last executing test programs: 1.65994852s ago: executing program 3 (id=432): ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000017c0)={0x0, 0x9}) r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r1) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r3, 0x0}) mq_timedsend(r1, &(0x7f0000000440)="ac22d71f1086c34fbaf77610c09387a50eebe6c825a3398e60eaf2bedf9e12d2d81e5c755610a1b0ec90d89d866fee322bc0999c8b859b27bd67e180e58d267a002ce39199a907b37cfd875a3a3600fe2601614164", 0x55, 0x3, &(0x7f00000004c0)={0x0, 0x3938700}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r5, &(0x7f0000000300)={0x0, 0x18, 0x0}, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0], 0x1}) r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000000)={0x0, 0x0, r3, 0x0}) renameat2(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', r5, &(0x7f0000000200)='./file0\x00', 0x1) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="700100002700200026bd7000fddbdf250f000000080039800400318007004e005b5b0000d3ba9fcc7ae378a69391819679c4bde431bc1cbb30a9f6d531138d4a458a4d89b6c89ce137dca7fdf097c1ed825ab7504322de1f21b3b39e487170110adf06e29dd63b5612f60afa4616ae49c393ed8853e3c4b2ee33c0b4212cdee29f514054f9e4fc0ad5fcfc0d9541af5e6d636d675aef263c34adccfd4b2c56837f188a8602df81482842b8eb03c67aae9909ba85ddaa82de523721d6584672d92df3cc5fbe79c63663d2c0b9e55da783780d070c6596265d69dc60d896424f187675ab4aa99925dc1ca2058de3cb5c46ffcac28e76678337c8f7f2d15cfd67b9e774accfc5fcd819d51fd9a7300000001115e14140e04992735454d8b9dc6733cc3a56346f3fdc4cafc509c69c38feedfad61ec1ae5b56406e52408210008b8008000500", @ANYRES32=r5, @ANYBLOB="06bc094d2139dfd1a50232c52badad9efcd528d9192976624e65467dca6b78f3327a336153c909350e11673c0f60f66e0b65755cbc735b42bf2d7b0e262ba6abc0a9eab2807c8d326b44861d5cac3301b2a9e5ee25652a2d4b9601501a4c42b3e227503150b7e1d7da57911fba8c73e0311c2b7495587ecbe26dd5318d6d2a7727414761d87578fb0673e09d31916bbeabd8c6ace6002557d991ee54da85980e5165a3f50ac933f917c5fe7f7027241422de2712fb701dbe41f53dc8d50cef"], 0x170}, 0x1, 0x0, 0x0, 0x20040051}, 0x20000804) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x80c80, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0xeeef0000, 0xdddd1000, 0x0, 0x0, 0xff, 0x8, 0xa, 0x2, 0x0, 0x6, 0x80, 0x10}, {0x8080000, 0x0, 0xc, 0x6, 0x7c, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x2fff, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xdc}, {0x4000, 0xeeee8000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4, 0x1}, {0xf000, 0x3000, 0x9, 0xfd, 0x0, 0x4, 0x20, 0xe, 0x0, 0x3c, 0x1}, {0x3000, 0x1efff, 0xd, 0x0, 0x0, 0x0, 0x2, 0xfe, 0x0, 0x0, 0x82, 0x4}, {0x10000, 0x0, 0xf, 0x6, 0x5, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0xfe}, {0x80a0000, 0xdddd0000, 0x0, 0x1, 0x0, 0x1, 0x0, 0xa, 0x26, 0x0, 0xf8}, {0x80a0000, 0x4}, {0x6000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0x0, 0x0, [0x0, 0x0, 0x1, 0x400000000]}) ioctl$DRM_IOCTL_MODE_GETFB(r6, 0xc01c64ad, &(0x7f0000000240)={r7}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000340)={r4, 0x2, 0x8, 0xfff, 0x1, [], [0x33f6, 0x7fff, 0x8, 0xd], [0x9c8c, 0x1, 0x48, 0x7], [0x5, 0x5, 0x2, 0xfffffffffffffffd]}) close(0x3) 1.440389526s ago: executing program 3 (id=434): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, 0x0}], 0x1, 0x42, 0x0, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000001c0)={"5fbcdbfb555ab7b6da2c492fe4db90aeaf8e5347c79716e75fe060d73e9de531ef8085f88b3a09f05bf084c593b4dab8756600000000077eebf9940a0b60f02d333a2c2aa407522edaabb8cfccecb9d7e0cfd915c17f32bc1ac7e430af977b671ede8605c7c72a5d1397639fd21bf848190fbdbfaeb7e166205def53caa18404ba077c2b5713acbc3d125aea78dfd962dd250511376c3a3b5732114cc92d27be04c7c146cedcc9081a8435f9c67a0c5174df503a84dc11d1d98a2473fbd39de5d9c56ffa28098914b4d47ea99e8134deb75f944afd0df95136c08e057e4d839936c0755318e58ae63dd46f7009df574d263f87508d7e496efb29de0496d4018e8d6c6f7d016752a1d10bb1df8b406bb488dbb43ffd11eb1eb9b36d57cee3b9e4e2e72e97a8059bb8e8120bf04b1d0b929692cc3e5508293bb205beba29259f18213a602dde8a8a19dd2a16b26476ca4f24e86b84ee76d86aacc862c59e154e6bec6ec6e86eb3d9dd50c4ecf6de82c2419674da3b885ac6abaea4765d256727d8560fb55d0bee0c11b1e8a05d4b932254673e8f67abfca2f184a23839164b15e021bff742605fbeb628ab93803e90954074762487b0afc90eec0e31e75dda865693dd655a190f16dbdf7ce7693d27aaf31758d97e25ab40fc44dbc911639d99b592dd0c660b820a46b8374f7e8030031c39768fb9361164f5dad133cf0d5d66c617d3d62b1f0b80e9f88ffc872df05fb5822601dfe4b39179ace0a4f6808b39bad72a80a9a9bd579d0f9a104191ef6e708083218053d3daf8211dff0a87568b7c734ab79b26cf2a65d66b00f2c2f0d3ffd5fc35b58795406446275afb8df4247add7730331b045d384b0c9fa06284463eec7167512277a435ced48980aab83b37a85b7a33ce8fd8b2a543af82bd15955b12833a59645e1de6bd6ab86c4a046a0323415351e6ddb9bcb869d2e7d092b234bfa8c5be098abcd24d8b4a659b36d8af4f3136d23f9115ea6bdc62fb89e2de415e0f08bd6ec5cc53ee3a666049168a88191c6911ea5fe7972f5627923e8b5b9e7c5323da43d48b25caee3016f88c8178fb8ab1149547e33d7fff442fa3ab42408c87cdfe35a82034bd77399a0861ce16141670ffecde05c7393ae522430425707a4c7d988f34a494727e0b1920e93c95af07d3affe9d41bb82d59ff2149705bb782c9d85e53320268fb57096c6c47e616c457a371dda361170f706e53bf9a9ac5692b72d44072217ecb8646e841b6929251a080f56be308c47dac5d59db54bd1ca7499cf3bf7cb8bb763fed9a75d2eb69573b118e3ee78fb11d41c1ce314538fec8fc542c7bf4865841a2e71fc1efd9fa385903372e3670d96398128e75d786f242a6dbf2c053dc48ee2398763b1ba3550136c14ac7ad77d3c8e97b2f36b6af200"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 3) 1.21870342s ago: executing program 3 (id=437): setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000280)=0x1, 0xffffff63) sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d388", 0x48, 0x840, 0x0, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001400)=[{0x0}, {0x0}, {&(0x7f0000000fc0)="c6eae69212ba50dd664af774c32d3427", 0x10}, {0x0}], 0x4, &(0x7f00000014c0)}}], 0x2, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x11, 0x4, @tid=r1}, &(0x7f0000000000)=0x0) timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f0000000240)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = memfd_create(&(0x7f0000000b40)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b \x00\x00\x00\x00\x00\x00\x01\x00\x00\xf7\xffg\xf5\x12oP\xfe\xe6\xd2SLR\xa1\x00\x00\x17\x1f$^\xe1\x00\x00\x00\x00\x00\x00\a\xff;\xeb\xf1\xd0\xce\xe5\x19\x12\b\x01\xd9\xae>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xdcc\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x05\x00\x00\x00\x00\x00\x00\x00\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4h$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9q\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?P\xac\x86\x13b\xa8D\x0f\x93\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\x9b\xcc\x9b\f\xa7\x8f\x91O\xc9\xb9\x14M\x8b\xd0\xc0\xb8L\xbd\x1c4\xb59\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\fw\xd9\xf5cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0\x16\x0f\x97\xe6j}J\xca\xb8)f\xd5\xfd>\x9bU\xb0\x03Zt0\xc0b\xad\xef@o\xc1\xd6\x17T\f\xc30\xe2\x89\xf6L\x1b1\x9c\t\xa7\x80\x1b:\xbb\x04\xd7\xd1\x06\xa0\xe9\xbah\xb6\xb2\xea/{Q\xca\x14\x13\x9ajWt\xc9\xecd\xe7\xf6\t\x9dJ\xa4^m\xf3\xb5Y\f\x8f\r\xd5)>A\xe9\xf59\'G[\xf0`\xf3\'\xe4\xb2\x1d\xaf\n\xc0\xc1\x1d}DY\x95&\xe7\xf4U\xff\xcd&\a\x9f\x1bg\xe5|~\xc1\xc5n\x12%ur\xa1\x9e`\xc2\x01\b,\x18\xaf\xccD\xdeag\xc6\xf3\xd6\x94\x9d\xae\x8bl\xee\x7fu\xe5bu\x84\x04\xb3@\xa1\xf7\xc6\x13\xf9I?^\xf3,\",aT\xfd\"\x01\x92\xb1\xbf\x8a\x15\x88\xfd\x8f\x88\x87\x82\x9c:L\xd2\xb8\xfa5\x066\x82\xf3_LUr\xfa\xd2\x99d \x97c9G\x99\xe3\xcc$\x96cu\x97\xe7\xc7a\tm\xe8F\xc7j\xf8\x98\x81\xe7\xf7\xab3F\xf4u\xdaav\xd21\v\x99HG\xdfx\x1cPl\t#\xc1\x8e\xddW', 0x6) fcntl$addseals(r3, 0x409, 0xc) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000100)={0x0, 0x1, 0x200, 0xf24}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0205647, &(0x7f0000000940)={0xf010000, @vbi={0x0, 0x9, 0x6, 0x32435750, [0x1, 0x4bf], [0x1, 0x2], 0x13a}}) bind$alg(r5, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x18, 0x40, 0x107, 0xfffffefe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) r6 = accept4(r5, 0x0, 0x0, 0x800) sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) mkdir(&(0x7f0000000940)='./file0\x00', 0x51) readlink(&(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)=""/168, 0xa8) recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) 978.406315ms ago: executing program 0 (id=442): ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000017c0)={0x0, 0x9}) r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r1) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r3, 0x0}) mq_timedsend(r1, &(0x7f0000000440)="ac22d71f1086c34fbaf77610c09387a50eebe6c825a3398e60eaf2bedf9e12d2d81e5c755610a1b0ec90d89d866fee322bc0999c8b859b27bd67e180e58d267a002ce39199a907b37cfd875a3a3600fe2601614164", 0x55, 0x3, &(0x7f00000004c0)={0x0, 0x3938700}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r5, &(0x7f0000000300)={0x0, 0x18, 0x0}, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0], 0x1}) r6 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000000)={0x0, 0x0, r3, 0x0}) renameat2(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', r5, &(0x7f0000000200)='./file0\x00', 0x1) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="700100002700200026bd7000fddbdf250f000000080039800400318007004e005b5b0000d3ba9fcc7ae378a69391819679c4bde431bc1cbb30a9f6d531138d4a458a4d89b6c89ce137dca7fdf097c1ed825ab7504322de1f21b3b39e487170110adf06e29dd63b5612f60afa4616ae49c393ed8853e3c4b2ee33c0b4212cdee29f514054f9e4fc0ad5fcfc0d9541af5e6d636d675aef263c34adccfd4b2c56837f188a8602df81482842b8eb03c67aae9909ba85ddaa82de523721d6584672d92df3cc5fbe79c63663d2c0b9e55da783780d070c6596265d69dc60d896424f187675ab4aa99925dc1ca2058de3cb5c46ffcac28e76678337c8f7f2d15cfd67b9e774accfc5fcd819d51fd9a7300000001115e14140e04992735454d8b9dc6733cc3a56346f3fdc4cafc509c69c38feedfad61ec1ae5b56406e52408210008b8008000500", @ANYRES32=r5, @ANYBLOB="06bc094d2139dfd1a50232c52badad9efcd528d9192976624e65467dca6b78f3327a336153c909350e11673c0f60f66e0b65755cbc735b42bf2d7b0e262ba6abc0a9eab2807c8d326b44861d5cac3301b2a9e5ee25652a2d4b9601501a4c42b3e227503150b7e1d7da57911fba8c73e0311c2b7495587ecbe26dd5318d6d2a7727414761d87578fb0673e09d31916bbeabd8c6ace6002557d991ee54da85980e5165a3f50ac933f917c5fe7f7027241422de2712fb701dbe41f53dc8d50cef"], 0x170}, 0x1, 0x0, 0x0, 0x20040051}, 0x20000804) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x80c80, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0xeeef0000, 0xdddd1000, 0x0, 0x0, 0xff, 0x8, 0xa, 0x2, 0x0, 0x6, 0x80, 0x10}, {0x8080000, 0x0, 0xc, 0x6, 0x7c, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x2fff, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xdc}, {0x4000, 0xeeee8000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4, 0x1}, {0xf000, 0x3000, 0x9, 0xfd, 0x0, 0x4, 0x20, 0xe, 0x0, 0x3c, 0x1}, {0x3000, 0x1efff, 0xd, 0x0, 0x0, 0x0, 0x2, 0xfe, 0x0, 0x0, 0x82, 0x4}, {0x10000, 0x0, 0xf, 0x6, 0x5, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0xfe}, {0x80a0000, 0xdddd0000, 0x0, 0x1, 0x0, 0x1, 0x0, 0xa, 0x26, 0x0, 0xf8}, {0x80a0000, 0x4}, {0x6000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0x0, 0x0, [0x0, 0x0, 0x1, 0x400000000]}) ioctl$DRM_IOCTL_MODE_GETFB(r6, 0xc01c64ad, &(0x7f0000000240)={r7}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000340)={r4, 0x2, 0x8, 0xfff, 0x1, [], [0x33f6, 0x7fff, 0x8, 0xd], [0x9c8c, 0x1, 0x48, 0x7], [0x5, 0x5, 0x2, 0xfffffffffffffffd]}) close(0x3) 869.50326ms ago: executing program 3 (id=443): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 704.802977ms ago: executing program 0 (id=448): r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000680)=@base={0xa, 0x16, 0xb4, 0x3}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f00000002c0)=@framed={{0x18, 0x8, 0x0, 0x0, 0xef}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x79, 0x0, 0x0, 0xe7}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, @exit]}, &(0x7f0000000000)='GPL\x00', 0x2}, 0x94) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r2, 0x0, 0x1, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000600)="06", 0x1}], 0x1, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = fanotify_init(0x200, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r7 = open$dir(&(0x7f00000001c0)='./file1\x00', 0x2000, 0x10) r8 = openat(r7, &(0x7f0000000000)='./file0\x00', 0x4, 0x80) getdents64(r8, 0x0, 0x0) fanotify_mark(r6, 0x1, 0x1010, r5, 0x0) write$binfmt_script(r4, &(0x7f0000000240)={'#! ', './file0'}, 0xb) r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r9, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom1\x00', 0x0, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000440)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @dest_unreach={0x1, 0x6, 0x0, 0x0, '\x00', {0x0, 0x6, "00b295", 0x0, 0x3a, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [], "caa7c1b7f4c336af"}}}}}}}, 0x0) 704.356073ms ago: executing program 1 (id=450): sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="2800000010000100000000001d00000085ff000040000000000000020000000008001c00c9"], 0x28}], 0x1, 0x0, 0x0, 0xb305e06d8ab48277}, 0x0) 704.109675ms ago: executing program 3 (id=451): getpid() r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x81, 0xd3, 0x0, 'queue0\x00', 0x2}) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000340)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaa9faa8100400086dd60f4adf700182cfffc020000000000000000000000000001ff0200a9beb8764f041792673984ffbc0000000000000000000000000133000000000000008c0090"], 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_INFO_BUFS(r1, 0xc0106418, &(0x7f0000000400)={0x9, 0x4f78, 0x5, 0x3, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r3, r2], 0x2}) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000100)={0x1, 0x0, &(0x7f0000000000)=[0x0]}) write$sndseq(r0, &(0x7f0000000280)=[{0x84, 0x77, 0x0, 0x0, @tick, {0xfd}, {0x7}, @raw32={[0x2, 0x0, 0x8000000]}}, {0x2, 0x0, 0x4, 0x83, @tick, {0xfd}, {}, @note={0xfa}}, {0x6, 0x3, 0x9, 0xff, @tick=0x1, {0x10, 0x5}, {0xc, 0x2}, @control={0x3, 0xa, 0x7fff}}, {0x8, 0x3, 0x6, 0x4, @time={0x3, 0x6}, {0xbb, 0x3}, {0xd}, @time=@tick=0x5}], 0x70) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000011c0)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@restrict={0x0, 0x0, 0x0, 0xb, 0x3}, @func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x5}, {}]}, @func={0x4, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, &(0x7f00000010c0)=""/217, 0x52, 0xd9, 0x1}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x7, 0x7fff0000}]}) close_range(r4, 0xffffffffffffffff, 0x0) 704.062693ms ago: executing program 1 (id=452): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000001c0)={0x0, 0xb}, 0x8) bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10) 698.673749ms ago: executing program 1 (id=453): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10000, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, 0x0, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) sendfile(r2, r1, &(0x7f00000000c0)=0x58, 0x5) 639.608105ms ago: executing program 3 (id=454): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x0, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0d000003005a"], 0x50) write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c0000000a0601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x2, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0x2, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x1006, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x8001, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x8, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x5, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x5, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0xffffffff, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000280)="0f050f060fc71abaf80c66b88eb5558166efbafc0ced0f070f01ca660f38812b3e7a000f08362e0f21ce", 0x2a}], 0x1, 0x11, 0x0, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f0000000280)={0x2, 0x0, [{0xa, 0x9, 0x2, 0x56, 0x9, 0x0, 0xed2}, {0xb, 0x5, 0x1, 0x400, 0x1, 0x2, 0x3}]}) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) dup(r8) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r8, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 477.258433ms ago: executing program 0 (id=455): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r1}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="20000000110001010000000e0000000000000000", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0) 477.111445ms ago: executing program 2 (id=456): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c) sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) r2 = dup(r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e23, 0x7, @empty, 0x2001}}, 0x6, 0x6}, 0x90) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in={{0x2, 0x4e33, @empty}}, 0x1000000, 0xce, 0xfbff1896, 0x3, 0xcd, 0x1900, 0x1f}, 0x9c) 445.864681ms ago: executing program 2 (id=457): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x181403, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000000)={0x9f63422128890807, 0x0, {[0xa000000000000, 0xffffffffff7fff00, 0x4000000000010022, 0xfffffffffffffff6, 0x5, 0x200000000004, 0x40, 0x4]}}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, &(0x7f0000000240)="66baf80cb8adc5648e48b89ab6a3fd000000000f23d80f21f835400000900f23f86dbafc0cecb972000040b804000000ba000000000f30b99a020000b800000000430f01c20f30c744240000400000c7442402dfc50000c7442406000000000f011c242642fec719c4c2590df80f38f044b75a0f07d9c9b9800000c0ae2d6666000400000f30", 0x86}], 0x1, 0x41, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 319.462896ms ago: executing program 0 (id=458): ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f00000017c0)={0x0, 0x9}) r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x4b) close(r1) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r3, 0x0}) mq_timedsend(r1, &(0x7f0000000440)="ac22d71f1086c34fbaf77610c09387a50eebe6c825a3398e60eaf2bedf9e12d2d81e5c755610a1b0ec90d89d866fee322bc0999c8b859b27bd67e180e58d267a002ce39199a907b37cfd875a3a3600fe2601614164", 0x55, 0x3, &(0x7f00000004c0)={0x0, 0x3938700}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r5, &(0x7f0000000300)={0x0, 0x18, 0x0}, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0], 0x1}) r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f0000000000)={0x0, 0x0, r3, 0x0}) renameat2(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', r5, &(0x7f0000000200)='./file0\x00', 0x1) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="700100002700200026bd7000fddbdf250f000000080039800400318007004e005b5b0000d3ba9fcc7ae378a69391819679c4bde431bc1cbb30a9f6d531138d4a458a4d89b6c89ce137dca7fdf097c1ed825ab7504322de1f21b3b39e487170110adf06e29dd63b5612f60afa4616ae49c393ed8853e3c4b2ee33c0b4212cdee29f514054f9e4fc0ad5fcfc0d9541af5e6d636d675aef263c34adccfd4b2c56837f188a8602df81482842b8eb03c67aae9909ba85ddaa82de523721d6584672d92df3cc5fbe79c63663d2c0b9e55da783780d070c6596265d69dc60d896424f187675ab4aa99925dc1ca2058de3cb5c46ffcac28e76678337c8f7f2d15cfd67b9e774accfc5fcd819d51fd9a7300000001115e14140e04992735454d8b9dc6733cc3a56346f3fdc4cafc509c69c38feedfad61ec1ae5b56406e52408210008b8008000500", @ANYRES32=r5, @ANYBLOB="06bc094d2139dfd1a50232c52badad9efcd528d9192976624e65467dca6b78f3327a336153c909350e11673c0f60f66e0b65755cbc735b42bf2d7b0e262ba6abc0a9eab2807c8d326b44861d5cac3301b2a9e5ee25652a2d4b9601501a4c42b3e227503150b7e1d7da57911fba8c73e0311c2b7495587ecbe26dd5318d6d2a7727414761d87578fb0673e09d31916bbeabd8c6ace6002557d991ee54da85980e5165a3f50ac933f917c5fe7f7027241422de2712fb701dbe41f53dc8d50cef"], 0x170}, 0x1, 0x0, 0x0, 0x20040051}, 0x20000804) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x80c80, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0xeeef0000, 0xdddd1000, 0x0, 0x0, 0xff, 0x8, 0xa, 0x2, 0x0, 0x6, 0x80, 0x10}, {0x8080000, 0x0, 0xc, 0x6, 0x7c, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xff}, {0x2fff, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xdc}, {0x4000, 0xeeee8000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x4, 0x1}, {0xf000, 0x3000, 0x9, 0xfd, 0x0, 0x4, 0x20, 0xe, 0x0, 0x3c, 0x1}, {0x3000, 0x1efff, 0xd, 0x0, 0x0, 0x0, 0x2, 0xfe, 0x0, 0x0, 0x82, 0x4}, {0x10000, 0x0, 0xf, 0x6, 0x5, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0xfe}, {0x80a0000, 0xdddd0000, 0x0, 0x1, 0x0, 0x1, 0x0, 0xa, 0x26, 0x0, 0xf8}, {0x80a0000, 0x4}, {0x6000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0x0, 0x0, [0x0, 0x0, 0x1, 0x400000000]}) ioctl$DRM_IOCTL_MODE_GETFB(0xffffffffffffffff, 0xc01c64ad, &(0x7f0000000240)={r7}) ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000340)={r4, 0x2, 0x8, 0xfff, 0x1, [], [0x33f6, 0x7fff, 0x8, 0xd], [0x9c8c, 0x1, 0x48, 0x7], [0x5, 0x5, 0x2, 0xfffffffffffffffd]}) close(0x3) 238.018785ms ago: executing program 2 (id=459): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000001000)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="540000001400090525bd7000000300fc02180d00", @ANYRES32=r1, @ANYBLOB="08000b00e4a2000008000200ac"], 0x54}}, 0x4000000) 237.857322ms ago: executing program 2 (id=460): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 149.719766ms ago: executing program 1 (id=461): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, 0x0, 0x0) 149.37283ms ago: executing program 0 (id=462): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0), 0x8, &(0x7f00000002c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0) ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x5f, 0x3}) 149.256818ms ago: executing program 1 (id=463): r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0) preadv(r1, &(0x7f0000001e80)=[{&(0x7f0000000080)=""/4089, 0xff9}], 0x1, 0x33, 0x0) fcntl$setlease(r0, 0x400, 0x2) 89.744896ms ago: executing program 1 (id=464): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xfffff000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x4, 0x1, 0x0, 0x2000, &(0x7f0000002000/0x2000)=nil}) r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x20, 0x10012, r3, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 89.231629ms ago: executing program 0 (id=465): setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000280)=0x1, 0xffffff63) sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc9", 0x44, 0x840, 0x0, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001400)=[{0x0}, {&(0x7f0000000d00)}, {&(0x7f0000000fc0)="c6eae69212ba50dd664af774c32d3427", 0x10}, {0x0}], 0x4, &(0x7f00000014c0)}}], 0x2, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0205647, &(0x7f0000000940)={0xf010000, @vbi={0x0, 0x9, 0x6, 0x32435750, [0x1, 0x4bf], [0x1, 0x2], 0x13a}}) bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x18, 0x40, 0x107, 0xfffffefe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x2}]}, 0x18}, 0x1, 0x0, 0x0, 0x48815}, 0xc000) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) (fail_nth: 3) 84.826349ms ago: executing program 2 (id=466): getpid() r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x81, 0xd3, 0x0, 'queue0\x00', 0x2}) r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000340)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaa9faa8100400086dd60f4adf700182cfffc020000000000000000000000000001ff0200a9beb8764f041792673984ffbc0000000000000000000000000133000000000000008c0090"], 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_INFO_BUFS(r1, 0xc0106418, &(0x7f0000000400)={0x9, 0x4f78, 0x5, 0x3, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r3, r2], 0x2}) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000100)={0x1, 0x0, &(0x7f0000000000)=[0x0]}) write$sndseq(r0, &(0x7f0000000280)=[{0x84, 0x77, 0x0, 0x0, @tick, {0xfd}, {0x7}, @raw32={[0x2, 0x0, 0x8000000]}}, {0x2, 0x0, 0x4, 0x83, @tick, {0xfd}, {}, @note={0xfa}}, {0x6, 0x3, 0x9, 0xff, @tick=0x1, {0x10, 0x5}, {0xc, 0x2}, @control={0x3, 0xa, 0x7fff}}, {0x8, 0x3, 0x6, 0x4, @time={0x3, 0x6}, {0xbb, 0x3}, {0xd}, @time=@tick=0x5}], 0x70) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000011c0)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@restrict={0x0, 0x0, 0x0, 0xb, 0x3}, @func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0x5}, {}]}, @func={0x4, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, &(0x7f00000010c0)=""/217, 0x52, 0xd9, 0x1}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x7, 0x7fff0000}]}) close_range(r4, 0xffffffffffffffff, 0x0) 0s ago: executing program 2 (id=467): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0x5) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) r1 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r1, 0xc00864bf, &(0x7f0000000380)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r1, 0xc03064ca, &(0x7f0000000100)={&(0x7f00000000c0)=[r2], &(0x7f0000000200), 0x2, 0x1, 0xf}) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000240)="a6", 0x1, 0x200080c0, &(0x7f00000001c0)={0xa, 0x2, 0x7fff, @loopback, 0x3}, 0x1c) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) r4 = fcntl$dupfd(r3, 0x406, r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$TIPC_NL_NODE_GET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[], 0x134}, 0x1, 0x0, 0x0, 0x800}, 0x40008) write$binfmt_elf64(r4, &(0x7f0000000200)=ANY=[], 0x540) ioctl$KVM_MEMORY_ENCRYPT_REG_REGION(r4, 0x8010aebb, &(0x7f0000000000)={0x70000, 0x101000}) sendto$inet6(r0, &(0x7f00000000c0)='\x00\x00\x00\x00\x00\x00', 0xfffffffffffffd5e, 0x24000040, 0x0, 0x0) kernel console output (not intermixed with test programs): 73.496544][ T6300] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 73.496564][ T6300] ? __local_bh_enable_ip+0x9e/0x120 [ 73.496607][ T6300] tcp_sendmsg+0x2e/0x50 [ 73.496625][ T6300] ? __pfx_tcp_sendmsg+0x10/0x10 [ 73.496647][ T6300] inet_sendmsg+0xb9/0x140 [ 73.496669][ T6300] __sys_sendto+0x446/0x4b0 [ 73.496688][ T6300] ? __pfx_inet_sendmsg+0x10/0x10 [ 73.496703][ T6300] ? __pfx___sys_sendto+0x10/0x10 [ 73.496746][ T6300] ? ksys_write+0x1ac/0x250 [ 73.496760][ T6300] ? __pfx_ksys_write+0x10/0x10 [ 73.496777][ T6300] __x64_sys_sendto+0xe0/0x1c0 [ 73.496800][ T6300] ? do_syscall_64+0x90/0xf80 [ 73.496824][ T6300] ? lockdep_hardirqs_on+0x78/0x100 [ 73.496842][ T6300] do_syscall_64+0x10b/0xf80 [ 73.496865][ T6300] ? clear_bhb_loop+0x40/0x90 [ 73.496888][ T6300] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.496906][ T6300] RIP: 0033:0x7f932079c819 [ 73.496923][ T6300] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 73.496939][ T6300] RSP: 002b:00007f9321593028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 73.496957][ T6300] RAX: ffffffffffffffda RBX: 00007f9320a15fa0 RCX: 00007f932079c819 [ 73.496968][ T6300] RDX: 000000000000059a RSI: 0000200000000580 RDI: 0000000000000003 [ 73.496979][ T6300] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 73.496989][ T6300] R10: 0000000010008095 R11: 0000000000000246 R12: 0000000000000001 [ 73.496999][ T6300] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 73.497024][ T6300] [ 73.592951][ T6016] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 73.667598][ T6308] fuse: Bad value for 'group_id' [ 73.669884][ T6308] fuse: Bad value for 'group_id' [ 73.740514][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.744584][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.746680][ T6016] usb 8-1: Using ep0 maxpacket: 8 [ 73.748606][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.751560][ T6312] FAULT_INJECTION: forcing a failure. [ 73.751560][ T6312] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 73.752533][ T6016] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 59, changing to 9 [ 73.752665][ T6016] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid maxpacket 49780, setting to 1024 [ 73.752730][ T6016] usb 8-1: config 0 interface 0 has no altsetting 0 [ 73.752763][ T6016] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 73.752784][ T6016] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.753966][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.762460][ T6016] usb 8-1: config 0 descriptor?? [ 73.765681][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.769519][ T6312] CPU: 1 UID: 0 PID: 6312 Comm: syz.2.95 Not tainted syzkaller #0 PREEMPT(full) [ 73.769546][ T6312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 73.769559][ T6312] Call Trace: [ 73.769566][ T6312] [ 73.769574][ T6312] dump_stack_lvl+0x100/0x190 [ 73.769611][ T6312] should_fail_ex.cold+0x5/0xa [ 73.769643][ T6312] _copy_from_iter+0x1f4/0x1690 [ 73.769680][ T6312] ? __pfx__copy_from_iter+0x10/0x10 [ 73.769705][ T6312] ? _parse_integer_limit+0x17f/0x1d0 [ 73.769742][ T6312] ? _kstrtoull+0x13c/0x1f0 [ 73.769772][ T6312] ? __pfx__kstrtoull+0x10/0x10 [ 73.769806][ T6312] tun_get_user+0x3ba/0x3c20 [ 73.770052][ T6312] ? __pfx_tun_get_user+0x10/0x10 [ 73.770081][ T6312] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 73.770126][ T6312] ? find_held_lock+0x2b/0x80 [ 73.770149][ T6312] ? tun_get+0x191/0x370 [ 73.770171][ T6312] ? tun_get+0x191/0x370 [ 73.770201][ T6312] tun_chr_write_iter+0xdc/0x200 [ 73.770230][ T6312] vfs_write+0x6ac/0x1070 [ 73.770259][ T6312] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 73.770289][ T6312] ? __pfx_vfs_write+0x10/0x10 [ 73.770310][ T6312] ? find_held_lock+0x2b/0x80 [ 73.770351][ T6312] ksys_write+0x12a/0x250 [ 73.770375][ T6312] ? __pfx_ksys_write+0x10/0x10 [ 73.770403][ T6312] ? rcu_is_watching+0x12/0xc0 [ 73.770441][ T6312] do_syscall_64+0x10b/0xf80 [ 73.770473][ T6312] ? clear_bhb_loop+0x40/0x90 [ 73.770503][ T6312] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.770525][ T6312] RIP: 0033:0x7fcf2e99c819 [ 73.770548][ T6312] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 73.770570][ T6312] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 73.770594][ T6312] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 73.770609][ T6312] RDX: 000000000000004e RSI: 0000200000000280 RDI: 0000000000000003 [ 73.770622][ T6312] RBP: 00007fcf2f7b4090 R08: 0000000000000000 R09: 0000000000000000 [ 73.770633][ T6312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 73.770644][ T6312] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 73.770676][ T6312] [ 73.889969][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.894878][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.897947][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.900695][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.904157][ T24] hid-generic 0006:0004:0009.0002: unknown main item tag 0x0 [ 73.920009][ T24] hid-generic 0006:0004:0009.0002: hidraw1: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 73.932177][ T6309] geneve2: entered promiscuous mode [ 73.934228][ T6309] geneve2: entered allmulticast mode [ 73.938491][ T1157] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 73.943043][ T1157] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 73.947448][ T1157] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 73.950968][ T1157] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 73.955844][ T6316] netlink: 12 bytes leftover after parsing attributes in process `syz.1.96'. [ 74.060198][ T6321] fuse: Unknown parameter 'fd0x0000000000000003' [ 74.083468][ T6325] capability: warning: `syz.2.99' uses deprecated v2 capabilities in a way that may be insecure [ 74.086571][ T5950] Bluetooth: hci0: command 0x0419 tx timeout [ 74.095622][ T6325] overlayfs: conflicting lowerdir path [ 74.151550][ T6328] xt_hashlimit: size too large, truncated to 1048576 [ 74.213711][ T6016] mcp2221 0003:04D8:00DD.0003: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 74.415477][ T6296] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 74.422722][ T6296] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 74.436290][ T6053] usb 8-1: USB disconnect, device number 2 [ 74.554029][ T6337] netlink: 8 bytes leftover after parsing attributes in process `syz.0.102'. [ 74.560080][ T6337] netlink: 'syz.0.102': attribute type 30 has an invalid length. [ 74.565417][ T6337] netlink: 4 bytes leftover after parsing attributes in process `syz.0.102'. [ 74.577134][ T6337] netlink: 348 bytes leftover after parsing attributes in process `syz.0.102'. [ 74.730434][ T6339] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 74.799054][ T5950] Bluetooth: hci1: command 0x0419 tx timeout [ 74.799094][ T5960] Bluetooth: hci2: command 0x0419 tx timeout [ 74.801938][ T5950] Bluetooth: hci3: command 0x0419 tx timeout [ 75.649295][ T6370] FAULT_INJECTION: forcing a failure. [ 75.649295][ T6370] name failslab, interval 1, probability 0, space 0, times 0 [ 75.658601][ T6370] CPU: 0 UID: 0 PID: 6370 Comm: syz.0.111 Not tainted syzkaller #0 PREEMPT(full) [ 75.658627][ T6370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 75.658686][ T6370] Call Trace: [ 75.658720][ T6370] [ 75.658726][ T6370] dump_stack_lvl+0x100/0x190 [ 75.659751][ T6370] should_fail_ex.cold+0x5/0xa [ 75.660227][ T6370] should_failslab+0xc2/0x120 [ 75.660572][ T6370] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 75.660668][ T6370] ? __alloc_skb+0x140/0x710 [ 75.660926][ T6370] __alloc_skb+0x140/0x710 [ 75.660941][ T6370] ? __alloc_skb+0x5b7/0x710 [ 75.660955][ T6370] ? __pfx___alloc_skb+0x10/0x10 [ 75.660974][ T6370] _sctp_make_chunk+0x51/0x270 [ 75.661158][ T6370] sctp_make_control+0x2f/0x2d0 [ 75.661173][ T6370] sctp_make_heartbeat+0xad/0x2f0 [ 75.661190][ T6370] ? __pfx_sctp_make_heartbeat+0x10/0x10 [ 75.661205][ T6370] ? is_bpf_text_address+0x94/0x1a0 [ 75.661446][ T6370] ? sctp_sm_lookup_event+0x10e/0x520 [ 75.661471][ T6370] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 75.661496][ T6370] ? __pfx_sctp_pname+0x10/0x10 [ 75.661512][ T6370] sctp_sf_do_prm_requestheartbeat+0x27/0x220 [ 75.661527][ T6370] ? __pfx_sctp_pname+0x10/0x10 [ 75.661542][ T6370] sctp_do_sm+0x17a/0x5be0 [ 75.661556][ T6370] ? __pfx_stack_trace_save+0x10/0x10 [ 75.661629][ T6370] ? stack_depot_save_flags+0x27/0x9d0 [ 75.662180][ T6370] ? _parse_integer_limit+0x17f/0x1d0 [ 75.662199][ T6370] ? __pfx_sctp_do_sm+0x10/0x10 [ 75.662212][ T6370] ? kasan_save_stack+0x30/0x50 [ 75.662230][ T6370] ? kasan_save_track+0x14/0x30 [ 75.662245][ T6370] ? __kasan_kmalloc+0xaa/0xb0 [ 75.662260][ T6370] ? __kmalloc_node_track_caller_noprof+0x304/0x850 [ 75.662277][ T6370] ? sctp_setsockopt+0x511/0xb370 [ 75.662308][ T6370] sctp_primitive_REQUESTHEARTBEAT+0x9f/0xd0 [ 75.662325][ T6370] sctp_apply_peer_addr_params+0x110/0x3690 [ 75.662339][ T6370] sctp_setsockopt+0x28d6/0xb370 [ 75.662357][ T6370] ? __pfx_sctp_setsockopt+0x10/0x10 [ 75.662370][ T6370] ? __fget_files+0x215/0x3d0 [ 75.662438][ T6370] ? selinux_socket_setsockopt+0x6a/0x80 [ 75.662563][ T6370] ? sock_common_setsockopt+0x2e/0xf0 [ 75.662575][ T6370] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 75.662588][ T6370] do_sock_setsockopt+0xf3/0x1d0 [ 75.662601][ T6370] __sys_setsockopt+0x195/0x220 [ 75.662620][ T6370] __x64_sys_setsockopt+0xbd/0x160 [ 75.662635][ T6370] ? do_syscall_64+0x90/0xf80 [ 75.662735][ T6370] ? lockdep_hardirqs_on+0x78/0x100 [ 75.662750][ T6370] do_syscall_64+0x10b/0xf80 [ 75.662763][ T6370] ? clear_bhb_loop+0x40/0x90 [ 75.662779][ T6370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.662791][ T6370] RIP: 0033:0x7f0876d9c819 [ 75.662802][ T6370] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 75.662813][ T6370] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 75.662824][ T6370] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 75.662831][ T6370] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000005 [ 75.662837][ T6370] RBP: 00007f0877bc0090 R08: 000000000000009c R09: 0000000000000000 [ 75.662843][ T6370] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001 [ 75.662848][ T6370] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 75.662862][ T6370] [ 75.796810][ T6373] fuse: Unknown parameter 'fd0x0000000000000003' [ 75.831386][ T6382] FAULT_INJECTION: forcing a failure. [ 75.831386][ T6382] name failslab, interval 1, probability 0, space 0, times 0 [ 75.839723][ T6382] CPU: 0 UID: 0 PID: 6382 Comm: syz.0.116 Not tainted syzkaller #0 PREEMPT(full) [ 75.839741][ T6382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 75.839748][ T6382] Call Trace: [ 75.839752][ T6382] [ 75.839757][ T6382] dump_stack_lvl+0x100/0x190 [ 75.839784][ T6382] should_fail_ex.cold+0x5/0xa [ 75.839809][ T6382] should_failslab+0xc2/0x120 [ 75.839827][ T6382] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 75.839853][ T6382] ? __alloc_skb+0x140/0x710 [ 75.839881][ T6382] __alloc_skb+0x140/0x710 [ 75.839903][ T6382] ? __alloc_skb+0x5b7/0x710 [ 75.839925][ T6382] ? __pfx___alloc_skb+0x10/0x10 [ 75.839957][ T6382] _sctp_make_chunk+0x51/0x270 [ 75.839986][ T6382] sctp_make_control+0x2f/0x2d0 [ 75.840020][ T6382] sctp_make_heartbeat+0xad/0x2f0 [ 75.840047][ T6382] ? __pfx_sctp_make_heartbeat+0x10/0x10 [ 75.840092][ T6382] ? is_bpf_text_address+0x94/0x1a0 [ 75.840116][ T6382] ? sctp_sm_lookup_event+0x10e/0x520 [ 75.840138][ T6382] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 75.840161][ T6382] ? __pfx_sctp_pname+0x10/0x10 [ 75.840185][ T6382] sctp_sf_do_prm_requestheartbeat+0x27/0x220 [ 75.840207][ T6382] ? __pfx_sctp_pname+0x10/0x10 [ 75.840228][ T6382] sctp_do_sm+0x17a/0x5be0 [ 75.840249][ T6382] ? __pfx_stack_trace_save+0x10/0x10 [ 75.840268][ T6382] ? stack_depot_save_flags+0x27/0x9d0 [ 75.840292][ T6382] ? _parse_integer_limit+0x17f/0x1d0 [ 75.840319][ T6382] ? __pfx_sctp_do_sm+0x10/0x10 [ 75.840339][ T6382] ? kasan_save_stack+0x30/0x50 [ 75.840364][ T6382] ? kasan_save_track+0x14/0x30 [ 75.840386][ T6382] ? __kasan_kmalloc+0xaa/0xb0 [ 75.840408][ T6382] ? __kmalloc_node_track_caller_noprof+0x304/0x850 [ 75.840433][ T6382] ? sctp_setsockopt+0x511/0xb370 [ 75.840483][ T6382] sctp_primitive_REQUESTHEARTBEAT+0x9f/0xd0 [ 75.840510][ T6382] sctp_apply_peer_addr_params+0x110/0x3690 [ 75.840532][ T6382] sctp_setsockopt+0x28d6/0xb370 [ 75.840559][ T6382] ? __pfx_sctp_setsockopt+0x10/0x10 [ 75.840579][ T6382] ? __fget_files+0x215/0x3d0 [ 75.840600][ T6382] ? selinux_socket_setsockopt+0x6a/0x80 [ 75.840617][ T6382] ? sock_common_setsockopt+0x2e/0xf0 [ 75.840635][ T6382] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 75.840654][ T6382] do_sock_setsockopt+0xf3/0x1d0 [ 75.840673][ T6382] __sys_setsockopt+0x195/0x220 [ 75.840701][ T6382] __x64_sys_setsockopt+0xbd/0x160 [ 75.840725][ T6382] ? do_syscall_64+0x90/0xf80 [ 75.840750][ T6382] ? lockdep_hardirqs_on+0x78/0x100 [ 75.840772][ T6382] do_syscall_64+0x10b/0xf80 [ 75.840793][ T6382] ? clear_bhb_loop+0x40/0x90 [ 75.840814][ T6382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.840830][ T6382] RIP: 0033:0x7f0876d9c819 [ 75.840844][ T6382] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 75.840859][ T6382] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 75.840875][ T6382] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 75.840885][ T6382] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000005 [ 75.840894][ T6382] RBP: 00007f0877bc0090 R08: 000000000000009c R09: 0000000000000000 [ 75.840902][ T6382] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000001 [ 75.840911][ T6382] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 75.840932][ T6382] [ 76.168128][ T5960] Bluetooth: hci0: command 0x0419 tx timeout [ 76.444051][ T6403] FAULT_INJECTION: forcing a failure. [ 76.444051][ T6403] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.451201][ T6403] CPU: 3 UID: 0 PID: 6403 Comm: syz.0.125 Not tainted syzkaller #0 PREEMPT(full) [ 76.451227][ T6403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 76.451238][ T6403] Call Trace: [ 76.451244][ T6403] [ 76.451251][ T6403] dump_stack_lvl+0x100/0x190 [ 76.451292][ T6403] should_fail_ex.cold+0x5/0xa [ 76.451318][ T6403] _copy_from_user+0x2e/0xd0 [ 76.451343][ T6403] bpf_test_init.isra.0+0xaf/0x100 [ 76.451456][ T6403] bpf_prog_test_run_xdp+0x57e/0x1670 [ 76.451483][ T6403] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 76.451509][ T6403] ? fput+0x79/0x100 [ 76.451602][ T6403] ? __bpf_prog_get+0x97/0x2a0 [ 76.451625][ T6403] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 76.451664][ T6403] __sys_bpf+0x1725/0x4b90 [ 76.451693][ T6403] ? __pfx___sys_bpf+0x10/0x10 [ 76.451717][ T6403] ? proc_fail_nth_write+0x9f/0x220 [ 76.451802][ T6403] ? find_held_lock+0x2b/0x80 [ 76.451887][ T6403] ? find_held_lock+0x2b/0x80 [ 76.451902][ T6403] ? ksys_write+0x190/0x250 [ 76.451919][ T6403] ? ksys_write+0x190/0x250 [ 76.451939][ T6403] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 76.451965][ T6403] ? kernel_write+0x6a3/0x6c0 [ 76.451981][ T6403] ? __fget_files+0x215/0x3d0 [ 76.452015][ T6403] ? fput+0x79/0x100 [ 76.452035][ T6403] ? ksys_write+0x1ac/0x250 [ 76.452052][ T6403] ? __pfx_ksys_write+0x10/0x10 [ 76.452074][ T6403] __x64_sys_bpf+0x7b/0xc0 [ 76.452089][ T6403] ? lockdep_hardirqs_on+0x78/0x100 [ 76.452112][ T6403] do_syscall_64+0x10b/0xf80 [ 76.452135][ T6403] ? clear_bhb_loop+0x40/0x90 [ 76.452156][ T6403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.452173][ T6403] RIP: 0033:0x7f0876d9c819 [ 76.452189][ T6403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 76.452204][ T6403] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 76.452222][ T6403] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 76.452232][ T6403] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 76.452242][ T6403] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 76.452251][ T6403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.452266][ T6403] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 76.452289][ T6403] [ 76.814167][ T40] kauditd_printk_skb: 42 callbacks suppressed [ 76.814261][ T40] audit: type=1400 audit(1776897430.681:249): avc: denied { create } for pid=6415 comm="syz.0.132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 76.838022][ T40] audit: type=1400 audit(1776897430.711:250): avc: denied { setopt } for pid=6415 comm="syz.0.132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 76.848508][ T40] audit: type=1400 audit(1776897430.711:251): avc: denied { mount } for pid=6418 comm="syz.1.131" name="/" dev="autofs" ino=10778 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 76.869681][ T40] audit: type=1400 audit(1776897430.741:252): avc: denied { bind } for pid=6415 comm="syz.0.132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 76.876721][ T5960] Bluetooth: hci2: command 0x0419 tx timeout [ 76.881545][ T5960] Bluetooth: hci3: command 0x0419 tx timeout [ 76.882656][ T5962] Bluetooth: hci1: command 0x0419 tx timeout [ 76.891192][ T40] audit: type=1400 audit(1776897430.761:253): avc: denied { write } for pid=6418 comm="syz.1.131" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 76.903828][ T40] audit: type=1400 audit(1776897430.761:254): avc: denied { open } for pid=6418 comm="syz.1.131" path="/dev/sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 76.914984][ T40] audit: type=1400 audit(1776897430.761:255): avc: denied { create } for pid=6418 comm="syz.1.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 77.058140][ T40] audit: type=1400 audit(1776897430.931:256): avc: denied { mount } for pid=6429 comm="syz.0.135" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 77.076599][ T6430] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(14) [ 77.080121][ T6430] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 77.091067][ T6430] vhci_hcd vhci_hcd.0: Device attached [ 77.130904][ T40] audit: type=1400 audit(1776897431.001:257): avc: denied { mounton } for pid=6429 comm="syz.0.135" path="/file0" dev="bpf" ino=11837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1 [ 77.130986][ T6430] 9p: Bad value for 'rfdno' [ 77.184176][ T6437] fuse: Unknown parameter 'fd0x0000000000000003' [ 77.211832][ T40] audit: type=1400 audit(1776897431.081:258): avc: denied { prog_load } for pid=6429 comm="syz.0.135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 77.247653][ T6434] vhci_hcd: connection closed [ 77.253877][ T1157] vhci_hcd vhci_hcd.0: stop threads [ 77.261484][ T1157] vhci_hcd vhci_hcd.0: release socket [ 77.265755][ T1157] vhci_hcd vhci_hcd.0: disconnect device [ 77.279504][ T6016] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 77.304708][ T6447] netlink: 'syz.3.139': attribute type 4 has an invalid length. [ 77.311146][ T6448] fuse: Bad value for 'group_id' [ 77.315114][ T6448] fuse: Bad value for 'group_id' [ 77.317493][ T6447] netlink: 17 bytes leftover after parsing attributes in process `syz.3.139'. [ 78.038540][ T6467] 9pnet_virtio: no channels available for device syz [ 78.052871][ T6467] faux_driver vkms: [drm] Unknown color mode 256; guessing buffer size. [ 78.093698][ T1432] ieee802154 phy0 wpan0: encryption failed: -22 [ 78.094206][ T6467] netlink: 8 bytes leftover after parsing attributes in process `syz.2.145'. [ 78.096764][ T1432] ieee802154 phy1 wpan1: encryption failed: -22 [ 78.100083][ T6466] netlink: 8 bytes leftover after parsing attributes in process `syz.2.145'. [ 78.236648][ T5950] Bluetooth: hci0: command 0x0419 tx timeout [ 78.308032][ T6479] netlink: 12 bytes leftover after parsing attributes in process `syz.1.150'. [ 78.356993][ T6483] netlink: 32 bytes leftover after parsing attributes in process `syz.3.149'. [ 78.387348][ T6483] netlink: 16 bytes leftover after parsing attributes in process `syz.3.149'. [ 78.394613][ T6483] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=42 sclass=netlink_tcpdiag_socket pid=6483 comm=syz.3.149 [ 78.691971][ T6489] F2FS-fs: Value of option "test_dummy_encryption" is unrecognized [ 78.956848][ T5950] Bluetooth: hci3: command 0x0419 tx timeout [ 78.956896][ T5962] Bluetooth: hci2: command 0x0419 tx timeout [ 78.956910][ T5960] Bluetooth: hci1: command 0x0419 tx timeout [ 80.377737][ T6545] FAULT_INJECTION: forcing a failure. [ 80.377737][ T6545] name failslab, interval 1, probability 0, space 0, times 0 [ 80.383097][ T6545] CPU: 3 UID: 0 PID: 6545 Comm: syz.2.174 Not tainted syzkaller #0 PREEMPT(full) [ 80.383125][ T6545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 80.383136][ T6545] Call Trace: [ 80.383143][ T6545] [ 80.383150][ T6545] dump_stack_lvl+0x100/0x190 [ 80.383295][ T6545] should_fail_ex.cold+0x5/0xa [ 80.383410][ T6545] ? skcipher_walk_next+0xb50/0xe50 [ 80.383508][ T6545] should_failslab+0xc2/0x120 [ 80.383611][ T6545] __kmalloc_noprof+0xe0/0x850 [ 80.383644][ T6545] skcipher_walk_next+0xb50/0xe50 [ 80.383669][ T6545] skcipher_walk_done+0x415/0x8c0 [ 80.383693][ T6545] ctr_crypt_aesni+0x122/0x270 [ 80.383796][ T6545] ? __pfx_ctr_crypt_aesni+0x10/0x10 [ 80.383823][ T6545] ? kfree+0x223/0x6c0 [ 80.383866][ T6545] crypto_skcipher_decrypt+0xfb/0x170 [ 80.383898][ T6545] skcipher_recvmsg+0xc3b/0x1060 [ 80.383934][ T6545] ? __pfx_skcipher_recvmsg+0x10/0x10 [ 80.383954][ T6545] ? avc_has_perm_noaudit+0x145/0x3b0 [ 80.383985][ T6545] ? __pfx_skcipher_recvmsg+0x10/0x10 [ 80.384039][ T6545] sock_recvmsg+0x1a4/0x1f0 [ 80.384212][ T6545] sock_read_iter+0x2c6/0x3c0 [ 80.384233][ T6545] ? __pfx_sock_read_iter+0x10/0x10 [ 80.384253][ T6545] ? _kstrtoull+0x13c/0x1f0 [ 80.384293][ T6545] ? __pfx___file_has_perm+0x10/0x10 [ 80.384318][ T6545] do_iter_readv_writev+0x60d/0x920 [ 80.384357][ T6545] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 80.384387][ T6545] ? selinux_file_permission+0x8f/0x6d0 [ 80.384412][ T6545] ? bpf_lsm_file_permission+0x9/0x10 [ 80.384527][ T6545] ? security_file_permission+0x76/0x210 [ 80.384552][ T6545] ? rw_verify_area+0xce/0x6d0 [ 80.384580][ T6545] vfs_readv+0x4d3/0x8d0 [ 80.384604][ T6545] ? __pfx_vfs_readv+0x10/0x10 [ 80.384622][ T6545] ? find_held_lock+0x2b/0x80 [ 80.384639][ T6545] ? ksys_write+0x190/0x250 [ 80.384670][ T6545] ? __fget_files+0x21f/0x3d0 [ 80.384697][ T6545] ? do_readv+0x28a/0x340 [ 80.384712][ T6545] do_readv+0x28a/0x340 [ 80.384729][ T6545] ? __pfx_do_readv+0x10/0x10 [ 80.384746][ T6545] ? rcu_is_watching+0x12/0xc0 [ 80.384833][ T6545] do_syscall_64+0x10b/0xf80 [ 80.384851][ T6545] ? clear_bhb_loop+0x40/0x90 [ 80.384867][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.384881][ T6545] RIP: 0033:0x7fcf2e99c819 [ 80.384893][ T6545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 80.384908][ T6545] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 80.384921][ T6545] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 80.384929][ T6545] RDX: 0000000000000002 RSI: 0000200000000480 RDI: 0000000000000004 [ 80.384936][ T6545] RBP: 00007fcf2f7b4090 R08: 0000000000000000 R09: 0000000000000000 [ 80.384944][ T6545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.384951][ T6545] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 80.384967][ T6545] [ 80.414658][ T6549] FAULT_INJECTION: forcing a failure. [ 80.414658][ T6549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.519464][ T6549] CPU: 3 UID: 0 PID: 6549 Comm: syz.0.175 Not tainted syzkaller #0 PREEMPT(full) [ 80.519492][ T6549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 80.519502][ T6549] Call Trace: [ 80.519512][ T6549] [ 80.519521][ T6549] dump_stack_lvl+0x100/0x190 [ 80.519552][ T6549] should_fail_ex.cold+0x5/0xa [ 80.519596][ T6549] _copy_from_user+0x2e/0xd0 [ 80.519623][ T6549] iommufd_vfio_ioctl+0x372/0xef0 [ 80.520212][ T6549] ? __pfx_iommufd_vfio_ioctl+0x10/0x10 [ 80.520239][ T6549] ? tomoyo_path_number_perm+0x188/0x580 [ 80.520271][ T6549] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 80.520408][ T6549] ? do_vfs_ioctl+0x226/0x13e0 [ 80.520430][ T6549] iommufd_fops_ioctl+0x459/0x520 [ 80.520459][ T6549] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.520481][ T6549] ? __fget_files+0x215/0x3d0 [ 80.520502][ T6549] ? hook_file_ioctl_common+0x149/0x410 [ 80.520534][ T6549] ? selinux_file_ioctl+0x13b/0x290 [ 80.520554][ T6549] ? selinux_file_ioctl+0xb6/0x290 [ 80.520574][ T6549] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 80.520593][ T6549] __x64_sys_ioctl+0x18e/0x210 [ 80.520610][ T6549] do_syscall_64+0x10b/0xf80 [ 80.520635][ T6549] ? clear_bhb_loop+0x40/0x90 [ 80.520656][ T6549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.520672][ T6549] RIP: 0033:0x7f0876d9c819 [ 80.520689][ T6549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 80.520705][ T6549] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 80.520722][ T6549] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 80.520732][ T6549] RDX: 0000200000000140 RSI: 0000000000003b71 RDI: 0000000000000003 [ 80.520742][ T6549] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 80.520752][ T6549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.520762][ T6549] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 80.520786][ T6549] [ 81.378390][ T6590] FAULT_INJECTION: forcing a failure. [ 81.378390][ T6590] name failslab, interval 1, probability 0, space 0, times 0 [ 81.384655][ T6590] CPU: 2 UID: 0 PID: 6590 Comm: syz.2.189 Not tainted syzkaller #0 PREEMPT(full) [ 81.384683][ T6590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 81.384695][ T6590] Call Trace: [ 81.384705][ T6590] [ 81.384714][ T6590] dump_stack_lvl+0x100/0x190 [ 81.384749][ T6590] should_fail_ex.cold+0x5/0xa [ 81.384779][ T6590] should_failslab+0xc2/0x120 [ 81.384802][ T6590] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 81.384830][ T6590] ? vm_area_alloc+0x1f/0x160 [ 81.384857][ T6590] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 81.384888][ T6590] vm_area_alloc+0x1f/0x160 [ 81.384916][ T6590] __mmap_region+0x104d/0x2da0 [ 81.384954][ T6590] ? __pfx___mmap_region+0x10/0x10 [ 81.384989][ T6590] ? find_held_lock+0x2b/0x80 [ 81.385010][ T6590] ? process_measurement+0x4c8/0x2350 [ 81.385044][ T6590] ? process_measurement+0x4c8/0x2350 [ 81.385079][ T6590] ? process_measurement+0x1f4/0x2350 [ 81.385109][ T6590] ? find_held_lock+0x2b/0x80 [ 81.385137][ T6590] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 81.385593][ T6590] ? __lock_acquire+0x4a5/0x2630 [ 81.385635][ T6590] ? find_held_lock+0x2b/0x80 [ 81.385654][ T6590] ? is_bpf_text_address+0x8a/0x1a0 [ 81.385728][ T6590] mmap_region+0x35d/0x620 [ 81.385763][ T6590] ? __pfx_mmap_region+0x10/0x10 [ 81.385794][ T6590] ? cap_capable+0x10b/0x440 [ 81.385989][ T6590] ? bpf_lsm_capable+0x9/0x10 [ 81.386010][ T6590] ? security_capable+0x80/0x260 [ 81.386051][ T6590] do_mmap+0xc63/0x12f0 [ 81.386081][ T6590] ? __pfx_do_mmap+0x10/0x10 [ 81.386105][ T6590] ? __pfx_down_write_killable+0x10/0x10 [ 81.386143][ T6590] vm_mmap_pgoff+0x29e/0x470 [ 81.386236][ T6590] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 81.386255][ T6590] ? __fget_files+0x215/0x3d0 [ 81.386284][ T6590] ? __fget_files+0x21f/0x3d0 [ 81.386313][ T6590] ksys_mmap_pgoff+0x3cb/0x610 [ 81.386340][ T6590] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 81.386360][ T6590] ? fput+0x79/0x100 [ 81.386387][ T6590] ? ksys_write+0x1ac/0x250 [ 81.386408][ T6590] ? __pfx_ksys_write+0x10/0x10 [ 81.386463][ T6590] __x64_sys_mmap+0x125/0x190 [ 81.386716][ T6590] do_syscall_64+0x10b/0xf80 [ 81.386744][ T6590] ? clear_bhb_loop+0x40/0x90 [ 81.386769][ T6590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.386790][ T6590] RIP: 0033:0x7fcf2e99c819 [ 81.386810][ T6590] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 81.386829][ T6590] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 81.386850][ T6590] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 81.386864][ T6590] RDX: 0000000002000003 RSI: 0000000000007000 RDI: 0000200000000000 [ 81.386876][ T6590] RBP: 00007fcf2f7b4090 R08: 0000000000000005 R09: 0000000000000000 [ 81.386888][ T6590] R10: 0000000000097052 R11: 0000000000000246 R12: 0000000000000001 [ 81.386899][ T6590] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 81.386927][ T6590] [ 81.406773][ T6015] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 81.668039][ T6015] usb 5-1: not running at top speed; connect to a high speed hub [ 81.676588][ T6015] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2 [ 81.684486][ T6015] usb 5-1: New USB device found, idVendor=0944, idProduct=0201, bcdDevice= 0.40 [ 81.688268][ T6015] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.691563][ T6015] usb 5-1: Product: syz [ 81.693828][ T6015] usb 5-1: Manufacturer: syz [ 81.696070][ T6015] usb 5-1: SerialNumber: syz [ 81.855310][ T6599] netlink: 16 bytes leftover after parsing attributes in process `syz.1.191'. [ 81.904252][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 81.904266][ T40] audit: type=1400 audit(1776897435.771:287): avc: denied { write } for pid=6594 comm="syz.1.191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 81.913487][ T40] audit: type=1400 audit(1776897435.771:288): avc: denied { nlmsg_write } for pid=6594 comm="syz.1.191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 81.955502][ T6015] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 81.959023][ T6015] usb 5-1: MIDIStreaming interface descriptor not found [ 82.010803][ T6015] usb 5-1: USB disconnect, device number 2 [ 82.039270][ T5955] udevd[5955]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 82.556985][ T6620] FAULT_INJECTION: forcing a failure. [ 82.556985][ T6620] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.562091][ T6620] CPU: 1 UID: 0 PID: 6620 Comm: syz.1.198 Not tainted syzkaller #0 PREEMPT(full) [ 82.562108][ T6620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 82.562115][ T6620] Call Trace: [ 82.562120][ T6620] [ 82.562125][ T6620] dump_stack_lvl+0x100/0x190 [ 82.562147][ T6620] should_fail_ex.cold+0x5/0xa [ 82.562167][ T6620] _copy_from_user+0x2e/0xd0 [ 82.562183][ T6620] __sys_bpf+0x243/0x4b90 [ 82.562205][ T6620] ? __pfx___sys_bpf+0x10/0x10 [ 82.562220][ T6620] ? proc_fail_nth_write+0x9f/0x220 [ 82.562235][ T6620] ? find_held_lock+0x2b/0x80 [ 82.562249][ T6620] ? find_held_lock+0x2b/0x80 [ 82.562259][ T6620] ? ksys_write+0x190/0x250 [ 82.562271][ T6620] ? ksys_write+0x190/0x250 [ 82.562285][ T6620] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 82.562302][ T6620] ? kernel_write+0x6a3/0x6c0 [ 82.562314][ T6620] ? __fget_files+0x215/0x3d0 [ 82.562337][ T6620] ? fput+0x79/0x100 [ 82.562352][ T6620] ? ksys_write+0x1ac/0x250 [ 82.562363][ T6620] ? __pfx_ksys_write+0x10/0x10 [ 82.562377][ T6620] __x64_sys_bpf+0x7b/0xc0 [ 82.562387][ T6620] ? lockdep_hardirqs_on+0x78/0x100 [ 82.562403][ T6620] do_syscall_64+0x10b/0xf80 [ 82.562417][ T6620] ? clear_bhb_loop+0x40/0x90 [ 82.562432][ T6620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.562444][ T6620] RIP: 0033:0x7f932079c819 [ 82.562455][ T6620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 82.562466][ T6620] RSP: 002b:00007f9321593028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 82.562477][ T6620] RAX: ffffffffffffffda RBX: 00007f9320a15fa0 RCX: 00007f932079c819 [ 82.562484][ T6620] RDX: 0000000000000048 RSI: 0000200000000500 RDI: 000000000000000a [ 82.562490][ T6620] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 82.562496][ T6620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.562502][ T6620] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 82.562516][ T6620] [ 82.928876][ T6630] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 82.946361][ T6630] syzkaller0: entered promiscuous mode [ 82.948309][ T6630] syzkaller0: entered allmulticast mode [ 82.991231][ T40] audit: type=1400 audit(1776897436.861:289): avc: denied { create } for pid=6633 comm="syz.1.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 82.995436][ T6634] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 82.998907][ T40] audit: type=1400 audit(1776897436.861:290): avc: denied { setopt } for pid=6633 comm="syz.1.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 83.002452][ T6634] audit: out of memory in audit_log_start [ 83.009361][ T40] audit: type=1400 audit(1776897436.861:291): avc: denied { connect } for pid=6633 comm="syz.1.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 83.019703][ T40] audit: type=1400 audit(1776897436.861:292): avc: denied { write } for pid=6633 comm="syz.1.202" path="socket:[12093]" dev="sockfs" ino=12093 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 83.306641][ T1347] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 83.457871][ T1347] usb 6-1: not running at top speed; connect to a high speed hub [ 83.462797][ T1347] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2 [ 83.470244][ T1347] usb 6-1: New USB device found, idVendor=0944, idProduct=0201, bcdDevice= 0.40 [ 83.474820][ T1347] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.479175][ T1347] usb 6-1: Product: syz [ 83.481036][ T1347] usb 6-1: Manufacturer: syz [ 83.483113][ T1347] usb 6-1: SerialNumber: syz [ 83.714772][ T1347] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 83.721074][ T1347] usb 6-1: MIDIStreaming interface descriptor not found [ 83.753980][ T6644] netlink: 28 bytes leftover after parsing attributes in process `syz.2.206'. [ 83.758384][ T6644] netlink: 28 bytes leftover after parsing attributes in process `syz.2.206'. [ 83.770516][ T1347] usb 6-1: USB disconnect, device number 3 [ 83.788988][ T6644] erspan0: entered promiscuous mode [ 83.793572][ T6644] gretap0: entered promiscuous mode [ 83.798123][ T6644] hsr1: Slave A (erspan0) is not up; please bring it up to get a fully working HSR network [ 83.806559][ T6644] hsr1: Slave B (gretap0) is not up; please bring it up to get a fully working HSR network [ 83.828415][ T5955] udevd[5955]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 83.972578][ T6661] FAULT_INJECTION: forcing a failure. [ 83.972578][ T6661] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.981105][ T6661] CPU: 2 UID: 0 PID: 6661 Comm: syz.3.211 Not tainted syzkaller #0 PREEMPT(full) [ 83.981131][ T6661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 83.981141][ T6661] Call Trace: [ 83.981148][ T6661] [ 83.981154][ T6661] dump_stack_lvl+0x100/0x190 [ 83.981181][ T6661] should_fail_ex.cold+0x5/0xa [ 83.981204][ T6661] _copy_to_user+0x32/0xd0 [ 83.981225][ T6661] simple_read_from_buffer+0xcb/0x170 [ 83.981256][ T6661] proc_fail_nth_read+0x1af/0x230 [ 83.981276][ T6661] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 83.981294][ T6661] ? rw_verify_area+0xce/0x6d0 [ 83.981318][ T6661] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 83.981338][ T6661] vfs_read+0x1e4/0xb30 [ 83.981361][ T6661] ? __pfx_vfs_read+0x10/0x10 [ 83.981379][ T6661] ? __fget_files+0x215/0x3d0 [ 83.981406][ T6661] ? __fget_files+0x21f/0x3d0 [ 83.981428][ T6661] ksys_read+0x12a/0x250 [ 83.981445][ T6661] ? __pfx_ksys_read+0x10/0x10 [ 83.981464][ T6661] ? rcu_is_watching+0x12/0xc0 [ 83.981498][ T6661] do_syscall_64+0x10b/0xf80 [ 83.981522][ T6661] ? clear_bhb_loop+0x40/0x90 [ 83.981546][ T6661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.981565][ T6661] RIP: 0033:0x7fb64135d04e [ 83.981581][ T6661] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 83.981598][ T6661] RSP: 002b:00007fb6421c1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 83.981618][ T6661] RAX: ffffffffffffffda RBX: 00007fb6421c26c0 RCX: 00007fb64135d04e [ 83.981629][ T6661] RDX: 000000000000000f RSI: 00007fb6421c20a0 RDI: 0000000000000005 [ 83.981640][ T6661] RBP: 00007fb6421c2090 R08: 0000000000000000 R09: 0000000000000000 [ 83.981651][ T6661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.981661][ T6661] R13: 00007fb641616038 R14: 00007fb641615fa0 R15: 00007ffeadf3e568 [ 83.981686][ T6661] [ 83.994177][ T6663] FAULT_INJECTION: forcing a failure. [ 83.994177][ T6663] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.083678][ T6663] CPU: 2 UID: 0 PID: 6663 Comm: syz.2.212 Not tainted syzkaller #0 PREEMPT(full) [ 84.083710][ T6663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 84.083720][ T6663] Call Trace: [ 84.083728][ T6663] [ 84.083735][ T6663] dump_stack_lvl+0x100/0x190 [ 84.083768][ T6663] should_fail_ex.cold+0x5/0xa [ 84.083795][ T6663] _copy_from_iter+0x1f4/0x1690 [ 84.083824][ T6663] ? __asan_memset+0x23/0x50 [ 84.083849][ T6663] ? __pfx__copy_from_iter+0x10/0x10 [ 84.083863][ T6663] ? __pfx___alloc_skb+0x10/0x10 [ 84.083885][ T6663] netlink_sendmsg+0x808/0xda0 [ 84.084026][ T6663] ? __pfx_netlink_sendmsg+0x10/0x10 [ 84.084038][ T6663] ? __might_fault+0x30/0x140 [ 84.084059][ T6663] ____sys_sendmsg+0x9e1/0xb70 [ 84.084071][ T6663] ? __pfx_netlink_sendmsg+0x10/0x10 [ 84.084091][ T6663] ? __pfx_____sys_sendmsg+0x10/0x10 [ 84.084122][ T6663] ___sys_sendmsg+0x190/0x1e0 [ 84.084147][ T6663] ? __pfx____sys_sendmsg+0x10/0x10 [ 84.084177][ T6663] __sys_sendmsg+0x170/0x220 [ 84.084194][ T6663] ? __pfx___sys_sendmsg+0x10/0x10 [ 84.084216][ T6663] ? rcu_is_watching+0x12/0xc0 [ 84.084237][ T6663] do_syscall_64+0x10b/0xf80 [ 84.084253][ T6663] ? clear_bhb_loop+0x40/0x90 [ 84.084268][ T6663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.084279][ T6663] RIP: 0033:0x7fcf2e99c819 [ 84.084291][ T6663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 84.084301][ T6663] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 84.084313][ T6663] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 84.084320][ T6663] RDX: 0000000000000080 RSI: 0000200000000180 RDI: 0000000000000003 [ 84.084332][ T6663] RBP: 00007fcf2f7b4090 R08: 0000000000000000 R09: 0000000000000000 [ 84.084338][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.084344][ T6663] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 84.084358][ T6663] [ 84.314120][ T6673] netlink: 92 bytes leftover after parsing attributes in process `syz.1.217'. [ 84.318987][ T6675] ======================================================= [ 84.318987][ T6675] WARNING: The mand mount option has been deprecated and [ 84.318987][ T6675] and is ignored by this kernel. Remove the mand [ 84.318987][ T6675] option from the mount to silence this warning. [ 84.318987][ T6675] ======================================================= [ 84.339693][ T40] audit: type=1400 audit(1776897438.211:293): avc: denied { mount } for pid=6674 comm="syz.2.216" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 84.357244][ T40] audit: type=1400 audit(1776897438.231:294): avc: denied { unlink } for pid=6674 comm="syz.2.216" name="#7" dev="tmpfs" ino=321 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 84.369137][ T6675] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 84.406864][ T6679] netlink: 'syz.1.219': attribute type 21 has an invalid length. [ 84.409540][ T6679] netlink: 156 bytes leftover after parsing attributes in process `syz.1.219'. [ 84.564184][ T6686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.221'. [ 84.789349][ T6702] FAULT_INJECTION: forcing a failure. [ 84.789349][ T6702] name failslab, interval 1, probability 0, space 0, times 0 [ 84.796612][ T6702] CPU: 2 UID: 0 PID: 6702 Comm: syz.1.226 Not tainted syzkaller #0 PREEMPT(full) [ 84.796638][ T6702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 84.796647][ T6702] Call Trace: [ 84.796654][ T6702] [ 84.796660][ T6702] dump_stack_lvl+0x100/0x190 [ 84.796691][ T6702] should_fail_ex.cold+0x5/0xa [ 84.796717][ T6702] should_failslab+0xc2/0x120 [ 84.796736][ T6702] __kmalloc_cache_noprof+0x7a/0x6f0 [ 84.796758][ T6702] ? vhost_task_create+0xee/0x370 [ 84.796854][ T6702] ? trace_contention_end+0x122/0x170 [ 84.796878][ T6702] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 84.797117][ T6702] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 84.797137][ T6702] vhost_task_create+0xee/0x370 [ 84.797155][ T6702] ? __pfx_vhost_task_create+0x10/0x10 [ 84.797171][ T6702] ? register_lock_class+0x40/0x560 [ 84.797198][ T6702] ? __pfx_vhost_task_fn+0x10/0x10 [ 84.797224][ T6702] ? __pfx___mutex_lock+0x10/0x10 [ 84.797246][ T6702] ? kasan_quarantine_put+0x104/0x240 [ 84.797272][ T6702] kvm_mmu_post_init_vm+0x1b3/0x370 [ 84.797300][ T6702] kvm_arch_vcpu_ioctl_run+0x66/0x1890 [ 84.797678][ T6702] ? kvm_vcpu_ioctl+0x1546/0x1720 [ 84.798055][ T6702] kvm_vcpu_ioctl+0x730/0x1720 [ 84.798087][ T6702] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 84.798109][ T6702] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 84.798132][ T6702] ? do_vfs_ioctl+0x226/0x13e0 [ 84.798154][ T6702] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 84.798175][ T6702] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 84.798203][ T6702] ? __fget_files+0x215/0x3d0 [ 84.798226][ T6702] ? hook_file_ioctl_common+0x149/0x410 [ 84.798257][ T6702] ? selinux_file_ioctl+0x13b/0x290 [ 84.798276][ T6702] ? selinux_file_ioctl+0xb6/0x290 [ 84.798300][ T6702] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 84.798322][ T6702] __x64_sys_ioctl+0x18e/0x210 [ 84.798344][ T6702] do_syscall_64+0x10b/0xf80 [ 84.798371][ T6702] ? clear_bhb_loop+0x40/0x90 [ 84.798396][ T6702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.798417][ T6702] RIP: 0033:0x7f932079c819 [ 84.798436][ T6702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 84.798454][ T6702] RSP: 002b:00007f9321593028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 84.798475][ T6702] RAX: ffffffffffffffda RBX: 00007f9320a15fa0 RCX: 00007f932079c819 [ 84.798487][ T6702] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 84.798498][ T6702] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 84.798509][ T6702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.798520][ T6702] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 84.798548][ T6702] qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xbb000) [ 85.581292][ T1127] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 85.584518][ T1127] ata1: failed to read log page 10h (errno=-5) [ 85.589560][ T1127] ata1.00: exception Emask 0x1 SAct 0xc000 SErr 0x0 action 0x0 [ 85.593244][ T1127] ata1.00: irq_stat 0x41000000 [ 85.595731][ T1127] ata1.00: failed command: WRITE FPDMA QUEUED [ 85.598676][ T1127] ata1.00: cmd 61/d8:70:36:11:08/05:00:00:00:00/40 tag 14 ncq dma 765952 out [ 85.598676][ T1127] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 85.610992][ T1127] ata1.00: status: { DRDY } [ 85.613410][ T1127] ata1.00: error: { ABRT } [ 85.616359][ T1127] ata1.00: failed command: WRITE FPDMA QUEUED [ 85.619352][ T1127] ata1.00: cmd 61/38:78:0e:17:08/03:00:00:00:00/40 tag 15 ncq dma 421888 out [ 85.619352][ T1127] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 85.626306][ T1127] ata1.00: status: { DRDY } [ 85.628303][ T1127] ata1.00: error: { ABRT } [ 85.633039][ T1127] ata1.00: configured for UDMA/100 [ 85.637662][ T1127] ata1: EH complete [ 86.392160][ T6748] loop6: detected capacity change from 0 to 8 [ 86.473870][ T2086] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.479755][ T2086] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.481967][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.482016][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.482142][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.482166][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.482275][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.482296][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.482361][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.482382][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.482527][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.482554][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.482749][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.482784][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.483123][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.483156][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.483239][ T6748] ldm_validate_partition_table(): Disk read failed. [ 86.483384][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.483417][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.483634][ T6748] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 86.483664][ T6748] Buffer I/O error on dev loop6, logical block 0, async page read [ 86.483944][ T6748] Dev loop6: unable to read RDB block 0 [ 86.489682][ T6748] loop6: unable to read partition table [ 86.489843][ T6748] loop6: partition table beyond EOD, truncated [ 86.490016][ T6748] loop_reread_partitions: partition scan of loop6 (ÄNùh*h‘…ÿìžÝ×pਸ਼ "ýo§æ?<í ¯ÊºöÙXDˆÚbÔÌp0ìO{š¸›>.) failed (rc=-5) [ 86.938569][ T6774] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 86.941280][ T6774] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 86.965698][ T6772] netlink: 20 bytes leftover after parsing attributes in process `syz.0.247'. [ 86.968161][ T6774] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1025 sclass=netlink_route_socket pid=6774 comm=syz.1.249 [ 86.976982][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 86.977110][ T40] audit: type=1400 audit(1776897440.851:304): avc: denied { ioctl } for pid=6769 comm="syz.0.247" path="socket:[14192]" dev="sockfs" ino=14192 ioctlcmd=0x9410 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 87.172494][ T40] audit: type=1400 audit(1776897441.041:305): avc: denied { write } for pid=6787 comm="syz.2.255" name="renderD128" dev="devtmpfs" ino=634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 87.194331][ T6789] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 87.217387][ T6786] FAULT_INJECTION: forcing a failure. [ 87.217387][ T6786] name failslab, interval 1, probability 0, space 0, times 0 [ 87.221742][ T6786] CPU: 0 UID: 0 PID: 6786 Comm: syz.0.253 Not tainted syzkaller #0 PREEMPT(full) [ 87.221759][ T6786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 87.221819][ T6786] Call Trace: [ 87.221825][ T6786] [ 87.221831][ T6786] dump_stack_lvl+0x100/0x190 [ 87.222996][ T6786] should_fail_ex.cold+0x5/0xa [ 87.223227][ T6786] ? tomoyo_encode2+0xfb/0x3c0 [ 87.223476][ T6786] should_failslab+0xc2/0x120 [ 87.223917][ T6786] __kmalloc_noprof+0xe0/0x850 [ 87.223987][ T6786] tomoyo_encode2+0xfb/0x3c0 [ 87.224004][ T6786] tomoyo_encode+0x29/0x50 [ 87.224018][ T6786] tomoyo_realpath_from_path+0x18c/0x690 [ 87.224038][ T6786] tomoyo_path_number_perm+0x23c/0x580 [ 87.224051][ T6786] ? tomoyo_path_number_perm+0x22e/0x580 [ 87.224064][ T6786] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 87.224092][ T6786] ? find_held_lock+0x2b/0x80 [ 87.224275][ T6786] ? __fget_files+0x215/0x3d0 [ 87.224341][ T6786] ? hook_file_ioctl_common+0x149/0x410 [ 87.224357][ T6786] ? __fget_files+0x215/0x3d0 [ 87.224374][ T6786] ? __fget_files+0x21f/0x3d0 [ 87.224391][ T6786] security_file_ioctl+0xd3/0x230 [ 87.224463][ T6786] __x64_sys_ioctl+0xb7/0x210 [ 87.224478][ T6786] do_syscall_64+0x10b/0xf80 [ 87.224709][ T6786] ? clear_bhb_loop+0x40/0x90 [ 87.224726][ T6786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.224739][ T6786] RIP: 0033:0x7f0876d9c819 [ 87.224753][ T6786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 87.224765][ T6786] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.224779][ T6786] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 87.224788][ T6786] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 87.224795][ T6786] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 87.224803][ T6786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.224810][ T6786] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 87.224826][ T6786] [ 87.225008][ T6786] ERROR: Out of memory at tomoyo_realpath_from_path. [ 87.991861][ T6803] FAULT_INJECTION: forcing a failure. [ 87.991861][ T6803] name failslab, interval 1, probability 0, space 0, times 0 [ 88.001286][ T6803] CPU: 3 UID: 0 PID: 6803 Comm: syz.0.260 Not tainted syzkaller #0 PREEMPT(full) [ 88.001315][ T6803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.001596][ T6803] Call Trace: [ 88.001606][ T6803] [ 88.001613][ T6803] dump_stack_lvl+0x100/0x190 [ 88.003807][ T6803] should_fail_ex.cold+0x5/0xa [ 88.004681][ T6803] should_failslab+0xc2/0x120 [ 88.005566][ T6803] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 88.005825][ T6803] ? dst_alloc+0x99/0x1a0 [ 88.006797][ T6805] netlink: 28 bytes leftover after parsing attributes in process `syz.1.261'. [ 88.006689][ T6803] ? __pfx_ip6_dst_gc+0x10/0x10 [ 88.006976][ T6803] dst_alloc+0x99/0x1a0 [ 88.007003][ T6803] ip6_pol_route+0x948/0x1230 [ 88.007025][ T6803] ? __pfx_ip6_pol_route+0x10/0x10 [ 88.007060][ T6803] ? lock_acquire+0x1b1/0x370 [ 88.007545][ T6803] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 88.007564][ T6803] fib6_rule_action+0x2e9/0x910 [ 88.007585][ T6803] ? __pfx_fib6_rule_action+0x10/0x10 [ 88.007604][ T6803] fib_rules_lookup+0x418/0x1060 [ 88.007630][ T6803] ? __pfx_fib_rules_lookup+0x10/0x10 [ 88.007653][ T6803] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 88.007678][ T6803] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 88.007698][ T6803] fib6_rule_lookup+0x18b/0x720 [ 88.007720][ T6803] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 88.007737][ T6803] ? find_held_lock+0x2b/0x80 [ 88.007752][ T6803] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 88.008068][ T6803] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 88.008095][ T6803] ? __pfx_ipv6_find_hdr+0x10/0x10 [ 88.008115][ T6803] ? __local_bh_enable_ip+0x9e/0x120 [ 88.008353][ T6803] ip6_route_output_flags+0x1d0/0x650 [ 88.008377][ T6803] ip6_update_pmtu+0x267/0x3b0 [ 88.008400][ T6803] ? __pfx_ip6_update_pmtu+0x10/0x10 [ 88.008437][ T6803] icmpv6_err+0x2a2/0x3f0 [ 88.008460][ T6803] ? __pfx_icmpv6_err+0x10/0x10 [ 88.008479][ T6803] icmpv6_notify+0x35e/0x820 [ 88.008501][ T6803] ? __pfx_icmpv6_notify+0x10/0x10 [ 88.008527][ T6803] icmpv6_rcv+0x10ae/0x19a0 [ 88.008553][ T6803] ? __pfx_icmpv6_rcv+0x10/0x10 [ 88.008574][ T6803] ip6_protocol_deliver_rcu+0xf97/0x1500 [ 88.008613][ T6803] ip6_input_finish+0x1e4/0x4a0 [ 88.008639][ T6803] ip6_input+0x105/0x2f0 [ 88.008665][ T6803] ip6_mc_input+0x513/0xf50 [ 88.008691][ T6803] ? __pfx_ip6_mc_input+0x10/0x10 [ 88.008717][ T6803] ? ip6_rcv_finish_core.isra.0+0x113/0x1260 [ 88.008749][ T6803] ? __pfx_ip6_mc_input+0x10/0x10 [ 88.008774][ T6803] ipv6_rcv+0x34c/0x3d0 [ 88.008798][ T6803] ? __pfx_ipv6_rcv+0x10/0x10 [ 88.008818][ T6803] __netif_receive_skb_one_core+0x12d/0x1e0 [ 88.008844][ T6803] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 88.008868][ T6803] ? lock_acquire+0x1b1/0x370 [ 88.008899][ T6803] __netif_receive_skb+0x1f/0x120 [ 88.008921][ T6803] netif_receive_skb+0x13b/0x7f0 [ 88.008942][ T6803] ? tun_build_skb.constprop.0+0x9b5/0x18f0 [ 88.010013][ T6803] ? __pfx_netif_receive_skb+0x10/0x10 [ 88.010045][ T6803] tun_rx_batched.isra.0+0x3f6/0x750 [ 88.010073][ T6803] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 88.010100][ T6803] ? rcu_is_watching+0x12/0xc0 [ 88.010274][ T6803] ? tun_get_user+0x1cc8/0x3c20 [ 88.010295][ T6803] tun_get_user+0x1e31/0x3c20 [ 88.010328][ T6803] ? __pfx_tun_get_user+0x10/0x10 [ 88.010350][ T6803] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 88.010842][ T6803] ? find_held_lock+0x2b/0x80 [ 88.010863][ T6803] ? tun_get+0x191/0x370 [ 88.010881][ T6803] ? tun_get+0x191/0x370 [ 88.010909][ T6803] tun_chr_write_iter+0xdc/0x200 [ 88.010936][ T6803] vfs_write+0x6ac/0x1070 [ 88.011082][ T6803] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 88.011109][ T6803] ? __pfx_vfs_write+0x10/0x10 [ 88.011127][ T6803] ? find_held_lock+0x2b/0x80 [ 88.011166][ T6803] ksys_write+0x12a/0x250 [ 88.011187][ T6803] ? __pfx_ksys_write+0x10/0x10 [ 88.011212][ T6803] ? rcu_is_watching+0x12/0xc0 [ 88.011245][ T6803] do_syscall_64+0x10b/0xf80 [ 88.011274][ T6803] ? clear_bhb_loop+0x40/0x90 [ 88.011299][ T6803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.011320][ T6803] RIP: 0033:0x7f0876d5d04e [ 88.011543][ T6803] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 88.011559][ T6803] RSP: 002b:00007f0877bbffb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 88.011579][ T6803] RAX: ffffffffffffffda RBX: 00007f0877bc06c0 RCX: 00007f0876d5d04e [ 88.011593][ T6803] RDX: 000000000000007e RSI: 0000200000000200 RDI: 00000000000000c8 [ 88.011604][ T6803] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 88.011615][ T6803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.011628][ T6803] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 88.011656][ T6803] [ 88.119497][ T6812] FAULT_INJECTION: forcing a failure. [ 88.119497][ T6812] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.171314][ T6812] CPU: 3 UID: 0 PID: 6812 Comm: syz.2.263 Not tainted syzkaller #0 PREEMPT(full) [ 88.171335][ T6812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.171342][ T6812] Call Trace: [ 88.171348][ T6812] [ 88.171353][ T6812] dump_stack_lvl+0x100/0x190 [ 88.171376][ T6812] should_fail_ex.cold+0x5/0xa [ 88.171395][ T6812] _copy_from_user+0x2e/0xd0 [ 88.171414][ T6812] do_ipt_set_ctl+0x8c8/0xb90 [ 88.171433][ T6812] ? find_held_lock+0x2b/0x80 [ 88.171448][ T6812] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 88.171464][ T6812] ? sockopt_release_sock+0x57/0x70 [ 88.171483][ T6812] ? __local_bh_enable_ip+0x9e/0x120 [ 88.171503][ T6812] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 88.171534][ T6812] ? nf_sockopt_find.isra.0+0x222/0x290 [ 88.171554][ T6812] nf_setsockopt+0x8d/0xf0 [ 88.171572][ T6812] ip_setsockopt+0xcb/0xf0 [ 88.171591][ T6812] tcp_setsockopt+0xa7/0x100 [ 88.171615][ T6812] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 88.171630][ T6812] do_sock_setsockopt+0xf3/0x1d0 [ 88.171645][ T6812] __sys_setsockopt+0x195/0x220 [ 88.171665][ T6812] __x64_sys_setsockopt+0xbd/0x160 [ 88.171683][ T6812] ? do_syscall_64+0x90/0xf80 [ 88.171699][ T6812] ? lockdep_hardirqs_on+0x78/0x100 [ 88.171717][ T6812] do_syscall_64+0x10b/0xf80 [ 88.171733][ T6812] ? clear_bhb_loop+0x40/0x90 [ 88.171748][ T6812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.171761][ T6812] RIP: 0033:0x7fcf2e99c819 [ 88.171773][ T6812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.171786][ T6812] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 88.171799][ T6812] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 88.171806][ T6812] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003 [ 88.171813][ T6812] RBP: 00007fcf2f7b4090 R08: 00000000000002a0 R09: 0000000000000000 [ 88.171820][ T6812] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.171827][ T6812] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 88.171842][ T6812] [ 88.623120][ T6825] xt_hashlimit: size too large, truncated to 1048576 [ 88.950886][ T6835] FAULT_INJECTION: forcing a failure. [ 88.950886][ T6835] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.958653][ T6835] CPU: 3 UID: 0 PID: 6835 Comm: syz.1.270 Not tainted syzkaller #0 PREEMPT(full) [ 88.958679][ T6835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.958828][ T6835] Call Trace: [ 88.959021][ T6835] [ 88.959025][ T6835] dump_stack_lvl+0x100/0x190 [ 88.959960][ T6835] should_fail_ex.cold+0x5/0xa [ 88.960244][ T6835] _copy_from_user+0x2e/0xd0 [ 88.960464][ T6835] kvm_vm_ioctl+0xd3b/0x4050 [ 88.960575][ T6835] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 88.960600][ T6835] ? kasan_quarantine_put+0x104/0x240 [ 88.960849][ T6835] ? lockdep_hardirqs_on+0x78/0x100 [ 88.960874][ T6835] ? find_held_lock+0x2b/0x80 [ 88.960983][ T6835] ? tomoyo_path_number_perm+0x28f/0x580 [ 88.961104][ T6835] ? tomoyo_path_number_perm+0x28f/0x580 [ 88.961124][ T6835] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 88.961209][ T6835] ? do_vfs_ioctl+0x226/0x13e0 [ 88.961269][ T6835] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 88.961279][ T6835] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 88.961297][ T6835] ? __fget_files+0x215/0x3d0 [ 88.961311][ T6835] ? hook_file_ioctl_common+0x149/0x410 [ 88.961330][ T6835] ? selinux_file_ioctl+0x13b/0x290 [ 88.961341][ T6835] ? selinux_file_ioctl+0xb6/0x290 [ 88.961354][ T6835] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 88.961370][ T6835] __x64_sys_ioctl+0x18e/0x210 [ 88.961381][ T6835] do_syscall_64+0x10b/0xf80 [ 88.961396][ T6835] ? clear_bhb_loop+0x40/0x90 [ 88.961411][ T6835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.961422][ T6835] RIP: 0033:0x7f932079c819 [ 88.961484][ T6835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.961495][ T6835] RSP: 002b:00007f9321593028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 88.961507][ T6835] RAX: ffffffffffffffda RBX: 00007f9320a15fa0 RCX: 00007f932079c819 [ 88.961514][ T6835] RDX: 00002000000006c0 RSI: 000000004040ae79 RDI: 0000000000000004 [ 88.961520][ T6835] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 88.961526][ T6835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.961532][ T6835] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 88.961546][ T6835] [ 89.155202][ T6840] FAULT_INJECTION: forcing a failure. [ 89.155202][ T6840] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 89.164996][ T6840] CPU: 1 UID: 0 PID: 6840 Comm: syz.0.272 Not tainted syzkaller #0 PREEMPT(full) [ 89.165014][ T6840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 89.165020][ T6840] Call Trace: [ 89.165026][ T6840] [ 89.165031][ T6840] dump_stack_lvl+0x100/0x190 [ 89.165052][ T6840] should_fail_ex.cold+0x5/0xa [ 89.165069][ T6840] _copy_from_iter+0x1f4/0x1690 [ 89.165100][ T6840] ? __asan_memset+0x23/0x50 [ 89.165118][ T6840] ? __pfx__copy_from_iter+0x10/0x10 [ 89.165131][ T6840] ? __pfx___alloc_skb+0x10/0x10 [ 89.165277][ T6840] netlink_sendmsg+0x808/0xda0 [ 89.165292][ T6840] ? __pfx_netlink_sendmsg+0x10/0x10 [ 89.165304][ T6840] ? __might_fault+0x30/0x140 [ 89.165387][ T6840] ____sys_sendmsg+0x9e1/0xb70 [ 89.165399][ T6840] ? __pfx_netlink_sendmsg+0x10/0x10 [ 89.165412][ T6840] ? __pfx_____sys_sendmsg+0x10/0x10 [ 89.165430][ T6840] ___sys_sendmsg+0x190/0x1e0 [ 89.165444][ T6840] ? __pfx____sys_sendmsg+0x10/0x10 [ 89.165472][ T6840] __sys_sendmsg+0x170/0x220 [ 89.165489][ T6840] ? __pfx___sys_sendmsg+0x10/0x10 [ 89.165510][ T6840] ? rcu_is_watching+0x12/0xc0 [ 89.165579][ T6840] do_syscall_64+0x10b/0xf80 [ 89.165594][ T6840] ? clear_bhb_loop+0x40/0x90 [ 89.165607][ T6840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.165618][ T6840] RIP: 0033:0x7f0876d9c819 [ 89.165629][ T6840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 89.165639][ T6840] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 89.165651][ T6840] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 89.165659][ T6840] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003 [ 89.165668][ T6840] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 89.165676][ T6840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.165685][ T6840] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 89.165703][ T6840] [ 89.969505][ T6862] FAULT_INJECTION: forcing a failure. [ 89.969505][ T6862] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 89.980594][ T6862] CPU: 2 UID: 0 PID: 6862 Comm: syz.1.278 Not tainted syzkaller #0 PREEMPT(full) [ 89.980624][ T6862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 89.980692][ T6862] Call Trace: [ 89.980775][ T6862] [ 89.980782][ T6862] dump_stack_lvl+0x100/0x190 [ 89.981803][ T6862] should_fail_ex.cold+0x5/0xa [ 89.982145][ T6862] _copy_to_user+0x32/0xd0 [ 89.982472][ T6862] simple_read_from_buffer+0xcb/0x170 [ 89.982765][ T6862] proc_fail_nth_read+0x1af/0x230 [ 89.982885][ T6862] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 89.982901][ T6862] ? rw_verify_area+0xce/0x6d0 [ 89.982987][ T6862] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 89.983002][ T6862] vfs_read+0x1e4/0xb30 [ 89.983019][ T6862] ? __pfx_vfs_read+0x10/0x10 [ 89.983033][ T6862] ? __fget_files+0x215/0x3d0 [ 89.983059][ T6862] ? __fget_files+0x21f/0x3d0 [ 89.983085][ T6862] ksys_read+0x12a/0x250 [ 89.983099][ T6862] ? __pfx_ksys_read+0x10/0x10 [ 89.983112][ T6862] ? rcu_is_watching+0x12/0xc0 [ 89.983341][ T6862] do_syscall_64+0x10b/0xf80 [ 89.983654][ T6862] ? clear_bhb_loop+0x40/0x90 [ 89.983670][ T6862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.983682][ T6862] RIP: 0033:0x7f932075d04e [ 89.983736][ T6862] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 89.983747][ T6862] RSP: 002b:00007f9321571fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 89.983760][ T6862] RAX: ffffffffffffffda RBX: 00007f93215726c0 RCX: 00007f932075d04e [ 89.983766][ T6862] RDX: 000000000000000f RSI: 00007f93215720a0 RDI: 0000000000000008 [ 89.983772][ T6862] RBP: 00007f9321572090 R08: 0000000000000000 R09: 0000000000000000 [ 89.983779][ T6862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.983785][ T6862] R13: 00007f9320a16128 R14: 00007f9320a16090 R15: 00007fff9f958c38 [ 89.983799][ T6862] [ 90.176305][ T40] audit: type=1400 audit(1776897444.031:306): avc: denied { create } for pid=6863 comm="syz.1.279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 90.183638][ T40] audit: type=1400 audit(1776897444.051:307): avc: denied { ioctl } for pid=6863 comm="syz.1.279" path="socket:[17737]" dev="sockfs" ino=17737 ioctlcmd=0x4d12 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 90.308403][ T40] audit: type=1400 audit(1776897444.181:308): avc: denied { getopt } for pid=6869 comm="syz.0.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 90.485475][ T40] audit: type=1400 audit(1776897444.351:309): avc: denied { bind } for pid=6887 comm="syz.2.285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 91.014102][ T6863] delete_channel: no stack [ 91.105804][ T6927] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6927 comm=syz.3.289 [ 91.208952][ T6933] FAULT_INJECTION: forcing a failure. [ 91.208952][ T6933] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 91.214896][ T6933] CPU: 2 UID: 0 PID: 6933 Comm: syz.1.291 Not tainted syzkaller #0 PREEMPT(full) [ 91.214921][ T6933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 91.214997][ T6933] Call Trace: [ 91.215006][ T6933] [ 91.215015][ T6933] dump_stack_lvl+0x100/0x190 [ 91.215770][ T6933] should_fail_ex.cold+0x5/0xa [ 91.216123][ T6933] _copy_from_iter+0x1f4/0x1690 [ 91.216473][ T6933] ? __asan_memset+0x23/0x50 [ 91.216726][ T6933] ? __alloc_skb+0x4e9/0x710 [ 91.216943][ T6933] ? __pfx__copy_from_iter+0x10/0x10 [ 91.216966][ T6933] ? __pfx___alloc_skb+0x10/0x10 [ 91.216990][ T6933] ? find_held_lock+0x2b/0x80 [ 91.217127][ T6933] ? skb_page_frag_refill+0x309/0x4b0 [ 91.217154][ T6933] ? sk_page_frag_refill+0x6c/0x340 [ 91.217180][ T6933] tcp_sendmsg_locked+0xcab/0x4500 [ 91.217285][ T6933] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 91.217310][ T6933] ? do_raw_spin_lock+0x128/0x260 [ 91.217336][ T6933] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 91.217364][ T6933] ? __local_bh_enable_ip+0x9e/0x120 [ 91.217452][ T6933] tcp_sendmsg+0x2e/0x50 [ 91.217474][ T6933] ? __pfx_tcp_sendmsg+0x10/0x10 [ 91.217497][ T6933] inet_sendmsg+0xb9/0x140 [ 91.217521][ T6933] __sys_sendto+0x446/0x4b0 [ 91.217546][ T6933] ? __pfx_inet_sendmsg+0x10/0x10 [ 91.217567][ T6933] ? __pfx___sys_sendto+0x10/0x10 [ 91.217612][ T6933] ? ksys_write+0x1ac/0x250 [ 91.217821][ T6933] ? __pfx_ksys_write+0x10/0x10 [ 91.217842][ T6933] __x64_sys_sendto+0xe0/0x1c0 [ 91.217867][ T6933] ? do_syscall_64+0x90/0xf80 [ 91.217893][ T6933] ? lockdep_hardirqs_on+0x78/0x100 [ 91.217917][ T6933] do_syscall_64+0x10b/0xf80 [ 91.217943][ T6933] ? clear_bhb_loop+0x40/0x90 [ 91.217968][ T6933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.217986][ T6933] RIP: 0033:0x7f932079c819 [ 91.218006][ T6933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 91.218022][ T6933] RSP: 002b:00007f9321593028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 91.218042][ T6933] RAX: ffffffffffffffda RBX: 00007f9320a15fa0 RCX: 00007f932079c819 [ 91.218051][ T6933] RDX: 0000000000000381 RSI: 00002000000004c0 RDI: 0000000000000003 [ 91.218059][ T6933] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 91.218068][ T6933] R10: 0000000000000805 R11: 0000000000000246 R12: 0000000000000001 [ 91.218075][ T6933] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 91.218093][ T6933] [ 91.764374][ T40] audit: type=1400 audit(1776897445.631:310): avc: denied { watch watch_reads } for pid=6956 comm="syz.3.300" path="/64/control" dev="tmpfs" ino=359 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 91.832938][ T40] audit: type=1400 audit(1776897445.701:311): avc: denied { getopt } for pid=6962 comm="syz.3.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 91.844075][ T6963] dlm: non-version read from control device 0 [ 91.924302][ T6966] netlink: 20 bytes leftover after parsing attributes in process `syz.1.303'. [ 91.929531][ T6966] Unknown options in mask b7f2 [ 91.943242][ T6966] netlink: 'syz.1.303': attribute type 62 has an invalid length. [ 92.047345][ T1347] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 92.051663][ T40] audit: type=1400 audit(1776897445.921:312): avc: denied { listen } for pid=6962 comm="syz.3.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 92.197041][ T40] audit: type=1400 audit(1776897446.071:313): avc: denied { ioctl } for pid=6972 comm="syz.1.305" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 ioctlcmd=0x586d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 92.207550][ T1347] usb 7-1: not running at top speed; connect to a high speed hub [ 92.211148][ T6975] FAULT_INJECTION: forcing a failure. [ 92.211148][ T6975] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.213479][ T1347] usb 7-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2 [ 92.215693][ T6975] CPU: 1 UID: 0 PID: 6975 Comm: syz.0.306 Not tainted syzkaller #0 PREEMPT(full) [ 92.215711][ T6975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 92.215751][ T6975] Call Trace: [ 92.215757][ T6975] [ 92.215762][ T6975] dump_stack_lvl+0x100/0x190 [ 92.216156][ T6975] should_fail_ex.cold+0x5/0xa [ 92.216400][ T6975] _copy_from_iter+0x1f4/0x1690 [ 92.216801][ T6975] ? __asan_memset+0x23/0x50 [ 92.217080][ T6975] ? __pfx__copy_from_iter+0x10/0x10 [ 92.217095][ T6975] ? __pfx___alloc_skb+0x10/0x10 [ 92.217316][ T6975] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 92.217435][ T6975] netlink_sendmsg+0x808/0xda0 [ 92.217453][ T6975] ? __pfx_netlink_sendmsg+0x10/0x10 [ 92.217466][ T6975] ? __might_fault+0x30/0x140 [ 92.217604][ T6975] ____sys_sendmsg+0x9e1/0xb70 [ 92.217618][ T6975] ? __pfx_netlink_sendmsg+0x10/0x10 [ 92.217633][ T6975] ? __pfx_____sys_sendmsg+0x10/0x10 [ 92.217653][ T6975] ___sys_sendmsg+0x190/0x1e0 [ 92.217669][ T6975] ? __pfx____sys_sendmsg+0x10/0x10 [ 92.217701][ T6975] __sys_sendmsg+0x170/0x220 [ 92.217720][ T6975] ? __pfx___sys_sendmsg+0x10/0x10 [ 92.217745][ T6975] ? rcu_is_watching+0x12/0xc0 [ 92.217992][ T6975] do_syscall_64+0x10b/0xf80 [ 92.218009][ T6975] ? clear_bhb_loop+0x40/0x90 [ 92.218025][ T6975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.218038][ T6975] RIP: 0033:0x7f0876d9c819 [ 92.218106][ T6975] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 92.218119][ T6975] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.218132][ T6975] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 92.218140][ T6975] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 92.218147][ T6975] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 92.218153][ T6975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.218160][ T6975] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 92.218175][ T6975] [ 92.298315][ T1347] usb 7-1: New USB device found, idVendor=0944, idProduct=0201, bcdDevice= 0.40 [ 92.301507][ T1347] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.304217][ T1347] usb 7-1: Product: syz [ 92.306151][ T1347] usb 7-1: Manufacturer: syz [ 92.307947][ T1347] usb 7-1: SerialNumber: syz [ 92.457046][ T40] audit: type=1800 audit(1776897446.321:314): pid=6980 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.308" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 92.537262][ T1347] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 92.541532][ T1347] usb 7-1: MIDIStreaming interface descriptor not found [ 92.591469][ T1347] usb 7-1: USB disconnect, device number 2 [ 92.630664][ T5955] udevd[5955]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 92.882772][ T40] audit: type=1400 audit(1776897446.751:315): avc: denied { name_bind } for pid=6999 comm="syz.0.315" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 92.889738][ T7000] veth1_macvtap: left promiscuous mode [ 92.991225][ T40] audit: type=1400 audit(1776897446.861:316): avc: denied { search } for pid=5658 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.001658][ T40] audit: type=1400 audit(1776897446.861:317): avc: denied { search } for pid=5658 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.013492][ T40] audit: type=1400 audit(1776897446.861:318): avc: denied { search } for pid=5658 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.033800][ T40] audit: type=1400 audit(1776897446.861:319): avc: denied { search } for pid=5658 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.046629][ T40] audit: type=1400 audit(1776897446.861:320): avc: denied { search } for pid=5658 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.054065][ T40] audit: type=1400 audit(1776897446.861:321): avc: denied { search } for pid=5658 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 93.200682][ T5658] veth1_macvtap: entered promiscuous mode [ 93.443773][ T2314] cfg80211: failed to load regulatory.db [ 93.648933][ T7032] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 93.682983][ T7034] FAULT_INJECTION: forcing a failure. [ 93.682983][ T7034] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 93.689077][ T7034] CPU: 3 UID: 0 PID: 7034 Comm: syz.2.322 Not tainted syzkaller #0 PREEMPT(full) [ 93.689099][ T7034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 93.689107][ T7034] Call Trace: [ 93.689113][ T7034] [ 93.689119][ T7034] dump_stack_lvl+0x100/0x190 [ 93.689145][ T7034] should_fail_ex.cold+0x5/0xa [ 93.689166][ T7034] _copy_to_user+0x32/0xd0 [ 93.689197][ T7034] bpf_prog_test_run_syscall+0x5ea/0xad0 [ 93.689217][ T7034] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 93.689234][ T7034] ? fput+0x79/0x100 [ 93.689346][ T7034] ? __bpf_prog_get+0x97/0x2a0 [ 93.689448][ T7034] ? __pfx_bpf_prog_test_run_syscall+0x10/0x10 [ 93.689489][ T7034] __sys_bpf+0x1725/0x4b90 [ 93.689512][ T7034] ? __pfx___sys_bpf+0x10/0x10 [ 93.689531][ T7034] ? proc_fail_nth_write+0x9f/0x220 [ 93.689626][ T7034] ? find_held_lock+0x2b/0x80 [ 93.689715][ T7034] ? find_held_lock+0x2b/0x80 [ 93.689727][ T7034] ? ksys_write+0x190/0x250 [ 93.689739][ T7034] ? ksys_write+0x190/0x250 [ 93.689755][ T7034] ? __pfx___cant_migrate+0x10/0x10 [ 93.689841][ T7034] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 93.689957][ T7034] ? ksys_write+0x1ac/0x250 [ 93.689981][ T7034] ? __pfx_ksys_write+0x10/0x10 [ 93.690007][ T7034] __x64_sys_bpf+0x7b/0xc0 [ 93.690026][ T7034] do_syscall_64+0x10b/0xf80 [ 93.690055][ T7034] ? clear_bhb_loop+0x40/0x90 [ 93.690082][ T7034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.690105][ T7034] RIP: 0033:0x7fcf2e99c819 [ 93.690127][ T7034] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 93.690147][ T7034] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 93.690170][ T7034] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 93.690190][ T7034] RDX: 0000000000000048 RSI: 0000200000000500 RDI: 000000000000000a [ 93.690204][ T7034] RBP: 00007fcf2f7b4090 R08: 0000000000000000 R09: 0000000000000000 [ 93.690216][ T7034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 93.690229][ T7034] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 93.690259][ T7034] [ 93.810899][ T7036] f2fs: Unknown parameter 'usrquota' [ 93.980062][ T7044] netlink: 12 bytes leftover after parsing attributes in process `syz.2.326'. [ 94.012682][ T7044] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=7044 comm=syz.2.326 [ 94.117652][ T7048] netlink: 12 bytes leftover after parsing attributes in process `syz.2.327'. [ 94.146715][ T3580] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 94.308274][ T3580] usb 5-1: not running at top speed; connect to a high speed hub [ 94.313341][ T3580] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2 [ 94.320273][ T3580] usb 5-1: New USB device found, idVendor=0944, idProduct=0201, bcdDevice= 0.40 [ 94.323954][ T3580] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.327644][ T3580] usb 5-1: Product: syz [ 94.329597][ T3580] usb 5-1: Manufacturer: syz [ 94.331607][ T3580] usb 5-1: SerialNumber: syz [ 94.568206][ T7059] netlink: 12 bytes leftover after parsing attributes in process `syz.3.332'. [ 94.590157][ T3580] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 94.598582][ T3580] usb 5-1: MIDIStreaming interface descriptor not found [ 94.671548][ T3580] usb 5-1: USB disconnect, device number 3 [ 94.708998][ T5955] udevd[5955]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 95.210394][ T7075] kvm: pic: single mode not supported [ 95.210477][ T7075] kvm: pic: level sensitive irq not supported [ 95.242229][ T7075] kvm: pic: non byte write [ 95.324034][ T7082] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 95.557411][ T7104] netlink: 12 bytes leftover after parsing attributes in process `syz.1.343'. [ 95.599796][ T7102] block nbd3: Device being setup by another task [ 95.603935][ T7096] block nbd3: shutting down sockets [ 95.630383][ T7104] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5121 sclass=netlink_route_socket pid=7104 comm=syz.1.343 [ 95.665116][ T7110] comedi comedi3: comedi_config --init_data is deprecated [ 95.893598][ T7117] FAULT_INJECTION: forcing a failure. [ 95.893598][ T7117] name failslab, interval 1, probability 0, space 0, times 0 [ 95.902253][ T7117] CPU: 1 UID: 0 PID: 7117 Comm: syz.1.347 Not tainted syzkaller #0 PREEMPT(full) [ 95.902282][ T7117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 95.902294][ T7117] Call Trace: [ 95.902301][ T7117] [ 95.902309][ T7117] dump_stack_lvl+0x100/0x190 [ 95.902342][ T7117] should_fail_ex.cold+0x5/0xa [ 95.902376][ T7117] should_failslab+0xc2/0x120 [ 95.902398][ T7117] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 95.902427][ T7117] ? dev_exception_add+0x77/0x510 [ 95.902474][ T7117] kmemdup_noprof+0x29/0x60 [ 95.902741][ T7117] dev_exception_add+0x77/0x510 [ 95.902760][ T7117] ? bpf_lsm_capable+0x9/0x10 [ 95.903101][ T7117] ? security_capable+0x80/0x260 [ 95.903487][ T7117] devcgroup_update_access+0x753/0x15b0 [ 95.903512][ T7117] ? check_noncircular+0x97/0x160 [ 95.903536][ T7117] ? __pfx_devcgroup_update_access+0x10/0x10 [ 95.903587][ T7117] ? kernfs_root+0xee/0x2a0 [ 95.903615][ T7117] ? kernfs_root+0xf8/0x2a0 [ 95.903636][ T7117] ? kernfs_root_flags+0x19/0x60 [ 95.903663][ T7117] devcgroup_access_write+0xad/0x120 [ 95.903685][ T7117] cgroup_file_write+0x1e6/0x8a0 [ 95.903712][ T7117] ? __pfx_devcgroup_access_write+0x10/0x10 [ 95.903735][ T7117] ? __pfx_cgroup_file_write+0x10/0x10 [ 95.903767][ T7117] kernfs_fop_write_iter+0x3e0/0x5f0 [ 95.903793][ T7117] ? __pfx_cgroup_file_write+0x10/0x10 [ 95.903820][ T7117] vfs_write+0x6ac/0x1070 [ 95.903841][ T7117] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 95.903870][ T7117] ? __pfx_vfs_write+0x10/0x10 [ 95.903909][ T7117] ksys_write+0x12a/0x250 [ 95.903929][ T7117] ? __pfx_ksys_write+0x10/0x10 [ 95.903950][ T7117] ? rcu_is_watching+0x12/0xc0 [ 95.903982][ T7117] do_syscall_64+0x10b/0xf80 [ 95.904006][ T7117] ? clear_bhb_loop+0x40/0x90 [ 95.904030][ T7117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.904049][ T7117] RIP: 0033:0x7f932079c819 [ 95.904066][ T7117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 95.904084][ T7117] RSP: 002b:00007f9321593028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 95.904103][ T7117] RAX: ffffffffffffffda RBX: 00007f9320a15fa0 RCX: 00007f932079c819 [ 95.904115][ T7117] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000004 [ 95.904125][ T7117] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 95.904135][ T7117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.904146][ T7117] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 95.904171][ T7117] [ 96.329873][ T7124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.350'. [ 96.378410][ T7128] ipt_rpfilter: unknown options [ 96.567306][ T7139] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 96.572902][ T7141] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 96.674588][ T7147] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 96.715794][ T7147] netlink: 'syz.3.358': attribute type 11 has an invalid length. [ 96.717567][ T3580] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 97.054875][ T3580] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 97.059395][ T3580] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 97.062810][ T3580] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 97.066010][ T3580] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.102565][ T7137] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 97.116211][ T3580] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 97.354895][ T3580] usb 6-1: USB disconnect, device number 4 [ 97.636636][ T40] kauditd_printk_skb: 39 callbacks suppressed [ 97.636797][ T40] audit: type=1400 audit(1776897451.501:361): avc: denied { read } for pid=7160 comm="syz.3.362" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 97.658086][ T40] audit: type=1400 audit(1776897451.501:362): avc: denied { open } for pid=7160 comm="syz.3.362" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 97.749938][ T7161] bridge: RTM_NEWNEIGH with invalid ether address [ 97.941235][ T7167] FAULT_INJECTION: forcing a failure. [ 97.941235][ T7167] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 97.947783][ T7167] CPU: 3 UID: 0 PID: 7167 Comm: syz.2.363 Tainted: G L syzkaller #0 PREEMPT(full) [ 97.947814][ T7167] Tainted: [L]=SOFTLOCKUP [ 97.947820][ T7167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 97.947937][ T7167] Call Trace: [ 97.947946][ T7167] [ 97.947955][ T7167] dump_stack_lvl+0x100/0x190 [ 97.950260][ T7167] should_fail_ex.cold+0x5/0xa [ 97.951015][ T7167] _copy_from_user+0x2e/0xd0 [ 97.951692][ T7167] msr_io+0x93/0x480 [ 97.951858][ T7167] ? __pfx_do_get_msr+0x10/0x10 [ 97.951887][ T7167] ? __pfx_msr_io+0x10/0x10 [ 97.951912][ T7167] ? __pfx_widen_string+0x10/0x10 [ 97.952248][ T7167] ? __kernel_text_address+0xd/0x30 [ 97.952755][ T7167] kvm_arch_vcpu_ioctl+0x1950/0x5730 [ 97.952781][ T7167] ? kvm_arch_vcpu_ioctl+0x1928/0x5730 [ 97.952810][ T7167] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 97.952826][ T7167] ? __pfx_stack_trace_save+0x10/0x10 [ 97.952996][ T7167] ? stack_depot_save_flags+0x27/0x9d0 [ 97.953016][ T7167] ? __lock_acquire+0x4a5/0x2630 [ 97.953194][ T7167] ? tomoyo_path_number_perm+0x46d/0x580 [ 97.953349][ T7167] ? __lock_acquire+0x4a5/0x2630 [ 97.953362][ T7167] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.953380][ T7167] ? lock_acquire+0x1b1/0x370 [ 97.953396][ T7167] ? rcu_is_watching+0x12/0xc0 [ 97.953594][ T7167] ? trace_contention_end+0x122/0x170 [ 97.953612][ T7167] ? __mutex_lock+0x26d/0x1b10 [ 97.953628][ T7167] ? kvm_vcpu_ioctl+0x322/0x1720 [ 97.953795][ T7167] ? __pfx___mutex_lock+0x10/0x10 [ 97.953819][ T7167] ? kasan_quarantine_put+0x104/0x240 [ 97.954470][ T7167] ? tomoyo_path_number_perm+0x28f/0x580 [ 97.954497][ T7167] ? tomoyo_path_number_perm+0x188/0x580 [ 97.954520][ T7167] ? kvm_vcpu_ioctl+0x8a0/0x1720 [ 97.954538][ T7167] kvm_vcpu_ioctl+0x8a0/0x1720 [ 97.954562][ T7167] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 97.954583][ T7167] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 97.954798][ T7167] ? do_vfs_ioctl+0x226/0x13e0 [ 97.955009][ T7167] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 97.955028][ T7167] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 97.955061][ T7167] ? __fget_files+0x215/0x3d0 [ 97.955084][ T7167] ? hook_file_ioctl_common+0x149/0x410 [ 97.955120][ T7167] ? selinux_file_ioctl+0x13b/0x290 [ 97.955142][ T7167] ? selinux_file_ioctl+0xb6/0x290 [ 97.955172][ T7167] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 97.955191][ T7167] __x64_sys_ioctl+0x18e/0x210 [ 97.955204][ T7167] do_syscall_64+0x10b/0xf80 [ 97.955220][ T7167] ? clear_bhb_loop+0x40/0x90 [ 97.955234][ T7167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.955246][ T7167] RIP: 0033:0x7fcf2e99c819 [ 97.955462][ T7167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 97.955474][ T7167] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 97.955486][ T7167] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 97.955493][ T7167] RDX: 0000200000000040 RSI: 00000000c008ae88 RDI: 0000000000000005 [ 97.955500][ T7167] RBP: 00007fcf2f7b4090 R08: 0000000000000000 R09: 0000000000000000 [ 97.955506][ T7167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.955512][ T7167] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 97.955527][ T7167] [ 98.229452][ T40] audit: type=1400 audit(1776897452.101:363): avc: denied { create } for pid=7173 comm="syz.2.365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 98.398384][ T40] audit: type=1400 audit(1776897452.261:364): avc: denied { create } for pid=7188 comm="syz.1.372" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 98.407037][ T40] audit: type=1400 audit(1776897452.261:365): avc: denied { write } for pid=7188 comm="syz.1.372" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 98.422220][ T40] audit: type=1400 audit(1776897452.261:366): avc: denied { ioctl } for pid=7188 comm="syz.1.372" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9375 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 98.569140][ T7203] FAULT_INJECTION: forcing a failure. [ 98.569140][ T7203] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.575853][ T7203] CPU: 2 UID: 0 PID: 7203 Comm: syz.0.377 Tainted: G L syzkaller #0 PREEMPT(full) [ 98.575880][ T7203] Tainted: [L]=SOFTLOCKUP [ 98.575885][ T7203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 98.575897][ T7203] Call Trace: [ 98.575904][ T7203] [ 98.575910][ T7203] dump_stack_lvl+0x100/0x190 [ 98.575943][ T7203] should_fail_ex.cold+0x5/0xa [ 98.575970][ T7203] _copy_from_user+0x2e/0xd0 [ 98.575995][ T7203] vhost_dev_ioctl+0x541/0xe20 [ 98.576564][ T7203] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 98.576581][ T7203] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 98.576598][ T7203] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 98.576617][ T7203] vhost_vsock_dev_ioctl+0x320/0xb60 [ 98.576628][ T7203] ? __fget_files+0x215/0x3d0 [ 98.576641][ T7203] ? hook_file_ioctl_common+0x149/0x410 [ 98.576661][ T7203] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 98.576675][ T7203] ? selinux_file_ioctl+0xb6/0x290 [ 98.576688][ T7203] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 98.576700][ T7203] __x64_sys_ioctl+0x18e/0x210 [ 98.576712][ T7203] do_syscall_64+0x10b/0xf80 [ 98.576728][ T7203] ? clear_bhb_loop+0x40/0x90 [ 98.576741][ T7203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.576753][ T7203] RIP: 0033:0x7f0876d9c819 [ 98.576764][ T7203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 98.576774][ T7203] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 98.576786][ T7203] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 98.576793][ T7203] RDX: 0000200000000040 RSI: 000000004008af04 RDI: 0000000000000003 [ 98.576799][ T7203] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 98.576805][ T7203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 98.576811][ T7203] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 98.576825][ T7203] [ 98.737989][ T7208] xt_hashlimit: size too large, truncated to 1048576 [ 98.803182][ T7215] xt_hashlimit: size too large, truncated to 1048576 [ 98.805816][ T40] audit: type=1400 audit(1776897452.671:367): avc: denied { connect } for pid=7214 comm="syz.1.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 98.868792][ T7220] FAULT_INJECTION: forcing a failure. [ 98.868792][ T7220] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.874893][ T7220] CPU: 2 UID: 0 PID: 7220 Comm: syz.1.382 Tainted: G L syzkaller #0 PREEMPT(full) [ 98.874923][ T7220] Tainted: [L]=SOFTLOCKUP [ 98.874928][ T7220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 98.874938][ T7220] Call Trace: [ 98.874952][ T7220] [ 98.874959][ T7220] dump_stack_lvl+0x100/0x190 [ 98.874987][ T7220] should_fail_ex.cold+0x5/0xa [ 98.875013][ T7220] strncpy_from_user+0x3b/0x2d0 [ 98.875039][ T7220] do_getname+0x78/0x390 [ 98.875143][ T7220] delayed_getname+0x20/0x90 [ 98.875160][ T7220] __io_openat_prep+0x16f/0x3d0 [ 98.875180][ T7220] io_submit_sqes+0x9ea/0x24b0 [ 98.875213][ T7220] __do_sys_io_uring_enter+0xa88/0x1b50 [ 98.875240][ T7220] ? __fget_files+0x21f/0x3d0 [ 98.875259][ T7220] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 98.875285][ T7220] ? fput+0x79/0x100 [ 98.875306][ T7220] ? ksys_write+0x1ac/0x250 [ 98.875322][ T7220] ? __pfx_ksys_write+0x10/0x10 [ 98.875341][ T7220] ? rcu_is_watching+0x12/0xc0 [ 98.875368][ T7220] do_syscall_64+0x10b/0xf80 [ 98.875391][ T7220] ? clear_bhb_loop+0x40/0x90 [ 98.875410][ T7220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.875427][ T7220] RIP: 0033:0x7f932079c819 [ 98.875442][ T7220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 98.875457][ T7220] RSP: 002b:00007f9321593028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 98.875474][ T7220] RAX: ffffffffffffffda RBX: 00007f9320a15fa0 RCX: 00007f932079c819 [ 98.875484][ T7220] RDX: 0000000000007721 RSI: 0000000000002219 RDI: 0000000000000000 [ 98.875494][ T7220] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 98.875504][ T7220] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001 [ 98.875512][ T7220] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 98.875535][ T7220] [ 99.083243][ T7229] FAULT_INJECTION: forcing a failure. [ 99.083243][ T7229] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 99.099882][ T7229] CPU: 2 UID: 0 PID: 7229 Comm: syz.1.385 Tainted: G L syzkaller #0 PREEMPT(full) [ 99.099915][ T7229] Tainted: [L]=SOFTLOCKUP [ 99.099921][ T7229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 99.099930][ T7229] Call Trace: [ 99.099937][ T7229] [ 99.099944][ T7229] dump_stack_lvl+0x100/0x190 [ 99.099976][ T7229] should_fail_ex.cold+0x5/0xa [ 99.100001][ T7229] _copy_from_user+0x2e/0xd0 [ 99.100025][ T7229] kstrtouint_from_user+0xd6/0x1d0 [ 99.100041][ T7229] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 99.100065][ T7229] ? __lock_acquire+0x4a5/0x2630 [ 99.100108][ T7229] ? lock_acquire+0x1b1/0x370 [ 99.100132][ T7229] proc_fail_nth_write+0x83/0x220 [ 99.100245][ T7229] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 99.100267][ T7229] vfs_write+0x2aa/0x1070 [ 99.100287][ T7229] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 99.100306][ T7229] ? __pfx_vfs_write+0x10/0x10 [ 99.100322][ T7229] ? __fget_files+0x215/0x3d0 [ 99.100349][ T7229] ? __fget_files+0x21f/0x3d0 [ 99.100376][ T7229] ksys_write+0x12a/0x250 [ 99.100396][ T7229] ? __pfx_ksys_write+0x10/0x10 [ 99.100418][ T7229] ? rcu_is_watching+0x12/0xc0 [ 99.100449][ T7229] do_syscall_64+0x10b/0xf80 [ 99.100475][ T7229] ? clear_bhb_loop+0x40/0x90 [ 99.100498][ T7229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.100516][ T7229] RIP: 0033:0x7f932075d04e [ 99.100533][ T7229] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 99.100550][ T7229] RSP: 002b:00007f9321592fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 99.100570][ T7229] RAX: ffffffffffffffda RBX: 00007f93215936c0 RCX: 00007f932075d04e [ 99.100581][ T7229] RDX: 0000000000000001 RSI: 00007f93215930a0 RDI: 0000000000000004 [ 99.100594][ T7229] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 99.100605][ T7229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 99.100615][ T7229] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 99.100640][ T7229] [ 99.349630][ T6016] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 99.565903][ T6016] usb 8-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 99.570732][ T6016] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.573289][ T6016] usb 8-1: Product: syz [ 99.574638][ T6016] usb 8-1: Manufacturer: syz [ 99.576100][ T6016] usb 8-1: SerialNumber: syz [ 99.727810][ T7241] block nbd0: shutting down sockets [ 99.838898][ T40] audit: type=1400 audit(1776897453.711:368): avc: denied { write } for pid=7246 comm="syz.0.392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 99.848505][ T40] audit: type=1400 audit(1776897453.721:369): avc: denied { write } for pid=7246 comm="syz.0.392" path="socket:[16991]" dev="sockfs" ino=16991 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 99.849099][ T7249] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 100.013862][ T6016] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x04B8 pid 0x0202 [ 100.173419][ T7251] xt_hashlimit: size too large, truncated to 1048576 [ 100.358057][ T40] audit: type=1400 audit(1776897454.231:370): avc: denied { read write } for pid=7222 comm="syz.3.383" name="lp0" dev="devtmpfs" ino=2917 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 100.569127][ T7258] FAULT_INJECTION: forcing a failure. [ 100.569127][ T7258] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 100.573789][ T7258] CPU: 1 UID: 0 PID: 7258 Comm: syz.2.394 Tainted: G L syzkaller #0 PREEMPT(full) [ 100.573808][ T7258] Tainted: [L]=SOFTLOCKUP [ 100.573812][ T7258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 100.573880][ T7258] Call Trace: [ 100.573888][ T7258] [ 100.573893][ T7258] dump_stack_lvl+0x100/0x190 [ 100.574518][ T7258] should_fail_ex.cold+0x5/0xa [ 100.574836][ T7258] _copy_from_iter+0x1f4/0x1690 [ 100.575106][ T7258] ? __asan_memset+0x23/0x50 [ 100.575512][ T7258] ? __pfx__copy_from_iter+0x10/0x10 [ 100.575533][ T7258] ? __pfx___alloc_skb+0x10/0x10 [ 100.575734][ T7258] netlink_sendmsg+0x808/0xda0 [ 100.575854][ T7258] ? __pfx_netlink_sendmsg+0x10/0x10 [ 100.575868][ T7258] ? __might_fault+0x30/0x140 [ 100.575946][ T7258] ____sys_sendmsg+0x9e1/0xb70 [ 100.575959][ T7258] ? __pfx_netlink_sendmsg+0x10/0x10 [ 100.575978][ T7258] ? __pfx_____sys_sendmsg+0x10/0x10 [ 100.575999][ T7258] ___sys_sendmsg+0x190/0x1e0 [ 100.576015][ T7258] ? __pfx____sys_sendmsg+0x10/0x10 [ 100.576047][ T7258] __sys_sendmsg+0x170/0x220 [ 100.576066][ T7258] ? __pfx___sys_sendmsg+0x10/0x10 [ 100.576090][ T7258] ? rcu_is_watching+0x12/0xc0 [ 100.576218][ T7258] do_syscall_64+0x10b/0xf80 [ 100.576238][ T7258] ? clear_bhb_loop+0x40/0x90 [ 100.576255][ T7258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.576268][ T7258] RIP: 0033:0x7fcf2e99c819 [ 100.576281][ T7258] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 100.576293][ T7258] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 100.576307][ T7258] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 100.576315][ T7258] RDX: 0000000002000800 RSI: 0000200000000000 RDI: 0000000000000006 [ 100.576322][ T7258] RBP: 00007fcf2f7b4090 R08: 0000000000000000 R09: 0000000000000000 [ 100.576328][ T7258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.576335][ T7258] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 100.576350][ T7258] [ 100.705066][ T7262] FAULT_INJECTION: forcing a failure. [ 100.705066][ T7262] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 100.710708][ T7262] CPU: 2 UID: 0 PID: 7262 Comm: syz.0.395 Tainted: G L syzkaller #0 PREEMPT(full) [ 100.710729][ T7262] Tainted: [L]=SOFTLOCKUP [ 100.710733][ T7262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 100.710740][ T7262] Call Trace: [ 100.710745][ T7262] [ 100.710750][ T7262] dump_stack_lvl+0x100/0x190 [ 100.710771][ T7262] should_fail_ex.cold+0x5/0xa [ 100.710790][ T7262] _copy_from_user+0x2e/0xd0 [ 100.710807][ T7262] lo_ioctl+0xcc7/0x1bc0 [ 100.711285][ T7262] ? __pfx_lo_ioctl+0x10/0x10 [ 100.711304][ T7262] ? __pfx_avc_has_extended_perms+0x10/0x10 [ 100.711515][ T7262] ? kasan_quarantine_put+0x104/0x240 [ 100.711542][ T7262] ? blk_get_meta_cap+0xd4/0x6c0 [ 100.711569][ T7262] ? __pfx_blk_get_meta_cap+0x10/0x10 [ 100.711600][ T7262] ? blkdev_common_ioctl+0x515/0x2b80 [ 100.711653][ T7262] ? __fget_files+0x215/0x3d0 [ 100.711757][ T7262] ? __pfx_lo_ioctl+0x10/0x10 [ 100.711774][ T7262] blkdev_ioctl+0x5ad/0x6f0 [ 100.711792][ T7262] ? __pfx_blkdev_ioctl+0x10/0x10 [ 100.711808][ T7262] ? selinux_file_ioctl+0x13b/0x290 [ 100.711821][ T7262] ? selinux_file_ioctl+0xb6/0x290 [ 100.711835][ T7262] ? __pfx_blkdev_ioctl+0x10/0x10 [ 100.711852][ T7262] __x64_sys_ioctl+0x18e/0x210 [ 100.711867][ T7262] do_syscall_64+0x10b/0xf80 [ 100.711883][ T7262] ? clear_bhb_loop+0x40/0x90 [ 100.711899][ T7262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.711910][ T7262] RIP: 0033:0x7f0876d9c819 [ 100.711923][ T7262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 100.711937][ T7262] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 100.711949][ T7262] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 100.711957][ T7262] RDX: 00002000000002c0 RSI: 0000000000004c0a RDI: 0000000000000003 [ 100.711964][ T7262] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 100.711970][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.711976][ T7262] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 100.711991][ T7262] [ 100.825179][ T7266] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=32393 sclass=netlink_tcpdiag_socket pid=7266 comm=syz.0.397 [ 100.845048][ T7266] netlink: 120 bytes leftover after parsing attributes in process `syz.0.397'. [ 100.849276][ T7266] netlink: 'syz.0.397': attribute type 1 has an invalid length. [ 100.853281][ T7266] netlink: 64 bytes leftover after parsing attributes in process `syz.0.397'. [ 101.106050][ T7274] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 101.109641][ T7274] [U] J"—e:ÀÆ" [ 101.239210][ T7276] xt_hashlimit: size too large, truncated to 1048576 [ 101.388136][ T7280] FAULT_INJECTION: forcing a failure. [ 101.388136][ T7280] name failslab, interval 1, probability 0, space 0, times 0 [ 101.393741][ T7280] CPU: 2 UID: 0 PID: 7280 Comm: syz.0.401 Tainted: G L syzkaller #0 PREEMPT(full) [ 101.393765][ T7280] Tainted: [L]=SOFTLOCKUP [ 101.393770][ T7280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 101.393778][ T7280] Call Trace: [ 101.393786][ T7280] [ 101.393793][ T7280] dump_stack_lvl+0x100/0x190 [ 101.393817][ T7280] should_fail_ex.cold+0x5/0xa [ 101.393840][ T7280] ? tomoyo_encode2+0xfb/0x3c0 [ 101.393857][ T7280] should_failslab+0xc2/0x120 [ 101.393873][ T7280] __kmalloc_noprof+0xe0/0x850 [ 101.393897][ T7280] tomoyo_encode2+0xfb/0x3c0 [ 101.393915][ T7280] tomoyo_encode+0x29/0x50 [ 101.393936][ T7280] tomoyo_realpath_from_path+0x18c/0x690 [ 101.393956][ T7280] tomoyo_path_number_perm+0x23c/0x580 [ 101.393970][ T7280] ? tomoyo_path_number_perm+0x22e/0x580 [ 101.393984][ T7280] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 101.394013][ T7280] ? find_held_lock+0x2b/0x80 [ 101.394120][ T7280] ? __fget_files+0x215/0x3d0 [ 101.394135][ T7280] ? hook_file_ioctl_common+0x149/0x410 [ 101.394153][ T7280] ? __fget_files+0x215/0x3d0 [ 101.394171][ T7280] ? __fget_files+0x21f/0x3d0 [ 101.394189][ T7280] security_file_ioctl+0xd3/0x230 [ 101.394286][ T7280] __x64_sys_ioctl+0xb7/0x210 [ 101.394302][ T7280] do_syscall_64+0x10b/0xf80 [ 101.394321][ T7280] ? clear_bhb_loop+0x40/0x90 [ 101.394338][ T7280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.394355][ T7280] RIP: 0033:0x7f0876d9c819 [ 101.394373][ T7280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 101.394392][ T7280] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 101.394413][ T7280] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 101.394427][ T7280] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 101.394441][ T7280] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 101.394453][ T7280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.394465][ T7280] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 101.394495][ T7280] [ 101.394521][ T7280] ERROR: Out of memory at tomoyo_realpath_from_path. [ 101.688515][ T78] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1 [ 101.920058][ C0] usblp0: nonzero write bulk status received: -71 [ 101.921446][ T24] usb 8-1: USB disconnect, device number 3 [ 101.939910][ T24] usblp0: removed [ 103.583036][ T7329] FAULT_INJECTION: forcing a failure. [ 103.583036][ T7329] name failslab, interval 1, probability 0, space 0, times 0 [ 103.588992][ T7329] CPU: 0 UID: 0 PID: 7329 Comm: syz.1.418 Tainted: G L syzkaller #0 PREEMPT(full) [ 103.589013][ T7329] Tainted: [L]=SOFTLOCKUP [ 103.589017][ T7329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 103.589073][ T7329] Call Trace: [ 103.589077][ T7329] [ 103.589082][ T7329] dump_stack_lvl+0x100/0x190 [ 103.589736][ T7329] should_fail_ex.cold+0x5/0xa [ 103.590058][ T7329] should_failslab+0xc2/0x120 [ 103.590372][ T7329] __kmalloc_cache_noprof+0x7a/0x6f0 [ 103.590481][ T7329] ? vhost_task_create+0xee/0x370 [ 103.590712][ T7329] ? trace_contention_end+0x122/0x170 [ 103.590791][ T7329] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 103.590921][ T7329] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 103.590940][ T7329] vhost_task_create+0xee/0x370 [ 103.590955][ T7329] ? __pfx_vhost_task_create+0x10/0x10 [ 103.590968][ T7329] ? register_lock_class+0x40/0x560 [ 103.590987][ T7329] ? __pfx_vhost_task_fn+0x10/0x10 [ 103.591002][ T7329] ? __pfx___mutex_lock+0x10/0x10 [ 103.591070][ T7329] ? kasan_quarantine_put+0x104/0x240 [ 103.591091][ T7329] kvm_mmu_post_init_vm+0x1b3/0x370 [ 103.591108][ T7329] kvm_arch_vcpu_ioctl_run+0x66/0x1890 [ 103.591176][ T7329] ? kvm_vcpu_ioctl+0x1546/0x1720 [ 103.591244][ T7329] kvm_vcpu_ioctl+0x730/0x1720 [ 103.591257][ T7329] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 103.591269][ T7329] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 103.591349][ T7329] ? do_vfs_ioctl+0x226/0x13e0 [ 103.591447][ T7329] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 103.591458][ T7329] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 103.592002][ T7329] ? __fget_files+0x215/0x3d0 [ 103.592016][ T7329] ? hook_file_ioctl_common+0x149/0x410 [ 103.592035][ T7329] ? selinux_file_ioctl+0x13b/0x290 [ 103.592047][ T7329] ? selinux_file_ioctl+0xb6/0x290 [ 103.592060][ T7329] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 103.592072][ T7329] __x64_sys_ioctl+0x18e/0x210 [ 103.592084][ T7329] do_syscall_64+0x10b/0xf80 [ 103.592099][ T7329] ? clear_bhb_loop+0x40/0x90 [ 103.592113][ T7329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.592126][ T7329] RIP: 0033:0x7f932079c819 [ 103.592274][ T7329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 103.592285][ T7329] RSP: 002b:00007f9321593028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 103.592297][ T7329] RAX: ffffffffffffffda RBX: 00007f9320a15fa0 RCX: 00007f932079c819 [ 103.592304][ T7329] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 103.592310][ T7329] RBP: 00007f9321593090 R08: 0000000000000000 R09: 0000000000000000 [ 103.592316][ T7329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.592321][ T7329] R13: 00007f9320a16038 R14: 00007f9320a15fa0 R15: 00007fff9f958c38 [ 103.592335][ T7329] [ 103.760575][ T5950] Bluetooth: hci4: command 0x1003 tx timeout [ 103.765171][ T5962] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 103.801437][ T24] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 103.960320][ T24] usb 7-1: not running at top speed; connect to a high speed hub [ 103.979965][ T24] usb 7-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x12, changing to 0x2 [ 103.992810][ T24] usb 7-1: New USB device found, idVendor=0944, idProduct=0201, bcdDevice= 0.40 [ 103.999258][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.002942][ T24] usb 7-1: Product: syz [ 104.005088][ T24] usb 7-1: Manufacturer: syz [ 104.007448][ T24] usb 7-1: SerialNumber: syz [ 104.074194][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 104.074393][ T40] audit: type=1400 audit(1776897457.941:373): avc: denied { create } for pid=7342 comm="syz.1.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 104.084094][ T40] audit: type=1400 audit(1776897457.941:374): avc: denied { write } for pid=7342 comm="syz.1.424" path="socket:[17254]" dev="sockfs" ino=17254 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 104.268797][ T24] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 104.271343][ T24] usb 7-1: MIDIStreaming interface descriptor not found [ 104.336322][ T24] usb 7-1: USB disconnect, device number 3 [ 104.420087][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.424165][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.424203][ T7363] binder: BINDER_SET_CONTEXT_MGR already set [ 104.430185][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.430630][ T7363] binder: 7361:7363 ioctl 4018620d 200000004a80 returned -16 [ 104.430710][ T7363] binder: BINDER_SET_CONTEXT_MGR already set [ 104.434286][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.439577][ T7363] binder: 7361:7363 ioctl 4018620d 200000004a80 returned -16 [ 104.443489][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.445411][ T7363] binder: BINDER_SET_CONTEXT_MGR already set [ 104.448857][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.451885][ T7363] binder: 7361:7363 ioctl 4018620d 200000004a80 returned -16 [ 104.453982][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.456181][ T7363] binder: BINDER_SET_CONTEXT_MGR already set [ 104.460269][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.462378][ T7363] binder: 7361:7363 ioctl 4018620d 200000004a80 returned -16 [ 104.465783][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.468151][ T7363] binder: BINDER_SET_CONTEXT_MGR already set [ 104.471851][ T7362] binder_alloc: binder_alloc_mmap_handler: 7361 200000ffd000-200001000000 already mapped failed -16 [ 104.473616][ T7363] binder: 7361:7363 ioctl 4018620d 200000004a80 returned -16 [ 105.254344][ T7387] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3482940618 (6965881236 ns) > initial count (504378442 ns). Using initial count to start timer. [ 105.264787][ T7387] FAULT_INJECTION: forcing a failure. [ 105.264787][ T7387] name failslab, interval 1, probability 0, space 0, times 0 [ 105.270858][ T7387] CPU: 2 UID: 0 PID: 7387 Comm: syz.3.434 Tainted: G L syzkaller #0 PREEMPT(full) [ 105.270878][ T7387] Tainted: [L]=SOFTLOCKUP [ 105.270881][ T7387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 105.270944][ T7387] Call Trace: [ 105.270963][ T7387] [ 105.270967][ T7387] dump_stack_lvl+0x100/0x190 [ 105.271536][ T7387] should_fail_ex.cold+0x5/0xa [ 105.271817][ T7387] should_failslab+0xc2/0x120 [ 105.272179][ T7387] __kmalloc_cache_noprof+0x7a/0x6f0 [ 105.272252][ T7387] ? vhost_task_create+0xee/0x370 [ 105.272388][ T7387] ? trace_contention_end+0x122/0x170 [ 105.272471][ T7387] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 105.272559][ T7387] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 105.272582][ T7387] vhost_task_create+0xee/0x370 [ 105.272607][ T7387] ? __pfx_vhost_task_create+0x10/0x10 [ 105.272630][ T7387] ? register_lock_class+0x40/0x560 [ 105.272659][ T7387] ? __pfx_vhost_task_fn+0x10/0x10 [ 105.272685][ T7387] ? __pfx___mutex_lock+0x10/0x10 [ 105.272722][ T7387] ? kasan_quarantine_put+0x104/0x240 [ 105.272755][ T7387] kvm_mmu_post_init_vm+0x1b3/0x370 [ 105.272781][ T7387] kvm_arch_vcpu_ioctl_run+0x66/0x1890 [ 105.272867][ T7387] ? kvm_vcpu_ioctl+0x1546/0x1720 [ 105.272959][ T7387] kvm_vcpu_ioctl+0x730/0x1720 [ 105.272982][ T7387] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 105.273001][ T7387] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 105.273089][ T7387] ? do_vfs_ioctl+0x226/0x13e0 [ 105.273168][ T7387] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 105.273187][ T7387] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 105.273420][ T7387] ? __fget_files+0x215/0x3d0 [ 105.273441][ T7387] ? hook_file_ioctl_common+0x149/0x410 [ 105.273472][ T7387] ? selinux_file_ioctl+0x13b/0x290 [ 105.273491][ T7387] ? selinux_file_ioctl+0xb6/0x290 [ 105.273509][ T7387] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 105.273528][ T7387] __x64_sys_ioctl+0x18e/0x210 [ 105.273550][ T7387] do_syscall_64+0x10b/0xf80 [ 105.273572][ T7387] ? clear_bhb_loop+0x40/0x90 [ 105.273595][ T7387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.273612][ T7387] RIP: 0033:0x7fb64139c819 [ 105.273690][ T7387] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 105.273707][ T7387] RSP: 002b:00007fb6421c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 105.273724][ T7387] RAX: ffffffffffffffda RBX: 00007fb641615fa0 RCX: 00007fb64139c819 [ 105.273734][ T7387] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 105.273744][ T7387] RBP: 00007fb6421c2090 R08: 0000000000000000 R09: 0000000000000000 [ 105.273754][ T7387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.273764][ T7387] R13: 00007fb641616038 R14: 00007fb641615fa0 R15: 00007ffeadf3e568 [ 105.273788][ T7387] [ 105.581488][ T7412] tc_dump_action: action bad kind [ 105.837526][ T40] audit: type=1400 audit(1776897459.711:375): avc: denied { read } for pid=7424 comm="syz.2.445" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 105.839573][ T7425] netlink: 20 bytes leftover after parsing attributes in process `syz.1.446'. [ 105.851656][ T7425] Unknown options in mask b7f2 [ 105.860049][ T7426] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22 [ 105.866405][ T7426] program syz.2.445 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 105.883707][ T7428] netlink: 'syz.1.447': attribute type 4 has an invalid length. [ 105.984465][ T7433] FAULT_INJECTION: forcing a failure. [ 105.984465][ T7433] name failslab, interval 1, probability 0, space 0, times 0 [ 105.989935][ T7433] CPU: 0 UID: 0 PID: 7433 Comm: syz.2.449 Tainted: G L syzkaller #0 PREEMPT(full) [ 105.989956][ T7433] Tainted: [L]=SOFTLOCKUP [ 105.989960][ T7433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 105.989968][ T7433] Call Trace: [ 105.989978][ T7433] [ 105.989983][ T7433] dump_stack_lvl+0x100/0x190 [ 105.990006][ T7433] should_fail_ex.cold+0x5/0xa [ 105.990024][ T7433] should_failslab+0xc2/0x120 [ 105.990040][ T7433] __kmalloc_cache_noprof+0x7a/0x6f0 [ 105.990056][ T7433] ? vhost_task_create+0xee/0x370 [ 105.990074][ T7433] ? trace_contention_end+0x122/0x170 [ 105.990092][ T7433] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 105.990113][ T7433] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 105.990128][ T7433] vhost_task_create+0xee/0x370 [ 105.990144][ T7433] ? __pfx_vhost_task_create+0x10/0x10 [ 105.990159][ T7433] ? register_lock_class+0x40/0x560 [ 105.990179][ T7433] ? __pfx_vhost_task_fn+0x10/0x10 [ 105.990196][ T7433] ? __pfx___mutex_lock+0x10/0x10 [ 105.990215][ T7433] ? kasan_quarantine_put+0x104/0x240 [ 105.990238][ T7433] kvm_mmu_post_init_vm+0x1b3/0x370 [ 105.990256][ T7433] kvm_arch_vcpu_ioctl_run+0x66/0x1890 [ 105.990274][ T7433] ? kvm_vcpu_ioctl+0x1546/0x1720 [ 105.990291][ T7433] kvm_vcpu_ioctl+0x730/0x1720 [ 105.990306][ T7433] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 105.990319][ T7433] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 105.990335][ T7433] ? do_vfs_ioctl+0x226/0x13e0 [ 105.990349][ T7433] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 105.990361][ T7433] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 105.990382][ T7433] ? __fget_files+0x215/0x3d0 [ 105.990396][ T7433] ? hook_file_ioctl_common+0x149/0x410 [ 105.990417][ T7433] ? selinux_file_ioctl+0x13b/0x290 [ 105.990430][ T7433] ? selinux_file_ioctl+0xb6/0x290 [ 105.990447][ T7433] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 105.990461][ T7433] __x64_sys_ioctl+0x18e/0x210 [ 105.990474][ T7433] do_syscall_64+0x10b/0xf80 [ 105.990490][ T7433] ? clear_bhb_loop+0x40/0x90 [ 105.990505][ T7433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.990518][ T7433] RIP: 0033:0x7fcf2e99c819 [ 105.990529][ T7433] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 105.990541][ T7433] RSP: 002b:00007fcf2f7b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 105.990581][ T7433] RAX: ffffffffffffffda RBX: 00007fcf2ec15fa0 RCX: 00007fcf2e99c819 [ 105.990589][ T7433] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 105.990596][ T7433] RBP: 00007fcf2f7b4090 R08: 0000000000000000 R09: 0000000000000000 [ 105.990603][ T7433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.990609][ T7433] R13: 00007fcf2ec16038 R14: 00007fcf2ec15fa0 R15: 00007ffe4b0eebf8 [ 105.990628][ T7433] [ 106.013847][ T40] audit: type=1400 audit(1776897459.881:376): avc: denied { mount } for pid=7429 comm="syz.0.448" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 106.017391][ T7442] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 106.113624][ T40] audit: type=1400 audit(1776897459.981:377): avc: denied { watch watch_reads } for pid=7429 comm="syz.0.448" path="pipe:[20295]" dev="pipefs" ino=20295 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 106.155250][ T40] audit: type=1400 audit(1776897460.021:378): avc: denied { unmount } for pid=5952 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 106.232932][ T7449] team0 (unregistering): Port device team_slave_0 removed [ 106.241562][ T7449] team0 (unregistering): Port device team_slave_1 removed [ 106.403392][ T7459] netlink: 'syz.2.459': attribute type 11 has an invalid length. [ 106.405937][ T7459] netlink: 44 bytes leftover after parsing attributes in process `syz.2.459'. [ 106.532384][ T7468] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 106.535445][ T7468] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 106.611986][ T7473] FAULT_INJECTION: forcing a failure. [ 106.611986][ T7473] name failslab, interval 1, probability 0, space 0, times 0 [ 106.618005][ T7473] CPU: 2 UID: 0 PID: 7473 Comm: syz.0.465 Tainted: G L syzkaller #0 PREEMPT(full) [ 106.618037][ T7473] Tainted: [L]=SOFTLOCKUP [ 106.618043][ T7473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 106.618053][ T7473] Call Trace: [ 106.618060][ T7473] [ 106.618067][ T7473] dump_stack_lvl+0x100/0x190 [ 106.618124][ T7473] should_fail_ex.cold+0x5/0xa [ 106.618150][ T7473] should_failslab+0xc2/0x120 [ 106.618170][ T7473] __kmalloc_cache_noprof+0x7a/0x6f0 [ 106.618191][ T7473] ? vhost_task_create+0xee/0x370 [ 106.618215][ T7473] ? trace_contention_end+0x122/0x170 [ 106.618241][ T7473] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 106.618269][ T7473] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 106.618290][ T7473] vhost_task_create+0xee/0x370 [ 106.618310][ T7473] ? __pfx_vhost_task_create+0x10/0x10 [ 106.618331][ T7473] ? register_lock_class+0x40/0x560 [ 106.618359][ T7473] ? __pfx_vhost_task_fn+0x10/0x10 [ 106.618384][ T7473] ? __pfx___mutex_lock+0x10/0x10 [ 106.618411][ T7473] ? kasan_quarantine_put+0x104/0x240 [ 106.618441][ T7473] kvm_mmu_post_init_vm+0x1b3/0x370 [ 106.618470][ T7473] kvm_arch_vcpu_ioctl_run+0x66/0x1890 [ 106.618495][ T7473] ? kvm_vcpu_ioctl+0x1546/0x1720 [ 106.618518][ T7473] kvm_vcpu_ioctl+0x730/0x1720 [ 106.618539][ T7473] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 106.618585][ T7473] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 106.618606][ T7473] ? do_vfs_ioctl+0x226/0x13e0 [ 106.618625][ T7473] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 106.618640][ T7473] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 106.618668][ T7473] ? __fget_files+0x215/0x3d0 [ 106.618688][ T7473] ? hook_file_ioctl_common+0x149/0x410 [ 106.618719][ T7473] ? selinux_file_ioctl+0x13b/0x290 [ 106.618756][ T7473] ? selinux_file_ioctl+0xb6/0x290 [ 106.618776][ T7473] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 106.618794][ T7473] __x64_sys_ioctl+0x18e/0x210 [ 106.618814][ T7473] do_syscall_64+0x10b/0xf80 [ 106.618836][ T7473] ? clear_bhb_loop+0x40/0x90 [ 106.618858][ T7473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.618879][ T7473] RIP: 0033:0x7f0876d9c819 [ 106.618894][ T7473] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 106.618910][ T7473] RSP: 002b:00007f0877bc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 106.618927][ T7473] RAX: ffffffffffffffda RBX: 00007f0877015fa0 RCX: 00007f0876d9c819 [ 106.618938][ T7473] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 106.618947][ T7473] RBP: 00007f0877bc0090 R08: 0000000000000000 R09: 0000000000000000 [ 106.618956][ T7473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 106.618966][ T7473] R13: 00007f0877016038 R14: 00007f0877015fa0 R15: 00007fff74868d08 [ 106.618990][ T7473] [ 106.727011][ T7476] ------------[ cut here ]------------ [ 106.738453][ T7476] [CRTC:39:crtc-0] vblank wait timed out [ 106.740438][ T7476] WARNING: drivers/gpu/drm/drm_atomic_helper.c:1921 at drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0, CPU#0: syz.2.467/7476 [ 106.747068][ T7476] Modules linked in: [ 106.749640][ T7476] CPU: 0 UID: 0 PID: 7476 Comm: syz.2.467 Tainted: G L syzkaller #0 PREEMPT(full) [ 106.753729][ T7476] Tainted: [L]=SOFTLOCKUP [ 106.755301][ T7476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 106.758753][ T7476] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0 [ 106.761812][ T7476] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d e8 da 3e 0b 8b b3 d0 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 93 0f 61 fc e9 7c fe ff ff e8 79 [ 106.768086][ T7476] RSP: 0018:ffffc900052c77a8 EFLAGS: 00010246 [ 106.770016][ T7476] RAX: 0000000000000000 RBX: ffff888100b20040 RCX: 1ffff11020164022 [ 106.772503][ T7476] RDX: ffff88802240c080 RSI: 0000000000000027 RDI: ffffffff90e74620 [ 106.775043][ T7476] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 106.778064][ T7476] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 106.780857][ T7476] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888029f11300 [ 106.783363][ T7476] FS: 0000555563408500(0000) GS:ffff8880d62db000(0000) knlGS:0000000000000000 [ 106.786331][ T7476] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 106.788853][ T7476] CR2: 000000110c355763 CR3: 0000000028742000 CR4: 0000000000352ef0 [ 106.792196][ T7476] Call Trace: [ 106.793677][ T7476] [ 106.795049][ T7476] ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10 [ 106.798679][ T7476] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 106.801206][ T7476] ? lockdep_hardirqs_on+0x78/0x100 [ 106.803488][ T7476] ? __pfx_autoremove_wake_function+0x10/0x10 [ 106.806198][ T7476] ? drm_atomic_helper_commit_hw_done+0x36d/0x490 [ 106.809059][ T7476] drm_atomic_helper_commit_tail+0xff/0x130 [ 106.811659][ T7476] commit_tail+0x338/0x430 [ 106.813602][ T7476] drm_atomic_helper_commit+0x303/0x380 [ 106.816071][ T7476] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 106.818806][ T7476] drm_atomic_commit+0x230/0x300 [ 106.820941][ T7476] ? __pfx_drm_atomic_commit+0x10/0x10 [ 106.822903][ T7476] ? __pfx___drm_printfn_info+0x10/0x10 [ 106.824937][ T7476] ? drm_client_rotation+0x451/0x6a0 [ 106.826911][ T7476] drm_client_modeset_commit_atomic+0x6a6/0x7e0 [ 106.829001][ T7476] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 106.831199][ T7476] drm_client_modeset_commit_locked+0x14d/0x580 [ 106.833125][ T7476] drm_client_modeset_commit+0x4f/0x80 [ 106.834872][ T7476] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 106.837566][ T7476] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 106.839985][ T7476] drm_fbdev_client_restore+0x1b/0x30 [ 106.841865][ T7476] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 106.843885][ T7476] drm_client_dev_restore+0x205/0x2a0 [ 106.845639][ T7476] drm_release+0x2c6/0x360 [ 106.847211][ T7476] ? __pfx_drm_release+0x10/0x10 [ 106.848831][ T7476] __fput+0x3ff/0xb50 [ 106.850268][ T7476] task_work_run+0x150/0x240 [ 106.852273][ T7476] ? __pfx_task_work_run+0x10/0x10 [ 106.855014][ T7476] ? rcu_is_watching+0x12/0xc0 [ 106.857105][ T7476] exit_to_user_mode_loop+0x100/0x4a0 [ 106.858889][ T7476] ? do_syscall_64+0x52d/0xf80 [ 106.860450][ T7476] do_syscall_64+0x706/0xf80 [ 106.862070][ T7476] ? clear_bhb_loop+0x40/0x90 [ 106.863587][ T7476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.865395][ T7476] RIP: 0033:0x7fcf2e99c819 [ 106.866990][ T7476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 106.873622][ T7476] RSP: 002b:00007ffe4b0eed58 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 106.877497][ T7476] RAX: 0000000000000000 RBX: 00007ffe4b0eee40 RCX: 00007fcf2e99c819 [ 106.880101][ T7476] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 106.882638][ T7476] RBP: 000000000001a010 R08: 0000000000000001 R09: 0000000000000000 [ 106.885152][ T7476] R10: 0000001b2f920000 R11: 0000000000000246 R12: 00007ffe4b0eee80 [ 106.887803][ T7476] R13: 00007fcf2ec15fac R14: 000000000001a048 R15: 00007fcf2ec15fa0 [ 106.890486][ T7476] [ 106.891644][ T7476] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 106.894176][ T7476] CPU: 0 UID: 0 PID: 7476 Comm: syz.2.467 Tainted: G L syzkaller #0 PREEMPT(full) [ 106.898452][ T7476] Tainted: [L]=SOFTLOCKUP [ 106.900362][ T7476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 106.904600][ T7476] Call Trace: [ 106.906163][ T7476] [ 106.907521][ T7476] dump_stack_lvl+0x100/0x190 [ 106.909658][ T7476] vpanic+0x552/0x970 [ 106.911443][ T7476] ? __pfx_vpanic+0x10/0x10 [ 106.913435][ T7476] panic+0xd1/0xe0 [ 106.915080][ T7476] ? __pfx_panic+0x10/0x10 [ 106.917035][ T7476] ? check_panic_on_warn+0x1f/0x90 [ 106.919404][ T7476] check_panic_on_warn.cold+0x19/0x34 [ 106.921952][ T7476] ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0 [ 106.925102][ T7476] __warn.cold+0x191/0x328 [ 106.927076][ T7476] __report_bug+0x296/0x3d0 [ 106.929047][ T7476] ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0 [ 106.932107][ T7476] ? __pfx___report_bug+0x10/0x10 [ 106.934379][ T7476] ? lockdep_hardirqs_on+0x78/0x100 [ 106.936891][ T7476] report_bug_entry+0xe1/0x290 [ 106.939032][ T7476] ? drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0 [ 106.942147][ T7476] handle_bug+0x1cd/0x2a0 [ 106.943953][ T7476] exc_invalid_op+0x17/0x50 [ 106.945918][ T7476] asm_exc_invalid_op+0x1a/0x20 [ 106.948011][ T7476] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0 [ 106.950537][ T7476] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d e8 da 3e 0b 8b b3 d0 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 93 0f 61 fc e9 7c fe ff ff e8 79 [ 106.956672][ T7476] RSP: 0018:ffffc900052c77a8 EFLAGS: 00010246 [ 106.958622][ T7476] RAX: 0000000000000000 RBX: ffff888100b20040 RCX: 1ffff11020164022 [ 106.961390][ T7476] RDX: ffff88802240c080 RSI: 0000000000000027 RDI: ffffffff90e74620 [ 106.964128][ T7476] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 106.966827][ T7476] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 106.969311][ T7476] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888029f11300 [ 106.972199][ T7476] ? drm_atomic_helper_wait_for_vblanks.part.0+0x6e6/0x8a0 [ 106.975113][ T7476] ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10 [ 106.977670][ T7476] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 106.979688][ T7476] ? lockdep_hardirqs_on+0x78/0x100 [ 106.981847][ T7476] ? __pfx_autoremove_wake_function+0x10/0x10 [ 106.984211][ T7476] ? drm_atomic_helper_commit_hw_done+0x36d/0x490 [ 106.986283][ T7476] drm_atomic_helper_commit_tail+0xff/0x130 [ 106.988175][ T7476] commit_tail+0x338/0x430 [ 106.989601][ T7476] drm_atomic_helper_commit+0x303/0x380 [ 106.991657][ T7476] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 106.993775][ T7476] drm_atomic_commit+0x230/0x300 [ 106.995452][ T7476] ? __pfx_drm_atomic_commit+0x10/0x10 [ 106.997207][ T7476] ? __pfx___drm_printfn_info+0x10/0x10 [ 106.999010][ T7476] ? drm_client_rotation+0x451/0x6a0 [ 107.000806][ T7476] drm_client_modeset_commit_atomic+0x6a6/0x7e0 [ 107.002899][ T7476] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 107.005610][ T7476] drm_client_modeset_commit_locked+0x14d/0x580 [ 107.008076][ T7476] drm_client_modeset_commit+0x4f/0x80 [ 107.009821][ T7476] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 107.012322][ T7476] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 107.014470][ T7476] drm_fbdev_client_restore+0x1b/0x30 [ 107.016358][ T7476] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 107.018496][ T7476] drm_client_dev_restore+0x205/0x2a0 [ 107.020434][ T7476] drm_release+0x2c6/0x360 [ 107.022082][ T7476] ? __pfx_drm_release+0x10/0x10 [ 107.023667][ T7476] __fput+0x3ff/0xb50 [ 107.024977][ T7476] task_work_run+0x150/0x240 [ 107.026506][ T7476] ? __pfx_task_work_run+0x10/0x10 [ 107.028088][ T7476] ? rcu_is_watching+0x12/0xc0 [ 107.029581][ T7476] exit_to_user_mode_loop+0x100/0x4a0 [ 107.031329][ T7476] ? do_syscall_64+0x52d/0xf80 [ 107.032870][ T7476] do_syscall_64+0x706/0xf80 [ 107.034372][ T7476] ? clear_bhb_loop+0x40/0x90 [ 107.035921][ T7476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.037815][ T7476] RIP: 0033:0x7fcf2e99c819 [ 107.039282][ T7476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 107.046268][ T7476] RSP: 002b:00007ffe4b0eed58 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 107.049772][ T7476] RAX: 0000000000000000 RBX: 00007ffe4b0eee40 RCX: 00007fcf2e99c819 [ 107.053069][ T7476] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 107.055736][ T7476] RBP: 000000000001a010 R08: 0000000000000001 R09: 0000000000000000 [ 107.058290][ T7476] R10: 0000001b2f920000 R11: 0000000000000246 R12: 00007ffe4b0eee80 [ 107.060924][ T7476] R13: 00007fcf2ec15fac R14: 000000000001a048 R15: 00007fcf2ec15fa0 [ 107.064193][ T7476] [ 107.067051][ T7476] Kernel Offset: disabled [ 107.068962][ T7476] Rebooting in 86400 seconds..