last executing test programs: 2.634642275s ago: executing program 1 (id=1660): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c", @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 2.634102478s ago: executing program 1 (id=1661): r0 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0x6, @loopback={0x1802, 0x7ffffffe}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca) 2.570051303s ago: executing program 1 (id=1662): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a7", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x48) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x58}}, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 2.505754517s ago: executing program 1 (id=1663): r0 = socket$inet_tcp(0x2, 0x1, 0x0) flistxattr(r0, &(0x7f0000000bc0)=""/4096, 0x1000) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r1 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) chdir(&(0x7f0000000140)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4) setsockopt$inet_tcp_int(r2, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4) sendmmsg$inet(r2, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)='\x00', 0x1}], 0x1}}], 0x1, 0x2400c042) chdir(&(0x7f0000000080)='./file1\x00') ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0) 2.505549603s ago: executing program 1 (id=1664): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) socket$inet6(0xa, 0x80000, 0x6f04) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x8360a0, 0x0) 2.370316576s ago: executing program 1 (id=1667): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) (fail_nth: 2) 2.324927715s ago: executing program 32 (id=1667): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) (fail_nth: 2) 1.903536461s ago: executing program 2 (id=1678): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32], 0x48) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 1.726319279s ago: executing program 2 (id=1681): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c", @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 1.725898571s ago: executing program 0 (id=1682): socket$inet(0x2, 0x1, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x4, 0x6, 0x6, 0x9, 0x26, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1, 0x1, 0x4, 0x7}}) socket$nl_route(0x10, 0x3, 0x0) r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000400)={0x18, 0x0, {0x2, @random="026c651495b5", 'lo\x00'}}, 0x1e) sendmmsg(0xffffffffffffffff, &(0x7f00000043c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000840)="cbc2110634fe", 0x6}], 0x1}}], 0x2, 0x40000) ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000001f00)) sendmmsg(r2, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000007c0)="0281", 0x2}], 0x1}}], 0x34000, 0x24005805) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket(0x10, 0x3, 0x0) bind$netlink(r3, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc) write(r3, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) connect$netlink(r3, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) write(r3, &(0x7f0000000000)='\"', 0xfdef) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000006c0)={0x2, @vbi={0x82, 0xbc20, 0x0, 0x42303159, [0x8, 0x3], [0x5, 0x4], 0x13a}}) r5 = accept4$packet(r3, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000200)=0x14, 0x80000) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000000)={'gretap0\x00', &(0x7f00000000c0)=@ethtool_dump={0x3e, 0x4, 0x4}}) r6 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) r7 = io_uring_setup(0x7d2e, &(0x7f0000002380)={0x0, 0xb978, 0x8000, 0x0, 0x19a}) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r7, 0xc, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x1, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00'}, 0x94) fremovexattr(r6, &(0x7f0000000140)=@known='trusted.overlay.opaque\x00') setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@broadcast, @loopback, r0}, 0xc) 1.640066682s ago: executing program 2 (id=1684): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a004e200000040100000000000000000000ffffac14142a06"], 0x21c}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 1.54904304s ago: executing program 2 (id=1687): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, 0x0) 1.279873238s ago: executing program 2 (id=1691): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a004e2000000401"], 0x21c}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 840.460331ms ago: executing program 0 (id=1692): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) syz_emit_ethernet(0x42, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff8190780000000000000000860800000003010200000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r1, 0x5386, &(0x7f0000000040)) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) clock_gettime(0x3, &(0x7f0000000080)) ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f00000000c0)=@overlay={0x200, 0x2, 0x4, 0x100, 0x3, {0x0, 0xea60}, {0x5, 0x0, 0x3, 0x1, 0x33, 0xa, "085adca6"}, 0x1, 0x3, {}, 0x2}) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4048aecb, &(0x7f00000000c0)=ANY=[]) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000000)={0x0, 0xf}) 717.702043ms ago: executing program 0 (id=1693): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c6e", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 370.131649ms ago: executing program 2 (id=1694): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x100, 0x70bd2d, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4040884}, 0xab18531fc5c44fa5) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000002440), 0xffffffffffffffff) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000500)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r4, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f00000024c0)={0x2c, r3, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4044001}, 0x20000004) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="12000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x57}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICLIST(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x50, r7, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast1}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'macsec0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x10000000}, 0x4000084) r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000280), r0) sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r9, 0x100, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @remote}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @remote}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x31}, 0x8000) r10 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42) ioctl$LOOP_CONFIGURE(r10, 0x4c0a, &(0x7f0000001ac0)={r8, 0x0, {0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200"}}) r11 = dup(r10) write$UHID_INPUT(r11, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38) r12 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r12, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r12, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)}, 0x0) r13 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r13, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r12, 0x84, 0x85, &(0x7f0000000000)={r14, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r12, 0x84, 0x85, &(0x7f00000001c0)={r14, @in6={{0xa, 0x4e20, 0xffffffff, @empty, 0xffffffff}}}, 0x90) setsockopt$inet_sctp_SCTP_ASSOCINFO(r11, 0x84, 0x1, &(0x7f0000000140)={r14, 0x3, 0x6, 0x7, 0x6, 0x10}, 0x14) 369.965057ms ago: executing program 3 (id=1695): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c6e", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 369.598304ms ago: executing program 0 (id=1696): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32], 0x48) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a004e200000040100000000000000000000ffffac14142a06"], 0x21c}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x58}}, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 288.349729ms ago: executing program 3 (id=1697): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c6e", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32], 0x48) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c020000", @ANYRES16, @ANYBLOB="01000000000000000000010000001400020077673100000000000000000000000000f4010880700000804800098028a25880060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000008000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a"], 0x21c}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x58}}, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 288.013525ms ago: executing program 0 (id=1698): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a7", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32], 0x48) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[], 0x21c}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x58}}, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 164.309439ms ago: executing program 3 (id=1699): r0 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x300) (fail_nth: 7) 97.968682ms ago: executing program 3 (id=1700): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c", @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x7, 0x0, 0x5, 0x3}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 691.767µs ago: executing program 3 (id=1701): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f00000003c0)={0x15, 0x110, 0xfa00, {r1, 0x6, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x1686, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x22}}}, @ib={0x1b, 0x0, 0x0, {"7d03000000000000000000000700"}, 0x3}}}, 0x118) 462.784µs ago: executing program 3 (id=1702): mknod(&(0x7f0000000080)='./bus\x00', 0x4, 0x6) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='ext2\x00', 0x8080, &(0x7f00000001c0)='discard') r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) sendfile(r0, r1, 0x0, 0x201f00) r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x20000000, 0x10000, 0x4, 0x2, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x4, 0x1, 0x6, 0x64, 0x101, 0x0, 0x1a449, 0x3, 0x86c, 0x89, 0x80caa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]}) 0s ago: executing program 0 (id=1703): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0a00000016000000b30005000000000887180000dbc6c37b143a186592abd580ffe99de34c761507a17b59e690a73c6c", @ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32], 0x48) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) kernel console output (not intermixed with test programs): pages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 60.724183][ T6839] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 60.727084][ T6839] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 60.729802][ T6839] 44539 total pagecache pages [ 60.731276][ T6839] 0 pages in swap cache [ 60.732907][ T6839] Free swap = 124996kB [ 60.734188][ T6839] Total swap = 124996kB [ 60.735484][ T6839] 1048443 pages RAM [ 60.736703][ T6839] 0 pages HighMem/MovableOnly [ 60.738181][ T6839] 283040 pages reserved [ 60.739492][ T6839] 0 pages cma reserved [ 60.780702][ T6870] netlink: 16 bytes leftover after parsing attributes in process `syz.1.299'. [ 60.785344][ T6870] team0: No ports can be present during mode change [ 60.789123][ T6870] vlan0: entered promiscuous mode [ 60.799247][ T6870] team0: Port device vlan0 added [ 60.804150][ T6870] tipc: Enabling of bearer rejected, already enabled [ 60.837639][ T6876] netlink: 'syz.3.301': attribute type 1 has an invalid length. [ 60.892993][ T40] kauditd_printk_skb: 58 callbacks suppressed [ 60.893004][ T40] audit: type=1400 audit(2000000007.779:348): avc: denied { setopt } for pid=6882 comm="syz.0.303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 60.901071][ T40] audit: type=1400 audit(2000000007.779:349): avc: denied { read write } for pid=6873 comm="syz.1.302" name="uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 60.906408][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.908607][ T40] audit: type=1400 audit(2000000007.779:350): avc: denied { open } for pid=6873 comm="syz.1.302" path="/dev/uhid" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 60.910607][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.921011][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.926241][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.928593][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.931012][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.933731][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.936072][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.938372][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.940690][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.943323][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.945713][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.948090][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.953487][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.954952][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.956126][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.958516][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.961034][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.966476][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.968816][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.969013][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.971166][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.973718][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.976218][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.978215][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.981306][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.983883][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.987827][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.988772][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 60.991854][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.991877][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 60.997462][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.001152][ T40] audit: type=1326 audit(2000000007.879:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6873 comm="syz.1.302" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe27a38e9a9 code=0x0 [ 61.004651][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.011476][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.014106][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.017341][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.019629][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.022566][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.024863][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.028627][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.030344][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.035587][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.036366][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.037915][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.040489][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.043031][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.045177][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.047427][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.050006][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.054346][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.055840][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.058555][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.060901][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.063474][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.065575][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.067870][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.067884][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.067897][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.071276][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.073312][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.080841][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.085861][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.089199][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.089407][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.091523][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.091538][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.091550][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.091562][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.091574][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: unknown main item tag 0x0 [ 61.094517][ T34] hid-generic 0000:5E45:FFFFFFFE.0003: hidraw1: HID vffffff.fd Device [syz1] on syz0 [ 61.095034][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.115101][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.125433][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.131899][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.136630][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.142292][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.147047][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.152672][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.155341][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.158077][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.159331][ T6903] fido_id[6903]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 61.160836][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.169780][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.172250][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.175078][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.178003][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.180461][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.182944][ T10] hid-generic 0000:007F:FFFFFFFE.0004: unknown main item tag 0x0 [ 61.189578][ T10] hid-generic 0000:007F:FFFFFFFE.0004: hidraw1: HID v0.00 Device [syz1] on syz0 [ 61.227000][ T6910] fido_id[6910]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 61.250534][ T40] audit: type=1400 audit(2000000008.129:352): avc: denied { write } for pid=6891 comm="syz.2.306" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 61.259779][ T40] audit: type=1400 audit(2000000008.129:353): avc: denied { open } for pid=6891 comm="syz.2.306" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 61.323976][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 61.709222][ T6937] trusted_key: syz.3.324 sent an empty control message without MSG_MORE. [ 61.742155][ T40] audit: type=1400 audit(2000000008.619:354): avc: denied { ioctl } for pid=6938 comm="syz.3.326" path="socket:[12989]" dev="sockfs" ino=12989 ioctlcmd=0x7452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 61.817027][ T6947] tipc: Enabling of bearer rejected, already enabled [ 61.895802][ T40] audit: type=1400 audit(2000000008.779:355): avc: denied { read } for pid=6952 comm="syz.1.331" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 61.901924][ T6949] tmpfs: Bad value for 'grpquota_inode_hardlimit' [ 61.905585][ T40] audit: type=1400 audit(2000000008.779:356): avc: denied { open } for pid=6952 comm="syz.1.331" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 61.908579][ T6949] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6949 comm=syz.3.329 [ 61.914541][ T40] audit: type=1400 audit(2000000008.779:357): avc: denied { nlmsg_read } for pid=6948 comm="syz.3.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 61.918866][ T6949] netlink: 24 bytes leftover after parsing attributes in process `syz.3.329'. [ 61.952944][ T6956] netlink: 60 bytes leftover after parsing attributes in process `syz.1.331'. [ 62.035924][ T6962] FAULT_INJECTION: forcing a failure. [ 62.035924][ T6962] name failslab, interval 1, probability 0, space 0, times 0 [ 62.039777][ T6962] CPU: 3 UID: 0 PID: 6962 Comm: syz.2.334 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 62.039792][ T6962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.039798][ T6962] Call Trace: [ 62.039802][ T6962] [ 62.039806][ T6962] dump_stack_lvl+0x16c/0x1f0 [ 62.039827][ T6962] should_fail_ex+0x512/0x640 [ 62.039844][ T6962] ? fs_reclaim_acquire+0xae/0x150 [ 62.039858][ T6962] ? tomoyo_encode2+0x100/0x3e0 [ 62.039874][ T6962] should_failslab+0xc2/0x120 [ 62.039885][ T6962] __kmalloc_noprof+0xd2/0x510 [ 62.039902][ T6962] ? d_absolute_path+0x136/0x1a0 [ 62.039918][ T6962] tomoyo_encode2+0x100/0x3e0 [ 62.039930][ T6962] tomoyo_encode+0x29/0x50 [ 62.039939][ T6962] tomoyo_realpath_from_path+0x18f/0x6e0 [ 62.039954][ T6962] tomoyo_path_number_perm+0x245/0x580 [ 62.039969][ T6962] ? tomoyo_path_number_perm+0x237/0x580 [ 62.039985][ T6962] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 62.040002][ T6962] ? find_held_lock+0x2b/0x80 [ 62.040028][ T6962] ? find_held_lock+0x2b/0x80 [ 62.040042][ T6962] ? hook_file_ioctl_common+0x145/0x410 [ 62.040057][ T6962] ? __fget_files+0x20e/0x3c0 [ 62.040070][ T6962] security_file_ioctl+0x9b/0x240 [ 62.040089][ T6962] __x64_sys_ioctl+0xb7/0x210 [ 62.040105][ T6962] do_syscall_64+0xcd/0x4c0 [ 62.040117][ T6962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.040128][ T6962] RIP: 0033:0x7fe1b838e9a9 [ 62.040137][ T6962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.040149][ T6962] RSP: 002b:00007fe1b914c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.040160][ T6962] RAX: ffffffffffffffda RBX: 00007fe1b85b5fa0 RCX: 00007fe1b838e9a9 [ 62.040167][ T6962] RDX: 0000200000000280 RSI: 00000000c0d05605 RDI: 0000000000000003 [ 62.040173][ T6962] RBP: 00007fe1b914c090 R08: 0000000000000000 R09: 0000000000000000 [ 62.040180][ T6962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 62.040186][ T6962] R13: 0000000000000000 R14: 00007fe1b85b5fa0 R15: 00007ffcb0a30ee8 [ 62.040200][ T6962] [ 62.040209][ T6962] ERROR: Out of memory at tomoyo_realpath_from_path. [ 62.135971][ T6968] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 62.764407][ T6953] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 62.766528][ T6953] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 62.772110][ T6953] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 62.775536][ T6953] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 62.777510][ T6953] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 62.780503][ T6953] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 62.787091][ T6953] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 62.789585][ T6953] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 62.793212][ T6953] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 62.800009][ T6953] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 62.803186][ T6953] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 62.806050][ T6953] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 62.963784][ T6998] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 63.244821][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 64.023254][ T5959] Bluetooth: hci0: command 0x0c1a tx timeout [ 64.822192][ T5959] Bluetooth: hci3: command 0x0406 tx timeout [ 64.822226][ T5312] Bluetooth: hci1: command 0x0c1a tx timeout [ 64.824771][ T5959] Bluetooth: hci2: command 0x0c1a tx timeout [ 66.055776][ T7037] vivid-000: kernel_thread() failed [ 66.112140][ T5312] Bluetooth: hci0: command 0x0c1a tx timeout [ 66.126057][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.2.365'. [ 66.128866][ T7050] netlink: 4 bytes leftover after parsing attributes in process `syz.2.365'. [ 66.131958][ T7050] netlink: 8 bytes leftover after parsing attributes in process `syz.2.365'. [ 66.135065][ T7050] netlink: 4 bytes leftover after parsing attributes in process `syz.2.365'. [ 66.168055][ T7055] netlink: 'syz.3.367': attribute type 1 has an invalid length. [ 66.215588][ T7055] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 66.236601][ T7063] bpf: Bad value for 'uid' [ 66.277292][ T7065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket pid=7065 comm=syz.3.370 [ 66.284804][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 66.284813][ T40] audit: type=1400 audit(2000000013.169:361): avc: denied { mounton } for pid=7064 comm="syz.3.370" path="/96/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1 [ 66.293874][ T40] audit: type=1400 audit(2000000013.169:362): avc: denied { wake_alarm } for pid=7066 comm="syz.0.371" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 66.294874][ T7065] support for the xor transformation has been removed. [ 66.300608][ T40] audit: type=1400 audit(2000000013.169:363): avc: denied { remount } for pid=7064 comm="syz.3.370" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 66.371595][ T40] audit: type=1400 audit(2000000013.249:364): avc: denied { ioctl } for pid=7072 comm="syz.3.374" path="socket:[15499]" dev="sockfs" ino=15499 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 66.513396][ T40] audit: type=1400 audit(2000000013.389:365): avc: denied { read } for pid=7089 comm="syz.2.381" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 66.515368][ T7090] FAULT_INJECTION: forcing a failure. [ 66.515368][ T7090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 66.522198][ T40] audit: type=1400 audit(2000000013.389:366): avc: denied { open } for pid=7089 comm="syz.2.381" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 66.525373][ T7090] CPU: 0 UID: 0 PID: 7090 Comm: syz.2.381 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 66.525398][ T7090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.525409][ T7090] Call Trace: [ 66.525415][ T7090] [ 66.525422][ T7090] dump_stack_lvl+0x16c/0x1f0 [ 66.525454][ T7090] should_fail_ex+0x512/0x640 [ 66.525484][ T7090] _copy_to_user+0x32/0xd0 [ 66.525504][ T7090] msr_read+0x14e/0x250 [ 66.525526][ T7090] ? __pfx_msr_read+0x10/0x10 [ 66.525545][ T7090] ? bpf_lsm_file_permission+0x9/0x10 [ 66.525564][ T7090] ? security_file_permission+0x71/0x210 [ 66.525582][ T7090] ? rw_verify_area+0xcf/0x680 [ 66.525605][ T7090] ? __pfx_msr_read+0x10/0x10 [ 66.525624][ T7090] vfs_read+0x1e1/0xc60 [ 66.525654][ T7090] ? __pfx_vfs_read+0x10/0x10 [ 66.525677][ T7090] ? find_held_lock+0x2b/0x80 [ 66.525700][ T7090] ? __fget_files+0x204/0x3c0 [ 66.525720][ T7090] ? __fget_files+0x20e/0x3c0 [ 66.525745][ T7090] ksys_read+0x12a/0x250 [ 66.525769][ T7090] ? __pfx_ksys_read+0x10/0x10 [ 66.525801][ T7090] do_syscall_64+0xcd/0x4c0 [ 66.525826][ T7090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.525844][ T7090] RIP: 0033:0x7fe1b838e9a9 [ 66.525858][ T7090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.525875][ T7090] RSP: 002b:00007fe1b914c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 66.525892][ T7090] RAX: ffffffffffffffda RBX: 00007fe1b85b5fa0 RCX: 00007fe1b838e9a9 [ 66.525904][ T7090] RDX: 0000000000018ff8 RSI: 0000200000032680 RDI: 0000000000000004 [ 66.525915][ T7090] RBP: 00007fe1b914c090 R08: 0000000000000000 R09: 0000000000000000 [ 66.525925][ T7090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 66.525935][ T7090] R13: 0000000000000000 R14: 00007fe1b85b5fa0 R15: 00007ffcb0a30ee8 [ 66.525959][ T7090] [ 66.564756][ T7096] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 66.727367][ T40] audit: type=1400 audit(2000000013.609:367): avc: denied { connect } for pid=7107 comm="syz.0.390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 66.744661][ T7110] xfrm1: entered allmulticast mode [ 66.748964][ T40] audit: type=1400 audit(2000000013.629:368): avc: denied { write } for pid=7108 comm="syz.2.391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 66.858806][ T40] audit: type=1400 audit(2000000013.739:369): avc: denied { map } for pid=7119 comm="syz.0.396" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 66.870704][ T7121] FAULT_INJECTION: forcing a failure. [ 66.870704][ T7121] name failslab, interval 1, probability 0, space 0, times 0 [ 66.871783][ T40] audit: type=1400 audit(2000000013.739:370): avc: denied { execute } for pid=7119 comm="syz.0.396" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 66.876008][ T7121] CPU: 3 UID: 0 PID: 7121 Comm: syz.3.393 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 66.876026][ T7121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.876032][ T7121] Call Trace: [ 66.876036][ T7121] [ 66.876042][ T7121] dump_stack_lvl+0x16c/0x1f0 [ 66.876064][ T7121] should_fail_ex+0x512/0x640 [ 66.876081][ T7121] ? fs_reclaim_acquire+0xae/0x150 [ 66.876096][ T7121] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 66.876107][ T7121] should_failslab+0xc2/0x120 [ 66.876119][ T7121] __kmalloc_noprof+0xd2/0x510 [ 66.876138][ T7121] tomoyo_realpath_from_path+0xc2/0x6e0 [ 66.876150][ T7121] ? tomoyo_profile+0x47/0x60 [ 66.876164][ T7121] tomoyo_path_number_perm+0x245/0x580 [ 66.876178][ T7121] ? tomoyo_path_number_perm+0x237/0x580 [ 66.876195][ T7121] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 66.876212][ T7121] ? find_held_lock+0x2b/0x80 [ 66.876238][ T7121] ? find_held_lock+0x2b/0x80 [ 66.876256][ T7121] ? hook_file_ioctl_common+0x145/0x410 [ 66.876278][ T7121] ? __fget_files+0x20e/0x3c0 [ 66.876298][ T7121] security_file_ioctl+0x9b/0x240 [ 66.876327][ T7121] __x64_sys_ioctl+0xb7/0x210 [ 66.876352][ T7121] do_syscall_64+0xcd/0x4c0 [ 66.876370][ T7121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.876387][ T7121] RIP: 0033:0x7f4c6558e9a9 [ 66.876403][ T7121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.876417][ T7121] RSP: 002b:00007f4c653d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 66.876428][ T7121] RAX: ffffffffffffffda RBX: 00007f4c657b6080 RCX: 00007f4c6558e9a9 [ 66.876436][ T7121] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 66.876442][ T7121] RBP: 00007f4c653d6090 R08: 0000000000000000 R09: 0000000000000000 [ 66.876448][ T7121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.876455][ T7121] R13: 0000000000000001 R14: 00007f4c657b6080 R15: 00007ffc9ebcf148 [ 66.876482][ T7121] [ 66.876530][ T7121] ERROR: Out of memory at tomoyo_realpath_from_path. [ 66.902370][ T5312] Bluetooth: hci2: command 0x0c1a tx timeout [ 66.912143][ T5312] Bluetooth: hci1: command 0x0c1a tx timeout [ 66.920658][ T5959] Bluetooth: hci3: command 0x0406 tx timeout [ 67.042450][ T7137] FAULT_INJECTION: forcing a failure. [ 67.042450][ T7137] name failslab, interval 1, probability 0, space 0, times 0 [ 67.047252][ T7137] CPU: 1 UID: 0 PID: 7137 Comm: syz.2.403 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 67.047269][ T7137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.047276][ T7137] Call Trace: [ 67.047281][ T7137] [ 67.047285][ T7137] dump_stack_lvl+0x16c/0x1f0 [ 67.047321][ T7137] should_fail_ex+0x512/0x640 [ 67.047344][ T7137] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 67.047366][ T7137] should_failslab+0xc2/0x120 [ 67.047378][ T7137] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 67.047398][ T7137] ? vfs_parse_fs_string+0xc3/0x150 [ 67.047413][ T7137] kmemdup_nul+0x49/0xf0 [ 67.047432][ T7137] vfs_parse_fs_string+0xc3/0x150 [ 67.047448][ T7137] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 67.047470][ T7137] ? __pfx_udf_init_fs_context+0x10/0x10 [ 67.047495][ T7137] ? alloc_fs_context+0x59b/0x9c0 [ 67.047519][ T7137] path_mount+0x675/0x2020 [ 67.047539][ T7137] ? kmem_cache_free+0x2d1/0x4d0 [ 67.047564][ T7137] ? __pfx_path_mount+0x10/0x10 [ 67.047587][ T7137] ? putname+0x154/0x1a0 [ 67.047610][ T7137] __x64_sys_mount+0x28d/0x310 [ 67.047629][ T7137] ? __pfx___x64_sys_mount+0x10/0x10 [ 67.047656][ T7137] do_syscall_64+0xcd/0x4c0 [ 67.047674][ T7137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.047692][ T7137] RIP: 0033:0x7fe1b838e9a9 [ 67.047706][ T7137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 67.047722][ T7137] RSP: 002b:00007fe1b914c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 67.047748][ T7137] RAX: ffffffffffffffda RBX: 00007fe1b85b5fa0 RCX: 00007fe1b838e9a9 [ 67.047760][ T7137] RDX: 0000200000000040 RSI: 0000200000004a00 RDI: 0000200000000080 [ 67.047776][ T7137] RBP: 00007fe1b914c090 R08: 0000000000000000 R09: 0000000000000000 [ 67.047786][ T7137] R10: 000000000100080f R11: 0000000000000246 R12: 0000000000000002 [ 67.047797][ T7137] R13: 0000000000000000 R14: 00007fe1b85b5fa0 R15: 00007ffcb0a30ee8 [ 67.047820][ T7137] [ 67.102754][ T7141] FAULT_INJECTION: forcing a failure. [ 67.102754][ T7141] name failslab, interval 1, probability 0, space 0, times 0 [ 67.126609][ T7141] CPU: 3 UID: 0 PID: 7141 Comm: syz.1.405 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 67.126633][ T7141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.126644][ T7141] Call Trace: [ 67.126650][ T7141] [ 67.126657][ T7141] dump_stack_lvl+0x16c/0x1f0 [ 67.126689][ T7141] should_fail_ex+0x512/0x640 [ 67.126715][ T7141] ? __kmalloc_noprof+0xbf/0x510 [ 67.126743][ T7141] ? lsm_blob_alloc+0x68/0x90 [ 67.126763][ T7141] should_failslab+0xc2/0x120 [ 67.126781][ T7141] __kmalloc_noprof+0xd2/0x510 [ 67.126812][ T7141] lsm_blob_alloc+0x68/0x90 [ 67.126833][ T7141] security_sk_alloc+0x30/0x270 [ 67.126859][ T7141] sk_prot_alloc+0xfb/0x2a0 [ 67.126882][ T7141] sk_alloc+0x36/0xc20 [ 67.126907][ T7141] inet_create+0x3a1/0x1040 [ 67.126933][ T7141] ? inet_create+0x93/0x1040 [ 67.126961][ T7141] __sock_create+0x338/0x8d0 [ 67.126987][ T7141] mptcp_pm_nl_create_listen_socket+0x11b/0x760 [ 67.127015][ T7141] ? __pfx_mptcp_pm_nl_create_listen_socket+0x10/0x10 [ 67.127049][ T7141] ? mptcp_pm_nl_add_addr_doit+0x1e6/0xc80 [ 67.127081][ T7141] ? __asan_memcpy+0x3c/0x60 [ 67.127108][ T7141] mptcp_pm_nl_add_addr_doit+0x26d/0xc80 [ 67.127138][ T7141] ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10 [ 67.127180][ T7141] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 67.127204][ T7141] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 67.127233][ T7141] genl_family_rcv_msg_doit+0x206/0x2f0 [ 67.127258][ T7141] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 67.127290][ T7141] ? bpf_lsm_capable+0x9/0x10 [ 67.127311][ T7141] ? security_capable+0x7e/0x260 [ 67.127335][ T7141] ? ns_capable+0xd7/0x110 [ 67.127357][ T7141] genl_rcv_msg+0x55c/0x800 [ 67.127383][ T7141] ? __pfx_genl_rcv_msg+0x10/0x10 [ 67.127405][ T7141] ? __pfx_mptcp_pm_nl_add_addr_doit+0x10/0x10 [ 67.127441][ T7141] netlink_rcv_skb+0x155/0x420 [ 67.127460][ T7141] ? __pfx_genl_rcv_msg+0x10/0x10 [ 67.127483][ T7141] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 67.127514][ T7141] ? netlink_deliver_tap+0x1ae/0xd30 [ 67.127537][ T7141] genl_rcv+0x28/0x40 [ 67.127556][ T7141] netlink_unicast+0x58d/0x850 [ 67.127579][ T7141] ? __pfx_netlink_unicast+0x10/0x10 [ 67.127607][ T7141] netlink_sendmsg+0x8d1/0xdd0 [ 67.127631][ T7141] ? __pfx_netlink_sendmsg+0x10/0x10 [ 67.127662][ T7141] ____sys_sendmsg+0xa95/0xc70 [ 67.127684][ T7141] ? copy_msghdr_from_user+0x10a/0x160 [ 67.127710][ T7141] ? __pfx_____sys_sendmsg+0x10/0x10 [ 67.127734][ T7141] ? __lock_acquire+0xb8a/0x1c90 [ 67.127759][ T7141] ___sys_sendmsg+0x134/0x1d0 [ 67.127787][ T7141] ? __pfx____sys_sendmsg+0x10/0x10 [ 67.127847][ T7141] __sys_sendmsg+0x16d/0x220 [ 67.127874][ T7141] ? __pfx___sys_sendmsg+0x10/0x10 [ 67.127918][ T7141] do_syscall_64+0xcd/0x4c0 [ 67.127937][ T7141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.127954][ T7141] RIP: 0033:0x7fe27a38e9a9 [ 67.127970][ T7141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 67.127986][ T7141] RSP: 002b:00007fe27b27d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 67.128003][ T7141] RAX: ffffffffffffffda RBX: 00007fe27a5b5fa0 RCX: 00007fe27a38e9a9 [ 67.128015][ T7141] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006 [ 67.128025][ T7141] RBP: 00007fe27b27d090 R08: 0000000000000000 R09: 0000000000000000 [ 67.128035][ T7141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 67.128045][ T7141] R13: 0000000000000000 R14: 00007fe27a5b5fa0 R15: 00007fff22b3efe8 [ 67.128070][ T7141] [ 67.363119][ T7157] netlink: 'syz.1.411': attribute type 4 has an invalid length. [ 68.043275][ T7170] xt_policy: output policy not valid in PREROUTING and INPUT [ 68.101547][ T7176] cgroup: Name too long [ 68.182203][ T5959] Bluetooth: hci0: command 0x0c1a tx timeout [ 68.213660][ T7158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 68.340223][ T7191] FAULT_INJECTION: forcing a failure. [ 68.340223][ T7191] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.344434][ T7191] CPU: 0 UID: 0 PID: 7191 Comm: syz.1.425 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 68.344451][ T7191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.344458][ T7191] Call Trace: [ 68.344462][ T7191] [ 68.344466][ T7191] dump_stack_lvl+0x16c/0x1f0 [ 68.344488][ T7191] should_fail_ex+0x512/0x640 [ 68.344507][ T7191] _copy_to_user+0x32/0xd0 [ 68.344519][ T7191] simple_read_from_buffer+0xcb/0x170 [ 68.344538][ T7191] proc_fail_nth_read+0x197/0x270 [ 68.344555][ T7191] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 68.344572][ T7191] ? rw_verify_area+0xcf/0x680 [ 68.344587][ T7191] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 68.344603][ T7191] vfs_read+0x1e1/0xc60 [ 68.344620][ T7191] ? __pfx___mutex_lock+0x10/0x10 [ 68.344631][ T7191] ? __pfx_vfs_read+0x10/0x10 [ 68.344651][ T7191] ? __fget_files+0x20e/0x3c0 [ 68.344665][ T7191] ksys_read+0x12a/0x250 [ 68.344681][ T7191] ? __pfx_ksys_read+0x10/0x10 [ 68.344697][ T7191] ? fput+0x70/0xf0 [ 68.344710][ T7191] do_syscall_64+0xcd/0x4c0 [ 68.344722][ T7191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.344734][ T7191] RIP: 0033:0x7fe27a38d3bc [ 68.344743][ T7191] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 68.344757][ T7191] RSP: 002b:00007fe27b27d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 68.344768][ T7191] RAX: ffffffffffffffda RBX: 00007fe27a5b5fa0 RCX: 00007fe27a38d3bc [ 68.344776][ T7191] RDX: 000000000000000f RSI: 00007fe27b27d0a0 RDI: 0000000000000006 [ 68.344782][ T7191] RBP: 00007fe27b27d090 R08: 0000000000000000 R09: 0000000000000000 [ 68.344788][ T7191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.344795][ T7191] R13: 0000000000000000 R14: 00007fe27a5b5fa0 R15: 00007fff22b3efe8 [ 68.344809][ T7191] [ 68.417620][ C0] vkms_vblank_simulate: vblank timer overrun [ 68.452756][ T7194] FAULT_INJECTION: forcing a failure. [ 68.452756][ T7194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.458228][ T7194] CPU: 0 UID: 0 PID: 7194 Comm: syz.1.426 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 68.458252][ T7194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.458263][ T7194] Call Trace: [ 68.458270][ T7194] [ 68.458277][ T7194] dump_stack_lvl+0x16c/0x1f0 [ 68.458309][ T7194] should_fail_ex+0x512/0x640 [ 68.458339][ T7194] _copy_from_user+0x2e/0xd0 [ 68.458358][ T7194] bpf_prog_load+0x1a8d/0x2490 [ 68.458389][ T7194] ? __pfx_bpf_prog_load+0x10/0x10 [ 68.458410][ T7194] ? avc_has_perm_noaudit+0x149/0x3b0 [ 68.458450][ T7194] ? selinux_bpf+0xde/0x130 [ 68.458471][ T7194] ? bpf_lsm_bpf+0x9/0x10 [ 68.458495][ T7194] __sys_bpf+0x4d1a/0x4ea0 [ 68.458522][ T7194] ? __pfx___sys_bpf+0x10/0x10 [ 68.458547][ T7194] ? ksys_write+0x190/0x250 [ 68.458596][ T7194] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 68.458629][ T7194] ? fput+0x70/0xf0 [ 68.458648][ T7194] ? ksys_write+0x1ac/0x250 [ 68.458672][ T7194] ? __pfx_ksys_write+0x10/0x10 [ 68.458701][ T7194] __x64_sys_bpf+0x78/0xc0 [ 68.458725][ T7194] ? lockdep_hardirqs_on+0x7c/0x110 [ 68.458751][ T7194] do_syscall_64+0xcd/0x4c0 [ 68.458770][ T7194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.458787][ T7194] RIP: 0033:0x7fe27a38e9a9 [ 68.458802][ T7194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.458818][ T7194] RSP: 002b:00007fe27b27d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 68.458837][ T7194] RAX: ffffffffffffffda RBX: 00007fe27a5b5fa0 RCX: 00007fe27a38e9a9 [ 68.458849][ T7194] RDX: 0000000000000094 RSI: 0000200000000380 RDI: 0000000000000005 [ 68.458860][ T7194] RBP: 00007fe27b27d090 R08: 0000000000000000 R09: 0000000000000000 [ 68.458871][ T7194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.458882][ T7194] R13: 0000000000000000 R14: 00007fe27a5b5fa0 R15: 00007fff22b3efe8 [ 68.458906][ T7194] [ 68.543015][ C0] vkms_vblank_simulate: vblank timer overrun [ 68.757288][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 68.844072][ T7217] FAULT_INJECTION: forcing a failure. [ 68.844072][ T7217] name failslab, interval 1, probability 0, space 0, times 0 [ 68.851962][ T7217] CPU: 1 UID: 0 PID: 7217 Comm: syz.2.437 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 68.851978][ T7217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.851985][ T7217] Call Trace: [ 68.851989][ T7217] [ 68.851993][ T7217] dump_stack_lvl+0x16c/0x1f0 [ 68.852028][ T7217] should_fail_ex+0x512/0x640 [ 68.852045][ T7217] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 68.852064][ T7217] should_failslab+0xc2/0x120 [ 68.852076][ T7217] __kmalloc_cache_noprof+0x6a/0x3e0 [ 68.852091][ T7217] ? rtnl_newlink+0x11b/0x2000 [ 68.852102][ T7217] ? __lock_acquire+0x622/0x1c90 [ 68.852114][ T7217] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.852123][ T7217] rtnl_newlink+0x11b/0x2000 [ 68.852139][ T7217] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.852148][ T7217] ? find_held_lock+0x2b/0x80 [ 68.852167][ T7217] ? avc_has_perm_noaudit+0x117/0x3b0 [ 68.852193][ T7217] ? avc_has_perm_noaudit+0x149/0x3b0 [ 68.852224][ T7217] ? __lock_acquire+0x622/0x1c90 [ 68.852247][ T7217] ? find_held_lock+0x2b/0x80 [ 68.852260][ T7217] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.852270][ T7217] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.852280][ T7217] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 68.852291][ T7217] ? __pfx_rtnl_newlink+0x10/0x10 [ 68.852301][ T7217] rtnetlink_rcv_msg+0x95e/0xe90 [ 68.852314][ T7217] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 68.852329][ T7217] ? ref_tracker_free+0x37c/0x830 [ 68.852348][ T7217] netlink_rcv_skb+0x155/0x420 [ 68.852361][ T7217] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 68.852372][ T7217] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 68.852390][ T7217] ? netlink_deliver_tap+0x1ae/0xd30 [ 68.852404][ T7217] netlink_unicast+0x58d/0x850 [ 68.852419][ T7217] ? __pfx_netlink_unicast+0x10/0x10 [ 68.852435][ T7217] netlink_sendmsg+0x8d1/0xdd0 [ 68.852449][ T7217] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.852467][ T7217] ____sys_sendmsg+0xa95/0xc70 [ 68.852480][ T7217] ? copy_msghdr_from_user+0x10a/0x160 [ 68.852498][ T7217] ? __pfx_____sys_sendmsg+0x10/0x10 [ 68.852518][ T7217] ___sys_sendmsg+0x134/0x1d0 [ 68.852536][ T7217] ? __pfx____sys_sendmsg+0x10/0x10 [ 68.852551][ T7217] ? __lock_acquire+0x622/0x1c90 [ 68.852578][ T7217] __sys_sendmsg+0x16d/0x220 [ 68.852596][ T7217] ? __pfx___sys_sendmsg+0x10/0x10 [ 68.852622][ T7217] do_syscall_64+0xcd/0x4c0 [ 68.852633][ T7217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.852645][ T7217] RIP: 0033:0x7fe1b838e9a9 [ 68.852654][ T7217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.852665][ T7217] RSP: 002b:00007fe1b914c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.852675][ T7217] RAX: ffffffffffffffda RBX: 00007fe1b85b5fa0 RCX: 00007fe1b838e9a9 [ 68.852683][ T7217] RDX: 0000000000000080 RSI: 0000200000000000 RDI: 000000000000000c [ 68.852689][ T7217] RBP: 00007fe1b914c090 R08: 0000000000000000 R09: 0000000000000000 [ 68.852696][ T7217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.852702][ T7217] R13: 0000000000000000 R14: 00007fe1b85b5fa0 R15: 00007ffcb0a30ee8 [ 68.852716][ T7217] [ 68.982230][ T5959] Bluetooth: hci2: command 0x0c1a tx timeout [ 68.992108][ T5959] Bluetooth: hci1: command 0x0c1a tx timeout [ 68.992171][ T5312] Bluetooth: hci3: command 0x0406 tx timeout [ 69.054381][ T7233] netlink: 'syz.2.444': attribute type 1 has an invalid length. [ 69.074101][ T7233] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link [ 69.077732][ T7233] FAULT_INJECTION: forcing a failure. [ 69.077732][ T7233] name failslab, interval 1, probability 0, space 0, times 0 [ 69.081826][ T7233] CPU: 3 UID: 0 PID: 7233 Comm: syz.2.444 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 69.081841][ T7233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.081848][ T7233] Call Trace: [ 69.081852][ T7233] [ 69.081857][ T7233] dump_stack_lvl+0x16c/0x1f0 [ 69.081878][ T7233] should_fail_ex+0x512/0x640 [ 69.081894][ T7233] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 69.081913][ T7233] should_failslab+0xc2/0x120 [ 69.081925][ T7233] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 69.081942][ T7233] ? __kernfs_new_node+0xd2/0x8e0 [ 69.081955][ T7233] __kernfs_new_node+0xd2/0x8e0 [ 69.081968][ T7233] ? __pfx___kernfs_new_node+0x10/0x10 [ 69.081982][ T7233] ? find_held_lock+0x2b/0x80 [ 69.082014][ T7233] ? kernfs_root+0xee/0x2a0 [ 69.082028][ T7233] kernfs_new_node+0x13c/0x1e0 [ 69.082045][ T7233] __kernfs_create_file+0x53/0x350 [ 69.082062][ T7233] sysfs_add_file_mode_ns+0x207/0x3c0 [ 69.082083][ T7233] internal_create_group+0x578/0xf30 [ 69.082098][ T7233] ? __pfx_internal_create_group+0x10/0x10 [ 69.082112][ T7233] ? kernfs_create_link+0x1bd/0x240 [ 69.082130][ T7233] internal_create_groups+0x9d/0x150 [ 69.082143][ T7233] device_add+0x6d1/0x1a70 [ 69.082158][ T7233] ? __pfx_device_add+0x10/0x10 [ 69.082170][ T7233] ? lockdep_init_map_type+0x5c/0x280 [ 69.082181][ T7233] ? __init_waitqueue_head+0xca/0x150 [ 69.082200][ T7233] netdev_register_kobject+0x182/0x3a0 [ 69.082215][ T7233] register_netdevice+0x13dc/0x2270 [ 69.082230][ T7233] ? __pfx_register_netdevice+0x10/0x10 [ 69.082243][ T7233] ? dev_addr_mod+0x316/0x540 [ 69.082259][ T7233] veth_newlink+0x30f/0xa00 [ 69.082276][ T7233] ? __pfx_veth_newlink+0x10/0x10 [ 69.082289][ T7233] ? ____sys_sendmsg+0xa95/0xc70 [ 69.082325][ T7233] ? validate_linkmsg+0x57c/0xb60 [ 69.082337][ T7233] ? __pfx_validate_linkmsg+0x10/0x10 [ 69.082347][ T7233] ? alloc_netdev_mqs+0xe7e/0x1570 [ 69.082361][ T7233] ? rtnl_create_link+0xa4a/0xf90 [ 69.082371][ T7233] ? __pfx_veth_newlink+0x10/0x10 [ 69.082386][ T7233] rtnl_newlink+0xc42/0x2000 [ 69.082401][ T7233] ? __pfx_rtnl_newlink+0x10/0x10 [ 69.082410][ T7233] ? find_held_lock+0x2b/0x80 [ 69.082436][ T7233] ? avc_has_perm_noaudit+0x117/0x3b0 [ 69.082453][ T7233] ? avc_has_perm_noaudit+0x149/0x3b0 [ 69.082479][ T7233] ? find_held_lock+0x2b/0x80 [ 69.082492][ T7233] ? __pfx_rtnl_newlink+0x10/0x10 [ 69.082502][ T7233] ? __pfx_rtnl_newlink+0x10/0x10 [ 69.082511][ T7233] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 69.082522][ T7233] ? __pfx_rtnl_newlink+0x10/0x10 [ 69.082533][ T7233] rtnetlink_rcv_msg+0x95e/0xe90 [ 69.082562][ T7233] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 69.082578][ T7233] ? ref_tracker_free+0x37c/0x830 [ 69.082597][ T7233] netlink_rcv_skb+0x155/0x420 [ 69.082609][ T7233] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 69.082621][ T7233] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 69.082639][ T7233] ? netlink_deliver_tap+0x1ae/0xd30 [ 69.082654][ T7233] netlink_unicast+0x58d/0x850 [ 69.082668][ T7233] ? __pfx_netlink_unicast+0x10/0x10 [ 69.082684][ T7233] netlink_sendmsg+0x8d1/0xdd0 [ 69.082699][ T7233] ? __pfx_netlink_sendmsg+0x10/0x10 [ 69.082717][ T7233] ____sys_sendmsg+0xa95/0xc70 [ 69.082731][ T7233] ? copy_msghdr_from_user+0x10a/0x160 [ 69.082748][ T7233] ? __pfx_____sys_sendmsg+0x10/0x10 [ 69.082768][ T7233] ___sys_sendmsg+0x134/0x1d0 [ 69.082786][ T7233] ? __pfx____sys_sendmsg+0x10/0x10 [ 69.082801][ T7233] ? __lock_acquire+0x622/0x1c90 [ 69.082829][ T7233] __sys_sendmsg+0x16d/0x220 [ 69.082846][ T7233] ? __pfx___sys_sendmsg+0x10/0x10 [ 69.082873][ T7233] do_syscall_64+0xcd/0x4c0 [ 69.082885][ T7233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.082897][ T7233] RIP: 0033:0x7fe1b838e9a9 [ 69.082906][ T7233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.082917][ T7233] RSP: 002b:00007fe1b914c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.082928][ T7233] RAX: ffffffffffffffda RBX: 00007fe1b85b5fa0 RCX: 00007fe1b838e9a9 [ 69.082935][ T7233] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000005 [ 69.082942][ T7233] RBP: 00007fe1b914c090 R08: 0000000000000000 R09: 0000000000000000 [ 69.082948][ T7233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 69.082954][ T7233] R13: 0000000000000000 R14: 00007fe1b85b5fa0 R15: 00007ffcb0a30ee8 [ 69.082968][ T7233] [ 69.660725][ T7266] netlink: 12 bytes leftover after parsing attributes in process `syz.1.453'. [ 69.675326][ T7268] openvswitch: netlink: Key type 4618 is out of range max 32 [ 69.679251][ T7268] netlink: 16170 bytes leftover after parsing attributes in process `syz.3.458'. [ 69.823106][ T7276] netlink: 32 bytes leftover after parsing attributes in process `syz.3.461'. [ 70.237073][ T7294] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=65044 sclass=netlink_tcpdiag_socket pid=7294 comm=syz.3.468 [ 70.258310][ T7293] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 70.308883][ T7297] netlink: 80 bytes leftover after parsing attributes in process `syz.3.469'. [ 70.341015][ T7297] sp0: Synchronizing with TNC [ 71.065470][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.067487][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.554166][ T7318] netlink: 'syz.3.473': attribute type 4 has an invalid length. [ 71.738095][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 71.738111][ T40] audit: type=1400 audit(2000000018.619:382): avc: denied { ioctl } for pid=7329 comm="syz.3.478" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 71.810071][ T7333] ntfs3(nullb0): Primary boot signature is not NTFS. [ 71.816100][ T7333] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00 [ 71.875513][ T40] audit: type=1400 audit(2000000018.759:383): avc: denied { connect } for pid=7336 comm="syz.0.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 71.885844][ T40] audit: type=1400 audit(2000000018.779:384): avc: denied { read } for pid=7336 comm="syz.0.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 71.995370][ T7350] netlink: 'syz.2.485': attribute type 4 has an invalid length. [ 72.037047][ T7354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.488'. [ 72.040852][ T7354] netlink: 12 bytes leftover after parsing attributes in process `syz.0.488'. [ 72.045172][ T7354] netlink: 'syz.0.488': attribute type 12 has an invalid length. [ 72.214475][ T7366] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 72.327624][ T7374] FAULT_INJECTION: forcing a failure. [ 72.327624][ T7374] name failslab, interval 1, probability 0, space 0, times 0 [ 72.331964][ T7374] CPU: 0 UID: 0 PID: 7374 Comm: syz.0.498 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 72.331993][ T7374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.332018][ T7374] Call Trace: [ 72.332025][ T7374] [ 72.332031][ T7374] dump_stack_lvl+0x16c/0x1f0 [ 72.332063][ T7374] should_fail_ex+0x512/0x640 [ 72.332088][ T7374] ? fs_reclaim_acquire+0xae/0x150 [ 72.332113][ T7374] should_failslab+0xc2/0x120 [ 72.332130][ T7374] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 72.332157][ T7374] ? security_inode_alloc+0x3b/0x2b0 [ 72.332190][ T7374] security_inode_alloc+0x3b/0x2b0 [ 72.332216][ T7374] inode_init_always_gfp+0xce4/0x1030 [ 72.332235][ T7374] ? __pfx_ovl_inode_set+0x10/0x10 [ 72.332254][ T7374] alloc_inode+0x86/0x240 [ 72.332274][ T7374] iget5_locked+0x338/0x3d0 [ 72.332295][ T7374] ? __pfx_ovl_inode_test+0x10/0x10 [ 72.332315][ T7374] ? __pfx_ovl_inode_set+0x10/0x10 [ 72.332338][ T7374] ? __pfx_iget5_locked+0x10/0x10 [ 72.332364][ T7374] ? __lock_acquire+0xb8a/0x1c90 [ 72.332390][ T7374] ovl_get_inode+0xce9/0x13d0 [ 72.332420][ T7374] ? __pfx_ovl_get_inode+0x10/0x10 [ 72.332446][ T7374] ? do_raw_spin_unlock+0x172/0x230 [ 72.332467][ T7374] ? _raw_spin_unlock+0x28/0x50 [ 72.332495][ T7374] ovl_lookup+0xda8/0x21a0 [ 72.332528][ T7374] ? __pfx_ovl_lookup+0x10/0x10 [ 72.332553][ T7374] ? d_alloc_parallel+0x6ae/0x12e0 [ 72.332597][ T7374] ? lockdep_init_map_type+0x5c/0x280 [ 72.332620][ T7374] __lookup_slow+0x251/0x460 [ 72.332642][ T7374] ? __pfx___lookup_slow+0x10/0x10 [ 72.332682][ T7374] ? lookup_fast+0x156/0x610 [ 72.332709][ T7374] walk_component+0x353/0x5b0 [ 72.332736][ T7374] path_lookupat+0x142/0x6d0 [ 72.332765][ T7374] filename_lookup+0x224/0x5f0 [ 72.332793][ T7374] ? __pfx_filename_lookup+0x10/0x10 [ 72.332843][ T7374] ? getname_flags.part.0+0x1c5/0x550 [ 72.332870][ T7374] user_path_at+0x3a/0x60 [ 72.332897][ T7374] do_fchownat+0xf9/0x200 [ 72.332917][ T7374] ? __pfx_do_fchownat+0x10/0x10 [ 72.332934][ T7374] ? ksys_write+0x1ac/0x250 [ 72.332958][ T7374] ? __pfx_ksys_write+0x10/0x10 [ 72.332994][ T7374] __x64_sys_chown+0x7b/0xc0 [ 72.333011][ T7374] ? lockdep_hardirqs_on+0x7c/0x110 [ 72.333037][ T7374] do_syscall_64+0xcd/0x4c0 [ 72.333055][ T7374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.333073][ T7374] RIP: 0033:0x7f76b838e9a9 [ 72.333088][ T7374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.333104][ T7374] RSP: 002b:00007f76b921b038 EFLAGS: 00000246 ORIG_RAX: 000000000000005c [ 72.333121][ T7374] RAX: ffffffffffffffda RBX: 00007f76b85b5fa0 RCX: 00007f76b838e9a9 [ 72.333132][ T7374] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 72.333143][ T7374] RBP: 00007f76b921b090 R08: 0000000000000000 R09: 0000000000000000 [ 72.333153][ T7374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 72.333163][ T7374] R13: 0000000000000000 R14: 00007f76b85b5fa0 R15: 00007ffc531d8f88 [ 72.333188][ T7374] [ 72.444539][ C0] vkms_vblank_simulate: vblank timer overrun [ 72.449942][ T7374] overlayfs: failed to get inode (-12) [ 72.627016][ T40] audit: type=1400 audit(2000000019.509:385): avc: denied { write } for pid=7398 comm="syz.3.510" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 72.630800][ T7400] vivid-000: ================= START STATUS ================= [ 72.636921][ T7400] vivid-000: Test Pattern: 75% Colorbar [ 72.639270][ T7400] vivid-000: Fill Percentage of Frame: 100 [ 72.641126][ T7400] vivid-000: Horizontal Movement: No Movement [ 72.644245][ T7400] vivid-000: Vertical Movement: No Movement [ 72.646112][ T7400] vivid-000: OSD Text Mode: All [ 72.647657][ T7400] vivid-000: Show Border: false [ 72.649187][ T7400] vivid-000: Show Square: false [ 72.651545][ T7400] vivid-000: Sensor Flipped Horizontally: false [ 72.653685][ T7400] vivid-000: Sensor Flipped Vertically: false [ 72.655599][ T7400] vivid-000: Insert SAV Code in Image: false [ 72.657466][ T7400] vivid-000: Insert EAV Code in Image: false [ 72.659339][ T7400] vivid-000: Insert Video Guard Band: false [ 72.661535][ T7400] vivid-000: Reduced Framerate: false [ 72.663384][ T7400] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 72.665739][ T7400] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 72.668173][ T7400] vivid-000: Enable Capture Cropping: true [ 72.670049][ T7400] vivid-000: Enable Capture Composing: true [ 72.671904][ T7400] vivid-000: Enable Capture Scaler: true [ 72.673748][ T7400] vivid-000: Timestamp Source: End of Frame [ 72.675625][ T7400] vivid-000: Colorspace: sRGB [ 72.677132][ T7400] vivid-000: Transfer Function: Default [ 72.678872][ T7400] vivid-000: Y'CbCr Encoding: Default [ 72.680608][ T7400] vivid-000: HSV Encoding: Hue 0-179 [ 72.682965][ T7400] vivid-000: Quantization: Default [ 72.684605][ T7400] vivid-000: Apply Alpha To Red Only: false [ 72.686440][ T7400] vivid-000: Standard Aspect Ratio: 4x3 [ 72.688173][ T7400] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 72.690564][ T7400] vivid-000: DV Timings: 640x480p59 inactive [ 72.692854][ T7400] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 72.695539][ T7400] vivid-000: Maximum EDID Blocks: 2 [ 72.697299][ T7400] vivid-000: Limited RGB Range (16-235): false [ 72.699847][ T7400] vivid-000: Rx RGB Quantization Range: Automatic [ 72.703253][ T7400] vivid-000: Power Present: 0x00000001 [ 72.705050][ T7400] tpg source WxH: 320x180 (Y'CbCr) [ 72.706803][ T7400] tpg field: 1 [ 72.707996][ T7400] tpg crop: (0,0)/320x180 [ 72.709440][ T7400] tpg compose: (0,0)/320x180 [ 72.710980][ T7400] tpg colorspace: 8 [ 72.712445][ T7400] tpg transfer function: 0/0 [ 72.714217][ T7400] tpg Y'CbCr encoding: 0/0 [ 72.715697][ T7400] tpg quantization: 0/0 [ 72.717036][ T7400] tpg RGB range: 0/2 [ 72.718394][ T7400] vivid-000: ================== END STATUS ================== [ 72.772082][ T29] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 72.868957][ T40] audit: type=1400 audit(2000000019.749:386): avc: denied { execute } for pid=7420 comm="syz.0.519" name="file1" dev="tmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 72.870264][ T7423] FAULT_INJECTION: forcing a failure. [ 72.870264][ T7423] name failslab, interval 1, probability 0, space 0, times 0 [ 72.881984][ T40] audit: type=1400 audit(2000000019.749:387): avc: denied { execute_no_trans } for pid=7420 comm="syz.0.519" path="/122/file1" dev="tmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 72.885379][ T7423] CPU: 1 UID: 0 PID: 7423 Comm: syz.0.519 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 72.885395][ T7423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.885402][ T7423] Call Trace: [ 72.885406][ T7423] [ 72.885410][ T7423] dump_stack_lvl+0x16c/0x1f0 [ 72.885432][ T7423] should_fail_ex+0x512/0x640 [ 72.885449][ T7423] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 72.885468][ T7423] should_failslab+0xc2/0x120 [ 72.885480][ T7423] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 72.885497][ T7423] ? proc_alloc_inode+0x25/0x200 [ 72.885511][ T7423] ? __pfx_proc_alloc_inode+0x10/0x10 [ 72.885521][ T7423] proc_alloc_inode+0x25/0x200 [ 72.885532][ T7423] alloc_inode+0x64/0x240 [ 72.885546][ T7423] new_inode+0x22/0x1c0 [ 72.885560][ T7423] proc_pid_make_inode+0x22/0x160 [ 72.885572][ T7423] proc_pident_instantiate+0x85/0x320 [ 72.885585][ T7423] proc_pident_lookup+0x21d/0x290 [ 72.885600][ T7423] __lookup_slow+0x251/0x460 [ 72.885615][ T7423] ? __pfx___lookup_slow+0x10/0x10 [ 72.885638][ T7423] ? lookup_fast+0x156/0x610 [ 72.885655][ T7423] walk_component+0x353/0x5b0 [ 72.885676][ T7423] link_path_walk+0x627/0xe20 [ 72.885697][ T7423] path_openat+0x1b0/0x2cb0 [ 72.885705][ T7423] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.885722][ T7423] ? __pfx_path_openat+0x10/0x10 [ 72.885749][ T7423] ? __lock_acquire+0xb8a/0x1c90 [ 72.885761][ T7423] do_filp_open+0x20b/0x470 [ 72.885771][ T7423] ? __pfx_do_filp_open+0x10/0x10 [ 72.885786][ T7423] ? __pfx_kfree_link+0x10/0x10 [ 72.885805][ T7423] ? alloc_fd+0x471/0x7d0 [ 72.885827][ T7423] do_sys_openat2+0x11b/0x1d0 [ 72.885840][ T7423] ? __pfx_do_sys_openat2+0x10/0x10 [ 72.885854][ T7423] ? __fget_files+0x20e/0x3c0 [ 72.885866][ T7423] __x64_sys_openat+0x174/0x210 [ 72.885879][ T7423] ? __pfx___x64_sys_openat+0x10/0x10 [ 72.885892][ T7423] ? ksys_write+0x1ac/0x250 [ 72.885913][ T7423] do_syscall_64+0xcd/0x4c0 [ 72.885925][ T7423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.885935][ T7423] RIP: 0033:0x7f76b838d310 [ 72.885945][ T7423] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 72.885955][ T7423] RSP: 002b:00007f76b921af10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 72.885966][ T7423] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f76b838d310 [ 72.885973][ T7423] RDX: 0000000000000002 RSI: 00007f76b921afa0 RDI: 00000000ffffff9c [ 72.885980][ T7423] RBP: 00007f76b921afa0 R08: 0000000000000000 R09: 0000000000000000 [ 72.885986][ T7423] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 72.885992][ T7423] R13: 0000000000000000 R14: 00007f76b85b5fa0 R15: 00007ffc531d8f88 [ 72.886006][ T7423] [ 72.933533][ T29] usb 7-1: config 0 has no interfaces? [ 72.997191][ T29] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 73.000508][ T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.011137][ T29] usb 7-1: config 0 descriptor?? [ 73.217296][ T9] usb 7-1: USB disconnect, device number 2 [ 73.321657][ T7457] FAULT_INJECTION: forcing a failure. [ 73.321657][ T7457] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 73.327955][ T7457] CPU: 1 UID: 0 PID: 7457 Comm: syz.1.536 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 73.327980][ T7457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.327992][ T7457] Call Trace: [ 73.327999][ T7457] [ 73.328007][ T7457] dump_stack_lvl+0x16c/0x1f0 [ 73.328040][ T7457] should_fail_ex+0x512/0x640 [ 73.328071][ T7457] _copy_from_user+0x2e/0xd0 [ 73.328090][ T7457] snd_seq_event_dup+0x73d/0x900 [ 73.328121][ T7457] ? __pfx_snd_seq_event_dup+0x10/0x10 [ 73.328143][ T7457] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 73.328168][ T7457] ? lockdep_hardirqs_on+0x7c/0x110 [ 73.328194][ T7457] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 73.328223][ T7457] snd_seq_client_enqueue_event.constprop.0+0x210/0x440 [ 73.328247][ T7457] ? __pfx_snd_seq_client_enqueue_event.constprop.0+0x10/0x10 [ 73.328272][ T7457] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.328297][ T7457] snd_seq_write+0x361/0x6d0 [ 73.328323][ T7457] ? __pfx_snd_seq_write+0x10/0x10 [ 73.328345][ T7457] ? bpf_lsm_file_permission+0x9/0x10 [ 73.328365][ T7457] ? security_file_permission+0x71/0x210 [ 73.328384][ T7457] ? rw_verify_area+0xcf/0x680 [ 73.328409][ T7457] ? __pfx_snd_seq_write+0x10/0x10 [ 73.328425][ T7457] vfs_write+0x2a0/0x1150 [ 73.328455][ T7457] ? __pfx_vfs_write+0x10/0x10 [ 73.328477][ T7457] ? find_held_lock+0x2b/0x80 [ 73.328500][ T7457] ? __fget_files+0x204/0x3c0 [ 73.328520][ T7457] ? __fget_files+0x20e/0x3c0 [ 73.328544][ T7457] ksys_write+0x1f8/0x250 [ 73.328568][ T7457] ? __pfx_ksys_write+0x10/0x10 [ 73.328594][ T7457] ? fput+0x70/0xf0 [ 73.328617][ T7457] do_syscall_64+0xcd/0x4c0 [ 73.328635][ T7457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.328652][ T7457] RIP: 0033:0x7fe27a38e9a9 [ 73.328667][ T7457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.328683][ T7457] RSP: 002b:00007fe27b27d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 73.328700][ T7457] RAX: ffffffffffffffda RBX: 00007fe27a5b5fa0 RCX: 00007fe27a38e9a9 [ 73.328711][ T7457] RDX: 000000000000ffc8 RSI: 0000200000000000 RDI: 0000000000000003 [ 73.328727][ T7457] RBP: 00007fe27b27d090 R08: 0000000000000000 R09: 0000000000000000 [ 73.328737][ T7457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 73.328747][ T7457] R13: 0000000000000000 R14: 00007fe27a5b5fa0 R15: 00007fff22b3efe8 [ 73.328771][ T7457] [ 73.565570][ T7469] can0: slcan on ttyS3. [ 73.632851][ T7469] can0 (unregistered): slcan off ttyS3. [ 73.634012][ T7474] netlink: 'syz.3.544': attribute type 4 has an invalid length. [ 73.865014][ T7495] netlink: 'syz.1.554': attribute type 4 has an invalid length. [ 73.956777][ T7505] bond1: entered promiscuous mode [ 74.122312][ T7524] netlink: 'syz.1.566': attribute type 4 has an invalid length. [ 74.237207][ T7533] netlink: 'syz.1.571': attribute type 27 has an invalid length. [ 74.284413][ T40] audit: type=1400 audit(2000000021.169:388): avc: denied { ioctl } for pid=7536 comm="syz.0.573" path="socket:[17982]" dev="sockfs" ino=17982 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 74.304559][ T7533] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.307118][ T7533] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.326525][ T7533] tipc: Resetting bearer [ 74.464008][ T7533] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 74.476479][ T7533] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 74.529065][ T7533] vlan0: left promiscuous mode [ 74.565694][ T7533] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.568488][ T7533] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.571220][ T7533] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.574347][ T7533] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.664256][ T7553] netlink: 'syz.0.578': attribute type 4 has an invalid length. [ 74.758369][ T7557] Device name not specified. [ 74.758369][ T7557] [ 74.875109][ T7574] netlink: 'syz.3.588': attribute type 27 has an invalid length. [ 74.905041][ T7574] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.908127][ T7574] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.968607][ T7574] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 74.980187][ T7574] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.023741][ T7574] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.026755][ T7574] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.029772][ T7574] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.032814][ T7574] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.065770][ T7580] netlink: 'syz.2.589': attribute type 4 has an invalid length. [ 75.369338][ T40] audit: type=1400 audit(2000000022.249:389): avc: denied { write } for pid=7622 comm="syz.3.608" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 75.397317][ T7624] netlink: 12 bytes leftover after parsing attributes in process `syz.3.608'. [ 75.431944][ T40] audit: type=1400 audit(2000000022.309:390): avc: denied { getopt } for pid=7631 comm="syz.2.612" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 75.517438][ T7638] FAULT_INJECTION: forcing a failure. [ 75.517438][ T7638] name failslab, interval 1, probability 0, space 0, times 0 [ 75.523380][ T7638] CPU: 2 UID: 0 PID: 7638 Comm: syz.1.614 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 75.523397][ T7638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.523404][ T7638] Call Trace: [ 75.523408][ T7638] [ 75.523413][ T7638] dump_stack_lvl+0x16c/0x1f0 [ 75.523434][ T7638] should_fail_ex+0x512/0x640 [ 75.523451][ T7638] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 75.523470][ T7638] should_failslab+0xc2/0x120 [ 75.523481][ T7638] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 75.523512][ T7638] ? __kvm_mmu_topup_memory_cache+0x450/0x600 [ 75.523529][ T7638] ? kvm_hv_setup_tsc_page+0x29a/0x8d0 [ 75.523543][ T7638] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 75.523561][ T7638] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 75.523581][ T7638] mmu_topup_memory_caches+0x25/0x170 [ 75.523596][ T7638] kvm_mmu_load+0xd9/0x22a0 [ 75.523610][ T7638] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 75.523621][ T7638] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 75.523633][ T7638] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 75.523647][ T7638] ? __pfx_kvm_guest_time_update+0x10/0x10 [ 75.523659][ T7638] ? __pfx_kvm_mmu_load+0x10/0x10 [ 75.523672][ T7638] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 75.523693][ T7638] ? kvm_check_and_inject_events+0x71c/0x1310 [ 75.523710][ T7638] vcpu_run+0x34eb/0x5500 [ 75.523721][ T7638] ? kvm_mmu_post_init_vm+0x269/0x370 [ 75.523737][ T7638] ? __lock_acquire+0xb8a/0x1c90 [ 75.523751][ T7638] ? __pfx_vcpu_run+0x10/0x10 [ 75.523767][ T7638] ? fpu_swap_kvm_fpstate+0x1be/0x410 [ 75.523780][ T7638] ? __local_bh_enable_ip+0xa4/0x120 [ 75.523797][ T7638] ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0 [ 75.523810][ T7638] kvm_arch_vcpu_ioctl_run+0x51e/0x18c0 [ 75.523828][ T7638] kvm_vcpu_ioctl+0x5eb/0x1690 [ 75.523844][ T7638] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 75.523862][ T7638] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 75.523882][ T7638] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 75.523905][ T7638] ? hook_file_ioctl_common+0x145/0x410 [ 75.523922][ T7638] ? selinux_file_ioctl+0x180/0x270 [ 75.523939][ T7638] ? selinux_file_ioctl+0xb4/0x270 [ 75.523957][ T7638] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 75.523971][ T7638] __x64_sys_ioctl+0x18e/0x210 [ 75.523988][ T7638] do_syscall_64+0xcd/0x4c0 [ 75.524000][ T7638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.524011][ T7638] RIP: 0033:0x7fe27a38e9a9 [ 75.524021][ T7638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.524031][ T7638] RSP: 002b:00007fe27b27d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.524042][ T7638] RAX: ffffffffffffffda RBX: 00007fe27a5b5fa0 RCX: 00007fe27a38e9a9 [ 75.524049][ T7638] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 75.524056][ T7638] RBP: 00007fe27b27d090 R08: 0000000000000000 R09: 0000000000000000 [ 75.524062][ T7638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 75.524068][ T7638] R13: 0000000000000000 R14: 00007fe27a5b5fa0 R15: 00007fff22b3efe8 [ 75.524082][ T7638] [ 75.563053][ T7643] netlink: 16 bytes leftover after parsing attributes in process `syz.2.617'. [ 75.774452][ T7665] netlink: 16 bytes leftover after parsing attributes in process `syz.0.627'. [ 75.985869][ T40] audit: type=1400 audit(2000000022.859:391): avc: denied { create } for pid=7684 comm="syz.0.635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 75.986908][ T7689] ipt_REJECT: TCP_RESET invalid for non-tcp [ 76.024731][ T7695] netlink: 16 bytes leftover after parsing attributes in process `syz.2.638'. [ 76.210511][ T7714] netlink: 16 bytes leftover after parsing attributes in process `syz.1.650'. [ 76.501840][ T7743] netlink: 16 bytes leftover after parsing attributes in process `syz.2.662'. [ 76.857606][ T7769] netlink: 16 bytes leftover after parsing attributes in process `syz.2.675'. [ 77.414964][ T7829] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 78.331531][ T7922] validate_nla: 3 callbacks suppressed [ 78.331546][ T7922] netlink: 'syz.3.749': attribute type 4 has an invalid length. [ 78.902090][ T7975] netlink: 'syz.0.773': attribute type 4 has an invalid length. [ 79.081001][ T7997] netlink: 'syz.1.784': attribute type 4 has an invalid length. [ 79.330778][ T8027] FAULT_INJECTION: forcing a failure. [ 79.330778][ T8027] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.340091][ T8027] CPU: 2 UID: 0 PID: 8027 Comm: syz.1.799 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 79.340108][ T8027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.340115][ T8027] Call Trace: [ 79.340119][ T8027] [ 79.340123][ T8027] dump_stack_lvl+0x16c/0x1f0 [ 79.340152][ T8027] should_fail_ex+0x512/0x640 [ 79.340182][ T8027] _copy_from_user+0x2e/0xd0 [ 79.340202][ T8027] ucma_write+0x128/0x330 [ 79.340219][ T8027] ? __pfx_ucma_write+0x10/0x10 [ 79.340235][ T8027] ? bpf_lsm_file_permission+0x9/0x10 [ 79.340254][ T8027] ? security_file_permission+0x71/0x210 [ 79.340270][ T8027] ? rw_verify_area+0xcf/0x680 [ 79.340286][ T8027] ? __pfx_ucma_write+0x10/0x10 [ 79.340295][ T8027] vfs_write+0x2a0/0x1150 [ 79.340314][ T8027] ? __pfx_vfs_write+0x10/0x10 [ 79.340329][ T8027] ? find_held_lock+0x2b/0x80 [ 79.340344][ T8027] ? __fget_files+0x204/0x3c0 [ 79.340357][ T8027] ? __fget_files+0x20e/0x3c0 [ 79.340370][ T8027] ksys_write+0x1f8/0x250 [ 79.340386][ T8027] ? __pfx_ksys_write+0x10/0x10 [ 79.340406][ T8027] do_syscall_64+0xcd/0x4c0 [ 79.340417][ T8027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.340429][ T8027] RIP: 0033:0x7fe27a38e9a9 [ 79.340439][ T8027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.340450][ T8027] RSP: 002b:00007fe27b27d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 79.340461][ T8027] RAX: ffffffffffffffda RBX: 00007fe27a5b5fa0 RCX: 00007fe27a38e9a9 [ 79.340468][ T8027] RDX: 0000000000000018 RSI: 0000200000000040 RDI: 0000000000000003 [ 79.340474][ T8027] RBP: 00007fe27b27d090 R08: 0000000000000000 R09: 0000000000000000 [ 79.340481][ T8027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 79.340487][ T8027] R13: 0000000000000000 R14: 00007fe27a5b5fa0 R15: 00007fff22b3efe8 [ 79.340501][ T8027] [ 79.493072][ T8046] loop4: detected capacity change from 0 to 2560 [ 79.499742][ T5953] buffer_io_error: 311 callbacks suppressed [ 79.499752][ T5953] Buffer I/O error on dev loop4, logical block 0, async page read [ 79.511301][ T8046] Buffer I/O error on dev loop4, logical block 0, lost async page write [ 79.514832][ T8046] Buffer I/O error on dev loop4, logical block 1, lost async page write [ 79.517503][ T8046] Buffer I/O error on dev loop4, logical block 2, lost async page write [ 79.520112][ T8046] Buffer I/O error on dev loop4, logical block 3, lost async page write [ 79.523098][ T8046] Buffer I/O error on dev loop4, logical block 4, lost async page write [ 79.525782][ T8046] Buffer I/O error on dev loop4, logical block 5, lost async page write [ 79.528422][ T8046] Buffer I/O error on dev loop4, logical block 6, lost async page write [ 79.531007][ T8046] Buffer I/O error on dev loop4, logical block 7, lost async page write [ 79.535017][ T8046] Buffer I/O error on dev loop4, logical block 8, lost async page write [ 79.799375][ T8076] loop4: detected capacity change from 0 to 2560 [ 80.419709][ T8148] netlink: 'syz.1.858': attribute type 4 has an invalid length. [ 81.210720][ T8230] FAULT_INJECTION: forcing a failure. [ 81.210720][ T8230] name failslab, interval 1, probability 0, space 0, times 0 [ 81.216700][ T8230] CPU: 0 UID: 0 PID: 8230 Comm: syz.3.897 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 81.216717][ T8230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.216723][ T8230] Call Trace: [ 81.216727][ T8230] [ 81.216732][ T8230] dump_stack_lvl+0x16c/0x1f0 [ 81.216753][ T8230] should_fail_ex+0x512/0x640 [ 81.216770][ T8230] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 81.216789][ T8230] should_failslab+0xc2/0x120 [ 81.216800][ T8230] __kmalloc_cache_node_noprof+0x6d/0x420 [ 81.216817][ T8230] ? __get_vm_area_node+0x101/0x330 [ 81.216832][ T8230] __get_vm_area_node+0x101/0x330 [ 81.216848][ T8230] __vmalloc_node_range_noprof+0x271/0x14b0 [ 81.216863][ T8230] ? vhost_task_create+0x1d2/0x2e0 [ 81.216875][ T8230] ? local_lock_release+0x99/0x140 [ 81.216890][ T8230] ? vhost_task_create+0x1d2/0x2e0 [ 81.216901][ T8230] ? rcu_read_unlock+0x17/0x60 [ 81.216920][ T8230] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 81.216934][ T8230] ? __memcg_slab_post_alloc_hook+0x4a0/0x960 [ 81.216951][ T8230] ? vhost_task_create+0x1d2/0x2e0 [ 81.216973][ T8230] __vmalloc_node_noprof+0xad/0xf0 [ 81.216988][ T8230] ? vhost_task_create+0x1d2/0x2e0 [ 81.217001][ T8230] copy_process+0x2c70/0x7650 [ 81.217024][ T8230] ? __pfx_copy_process+0x10/0x10 [ 81.217041][ T8230] ? lockdep_init_map_type+0x5c/0x280 [ 81.217053][ T8230] ? lockdep_init_map_type+0x5c/0x280 [ 81.217064][ T8230] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 81.217082][ T8230] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 81.217095][ T8230] vhost_task_create+0x1d2/0x2e0 [ 81.217106][ T8230] ? __pfx_vhost_task_create+0x10/0x10 [ 81.217122][ T8230] ? __pfx_vhost_task_fn+0x10/0x10 [ 81.217140][ T8230] kvm_mmu_post_init_vm+0x1b7/0x370 [ 81.217156][ T8230] kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 81.217171][ T8230] ? kvm_vcpu_ioctl+0x14c6/0x1690 [ 81.217187][ T8230] kvm_vcpu_ioctl+0x5eb/0x1690 [ 81.217203][ T8230] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 81.217221][ T8230] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 81.217241][ T8230] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 81.217264][ T8230] ? hook_file_ioctl_common+0x145/0x410 [ 81.217281][ T8230] ? selinux_file_ioctl+0x180/0x270 [ 81.217297][ T8230] ? selinux_file_ioctl+0xb4/0x270 [ 81.217315][ T8230] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 81.217329][ T8230] __x64_sys_ioctl+0x18e/0x210 [ 81.217345][ T8230] do_syscall_64+0xcd/0x4c0 [ 81.217357][ T8230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.217368][ T8230] RIP: 0033:0x7f4c6558e9a9 [ 81.217378][ T8230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.217389][ T8230] RSP: 002b:00007f4c653f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.217400][ T8230] RAX: ffffffffffffffda RBX: 00007f4c657b5fa0 RCX: 00007f4c6558e9a9 [ 81.217406][ T8230] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 81.217413][ T8230] RBP: 00007f4c653f7090 R08: 0000000000000000 R09: 0000000000000000 [ 81.217419][ T8230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.217426][ T8230] R13: 0000000000000000 R14: 00007f4c657b5fa0 R15: 00007ffc9ebcf148 [ 81.217440][ T8230] [ 81.217473][ T8230] syz.3.897: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 81.317751][ T1338] cfg80211: failed to load regulatory.db [ 81.319666][ T8230] ,cpuset=/,mems_allowed=0-1 [ 81.337305][ T8230] CPU: 0 UID: 0 PID: 8230 Comm: syz.3.897 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 81.337320][ T8230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.337327][ T8230] Call Trace: [ 81.337331][ T8230] [ 81.337335][ T8230] dump_stack_lvl+0x16c/0x1f0 [ 81.337356][ T8230] warn_alloc+0x248/0x3a0 [ 81.337375][ T8230] ? __pfx_warn_alloc+0x10/0x10 [ 81.337391][ T8230] ? rcu_is_watching+0x12/0xc0 [ 81.337407][ T8230] ? trace_kmalloc+0x2b/0xd0 [ 81.337418][ T8230] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 81.337436][ T8230] ? __kasan_kmalloc+0x8a/0xb0 [ 81.337452][ T8230] ? __get_vm_area_node+0x208/0x330 [ 81.337469][ T8230] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 81.337484][ T8230] ? local_lock_release+0x99/0x140 [ 81.337501][ T8230] ? vhost_task_create+0x1d2/0x2e0 [ 81.337513][ T8230] ? rcu_read_unlock+0x17/0x60 [ 81.337526][ T8230] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 81.337540][ T8230] ? __memcg_slab_post_alloc_hook+0x4a0/0x960 [ 81.337558][ T8230] ? vhost_task_create+0x1d2/0x2e0 [ 81.337568][ T8230] __vmalloc_node_noprof+0xad/0xf0 [ 81.337582][ T8230] ? vhost_task_create+0x1d2/0x2e0 [ 81.337594][ T8230] copy_process+0x2c70/0x7650 [ 81.337620][ T8230] ? __pfx_copy_process+0x10/0x10 [ 81.337637][ T8230] ? lockdep_init_map_type+0x5c/0x280 [ 81.337649][ T8230] ? lockdep_init_map_type+0x5c/0x280 [ 81.337660][ T8230] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 81.337678][ T8230] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 81.337691][ T8230] vhost_task_create+0x1d2/0x2e0 [ 81.337702][ T8230] ? __pfx_vhost_task_create+0x10/0x10 [ 81.337718][ T8230] ? __pfx_vhost_task_fn+0x10/0x10 [ 81.337736][ T8230] kvm_mmu_post_init_vm+0x1b7/0x370 [ 81.337751][ T8230] kvm_arch_vcpu_ioctl_run+0x66/0x18c0 [ 81.337766][ T8230] ? kvm_vcpu_ioctl+0x14c6/0x1690 [ 81.337783][ T8230] kvm_vcpu_ioctl+0x5eb/0x1690 [ 81.337798][ T8230] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 81.337816][ T8230] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 81.337836][ T8230] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 81.337859][ T8230] ? hook_file_ioctl_common+0x145/0x410 [ 81.337875][ T8230] ? selinux_file_ioctl+0x180/0x270 [ 81.337892][ T8230] ? selinux_file_ioctl+0xb4/0x270 [ 81.337910][ T8230] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 81.337924][ T8230] __x64_sys_ioctl+0x18e/0x210 [ 81.337940][ T8230] do_syscall_64+0xcd/0x4c0 [ 81.337952][ T8230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.337964][ T8230] RIP: 0033:0x7f4c6558e9a9 [ 81.337973][ T8230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.337984][ T8230] RSP: 002b:00007f4c653f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.337994][ T8230] RAX: ffffffffffffffda RBX: 00007f4c657b5fa0 RCX: 00007f4c6558e9a9 [ 81.338001][ T8230] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 81.338007][ T8230] RBP: 00007f4c653f7090 R08: 0000000000000000 R09: 0000000000000000 [ 81.338014][ T8230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.338020][ T8230] R13: 0000000000000000 R14: 00007f4c657b5fa0 R15: 00007ffc9ebcf148 [ 81.338034][ T8230] [ 81.338038][ T8230] Mem-Info: [ 81.441811][ T8230] active_anon:10676 inactive_anon:0 isolated_anon:0 [ 81.441811][ T8230] active_file:15429 inactive_file:40594 isolated_file:0 [ 81.441811][ T8230] unevictable:1768 dirty:207 writeback:0 [ 81.441811][ T8230] slab_reclaimable:11666 slab_unreclaimable:71231 [ 81.441811][ T8230] mapped:25219 shmem:3971 pagetables:1233 [ 81.441811][ T8230] sec_pagetables:304 bounce:0 [ 81.441811][ T8230] kernel_misc_reclaimable:0 [ 81.441811][ T8230] free:450301 free_pcp:18053 free_cma:0 [ 81.456511][ T8230] Node 0 active_anon:39604kB inactive_anon:0kB active_file:61716kB inactive_file:162176kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:100876kB dirty:808kB writeback:0kB shmem:9372kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12624kB pagetables:4832kB sec_pagetables:1216kB all_unreclaimable? no Balloon:0kB [ 81.468081][ T8230] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:20kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:224kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 81.478079][ T8230] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 81.487133][ T8230] lowmem_reserve[]: 0 1234 1234 1234 1234 [ 81.488963][ T8230] Node 0 DMA32 free:184080kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36288kB inactive_anon:0kB active_file:61716kB inactive_file:162176kB unevictable:3536kB writepending:812kB present:2080628kB managed:1264296kB mlocked:0kB bounce:0kB free_pcp:62000kB local_pcp:19984kB free_cma:0kB [ 81.499006][ T8230] lowmem_reserve[]: 0 0 0 0 0 [ 81.503027][ T8230] Node 1 Normal free:1607688kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB writepending:20kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:14436kB local_pcp:3968kB free_cma:0kB [ 81.513531][ T8230] lowmem_reserve[]: 0 0 0 0 0 [ 81.515453][ T8230] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 81.519650][ T8230] Node 0 DMA32: 318*4kB (UME) 719*8kB (UME) 363*16kB (UME) 432*32kB (UME) 598*64kB (UME) 112*128kB (UME) 36*256kB (UME) 28*512kB (UM) 13*1024kB (UME) 6*2048kB (UME) 14*4096kB (UM) = 185760kB [ 81.526510][ T8230] Node 1 Normal: 4*4kB (UME) 11*8kB (ME) 22*16kB (UME) 58*32kB (UME) 20*64kB (UME) 12*128kB (UME) 0*256kB 6*512kB (UME) 2*1024kB (UE) 2*2048kB (UM) 389*4096kB (M) = 1607688kB [ 81.532383][ T8230] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 81.535386][ T8230] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 81.538266][ T8230] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 81.541271][ T8230] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 81.544479][ T8230] 58436 total pagecache pages [ 81.545997][ T8230] 0 pages in swap cache [ 81.547340][ T8230] Free swap = 124996kB [ 81.548676][ T8230] Total swap = 124996kB [ 81.549995][ T8230] 1048443 pages RAM [ 81.551233][ T8230] 0 pages HighMem/MovableOnly [ 81.553106][ T8230] 283040 pages reserved [ 81.554454][ T8230] 0 pages cma reserved [ 81.968721][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 81.968732][ T40] audit: type=1400 audit(2000000028.849:393): avc: denied { append } for pid=8301 comm="syz.3.930" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 82.107841][ T8319] netlink: 20 bytes leftover after parsing attributes in process `syz.3.939'. [ 82.465121][ T8341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.947'. [ 82.713750][ T8370] netlink: 12 bytes leftover after parsing attributes in process `syz.1.959'. [ 83.005235][ T8391] netlink: 12 bytes leftover after parsing attributes in process `syz.0.969'. [ 83.369571][ T40] audit: type=1400 audit(2000000030.249:394): avc: denied { create } for pid=8406 comm="syz.0.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 83.382073][ T40] audit: type=1400 audit(2000000030.259:395): avc: denied { setopt } for pid=8406 comm="syz.0.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 83.388106][ T40] audit: type=1400 audit(2000000030.259:396): avc: denied { bind } for pid=8406 comm="syz.0.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 83.394675][ T40] audit: type=1400 audit(2000000030.259:397): avc: denied { connect } for pid=8406 comm="syz.0.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 83.400758][ T40] audit: type=1400 audit(2000000030.259:398): avc: denied { accept } for pid=8406 comm="syz.0.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 83.497408][ T8417] tipc: Enabling of bearer rejected, already enabled [ 83.710396][ T8444] tipc: Enabling of bearer rejected, already enabled [ 83.963203][ T40] audit: type=1400 audit(2000000030.849:399): avc: denied { accept } for pid=8465 comm="syz.0.1005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 83.971420][ T40] audit: type=1400 audit(2000000030.849:400): avc: denied { listen } for pid=8465 comm="syz.0.1005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 84.312412][ T8513] tipc: Enabling of bearer rejected, already enabled [ 84.679259][ T8566] tipc: Enabling of bearer rejected, already enabled [ 84.777882][ T8577] tipc: Enabling of bearer rejected, already enabled [ 84.948368][ T8601] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1050'. [ 85.117054][ T8627] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1063'. [ 85.130755][ T40] audit: type=1400 audit(2000000032.009:401): avc: denied { add_name } for pid=8626 comm="syz.0.1063" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 85.137847][ T40] audit: type=1400 audit(2000000032.009:402): avc: denied { create } for pid=8626 comm="syz.0.1063" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 85.160274][ T8627] FAULT_INJECTION: forcing a failure. [ 85.160274][ T8627] name failslab, interval 1, probability 0, space 0, times 0 [ 85.164329][ T8627] CPU: 3 UID: 0 PID: 8627 Comm: syz.0.1063 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 85.164345][ T8627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.164352][ T8627] Call Trace: [ 85.164356][ T8627] [ 85.164361][ T8627] dump_stack_lvl+0x16c/0x1f0 [ 85.164398][ T8627] should_fail_ex+0x512/0x640 [ 85.164419][ T8627] ? fs_reclaim_acquire+0xae/0x150 [ 85.164434][ T8627] ? p9pdu_readf+0x116c/0x1e10 [ 85.164446][ T8627] should_failslab+0xc2/0x120 [ 85.164458][ T8627] __kmalloc_noprof+0xd2/0x510 [ 85.164478][ T8627] p9pdu_readf+0x116c/0x1e10 [ 85.164493][ T8627] ? trace_sched_exit_tp+0xde/0x130 [ 85.164510][ T8627] ? __pfx_p9pdu_readf+0x10/0x10 [ 85.164525][ T8627] ? p9_parse_header+0x2c3/0x390 [ 85.164542][ T8627] ? __pfx_p9_parse_header+0x10/0x10 [ 85.164565][ T8627] p9_check_errors+0x217/0x410 [ 85.164576][ T8627] ? __pfx_p9_check_errors+0x10/0x10 [ 85.164586][ T8627] ? schedule+0x2d7/0x3a0 [ 85.164606][ T8627] p9_client_rpc+0x70b/0xc50 [ 85.164618][ T8627] ? __pfx_p9_client_rpc+0x10/0x10 [ 85.164629][ T8627] ? __pfx_autoremove_wake_function+0x10/0x10 [ 85.164655][ T8627] ? idr_preload_end+0xc2/0x230 [ 85.164672][ T8627] ? rcu_is_watching+0x12/0xc0 [ 85.164689][ T8627] p9_client_walk+0x1ab/0x530 [ 85.164701][ T8627] ? __lock_acquire+0x1053/0x1c90 [ 85.164712][ T8627] ? __pfx_p9_client_walk+0x10/0x10 [ 85.164726][ T8627] ? v9fs_fid_lookup+0xe9/0xeb0 [ 85.164742][ T8627] v9fs_vfs_lookup+0x206/0x5b0 [ 85.164759][ T8627] ? __pfx_v9fs_vfs_lookup+0x10/0x10 [ 85.164774][ T8627] ? d_alloc+0x176/0x1e0 [ 85.164787][ T8627] ? do_raw_spin_unlock+0x172/0x230 [ 85.164800][ T8627] ? _raw_spin_unlock+0x28/0x50 [ 85.164817][ T8627] lookup_one_qstr_excl_raw.part.0+0xec/0x160 [ 85.164832][ T8627] ? lookup_dcache+0x66/0x170 [ 85.164846][ T8627] lookup_one_qstr_excl+0x3e/0x120 [ 85.164861][ T8627] filename_create+0x1e7/0x4a0 [ 85.164877][ T8627] ? __pfx_filename_create+0x10/0x10 [ 85.164894][ T8627] ? __might_fault+0xe3/0x190 [ 85.164910][ T8627] ? __might_fault+0xe3/0x190 [ 85.164925][ T8627] ? __might_fault+0x13b/0x190 [ 85.164943][ T8627] do_mknodat+0x18a/0x5d0 [ 85.164961][ T8627] ? __pfx_do_mknodat+0x10/0x10 [ 85.164977][ T8627] ? getname_flags.part.0+0x1c5/0x550 [ 85.164990][ T8627] ? __pfx_ksys_write+0x10/0x10 [ 85.165009][ T8627] __x64_sys_mknodat+0xaf/0xe0 [ 85.165019][ T8627] do_syscall_64+0xcd/0x4c0 [ 85.165031][ T8627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.165042][ T8627] RIP: 0033:0x7f76b838e9a9 [ 85.165052][ T8627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.165063][ T8627] RSP: 002b:00007f76b921b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 85.165073][ T8627] RAX: ffffffffffffffda RBX: 00007f76b85b5fa0 RCX: 00007f76b838e9a9 [ 85.165081][ T8627] RDX: 00000000000021c0 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 85.165088][ T8627] RBP: 00007f76b921b090 R08: 0000000000000000 R09: 0000000000000000 [ 85.165094][ T8627] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000002 [ 85.165100][ T8627] R13: 0000000000000000 R14: 00007f76b85b5fa0 R15: 00007ffc531d8f88 [ 85.165115][ T8627] [ 85.809226][ T8727] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1110'. [ 86.004407][ T8745] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 86.526755][ T8806] FAULT_INJECTION: forcing a failure. [ 86.526755][ T8806] name failslab, interval 1, probability 0, space 0, times 0 [ 86.530665][ T8806] CPU: 3 UID: 0 PID: 8806 Comm: syz.2.1147 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 86.530680][ T8806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.530687][ T8806] Call Trace: [ 86.530691][ T8806] [ 86.530695][ T8806] dump_stack_lvl+0x16c/0x1f0 [ 86.530716][ T8806] should_fail_ex+0x512/0x640 [ 86.530733][ T8806] ? fs_reclaim_acquire+0xae/0x150 [ 86.530748][ T8806] ? tomoyo_encode2+0x100/0x3e0 [ 86.530758][ T8806] should_failslab+0xc2/0x120 [ 86.530769][ T8806] __kmalloc_noprof+0xd2/0x510 [ 86.530786][ T8806] ? d_absolute_path+0x136/0x1a0 [ 86.530802][ T8806] tomoyo_encode2+0x100/0x3e0 [ 86.530814][ T8806] tomoyo_encode+0x29/0x50 [ 86.530824][ T8806] tomoyo_realpath_from_path+0x18f/0x6e0 [ 86.530839][ T8806] tomoyo_path_number_perm+0x245/0x580 [ 86.530858][ T8806] ? tomoyo_path_number_perm+0x237/0x580 [ 86.530875][ T8806] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 86.530892][ T8806] ? find_held_lock+0x2b/0x80 [ 86.530919][ T8806] ? find_held_lock+0x2b/0x80 [ 86.530932][ T8806] ? hook_file_ioctl_common+0x145/0x410 [ 86.530948][ T8806] ? __fget_files+0x20e/0x3c0 [ 86.530960][ T8806] security_file_ioctl+0x9b/0x240 [ 86.530979][ T8806] __x64_sys_ioctl+0xb7/0x210 [ 86.530995][ T8806] do_syscall_64+0xcd/0x4c0 [ 86.531007][ T8806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.531019][ T8806] RIP: 0033:0x7fe1b838e9a9 [ 86.531028][ T8806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.531039][ T8806] RSP: 002b:00007fe1b914c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.531050][ T8806] RAX: ffffffffffffffda RBX: 00007fe1b85b5fa0 RCX: 00007fe1b838e9a9 [ 86.531057][ T8806] RDX: 0000000000000000 RSI: 0000000000006407 RDI: 0000000000000003 [ 86.531063][ T8806] RBP: 00007fe1b914c090 R08: 0000000000000000 R09: 0000000000000000 [ 86.531069][ T8806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.531076][ T8806] R13: 0000000000000000 R14: 00007fe1b85b5fa0 R15: 00007ffcb0a30ee8 [ 86.531089][ T8806] [ 86.531099][ T8806] ERROR: Out of memory at tomoyo_realpath_from_path. [ 87.011184][ T40] kauditd_printk_skb: 5 callbacks suppressed [ 87.011197][ T40] audit: type=1400 audit(2000000033.889:408): avc: denied { append } for pid=8873 comm="syz.1.1181" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 87.064073][ T40] audit: type=1400 audit(2000000033.949:409): avc: denied { read } for pid=8880 comm="syz.0.1184" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 87.071216][ T40] audit: type=1400 audit(2000000033.949:410): avc: denied { open } for pid=8880 comm="syz.0.1184" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 87.078673][ T40] audit: type=1400 audit(2000000033.949:411): avc: denied { ioctl } for pid=8880 comm="syz.0.1184" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 87.421695][ T8915] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1199'. [ 87.460473][ T8917] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1200'. [ 87.549929][ T8920] kvm: requested 50285 ns i8254 timer period limited to 200000 ns [ 88.105043][ T8949] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1215'. [ 88.410207][ T8976] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1227'. [ 88.517061][ T40] audit: type=1400 audit(2000000035.399:412): avc: denied { getopt } for pid=8982 comm="syz.1.1231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 88.696852][ T40] audit: type=1400 audit(2000000035.589:413): avc: denied { write } for pid=8997 comm="syz.2.1240" path="socket:[26449]" dev="sockfs" ino=26449 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 88.942347][ T9045] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1259'. [ 89.354597][ T9105] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 89.361972][ T40] audit: type=1400 audit(2000000036.239:414): avc: denied { connect } for pid=9104 comm="syz.3.1286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 89.479399][ T9128] macvlan2: entered promiscuous mode [ 89.481174][ T9128] bridge0: entered promiscuous mode [ 89.486266][ T9128] macvlan3: entered promiscuous mode [ 89.490836][ T9128] macvlan4: entered promiscuous mode [ 89.499342][ T9128] macvlan5: entered promiscuous mode [ 89.504515][ T9128] macvlan6: entered promiscuous mode [ 89.509072][ T9128] macvlan7: entered promiscuous mode [ 89.513784][ T9128] macvlan8: entered promiscuous mode [ 89.518339][ T9128] macvlan9: entered promiscuous mode [ 89.524723][ T9128] macvlan10: entered promiscuous mode [ 89.529086][ T9128] macvlan11: entered promiscuous mode [ 89.534011][ T9128] macvlan12: entered promiscuous mode [ 89.538637][ T9128] macvlan13: entered promiscuous mode [ 89.543304][ T9128] macvlan14: entered promiscuous mode [ 89.547973][ T9128] macvlan15: entered promiscuous mode [ 89.554313][ T9128] macvlan16: entered promiscuous mode [ 89.559154][ T9128] macvlan17: entered promiscuous mode [ 89.563876][ T9128] macvlan18: entered promiscuous mode [ 89.568528][ T9128] macvlan19: entered promiscuous mode [ 89.573053][ T9128] macvlan20: entered promiscuous mode [ 89.578720][ T9128] macvlan21: entered promiscuous mode [ 89.584022][ T9128] macvlan22: entered promiscuous mode [ 89.588408][ T9128] macvlan23: entered promiscuous mode [ 89.592860][ T9128] macvlan24: entered promiscuous mode [ 89.598454][ T9128] macvlan25: entered promiscuous mode [ 89.602912][ T9128] macvlan26: entered promiscuous mode [ 89.607516][ T9128] macvlan27: entered promiscuous mode [ 89.611840][ T9128] macvlan28: entered promiscuous mode [ 89.617718][ T9128] macvlan29: entered promiscuous mode [ 89.622323][ T9128] macvlan30: entered promiscuous mode [ 89.627563][ T9128] macvlan31: entered promiscuous mode [ 89.631899][ T9128] macvlan32: entered promiscuous mode [ 89.636952][ T9128] macvlan33: entered promiscuous mode [ 89.641290][ T9128] macvlan34: entered promiscuous mode [ 89.647476][ T9128] macvlan35: entered promiscuous mode [ 89.655211][ T9128] macvlan36: entered promiscuous mode [ 89.662280][ T9128] macvlan37: entered promiscuous mode [ 89.669455][ T9128] macvlan38: entered promiscuous mode [ 89.676940][ T9128] macvlan39: entered promiscuous mode [ 89.684443][ T9128] macvlan40: entered promiscuous mode [ 89.691424][ T9128] macvlan41: entered promiscuous mode [ 89.698698][ T9128] macvlan42: entered promiscuous mode [ 89.705790][ T9128] macvlan43: entered promiscuous mode [ 89.713028][ T9128] macvlan44: entered promiscuous mode [ 89.718229][ T9128] macvlan45: entered promiscuous mode [ 89.723661][ T9128] macvlan46: entered promiscuous mode [ 89.728457][ T9128] macvlan47: entered promiscuous mode [ 89.733326][ T9128] macvlan48: entered promiscuous mode [ 89.739795][ T9128] macvlan49: entered promiscuous mode [ 89.746869][ T9128] macvlan50: entered promiscuous mode [ 89.747177][ T9145] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 89.751344][ T9128] macvlan51: entered promiscuous mode [ 89.757137][ T9128] macvlan52: entered promiscuous mode [ 89.761498][ T9128] macvlan53: entered promiscuous mode [ 89.766131][ T9128] macvlan54: entered promiscuous mode [ 89.771638][ T9128] macvlan55: entered promiscuous mode [ 89.776303][ T9128] macvlan56: entered promiscuous mode [ 89.780729][ T9128] macvlan57: entered promiscuous mode [ 89.785173][ T9128] macvlan58: entered promiscuous mode [ 89.789587][ T9128] macvlan59: entered promiscuous mode [ 89.794105][ T9128] macvlan60: entered promiscuous mode [ 89.798628][ T9128] macvlan61: entered promiscuous mode [ 89.803076][ T9128] macvlan62: entered promiscuous mode [ 89.807533][ T9128] macvlan63: entered promiscuous mode [ 89.811883][ T9128] macvlan64: entered promiscuous mode [ 89.816482][ T9128] macvlan65: entered promiscuous mode [ 89.820861][ T9128] macvlan66: entered promiscuous mode [ 90.000604][ T9166] No buffer was provided with the request [ 90.270211][ T9185] 8021q: VLANs not supported on ip6_vti0 [ 90.840075][ T9256] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1352'. [ 90.990280][ T9277] syzkaller0: entered promiscuous mode [ 90.993206][ T9277] syzkaller0: entered allmulticast mode [ 91.023207][ T9285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1366'. [ 92.017172][ T9327] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 92.030697][ T9334] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1388'. [ 92.455726][ T9393] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1416'. [ 92.634926][ T40] audit: type=1400 audit(2000000039.519:415): avc: denied { bind } for pid=9417 comm="syz.1.1428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 92.893700][ T9451] IPv6: NLM_F_CREATE should be specified when creating new route [ 92.899527][ T40] audit: type=1400 audit(2000000039.779:416): avc: denied { connect } for pid=9450 comm="syz.0.1444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 92.966271][ T5312] Bluetooth: hci3: unexpected event for opcode 0x421c [ 92.976706][ T9464] Option 'Ô_n'¶tr—1ZQ¥3Œ ¬-Öµ²ÙkÕXÜv~’' to dns_resolver key: bad/missing value [ 93.409536][ T9506] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1467'. [ 93.415328][ T9506] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=9506 comm=syz.3.1467 [ 93.540400][ T40] audit: type=1400 audit(2000000040.419:417): avc: denied { read } for pid=9520 comm="syz.3.1473" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 93.550505][ T40] audit: type=1400 audit(2000000040.419:418): avc: denied { open } for pid=9520 comm="syz.3.1473" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 93.614152][ T9528] dvmrp1: entered allmulticast mode [ 93.640522][ T40] audit: type=1400 audit(2000000040.519:419): avc: denied { read } for pid=9527 comm="syz.0.1476" name="usbmon7" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 93.648860][ T40] audit: type=1400 audit(2000000040.519:420): avc: denied { open } for pid=9527 comm="syz.0.1476" path="/dev/usbmon7" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 93.656795][ T40] audit: type=1400 audit(2000000040.519:421): avc: denied { ioctl } for pid=9527 comm="syz.0.1476" path="/dev/usbmon7" dev="devtmpfs" ino=759 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 93.697091][ T9538] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1476'. [ 93.700077][ T9538] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1476'. [ 93.729532][ T40] audit: type=1326 audit(2000000040.609:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9540 comm="syz.2.1481" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1b838e9a9 code=0x0 [ 93.938131][ T9568] ipt_rpfilter: unknown options [ 93.989910][ T9578] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1499'. [ 94.206239][ T9610] x_tables: ip6_tables: quota.0 match: invalid size 24 (kernel) != (user) 144 [ 94.286685][ T40] audit: type=1400 audit(2000000041.169:423): avc: denied { create } for pid=9619 comm="syz.2.1518" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 94.287709][ T9620] netlink: 'syz.2.1518': attribute type 23 has an invalid length. [ 94.310947][ T40] audit: type=1400 audit(2000000041.189:424): avc: denied { unlink } for pid=5947 comm="syz-executor" name="file0" dev="tmpfs" ino=2110 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 94.597816][ T9645] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1528'. [ 94.599535][ T9642] No control pipe specified [ 94.605874][ T9645] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 95.779374][ T9688] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1546'. [ 95.975266][ T9714] xt_hashlimit: size too large, truncated to 1048576 [ 96.060854][ T9722] befs: (nullb0): No write support. Marking filesystem read-only [ 96.067560][ T9722] befs: (nullb0): invalid magic header [ 96.135118][ T9730] FAULT_INJECTION: forcing a failure. [ 96.135118][ T9730] name failslab, interval 1, probability 0, space 0, times 0 [ 96.139102][ T9730] CPU: 3 UID: 0 PID: 9730 Comm: syz.3.1565 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 96.139118][ T9730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.139125][ T9730] Call Trace: [ 96.139129][ T9730] [ 96.139133][ T9730] dump_stack_lvl+0x16c/0x1f0 [ 96.139170][ T9730] should_fail_ex+0x512/0x640 [ 96.139191][ T9730] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 96.139210][ T9730] should_failslab+0xc2/0x120 [ 96.139222][ T9730] __kmalloc_cache_node_noprof+0x6d/0x420 [ 96.139243][ T9730] ? __get_vm_area_node+0x101/0x330 [ 96.139264][ T9730] __get_vm_area_node+0x101/0x330 [ 96.139278][ T9730] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 96.139296][ T9730] __vmalloc_node_range_noprof+0x271/0x14b0 [ 96.139311][ T9730] ? bpf_prog_calc_tag+0x104/0x720 [ 96.139324][ T9730] ? unwind_get_return_address+0x59/0xa0 [ 96.139339][ T9730] ? bpf_prog_calc_tag+0x104/0x720 [ 96.139354][ T9730] ? __pfx_stack_trace_save+0x10/0x10 [ 96.139369][ T9730] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 96.139386][ T9730] ? kasan_save_stack+0x42/0x60 [ 96.139404][ T9730] ? bpf_prog_calc_tag+0x104/0x720 [ 96.139416][ T9730] __vmalloc_node_noprof+0xad/0xf0 [ 96.139430][ T9730] ? bpf_prog_calc_tag+0x104/0x720 [ 96.139444][ T9730] bpf_prog_calc_tag+0x104/0x720 [ 96.139458][ T9730] ? __pfx_bpf_prog_calc_tag+0x10/0x10 [ 96.139471][ T9730] ? __sort_r+0x4d/0x660 [ 96.139486][ T9730] ? __pfx_cmp_subprogs+0x10/0x10 [ 96.139503][ T9730] ? sort+0x97/0xd0 [ 96.139513][ T9730] resolve_pseudo_ldimm64+0xd3/0x1a90 [ 96.139530][ T9730] ? find_containing_subprog+0x175/0x1d0 [ 96.139548][ T9730] ? __pfx_resolve_pseudo_ldimm64+0x10/0x10 [ 96.139565][ T9730] ? check_subprogs+0x5e2/0x850 [ 96.139578][ T9730] bpf_check+0x63cb/0xbc50 [ 96.139590][ T9730] ? __mutex_trylock_common+0xe9/0x250 [ 96.139606][ T9730] ? __x64_sys_bpf+0x60/0xc0 [ 96.139624][ T9730] ? __pfx_bpf_check+0x10/0x10 [ 96.139649][ T9730] ? kasan_save_track+0x14/0x30 [ 96.139665][ T9730] ? __kasan_kmalloc+0xaa/0xb0 [ 96.139681][ T9730] ? selinux_bpf_prog_load+0x15f/0x1c0 [ 96.139696][ T9730] bpf_prog_load+0xe41/0x2490 [ 96.139714][ T9730] ? __pfx_bpf_prog_load+0x10/0x10 [ 96.139728][ T9730] ? avc_has_perm_noaudit+0x149/0x3b0 [ 96.139755][ T9730] ? selinux_bpf+0xde/0x130 [ 96.139767][ T9730] ? bpf_lsm_bpf+0x9/0x10 [ 96.139781][ T9730] __sys_bpf+0x4d1a/0x4ea0 [ 96.139798][ T9730] ? __pfx___sys_bpf+0x10/0x10 [ 96.139813][ T9730] ? ksys_write+0x190/0x250 [ 96.139831][ T9730] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 96.139850][ T9730] ? fput+0x70/0xf0 [ 96.139862][ T9730] ? ksys_write+0x1ac/0x250 [ 96.139877][ T9730] ? __pfx_ksys_write+0x10/0x10 [ 96.139895][ T9730] __x64_sys_bpf+0x78/0xc0 [ 96.139910][ T9730] ? lockdep_hardirqs_on+0x7c/0x110 [ 96.139927][ T9730] do_syscall_64+0xcd/0x4c0 [ 96.139939][ T9730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.139950][ T9730] RIP: 0033:0x7f4c6558e9a9 [ 96.139959][ T9730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.139970][ T9730] RSP: 002b:00007f4c653f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 96.139980][ T9730] RAX: ffffffffffffffda RBX: 00007f4c657b5fa0 RCX: 00007f4c6558e9a9 [ 96.139987][ T9730] RDX: 0000000000000094 RSI: 0000200000000500 RDI: 0000000000000005 [ 96.139994][ T9730] RBP: 00007f4c653f7090 R08: 0000000000000000 R09: 0000000000000000 [ 96.140000][ T9730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 96.140006][ T9730] R13: 0000000000000000 R14: 00007f4c657b5fa0 R15: 00007ffc9ebcf148 [ 96.140020][ T9730] [ 96.140025][ T9730] syz.3.1565: vmalloc error: size 256, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 96.267626][ T9730] CPU: 3 UID: 0 PID: 9730 Comm: syz.3.1565 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 96.267650][ T9730] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.267661][ T9730] Call Trace: [ 96.267667][ T9730] [ 96.267674][ T9730] dump_stack_lvl+0x16c/0x1f0 [ 96.267705][ T9730] warn_alloc+0x248/0x3a0 [ 96.267734][ T9730] ? __pfx_warn_alloc+0x10/0x10 [ 96.267761][ T9730] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 96.267796][ T9730] ? __kasan_kmalloc+0x8a/0xb0 [ 96.267822][ T9730] ? __get_vm_area_node+0x208/0x330 [ 96.267849][ T9730] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 96.267871][ T9730] ? unwind_get_return_address+0x59/0xa0 [ 96.267897][ T9730] ? bpf_prog_calc_tag+0x104/0x720 [ 96.267924][ T9730] ? __pfx_stack_trace_save+0x10/0x10 [ 96.267950][ T9730] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 96.267980][ T9730] ? kasan_save_stack+0x42/0x60 [ 96.268007][ T9730] ? bpf_prog_calc_tag+0x104/0x720 [ 96.268025][ T9730] __vmalloc_node_noprof+0xad/0xf0 [ 96.268047][ T9730] ? bpf_prog_calc_tag+0x104/0x720 [ 96.268071][ T9730] bpf_prog_calc_tag+0x104/0x720 [ 96.268094][ T9730] ? __pfx_bpf_prog_calc_tag+0x10/0x10 [ 96.268117][ T9730] ? __sort_r+0x4d/0x660 [ 96.268141][ T9730] ? __pfx_cmp_subprogs+0x10/0x10 [ 96.268166][ T9730] ? sort+0x97/0xd0 [ 96.268182][ T9730] resolve_pseudo_ldimm64+0xd3/0x1a90 [ 96.268210][ T9730] ? find_containing_subprog+0x175/0x1d0 [ 96.268246][ T9730] ? __pfx_resolve_pseudo_ldimm64+0x10/0x10 [ 96.268274][ T9730] ? check_subprogs+0x5e2/0x850 [ 96.268295][ T9730] bpf_check+0x63cb/0xbc50 [ 96.268316][ T9730] ? __mutex_trylock_common+0xe9/0x250 [ 96.268342][ T9730] ? __x64_sys_bpf+0x60/0xc0 [ 96.268373][ T9730] ? __pfx_bpf_check+0x10/0x10 [ 96.268419][ T9730] ? kasan_save_track+0x14/0x30 [ 96.268445][ T9730] ? __kasan_kmalloc+0xaa/0xb0 [ 96.268471][ T9730] ? selinux_bpf_prog_load+0x15f/0x1c0 [ 96.268497][ T9730] bpf_prog_load+0xe41/0x2490 [ 96.268525][ T9730] ? __pfx_bpf_prog_load+0x10/0x10 [ 96.268546][ T9730] ? avc_has_perm_noaudit+0x149/0x3b0 [ 96.268585][ T9730] ? selinux_bpf+0xde/0x130 [ 96.268605][ T9730] ? bpf_lsm_bpf+0x9/0x10 [ 96.268627][ T9730] __sys_bpf+0x4d1a/0x4ea0 [ 96.268655][ T9730] ? __pfx___sys_bpf+0x10/0x10 [ 96.268680][ T9730] ? ksys_write+0x190/0x250 [ 96.268709][ T9730] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 96.268743][ T9730] ? fput+0x70/0xf0 [ 96.268761][ T9730] ? ksys_write+0x1ac/0x250 [ 96.268791][ T9730] ? __pfx_ksys_write+0x10/0x10 [ 96.268821][ T9730] __x64_sys_bpf+0x78/0xc0 [ 96.268847][ T9730] ? lockdep_hardirqs_on+0x7c/0x110 [ 96.268873][ T9730] do_syscall_64+0xcd/0x4c0 [ 96.268893][ T9730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.268911][ T9730] RIP: 0033:0x7f4c6558e9a9 [ 96.268926][ T9730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.268943][ T9730] RSP: 002b:00007f4c653f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 96.268961][ T9730] RAX: ffffffffffffffda RBX: 00007f4c657b5fa0 RCX: 00007f4c6558e9a9 [ 96.268972][ T9730] RDX: 0000000000000094 RSI: 0000200000000500 RDI: 0000000000000005 [ 96.268983][ T9730] RBP: 00007f4c653f7090 R08: 0000000000000000 R09: 0000000000000000 [ 96.268993][ T9730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 96.269003][ T9730] R13: 0000000000000000 R14: 00007f4c657b5fa0 R15: 00007ffc9ebcf148 [ 96.269027][ T9730] [ 96.269033][ T9730] Mem-Info: [ 96.332058][ T53] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 96.334245][ T9730] active_anon:9151 inactive_anon:0 isolated_anon:0 [ 96.334245][ T9730] active_file:15465 inactive_file:40600 isolated_file:0 [ 96.334245][ T9730] unevictable:1768 dirty:280 writeback:0 [ 96.334245][ T9730] slab_reclaimable:11925 slab_unreclaimable:72391 [ 96.334245][ T9730] mapped:25677 shmem:2399 pagetables:1412 [ 96.334245][ T9730] sec_pagetables:305 bounce:0 [ 96.334245][ T9730] kernel_misc_reclaimable:0 [ 96.334245][ T9730] free:444688 free_pcp:23083 free_cma:0 [ 96.431659][ T9730] Node 0 active_anon:36540kB inactive_anon:0kB active_file:61860kB inactive_file:162200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:104224kB dirty:1120kB writeback:0kB shmem:6060kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12656kB pagetables:5004kB sec_pagetables:1220kB all_unreclaimable? no Balloon:0kB [ 96.440611][ T9730] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:112kB pagetables:224kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 96.450106][ T9730] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 96.458844][ T9730] lowmem_reserve[]: 0 1234 1234 1234 1234 [ 96.460669][ T9730] Node 0 DMA32 free:156324kB boost:0kB min:27516kB low:34392kB high:41268kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36540kB inactive_anon:0kB active_file:61860kB inactive_file:162200kB unevictable:3536kB writepending:1120kB present:2080628kB managed:1264296kB mlocked:0kB bounce:0kB free_pcp:77564kB local_pcp:24340kB free_cma:0kB [ 96.470555][ T9730] lowmem_reserve[]: 0 0 0 0 0 [ 96.472101][ T9730] Node 1 Normal free:1607192kB boost:0kB min:39720kB low:49648kB high:59576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781956kB mlocked:0kB bounce:0kB free_pcp:14864kB local_pcp:3808kB free_cma:0kB [ 96.472144][ T53] usb 6-1: device descriptor read/64, error -71 [ 96.481389][ T9730] lowmem_reserve[]: 0 0 0 0 0 [ 96.481415][ T9730] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 96.488838][ T9730] Node 0 DMA32: 552*4kB (UM) 462*8kB (UM) 229*16kB (UME) 149*32kB (UME) 475*64kB (UM) 123*128kB (UME) 38*256kB (UME) 28*512kB (UM) 14*1024kB (UME) 4*2048kB (UME) 12*4096kB (UM) = 156224kB [ 96.494624][ T9730] Node 1 Normal: 4*4kB (UME) 11*8kB (ME) 13*16kB (UME) 47*32kB (UME) 20*64kB (UME) 12*128kB (UME) 0*256kB 6*512kB (UME) 2*1024kB (UE) 2*2048kB (UM) 389*4096kB (M) = 1607192kB [ 96.499969][ T9730] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 96.503003][ T9730] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 96.506021][ T9730] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 96.508958][ T9730] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 96.511842][ T9730] 58460 total pagecache pages [ 96.513412][ T9730] 0 pages in swap cache [ 96.514727][ T9730] Free swap = 124996kB [ 96.516041][ T9730] Total swap = 124996kB [ 96.517344][ T9730] 1048443 pages RAM [ 96.518554][ T9730] 0 pages HighMem/MovableOnly [ 96.520045][ T9730] 283040 pages reserved [ 96.521349][ T9730] 0 pages cma reserved [ 96.546716][ T9748] program syz.3.1574 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 96.663812][ T9751] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9751 comm=syz.0.1575 [ 96.752669][ T53] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 96.829975][ T5312] Bluetooth: hci1: unexpected event for opcode 0x2028 [ 96.893337][ T53] usb 6-1: device descriptor read/64, error -71 [ 97.003601][ T53] usb usb6-port1: attempt power cycle [ 97.182862][ T9777] random: crng reseeded on system resumption [ 97.192212][ T9777] netlink: 'syz.2.1587': attribute type 10 has an invalid length. [ 97.195430][ T9777] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1587'. [ 97.210624][ T9777] team0: Port device geneve0 added [ 97.229444][ T9777] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 97.352168][ T53] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 97.373421][ T53] usb 6-1: device descriptor read/8, error -71 [ 97.528019][ T9797] cgroup2: Unknown parameter 'memory_rec5rsiveprot' [ 97.623379][ T53] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 97.652556][ T53] usb 6-1: device descriptor read/8, error -71 [ 97.663888][ T9769] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 97.666951][ T9769] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 97.733695][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 97.733711][ T40] audit: type=1400 audit(2000000044.619:431): avc: denied { write } for pid=9819 comm="syz.2.1607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 97.744502][ T40] audit: type=1400 audit(2000000044.629:432): avc: denied { bind } for pid=9819 comm="syz.2.1607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 97.764562][ T53] usb usb6-port1: unable to enumerate USB device [ 97.828125][ T40] audit: type=1400 audit(2000000044.709:433): avc: denied { write } for pid=9826 comm="syz.3.1608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 98.160403][ T9862] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1624'. [ 98.320659][ T9879] FAULT_INJECTION: forcing a failure. [ 98.320659][ T9879] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.324999][ T9879] CPU: 2 UID: 0 PID: 9879 Comm: syz.2.1631 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 98.325014][ T9879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.325022][ T9879] Call Trace: [ 98.325025][ T9879] [ 98.325029][ T9879] dump_stack_lvl+0x16c/0x1f0 [ 98.325051][ T9879] should_fail_ex+0x512/0x640 [ 98.325071][ T9879] _copy_from_user+0x2e/0xd0 [ 98.325082][ T9879] comedi_unlocked_ioctl+0xdb2/0x2e90 [ 98.325100][ T9879] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 98.325115][ T9879] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 98.325129][ T9879] ? do_vfs_ioctl+0x523/0x1a60 [ 98.325144][ T9879] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 98.325162][ T9879] ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540 [ 98.325181][ T9879] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 98.325200][ T9879] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 98.325223][ T9879] ? hook_file_ioctl_common+0x145/0x410 [ 98.325239][ T9879] ? selinux_file_ioctl+0x180/0x270 [ 98.325255][ T9879] ? selinux_file_ioctl+0xb4/0x270 [ 98.325273][ T9879] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 98.325288][ T9879] __x64_sys_ioctl+0x18e/0x210 [ 98.325314][ T9879] do_syscall_64+0xcd/0x4c0 [ 98.325328][ T9879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.325339][ T9879] RIP: 0033:0x7fe1b838e9a9 [ 98.325349][ T9879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 98.325360][ T9879] RSP: 002b:00007fe1b914c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 98.325371][ T9879] RAX: ffffffffffffffda RBX: 00007fe1b85b5fa0 RCX: 00007fe1b838e9a9 [ 98.325378][ T9879] RDX: 0000200000001040 RSI: 000000008050640a RDI: 0000000000000003 [ 98.325385][ T9879] RBP: 00007fe1b914c090 R08: 0000000000000000 R09: 0000000000000000 [ 98.325391][ T9879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 98.325397][ T9879] R13: 0000000000000000 R14: 00007fe1b85b5fa0 R15: 00007ffcb0a30ee8 [ 98.325411][ T9879] [ 98.403845][ C2] vkms_vblank_simulate: vblank timer overrun [ 98.635491][ T9902] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 98.686963][ T9905] xt_hashlimit: size too large, truncated to 1048576 [ 98.958349][ T9922] ieee802154 phy0 wpan0: encryption failed: -22 [ 98.958447][ T40] audit: type=1400 audit(2000000045.839:434): avc: denied { write } for pid=9921 comm="syz.2.1650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 99.150443][ T40] audit: type=1400 audit(2000000046.029:435): avc: denied { getopt } for pid=9932 comm="syz.0.1655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 99.330342][ T40] audit: type=1400 audit(2000000046.209:436): avc: denied { mount } for pid=9950 comm="syz.1.1663" name="/" dev="autofs" ino=34496 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 99.339289][ T40] audit: type=1400 audit(2000000046.209:437): avc: denied { mounton } for pid=9950 comm="syz.1.1663" path="/440/file1/bus/file1" dev="autofs" ino=34498 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 99.350890][ T40] audit: type=1400 audit(2000000046.239:438): avc: denied { unmount } for pid=5958 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 99.548503][ T40] audit: type=1400 audit(2000000046.429:439): avc: denied { execute } for pid=9956 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 99.555936][ T40] audit: type=1400 audit(2000000046.429:440): avc: denied { execute_no_trans } for pid=9956 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 99.695742][ T5312] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 99.698976][ T5312] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 99.702630][ T5312] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 99.705676][ T5312] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 99.708407][ T5312] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 99.870637][ T12] bridge_slave_1: left allmulticast mode [ 99.875339][ T12] bridge_slave_1: left promiscuous mode [ 99.879035][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.890991][ T12] bridge_slave_0: left allmulticast mode [ 99.894635][ T12] bridge_slave_0: left promiscuous mode [ 99.896653][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.071191][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 100.075033][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 100.078238][ T12] bond0 (unregistering): Released all slaves [ 100.107437][ T9968] chnl_net:caif_netlink_parms(): no params data found [ 100.169400][ T12] tipc: Disabling bearer [ 100.173039][ T12] tipc: Disabling bearer [ 100.177953][ T12] tipc: Left network mode [ 100.293577][T10009] netlink: 'syz.3.1686': attribute type 20 has an invalid length. [ 100.296072][ T9968] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.296184][ T9968] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.301305][ T9968] bridge_slave_0: entered allmulticast mode [ 100.305808][ T9968] bridge_slave_0: entered promiscuous mode [ 100.309200][ T9968] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.311786][ T9968] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.316007][ T9968] bridge_slave_1: entered allmulticast mode [ 100.318633][ T9968] bridge_slave_1: entered promiscuous mode [ 100.391293][ T9968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 100.399069][ T9968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 100.469379][ T9968] team0: Port device team_slave_0 added [ 100.487990][ T12] hsr_slave_0: left promiscuous mode [ 100.492506][ T12] hsr_slave_1: left promiscuous mode [ 100.501309][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 100.508488][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 100.617782][ T12] team0 (unregistering): Port device vlan0 removed [ 100.971286][ T12] team0 (unregistering): Port device team_slave_1 removed [ 101.027949][ T12] team0 (unregistering): Port device team_slave_0 removed [ 101.440248][ T9968] team0: Port device team_slave_1 added [ 101.524161][ T9968] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 101.526352][ T9968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.534130][ T9968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 101.546512][ T9968] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 101.549068][ T9968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 101.549267][T10030] loop6: detected capacity change from 0 to 524287999 [ 101.560727][ T9968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.611645][T10046] FAULT_INJECTION: forcing a failure. [ 101.611645][T10046] name failslab, interval 1, probability 0, space 0, times 0 [ 101.615684][T10046] CPU: 3 UID: 0 PID: 10046 Comm: syz.3.1699 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 101.615700][T10046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.615707][T10046] Call Trace: [ 101.615712][T10046] [ 101.615717][T10046] dump_stack_lvl+0x16c/0x1f0 [ 101.615738][T10046] should_fail_ex+0x512/0x640 [ 101.615755][T10046] ? __kmalloc_noprof+0xbf/0x510 [ 101.615773][T10046] ? __vb2_queue_alloc+0x23e/0x1280 [ 101.615786][T10046] should_failslab+0xc2/0x120 [ 101.615797][T10046] __kmalloc_noprof+0xd2/0x510 [ 101.615813][T10046] ? bitmap_find_next_zero_area_off+0xb4/0xd0 [ 101.615830][T10046] __vb2_queue_alloc+0x23e/0x1280 [ 101.615843][T10046] ? vid_cap_queue_setup+0x461/0xe80 [ 101.615863][T10046] vb2_core_reqbufs+0xa90/0xfe0 [ 101.615879][T10046] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 101.615900][T10046] __vb2_init_fileio+0x3f1/0x1100 [ 101.615923][T10046] vb2_core_poll+0x5ec/0x700 [ 101.615944][T10046] vb2_poll+0x33/0x150 [ 101.615960][T10046] vb2_fop_poll+0x10f/0x2c0 [ 101.615982][T10046] ? __pfx_vb2_fop_poll+0x10/0x10 [ 101.615998][T10046] v4l2_poll+0x163/0x320 [ 101.616024][T10046] ? __pfx_v4l2_poll+0x10/0x10 [ 101.616040][T10046] do_sys_poll+0x55c/0xdf0 [ 101.616062][T10046] ? __pfx_do_sys_poll+0x10/0x10 [ 101.616091][T10046] ? find_held_lock+0x2b/0x80 [ 101.616132][T10046] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 101.616145][T10046] ? set_user_sigmask+0x21b/0x2b0 [ 101.616158][T10046] ? __pfx_set_user_sigmask+0x10/0x10 [ 101.616170][T10046] ? __fget_files+0x20e/0x3c0 [ 101.616183][T10046] __x64_sys_ppoll+0x254/0x2d0 [ 101.616200][T10046] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 101.616216][T10046] ? ksys_write+0x1ac/0x250 [ 101.616234][T10046] ? __pfx_ksys_write+0x10/0x10 [ 101.616254][T10046] do_syscall_64+0xcd/0x4c0 [ 101.616266][T10046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.616278][T10046] RIP: 0033:0x7f4c6558e9a9 [ 101.616287][T10046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.616298][T10046] RSP: 002b:00007f4c653f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 101.616309][T10046] RAX: ffffffffffffffda RBX: 00007f4c657b5fa0 RCX: 00007f4c6558e9a9 [ 101.616316][T10046] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0 [ 101.616323][T10046] RBP: 00007f4c653f7090 R08: 0000000000000300 R09: 0000000000000000 [ 101.616329][T10046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.616335][T10046] R13: 0000000000000000 R14: 00007f4c657b5fa0 R15: 00007ffc9ebcf148 [ 101.616349][T10046] [ 101.782188][ T5312] Bluetooth: hci3: command tx timeout [ 101.803167][ T9968] hsr_slave_0: entered promiscuous mode [ 101.805405][ T9968] hsr_slave_1: entered promiscuous mode [ 101.883800][T10056] syz.3.1702: attempt to access beyond end of device [ 101.883800][T10056] nbd3: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 101.888017][T10056] EXT4-fs (nbd3): unable to read superblock [ 101.962132][T10056] ------------[ cut here ]------------ [ 101.964171][T10056] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/pcl812.c:1152:10 [ 101.967394][T10056] shift exponent 536870912 is too large for 32-bit type 'int' [ 101.971341][T10056] CPU: 0 UID: 0 PID: 10056 Comm: syz.3.1702 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 101.971364][T10056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.971375][T10056] Call Trace: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 101.971382][T10056] [ 101.971389][T10056] dump_stack_lvl+0x16c/0x1f0 [ 101.971421][T10056] __ubsan_handle_shift_out_of_bounds+0x27f/0x420 [ 101.971460][T10056] pcl812_attach.cold+0x1a/0x1f [ 101.971486][T10056] comedi_device_attach+0x3b0/0x900 [ 101.971521][T10056] do_devconfig_ioctl+0x1a7/0x580 [ 101.971542][T10056] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 101.971578][T10056] ? find_held_lock+0x2b/0x80 [ 101.971604][T10056] comedi_unlocked_ioctl+0x15bb/0x2e90 [ 101.971629][T10056] ? do_raw_spin_unlock+0xb4/0x230 [ 101.971650][T10056] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 101.971671][T10056] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 101.971692][T10056] ? do_vfs_ioctl+0x523/0x1a60 [ 101.971716][T10056] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 101.971744][T10056] ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540 [ 101.971772][T10056] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 101.971802][T10056] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 101.971839][T10056] ? hook_file_ioctl_common+0x145/0x410 [ 101.971866][T10056] ? selinux_file_ioctl+0x180/0x270 [ 101.971892][T10056] ? selinux_file_ioctl+0xb4/0x270 [ 101.971921][T10056] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 101.971945][T10056] __x64_sys_ioctl+0x18e/0x210 [ 101.971970][T10056] do_syscall_64+0xcd/0x4c0 [ 101.971988][T10056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.972024][T10056] RIP: 0033:0x7f4c6558e9a9 [ 101.972038][T10056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.972055][T10056] RSP: 002b:00007f4c653f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 101.972072][T10056] RAX: ffffffffffffffda RBX: 00007f4c657b5fa0 RCX: 00007f4c6558e9a9 [ 101.972085][T10056] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000005 [ 101.972095][T10056] RBP: 00007f4c65610ca1 R08: 0000000000000000 R09: 0000000000000000 [ 101.972106][T10056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 101.972116][T10056] R13: 0000000000000000 R14: 00007f4c657b5fa0 R15: 00007ffc9ebcf148 [ 101.972140][T10056] [ 102.053447][T10056] ---[ end trace ]--- [ 102.055200][T10056] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 102.058078][T10056] CPU: 0 UID: 0 PID: 10056 Comm: syz.3.1702 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) [ 102.062890][T10056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.067241][T10056] Call Trace: [ 102.068592][T10056] [ 102.069804][T10056] dump_stack_lvl+0x3d/0x1f0 [ 102.071759][T10056] panic+0x71c/0x800 [ 102.073366][T10056] ? __pfx_panic+0x10/0x10 [ 102.075217][T10056] ? __pfx__printk+0x10/0x10 [ 102.076855][T10056] check_panic_on_warn+0xab/0xb0 [ 102.078632][T10056] __ubsan_handle_shift_out_of_bounds+0x2a6/0x420 [ 102.080640][T10056] pcl812_attach.cold+0x1a/0x1f [ 102.082154][T10056] comedi_device_attach+0x3b0/0x900 [ 102.083940][T10056] do_devconfig_ioctl+0x1a7/0x580 [ 102.085932][T10056] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 102.088165][T10056] ? find_held_lock+0x2b/0x80 [ 102.089705][T10056] comedi_unlocked_ioctl+0x15bb/0x2e90 [ 102.091417][T10056] ? do_raw_spin_unlock+0xb4/0x230 [ 102.093167][T10056] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 102.095558][T10056] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 102.097813][T10056] ? do_vfs_ioctl+0x523/0x1a60 [ 102.099710][T10056] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 102.101722][T10056] ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540 [ 102.104385][T10056] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 102.107032][T10056] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 102.109721][T10056] ? hook_file_ioctl_common+0x145/0x410 [ 102.111995][T10056] ? selinux_file_ioctl+0x180/0x270 [ 102.114112][T10056] ? selinux_file_ioctl+0xb4/0x270 [ 102.116220][T10056] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 102.118591][T10056] __x64_sys_ioctl+0x18e/0x210 [ 102.120545][T10056] do_syscall_64+0xcd/0x4c0 [ 102.122429][T10056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.124794][T10056] RIP: 0033:0x7f4c6558e9a9 [ 102.126621][T10056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.133727][T10056] RSP: 002b:00007f4c653f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 102.136904][T10056] RAX: ffffffffffffffda RBX: 00007f4c657b5fa0 RCX: 00007f4c6558e9a9 [ 102.140055][T10056] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000005 [ 102.143302][T10056] RBP: 00007f4c65610ca1 R08: 0000000000000000 R09: 0000000000000000 [ 102.145850][T10056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 102.148357][T10056] R13: 0000000000000000 R14: 00007f4c657b5fa0 R15: 00007ffc9ebcf148 [ 102.150929][T10056] [ 102.152700][T10056] Kernel Offset: disabled [ 102.154140][T10056] Rebooting in 86400 seconds.. VM DIAGNOSIS: 11:46:33 Registers: info registers vcpu 0 CPU#0 RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855a3d95 RDI=ffffffff9b0b7e60 RBP=ffffffff9b0b7e20 RSP=ffffc90003f3f4c0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=000000000000006f R14=ffffffff9b0b7e20 R15=ffffffff855a3d30 RIP=ffffffff855a3dbf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f4c653f76c0 ffffffff 00c00000 GS =0000 ffff8880d6722000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c36d0c4 CR3=0000000060026000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c65611c7a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c65611c87 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c65611c81 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c65611c95 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c65611d1b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c65611df9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c65786488 00007f4c65786480 00007f4c65786478 00007f4c65786450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c662ed100 00007f4c65786440 00007f4c65786458 00007f4c657864a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f4c65786498 00007f4c65786490 00007f4c65786488 00007f4c65786480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000005 RBX=ffff88806142001c RCX=ffffffff8b431239 RDX=0000000000000000 RSI=0000000000000080 RDI=0000000000000000 RBP=dffffc0000000000 RSP=ffffc900203ef240 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000011 R11=0000000000000000 R12=0000000000000000 R13=ffff888061420010 R14=0000000000000011 R15=0000000000000080 RIP=ffffffff81bbe418 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055555a436500 ffffffff 00c00000 GS =0000 ffff8880d6822000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005555678bf808 CR3=000000005ac8e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000040400840 Opmask01=0000000000810200 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000100000001 0000003000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f94d5811c4f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f94d5811c47 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f94d5811c7a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f94d5811c87 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f94d5811c81 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f94d5811c95 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f94d5811d1b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f94d5811df9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 74657600316e616c 76706900306e616c 76706900316e616c 7663616d00306e61 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c7663616d003069 6669775f74726976 00696669775f7472 69765f3168746576 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffea0000f5c088 RBX=ffffea0000f5c080 RCX=ffffffff82065856 RDX=0000000000000000 RSI=0000000000000008 RDI=ffffea0000f5c080 RBP=ffffea0000f5c080 RSP=ffffc900033af510 R8 =0000000000000000 R9 =ffffffffffffffff R10=00fff60000020028 R11=0000000000000001 R12=ffffea0000f5c080 R13=00fff60000020028 R14=ffffc900033af8c0 R15=0000000000000000 RIP=ffffffff8221343b RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555568f39500 ffffffff 00c00000 GS =0000 ffff8880d6922000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f90bbd2fe9c CR3=0000000050675000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000080001 Opmask01=0000000000000001 Opmask02=00000000fff7ffdf Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000563ea7bd0343 0000563ea7bd0343 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90bc060050 00007f90bc05f0c0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90bc060580 00007f90bc05fb20 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90bbd620c0 00007f90bc060ab0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90bc09eda0 00007f90bc05f5f0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90bbd626b0 00007f90bbd620c0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90bc060ab0 00007f90bc060580 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f90bc05fb20 00007f90bc060050 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692074616d726f66 2064616200707865 6765722073756f69 76657270206f6e00 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 450c584d415e434a 0c484d4e005c5449 4b495e0c5f594345 5a495e5c0c434200 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=ffffea0000ea6f00 RBX=ffffea0000ea6f00 RCX=ffffffff81f62d52 RDX=0000000000000000 RSI=0000000000000008 RDI=ffffea0000ea6f00 RBP=ffffea0000ea6f00 RSP=ffffc9000342f2e0 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffff88801ce98048 R13=0000000000000002 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff82213436 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6a22000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f21ed2e7d60 CR3=00000000325e8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000000032e7 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f21ec7866a3 00007f21ec7866a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc37ab9480 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557210c2a9 000055557210ba70 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555720fbd94 00005555720fbd90 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557210518d 0000555572104830 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555720fe9a4 00005555720fe9a0 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00110208ffffffff ffff000000800033 06d528081ab80301 00000a08061ab003 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010010004e800401 000000080606015d 800008004ee00300 10004ed003001000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4ec0030210004eb0 031be810004d9003 010000110208ffff ffffffff00000080 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003306d528081ab8 030100000a08061a b003000300080000 003b004fe1000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000124081a8c 030100000804061a 8803000006f40808 1a80031a80044d80 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000