last executing test programs: 4.219991657s ago: executing program 3 (id=1051): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000020240), 0x10010) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, &(0x7f0000000000)=0x5, 0x4) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000001e00010a0000000000000000ac1414aa0000000000050000000000000000000000000000ac1e000100000000"], 0x40}}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f00003e1000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x200394}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0xffffffff, [{0x0, 0x2, 0x21}]}, @restrict={0x0, 0x0, 0x0, 0x10, 0x2}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r3, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0) 3.938568967s ago: executing program 3 (id=1056): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x34, r1, 0x1, 0x0, 0x0, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x6000000}, 0x0) 3.539938081s ago: executing program 3 (id=1061): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x600, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{}, {}, {0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffff7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x200}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x800000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfff}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {0x10000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10000}], [{}, {}, {}, {}, {}, {0x0, 0xbe0087781dab7411}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48010}, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="10000000470808"], 0x10}], 0x1, 0x0, 0x0, 0x48040}, 0x4000) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x10, 0x0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r5, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000004600)=@newtfilter={0x24, 0x2c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x9, 0x2}, {0xfff7}}}, 0x24}}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) 3.539742166s ago: executing program 3 (id=1062): creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap']) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r4, 0x2000009) sendfile(r3, r4, 0x0, 0x7ffff000) lstat(&(0x7f00000002c0)='./file0\x00', 0x0) (fail_nth: 2) 3.180048047s ago: executing program 3 (id=1065): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000020240), 0x10010) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xb, &(0x7f0000000000)=0x5, 0x4) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000001e00010a0000000000000000ac1414aa0000000000050000000000000000000000000000ac1e000100000000"], 0x40}}, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f00003e1000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x200394}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0xffffffff, [{0x0, 0x2, 0x21}]}, @restrict={0x0, 0x0, 0x0, 0x10, 0x2}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r3, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0) 2.900413019s ago: executing program 3 (id=1070): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)={0x34, r1, 0x1, 0x0, 0x0, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x7000000}, 0x0) 659.588787ms ago: executing program 2 (id=1089): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48010}, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="10000000470808"], 0x10}], 0x1, 0x0, 0x0, 0x48040}, 0x4000) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x10, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000200)={0x100, r2}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000004600)=@newtfilter={0x24, 0x2c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x9, 0x2}, {0xfff7}}}, 0x24}}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) 659.463487ms ago: executing program 2 (id=1090): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0) 569.68197ms ago: executing program 1 (id=1093): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/address_bits', 0x20000, 0x20) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000001800)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) (async) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) close_range(r3, 0xffffffffffffffff, 0x0) (async, rerun: 64) r4 = fsopen(&(0x7f0000000000)='fuseblk\x00', 0x0) (rerun: 64) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000040)='@)-{]\x00', 0x0, r0) (async) read$FUSE(r0, &(0x7f0000003700)={0x2020}, 0x2020) 568.813452ms ago: executing program 2 (id=1094): openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) (async) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x1}, 0x4) (async) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x1}, 0x4) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f0000000100)={&(0x7f0000000080)=""/84, 0x54}) sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_DELCHAIN={0x1c, 0x5, 0xa, 0x601, 0x0, 0x0, {}, [@NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}]}, @NFT_MSG_DELRULE={0x20, 0x8, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELCHAIN={0x7c, 0x5, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_COUNTERS={0x4c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x8001}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x80000000}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xd}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xfffffffffffffffc}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x9}]}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffd}]}, @NFT_MSG_DELOBJ={0x1c, 0x14, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELOBJ={0x38, 0x14, 0xa, 0x201, 0x0, 0x0, {0x6, 0x0, 0x6}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}]}, @NFT_MSG_DELRULE={0x48, 0x8, 0xa, 0x3, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x8808}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x17c}, 0x1, 0x0, 0x0, 0x8000}, 0x8) r1 = syz_open_dev$dri(&(0x7f0000000380), 0x2, 0x10080) preadv2(r0, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/254, 0xfe}], 0x1, 0x3, 0x4, 0x14) (async) preadv2(r0, &(0x7f00000004c0)=[{&(0x7f00000003c0)=""/254, 0xfe}], 0x1, 0x3, 0x4, 0x14) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000540)={0x5, 0x0, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0]}) (async) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000540)={0x5, 0x0, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000580)={0x0, 0x0, r1}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f00000005c0)={0x0, 0x0, r1}) ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000600)={r3, 0xe, 0xab, 0x9, 0x0, [r4, 0x0, 0x0, r5], [0xd, 0x4, 0x1ff, 0x1], [0x9, 0x0, 0x3, 0x2], [0x8, 0x5, 0x4]}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000780)={&(0x7f0000000680)=[0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000700)=[0x0, 0x0], &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x5, 0x2, 0x6}) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f00000007c0)={0x8, 0x0, 0x0, 0x8, 0x9}) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000800), 0x80401, 0x0) syz_open_dev$amidi(&(0x7f0000000840), 0x4, 0x80000) syz_open_dev$dri(&(0x7f0000000880), 0x9, 0x290001) (async) syz_open_dev$dri(&(0x7f0000000880), 0x9, 0x290001) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000008c0)={r5}) (async) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000008c0)={r5}) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000f00)={&(0x7f0000000e80)=[{0x5, 0x10, 0x37, &(0x7f0000000900)="e7c3927de54b99fdffd59cf5db9a4f4b03a1680a6b4202e776562bd31470c4f2de999ababa9539aaa682d64ebe4a0821cf4a7ad336c7e7"}, {0x401, 0x2800, 0xf1, &(0x7f0000000940)="71a31d7e7b28773c3e98b924d3f575d0fa4e261c150f2b67a65f54a80c3f6b0fe77648973872069122a0e78fb470ef1995c1bc1f34f231079af4e585c14c6b631e896764f0b656e21ad192bbc6b7049dd3ae70e3a1dd79664c04b418e3a5f2acb18e7b5a5a2856d6a52cda858cc44df2eda9313d9faaaaa0d1e2fcb201e481abea6ae9f8a6a4aa75d0ba6eccbd66508630f2b37c4486efd609cd3f5485163c1dffe86a0400c205a44aefb553a7fad239f36a6d05007377806831817f69413abd42385625a245ba296c8bd04989d220778107e63621416cdfc08db76e6b3e53541f68696dda26416867cd8689d210449533"}, {0x1, 0x810, 0xee, &(0x7f0000000a40)="7740822ced46d1462683c37ff2095f51e69148cd0b6ef0b032013fc3d044e4a73e5f535a6431d1505d62adb10e34b6bffad9a5b9e870b32a2e76c0c700c71b83631d4b20dcacbcaf347a54e669d7530e3022da1bd490c90182b7addd02451f11e74e79904300341952fbe6772e7301236edfa77a784509515254962c8a661749e3a8bd8b735e00aeafecdfb12863ed16e939080f4e9430b026ee0a9f7e6cea91eb3b326ce3c9cad6e80bc35e83ff0dd2045897083c74279f947961492830bbde5997687080dedeb67a23fe7a46fa68af71aede21e0fcbc4f6568b482154c6da3ede71f867057724ae15a441b4c5e"}, {0x101, 0x4000, 0x98, &(0x7f0000000b40)="d7ff4135f1f43911f5f363aed1a35790674e6feb77151e22c9e0209129242b8a5e4c61385ce774a120deb4a3109bda7e8bd91e52e5e22aa9237bda722dac278545fc9d86953fdbc3b4d5e829bb1771193eba14102edd539f37496b5dbb542f2d5a49f62caf9d039211cf61bba68ba353d23f6d37046389bcaba6936dfb0825e23e5a786c051819800967aa38e208061ba4fbd90602dcb0bc"}, {0xd824, 0x2600, 0xc2, &(0x7f0000000c00)="a31b409801cedc10e54916ce8b00ee69502fb19b4d5eb3bf5f13195379190625971b1e640f9637131b21afc1b22d25e3fcf1e5d3996a5583cc55cc77bd32261bd39c7c5f576a2ba5754660408a36e05a57695d0297cf771927efc2fdb772b375c0d1cb69ae3af268b0915d24e42e3ae4914eaa87c611195bd94c356bf1dbb3f64c01df53486f7d29e080e16c6c117bd92dd2ab4288bfbf096b128a4961fc00bd6c1a7862572778c304cd2bbfc7eece9874f02c3155935acb9a707e70ef203a47388d"}, {0x1, 0x1402, 0xc8, &(0x7f0000000d00)="ba8efc04f61bad165a99fd555111bf018a34339520f9a909ce36275ef75123b85c79292d6fe81b17037099b2995769fe502f3331b9f1c0b707c22d28e67b5e20101a6369ca71771ddd5253207bf4d92b0469646ca70f45908baf64010ccd22aa711bcf5fad92df4d47e907ce0ca17aa317fc06f266c8d1a488be2e679a8ad70f6f401d484b4e94645a653c625a2fd8b48e4e8e567718bbdba67bb0240116ab73468f47d848e3a980dffafe1c35a433f957969b9bd4a55dc943b9a4cd3b67f5ee8053cbc3c6b12cc7"}, {0x2, 0xa010, 0x6b, &(0x7f0000000e00)="b27d957b91109a144cc4a584eee48b6fe91eca4f376511fed5e8e8c156cc63afb508ec36696e32a243335b563684ea91ed82b5601c5d51376ac347884b388cd5a4c2f0a6e587e8c41749714c66c662365afb0f1f91eed84494138a4730652c4a041bcbb7aed164d2975a5b"}], 0x7}) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000f40), 0x2100, 0x0) (async) r8 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000f40), 0x2100, 0x0) ioctl$SIOCSIFHWADDR(r8, 0x8924, &(0x7f0000000f80)={'macsec0\x00', @broadcast}) ioctl$KVM_SET_VAPIC_ADDR(r8, 0x4008ae93, &(0x7f0000000fc0)=0x875bccc8dc3b4af6) pipe2(&(0x7f0000001000), 0x0) (async) pipe2(&(0x7f0000001000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pwrite64(r9, &(0x7f0000001040)="89", 0x1, 0x5) ioctl$DRM_IOCTL_MODE_CURSOR2(r1, 0xc02464bb, &(0x7f0000001080)={0x0, r7, 0x7, 0x6, 0x2, 0xd0, 0x10000000, 0x3, 0x598}) ioctl$KDENABIO(r9, 0x4b36) (async) ioctl$KDENABIO(r9, 0x4b36) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000010c0)={r4, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r10, 0xc05064a7, &(0x7f0000001280)={&(0x7f0000001100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001140)=[{}, {}], &(0x7f0000001200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001240)=[0x0, 0x0], 0x2, 0xa, 0x7, 0x0, r3}) (async) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r10, 0xc05064a7, &(0x7f0000001280)={&(0x7f0000001100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001140)=[{}, {}], &(0x7f0000001200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001240)=[0x0, 0x0], 0x2, 0xa, 0x7, 0x0, r3}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r9, 0xc04064a0, &(0x7f0000001400)={&(0x7f0000001300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000013c0)=[0x0], 0x6, 0x9, 0xa, 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000001480)={r2, r11, r6, 0x0, 0x0, 0x1, &(0x7f0000001440)=[0x0]}) syz_genetlink_get_family_id$l2tp(&(0x7f00000014c0), r8) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001540)=@generic={&(0x7f0000001500)='./file0\x00', r0}, 0x18) 568.051355ms ago: executing program 2 (id=1095): creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap']) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r4, 0x2000009) sendfile(r3, r4, 0x0, 0x7ffff000) lstat(&(0x7f00000002c0)='./file0\x00', 0x0) (fail_nth: 5) 567.86547ms ago: executing program 1 (id=1096): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"}) r1 = syz_open_pts(r0, 0x141601) write(r1, &(0x7f0000000000)="d5", 0xfffffedf) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0xfffffffc, 0x0, 0x0, "682341f2fd71a6a76177920ea7e60c0ac7a4a5"}) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_G_FMT(r3, 0xc0d05604, &(0x7f0000000100)={0x4, @pix_mp={0x101, 0x5, 0x384c4150, 0x0, 0x0, [{0x3c3, 0x5}, {0x0, 0x9}, {0x101, 0x8}, {0x8, 0xd}, {0x3, 0x8}, {0x2, 0x7}, {0x6, 0x7}, {0x4, 0x800}], 0x1, 0x0, 0x4, 0x2, 0x1}}) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r5, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r6 = syz_open_dev$sndpcmc(&(0x7f0000000100), 0x0, 0x80002) ioctl$SNDRV_PCM_IOCTL_DROP(r6, 0x4143, 0x0) r7 = dup(r5) write$FUSE_BMAP(r7, &(0x7f0000000100)={0x18}, 0x18) getrlimit(0xb, &(0x7f0000000240)) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x84) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='mpol=interleave=static,mpol=default']) write$FUSE_NOTIFY_RETRIEVE(r7, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',cache=mmap']) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0) sendmsg$NFT_MSG_GETRULE(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, 0x19, 0xa, 0x201}, 0x14}}, 0x0) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r9 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r10, 0x2000009) sendfile(r9, r10, 0x0, 0x7ffff000) 309.46744ms ago: executing program 2 (id=1102): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r1 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = socket(0x2a, 0x2, 0x0) (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x8044}, 0x4000000) r4 = socket$can_bcm(0x1d, 0x2, 0x2) (async) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', 0x0}) connect$can_bcm(r4, &(0x7f0000000080)={0x1d, r6}, 0x10) (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xc}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1000}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48010}, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'}) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.parent_freezing\x00', 0x275a, 0x0) write$binfmt_script(r10, &(0x7f0000000000), 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r10, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00005d4000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000040)="5b0f01c2c29c028ed0660f388236af0083ee2c0f20c06635000004200f22c0643e1f0fb7c2", 0x25}], 0x1, 0x0, 0x0, 0x0) preadv(r10, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async) r11 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) (async) connect$802154_dgram(0xffffffffffffffff, &(0x7f00000001c0)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x14) (async) ioctl$KVM_RUN(r11, 0xae80, 0x0) 220.260091ms ago: executing program 0 (id=1104): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001b00)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYRESHEX=r0], 0x270}}, 0x48880) r3 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r3, &(0x7f0000000180)=[{0x2, 0x1000000000000, &(0x7f0000000080), 0x6, &(0x7f0000000100)}], 0x492492492492642, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x10001, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$sock_netdev_private(r0, 0x89f3, &(0x7f00000001c0)="959f8f234e6d1f878a928f5e504a8d6263182f8ac6e155f64dfe180b248a5d9bb081d2639c1275fa92449b251cef46aad721d4e93f0420d120d9a34f5a32619172eff21867b9e5c86363b55dcca99a2bd4d7ca9795b518842e325ca453") r4 = syz_io_uring_setup(0x24fa, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f00000000c0)=0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[@ANYBLOB='/'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}}) io_uring_enter(r4, 0x2d3e, 0x0, 0x6, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="54000000020603000000000900100000000000000500010007000000050005000a0000000d000300686173683a6e6574000000000900020073797a32e62c4c84557aec0f08001340000000000500040000000000"], 0x54}}, 0x0) 220.122014ms ago: executing program 1 (id=1105): r0 = socket$inet(0xa, 0x801, 0x84) accept4(r0, 0x0, 0x0, 0x0) 219.251076ms ago: executing program 0 (id=1106): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) (async, rerun: 32) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000084040000000000000002"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async, rerun: 32) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000340)="23000000010006", 0x7) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000000c00000002000000002000000000001304000080"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async) r2 = syz_open_dev$ttys(0xc, 0x2, 0x1) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010001040000000000010000000900010073797a300000000064000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69746000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f0800034000"], 0xac}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15) (async) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000080)="0f015d00b80c008ec8670f01c2039402000f08d889f9000f20c06635000000800f22c00f01cf0fc79e1f110fa40d7a00", 0x30}], 0x1, 0xe, 0x0, 0x0) (async) bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10) (async) ioctl$TCFLSH(r2, 0x404c4701, 0x20000000) (async) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000c40)=@mangle={'mangle\x00', 0x64, 0x6, 0x648, 0x1e0, 0x2b0, 0x1e0, 0xf8, 0x1e0, 0x578, 0x578, 0x578, 0x578, 0x578, 0x6, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@ipv6={@dev, @local, [], [], 'veth0_to_bridge\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@private1}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, [], [], 'gretap0\x00', 'veth0\x00', {}, {}, 0x0, 0x0, 0x3}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@loopback, @local, [], [], 'ip6_vti0\x00', 'veth0_to_hsr\x00'}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@dst={{0x48}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6a8) 120.140107ms ago: executing program 0 (id=1107): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000020240), 0x10010) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x10e, 0xb, &(0x7f0000000000)=0x5, 0x4) sendmsg$nl_xfrm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000001e00010a0000000000000000ac1414aa0000000000050000000000000000000000000000ac1e000100000000"], 0x40}}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000003000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f00003e1000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x200394}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0xffffffff, [{0x0, 0x2, 0x21}]}, @restrict={0x0, 0x0, 0x0, 0x10, 0x2}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r2, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x7, 0x10012, r0, 0x0) 119.802174ms ago: executing program 0 (id=1108): r0 = memfd_create(&(0x7f0000000180)='[\xee\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x00\x00\xfb\xff\x00\x00\xda\xc4\xd4#\xc5\xeb\xd1\x9b\xbem\xdd\xd2\x13\x81\x9eG\xd9,\xe2\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;@\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x95\xd2q*\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnG\xec\xb6\xb7\x1b\xa5#\xa9Ce\xb8\x82\x03\tc|\xfa\x1a\xd3\x98\xa1^F\x8f\x92\x81\xc1\xf1DX\xb3{\x94\x12\xa1\xf4h\xf8\x1es\xa0vJ~\xf3]\xb2\x1c\xcc\xf32\xea\xf5K}\x19\x96{\xf6', 0x6) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'ip_vti0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="800000001000010400"/20, @ANYRES32=r3, @ANYBLOB="000000000000000060001280080001007674690054000280080006000d00000022000100e699a854573997a44dba3ce64b87d70aea6fe92e588be697", @ANYRES32=r3, @ANYRES32=r3, @ANYBLOB="080003"], 0x80}}, 0x0) write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './control/file0'}, 0x13) r4 = syz_open_dev$dri(&(0x7f0000000040), 0x4, 0x800) ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000140)={0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000300)=[0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f00000003c0)={&(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x0, 0x0}) r8 = syz_open_dev$dri(&(0x7f0000002580), 0x200, 0x0) r9 = syz_open_dev$video4linux(&(0x7f0000000000), 0x200008f, 0x0) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='pids.current\x00', 0x275a, 0x0) write$UHID_CREATE2(r10, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r10, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r9, 0xc038563b, &(0x7f00000001c0)={{0x1, 0x1, 0x18}, './file0\x00'}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f00000026c0)={0x0, &(0x7f0000002600)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(r8, 0xc06864a2, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0], 0x1, r11, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "427f4d05618664ecb7f952ed7667675bc32afc7ebbfea1deee1e2e520cc38c6a"}}) ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f00000004c0)={0x4, 0x0, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000580)={&(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x0, 0xc0c0c0c0}) r14 = io_uring_setup(0x1bfa, &(0x7f00000001c0)={0x0, 0x0, 0x100, 0x3}) r15 = fsopen(&(0x7f00000001c0)='ocfs2_dlmfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r15, 0x6, 0x0, 0x0, 0x0) close_range(r14, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000780)={&(0x7f0000000640)=[0x0, 0x0, 0x0], &(0x7f0000000680)=[{}], &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0x5, 0x3}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000940)={&(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000840)=[{}], &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0], 0x1, 0x4, 0x5}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000a40)={&(0x7f00000009c0)=[0x0, 0x0], &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x0, 0xe0e0e0e0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000b00)={&(0x7f0000000a80)=[0x0, 0x0], &(0x7f0000000ac0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x2, 0x0, 0xeeeeeeee}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000bc0)={&(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000b80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x0, 0xfbfbfbfb}) ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000c80)={0x500, 0x6, &(0x7f00000005c0)=[r5, r6, r7, r11, r12, r13], &(0x7f0000000600)=[0xd, 0xa26, 0x10, 0x3], &(0x7f0000000c00)=[r16, r17, r18, r19, r20, 0x0], &(0x7f0000000c40)=[0x3, 0x40], 0x0, 0x9}) 59.95898ms ago: executing program 1 (id=1109): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48010}, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="10000000470808"], 0x10}], 0x1, 0x0, 0x0, 0x48040}, 0x4000) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x10, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000200)={0x100, r2}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000004600)=@newtfilter={0x24, 0x2c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x9, 0x2}, {0xfff7}}}, 0x24}}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)) 59.697426ms ago: executing program 1 (id=1110): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, 0x0) r1 = socket$netlink(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x64, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0xffff639c}]}, 0x64}}, 0x4c004) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d04000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001"], 0x38}}, 0x0) sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x14c, 0x7, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0xa}, [@NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT={0x2c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_FLAGS={0x8}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x87}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x3b}]}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_USERDATA={0x44, 0x7, 0x1, 0x0, "24423901b326c8d384be64ccefdbadb9813dfbe7cc6b1b0ab68e756bc4d85867476c9a0424ae31085704d1704620a4232642e18c0c5ba882fa35a8af361680ab"}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x4}}}, {0x10, 0x1, 0x0, 0x1, @hash={{0x9}, @void}}, {0x10, 0x1, 0x0, 0x1, @bitwise={{0xc}, @void}}, {0x14, 0x1, 0x0, 0x1, @byteorder={{0xe}, @void}}]}, @NFTA_RULE_COMPAT={0x44, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x8}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x88b5}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x600}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x62}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x6}]}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x2}]}, 0x14c}, 0x1, 0x0, 0x0, 0x1}, 0x48010) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x11ea, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0) 59.550946ms ago: executing program 0 (id=1111): r0 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c0002800800070003"], 0x3c}}, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e001f000f000000028002002d1f", 0x2e}], 0x1}, 0x0) 58.582322ms ago: executing program 2 (id=1112): creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap']) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) ftruncate(r4, 0x2000009) sendfile(r3, r4, 0x0, 0x7ffff000) lstat(&(0x7f00000002c0)='./file0\x00', 0x0) (fail_nth: 6) 282.14µs ago: executing program 1 (id=1113): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000040)=@x86={0x3, 0x8, 0x0, 0x0, 0x2, 0x2, 0xe, 0xfe, 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x8000000000002}) syz_io_uring_setup(0x3623, &(0x7f0000000080)={0x0, 0x51f, 0x1000, 0x3, 0xf8}, &(0x7f0000000000)=0x0, &(0x7f0000000100)) syz_io_uring_setup(0x6055, &(0x7f0000000140)={0x0, 0x4733, 0x200, 0x0, 0x85}, &(0x7f00000001c0), &(0x7f0000000200)=0x0) r5 = epoll_create(0x3) r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_CREATE_BUFS(r6, 0xc100565c, &(0x7f0000000040)={0x3, 0x10001, 0x4, {0x6, @vbi={0x1, 0x5, 0xffff, 0x34565559, [0xa7], [0x7ffffff4], 0x2}}, 0x87}) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x10b4c1, 0x0) ioctl$FS_IOC_SETFLAGS(r8, 0x40086602, &(0x7f00000002c0)=0x20) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x50, r6, 0x7d6a6000) ioctl$KVM_INTERRUPT(r8, 0x4004ae86, &(0x7f0000000280)=0x2) syz_io_uring_submit(r3, r4, &(0x7f0000000240)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x20, 0x0, r5, 0x0, r6, 0x2, 0x0, 0x0, {0x0, r7}}) 0s ago: executing program 0 (id=1114): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}}, 0x0) kernel console output (not intermixed with test programs): =chr_file permissive=1 [ 58.219623][ T7130] FAULT_INJECTION: forcing a failure. [ 58.219623][ T7130] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 58.223405][ T7130] CPU: 3 UID: 0 PID: 7130 Comm: syz.0.408 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 58.226069][ T7130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.229069][ T7130] Call Trace: [ 58.230030][ T7130] [ 58.230881][ T7130] dump_stack_lvl+0x16c/0x1f0 [ 58.232137][ T7130] should_fail_ex+0x497/0x5b0 [ 58.233402][ T7130] _copy_to_user+0x32/0xd0 [ 58.234635][ T7130] simple_read_from_buffer+0xd0/0x160 [ 58.236161][ T7130] proc_fail_nth_read+0x198/0x270 [ 58.237426][ T7130] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 58.238883][ T7130] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 58.240399][ T7130] vfs_read+0x1df/0xbe0 [ 58.241458][ T7130] ? __fget_files+0x1fc/0x3a0 [ 58.242672][ T7130] ? __pfx___mutex_lock+0x10/0x10 [ 58.243889][ T7130] ? __pfx_vfs_read+0x10/0x10 [ 58.245100][ T7130] ? __fget_files+0x206/0x3a0 [ 58.246406][ T7130] ksys_read+0x12b/0x250 [ 58.247476][ T7130] ? __pfx_ksys_read+0x10/0x10 [ 58.248689][ T7130] do_syscall_64+0xcd/0x250 [ 58.250037][ T7130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.251526][ T7130] RIP: 0033:0x7f5475d7d25c [ 58.252631][ T7130] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 58.257200][ T7130] RSP: 002b:00007f5476b33030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 58.259445][ T7130] RAX: ffffffffffffffda RBX: 00007f5475f35fa0 RCX: 00007f5475d7d25c [ 58.261534][ T7130] RDX: 000000000000000f RSI: 00007f5476b330a0 RDI: 0000000000000004 [ 58.263408][ T7130] RBP: 00007f5476b33090 R08: 0000000000000000 R09: 0000000000000000 [ 58.265392][ T7130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.267327][ T7130] R13: 0000000000000000 R14: 00007f5475f35fa0 R15: 00007fffe2cdb228 [ 58.269605][ T7130] [ 58.270597][ C3] vkms_vblank_simulate: vblank timer overrun [ 58.421519][ T7139] mkiss: ax0: crc mode is auto. [ 58.476834][ T7144] input: syz0 as /devices/virtual/input/input8 [ 58.482299][ T39] audit: type=1400 audit(1732112256.181:448): avc: denied { ioctl } for pid=7143 comm="syz.0.414" path="socket:[14768]" dev="sockfs" ino=14768 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 58.490036][ T39] audit: type=1400 audit(1732112256.181:449): avc: denied { write } for pid=7143 comm="syz.0.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 58.720108][ T7165] netlink: 'syz.0.423': attribute type 1 has an invalid length. [ 58.739831][ T7165] 8021q: adding VLAN 0 to HW filter on device bond3 [ 58.747433][ T7165] vlan3: entered promiscuous mode [ 58.748989][ T7165] bond3: entered promiscuous mode [ 58.750433][ T7165] vlan3: entered allmulticast mode [ 58.753434][ T7165] bond3: entered allmulticast mode [ 58.892227][ T5956] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 58.953732][ T7180] netlink: 'syz.3.429': attribute type 10 has an invalid length. [ 58.992720][ T7167] block nbd2: server does not support multiple connections per device. [ 58.995510][ T7164] block nbd2: shutting down sockets [ 59.112525][ T831] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 59.262529][ T831] usb 5-1: Using ep0 maxpacket: 8 [ 59.273062][ T831] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 59.276594][ T831] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 59.278830][ T831] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.283249][ T831] usb 5-1: config 0 descriptor?? [ 59.372166][ T1958] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 59.393154][ T7194] netlink: 'syz.3.434': attribute type 1 has an invalid length. [ 59.402672][ T7194] 8021q: adding VLAN 0 to HW filter on device bond2 [ 59.411046][ T7194] vlan2: entered promiscuous mode [ 59.412529][ T7194] bond2: entered promiscuous mode [ 59.413936][ T7194] vlan2: entered allmulticast mode [ 59.415544][ T7194] bond2: entered allmulticast mode [ 59.454025][ T7197] openvswitch: netlink: Tunnel attr 0 has unexpected len 2817 expected 8 [ 59.489947][ T831] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 59.496418][ T831] usb 5-1: USB disconnect, device number 10 [ 59.499668][ T831] iowarrior 5-1:0.0: I/O-Warror #0 now disconnected [ 59.509467][ T7175] dccp_invalid_packet: P.Data Offset(0) too small [ 59.532202][ T1958] usb 7-1: Using ep0 maxpacket: 16 [ 59.535349][ T1958] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 59.539237][ T1958] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 59.544679][ T1958] usb 7-1: New USB device found, idVendor=056a, idProduct=0013, bcdDevice= 0.00 [ 59.547882][ T1958] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.552323][ T1958] usb 7-1: config 0 descriptor?? [ 59.813807][ T7192] __nla_validate_parse: 6 callbacks suppressed [ 59.813823][ T7192] netlink: 1 bytes leftover after parsing attributes in process `syz.2.433'. [ 60.143684][ T7209] netlink: 'syz.1.439': attribute type 10 has an invalid length. [ 60.203816][ T7217] process 'syz.1.442' launched '/dev/fd/3' with NULL argv: empty string added [ 60.206249][ T7216] netlink: 'syz.0.443': attribute type 1 has an invalid length. [ 60.217107][ T7216] 8021q: adding VLAN 0 to HW filter on device bond4 [ 60.227495][ T7216] vlan4: entered promiscuous mode [ 60.228896][ T7216] bond4: entered promiscuous mode [ 60.230271][ T7216] vlan4: entered allmulticast mode [ 60.231610][ T7216] bond4: entered allmulticast mode [ 60.376306][ T7225] netlink: 'syz.0.446': attribute type 11 has an invalid length. [ 60.405821][ T7225] netlink: 12 bytes leftover after parsing attributes in process `syz.0.446'. [ 60.409283][ T7225] netlink: 12 bytes leftover after parsing attributes in process `syz.0.446'. [ 60.569257][ T7237] 9pnet: Unknown protocol version 9p20\++} [ 60.585625][ T7239] netlink: 'syz.1.451': attribute type 10 has an invalid length. [ 60.689736][ T7247] SELinux: security_context_str_to_sid (ramfs) failed with errno=-22 [ 60.694650][ T7247] ªªªªª: renamed from hsr0 (while UP) [ 60.740655][ T7249] netlink: 32 bytes leftover after parsing attributes in process `syz.1.456'. [ 60.863968][ T7250] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 60.897674][ T7260] netlink: 8 bytes leftover after parsing attributes in process `syz.1.461'. [ 61.021710][ T7273] netlink: 20 bytes leftover after parsing attributes in process `syz.1.465'. [ 61.025465][ T7273] IPv6: NLM_F_CREATE should be specified when creating new route [ 61.068633][ T7277] netlink: 32 bytes leftover after parsing attributes in process `syz.0.468'. [ 61.073270][ T7279] netlink: 16 bytes leftover after parsing attributes in process `syz.1.467'. [ 61.204523][ T7278] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 61.412283][ T5988] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 61.547559][ T7304] xt_hashlimit: size too large, truncated to 1048576 [ 61.572248][ T5988] usb 5-1: Using ep0 maxpacket: 32 [ 61.575532][ T5988] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 61.578466][ T5988] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 61.582898][ T5988] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 61.585742][ T5988] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 61.588690][ T5988] usb 5-1: Product: syz [ 61.590241][ T5988] usb 5-1: Manufacturer: á ‰ [ 61.591945][ T5988] usb 5-1: SerialNumber: syz [ 61.804994][ T7287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 61.807331][ T7287] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 61.817360][ T5988] usb 5-1: 0:2 : does not exist [ 61.825824][ T5988] usb 5-1: USB disconnect, device number 11 [ 61.993587][ T6336] udevd[6336]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 62.107813][ T7315] FAULT_INJECTION: forcing a failure. [ 62.107813][ T7315] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 62.111292][ T7315] CPU: 0 UID: 0 PID: 7315 Comm: syz.1.480 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 62.114116][ T7315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.116991][ T7315] Call Trace: [ 62.117862][ T7315] [ 62.118728][ T7315] dump_stack_lvl+0x16c/0x1f0 [ 62.120122][ T7315] should_fail_ex+0x497/0x5b0 [ 62.121355][ T7315] ? fs_reclaim_acquire+0xae/0x150 [ 62.122686][ T7315] should_fail_alloc_page+0xe7/0x130 [ 62.124067][ T7315] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 62.125774][ T7315] __alloc_pages_noprof+0x190/0x25a0 [ 62.127158][ T7315] ? find_held_lock+0x2d/0x110 [ 62.128432][ T7315] ? __up_read+0x1fb/0x760 [ 62.129639][ T7315] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 62.131158][ T7315] ? __pfx___might_resched+0x10/0x10 [ 62.132624][ T7315] __folio_alloc_noprof+0x11/0x90 [ 62.133935][ T7315] alloc_migration_target+0x2a7/0x6d0 [ 62.135329][ T7315] migrate_pages_batch+0x3bb/0x31b0 [ 62.136641][ T7315] ? __pfx_alloc_migration_target+0x10/0x10 [ 62.138190][ T7315] ? __pfx_migrate_pages_batch+0x10/0x10 [ 62.139922][ T7315] migrate_pages_sync+0x131/0x910 [ 62.141265][ T7315] ? __pfx_alloc_migration_target+0x10/0x10 [ 62.142830][ T7315] ? __walk_page_range+0x59b/0x770 [ 62.144183][ T7315] ? vma_migratable+0x11d/0x4f0 [ 62.145471][ T7315] ? __pfx_migrate_pages_sync+0x10/0x10 [ 62.146914][ T7315] ? queue_pages_test_walk+0x279/0x410 [ 62.148362][ T7315] ? __pfx_find_vma+0x10/0x10 [ 62.149636][ T7315] ? walk_page_test+0x9b/0x180 [ 62.150899][ T7315] migrate_pages+0x19ee/0x21f0 [ 62.152159][ T7315] ? __pfx_alloc_migration_target+0x10/0x10 [ 62.153702][ T7315] ? __pfx_migrate_pages+0x10/0x10 [ 62.155036][ T7315] ? __pfx___up_read+0x10/0x10 [ 62.156301][ T7315] do_migrate_pages+0x474/0x6f0 [ 62.157575][ T7315] ? __pfx_do_migrate_pages+0x10/0x10 [ 62.158983][ T7315] ? do_raw_spin_lock+0x12d/0x2c0 [ 62.160509][ T7315] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 62.162081][ T7315] ? cap_capable+0x1cf/0x240 [ 62.163318][ T7315] ? security_capable+0x250/0x260 [ 62.164649][ T7315] kernel_migrate_pages+0x5b2/0x750 [ 62.166009][ T7315] ? __pfx_kernel_migrate_pages+0x10/0x10 [ 62.167485][ T7315] ? ksys_write+0x1ba/0x250 [ 62.168679][ T7315] ? __pfx_ksys_write+0x10/0x10 [ 62.169950][ T7315] __x64_sys_migrate_pages+0x96/0x100 [ 62.171679][ T7315] ? lockdep_hardirqs_on+0x7c/0x110 [ 62.173509][ T7315] do_syscall_64+0xcd/0x250 [ 62.174743][ T7315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.176317][ T7315] RIP: 0033:0x7f711a17e819 [ 62.177486][ T7315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.182642][ T7315] RSP: 002b:00007f711afb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 62.184821][ T7315] RAX: ffffffffffffffda RBX: 00007f711a335fa0 RCX: 00007f711a17e819 [ 62.186861][ T7315] RDX: 0000000020000040 RSI: 0000000000000003 RDI: 0000000000000000 [ 62.188909][ T7315] RBP: 00007f711afb9090 R08: 0000000000000000 R09: 0000000000000000 [ 62.190950][ T7315] R10: 0000000020000300 R11: 0000000000000246 R12: 0000000000000002 [ 62.193204][ T7315] R13: 0000000000000000 R14: 00007f711a335fa0 R15: 00007ffe74261788 [ 62.195271][ T7315] [ 62.219016][ T1958] usbhid 7-1:0.0: can't add hid device: -71 [ 62.220705][ T1958] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 62.225022][ T7319] validate_nla: 1 callbacks suppressed [ 62.225036][ T7319] netlink: 'syz.2.482': attribute type 1 has an invalid length. [ 62.226533][ T1958] usb 7-1: USB disconnect, device number 8 [ 62.245633][ T7319] 8021q: adding VLAN 0 to HW filter on device bond5 [ 62.251761][ T7318] netlink: 'syz.1.481': attribute type 10 has an invalid length. [ 62.254909][ T7318] syz_tun: entered promiscuous mode [ 62.259482][ T7318] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 62.264831][ T7319] vlan3: entered promiscuous mode [ 62.266316][ T7319] bond5: entered promiscuous mode [ 62.267737][ T7319] vlan3: entered allmulticast mode [ 62.269096][ T7319] bond5: entered allmulticast mode [ 62.295677][ T7322] netlink: 32 bytes leftover after parsing attributes in process `syz.2.484'. [ 62.300075][ T7324] netlink: 52 bytes leftover after parsing attributes in process `syz.1.483'. [ 62.319183][ T7324] overlayfs: conflicting options: userxattr,redirect_dir=on [ 62.331607][ T7327] pim6reg1: entered promiscuous mode [ 62.334300][ T7327] pim6reg1: entered allmulticast mode [ 62.444343][ T7332] ufs: failed to set blocksize [ 62.478646][ T7340] 9p: Unknown Cache mode or invalid value mm [ 62.482828][ T7332] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 62.514136][ T7342] netlink: 'syz.1.492': attribute type 10 has an invalid length. [ 62.710347][ T1958] libceph: connect (1)[c::]:6789 error -99 [ 62.713481][ T1958] libceph: mon0 (1)[c::]:6789 connect error [ 62.852275][ T6501] IPVS: starting estimator thread 0... [ 62.854864][ T39] kauditd_printk_skb: 28 callbacks suppressed [ 62.854876][ T39] audit: type=1400 audit(1732112260.551:478): avc: denied { write } for pid=7357 comm="syz.3.497" name="fd" dev="proc" ino=16913 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 62.863099][ T39] audit: type=1400 audit(1732112260.551:479): avc: denied { add_name } for pid=7357 comm="syz.3.497" name="3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 62.868068][ T39] audit: type=1400 audit(1732112260.551:480): avc: denied { create } for pid=7357 comm="syz.3.497" name="3" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1 [ 62.873984][ T39] audit: type=1400 audit(1732112260.551:481): avc: denied { associate } for pid=7357 comm="syz.3.497" name="3" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 62.939900][ T39] audit: type=1400 audit(1732112260.631:482): avc: denied { read } for pid=7365 comm="syz.3.500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 62.982111][ T7359] IPVS: using max 40 ests per chain, 96000 per kthread [ 62.983305][ T1958] libceph: connect (1)[c::]:6789 error -99 [ 62.985821][ T1958] libceph: mon0 (1)[c::]:6789 connect error [ 62.993707][ T39] audit: type=1400 audit(1732112260.691:483): avc: denied { getopt } for pid=7365 comm="syz.3.500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 62.999555][ T39] audit: type=1400 audit(1732112260.691:484): avc: denied { ioctl } for pid=7365 comm="syz.3.500" path="/dev/ptyqb" dev="devtmpfs" ino=138 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 63.287226][ T7369] tipc: Started in network mode [ 63.288562][ T7369] tipc: Node identity 7f000001, cluster identity 4711 [ 63.290882][ T7369] tipc: Enabled bearer , priority 10 [ 63.295870][ T39] audit: type=1400 audit(1732112260.991:485): avc: denied { read } for pid=7368 comm="syz.0.501" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 63.302112][ T39] audit: type=1400 audit(1732112260.991:486): avc: denied { open } for pid=7368 comm="syz.0.501" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 63.375605][ T7345] ceph: No mds server is up or the cluster is laggy [ 63.459839][ T39] audit: type=1400 audit(1732112261.151:487): avc: denied { getopt } for pid=7373 comm="syz.1.503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 63.468881][ T7375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 63.473868][ T7375] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.477296][ T7375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 63.480813][ T7375] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.712871][ T5988] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 63.882470][ T5988] usb 6-1: Using ep0 maxpacket: 8 [ 63.887560][ T5988] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 63.890314][ T5988] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 63.892978][ T5988] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 63.895762][ T5988] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 63.899555][ T5988] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 63.901913][ T5988] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.943873][ T7398] netlink: 'syz.2.513': attribute type 1 has an invalid length. [ 63.958848][ T7398] 8021q: adding VLAN 0 to HW filter on device bond6 [ 63.965406][ T7398] vlan4: entered promiscuous mode [ 63.966769][ T7398] bond6: entered promiscuous mode [ 63.968128][ T7398] vlan4: entered allmulticast mode [ 63.969464][ T7398] bond6: entered allmulticast mode [ 64.064848][ T7408] IPv6: NLM_F_CREATE should be specified when creating new route [ 64.114045][ T5988] usb 6-1: usb_control_msg returned -71 [ 64.115916][ T5988] usbtmc 6-1:16.0: can't read capabilities [ 64.125776][ T5988] usb 6-1: USB disconnect, device number 6 [ 64.267449][ T7415] netlink: 'syz.2.519': attribute type 10 has an invalid length. [ 64.283878][ T7303] tipc: Node number set to 2130706433 [ 64.567600][ T7439] kvm: emulating exchange as write [ 64.904659][ T7469] ISOFS: Unable to identify CD-ROM format. [ 64.919630][ T7471] Cannot find set identified by id 65534 to match [ 64.923036][ T7473] __nla_validate_parse: 8 callbacks suppressed [ 64.923045][ T7473] netlink: 32 bytes leftover after parsing attributes in process `syz.1.544'. [ 64.957705][ T7476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.546'. [ 64.967482][ T7476] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7476 comm=syz.1.546 [ 64.970634][ T7474] block device autoloading is deprecated and will be removed. [ 65.006746][ T7467] IPVS: persistence engine module ip_vs_pe_t not found [ 65.058216][ T7490] netlink: 8 bytes leftover after parsing attributes in process `syz.1.549'. [ 65.130119][ T7504] netlink: 32 bytes leftover after parsing attributes in process `syz.1.554'. [ 65.137375][ T7493] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 65.188033][ T7514] 9pnet_fd: Insufficient options for proto=fd [ 65.300259][ T7528] Error parsing options; rc = [-22] [ 65.321143][ T7533] netlink: 'syz.3.563': attribute type 10 has an invalid length. [ 65.348416][ T7537] Option 'n4:v®êšmäÛÌð¨áçžRÝfÍêËR­Oq±rúsJ)º¿rq' to dns_resolver key: bad/missing value [ 65.511768][ T7552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.571'. [ 65.516754][ T7552] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7552 comm=syz.0.571 [ 65.583027][ T7557] netlink: 'syz.3.574': attribute type 10 has an invalid length. [ 65.644935][ T7574] ipt_ECN: cannot use operation on non-tcp rule [ 65.665718][ T7582] netlink: 4 bytes leftover after parsing attributes in process `syz.2.581'. [ 65.668772][ T7582] netlink: 8 bytes leftover after parsing attributes in process `syz.2.581'. [ 65.671673][ T7582] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=7582 comm=syz.2.581 [ 65.724390][ T7588] netlink: 4 bytes leftover after parsing attributes in process `syz.3.582'. [ 65.727889][ T7588] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7588 comm=syz.3.582 [ 65.801719][ T7596] netlink: 'syz.3.588': attribute type 10 has an invalid length. [ 65.888794][ T7605] netlink: 32 bytes leftover after parsing attributes in process `syz.3.591'. [ 65.901470][ T7605] warning: `syz.3.591' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 65.940872][ T7610] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 65.942875][ T7610] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 65.947729][ T7610] vhci_hcd vhci_hcd.0: Device attached [ 65.988766][ T7619] netlink: 'syz.3.595': attribute type 3 has an invalid length. [ 65.991354][ T7618] netlink: 'syz.3.595': attribute type 3 has an invalid length. [ 66.054484][ T7615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.594'. [ 66.132323][ T5988] vhci_hcd: vhci_device speed not set [ 66.179472][ T7643] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7643 comm=syz.3.603 [ 66.202775][ T7303] usb 7-1: new low-speed USB device number 9 using dummy_hcd [ 66.205320][ T5988] usb 41-1: new full-speed USB device number 2 using vhci_hcd [ 66.299411][ T7649] 9pnet_fd: Insufficient options for proto=fd [ 66.354005][ T7303] usb 7-1: config 0 has no interfaces? [ 66.356060][ T7303] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 66.359348][ T7303] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.364092][ T7303] usb 7-1: config 0 descriptor?? [ 66.573846][ T831] usb 7-1: USB disconnect, device number 9 [ 66.576625][ T7612] usb 41-1: recv xbuf, -104 [ 66.581890][ T11] vhci_hcd: stop threads [ 66.584411][ T11] vhci_hcd: release socket [ 66.587965][ T11] vhci_hcd: disconnect device [ 66.643070][ T5988] vhci_hcd: vhci_device speed not set [ 66.855788][ T7670] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7670 comm=syz.1.612 [ 67.084692][ T7682] 8021q: adding VLAN 0 to HW filter on device bond3 [ 67.093159][ T7682] vlan3: entered promiscuous mode [ 67.094540][ T7682] bond3: entered promiscuous mode [ 67.095903][ T7682] vlan3: entered allmulticast mode [ 67.097258][ T7682] bond3: entered allmulticast mode [ 67.202985][ T7705] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7705 comm=syz.2.624 [ 67.207201][ T7707] program syz.1.626 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.266916][ T7718] validate_nla: 4 callbacks suppressed [ 67.266929][ T7718] netlink: 'syz.1.632': attribute type 1 has an invalid length. [ 67.268203][ T7717] 9pnet_fd: Insufficient options for proto=fd [ 67.290912][ T7718] 8021q: adding VLAN 0 to HW filter on device bond5 [ 67.294739][ T7721] netlink: 'syz.0.630': attribute type 10 has an invalid length. [ 67.307941][ T7721] team0: Failed to send options change via netlink (err -105) [ 67.317248][ T7721] team0: Port device netdevsim0 added [ 67.323700][ T7718] vlan2: entered promiscuous mode [ 67.325074][ T7718] bond5: entered promiscuous mode [ 67.326426][ T7718] vlan2: entered allmulticast mode [ 67.327742][ T7718] bond5: entered allmulticast mode [ 67.330028][ T7721] netlink: 'syz.0.630': attribute type 10 has an invalid length. [ 67.340790][ T7721] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 67.349804][ T7721] team0: Failed to send options change via netlink (err -105) [ 67.351901][ T7721] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 67.355251][ T7721] team0: Port device netdevsim0 removed [ 67.360094][ T7721] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 67.416150][ T7738] netlink: 'syz.1.639': attribute type 16 has an invalid length. [ 67.418269][ T7738] bridge_slave_0: entered allmulticast mode [ 67.456925][ T7740] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7740 comm=syz.0.640 [ 67.553068][ T7755] program syz.2.647 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.563747][ T7755] ata1.00: non-matching transfer count (2097152/0) [ 67.576749][ T7755] overlayfs: missing 'workdir' [ 67.580314][ T7759] netlink: 'syz.3.644': attribute type 10 has an invalid length. [ 67.675174][ T7757] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 67.675617][ T7769] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7769 comm=syz.2.652 [ 67.722176][ T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 67.744255][ T7773] IPv6: sit1: Disabled Multicast RS [ 67.803617][ T7781] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7781 comm=syz.2.657 [ 67.812219][ T7783] 9pnet_fd: Insufficient options for proto=fd [ 67.812226][ T7781] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 67.882352][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 67.886273][ T9] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 67.888642][ T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 67.891288][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 67.894024][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 67.896649][ T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 67.900142][ T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 67.902425][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.982268][ T39] kauditd_printk_skb: 33 callbacks suppressed [ 67.982282][ T39] audit: type=1400 audit(1732112265.681:521): avc: denied { connect } for pid=7789 comm="syz.3.661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 67.989378][ T39] audit: type=1400 audit(1732112265.681:522): avc: denied { read } for pid=7789 comm="syz.3.661" path="socket:[18198]" dev="sockfs" ino=18198 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 68.082049][ T1958] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 68.111264][ T7746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 68.114435][ T7746] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 68.118085][ T9] usb 5-1: usb_control_msg returned -71 [ 68.119607][ T9] usbtmc 5-1:16.0: can't read capabilities [ 68.135739][ T9] usb 5-1: USB disconnect, device number 12 [ 68.266523][ T1958] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 68.268942][ T1958] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.271018][ T1958] usb 7-1: Product: syz [ 68.272732][ T1958] usb 7-1: Manufacturer: syz [ 68.274013][ T1958] usb 7-1: SerialNumber: syz [ 68.276928][ T1958] usb 7-1: config 0 descriptor?? [ 68.495004][ T7785] xt_hashlimit: overflow, try lower: 0/0 [ 68.501571][ T6501] usb 7-1: USB disconnect, device number 10 [ 68.642071][ T9] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 68.705205][ T7817] 9pnet_fd: Insufficient options for proto=fd [ 68.802052][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 68.805229][ T9] usb 6-1: config 1 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 45, changing to 9 [ 68.809012][ T9] usb 6-1: config 1 interface 0 altsetting 8 bulk endpoint 0x82 has invalid maxpacket 64 [ 68.812700][ T9] usb 6-1: config 1 interface 0 altsetting 8 bulk endpoint 0x3 has invalid maxpacket 32 [ 68.816008][ T9] usb 6-1: config 1 interface 0 has no altsetting 0 [ 68.820850][ T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 68.824375][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.826390][ T9] usb 6-1: Product: syz [ 68.827448][ T9] usb 6-1: Manufacturer: syz [ 68.828617][ T9] usb 6-1: SerialNumber: syz [ 68.831609][ T7812] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 68.834816][ T7812] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 68.975635][ T39] audit: type=1400 audit(1732112266.671:523): avc: denied { listen } for pid=7836 comm="syz.0.675" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 68.980926][ T39] audit: type=1400 audit(1732112266.671:524): avc: denied { write } for pid=7836 comm="syz.0.675" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 69.009986][ T7843] netlink: 'syz.0.681': attribute type 10 has an invalid length. [ 69.055421][ T9] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 69.059289][ T9] usb 6-1: USB disconnect, device number 7 [ 69.075635][ T7851] 9pnet_fd: Insufficient options for proto=fd [ 69.243740][ T39] audit: type=1326 audit(1732112266.941:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7811 comm="syz.1.669" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711a17e819 code=0x7ffc0000 [ 69.243892][ T5956] Bluetooth: hci3: Malformed HCI Event: 0x22 [ 69.249766][ T39] audit: type=1326 audit(1732112266.941:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7811 comm="syz.1.669" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711a17e819 code=0x7ffc0000 [ 69.258572][ T39] audit: type=1326 audit(1732112266.941:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7811 comm="syz.1.669" exe="/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f711a17e819 code=0x7ffc0000 [ 69.265099][ T39] audit: type=1326 audit(1732112266.941:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7811 comm="syz.1.669" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711a17e819 code=0x7ffc0000 [ 69.270957][ T39] audit: type=1326 audit(1732112266.941:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7811 comm="syz.1.669" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f711a17e819 code=0x7ffc0000 [ 69.276678][ T39] audit: type=1326 audit(1732112266.941:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7811 comm="syz.1.669" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f711a17e819 code=0x7ffc0000 [ 69.322701][ T7872] pimreg: entered allmulticast mode [ 69.328831][ T7872] pimreg: left allmulticast mode [ 69.401863][ T7881] netlink: 'syz.0.694': attribute type 10 has an invalid length. [ 69.477748][ T7893] 9pnet_fd: Insufficient options for proto=fd [ 69.515885][ T7900] ip6tnl1: entered promiscuous mode [ 69.529663][ T7897] rtc_cmos 00:05: Alarms can be up to one day in the future [ 69.845878][ T7926] bond0: (slave syz_tun): Releasing backup interface [ 69.852158][ T7926] bridge_slave_0: left allmulticast mode [ 69.853946][ T7926] bridge_slave_0: left promiscuous mode [ 69.855697][ T7926] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.861822][ T7926] bridge_slave_1: left allmulticast mode [ 69.864290][ T7926] bridge_slave_1: left promiscuous mode [ 69.866296][ T7926] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.880686][ T7926] bond0: (slave bond_slave_0): Releasing backup interface [ 69.892140][ T7926] bond0: (slave bond_slave_1): Releasing backup interface [ 69.902240][ T6002] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 69.915266][ T7926] team0: Port device team_slave_0 removed [ 69.924602][ T7926] team0: Port device team_slave_1 removed [ 69.927004][ T7926] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 69.929176][ T7926] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 69.935079][ T7926] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 69.937517][ T7926] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 69.945815][ T7926] bond1: (slave gretap1): Releasing active interface [ 69.984776][ T7929] team0: Mode changed to "loadbalance" [ 69.987130][ T7932] netlink: 'syz.0.718': attribute type 10 has an invalid length. [ 70.037034][ T7941] __nla_validate_parse: 27 callbacks suppressed [ 70.037048][ T7941] netlink: 4 bytes leftover after parsing attributes in process `syz.3.724'. [ 70.045536][ T7941] selinux_netlink_send: 3 callbacks suppressed [ 70.045548][ T7941] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2119 sclass=netlink_route_socket pid=7941 comm=syz.3.724 [ 70.062785][ T6002] usb 7-1: Using ep0 maxpacket: 16 [ 70.079904][ T7939] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 70.081631][ T7939] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 70.082695][ T6002] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 70.087373][ T6002] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 70.090632][ T6002] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 70.093132][ T7939] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 70.094753][ T6002] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 70.099377][ T6002] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.100510][ T7948] netlink: 4 bytes leftover after parsing attributes in process `syz.0.723'. [ 70.102552][ T6002] usb 7-1: config 0 descriptor?? [ 70.107089][ T7939] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 70.108780][ T7939] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 70.121275][ T7939] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 70.140909][ T7939] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 70.143667][ T7939] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 70.146283][ T7939] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 70.154545][ T831] rtc_cmos 00:05: Alarms can be up to one day in the future [ 70.158152][ T831] rtc_cmos 00:05: Alarms can be up to one day in the future [ 70.161398][ T831] rtc_cmos 00:05: Alarms can be up to one day in the future [ 70.165369][ T831] rtc_cmos 00:05: Alarms can be up to one day in the future [ 70.167926][ T831] rtc rtc0: __rtc_set_alarm: err=-22 [ 70.233638][ T7957] xt_CT: No such helper "netbios-ns" [ 70.296813][ T7962] 9pnet_fd: Insufficient options for proto=fd [ 70.317664][ T7917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.713'. [ 70.593352][ T7976] ipt_rpfilter: unknown options [ 70.732832][ T6002] usbhid 7-1:0.0: can't add hid device: -71 [ 70.734293][ T6002] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 70.744258][ T6002] usb 7-1: USB disconnect, device number 11 [ 70.977260][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.979732][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.284521][ T7984] FAULT_INJECTION: forcing a failure. [ 71.284521][ T7984] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.288042][ T7984] CPU: 1 UID: 0 PID: 7984 Comm: syz.2.737 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 71.290882][ T7984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.294114][ T7984] Call Trace: [ 71.295047][ T7984] [ 71.295880][ T7984] dump_stack_lvl+0x16c/0x1f0 [ 71.297240][ T7984] should_fail_ex+0x497/0x5b0 [ 71.298562][ T7984] _copy_to_user+0x32/0xd0 [ 71.299786][ T7984] simple_read_from_buffer+0xd0/0x160 [ 71.301351][ T7984] proc_fail_nth_read+0x198/0x270 [ 71.302877][ T7984] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 71.304400][ T7984] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 71.305869][ T7984] vfs_read+0x1df/0xbe0 [ 71.306988][ T7984] ? __fget_files+0x1fc/0x3a0 [ 71.308261][ T7984] ? __pfx___mutex_lock+0x10/0x10 [ 71.309688][ T7984] ? __pfx_vfs_read+0x10/0x10 [ 71.311108][ T7984] ? __fget_files+0x206/0x3a0 [ 71.312434][ T7984] ksys_read+0x12b/0x250 [ 71.313580][ T7984] ? __pfx_ksys_read+0x10/0x10 [ 71.314861][ T7984] do_syscall_64+0xcd/0x250 [ 71.316096][ T7984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.317812][ T7984] RIP: 0033:0x7f8c74f7d25c [ 71.319042][ T7984] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 71.324390][ T7984] RSP: 002b:00007f8c75d0f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 71.326629][ T7984] RAX: ffffffffffffffda RBX: 00007f8c75135fa0 RCX: 00007f8c74f7d25c [ 71.328844][ T7984] RDX: 000000000000000f RSI: 00007f8c75d0f0a0 RDI: 0000000000000004 [ 71.331184][ T7984] RBP: 00007f8c75d0f090 R08: 0000000000000000 R09: 0000000000000000 [ 71.334006][ T7984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.336818][ T7984] R13: 0000000000000000 R14: 00007f8c75135fa0 R15: 00007ffeb80d14e8 [ 71.339647][ T7984] [ 71.679993][ T8006] 9pnet_fd: Insufficient options for proto=fd [ 72.001618][ T8011] netlink: 36 bytes leftover after parsing attributes in process `syz.2.745'. [ 72.093399][ T5956] Bluetooth: hci1: command 0x0c1a tx timeout [ 72.172115][ T5956] Bluetooth: hci3: command 0x0405 tx timeout [ 72.172165][ T65] Bluetooth: hci2: command 0x0c1a tx timeout [ 72.172175][ T5948] Bluetooth: hci2: Opcode 0x2046 failed: -110 [ 72.287284][ T8015] gtp0: entered promiscuous mode [ 72.289100][ T8015] gtp0: entered allmulticast mode [ 72.329702][ T8019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.748'. [ 72.375299][ T8028] netlink: 'syz.0.753': attribute type 10 has an invalid length. [ 72.406740][ T8030] team0: Device ipvlan1 failed to register rx_handler [ 72.413632][ T8032] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 72.425966][ T8032] batadv_slave_0: entered promiscuous mode [ 72.433718][ T8032] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 72.442627][ T8032] netlink: 7 bytes leftover after parsing attributes in process `syz.0.755'. [ 72.449308][ T8032] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 72.467619][ T8042] 9pnet_fd: p9_fd_create_tcp (8042): problem connecting socket to 127.0.0.1 [ 72.492962][ T8042] netlink: 'syz.2.757': attribute type 11 has an invalid length. [ 72.495857][ T8042] netlink: 20 bytes leftover after parsing attributes in process `syz.2.757'. [ 72.500411][ T8042] SELinux: security_context_str_to_sid („) failed with errno=-22 [ 72.530518][ T8050] netlink: 32 bytes leftover after parsing attributes in process `syz.2.760'. [ 72.632608][ T8058] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 72.645199][ T8061] netlink: 36 bytes leftover after parsing attributes in process `syz.3.764'. [ 72.673260][ T8068] FAULT_INJECTION: forcing a failure. [ 72.673260][ T8068] name failslab, interval 1, probability 0, space 0, times 0 [ 72.678230][ T8068] CPU: 0 UID: 0 PID: 8068 Comm: syz.2.766 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 72.681940][ T8068] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.685802][ T8068] Call Trace: [ 72.687041][ T8068] [ 72.688153][ T8068] dump_stack_lvl+0x16c/0x1f0 [ 72.689887][ T8068] should_fail_ex+0x497/0x5b0 [ 72.691481][ T8068] ? fs_reclaim_acquire+0xae/0x150 [ 72.692999][ T8068] should_failslab+0xc2/0x120 [ 72.694232][ T8068] __kmalloc_node_noprof+0xd1/0x430 [ 72.695632][ T8068] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 72.697059][ T8068] ? __lock_acquire+0x15a9/0x3c40 [ 72.698369][ T8068] __kvmalloc_node_noprof+0xad/0x1a0 [ 72.699750][ T8068] seq_read_iter+0x82a/0x12b0 [ 72.701206][ T8068] seq_read+0x39f/0x4e0 [ 72.702579][ T8068] ? __pfx_seq_read+0x10/0x10 [ 72.704098][ T8068] ? inode_security+0x101/0x130 [ 72.705795][ T8068] ? avc_policy_seqno+0x9/0x20 [ 72.707526][ T8068] ? __pfx_seq_read+0x10/0x10 [ 72.709025][ T8068] vfs_read+0x1df/0xbe0 [ 72.710088][ T8068] ? __fget_files+0x1fc/0x3a0 [ 72.711308][ T8068] ? __pfx___mutex_lock+0x10/0x10 [ 72.712553][ T8068] ? __pfx_vfs_read+0x10/0x10 [ 72.713703][ T8068] ? __fget_files+0x206/0x3a0 [ 72.714924][ T8068] ksys_read+0x12b/0x250 [ 72.716315][ T8068] ? __pfx_ksys_read+0x10/0x10 [ 72.718031][ T8068] do_syscall_64+0xcd/0x250 [ 72.719636][ T8068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.721664][ T8068] RIP: 0033:0x7f8c74f7e819 [ 72.723207][ T8068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.729711][ T8068] RSP: 002b:00007f8c75d0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 72.732627][ T8068] RAX: ffffffffffffffda RBX: 00007f8c75135fa0 RCX: 00007f8c74f7e819 [ 72.735284][ T8068] RDX: 0000000000000009 RSI: 00000000200027c0 RDI: 0000000000000003 [ 72.738008][ T8068] RBP: 00007f8c75d0f090 R08: 0000000000000000 R09: 0000000000000000 [ 72.740713][ T8068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.743178][ T8068] R13: 0000000000000000 R14: 00007f8c75135fa0 R15: 00007ffeb80d14e8 [ 72.745185][ T8068] [ 72.764230][ T8073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.769'. [ 72.780564][ T8076] netlink: 'syz.2.770': attribute type 7 has an invalid length. [ 72.831364][ T8080] netlink: 'syz.0.772': attribute type 10 has an invalid length. [ 73.084764][ T8096] vxcan1: entered allmulticast mode [ 73.090990][ T8096] netlink: 'syz.0.779': attribute type 39 has an invalid length. [ 73.093332][ T8096] vxcan1: left allmulticast mode [ 73.142122][ T1958] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 73.229127][ T8107] FAULT_INJECTION: forcing a failure. [ 73.229127][ T8107] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 73.233858][ T8107] CPU: 3 UID: 0 PID: 8107 Comm: syz.1.784 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 73.236877][ T8107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.238623][ T8109] netlink: 'syz.0.785': attribute type 1 has an invalid length. [ 73.240256][ T8107] Call Trace: [ 73.243794][ T8107] [ 73.244703][ T8107] dump_stack_lvl+0x16c/0x1f0 [ 73.246074][ T8107] should_fail_ex+0x497/0x5b0 [ 73.247336][ T8107] ? fs_reclaim_acquire+0xae/0x150 [ 73.248649][ T8107] should_fail_alloc_page+0xe7/0x130 [ 73.249988][ T8107] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 73.251572][ T8107] ? find_held_lock+0x2d/0x110 [ 73.252939][ T8107] __alloc_pages_noprof+0x190/0x25a0 [ 73.253420][ T8109] 8021q: adding VLAN 0 to HW filter on device bond5 [ 73.254382][ T8107] ? is_bpf_text_address+0x8a/0x1a0 [ 73.257900][ T8107] ? __pfx_lock_release+0x10/0x10 [ 73.259201][ T8107] ? __pfx_mark_lock+0x10/0x10 [ 73.260425][ T8107] ? hlock_class+0x4e/0x130 [ 73.261605][ T8107] ? mark_lock+0xb5/0xc60 [ 73.262704][ T8107] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 73.264087][ T8107] ? hlock_class+0x4e/0x130 [ 73.264914][ T8109] vlan5: entered promiscuous mode [ 73.265269][ T8107] ? mark_lock+0xb5/0xc60 [ 73.266894][ T8109] bond5: entered promiscuous mode [ 73.267982][ T8107] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.269776][ T8109] vlan5: entered allmulticast mode [ 73.271157][ T8107] ? policy_nodemask+0xea/0x4e0 [ 73.273057][ T8109] bond5: entered allmulticast mode [ 73.274138][ T8107] alloc_pages_mpol_noprof+0x2c9/0x610 [ 73.277262][ T8107] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 73.278782][ T8107] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 73.280231][ T8107] folio_alloc_mpol_noprof+0x36/0xd0 [ 73.281691][ T8107] vma_alloc_folio_noprof+0xee/0x1b0 [ 73.283206][ T8107] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 73.284790][ T8107] ? find_held_lock+0x2d/0x110 [ 73.286134][ T8107] do_pte_missing+0x202d/0x3e70 [ 73.287486][ T8107] __handle_mm_fault+0x100a/0x2a10 [ 73.289191][ T8107] ? __pfx_mt_find+0x10/0x10 [ 73.290459][ T8107] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 73.291827][ T8107] ? __pfx___handle_mm_fault+0x10/0x10 [ 73.293311][ T8107] ? find_vma+0xc0/0x140 [ 73.294317][ T8107] ? __pfx_find_vma+0x10/0x10 [ 73.295486][ T8107] handle_mm_fault+0x3fa/0xaa0 [ 73.296666][ T8107] do_user_addr_fault+0x7a3/0x13f0 [ 73.297979][ T8107] exc_page_fault+0x5c/0xc0 [ 73.299154][ T8107] asm_exc_page_fault+0x26/0x30 [ 73.300401][ T8107] RIP: 0010:_copy_to_iter+0x4ec/0x1560 [ 73.301797][ T8107] Code: 45 e8 f8 b3 fc fc 48 8b 4c 24 18 89 ee 48 8b 44 24 28 4c 8d 34 01 4c 89 f7 e8 e0 99 5e fd 0f 01 cb 48 89 e9 4c 89 ff 4c 89 f6 a4 0f 1f 00 0f 01 ca 48 89 e8 48 29 eb 48 29 c8 48 01 cb 48 01 [ 73.306566][ T8107] RSP: 0018:ffffc90005b2fa10 EFLAGS: 00050246 [ 73.308107][ T8107] RAX: 0000000000000001 RBX: 0000000000000005 RCX: 0000000000000005 [ 73.310058][ T8107] RDX: ffffed100a6ac401 RSI: ffff888053562000 RDI: 00000000200027c0 [ 73.311964][ T8107] RBP: 0000000000000005 R08: 0000000000000000 R09: ffffed100a6ac400 [ 73.313951][ T8107] R10: ffff888053562004 R11: 0000000000000002 R12: 0000000000000000 [ 73.316520][ T8107] R13: ffffc90005b2fc18 R14: ffff888053562000 R15: 00000000200027c0 [ 73.318699][ T8107] ? __pfx__copy_to_iter+0x10/0x10 [ 73.320009][ T8107] ? __virt_addr_valid+0x1a4/0x590 [ 73.321344][ T8107] ? __virt_addr_valid+0x5e/0x590 [ 73.322098][ T1958] usb 8-1: Using ep0 maxpacket: 8 [ 73.322604][ T8107] ? __phys_addr_symbol+0x30/0x80 [ 73.325521][ T8107] ? __check_object_size+0x488/0x710 [ 73.325826][ T1958] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 73.326784][ T8107] seq_read_iter+0xd00/0x12b0 [ 73.330418][ T8107] seq_read+0x39f/0x4e0 [ 73.331438][ T8107] ? __pfx_seq_read+0x10/0x10 [ 73.331732][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 73.332632][ T8107] ? inode_security+0x101/0x130 [ 73.332647][ T8107] ? avc_policy_seqno+0x9/0x20 [ 73.332665][ T8107] ? __pfx_seq_read+0x10/0x10 [ 73.332675][ T8107] vfs_read+0x1df/0xbe0 [ 73.332686][ T8107] ? __fget_files+0x1fc/0x3a0 [ 73.332698][ T8107] ? __pfx___mutex_lock+0x10/0x10 [ 73.336514][ T1958] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 73.337744][ T8107] ? __pfx_vfs_read+0x10/0x10 [ 73.339341][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 73.340551][ T8107] ? __fget_files+0x206/0x3a0 [ 73.341922][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 73.343050][ T8107] ksys_read+0x12b/0x250 [ 73.343063][ T8107] ? __pfx_ksys_read+0x10/0x10 [ 73.343078][ T8107] do_syscall_64+0xcd/0x250 [ 73.343089][ T8107] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.343104][ T8107] RIP: 0033:0x7f711a17e819 [ 73.343116][ T8107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.343126][ T8107] RSP: 002b:00007f711afb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 73.343137][ T8107] RAX: ffffffffffffffda RBX: 00007f711a335fa0 RCX: 00007f711a17e819 [ 73.343143][ T8107] RDX: 0000000000000009 RSI: 00000000200027c0 RDI: 0000000000000003 [ 73.343149][ T8107] RBP: 00007f711afb9090 R08: 0000000000000000 R09: 0000000000000000 [ 73.343156][ T8107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 73.343162][ T8107] R13: 0000000000000000 R14: 00007f711a335fa0 R15: 00007ffe74261788 [ 73.343175][ T8107] [ 73.389382][ T1958] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 73.391308][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 73.394225][ T1958] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 73.397062][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 73.399715][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 73.404803][ T1958] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 73.406583][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 73.409243][ T1958] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 73.412099][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 73.414786][ T1958] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 73.422577][ T1958] usb 8-1: string descriptor 0 read error: -22 [ 73.424389][ T1958] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 73.426592][ T1958] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.431332][ T1958] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 73.512562][ T8132] netlink: 'syz.1.794': attribute type 1 has an invalid length. [ 73.520956][ T8132] 8021q: adding VLAN 0 to HW filter on device bond6 [ 73.527546][ T8132] vlan3: entered promiscuous mode [ 73.528938][ T8132] bond6: entered promiscuous mode [ 73.530467][ T8132] vlan3: entered allmulticast mode [ 73.531818][ T8132] bond6: entered allmulticast mode [ 73.643677][ T6501] usb 8-1: USB disconnect, device number 3 [ 73.841724][ T39] kauditd_printk_skb: 53 callbacks suppressed [ 73.841738][ T39] audit: type=1400 audit(1732112271.531:584): avc: denied { ioctl } for pid=8152 comm="syz.1.803" path="socket:[20158]" dev="sockfs" ino=20158 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 73.912138][ T5988] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 73.953698][ T39] audit: type=1400 audit(1732112271.651:585): avc: denied { setopt } for pid=8158 comm="syz.1.806" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 73.996588][ T8167] netlink: 'syz.0.808': attribute type 10 has an invalid length. [ 74.078135][ T8176] ufs: You didn't specify the type of your ufs filesystem [ 74.078135][ T8176] [ 74.078135][ T8176] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 74.078135][ T8176] [ 74.078135][ T8176] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 74.089804][ T5988] usb 7-1: Using ep0 maxpacket: 32 [ 74.091802][ T8176] ufs: ufstype=old is supported read-only [ 74.099996][ T5988] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 74.101822][ T8176] ufs: ufs_fill_super(): bad magic number [ 74.102881][ T5988] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 74.102903][ T5988] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 74.102934][ T5988] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 74.102954][ T5988] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 74.102975][ T5988] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 74.103007][ T5988] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 74.124969][ T5988] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.128056][ T5988] usb 7-1: config 0 descriptor?? [ 74.172204][ T65] Bluetooth: hci1: command 0x0c1a tx timeout [ 74.262230][ T65] Bluetooth: hci3: command 0x0405 tx timeout [ 74.262261][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout [ 74.334469][ T5988] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 74.340985][ T5988] usb 7-1: USB disconnect, device number 12 [ 74.344553][ T5988] usblp0: removed [ 74.446368][ T8189] tmpfs: Unknown parameter 'ؘs' [ 74.448952][ T39] audit: type=1400 audit(1732112272.141:586): avc: denied { write } for pid=8188 comm="syz.1.815" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 74.449014][ T8189] random: crng reseeded on system resumption [ 74.549905][ T39] audit: type=1400 audit(1732112272.241:587): avc: denied { read } for pid=8191 comm="syz.3.818" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 74.585670][ T8194] netlink: 'syz.3.819': attribute type 1 has an invalid length. [ 74.598529][ T8194] 8021q: adding VLAN 0 to HW filter on device bond4 [ 74.605913][ T8194] vlan4: entered promiscuous mode [ 74.607356][ T8194] bond4: entered promiscuous mode [ 74.608752][ T8194] vlan4: entered allmulticast mode [ 74.610111][ T8194] bond4: entered allmulticast mode [ 74.633784][ T8189] Unrecognized hibernate image header format! [ 74.635514][ T8189] PM: hibernation: Image mismatch: architecture specific data [ 74.637701][ T39] audit: type=1400 audit(1732112272.331:588): avc: denied { write } for pid=8196 comm="syz.3.820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 74.638584][ T8199] binder: 8196:8199 ioctl c0306201 20004a40 returned -22 [ 74.643035][ T39] audit: type=1400 audit(1732112272.331:589): avc: denied { map } for pid=8188 comm="syz.1.815" path="/217/file0" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 74.865067][ T1958] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 75.012241][ T1958] usb 7-1: Using ep0 maxpacket: 32 [ 75.015308][ T1958] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 75.017945][ T1958] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 75.020012][ T1958] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 75.022543][ T1958] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 75.025734][ T1958] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 75.028900][ T1958] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 75.033389][ T1958] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 75.036392][ T1958] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.047440][ T1958] usb 7-1: config 0 descriptor?? [ 75.072711][ T8209] netlink: 'syz.0.824': attribute type 10 has an invalid length. [ 75.115051][ T8211] __nla_validate_parse: 13 callbacks suppressed [ 75.115061][ T8211] netlink: 28 bytes leftover after parsing attributes in process `syz.0.825'. [ 75.124434][ T8211] vlan6: entered promiscuous mode [ 75.126491][ T8211] vlan6: entered allmulticast mode [ 75.128215][ T8211] hsr_slave_1: entered allmulticast mode [ 75.137815][ T8211] netlink: 4 bytes leftover after parsing attributes in process `syz.0.825'. [ 75.227316][ T8211] hsr_slave_1 (unregistering): left allmulticast mode [ 75.233496][ T8215] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14352 sclass=netlink_route_socket pid=8215 comm=syz.1.826 [ 75.240843][ T8211] hsr_slave_1 (unregistering): left promiscuous mode [ 75.244456][ T8213] netlink: 36 bytes leftover after parsing attributes in process `syz.1.826'. [ 75.260829][ T1958] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 75.374218][ T8221] 9pnet: Could not find request transport: fd0x0000000000000004 [ 75.442365][ T8220] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 75.449278][ T8220] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 75.451630][ T8220] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 75.456956][ T39] audit: type=1400 audit(1732112273.151:590): avc: denied { read write } for pid=8146 comm="syz.2.801" name="lp0" dev="devtmpfs" ino=2865 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 75.477180][ T39] audit: type=1400 audit(1732112273.151:591): avc: denied { open } for pid=8146 comm="syz.2.801" path="/dev/usb/lp0" dev="devtmpfs" ino=2865 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 75.496670][ T39] audit: type=1400 audit(1732112273.161:592): avc: denied { ioctl } for pid=8146 comm="syz.2.801" path="/dev/usb/lp0" dev="devtmpfs" ino=2865 ioctlcmd=0x5003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 76.013200][ T8253] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 76.089484][ T39] audit: type=1400 audit(1732112273.781:593): avc: denied { connect } for pid=8287 comm="syz.1.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 76.109083][ T35] cfg80211: failed to load regulatory.db [ 76.295633][ T8303] sd 0:0:0:0: PR command failed: 1026 [ 76.297560][ T8303] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 76.299963][ T8303] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 76.528189][ T8327] FAULT_INJECTION: forcing a failure. [ 76.528189][ T8327] name failslab, interval 1, probability 0, space 0, times 0 [ 76.531602][ T8327] CPU: 1 UID: 0 PID: 8327 Comm: syz.0.856 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 76.534312][ T8327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.537164][ T8327] Call Trace: [ 76.538101][ T8327] [ 76.538953][ T8327] dump_stack_lvl+0x16c/0x1f0 [ 76.540315][ T8327] should_fail_ex+0x497/0x5b0 [ 76.541637][ T8327] ? fs_reclaim_acquire+0xae/0x150 [ 76.543329][ T8327] should_failslab+0xc2/0x120 [ 76.544662][ T8327] __kmalloc_node_noprof+0xd1/0x430 [ 76.546085][ T8327] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 76.547550][ T8327] ? __pfx_mark_lock+0x10/0x10 [ 76.548933][ T8327] __kvmalloc_node_noprof+0xad/0x1a0 [ 76.550731][ T8327] __kvm_mmu_topup_memory_cache+0x451/0x600 [ 76.552508][ T8327] ? vcpu_run+0x1a9d/0x4f90 [ 76.553982][ T8327] mmu_topup_memory_caches+0x22/0xd0 [ 76.555939][ T8327] kvm_mmu_load+0xda/0x20d0 [ 76.557637][ T8327] ? mark_held_locks+0x9f/0xe0 [ 76.559377][ T8327] ? kvm_apic_has_interrupt+0xb6/0x190 [ 76.561123][ T8327] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 76.562767][ T8327] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 76.564342][ T8327] ? __pfx_kvm_mmu_load+0x10/0x10 [ 76.565743][ T8327] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 76.567345][ T8327] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 76.569059][ T8327] ? record_steal_time+0x41/0xbe0 [ 76.570424][ T8327] vcpu_run+0x3391/0x4f90 [ 76.571652][ T8327] ? __pfx___schedule+0x10/0x10 [ 76.573015][ T8327] ? __pfx_vcpu_run+0x10/0x10 [ 76.574332][ T8327] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 76.575894][ T8327] ? rcu_is_watching+0x12/0xc0 [ 76.577238][ T8327] ? trace_lock_acquire+0x14a/0x1d0 [ 76.578667][ T8327] ? __local_bh_enable_ip+0xa4/0x120 [ 76.580201][ T8327] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 76.581867][ T8327] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 76.583444][ T8327] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 76.584986][ T8327] kvm_vcpu_ioctl+0x6c7/0x1520 [ 76.586290][ T8327] ? do_vfs_ioctl+0x513/0x1990 [ 76.587619][ T8327] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 76.589178][ T8327] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 76.591562][ T8327] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 76.594105][ T8327] ? __pfx_lock_release+0x10/0x10 [ 76.596009][ T8327] ? trace_lock_acquire+0x14a/0x1d0 [ 76.597873][ T8327] ? selinux_file_ioctl+0x180/0x270 [ 76.599779][ T8327] ? selinux_file_ioctl+0xb4/0x270 [ 76.601640][ T8327] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 76.603341][ T8327] __x64_sys_ioctl+0x190/0x200 [ 76.605065][ T8327] do_syscall_64+0xcd/0x250 [ 76.606717][ T8327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.608684][ T8327] RIP: 0033:0x7f5475d7e819 [ 76.610283][ T8327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.615647][ T8327] RSP: 002b:00007f5476b33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 76.617939][ T8327] RAX: ffffffffffffffda RBX: 00007f5475f35fa0 RCX: 00007f5475d7e819 [ 76.620527][ T8327] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 76.623412][ T8327] RBP: 00007f5476b33090 R08: 0000000000000000 R09: 0000000000000000 [ 76.625819][ T8327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.628362][ T8327] R13: 0000000000000000 R14: 00007f5475f35fa0 R15: 00007fffe2cdb228 [ 76.631260][ T8327] [ 76.676577][ T8147] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 76.678439][ T8147] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 76.681852][ T8147] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 76.684345][ T8147] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 76.686861][ T8147] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 76.688441][ T8147] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 76.731294][ T8335] netlink: 4 bytes leftover after parsing attributes in process `syz.0.858'. [ 76.782433][ T1958] usb 7-1: USB disconnect, device number 13 [ 76.798968][ T1958] usblp0: removed [ 76.957206][ T8355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.867'. [ 76.967630][ T8359] binder: BINDER_SET_CONTEXT_MGR already set [ 76.970306][ T8359] binder: 8358:8359 ioctl 4018620d 200002c0 returned -16 [ 77.041295][ T8370] program syz.2.874 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 77.057073][ T8367] smc: net device bond0 applied user defined pnetid SYZ0 [ 77.059609][ T8367] smc: net device bond0 erased user defined pnetid SYZ0 [ 77.062087][ T8367] bridge_slave_0: invalid flags given to default FDB implementation [ 77.088251][ T8378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.878'. [ 77.128868][ T8387] syz.2.877[8387] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.128923][ T8387] syz.2.877[8387] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.133599][ T8387] syz.2.877[8387] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.376051][ T8407] netlink: 4 bytes leftover after parsing attributes in process `syz.3.888'. [ 77.447587][ T8414] FAULT_INJECTION: forcing a failure. [ 77.447587][ T8414] name failslab, interval 1, probability 0, space 0, times 0 [ 77.450407][ T8412] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.450998][ T8414] CPU: 0 UID: 0 PID: 8414 Comm: syz.2.891 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 77.451025][ T8414] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.451032][ T8414] Call Trace: [ 77.451036][ T8414] [ 77.451041][ T8414] dump_stack_lvl+0x16c/0x1f0 [ 77.462196][ T8414] should_fail_ex+0x497/0x5b0 [ 77.463466][ T8414] ? fs_reclaim_acquire+0xae/0x150 [ 77.464849][ T8414] should_failslab+0xc2/0x120 [ 77.466028][ T8414] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 77.467678][ T8414] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 77.469598][ T8414] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 77.471160][ T8414] mmu_topup_memory_caches+0x22/0xd0 [ 77.472594][ T8414] kvm_mmu_load+0xda/0x20d0 [ 77.473802][ T8414] ? mark_held_locks+0x9f/0xe0 [ 77.475075][ T8414] ? kvm_apic_has_interrupt+0xb6/0x190 [ 77.476557][ T8414] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 77.478120][ T8414] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 77.479615][ T8414] ? __pfx_kvm_mmu_load+0x10/0x10 [ 77.480931][ T8414] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 77.482429][ T8414] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 77.484069][ T8414] ? record_steal_time+0x41/0xbe0 [ 77.485435][ T8414] vcpu_run+0x3391/0x4f90 [ 77.486658][ T8414] ? kvm_vcpu_ioctl+0x1de/0x1520 [ 77.488141][ T8414] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 77.489668][ T8414] ? __pfx_vcpu_run+0x10/0x10 [ 77.490925][ T8414] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 77.492437][ T8414] ? rcu_is_watching+0x12/0xc0 [ 77.493722][ T8414] ? trace_lock_acquire+0x14a/0x1d0 [ 77.495081][ T8414] ? __local_bh_enable_ip+0xa4/0x120 [ 77.496545][ T8414] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 77.498058][ T8414] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 77.500002][ T8414] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 77.501608][ T8414] kvm_vcpu_ioctl+0x6c7/0x1520 [ 77.502900][ T8414] ? do_vfs_ioctl+0x513/0x1990 [ 77.504121][ T8414] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 77.505794][ T8414] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 77.508049][ T8414] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 77.509895][ T8414] ? __pfx_lock_release+0x10/0x10 [ 77.511440][ T8414] ? trace_lock_acquire+0x14a/0x1d0 [ 77.512956][ T8414] ? selinux_file_ioctl+0x180/0x270 [ 77.514367][ T8414] ? selinux_file_ioctl+0xb4/0x270 [ 77.516033][ T8414] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 77.517742][ T8414] __x64_sys_ioctl+0x190/0x200 [ 77.519030][ T8414] do_syscall_64+0xcd/0x250 [ 77.520193][ T8414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.521957][ T8414] RIP: 0033:0x7f8c74f7e819 [ 77.523284][ T8414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.528558][ T8414] RSP: 002b:00007f8c75d0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 77.530747][ T8414] RAX: ffffffffffffffda RBX: 00007f8c75135fa0 RCX: 00007f8c74f7e819 [ 77.532871][ T8414] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 77.534924][ T8414] RBP: 00007f8c75d0f090 R08: 0000000000000000 R09: 0000000000000000 [ 77.536950][ T8414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.539060][ T8414] R13: 0000000000000000 R14: 00007f8c75135fa0 R15: 00007ffeb80d14e8 [ 77.541105][ T8414] [ 77.604344][ T8412] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.732934][ T8412] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.793538][ T8412] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.840345][ T8425] syz_tun (unregistering): left promiscuous mode [ 77.853328][ T8431] validate_nla: 3 callbacks suppressed [ 77.853342][ T8431] netlink: 'syz.1.896': attribute type 10 has an invalid length. [ 77.893616][ T8412] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.902051][ T8412] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.913132][ T8412] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.918773][ T8412] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.963952][ T8438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.899'. [ 77.990880][ T8442] 9pnet_fd: Insufficient options for proto=fd [ 78.070555][ T8452] Invalid option length (1047906) for dns_resolver key [ 78.281230][ T8464] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.338423][ T8464] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.436751][ T8467] netlink: 4 bytes leftover after parsing attributes in process `syz.0.909'. [ 78.446982][ T8464] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.516669][ T8464] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.616338][ T8472] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2048 sclass=netlink_route_socket pid=8472 comm=syz.0.911 [ 79.037949][ T8494] netlink: 'syz.2.921': attribute type 1 has an invalid length. [ 79.056930][ T8494] 8021q: adding VLAN 0 to HW filter on device bond7 [ 79.064737][ T8494] vlan5: entered promiscuous mode [ 79.066533][ T8494] bond7: entered promiscuous mode [ 79.067912][ T8494] vlan5: entered allmulticast mode [ 79.069238][ T8494] bond7: entered allmulticast mode [ 79.142194][ T6002] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 79.309469][ T6002] usb 5-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 79.311802][ T8507] netlink: 256 bytes leftover after parsing attributes in process `syz.2.927'. [ 79.312466][ T6002] usb 5-1: config 1 interface 0 has no altsetting 0 [ 79.317907][ T6002] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 79.320257][ T6002] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.322553][ T6002] usb 5-1: Product: syz [ 79.323654][ T6002] usb 5-1: Manufacturer: syz [ 79.325070][ T6002] usb 5-1: SerialNumber: syz [ 79.332441][ T8486] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 79.373430][ T8511] FAULT_INJECTION: forcing a failure. [ 79.373430][ T8511] name failslab, interval 1, probability 0, space 0, times 0 [ 79.377256][ T8511] CPU: 2 UID: 0 PID: 8511 Comm: syz.2.928 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 79.380367][ T8511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.383387][ T8511] Call Trace: [ 79.384362][ T8511] [ 79.385401][ T8511] dump_stack_lvl+0x16c/0x1f0 [ 79.387015][ T8511] should_fail_ex+0x497/0x5b0 [ 79.388385][ T8511] ? fs_reclaim_acquire+0xae/0x150 [ 79.389817][ T8511] should_failslab+0xc2/0x120 [ 79.391211][ T8511] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 79.392794][ T8511] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 79.394521][ T8511] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 79.396485][ T8511] mmu_topup_memory_caches+0x22/0xd0 [ 79.397984][ T8511] kvm_mmu_load+0xda/0x20d0 [ 79.399259][ T8511] ? mark_held_locks+0x9f/0xe0 [ 79.400607][ T8511] ? kvm_apic_has_interrupt+0xb6/0x190 [ 79.402159][ T8511] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 79.403793][ T8511] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 79.405475][ T8511] ? __pfx_kvm_mmu_load+0x10/0x10 [ 79.406891][ T8511] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 79.408599][ T8511] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 79.410560][ T8511] ? record_steal_time+0x41/0xbe0 [ 79.412277][ T8511] vcpu_run+0x3391/0x4f90 [ 79.413767][ T8511] ? kvm_vcpu_ioctl+0x1de/0x1520 [ 79.415457][ T8511] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 79.417431][ T8511] ? __pfx_vcpu_run+0x10/0x10 [ 79.419040][ T8511] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 79.420501][ T8511] ? rcu_is_watching+0x12/0xc0 [ 79.421711][ T8511] ? trace_lock_acquire+0x14a/0x1d0 [ 79.423040][ T8511] ? __local_bh_enable_ip+0xa4/0x120 [ 79.424422][ T8511] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 79.426055][ T8511] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 79.427510][ T8511] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 79.429004][ T8511] kvm_vcpu_ioctl+0x6c7/0x1520 [ 79.430195][ T8511] ? do_vfs_ioctl+0x513/0x1990 [ 79.431450][ T8511] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 79.432783][ T8511] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 79.434567][ T8511] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 79.436625][ T8511] ? __pfx_lock_release+0x10/0x10 [ 79.437932][ T8511] ? trace_lock_acquire+0x14a/0x1d0 [ 79.439357][ T8511] ? selinux_file_ioctl+0x180/0x270 [ 79.440743][ T8511] ? selinux_file_ioctl+0xb4/0x270 [ 79.442100][ T8511] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 79.443416][ T8511] __x64_sys_ioctl+0x190/0x200 [ 79.444667][ T8511] do_syscall_64+0xcd/0x250 [ 79.446108][ T8511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.447628][ T8511] RIP: 0033:0x7f8c74f7e819 [ 79.448777][ T8511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.453753][ T8511] RSP: 002b:00007f8c75d0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 79.456187][ T8511] RAX: ffffffffffffffda RBX: 00007f8c75135fa0 RCX: 00007f8c74f7e819 [ 79.458917][ T8511] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 79.460967][ T8511] RBP: 00007f8c75d0f090 R08: 0000000000000000 R09: 0000000000000000 [ 79.462982][ T8511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 79.465095][ T8511] R13: 0000000000000000 R14: 00007f8c75135fa0 R15: 00007ffeb80d14e8 [ 79.467337][ T8511] [ 79.541551][ T6002] usb 5-1: USB disconnect, device number 13 [ 79.573449][ T8514] 9pnet_fd: Insufficient options for proto=fd [ 79.773437][ T8520] tmpfs: Bad value for 'mpol' [ 79.855002][ T39] kauditd_printk_skb: 11 callbacks suppressed [ 79.855012][ T39] audit: type=1400 audit(1732112277.551:605): avc: denied { setopt } for pid=8522 comm="syz.2.932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 79.856262][ T8523] netem: unknown loss type 0 [ 79.931547][ T8533] bridge0: port 4(macvlan2) entered blocking state [ 79.933881][ T8533] bridge0: port 4(macvlan2) entered disabled state [ 79.935722][ T8533] macvlan2: entered allmulticast mode [ 79.938093][ T8533] macvlan2: left allmulticast mode [ 79.984331][ T8539] FAULT_INJECTION: forcing a failure. [ 79.984331][ T8539] name failslab, interval 1, probability 0, space 0, times 0 [ 79.989076][ T8539] CPU: 0 UID: 0 PID: 8539 Comm: syz.1.938 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 79.992668][ T8539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.996304][ T8539] Call Trace: [ 79.997175][ T8539] [ 79.997969][ T8539] dump_stack_lvl+0x16c/0x1f0 [ 79.999237][ T8539] should_fail_ex+0x497/0x5b0 [ 80.000405][ T8539] ? fs_reclaim_acquire+0xae/0x150 [ 80.001811][ T8539] should_failslab+0xc2/0x120 [ 80.003064][ T8539] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 80.004498][ T8539] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 80.006182][ T8539] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 80.007814][ T8539] mmu_topup_memory_caches+0x22/0xd0 [ 80.009389][ T8539] kvm_mmu_load+0xda/0x20d0 [ 80.010866][ T8539] ? mark_held_locks+0x9f/0xe0 [ 80.012584][ T8539] ? kvm_apic_has_interrupt+0xb6/0x190 [ 80.014503][ T8539] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 80.016588][ T8539] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 80.018585][ T8539] ? __pfx_kvm_mmu_load+0x10/0x10 [ 80.020322][ T8539] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 80.022338][ T8539] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 80.024480][ T8539] ? record_steal_time+0x41/0xbe0 [ 80.026243][ T8539] vcpu_run+0x3391/0x4f90 [ 80.027809][ T8539] ? kvm_vcpu_ioctl+0x1de/0x1520 [ 80.029542][ T8539] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 80.031505][ T8539] ? __pfx_vcpu_run+0x10/0x10 [ 80.033190][ T8539] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 80.035161][ T8539] ? rcu_is_watching+0x12/0xc0 [ 80.036850][ T8539] ? trace_lock_acquire+0x14a/0x1d0 [ 80.038651][ T8539] ? __local_bh_enable_ip+0xa4/0x120 [ 80.040476][ T8539] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 80.042494][ T8539] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 80.044462][ T8539] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 80.045948][ T8539] kvm_vcpu_ioctl+0x6c7/0x1520 [ 80.047259][ T8539] ? do_vfs_ioctl+0x513/0x1990 [ 80.048631][ T8539] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 80.050014][ T8539] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 80.051784][ T8539] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 80.053590][ T8539] ? __pfx_lock_release+0x10/0x10 [ 80.054875][ T8539] ? trace_lock_acquire+0x14a/0x1d0 [ 80.056250][ T8539] ? selinux_file_ioctl+0x180/0x270 [ 80.057663][ T8539] ? selinux_file_ioctl+0xb4/0x270 [ 80.059059][ T8539] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 80.060445][ T8539] __x64_sys_ioctl+0x190/0x200 [ 80.061736][ T8539] do_syscall_64+0xcd/0x250 [ 80.062965][ T8539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.064538][ T8539] RIP: 0033:0x7f711a17e819 [ 80.065749][ T8539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.070741][ T8539] RSP: 002b:00007f711afb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 80.072924][ T8539] RAX: ffffffffffffffda RBX: 00007f711a335fa0 RCX: 00007f711a17e819 [ 80.074950][ T8539] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 80.076949][ T8539] RBP: 00007f711afb9090 R08: 0000000000000000 R09: 0000000000000000 [ 80.078869][ T8539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 80.080934][ T8539] R13: 0000000000000000 R14: 00007f711a335fa0 R15: 00007ffe74261788 [ 80.083019][ T8539] [ 80.178118][ T39] audit: type=1400 audit(1732112277.871:606): avc: denied { name_bind } for pid=8547 comm="syz.0.941" src=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=udp_socket permissive=1 [ 80.242675][ T8554] xt_hashlimit: size too large, truncated to 1048576 [ 80.338783][ T8558] __nla_validate_parse: 4 callbacks suppressed [ 80.338799][ T8558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.944'. [ 80.837998][ T8568] netlink: 8 bytes leftover after parsing attributes in process `syz.2.948'. [ 80.918084][ T39] audit: type=1400 audit(1732112278.611:607): avc: denied { append } for pid=8570 comm="syz.2.949" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 81.207274][ C3] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 81.212606][ T35] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 81.299916][ T8583] netlink: 108 bytes leftover after parsing attributes in process `syz.1.954'. [ 81.303571][ T39] audit: type=1400 audit(1732112279.001:608): avc: denied { relabelfrom } for pid=8582 comm="syz.1.954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 81.308630][ T39] audit: type=1400 audit(1732112279.001:609): avc: denied { relabelto } for pid=8582 comm="syz.1.954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 81.316633][ T8585] netlink: 'syz.0.955': attribute type 10 has an invalid length. [ 81.362578][ T35] usb 7-1: Using ep0 maxpacket: 8 [ 81.367388][ T35] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 81.370204][ T35] usb 7-1: config 0 has no interface number 0 [ 81.372376][ T35] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 81.375590][ T35] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 81.378607][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.383095][ T35] usb 7-1: config 0 descriptor?? [ 81.386647][ T35] iowarrior 7-1:0.1: no interrupt-in endpoint found [ 81.579414][ T8464] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.584471][ T8464] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.589826][ T8464] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.595275][ T8464] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.603269][ T39] audit: type=1400 audit(1732112279.301:610): avc: denied { shutdown } for pid=8591 comm="syz.0.958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 81.682780][ T8604] netlink: 24 bytes leftover after parsing attributes in process `syz.3.960'. [ 81.741637][ T831] usb 7-1: USB disconnect, device number 14 [ 81.753186][ T8612] netlink: 24 bytes leftover after parsing attributes in process `syz.3.963'. [ 81.756798][ T8609] FAULT_INJECTION: forcing a failure. [ 81.756798][ T8609] name failslab, interval 1, probability 0, space 0, times 0 [ 81.760177][ T8609] CPU: 0 UID: 0 PID: 8609 Comm: syz.1.962 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 81.763047][ T8609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.765977][ T8609] Call Trace: [ 81.766832][ T8609] [ 81.767620][ T8609] dump_stack_lvl+0x16c/0x1f0 [ 81.768874][ T8609] should_fail_ex+0x497/0x5b0 [ 81.770146][ T8609] ? fs_reclaim_acquire+0xae/0x150 [ 81.771569][ T8609] should_failslab+0xc2/0x120 [ 81.772862][ T8609] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 81.774297][ T8609] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 81.775952][ T8609] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 81.777523][ T8609] mmu_topup_memory_caches+0x22/0xd0 [ 81.778960][ T8609] kvm_mmu_load+0xda/0x20d0 [ 81.780191][ T8609] ? mark_held_locks+0x9f/0xe0 [ 81.781796][ T8609] ? kvm_apic_has_interrupt+0xb6/0x190 [ 81.783259][ T8609] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 81.784889][ T8609] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 81.786325][ T8609] ? __pfx_kvm_mmu_load+0x10/0x10 [ 81.787632][ T8609] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 81.789218][ T8609] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 81.790996][ T8609] ? record_steal_time+0x41/0xbe0 [ 81.792323][ T8609] vcpu_run+0x3391/0x4f90 [ 81.793485][ T8609] ? kvm_vcpu_ioctl+0x1de/0x1520 [ 81.794840][ T8609] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 81.796324][ T8609] ? __pfx_vcpu_run+0x10/0x10 [ 81.797579][ T8609] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 81.799076][ T8609] ? rcu_is_watching+0x12/0xc0 [ 81.800380][ T8609] ? trace_lock_acquire+0x14a/0x1d0 [ 81.801778][ T8609] ? __local_bh_enable_ip+0xa4/0x120 [ 81.803146][ T8609] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 81.804585][ T8609] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 81.806006][ T8609] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 81.807387][ T8609] kvm_vcpu_ioctl+0x6c7/0x1520 [ 81.808617][ T8609] ? do_vfs_ioctl+0x513/0x1990 [ 81.809826][ T8609] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 81.811192][ T8609] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 81.813003][ T8609] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 81.814811][ T8609] ? __pfx_lock_release+0x10/0x10 [ 81.816156][ T8609] ? trace_lock_acquire+0x14a/0x1d0 [ 81.817572][ T8609] ? selinux_file_ioctl+0x180/0x270 [ 81.819045][ T8609] ? selinux_file_ioctl+0xb4/0x270 [ 81.820519][ T8609] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 81.821936][ T8609] __x64_sys_ioctl+0x190/0x200 [ 81.823216][ T8609] do_syscall_64+0xcd/0x250 [ 81.824432][ T8609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.825959][ T8609] RIP: 0033:0x7f711a17e819 [ 81.827116][ T8609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.832140][ T8609] RSP: 002b:00007f711afb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 81.834343][ T8609] RAX: ffffffffffffffda RBX: 00007f711a335fa0 RCX: 00007f711a17e819 [ 81.836446][ T8609] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 81.838629][ T8609] RBP: 00007f711afb9090 R08: 0000000000000000 R09: 0000000000000000 [ 81.840771][ T8609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 81.842925][ T8609] R13: 0000000000000000 R14: 00007f711a335fa0 R15: 00007ffe74261788 [ 81.845206][ T8609] [ 81.942400][ T8616] netlink: 'syz.1.964': attribute type 10 has an invalid length. [ 82.523456][ T39] audit: type=1400 audit(1732112280.221:611): avc: denied { read } for pid=8646 comm="syz.1.977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 82.673865][ T8658] FAULT_INJECTION: forcing a failure. [ 82.673865][ T8658] name failslab, interval 1, probability 0, space 0, times 0 [ 82.678368][ T8658] CPU: 0 UID: 0 PID: 8658 Comm: syz.0.980 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 82.682082][ T8658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.685805][ T8658] Call Trace: [ 82.687002][ T8658] [ 82.688062][ T8658] dump_stack_lvl+0x16c/0x1f0 [ 82.689741][ T8658] should_fail_ex+0x497/0x5b0 [ 82.691451][ T8658] ? fs_reclaim_acquire+0xae/0x150 [ 82.693338][ T8658] should_failslab+0xc2/0x120 [ 82.695066][ T8658] __kmalloc_noprof+0xcb/0x400 [ 82.696820][ T8658] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 82.698881][ T8658] tomoyo_realpath_from_path+0xb9/0x720 [ 82.700941][ T8658] ? tomoyo_path_number_perm+0x235/0x590 [ 82.703003][ T8658] tomoyo_path_number_perm+0x248/0x590 [ 82.704986][ T8658] ? tomoyo_path_number_perm+0x235/0x590 [ 82.707004][ T8658] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 82.709182][ T8658] ? __pfx_lock_release+0x10/0x10 [ 82.711007][ T8658] ? trace_lock_acquire+0x14a/0x1d0 [ 82.712934][ T8658] ? lock_acquire+0x2f/0xb0 [ 82.714518][ T8658] ? __fget_files+0x40/0x3a0 [ 82.716162][ T8658] ? __fget_files+0x206/0x3a0 [ 82.717795][ T8658] security_file_ioctl+0x9b/0x240 [ 82.719619][ T8658] __x64_sys_ioctl+0xb7/0x200 [ 82.721248][ T8658] do_syscall_64+0xcd/0x250 [ 82.723040][ T8658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.725176][ T8658] RIP: 0033:0x7f5475d7e819 [ 82.726624][ T8658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.733186][ T8658] RSP: 002b:00007f5476b33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 82.735909][ T8658] RAX: ffffffffffffffda RBX: 00007f5475f35fa0 RCX: 00007f5475d7e819 [ 82.738606][ T8658] RDX: 0000000020000000 RSI: 0000000000008927 RDI: 0000000000000003 [ 82.741436][ T8658] RBP: 00007f5476b33090 R08: 0000000000000000 R09: 0000000000000000 [ 82.744309][ T8658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.746978][ T8658] R13: 0000000000000000 R14: 00007f5475f35fa0 R15: 00007fffe2cdb228 [ 82.749733][ T8658] [ 82.751251][ T8658] ERROR: Out of memory at tomoyo_realpath_from_path. [ 82.826366][ T8668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.984'. [ 83.063212][ T8691] netlink: 16 bytes leftover after parsing attributes in process `syz.2.991'. [ 83.068969][ T8691] MPI: mpi too large (16392 bits) [ 83.133108][ T8698] netlink: 'syz.2.994': attribute type 10 has an invalid length. [ 83.167096][ T39] audit: type=1400 audit(1732112280.861:612): avc: denied { listen } for pid=8669 comm="syz.1.983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 83.174107][ T8700] netlink: 8 bytes leftover after parsing attributes in process `syz.0.995'. [ 83.230295][ T8706] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.333658][ T8706] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.451911][ T8706] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.507721][ T8706] bond0: (slave netdevsim0): Releasing backup interface [ 83.511648][ T8706] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.596531][ T8706] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.602657][ T8706] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.607060][ T8706] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.611731][ T8706] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.652741][ T39] audit: type=1400 audit(1732112281.351:613): avc: denied { mount } for pid=8710 comm="syz.1.1000" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1 [ 84.552131][ T5990] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 84.561540][ T8754] netlink: 'syz.0.1014': attribute type 10 has an invalid length. [ 84.590286][ T8756] xt_cluster: node mask cannot exceed total number of nodes [ 84.599949][ T8756] Bluetooth: (null): Too short H5 packet [ 84.712129][ T5990] usb 8-1: Using ep0 maxpacket: 8 [ 84.716822][ T5990] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 84.720002][ T5990] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 84.723849][ T5990] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 20768, setting to 1024 [ 84.727400][ T5990] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 84.730635][ T5990] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 84.732096][ T35] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 84.735929][ T5990] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 84.739578][ T5990] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.771017][ T8764] FAULT_INJECTION: forcing a failure. [ 84.771017][ T8764] name failslab, interval 1, probability 0, space 0, times 0 [ 84.774582][ T8764] CPU: 0 UID: 0 PID: 8764 Comm: syz.0.1017 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 84.777501][ T8764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.780298][ T8764] Call Trace: [ 84.781230][ T8764] [ 84.782186][ T8764] dump_stack_lvl+0x16c/0x1f0 [ 84.783707][ T8764] should_fail_ex+0x497/0x5b0 [ 84.785233][ T8764] ? fs_reclaim_acquire+0xae/0x150 [ 84.786891][ T8764] should_failslab+0xc2/0x120 [ 84.788414][ T8764] __kmalloc_node_track_caller_noprof+0xcf/0x430 [ 84.790432][ T8764] ? __request_module+0x2e4/0x6c0 [ 84.791753][ T8764] kstrdup+0x3c/0x70 [ 84.792856][ T8764] __request_module+0x2e4/0x6c0 [ 84.794116][ T8764] ? dev_load+0x1ff/0x240 [ 84.795474][ T8764] ? __pfx___request_module+0x10/0x10 [ 84.797175][ T8764] ? find_held_lock+0x2d/0x110 [ 84.798718][ T8764] ? __pfx_lock_release+0x10/0x10 [ 84.800333][ T8764] ? trace_lock_acquire+0x14a/0x1d0 [ 84.801981][ T8764] ? cap_capable+0x1cf/0x240 [ 84.803467][ T8764] ? dev_load+0x1de/0x240 [ 84.804858][ T8764] dev_load+0x1ff/0x240 [ 84.806184][ T8764] dev_ioctl+0x9e6/0x10c0 [ 84.807574][ T8764] sock_do_ioctl+0x19e/0x280 [ 84.809056][ T8764] ? __pfx_sock_do_ioctl+0x10/0x10 [ 84.810694][ T8764] ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 84.812728][ T8764] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 84.814834][ T8764] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 84.816992][ T8764] sock_ioctl+0x228/0x6c0 [ 84.818414][ T8764] ? __pfx_sock_ioctl+0x10/0x10 [ 84.820105][ T8764] ? selinux_file_ioctl+0x180/0x270 [ 84.821397][ T8764] ? selinux_file_ioctl+0xb4/0x270 [ 84.822684][ T8764] ? __pfx_sock_ioctl+0x10/0x10 [ 84.823902][ T8764] __x64_sys_ioctl+0x190/0x200 [ 84.825165][ T8764] do_syscall_64+0xcd/0x250 [ 84.826329][ T8764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.827821][ T8764] RIP: 0033:0x7f5475d7e819 [ 84.829021][ T8764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.835142][ T8764] RSP: 002b:00007f5476b33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 84.837456][ T8764] RAX: ffffffffffffffda RBX: 00007f5475f35fa0 RCX: 00007f5475d7e819 [ 84.839428][ T8764] RDX: 0000000020000000 RSI: 0000000000008927 RDI: 0000000000000003 [ 84.841458][ T8764] RBP: 00007f5476b33090 R08: 0000000000000000 R09: 0000000000000000 [ 84.843399][ T8764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.845371][ T8764] R13: 0000000000000000 R14: 00007f5475f35fa0 R15: 00007fffe2cdb228 [ 84.847338][ T8764] [ 84.892140][ T25] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 84.909739][ T8769] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.934010][ T35] usb 6-1: config 0 has no interfaces? [ 84.936963][ T35] usb 6-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 84.939290][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.941343][ T35] usb 6-1: Product: syz [ 84.942607][ T35] usb 6-1: Manufacturer: syz [ 84.943890][ T35] usb 6-1: SerialNumber: syz [ 84.946136][ T35] usb 6-1: config 0 descriptor?? [ 84.948858][ T5990] usb 8-1: usb_control_msg returned -32 [ 84.950666][ T5990] usbtmc 8-1:16.0: can't read capabilities [ 84.976004][ T8769] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.016217][ T8769] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.052124][ T25] usb 7-1: Using ep0 maxpacket: 8 [ 85.055562][ T8769] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.056138][ T25] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 85.060230][ T25] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 85.062829][ T25] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 85.065263][ T25] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 85.067715][ T25] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 85.070845][ T25] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 85.073215][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.179505][ T5990] usb 6-1: USB disconnect, device number 8 [ 85.281153][ T25] usb 7-1: usb_control_msg returned -32 [ 85.282673][ T25] usbtmc 7-1:16.0: can't read capabilities [ 85.504364][ T9] usb 8-1: USB disconnect, device number 4 [ 85.777991][ T39] audit: type=1400 audit(1732112283.471:614): avc: denied { read } for pid=8773 comm="syz.1.1020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 85.998735][ T8779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1022'. [ 86.046013][ T8781] netlink: 'syz.1.1023': attribute type 10 has an invalid length. [ 86.130488][ T8789] FAULT_INJECTION: forcing a failure. [ 86.130488][ T8789] name failslab, interval 1, probability 0, space 0, times 0 [ 86.135352][ T8789] CPU: 0 UID: 0 PID: 8789 Comm: syz.3.1026 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 86.137895][ T8789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.140759][ T8789] Call Trace: [ 86.141657][ T8789] [ 86.142378][ T8789] dump_stack_lvl+0x16c/0x1f0 [ 86.143522][ T8789] should_fail_ex+0x497/0x5b0 [ 86.144709][ T8789] ? fs_reclaim_acquire+0xae/0x150 [ 86.145975][ T8789] should_failslab+0xc2/0x120 [ 86.147127][ T8789] __kmalloc_cache_noprof+0x6b/0x300 [ 86.148450][ T8789] ? rcu_is_watching+0x12/0xc0 [ 86.149661][ T8789] ? call_usermodehelper_setup+0x9a/0x340 [ 86.151083][ T8789] ? __pfx_free_modprobe_argv+0x10/0x10 [ 86.152518][ T8789] call_usermodehelper_setup+0x9a/0x340 [ 86.153857][ T8789] __request_module+0x3d6/0x6c0 [ 86.155055][ T8789] ? dev_load+0x1ff/0x240 [ 86.156157][ T8789] ? __pfx___request_module+0x10/0x10 [ 86.157455][ T8789] ? find_held_lock+0x2d/0x110 [ 86.158673][ T8789] ? __pfx_lock_release+0x10/0x10 [ 86.159932][ T8789] ? trace_lock_acquire+0x14a/0x1d0 [ 86.161225][ T8789] ? cap_capable+0x1cf/0x240 [ 86.162466][ T8789] ? dev_load+0x1de/0x240 [ 86.163546][ T8789] dev_load+0x1ff/0x240 [ 86.164599][ T8789] dev_ioctl+0x9e6/0x10c0 [ 86.165703][ T8789] sock_do_ioctl+0x19e/0x280 [ 86.166876][ T8789] ? __pfx_sock_do_ioctl+0x10/0x10 [ 86.168178][ T8789] ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 86.169789][ T8789] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 86.171443][ T8789] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 86.173215][ T8789] sock_ioctl+0x228/0x6c0 [ 86.174311][ T8789] ? __pfx_sock_ioctl+0x10/0x10 [ 86.175526][ T8789] ? selinux_file_ioctl+0x180/0x270 [ 86.176840][ T8789] ? selinux_file_ioctl+0xb4/0x270 [ 86.178120][ T8789] ? __pfx_sock_ioctl+0x10/0x10 [ 86.179358][ T8789] __x64_sys_ioctl+0x190/0x200 [ 86.180577][ T8789] do_syscall_64+0xcd/0x250 [ 86.181733][ T8789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.183201][ T8789] RIP: 0033:0x7f5f8777e819 [ 86.184407][ T8789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.189451][ T8789] RSP: 002b:00007f5f855f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 86.191551][ T8789] RAX: ffffffffffffffda RBX: 00007f5f87935fa0 RCX: 00007f5f8777e819 [ 86.193530][ T8789] RDX: 0000000020000000 RSI: 0000000000008927 RDI: 0000000000000003 [ 86.195521][ T8789] RBP: 00007f5f855f6090 R08: 0000000000000000 R09: 0000000000000000 [ 86.197492][ T8789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.199541][ T8789] R13: 0000000000000000 R14: 00007f5f87935fa0 R15: 00007ffe9c8405a8 [ 86.201515][ T8789] [ 86.249551][ T8794] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1028'. [ 86.428072][ T8804] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1031'. [ 86.455998][ T39] audit: type=1400 audit(1732112284.151:615): avc: denied { bind } for pid=8805 comm="syz.3.1032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 86.535374][ T8812] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1033'. [ 86.847433][ T8819] FAULT_INJECTION: forcing a failure. [ 86.847433][ T8819] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 86.850715][ T8819] CPU: 3 UID: 0 PID: 8819 Comm: syz.1.1036 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 86.853264][ T8819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.855852][ T8819] Call Trace: [ 86.856686][ T8819] [ 86.857446][ T8819] dump_stack_lvl+0x16c/0x1f0 [ 86.858641][ T8819] should_fail_ex+0x497/0x5b0 [ 86.860044][ T8819] _copy_to_user+0x32/0xd0 [ 86.861400][ T8819] simple_read_from_buffer+0xd0/0x160 [ 86.863038][ T8819] proc_fail_nth_read+0x198/0x270 [ 86.864308][ T8819] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 86.865694][ T8819] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 86.867431][ T8819] vfs_read+0x1df/0xbe0 [ 86.868790][ T8819] ? __fget_files+0x1fc/0x3a0 [ 86.870206][ T8819] ? __pfx___mutex_lock+0x10/0x10 [ 86.871838][ T8819] ? __pfx_vfs_read+0x10/0x10 [ 86.873114][ T8819] ? __fget_files+0x206/0x3a0 [ 86.874613][ T8819] ksys_read+0x12b/0x250 [ 86.875694][ T8819] ? __pfx_ksys_read+0x10/0x10 [ 86.876921][ T8819] do_syscall_64+0xcd/0x250 [ 86.878092][ T8819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.879608][ T8819] RIP: 0033:0x7f711a17d25c [ 86.881023][ T8819] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 86.885762][ T8819] RSP: 002b:00007f711afb9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 86.887913][ T8819] RAX: ffffffffffffffda RBX: 00007f711a335fa0 RCX: 00007f711a17d25c [ 86.890065][ T8819] RDX: 000000000000000f RSI: 00007f711afb90a0 RDI: 0000000000000005 [ 86.892042][ T8819] RBP: 00007f711afb9090 R08: 0000000000000000 R09: 0000000000000000 [ 86.893994][ T8819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 86.895942][ T8819] R13: 0000000000000000 R14: 00007f711a335fa0 R15: 00007ffe74261788 [ 86.897865][ T8819] [ 87.130146][ T8833] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1040'. [ 87.333846][ T8840] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 87.336584][ T8840] openvswitch: netlink: Actions may not be safe on all matching packets [ 87.339407][ T8840] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 87.341896][ T8840] openvswitch: netlink: Actions may not be safe on all matching packets [ 87.344966][ T8840] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 87.347653][ T8840] openvswitch: netlink: Actions may not be safe on all matching packets [ 87.350405][ T8840] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 87.353148][ T8840] openvswitch: netlink: Actions may not be safe on all matching packets [ 87.355949][ T8840] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 87.358642][ T8840] openvswitch: netlink: Actions may not be safe on all matching packets [ 87.530047][ T8845] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1044'. [ 87.593046][ T8769] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.601932][ T8769] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.610151][ T5954] usb 7-1: USB disconnect, device number 15 [ 87.616818][ T8769] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.630003][ T8769] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.679695][ T8854] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 87.682205][ T8854] overlayfs: missing 'lowerdir' [ 87.736224][ T8855] FAULT_INJECTION: forcing a failure. [ 87.736224][ T8855] name failslab, interval 1, probability 0, space 0, times 0 [ 87.739359][ T8855] CPU: 0 UID: 0 PID: 8855 Comm: syz.0.1047 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 87.741878][ T8855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.744633][ T8855] Call Trace: [ 87.745487][ T8855] [ 87.746211][ T8855] dump_stack_lvl+0x16c/0x1f0 [ 87.747419][ T8855] should_fail_ex+0x497/0x5b0 [ 87.748610][ T8855] ? fs_reclaim_acquire+0xae/0x150 [ 87.749877][ T8855] should_failslab+0xc2/0x120 [ 87.751021][ T8855] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 87.752378][ T8855] ? getname_flags.part.0+0x4c/0x550 [ 87.753805][ T8855] ? vfs_write+0x306/0x1150 [ 87.755251][ T8855] getname_flags.part.0+0x4c/0x550 [ 87.756876][ T8855] getname+0x8d/0xe0 [ 87.758110][ T8855] __do_sys_newlstat+0x93/0x140 [ 87.759671][ T8855] ? __pfx___do_sys_newlstat+0x10/0x10 [ 87.761103][ T8855] ? __pfx_ksys_write+0x10/0x10 [ 87.762328][ T8855] do_syscall_64+0xcd/0x250 [ 87.763462][ T8855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.764948][ T8855] RIP: 0033:0x7f5475d7e819 [ 87.766048][ T8855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.770865][ T8855] RSP: 002b:00007f5476b12038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 87.772960][ T8855] RAX: ffffffffffffffda RBX: 00007f5475f36080 RCX: 00007f5475d7e819 [ 87.774953][ T8855] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 87.776918][ T8855] RBP: 00007f5476b12090 R08: 0000000000000000 R09: 0000000000000000 [ 87.778913][ T8855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.780903][ T8855] R13: 0000000000000001 R14: 00007f5475f36080 R15: 00007fffe2cdb228 [ 87.783063][ T8855] [ 87.965125][ T8860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 88.033986][ T8863] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1050'. [ 88.095710][ T39] audit: type=1400 audit(1732112285.791:616): avc: denied { write } for pid=8867 comm="syz.2.1054" name="mouse0" dev="devtmpfs" ino=946 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 88.148639][ T8868] binder: 8867:8868 ioctl c018620c 200002c0 returned -1 [ 88.186119][ T8873] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1055'. [ 88.194299][ T8875] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.275528][ T8875] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.278287][ T39] audit: type=1804 audit(1732112285.971:617): pid=8877 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.1057" name="/newroot/238/file1" dev="fuse" ino=1 res=1 errno=0 [ 88.285663][ T39] audit: type=1804 audit(1732112285.971:618): pid=8877 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1057" name="/newroot/238/file1" dev="fuse" ino=1 res=1 errno=0 [ 88.300977][ T39] audit: type=1326 audit(1732112285.991:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.2.1057" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c74f7e819 code=0x7ffc0000 [ 88.308723][ T39] audit: type=1326 audit(1732112285.991:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.2.1057" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c74f7e819 code=0x7ffc0000 [ 88.317153][ T39] audit: type=1326 audit(1732112285.991:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.2.1057" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c74f7e819 code=0x7ffc0000 [ 88.324649][ T39] audit: type=1326 audit(1732112285.991:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.2.1057" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c74f7e819 code=0x7ffc0000 [ 88.331952][ T39] audit: type=1326 audit(1732112285.991:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.2.1057" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c74f7e819 code=0x7ffc0000 [ 88.361854][ T8875] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.426342][ T8875] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.498814][ T8875] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.504126][ T8875] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.509216][ T8875] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.514397][ T8875] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.572537][ T8886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1061'. [ 88.668050][ T8890] FAULT_INJECTION: forcing a failure. [ 88.668050][ T8890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.676882][ T8890] CPU: 3 UID: 0 PID: 8890 Comm: syz.3.1062 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 88.680153][ T8890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.683527][ T8890] Call Trace: [ 88.684585][ T8890] [ 88.685530][ T8890] dump_stack_lvl+0x16c/0x1f0 [ 88.687112][ T8890] should_fail_ex+0x497/0x5b0 [ 88.688676][ T8890] strncpy_from_user+0x3b/0x2c0 [ 88.690205][ T8890] getname_flags.part.0+0x8f/0x550 [ 88.691868][ T8890] getname+0x8d/0xe0 [ 88.693109][ T8890] __do_sys_newlstat+0x93/0x140 [ 88.694663][ T8890] ? __pfx___do_sys_newlstat+0x10/0x10 [ 88.696407][ T8890] ? __pfx_ksys_write+0x10/0x10 [ 88.697924][ T8890] do_syscall_64+0xcd/0x250 [ 88.699375][ T8890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.701263][ T8890] RIP: 0033:0x7f5f8777e819 [ 88.702669][ T8890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.708652][ T8890] RSP: 002b:00007f5f855d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 88.711243][ T8890] RAX: ffffffffffffffda RBX: 00007f5f87936080 RCX: 00007f5f8777e819 [ 88.713736][ T8890] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 88.716202][ T8890] RBP: 00007f5f855d5090 R08: 0000000000000000 R09: 0000000000000000 [ 88.718614][ T8890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.721029][ T8890] R13: 0000000000000001 R14: 00007f5f87936080 R15: 00007ffe9c8405a8 [ 88.723501][ T8890] [ 88.779415][ T8892] SELinux: Context Ü is not valid (left unmapped). [ 88.781283][ T8892] SELinux: Context @ is not valid (left unmapped). [ 88.784563][ T8892] SELinux: Context is not valid (left unmapped). [ 88.853182][ T8896] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1064'. [ 89.213011][ T8907] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 89.229209][ T8913] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.262105][ T9] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 89.305654][ T8913] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.319390][ T8920] vivid-000: ================= START STATUS ================= [ 89.321699][ T8920] vivid-000: Radio HW Seek Mode: Bounded [ 89.324437][ T8920] vivid-000: Radio Programmable HW Seek: false [ 89.326027][ T8920] vivid-000: RDS Rx I/O Mode: Block I/O [ 89.327463][ T8920] vivid-000: Generate RBDS Instead of RDS: false [ 89.329093][ T8920] vivid-000: RDS Reception: true [ 89.330362][ T8920] vivid-000: RDS Program Type: 0 inactive [ 89.331812][ T8920] vivid-000: RDS PS Name: inactive [ 89.333281][ T8920] vivid-000: RDS Radio Text: inactive [ 89.334681][ T8920] vivid-000: RDS Traffic Announcement: false inactive [ 89.336369][ T8920] vivid-000: RDS Traffic Program: false inactive [ 89.338006][ T8920] vivid-000: RDS Music: false inactive [ 89.339379][ T8920] vivid-000: ================== END STATUS ================== [ 89.355736][ T8913] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.429209][ T8913] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.443861][ T9] usb 6-1: config 0 interface 0 altsetting 18 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 89.447920][ T9] usb 6-1: config 0 interface 0 altsetting 18 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 89.451598][ T9] usb 6-1: config 0 interface 0 altsetting 18 endpoint 0x8F has invalid maxpacket 65535, setting to 64 [ 89.456377][ T9] usb 6-1: config 0 interface 0 has no altsetting 0 [ 89.460600][ T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 89.464367][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.467091][ T9] usb 6-1: Product: syz [ 89.468484][ T9] usb 6-1: Manufacturer: syz [ 89.470111][ T9] usb 6-1: SerialNumber: syz [ 89.473985][ T9] usb 6-1: config 0 descriptor?? [ 89.476408][ T8901] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 89.682426][ T8923] FAULT_INJECTION: forcing a failure. [ 89.682426][ T8923] name failslab, interval 1, probability 0, space 0, times 0 [ 89.682497][ T8923] CPU: 3 UID: 0 PID: 8923 Comm: syz.2.1074 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 89.682517][ T8923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.682527][ T8923] Call Trace: [ 89.682533][ T8923] [ 89.682540][ T8923] dump_stack_lvl+0x16c/0x1f0 [ 89.682571][ T8923] should_fail_ex+0x497/0x5b0 [ 89.682594][ T8923] ? fs_reclaim_acquire+0xae/0x150 [ 89.682616][ T8923] should_failslab+0xc2/0x120 [ 89.682639][ T8923] __kmalloc_noprof+0xcb/0x400 [ 89.682661][ T8923] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 89.682679][ T8923] ? rcu_is_watching+0x12/0xc0 [ 89.682705][ T8923] tomoyo_realpath_from_path+0xb9/0x720 [ 89.682729][ T8923] ? tomoyo_path_perm+0x262/0x460 [ 89.682750][ T8923] tomoyo_path_perm+0x276/0x460 [ 89.682767][ T8923] ? tomoyo_path_perm+0x262/0x460 [ 89.682788][ T8923] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 89.682807][ T8923] ? path_lookupat+0x212/0x770 [ 89.682835][ T8923] ? __pfx_filename_lookup+0x10/0x10 [ 89.682877][ T8923] security_inode_getattr+0x116/0x290 [ 89.682899][ T8923] vfs_statx_path+0x2b/0x310 [ 89.682926][ T8923] vfs_statx+0x11f/0x1c0 [ 89.682950][ T8923] ? __pfx_vfs_statx+0x10/0x10 [ 89.682973][ T8923] ? getname_flags.part.0+0x1c5/0x550 [ 89.683005][ T8923] __do_sys_newlstat+0xb1/0x140 [ 89.683029][ T8923] ? __pfx___do_sys_newlstat+0x10/0x10 [ 89.683067][ T8923] ? __pfx_ksys_write+0x10/0x10 [ 89.683094][ T8923] do_syscall_64+0xcd/0x250 [ 89.683114][ T8923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.683141][ T8923] RIP: 0033:0x7f8c74f7e819 [ 89.683156][ T8923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.683174][ T8923] RSP: 002b:00007f8c75d0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 89.683194][ T8923] RAX: ffffffffffffffda RBX: 00007f8c75135fa0 RCX: 00007f8c74f7e819 [ 89.683207][ T8923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 89.683219][ T8923] RBP: 00007f8c75d0f090 R08: 0000000000000000 R09: 0000000000000000 [ 89.683230][ T8923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.683241][ T8923] R13: 0000000000000000 R14: 00007f8c75135fa0 R15: 00007ffeb80d14e8 [ 89.683265][ T8923] [ 89.683273][ T8923] ERROR: Out of memory at tomoyo_realpath_from_path. [ 89.753064][ T9] appledisplay 6-1:0.0: Error while getting initial brightness: -110 [ 89.760272][ T9] appledisplay 6-1:0.0: probe with driver appledisplay failed with error -110 [ 89.767498][ T9] usb 6-1: USB disconnect, device number 9 [ 90.296399][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.296399][ T8942] loop2: rw=0, sector=64, nr_sectors = 1 limit=0 [ 90.300565][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.300565][ T8942] loop2: rw=0, sector=256, nr_sectors = 1 limit=0 [ 90.304988][ T8942] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 90.308174][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.308174][ T8942] loop2: rw=0, sector=512, nr_sectors = 1 limit=0 [ 90.313098][ T8942] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 90.316000][ T8942] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 90.318366][ T8942] UDF-fs: Scanning with blocksize 512 failed [ 90.320413][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.320413][ T8942] loop2: rw=0, sector=64, nr_sectors = 2 limit=0 [ 90.324187][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.324187][ T8942] loop2: rw=0, sector=512, nr_sectors = 2 limit=0 [ 90.327447][ T8942] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 90.330989][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.330989][ T8942] loop2: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 90.335741][ T8942] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 90.338138][ T8942] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 90.340091][ T8942] UDF-fs: Scanning with blocksize 1024 failed [ 90.341897][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.341897][ T8942] loop2: rw=0, sector=64, nr_sectors = 4 limit=0 [ 90.345988][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.345988][ T8942] loop2: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 90.349266][ T8942] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 90.351918][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.351918][ T8942] loop2: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 90.354299][ T8949] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 90.355374][ T8942] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 90.358400][ T8949] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 90.359983][ T8942] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 90.365038][ T8942] UDF-fs: Scanning with blocksize 2048 failed [ 90.366747][ T8942] syz.2.1081: attempt to access beyond end of device [ 90.366747][ T8942] loop2: rw=0, sector=64, nr_sectors = 8 limit=0 [ 90.369970][ T8942] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 90.373289][ T8942] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 90.375644][ T8942] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 90.377514][ T8942] UDF-fs: Scanning with blocksize 4096 failed [ 90.379064][ T8942] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1) [ 90.414201][ T8947] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 91.011036][ T8955] FAULT_INJECTION: forcing a failure. [ 91.011036][ T8955] name failslab, interval 1, probability 0, space 0, times 0 [ 91.015005][ T8955] CPU: 0 UID: 0 PID: 8955 Comm: syz.1.1085 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 91.018041][ T8955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.021495][ T8955] Call Trace: [ 91.022621][ T8955] [ 91.023611][ T8955] dump_stack_lvl+0x16c/0x1f0 [ 91.024997][ T8955] should_fail_ex+0x497/0x5b0 [ 91.026237][ T8955] ? fs_reclaim_acquire+0xae/0x150 [ 91.027495][ T8955] should_failslab+0xc2/0x120 [ 91.028675][ T8955] __kmalloc_noprof+0xcb/0x400 [ 91.029863][ T8955] tomoyo_encode2+0x100/0x3e0 [ 91.031095][ T8955] tomoyo_encode+0x29/0x50 [ 91.032218][ T8955] tomoyo_realpath_from_path+0x19d/0x720 [ 91.033613][ T8955] ? tomoyo_path_perm+0x262/0x460 [ 91.034924][ T8955] tomoyo_path_perm+0x276/0x460 [ 91.036157][ T8955] ? tomoyo_path_perm+0x262/0x460 [ 91.037369][ T8955] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 91.038713][ T8955] ? path_lookupat+0x212/0x770 [ 91.039930][ T8955] ? __pfx_filename_lookup+0x10/0x10 [ 91.041280][ T8955] security_inode_getattr+0x116/0x290 [ 91.042700][ T8955] vfs_statx_path+0x2b/0x310 [ 91.043887][ T8955] vfs_statx+0x11f/0x1c0 [ 91.045007][ T8955] ? __pfx_vfs_statx+0x10/0x10 [ 91.046234][ T8955] ? getname_flags.part.0+0x1c5/0x550 [ 91.047628][ T8955] __do_sys_newlstat+0xb1/0x140 [ 91.048876][ T8955] ? __pfx___do_sys_newlstat+0x10/0x10 [ 91.050263][ T8955] ? __pfx_ksys_write+0x10/0x10 [ 91.051585][ T8955] do_syscall_64+0xcd/0x250 [ 91.053030][ T8955] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.054759][ T8955] RIP: 0033:0x7f711a17e819 [ 91.056232][ T8955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.062055][ T8955] RSP: 002b:00007f711af98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 91.064587][ T8955] RAX: ffffffffffffffda RBX: 00007f711a336080 RCX: 00007f711a17e819 [ 91.067186][ T8955] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 91.069823][ T8955] RBP: 00007f711af98090 R08: 0000000000000000 R09: 0000000000000000 [ 91.072038][ T8955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.074133][ T8955] R13: 0000000000000001 R14: 00007f711a336080 R15: 00007ffe74261788 [ 91.076182][ T8955] [ 91.077189][ T8955] ERROR: Out of memory at tomoyo_realpath_from_path. [ 91.326712][ T8957] ubi0: attaching mtd0 [ 91.332260][ T8957] ubi0: scanning is finished [ 91.333443][ T8957] ubi0: empty MTD device detected [ 91.339881][ T8959] __nla_validate_parse: 6 callbacks suppressed [ 91.339889][ T8959] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1087'. [ 91.404967][ T8957] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 91.406876][ T8957] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 91.408655][ T8957] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 91.410374][ T8957] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 91.412496][ T8957] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 91.414164][ T8957] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 91.416040][ T8957] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1350556518 [ 91.418445][ T8957] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 91.420886][ T8962] ubi0: background thread "ubi_bgt0d" started, PID 8962 [ 91.446154][ T8965] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1088'. [ 91.448266][ T8966] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1089'. [ 91.640993][ T8995] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1098'. [ 91.754219][ T9000] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1099'. [ 91.782314][ T9002] netlink: 'syz.0.1100': attribute type 31 has an invalid length. [ 91.996689][ T9025] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1107'. [ 92.033246][ T9029] netlink: 'syz.0.1108': attribute type 1 has an invalid length. [ 92.035241][ T9029] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1108'. [ 92.055847][ T9032] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1109'. [ 92.098411][ T9038] netlink: 'syz.0.1111': attribute type 31 has an invalid length. [ 92.153048][ T9044] FAULT_INJECTION: forcing a failure. [ 92.153048][ T9044] name failslab, interval 1, probability 0, space 0, times 0 [ 92.157450][ T9044] CPU: 1 UID: 0 PID: 9044 Comm: syz.2.1112 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 92.160127][ T9044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.162735][ T9044] Call Trace: [ 92.163564][ T9044] [ 92.164305][ T9044] dump_stack_lvl+0x16c/0x1f0 [ 92.165498][ T9044] should_fail_ex+0x497/0x5b0 [ 92.166694][ T9044] ? fs_reclaim_acquire+0xae/0x150 [ 92.167982][ T9044] should_failslab+0xc2/0x120 [ 92.169170][ T9044] __kmalloc_cache_noprof+0x6b/0x300 [ 92.170616][ T9044] ? do_raw_spin_lock+0x12d/0x2c0 [ 92.171947][ T9044] ? netfs_buffer_make_space+0x432/0x6b0 [ 92.173332][ T9044] netfs_buffer_make_space+0x432/0x6b0 [ 92.174665][ T9044] netfs_buffer_append_folio+0x298/0x360 [ 92.176062][ T9044] netfs_write_folio+0x540/0x1930 [ 92.177304][ T9044] netfs_writepages+0x29a/0x9d0 [ 92.178530][ T9044] ? __pfx_netfs_writepages+0x10/0x10 [ 92.179866][ T9044] ? security_inode_getattr+0x116/0x290 [ 92.181281][ T9044] ? __pfx___lock_acquire+0x10/0x10 [ 92.182588][ T9044] ? hlock_class+0x4e/0x130 [ 92.183735][ T9044] ? __pfx_netfs_writepages+0x10/0x10 [ 92.185066][ T9044] do_writepages+0x1b3/0x820 [ 92.186242][ T9044] ? find_held_lock+0x2d/0x110 [ 92.187435][ T9044] ? __pfx_do_writepages+0x10/0x10 [ 92.188735][ T9044] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 92.190227][ T9044] ? __pfx_lock_release+0x10/0x10 [ 92.191509][ T9044] ? do_raw_spin_lock+0x12d/0x2c0 [ 92.192802][ T9044] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 92.194135][ T9044] ? lock_acquire+0x2f/0xb0 [ 92.195278][ T9044] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 92.196753][ T9044] ? do_raw_spin_unlock+0x172/0x230 [ 92.198059][ T9044] ? _raw_spin_unlock+0x28/0x50 [ 92.199291][ T9044] filemap_fdatawrite_wbc+0x104/0x160 [ 92.200644][ T9044] __filemap_fdatawrite_range+0xb3/0xf0 [ 92.202040][ T9044] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 92.203668][ T9044] ? tomoyo_path_perm+0x29c/0x460 [ 92.204943][ T9044] ? inode_has_perm+0x16f/0x1d0 [ 92.206159][ T9044] ? selinux_inode_getattr+0x161/0x1f0 [ 92.207513][ T9044] v9fs_vfs_getattr+0x305/0x400 [ 92.208732][ T9044] ? __pfx_v9fs_vfs_getattr+0x10/0x10 [ 92.210046][ T9044] vfs_getattr_nosec+0x290/0x390 [ 92.211296][ T9044] vfs_statx_path+0x52/0x310 [ 92.212484][ T9044] vfs_statx+0x11f/0x1c0 [ 92.213751][ T9044] ? __pfx_vfs_statx+0x10/0x10 [ 92.214951][ T9044] ? getname_flags.part.0+0x1c5/0x550 [ 92.216276][ T9044] __do_sys_newlstat+0xb1/0x140 [ 92.217509][ T9044] ? __pfx___do_sys_newlstat+0x10/0x10 [ 92.218866][ T9044] ? __pfx_ksys_write+0x10/0x10 [ 92.220106][ T9044] do_syscall_64+0xcd/0x250 [ 92.221257][ T9044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.222737][ T9044] RIP: 0033:0x7f8c74f7e819 [ 92.223913][ T9044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.228651][ T9044] RSP: 002b:00007f8c75cee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 92.230728][ T9044] RAX: ffffffffffffffda RBX: 00007f8c75136080 RCX: 00007f8c74f7e819 [ 92.232695][ T9044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 92.234733][ T9044] RBP: 00007f8c75cee090 R08: 0000000000000000 R09: 0000000000000000 [ 92.236672][ T9044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.238650][ T9044] R13: 0000000000000001 R14: 00007f8c75136080 R15: 00007ffeb80d14e8 [ 92.240582][ T9044] [ 92.242324][ T9044] ------------[ cut here ]------------ [ 92.243834][ T9044] WARNING: CPU: 1 PID: 9044 at lib/iov_iter.c:255 _copy_from_iter+0x3a0/0x1560 [ 92.246217][ T9044] Modules linked in: [ 92.247618][ T9044] CPU: 1 UID: 0 PID: 9044 Comm: syz.2.1112 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 92.251333][ T9044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.254145][ T9044] RIP: 0010:_copy_from_iter+0x3a0/0x1560 [ 92.255577][ T9044] Code: 5f fd 0f 01 cb 48 89 d9 4c 89 f7 48 89 ee f3 a4 0f 1f 00 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 1e ff ff ff e8 f1 65 fd fc 90 <0f> 0b 90 e9 ae fd ff ff e8 e3 65 fd fc 89 ee bf 01 00 00 00 e8 b7 [ 92.260822][ T9044] RSP: 0018:ffffc9000d856ff8 EFLAGS: 00010293 [ 92.262474][ T9044] RAX: 0000000000000000 RBX: 0000000000007fec RCX: ffffffff84903a78 [ 92.264455][ T9044] RDX: ffff888024262440 RSI: ffffffff84903d5f RDI: 0000000000000001 [ 92.266475][ T9044] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 92.268471][ T9044] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804e0d7aa0 [ 92.270457][ T9044] R13: ffffc9000d8573e8 R14: ffff88804e0d7aa0 R15: dffffc0000000000 [ 92.272582][ T9044] FS: 00007f8c75cee6c0(0000) GS:ffff88806a700000(0000) knlGS:0000000000000000 [ 92.274782][ T9044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 92.276447][ T9044] CR2: 00007f8c75cedf98 CR3: 000000004ceca000 CR4: 0000000000352ef0 [ 92.278498][ T9044] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 92.280477][ T9044] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 92.282549][ T9044] Call Trace: [ 92.283397][ T9044] [ 92.284151][ T9044] ? __warn+0xea/0x3d0 [ 92.285204][ T9044] ? _copy_from_iter+0x3a0/0x1560 [ 92.286482][ T9044] ? report_bug+0x3c0/0x580 [ 92.287652][ T9044] ? handle_bug+0x54/0xa0 [ 92.288799][ T9044] ? exc_invalid_op+0x17/0x50 [ 92.289974][ T9044] ? asm_exc_invalid_op+0x1a/0x20 [ 92.291249][ T9044] ? _copy_from_iter+0xb8/0x1560 [ 92.292851][ T9044] ? _copy_from_iter+0x39f/0x1560 [ 92.294114][ T9044] ? _copy_from_iter+0x3a0/0x1560 [ 92.295390][ T9044] ? _copy_from_iter+0x39f/0x1560 [ 92.296661][ T9044] ? __pfx_lock_release+0x10/0x10 [ 92.297926][ T9044] ? __pfx__copy_from_iter+0x10/0x10 [ 92.299296][ T9044] ? __virt_addr_valid+0x1a4/0x590 [ 92.300584][ T9044] ? __virt_addr_valid+0x5e/0x590 [ 92.301852][ T9044] ? const_folio_flags.constprop.0+0x56/0x150 [ 92.303576][ T9044] ? __phys_addr_symbol+0x30/0x80 [ 92.304875][ T9044] ? __check_object_size+0x488/0x710 [ 92.306212][ T9044] p9pdu_vwritef+0x2d0/0x1cf0 [ 92.307396][ T9044] ? p9pdu_writef+0xc4/0x100 [ 92.308584][ T9044] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 92.309884][ T9044] ? __pfx_p9_tag_alloc+0x10/0x10 [ 92.311147][ T9044] ? mark_lock+0xb5/0xc60 [ 92.312366][ T9044] p9_client_prepare_req+0x244/0x4d0 [ 92.313692][ T9044] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 92.315120][ T9044] ? __kernel_text_address+0xd/0x40 [ 92.316415][ T9044] ? unwind_get_return_address+0x59/0xa0 [ 92.317799][ T9044] ? arch_stack_walk+0xa7/0x100 [ 92.319024][ T9044] p9_client_rpc+0x1c3/0xc10 [ 92.320362][ T9044] ? __pfx_p9_client_rpc+0x10/0x10 [ 92.322230][ T9044] ? hlock_class+0x4e/0x130 [ 92.323361][ T9044] ? mark_lock+0xb5/0xc60 [ 92.324447][ T9044] ? __pfx_mark_lock+0x10/0x10 [ 92.325672][ T9044] p9_client_write+0x31f/0x680 [ 92.326869][ T9044] ? __pfx_p9_client_write+0x10/0x10 [ 92.328198][ T9044] ? mark_held_locks+0x9f/0xe0 [ 92.329397][ T9044] v9fs_issue_write+0xe2/0x180 [ 92.330637][ T9044] ? __pfx_v9fs_issue_write+0x10/0x10 [ 92.332130][ T9044] ? rcu_is_watching+0x12/0xc0 [ 92.333410][ T9044] ? trace_netfs_sreq+0x193/0x220 [ 92.334653][ T9044] netfs_do_issue_write+0x92/0x110 [ 92.335923][ T9044] netfs_advance_write+0x384/0xc80 [ 92.337193][ T9044] ? netfs_buffer_append_folio+0x276/0x360 [ 92.338635][ T9044] netfs_write_folio+0xc19/0x1930 [ 92.339887][ T9044] netfs_writepages+0x29a/0x9d0 [ 92.341116][ T9044] ? __pfx_netfs_writepages+0x10/0x10 [ 92.343044][ T9044] ? security_inode_getattr+0x116/0x290 [ 92.344509][ T9044] ? __pfx___lock_acquire+0x10/0x10 [ 92.345793][ T9044] ? hlock_class+0x4e/0x130 [ 92.346917][ T9044] ? __pfx_netfs_writepages+0x10/0x10 [ 92.348245][ T9044] do_writepages+0x1b3/0x820 [ 92.349391][ T9044] ? find_held_lock+0x2d/0x110 [ 92.350600][ T9044] ? __pfx_do_writepages+0x10/0x10 [ 92.351925][ T9044] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 92.353607][ T9044] ? __pfx_lock_release+0x10/0x10 [ 92.354996][ T9044] ? do_raw_spin_lock+0x12d/0x2c0 [ 92.356281][ T9044] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 92.357610][ T9044] ? lock_acquire+0x2f/0xb0 [ 92.358752][ T9044] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 92.360234][ T9044] ? do_raw_spin_unlock+0x172/0x230 [ 92.361528][ T9044] ? _raw_spin_unlock+0x28/0x50 [ 92.362938][ T9044] filemap_fdatawrite_wbc+0x104/0x160 [ 92.364259][ T9044] __filemap_fdatawrite_range+0xb3/0xf0 [ 92.365631][ T9044] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 92.367149][ T9044] ? tomoyo_path_perm+0x29c/0x460 [ 92.368409][ T9044] ? inode_has_perm+0x16f/0x1d0 [ 92.369632][ T9044] ? selinux_inode_getattr+0x161/0x1f0 [ 92.371020][ T9044] v9fs_vfs_getattr+0x305/0x400 [ 92.372376][ T9044] ? __pfx_v9fs_vfs_getattr+0x10/0x10 [ 92.373795][ T9044] vfs_getattr_nosec+0x290/0x390 [ 92.374999][ T9044] vfs_statx_path+0x52/0x310 [ 92.376164][ T9044] vfs_statx+0x11f/0x1c0 [ 92.377225][ T9044] ? __pfx_vfs_statx+0x10/0x10 [ 92.378427][ T9044] ? getname_flags.part.0+0x1c5/0x550 [ 92.379718][ T9044] __do_sys_newlstat+0xb1/0x140 [ 92.380928][ T9044] ? __pfx___do_sys_newlstat+0x10/0x10 [ 92.382376][ T9044] ? __pfx_ksys_write+0x10/0x10 [ 92.383590][ T9044] do_syscall_64+0xcd/0x250 [ 92.384935][ T9044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.386502][ T9044] RIP: 0033:0x7f8c74f7e819 [ 92.387598][ T9044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.392395][ T9044] RSP: 002b:00007f8c75cee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 92.394440][ T9044] RAX: ffffffffffffffda RBX: 00007f8c75136080 RCX: 00007f8c74f7e819 [ 92.396357][ T9044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 92.398302][ T9044] RBP: 00007f8c75cee090 R08: 0000000000000000 R09: 0000000000000000 [ 92.400233][ T9044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.402330][ T9044] R13: 0000000000000001 R14: 00007f8c75136080 R15: 00007ffeb80d14e8 [ 92.404284][ T9044] [ 92.405062][ T9044] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 92.406961][ T9044] CPU: 1 UID: 0 PID: 9044 Comm: syz.2.1112 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0 [ 92.409380][ T9044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.411934][ T9044] Call Trace: [ 92.412759][ T9044] [ 92.413463][ T9044] dump_stack_lvl+0x3d/0x1f0 [ 92.414596][ T9044] panic+0x71d/0x800 [ 92.415581][ T9044] ? __pfx_panic+0x10/0x10 [ 92.416724][ T9044] ? show_trace_log_lvl+0x29d/0x3d0 [ 92.417985][ T9044] ? check_panic_on_warn+0x1f/0xb0 [ 92.419228][ T9044] ? _copy_from_iter+0x3a0/0x1560 [ 92.420415][ T9044] check_panic_on_warn+0xab/0xb0 [ 92.421591][ T9044] __warn+0xf6/0x3d0 [ 92.422568][ T9044] ? _copy_from_iter+0x3a0/0x1560 [ 92.423767][ T9044] report_bug+0x3c0/0x580 [ 92.424801][ T9044] handle_bug+0x54/0xa0 [ 92.425794][ T9044] exc_invalid_op+0x17/0x50 [ 92.426971][ T9044] asm_exc_invalid_op+0x1a/0x20 [ 92.428580][ T9044] RIP: 0010:_copy_from_iter+0x3a0/0x1560 [ 92.430071][ T9044] Code: 5f fd 0f 01 cb 48 89 d9 4c 89 f7 48 89 ee f3 a4 0f 1f 00 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 1e ff ff ff e8 f1 65 fd fc 90 <0f> 0b 90 e9 ae fd ff ff e8 e3 65 fd fc 89 ee bf 01 00 00 00 e8 b7 [ 92.434542][ T9044] RSP: 0018:ffffc9000d856ff8 EFLAGS: 00010293 [ 92.435999][ T9044] RAX: 0000000000000000 RBX: 0000000000007fec RCX: ffffffff84903a78 [ 92.437991][ T9044] RDX: ffff888024262440 RSI: ffffffff84903d5f RDI: 0000000000000001 [ 92.439860][ T9044] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 92.441756][ T9044] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804e0d7aa0 [ 92.443612][ T9044] R13: ffffc9000d8573e8 R14: ffff88804e0d7aa0 R15: dffffc0000000000 [ 92.445558][ T9044] ? _copy_from_iter+0xb8/0x1560 [ 92.446764][ T9044] ? _copy_from_iter+0x39f/0x1560 [ 92.448006][ T9044] ? _copy_from_iter+0x39f/0x1560 [ 92.449271][ T9044] ? __pfx_lock_release+0x10/0x10 [ 92.450475][ T9044] ? __pfx__copy_from_iter+0x10/0x10 [ 92.451771][ T9044] ? __virt_addr_valid+0x1a4/0x590 [ 92.453018][ T9044] ? __virt_addr_valid+0x5e/0x590 [ 92.454255][ T9044] ? const_folio_flags.constprop.0+0x56/0x150 [ 92.455713][ T9044] ? __phys_addr_symbol+0x30/0x80 [ 92.456963][ T9044] ? __check_object_size+0x488/0x710 [ 92.458296][ T9044] p9pdu_vwritef+0x2d0/0x1cf0 [ 92.459599][ T9044] ? p9pdu_writef+0xc4/0x100 [ 92.460753][ T9044] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 92.461996][ T9044] ? __pfx_p9_tag_alloc+0x10/0x10 [ 92.463198][ T9044] ? mark_lock+0xb5/0xc60 [ 92.464260][ T9044] p9_client_prepare_req+0x244/0x4d0 [ 92.465544][ T9044] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 92.466972][ T9044] ? __kernel_text_address+0xd/0x40 [ 92.468270][ T9044] ? unwind_get_return_address+0x59/0xa0 [ 92.469693][ T9044] ? arch_stack_walk+0xa7/0x100 [ 92.470929][ T9044] p9_client_rpc+0x1c3/0xc10 [ 92.472065][ T9044] ? __pfx_p9_client_rpc+0x10/0x10 [ 92.473308][ T9044] ? hlock_class+0x4e/0x130 [ 92.474472][ T9044] ? mark_lock+0xb5/0xc60 [ 92.475564][ T9044] ? __pfx_mark_lock+0x10/0x10 [ 92.476744][ T9044] p9_client_write+0x31f/0x680 [ 92.477917][ T9044] ? __pfx_p9_client_write+0x10/0x10 [ 92.479260][ T9044] ? mark_held_locks+0x9f/0xe0 [ 92.480519][ T9044] v9fs_issue_write+0xe2/0x180 [ 92.481714][ T9044] ? __pfx_v9fs_issue_write+0x10/0x10 [ 92.483017][ T9044] ? rcu_is_watching+0x12/0xc0 [ 92.484190][ T9044] ? trace_netfs_sreq+0x193/0x220 [ 92.485443][ T9044] netfs_do_issue_write+0x92/0x110 [ 92.486688][ T9044] netfs_advance_write+0x384/0xc80 [ 92.487953][ T9044] ? netfs_buffer_append_folio+0x276/0x360 [ 92.489390][ T9044] netfs_write_folio+0xc19/0x1930 [ 92.490642][ T9044] netfs_writepages+0x29a/0x9d0 [ 92.491879][ T9044] ? __pfx_netfs_writepages+0x10/0x10 [ 92.493185][ T9044] ? security_inode_getattr+0x116/0x290 [ 92.494544][ T9044] ? __pfx___lock_acquire+0x10/0x10 [ 92.495831][ T9044] ? hlock_class+0x4e/0x130 [ 92.496972][ T9044] ? __pfx_netfs_writepages+0x10/0x10 [ 92.498307][ T9044] do_writepages+0x1b3/0x820 [ 92.499478][ T9044] ? find_held_lock+0x2d/0x110 [ 92.500632][ T9044] ? __pfx_do_writepages+0x10/0x10 [ 92.501912][ T9044] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 92.503396][ T9044] ? __pfx_lock_release+0x10/0x10 [ 92.504654][ T9044] ? do_raw_spin_lock+0x12d/0x2c0 [ 92.505902][ T9044] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 92.507232][ T9044] ? lock_acquire+0x2f/0xb0 [ 92.508392][ T9044] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 92.509874][ T9044] ? do_raw_spin_unlock+0x172/0x230 [ 92.511180][ T9044] ? _raw_spin_unlock+0x28/0x50 [ 92.512482][ T9044] filemap_fdatawrite_wbc+0x104/0x160 [ 92.513788][ T9044] __filemap_fdatawrite_range+0xb3/0xf0 [ 92.515170][ T9044] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 92.516724][ T9044] ? tomoyo_path_perm+0x29c/0x460 [ 92.517912][ T9044] ? inode_has_perm+0x16f/0x1d0 [ 92.519197][ T9044] ? selinux_inode_getattr+0x161/0x1f0 [ 92.520597][ T9044] v9fs_vfs_getattr+0x305/0x400 [ 92.521842][ T9044] ? __pfx_v9fs_vfs_getattr+0x10/0x10 [ 92.523253][ T9044] vfs_getattr_nosec+0x290/0x390 [ 92.524530][ T9044] vfs_statx_path+0x52/0x310 [ 92.525698][ T9044] vfs_statx+0x11f/0x1c0 [ 92.526776][ T9044] ? __pfx_vfs_statx+0x10/0x10 [ 92.528012][ T9044] ? getname_flags.part.0+0x1c5/0x550 [ 92.529365][ T9044] __do_sys_newlstat+0xb1/0x140 [ 92.530600][ T9044] ? __pfx___do_sys_newlstat+0x10/0x10 [ 92.531989][ T9044] ? __pfx_ksys_write+0x10/0x10 [ 92.533230][ T9044] do_syscall_64+0xcd/0x250 [ 92.534424][ T9044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.535938][ T9044] RIP: 0033:0x7f8c74f7e819 [ 92.537079][ T9044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.541952][ T9044] RSP: 002b:00007f8c75cee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 92.544054][ T9044] RAX: ffffffffffffffda RBX: 00007f8c75136080 RCX: 00007f8c74f7e819 [ 92.546118][ T9044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 92.548125][ T9044] RBP: 00007f8c75cee090 R08: 0000000000000000 R09: 0000000000000000 [ 92.550118][ T9044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.552093][ T9044] R13: 0000000000000001 R14: 00007f8c75136080 R15: 00007ffeb80d14e8 [ 92.554015][ T9044] [ 92.555370][ T9044] Kernel Offset: disabled [ 92.556912][ T9044] Rebooting in 86400 seconds.. VM DIAGNOSIS: 14:18:10 Registers: info registers vcpu 0 CPU#0 RAX=ffffffff96e46aa8 RBX=0000000000000000 RCX=0000000000000005 RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff96e46b6d RBP=0000000000000003 RSP=ffffc9000d877340 R8 =0000000000000000 R9 =fffffbfff2dc8998 R10=ffffffff96e44cc7 R11=0000000000000003 R12=0000000000000000 R13=ffff8880247f4880 R14=0000000000000021 R15=ffff8880247f53d8 RIP=ffffffff816a8353 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8c75ceed58 CR3=000000000df7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c7510c488 00007f8c7510c480 00007f8c7510c478 00007f8c7510c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c75c6d100 00007f8c7510c440 00007f8c7510c458 0000000700080006 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c7510c498 00007f8c7510c490 00007f8c7510c488 00007f8c7510c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff850d5855 RDI=ffffffff9ab02400 RBP=ffffffff9ab023c0 RSP=ffffc9000d856958 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=0000000000000034 R14=ffffffff850d57f0 R15=0000000000000000 RIP=ffffffff850d587f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f8c75cee6c0 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8c75cedf98 CR3=000000004ceca000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000010000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffeb80d1880 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000000c22fd RBX=0000000000000002 RCX=ffffffff8b2663e9 RDX=0000000000000000 RSI=ffffffff8b6cd7c0 RDI=ffffffff8bd1db80 RBP=ffffed1003b57000 RSP=ffffc90000197e08 R8 =0000000000000001 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000000 R12=0000000000000002 R13=ffff88801dab8000 R14=ffffffff905ff290 R15=0000000000000000 RIP=ffffffff8b2677cf RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3a17b8 CR3=000000004ceca000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001030001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c74ff277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c7510c488 00007f8c7510c480 00007f8c7510c478 00007f8c7510c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c75c6d100 00007f8c7510c440 00007f8c7510c458 0000000700080006 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8c7510c498 00007f8c7510c490 00007f8c7510c488 00007f8c7510c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000d7199 RBX=0000000000000003 RCX=ffffffff8b2663e9 RDX=0000000000000000 RSI=ffffffff8b6cd7c0 RDI=ffffffff8bd1db80 RBP=ffffed1003b57488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d527025 R10=ffff88806a93812b R11=0000000000000000 R12=0000000000000003 R13=ffff88801daba440 R14=ffffffff905ff290 R15=0000000000000000 RIP=ffffffff8b2677cf RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000564f8229b908 CR3=0000000031a22000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe9c840940 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f877f25fb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f877f2608 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f877f2602 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f877f2616 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f877f269c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f5f877f277a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000050 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000