last executing test programs: 1m1.10834549s ago: executing program 2 (id=177): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000040)={0xd53e, {0x1, 0x4, 0x1, 0x8004, 0x407, 0x52}}) pipe2(&(0x7f0000000140)={0xffffffffffffffff}, 0x84880) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r2, 0x1, 0x2, &(0x7f0000000640), 0x4) syz_fuse_handle_req(r1, &(0x7f00000005c0)="24bd2e1a56ce7562ca828f8677fa9c6dc7dbdf7dec325ecd5d22165fc458ff3b09756f12745beef79cd37935c12b5d0a424803e41e32c879595bb48dae70622406074e3b80b45fa8cfcec64e12c9d7b3b4146f73519f887bc1114f421f885ffcc148c0fc9b3e6ab03138673976af0e480cd92eb85f47118ebce14935aaa251b383b310acd7a88f32cb7e9288ca7eee08fd42c2ee9d0ba1d38eb87accbd26f2de9ad334188c9b277d4b20cfee089ef39df344a1826d14c89c2786188b98c9fe27fc3b5b2e25f84fda35be1943a1946d5c2cf50898db020e714f3b819c30f327306dd0dc6086a5789b7e048b80799b34fa0193b4f208cbb798f2d756bc8e321ae5c40b850341c03737ca82857b959702bcafa4112cd0b435bfecda40d6f2e39e883d0ec649d4b727c6276e2fe451be4611b50f4a91d820dcc98151b22c3c8de581825794540e9ec4e917fa40a8fe43f043d4e4c668551ce2c435d8a3384d7fb6be154cfd7c7c42168169a20140710a2b05d5060d8ce95283eff0093258f5d90f0ff7d695cb057154e38f2e27ef54c9a4eb9b42eb8428edcc6452916414a0f4dd42d5a91952bc34eee69e474a69b9b1adb8d38b7a62f37601e474c69ef5f6d1e24a3c1800ec91d9ca5caf404eb9768e8cdb212487b3e3bd7d0d61e66e3d1f5cb6a829a0af7c34aac08b928a49973c1c31f1f8a2e5c909fcc183ef21a463d982a2e147465487f7926b6c55e3075ca919e309128baaab3449f141aa421c215c57ee0e9a7bf6dad35ec51e4a1c96c6772ed3359143464796fd83ccb49f29d05846fe2d005b3438d8b9c3db0690949fb291dbafc4add7ed712fb8f35d42317d5c1e76140103fe1c37cb7eac46c45e1a32e9ec7e9af5cae9afdb1073a48002c6997145347a451882e7d84a20c26a3ff48453e45158fabbb4feceeaad3f43bbd55fb6edabf3e97e6c3988959c3218df77de77a89256451c6bf244afaff8ed8a6af219ae6f01938816a15d27331cdb0014a40519ef236bd05f34a267873df875f85cc7420f8e31d15e5b73f0488cf36f38bb0d65b3eaec8f4d87d67d4e430d5606be2ffbccc42cba7264317a0ca3be0fad02cd209626e8c9c29cbf2e93f36d6fa026a741df446eb9d0a4842427ffc485bdb5cab31b03a314d1dce1d0155accb8c7b99f5e41066da3cded0e9902d03f20a26c8c40ffc0b44e3d049052b6b35d4c22d2cc769fbb4ab119ada9668276e2bdc7145fdb26b8122fced16c8a6b87869a50fdd1722a8d603e9fa1d6a238e2d3645485df82fb44c5d6f1a3c4a2cb7175977b8269d566a9ec4fc952c2b702a880ecba1950fac18fb952d3881b4ccb74d5502cf69536bedf54c299ad08c61952f92dfb741d1e84760f1f7269244d173d4f34f6eeb31410c5b936d6d18886f6b564e8c9c101b2dd527ab5f94b28d742d9f0080f2d994f3a5c043f4b8175bd1b968e7610b86ce7ce573f8eaee86615eed341b3067ee4175dae27d55a9b671bddd34127e52eb2836204cc219d8e2192850e6d01a51a6b72ddbbb31f487b9d6d639fa364f5e3eb9056e4eb37adc9ae92882374a3f9250f6e8845153c45cf70fca79abab9f63bb5d6892a66f6e6639feb11c592031a1e036d76a2aeec022d968bd4871e4d127ed106046dd3a8d49c25a256d70ca4bd9a830c825779fdafaa67a0a85c0515490d5d199a1481dac1f80bb51444dafd48d99064fbc58dd6899e07c8938fd3f08316e314d1b3aa3e7175be7c6a9a55c0c66cba5298ca8e92074ab34410817c43b849d2056d0b806e34a4bc36c63a713a4780afaca5c7d0e7ef82e1c40a5ab968e787d62ca680796f318f3025b50820f9682967dbe962e056300b0f9932cad356580c97d33bc87f8609fd03ef59d6493a83ac70c21294d52b7c117e6a1e797da6bdb37f1f5dc94a00a71ef8ecb170f6aa2224dfb755829e5e9cdf44ba35463321a6c745a595710fd8d905fe03f015095ae09d7c951bf7e4369b6b87c7ead64b50b9e4d21e7119b680c9e3fdace5a140e507b1dd130d7211a095e335287396f8af1049db82cd37a5b7023ffd1d5305a928e71683fdd4e5c69a886b5f8e2cf602a112a7b5b71d0df45ca7f52872501a2a23ed55890da132f249df4817f65e3dffa945a5efb5965ea08035ccec7fb68518f8c5221e39af5a5b49c1f65bbedf46262b53977b713c5f19a46f0acfad39e0abe65f7cbe940bfa42131c3a564978af351c6e8648eb51f88152bf545927d781fec9440c20a898f5fe55589283f9a5bdbe13fb855f4d148d4acf77a4e8c1440f828dd45703ba7b610896811ddb13823fe706638e0bae0f94114c4603f5338d77fa3aa08adea254bc4669734021dcd7313cef889221df9ae81882c5bdfd0cd558d8f06a2557afda2439fffc6650604c890535c9f24133f7f8a9bf6a4375bd4ce73af2d420b863c8e374eb86723ca4b80dbf9f639dec0d283adbadfd27567053bffa1cc015152b59cbfaf6893e81fdf96e673ca2bf5c8d7b75dac7e605eb6ece6be1bc43c9b2720c105c502a9c6c95dbbc9a6205233bb84e30341d41ccac6f03b9446f05e4fc7636ca35a24277d2623d0cd02ffc42919048b638b488dab6c0e4cd6ffc8928d8e1b6e08a899c739969a953c4b71316128eb4186332fa14c9493416f70694aa320514e57439515869f21cfd786915aa83a93af5d03926b243911ca2394f30ca6af410efeb4258569d27fd61cd5246375e1a6ad443506677307ab3216bc09bf95433746f13949344271c8653ff96a4ea44b4792525e11ef55201d142342759a8a997b69657469eaffeab047f09e0b919c64dd4d7bb4df085762cb9c1679f3de03308040c71771885ee41479e0fb40192348645104cc4da87ea679e39546eee7fd369ff8c166fab1b2d5e05c61af2061f4c80aab2c75e9027babf9b84e482788920109e14cabc88a05bd966055b5617ba9b19842a26dc986be9227c6730be85854f32c23bff18fca0d115fde377b5a279dd6f3f5660bf5589f250eec24b8ad9324fc1e80f62242955d3a8905b424b9e0f1b6e642e89e3442006a3d2c8e3d7e6d43f8fa47d08ed747cfcbb4052bea7d678b6bced9141aa96b27e74a8fc2b115f67e0f70f682a9be3ea71d53772346745fb4769c0bf3f8a397c056c2c08e0d3eda7a4c01681bba7fefa09d541b84997b66556b92bc8e39e4a93e28c22febaa96b98bb1a091b412f8e12614e5ef6b1f0325ec0cdf01c8f37341692c49a1f8f7ad959410fab7f0f492b2ae736f0a46e1d6130b3ca62a94b80b321d979463fb9ee12be8215631e9d4ed1cccc72cc5b24481f6496484b79c2c8e4de11af9861221b6c2ce5f5e57f20b01a1a69e391e4a4d27de213caa79c02e51de80f9f80df9fbb7f54ebea7f9ca78b5cc21fce0c892451ad14eb9df21c2ca4f1d6c5d661d4cb472f9a8551389ad0cc5b178343b0a3f7e01977648745dc3190c82b3ce089b04e48cfae5a6c9c771bde1d301b27c86db33e2871f59410729b24b0ac34a5ec2f78c81177015c4e34f890e3a36f2169a472f57e7151dfb5e7bbe159428b25777b087a62205a66a8160a3cf4e7bae0eeef5000e1cab226ee4c6ca8a6be8c156fc9b64de98692343d03b1237b5c32181799b533641e0dba34d1602e3e7e2cb87924cbc8c60bc76960b9efea30b2ccddf94f207208d80b56ec1e6c8ed348f9863434fb6129536d9a55bdf1da4dd220584ea71524ada0b22b063143fa370581081de5539352504b1257bd0cad014a4714669bd2a5dacbd5969c47fa37b31681bb53f10c9cdacd2489b2bdd8b4454caf2bdcbc2be202cbb3097c5f776938443900aae0617d6669a926c245f42e3199403ac30065f0c1ad1e99c3fd37716810810aea14f88c707732dda47297c4798355c5012e7b16d72de6658ad8183db1e94642e94d7b58c9bd01f55cbdd42f5d55fecb773622def319dc47f8eac1a1ee735c63dc1901af67c1c1c28f19e84f921793c487a430fc4831ef53f37c8eeba080c85e21f76da2db08de243cf0785f2847536e71c2bc812d1dc4f33243583a7d133feedbb3f98c0ac3f314722e4dfaa03597577de5252dbfe9205db7e4f425f1df96ba78dd22ee7defaf5eaa167a6f251f3c71ac8c02b4c3051baebba33ec0cedac48d531f89e4635ce038b43a95cc0480884e16773a2c01711570027485bc9356fb478dffd8970fe8c098889d0f9283a228cbe44fb3df5f793451c3c52a12174039c11963bbe445ac979e356a89943387df8e930e65a5a15b1525f9d016889b3e5ab79acc76aab05d7f1f005ba57354352cf7e5e12d94d02e4547d28d4e9d5a9a36887bc57ef28d4d8679bf14c8dfd2099a24d08f5729215d56d2342a3d98fcc7bd80f4ff6d4274498d3e88ec0d728f0fa1320393edeb142ce7940bf7d2d2a1b36ccbe9793d1ea287846c0a3c7f4c2138f32dde2cb3da56bdeae261ded7f3b82d4a072134320fb4521e5d6169086f8223f8ae532d11860d8baae42f0a44b9ed52d8b5967854c9c08a6e7b68ab8d6e729bb8bddd749191bd6fb3cd5620c86915fd07bc8311d9637f6e0c6a2df44fd38fb4af49efa2248537c213c6cacc98469704aa45b038e20630ab8b8b0fd0732c5c5e549f5ceb0896b01a4334e530a23caab4433280a0ab4073c6e4c7e2d2855cd44a6a3773c5af78766466fc7e77c5ddb88d35d7d8465e94fd7a55078cc7bc7f379bd4f989e1b6409fabe64977f68530ef53138539c81bc8a1543afa44ccefb71c528cbeaf6f1645705aaf1716a029bf5bd5518b7f7eecb7a915214451e0273028a07fe3020b5730387ecf7c56cbde6dc07e9bcf46e0dc1b9b187f79fb492e6a0b4cf1d2ab52307a40a3a512daef55a8ef4a8219a5c0d0ed8febafe6d5a76a6c0041c0497852fa82e6847ea1bfc0e50b81b28a9470d6009c55b08425fca41b699eac5584a2a83f994d9fccc34f211940b3266e27271191a174e720bddd453bbd65d37657d1b3eda60b4b59472f4d90420620eca8bfe6d06cf29053f86e7afda6bc330359aabaccadb18836e73c678f19b2cf92f8374c5cbe6036fdef998d09487fe0591a278b26bd0d31cb18cdb7d9d3c0705dee5c45c5fced374a1cb4008bb8b8cfe2a7949f6ebc23b77934cb5b548af67609268b251ac7a2f079af73bc147df488cd376cad13bce5ee5cf3d2a07d82cb5e28faa981fee47dbef88e901faab0775aa36c5e9d0afd78f2eab4a339e22b31c9cce5d11995a4c4cde22dffe761e4b8917c86ac93ace419777fbbdea87a0c1f6c0da9c2b5719c096af188dd3f0d074375df69c024b056593f93e504d398d396e9b376b8d4b8f3eb6cfd2d2d58909c64abd4c25539989e2d1fcc4fc821fe29103d890ccf267cad317ac7c1f3bcbc03ddbfdec91c51778edca65ea91936e312a3c3f0866b841e4b1cbdf363db8b3b1fcd6219819a5bd1948074fdc7bc31d4a14d2a2609530a91566899bddbe840e336311410bada65db7617306b2f4d573d356dfc0262473fdfe183087f5b0750b728d560ae7dec3a9e902b09ecf7273899cd0b2a5fa57eca4111363af6e9ba8e20b41e9f58b1dc60c19e906408708516509a048ae0dc357a66ac52b3ec2f8092f0fe7dbe877b54e85e05fe73e5f9ce28a6bdba091cfc05984a55fa3bbbd19b06d8a2ac9f500fb51ae5a91bd8e74854bcadcd86de4425499d404c6ed8b88e2f333da31f87bb5fc8e84ff897907ed71d830080e6e7c47a822626278add05a1f7338dfe6bd086015ecaa86231af1b8782d8c73eb567534ea01cedcd3f60cc5a4e349f82bef948922fab1d6bebe8814384f5ccee463c8a40932cfd467ca032da0df8ef3a75c381f7bc40b09da1c2e1ec297982ea571dbdcfa0abd2cd066a28d9aa4afdfa697055ac1c13ed906ab9f0bbc3976a6af86759e5c949f9ffc728f98585318119ae64448731a4884f430153c3a09461e0247b8eb5f6a25caed5da80bd7010ce0969e631747ba3378a63cbe8b78bd41de67487e413a16eaf00f6782358b5e2a69a45874189aa18553043572f8d721888a301d499fa91b3ff626714677867ff6d2428294aa3c3549bb93f588d5cc8115e6e6ceb6d8d785d8d13c679bd7dbf7f67b812636d710d2e0b3f9f0a98e349713fad6b787a49b6cf66b2cd2338f9c68fe00bb495d114735073470cd246d02de607366c726f0067e89e08d7e916af9b159231991afee07a2bcb2a6549f0fbfb0b21ff77fed0511e39eee2176884d4a9e57c60a935e7d9201839ae74651441108e5da1be59f7c1313b5f094e5d1ccc47feb638cd11e9f3409add7a73c4f0b5b65ad2ce43d46e9891c3faf1e900dc3c0384ca93f53535691ad11874df410ace14ae463c056c4979b35b85ba92e326ef0842fcf2472304d14e3ffedb0ae26f4b914fafb2c5a52dbf54ec2a8b6a3a40ea1c93cda6435986765a52518fc76f84ec8eb89972ae0806801e2900ed6c2b870defb810dc2cf467c175d6638c87ac738ba6653c22c22f6072095784057b5adc33ea2214eb4cbb882f639c78828bb46b8cb5735d66e9f8ba1ab1b39de120c56175046a8a26be28d138e9b6e0369956c133329c9679185d958006a05356076beae82e890a8ccffeff2e1bc69c1f9232ef06ad712432c7fc8387f60de5780f40bf6275b0111b9a06ec276c4ea64af1cfa1a1c214edfc7458527c203de15a1ba59ffdada6944892c5cc2ad842609bb3cbed06b6866e21b1b304d614ed9f1ede071bb41812a8afac5b19668ca0ebef74839fea8673adf559a008cd1a483ec5030368f57c12685d170a2c5e64dc3b6d8dbefde17e7e74f222d20e7c18b701276a482cf4fc5dc10359e07c822356b464b955e312e10c9e85631108083025d65a04ab04286e4d0082aa04b80a8b5f87c85daae84e4c72c615c0e6b519e362ffe096f22cd28b2398858f349c7e6f4d6cdc3aad22298762d9f7122bb5499676c9a7af56d480b39a54a8dd86cea2af11dff260a04f34596d3675054948b6fe82786942ca2bb6968d7cd9c79911f7d86a55f24b5511ed497de67d8d0a06530f0b567e33077e3cb7544586177238cca7ec6847a30ba09b09cfa50c466217ea64c6247704379f97ec33e61856988d24ee4e9c1383f3492b4275b36609a41c4aa1ebaa394d914fe6e93dab7b0742944868f8c2b28af4b91f4f4fe0ac3285a2bd215ecd256e6afa016548126927573b284e302be069741641a34299c76fa25a30dda8104647e044ec55defee6a867e257472f00e13d74f696771effc528d7c30cf6b5eaf2029d9405e11919096e465c106c34f2c6501adebb8b2595478d96b4baa86f3bd908c2ba11e1973f06ec79ed2b1ffa02515323e27ae6f0bc17d73df9d8fa34175a4d3dd339576e5982318d79ab527704031eae56e12af3f366d182b3c2aa764b75b8accb1557d3a4a4a55e42ef09f041efd4f43bb1d84dcd5de4acf33e6dfb426fb28ef3cf25135c740b469132b100e6b6aaf43d4c081065ae15da208332d4c7ab534356bfdc53914e6cf5cc899847369c09ee3212fad63a20d35abfb5864a52dd582af266c5e4977272feb07aff82fa81f05b70b088d469c31c2b2d5016ed4e0ae884292f534bf246228808e6d1c89885cae6cacb5f03d45886b035fd9f86f504e4a66973a8e07c16cf543528e9322277b1ff7e1283550b3bdb7cc374c76e5c5c0e7c0fda184c28ee270a18d8115cd4f42eecd59c1d801ca217f4811e51f65406fc584b50c8e672661b9048843782fc7405358b1fab1d831a69e7a75c0e51589bf54b81e104c278839a6e01221017528622dad5527831cab7d05ba7d866d397f146a975ef4b2df6aae4b24fa3504ceda30f01c34d3d5b8861be53fc90b42a6a2980d6aad3da84e92d4726d1f8ed87c6120065309f3dc2d11f587349dc94efc66aa3882bea673f5c52930c2767a1ee91f6e8f9c6fb356af0ded589e8144124faffb890f35ce36eecc05ca9501c9eb201d2fd32af6ca406b1fbea3fd2a9d27b02e6161acdb3090b7edb9a1bf89ef5613980f89dc5b9c2888dae9c71125786b65891e1ab01e45b95bf329317a512a4f34ec5d124beb21db1139890823af58122a31bd473d82a7a1c66c40afa4bc94d51d7917bf2eec36ec8ac9b3edf9c3e3a2274fe11993a6d39c527f261c5f713900018a8b5d4060c069a0906194f29a9924bf05b48ddecb7eab737b630bd87c7d26824eb1428245bdf0744cee8dd8b49d767a73ae0e33a1abc96debaef37ff4f07b92d88d7d7b8d5c7ceebbbaffbe97c6e39fd7fbecb7a8872e167777e9a6353ccd5df9b5fdf390438359d40ff874a9462e35d4384dcc8eb0e92dffb2466bc991527daa4f3f6dcfb6d491d019b7c2d83f0655e551553f18cbf36551ef1b7c86bf109170cd4482cc889442c52355ad07fe8483e91aaea048b9e5afbffac4cec12da813848ed515c89b8c559dc5ec167bcfff3fd3749fa5311fe0ff7362199690cbe1aa76e029f3e382e4e74ed743ff7ea504255bc37e46596a4ebdf7cef730785715d9926fe90acbec34400026e2439be81ed5d2625c5af1e582f88311032273a0666401e471e790a3806594fabb2dbd8bd266f20436079ec42526e605e3062c3ccd3dbad6f6c03e6383fb148a196930da1605423d458b9bd973f51852ab01ef993c1c0205a941ef2b93d9838d22672c92664c62544d4ce84312fe081f34e2a9ae14f876d45482a054797f49e4f21f771c37f515b7b9ecab780577665276c741b0ab7775fba46f22e4f9156ad913a935c5ab873bb9400339408e696bf5e5dc1716d793e278a71e63af68e39d18995612d36d480f0d8e0ad40f8a585b586aedd056e01c5fb69f966f818af0be275f3433b87c000bd88d0524844ad2a0f086ddded4b89c24e59fd9e281f31997bee02cb8e3cc9ee7ad1007507538377941a1436ddb1d0b22e4be378ccd06cc819b34b27a95caa8215912048f4269fcb6449f67b292a94b8ea133223e8b4eeedac3ffb6f9ce540d2ed46aad93cac5f32120d98aa240db9080af8da64c057a1456bd5535ab045831c09fe464c08a9f0f3c9f659ed45324b50da4e682fae8c76fdc85f7f980202898967508063e69c2651e3d54e71fe2af1082832337391856b12266010e8e2550836362b35ce6510b708d447f58d5f323953d29bcd046bc9a5269646a9f12355cbbdc304535df4ccd68a5d38452f7655117973e7b5dc1a8a16a62032b431ce6bcd57db4e5b85262f6dcefc993e5e34459fccd406b598dc8c70ff6069d9ecc5358a1a6d395e883c831b3146c7da14a50f7412dbcc2e8a2dccad5fd55581d036d0af08fc299ef476dcc7a3e9b21c57e5c3031885b4d05877439b8d40a341e1cb6c8051f0cf79c8c7d3946bdd204781e1fa7e66d07ef2699d81ad62a13746572c116adf2dd0a7f9bdefdfd2569dfd8e611785a264277750840f033f9e7bd232aa6ba26b933bc7557100fad75bf9c14264d6dd36f9d354679b264d6ef27a695b125e7f15dc81ebf10ad0d6f13dd77e0a7ca4152891cb492787a2a9efdafababeb4c4f95e98a66a52369aa9271ae47144d273dc38020b2e58a48cc074da7f2fb6f3f6a66cf411b16c5c71017bce8da6cf3c85e32c1121418ad4b7851a5f372c9bb9ecb85a61d53949a1c2222f5ebd2b4a5a3f73b1a4de20987fcbbcecbadc29084a7a9065ebbc7a6f82d25262e68433863f3896aa72f590970d26e8a919dcf558dfa6c3c1a05507189d246eaa95ae812e2c552fceabed6ea2e8f96d0f59dfecd5bdabe8f938d0f3fabc20f8417cb56e2409fcc4992a114874c92ab7f986a1c5a6eb0b999b3485706c7724db678995f7fb5c3f248c7fc65eb00a60eea71656695e28a5a8ca7da4ad9013fb59607c8b258d69cb67890db7e6ab48ab1642c691322f4fffc01f26d71852d1789672e534e8fff1ff14d4ad01d618deac987186997d73465bfd4489826e15f5cbdda44a28f02ee1e5fecf9e288543f2c88427dbde76892545bc195747f0a79b8bc05a6255c58ccdf2408bf62ed9a51247e9b87608ae4fa025fc37b5f83b146555561a25ff0c9f5e5bf3034ca19894f9997973949ab601f20c8f72f9cd7bb7c67af4e543573b2a9d7e7398c756eee4a40d24ce146f9b4763b76f9c080976ab25032ab4d734f391e532bdc4c6675a21c66a80ce97fd86a5f5b804c0c2c905be5090cda0aba3f9aa6aef241f5005dee7b012b11c0bca76c368dc90145cf88f26839ecbcbc75ed84a58a70c78486f0d4b12c05dfa97c2e2519fd3ab945ab5b0a39b277e6de0c31f9346d5a125469e279c62d4b735eeb867926b936ba80f74564819d883f36b48dce2492391f617dde90a3c4339d01fb383038d60fbdb518a198f14c9bac2ff5ae8f22d3b6d4de5a06e7749447b9a551d147a50c751d83260810f40bb6e039de74c81c27c5eff42e450e0a126c9309a54b5ff9505c8e815fe0ef506fb1447003b6af387d538a1943b58506e4c95541c6ff2f51756d9d46e019f8fa6c73d838c3fb9f587d768147b28a2f576e2f0e490003d3e0c7598a98040d7ddf418cc6753ca84c5dd8c6377b6536012e5393ae77da1fbd8502eb0c574571d7b0c1ebc47ca8cf8a31897ab3b02ca9b771ff1ad25abb33495f541a145483b6aca6c0a02daaf06e7eb4e636dd6a5a2297ace5320040ea56a0a9fe071d6aab60b9fc13e3b40cae6b4c3d28f20ea6e6d2460a807809a4ad4a60488f1ee0e9bc56efd0595a3b55b4440eccef4ea09933735623b2a0b8153318a38f2ee5a9425fdf33fefe0b661cf3d1d0579659bfeda08795fbcd82df59c1b5b93dcbfc1e882b1f946ab7fca13588a8296e594d566119b4200be8b22f02677c5903844ef8fe884e2f4dc2ea6f8a9e2fbc0e857e2cf0347a6b2d68f80b48b3a8e5a1b830e1d0cb73d074bcdfc15e39c9f9b9aff79e54a19d5d1766d8b610109cc77d26dfe5c44320a278dd91e7d3eb9cc9956c3c6771b633bc28830edd1b666d45c5b8833b4447975c07b4aa585599e4519c8b20567ada35d3134ecd999d836abdda45324309fab617a0a9cf4cca7074fd5f9c3ffc1db889ebcb1725a460b41aa1ca063a47ce3fe94a8fe74d347f8221effab946a367ea81080bd62903b783d95e0c07a8944be43dbd08aba97ec4572c5d00e9314a0334d9a5614a715a51936d08899e40daa733051923840cc993d78fda4b66eb6d8c56cbb3689e54fe9c7dc8e0ff7e07026f02b2a56c9784d214b0f69f2cba692d43057fb2c3857c9fb15bd5c4c88393014308457e66e45931d9bd7bb51d7798350015d98df2d14fd966a999c35a163e78fe4580edbcc8bb58c9c6cfd544c0a0f93979d827973222d3bed31afe3f030983478bbf2e28ac6b37910705c5b33c39cafdde76eeca26c2e368596dd518f615b86a78480514901532c645dfb896a07cadb8300be46b34583716ea3dfa003aa897419f903aadb6db925d304e5c2b34c9ea6477e75b399ac997efb2cb813404cdab372e9737c8bbf3d3f416029e3442d502fe7e7bda923aabea691af7d64b17f6abe573eec5b944fe7e08bcdfaa218b9cf7c189891f99ab8db176de47d8596a57d519e3469c1cc2d", 0x2000, &(0x7f0000007900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bind$netlink(r1, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfd, 0x2000000}, 0xc) socketpair$unix(0x1, 0x2, 0x0, 0x0) lseek(0xffffffffffffffff, 0x9, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) ioctl$AUTOFS_IOC_READY(r3, 0x9360, 0x9) socket$phonet_pipe(0x23, 0x5, 0x2) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) read$msr(r4, &(0x7f0000032680)=""/102400, 0x19000) r5 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1) ioctl$UI_SET_PHYS(r0, 0x4008556c, &(0x7f0000000080)='syz0\x00') 1m0.071163685s ago: executing program 2 (id=182): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) setpgid(0x0, 0x0) setpgid(0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) 59.06870745s ago: executing program 2 (id=190): syz_usbip_server_init(0x5) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x40102) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a0000000000000000020000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a"], 0x18c0}}, 0x0) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf}, 0x94) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="7c000000000b0300000000000000000003000006050001000000"], 0x7c}}, 0x4814) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req={0x2, 0x120, 0x9546, 0x5}, 0x10) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r4, r3, &(0x7f0000002080)=0x64, 0x21c) sendmsg$NFT_MSG_GETOBJ(r2, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={0x0, 0x138}, 0x1, 0x0, 0x0, 0x40040}, 0x40004) 57.312630455s ago: executing program 2 (id=195): mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x20000000, 0x4041}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000000), 0x4, 0x2080) ioctl$LOOP_SET_FD(r3, 0x4c00, r2) ioctl$LOOP_SET_FD(r3, 0x4c03, r3) r4 = dup2(r2, r0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x21, 0x5, 0x0, 0x100000, 0x400, 0xffffffffffffffff, 0xf2, '\x00', 0x0, r4, 0x0, 0x2000001, 0x0, 0x200000000000000}, 0x50) 57.142057749s ago: executing program 2 (id=202): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0x1, 0x1, 0x6}, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1000000000002) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0xfffffffffffffffe}}, 0x18) socket(0x9, 0x7, 0x2) sched_setaffinity(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'pim6reg1\x00', @link_local}) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10) ioctl$sock_netdev_private(r3, 0x8914, &(0x7f0000000000)) r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCADDRT(r4, 0x890b, &(0x7f0000000380)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @bcast, @bpq0, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0) connect$rose(r5, &(0x7f0000000180)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x40) read$msr(0xffffffffffffffff, 0x0, 0x0) 56.839309692s ago: executing program 2 (id=203): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="b4050000000000007112180000000000bc201000210000009500000000000000159bb11d55cd54f795ebc6c48b7ee57df364594defe47aa18c81fbb86c6042dbf743a90b61bae3a57ba478e003fe723b194058bc41fc8c6082cee0dce6c4e98c8804a03eb15abe991b86e1c207e4b9c2e545253ec3e0a8800fd697685e0d14ef22ee60615176aa2972a57268ec0127b3869d981e769df4fd0f63d8bde942339d7e8fa10c87b5562d7cd8a361f5801b6e29c575dac7f00846c103fa144116db9a8a8850b0715c590a250c52c2b4"], 0x0, 0xa}, 0x94) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x30420}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88, {0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f0000000340)={0x1, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) 56.718702487s ago: executing program 32 (id=203): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="b4050000000000007112180000000000bc201000210000009500000000000000159bb11d55cd54f795ebc6c48b7ee57df364594defe47aa18c81fbb86c6042dbf743a90b61bae3a57ba478e003fe723b194058bc41fc8c6082cee0dce6c4e98c8804a03eb15abe991b86e1c207e4b9c2e545253ec3e0a8800fd697685e0d14ef22ee60615176aa2972a57268ec0127b3869d981e769df4fd0f63d8bde942339d7e8fa10c87b5562d7cd8a361f5801b6e29c575dac7f00846c103fa144116db9a8a8850b0715c590a250c52c2b4"], 0x0, 0xa}, 0x94) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x30420}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88, {0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f0000000340)={0x1, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) 5.250541965s ago: executing program 3 (id=761): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) (async, rerun: 64) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) (rerun: 64) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000) write$char_usb(r2, &(0x7f0000000000)="3fb956", 0x3) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000001c0)="430fc73f0f2390b9800000c0b934080000b801000000ba000000000f3035010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x56}], 0x1, 0x74, 0x0, 0x0) (async) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28) ioctl$KVM_RUN(r3, 0xae80, 0x0) (async) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (async) setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="300008001c"], 0x30}}, 0x4000040) (async) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async) ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400}) (async) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000140)={'veth0_macvtap\x00', 0x200}) 2.949815346s ago: executing program 1 (id=795): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x4, 0x0, @mcast2}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}}, 0x5c) setresgid(0xee00, 0xee01, 0x0) r1 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) timerfd_settime(r1, 0x2, &(0x7f0000000100)={{0x77359400}, {r2, r3+10000000}}, 0x0) clock_adjtime(0x0, &(0x7f0000000480)={0x7ffffffff7ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}) ioctl$TFD_IOC_SET_TICKS(r1, 0x40085400, &(0x7f0000000140)=0x7) r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) keyctl$chown(0x4, r4, 0x0, 0x0) setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0xfffffffa, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}}, 0x5c) r5 = socket$alg(0x26, 0x5, 0x0) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f00000001c0)={{0xa, 0x4e23, 0x417, @rand_addr=' \x01\x00', 0x5}, {0xa, 0x4e20, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}, 0x0, {[0x0, 0x80000001, 0x3526339c, 0x3, 0x200, 0x1, 0x3, 0xb0000000]}}, 0x5c) bind$alg(r5, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r6 = accept$alg(r5, 0x0, 0x0) write$binfmt_script(r6, &(0x7f0000000600), 0xfec8) recvmmsg(r6, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000001380)=""/5, 0x5}, {&(0x7f0000000780)=""/242, 0xf2}], 0x2}, 0x9}], 0x1, 0x2000, 0x0) r7 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_FLUSH(r7, 0x29, 0xd4, &(0x7f0000000180)=0x5, 0x4) 2.881640395s ago: executing program 1 (id=797): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000280)=0x1, r1, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r1, 0x7}}, 0x48) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000280)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e20, 0x7, @remote, 0x3}, r3, 0x5}}, 0x48) 2.881361774s ago: executing program 1 (id=798): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x3f}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x8}}, @qdisc_kind_options=@q_ingress={0xc}]}, 0x38}}, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil) r4 = shmat(r3, &(0x7f0000ff9000/0x1000)=nil, 0x5000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil) shmdt(r4) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0) ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246) memfd_create(&(0x7f0000000140)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU$\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe39\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4\x06\x00\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7?\xfe?[\xdb9\xef\x9fb$aZ\xf1?r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16T~\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x99aW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x026 ~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9f^\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-g\xa3\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x86A4\xdcOr*\xfc\xa3\v\xe0\x8bs\x1c\x94\xab\xb3\x91\xa8\xa1uF\xd7|\x94\xf1\xf3\xb8\xa7L\x02\x1fMk%\xd4\x1fG\xc6w\xc2\x8d\x8d\xcd\x9c\x84{_(\x02\xc3G\xe8v\xdf\x7f\x81\xfe\xd6*;\x99C\x81L\x91P_A\x9f\xf9\xa9$\x02\"\xb2oiS\x89Q\xd6\xf0F;_c\x13\x10\x16\xf7\xdaxav\xaeH(\\\x1c\xffbv\xd9\xaf\xc3\x7fp\xef\x92\x9f\xae\x01', 0x6) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000680)=ANY=[@ANYRESHEX=r3], 0xc0}}, 0x24008091) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') syz_emit_vhci(&(0x7f00000004c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x3, 0x0, 0x57}, @l2cap_cid_signaling={{0x53}, [@l2cap_disconn_req={{0x6, 0x3, 0x4}, {0xb54e, 0x7}}, @l2cap_disconn_req={{0x6, 0x81, 0x4}, {0x1, 0x21}}, @l2cap_conn_rsp={{0x3, 0x4, 0x8}, {0x4, 0xc67e, 0xbe7, 0xffff}}, @l2cap_cmd_rej_unk={{0x1, 0xf, 0x2}, {0x14}}, @l2cap_conn_req={{0x2, 0x9, 0x4}, {0x2, 0x7}}, @l2cap_create_chan_req={{0xc, 0x3, 0x5}, {0x8, 0x5, 0x7}}, @l2cap_create_chan_rsp={{0xd, 0x4, 0x8}, {0xa, 0x3, 0x3, 0x40}}, @l2cap_move_chan_cfm={{0x10, 0x5, 0x4}, {0xfffb, 0x11bb}}, @l2cap_cmd_rej_unk={{0x1, 0x3, 0x2}, {0xfe01}}, @l2cap_cmd_rej_unk={{0x1, 0x1, 0x2}, {0x4b9}}]}}, 0x5c) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x9}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xa, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7030000070000008500000021000000b70000000000000095"], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$TIPC_NL_MEDIA_GET(r8, 0x0, 0x8000) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @random="0000fc00", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x16, 0x7c, 0x0, @dev={0xac, 0x14, 0x14, 0x30}}}}}}, 0x0) setreuid(0x0, 0xee01) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010027bd7000ffdbdf00000c000600010005000000000000000600"/38], 0x2c}, 0x1, 0x0, 0x0, 0x24008040}, 0xc800) fchdir(r7) syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @empty, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "fca33f", 0x0, 0x21, 0x0, @dev, @local}}}}, 0x0) ioctl$PPPIOCSMRU1(r5, 0x40047454, &(0x7f0000000300)=0x5) ioctl$PPPIOCSFLAGS1(r7, 0x40047459, &(0x7f0000000040)=0x400000) pipe2$watch_queue(&(0x7f0000000480), 0x80) 2.802062216s ago: executing program 1 (id=799): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e24, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c) getsockopt$inet6_int(r1, 0x29, 0x18, 0x0, &(0x7f0000000080)) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8481f0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) 2.742053259s ago: executing program 1 (id=800): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x7, 0x2, 0x1}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040001}, 0x0) r3 = socket(0x400000000010, 0x3, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r5, {0x5, 0xfff3}, {}, {0x10, 0x2}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x9200}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0xc010) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r8, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080) r9 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000003040)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r10, {0x0, 0x1}, {}, {0x8, 0x4}}}, 0x24}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6) 2.741480722s ago: executing program 1 (id=801): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff0905"], 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000009c0)={0x44, &(0x7f0000000700)={0x40, 0x0, 0xf, "012720dcfe14c639a500ba17162716"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b15, 0x0) 2.221959248s ago: executing program 3 (id=802): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0) chdir(&(0x7f00000000c0)='./bus\x00') chdir(&(0x7f00000000c0)='./bus\x00') r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x80, 0x141) getdents64(r0, &(0x7f0000000180)=""/161, 0xa1) 2.221771363s ago: executing program 3 (id=803): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80000, 0x190) ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000bc0)={0x8, 0x2, 0x102bf, 0x2, 0x3}) ioctl$KVM_CREATE_VM(r3, 0xae01, 0xf) ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f0000000140)) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x400000b0, 0x0, 0x160f}, {0x400000b1, 0x0, 0x8000000000000001}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.652363225s ago: executing program 4 (id=805): r0 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_ethernet(0x1f, &(0x7f0000001100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @random="e955f5ea6ade", @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, '/', "a74338", 0x88e7, "840f767ab0bdfcb9cc"}}}}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_ACTOR_SYS_PRIO={0x6, 0x18, 0xfff}, @IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x44}}, 0x0) 1.652122151s ago: executing program 4 (id=806): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000280)=0x1, r1, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r1, 0x7}}, 0x48) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) r3 = socket(0x1, 0x1, 0x0) ioctl$sock_ifreq(r3, 0x89f2, &(0x7f0000000040)={'bond0\x00', @ifru_names='veth0\x00'}) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, 0xffffffffffffffff}) r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r7 = syz_open_dev$dri(&(0x7f0000000080), 0x40100001, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000440)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r6, 0xc02064b6, &(0x7f00000002c0)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000240)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0], &(0x7f0000000140)=[0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x1, 0x2, 0x7}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000440)={&(0x7f0000000380)=[0x0, 0x0], &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x5, 0x2}) r11 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r11, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r11, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000040)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r11, 0xc02064b6, &(0x7f00000001c0)={r12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r11, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r13}) ioctl$DRM_IOCTL_MODE_ATOMIC(r11, 0xc03864bc, &(0x7f0000000580)={0x401, 0x1, &(0x7f0000000180)=[r13], &(0x7f00000000c0)=[0x3], &(0x7f0000000640)=[r15, r14, r14], &(0x7f0000000340), 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000980)={&(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000800)=[{}, {}, {}], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000940)=[0x0, 0x0, 0x0], 0x3, 0x4, 0xa}) r17 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000ac0)={0x4, 0x8, 0xfa00, {r1, 0x9}}, 0x10) ioctl$DRM_IOCTL_MODE_GET_LEASE(r17, 0xc01064c8, &(0x7f0000000100)={0x8, 0x0, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r17, 0xc04064aa, &(0x7f0000000780)={&(0x7f00000006c0)=[0x0], 0x0, r18, 0x0, '\x00', 0x1}) ioctl$DRM_IOCTL_MODE_ATOMIC(r5, 0xc03864bc, &(0x7f0000000a80)={0x301, 0x4, &(0x7f0000000300)=[0x0, 0x0, r8, r9], &(0x7f0000000340)=[0x6], &(0x7f0000000a00)=[r10, r14, r16, r18], &(0x7f0000000a40)=[0x8001, 0x8, 0x9e78, 0x1000, 0x2, 0x2, 0x7, 0x7], 0x0, 0x2}) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000280)=0x1, r4, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e20, 0x7, @remote, 0x3}, r4, 0x5}}, 0x48) 1.562050995s ago: executing program 4 (id=807): r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001180)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) poll(&(0x7f0000001280)=[{r0, 0x8100}], 0x1, 0x4d8b7b7e) write$snapshot(r0, &(0x7f0000000040)="706da6b4ee630ae3346ed6c982f98612d486c8e6d34f4b1c026795a26c51aa478830001765c10814c58864cc0e7b700711c9abdd0beeb0c8089593577334712321773dd91106454173fc684b97ac7a30e582302bc9af78b962e85810cf30c7d7d6b769cdfb10edae9c156494067f931f9ec057b2adb920d11b319db8187af651ced72e10a52866de905429c652e491c67870ff335b76e330b23f2b484d34112a2b93df911a1efa6f", 0xa8) r1 = fsopen(&(0x7f0000000000)='xfs\x00', 0x1) openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x1f, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xd6d}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @alu={0x4, 0x0, 0x0, 0x0, 0x7, 0x100}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x3}, @map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x39a}, @exit, @tail_call], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x7fffffff, 0x1c, &(0x7f00000002c0)=""/28, 0x40f00, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x6, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[{0x2, 0x1, 0x2, 0xa}], 0x10, 0xd}, 0x94) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000740)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x5, 0x0, 0x411}}}, 0x7) r2 = accept4$packet(0xffffffffffffffff, &(0x7f0000000780)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000007c0)=0x14, 0x800) setsockopt$packet_fanout_data(r2, 0x107, 0x16, 0x0, 0x0) r3 = socket$igmp6(0xa, 0x3, 0x2) read$FUSE(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0) removexattr(0x0, 0x0) r4 = syz_open_dev$sndpcmc(0x0, 0x8, 0x1c001) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r4, 0xc0884113, &(0x7f0000002bc0)={0x1, 0x2, 0x1200000, 0xaf95300000000000, 0x200, 0xc, 0x6, 0xe5e, 0x3, 0xe8f, 0x1ae2, 0x1}) io_cancel(0x0, &(0x7f0000002f40)={0x0, 0x0, 0x0, 0x5, 0x1, r1, &(0x7f0000002e40), 0x0, 0x3, 0x0, 0x1}, &(0x7f0000002f80)) mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2) connect$inet6(r3, 0x0, 0x0) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r5, 0x4040534e, &(0x7f0000000100)={0x13, @time={0x65757100, 0x4}, 0x0, {0x2}, 0xff, 0x1}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b4050000000000006110b0000000000063514800000000009500090000000000827573595f16aaba19dee4850fad9dc34ae0ec78734eb5ff8c80d4457498c5a7b0c59abd315c61996d140187d64787b68c0a1b3e361a405ed57dc367c33abfd46e35"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52) 1.561148745s ago: executing program 4 (id=809): syz_open_dev$usbfs(&(0x7f0000000100), 0x7a, 0x20002) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000013000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000240)="0f0d51f40f01d10fc75800f30fc73600102e0f71e100b800008ec0640f017400aa66b9e408000066b81f6269e766ba000000000f309c0c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0x51}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 14) 1.271338404s ago: executing program 4 (id=811): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = socket(0x848000000015, 0x805, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c) sendto$inet6(r1, 0x0, 0x4f, 0x0, &(0x7f00000003c0)={0xa, 0x4e31, 0x7, @remote, 0x3ff}, 0x1c) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000300)="66b9800000c00f326635010000000f30b8fb058ec066b8000000000f23d80f21f86635000000500f23f8660fc77706660f38800a260f23a5360fc7350f01c50f9dcff2aa", 0x44}], 0x1, 0x51, 0x0, 0x0) syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_SET_MEMORY_ATTRIBUTES(0xffffffffffffffff, 0x4020aed2, &(0x7f0000000000)={0x0, 0x101000, 0x8}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.210413962s ago: executing program 3 (id=812): prctl$PR_CAPBSET_DROP(0x18, 0x4) prctl$PR_CAPBSET_DROP(0x18, 0x15) prctl$PR_CAPBSET_DROP(0x18, 0x15) prctl$PR_CAPBSET_DROP(0x18, 0x14) prctl$PR_CAPBSET_DROP(0x18, 0xc) prctl$PR_CAPBSET_DROP(0x18, 0x23) prctl$PR_CAPBSET_DROP(0x18, 0x0) prctl$PR_CAPBSET_DROP(0x18, 0x3) prctl$PR_CAPBSET_DROP(0x18, 0xd) prctl$PR_CAPBSET_DROP(0x18, 0x13) prctl$PR_CAPBSET_DROP(0x18, 0x12) prctl$PR_CAPBSET_DROP(0x18, 0x10) prctl$PR_CAPBSET_DROP(0x18, 0x6) prctl$PR_CAPBSET_DROP(0x18, 0x10) prctl$PR_CAPBSET_DROP(0x18, 0x12) prctl$PR_CAPBSET_DROP(0x18, 0x26) prctl$PR_CAPBSET_DROP(0x18, 0xd) prctl$PR_CAPBSET_DROP(0x18, 0x24) prctl$PR_CAPBSET_DROP(0x18, 0x26) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') prctl$PR_CAPBSET_DROP(0x18, 0x3) prctl$PR_CAPBSET_DROP(0x18, 0x27) prctl$PR_CAPBSET_DROP(0x18, 0x18) prctl$PR_CAPBSET_DROP(0x18, 0x23) prctl$PR_CAPBSET_DROP(0x18, 0x8) prctl$PR_CAPBSET_DROP(0x18, 0x8) prctl$PR_CAPBSET_DROP(0x18, 0x20) prctl$PR_CAPBSET_DROP(0x18, 0xf) prctl$PR_CAPBSET_DROP(0x18, 0x9) prctl$PR_CAPBSET_DROP(0x18, 0x0) 1.150496857s ago: executing program 3 (id=813): syz_usb_connect(0x1, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, 0x0) 739.488721ms ago: executing program 4 (id=815): r0 = socket$inet6_udp(0xa, 0x2, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r1 = io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0x77}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000200)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x28}}], 0x2, 0x44080) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4) r2 = io_uring_setup(0x178e, &(0x7f0000000140)={0x0, 0x52c1, 0x8, 0xfffffffe, 0xa}) r3 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFCONF(r3, 0x8912, 0x0) syz_usb_connect(0x2, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e4020109021b000100000000090400fb0160291d00090509"], 0x0) r4 = syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x41) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r4, &(0x7f0000000700)={0x4, 0x8}, 0x10) close_range(r2, 0xffffffffffffffff, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000300)='io_uring_task_add\x00', r5, 0x0, 0xfffffffffffffffd}, 0x18) r7 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000040)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r11, 0x0, &(0x7f0000000240)="352f1938d141676d9b6c59065f664735c08b9d697a645f85b19ba9030648cd046d1f26aad0196458046b81", 0xfffffffffffffe08, 0xebec93e830f96115}) io_uring_enter(r7, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0) syncfs(r6) shutdown(r10, 0x1) r12 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x381020, 0x0) fchmodat(r12, &(0x7f00000002c0)='./file0\x00', 0x102) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000540)=0x140, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x20000080, &(0x7f0000006080)={0xa, 0x4e23, 0x4, @loopback, 0x4}, 0x1c) 736.983635ms ago: executing program 0 (id=816): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000100)=0x344) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 14) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) 332.032786ms ago: executing program 0 (id=817): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x76, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0}, 0x28) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 12) 140.248479ms ago: executing program 0 (id=818): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x50) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180) fsetxattr$security_evm(r0, &(0x7f00000000c0), &(0x7f0000000240)=ANY=[@ANYBLOB="03"], 0x9, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) open(&(0x7f0000000000)='./file0/file1\x00', 0x101002, 0x17d) 61.865363ms ago: executing program 0 (id=819): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14"], 0x28}}, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='#'], 0x24}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, 0x0) 1.846633ms ago: executing program 0 (id=820): keyctl$KEYCTL_CAPABILITIES(0x1f, 0x0, 0x0) request_key(&(0x7f0000000340)='id_legacy\x00', &(0x7f0000000380)={'syz', 0x0}, &(0x7f00000003c0)='/dev/vsock\x00', 0xfffffffffffffffe) socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000380), 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) mount$cgroup2(0x0, 0x0, &(0x7f0000000080), 0x10, &(0x7f0000000200)=ANY=[@ANYBLOB='pids_localevent']) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000280)=0xc) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB='t\x00\x00\x00\n'], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0) 1.424179ms ago: executing program 0 (id=821): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000000)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x54, r1, 0x1, 0xfffffffd, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x38, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0x300000000000000}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_ID={0x20, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}]}]}, 0x54}}, 0x0) 0s ago: executing program 3 (id=822): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50) syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000006340)="7c7a6a069306f2c5ddf91f36944f207a1bd11284b4445fa3507bbc5def2e6fec4bb7c6001eafe381e277221f30085acd5d0c251f7c60c23874c04db6aa516f773dd2e57e746d1a085193c8b7664fceb1fe764d87f4395c66e5d4eee443a555692ebe80f3a11b8be74963f1a18c1d0cd71dec65e609e065e14615d2e8b283e55b4aa8b485f81ce52443d61fac9f08cf34f2997c05a63f98f988cfcea9a5650b37dff5817e5033b3912c226bd9bf68b528dec710584242fbdcf7dd0d55e394d3742039e6960bb589fb9ba18ac8e9e82cdbd08e9b584d0a8224cae3e9dd91e25699549007dc0d99165a73cda1c99fc48f6bfdb900c60e4481222505c58cc1108fbaf317d361d1f2d78f6db6e14b283ca9f1927f4f8a0f6f52818be03c7b257aec57f06a0a4279131a2bb0a13b23ab188ea50a686abb2f7e4d0f7a166f358e4cb886b7fbdf51cd9a153410dcc4cc5db7e8e94cc9ba2371a328480ad20f51d7fa012f367a0a8f9c882c47b5f714f0e1b35f72b2261989513c1428d648aa8ab8c12c87dfea38d5be0d49097fce804c9cd2ac8f61b68579853129351e3bcdbdae3371d2b12a150d94b3097161c226c50a1d2c1f8b4c10a986e21dbbb854ad1d26d0ce5d950835d14664ee8f58c537f5256b761b4707fe8d46cc1658798d285310a1cff127b1280cab3f1f633569391d5a7cc08aa1d108b93c38df397d90bbb81753930934df7dcaf8f960dff660fe239aa15cf48872668cacf4d664dc0809fe9d780ab202c3a968abb56655267c907eb3343809b2407105a5c14d53a3b17a9a1552314d27e13daf48a2bb7b2c9fc15aba9ae1d6325c11fbe8432c067efa72878ca56c6463b6cf4d29646905422908a4a1f7741d0049febed4fc2b7cc27154031e50a0ab297826383935bef6a0f968db92128e8a940509b5368146bdcacc852b9d0b4ae9624635f9e69f3a7bc8e6f3340c7de46f49feb20a46f11aef464fa6696a60865bdd0c40b1c411c9661fa9f6393a33a7eb4afaef3eb1ab4634a42baeea780ac6c0c4fc8cf7a92cf0592f993ac85bdfd6c18ba4b7cf4c4438a8330413de8365b4a080234f59edefca0c5ce9697b20cc7b71d04438c00cf3d557bd03b5e1b86e167d2d6e09714135ef720667d0f2e7ca54da419d1bf6722eda31381059216009cd8c99ba1d7f9ebc1bc021457a195fa5be2f0727a84cf4cac5e080f22c836a4955d5ed06bee2eec0d39abc5f459ac43596fee3b341dfbd7ce6f4e57ea42e1e8d4f65880b8b77d2ee27dc1efe95ff1bacf5aa14933456b68645380d0f2ef6284b9946857456d64f4cb656998e99e3e286f596b31c69a69d0ee8444ed838ca2f0ead1be9538e4e927239d0e65a3f871dcad33881f69592eed93a9fafc934aefa67bb87d582d0ae4cfbb5c50325774bbc259a277749751228d3610f95fd56e9fbccb288eca1b14c8255b6996a59c91efbb08440ed91cdd53b0aab82600906904cee2a117a06157e24fa822e1cf4f9db4c2e8a5e842cfc503e578e69002fbae194b6bc7c8b69aac7359292109b712eb49d21946f5ea2745ab77ef59950dcfd926df2aef20e85f2a14554aabb417f15c725c73edd4853926ad6c525afa2c65de213cee799c18d1ced9424d10d7076fc5862579702a5f91031381f41cb8d9899ab514cfa1c8c51437df9710271d8cf69e8900921cba296703f1a7b5234500c1625884fea594d836a930b06142a6e577cd9c2a32cae65e712624abeeffc423a5d5ed7bd75fcb1a82ecec8acd0da9918a5c7c189f14f8cdf37062f93b87f9188501556060ffc6eac435cb1624f2af688316366e03cfb869eacf83d9d45fce910c3347f810b614c2e4291e70471ca2b574241c3f3d9740c6a45c7296a2f275acbde72e513ef4e5a1123a57c2eb1bd023af716c16a7747204338f60b6e3ac514af50b21952c21592aefb6149828a5183ba581d5ee8647f374645ff941bab67bef760ce353b456c4b51c5d3a0c5372b1773b944ad67a92937dd838e1b6f550a1dca975d6230e430bcc278afed54e0621008b2f850107b0244359e3747be5282630452d432e5df0fd160795effed150f9396a7da5a1e4dce0c8f62280ff2fbfaa813859a671208b4b9f05fe450729b0efad83a790acd688a90e5fee5550de4ddeac70ecd125ad076c4e2b68652e6ea520e2b6b339b4b9dc219d853e06b9aa79d022e53607213fc254e15ec3e6b776d2b562997e0fe52b98c58e1c0316b22a4219460053da87e7baff7dc1892c2de2f324dd1169b977f3a6698d0234c78de3e46ba5824f3e373f264e8d28fbb4cc108a41fdecd4b629d92b0a65f84366bf504eb5a894ba40c89f9df854dc469fa174ac85cb8d2adfdc099ca9848a1032b2e2f375bd1544dfb69e33492e1a4b921ad7ff17c4c7e357ff69f42d2301c302ee2ed313f0e9a20ebfe028a8737d6e38bf179940179cb779b70c2276264cb4f23249db7d5f179baa842b70f5b287cf74ce1ff6b70a56be8f2fe15aeadca229804923d28a793838bc605eaf5dcd362f757577ebdac54b09fd73326720d3522d002a41a3b5f2450f48286a5ea45836b5ee77fc415f47e0716049ec2610d607737fd5a73b066b4876f9d744f6b3486b088dd3bfc3d393a27c6c799ce078e2ee348257b5ec1ba9de76da2a67ca912dc2dd5afc70834ceecbb8bd41f6e790294cacd5891bef1b4e2124dcd6dffdedee8f16b3bddc030429dcb0f98e6fe0649cb14eed3293fa4933b2ab8c0ec0ff4dbbced1e32dceb317252e715b872b00478cbd7b0275b7394a0ccfe9887410b32f1ce9266b3b83470ec982cf908507d3ad0cc366bff3759388b624701b3e0dc0e7928386b155b50b42a8e352622516beeeddfb79866a2eb1d360802cd19d62fd171267a0fece5f54e315a8cd49c41072f2a7a0baab5aadae2c1ff28e285b642f8d3869321bd18b4aed107feaa12d055b179a8ab7b50e2796d287a196e280d527b526c45c8aa98696d88a02d923d06fedf51336c0695c218e70448073921971093ea44b5352e10ce6cec26d082b93f69958165bd986f56650a62224c2d9fd044bd8fefd33544c6bd141b4cc211a087fa57c09e195c8edffe559048db738d1395f5e2625dd7cd035b8c76aad6c238fb52a7c5ff0965fc7122a5899746ca88abd699d6078623722fff92726e18613519f2b1927504fd5cb7a38ffa373c3883022f0387953530834affb5f05e0f44c24caa75561b2b63994493ab857fdc30900586fed09298d846e5936869b43d81c4b91902028e57a8f2da16355ccb7a77d29ecc8e66015e979b2f3edc5b8d77c45348dea55c9ed6b7465acf899f4bc1a7edcae0b0daf69ff85c504eea1294620b6d3dbb004575044a5ae7c110010c2cf39827fbdab3b42ac35d147fc53bb5e7de6c47091dc80c14b8da494b2e913d1a52085e29af19edc4a417346c5a896a3851cb6132511e0627d190b77623c8a3bb6085eff22ede7127f7988a1d388fb70ea20d5c1b2424c5aa83532bc5162a5d177968b4a46583f2d4b92d04a5f19145221aeaf724d92ea1d4dfb53021b47585bbe5ce35f8d09a83e13fdb1de8e52dc646d41e810879ce9c830959c3ee93f11a16d030d141863244395e3f847505fe6d9594a34009fec9a743c033b9793335684cc5c3d0eb0ad094f40a60264b02cd88c583c850d99c5b9c6c5dcef467ca3ea38f2aa42f5657cd940aeb12960efa18d571e4f958b9cd90918e069a486d84f214617ce29c0f2c26bf84f12f5036f26a8de0c8359f572654bf5ee06d38f741c464976d95ae3fdda45c2ed2d08ef71d3590e82d235e0fa357c568158791a195d4a2d9615e1edc85be64cfd169f925ffc4f636f86783cf43624a77bdb9b172228097f02f391df00668dafbd9932298b23cfadfd1b8d14a25cb408a440f930f0813de73c1eb2eb4b3c802d718a672453d0038965c6dc98db96fb4e06f1fda72782d0839d4e8b477ebdb2c73510db44f643ec7dc4fcb837806853caa35cf622aff9d44381d3f7adae00650cbb6f0334ceca14ec982dfb5817d7fd49251c203b6463a09c14885f754603291ccf0a7ceaa57284ee751774fa5ad72f9f7a32fa542947af40601e98057895f2869d4ec2db0d73930962535fc9e12ba7e6777cb458592bee505b367012ebd27b256fa0fac1452cf3b28eab573549b7c7a13752ca0189768f738d5f8030fe999f7bdc466d67bb32937ae469f1a1e21fac2ae2ab92a0a260bf0e9ce20625e82f88d0ed4d13876aed768765d77433bb9137d92d622df502aef574de82fe28063128fe5a1787ced99734c2f3f221e80d3baefd367d01d950ee1bc981b4b5ff86b2a96ab78fa3c1201303cab473103d89bb185afc77dd2cb7ac1564045036fe9fcf85af5d73a7553bc45bf5e221564540982db2f81e612e7c1715d3498b8d7851c0160146d6eaae9e30c81dedfca8e7122fcb69b26b396629b723f1e1822b8d5d8f2ac583728a5ab40010f88aa42f37f2031a3e99d8d6661e63f86f65af521066ea6af89c89e1748521b8368cd03409e895a941025ee777653f55e66cd1a0cca21308666260c3b9a306ddadb322eb1d09f7b27fd570cd35b6ec88bb391e3ae4745e17fb4dd7aef1d75b4ebb91e6e7789b241566d7c0cc97a3a126ed50b0cb621e015414f62641afd85bad78470463f86d8287aa56d331911c23c4cae8e5dfea33f3789c03d61f51c590417b5ff9f1aa35ab6a15364296c5f9399216ce565210a4075ac5e43e916850774a127f9174d95b43d839e056b4a7d679bb8804951ca171c0b59f4d6f32c4fe8f908b9a1614591f5d1e1cf3348e02317ec4655c693417a4c4e7007a8db02faa1634f8eea9c9bbe5b149ce2279953a54884392dc7251dd38670fd59d9d1da5203340909d50f779e864339014bcb545d825cdcccedc558a1d01a2784b8f499ce9fa2ddb0dd1dc0b93d1b282a96cb4ecf152474dbc4b2853b30c8e5fcea85bdab949f5eb1e98d81c102c349f680230082db5aba9e20209c35b16598507d28211b49763b598a7e60519d5b28b67c027cb2657cf2ac7c7455291fcfe63f0b43afcd3afaea934da97c209d02e5b47a686c1c284aeee5d662fd9d9be7c576259d9f1a36fc0f7fe329a1da1dbe078381233940745fc28a56db98b1a8442325168158e3f0b3cbf8a368d19dd20cdfc1c4f3893a30a49223050159b0bb8b7c59ca705ae25453988d87ca6cdd2bd2fe37847ba67cbcf7a494925a8598b7b50a741c9ced10ea08e35c422b79265561a07f40ebb89bc46069a1c1ad95949fe757a76ff6b5386a043abc967c367a9d86b54d374e573540dfc1f6d396f398abe9735f523b778fd124ac1e1eb832a66dd4b1838a50e6a4eb1b95b8a60a94f067b24d1194976c539d5ec287a261bf25904575be3ff49e7411a8dc09739649828124c14fc2b89dad1f3f5725db2e45f5a447cd3e4bdf9e1e95c5ad7c76fcf0c1021cb6c32e6985e1d113030d534eecb0dff2554183ee18da2da5d21a8b994a81f05e0e6ae89b20bffb4be333d1956270da23e9905830921b1f3d615a56a20b11d45ccd1d22b910e33f475a92c31fa5b4675ddee18336d0ee7b75c07df2a9d4ad53d83142219a00aef15e1e9dace0f039d63a530fdf671a54aba3882dad0d439632af5576726c3aa095cc1a0a03063e8a6581b78bef501acc24b05a0150d8f683c90e8e5e283a49f898906dab926e544ead48cb9bf9a6e1bf140b5273443b8cb8166b2d8a5464a3e9d9f4246ac81ea91b33a0b399dde9f5efaf792bb04cfa028f40b7c92db2d9c33e16ef58b9263350879ea94e581a1187b2d1931b1cd7606a76bd8943b7c3098a33bdf476960af7bdf2854b1336e72feb603b8bb2242df0839d157843d369a50a615068ff5d99ecebe8dc19158a6c654e853cedf860a727bf8140c062f5d307fdcd150ad0af03d2c3a913b91047858ed6382d2d2d30f5c0bd419c2cd4047f225107ea8bf4a3a69384f16b5b5bb2655bdb750db4e975794592987df95f6a90374b0a08769b2c957faa16a21270196afba76b4527f01f0c5db7fa16e2da81fc49336e20bc3ee1ccbcb62255c84513d9ceb706f03c25000517070c03b7bce838e6b6cbc7f767959fbd62e11ab7ea6d760cff674a4296e6185eb348028b472290922160f3ea36c22c8375a016f505017c0a0e041dd8e52b4f19ccfc701109a19391a059d77db239d40a06d84a6f0ccd08aaad764e53ad1da19ee825a4d25ca7cd538289bffe135486ec1614e28b3682c7081a1b0a2c7272f4e36f6d0d9e68d84209126dc59312d48eed1c63c90efeadd472259392c28746abf394c5c6c97d3fb00b70a74c313a817ee1719c33f16d58f297fc7eacbca5803df115745079c5434e851ad6c1f0e8ba0bdbb66cbb6789b89a23526b476ad0f2cea0907e72702f93d37bdfe7b39fb9b33fb1111e58f5c45db8cc38afe4e03a318aa0690afb870a67aeda7da9640fdad1e1f551dd4757c69b4f523b616e502514a2e35495916f2e5ddab1ad9534644d99ec56e818caba173773aa5e45104deb869b23063eaea5542d3bc503a6948b83779aa46879443cad02477451b46429f1f67560c31d4377f96031ab94866a73be753c4ab91cc6576c3991c3423103ebae604e887c56cbacb9e95b8b46300b62e698a6456a0d175cf682eacabbe301e0b0ea34f963daed0dc6c1b75fa5e3870959913e69e61911d9ff646e9c6bab33fe566871027e861577c4d7fdfdf94ce7ac1a3f6d29daf28d660431a89c0b56c4b95090e2ca5df62c1e5c5dbf98f067751819d4c5914aa33883b7b521aab30d14e1cfae74fcf3ad4b2cf9448009d3223ad984e0c50f92d465573a6fc2894f8a5d4e855316738ecfd6a6c157d39b5c44d80a7cba944cf9f7a701899859821cf2bc248459f7a350fefba53c1481a7197f024f2eb74251455c06f4b82dfcf3ccf3e3b98b898fa1b16c310125e5e9fd4019acccbe91b4d842ddd52ee56f6d3112dec80159d6d3ef93bca70e7afcccb223361c39addbe3c429934cd0ae35f36a8f6309f08e36b27341db1f21fd8a148b239361b31a85f53bd1ad49fadace6c64d5f4363427fb2f268e8aec6d81cdb7f1252baa4652dc55881661114bf98cdf17190379591f0e22dc97e790f53f463bbb0ad0ead78ddf7dfe2e26052acc31cfe52b822afd5ec5c75957106cb5c368c09252ff3e4f624d90e599279fb985ecdb7d8880dfe05ac2d2da83e34e2b9b88f5dd60107a4509902fcddf4a36605e5c7a2606a4aea9fd4b5b24ca6b67d6945d133869cf9276d8c30b08c2a9f4bf03f4e0b956fd5f3c80b958ac5c41e4115b6708799c3102bd8b6c7fe17ff8c3f89c7437255faf69d1e16074086dd44d038bc0211ac74743169b462dbc085d77bf45eea72bf8348308bf48feea02d739a0fee9fbf71023ef8c6828da1aec8618cc2345ff663f88bc52a990e6b9591425435b0c7900ea4068f5aa6345e94254e259a71290fa23281658a6a165d1dee10dcb355518264824665ff2c5538de9ae4487782911f79e0bb09bc2c2d8e0d91b33cbec839075c9b38c848e9d2fad7368e96c1932042c3e85fd95b7d4500e6cae9e649082e9d5ca6f2cf91fc7ecaccc1049525d4325003424cacbd6eb5b8cc30b6893bd1ef46a8e7cbcc87dc2dda5c802ef1f8bb607c7457eb161254dc0feb60ed5ed0383fdb4db91d7e41d45c8eb80c1981e801ef05703f97f8710a2e00eb0559f854f700f946937b9e68c75ad6d0015d5d79be5423d0d846bc76f92ea7ebb0302b3d3c695c0aafa83b2bf029a444709cbf2cefbdcc7eaf3dd7a16f8ca8c861e883db10d433f7fec547be45e6829962e430bb3c93e8cdfb342c1cb7e53d8a6ea625d5574c4b4303f61c4338a658e652ab2bc0029c0a78a5114f495a439956909cf42128cb4348affbecb20b7fea98e22160e9a58e7666a00e7b37fbec4bd3860d66a39d1232a57e8cc50710c5c666f7efa98f16f9a02d843c94b0842a383945d06899998ff2fd01ffb58ab53ea89b2c93634c48d0420edb9791b8e451b35b534b8b2874c4859c684cd14afb5335a2555c75ad9df018635bb7131a7ef204ccecfed33a675fc51687e3f8818406fbf58e7b5fde1ca96153817e1b632e89a78d967eb6a34af1dac0d9ffa448b7b9bac27afc305a7b47febbe0a37036c18aef6852b1b2759d67479f9edb169e796d949844a1624b1e832a2eee9be36dc5866d6fde431cfcbd4e305d322c9dd07f83b5b361daaa74bfc9fbce8b447210c327468659ecbb0a5fc20d0cb79de7d1d70bf251c81d5f38711f3f4bd4752685b077058beb465711b1359d2a7d2f59216c5a807121bb97e7ccacc46526e4072f1d6de3b487d492fed0995e2273fa3bb115bd08d32d8e57eb2aa8f9d3b81babd1b8334c3a5e69422b75502ced3793d07b9bdf38e9d9fa1d2e48c7886dfc41985e8ffc49f09c4ba58ddc3b4cbf562b591f8939ced5d18214a77cc753075334a157373cc33cbc07a731cd6342492f5e05f78108e627bc88777203c76632bbe0120924c7a51bbfc9dc789a5695b7c95ef544935032fb81d499c454a2d78727875c20bc8a48a9f23cf6595c17c9cdaa8d04bab8ac567ebd3bbcdb40e11f1893fea3970f176f75f38d17d6ee1bd4ab76c660723a776bc72319199ab82c40ac4a9f4f475e8fd4643a4be8601cb5172e112c236c7c430078601bf183a59a03885e994c1116a9d4ef275790ff2417ffd85b43274fc57654466fa394958aeb11f343c3439604af13997011af70b67df1a9dfa4cdb751a2dc3e5bbf42f7b9ebc6dcebb2dbdc57d7a2cef7409dba307b7cf6eab148a924566341d035cabc877c68d0fbfaebdd39c16304b63a1bae376fb4650708bf5695dfd7ffc01f43f0021f622de0b116ea494454497337a0ec469963de7f9d2b1d6c5a7a0a7835777a78a2b9e16eec696446981d2fea550f011419b96f7b2018d027b87fc715521b0302bd7b5b3bc5f033346029eced73df07dd1bb1f91848376b40b9e9da7233e7832edcc7b54ef6fd320d19efce78d58ea7020fbbdf77612dc8a4f3281915ac9706f346e405b9f489f8f2e9a2decb8d18bec1e5f735a4ec69bba4dc5d36c9c1cc50b92fe67b2cdd53fa671c0cbe331abdf46787e7c9912b951aa20700dba6cf5a209fe5c9c61ef62a8e2e572ec774b2d0f42d570633fc44d44826e848d47a8f386a5704e0a3eaf1d06617181aeb166334ab55d5aedccb27abf19a42a480930e25465721336c70a2ea7799d21a3659124ac9503efc99c1b13ca2b9723e3e338055f9b3cef7502017ebbb09a64b06462db353a5c562101cb7fbf29e056deeb1ff0c7bc877210c941c87401ceae52bcecc83e87655069ab931bd813c1a87d67554f5d2cf435e6dd92a515c22f5d5a9a44ebc81e9c4849104343b80824005619312a9e349d996e366d381da42edad1a560bf5e31ecd049e92ceaf42954958600a7868599fe10e9b34587368d3044250c3d1a8ba6c8dcb6d318d4f9e71c2d33fc74cb57620a8343258d072f3aa767b4b178f3f66d5a713dae2426296c12edf9ee37636869e30df64cd3855fae20bc7602c1b7e6c8246ed4be71231a5ec7b5e7a9ebb08bf8667d8f2900ecdb0a0addc14a2328eebc448db13013e6a3c1a661065e5ac0a04b5171bd84c9d9d947a6c31257ed13a966530c5e20168c100117cf82b4c00ea3ad00ea65e1af89535b3f11a1418ddad33db8cec281543732d2ff4eab54b12cc95f7d872e75bc01bf6c580540b0e26413c6c2321ddfb0447bdb6acf05ddf2bb92534a3a5f37d6da882289f6fefc6a213cdfcf34902137fa3b982b2b4c27c611f08909a18405482f1e3a2bf3635d3e970457541da16e37bb3c422cceeb484bb64c78724431a543ecf4ca851914c1555e3b785ec87bba3769927f6c29f80e7ae8632bdb9acdddf7c3b5580740d9b2bfc25086c9566844136f3fac74f429121f86c378c68c20a194b0c98b1e92991954cbf60477e217a2e25297fc7b18972e40c531ec19e1eea193bbc8893392d8528c6a0375bcb4b082d20d5c47cb330bbb4b74b91ab55d4a0d3e1dee8182c581e8e70ac30108eeb7185c6ea3f786881ad124e1404651ee95cdb0fbb0d0f4a2b43c795ec1cd4e46234a88862d57903ce878b641004fb637341e5d6bf5163f1a3467b828f6eea96c3c2bb79503687867e11eec32dec452e0fdd2eaacfc0a477ee839ef049855da734d18212142dfe2a95ab9ad9bc4f98c3bfa34134c7e6c9f8669303314d4e8c1bc5475e8fcf418cbdb3246ebf393d911cdfee8f2550dc1593ece59ced81a4ffb2484f9c8ebed0aed8d418138445c4e96b209adcc4afd70f09901662daa2c8c557d6039768d97e6b9518f0de4ac2e0187ba08a4a9128d3e632fca102137338b5e568f12c7bd28db772c800fb5f4d4e683b201840731bb7c034235cd73313cde88891bbb31597bb537696e6c987302297f9717b8053779aed447d33ef9129e84d3031fa9b453bd5731fb010ffd19a9133e0ccbec2461cdd31ba294d68c60a8535b15584bab6e6d0ce6c1cef4755bd5f7d90f4debb40af1437a19a96ef9c0709692156152091c7efb58f2d39a65b96416dc09e8091ae08d9be5235a3c1ec062862baa1aab788f28e83ba4635cecc6671f2320f42b4f711e7d0fcad89d6727d3630da1ef35e32dee39eda665946abe6224f17f2acc29e62518fd51eb7f193d9bb16c38204069098c293fdce24c1c79229fd08622a4256b581cffce12e46c20248dc902753f0e3c91f9685b3d45f984620e262b3487d67d152f1c50de3fd2067a9d3debf715f346dd2f712c55545336a9036ba82bb06cfae59a48d083c3388f77790c9639fa0a9c33f4c66c7513042bffb765c2a4b3657dddf0ea094d8d79018f66c8ef8e9df980a89906275edf4a467a5db0a623976899f0efd167aab6ff385cdde59027a95a570277cb94ebce503906c28527e3114eb9ed739d0c2f4cf82786b35c0054718f47381ed8ce9b107e1f1019be5fc877166da667036f0c1b84e2b5118b5f4babc052d997e5f1e8c4cf45eb26430b74d9e1df3735b8d5df559903143d983e974bed6cc608c2580a991bdd3628ec676d348de8752cafa80c1661f162e35c25fc0ba0198423f83214fed800f9355ac8ea67951cfeeb3736b50c1e14d45d33aa25fc72c38702bd5dd217842e54114f4799c45ff1b7cec9729382ff7fc3ff80cbe1a13d03e19eecd7de676f6791fe34143ae30c97da9623907d974a37b65d0ef5d46b718d58541c6b1902814de71218ca7396ceb5fdacdc3cf4d110862402e7cc6254f1e44e28593fd443290262db75fd482ce1d305d6bf9fd3e5e0efbedac5a4d097650b111e6e9e1b2c66a23ac5bf27ed78d25d1a54c16ca4287126736c2f17ab73e683798c29d16481775ada8e20d94b00b6b29654b18f60e2853fdc7d3ba55d7df660db90288b6f440efd19f0478047b12c7b07ab2b1c9529597e6462d20612e6c3b6d1b1d11305f8ddc811860450504b7cbf9794edd0d07c25ab6307d74afdce958355eb919dcb1fcb8038c6dd5e774ee398dc8553a9ddeb551f", 0x2000, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x18, 0xfffffffffffffff5, 0x7, {0x800}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fallocate(0xffffffffffffffff, 0x3, 0x460e, 0x3) syz_fuse_handle_req(r0, &(0x7f0000004200)="3a69d0358b8795b71fb19ffb73d1ed252afb0895807a7e94a0346b6f78500dfab89a799512e9adc53895c99770832097a86550119e85466c39ecc6b06924aff6f66ad59bf5de83fe35bdb59398cb9a4f137ff943ec8080303cb8f834c157491e1d0cd7811dafb3eda50dcd416d13e2d258a701caac54b98d5b6827ea423fcef9c0c7c9be478948cdbc81bec3f6ad71be0989815e48effa428e6b8d8cb7444d5a743e18da288fbf182535b931f5852f75f3fe6e69b95203532873f838a21233f4ee780bf1ea352b5f0551799711bc47c527c1489c964f5212d68a5a58978d5e40e7ba448d07c7560ea8102991cabdec6162dc359b2ea7f282ca8b208b1411b8b9e562069a47a32f85b7e788291f1dcd9237b8344b5adfca065afcb8eee0df35f7cb473cce75dd7798f94aaf705e743585d339570afa9e62e5db4f86c81b85a8c33bd2a4cd442ea30dc67f43c3cc36f14f3497eacb7e6952be9ba1a2c011e7278efaca5046528985f75511660e2902743c9a67b7830b1683ffb2031df8d03b9113f65c6b2bb38ba4c54d79158fff175a1e4893218bc12f75e115357d1a93afccd1ce4228b74931641e4d13e21f61c28b00f263fc656c6d3a3c4d7e91cba98c2b7ffeeda2ff00d836c6e7bf8e38906cc810ce71f270eebe8ebc8b60c9fbd084bf5163accec37293d2e79b679f1e58c2a853b34f5d4977d6db5c19d2c1cc0efcd5426b72f869d33b1b4403db0ca579d2d8e5c130d127134e6fca56d1bef8b101d56ba072070552a1e7a9f8a40ec07d7cebb0b563a0b94e474ffbbc8fc494c2d42ed3d1a1295c38e059539f3fe4fb1940145fee0ca451adafb7bb82bf1c345718ed2cb905cc76521320716f3a9c1592fe0d518a0360d1c1d01d252bc080df5e37fd2cd713fcc96db9dbbb957c9b8e7bf1d23978466d09b1f9f7deb213297fb3ae0d50881d2f000000000000000315e62dfee050c7861538c961a1d74648a376abe0a90cc9e519151f5bdf4a1bc0ffdf8b5e8427ffb74f54b965912e0faad0785f6589d7972f39fa378c4b3e4a24bfa84243c9dbe40b17b26dd6605229f35762a61c1c92cc2a86d837ee0092d203b7523d71c941dadbb1bcd78f44b7fb14aeb7acc6c75ecc22bb5c3fae741ccf68cfb4f8c6fd2ce80e9e55a5b4bd3452fca54ddbbcd26afaf1a780a556f70be6218f51ae3591b0073c58042b6323dec0caf80cd2f9fac1f4a7ecf4dd356ea20be93c5224ab24e4ed5127551d1a7b6d27297df5c7f5d999c7d2d5ae3869166fda30de5394bcd0662e1df668cf9eb60a1c44b61424b40e0c1c14b1375407be5df5d6f5b5a5fe42e873e8ad80bd03c94c418ad9fd0dbcf9aba10ed89ebdc1b6b23d5472a5eae77a11c44df02f981f0de36813903a719f54e0932b6adbf97fb20b449ea9e8d27eae1df823f0696f19a180bb65b86f7413110b039c5548178b247434485519eea60e808e3296f313743b7f239ead437dbd70b6e4dadb8af29d76044534a51b80bc9538503d107aeafb39d5e5ca395473492aaafaab8131278c5025d4715567f52f6f21c843697d5c026fcacdb32f8b27f1a104a87110941f6f66ffeb6543cbe5b8ba2a921bba3a63a88b4061039a3e28904b97ebf3a4c83dc712207ce8a6f9e077ab3d3981201dfe3426a6346ff3b282678e71908b56d7c1233ef5ef175df62883a21bb16dc261ef0f8a7e7a2a2e0ea3d1b748b5ea3bc1a12f7204e9571dd80b5f47fd0b72cfa9bbe2ed76321cb3a9a217be8e0e8dbaaa0b54b5897ef78e820caa179b4d9cdc64d3d731c634c45258f62307cb4c0f8e35971bb86c49d14be56e5464d99218d41ea9b8636abcd8bf00fa98b3d765a847b64ef2bf573f227d39a201e5706e332e94ef84cc85ae16ac058109942c6789374806363984f9a5727b973d250fb5115dee0888df79192bd4fb8412c13c4c4e1ca06b5d9442cd84056dfcf0327bdf5a2de82364266113991cf091ac16874d4d77f9e9d8c45aa830b8930425bc34a68948497cfbfb651d213682b5b3e2a62ee102c673f53f0cc7c3c1a1e8141895aee88f813ae501fec0e82430f0224496c29d61a0965eb29568b67c53b9c8b5a49adc3f58db1c9c9a2d664ce4cee4f90ecfe1210813d152c8a711704765727dedab05f58948c25ed1ce350bb2361bb734b0ffd4316b9235279d2a79f756380b7ab4f9904b386067f9f722ce58a2680006e76bb792e05f6ba0bf2f7da9e875a9772456d8e0d65cd6276acf5ceed8f7e1789bd90e2714a18f112458fe7f832f278c5058f3a761a8b6f5e9b114e78ea84929ac0a5a757a2cfc13c26e45c3a29292506ee3422f14a7dcb8e07bc8822b6da71756bbe41f869a686b95b9b59cad26e567c55ec762f522adaa25e1852cdd2fcfb7df27bb70d6cc20d0d772892cb225d4abe9975e5ec8e3c00cc0f74ee8938a18c007bf7caef0a1e4ec6403b30ae8ab4dd6b27cd8c548219e139903f4a4e3045fa1973ea47d1fee3d1983d35f2d5c7a21328ff0ff203c397886379ac4f2aff4e40d7802ddb7ad87b74ee82c2b3435d93668a27260c341f510af51cb381dc90d81c065efbb317aab65505114fbd9b8e9650b79b6157275cdd69dbd73d820c0a703b804df00e3348be5541ff9516999ef932f15783de2ff4567c3d576b0f4a38bfa739cde8e8ac2191400c63597823cf382db418129032ddd96b9ec816f405b556af7f9b5999122d3ff1bdb5eb46b8411dd154b854fd3a35320168142c336a641534df1fda6ce982fa7a74f985c1c69023e84c93d15c3f8b64639fbac6e0e3e746121f90537cabb5d268e91c5654bd9c605f71b34a79f131602f88681f445b7fe339a242a76c19e0d7c46445296f9c9a039052ae08821781b545a3bba5514e03f204f1491b673167b464049f83cac06c78a93f50883179cae8678360d5c1c567a70f8060312f722f38b7965cd1ef1e57fb21b9da448964e174692b79ef8c9bdb1f834ed9bbf2844c7957eaf2ebb3e933e94afbdfa6949a5935cb38a2aac88855124432eeaa9a974346c04ee4f6e072dae06af6d2d29c6eb2a130b23958d3aea3cfa6947f9130963987e56e8692a57b505cc8f4ed1966fedf8fb69eb384d8c62668979ef5aad64753264446e7fc24265cecea4a5e4a408774f249058637febc5b22beb8e24b390eff5ca08a8406f10a0d1c4cf043b354c72971507095a4890b880dd5cb2ff532e397b8198b13b1da26c9c66f8f8ec8d6be44cb7a128c97e73299958182ce5515fee98eb2cccc5e6083ab5ea0ae673f07f57d688063898e1d0361f88915372b673b9809beb7cea1744c8a3512275dfc95b18c007257c5a7201f645214a5a422167858b30ca6616cb5544dfe48825ecbbfb61bc4ecc1973206a33784c0db19ab116d15de145dfb65ee262bbbac6b68faeea9f84e3bdd0266d3814ae6f6b9e285ea372507b65201e6f45234f4873205c6b88d73a363cc9c18aebffb9bdd16e4eb5cafbd34d1a623da1e77cf5959ff12d3caca9ddf63aba1f7465cd60416b82336e67228c4febc5f0e6bcdf478e6d6cb827e06d86aeb6891880cb650bc9be859dcd572071b2f065bdc5cca1969628e102d3f781599203db7072c4e4bfe957f59fbb269a8bf4073985e6e876681d225642a94a1534d2e7d83bd3257c9bd6e30f1e3eabdc7d641acb9de3ba963c17a3c5fa11c98abb78226c702fce43fb3e764deba0686895074c7712543ca12f4a4b2be2639a83dae56b84bc2bab94642ef81adb60d177a8fc97c5561f2732bd0c421535b24dc557d518533cd2b55cd3b4c0cac986d0de2bfe498bee1852b7c7ca0d10e6bfadbab9e3320319e82df61c84360edf85af4f6cb9e56a84001e2a94697bccd7985a5d5787d7450fc62738a039c3899ad6b0e116e2e4892926a114d40fae98acfa5a9135987381532ad0f9d9b0d56680c18b79ecdc9720b47036d1329a17901b0dba4f1cdb9e28b34a28322b0f86828f66482ae59e01839db2d792b3638f3b9aa73275bf1c4d6ab971ab9aa153ac4609d3983fdf3d7b28484b74f6416bda1f456bb043f1846d74132e9c3b7499c9a319294b450c542a5e8a139b6ba9f33761da5785b520362f16f6867dd5fa4877317c4252336e06b2306bc465617f6e156b0a5ab7a700ae3430a6265647ba4e5fb4cca96bce614251026a809a59aef62a9f94249f90e5507aa4fdef0e97d812244f324e4438eb834a49ce6e2c0cdaa4a922c9dbe76c9e39d2588bef339676a11b167eed69b83f9c678da4f128e2f266ef5337857635c4d4b20bf7613b50843faed7f7506dab0d9ab891f0994e20414cd132d20898c5b028a659aaa06fef8e04086645e6088e9d363edbca9bc61ec7cb01b3be3b102621205920f7038038d41ee6c2aa01c9bfc5abe23d507650f3290fc0646eea411fee95c694a913b17fbffff078ec9c8c22f6e2e92a3ae0d033d29c7bcc7610aaa5d70f2f9ad04ef75b5400e9d71e00f210a9276fb5fcdefce6f31c9fbadac657870655dfee0490400138637e34a9b637340b1a7ad21360bd935e5e135ac59633274783afc23239c4959824431640fc8d349732c88df93a913ee2243d07b3ccd11f1e560706747a03913bd3bf85839b528f6935fe2978b321f0a2b8b750c8cbb3c18d57efa35f594efb97b330b8d90763a1330e60a0234919021b914f9596a40a268e3f9ed17a1e906aa4775bb1b78258057f96922a5ac9ca03580ad0e0fea0435f15747c4da1f1d367578b549c8a6e1d270805aa82479917544883b792bd0493ff57392c3667216f2aa4fe754026f9642dfc85b57b04dfe4e31ad7900c85a7eca8fd940b9d746212fc43581f0a33bf3a9043d992cd4da8e1aabfe33c837f5076b22df6922926a8789e39a062a98e730637c4817e27397887816c1282c3a05af928b8788f8e00b09c312c27012c8311dc3f7c71e139d5cea56e89cf871d6dc5b2ad6ac748be13770f8c865a56ba4a05ff4026d18773cbdadb82ff513fc9df3a42523e9d65a54fcffadc3f026c84f9349a1404df5a5a24fab3fcf1c152c4dd799849f2adb35e9032e1f21440e181e3dbddf6a9d9886c40a62b6b0f4e9a258c9eeef63e51ef1d1a8d5f40a573204fce675983fc7c01213ecad4c6ce47de8c2100a4e2fcba11a1e382e99b93f65aaee22aafa09a0fca1dd0b641b17775314748bfbf1555a2df601b74cf73e8223dd5f28e3589df3b70d6383b80dac7440bde4644e65cb09cfa89d0cde0b5c9a5a6e68448103c5d1033e39f779ba1adf904d094cf92f4cd8b16273beaf747815d8b6f5f2c7def0ba2a3c96ed1e36ecda7f4783c2db6b34eab0bb287cd29f96e72a6a51e60d65bd5da7c459c0f5d03a826143180a18d059605bf8b030bdb13e57e85e87f166e4d6db87079060c62583b525c321b2d5ce198b3a28d94e8904b2034d792c16aad307bba3aac982270c3175248944db5fafb4cb1e0fde74337663eced31ec0de2d572c3d7b67d13b7e02f95dc4e91b8128e6dbec1f617b8cc56c79ff00b89385a2d7f05c5b35eafd85052de38cf053ed503ee038e1443b6020e529d226e8c9a1c43eabe8cd392ae577287eb9033b7636ee4afd5c8911c80ca3d7651ce1954d636bee615a1f4123e7222839813763ea184867758a469b040ea13fa022392bcaf8fc8e7a83061a0620ce111e116910164bd47a83163f182b81cd27c6edb1273877bdfa8de178585a6978e8ddabf625f6941203526704a3ed14ae96a30acfa2a487d95187142df8038b8d482668412543793f27c6fc47712aa23e8e803c7edf43f76cd8527aec785b39561a1aa7524558731818f7c4784e23a8aef71e6d0c929a4df520cdd424abd7c3c637b77d98b35802316cf592e2ca36cb18bd0565e2bd1db5952dc63647435c2e88b72dccc4dd312cce9485a4baeb67ccef9a450e6570cc30e3f91768a521eb66cc2f33c4f8b287b89803909a06e7c78a261d9b9e08d1a3cfb9ebc7ff7dc7dc9cd2711f44a80296f14568a973fb02c40d83b61f93301a8d9ab9e3773fa8165145c019b4d16a82eb890d523159e4228ed693b6345be75b9f4cd5b4b6f4ed7854ac5b946cd2cbf76c1ed36d97876b49263a1f418d84917b6e06d07013864aa31a88b65b90a7db6372377ba6dc9d3b68e3fbd20ea5b1d8a152c0684bc96ac5b6420e100c3575b5bb0dfaabbb835d2c74458433c58dc14c70a52ecfedf27409145e80ab561e329e8d3427528c268c5f28b7b2d6acb53d6618c9c7509e24650ce8d7982453106197fdeb79962de069c3dc2ced79a9ec055f8548de5c4a4ec050530dd89007ed8da3b225c62c30abf7668c6523cd0bfe07e2b891b510c4410b02d723458c1f7b60872353ccb695d7e661f853a1084c701ffc3c8739c836c404a8e6004912b199ab848308ded8991c5884e477722be9ecdbba3424b0c8b93afe920e0706fe116f38965d928d96d2103f06b584f783c1b04d68185bd80d35c8b6c88e31486358c3c5e87c93b76d46fb5a224fb2bcc8567dc9d3a55c6ec6f529e3b84288b10df0200ec2efed273bec620982f1370f35d7f9e79ded33cbf5389cfcb686ddbe6d117083e74205b8312255f617f6290c174e61edd543140d79daa0538563b344fbfd15f763aa9109ee179b6cd7368b1527a4908f41dbf45751e8a8cce11e15830794503f4ab7f960f7530ec60e73fbbcd0ae74f91f3d001be7f904cfa33d4f2b5b848996ba3abbc321055723d639a33b0392845d1ea5d8e8f97dcb1f2abd26dc59361834fd2e6856cd4dda7ff00fb2f0e457bffe1b50b3ebd8f002c17a704a43a25fade48e42ecbcb3595341e559982e249ab077093a2d4c785dd28d07e2515768a305594ffe0aa140b6a9c3b98c9bb4fe82ecf3e076164c9be486a370739472d57d28e84cbe2f69c1f84f0d0547191c67424c076a623bc2dbf2e04f82d69d93a4a1a9c5de090c07388cbf0745dcc1fd00fb9602fe5648d62845a8a09a317fdf67a7f63d50477b8fb35677dcbb685e8553a0afed99b56afa55b881612219449c215c19454b4ed6a013d546d44027a3494894569cb0f0e5c94ee9c817db6cf4a612eee11386536552a80d8564f75af026d811c1f0ae84020c62466b630cadd2c78e14f31c5b091f6f16d9e68efb57aaa085453b77ba460dc4a11c0d2ad3fee842f7d1e562b14117df1c83e7684edf93184ea0668f9d20f7fd81f4645618089f254d9ffa379a5c06e3e1504433855b845aa3d9c30295d737d2d705bb51a9b9d6ad65972e7076e854eee5b73d0b87e7e6c05bc158e31c706ef823fcf6e21b0d4d172dd77ae365fdefd295ec31e60406cd215455ee11de3ae1193d0142889577242455c3c07e7e910eb61c239fcaef4cee4736e571c9e3adb64185dd392f1f441a6c7673af72dc86dca5e6b7c203525a287a731b43b6337f19cbd9b0d2fd5b1ee5105ab9173edfb5a817eba3e0df0e04790bf574dbb6579b61de2d48600bc7aa9feb24ed08249a3f8ef123fdb3429a97c3f96c1fa335f850617158bfa5c7ad11dab234d685862eb4a60418afe31c9ecebab9f16ccb05a0b15cfed920528aa59e0bef9dd83720ca58e31902d9183b90bc44a3b7d2fd19dd7345ff61ac6f6ff1ac37dd90bc0dc130fd2e0520b285ac615ca9bb0525964ac12ad42cdee879b77bd22b881f09a6e725092d2251773ddc3bb33c72b2de4e831d92496730677938c9565d36c459ae3e10e8db21d0e6c4fb15312b23a741b6a1f494dea99ba2c7103e84bfc3c55fcdbd8812167739d5eb3f76386082aec27b19d41849b898c70744daf0edcc1c1de022c04086525799b718d91c1be50bf0bb1695288bd15c94447b118ee3e0b2ebb12cfdd22b1534a4251c742530f28bd3daa1da0439e3a9a45ed55cdf33e4568665ef83cef074469e93e6ee505a22468b723577147ef4eee0c7be889275cda7d28052580504040c5e8449e596c4e3005fc8e5a4cd65465f6e3c24e96283d3b8aaef5822fce25cd8473b6bc69b4cbd23cc33c8073dc1cf212edd58ab4a9fa18deb88478bd80af0afc650c8970fea7a29869843071d06af17b6cd56e4dbd88912ad15e9e023762ab8749aff944db0010f885b431648bbb3278c386eb5ecdf91bad6b22d894982c461d9ad4ef825441b851e42ea2ef70b3a7330b7064dc4508e5928a5e016c3eadfa4c9ae0b4aa81142210b2fbe5da159c4539a214d8ffe4171a9cc6f39a8a3dfa8f5fc5f34c8ffd61ac624b594d9b414b1f26ed445608e91a6663b46b728b6aa209b6ba8b1308459a7ff9a3d986e9d9ac924199cee04d461b4dc5ec952ea202b6a98cfbfd6c2029e6a418388d7edbae3314d6c6a4cf48481e9d00884622532be884312b1d7bcac5cf0f25cdfe7a8836d3a1b7e0fe97ca04e8193a853627cad41d97f054a7b276503900d58f028f9e8d7e3110251f666a2fe875260a6639ceb3609882ff15d12297f8f5c0fc6f35d2622d7d727e48caccb2a41bd1d498c40454ddb65ac3999ca5ea7e5b7512074585d7661acdb90292024ad64242b0568f45c1a5cb1b10cf3ba8937036ca7acc272602b1a461e027761a8ded69bcf4940a638c32aab1895377ebb21e9b35f6e64ce864d7a4abc0d9eb887c39b7993e13da7f02b4e86ddad4b7ec0104069e1551acf726f42e8a2af83a11e5176c4e0bcfdd8f5f0f162dc31750b20ba6da597745e7b76f188fedd4ad164a6e25156f2b086aa19cf18d57388de7125760dbcabaa5e675f15672da2e80db6ef91b276574b63b698f8b4d9af64fe3ad6c3940c06ddca77faa22fba47c3d30e9d33aa628eaa492efdede342964c368c2b85fee61b464b3001319678c554dac096fc383a4b68e8f03f82fb1e1292aa28f8894e0df1e550c902146f094205e4e36a0035d03f99ab4d624e2528fca328380a9ed7eabd6f0c86fa0b31137e07f1cf931249b082918ce5e88ae38fe11d96c512aaee5ef713608862ebebb6e3864a235e4cdcbf658df7ad514aaf53f80a06c3fda248b9bc7e1035b22a9f7e3de4fb0fcf4f69680fc16bdeb951130c97adfa2bb2607381f39e199f32ba448b842ac0744c91633a15d11d015a1ee7855e1112d03ac0a8750b878a3abecac186aab8e96d03ccdd480263d3151280b1d3d65319921096914cb4f0b90150621dcd759d69d29b8b9ff3d558c8eaa2643bff7a1d86d5ad07742eeb669803112e3a50ace240ba0e1456076a7d6c7dee8a75a92a9c10871c87ee941a33106c5e7a9e792dfb0e4b767a1cf7615462fd0bdc947454be2c4ae6fa0e8dc068929324465f2879f30aca3792f13890200bf7bd04936005dc1a1a4e236e597775eeb208bf610b736dc962f054680ba78353a5d63d5197ef7d51a9cb43042ddfdae55523b2f78ae4212b2a7161c673be24726c4f0fdc508b309e8446d2bb1114d134cc0ad498310f0f0fa30a89fc43cb344552625c655c21bba97b953644c3a8799fa34fd569a493fcca9a93d53a3c56492e7b660d509f34f537aa7d4335bf9d1d3245845569538359f437e3865b7109b1c8aff142c5faffeba8898c0830366834d43edc2b6318494b822db8fe5d67df7210b1d22a04aed98a5465311cd102b2c9e5cc9356b7179238530018cffd46df7eeaa96512534dde2b35e50e0a8622d42bcb5da03b96dc3827cdc97d915d9c3809968f800888f574b080355035790c7fdc510d29537d58b4df9cb116875ebac15f662e3503de749e1e95c2eb3e6159f1f74d56ba4647939dd460bca9001343c78b2747a449daf32d0c5a35c9484c84e3cbab6d7780225a587dff329790833da3a1b71d56ee63794fa6d4224df8e7f4562bbca73d4d1349e36cdf07c872f5aa50a027f1eefe2962af99c0c73cdc8ef6ba677ee0a6068c8e832f0406f9e7ac448109fcec97986200017d85a79757084f102350fb6936ce4924bf5ff51bef43460885362e5dc4b0c2295c1cbcee607369ee69adcf7c93b1af67c2f758320f65d46585def74d442a8e6babca6496a91bb136997f3b0c82e0c8eb48fdd170aefe5c7b9c156ec2db3a11fabffc7ad1f2c04902d00da8bebb5934d7b46a8e49a63de38aeb5940979ffda7f5c566b938051b78edd2ccc4a8d47c0b70ad690b3c0735c3ae53f558324fbb9c52c91e47b6b78ed4ab591f4c8e037154e637d791c8ba80dda5eec368720be1273773974e5506e9fab39254c0dcb8fad6e71908c476b5048f78aad193e58fe503c63515aa4acd9fd58435f54ba3e5880d84dac3322903504d1b2dd3cef0825617be22b44bd8b4f9c116b5d506c02fca710f10208f30949ad3835575b358ce92ef05cd3bf42c5fb3ebbfa8298503c66844bff3f6b092289dcab21de514dccd33e5a49e6c759b67ce03f197cb634db698ade760e2aeebf21a2563ff48717dd17cdfb394d28adaa1e466904fdbf19a25f3845c7cecb4792f599fbb1282dfd2c36a32bf2b1a9cab1aa9efac6fb8ed974fb78fe049c57e88364bfbf7d77c31d7fb225b36a6927816c32a0aee7ab09694c92bf3c320939bd81454c6de41e99f5416f9e504666d27c741c600b9f6fcecbcef649607d424aed5b3c0aa5919c08ac3ba2d98f57ddbf403d80ff587c5008cd92d2282d726f1bfab5e106661ab7d9a957ed9b61ade108c7a76883318c69a4b4f13ddaf95be544bdb5cf29d62ced22cf423a91917e4336d881888f0ff40fdb3016b17765ce4d404662209038be79917832c2818dd7fbb338d211e583131fe8b1a685bb615a9a5665d48ac4f0ded8462fbafb7992a6c087a06f3412a48b4fab2a84c1ba09f128aed7a1de7edebc67e38b64be81de07938da15ec98480969e1ff738372d1f4b7844cab10ef0e758b670532c1de223aabad5c28a4e88294771388b4b8c40da334780326141fa6a704e87271ceda25b3c09a648d995d5697ebe9a85bad4bd19a6ff5b7ce052550eb1337948bb997595b6e8e5db4f02cae7d26dd695e40c69e465e8918fb399bbd487c1e33db94c9754cf66ea8773932bcc080f70b9d07d3c0eef270d847fb532d22db2e0c56303a15222d0caa51c456a62fb78eafe5eefa913220a8a9238ca7009bd0d3e242e76fdeab718f1ed106f78d3881323dfd0c3aacf2a0b1e537dd6e39850500ee0e71801ad8c9f47d1b5709c305e3f44492c521c7aa4bfc390ea0c7c580be6852803a3b206edb07b64c2d09a795144c81fe1e8fa710d72acb02b3b74b65ee7dbecca6691770612d20b47a14e0a640eeb4bcca6ec5831c59984e43c94b81dde9905a309878a175bf52a40b7baff582f68398645237a1a0751494e73819691acabc6bc6df0bfdb50ca1d277f4d2c0a401cee3424877a221ed169300ec2486f957b565809bfd44d8d6a0db26438937f9132da206888d95df9147bccb0010fea9204b2297ecd8275b1937190efb0c231ec8ebfcbac742e947dbe25d126fb0c0f041516a1287ef0f0e14ac8232812fc69b5cad10656a47049c313a7ce26d5938b61bc7bcd6c3558b032d2c5bbf10870020504f01eb2016d82d15d0da0df56c91d80fe9683bdf39abddb884519791c6057d726abe98b1970442e06ed85531948e2e2cd0ae27366c27cc0ab7ec210be97d647a", 0x2000, &(0x7f0000000a40)={&(0x7f00000004c0)={0x7e, 0x0, 0x8, {0x7, 0x2b, 0x100, 0x48600c6a, 0x7, 0x1fe, 0xd, 0xa, 0x0, 0x0, 0x20, 0xd1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) kernel console output (not intermixed with test programs): [ T6034] usb 8-1: new full-speed USB device number 6 using dummy_hcd [ 108.178800][ T6600] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 108.199964][ T6600] usb 5-1: device descriptor read/8, error -71 [ 108.250083][ T6034] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 108.253629][ T6034] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 7 [ 108.257776][ T6034] usb 8-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 108.261157][ T6034] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.265146][ T6034] usb 8-1: config 0 descriptor?? [ 108.267338][ T7023] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 108.448744][ T6600] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 108.469175][ T6600] usb 5-1: device descriptor read/8, error -71 [ 108.476187][ T6034] usbhid 8-1:0.0: can't add hid device: -71 [ 108.478222][ T6034] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 108.484037][ T6034] usb 8-1: USB disconnect, device number 6 [ 108.579064][ T6600] usb usb5-port1: unable to enumerate USB device [ 108.938823][ T6600] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 109.108884][ T6600] usb 8-1: Using ep0 maxpacket: 32 [ 109.112056][ T6600] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 7 [ 109.116697][ T6600] usb 8-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00 [ 109.119887][ T6600] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.123695][ T6600] usb 8-1: config 0 descriptor?? [ 109.277150][ T7066] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 109.280149][ T7066] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 109.523910][ T7071] fuse: Unknown parameter 'grou00000000000000000000' [ 109.535140][ T6600] hid-multitouch 0003:0EEF:72C4.0006: unknown main item tag 0x0 [ 109.537666][ T6600] hid-multitouch 0003:0EEF:72C4.0006: unknown main item tag 0x0 [ 109.541403][ T6600] hid-multitouch 0003:0EEF:72C4.0006: unknown main item tag 0x0 [ 109.547787][ T6600] hid-multitouch 0003:0EEF:72C4.0006: unknown main item tag 0x0 [ 109.551516][ T6600] hid-multitouch 0003:0EEF:72C4.0006: unknown main item tag 0x0 [ 109.562830][ T6600] hid-multitouch 0003:0EEF:72C4.0006: hidraw1: USB HID v0.00 Device [HID 0eef:72c4] on usb-dummy_hcd.3-1/input0 [ 109.782695][ T6010] usb 8-1: USB disconnect, device number 7 [ 112.059164][ T40] audit: type=1400 audit(1766379228.510:315): avc: denied { call } for pid=7127 comm="syz.0.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 112.059477][ T7128] FAULT_INJECTION: forcing a failure. [ 112.059477][ T7128] name failslab, interval 1, probability 0, space 0, times 1 [ 112.070926][ T7128] CPU: 1 UID: 0 PID: 7128 Comm: syz.0.318 Not tainted syzkaller #0 PREEMPT(full) [ 112.070941][ T7128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 112.070948][ T7128] Call Trace: [ 112.070951][ T7128] [ 112.070955][ T7128] dump_stack_lvl+0x16c/0x1f0 [ 112.070988][ T7128] should_fail_ex+0x512/0x640 [ 112.071026][ T7128] ? fs_reclaim_acquire+0xae/0x150 [ 112.071044][ T7128] should_failslab+0xc2/0x120 [ 112.071059][ T7128] __kmalloc_noprof+0xeb/0x910 [ 112.071077][ T7128] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 112.071096][ T7128] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 112.071110][ T7128] tomoyo_realpath_from_path+0xc2/0x6e0 [ 112.071126][ T7128] ? tomoyo_profile+0x47/0x60 [ 112.071145][ T7128] tomoyo_path_number_perm+0x245/0x580 [ 112.071157][ T7128] ? tomoyo_path_number_perm+0x237/0x580 [ 112.071170][ T7128] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 112.071184][ T7128] ? find_held_lock+0x2b/0x80 [ 112.071213][ T7128] ? find_held_lock+0x2b/0x80 [ 112.071229][ T7128] ? hook_file_ioctl_common+0x144/0x410 [ 112.071249][ T7128] ? __fget_files+0x20e/0x3c0 [ 112.071268][ T7128] security_file_ioctl+0x9b/0x240 [ 112.071284][ T7128] __x64_sys_ioctl+0xb7/0x210 [ 112.071305][ T7128] do_syscall_64+0xcd/0xf80 [ 112.071320][ T7128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.071331][ T7128] RIP: 0033:0x7f44b018f7c9 [ 112.071340][ T7128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.071350][ T7128] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 112.071361][ T7128] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 112.071367][ T7128] RDX: 0000200000004a40 RSI: 00000000c0306201 RDI: 0000000000000005 [ 112.071373][ T7128] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 112.071379][ T7128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 112.071385][ T7128] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 112.071399][ T7128] [ 112.071404][ T7128] ERROR: Out of memory at tomoyo_realpath_from_path. [ 112.112625][ T7130] overlayfs: failed to resolve './bus': -2 [ 113.277187][ T7164] batadv_slave_1: entered promiscuous mode [ 113.277305][ T40] audit: type=1400 audit(1766379229.720:316): avc: denied { setopt } for pid=7163 comm="syz.1.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 113.280870][ T7164] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 113.292310][ T40] audit: type=1400 audit(1766379229.740:317): avc: denied { ioctl } for pid=7163 comm="syz.1.329" path="socket:[14626]" dev="sockfs" ino=14626 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 113.305662][ T40] audit: type=1400 audit(1766379229.750:318): avc: denied { ioctl } for pid=7163 comm="syz.1.329" path="user:[4026531837]" dev="nsfs" ino=4026531837 ioctlcmd=0xb703 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 113.315923][ T40] audit: type=1400 audit(1766379229.750:319): avc: denied { read } for pid=7163 comm="syz.1.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 113.323397][ T40] audit: type=1400 audit(1766379229.750:320): avc: denied { create } for pid=7163 comm="syz.1.329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1 [ 113.331390][ T7163] batadv_slave_1: left promiscuous mode [ 113.408323][ T7168] overlayfs: failed to resolve './bus': -2 [ 113.893376][ T40] audit: type=1400 audit(1766379230.340:321): avc: denied { bind } for pid=7178 comm="syz.3.335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 113.900457][ T40] audit: type=1400 audit(1766379230.340:322): avc: denied { name_bind } for pid=7178 comm="syz.3.335" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1 [ 113.907005][ T40] audit: type=1400 audit(1766379230.340:323): avc: denied { node_bind } for pid=7178 comm="syz.3.335" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1 [ 113.914002][ T40] audit: type=1400 audit(1766379230.340:324): avc: denied { write } for pid=7178 comm="syz.3.335" lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 114.371574][ T7195] fuse: Bad value for 'fd' [ 114.477196][ T40] audit: type=1400 audit(1766379230.920:325): avc: denied { ioctl } for pid=7202 comm="syz.1.345" path="socket:[15594]" dev="sockfs" ino=15594 ioctlcmd=0x9401 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 114.492152][ T7205] pim6reg: entered allmulticast mode [ 114.910062][ T7234] netlink: 4 bytes leftover after parsing attributes in process `syz.3.354'. [ 114.964892][ T7235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.354'. [ 115.068776][ T60] usb 9-1: new low-speed USB device number 2 using dummy_hcd [ 115.198775][ T60] usb 9-1: device descriptor read/64, error -71 [ 115.448731][ T60] usb 9-1: new low-speed USB device number 3 using dummy_hcd [ 115.578747][ T60] usb 9-1: device descriptor read/64, error -71 [ 115.689061][ T60] usb usb9-port1: attempt power cycle [ 115.711873][ T6663] IPVS: starting estimator thread 0... [ 115.715333][ T7253] IPVS: sh: FWM 3 0x00000003 - no destination available [ 115.717568][ C0] IPVS: sh: FWM 3 0x00000003 - no destination available [ 115.818999][ T7254] IPVS: using max 46 ests per chain, 110400 per kthread [ 115.950671][ T7258] FAULT_INJECTION: forcing a failure. [ 115.950671][ T7258] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 115.955672][ T7258] CPU: 3 UID: 0 PID: 7258 Comm: syz.3.362 Not tainted syzkaller #0 PREEMPT(full) [ 115.955687][ T7258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 115.955693][ T7258] Call Trace: [ 115.955698][ T7258] [ 115.955702][ T7258] dump_stack_lvl+0x16c/0x1f0 [ 115.955735][ T7258] should_fail_ex+0x512/0x640 [ 115.955757][ T7258] _copy_from_user+0x2e/0xd0 [ 115.955774][ T7258] copy_msghdr_from_user+0x98/0x160 [ 115.955786][ T7258] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 115.955800][ T7258] ? __pfx__kstrtoull+0x10/0x10 [ 115.955814][ T7258] ___sys_sendmsg+0xfe/0x1d0 [ 115.955826][ T7258] ? __pfx____sys_sendmsg+0x10/0x10 [ 115.955843][ T7258] ? find_held_lock+0x2b/0x80 [ 115.955868][ T7258] __sys_sendmmsg+0x200/0x420 [ 115.955881][ T7258] ? __pfx___sys_sendmmsg+0x10/0x10 [ 115.955896][ T7258] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 115.955917][ T7258] ? fput+0x70/0xf0 [ 115.955927][ T7258] ? ksys_write+0x1ac/0x250 [ 115.955941][ T7258] ? __pfx_ksys_write+0x10/0x10 [ 115.955956][ T7258] __x64_sys_sendmmsg+0x9c/0x100 [ 115.955967][ T7258] ? lockdep_hardirqs_on+0x7c/0x110 [ 115.955981][ T7258] do_syscall_64+0xcd/0xf80 [ 115.955996][ T7258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.956007][ T7258] RIP: 0033:0x7f921b58f7c9 [ 115.956016][ T7258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.956027][ T7258] RSP: 002b:00007f92197f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 115.956038][ T7258] RAX: ffffffffffffffda RBX: 00007f921b7e5fa0 RCX: 00007f921b58f7c9 [ 115.956044][ T7258] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003 [ 115.956050][ T7258] RBP: 00007f92197f6090 R08: 0000000000000000 R09: 0000000000000000 [ 115.956056][ T7258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 115.956063][ T7258] R13: 00007f921b7e6038 R14: 00007f921b7e5fa0 R15: 00007ffe967119f8 [ 115.956076][ T7258] [ 116.088804][ T60] usb 9-1: new low-speed USB device number 4 using dummy_hcd [ 116.092001][ T7260] netlink: 620 bytes leftover after parsing attributes in process `syz.3.363'. [ 116.109104][ T60] usb 9-1: device descriptor read/8, error -71 [ 116.348770][ T60] usb 9-1: new low-speed USB device number 5 using dummy_hcd [ 116.357554][ T7264] input: syz1 as /devices/virtual/input/input19 [ 116.370578][ T60] usb 9-1: device descriptor read/8, error -71 [ 116.426456][ T7269] FAULT_INJECTION: forcing a failure. [ 116.426456][ T7269] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 116.430815][ T7269] CPU: 2 UID: 0 PID: 7269 Comm: syz.3.367 Not tainted syzkaller #0 PREEMPT(full) [ 116.430828][ T7269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 116.430835][ T7269] Call Trace: [ 116.430838][ T7269] [ 116.430842][ T7269] dump_stack_lvl+0x16c/0x1f0 [ 116.430860][ T7269] should_fail_ex+0x512/0x640 [ 116.430879][ T7269] _copy_from_user+0x2e/0xd0 [ 116.430896][ T7269] move_addr_to_kernel+0x65/0x170 [ 116.430912][ T7269] __copy_msghdr+0x386/0x470 [ 116.430923][ T7269] copy_msghdr_from_user+0xc1/0x160 [ 116.430934][ T7269] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 116.430951][ T7269] ___sys_sendmsg+0xfe/0x1d0 [ 116.433326][ T7269] ? __pfx____sys_sendmsg+0x10/0x10 [ 116.433389][ T7269] __sys_sendmsg+0x16d/0x220 [ 116.433410][ T7269] ? __pfx___sys_sendmsg+0x10/0x10 [ 116.433443][ T7269] do_syscall_64+0xcd/0xf80 [ 116.433468][ T7269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.433486][ T7269] RIP: 0033:0x7f921b58f7c9 [ 116.433501][ T7269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.433517][ T7269] RSP: 002b:00007f92197f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 116.433535][ T7269] RAX: ffffffffffffffda RBX: 00007f921b7e5fa0 RCX: 00007f921b58f7c9 [ 116.433546][ T7269] RDX: 0000000004000080 RSI: 0000200000000080 RDI: 0000000000000003 [ 116.433556][ T7269] RBP: 00007f92197f6090 R08: 0000000000000000 R09: 0000000000000000 [ 116.433566][ T7269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.433577][ T7269] R13: 00007f921b7e6038 R14: 00007f921b7e5fa0 R15: 00007ffe967119f8 [ 116.433600][ T7269] [ 116.495246][ T60] usb usb9-port1: unable to enumerate USB device [ 117.489002][ T7298] overlayfs: failed lookup in lower (newroot/102, name='file0', err=-40): overlapping layers [ 117.542584][ T7304] fuse: Unknown parameter 'grou00000000000000000000' [ 117.567613][ T7303] process 'syz.0.376' launched './file0' with NULL argv: empty string added [ 117.677914][ T7309] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 118.487257][ T7327] fuseblk: Bad value for 'fd' [ 118.503773][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 118.503783][ T40] audit: type=1400 audit(1766379234.950:329): avc: denied { getopt } for pid=7328 comm="syz.3.385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 118.504202][ T7329] bpf: Bad value for 'gid' [ 118.583863][ T7338] input: syz0 as /devices/virtual/input/input20 [ 118.586046][ T7338] input: failed to attach handler leds to device input20, error: -6 [ 118.592456][ T7338] FAULT_INJECTION: forcing a failure. [ 118.592456][ T7338] name failslab, interval 1, probability 0, space 0, times 0 [ 118.600819][ T7338] CPU: 1 UID: 0 PID: 7338 Comm: syz.0.389 Not tainted syzkaller #0 PREEMPT(full) [ 118.600833][ T7338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 118.600840][ T7338] Call Trace: [ 118.600849][ T7338] [ 118.600854][ T7338] dump_stack_lvl+0x16c/0x1f0 [ 118.600884][ T7338] should_fail_ex+0x512/0x640 [ 118.600905][ T7338] ? __kmalloc_noprof+0xca/0x910 [ 118.600924][ T7338] should_failslab+0xc2/0x120 [ 118.600939][ T7338] __kmalloc_noprof+0xeb/0x910 [ 118.600956][ T7338] ? kobject_get_path+0xd2/0x2d0 [ 118.600973][ T7338] ? kobject_get_path+0xd2/0x2d0 [ 118.600987][ T7338] kobject_get_path+0xd2/0x2d0 [ 118.601004][ T7338] input_devices_seq_show+0x8d/0x1130 [ 118.601020][ T7338] ? __pfx_input_devices_seq_show+0x10/0x10 [ 118.601034][ T7338] ? seq_list_start+0x9a/0xc0 [ 118.601049][ T7338] seq_read_iter+0x50e/0x12d0 [ 118.601063][ T7338] ? register_lock_class+0x41/0x4b0 [ 118.601082][ T7338] seq_read+0x3a3/0x570 [ 118.601097][ T7338] ? __pfx_seq_read+0x10/0x10 [ 118.601114][ T7338] ? lock_acquire+0x179/0x330 [ 118.601128][ T7338] ? avc_policy_seqno+0x9/0x20 [ 118.601148][ T7338] ? __pfx_seq_read+0x10/0x10 [ 118.601161][ T7338] proc_reg_read+0x240/0x330 [ 118.601176][ T7338] ? __pfx_proc_reg_read+0x10/0x10 [ 118.601190][ T7338] vfs_read+0x1e4/0xcf0 [ 118.601204][ T7338] ? __pfx___mutex_lock+0x10/0x10 [ 118.601221][ T7338] ? __pfx_vfs_read+0x10/0x10 [ 118.601238][ T7338] ? __fget_files+0x20e/0x3c0 [ 118.601258][ T7338] ksys_read+0x12a/0x250 [ 118.601275][ T7338] ? __pfx_ksys_read+0x10/0x10 [ 118.601292][ T7338] do_syscall_64+0xcd/0xf80 [ 118.601308][ T7338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.601319][ T7338] RIP: 0033:0x7f44b018f7c9 [ 118.601328][ T7338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.601338][ T7338] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 118.601348][ T7338] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 118.601354][ T7338] RDX: 000000000000fcdd RSI: 0000200000002300 RDI: 0000000000000003 [ 118.601361][ T7338] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 118.601367][ T7338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 118.601372][ T7338] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 118.601387][ T7338] [ 118.718138][ T7342] fuse: Unknown parameter 'group_i00000000000000000000' [ 118.856465][ T7349] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 118.894053][ T7353] BIDI support in bsg has been removed. [ 118.898735][ T40] audit: type=1400 audit(1766379235.340:330): avc: denied { watch watch_reads } for pid=7351 comm="syz.0.394" path="pipe:[15949]" dev="pipefs" ino=15949 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 118.963056][ T7353] SELinux: Context system_u:object_r:xen_device_t:s0 is not valid (left unmapped). [ 118.971346][ T40] audit: type=1400 audit(1766379235.410:331): avc: denied { relabelto } for pid=7351 comm="syz.0.394" name="2:0:0:0" dev="devtmpfs" ino=728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:xen_device_t:s0" [ 118.985022][ T40] audit: type=1400 audit(1766379235.420:332): avc: denied { associate } for pid=7351 comm="syz.0.394" name="2:0:0:0" dev="devtmpfs" ino=728 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 srawcon="system_u:object_r:xen_device_t:s0" [ 118.999681][ T7353] input: syz0 as /devices/virtual/input/input21 [ 119.011401][ T7353] input: failed to attach handler leds to device input21, error: -6 [ 119.310646][ T7368] FAULT_INJECTION: forcing a failure. [ 119.310646][ T7368] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 119.315021][ T7368] CPU: 1 UID: 0 PID: 7368 Comm: syz.3.400 Not tainted syzkaller #0 PREEMPT(full) [ 119.315036][ T7368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 119.315042][ T7368] Call Trace: [ 119.315047][ T7368] [ 119.315051][ T7368] dump_stack_lvl+0x16c/0x1f0 [ 119.315068][ T7368] should_fail_ex+0x512/0x640 [ 119.315088][ T7368] _copy_from_user+0x2e/0xd0 [ 119.315105][ T7368] kvm_arch_vcpu_ioctl+0x1e9/0x54b0 [ 119.315121][ T7368] ? stack_trace_save+0x8e/0xc0 [ 119.315133][ T7368] ? __pfx_stack_trace_save+0x10/0x10 [ 119.315146][ T7368] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 119.315160][ T7368] ? __lock_acquire+0x436/0x2890 [ 119.315174][ T7368] ? kasan_save_stack+0x42/0x60 [ 119.315187][ T7368] ? kasan_save_stack+0x33/0x60 [ 119.315198][ T7368] ? kasan_save_track+0x14/0x30 [ 119.315209][ T7368] ? kasan_save_free_info+0x3b/0x60 [ 119.315228][ T7368] ? __lock_acquire+0x436/0x2890 [ 119.315246][ T7368] ? lock_acquire+0x179/0x330 [ 119.315260][ T7368] ? __pfx___might_resched+0x10/0x10 [ 119.315271][ T7368] ? rcu_is_watching+0x12/0xc0 [ 119.315282][ T7368] ? trace_contention_end+0xdd/0x110 [ 119.315295][ T7368] ? __mutex_lock+0x27b/0x1ca0 [ 119.315311][ T7368] ? kvm_vcpu_ioctl+0x316/0x16d0 [ 119.315330][ T7368] ? __pfx___mutex_lock+0x10/0x10 [ 119.315351][ T7368] ? tomoyo_path_number_perm+0x18d/0x580 [ 119.315366][ T7368] ? kvm_vcpu_ioctl+0x1293/0x16d0 [ 119.315382][ T7368] kvm_vcpu_ioctl+0x1293/0x16d0 [ 119.315400][ T7368] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 119.315417][ T7368] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 119.315431][ T7368] ? do_vfs_ioctl+0x128/0x14f0 [ 119.315444][ T7368] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 119.315456][ T7368] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 119.315477][ T7368] ? hook_file_ioctl_common+0x144/0x410 [ 119.315497][ T7368] ? selinux_file_ioctl+0x180/0x270 [ 119.315511][ T7368] ? selinux_file_ioctl+0xb4/0x270 [ 119.315525][ T7368] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 119.315543][ T7368] __x64_sys_ioctl+0x18e/0x210 [ 119.315556][ T7368] do_syscall_64+0xcd/0xf80 [ 119.315571][ T7368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.315583][ T7368] RIP: 0033:0x7f921b58f7c9 [ 119.315592][ T7368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.315602][ T7368] RSP: 002b:00007f92197f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 119.315613][ T7368] RAX: ffffffffffffffda RBX: 00007f921b7e5fa0 RCX: 00007f921b58f7c9 [ 119.315620][ T7368] RDX: 0000200000003680 RSI: 000000004080aebf RDI: 0000000000000005 [ 119.315626][ T7368] RBP: 00007f92197f6090 R08: 0000000000000000 R09: 0000000000000000 [ 119.315632][ T7368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 119.315638][ T7368] R13: 00007f921b7e6038 R14: 00007f921b7e5fa0 R15: 00007ffe967119f8 [ 119.315652][ T7368] [ 119.467610][ T40] audit: type=1400 audit(1766379235.910:333): avc: denied { create } for pid=7369 comm="syz.0.401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1 [ 119.540627][ T7374] No control pipe specified [ 119.696878][ T7373] syzkaller0: entered promiscuous mode [ 119.698793][ T7373] syzkaller0: entered allmulticast mode [ 120.145833][ T40] audit: type=1400 audit(1766379236.590:334): avc: denied { write } for pid=7395 comm="syz.4.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 120.193274][ T7399] fuse: Unknown parameter 'group_id00000000000000000000' [ 120.210014][ T40] audit: type=1400 audit(1766379236.660:335): avc: denied { create } for pid=7400 comm="syz.4.411" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 120.211509][ T7401] netlink: 4 bytes leftover after parsing attributes in process `syz.4.411'. [ 120.233829][ T7404] netlink: 8 bytes leftover after parsing attributes in process `syz.1.412'. [ 120.284604][ T40] audit: type=1400 audit(1766379236.730:336): avc: denied { bind } for pid=7400 comm="syz.4.411" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 120.292464][ T40] audit: type=1400 audit(1766379236.730:337): avc: denied { name_bind } for pid=7400 comm="syz.4.411" src=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 120.301400][ T40] audit: type=1400 audit(1766379236.730:338): avc: denied { node_bind } for pid=7400 comm="syz.4.411" src=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 120.966221][ T7422] fuse: Unknown parameter 'group_id00000000000000000000' [ 120.974637][ T7420] FAULT_INJECTION: forcing a failure. [ 120.974637][ T7420] name failslab, interval 1, probability 0, space 0, times 0 [ 120.978823][ T7420] CPU: 1 UID: 0 PID: 7420 Comm: syz.1.419 Not tainted syzkaller #0 PREEMPT(full) [ 120.978838][ T7420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.978845][ T7420] Call Trace: [ 120.978849][ T7420] [ 120.978854][ T7420] dump_stack_lvl+0x16c/0x1f0 [ 120.978871][ T7420] should_fail_ex+0x512/0x640 [ 120.978889][ T7420] ? __kmalloc_cache_noprof+0x5f/0x800 [ 120.978908][ T7420] should_failslab+0xc2/0x120 [ 120.978942][ T7420] __kmalloc_cache_noprof+0x80/0x800 [ 120.978959][ T7420] ? rcu_is_watching+0x12/0xc0 [ 120.978969][ T7420] ? vhost_task_create+0xe5/0x370 [ 120.978986][ T7420] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 120.979006][ T7420] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 120.979022][ T7420] ? vhost_task_create+0xe5/0x370 [ 120.979036][ T7420] vhost_task_create+0xe5/0x370 [ 120.979050][ T7420] ? __pfx_vhost_task_create+0x10/0x10 [ 120.979069][ T7420] ? __pfx_vhost_task_fn+0x10/0x10 [ 120.979086][ T7420] ? __pfx___mutex_lock+0x10/0x10 [ 120.979105][ T7420] kvm_mmu_post_init_vm+0x1b7/0x380 [ 120.979120][ T7420] kvm_arch_vcpu_ioctl_run+0x66/0x1860 [ 120.979134][ T7420] ? kvm_vcpu_ioctl+0x14f8/0x16d0 [ 120.979154][ T7420] kvm_vcpu_ioctl+0x76d/0x16d0 [ 120.979176][ T7420] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 120.979193][ T7420] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 120.979206][ T7420] ? do_vfs_ioctl+0x128/0x14f0 [ 120.979220][ T7420] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 120.979232][ T7420] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 120.979253][ T7420] ? hook_file_ioctl_common+0x144/0x410 [ 120.979274][ T7420] ? selinux_file_ioctl+0x180/0x270 [ 120.979287][ T7420] ? selinux_file_ioctl+0xb4/0x270 [ 120.979302][ T7420] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 120.979319][ T7420] __x64_sys_ioctl+0x18e/0x210 [ 120.979333][ T7420] do_syscall_64+0xcd/0xf80 [ 120.979348][ T7420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.979359][ T7420] RIP: 0033:0x7fb864b8f7c9 [ 120.979368][ T7420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.979379][ T7420] RSP: 002b:00007fb865a2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 120.979390][ T7420] RAX: ffffffffffffffda RBX: 00007fb864de5fa0 RCX: 00007fb864b8f7c9 [ 120.979397][ T7420] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 120.979403][ T7420] RBP: 00007fb865a2d090 R08: 0000000000000000 R09: 0000000000000000 [ 120.979409][ T7420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.979415][ T7420] R13: 00007fb864de6038 R14: 00007fb864de5fa0 R15: 00007ffe1da213c8 [ 120.979430][ T7420] [ 121.093231][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.3.423'. [ 121.264828][ T7443] fuse: Bad value for 'fd' [ 121.273110][ T7444] fuse: Unknown parameter 'group_id00000000000000000000' [ 121.319364][ T7449] input: syz0 as /devices/virtual/input/input22 [ 121.322051][ T7449] input: failed to attach handler leds to device input22, error: -6 [ 121.326511][ T7448] netlink: 8 bytes leftover after parsing attributes in process `syz.0.433'. [ 121.378776][ T6663] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 121.378905][ T7454] input: syz0 as /devices/virtual/input/input23 [ 121.380743][ T7456] fuse: Bad value for 'group_id' [ 121.380760][ T7456] fuse: Bad value for 'group_id' [ 121.390697][ T7454] input: failed to attach handler leds to device input23, error: -6 [ 121.396006][ T7454] FAULT_INJECTION: forcing a failure. [ 121.396006][ T7454] name failslab, interval 1, probability 0, space 0, times 0 [ 121.409003][ T7454] CPU: 3 UID: 0 PID: 7454 Comm: syz.0.436 Not tainted syzkaller #0 PREEMPT(full) [ 121.409026][ T7454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 121.409037][ T7454] Call Trace: [ 121.409043][ T7454] [ 121.409050][ T7454] dump_stack_lvl+0x16c/0x1f0 [ 121.409077][ T7454] should_fail_ex+0x512/0x640 [ 121.409104][ T7454] ? __kmalloc_noprof+0xca/0x910 [ 121.409134][ T7454] should_failslab+0xc2/0x120 [ 121.409158][ T7454] __kmalloc_noprof+0xeb/0x910 [ 121.409185][ T7454] ? lockdep_hardirqs_on+0x7c/0x110 [ 121.409208][ T7454] ? kobject_get_path+0xd2/0x2d0 [ 121.409243][ T7454] ? kobject_get_path+0xd2/0x2d0 [ 121.409265][ T7454] kobject_get_path+0xd2/0x2d0 [ 121.409294][ T7454] input_devices_seq_show+0x8d/0x1130 [ 121.409318][ T7454] ? __pfx_input_devices_seq_show+0x10/0x10 [ 121.409343][ T7454] ? seq_list_start+0x9a/0xc0 [ 121.409367][ T7454] seq_read_iter+0xb25/0x12d0 [ 121.409402][ T7454] seq_read+0x3a3/0x570 [ 121.409426][ T7454] ? __pfx_seq_read+0x10/0x10 [ 121.409454][ T7454] ? lock_acquire+0x179/0x330 [ 121.409479][ T7454] ? avc_policy_seqno+0x9/0x20 [ 121.409511][ T7454] ? __pfx_seq_read+0x10/0x10 [ 121.409533][ T7454] proc_reg_read+0x240/0x330 [ 121.409557][ T7454] ? __pfx_proc_reg_read+0x10/0x10 [ 121.409581][ T7454] vfs_read+0x1e4/0xcf0 [ 121.409604][ T7454] ? __pfx___mutex_lock+0x10/0x10 [ 121.409631][ T7454] ? __pfx_vfs_read+0x10/0x10 [ 121.409661][ T7454] ? __fget_files+0x20e/0x3c0 [ 121.409692][ T7454] ksys_read+0x12a/0x250 [ 121.409714][ T7454] ? __pfx_ksys_read+0x10/0x10 [ 121.409743][ T7454] do_syscall_64+0xcd/0xf80 [ 121.409767][ T7454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.409785][ T7454] RIP: 0033:0x7f44b018f7c9 [ 121.409799][ T7454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.409816][ T7454] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 121.409833][ T7454] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 121.409845][ T7454] RDX: 000000000000fcdd RSI: 0000200000002300 RDI: 0000000000000003 [ 121.409855][ T7454] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 121.409866][ T7454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.409876][ T7454] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 121.409902][ T7454] [ 121.539054][ T6663] usb 8-1: Using ep0 maxpacket: 8 [ 121.550992][ T6663] usb 8-1: config 0 has an invalid interface number: 55 but max is 0 [ 121.566201][ T6663] usb 8-1: config 0 has no interface number 0 [ 121.588496][ T6663] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 121.603169][ T6663] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 121.615257][ T6663] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 121.647982][ T6663] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 121.651055][ T7468] FAULT_INJECTION: forcing a failure. [ 121.651055][ T7468] name failslab, interval 1, probability 0, space 0, times 0 [ 121.655908][ T7468] CPU: 3 UID: 0 PID: 7468 Comm: syz.0.439 Not tainted syzkaller #0 PREEMPT(full) [ 121.655931][ T7468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 121.655943][ T7468] Call Trace: [ 121.655950][ T7468] [ 121.655957][ T7468] dump_stack_lvl+0x16c/0x1f0 [ 121.655985][ T7468] should_fail_ex+0x512/0x640 [ 121.656013][ T7468] ? fs_reclaim_acquire+0xae/0x150 [ 121.656041][ T7468] should_failslab+0xc2/0x120 [ 121.656064][ T7468] __kmalloc_noprof+0xeb/0x910 [ 121.656091][ T7468] ? tomoyo_encode2+0x100/0x3e0 [ 121.656119][ T7468] ? tomoyo_encode2+0x100/0x3e0 [ 121.656139][ T7468] tomoyo_encode2+0x100/0x3e0 [ 121.656166][ T7468] tomoyo_encode+0x29/0x50 [ 121.656188][ T7468] tomoyo_realpath_from_path+0x18f/0x6e0 [ 121.656213][ T7468] ? tomoyo_profile+0x47/0x60 [ 121.656247][ T7468] tomoyo_path_number_perm+0x245/0x580 [ 121.656265][ T7468] ? tomoyo_path_number_perm+0x237/0x580 [ 121.656287][ T7468] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 121.656309][ T7468] ? find_held_lock+0x2b/0x80 [ 121.656354][ T7468] ? find_held_lock+0x2b/0x80 [ 121.656379][ T7468] ? hook_file_ioctl_common+0x144/0x410 [ 121.656410][ T7468] ? __fget_files+0x20e/0x3c0 [ 121.656439][ T7468] security_file_ioctl+0x9b/0x240 [ 121.656463][ T7468] __x64_sys_ioctl+0xb7/0x210 [ 121.656484][ T7468] do_syscall_64+0xcd/0xf80 [ 121.656508][ T7468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.656526][ T7468] RIP: 0033:0x7f44b018f7c9 [ 121.656539][ T7468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.656556][ T7468] RSP: 002b:00007f44b0fcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 121.656572][ T7468] RAX: ffffffffffffffda RBX: 00007f44b03e6090 RCX: 00007f44b018f7c9 [ 121.656584][ T7468] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 121.656594][ T7468] RBP: 00007f44b0fcc090 R08: 0000000000000000 R09: 0000000000000000 [ 121.656604][ T7468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.656615][ T7468] R13: 00007f44b03e6128 R14: 00007f44b03e6090 R15: 00007ffd777dd638 [ 121.656638][ T7468] [ 121.656655][ T7468] ERROR: Out of memory at tomoyo_realpath_from_path. [ 121.729130][ T6663] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 121.780348][ T6663] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.783188][ T7474] fuse: Bad value for 'fd' [ 121.824618][ T6663] usb 8-1: config 0 descriptor?? [ 122.121507][ T6663] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 122.179270][ T6663] usb 8-1: USB disconnect, device number 8 [ 122.211051][ T7499] netlink: 24 bytes leftover after parsing attributes in process `syz.4.446'. [ 122.285947][ T7501] netlink: 4 bytes leftover after parsing attributes in process `syz.0.447'. [ 122.311972][ T7499] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7499 comm=syz.4.446 [ 122.328320][ T7501] input: syz0 as /devices/virtual/input/input24 [ 122.341763][ T7499] (syz.4.446,7499,3):ocfs2_get_sector:1714 ERROR: status = -5 [ 122.345065][ T7499] (syz.4.446,7499,3):ocfs2_sb_probe:753 ERROR: status = -5 [ 122.347399][ T7499] (syz.4.446,7499,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 122.350066][ T7499] (syz.4.446,7499,3):ocfs2_fill_super:1177 ERROR: status = -5 [ 122.353599][ T7501] input: failed to attach handler leds to device input24, error: -6 [ 122.359313][ T6663] ldusb 8-1:0.55: LD USB Device #0 now disconnected [ 122.507566][ T7514] netlink: 8 bytes leftover after parsing attributes in process `syz.1.452'. [ 122.663631][ T7526] pim6reg: entered allmulticast mode [ 122.666625][ T7529] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 122.674835][ T7528] dvmrp1: tun_chr_ioctl cmd 1074025678 [ 122.676669][ T7528] dvmrp1: group set to 0 [ 122.838813][ T7533] fuse: Invalid rootmode [ 122.842602][ T7533] netlink: 4 bytes leftover after parsing attributes in process `syz.0.459'. [ 123.045359][ T7542] fuse: Bad value for 'user_id' [ 123.046982][ T7542] fuse: Bad value for 'user_id' [ 123.086009][ T7544] netlink: 8 bytes leftover after parsing attributes in process `syz.0.463'. [ 123.270499][ T7549] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 123.675099][ T7555] FAULT_INJECTION: forcing a failure. [ 123.675099][ T7555] name failslab, interval 1, probability 0, space 0, times 0 [ 123.680873][ T7555] CPU: 2 UID: 0 PID: 7555 Comm: syz.0.467 Not tainted syzkaller #0 PREEMPT(full) [ 123.680896][ T7555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.680907][ T7555] Call Trace: [ 123.680919][ T7555] [ 123.680926][ T7555] dump_stack_lvl+0x16c/0x1f0 [ 123.680966][ T7555] should_fail_ex+0x512/0x640 [ 123.680997][ T7555] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 123.681019][ T7555] should_failslab+0xc2/0x120 [ 123.681044][ T7555] kmem_cache_alloc_node_noprof+0x86/0x800 [ 123.681063][ T7555] ? __alloc_skb+0x156/0x410 [ 123.681094][ T7555] ? __alloc_skb+0x156/0x410 [ 123.681120][ T7555] __alloc_skb+0x156/0x410 [ 123.681145][ T7555] ? __alloc_skb+0x35d/0x410 [ 123.681168][ T7555] ? __pfx___alloc_skb+0x10/0x10 [ 123.681193][ T7555] ? netlink_autobind.isra.0+0x158/0x370 [ 123.681220][ T7555] netlink_alloc_large_skb+0x69/0x140 [ 123.681235][ T7555] netlink_sendmsg+0x698/0xdd0 [ 123.681251][ T7555] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.681269][ T7555] ____sys_sendmsg+0xa5d/0xc30 [ 123.681284][ T7555] ? copy_msghdr_from_user+0x10a/0x160 [ 123.681296][ T7555] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.681316][ T7555] ___sys_sendmsg+0x134/0x1d0 [ 123.681328][ T7555] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.681355][ T7555] __sys_sendmsg+0x16d/0x220 [ 123.681366][ T7555] ? __pfx___sys_sendmsg+0x10/0x10 [ 123.681386][ T7555] do_syscall_64+0xcd/0xf80 [ 123.681401][ T7555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.681413][ T7555] RIP: 0033:0x7f44b018f7c9 [ 123.681422][ T7555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.681433][ T7555] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 123.681444][ T7555] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 123.681451][ T7555] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004 [ 123.681457][ T7555] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 123.681463][ T7555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 123.681469][ T7555] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 123.681483][ T7555] [ 124.011333][ T7569] fuse: Bad value for 'rootmode' [ 124.069809][ T7571] fuse: Bad value for 'fd' [ 124.255493][ T7590] netlink: 48 bytes leftover after parsing attributes in process `syz.0.482'. [ 124.265868][ T7590] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7590 comm=syz.0.482 [ 124.342831][ T7597] fuse: Bad value for 'fd' [ 124.687937][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 124.687955][ T40] audit: type=1400 audit(1766379241.130:353): avc: denied { mount } for pid=7623 comm="syz.4.490" name="/" dev="hugetlbfs" ino=16369 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 124.845469][ T7631] FAULT_INJECTION: forcing a failure. [ 124.845469][ T7631] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 124.851137][ T7631] CPU: 3 UID: 0 PID: 7631 Comm: syz.0.493 Not tainted syzkaller #0 PREEMPT(full) [ 124.851160][ T7631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 124.851172][ T7631] Call Trace: [ 124.851179][ T7631] [ 124.851187][ T7631] dump_stack_lvl+0x16c/0x1f0 [ 124.851217][ T7631] should_fail_ex+0x512/0x640 [ 124.851248][ T7631] _copy_from_user+0x2e/0xd0 [ 124.851276][ T7631] move_addr_to_kernel+0x65/0x170 [ 124.851302][ T7631] __sys_connect+0xb1/0x160 [ 124.851328][ T7631] ? __pfx___sys_connect+0x10/0x10 [ 124.851363][ T7631] ? __pfx_ksys_write+0x10/0x10 [ 124.851393][ T7631] __x64_sys_connect+0x72/0xb0 [ 124.851418][ T7631] ? lockdep_hardirqs_on+0x7c/0x110 [ 124.851442][ T7631] do_syscall_64+0xcd/0xf80 [ 124.851467][ T7631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.851485][ T7631] RIP: 0033:0x7f44b018f7c9 [ 124.851500][ T7631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.851518][ T7631] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 124.851535][ T7631] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 124.851547][ T7631] RDX: 0000000000000040 RSI: 0000200000000180 RDI: 0000000000000004 [ 124.851558][ T7631] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 124.851569][ T7631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 124.851581][ T7631] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 124.851607][ T7631] [ 124.997309][ T7635] bridge: RTM_NEWNEIGH with invalid state 0x4 [ 125.001197][ T40] audit: type=1400 audit(1766379241.450:354): avc: denied { append } for pid=7634 comm="syz.0.495" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 125.008377][ T40] audit: type=1400 audit(1766379241.450:355): avc: denied { ioctl } for pid=7634 comm="syz.0.495" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 125.017338][ T7636] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 125.020259][ T7635] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 125.023753][ T7636] cramfs: block size(16384) > page size(4096) not supported by filesystem [ 125.029387][ T7636] cramfs: wrong magic [ 125.031404][ T7635] cramfs: block size(16384) > page size(4096) not supported by filesystem [ 125.034626][ T7635] cramfs: wrong magic [ 125.079256][ T7639] fuse: Bad value for 'fd' [ 125.135883][ T7643] FAULT_INJECTION: forcing a failure. [ 125.135883][ T7643] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 125.141794][ T7643] CPU: 2 UID: 0 PID: 7643 Comm: syz.0.498 Not tainted syzkaller #0 PREEMPT(full) [ 125.141810][ T7643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 125.141817][ T7643] Call Trace: [ 125.141820][ T7643] [ 125.141825][ T7643] dump_stack_lvl+0x16c/0x1f0 [ 125.141844][ T7643] should_fail_ex+0x512/0x640 [ 125.141863][ T7643] _copy_to_user+0x32/0xd0 [ 125.141880][ T7643] simple_read_from_buffer+0xcb/0x170 [ 125.141897][ T7643] proc_fail_nth_read+0x197/0x240 [ 125.141910][ T7643] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 125.141926][ T7643] ? rw_verify_area+0xcf/0x6c0 [ 125.141938][ T7643] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 125.141950][ T7643] vfs_read+0x1e4/0xcf0 [ 125.141964][ T7643] ? __pfx___mutex_lock+0x10/0x10 [ 125.141996][ T7643] ? __pfx_vfs_read+0x10/0x10 [ 125.142014][ T7643] ? __fget_files+0x20e/0x3c0 [ 125.142034][ T7643] ksys_read+0x12a/0x250 [ 125.142047][ T7643] ? __pfx_ksys_read+0x10/0x10 [ 125.142061][ T7643] ? fput+0x70/0xf0 [ 125.142072][ T7643] do_syscall_64+0xcd/0xf80 [ 125.142087][ T7643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.142099][ T7643] RIP: 0033:0x7f44b018e1dc [ 125.142108][ T7643] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 125.142118][ T7643] RSP: 002b:00007f44b0fed030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 125.142130][ T7643] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018e1dc [ 125.142137][ T7643] RDX: 000000000000000f RSI: 00007f44b0fed0a0 RDI: 0000000000000006 [ 125.142143][ T7643] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 125.142149][ T7643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 125.142155][ T7643] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 125.142169][ T7643] [ 125.254549][ T7645] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 125.305932][ T7649] sp0: Synchronizing with TNC [ 125.636445][ T40] audit: type=1400 audit(1766379242.080:356): avc: denied { ioctl } for pid=7668 comm="syz.1.506" path="socket:[18602]" dev="sockfs" ino=18602 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 125.644818][ T40] audit: type=1400 audit(1766379242.100:357): avc: denied { bind } for pid=7668 comm="syz.1.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 125.650975][ T40] audit: type=1400 audit(1766379242.100:358): avc: denied { write } for pid=7668 comm="syz.1.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 125.705905][ T7675] FAULT_INJECTION: forcing a failure. [ 125.705905][ T7675] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 125.711733][ T7675] CPU: 0 UID: 0 PID: 7675 Comm: syz.4.509 Not tainted syzkaller #0 PREEMPT(full) [ 125.711757][ T7675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 125.711768][ T7675] Call Trace: [ 125.711775][ T7675] [ 125.711781][ T7675] dump_stack_lvl+0x16c/0x1f0 [ 125.711811][ T7675] should_fail_ex+0x512/0x640 [ 125.711842][ T7675] _copy_from_user+0x2e/0xd0 [ 125.711877][ T7675] memdup_user+0x6b/0xe0 [ 125.711898][ T7675] __comedi_get_user_chanlist+0xc1/0x200 [ 125.711924][ T7675] do_cmd_ioctl.constprop.0+0x32a/0xbe0 [ 125.711954][ T7675] comedi_unlocked_ioctl+0x1b8f/0x2eb0 [ 125.711988][ T7675] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 125.712026][ T7675] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 125.712048][ T7675] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 125.712083][ T7675] ? hook_file_ioctl_common+0x144/0x410 [ 125.712118][ T7675] ? selinux_file_ioctl+0x180/0x270 [ 125.712141][ T7675] ? selinux_file_ioctl+0xb4/0x270 [ 125.712165][ T7675] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 125.712192][ T7675] __x64_sys_ioctl+0x18e/0x210 [ 125.712214][ T7675] do_syscall_64+0xcd/0xf80 [ 125.712240][ T7675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.712259][ T7675] RIP: 0033:0x7f98d2b8f7c9 [ 125.712274][ T7675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.712292][ T7675] RSP: 002b:00007f98d3a56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 125.712310][ T7675] RAX: ffffffffffffffda RBX: 00007f98d2de5fa0 RCX: 00007f98d2b8f7c9 [ 125.712322][ T7675] RDX: 0000200000000180 RSI: 0000000080506409 RDI: 0000000000000003 [ 125.712333][ T7675] RBP: 00007f98d3a56090 R08: 0000000000000000 R09: 0000000000000000 [ 125.712344][ T7675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 125.712354][ T7675] R13: 00007f98d2de6038 R14: 00007f98d2de5fa0 R15: 00007ffcda8016f8 [ 125.712379][ T7675] [ 126.100710][ T7696] fuse: Unknown parameter 'use00000000000000000000' [ 126.265779][ T40] audit: type=1400 audit(1766379242.710:359): avc: denied { open } for pid=7697 comm="syz.0.514" path="/dev/ptyq5" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 126.275120][ T40] audit: type=1400 audit(1766379242.710:360): avc: denied { ioctl } for pid=7697 comm="syz.0.514" path="/dev/ptyq5" dev="devtmpfs" ino=132 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 126.675322][ T7719] netlink: 8 bytes leftover after parsing attributes in process `syz.4.520'. [ 126.678813][ T7719] netlink: 8 bytes leftover after parsing attributes in process `syz.4.520'. [ 126.742332][ T7722] fuse: Unknown parameter 'use00000000000000000000' [ 127.261708][ T7745] fuse: Unknown parameter 'user_i00000000000000000000' [ 127.534932][ T7770] FAULT_INJECTION: forcing a failure. [ 127.534932][ T7770] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 127.547416][ T7770] CPU: 2 UID: 0 PID: 7770 Comm: syz.0.538 Not tainted syzkaller #0 PREEMPT(full) [ 127.547449][ T7770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.547460][ T7770] Call Trace: [ 127.547467][ T7770] [ 127.547473][ T7770] dump_stack_lvl+0x16c/0x1f0 [ 127.547506][ T7770] should_fail_ex+0x512/0x640 [ 127.547540][ T7770] _copy_to_user+0x32/0xd0 [ 127.547569][ T7770] comedi_unlocked_ioctl+0x269e/0x2eb0 [ 127.547603][ T7770] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 127.547642][ T7770] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 127.547665][ T7770] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 127.547700][ T7770] ? hook_file_ioctl_common+0x144/0x410 [ 127.547734][ T7770] ? selinux_file_ioctl+0x180/0x270 [ 127.547759][ T7770] ? selinux_file_ioctl+0xb4/0x270 [ 127.547785][ T7770] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 127.547812][ T7770] __x64_sys_ioctl+0x18e/0x210 [ 127.547837][ T7770] do_syscall_64+0xcd/0xf80 [ 127.547870][ T7770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.547890][ T7770] RIP: 0033:0x7f44b018f7c9 [ 127.547905][ T7770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.547924][ T7770] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 127.547943][ T7770] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 127.547956][ T7770] RDX: 0000200000000180 RSI: 0000000080506409 RDI: 0000000000000003 [ 127.547967][ T7770] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 127.547978][ T7770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.547989][ T7770] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 127.548014][ T7770] [ 127.681632][ T7779] fuse: Unknown parameter 'user_i00000000000000000000' [ 127.702276][ T40] audit: type=1400 audit(1766379244.150:361): avc: denied { mount } for pid=7773 comm="syz.1.540" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 127.787801][ T7774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 127.792316][ T7774] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 127.887265][ T7789] fuse: Unknown parameter 'grou00000000000000000000' [ 128.031378][ T7797] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 128.034252][ T7797] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 128.375010][ T40] audit: type=1400 audit(1766379244.820:362): avc: denied { create } for pid=7803 comm="syz.1.555" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 128.399049][ T7806] netlink: 'syz.3.552': attribute type 23 has an invalid length. [ 128.498745][ T7815] fuse: Unknown parameter 'group_i00000000000000000000' [ 128.696286][ T7821] FAULT_INJECTION: forcing a failure. [ 128.696286][ T7821] name failslab, interval 1, probability 0, space 0, times 0 [ 128.709044][ T7821] CPU: 1 UID: 0 PID: 7821 Comm: syz.4.558 Not tainted syzkaller #0 PREEMPT(full) [ 128.709066][ T7821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 128.709075][ T7821] Call Trace: [ 128.709080][ T7821] [ 128.709090][ T7821] dump_stack_lvl+0x16c/0x1f0 [ 128.709144][ T7821] should_fail_ex+0x512/0x640 [ 128.709170][ T7821] ? __kmalloc_cache_noprof+0x5f/0x800 [ 128.709197][ T7821] should_failslab+0xc2/0x120 [ 128.709217][ T7821] __kmalloc_cache_noprof+0x80/0x800 [ 128.709241][ T7821] ? tcf_action_init_1+0x278/0x6c0 [ 128.709266][ T7821] ? tcf_action_init_1+0x278/0x6c0 [ 128.709285][ T7821] tcf_action_init_1+0x278/0x6c0 [ 128.709307][ T7821] ? tc_lookup_action_n+0xc9/0xf0 [ 128.709326][ T7821] ? __pfx_tcf_action_init_1+0x10/0x10 [ 128.709348][ T7821] ? __pfx_tc_action_load_ops+0x10/0x10 [ 128.709378][ T7821] ? __nla_parse+0x40/0x60 [ 128.709395][ T7821] tcf_action_init+0x432/0xa50 [ 128.709424][ T7821] ? __pfx_tcf_action_init+0x10/0x10 [ 128.709461][ T7821] ? arch_stack_walk+0xa6/0x100 [ 128.709499][ T7821] ? kasan_save_free_info+0x3b/0x60 [ 128.709524][ T7821] ? __lock_acquire+0x436/0x2890 [ 128.709544][ T7821] tcf_action_add+0xee/0x5c0 [ 128.709569][ T7821] ? __pfx_tcf_action_add+0x10/0x10 [ 128.709621][ T7821] ? __nla_parse+0x40/0x60 [ 128.709639][ T7821] tc_ctl_action+0x35b/0x470 [ 128.709661][ T7821] ? __pfx_tc_ctl_action+0x10/0x10 [ 128.709689][ T7821] ? __pfx_tc_ctl_action+0x10/0x10 [ 128.709711][ T7821] rtnetlink_rcv_msg+0x3c9/0xe90 [ 128.709731][ T7821] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 128.709753][ T7821] ? ref_tracker_free+0x37c/0x830 [ 128.709783][ T7821] netlink_rcv_skb+0x158/0x420 [ 128.709805][ T7821] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 128.709823][ T7821] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 128.709848][ T7821] ? netlink_deliver_tap+0x1ae/0xd30 [ 128.709870][ T7821] netlink_unicast+0x5aa/0x870 [ 128.709891][ T7821] ? __pfx_netlink_unicast+0x10/0x10 [ 128.709916][ T7821] netlink_sendmsg+0x8c8/0xdd0 [ 128.709937][ T7821] ? __pfx_netlink_sendmsg+0x10/0x10 [ 128.709963][ T7821] ____sys_sendmsg+0xa5d/0xc30 [ 128.709983][ T7821] ? copy_msghdr_from_user+0x10a/0x160 [ 128.709998][ T7821] ? __pfx_____sys_sendmsg+0x10/0x10 [ 128.710020][ T7821] ? __pfx__kstrtoull+0x10/0x10 [ 128.710041][ T7821] ___sys_sendmsg+0x134/0x1d0 [ 128.710057][ T7821] ? __pfx____sys_sendmsg+0x10/0x10 [ 128.710082][ T7821] ? find_held_lock+0x2b/0x80 [ 128.710124][ T7821] __sys_sendmmsg+0x200/0x420 [ 128.710141][ T7821] ? __pfx___sys_sendmmsg+0x10/0x10 [ 128.710163][ T7821] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 128.710192][ T7821] ? fput+0x70/0xf0 [ 128.710205][ T7821] ? ksys_write+0x1ac/0x250 [ 128.710223][ T7821] ? __pfx_ksys_write+0x10/0x10 [ 128.710244][ T7821] __x64_sys_sendmmsg+0x9c/0x100 [ 128.710259][ T7821] ? lockdep_hardirqs_on+0x7c/0x110 [ 128.710278][ T7821] do_syscall_64+0xcd/0xf80 [ 128.710298][ T7821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.710313][ T7821] RIP: 0033:0x7f98d2b8f7c9 [ 128.710325][ T7821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.710339][ T7821] RSP: 002b:00007f98d3a56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 128.710354][ T7821] RAX: ffffffffffffffda RBX: 00007f98d2de5fa0 RCX: 00007f98d2b8f7c9 [ 128.710363][ T7821] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003 [ 128.710372][ T7821] RBP: 00007f98d3a56090 R08: 0000000000000000 R09: 0000000000000000 [ 128.710381][ T7821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.710390][ T7821] R13: 00007f98d2de6038 R14: 00007f98d2de5fa0 R15: 00007ffcda8016f8 [ 128.710410][ T7821] [ 129.118814][ T9] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 129.158773][ T142] usb 5-1: new low-speed USB device number 12 using dummy_hcd [ 129.198781][ T60] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 129.268749][ T9] usb 8-1: Using ep0 maxpacket: 8 [ 129.272524][ T9] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 129.275724][ T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 129.279578][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 129.283509][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 129.287062][ T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 129.292517][ T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 129.296234][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.320223][ T142] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 129.324295][ T142] usb 5-1: config 0 has no interfaces? [ 129.326649][ T142] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 129.330482][ T60] usb 9-1: device descriptor read/64, error -71 [ 129.333099][ T142] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.338476][ T142] usb 5-1: config 0 descriptor?? [ 129.508386][ T9] usb 8-1: usb_control_msg returned -32 [ 129.511639][ T9] usbtmc 8-1:16.0: can't read capabilities [ 129.547790][ T142] usb 5-1: USB disconnect, device number 12 [ 129.578799][ T60] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 129.708769][ T60] usb 9-1: device descriptor read/64, error -71 [ 129.830639][ T60] usb usb9-port1: attempt power cycle [ 129.907522][ T7880] overlayfs: failed to get inode (-116) [ 129.919050][ T7880] overlayfs: failed to get inode (-116) [ 130.090983][ T984] usb 8-1: USB disconnect, device number 9 [ 130.198753][ T60] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 130.229443][ T60] usb 9-1: device descriptor read/8, error -71 [ 130.478795][ T60] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 130.523480][ T60] usb 9-1: device descriptor read/8, error -71 [ 130.596052][ T7912] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 130.648972][ T60] usb usb9-port1: unable to enumerate USB device [ 130.991766][ T7933] IPVS: sh: FWM 3 0x00000003 - no destination available [ 130.994936][ C0] IPVS: sh: FWM 3 0x00000003 - no destination available [ 131.736802][ T7941] input: syz0 as /devices/virtual/input/input25 [ 131.740859][ T7941] input: failed to attach handler leds to device input25, error: -6 [ 131.765039][ T7941] FAULT_INJECTION: forcing a failure. [ 131.765039][ T7941] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 131.771241][ T7941] CPU: 2 UID: 0 PID: 7941 Comm: syz.0.580 Not tainted syzkaller #0 PREEMPT(full) [ 131.771258][ T7941] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 131.771265][ T7941] Call Trace: [ 131.771275][ T7941] [ 131.771279][ T7941] dump_stack_lvl+0x16c/0x1f0 [ 131.771309][ T7941] should_fail_ex+0x512/0x640 [ 131.771332][ T7941] _copy_to_iter+0x463/0x1710 [ 131.771349][ T7941] ? input_devices_seq_show+0x719/0x1130 [ 131.771364][ T7941] ? __pfx__copy_to_iter+0x10/0x10 [ 131.771380][ T7941] ? __pfx_input_devices_seq_show+0x10/0x10 [ 131.771398][ T7941] seq_read_iter+0xd02/0x12d0 [ 131.771419][ T7941] seq_read+0x3a3/0x570 [ 131.771434][ T7941] ? __pfx_seq_read+0x10/0x10 [ 131.771451][ T7941] ? lock_acquire+0x179/0x330 [ 131.771466][ T7941] ? avc_policy_seqno+0x9/0x20 [ 131.771487][ T7941] ? __pfx_seq_read+0x10/0x10 [ 131.771501][ T7941] proc_reg_read+0x240/0x330 [ 131.771516][ T7941] ? __pfx_proc_reg_read+0x10/0x10 [ 131.771530][ T7941] vfs_read+0x1e4/0xcf0 [ 131.771545][ T7941] ? __pfx___mutex_lock+0x10/0x10 [ 131.771561][ T7941] ? __pfx_vfs_read+0x10/0x10 [ 131.771578][ T7941] ? __fget_files+0x20e/0x3c0 [ 131.771598][ T7941] ksys_read+0x12a/0x250 [ 131.771611][ T7941] ? __pfx_ksys_read+0x10/0x10 [ 131.771629][ T7941] do_syscall_64+0xcd/0xf80 [ 131.771644][ T7941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.771655][ T7941] RIP: 0033:0x7f44b018f7c9 [ 131.771664][ T7941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.771675][ T7941] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 131.771686][ T7941] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 131.771693][ T7941] RDX: 000000000000fcdd RSI: 0000200000002300 RDI: 0000000000000003 [ 131.771699][ T7941] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 131.771705][ T7941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 131.771711][ T7941] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 131.771726][ T7941] [ 131.909330][ T7945] could not allocate digest TFM handle cryptd(blake2b-160) [ 131.911496][ T7952] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 132.012748][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 132.012759][ T40] audit: type=1400 audit(1766379248.460:371): avc: denied { watch watch_reads } for pid=7963 comm="syz.0.587" path="/159/file1" dev="tmpfs" ino=887 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 132.080966][ T40] audit: type=1400 audit(1766379248.530:372): avc: denied { ioctl } for pid=7963 comm="syz.0.587" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xe501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 132.145985][ T7971] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 132.191668][ T7973] comedi comedi0: pcl724: I/O port conflict (0x4f27,4) [ 132.194907][ T7974] comedi comedi0: pcl724: I/O port conflict (0x4f27,4) [ 132.875000][ T40] audit: type=1400 audit(1766379249.320:373): avc: denied { mounton } for pid=7991 comm="syz.1.598" path="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1 [ 132.914564][ T7998] fuse: Bad value for 'fd' [ 132.938784][ T984] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 133.024444][ T8005] binder: 8004:8005 ioctl 4020ae46 200000000180 returned -22 [ 133.065539][ T8009] fuse: Bad value for 'user_id' [ 133.067465][ T8009] fuse: Bad value for 'user_id' [ 133.091437][ T984] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 133.094891][ T984] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 133.095134][ T8011] FAULT_INJECTION: forcing a failure. [ 133.095134][ T8011] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 133.097976][ T984] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 133.103503][ T8011] CPU: 2 UID: 0 PID: 8011 Comm: syz.4.605 Not tainted syzkaller #0 PREEMPT(full) [ 133.103530][ T8011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 133.103541][ T8011] Call Trace: [ 133.103548][ T8011] [ 133.103553][ T8011] dump_stack_lvl+0x16c/0x1f0 [ 133.103581][ T8011] should_fail_ex+0x512/0x640 [ 133.103611][ T8011] _copy_from_iter+0x43b/0x16c0 [ 133.103644][ T8011] ? __pfx__copy_from_iter+0x10/0x10 [ 133.103672][ T8011] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 133.103699][ T8011] skb_copy_datagram_from_iter+0x124/0x740 [ 133.103729][ T8011] ? dev_get_by_index+0x17c/0x380 [ 133.103754][ T8011] packet_sendmsg+0x2221/0x54a0 [ 133.103787][ T8011] ? sock_has_perm+0x258/0x2f0 [ 133.103807][ T8011] ? __pfx_sock_has_perm+0x10/0x10 [ 133.103829][ T8011] ? __pfx_packet_sendmsg+0x10/0x10 [ 133.103877][ T8011] ____sys_sendmsg+0xa5d/0xc30 [ 133.103903][ T8011] ? copy_msghdr_from_user+0x10a/0x160 [ 133.103922][ T8011] ? __pfx_____sys_sendmsg+0x10/0x10 [ 133.103956][ T8011] ___sys_sendmsg+0x134/0x1d0 [ 133.103976][ T8011] ? __pfx____sys_sendmsg+0x10/0x10 [ 133.104021][ T8011] __sys_sendmsg+0x16d/0x220 [ 133.104041][ T8011] ? __pfx___sys_sendmsg+0x10/0x10 [ 133.104083][ T8011] do_syscall_64+0xcd/0xf80 [ 133.104109][ T8011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.104127][ T8011] RIP: 0033:0x7f98d2b8f7c9 [ 133.104142][ T8011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.104160][ T8011] RSP: 002b:00007f98d3a56038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 133.104177][ T8011] RAX: ffffffffffffffda RBX: 00007f98d2de5fa0 RCX: 00007f98d2b8f7c9 [ 133.104189][ T8011] RDX: 0000000004000080 RSI: 0000200000000080 RDI: 0000000000000003 [ 133.104199][ T8011] RBP: 00007f98d3a56090 R08: 0000000000000000 R09: 0000000000000000 [ 133.104210][ T8011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 133.104219][ T8011] R13: 00007f98d2de6038 R14: 00007f98d2de5fa0 R15: 00007ffcda8016f8 [ 133.104239][ T8011] [ 133.177491][ T984] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.181644][ T984] usb 5-1: config 0 descriptor?? [ 133.255119][ T40] audit: type=1400 audit(1766379249.700:374): avc: denied { bind } for pid=8016 comm="syz.1.608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 133.255590][ T8017] Bluetooth: MGMT ver 1.23 [ 133.261988][ T40] audit: type=1400 audit(1766379249.700:375): avc: denied { write } for pid=8016 comm="syz.1.608" path="socket:[18391]" dev="sockfs" ino=18391 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 133.291621][ T8019] comedi comedi4: bad chanlist[0]=0x0000e703 chan=59139 range length=2 [ 133.323865][ T8021] fuse: Bad value for 'fd' [ 133.378856][ T54] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 133.477416][ T40] audit: type=1400 audit(1766379249.920:376): avc: denied { create } for pid=8014 comm="syz.4.607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 133.489707][ T40] audit: type=1400 audit(1766379249.940:377): avc: denied { sys_admin } for pid=8014 comm="syz.4.607" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 133.498222][ T40] audit: type=1400 audit(1766379249.940:378): avc: denied { checkpoint_restore } for pid=8014 comm="syz.4.607" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 133.536390][ T40] audit: type=1400 audit(1766379249.980:379): avc: denied { mount } for pid=8014 comm="syz.4.607" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 133.548816][ T54] usb 8-1: Using ep0 maxpacket: 8 [ 133.551766][ T54] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 133.554196][ T54] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 133.557409][ T54] usb 8-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 133.568466][ T54] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 133.572172][ T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.581443][ T54] usbtmc 8-1:16.0: bulk endpoints not found [ 133.589743][ T984] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 133.591899][ T984] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 133.595913][ T984] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0D8C:0022.0007/input/input26 [ 133.625995][ T984] cm6533_jd 0003:0D8C:0022.0007: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 133.709306][ T46] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x28 [ 133.787841][ T7986] netlink: 16 bytes leftover after parsing attributes in process `syz.0.595'. [ 133.797662][ T8051] fuse: Bad value for 'user_id' [ 133.800937][ T8051] fuse: Bad value for 'user_id' [ 133.806062][ T984] usb 5-1: USB disconnect, device number 13 [ 133.938964][ T40] audit: type=1326 audit(1766379250.390:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8053 comm="syz.1.615" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb864b8f7c9 code=0x0 [ 134.144685][ T8059] tmpfs: Unknown parameter 'gi\' [ 135.008917][ T6034] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 135.168855][ T6034] usb 6-1: Using ep0 maxpacket: 8 [ 135.172598][ T6034] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 135.176162][ T6034] usb 6-1: config 0 has no interface number 0 [ 135.178937][ T6034] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 135.183440][ T6034] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 135.188366][ T6034] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 135.193069][ T6034] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 135.198512][ T6034] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 135.202322][ T6034] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.208461][ T6034] usb 6-1: config 0 descriptor?? [ 135.217379][ T6034] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 135.516433][ T8108] No control pipe specified [ 135.576450][ T8111] input: syz0 as /devices/virtual/input/input27 [ 135.579242][ T8111] input: failed to attach handler leds to device input27, error: -6 [ 135.584085][ T8111] FAULT_INJECTION: forcing a failure. [ 135.584085][ T8111] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 135.588969][ T8111] CPU: 0 UID: 0 PID: 8111 Comm: syz.0.630 Tainted: G L syzkaller #0 PREEMPT(full) [ 135.588994][ T8111] Tainted: [L]=SOFTLOCKUP [ 135.589000][ T8111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 135.589010][ T8111] Call Trace: [ 135.589016][ T8111] [ 135.589021][ T8111] dump_stack_lvl+0x16c/0x1f0 [ 135.589044][ T8111] should_fail_ex+0x512/0x640 [ 135.589073][ T8111] _copy_to_user+0x32/0xd0 [ 135.589100][ T8111] simple_read_from_buffer+0xcb/0x170 [ 135.589125][ T8111] proc_fail_nth_read+0x197/0x240 [ 135.589142][ T8111] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 135.589158][ T8111] ? rw_verify_area+0xcf/0x6c0 [ 135.589177][ T8111] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 135.589194][ T8111] vfs_read+0x1e4/0xcf0 [ 135.589215][ T8111] ? __pfx___mutex_lock+0x10/0x10 [ 135.589239][ T8111] ? __pfx_vfs_read+0x10/0x10 [ 135.589262][ T8111] ? __fget_files+0x20e/0x3c0 [ 135.589290][ T8111] ksys_read+0x12a/0x250 [ 135.589310][ T8111] ? __pfx_ksys_read+0x10/0x10 [ 135.589336][ T8111] do_syscall_64+0xcd/0xf80 [ 135.589355][ T8111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.589372][ T8111] RIP: 0033:0x7f44b018e1dc [ 135.589386][ T8111] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 135.589401][ T8111] RSP: 002b:00007f44b0fed030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 135.589417][ T8111] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018e1dc [ 135.589428][ T8111] RDX: 000000000000000f RSI: 00007f44b0fed0a0 RDI: 0000000000000005 [ 135.589434][ T8111] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 135.589442][ T8111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.589452][ T8111] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 135.589475][ T8111] [ 135.703288][ T8120] fuse: Unknown parameter '0x0000000000000003' [ 135.733364][ T8122] fuse: Bad value for 'fd' [ 135.993643][ T8133] netlink: 608 bytes leftover after parsing attributes in process `syz.4.638'. [ 136.225171][ T6663] usb 8-1: USB disconnect, device number 10 [ 136.263958][ T8140] overlayfs: failed to resolve './file1': -2 [ 136.313070][ T8142] FAULT_INJECTION: forcing a failure. [ 136.313070][ T8142] name failslab, interval 1, probability 0, space 0, times 0 [ 136.321026][ T8142] CPU: 2 UID: 0 PID: 8142 Comm: syz.3.641 Tainted: G L syzkaller #0 PREEMPT(full) [ 136.321053][ T8142] Tainted: [L]=SOFTLOCKUP [ 136.321058][ T8142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 136.321067][ T8142] Call Trace: [ 136.321072][ T8142] [ 136.321077][ T8142] dump_stack_lvl+0x16c/0x1f0 [ 136.321105][ T8142] should_fail_ex+0x512/0x640 [ 136.321131][ T8142] should_failslab+0xc2/0x120 [ 136.321154][ T8142] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 136.321177][ T8142] ? nf_ct_ext_add+0x1b2/0x430 [ 136.321202][ T8142] ? rcu_is_watching+0x12/0xc0 [ 136.321234][ T8142] ? krealloc_node_align_noprof+0x2ea/0x3d0 [ 136.321259][ T8142] krealloc_node_align_noprof+0x2ea/0x3d0 [ 136.321287][ T8142] nf_ct_ext_add+0x1b2/0x430 [ 136.321318][ T8142] init_conntrack.constprop.0+0x5af/0x10b0 [ 136.321355][ T8142] ? __pfx_init_conntrack.constprop.0+0x10/0x10 [ 136.321395][ T8142] ? __local_bh_enable_ip+0xa4/0x120 [ 136.321425][ T8142] ? lockdep_hardirqs_on+0x7c/0x110 [ 136.321456][ T8142] nf_conntrack_in+0xf29/0x1930 [ 136.321496][ T8142] ? __pfx_nf_conntrack_in+0x10/0x10 [ 136.321531][ T8142] ? __pfx_ipt_do_table+0x10/0x10 [ 136.321568][ T8142] ? __pfx_ipv4_conntrack_local+0x10/0x10 [ 136.321591][ T8142] ipv4_conntrack_local+0x160/0x250 [ 136.321620][ T8142] nf_hook_slow+0xbe/0x200 [ 136.321649][ T8142] nf_hook+0x371/0x680 [ 136.321674][ T8142] ? __pfx_dst_output+0x10/0x10 [ 136.321699][ T8142] ? __pfx_nf_hook+0x10/0x10 [ 136.321730][ T8142] ? __pfx_dst_output+0x10/0x10 [ 136.321756][ T8142] ? do_csum+0x26f/0x2d0 [ 136.321786][ T8142] __ip_local_out+0x33a/0x7c0 [ 136.321811][ T8142] ? __pfx_dst_output+0x10/0x10 [ 136.321839][ T8142] __ip_queue_xmit+0x866/0x2330 [ 136.321872][ T8142] ? __pfx_ip_queue_xmit+0x10/0x10 [ 136.321898][ T8142] __tcp_transmit_skb+0x2cae/0x48b0 [ 136.321924][ T8142] ? __lock_acquire+0x436/0x2890 [ 136.321950][ T8142] ? __pfx___tcp_transmit_skb+0x10/0x10 [ 136.321969][ T8142] ? __build_skb_around+0x278/0x390 [ 136.322007][ T8142] ? ktime_get+0x200/0x310 [ 136.322027][ T8142] ? lockdep_hardirqs_on+0x7c/0x110 [ 136.322054][ T8142] tcp_connect+0x2f34/0x5240 [ 136.322092][ T8142] ? __pfx_tcp_connect+0x10/0x10 [ 136.322113][ T8142] ? get_random_u16+0x58a/0x7e0 [ 136.322145][ T8142] ? tcp_fastopen_cookie_check+0x259/0x310 [ 136.322191][ T8142] tcp_v4_connect+0x1588/0x1c10 [ 136.322234][ T8142] ? __pfx_tcp_v4_connect+0x10/0x10 [ 136.322261][ T8142] ? __lock_acquire+0x436/0x2890 [ 136.322287][ T8142] __inet_stream_connect+0x915/0xf50 [ 136.322323][ T8142] ? __pfx___inet_stream_connect+0x10/0x10 [ 136.322352][ T8142] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 136.322384][ T8142] ? __local_bh_enable_ip+0xa4/0x120 [ 136.322417][ T8142] inet_stream_connect+0x57/0xa0 [ 136.322448][ T8142] kernel_connect+0x107/0x180 [ 136.322470][ T8142] ? __pfx_kernel_connect+0x10/0x10 [ 136.322508][ T8142] ? __local_bh_enable_ip+0xa4/0x120 [ 136.322538][ T8142] smc_connect+0x4c7/0x760 [ 136.322564][ T8142] ? __pfx_smc_connect+0x10/0x10 [ 136.322584][ T8142] __sys_connect_file+0x141/0x1a0 [ 136.322614][ T8142] __sys_connect+0x13b/0x160 [ 136.322639][ T8142] ? __pfx___sys_connect+0x10/0x10 [ 136.322676][ T8142] ? __pfx_ksys_write+0x10/0x10 [ 136.322705][ T8142] __x64_sys_connect+0x72/0xb0 [ 136.322730][ T8142] ? lockdep_hardirqs_on+0x7c/0x110 [ 136.322752][ T8142] do_syscall_64+0xcd/0xf80 [ 136.322808][ T8142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.322829][ T8142] RIP: 0033:0x7f921b58f7c9 [ 136.322844][ T8142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.322861][ T8142] RSP: 002b:00007f92197f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 136.322879][ T8142] RAX: ffffffffffffffda RBX: 00007f921b7e5fa0 RCX: 00007f921b58f7c9 [ 136.322890][ T8142] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000003 [ 136.322901][ T8142] RBP: 00007f92197f6090 R08: 0000000000000000 R09: 0000000000000000 [ 136.322911][ T8142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.322922][ T8142] R13: 00007f921b7e6038 R14: 00007f921b7e5fa0 R15: 00007ffe967119f8 [ 136.322948][ T8142] [ 136.605839][ T8147] FAULT_INJECTION: forcing a failure. [ 136.605839][ T8147] name failslab, interval 1, probability 0, space 0, times 0 [ 136.609936][ T8147] CPU: 3 UID: 0 PID: 8147 Comm: syz.3.643 Tainted: G L syzkaller #0 PREEMPT(full) [ 136.609953][ T8147] Tainted: [L]=SOFTLOCKUP [ 136.609957][ T8147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 136.609964][ T8147] Call Trace: [ 136.609968][ T8147] [ 136.609972][ T8147] dump_stack_lvl+0x16c/0x1f0 [ 136.609990][ T8147] should_fail_ex+0x512/0x640 [ 136.610007][ T8147] ? __kmalloc_noprof+0xca/0x910 [ 136.610026][ T8147] should_failslab+0xc2/0x120 [ 136.610042][ T8147] __kmalloc_noprof+0xeb/0x910 [ 136.610059][ T8147] ? lsm_blob_alloc+0x68/0x90 [ 136.610072][ T8147] ? lsm_blob_alloc+0x68/0x90 [ 136.610080][ T8147] lsm_blob_alloc+0x68/0x90 [ 136.610090][ T8147] security_task_alloc+0x2c/0x260 [ 136.610107][ T8147] copy_process+0x2456/0x7430 [ 136.610132][ T8147] ? __pfx_copy_process+0x10/0x10 [ 136.610152][ T8147] ? lockdep_init_map_type+0x5c/0x270 [ 136.610167][ T8147] ? lockdep_init_map_type+0x5c/0x270 [ 136.610181][ T8147] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 136.610200][ T8147] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 136.610217][ T8147] vhost_task_create+0x1d2/0x370 [ 136.610232][ T8147] ? __pfx_vhost_task_create+0x10/0x10 [ 136.610251][ T8147] ? __pfx_vhost_task_fn+0x10/0x10 [ 136.610267][ T8147] ? __pfx___mutex_lock+0x10/0x10 [ 136.610286][ T8147] kvm_mmu_post_init_vm+0x1b7/0x380 [ 136.610302][ T8147] kvm_arch_vcpu_ioctl_run+0x66/0x1860 [ 136.610316][ T8147] ? kvm_vcpu_ioctl+0x14f8/0x16d0 [ 136.610336][ T8147] kvm_vcpu_ioctl+0x76d/0x16d0 [ 136.610355][ T8147] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 136.610372][ T8147] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 136.610386][ T8147] ? do_vfs_ioctl+0x128/0x14f0 [ 136.610399][ T8147] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 136.610411][ T8147] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 136.610445][ T8147] ? hook_file_ioctl_common+0x144/0x410 [ 136.610467][ T8147] ? selinux_file_ioctl+0x180/0x270 [ 136.610480][ T8147] ? selinux_file_ioctl+0xb4/0x270 [ 136.610495][ T8147] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 136.610512][ T8147] __x64_sys_ioctl+0x18e/0x210 [ 136.610526][ T8147] do_syscall_64+0xcd/0xf80 [ 136.610542][ T8147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.610553][ T8147] RIP: 0033:0x7f921b58f7c9 [ 136.610562][ T8147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.610573][ T8147] RSP: 002b:00007f92197f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 136.610584][ T8147] RAX: ffffffffffffffda RBX: 00007f921b7e5fa0 RCX: 00007f921b58f7c9 [ 136.610590][ T8147] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 136.610597][ T8147] RBP: 00007f92197f6090 R08: 0000000000000000 R09: 0000000000000000 [ 136.610603][ T8147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 136.610610][ T8147] R13: 00007f921b7e6038 R14: 00007f921b7e5fa0 R15: 00007ffe967119f8 [ 136.610624][ T8147] [ 136.866797][ T8155] bond1: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 136.875494][ T8155] bond1 (unregistering): Released all slaves [ 136.980649][ T8162] fuse: Unknown parameter '0x0000000000000003' [ 137.025323][ T8165] fuse: Bad value for 'rootmode' [ 137.108728][ T8172] overlayfs: failed to resolve './file1': -2 [ 137.191156][ T8179] binder: BINDER_SET_CONTEXT_MGR already set [ 137.193780][ T8179] binder: 8178:8179 ioctl 4018620d 2000000005c0 returned -16 [ 137.197836][ T8179] binder: BINDER_SET_CONTEXT_MGR already set [ 137.200668][ T8179] binder: 8178:8179 ioctl 4018620d 200000004a80 returned -16 [ 137.675964][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.678302][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.841871][ T8189] fuse: Bad value for 'fd' [ 137.986974][ C1] ldusb 6-1:0.55: usb_submit_urb failed (-1) [ 137.990300][ T60] usb 6-1: USB disconnect, device number 7 [ 137.993399][ T60] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 138.071000][ T8197] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 138.075840][ T8197] loop4: detected capacity change from 0 to 7 [ 138.089373][ T5934] loop4: [CUMANA/ADFS] p1 [ADFS] p1 [ 138.091142][ T5934] loop4: partition table partially beyond EOD, truncated [ 138.094286][ T5934] loop4: p1 size 2989602745 extends beyond EOD, truncated [ 138.208474][ T8204] dns_resolver: Unsupported server list version (0) [ 138.212748][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 138.212759][ T40] audit: type=1400 audit(1766379254.660:383): avc: denied { bind } for pid=8203 comm="syz.0.665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 138.252184][ T40] audit: type=1400 audit(1766379254.700:384): avc: denied { mount } for pid=8203 comm="syz.0.665" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 138.255939][ T8204] overlayfs: upper fs does not support tmpfile. [ 138.262556][ T40] audit: type=1400 audit(1766379254.700:385): avc: denied { mounton } for pid=8203 comm="syz.0.665" path="/bus" dev="bpf" ino=22127 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1 [ 138.273586][ T40] audit: type=1400 audit(1766379254.720:386): avc: denied { connect } for pid=8203 comm="syz.0.665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 138.283341][ T40] audit: type=1400 audit(1766379254.720:387): avc: denied { write } for pid=8203 comm="syz.0.665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 138.291744][ T40] audit: type=1400 audit(1766379254.730:388): avc: denied { write } for pid=8203 comm="syz.0.665" name="card2" dev="devtmpfs" ino=639 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 138.338417][ T8197] loop4: [CUMANA/ADFS] p1 [ADFS] p1 [ 138.338443][ T8197] loop4: partition table partially beyond EOD, truncated [ 138.338546][ T8197] loop4: p1 size 2989602745 extends beyond EOD, truncated [ 138.386402][ T5934] udevd[5934]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 138.412044][ T8212] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 138.444219][ T8216] fuse: Invalid rootmode [ 138.455556][ T5934] udevd[5934]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 138.502203][ T40] audit: type=1400 audit(1766379254.950:389): avc: denied { create } for pid=8220 comm="syz.3.671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 138.509748][ T40] audit: type=1400 audit(1766379254.950:390): avc: denied { getopt } for pid=8220 comm="syz.3.671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 138.509779][ T40] audit: type=1400 audit(1766379254.950:391): avc: denied { write } for pid=8220 comm="syz.3.671" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 138.617224][ T8232] fuse: Unknown parameter 'fd0x0000000000000003' [ 138.680504][ T8243] fuse: Invalid rootmode [ 138.707585][ T40] audit: type=1400 audit(1766379255.150:392): avc: denied { read } for pid=8244 comm="syz.3.680" path="socket:[22744]" dev="sockfs" ino=22744 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 138.762901][ T142] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 138.790191][ T8250] overlay: ./file0 is not a directory [ 138.918856][ T142] usb 6-1: Using ep0 maxpacket: 16 [ 138.922733][ T142] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 138.927354][ T142] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 138.931698][ T142] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 138.936912][ T142] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 138.941916][ T142] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.947008][ T142] usb 6-1: config 0 descriptor?? [ 138.955844][ T8262] netlink: 'syz.4.684': attribute type 14 has an invalid length. [ 138.959432][ T8262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.684'. [ 138.977394][ T8262] netlink: 'syz.4.684': attribute type 14 has an invalid length. [ 138.980976][ T8262] netlink: 4 bytes leftover after parsing attributes in process `syz.4.684'. [ 138.994133][ T46] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 138.997092][ T46] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 139.001068][ T46] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 139.004098][ T46] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 139.037585][ T8264] netlink: 60 bytes leftover after parsing attributes in process `syz.4.685'. [ 139.045611][ T8264] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 139.049948][ T8264] capability: warning: `syz.4.685' uses deprecated v2 capabilities in a way that may be insecure [ 139.092677][ T8266] fuse: Unknown parameter 'fd0x0000000000000003' [ 139.157383][ T142] usbhid 6-1:0.0: can't add hid device: -71 [ 139.163878][ T142] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 139.171993][ T142] usb 6-1: USB disconnect, device number 8 [ 139.191670][ T8270] fuse: Invalid rootmode [ 139.227778][ T8272] autofs: Unknown parameter '0x0000000000000000' [ 139.294657][ T8275] netlink: 4 bytes leftover after parsing attributes in process `syz.4.690'. [ 139.592871][ T6436] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x28 [ 139.792730][ T8296] overlayfs: missing 'lowerdir' [ 139.830621][ T8300] netlink: 568 bytes leftover after parsing attributes in process `syz.4.696'. [ 139.857054][ T8305] autofs: Unknown parameter '0x0000000000000000' [ 139.925355][ T8313] vlan2: entered promiscuous mode [ 139.927113][ T8313] bridge0: entered promiscuous mode [ 139.948812][ T6034] usb 6-1: new low-speed USB device number 9 using dummy_hcd [ 140.102186][ T6034] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 140.105614][ T6034] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 140.109697][ T6034] usb 6-1: config 0 has no interface number 0 [ 140.111909][ T6034] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 140.115379][ T6034] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.118628][ T8328] netlink: 884 bytes leftover after parsing attributes in process `syz.4.700'. [ 140.120857][ T6034] usb 6-1: config 0 descriptor?? [ 140.128594][ T6034] iowarrior 6-1:0.1: no interrupt-in endpoint found [ 140.330527][ T984] usb 6-1: USB disconnect, device number 9 [ 140.368893][ T6034] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 140.528728][ T6034] usb 5-1: Using ep0 maxpacket: 16 [ 140.532024][ T6034] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 140.535390][ T6034] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 140.538492][ T6034] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 140.543951][ T6034] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 140.547708][ T6034] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.553529][ T6034] usb 5-1: config 0 descriptor?? [ 140.728495][ T8333] overlayfs: failed to resolve './file1': -2 [ 140.906861][ T6034] usbhid 5-1:0.0: can't add hid device: -71 [ 140.948104][ T8340] futex_wake_op: syz.4.704 tries to shift op by -1; fix this program [ 140.951641][ T8340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.704'. [ 140.979636][ T8340] netlink: 20 bytes leftover after parsing attributes in process `syz.4.704'. [ 140.999284][ T8347] overlayfs: missing 'lowerdir' [ 141.089588][ T6034] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 141.093706][ T5943] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 141.096613][ T5943] Bluetooth: Wrong link type (-22) [ 141.101173][ T5943] Bluetooth: hci1: link tx timeout [ 141.102954][ T5943] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 141.108412][ T6034] usb 5-1: USB disconnect, device number 14 [ 141.191098][ T8360] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 141.199778][ T8360] syzkaller0: entered promiscuous mode [ 141.201522][ T8360] syzkaller0: entered allmulticast mode [ 141.209405][ T8360] bridge_slave_0: left allmulticast mode [ 141.211320][ T8360] bridge_slave_0: left promiscuous mode [ 141.213738][ T8360] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.218096][ T8360] bridge_slave_1: left allmulticast mode [ 141.220979][ T8360] bridge_slave_1: left promiscuous mode [ 141.222889][ T8360] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.228150][ T8360] bond0: (slave bond_slave_0): Releasing backup interface [ 141.237969][ T8360] bond0: (slave bond_slave_1): Releasing backup interface [ 141.247291][ T8360] team0: Port device team_slave_0 removed [ 141.255303][ T8360] team0: Port device team_slave_1 removed [ 141.257569][ T8360] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.260242][ T8360] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.264503][ T8360] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.267653][ T8360] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.275518][ T8360] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 141.398789][ T142] usb 6-1: new low-speed USB device number 10 using dummy_hcd [ 141.438225][ T8378] openvswitch: netlink: Multiple metadata blocks provided [ 141.445861][ T8378] pimreg: entered allmulticast mode [ 141.549916][ T142] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 141.552330][ T142] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 141.555292][ T142] usb 6-1: config 0 has no interface number 0 [ 141.557168][ T142] usb 6-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 141.562320][ T142] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 141.564983][ T142] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.574184][ T142] usb 6-1: config 0 descriptor?? [ 141.581476][ T142] iowarrior 6-1:0.1: no interrupt-in endpoint found [ 141.674653][ T8387] netlink: 56 bytes leftover after parsing attributes in process `syz.0.722'. [ 141.722819][ T8387] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.725329][ T8387] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.759686][ T8399] FAULT_INJECTION: forcing a failure. [ 141.759686][ T8399] name failslab, interval 1, probability 0, space 0, times 0 [ 141.763855][ T8399] CPU: 1 UID: 0 PID: 8399 Comm: syz.3.727 Tainted: G L syzkaller #0 PREEMPT(full) [ 141.763891][ T8399] Tainted: [L]=SOFTLOCKUP [ 141.763897][ T8399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.763907][ T8399] Call Trace: [ 141.763913][ T8399] [ 141.763919][ T8399] dump_stack_lvl+0x16c/0x1f0 [ 141.763962][ T8399] should_fail_ex+0x512/0x640 [ 141.763990][ T8399] ? kmem_cache_alloc_noprof+0x62/0x770 [ 141.764010][ T8399] should_failslab+0xc2/0x120 [ 141.764032][ T8399] kmem_cache_alloc_noprof+0x83/0x770 [ 141.764048][ T8399] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 141.764076][ T8399] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 141.764106][ T8399] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 141.764131][ T8399] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 141.764164][ T8399] mmu_topup_memory_caches+0x25/0x170 [ 141.764187][ T8399] kvm_mmu_load+0xd6/0x2390 [ 141.764205][ T8399] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 141.764229][ T8399] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 141.764257][ T8399] ? __pfx_kvm_mmu_load+0x10/0x10 [ 141.764275][ T8399] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 141.764302][ T8399] ? kvm_check_and_inject_events+0x63d/0x1050 [ 141.764328][ T8399] vcpu_run+0x39d2/0x5a80 [ 141.764358][ T8399] ? __pfx_vcpu_run+0x10/0x10 [ 141.764386][ T8399] ? rcu_is_watching+0x12/0xc0 [ 141.764406][ T8399] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 141.764425][ T8399] kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 141.764452][ T8399] kvm_vcpu_ioctl+0x76d/0x16d0 [ 141.764479][ T8399] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 141.764504][ T8399] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 141.764525][ T8399] ? do_vfs_ioctl+0x128/0x14f0 [ 141.764544][ T8399] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 141.764563][ T8399] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 141.764593][ T8399] ? hook_file_ioctl_common+0x144/0x410 [ 141.764626][ T8399] ? selinux_file_ioctl+0x180/0x270 [ 141.764646][ T8399] ? selinux_file_ioctl+0xb4/0x270 [ 141.764668][ T8399] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 141.764694][ T8399] __x64_sys_ioctl+0x18e/0x210 [ 141.764714][ T8399] do_syscall_64+0xcd/0xf80 [ 141.764738][ T8399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.764754][ T8399] RIP: 0033:0x7f921b58f7c9 [ 141.764767][ T8399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.764783][ T8399] RSP: 002b:00007f92197f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 141.764804][ T8399] RAX: ffffffffffffffda RBX: 00007f921b7e5fa0 RCX: 00007f921b58f7c9 [ 141.764815][ T8399] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 141.764825][ T8399] RBP: 00007f92197f6090 R08: 0000000000000000 R09: 0000000000000000 [ 141.764834][ T8399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.764845][ T8399] R13: 00007f921b7e6038 R14: 00007f921b7e5fa0 R15: 00007ffe967119f8 [ 141.764869][ T8399] [ 141.784065][ T8387] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.791468][ T54] usb 6-1: USB disconnect, device number 10 [ 141.794563][ T8387] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.898254][ T8387] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 141.985921][ T3828] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.990330][ T3828] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.997723][ T3828] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.005362][ T3828] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.179078][ T8414] sp0: Synchronizing with TNC [ 142.182418][ T8413] [U] è [ 142.337796][ T8418] FAULT_INJECTION: forcing a failure. [ 142.337796][ T8418] name failslab, interval 1, probability 0, space 0, times 0 [ 142.348744][ T8418] CPU: 3 UID: 0 PID: 8418 Comm: syz.0.734 Tainted: G L syzkaller #0 PREEMPT(full) [ 142.348771][ T8418] Tainted: [L]=SOFTLOCKUP [ 142.348776][ T8418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 142.348786][ T8418] Call Trace: [ 142.348791][ T8418] [ 142.348797][ T8418] dump_stack_lvl+0x16c/0x1f0 [ 142.348822][ T8418] should_fail_ex+0x512/0x640 [ 142.348846][ T8418] ? __kmalloc_noprof+0xca/0x910 [ 142.348872][ T8418] should_failslab+0xc2/0x120 [ 142.348893][ T8418] __kmalloc_noprof+0xeb/0x910 [ 142.348918][ T8418] ? lsm_blob_alloc+0x68/0x90 [ 142.348937][ T8418] ? lsm_blob_alloc+0x68/0x90 [ 142.348949][ T8418] lsm_blob_alloc+0x68/0x90 [ 142.348964][ T8418] security_task_alloc+0x2c/0x260 [ 142.348988][ T8418] copy_process+0x2456/0x7430 [ 142.349029][ T8418] ? __pfx_copy_process+0x10/0x10 [ 142.349057][ T8418] ? lockdep_init_map_type+0x5c/0x270 [ 142.349078][ T8418] ? lockdep_init_map_type+0x5c/0x270 [ 142.349098][ T8418] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 142.349126][ T8418] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 142.349149][ T8418] vhost_task_create+0x1d2/0x370 [ 142.349171][ T8418] ? __pfx_vhost_task_create+0x10/0x10 [ 142.349199][ T8418] ? __pfx_vhost_task_fn+0x10/0x10 [ 142.349224][ T8418] ? __pfx___mutex_lock+0x10/0x10 [ 142.349252][ T8418] kvm_mmu_post_init_vm+0x1b7/0x380 [ 142.349274][ T8418] kvm_arch_vcpu_ioctl_run+0x66/0x1860 [ 142.349293][ T8418] ? kvm_vcpu_ioctl+0x14f8/0x16d0 [ 142.349323][ T8418] kvm_vcpu_ioctl+0x76d/0x16d0 [ 142.349350][ T8418] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 142.349374][ T8418] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 142.349393][ T8418] ? do_vfs_ioctl+0x128/0x14f0 [ 142.349411][ T8418] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 142.349428][ T8418] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 142.349459][ T8418] ? hook_file_ioctl_common+0x144/0x410 [ 142.349489][ T8418] ? selinux_file_ioctl+0x180/0x270 [ 142.349509][ T8418] ? selinux_file_ioctl+0xb4/0x270 [ 142.349530][ T8418] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 142.349557][ T8418] __x64_sys_ioctl+0x18e/0x210 [ 142.349579][ T8418] do_syscall_64+0xcd/0xf80 [ 142.349601][ T8418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.349618][ T8418] RIP: 0033:0x7f44b018f7c9 [ 142.349633][ T8418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.349649][ T8418] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.349665][ T8418] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 142.349677][ T8418] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 142.349687][ T8418] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 142.349697][ T8418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 142.349706][ T8418] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 142.349732][ T8418] [ 142.464729][ T8422] fuse: Unknown parameter 'use00000000000000000000' [ 142.587728][ T8428] mmap: syz.3.739 (8428) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 143.169863][ T8442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.744'. [ 143.178776][ T5938] Bluetooth: hci1: command 0x0406 tx timeout [ 143.294546][ T8445] fuse: Bad value for 'fd' [ 143.318983][ T54] usb 9-1: new high-speed USB device number 10 using dummy_hcd [ 143.403514][ T8447] FAULT_INJECTION: forcing a failure. [ 143.403514][ T8447] name failslab, interval 1, probability 0, space 0, times 0 [ 143.408110][ T8447] CPU: 1 UID: 0 PID: 8447 Comm: syz.3.746 Tainted: G L syzkaller #0 PREEMPT(full) [ 143.408133][ T8447] Tainted: [L]=SOFTLOCKUP [ 143.408138][ T8447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.408147][ T8447] Call Trace: [ 143.408152][ T8447] [ 143.408157][ T8447] dump_stack_lvl+0x16c/0x1f0 [ 143.408181][ T8447] should_fail_ex+0x512/0x640 [ 143.408203][ T8447] ? kmem_cache_alloc_noprof+0x62/0x770 [ 143.408221][ T8447] should_failslab+0xc2/0x120 [ 143.408241][ T8447] kmem_cache_alloc_noprof+0x83/0x770 [ 143.408255][ T8447] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 143.408278][ T8447] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 143.408306][ T8447] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 143.408329][ T8447] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 143.408358][ T8447] mmu_topup_memory_caches+0x25/0x170 [ 143.408377][ T8447] kvm_mmu_load+0xd6/0x2390 [ 143.408393][ T8447] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 143.408415][ T8447] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 143.408439][ T8447] ? __pfx_kvm_mmu_load+0x10/0x10 [ 143.408454][ T8447] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 143.408479][ T8447] ? kvm_check_and_inject_events+0x63d/0x1050 [ 143.408500][ T8447] vcpu_run+0x39d2/0x5a80 [ 143.408527][ T8447] ? __pfx_vcpu_run+0x10/0x10 [ 143.408552][ T8447] ? rcu_is_watching+0x12/0xc0 [ 143.408569][ T8447] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 143.408586][ T8447] kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 143.408609][ T8447] kvm_vcpu_ioctl+0x76d/0x16d0 [ 143.408634][ T8447] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 143.408671][ T8447] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 143.408690][ T8447] ? do_vfs_ioctl+0x128/0x14f0 [ 143.408707][ T8447] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 143.408724][ T8447] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 143.408751][ T8447] ? hook_file_ioctl_common+0x144/0x410 [ 143.408779][ T8447] ? selinux_file_ioctl+0x180/0x270 [ 143.408797][ T8447] ? selinux_file_ioctl+0xb4/0x270 [ 143.408817][ T8447] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 143.408839][ T8447] __x64_sys_ioctl+0x18e/0x210 [ 143.408857][ T8447] do_syscall_64+0xcd/0xf80 [ 143.408878][ T8447] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.408892][ T8447] RIP: 0033:0x7f921b58f7c9 [ 143.408903][ T8447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.408917][ T8447] RSP: 002b:00007f92197f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 143.408931][ T8447] RAX: ffffffffffffffda RBX: 00007f921b7e5fa0 RCX: 00007f921b58f7c9 [ 143.408941][ T8447] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 143.408950][ T8447] RBP: 00007f92197f6090 R08: 0000000000000000 R09: 0000000000000000 [ 143.408958][ T8447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.408967][ T8447] R13: 00007f921b7e6038 R14: 00007f921b7e5fa0 R15: 00007ffe967119f8 [ 143.408986][ T8447] [ 143.478816][ T54] usb 9-1: Using ep0 maxpacket: 16 [ 143.514150][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 143.514160][ T40] audit: type=1400 audit(1766379259.950:407): avc: denied { accept } for pid=8456 comm="syz.0.750" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 143.525478][ T54] usb 9-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 143.528352][ T54] usb 9-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 143.531294][ T54] usb 9-1: Product: syz [ 143.532657][ T54] usb 9-1: Manufacturer: syz [ 143.534158][ T54] usb 9-1: SerialNumber: syz [ 143.537418][ T54] usb 9-1: config 0 descriptor?? [ 143.671095][ T8466] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 143.748809][ T8440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 143.751641][ T8440] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.756519][ T53] usb 9-1: USB disconnect, device number 10 [ 143.856195][ T8468] FAULT_INJECTION: forcing a failure. [ 143.856195][ T8468] name failslab, interval 1, probability 0, space 0, times 0 [ 143.860581][ T8468] CPU: 1 UID: 0 PID: 8468 Comm: syz.3.755 Tainted: G L syzkaller #0 PREEMPT(full) [ 143.860598][ T8468] Tainted: [L]=SOFTLOCKUP [ 143.860602][ T8468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.860609][ T8468] Call Trace: [ 143.860613][ T8468] [ 143.860618][ T8468] dump_stack_lvl+0x16c/0x1f0 [ 143.860635][ T8468] should_fail_ex+0x512/0x640 [ 143.860653][ T8468] ? __kvmalloc_node_noprof+0x129/0xa40 [ 143.860668][ T8468] should_failslab+0xc2/0x120 [ 143.860683][ T8468] __kvmalloc_node_noprof+0x14a/0xa40 [ 143.860697][ T8468] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 143.860716][ T8468] ? __lock_acquire+0x436/0x2890 [ 143.860731][ T8468] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 143.860749][ T8468] __kvm_mmu_topup_memory_cache+0x455/0x600 [ 143.860771][ T8468] mmu_topup_memory_caches+0x25/0x170 [ 143.860788][ T8468] kvm_mmu_load+0xd6/0x2390 [ 143.860801][ T8468] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 143.860817][ T8468] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 143.860835][ T8468] ? __pfx_kvm_mmu_load+0x10/0x10 [ 143.860847][ T8468] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 143.860866][ T8468] ? kvm_check_and_inject_events+0x63d/0x1050 [ 143.860882][ T8468] vcpu_run+0x39d2/0x5a80 [ 143.860902][ T8468] ? __pfx_vcpu_run+0x10/0x10 [ 143.860920][ T8468] ? rcu_is_watching+0x12/0xc0 [ 143.860933][ T8468] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 143.860946][ T8468] kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 143.860963][ T8468] kvm_vcpu_ioctl+0x76d/0x16d0 [ 143.860982][ T8468] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 143.860999][ T8468] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 143.861013][ T8468] ? do_vfs_ioctl+0x128/0x14f0 [ 143.861026][ T8468] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 143.861044][ T8468] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 143.861065][ T8468] ? hook_file_ioctl_common+0x144/0x410 [ 143.861086][ T8468] ? selinux_file_ioctl+0x180/0x270 [ 143.861100][ T8468] ? selinux_file_ioctl+0xb4/0x270 [ 143.861115][ T8468] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 143.861133][ T8468] __x64_sys_ioctl+0x18e/0x210 [ 143.861147][ T8468] do_syscall_64+0xcd/0xf80 [ 143.861162][ T8468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.861193][ T8468] RIP: 0033:0x7f921b58f7c9 [ 143.861206][ T8468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.861222][ T8468] RSP: 002b:00007f92197f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 143.861241][ T8468] RAX: ffffffffffffffda RBX: 00007f921b7e5fa0 RCX: 00007f921b58f7c9 [ 143.861252][ T8468] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 143.861261][ T8468] RBP: 00007f92197f6090 R08: 0000000000000000 R09: 0000000000000000 [ 143.861271][ T8468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 143.861281][ T8468] R13: 00007f921b7e6038 R14: 00007f921b7e5fa0 R15: 00007ffe967119f8 [ 143.861306][ T8468] [ 143.889297][ T8459] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3168 (6336 ns) > initial count (6208 ns). Using initial count to start timer. [ 143.994107][ T8459] kvm: Disabled LAPIC found during irq injection [ 144.494351][ T8487] fuse: Bad value for 'fd' [ 144.678874][ T6000] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 144.684350][ T54] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 144.800014][ T8504] __nla_validate_parse: 4 callbacks suppressed [ 144.800029][ T8504] netlink: 4 bytes leftover after parsing attributes in process `syz.4.767'. [ 144.818861][ T54] usb 8-1: device descriptor read/64, error -71 [ 144.828722][ T6000] usb 6-1: Using ep0 maxpacket: 16 [ 144.832180][ T6000] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.836148][ T6000] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.839720][ T6000] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 144.844284][ T6000] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 144.847712][ T6000] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.852193][ T6000] usb 6-1: config 0 descriptor?? [ 145.057463][ T6000] usbhid 6-1:0.0: can't add hid device: -71 [ 145.060560][ T54] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 145.062997][ T6000] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 145.066903][ T6000] usb 6-1: USB disconnect, device number 11 [ 145.188866][ T54] usb 8-1: device descriptor read/64, error -71 [ 145.299276][ T54] usb usb8-port1: attempt power cycle [ 145.648727][ T54] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 145.679792][ T54] usb 8-1: device descriptor read/8, error -71 [ 145.858517][ T8526] netlink: 2780 bytes leftover after parsing attributes in process `syz.1.775'. [ 145.870059][ T8531] fuse: Unknown parameter '0x0000000000000003' [ 145.911474][ T8535] fuse: Unknown parameter 'user_i00000000000000000000' [ 145.938930][ T54] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 145.959170][ T54] usb 8-1: device descriptor read/8, error -71 [ 145.964972][ T8538] sp0: Synchronizing with TNC [ 145.970656][ T8537] [U] è [ 146.057706][ T40] audit: type=1400 audit(1766379262.500:408): avc: denied { create } for pid=8539 comm="syz.0.780" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 146.068931][ T54] usb usb8-port1: unable to enumerate USB device [ 146.071204][ T40] audit: type=1400 audit(1766379262.520:409): avc: denied { mounton } for pid=8539 comm="syz.0.780" path="/218/file0" dev="tmpfs" ino=1208 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 146.071775][ T8540] Invalid source name [ 146.080913][ T8540] UBIFS error (pid: 8540): cannot open "./file0", error -22 [ 146.176863][ T40] audit: type=1400 audit(1766379262.620:410): avc: denied { write } for pid=8541 comm="syz.0.781" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 146.388480][ T8553] fuse: Unknown parameter 'user_i00000000000000000000' [ 146.426298][ T8557] overlayfs: failed to get inode (-116) [ 146.429055][ T8557] overlayfs: failed to get inode (-116) [ 146.473825][ T8560] FAULT_INJECTION: forcing a failure. [ 146.473825][ T8560] name failslab, interval 1, probability 0, space 0, times 0 [ 146.478592][ T8560] CPU: 2 UID: 0 PID: 8560 Comm: syz.1.789 Tainted: G L syzkaller #0 PREEMPT(full) [ 146.478620][ T8560] Tainted: [L]=SOFTLOCKUP [ 146.478627][ T8560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 146.478650][ T8560] Call Trace: [ 146.478659][ T8560] [ 146.478666][ T8560] dump_stack_lvl+0x16c/0x1f0 [ 146.478714][ T8560] should_fail_ex+0x512/0x640 [ 146.478742][ T8560] ? fs_reclaim_acquire+0xae/0x150 [ 146.478771][ T8560] should_failslab+0xc2/0x120 [ 146.478796][ T8560] __kmalloc_noprof+0xeb/0x910 [ 146.478825][ T8560] ? tomoyo_encode2+0x100/0x3e0 [ 146.478854][ T8560] ? tomoyo_encode2+0x100/0x3e0 [ 146.478879][ T8560] tomoyo_encode2+0x100/0x3e0 [ 146.478906][ T8560] tomoyo_encode+0x29/0x50 [ 146.478934][ T8560] tomoyo_realpath_from_path+0x18f/0x6e0 [ 146.478963][ T8560] ? tomoyo_profile+0x47/0x60 [ 146.478993][ T8560] tomoyo_path_number_perm+0x245/0x580 [ 146.479013][ T8560] ? tomoyo_path_number_perm+0x237/0x580 [ 146.479036][ T8560] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 146.479061][ T8560] ? find_held_lock+0x2b/0x80 [ 146.479110][ T8560] ? find_held_lock+0x2b/0x80 [ 146.479136][ T8560] ? hook_file_ioctl_common+0x144/0x410 [ 146.479170][ T8560] ? __fget_files+0x20e/0x3c0 [ 146.479201][ T8560] security_file_ioctl+0x9b/0x240 [ 146.479226][ T8560] __x64_sys_ioctl+0xb7/0x210 [ 146.479250][ T8560] do_syscall_64+0xcd/0xf80 [ 146.479277][ T8560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.479295][ T8560] RIP: 0033:0x7fb864b8f7c9 [ 146.479310][ T8560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.479327][ T8560] RSP: 002b:00007fb865a2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 146.479346][ T8560] RAX: ffffffffffffffda RBX: 00007fb864de5fa0 RCX: 00007fb864b8f7c9 [ 146.479358][ T8560] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 146.479368][ T8560] RBP: 00007fb865a2d090 R08: 0000000000000000 R09: 0000000000000000 [ 146.479379][ T8560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.479390][ T8560] R13: 00007fb864de6038 R14: 00007fb864de5fa0 R15: 00007ffe1da213c8 [ 146.479415][ T8560] [ 146.570759][ T8560] ERROR: Out of memory at tomoyo_realpath_from_path. [ 146.828530][ T5943] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 146.828834][ T1026] usb 9-1: new high-speed USB device number 11 using dummy_hcd [ 146.882287][ T8583] netlink: 'syz.1.799': attribute type 10 has an invalid length. [ 146.887422][ T8583] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.891906][ T8583] bridge_slave_1: left allmulticast mode [ 146.894250][ T8583] bridge_slave_1: left promiscuous mode [ 146.896667][ T8583] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.904773][ T8583] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 146.978857][ T1026] usb 9-1: Using ep0 maxpacket: 8 [ 146.981673][ T1026] usb 9-1: config 0 interface 0 has no altsetting 0 [ 146.983758][ T1026] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 146.986470][ T1026] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.990590][ T1026] usb 9-1: config 0 descriptor?? [ 147.198792][ T53] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 147.208828][ T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 147.348735][ T53] usb 6-1: Using ep0 maxpacket: 8 [ 147.351601][ T53] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 147.354474][ T53] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 147.357579][ T53] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 147.360888][ T53] usb 6-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 147.364293][ T53] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 147.368398][ T53] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 147.371422][ T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.373129][ T9] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 147.376436][ T53] usbtmc 6-1:16.0: bulk endpoints not found [ 147.377114][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.382460][ T9] usb 5-1: Product: syz [ 147.384289][ T9] usb 5-1: Manufacturer: syz [ 147.386043][ T9] usb 5-1: SerialNumber: syz [ 147.405502][ T8563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.408356][ T8563] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.415433][ T1026] usbhid 9-1:0.0: can't add hid device: -71 [ 147.417349][ T1026] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 147.423868][ T1026] usb 9-1: USB disconnect, device number 11 [ 147.451027][ T8589] overlayfs: missing 'lowerdir' [ 147.594513][ T8577] netlink: 12 bytes leftover after parsing attributes in process `syz.0.796'. [ 147.598297][ T9] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 147.602749][ T9] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 147.606083][ T9] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 147.610946][ T9] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71 [ 147.619512][ T9] usb 5-1: USB disconnect, device number 15 [ 147.973841][ T40] audit: type=1400 audit(1766379520.420:411): avc: denied { map } for pid=8594 comm="syz.4.804" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 148.131325][ T8604] overlayfs: missing 'lowerdir' [ 148.176507][ T8606] FAULT_INJECTION: forcing a failure. [ 148.176507][ T8606] name failslab, interval 1, probability 0, space 0, times 0 [ 148.182550][ T8606] CPU: 3 UID: 0 PID: 8606 Comm: syz.4.809 Tainted: G L syzkaller #0 PREEMPT(full) [ 148.182572][ T8606] Tainted: [L]=SOFTLOCKUP [ 148.182577][ T8606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 148.182587][ T8606] Call Trace: [ 148.182593][ T8606] [ 148.182600][ T8606] dump_stack_lvl+0x16c/0x1f0 [ 148.182627][ T8606] should_fail_ex+0x512/0x640 [ 148.182654][ T8606] ? kmem_cache_alloc_noprof+0x62/0x770 [ 148.182698][ T8606] should_failslab+0xc2/0x120 [ 148.182724][ T8606] kmem_cache_alloc_noprof+0x83/0x770 [ 148.182744][ T8606] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 148.182762][ T8606] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 148.182782][ T8606] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 148.182800][ T8606] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 148.182822][ T8606] mmu_topup_memory_caches+0x25/0x170 [ 148.182836][ T8606] kvm_mmu_load+0xd6/0x2390 [ 148.182849][ T8606] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 148.182865][ T8606] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 148.182884][ T8606] ? __pfx_kvm_mmu_load+0x10/0x10 [ 148.182895][ T8606] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 148.182914][ T8606] ? kvm_check_and_inject_events+0x63d/0x1050 [ 148.182930][ T8606] vcpu_run+0x39d2/0x5a80 [ 148.182950][ T8606] ? __pfx_vcpu_run+0x10/0x10 [ 148.182968][ T8606] ? rcu_is_watching+0x12/0xc0 [ 148.182982][ T8606] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 148.182995][ T8606] kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 148.183013][ T8606] kvm_vcpu_ioctl+0x76d/0x16d0 [ 148.183032][ T8606] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 148.183049][ T8606] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 148.183063][ T8606] ? do_vfs_ioctl+0x128/0x14f0 [ 148.183076][ T8606] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 148.183089][ T8606] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 148.183109][ T8606] ? hook_file_ioctl_common+0x144/0x410 [ 148.183130][ T8606] ? selinux_file_ioctl+0x180/0x270 [ 148.183144][ T8606] ? selinux_file_ioctl+0xb4/0x270 [ 148.183158][ T8606] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 148.183176][ T8606] __x64_sys_ioctl+0x18e/0x210 [ 148.183189][ T8606] do_syscall_64+0xcd/0xf80 [ 148.183205][ T8606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.183216][ T8606] RIP: 0033:0x7f98d2b8f7c9 [ 148.183226][ T8606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.183236][ T8606] RSP: 002b:00007f98d3a56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 148.183247][ T8606] RAX: ffffffffffffffda RBX: 00007f98d2de5fa0 RCX: 00007f98d2b8f7c9 [ 148.183254][ T8606] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 148.183261][ T8606] RBP: 00007f98d3a56090 R08: 0000000000000000 R09: 0000000000000000 [ 148.183267][ T8606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 148.183273][ T8606] R13: 00007f98d2de6038 R14: 00007f98d2de5fa0 R15: 00007ffcda8016f8 [ 148.183288][ T8606] [ 148.779223][ T9] usb 8-1: new low-speed USB device number 15 using dummy_hcd [ 148.929958][ T9] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 148.933093][ T9] usb 8-1: config 0 has no interface number 0 [ 148.935239][ T9] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 148.939079][ T9] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 148.942068][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.947751][ T9] usb 8-1: config 0 descriptor?? [ 148.951416][ T9] iowarrior 8-1:0.1: no interrupt-in endpoint found [ 149.123027][ T8624] FAULT_INJECTION: forcing a failure. [ 149.123027][ T8624] name failslab, interval 1, probability 0, space 0, times 0 [ 149.127024][ T8624] CPU: 1 UID: 0 PID: 8624 Comm: syz.0.816 Tainted: G L syzkaller #0 PREEMPT(full) [ 149.127041][ T8624] Tainted: [L]=SOFTLOCKUP [ 149.127045][ T8624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 149.127052][ T8624] Call Trace: [ 149.127056][ T8624] [ 149.127061][ T8624] dump_stack_lvl+0x16c/0x1f0 [ 149.127083][ T8624] should_fail_ex+0x512/0x640 [ 149.127108][ T8624] ? kmem_cache_alloc_noprof+0x62/0x770 [ 149.127129][ T8624] should_failslab+0xc2/0x120 [ 149.127154][ T8624] kmem_cache_alloc_noprof+0x83/0x770 [ 149.127171][ T8624] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 149.127198][ T8624] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 149.127220][ T8624] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 149.127237][ T8624] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 149.127260][ T8624] mmu_topup_memory_caches+0x25/0x170 [ 149.127275][ T8624] kvm_mmu_load+0xd6/0x2390 [ 149.127288][ T8624] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 149.127304][ T8624] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 149.127323][ T8624] ? __pfx_kvm_mmu_load+0x10/0x10 [ 149.127335][ T8624] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 149.127353][ T8624] ? kvm_check_and_inject_events+0x63d/0x1050 [ 149.127369][ T8624] vcpu_run+0x39d2/0x5a80 [ 149.127389][ T8624] ? __pfx_vcpu_run+0x10/0x10 [ 149.127407][ T8624] ? rcu_is_watching+0x12/0xc0 [ 149.127420][ T8624] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 149.127433][ T8624] kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 149.127450][ T8624] kvm_vcpu_ioctl+0x76d/0x16d0 [ 149.127469][ T8624] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 149.127486][ T8624] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 149.127500][ T8624] ? do_vfs_ioctl+0x128/0x14f0 [ 149.127513][ T8624] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 149.127525][ T8624] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 149.127546][ T8624] ? hook_file_ioctl_common+0x144/0x410 [ 149.127567][ T8624] ? selinux_file_ioctl+0x180/0x270 [ 149.127581][ T8624] ? selinux_file_ioctl+0xb4/0x270 [ 149.127596][ T8624] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 149.127613][ T8624] __x64_sys_ioctl+0x18e/0x210 [ 149.127627][ T8624] do_syscall_64+0xcd/0xf80 [ 149.127642][ T8624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.127653][ T8624] RIP: 0033:0x7f44b018f7c9 [ 149.127662][ T8624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.127673][ T8624] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 149.127684][ T8624] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 149.127691][ T8624] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 149.127699][ T8624] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 149.127705][ T8624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 149.127711][ T8624] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 149.127726][ T8624] [ 149.155158][ T142] usb 8-1: USB disconnect, device number 15 [ 149.208746][ T53] usb 9-1: new full-speed USB device number 12 using dummy_hcd [ 149.353934][ T8628] FAULT_INJECTION: forcing a failure. [ 149.353934][ T8628] name failslab, interval 1, probability 0, space 0, times 0 [ 149.358074][ T8628] CPU: 1 UID: 0 PID: 8628 Comm: syz.0.817 Tainted: G L syzkaller #0 PREEMPT(full) [ 149.358092][ T8628] Tainted: [L]=SOFTLOCKUP [ 149.358096][ T8628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 149.358103][ T8628] Call Trace: [ 149.358108][ T8628] [ 149.358112][ T8628] dump_stack_lvl+0x16c/0x1f0 [ 149.358131][ T8628] should_fail_ex+0x512/0x640 [ 149.358148][ T8628] ? kmem_cache_alloc_noprof+0x62/0x770 [ 149.358161][ T8628] should_failslab+0xc2/0x120 [ 149.358176][ T8628] kmem_cache_alloc_noprof+0x83/0x770 [ 149.358187][ T8628] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 149.358205][ T8628] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 149.358226][ T8628] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 149.358243][ T8628] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 149.358265][ T8628] mmu_topup_memory_caches+0x25/0x170 [ 149.358281][ T8628] kvm_mmu_load+0xd6/0x2390 [ 149.358293][ T8628] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 149.358310][ T8628] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 149.358328][ T8628] ? __pfx_kvm_mmu_load+0x10/0x10 [ 149.358340][ T8628] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 149.358358][ T8628] ? kvm_check_and_inject_events+0x63d/0x1050 [ 149.358375][ T8628] vcpu_run+0x39d2/0x5a80 [ 149.358394][ T8628] ? __pfx_vcpu_run+0x10/0x10 [ 149.358413][ T8628] ? rcu_is_watching+0x12/0xc0 [ 149.358426][ T8628] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 149.358439][ T8628] kvm_arch_vcpu_ioctl_run+0xfd3/0x1860 [ 149.358456][ T8628] kvm_vcpu_ioctl+0x76d/0x16d0 [ 149.358475][ T8628] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 149.358492][ T8628] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 149.358506][ T8628] ? do_vfs_ioctl+0x128/0x14f0 [ 149.358534][ T8628] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 149.358546][ T8628] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 149.358567][ T8628] ? hook_file_ioctl_common+0x144/0x410 [ 149.358589][ T8628] ? selinux_file_ioctl+0x180/0x270 [ 149.358602][ T8628] ? selinux_file_ioctl+0xb4/0x270 [ 149.358617][ T8628] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 149.358634][ T8628] __x64_sys_ioctl+0x18e/0x210 [ 149.358684][ T8628] do_syscall_64+0xcd/0xf80 [ 149.358708][ T8628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.358726][ T8628] RIP: 0033:0x7f44b018f7c9 [ 149.358735][ T8628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.358746][ T8628] RSP: 002b:00007f44b0fed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 149.358756][ T8628] RAX: ffffffffffffffda RBX: 00007f44b03e5fa0 RCX: 00007f44b018f7c9 [ 149.358763][ T8628] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 149.358770][ T8628] RBP: 00007f44b0fed090 R08: 0000000000000000 R09: 0000000000000000 [ 149.358776][ T8628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 149.358782][ T8628] R13: 00007f44b03e6038 R14: 00007f44b03e5fa0 R15: 00007ffd777dd638 [ 149.358796][ T8628] [ 149.490362][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 149.495054][ T53] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 149.499106][ T53] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 149.502587][ T53] usb 9-1: Product: syz [ 149.504413][ T53] usb 9-1: Manufacturer: syz [ 149.506442][ T53] usb 9-1: SerialNumber: syz [ 149.512100][ T53] usb 9-1: config 0 descriptor?? [ 149.517162][ T53] usb 9-1: selecting invalid altsetting 0 [ 149.583735][ T8631] overlayfs: missing 'workdir' [ 149.718319][ T8622] ================================================================== [ 149.721214][ T8622] BUG: KASAN: slab-out-of-bounds in copy_to_urb.constprop.0+0x30f/0x440 [ 149.724377][ T8622] Write of size 264 at addr ffff888024ed7800 by task syz.4.815/8622 [ 149.728175][ T8622] [ 149.729854][ T8622] CPU: 1 UID: 0 PID: 8622 Comm: syz.4.815 Tainted: G L syzkaller #0 PREEMPT(full) [ 149.729872][ T8622] Tainted: [L]=SOFTLOCKUP [ 149.729877][ T8622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 149.729884][ T8622] Call Trace: [ 149.729889][ T8622] [ 149.729894][ T8622] dump_stack_lvl+0x116/0x1f0 [ 149.729912][ T8622] print_report+0xcd/0x630 [ 149.729928][ T8622] ? __virt_addr_valid+0x81/0x610 [ 149.729939][ T8622] ? __phys_addr+0xe8/0x180 [ 149.729950][ T8622] ? copy_to_urb.constprop.0+0x30f/0x440 [ 149.729963][ T8622] kasan_report+0xe0/0x110 [ 149.729977][ T8622] ? copy_to_urb.constprop.0+0x30f/0x440 [ 149.729990][ T8622] kasan_check_range+0x100/0x1b0 [ 149.730010][ T8622] __asan_memcpy+0x3c/0x60 [ 149.730021][ T8622] copy_to_urb.constprop.0+0x30f/0x440 [ 149.730034][ T8622] prepare_playback_urb+0xc3b/0x1e70 [ 149.730049][ T8622] ? __pfx_prepare_playback_urb+0x10/0x10 [ 149.730061][ T8622] ? find_held_lock+0x2b/0x80 [ 149.730080][ T8622] prepare_outbound_urb+0x419/0xdd0 [ 149.730096][ T8622] ? __pfx_prepare_playback_urb+0x10/0x10 [ 149.730106][ T8622] ? _copy_from_iter+0x161/0x16c0 [ 149.730125][ T8622] ? __pfx_prepare_outbound_urb+0x10/0x10 [ 149.730139][ T8622] ? __pfx__copy_from_iter+0x10/0x10 [ 149.730155][ T8622] ? rcu_is_watching+0x12/0xc0 [ 149.730166][ T8622] snd_usb_endpoint_start+0x42c/0x1040 [ 149.730183][ T8622] ? __pfx_snd_usb_endpoint_start+0x10/0x10 [ 149.730199][ T8622] ? do_transfer+0x17a/0x210 [ 149.730217][ T8622] start_endpoints+0xfb/0x1d0 [ 149.730242][ T8622] snd_usb_substream_playback_trigger+0x6a0/0x870 [ 149.730273][ T8622] snd_pcm_do_start+0xd4/0x1f0 [ 149.730297][ T8622] snd_pcm_action_single+0x80/0x150 [ 149.730318][ T8622] snd_pcm_action+0x70/0x90 [ 149.730337][ T8622] __snd_pcm_lib_xfer+0x1403/0x1ef0 [ 149.730353][ T8622] ? __pfx_default_write_copy+0x10/0x10 [ 149.730368][ T8622] ? __pfx_interleaved_copy+0x10/0x10 [ 149.730381][ T8622] ? __pfx___snd_pcm_lib_xfer+0x10/0x10 [ 149.730400][ T8622] snd_pcm_oss_write3+0xcf/0x1e0 [ 149.730417][ T8622] io_playback_transfer+0x26e/0x2f0 [ 149.730435][ T8622] snd_pcm_plug_write_transfer+0x2cf/0x400 [ 149.730452][ T8622] ? __pfx_snd_pcm_plug_write_transfer+0x10/0x10 [ 149.730470][ T8622] ? snd_pcm_format_physical_width+0x76/0xa0 [ 149.730487][ T8622] ? snd_pcm_plug_client_channels_buf+0x212/0x450 [ 149.730505][ T8622] snd_pcm_oss_write2+0x24a/0x410 [ 149.730520][ T8622] ? __pfx_snd_pcm_oss_write2+0x10/0x10 [ 149.730536][ T8622] ? mark_held_locks+0x49/0x80 [ 149.730548][ T8622] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 149.730563][ T8622] snd_pcm_oss_sync1+0x1c3/0x560 [ 149.730578][ T8622] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 149.730592][ T8622] ? __pfx_snd_pcm_oss_sync1+0x10/0x10 [ 149.730606][ T8622] ? __fsnotify_parent+0x24b/0xcc0 [ 149.730624][ T8622] ? __pfx_default_wake_function+0x10/0x10 [ 149.730642][ T8622] ? __asan_memset+0x23/0x50 [ 149.730680][ T8622] ? snd_pcm_format_set_silence+0x1b7/0x340 [ 149.730703][ T8622] snd_pcm_oss_sync+0x5ef/0x840 [ 149.730720][ T8622] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 149.730736][ T8622] snd_pcm_oss_release+0x28b/0x310 [ 149.730758][ T8622] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 149.730773][ T8622] __fput+0x402/0xb70 [ 149.730785][ T8622] task_work_run+0x150/0x240 [ 149.730801][ T8622] ? __pfx_task_work_run+0x10/0x10 [ 149.730815][ T8622] ? __do_sys_close_range+0x278/0x730 [ 149.730834][ T8622] exit_to_user_mode_loop+0xfb/0x540 [ 149.730852][ T8622] do_syscall_64+0x4ee/0xf80 [ 149.730867][ T8622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.730879][ T8622] RIP: 0033:0x7f98d2b8f7c9 [ 149.730889][ T8622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.730901][ T8622] RSP: 002b:00007f98d3a56038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 149.730912][ T8622] RAX: 0000000000000000 RBX: 00007f98d2de5fa0 RCX: 00007f98d2b8f7c9 [ 149.730919][ T8622] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000004 [ 149.730927][ T8622] RBP: 00007f98d2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 149.730934][ T8622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 149.730942][ T8622] R13: 00007f98d2de6038 R14: 00007f98d2de5fa0 R15: 00007ffcda8016f8 [ 149.730953][ T8622] [ 149.730957][ T8622] [ 149.733057][ T40] audit: type=1400 audit(1766379522.180:412): avc: denied { create } for pid=8640 comm="syz.0.823" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 149.734385][ T8622] Allocated by task 8622: [ 149.734393][ T8622] kasan_save_stack+0x33/0x60 [ 149.891250][ T8622] kasan_save_track+0x14/0x30 [ 149.892993][ T8622] __kasan_kmalloc+0xaa/0xb0 [ 149.894627][ T8622] __kmalloc_noprof+0x33d/0x910 [ 149.896527][ T8622] hcd_buffer_alloc+0x1f5/0x290 [ 149.898244][ T8622] usb_alloc_coherent+0x5f/0xa0 [ 149.900096][ T8622] snd_usb_endpoint_set_params+0x18c8/0x2980 [ 149.902267][ T8622] snd_usb_hw_params+0x715/0x1070 [ 149.903916][ T8622] snd_pcm_hw_params+0xafc/0x1ba0 [ 149.905599][ T8622] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 149.907491][ T8622] snd_pcm_oss_change_params_locked+0x15ab/0x3ab0 [ 149.909672][ T8622] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 149.911596][ T8622] snd_pcm_oss_write+0x4c2/0xa10 [ 149.913297][ T8622] vfs_write+0x2a0/0x11d0 [ 149.914916][ T8622] ksys_write+0x12a/0x250 [ 149.916427][ T8622] do_syscall_64+0xcd/0xf80 [ 149.917961][ T8622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.920040][ T8622] [ 149.920886][ T8622] The buggy address belongs to the object at ffff888024ed7800 [ 149.920886][ T8622] which belongs to the cache kmalloc-256 of size 256 [ 149.925511][ T8622] The buggy address is located 0 bytes inside of [ 149.925511][ T8622] allocated 240-byte region [ffff888024ed7800, ffff888024ed78f0) [ 149.930211][ T8622] [ 149.931082][ T8622] The buggy address belongs to the physical page: [ 149.933369][ T8622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24ed6 [ 149.936534][ T8622] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 149.939544][ T8622] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 149.942137][ T8622] page_type: f5(slab) [ 149.943400][ T8622] raw: 00fff00000000040 ffff88801b442b40 ffffea0000f1e300 dead000000000003 [ 149.946403][ T8622] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 149.949364][ T8622] head: 00fff00000000040 ffff88801b442b40 ffffea0000f1e300 dead000000000003 [ 149.952425][ T8622] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 149.955604][ T8622] head: 00fff00000000001 ffffea000093b581 00000000ffffffff 00000000ffffffff [ 149.958691][ T8622] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 149.961843][ T8622] page dumped because: kasan: bad access detected [ 149.964166][ T8622] page_owner tracks the page as allocated [ 149.966238][ T8622] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 36, tgid 36 (kdevtmpfs), ts 8550041672, free_ts 0 [ 149.972714][ T8622] post_alloc_hook+0x1af/0x220 [ 149.974155][ T8622] get_page_from_freelist+0xd0b/0x31a0 [ 149.975847][ T8622] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 149.977724][ T8622] alloc_pages_mpol+0x1fb/0x550 [ 149.979285][ T8622] new_slab+0x2c3/0x430 [ 149.980583][ T8622] ___slab_alloc+0xe18/0x1c90 [ 149.982067][ T8622] __slab_alloc.constprop.0+0x63/0x110 [ 149.983769][ T8622] __kmalloc_noprof+0x4fc/0x910 [ 149.985295][ T8622] security_inode_init_security+0x113/0x370 [ 149.987152][ T8622] shmem_mknod+0x229/0x3b0 [ 149.988561][ T8622] vfs_mknod+0x6f3/0xac0 [ 149.989924][ T8622] devtmpfs_work_loop+0x1ba/0xcf0 [ 149.991529][ T8622] devtmpfsd+0x4c/0x50 [ 149.992780][ T8622] kthread+0x3c5/0x780 [ 149.994050][ T8622] ret_from_fork+0x983/0xb10 [ 149.995521][ T8622] ret_from_fork_asm+0x1a/0x30 [ 149.997017][ T8622] page_owner free stack trace missing [ 149.998745][ T8622] [ 149.999527][ T8622] Memory state around the buggy address: [ 150.001283][ T8622] ffff888024ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 150.003766][ T8622] ffff888024ed7800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 150.006287][ T8622] >ffff888024ed7880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 150.008673][ T8622] ^ [ 150.011042][ T8622] ffff888024ed7900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 150.013619][ T8622] ffff888024ed7980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 150.016160][ T8622] ================================================================== [ 150.018757][ T8622] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 150.021071][ T8622] CPU: 1 UID: 0 PID: 8622 Comm: syz.4.815 Tainted: G L syzkaller #0 PREEMPT(full) [ 150.024343][ T8622] Tainted: [L]=SOFTLOCKUP [ 150.025698][ T8622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 150.029163][ T8622] Call Trace: [ 150.030294][ T8622] [ 150.031274][ T8622] dump_stack_lvl+0x3d/0x1f0 [ 150.032788][ T8622] vpanic+0x640/0x6f0 [ 150.034108][ T8622] panic+0xca/0xd0 [ 150.035327][ T8622] ? __pfx_panic+0x10/0x10 [ 150.036762][ T8622] ? end_report+0x4c/0x160 [ 150.038189][ T8622] ? rcu_is_watching+0x12/0xc0 [ 150.039710][ T8622] ? lock_release+0x201/0x2d0 [ 150.041157][ T8622] check_panic_on_warn+0xab/0xb0 [ 150.042645][ T8622] end_report+0x107/0x160 [ 150.043990][ T8622] kasan_report+0xee/0x110 [ 150.045413][ T8622] ? copy_to_urb.constprop.0+0x30f/0x440 [ 150.047191][ T8622] kasan_check_range+0x100/0x1b0 [ 150.048765][ T8622] __asan_memcpy+0x3c/0x60 [ 150.050202][ T8622] copy_to_urb.constprop.0+0x30f/0x440 [ 150.051946][ T8622] prepare_playback_urb+0xc3b/0x1e70 [ 150.053631][ T8622] ? __pfx_prepare_playback_urb+0x10/0x10 [ 150.055448][ T8622] ? find_held_lock+0x2b/0x80 [ 150.056959][ T8622] prepare_outbound_urb+0x419/0xdd0 [ 150.058754][ T8622] ? __pfx_prepare_playback_urb+0x10/0x10 [ 150.060552][ T8622] ? _copy_from_iter+0x161/0x16c0 [ 150.062137][ T8622] ? __pfx_prepare_outbound_urb+0x10/0x10 [ 150.064463][ T8622] ? __pfx__copy_from_iter+0x10/0x10 [ 150.066565][ T8622] ? rcu_is_watching+0x12/0xc0 [ 150.068483][ T8622] snd_usb_endpoint_start+0x42c/0x1040 [ 150.070679][ T8622] ? __pfx_snd_usb_endpoint_start+0x10/0x10 [ 150.073008][ T8622] ? do_transfer+0x17a/0x210 [ 150.074613][ T8622] start_endpoints+0xfb/0x1d0 [ 150.076174][ T8622] snd_usb_substream_playback_trigger+0x6a0/0x870 [ 150.078199][ T8622] snd_pcm_do_start+0xd4/0x1f0 [ 150.079741][ T8622] snd_pcm_action_single+0x80/0x150 [ 150.081552][ T8622] snd_pcm_action+0x70/0x90 [ 150.083051][ T8622] __snd_pcm_lib_xfer+0x1403/0x1ef0 [ 150.084695][ T8622] ? __pfx_default_write_copy+0x10/0x10 [ 150.086450][ T8622] ? __pfx_interleaved_copy+0x10/0x10 [ 150.088189][ T8622] ? __pfx___snd_pcm_lib_xfer+0x10/0x10 [ 150.089931][ T8622] snd_pcm_oss_write3+0xcf/0x1e0 [ 150.091583][ T8622] io_playback_transfer+0x26e/0x2f0 [ 150.093399][ T8622] snd_pcm_plug_write_transfer+0x2cf/0x400 [ 150.095452][ T8622] ? __pfx_snd_pcm_plug_write_transfer+0x10/0x10 [ 150.097631][ T8622] ? snd_pcm_format_physical_width+0x76/0xa0 [ 150.099776][ T8622] ? snd_pcm_plug_client_channels_buf+0x212/0x450 [ 150.102172][ T8622] snd_pcm_oss_write2+0x24a/0x410 [ 150.103956][ T8622] ? __pfx_snd_pcm_oss_write2+0x10/0x10 [ 150.105859][ T8622] ? mark_held_locks+0x49/0x80 [ 150.107667][ T8622] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 150.109559][ T8622] snd_pcm_oss_sync1+0x1c3/0x560 [ 150.111113][ T8622] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 150.113001][ T8622] ? __pfx_snd_pcm_oss_sync1+0x10/0x10 [ 150.114810][ T8622] ? __fsnotify_parent+0x24b/0xcc0 [ 150.116728][ T8622] ? __pfx_default_wake_function+0x10/0x10 [ 150.118634][ T8622] ? __asan_memset+0x23/0x50 [ 150.120344][ T8622] ? snd_pcm_format_set_silence+0x1b7/0x340 [ 150.122502][ T8622] snd_pcm_oss_sync+0x5ef/0x840 [ 150.124263][ T8622] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 150.126035][ T8622] snd_pcm_oss_release+0x28b/0x310 [ 150.127784][ T8622] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 150.129904][ T8622] __fput+0x402/0xb70 [ 150.131275][ T8622] task_work_run+0x150/0x240 [ 150.133101][ T8622] ? __pfx_task_work_run+0x10/0x10 [ 150.135083][ T8622] ? __do_sys_close_range+0x278/0x730 [ 150.137046][ T8622] exit_to_user_mode_loop+0xfb/0x540 [ 150.138719][ T8622] do_syscall_64+0x4ee/0xf80 [ 150.140228][ T8622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.142488][ T8622] RIP: 0033:0x7f98d2b8f7c9 [ 150.144237][ T8622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.151198][ T8622] RSP: 002b:00007f98d3a56038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 150.154087][ T8622] RAX: 0000000000000000 RBX: 00007f98d2de5fa0 RCX: 00007f98d2b8f7c9 [ 150.156768][ T8622] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000004 [ 150.159403][ T8622] RBP: 00007f98d2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 150.161705][ T8622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.164049][ T8622] R13: 00007f98d2de6038 R14: 00007f98d2de5fa0 R15: 00007ffcda8016f8 [ 150.166494][ T8622] [ 150.168190][ T8622] Kernel Offset: disabled [ 150.169561][ T8622] Rebooting in 86400 seconds.. VM DIAGNOSIS: 04:54:26 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=800000003ae1a025 RCX=ffffffff820d8982 RDX=ffff88802a428000 RSI=ffffffff820d8c49 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc9000d807a08 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=ffff88802a428b30 R12=ffffc9000d807d60 R13=ffff88803d1c8b40 R14=0000000000000000 R15=8000000000000025 RIP=ffffffff81bee6d6 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 000055558f433500 ffffffff 00c00000 GS =0000 ffff8880d68f5000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c2a21b2 CR3=000000003f49f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921b615050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921b61505d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921b615057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921b61506b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921b6150f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921b6151cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921b7ba4a8 00007f921b7ba4a0 00007f921b7ba498 00007f921b7ba470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921c31d100 00007f921b7ba460 00007f921b7ba478 00007f921b7ba4c0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f921b7ba4b8 00007f921b7ba4b0 00007f921b7ba4a8 00007f921b7ba4a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff853263e0 RDI=ffffffff9aeedc00 RBP=ffffffff9aeedbc0 RSP=ffffc90004d6ed98 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3838386666666657 R12=0000000000000000 R13=0000000000000060 R14=fffffbfff35ddbd2 R15=dffffc0000000000 RIP=ffffffff85326407 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f98d3a566c0 ffffffff 00c00000 GS =0000 ffff8880d69f5000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c33d2e9 CR3=00000000582c5000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffff800 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98d3a53f70 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98d2c15050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98d2c1505d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98d2c15057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98d2c1506b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98d2c150f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f98d2c151cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000336f69 6475612f7665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000104c4a 4756420c5546470c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000697 RBX=0000000000000000 RCX=0000000000000000 RDX=0000000000000005 RSI=0000000000000003 RDI=ffffffff8e3c96a0 RBP=0000000000000003 RSP=ffffc9000391f390 R8 =0000000000000000 R9 =0000000000000007 R10=0000000000000002 R11=ffff8880379f2ff0 R12=ffff8880379f24c0 R13=0000000000000001 R14=ffff8880379f3068 R15=0000000000000000 RIP=ffffffff8199cd3f RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000555593039500 ffffffff 00c00000 GS =0000 ffff8880d6af5000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f44b0f156c0 CR3=0000000035047000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd777dd9c0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f44b0215050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f44b021505d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f44b0215057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f44b021506b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f44b02150f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f44b02151cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff912fbd1c RDX=ffffc9000162f6d8 RSI=ffffc9000162fa58 RDI=ffffc9000162f6d0 RBP=ffffc9000162f718 RSP=ffffc9000162f630 R8 =ffffffff912fbd20 R9 =00000000738d233f R10=0000000000000002 R11=000000000001288d R12=0000000000000008 R13=ffffc9000162f6d0 R14=ffffc9000162f6d8 R15=ffffc9000162f704 RIP=ffffffff816cb3bd RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6bf5000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f92197f5f98 CR3=0000000038041000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb864c15050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb864c1505d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb864c15057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb864c1506b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb864c150f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb864c151cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb864dba4a8 00007fb864dba4a0 00007fb864dba498 00007fb864dba470 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb86591d100 00007fb864dba460 00007fb864db0004 0008000f0010000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fb864dba4b8 00007fb864dba4b0 00007fb864dba4a8 00007fb864dba4a0 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000060 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000