [ 59.972551][ T70] block nbd0: Dead connection, failed to find a fallback [ 59.979563][ T70] block nbd0: shutting down sockets [ 60.049750][ T5343] ldm_validate_partition_table(): Disk read failed. [ 60.052408][ T5343] Dev nbd0: unable to read RDB block 0 [ 60.054525][ T5343] nbd0: unable to read partition table [ 60.056832][ T5343] nbd0: partition table beyond EOD, truncated [ 60.065341][ T5343] ldm_validate_partition_table(): Disk read failed. [ 60.068571][ T5343] Dev nbd0: unable to read RDB block 0 [ 60.071287][ T5343] nbd0: unable to read partition table [ 60.073483][ T5343] nbd0: partition table beyond EOD, truncated [ 60.123876][ T5569] netlink: 8 bytes leftover after parsing attributes in process `syz.2.53'. [ 60.474678][ T5582] netlink: 20 bytes leftover after parsing attributes in process `syz.3.58'. [ 60.652720][ T5588] kvm: emulating exchange as write [ 60.713006][ T5593] batadv0: mtu less than device minimum [ 60.836885][ T5598] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 61.009260][ T5599] nbd3: detected capacity change from 0 to 12 [ 61.012459][ T5343] block nbd3: Send control failed (result -89) [ 61.014713][ T5343] block nbd3: Request send failed, requeueing [ 61.017459][ T122] block nbd3: Dead connection, failed to find a fallback [ 61.017551][ T5349] block nbd3: Receive control failed (result -32) [ 61.020512][ T122] block nbd3: shutting down sockets [ 61.026061][ T5343] ldm_validate_partition_table(): Disk read failed. [ 61.029524][ T5343] Dev nbd3: unable to read RDB block 0 [ 61.032191][ T5343] nbd3: unable to read partition table [ 61.034848][ T5343] nbd3: partition table beyond EOD, truncated [ 61.041608][ T5599] ldm_validate_partition_table(): Disk read failed. [ 61.044499][ T5599] Dev nbd3: unable to read RDB block 0 [ 61.047041][ T5599] nbd3: unable to read partition table [ 61.049725][ T5599] nbd3: partition table beyond EOD, truncated [ 61.053328][ T5343] ldm_validate_partition_table(): Disk read failed. [ 61.057262][ T5343] Dev nbd3: unable to read RDB block 0 [ 61.062854][ T5343] nbd3: unable to read partition table [ 61.065298][ T5343] nbd3: partition table beyond EOD, truncated [ 61.342442][ T5607] syz.3.65: attempt to access beyond end of device [ 61.342442][ T5607] loop3: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 61.676112][ T5621] FAULT_INJECTION: forcing a failure. [ 61.676112][ T5621] name failslab, interval 1, probability 0, space 0, times 0 [ 61.683140][ T5621] CPU: 1 UID: 0 PID: 5621 Comm: syz.2.69 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 61.687807][ T5621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.692711][ T5621] Call Trace: [ 61.694210][ T5621] [ 61.695518][ T5621] dump_stack_lvl+0x16c/0x1f0 [ 61.697682][ T5621] should_fail_ex+0x497/0x5b0 [ 61.699830][ T5621] should_failslab+0xc2/0x120 [ 61.701979][ T5621] __kmalloc_node_track_caller_noprof+0xcf/0x430 [ 61.704359][ T5621] ? nf_ct_ext_add+0x1a7/0x420 [ 61.706482][ T5621] krealloc_noprof+0x5d/0x100 [ 61.708714][ T5621] nf_ct_ext_add+0x1a7/0x420 [ 61.710586][ T5621] init_conntrack.constprop.0+0x5af/0x1080 [ 61.712922][ T5621] ? __pfx_init_conntrack.constprop.0+0x10/0x10 [ 61.715503][ T5621] ? __pfx_hash_conntrack_raw+0x10/0x10 [ 61.717890][ T5621] ? __local_bh_enable_ip+0xa4/0x120 [ 61.720255][ T5621] nf_conntrack_in+0xa50/0x1860 [ 61.722480][ T5621] ? __pfx_nf_conntrack_in+0x10/0x10 [ 61.724851][ T5621] ? __pfx_ipt_do_table+0x10/0x10 [ 61.727170][ T5621] ? __pfx_ipv4_conntrack_local+0x10/0x10 [ 61.729829][ T5621] ipv4_conntrack_local+0x160/0x260 [ 61.732178][ T5621] nf_hook_slow+0xbb/0x200 [ 61.734237][ T5621] nf_hook+0x386/0x6d0 [ 61.736096][ T5621] ? __pfx_dst_output+0x10/0x10 [ 61.738317][ T5621] ? __pfx_nf_hook+0x10/0x10 [ 61.740310][ T5621] ? __pfx_dst_output+0x10/0x10 [ 61.742474][ T5621] ? do_csum+0x280/0x2e0 [ 61.744352][ T5621] __ip_local_out+0x33b/0x640 [ 61.746224][ T5621] ? __pfx_dst_output+0x10/0x10 [ 61.748459][ T5621] ip_local_out+0x2a/0x4a0 [ 61.750293][ T5621] __ip_queue_xmit+0x747/0x1940 [ 61.752026][ T5621] l2tp_ip_sendmsg+0x57c/0x14e0 [ 61.753895][ T5621] ? __pfx_l2tp_ip_sendmsg+0x10/0x10 [ 61.755902][ T5621] inet_sendmsg+0x119/0x140 [ 61.757706][ T5621] __sys_sendto+0x42c/0x4e0 [ 61.759634][ T5621] ? __pfx___sys_sendto+0x10/0x10 [ 61.761882][ T5621] ? ksys_write+0x1ab/0x260 [ 61.763952][ T5621] ? __pfx_ksys_write+0x10/0x10 [ 61.766228][ T5621] __x64_sys_sendto+0xe0/0x1c0 [ 61.768510][ T5621] ? do_syscall_64+0x91/0x250 [ 61.770732][ T5621] ? lockdep_hardirqs_on+0x7c/0x110 [ 61.772985][ T5621] do_syscall_64+0xcd/0x250 [ 61.775039][ T5621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.777711][ T5621] RIP: 0033:0x7f61353779f9 [ 61.779724][ T5621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.787451][ T5621] RSP: 002b:00007f61360ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 61.790569][ T5621] RAX: ffffffffffffffda RBX: 00007f6135506058 RCX: 00007f61353779f9 [ 61.794127][ T5621] RDX: 000000000000000c RSI: 0000000020000040 RDI: 0000000000000005 [ 61.797597][ T5621] RBP: 00007f61360ff090 R08: 0000000020000080 R09: 0000000000000010 [ 61.801037][ T5621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.804523][ T5621] R13: 0000000000000000 R14: 00007f6135506058 R15: 00007fff0855f988 [ 61.807602][ T5621] [ 61.959146][ T5627] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 62.171142][ T5638] nbd1: detected capacity change from 0 to 12 [ 62.179728][ T5343] block nbd1: Send control failed (result -89) [ 62.185591][ T5343] block nbd1: Request send failed, requeueing [ 62.193358][ T5349] block nbd1: Receive control failed (result -32) [ 62.193428][ T122] block nbd1: Dead connection, failed to find a fallback [ 62.202328][ T122] block nbd1: shutting down sockets [ 62.205646][ T5343] ldm_validate_partition_table(): Disk read failed. [ 62.209819][ T5343] Dev nbd1: unable to read RDB block 0 [ 62.212751][ T5343] nbd1: unable to read partition table [ 62.216587][ T5343] nbd1: partition table beyond EOD, truncated [ 62.221987][ T5638] ldm_validate_partition_table(): Disk read failed. [ 62.232255][ T5638] Dev nbd1: unable to read RDB block 0 [ 62.240669][ T5638] nbd1: unable to read partition table [ 62.243905][ T5638] nbd1: partition table beyond EOD, truncated [ 62.255157][ T5343] ldm_validate_partition_table(): Disk read failed. [ 62.258082][ T5343] Dev nbd1: unable to read RDB block 0 [ 62.261626][ T5343] nbd1: unable to read partition table [ 62.264227][ T5343] nbd1: partition table beyond EOD, truncated [ 62.313902][ T5654] FAULT_INJECTION: forcing a failure. [ 62.313902][ T5654] name failslab, interval 1, probability 0, space 0, times 0 [ 62.319882][ T5654] CPU: 2 UID: 0 PID: 5654 Comm: syz.0.77 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 62.323971][ T5654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.328102][ T5654] Call Trace: [ 62.329591][ T5654] [ 62.330823][ T5654] dump_stack_lvl+0x16c/0x1f0 [ 62.332820][ T5654] should_fail_ex+0x497/0x5b0 [ 62.334846][ T5654] ? fs_reclaim_acquire+0xae/0x160 [ 62.336889][ T5654] should_failslab+0xc2/0x120 [ 62.338944][ T5654] __kmalloc_noprof+0xcb/0x400 [ 62.340797][ T5654] ? __pfx_lock_acquire+0x10/0x10 [ 62.342941][ T5654] tomoyo_realpath_from_path+0xb9/0x720 [ 62.345294][ T5654] ? tomoyo_profile+0x47/0x60 [ 62.347365][ T5654] tomoyo_path_number_perm+0x245/0x590 [ 62.349563][ T5654] ? tomoyo_path_number_perm+0x232/0x590 [ 62.351804][ T5654] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 62.353808][ T5654] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 62.355896][ T5654] ? __fget_files+0x256/0x400 [ 62.357450][ T5654] security_file_ioctl+0x75/0xc0 [ 62.359205][ T5654] __x64_sys_ioctl+0xbb/0x220 [ 62.360829][ T5654] do_syscall_64+0xcd/0x250 [ 62.362556][ T5654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.364602][ T5654] RIP: 0033:0x7fb774f779f9 [ 62.366136][ T5654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.373859][ T5654] RSP: 002b:00007fb775c6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.377535][ T5654] RAX: ffffffffffffffda RBX: 00007fb775105f80 RCX: 00007fb774f779f9 [ 62.379283][ T5651] syz.2.75: attempt to access beyond end of device [ 62.379283][ T5651] nbd2: rw=0, sector=16, nr_sectors = 1 limit=0 [ 62.380989][ T5654] RDX: 0000000020000180 RSI: 0000000040045701 RDI: 0000000000000008 [ 62.387606][ T5651] qnx6: unable to read the first superblock [ 62.389371][ T5654] RBP: 00007fb775c6c090 R08: 0000000000000000 R09: 0000000000000000 [ 62.389405][ T5654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 62.389416][ T5654] R13: 0000000000000000 R14: 00007fb775105f80 R15: 00007fffbe0eaf48 [ 62.389431][ T5654] [ 62.390866][ T5654] ERROR: Out of memory at tomoyo_realpath_from_path. [ 62.392251][ T5651] syz.2.75: attempt to access beyond end of device [ 62.392251][ T5651] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 62.412894][ T5651] qnx6: unable to read the first superblock [ 62.415617][ T5651] qnx6: unable to read the first superblock [ 62.449519][ T5659] fuse: Unknown parameter 'ÿÿ0xffffffffffffffff' [ 62.770391][ T5678] overlayfs: failed to resolve './file0': -2 [ 62.835761][ T5680] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 62.979159][ T5687] nbd0: detected capacity change from 0 to 12 [ 62.984442][ T5343] block nbd0: Send control failed (result -89) [ 62.987191][ T5343] block nbd0: Request send failed, requeueing [ 62.990296][ T5349] block nbd0: Receive control failed (result -32) [ 62.994064][ T51] block nbd0: Dead connection, failed to find a fallback [ 62.998060][ T51] block nbd0: shutting down sockets [ 63.001064][ T5343] ldm_validate_partition_table(): Disk read failed. [ 63.004063][ T5343] Dev nbd0: unable to read RDB block 0 [ 63.006572][ T5343] nbd0: unable to read partition table [ 63.009565][ T5343] nbd0: partition table beyond EOD, truncated [ 63.017400][ T5687] ldm_validate_partition_table(): Disk read failed. [ 63.020889][ T5687] Dev nbd0: unable to read RDB block 0 [ 63.023731][ T5687] nbd0: unable to read partition table [ 63.025756][ T5687] nbd0: partition table beyond EOD, truncated [ 63.041328][ T5343] ldm_validate_partition_table(): Disk read failed. [ 63.045083][ T5343] Dev nbd0: unable to read RDB block 0 [ 63.047236][ T5343] nbd0: unable to read partition table [ 63.051512][ T5343] nbd0: partition table beyond EOD, truncated [ 63.272590][ T5698] 9pnet_fd: Insufficient options for proto=fd [ 63.513945][ T5710] overlayfs: failed to resolve './file0': -2 [ 63.543312][ T39] kauditd_printk_skb: 25 callbacks suppressed [ 63.543321][ T39] audit: type=1400 audit(1723141530.470:271): avc: denied { create } for pid=5711 comm="syz.0.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 63.553889][ T39] audit: type=1400 audit(1723141530.480:272): avc: denied { setopt } for pid=5711 comm="syz.0.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 63.576486][ T39] audit: type=1400 audit(1723141530.500:273): avc: denied { ioctl } for pid=5711 comm="syz.0.96" path="socket:[9149]" dev="sockfs" ino=9149 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 63.587257][ T39] audit: type=1400 audit(1723141530.500:274): avc: denied { bind } for pid=5711 comm="syz.0.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 63.595120][ T39] audit: type=1400 audit(1723141530.510:275): avc: denied { write } for pid=5711 comm="syz.0.96" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 63.631620][ T5716] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 63.800150][ T5719] nbd0: detected capacity change from 0 to 12 [ 63.803469][ T5343] block nbd0: Send control failed (result -89) [ 63.805862][ T5343] block nbd0: Request send failed, requeueing [ 63.808634][ T5349] block nbd0: Receive control failed (result -32) [ 63.808691][ T70] block nbd0: Dead connection, failed to find a fallback [ 63.813293][ T70] block nbd0: shutting down sockets [ 63.815090][ T70] blk_print_req_error: 225 callbacks suppressed [ 63.815097][ T70] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.820704][ T70] buffer_io_error: 225 callbacks suppressed [ 63.820712][ T70] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.827634][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.831328][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.834374][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.837552][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.842601][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.846017][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.850094][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.857250][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.867701][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.871398][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.874296][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.877427][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.880391][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.883524][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.886861][ T5343] ldm_validate_partition_table(): Disk read failed. [ 63.889464][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.893548][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.896357][ T5343] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 63.901255][ T5343] Buffer I/O error on dev nbd0, logical block 0, async page read [ 63.904735][ T5343] Dev nbd0: unable to read RDB block 0 [ 63.907157][ T5343] nbd0: unable to read partition table [ 63.909345][ T5343] nbd0: partition table beyond EOD, truncated [ 63.918884][ T5343] ldm_validate_partition_table(): Disk read failed. [ 63.925890][ T5343] Dev nbd0: unable to read RDB block 0 [ 63.931789][ T5343] nbd0: unable to read partition table [ 63.935909][ T5727] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 63.936119][ T5343] nbd0: partition table beyond EOD, truncated [ 63.947655][ T5727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.100'. [ 63.956605][ T39] audit: type=1400 audit(1723141530.880:276): avc: denied { ioctl } for pid=5726 comm="syz.3.100" path="socket:[7094]" dev="sockfs" ino=7094 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 64.020758][ T5732] FAULT_INJECTION: forcing a failure. [ 64.020758][ T5732] name failslab, interval 1, probability 0, space 0, times 0 [ 64.026790][ T5732] CPU: 1 UID: 0 PID: 5732 Comm: syz.0.101 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 64.031175][ T5732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.035566][ T5732] Call Trace: [ 64.037035][ T5732] [ 64.038265][ T5732] dump_stack_lvl+0x16c/0x1f0 [ 64.040208][ T5732] should_fail_ex+0x497/0x5b0 [ 64.042807][ T5732] ? fs_reclaim_acquire+0xae/0x160 [ 64.045116][ T5732] should_failslab+0xc2/0x120 [ 64.047136][ T5732] __kmalloc_noprof+0xcb/0x400 [ 64.049244][ T5732] genl_sk_priv_get+0x71/0x230 [ 64.051366][ T5732] devlink_nl_notify_filter_set_doit+0x338/0x620 [ 64.053940][ T5732] genl_family_rcv_msg_doit+0x202/0x2f0 [ 64.056386][ T5732] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 64.059024][ T5732] ? __radix_tree_lookup+0x21f/0x2c0 [ 64.061350][ T5732] genl_rcv_msg+0x565/0x800 [ 64.063381][ T5732] ? __pfx_genl_rcv_msg+0x10/0x10 [ 64.065266][ T5732] ? __pfx___lock_acquire+0x10/0x10 [ 64.067052][ T5732] ? __pfx_devlink_nl_notify_filter_set_doit+0x10/0x10 [ 64.069789][ T5732] netlink_rcv_skb+0x16b/0x440 [ 64.071943][ T5732] ? __pfx_genl_rcv_msg+0x10/0x10 [ 64.073811][ T5732] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 64.075852][ T5732] ? down_read+0xc9/0x330 [ 64.077718][ T5732] ? __pfx_down_read+0x10/0x10 [ 64.079468][ T5732] ? netlink_deliver_tap+0x1ae/0xd90 [ 64.081374][ T5732] genl_rcv+0x28/0x40 [ 64.082741][ T5732] netlink_unicast+0x544/0x830 [ 64.084412][ T5732] ? __pfx_netlink_unicast+0x10/0x10 [ 64.086423][ T5732] netlink_sendmsg+0x8b8/0xd70 [ 64.088329][ T5732] ? __pfx_netlink_sendmsg+0x10/0x10 [ 64.090203][ T5732] ? __import_iovec+0x1fd/0x6e0 [ 64.092079][ T5732] ____sys_sendmsg+0xab5/0xc90 [ 64.093754][ T5732] ? copy_msghdr_from_user+0x10b/0x160 [ 64.095666][ T5732] ? __pfx_____sys_sendmsg+0x10/0x10 [ 64.097576][ T5732] ? find_held_lock+0x2d/0x110 [ 64.099602][ T5732] ? __pfx___lock_acquire+0x10/0x10 [ 64.101823][ T5732] ___sys_sendmsg+0x135/0x1e0 [ 64.103797][ T5732] ? __pfx____sys_sendmsg+0x10/0x10 [ 64.105987][ T5732] ? ksys_write+0x21c/0x260 [ 64.107919][ T5732] ? __fget_light+0x173/0x210 [ 64.109949][ T5732] __sys_sendmsg+0x117/0x1f0 [ 64.111892][ T5732] ? __pfx___sys_sendmsg+0x10/0x10 [ 64.114033][ T5732] do_syscall_64+0xcd/0x250 [ 64.115929][ T5732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.118452][ T5732] RIP: 0033:0x7fb774f779f9 [ 64.120453][ T5732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.128380][ T5732] RSP: 002b:00007fb775c6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 64.131987][ T5732] RAX: ffffffffffffffda RBX: 00007fb775105f80 RCX: 00007fb774f779f9 [ 64.135062][ T5732] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 64.138517][ T5732] RBP: 00007fb775c6c090 R08: 0000000000000000 R09: 0000000000000000 [ 64.141948][ T5732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.145654][ T5732] R13: 0000000000000000 R14: 00007fb775105f80 R15: 00007fffbe0eaf48 [ 64.148554][ T5732] [ 64.239788][ T5738] overlayfs: failed to resolve './file0': -2 [ 64.589766][ T5755] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 64.794488][ T39] audit: type=1400 audit(1723141531.720:277): avc: denied { write } for pid=5752 comm="syz.1.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 64.799199][ T5756] nbd3: detected capacity change from 0 to 12 [ 64.806510][ T5343] block nbd3: Send control failed (result -89) [ 64.811130][ T5343] block nbd3: Request send failed, requeueing [ 64.815303][ T5349] block nbd3: Receive control failed (result -32) [ 64.815328][ T70] block nbd3: Dead connection, failed to find a fallback [ 64.820161][ T70] block nbd3: shutting down sockets [ 64.823208][ T5343] ldm_validate_partition_table(): Disk read failed. [ 64.825737][ T5343] Dev nbd3: unable to read RDB block 0 [ 64.828431][ T5343] nbd3: unable to read partition table [ 64.833183][ T5343] nbd3: partition table beyond EOD, truncated [ 64.845047][ T5343] ldm_validate_partition_table(): Disk read failed. [ 64.848251][ T5343] Dev nbd3: unable to read RDB block 0 [ 64.852460][ T5343] nbd3: unable to read partition table [ 64.855293][ T5343] nbd3: partition table beyond EOD, truncated [ 64.972222][ T39] audit: type=1400 audit(1723141531.900:278): avc: denied { read } for pid=5763 comm="syz.3.113" name="fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 64.984162][ T39] audit: type=1400 audit(1723141531.900:279): avc: denied { open } for pid=5763 comm="syz.3.113" path="/dev/fb0" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 65.068467][ T39] audit: type=1400 audit(1723141531.990:280): avc: denied { read } for pid=5763 comm="syz.3.113" name="hpet" dev="devtmpfs" ino=632 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 65.362874][ T5770] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 65.843141][ T5781] qnx6: unable to set blocksize [ 65.954067][ T5794] netlink: 9412 bytes leftover after parsing attributes in process `syz.1.120'. [ 66.097454][ T5800] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 66.279188][ T5804] nbd1: detected capacity change from 0 to 12 [ 66.283396][ T5804] block nbd1: Send control failed (result -89) [ 66.286054][ T5804] block nbd1: Request send failed, requeueing [ 66.288885][ T5349] block nbd1: Receive control failed (result -32) [ 66.288936][ T122] block nbd1: Dead connection, failed to find a fallback [ 66.294197][ T122] block nbd1: shutting down sockets [ 66.296574][ T5804] ldm_validate_partition_table(): Disk read failed. [ 66.299881][ T5804] Dev nbd1: unable to read RDB block 0 [ 66.302250][ T5804] nbd1: unable to read partition table [ 66.304629][ T5804] nbd1: partition table beyond EOD, truncated [ 66.307936][ T5343] ldm_validate_partition_table(): Disk read failed. [ 66.311012][ T5343] Dev nbd1: unable to read RDB block 0 [ 66.313436][ T5343] nbd1: unable to read partition table [ 66.315586][ T5343] nbd1: partition table beyond EOD, truncated [ 66.320899][ T5343] ldm_validate_partition_table(): Disk read failed. [ 66.324162][ T5343] Dev nbd1: unable to read RDB block 0 [ 66.326869][ T5343] nbd1: unable to read partition table [ 66.330211][ T5343] nbd1: partition table beyond EOD, truncated [ 66.363203][ T5806] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 66.531471][ T5812] FAULT_INJECTION: forcing a failure. [ 66.531471][ T5812] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 66.540711][ T5812] CPU: 3 UID: 0 PID: 5812 Comm: syz.3.126 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 66.545362][ T5812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.550071][ T5812] Call Trace: [ 66.551556][ T5812] [ 66.552861][ T5812] dump_stack_lvl+0x16c/0x1f0 [ 66.554965][ T5812] should_fail_ex+0x497/0x5b0 [ 66.557081][ T5812] _copy_to_user+0x30/0xc0 [ 66.559087][ T5812] simple_read_from_buffer+0xd0/0x160 [ 66.561472][ T5812] proc_fail_nth_read+0x1b0/0x290 [ 66.563716][ T5812] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 66.566152][ T5812] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 66.568596][ T5812] vfs_read+0x1d4/0xbd0 [ 66.570472][ T5812] ? drm_ioctl+0x158/0xc00 [ 66.572470][ T5812] ? __fdget_pos+0xeb/0x180 [ 66.574502][ T5812] ? __pfx_vfs_read+0x10/0x10 [ 66.576575][ T5812] ? __pfx___mutex_lock+0x10/0x10 [ 66.578818][ T5812] ? __fget_files+0x256/0x400 [ 66.580928][ T5812] ksys_read+0x12f/0x260 [ 66.582798][ T5812] ? __pfx_ksys_read+0x10/0x10 [ 66.584931][ T5812] do_syscall_64+0xcd/0x250 [ 66.586986][ T5812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.589606][ T5812] RIP: 0033:0x7f03d397643c [ 66.591587][ T5812] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 66.599732][ T5812] RSP: 002b:00007f03d47c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 66.603321][ T5812] RAX: ffffffffffffffda RBX: 00007f03d3b05f80 RCX: 00007f03d397643c [ 66.606722][ T5812] RDX: 000000000000000f RSI: 00007f03d47c70a0 RDI: 0000000000000004 [ 66.610215][ T5812] RBP: 00007f03d47c7090 R08: 0000000000000000 R09: 0000000000000000 [ 66.613693][ T5812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.616597][ T5812] R13: 0000000000000000 R14: 00007f03d3b05f80 R15: 00007ffea41d4918 [ 66.619230][ T5812] [ 66.731893][ T5827] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 66.788146][ T5828] netdevsim netdevsim0: Direct firmware load for mu failed with error -2 [ 66.792360][ T5828] netdevsim netdevsim0: Falling back to sysfs fallback for: mu [ 66.929369][ T5129] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 66.950388][ T5837] nbd3: detected capacity change from 0 to 12 [ 66.952861][ T5838] block nbd3: Send control failed (result -89) [ 66.955690][ T5838] block nbd3: Request send failed, requeueing [ 66.958653][ T5349] block nbd3: Receive control failed (result -32) [ 66.959592][ T122] block nbd3: Dead connection, failed to find a fallback [ 66.963942][ T122] block nbd3: shutting down sockets [ 66.967294][ T5838] ldm_validate_partition_table(): Disk read failed. [ 66.970645][ T5838] Dev nbd3: unable to read RDB block 0 [ 66.973635][ T5838] nbd3: unable to read partition table [ 66.976210][ T5838] nbd3: partition table beyond EOD, truncated [ 66.984073][ T5343] ldm_validate_partition_table(): Disk read failed. [ 66.987678][ T5343] Dev nbd3: unable to read RDB block 0 [ 66.991185][ T5343] nbd3: unable to read partition table [ 66.994027][ T5343] nbd3: partition table beyond EOD, truncated [ 66.999484][ T5343] ldm_validate_partition_table(): Disk read failed. [ 67.003134][ T5343] Dev nbd3: unable to read RDB block 0 [ 67.006230][ T5343] nbd3: unable to read partition table [ 67.009427][ T5343] nbd3: partition table beyond EOD, truncated [ 67.064815][ T5840] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 67.121693][ T5129] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 67.126755][ T5129] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 67.135853][ T5129] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 67.141772][ T5129] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 67.147748][ T5129] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 67.152197][ T5129] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.157310][ T5129] usb 6-1: config 0 descriptor?? [ 67.160647][ T5819] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 67.305619][ T5843] qnx6: unable to set blocksize [ 67.774901][ T5129] usbhid 6-1:0.0: can't add hid device: -71 [ 67.779240][ T5129] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 67.789646][ T5129] usb 6-1: USB disconnect, device number 2 [ 68.064213][ T5868] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 68.074054][ T5866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 68.092217][ T5870] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 68.289564][ T5877] nbd2: detected capacity change from 0 to 12 [ 68.300017][ T5418] block nbd2: Send control failed (result -89) [ 68.302738][ T5418] block nbd2: Request send failed, requeueing [ 68.305500][ T5349] block nbd2: Receive control failed (result -32) [ 68.305825][ T1130] block nbd2: Dead connection, failed to find a fallback [ 68.311339][ T1130] block nbd2: shutting down sockets [ 68.313928][ T5418] ldm_validate_partition_table(): Disk read failed. [ 68.316475][ T5418] Dev nbd2: unable to read RDB block 0 [ 68.319590][ T5418] nbd2: unable to read partition table [ 68.324702][ T5418] nbd2: partition table beyond EOD, truncated [ 68.329676][ T5418] ldm_validate_partition_table(): Disk read failed. [ 68.332669][ T5418] Dev nbd2: unable to read RDB block 0 [ 68.335058][ T5418] nbd2: unable to read partition table [ 68.335745][ T5884] vivid-000: disconnect [ 68.337557][ T5418] nbd2: partition table beyond EOD, truncated [ 68.341458][ T5883] vivid-000: reconnect [ 68.385272][ T5888] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0001 with DS=0x7 [ 68.445941][ T5891] 9pnet_fd: Insufficient options for proto=fd [ 68.551458][ T5893] qnx6: unable to set blocksize [ 68.600685][ T1081] sr 2:0:0:0: [sr0] tag#10 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 68.604346][ T1081] sr 2:0:0:0: [sr0] tag#10 Sense Key : Illegal Request [current] [ 68.607105][ T1081] sr 2:0:0:0: [sr0] tag#10 Add. Sense: Invalid command operation code [ 68.610621][ T1081] sr 2:0:0:0: [sr0] tag#10 CDB: Write(10) 2a 00 00 00 00 00 00 00 04 00 [ 68.710337][ T5900] netlink: 28 bytes leftover after parsing attributes in process `syz.0.150'. [ 68.800607][ T5908] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 68.957867][ T39] kauditd_printk_skb: 19 callbacks suppressed [ 68.957877][ T39] audit: type=1400 audit(1723141535.880:300): avc: denied { create } for pid=5913 comm="syz.2.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 68.967912][ T39] audit: type=1400 audit(1723141535.890:301): avc: denied { getopt } for pid=5913 comm="syz.2.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 69.002549][ T5916] netlink: 8 bytes leftover after parsing attributes in process `syz.2.155'. [ 69.003073][ T39] audit: type=1400 audit(1723141535.930:302): avc: denied { write } for pid=5915 comm="syz.2.155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 69.010917][ T5916] netlink: 12 bytes leftover after parsing attributes in process `syz.2.155'. [ 69.072775][ T39] audit: type=1400 audit(1723141536.000:303): avc: denied { create } for pid=5915 comm="syz.2.155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 69.081542][ T39] audit: type=1400 audit(1723141536.010:304): avc: denied { connect } for pid=5915 comm="syz.2.155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 69.240490][ T5921] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 69.247599][ T39] audit: type=1400 audit(1723141536.170:305): avc: denied { ioctl } for pid=5922 comm="syz.2.158" path="socket:[10529]" dev="sockfs" ino=10529 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 69.382595][ T39] audit: type=1400 audit(1723141536.310:306): avc: denied { create } for pid=5929 comm="syz.3.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 69.469263][ T5931] nbd1: detected capacity change from 0 to 12 [ 69.473853][ T5343] block nbd1: Send control failed (result -89) [ 69.477591][ T5343] block nbd1: Request send failed, requeueing [ 69.481929][ T1130] block nbd1: Dead connection, failed to find a fallback [ 69.484226][ T5349] block nbd1: Receive control failed (result -32) [ 69.485057][ T1130] block nbd1: shutting down sockets [ 69.490551][ T1130] blk_print_req_error: 196 callbacks suppressed [ 69.490562][ T1130] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.497355][ T1130] buffer_io_error: 197 callbacks suppressed [ 69.497365][ T1130] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.504044][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.504633][ T39] audit: type=1400 audit(1723141536.430:307): avc: denied { rename } for pid=4811 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 69.508068][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.530739][ T39] audit: type=1400 audit(1723141536.430:308): avc: denied { unlink } for pid=4811 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 69.534129][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.546739][ T39] audit: type=1400 audit(1723141536.430:309): avc: denied { create } for pid=4811 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 69.547850][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.561586][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.565620][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.569564][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.573643][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.577195][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.581737][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.585396][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.592189][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.595712][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.601376][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.605452][ T5343] ldm_validate_partition_table(): Disk read failed. [ 69.608555][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.612785][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.616404][ T5343] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 69.620577][ T5343] Buffer I/O error on dev nbd1, logical block 0, async page read [ 69.624523][ T5343] Dev nbd1: unable to read RDB block 0 [ 69.627276][ T5343] nbd1: unable to read partition table [ 69.630074][ T5343] nbd1: partition table beyond EOD, truncated [ 69.635247][ T5343] ldm_validate_partition_table(): Disk read failed. [ 69.638170][ T5343] Dev nbd1: unable to read RDB block 0 [ 69.640655][ T5343] nbd1: unable to read partition table [ 69.643102][ T5343] nbd1: partition table beyond EOD, truncated [ 69.943167][ T5948] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 70.152990][ T5950] netlink: 8 bytes leftover after parsing attributes in process `syz.0.164'. [ 70.280991][ T5955] netlink: 20 bytes leftover after parsing attributes in process `syz.0.166'. [ 71.064451][ T5970] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 71.279390][ T5970] nbd1: detected capacity change from 0 to 12 [ 71.283621][ T5970] block nbd1: Send control failed (result -89) [ 71.286299][ T5970] block nbd1: Request send failed, requeueing [ 71.289725][ T5349] block nbd1: Receive control failed (result -32) [ 71.289911][ T122] block nbd1: Dead connection, failed to find a fallback [ 71.295197][ T122] block nbd1: shutting down sockets [ 71.298056][ T5970] ldm_validate_partition_table(): Disk read failed. [ 71.301081][ T5970] Dev nbd1: unable to read RDB block 0 [ 71.303504][ T5970] nbd1: unable to read partition table [ 71.305922][ T5970] nbd1: partition table beyond EOD, truncated [ 71.308955][ T5343] ldm_validate_partition_table(): Disk read failed. [ 71.312213][ T5343] Dev nbd1: unable to read RDB block 0 [ 71.314166][ T5343] nbd1: unable to read partition table [ 71.316760][ T5343] nbd1: partition table beyond EOD, truncated [ 71.322788][ T5343] ldm_validate_partition_table(): Disk read failed. [ 71.325703][ T5343] Dev nbd1: unable to read RDB block 0 [ 71.327887][ T5343] nbd1: unable to read partition table [ 71.330419][ T5343] nbd1: partition table beyond EOD, truncated [ 71.347009][ T5977] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 71.430906][ T5983] mmap: syz.2.174 (5983) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 71.533562][ T5986] FAULT_INJECTION: forcing a failure. [ 71.533562][ T5986] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.542569][ T5986] CPU: 2 UID: 0 PID: 5986 Comm: syz.3.175 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 71.546926][ T5986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.551412][ T5986] Call Trace: [ 71.552854][ T5986] [ 71.554128][ T5986] dump_stack_lvl+0x16c/0x1f0 [ 71.556199][ T5986] should_fail_ex+0x497/0x5b0 [ 71.558285][ T5986] _copy_from_user+0x30/0xf0 [ 71.560331][ T5986] snd_rawmidi_kernel_write1+0x4f9/0x880 [ 71.562785][ T5986] snd_rawmidi_write+0x26d/0xc00 [ 71.564962][ T5986] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 71.567375][ T5986] ? avc_policy_seqno+0x9/0x20 [ 71.569213][ T30] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 71.569471][ T5986] ? selinux_file_permission+0x125/0x590 [ 71.575214][ T5986] ? __pfx_default_wake_function+0x10/0x10 [ 71.577779][ T5986] ? security_file_permission+0x98/0xc0 [ 71.580162][ T5986] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 71.582512][ T5986] vfs_writev+0x6ec/0xde0 [ 71.584452][ T5986] ? __pfx_vfs_writev+0x10/0x10 [ 71.586785][ T5986] ? __fget_files+0x24c/0x400 [ 71.587144][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.588943][ T5986] ? do_writev+0x287/0x370 [ 71.592792][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.593218][ T5986] do_writev+0x287/0x370 [ 71.597791][ T5986] ? __pfx_do_writev+0x10/0x10 [ 71.599925][ T5986] do_syscall_64+0xcd/0x250 [ 71.601963][ T5986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.604569][ T5986] RIP: 0033:0x7f03d39779f9 [ 71.606575][ T5986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.614827][ T5986] RSP: 002b:00007f03d47c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 71.618047][ T5986] RAX: ffffffffffffffda RBX: 00007f03d3b05f80 RCX: 00007f03d39779f9 [ 71.621081][ T5986] RDX: 0000000000000002 RSI: 0000000020000840 RDI: 0000000000000003 [ 71.624154][ T5986] RBP: 00007f03d47c7090 R08: 0000000000000000 R09: 0000000000000000 [ 71.627535][ T5986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 71.630897][ T5986] R13: 0000000000000000 R14: 00007f03d3b05f80 R15: 00007ffea41d4918 [ 71.634225][ T5986] [ 71.769343][ T30] usb 5-1: Using ep0 maxpacket: 32 [ 71.786540][ T30] usb 5-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91 [ 71.791629][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.816424][ T30] usb 5-1: config 0 descriptor?? [ 71.841593][ T30] gspca_main: sunplus-2.14.0 probing 0458:7006 [ 72.541754][ T6013] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 72.758991][ T6020] overlayfs: failed to resolve './file0': -2 [ 72.861155][ T30] gspca_sunplus: reg_w_riv err -110 [ 72.863492][ T30] sunplus 5-1:0.0: probe with driver sunplus failed with error -110 [ 72.934348][ T6029] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=6029 comm=syz.3.184 [ 73.141080][ T30] usb 5-1: USB disconnect, device number 2 [ 73.355526][ T6037] binder: 6036:6037 ioctl 4018620d 0 returned -22 [ 73.361768][ T6037] binder: 6036:6037 unknown command 0 [ 73.364103][ T6037] binder: 6036:6037 ioctl c0306201 20000080 returned -22 [ 73.831864][ T6050] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 73.832337][ T6048] netlink: 'syz.1.192': attribute type 1 has an invalid length. [ 74.376910][ T6060] overlayfs: failed to resolve './file0': -2 [ 74.545806][ T6069] Zero length message leads to an empty skb [ 74.551067][ T6069] netlink: 24 bytes leftover after parsing attributes in process `syz.1.199'. [ 74.805324][ T6079] qnx6: unable to set blocksize [ 74.885022][ T6089] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 75.039139][ T25] usb 6-1: new low-speed USB device number 3 using dummy_hcd [ 75.066220][ T39] kauditd_printk_skb: 25 callbacks suppressed [ 75.066233][ T39] audit: type=1400 audit(1723141541.990:335): avc: denied { create } for pid=6092 comm="syz.2.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 75.078834][ T39] audit: type=1400 audit(1723141541.990:336): avc: denied { bind } for pid=6092 comm="syz.2.204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 75.119548][ T6097] overlayfs: failed to resolve './file0': -2 [ 75.228088][ T25] usb 6-1: Invalid ep0 maxpacket: 64 [ 75.389505][ T25] usb 6-1: new low-speed USB device number 4 using dummy_hcd [ 75.593299][ T25] usb 6-1: Invalid ep0 maxpacket: 64 [ 75.599673][ T25] usb usb6-port1: attempt power cycle [ 75.738606][ T6113] netlink: 'syz.2.210': attribute type 33 has an invalid length. [ 75.742162][ T6113] netlink: 152 bytes leftover after parsing attributes in process `syz.2.210'. [ 75.835696][ T39] audit: type=1400 audit(1723141542.760:337): avc: denied { nlmsg_write } for pid=6114 comm="syz.2.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 76.009122][ T25] usb 6-1: new low-speed USB device number 5 using dummy_hcd [ 76.050782][ T25] usb 6-1: Invalid ep0 maxpacket: 64 [ 76.095915][ T6126] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 76.188771][ T39] audit: type=1400 audit(1723141543.110:338): avc: denied { name_bind } for pid=6129 comm="syz.0.213" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 76.209252][ T25] usb 6-1: new low-speed USB device number 6 using dummy_hcd [ 76.239747][ T25] usb 6-1: Invalid ep0 maxpacket: 64 [ 76.242272][ T25] usb usb6-port1: unable to enumerate USB device [ 76.309191][ T6133] nbd2: detected capacity change from 0 to 12 [ 76.313641][ T5343] block nbd2: Send control failed (result -89) [ 76.316648][ T5343] block nbd2: Request send failed, requeueing [ 76.320200][ T5349] block nbd2: Receive control failed (result -32) [ 76.323607][ T9] block nbd2: Dead connection, failed to find a fallback [ 76.326491][ T9] block nbd2: shutting down sockets [ 76.328833][ T9] blk_print_req_error: 75 callbacks suppressed [ 76.328908][ T9] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.334940][ T9] buffer_io_error: 75 callbacks suppressed [ 76.334952][ T9] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.339853][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.346156][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.348828][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.355180][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.358032][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.362027][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.364542][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.367971][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.371436][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.374781][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.377412][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.383287][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.388646][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.395743][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.399627][ T5343] ldm_validate_partition_table(): Disk read failed. [ 76.401920][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.405285][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.408686][ T5343] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 76.414185][ T5343] Buffer I/O error on dev nbd2, logical block 0, async page read [ 76.417410][ T5343] Dev nbd2: unable to read RDB block 0 [ 76.420849][ T5343] nbd2: unable to read partition table [ 76.423943][ T5343] nbd2: partition table beyond EOD, truncated [ 76.432013][ T5343] ldm_validate_partition_table(): Disk read failed. [ 76.434997][ T5343] Dev nbd2: unable to read RDB block 0 [ 76.437986][ T5343] nbd2: unable to read partition table [ 76.441482][ T5343] nbd2: partition table beyond EOD, truncated [ 76.781777][ T6152] FAULT_INJECTION: forcing a failure. [ 76.781777][ T6152] name failslab, interval 1, probability 0, space 0, times 0 [ 76.787708][ T6152] CPU: 1 UID: 0 PID: 6152 Comm: syz.3.219 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 76.792398][ T6152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.797155][ T6152] Call Trace: [ 76.798703][ T6152] [ 76.800036][ T6152] dump_stack_lvl+0x16c/0x1f0 [ 76.802170][ T6152] should_fail_ex+0x497/0x5b0 [ 76.804292][ T6152] ? fs_reclaim_acquire+0xae/0x160 [ 76.806600][ T6152] should_failslab+0xc2/0x120 [ 76.808693][ T6152] __kmalloc_node_noprof+0xd1/0x430 [ 76.811027][ T6152] ? crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 76.813650][ T6152] ? __pfx_crypto_alg_extsize+0x10/0x10 [ 76.816157][ T6152] crypto_alloc_tfmmem.isra.0+0x38/0x110 [ 76.818676][ T6152] crypto_create_tfm_node+0x83/0x320 [ 76.821047][ T6152] crypto_spawn_tfm2+0x62/0xb0 [ 76.823228][ T6152] cryptd_aead_init_tfm+0x3d/0x130 [ 76.825556][ T6152] ? __pfx_cryptd_aead_init_tfm+0x10/0x10 [ 76.828109][ T6152] crypto_aead_init_tfm+0x149/0x1b0 [ 76.830437][ T6152] crypto_create_tfm_node+0x100/0x320 [ 76.832831][ T6152] crypto_alloc_tfm_node+0x102/0x260 [ 76.835201][ T6152] cryptd_alloc_aead+0x117/0x200 [ 76.837420][ T6152] ? __pfx_cryptd_alloc_aead+0x10/0x10 [ 76.839801][ T6152] ? rcu_is_watching+0x12/0xc0 [ 76.841927][ T6152] ? trace_kmalloc+0x2d/0xe0 [ 76.844000][ T6152] simd_aead_init+0x69/0x1d0 [ 76.846076][ T6152] ? __pfx_simd_aead_init+0x10/0x10 [ 76.847840][ T6152] crypto_aead_init_tfm+0x149/0x1b0 [ 76.850224][ T6152] crypto_create_tfm_node+0x100/0x320 [ 76.852841][ T6152] crypto_spawn_tfm2+0x62/0xb0 [ 76.854924][ T6152] aead_init_geniv+0x1be/0x330 [ 76.856792][ T6152] ? __pfx_aead_init_geniv+0x10/0x10 [ 76.858865][ T6152] crypto_aead_init_tfm+0x149/0x1b0 [ 76.861155][ T6152] crypto_create_tfm_node+0x100/0x320 [ 76.863507][ T6152] crypto_alloc_tfm_node+0x102/0x260 [ 76.865853][ T6152] esp_init_aead.constprop.0+0x108/0x3b0 [ 76.868324][ T6152] ? __pfx_esp_init_aead.constprop.0+0x10/0x10 [ 76.871015][ T6152] ? __pfx_lock_release+0x10/0x10 [ 76.873202][ T6152] esp6_init_state+0x86/0x510 [ 76.875303][ T6152] __xfrm_init_state+0x836/0x1a90 [ 76.877521][ T6152] xfrm_add_sa+0x2b41/0x4e20 [ 76.879568][ T6152] ? hlock_class+0x4e/0x130 [ 76.881579][ T6152] ? __pfx_xfrm_add_sa+0x10/0x10 [ 76.883752][ T6152] ? __nla_parse+0x40/0x60 [ 76.885730][ T6152] ? __pfx_xfrm_add_sa+0x10/0x10 [ 76.887975][ T6152] xfrm_user_rcv_msg+0x58c/0xb30 [ 76.890247][ T6152] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 76.892637][ T6152] ? hlock_class+0x4e/0x130 [ 76.894653][ T6152] ? __lock_acquire+0x1620/0x3cb0 [ 76.896900][ T6152] ? __mutex_trylock_common+0xea/0x250 [ 76.899298][ T6152] ? __pfx___mutex_trylock_common+0x10/0x10 [ 76.901890][ T6152] netlink_rcv_skb+0x16b/0x440 [ 76.903970][ T6152] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 76.906342][ T6152] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 76.908657][ T6152] xfrm_netlink_rcv+0x71/0x90 [ 76.910727][ T6152] netlink_unicast+0x544/0x830 [ 76.912846][ T6152] ? __pfx_netlink_unicast+0x10/0x10 [ 76.915138][ T6152] netlink_sendmsg+0x8b8/0xd70 [ 76.917013][ T6152] ? __pfx_netlink_sendmsg+0x10/0x10 [ 76.919337][ T6152] ? __import_iovec+0x1fd/0x6e0 [ 76.921520][ T6152] ____sys_sendmsg+0xab5/0xc90 [ 76.923606][ T6152] ? copy_msghdr_from_user+0x10b/0x160 [ 76.926003][ T6152] ? __pfx_____sys_sendmsg+0x10/0x10 [ 76.928146][ T6152] ? find_held_lock+0x2d/0x110 [ 76.930264][ T6152] ? __pfx___lock_acquire+0x10/0x10 [ 76.932486][ T6152] ___sys_sendmsg+0x135/0x1e0 [ 76.934573][ T6152] ? __pfx____sys_sendmsg+0x10/0x10 [ 76.936854][ T6152] ? ksys_write+0x21c/0x260 [ 76.938871][ T6152] ? __fget_light+0x173/0x210 [ 76.940955][ T6152] __sys_sendmsg+0x117/0x1f0 [ 76.942988][ T6152] ? __pfx___sys_sendmsg+0x10/0x10 [ 76.945252][ T6152] do_syscall_64+0xcd/0x250 [ 76.947283][ T6152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.949893][ T6152] RIP: 0033:0x7f03d39779f9 [ 76.951804][ T6152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.959829][ T6152] RSP: 002b:00007f03d47c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 76.963265][ T6152] RAX: ffffffffffffffda RBX: 00007f03d3b05f80 RCX: 00007f03d39779f9 [ 76.966547][ T6152] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003 [ 76.969704][ T6152] RBP: 00007f03d47c7090 R08: 0000000000000000 R09: 0000000000000000 [ 76.972957][ T6152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 76.975799][ T6152] R13: 0000000000000000 R14: 00007f03d3b05f80 R15: 00007ffea41d4918 [ 76.979013][ T6152] [ 76.980445][ C1] vkms_vblank_simulate: vblank timer overrun [ 77.456151][ T6158] process 'syz.2.221' launched './file1' with NULL argv: empty string added [ 77.463732][ T39] audit: type=1400 audit(1723141544.390:339): avc: denied { execute_no_trans } for pid=6157 comm="syz.2.221" path="/52/file1" dev="tmpfs" ino=339 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 77.495251][ T6158] FAULT_INJECTION: forcing a failure. [ 77.495251][ T6158] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.501162][ T6158] CPU: 3 UID: 0 PID: 6158 Comm: syz.2.221 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 77.505263][ T6158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.509830][ T6158] Call Trace: [ 77.511208][ T6158] [ 77.512423][ T6158] dump_stack_lvl+0x16c/0x1f0 [ 77.514381][ T6158] should_fail_ex+0x497/0x5b0 [ 77.516315][ T6158] _copy_from_user+0x30/0xf0 [ 77.518180][ T6158] memdup_user+0x71/0xd0 [ 77.519625][ T6158] strndup_user+0x78/0xe0 [ 77.521491][ T6158] __x64_sys_mount+0x138/0x320 [ 77.523341][ T6158] ? __pfx___x64_sys_mount+0x10/0x10 [ 77.525298][ T6158] do_syscall_64+0xcd/0x250 [ 77.526856][ T6158] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.529159][ T6158] RIP: 0033:0x7f61353779f9 [ 77.530881][ T6158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.537826][ T6158] RSP: 002b:00007f6136120038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 77.540619][ T6158] RAX: ffffffffffffffda RBX: 00007f6135505f80 RCX: 00007f61353779f9 [ 77.543510][ T6158] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000020000000 [ 77.546548][ T6158] RBP: 00007f6136120090 R08: 0000000000000000 R09: 0000000000000000 [ 77.549648][ T6158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.552821][ T6158] R13: 0000000000000000 R14: 00007f6135505f80 R15: 00007fff0855f988 [ 77.555909][ T6158] [ 77.610460][ T58] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 77.853443][ T58] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 77.857550][ T58] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 77.863149][ T6168] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 77.869504][ T58] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 77.873744][ T58] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 77.878903][ T58] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 77.886108][ T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.894155][ T58] usb 8-1: config 0 descriptor?? [ 78.090077][ T6178] nbd1: detected capacity change from 0 to 12 [ 78.094267][ T6168] block nbd1: Send control failed (result -89) [ 78.096796][ T6168] block nbd1: Request send failed, requeueing [ 78.099542][ T5349] block nbd1: Receive control failed (result -32) [ 78.100467][ T9] block nbd1: Dead connection, failed to find a fallback [ 78.104270][ T9] block nbd1: shutting down sockets [ 78.106469][ T6168] ldm_validate_partition_table(): Disk read failed. [ 78.111169][ T6168] Dev nbd1: unable to read RDB block 0 [ 78.113234][ T6168] nbd1: unable to read partition table [ 78.115722][ T6168] nbd1: partition table beyond EOD, truncated [ 78.117853][ T39] audit: type=1400 audit(1723141545.040:340): avc: denied { bind } for pid=6179 comm="syz.0.227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 78.127710][ T39] audit: type=1400 audit(1723141545.050:341): avc: denied { node_bind } for pid=6179 comm="syz.0.227" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 78.134634][ T5418] ldm_validate_partition_table(): Disk read failed. [ 78.140089][ T6180] netlink: 20 bytes leftover after parsing attributes in process `syz.0.227'. [ 78.147348][ T5418] Dev nbd1: unable to read RDB block 0 [ 78.151807][ T5418] nbd1: unable to read partition table [ 78.154227][ T5418] nbd1: partition table beyond EOD, truncated [ 78.169816][ T5418] ldm_validate_partition_table(): Disk read failed. [ 78.173057][ T5418] Dev nbd1: unable to read RDB block 0 [ 78.175539][ T5418] nbd1: unable to read partition table [ 78.178035][ T5418] nbd1: partition table beyond EOD, truncated [ 78.335226][ T58] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 78.361495][ T58] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 78.895561][ T6202] netlink: 76 bytes leftover after parsing attributes in process `syz.2.233'. [ 79.299245][ T6213] qnx6: unable to set blocksize [ 79.339996][ T39] audit: type=1326 audit(1723141546.270:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6215 comm="syz.0.237" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb774f779f9 code=0x0 [ 79.487609][ T6221] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 79.699461][ T6222] nbd0: detected capacity change from 0 to 12 [ 79.703111][ T5343] block nbd0: Send control failed (result -89) [ 79.705682][ T5343] block nbd0: Request send failed, requeueing [ 79.709355][ T5349] block nbd0: Receive control failed (result -32) [ 79.709431][ T122] block nbd0: Dead connection, failed to find a fallback [ 79.715490][ T122] block nbd0: shutting down sockets [ 79.718356][ T5343] ldm_validate_partition_table(): Disk read failed. [ 79.723053][ T5343] Dev nbd0: unable to read RDB block 0 [ 79.725838][ T5343] nbd0: unable to read partition table [ 79.728525][ T5343] nbd0: partition table beyond EOD, truncated [ 79.735375][ T5343] ldm_validate_partition_table(): Disk read failed. [ 79.738503][ T5343] Dev nbd0: unable to read RDB block 0 [ 79.741168][ T5343] nbd0: unable to read partition table [ 79.743914][ T5343] nbd0: partition table beyond EOD, truncated [ 80.072299][ T5129] usb 8-1: reset high-speed USB device number 2 using dummy_hcd [ 80.249200][ T6242] virtio-fs: tag <(null)> not found [ 80.255679][ T39] audit: type=1400 audit(1723141547.180:343): avc: denied { ioctl } for pid=6240 comm="syz.1.244" path="socket:[13826]" dev="sockfs" ino=13826 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 80.266175][ T6242] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 80.269637][ T6242] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 80.275844][ T6242] vhci_hcd vhci_hcd.0: Device attached [ 80.479555][ T58] vhci_hcd: vhci_device speed not set [ 80.559136][ T58] usb 15-1: new full-speed USB device number 2 using vhci_hcd [ 80.679475][ T1109] nci: nci_add_new_protocol: the target found does not have the desired protocol [ 80.745874][ T6243] vhci_hcd: connection reset by peer [ 80.755424][ T1102] vhci_hcd: stop threads [ 80.758092][ T1102] vhci_hcd: release socket [ 80.761016][ T1102] vhci_hcd: disconnect device [ 81.348331][ T39] audit: type=1400 audit(1723141548.270:344): avc: denied { unmount } for pid=5336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 81.387154][ T6265] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 81.583962][ T6279] qnx6: unable to set blocksize [ 81.610400][ T6270] nbd1: detected capacity change from 0 to 12 [ 81.615342][ T6270] block nbd1: Send control failed (result -89) [ 81.618729][ T6270] block nbd1: Request send failed, requeueing [ 81.625676][ T5349] block nbd1: Receive control failed (result -32) [ 81.630555][ T51] block nbd1: Dead connection, failed to find a fallback [ 81.633905][ T51] block nbd1: shutting down sockets [ 81.636381][ T51] blk_print_req_error: 110 callbacks suppressed [ 81.636392][ T51] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.643896][ T51] buffer_io_error: 110 callbacks suppressed [ 81.643906][ T51] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.659569][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.663551][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.667122][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.670446][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.673565][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.677036][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.683042][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.687150][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.691081][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.695497][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.700952][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.705298][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.710371][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.714667][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.717835][ T6270] ldm_validate_partition_table(): Disk read failed. [ 81.722442][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.726829][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.731088][ T6270] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.735121][ T6270] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.738878][ T6270] Dev nbd1: unable to read RDB block 0 [ 81.743148][ T6270] nbd1: unable to read partition table [ 81.745963][ T6270] nbd1: partition table beyond EOD, truncated [ 81.751096][ T5343] ldm_validate_partition_table(): Disk read failed. [ 81.754247][ T5343] Dev nbd1: unable to read RDB block 0 [ 81.756870][ T5343] nbd1: unable to read partition table [ 81.759987][ T5343] nbd1: partition table beyond EOD, truncated [ 81.767160][ T5343] ldm_validate_partition_table(): Disk read failed. [ 81.771627][ T5343] Dev nbd1: unable to read RDB block 0 [ 81.774117][ T5343] nbd1: unable to read partition table [ 81.776616][ T5343] nbd1: partition table beyond EOD, truncated [ 81.822641][ T30] usb 8-1: USB disconnect, device number 2 [ 81.828568][ T57] cfg80211: failed to load regulatory.db [ 81.995668][ T39] audit: type=1400 audit(1723141548.920:345): avc: denied { getopt } for pid=6285 comm="syz.3.255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 82.012194][ T6286] dvmrp0: entered allmulticast mode [ 82.038279][ T6286] dvmrp0: left allmulticast mode [ 82.200328][ T6297] netlink: 60 bytes leftover after parsing attributes in process `syz.3.258'. [ 82.203908][ T6297] unsupported nlmsg_type 40 [ 82.338216][ T6304] warning: `syz.2.261' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 82.440454][ T6309] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 82.670104][ T6309] nbd3: detected capacity change from 0 to 12 [ 82.674303][ T5343] block nbd3: Send control failed (result -89) [ 82.676939][ T5343] block nbd3: Request send failed, requeueing [ 82.679989][ T9] block nbd3: Dead connection, failed to find a fallback [ 82.686537][ T5349] block nbd3: Receive control failed (result -32) [ 82.695506][ T9] block nbd3: shutting down sockets [ 82.697784][ T5343] ldm_validate_partition_table(): Disk read failed. [ 82.697995][ T5343] Dev nbd3: unable to read RDB block 0 [ 82.698154][ T5343] nbd3: unable to read partition table [ 82.698327][ T5343] nbd3: partition table beyond EOD, truncated [ 82.718139][ T5343] ldm_validate_partition_table(): Disk read failed. [ 82.723122][ T5343] Dev nbd3: unable to read RDB block 0 [ 82.725612][ T5343] nbd3: unable to read partition table [ 82.728570][ T5343] nbd3: partition table beyond EOD, truncated [ 82.768902][ T6324] netlink: 32 bytes leftover after parsing attributes in process `syz.2.266'. [ 82.990697][ T6333] qnx6: unable to set blocksize [ 83.078029][ T39] audit: type=1400 audit(1723141550.000:346): avc: denied { getopt } for pid=6335 comm="syz.0.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 83.100637][ T35] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 83.302747][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 83.307410][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 83.311800][ T35] usb 7-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 83.314749][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.319709][ T35] usb 7-1: config 0 descriptor?? [ 83.346659][ T39] audit: type=1400 audit(1723141550.270:347): avc: denied { mount } for pid=6341 comm="syz.1.272" name="/" dev="hugetlbfs" ino=12092 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 83.637099][ T39] audit: type=1326 audit(1723141550.560:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.1.272" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f197c5779f9 code=0x7ffc0000 [ 83.652468][ T39] audit: type=1326 audit(1723141550.560:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.1.272" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f197c5779f9 code=0x7ffc0000 [ 83.662825][ T39] audit: type=1326 audit(1723141550.560:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.1.272" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f197c5779f9 code=0x7ffc0000 [ 83.694288][ T39] audit: type=1326 audit(1723141550.560:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.1.272" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f197c5779f9 code=0x7ffc0000 [ 83.704457][ T39] audit: type=1326 audit(1723141550.560:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6341 comm="syz.1.272" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f197c5779f9 code=0x7ffc0000 [ 83.757784][ T6347] overlayfs: failed to resolve './file1': -2 [ 83.866953][ T35] usbhid 7-1:0.0: can't add hid device: -71 [ 83.876475][ T35] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 83.887778][ T35] usb 7-1: USB disconnect, device number 3 [ 84.295360][ T6359] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 84.456945][ T6371] FAULT_INJECTION: forcing a failure. [ 84.456945][ T6371] name failslab, interval 1, probability 0, space 0, times 0 [ 84.464894][ T6371] CPU: 2 UID: 0 PID: 6371 Comm: syz.3.280 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 84.470480][ T6371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.475593][ T6371] Call Trace: [ 84.477208][ T6371] [ 84.478627][ T6371] dump_stack_lvl+0x16c/0x1f0 [ 84.480834][ T6371] should_fail_ex+0x497/0x5b0 [ 84.483117][ T6371] ? fs_reclaim_acquire+0xae/0x160 [ 84.485578][ T6371] should_failslab+0xc2/0x120 [ 84.487785][ T6371] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 84.490528][ T6371] ? __d_alloc+0x31/0xaa0 [ 84.492572][ T6371] __d_alloc+0x31/0xaa0 [ 84.494506][ T6371] ? hlock_class+0x4e/0x130 [ 84.496743][ T6371] d_alloc_pseudo+0x1c/0xc0 [ 84.498795][ T6371] alloc_file_pseudo+0xdc/0x210 [ 84.501112][ T6371] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 84.503753][ T6371] ? __pfx_idr_alloc_u32+0x10/0x10 [ 84.506242][ T6371] ? find_held_lock+0x2d/0x110 [ 84.508474][ T6371] ? find_held_lock+0x2d/0x110 [ 84.510838][ T6371] __anon_inode_getfile+0x136/0x3e0 [ 84.513063][ T6371] ? __pfx___anon_inode_getfile+0x10/0x10 [ 84.515205][ T6371] ? bpf_link_prime+0x8a/0x4d0 [ 84.516917][ T6371] ? __local_bh_enable_ip+0xa4/0x120 [ 84.519299][ T6371] bpf_link_prime+0x202/0x4d0 [ 84.521494][ T6371] bpf_uprobe_multi_link_attach+0xc20/0xe20 [ 84.524048][ T6371] ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10 [ 84.527029][ T6371] ? fput+0x32/0x390 [ 84.528800][ T6371] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 84.531510][ T6371] __sys_bpf+0x41ff/0x4a20 [ 84.533538][ T6371] ? ksys_write+0x21c/0x260 [ 84.535647][ T6371] ? reacquire_held_locks+0x440/0x4c0 [ 84.538113][ T6371] ? __pfx___sys_bpf+0x10/0x10 [ 84.540223][ T6371] ? vfs_write+0x14d/0x1140 [ 84.542368][ T6371] ? __mutex_unlock_slowpath+0x164/0x650 [ 84.544820][ T6371] ? fput+0x32/0x390 [ 84.546677][ T6371] ? ksys_write+0x1ab/0x260 [ 84.548699][ T6371] ? __pfx_ksys_write+0x10/0x10 [ 84.550872][ T6371] __x64_sys_bpf+0x78/0xc0 [ 84.552662][ T6371] ? lockdep_hardirqs_on+0x7c/0x110 [ 84.554778][ T6371] do_syscall_64+0xcd/0x250 [ 84.556589][ T6371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.559007][ T6371] RIP: 0033:0x7f03d39779f9 [ 84.560348][ T6375] qnx6: unable to set blocksize [ 84.560782][ T6371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.570938][ T6371] RSP: 002b:00007f03d47c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 84.574604][ T6371] RAX: ffffffffffffffda RBX: 00007f03d3b05f80 RCX: 00007f03d39779f9 [ 84.578122][ T6371] RDX: 0000000000000040 RSI: 00000000200002c0 RDI: 000000000000001c [ 84.581746][ T6371] RBP: 00007f03d47c7090 R08: 0000000000000000 R09: 0000000000000000 [ 84.585398][ T6371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.588818][ T6371] R13: 0000000000000000 R14: 00007f03d3b05f80 R15: 00007ffea41d4918 [ 84.592341][ T6371] [ 84.598019][ T6370] ================================================================== [ 84.601235][ T6370] BUG: KASAN: slab-use-after-free in __uprobe_unregister+0x210/0x260 [ 84.604263][ T6370] Read of size 8 at addr ffff88801d7ea9b8 by task syz.3.280/6370 [ 84.607360][ T6370] [ 84.608402][ T6370] CPU: 2 UID: 0 PID: 6370 Comm: syz.3.280 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 84.611201][ T6378] netlink: 16 bytes leftover after parsing attributes in process `syz.0.278'. [ 84.614068][ T6370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.614080][ T6370] Call Trace: [ 84.624750][ T6370] [ 84.625984][ T6370] dump_stack_lvl+0x116/0x1f0 [ 84.627873][ T6370] print_report+0xc3/0x620 [ 84.629890][ T6370] ? __virt_addr_valid+0x5e/0x590 [ 84.632157][ T6370] ? __phys_addr+0xc6/0x150 [ 84.634327][ T6370] kasan_report+0xd9/0x110 [ 84.636246][ T6370] ? __uprobe_unregister+0x210/0x260 [ 84.638724][ T6370] ? __uprobe_unregister+0x210/0x260 [ 84.641192][ T6370] __uprobe_unregister+0x210/0x260 [ 84.643480][ T6370] uprobe_unregister+0x45/0x70 [ 84.645615][ T6370] bpf_uprobe_unregister+0xfb/0x1d0 [ 84.648072][ T6370] ? bpf_link_free+0x95/0x2b0 [ 84.650191][ T6370] ? __pfx_bpf_link_release+0x10/0x10 [ 84.652672][ T6370] bpf_uprobe_multi_link_release+0x6d/0x180 [ 84.655360][ T6370] bpf_link_free+0x12c/0x2b0 [ 84.657192][ T6370] bpf_link_release+0x63/0x80 [ 84.659435][ T6370] __fput+0x408/0xbb0 [ 84.661267][ T6370] ? _raw_spin_unlock_irq+0x23/0x50 [ 84.663345][ T6370] task_work_run+0x14e/0x250 [ 84.665061][ T6370] ? __pfx_task_work_run+0x10/0x10 [ 84.667485][ T6370] syscall_exit_to_user_mode+0x27b/0x2a0 [ 84.670140][ T6370] do_syscall_64+0xda/0x250 [ 84.672093][ T6370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.674623][ T6370] RIP: 0033:0x7f03d39779f9 [ 84.676552][ T6370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.684932][ T6370] RSP: 002b:00007ffea41d4a78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 84.688637][ T6370] RAX: 0000000000000000 RBX: 0000000000014954 RCX: 00007f03d39779f9 [ 84.691852][ T6370] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 84.695057][ T6370] RBP: 00007ffea41d4b50 R08: 0000000000000001 R09: 00007ffea41d4d5f [ 84.698202][ T6370] R10: 00007f03d3800000 R11: 0000000000000246 R12: 0000000000000032 [ 84.701640][ T6370] R13: 00007ffea41d4b70 R14: 00007ffea41d4b90 R15: ffffffffffffffff [ 84.704315][ T6370] [ 84.705465][ T6370] [ 84.706285][ T6370] Allocated by task 6371: [ 84.707814][ T6370] kasan_save_stack+0x33/0x60 [ 84.709850][ T6370] kasan_save_track+0x14/0x30 [ 84.711565][ T6370] __kasan_kmalloc+0xaa/0xb0 [ 84.713419][ T6370] __kmalloc_node_noprof+0x211/0x430 [ 84.715463][ T6370] __kvmalloc_node_noprof+0x9d/0x1a0 [ 84.717669][ T6370] bpf_uprobe_multi_link_attach+0x45d/0xe20 [ 84.720065][ T6370] __sys_bpf+0x41ff/0x4a20 [ 84.721866][ T6370] __x64_sys_bpf+0x78/0xc0 [ 84.723756][ T6370] do_syscall_64+0xcd/0x250 [ 84.725513][ T6370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.727545][ T6370] [ 84.728351][ T6370] Freed by task 6371: [ 84.729717][ T6370] kasan_save_stack+0x33/0x60 [ 84.731302][ T6370] kasan_save_track+0x14/0x30 [ 84.732865][ T6370] kasan_save_free_info+0x3b/0x60 [ 84.734783][ T6370] poison_slab_object+0xf7/0x160 [ 84.736945][ T6370] __kasan_slab_free+0x32/0x50 [ 84.738897][ T6370] kfree+0x12a/0x3b0 [ 84.740383][ T6370] kvfree+0x47/0x50 [ 84.742008][ T6370] bpf_uprobe_multi_link_attach+0xaae/0xe20 [ 84.744625][ T6370] __sys_bpf+0x41ff/0x4a20 [ 84.746557][ T6370] __x64_sys_bpf+0x78/0xc0 [ 84.748497][ T6370] do_syscall_64+0xcd/0x250 [ 84.750493][ T6370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.752887][ T6370] [ 84.753737][ T6370] The buggy address belongs to the object at ffff88801d7ea980 [ 84.753737][ T6370] which belongs to the cache kmalloc-64 of size 64 [ 84.758864][ T6370] The buggy address is located 56 bytes inside of [ 84.758864][ T6370] freed 64-byte region [ffff88801d7ea980, ffff88801d7ea9c0) [ 84.764354][ T6370] [ 84.765447][ T6370] The buggy address belongs to the physical page: [ 84.767648][ T6370] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1d7ea [ 84.770895][ T6370] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 84.773449][ T6370] page_type: 0xfdffffff(slab) [ 84.775226][ T6370] raw: 00fff00000000000 ffff8880158428c0 ffffea0000816500 dead000000000004 [ 84.778363][ T6370] raw: 0000000000000000 0000000080200020 00000001fdffffff 0000000000000000 [ 84.781899][ T6370] page dumped because: kasan: bad access detected [ 84.784214][ T6370] page_owner tracks the page as allocated [ 84.786712][ T6370] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 11, tgid 11 (kworker/u32:0), ts 7392881757, free_ts 7240754492 [ 84.793950][ T6370] post_alloc_hook+0x2d1/0x350 [ 84.795941][ T6370] get_page_from_freelist+0x1351/0x2e50 [ 84.798287][ T6370] __alloc_pages_noprof+0x22b/0x2460 [ 84.800620][ T6370] alloc_slab_page+0x4e/0xf0 [ 84.802641][ T6370] new_slab+0x84/0x260 [ 84.804316][ T6370] ___slab_alloc+0xdac/0x1870 [ 84.806461][ T6370] __slab_alloc.constprop.0+0x56/0xb0 [ 84.808185][ T6370] __kmalloc_node_noprof+0x357/0x430 [ 84.809762][ T6370] __vmalloc_node_range_noprof+0x401/0x1520 [ 84.811512][ T6370] copy_process+0x2f3b/0x8de0 [ 84.813015][ T6370] kernel_clone+0xfd/0x980 [ 84.814733][ T6370] user_mode_thread+0xb4/0xf0 [ 84.816322][ T6370] call_usermodehelper_exec_work+0xcb/0x170 [ 84.818534][ T6370] process_one_work+0x9c5/0x1b40 [ 84.820663][ T6370] worker_thread+0x6c8/0xf20 [ 84.822665][ T6370] kthread+0x2c1/0x3a0 [ 84.824351][ T6370] page last free pid 59 tgid 59 stack trace: [ 84.826678][ T6370] free_unref_page+0x64a/0xe40 [ 84.828233][ T6370] vfree+0x181/0x7a0 [ 84.829719][ T6370] delayed_vfree_work+0x56/0x70 [ 84.831709][ T6370] process_one_work+0x9c5/0x1b40 [ 84.833317][ T6370] worker_thread+0x6c8/0xf20 [ 84.835100][ T6370] kthread+0x2c1/0x3a0 [ 84.836807][ T6370] ret_from_fork+0x45/0x80 [ 84.838444][ T6370] ret_from_fork_asm+0x1a/0x30 [ 84.840001][ T6370] [ 84.841000][ T6370] Memory state around the buggy address: [ 84.843310][ T6370] ffff88801d7ea880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 84.846180][ T6370] ffff88801d7ea900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 84.849340][ T6370] >ffff88801d7ea980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 84.852330][ T6370] ^ [ 84.854679][ T6370] ffff88801d7eaa00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 84.857638][ T6370] ffff88801d7eaa80: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 84.860819][ T6370] ================================================================== [ 84.865705][ T6370] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 84.868732][ T6370] CPU: 2 UID: 0 PID: 6370 Comm: syz.3.280 Not tainted 6.11.0-rc2-syzkaller-00027-g6a0e38264012 #0 [ 84.872939][ T6370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.877580][ T6370] Call Trace: [ 84.879082][ T6370] [ 84.880414][ T6370] dump_stack_lvl+0x3d/0x1f0 [ 84.882464][ T6370] panic+0x6f5/0x7a0 [ 84.884074][ T6370] ? __pfx_panic+0x10/0x10 [ 84.885988][ T6370] ? preempt_schedule_thunk+0x1a/0x30 [ 84.888220][ T6370] ? preempt_schedule_common+0x44/0xc0 [ 84.890250][ T6370] ? check_panic_on_warn+0x1f/0xb0 [ 84.891964][ T6370] check_panic_on_warn+0xab/0xb0 [ 84.893641][ T6370] end_report+0x117/0x180 [ 84.895333][ T6370] kasan_report+0xe9/0x110 [ 84.896866][ T6370] ? __uprobe_unregister+0x210/0x260 [ 84.898671][ T6370] ? __uprobe_unregister+0x210/0x260 [ 84.900576][ T6370] __uprobe_unregister+0x210/0x260 [ 84.902880][ T6370] uprobe_unregister+0x45/0x70 [ 84.904910][ T6370] bpf_uprobe_unregister+0xfb/0x1d0 [ 84.907154][ T6370] ? bpf_link_free+0x95/0x2b0 [ 84.908835][ T6370] ? __pfx_bpf_link_release+0x10/0x10 [ 84.910876][ T6370] bpf_uprobe_multi_link_release+0x6d/0x180 [ 84.913093][ T6370] bpf_link_free+0x12c/0x2b0 [ 84.914995][ T6370] bpf_link_release+0x63/0x80 [ 84.917001][ T6370] __fput+0x408/0xbb0 [ 84.918774][ T6370] ? _raw_spin_unlock_irq+0x23/0x50 [ 84.920906][ T6370] task_work_run+0x14e/0x250 [ 84.922932][ T6370] ? __pfx_task_work_run+0x10/0x10 [ 84.925099][ T6370] syscall_exit_to_user_mode+0x27b/0x2a0 [ 84.927182][ T6370] do_syscall_64+0xda/0x250 [ 84.928724][ T6370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.930883][ T6370] RIP: 0033:0x7f03d39779f9 [ 84.932763][ T6370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.940283][ T6370] RSP: 002b:00007ffea41d4a78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 84.943820][ T6370] RAX: 0000000000000000 RBX: 0000000000014954 RCX: 00007f03d39779f9 [ 84.947166][ T6370] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 84.950477][ T6370] RBP: 00007ffea41d4b50 R08: 0000000000000001 R09: 00007ffea41d4d5f [ 84.953692][ T6370] R10: 00007f03d3800000 R11: 0000000000000246 R12: 0000000000000032 [ 84.957023][ T6370] R13: 00007ffea41d4b70 R14: 00007ffea41d4b90 R15: ffffffffffffffff [ 84.960359][ T6370] [ 84.962282][ T6370] Kernel Offset: disabled [ 84.964082][ T6370] Rebooting in 86400 seconds.. VM DIAGNOSIS: 18:25:51 Registers: info registers vcpu 0 CPU#0 RAX=0000000000014c39 RBX=0000000000000001 RCX=ffffc90004373000 RDX=0000000000040000 RSI=ffffffff816b67fc RDI=0000000000000001 RBP=000000000000004b RSP=ffffc900035fe7e8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=0000000000000200 R13=ffff888026de8000 R14=ffffffff8bb38180 R15=ffffc900035fe868 RIP=ffffffff816b67fe RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fb7749ff6c0 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000200011c0 CR3=00000000245d2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb774fe66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb774fe66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb774fe66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb774fe66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb774fe6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb774fe6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb7750d6488 00007fb7750d6480 00007fb7750d6478 00007fb7750d6450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb775c3d100 00007fb7750d6440 00007fb7750d6458 00007fb7750d64a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb7750d6498 00007fb7750d6490 00007fb7750d6488 00007fb7750d6480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88806b2467e0 RCX=ffffffff817e443b RDX=ffff8880196fa440 RSI=ffffffff817e4415 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000897930 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed100d648cfd R13=0000000000000001 R14=ffff88806b2467e8 R15=ffff88806b13ffc0 RIP=ffffffff817e441c RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fb7749fef98 CR3=0000000055c04000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c6d6488 00007f197c6d6480 00007f197c6d6478 00007f197c6d6450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197d23d100 00007f197c6d6440 00007f197c6d0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c6d6498 00007f197c6d6490 00007f197c6d6488 00007f197c6d6480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff816b680e RDX=0000000000000001 RSI=0000000000000000 RDI=0000000000000001 RBP=000000000000000b RSP=ffffc9000365f968 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=552032203a555043 R12=0000000000000000 R13=ffff88802e1da440 R14=ffffffff8d681376 R15=ffffc9000365f9f0 RIP=ffffffff818a76a0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055557fe2e500 ffffffff 00c00000 GS =0000 ffff88806b200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fb7749ffd58 CR3=000000004d2f8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=00000000000000ff Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f03d39e66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f03d39e66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f03d39e66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f03d39e66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f03d39e6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f03d39e6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 9500000000000000 b7000000ad000000 8500000000000003 b700000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f03d463d100 00007f03d3ad6440 00007f03d3ad6458 0000000700080006 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f03d3ad6498 00007f03d3ad6490 00007f03d3ad6488 00007f03d3ad6480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000a5287 RBX=0000000000000003 RCX=ffffffff8b11e709 RDX=0000000000000000 RSI=ffffffff8b4cc500 RDI=ffffffff8bb08880 RBP=ffffed10030db488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d666fd9 R10=ffff88806b337ecb R11=0000000000000000 R12=0000000000000003 R13=ffff8880186da440 R14=ffffffff9012d218 R15=0000000000000000 RIP=ffffffff8b11faff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055b36fa598e8 CR3=0000000055c04000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000040001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e66e4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e66f1 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e66eb ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e66ff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e6785 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c5e6863 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c6d6488 00007f197c6d6480 00007f197c6d6478 00007f197c6d6450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197d23d100 00007f197c6d6440 00007f197c6d0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f197c6d6498 00007f197c6d6490 00007f197c6d6488 00007f197c6d6480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000