last executing test programs: 3.849655115s ago: executing program 3 (id=511): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) close(0x3) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendfile(r2, r1, &(0x7f0000000000)=0xffffffff, 0x1) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@map=r0, 0xffffffffffffffff, 0x26, 0x0, 0x0, @void, @value}, 0x10) 3.789854643s ago: executing program 3 (id=513): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) msgrcv(0x0, 0x0, 0x0, 0x1, 0x1000) msgsnd(0x0, &(0x7f0000000140)={0x1}, 0x8, 0x0) msgctl$MSG_STAT(0x0, 0xb, &(0x7f0000000e00)=""/4096) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000980)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x102) getdents(0xffffffffffffffff, 0x0, 0x0) clock_adjtime(0x0, &(0x7f00000000c0)={0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x4, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}) r1 = socket$unix(0x1, 0x2, 0x0) flistxattr(r1, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000005000000000400000900000001000000", @ANYRES32, @ANYBLOB="000000000000007c71dee100000400000000020000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r2 = socket(0x40000000002, 0x3, 0x1) setsockopt(r2, 0xff, 0x1, 0x0, 0x32) sendmsg$DCCPDIAG_GETSOCK(r2, &(0x7f0000000680)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000640)={&(0x7f0000000500)={0x140, 0x13, 0x10, 0x70bd27, 0x25dfdbfc, {0x2c, 0x5, 0x8, 0x9, {0x4e20, 0x4e23, [0x4, 0x0, 0x5, 0xff], [0xf0d, 0x80, 0x3, 0x7bf7], 0x0, [0x52c9, 0x7fffffff]}, 0x2000000, 0x81}, [@INET_DIAG_REQ_BYTECODE={0x34, 0x1, "5c80c7493367d2aa4d57abd02978011148aa03496a0cbce557bdfd163b3f3cd21552d9e90a6d381f1d0feef9e0121ff4"}, @INET_DIAG_REQ_BYTECODE={0xbf, 0x1, "a9e9ebc7cd734238c962fe1c875d8da542f97192015db00013a8653f13d23155839630fe68c1c659a8c9b220b6fb1735bc39bc7f1c5e7d933be27b4ce6a322fe445e37c559ecf675549f5190e83bde5235db3d447e52df141fd3678534b9ca10059dceb51a052d6a708c429aea8647d142d3d41c7a48b0ea3fe621e795f12cbfba3abde2a9537f8222d8a4cc2c2d8d0e78bb7dc73e86f4d7804d924a76e85bdff7535f7da4895830c4c6e8511c6b5366f4a43fecfa99f3c679aca9"}]}, 0x140}, 0x1, 0x0, 0x0, 0x15011}, 0x8000) r3 = syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2) ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f00000000c0)={0x0, 0x1, 0x2, 0x0, 0x0, 0x8fc0, 0x65f40}) unshare(0x2a020400) r4 = io_uring_setup(0x0, &(0x7f0000000a00)) io_uring_setup(0x3737, &(0x7f0000001200)={0x0, 0x0, 0x420, 0x0, 0x0, 0x0, r4}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r1, 0x8982, &(0x7f0000000340)={0x0, 'vlan1\x00', {0x2}}) execveat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x400) 3.740641863s ago: executing program 1 (id=515): r0 = gettid() timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x1c, 0x800000000004, @tid=r0}, &(0x7f0000000240)=0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESHEX=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r2}, 0x18) capset(0x0, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = socket$netlink(0x10, 0x3, 0x14) writev(r4, 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$kcm(0xa, 0x3, 0x3a) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r5, 0x4b36) modify_ldt$read(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) ioperm(0x0, 0x5, 0x9) tee(r7, r6, 0x8, 0x0) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010101000000000000000002000000040001801800028014000180080001007f00000108000200ac1414aa14001980080001"], 0x44}}, 0x0) sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="5005000000060102007a250000000000050000010600020073797a30000000000900020073797a32000000000900030073797a32000000200900030073797a31000000000900020073797a3200000000"], 0x50}, 0x1, 0x0, 0x0, 0x40000000}, 0x44010) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000000}]}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)=ANY=[@ANYBLOB="28000000180000000000000000000000020000"], 0x28}}, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x14d8}}, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) 3.719116366s ago: executing program 3 (id=516): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv4={0x86dd, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e29, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x16, 0x1, 0x0, 0x0, {[@generic={0x8, 0x2}]}}}}}}}, 0x0) 3.599497878s ago: executing program 3 (id=517): mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0) mmap$snddsp_control(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x83000000) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000000040)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$SEG6_CMD_GET_TUNSRC(r1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="380000001000090c00"/20, @ANYRES32=0x0, @ANYBLOB="0000000200000000180012800e000100776972656775617264"], 0x38}}, 0x0) r4 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xffffff7f, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000038000b63d25a80648c2594f90124fc60", 0x14}], 0x1}, 0x0) r5 = openat$qrtrtun(0xffffff9c, &(0x7f00000001c0), 0x100) poll(&(0x7f0000000200)=[{r5, 0x200}], 0x1, 0xd) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x68, r6, 0x1, 0x0, 0x0, {{}, {0x0, 0x410c}, {0x4c, 0x14, {0xfffffff0, @link='syz1\x00'}}}}, 0x68}}, 0xc801) sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x24, r6, 0x100, 0x70bd25, 0x25dfdbfb, {{}, {}, {0x8, 0x11, 0x3}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x24014010) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYRES32, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0) r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000002c80), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$SEG6_CMD_SETHMAC(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x2c, r7, 0xc01, 0x0, 0x0, {}, [@SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xffffffff}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}]}, 0x2c}}, 0x0) openat$cdrom(0xffffff9c, &(0x7f00000002c0), 0x0, 0x0) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) syz_clone3(&(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000080)=[0x0], 0x4000000000000198}, 0x66) 2.609857667s ago: executing program 1 (id=522): r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x13, 0x7c5, 0x1, 0x3, 0xd59f80, 0x4, 0x2800, 0xb, 0x8, 0x5, 0x722, 0xe72, 0x7, 0x8, 0x38, 0x13, {0xffff945a, 0x1}, 0x3, 0xed}}) 2.497237425s ago: executing program 1 (id=523): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x30, 0x12, @val=@uprobe_multi={&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000001c0)=[0x5], 0x0, 0x2, 0x1}}, 0x40) (fail_nth: 8) 2.407262155s ago: executing program 1 (id=524): r0 = syz_open_dev$vbi(0x0, 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xb40, 0x870, 0x1, 0x2, 0xd59f80, 0x11f2, 0x3f, 0x19ef, 0x3, 0x7, 0x2800, 0x2, 0x2, 0xba2, 0xc, 0x30, {0x8, 0xffffffff}, 0xcf, 0x9}}) 2.406519257s ago: executing program 1 (id=525): openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r3, &(0x7f0000005b80)=[{{&(0x7f00000030c0)={0xa, 0x4e23, 0x0, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="14000000000000000000000000000000000000400000001819d20f05dfa30628af2bddc14dc306379a2bf2b4d7f8c60fc8b8ebadd86fa01383e9c0798ba4091d6d75ecca979d90e84f0619e1bac1a28931741b"], 0x14}}], 0x1, 0x0) mmap$xdp(&(0x7f000044d000/0x1000)=nil, 0x1000, 0x3000003, 0x11, 0xffffffffffffffff, 0x100000000) ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000000)={&(0x7f00001c4000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, 0x3000, 0x0, 0x2}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg0\x00'}) sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="01000000", @ANYRES16=r6, @ANYBLOB="0500000000000000000001000000340008803000008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff06000500030000001400020077673200"/86], 0x5c}}, 0x0) r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) socket$key(0xf, 0x3, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) socket(0x10, 0x3, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x25, &(0x7f00000002c0)=0x7932, 0x4) recvmmsg(r8, &(0x7f0000003280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) ioctl$KVM_CREATE_IRQCHIP(r7, 0xae60) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) 1.997636041s ago: executing program 0 (id=527): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = syz_open_dev$video4linux(&(0x7f0000000080), 0xc53, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r2, 0xc0205648, &(0x7f0000000000)) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}, @TCA_INGRESS_BLOCK={0x8}]}, 0x38}}, 0x0) 1.849914816s ago: executing program 0 (id=528): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = socket$kcm(0xa, 0x2, 0x11) setsockopt$sock_attach_bpf(r1, 0x1, 0x3d, &(0x7f00000002c0), 0x8) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = dup(r2) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000340)={0xc0, 0x0, 0x10000}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async) socket$kcm(0xa, 0x2, 0x11) (async) setsockopt$sock_attach_bpf(r1, 0x1, 0x3d, &(0x7f00000002c0), 0x8) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) dup(r2) (async) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async) ioctl$KVM_CAP_DIRTY_LOG_RING(r2, 0x4068aea3, &(0x7f0000000340)={0xc0, 0x0, 0x10000}) (async) 1.618507961s ago: executing program 3 (id=529): socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) keyctl$read(0x2, 0x0, &(0x7f0000001340)=""/4115, 0x1013) socket$qrtr(0x2a, 0x2, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x8, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x40, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x800, 0x108) mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xa02a, 0x8, 0x0, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) r3 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0) ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1000001000104) ioctl$NBD_SET_SOCK(r3, 0xab00, r2) ioctl$NBD_DO_IT(r1, 0xab03) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x7, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x7c}}, 0x40000) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000060a0b0400000000000000000200000864000480600001800a00011b6d6174636800000050000280340003007dd86dc9b7ff46ffc7961e64e816e2fa144f7707e5f7f6cbd498a6b1affd1a3a7027bb2a1535664f6c1793c8ab258d7f100e0001006d756c7469706f727400000008000240000000010900020073797a32000000000900010073797a30000400001400000011000100000000a60841c70ee3060000000000090000"], 0xb8}}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$NBD_CLEAR_SOCK(r3, 0xab04) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) 1.61678177s ago: executing program 0 (id=530): r0 = gettid() timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x1c, 0x800000000004, @tid=r0}, &(0x7f0000000240)=0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESHEX=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r2}, 0x18) capset(0x0, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = socket$netlink(0x10, 0x3, 0x14) writev(r4, 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$kcm(0xa, 0x3, 0x3a) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r5, 0x4b36) modify_ldt$read(0x0, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) ioperm(0x0, 0x5, 0x9) tee(r7, r6, 0x8, 0x0) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000001010101000000000000000002000000040001801800028014000180080001007f00000108000200ac1414aa14001980080001"], 0x44}}, 0x0) sendmsg$IPSET_CMD_SWAP(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="5005000000060102007a250000000000050000010600020073797a30000000000900020073797a32000000000900030073797a32000000200900030073797a31000000000900020073797a3200000000"], 0x50}, 0x1, 0x0, 0x0, 0x40000000}, 0x44010) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000000}]}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000040)=ANY=[@ANYBLOB="28000000180000000000000000000000020000"], 0x28}}, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="d81400003d00010027"], 0x14d8}}, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) 866.726089ms ago: executing program 1 (id=536): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000280)={0x1}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000040)={[], 0x0, 0x80200}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x4e}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r5) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) timer_create(0x0, 0x0, &(0x7f0000bbdffc)) set_mempolicy(0x1, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x6) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r7 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x3}) socket$nl_netfilter(0x10, 0x3, 0xc) io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x1000000000000160) r8 = socket$inet6(0xa, 0x1, 0x2) connect$inet6(r8, 0x0, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00') 649.69288ms ago: executing program 2 (id=537): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r1) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="a8010000", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000000400048008000200010000000800010000000000680108805400078008000500000000000800050000000000080006000000000008000500000000000800050000000000080005000000000008000500000000000800050000000000080006000000000008000500000000002c"], 0x1a8}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x2c, r5, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}}, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r6, 0x400, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r3}, @void}}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x804) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0xd8, r6, 0x400, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x5, 0x9}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x1c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x2c, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "ad828e20dccccb71251aab8faa5c03be35c6ee7bc038b898"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "c13a4c579b616e2e0b5193dcb0ea75e2406c2c186f2329ef"}], @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40000}, 0x2004c080) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000003f00000008000300", @ANYRES32=r3, @ANYBLOB="14005e80080006000000006361714624e3a7d200"], 0x30}}, 0x0) 643.721841ms ago: executing program 2 (id=538): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x6c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x2e, 0xe, {{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x3c, 0x4, {0x0, 0xd5, 0xb4, 0x6}}, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8, 0xd, 0x7965}]}, 0x6c}}, 0x0) 569.558317ms ago: executing program 0 (id=539): ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, &(0x7f00000000c0)=0x1) ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x13, 0x7c5, 0x1, 0x3, 0xd59f80, 0x4, 0x2800, 0xb, 0x8, 0x5, 0x722, 0xe72, 0x7, 0x8, 0x38, 0x13, {0xffff945a, 0x1}, 0x3, 0xed}}) 567.806641ms ago: executing program 2 (id=540): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)={0x10000009}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) (async) openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) epoll_create1(0x0) (async) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000180)={0x10000009}) (async) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async) ioctl$KVM_RUN(r4, 0xae80, 0x0) (async) 508.891401ms ago: executing program 0 (id=541): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) close_range(r0, 0xffffffffffffffff, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0) r1 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000003c0)=0x0, &(0x7f0000000280)=0x0) r4 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x3}) io_uring_enter(r4, 0x2def, 0x0, 0x0, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r1, 0x3516, 0x7000000, 0x0, 0x0, 0xfffffdcf) 359.923227ms ago: executing program 0 (id=542): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0) syz_usb_connect$uac1(0x4, 0xaf, &(0x7f00000003c0)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0xff, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9d, 0x3, 0x1, 0x8, 0x60, 0x6, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x0, 0x8}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x4, 0x2, 0x1, 0x4, "04bb4f8a86ae"}, @format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x9, 0x4, 0x3f, 0xa, "7fc3d7f7df93"}, @format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0xc, 0x4, 0x1, 0x1}]}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0xa, 0x7, 0x0, {0x7, 0x25, 0x1, 0x1, 0xff, 0xf71}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xe, 0x24, 0x2, 0x1, 0x80, 0x3, 0x6, 0x41, "1acb68", "938933"}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0xde, 0x2, 0x3, 0x40, "0d2390", "14"}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x2, 0x5, 0x7c, {0x7, 0x25, 0x1, 0x0, 0xfa, 0x3}}}}}}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x200, 0x2, 0x1, 0x37, 0x40, 0x5}, 0x16, &(0x7f0000000140)={0x5, 0xf, 0x16, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x0, 0xf, 0xf}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x3}, @ptm_cap={0x3}]}, 0x1, [{0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x401}}]}) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) setxattr(0x0, &(0x7f00000000c0)=@known='com.apple.FinderInfo\x00', 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x50}, [@ldst={0x3, 0x0, 0x3}], {0x95, 0x0, 0x5}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x0, 0x0) dup3(r1, r2, 0x80000) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0) r4 = dup(r3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r4, 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x600, 0x1000000}) syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) r6 = socket(0x40000000015, 0x5, 0x0) connect$inet(r6, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) bind$inet(r6, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8102) r8 = syz_open_dev$ttys(0xc, 0x2, 0x1) r9 = fcntl$dupfd(r7, 0x0, r8) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000200)="672d6a44b036", 0x0, 0x0, 0x0, 0x0, 0x0}) write$tun(r9, &(0x7f0000000400)=ANY=[], 0xa2) read$rfkill(r9, 0x0, 0x0) sendto$inet(r6, 0x0, 0xd0, 0x0, 0x0, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r10, 0x8914, &(0x7f00000002c0)={'veth1_vlan\x00'}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFFLAGS(r11, 0x8914, &(0x7f0000000180)={'veth0_vlan\x00'}) chroot(&(0x7f0000000080)='./file0/../file0\x00') 207.791998ms ago: executing program 2 (id=543): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010300000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r1], 0x4c}}, 0x0) (fail_nth: 8) 149.886142ms ago: executing program 2 (id=544): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000001080)=@ipv6_newnexthop={0x40, 0x68, 0x1, 0x8000000, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x2, {0x0, 0x0, 0x4, 0x0, 0xf, 0x0, 0x3}}}}}, @NHA_OIF={0x8, 0x5, r1}]}, 0x40}}, 0x0) 148.348034ms ago: executing program 2 (id=545): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) (async) r0 = socket(0x28, 0x5, 0x0) (async, rerun: 64) r1 = socket(0x28, 0x5, 0x0) (rerun: 64) bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r1, 0x0) (async) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) (async, rerun: 64) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async, rerun: 64) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async) madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) remap_file_pages(&(0x7f0000491000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0) (async) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) mkdirat(r2, &(0x7f0000000180)='./bus\x00', 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, r2, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async, rerun: 64) setsockopt$MRT6_INIT(0xffffffffffffffff, 0x29, 0xc8, 0x0, 0x0) (async, rerun: 64) setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000040), 0xc) setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, 0x0, 0x0) (async) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) (async) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r6, @ANYBLOB="00001700000000001c0037800b0001006970768a616e00000c0002800600010000000000050027"], 0x44}}, 0x0) (async) setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000000)={0x1, 0x1, 0x6, r6, 0x8}, 0xc) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0) (async) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e240003000000f7c08b0e278ad10ab08ba900b92d276d720984d211fbdf23ea32db0e8f21d5bc27d85e44751170", 0x31}], 0x2) (async) fstat(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_rdma(&(0x7f0000000200), &(0x7f0000000240)='./cgroup\x00', &(0x7f00000002c0), 0x1000000, &(0x7f00000004c0)={'trans=rdma,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@timeout}], [{@uid_lt={'uid<', r8}}]}}) (async, rerun: 32) setresuid(0x0, 0x0, r8) (rerun: 32) ppoll(&(0x7f0000000500)=[{r3}], 0x1, 0x0, 0x0, 0x0) (async, rerun: 32) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x3000, 0x0, 0x0, 0x80000000}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) (rerun: 32) 0s ago: executing program 3 (id=546): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000001080)=@ipv6_newnexthop={0x40, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x2, {0x0, 0x0, 0x4, 0x0, 0xf, 0x0, 0x3}}}}}, @NHA_OIF={0x8, 0x5, r1}]}, 0x40}}, 0x0) (fail_nth: 8) kernel console output (not intermixed with test programs): Device=8e.8f [ 83.708437][ T828] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 83.711183][ T828] usb 6-1: Product: syz [ 83.712604][ T828] usb 6-1: SerialNumber: syz [ 83.715605][ T828] usb 6-1: config 0 descriptor?? [ 83.737937][ T828] cm109 6-1:0.8: invalid payload size 0, expected 4 [ 83.741493][ T828] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input5 [ 83.761093][ T5386] usb 7-1: USB disconnect, device number 8 [ 84.417394][ T5931] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 84.442287][ T5732] usb 6-1: USB disconnect, device number 8 [ 84.442345][ C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 84.446313][ C0] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 84.461496][ T5732] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 84.589337][ T5931] usb 8-1: config 0 has no interfaces? [ 84.590999][ T5931] usb 8-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 84.593687][ T5931] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.608583][ T5931] usb 8-1: config 0 descriptor?? [ 84.866500][ T6201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 84.870236][ T6201] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 84.878923][ T39] audit: type=1400 audit(1727432255.143:4): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616 [ 84.887862][ T6202] ufs: You didn't specify the type of your ufs filesystem [ 84.887862][ T6202] [ 84.887862][ T6202] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 84.887862][ T6202] [ 84.887862][ T6202] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 84.937442][ T6202] ufs: ufstype=old is supported read-only [ 84.939360][ T6202] ufs: ufs_fill_super(): bad magic number [ 84.998616][ T6209] netlink: 16 bytes leftover after parsing attributes in process `syz.0.221'. [ 85.003946][ T30] usb 8-1: USB disconnect, device number 12 [ 85.254756][ T6222] warning: `syz.1.224' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 85.382647][ T6226] FAULT_INJECTION: forcing a failure. [ 85.382647][ T6226] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 85.387612][ T6226] CPU: 1 UID: 0 PID: 6226 Comm: syz.0.225 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 85.391298][ T6226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.395086][ T6226] Call Trace: [ 85.396316][ T6226] [ 85.397374][ T6226] dump_stack_lvl+0x16c/0x1f0 [ 85.399029][ T6226] should_fail_ex+0x497/0x5b0 [ 85.400645][ T6226] _copy_from_user+0x30/0xf0 [ 85.402293][ T6226] do_tcp_setsockopt+0x1c5f/0x2820 [ 85.404061][ T6226] ? __pfx_do_tcp_setsockopt+0x10/0x10 [ 85.405919][ T6226] ? __pfx___lock_acquire+0x10/0x10 [ 85.407782][ T6226] ? aa_sk_perm+0x2f5/0xb20 [ 85.409434][ T6226] ? __pfx_aa_sk_perm+0x10/0x10 [ 85.411186][ T6226] tcp_setsockopt+0xe2/0x100 [ 85.412847][ T6226] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 85.414966][ T6226] do_sock_setsockopt+0x222/0x480 [ 85.416759][ T6226] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 85.418929][ T6226] ? fdget+0x176/0x210 [ 85.420353][ T6226] __sys_setsockopt+0x1a4/0x270 [ 85.422103][ T6226] ? __pfx___sys_setsockopt+0x10/0x10 [ 85.423983][ T6226] ? fput+0x30/0x390 [ 85.425383][ T6226] ? ksys_write+0x1ad/0x260 [ 85.426969][ T6226] ? __pfx_ksys_write+0x10/0x10 [ 85.428745][ T6226] __ia32_sys_setsockopt+0xbc/0x160 [ 85.430635][ T6226] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.432514][ T6226] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 85.434940][ T6226] __do_fast_syscall_32+0x73/0x120 [ 85.436801][ T6226] do_fast_syscall_32+0x32/0x80 [ 85.438475][ T6226] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 85.440574][ T6226] RIP: 0023:0xf73ae579 [ 85.441937][ T6226] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 85.447976][ T6226] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 85.450632][ T6226] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000006 [ 85.453272][ T6226] RDX: 0000000000000016 RSI: 0000000020000000 RDI: 00000000000021a5 [ 85.456134][ T6226] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 85.458943][ T6226] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 85.461739][ T6226] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 85.464608][ T6226] [ 85.513233][ T6228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.226'. [ 85.534750][ T6228] netlink: 'syz.0.226': attribute type 1 has an invalid length. [ 85.626137][ T6239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.230'. [ 85.631347][ T6239] FAULT_INJECTION: forcing a failure. [ 85.631347][ T6239] name failslab, interval 1, probability 0, space 0, times 0 [ 85.635154][ T6239] CPU: 0 UID: 0 PID: 6239 Comm: syz.3.230 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 85.637891][ T6239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.640642][ T6239] Call Trace: [ 85.641517][ T6239] [ 85.642314][ T6239] dump_stack_lvl+0x16c/0x1f0 [ 85.643560][ T6239] should_fail_ex+0x497/0x5b0 [ 85.644795][ T6239] should_failslab+0xc2/0x120 [ 85.646027][ T6239] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 85.647437][ T6239] ? skb_clone+0x190/0x3f0 [ 85.648630][ T6239] skb_clone+0x190/0x3f0 [ 85.650538][ T6239] netlink_deliver_tap+0xb26/0xcf0 [ 85.651910][ T6239] netlink_unicast+0x6b4/0x7f0 [ 85.653196][ T6239] ? __pfx_netlink_unicast+0x10/0x10 [ 85.654585][ T6239] netlink_ack+0x6a5/0xb20 [ 85.655758][ T6239] netlink_rcv_skb+0x327/0x410 [ 85.657006][ T6239] ? __pfx_xfrm_user_rcv_msg+0x10/0x10 [ 85.658426][ T6239] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 85.659822][ T6239] ? __mutex_lock+0x1a6/0x9c0 [ 85.661065][ T6239] ? netlink_deliver_tap+0x1ae/0xcf0 [ 85.662482][ T6239] xfrm_netlink_rcv+0x71/0x90 [ 85.663732][ T6239] netlink_unicast+0x53c/0x7f0 [ 85.664994][ T6239] ? __pfx_netlink_unicast+0x10/0x10 [ 85.666369][ T6239] ? __phys_addr_symbol+0x30/0x80 [ 85.667691][ T6239] ? __check_object_size+0x488/0x710 [ 85.669066][ T6239] netlink_sendmsg+0x8b8/0xd70 [ 85.670305][ T6239] ? __pfx_netlink_sendmsg+0x10/0x10 [ 85.671709][ T6239] ____sys_sendmsg+0x9ae/0xb40 [ 85.672963][ T6239] ? __pfx_____sys_sendmsg+0x10/0x10 [ 85.674339][ T6239] ? get_compat_msghdr+0x11b/0x170 [ 85.675691][ T6239] ? __pfx___lock_acquire+0x10/0x10 [ 85.677050][ T6239] ___sys_sendmsg+0x135/0x1e0 [ 85.678291][ T6239] ? __pfx____sys_sendmsg+0x10/0x10 [ 85.679663][ T6239] ? ksys_write+0x21e/0x260 [ 85.680854][ T6239] ? __pfx_lock_release+0x10/0x10 [ 85.682177][ T6239] ? fdget+0x176/0x210 [ 85.683275][ T6239] __sys_sendmsg+0x117/0x1f0 [ 85.684493][ T6239] ? __pfx___sys_sendmsg+0x10/0x10 [ 85.685834][ T6239] ? __fget_files+0x244/0x3f0 [ 85.687081][ T6239] __do_fast_syscall_32+0x73/0x120 [ 85.688417][ T6239] do_fast_syscall_32+0x32/0x80 [ 85.689689][ T6239] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 85.691326][ T6239] RIP: 0023:0xf7fef579 [ 85.692393][ T6239] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 85.697348][ T6239] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 85.699507][ T6239] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000380 [ 85.701558][ T6239] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 85.703631][ T6239] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 85.705726][ T6239] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 85.707785][ T6239] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 85.709843][ T6239] [ 86.151135][ T39] audit: type=1326 audit(1727432256.413:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.1.234" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f37579 code=0x0 [ 86.208902][ T5347] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 86.211987][ T5347] Bluetooth: hci0: Injecting HCI hardware error event [ 86.215553][ T5347] Bluetooth: hci0: hardware error 0x00 [ 86.230558][ T828] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 86.438764][ T828] usb 5-1: config 0 has no interfaces? [ 86.440163][ T828] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 86.442303][ T828] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.445377][ T828] usb 5-1: config 0 descriptor?? [ 86.707702][ T6273] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 86.711616][ T6273] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 86.780279][ T5732] usb 5-1: USB disconnect, device number 6 [ 86.874003][ T6282] EXT4-fs (sda1): shut down requested (2) [ 86.876494][ T6282] Aborting journal on device sda1-8. [ 86.999538][ T6291] FAULT_INJECTION: forcing a failure. [ 86.999538][ T6291] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.004231][ T6291] CPU: 3 UID: 0 PID: 6291 Comm: syz.2.243 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 87.007870][ T6291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.011730][ T6291] Call Trace: [ 87.012966][ T6291] [ 87.014081][ T6291] dump_stack_lvl+0x16c/0x1f0 [ 87.015838][ T6291] should_fail_ex+0x497/0x5b0 [ 87.017555][ T6291] _copy_from_user+0x30/0xf0 [ 87.019192][ T6291] do_tcp_setsockopt+0x1c5f/0x2820 [ 87.020969][ T6291] ? __pfx_do_tcp_setsockopt+0x10/0x10 [ 87.022920][ T6291] ? __pfx___lock_acquire+0x10/0x10 [ 87.024294][ T6291] ? aa_sk_perm+0x2f5/0xb20 [ 87.025491][ T6291] ? __pfx_aa_sk_perm+0x10/0x10 [ 87.026777][ T6291] tcp_setsockopt+0xe2/0x100 [ 87.027984][ T6291] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 87.029529][ T6291] do_sock_setsockopt+0x222/0x480 [ 87.030861][ T6291] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 87.032307][ T6291] ? fdget+0x176/0x210 [ 87.033383][ T6291] __sys_setsockopt+0x1a4/0x270 [ 87.034672][ T6291] ? __pfx___sys_setsockopt+0x10/0x10 [ 87.036074][ T6291] ? fput+0x30/0x390 [ 87.037171][ T6291] ? ksys_write+0x1ad/0x260 [ 87.038792][ T6291] ? __pfx_ksys_write+0x10/0x10 [ 87.040638][ T6291] __ia32_sys_setsockopt+0xbc/0x160 [ 87.042386][ T6291] ? lockdep_hardirqs_on+0x7c/0x110 [ 87.043786][ T6291] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 87.045646][ T6291] __do_fast_syscall_32+0x73/0x120 [ 87.047126][ T6291] do_fast_syscall_32+0x32/0x80 [ 87.048696][ T6291] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.050338][ T6291] RIP: 0023:0xf7fb3579 [ 87.051411][ T6291] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 87.056471][ T6291] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 87.058710][ T6291] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000006 [ 87.060763][ T6291] RDX: 0000000000000016 RSI: 0000000020000000 RDI: 00000000000000e4 [ 87.062823][ T6291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 87.064870][ T6291] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 87.066981][ T6291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 87.069756][ T6291] [ 87.105595][ T6300] netlink: 'syz.2.247': attribute type 10 has an invalid length. [ 87.110010][ T6300] FAULT_INJECTION: forcing a failure. [ 87.110010][ T6300] name failslab, interval 1, probability 0, space 0, times 0 [ 87.113315][ T6300] CPU: 3 UID: 0 PID: 6300 Comm: syz.2.247 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 87.115977][ T6300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.119765][ T6300] Call Trace: [ 87.120982][ T6300] [ 87.121999][ T6300] dump_stack_lvl+0x16c/0x1f0 [ 87.123282][ T6300] should_fail_ex+0x497/0x5b0 [ 87.124520][ T6300] should_failslab+0xc2/0x120 [ 87.125754][ T6300] kmem_cache_alloc_node_noprof+0x71/0x310 [ 87.127531][ T6300] ? __alloc_skb+0x2b3/0x380 [ 87.129227][ T6300] __alloc_skb+0x2b3/0x380 [ 87.130882][ T6300] ? __pfx___alloc_skb+0x10/0x10 [ 87.132679][ T6300] ? if_nlmsg_size+0x451/0xa60 [ 87.134194][ T6300] rtmsg_ifinfo_build_skb+0x81/0x280 [ 87.136160][ T6300] rtmsg_ifinfo+0x9f/0x1a0 [ 87.137450][ T6300] __dev_notify_flags+0x24e/0x2e0 [ 87.139122][ T6300] ? __pfx___dev_notify_flags+0x10/0x10 [ 87.140977][ T6300] ? __pfx___dev_change_flags+0x10/0x10 [ 87.142869][ T6300] ? tick_nohz_tick_stopped+0x6c/0xa0 [ 87.144667][ T6300] ? __irq_work_queue_local+0x136/0x440 [ 87.146536][ T6300] dev_change_flags+0x10c/0x160 [ 87.148384][ T6300] do_setlink+0x19dd/0x3ee0 [ 87.150049][ T6300] ? __pfx_lock_release+0x10/0x10 [ 87.151906][ T6300] ? __pfx_do_setlink+0x10/0x10 [ 87.153691][ T6300] ? vprintk+0x86/0xa0 [ 87.155170][ T6300] ? _printk+0xc8/0x100 [ 87.156643][ T6300] ? __pfx__printk+0x10/0x10 [ 87.158122][ T6300] ? ___ratelimit+0x24c/0x570 [ 87.159373][ T6300] ? is_bpf_text_address+0x94/0x1a0 [ 87.160737][ T6300] ? __pfx____ratelimit+0x10/0x10 [ 87.162048][ T6300] ? __kernel_text_address+0xd/0x40 [ 87.163437][ T6300] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 87.164975][ T6300] ? __nla_validate_parse+0x605/0x2b10 [ 87.166399][ T6300] ? __pfx___nla_validate_parse+0x10/0x10 [ 87.168351][ T6300] ? stack_trace_save+0x95/0xd0 [ 87.169837][ T6300] ? __pfx_stack_trace_save+0x10/0x10 [ 87.171599][ T6300] ? hlock_class+0x4e/0x130 [ 87.172744][ T6300] ? stack_depot_save_flags+0x28/0x900 [ 87.174120][ T6300] ? __nla_parse+0x40/0x60 [ 87.175259][ T6300] __rtnl_newlink+0xc3a/0x1920 [ 87.176478][ T6300] ? __pfx___rtnl_newlink+0x10/0x10 [ 87.177835][ T6300] rtnl_newlink+0x67/0xa0 [ 87.179039][ T6300] ? __pfx_rtnl_newlink+0x10/0x10 [ 87.180304][ T6300] rtnetlink_rcv_msg+0x3c7/0xea0 [ 87.181558][ T6300] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 87.182993][ T6300] ? __pfx___dev_queue_xmit+0x10/0x10 [ 87.184382][ T6300] netlink_rcv_skb+0x165/0x410 [ 87.185540][ T6300] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 87.186980][ T6300] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 87.188345][ T6300] ? netlink_deliver_tap+0x1ae/0xcf0 [ 87.189615][ T6300] netlink_unicast+0x53c/0x7f0 [ 87.190803][ T6300] ? __pfx_netlink_unicast+0x10/0x10 [ 87.192130][ T6300] ? __phys_addr_symbol+0x30/0x80 [ 87.193436][ T6300] ? __check_object_size+0x4a1/0x710 [ 87.194834][ T6300] netlink_sendmsg+0x8b8/0xd70 [ 87.196086][ T6300] ? __pfx_netlink_sendmsg+0x10/0x10 [ 87.197768][ T6300] ____sys_sendmsg+0x9ae/0xb40 [ 87.199497][ T6300] ? __pfx_____sys_sendmsg+0x10/0x10 [ 87.201401][ T6300] ? get_compat_msghdr+0x11b/0x170 [ 87.203289][ T6300] ? __pfx___lock_acquire+0x10/0x10 [ 87.205208][ T6300] ___sys_sendmsg+0x135/0x1e0 [ 87.206887][ T6300] ? __pfx____sys_sendmsg+0x10/0x10 [ 87.208821][ T6300] ? ksys_write+0x21e/0x260 [ 87.210211][ T6300] ? __pfx_lock_release+0x10/0x10 [ 87.211897][ T6300] ? fdget+0x176/0x210 [ 87.213186][ T6300] __sys_sendmsg+0x117/0x1f0 [ 87.214649][ T6300] ? __pfx___sys_sendmsg+0x10/0x10 [ 87.216016][ T6300] ? __fget_files+0x244/0x3f0 [ 87.217273][ T6300] __do_fast_syscall_32+0x73/0x120 [ 87.218542][ T6300] do_fast_syscall_32+0x32/0x80 [ 87.219811][ T6300] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.221402][ T6300] RIP: 0023:0xf7fb3579 [ 87.222450][ T6300] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 87.227375][ T6300] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 87.230136][ T6300] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000600 [ 87.232705][ T6300] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 87.235306][ T6300] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 87.237889][ T6300] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 87.240448][ T6300] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 87.242953][ T6300] [ 87.250899][ T6300] bond0: (slave vlan0): Enslaving as an active interface with an up link [ 88.287548][ T5347] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 88.507814][ T6330] netlink: 'syz.2.256': attribute type 10 has an invalid length. [ 88.793833][ T6344] FAULT_INJECTION: forcing a failure. [ 88.793833][ T6344] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.800286][ T6344] CPU: 1 UID: 0 PID: 6344 Comm: syz.0.260 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 88.803451][ T6344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.806442][ T6344] Call Trace: [ 88.807363][ T6344] [ 88.808184][ T6344] dump_stack_lvl+0x16c/0x1f0 [ 88.809465][ T6344] should_fail_ex+0x497/0x5b0 [ 88.810814][ T6344] _copy_to_user+0x30/0xc0 [ 88.812002][ T6344] bpf_test_finish.isra.0+0x52b/0x680 [ 88.813554][ T6344] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 88.815289][ T6344] ? krealloc_noprof+0xff/0x130 [ 88.816631][ T6344] bpf_prog_test_run_skb+0x11bb/0x2140 [ 88.818245][ T6344] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 88.819819][ T6344] ? fput+0x30/0x390 [ 88.820873][ T6344] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 88.822472][ T6344] __sys_bpf+0x1921/0x5780 [ 88.823740][ T6344] ? ksys_write+0x21e/0x260 [ 88.825059][ T6344] ? __pfx___sys_bpf+0x10/0x10 [ 88.826385][ T6344] ? vfs_write+0x14d/0x1140 [ 88.827608][ T6344] ? __mutex_unlock_slowpath+0x164/0x650 [ 88.829105][ T6344] ? fput+0x30/0x390 [ 88.830260][ T6344] ? ksys_write+0x1ad/0x260 [ 88.831537][ T6344] ? __pfx_ksys_write+0x10/0x10 [ 88.832884][ T6344] __ia32_sys_bpf+0x76/0xe0 [ 88.834172][ T6344] __do_fast_syscall_32+0x73/0x120 [ 88.835643][ T6344] do_fast_syscall_32+0x32/0x80 [ 88.837109][ T6344] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 88.839102][ T6344] RIP: 0023:0xf73ae579 [ 88.840291][ T6344] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 88.845345][ T6344] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 88.847563][ T6344] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0 [ 88.849670][ T6344] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 88.851787][ T6344] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 88.854172][ T6344] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 88.856728][ T6344] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 88.859107][ T6344] [ 89.119313][ T6339] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 89.577389][ T30] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 89.747389][ T30] usb 7-1: Using ep0 maxpacket: 8 [ 89.758799][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 89.761172][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 89.763846][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 89.766856][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 89.771922][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 89.774836][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 89.778048][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 89.785669][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 89.788742][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 89.790740][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 89.793163][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 89.796364][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 89.799865][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 89.802694][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 89.811348][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 89.813626][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 89.815536][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 89.818388][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 89.821807][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 89.825365][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 89.828628][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 89.860086][ T30] usb 7-1: string descriptor 0 read error: -22 [ 89.861781][ T30] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 89.864083][ T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.885380][ T30] adutux 7-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 90.180632][ T5347] Bluetooth: unknown link type 32 [ 90.182349][ T5347] Bluetooth: hci2: connection err: -111 [ 90.199883][ T6364] Bluetooth: MGMT ver 1.23 [ 90.329971][ T30] usb 7-1: USB disconnect, device number 9 [ 90.577775][ T6369] FAULT_INJECTION: forcing a failure. [ 90.577775][ T6369] name failslab, interval 1, probability 0, space 0, times 0 [ 90.581241][ T6369] CPU: 2 UID: 0 PID: 6369 Comm: syz.3.269 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 90.584373][ T6369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.587710][ T6369] Call Trace: [ 90.588591][ T6369] [ 90.589379][ T6369] dump_stack_lvl+0x16c/0x1f0 [ 90.590643][ T6369] should_fail_ex+0x497/0x5b0 [ 90.591874][ T6369] ? fs_reclaim_acquire+0xae/0x160 [ 90.593405][ T6369] should_failslab+0xc2/0x120 [ 90.594749][ T6369] __kmalloc_noprof+0xcb/0x410 [ 90.596197][ T6369] ? __pfx_mark_lock+0x10/0x10 [ 90.597734][ T6369] tomoyo_realpath_from_path+0xbf/0x710 [ 90.599529][ T6369] tomoyo_check_open_permission+0x2a7/0x3b0 [ 90.601222][ T6369] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 90.602962][ T6369] ? __pfx___lock_acquire+0x10/0x10 [ 90.604362][ T6369] ? __pfx_hook_file_open+0x10/0x10 [ 90.605707][ T6369] ? path_get+0x61/0x80 [ 90.606826][ T6369] tomoyo_file_open+0x6b/0x90 [ 90.608062][ T6369] security_file_open+0x64c/0x9d0 [ 90.609423][ T6369] ? mnt_get_write_access+0x20c/0x300 [ 90.611013][ T6369] do_dentry_open+0x57c/0x1530 [ 90.612472][ T6369] ? inode_permission+0xdd/0x5f0 [ 90.614039][ T6369] vfs_open+0x82/0x3f0 [ 90.615597][ T6369] ? may_open+0x1f2/0x400 [ 90.617224][ T6369] path_openat+0x1e6a/0x2d60 [ 90.618486][ T6369] ? __pfx_path_openat+0x10/0x10 [ 90.619875][ T6369] ? __pfx___lock_acquire+0x10/0x10 [ 90.621279][ T6369] do_filp_open+0x1dc/0x430 [ 90.622507][ T6369] ? __pfx_do_filp_open+0x10/0x10 [ 90.623849][ T6369] ? find_held_lock+0x2d/0x110 [ 90.625123][ T6369] ? _raw_spin_unlock+0x28/0x50 [ 90.626442][ T6369] ? alloc_fd+0x2d7/0x6c0 [ 90.627576][ T6369] do_sys_openat2+0x17a/0x1e0 [ 90.628761][ T6369] ? __pfx_do_sys_openat2+0x10/0x10 [ 90.630192][ T6369] ? __fget_files+0x244/0x3f0 [ 90.631524][ T6369] __ia32_compat_sys_openat+0x16e/0x210 [ 90.633147][ T6369] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 90.635123][ T6369] ? ksys_write+0x1ad/0x260 [ 90.636848][ T6369] __do_fast_syscall_32+0x73/0x120 [ 90.638740][ T6369] do_fast_syscall_32+0x32/0x80 [ 90.640168][ T6369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 90.641833][ T6369] RIP: 0023:0xf7fef579 [ 90.642997][ T6369] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 90.648719][ T6369] RSP: 002b:00000000f575556c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 90.651065][ T6369] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000200001c0 [ 90.653246][ T6369] RDX: 0000000000002c41 RSI: 0000000000000000 RDI: 0000000000000000 [ 90.655437][ T6369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 90.657595][ T6369] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 90.659849][ T6369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 90.662298][ T6369] [ 90.669836][ T6369] ERROR: Out of memory at tomoyo_realpath_from_path. [ 91.917037][ T6398] @: renamed from vlan0 (while UP) [ 92.346331][ T6411] FAULT_INJECTION: forcing a failure. [ 92.346331][ T6411] name failslab, interval 1, probability 0, space 0, times 0 [ 92.351278][ T6411] CPU: 1 UID: 0 PID: 6411 Comm: syz.0.281 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 92.354802][ T6411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.358554][ T6411] Call Trace: [ 92.359748][ T6411] [ 92.360888][ T6411] dump_stack_lvl+0x16c/0x1f0 [ 92.362633][ T6411] should_fail_ex+0x497/0x5b0 [ 92.364350][ T6411] ? fs_reclaim_acquire+0xae/0x160 [ 92.366209][ T6411] should_failslab+0xc2/0x120 [ 92.367912][ T6411] __kmalloc_noprof+0xcb/0x410 [ 92.369682][ T6411] ethnl_default_doit+0x20f/0xbd0 [ 92.371549][ T6411] ? __nla_parse+0x40/0x60 [ 92.373225][ T6411] ? __pfx_ethnl_default_doit+0x10/0x10 [ 92.375265][ T6411] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 92.377936][ T6411] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 92.380881][ T6411] genl_family_rcv_msg_doit+0x202/0x2f0 [ 92.383129][ T6411] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 92.385355][ T6411] ? __radix_tree_lookup+0x21f/0x2c0 [ 92.387420][ T6411] genl_rcv_msg+0x565/0x800 [ 92.389048][ T6411] ? __pfx_genl_rcv_msg+0x10/0x10 [ 92.390903][ T6411] ? __pfx_ethnl_default_doit+0x10/0x10 [ 92.392929][ T6411] netlink_rcv_skb+0x165/0x410 [ 92.394691][ T6411] ? __pfx_genl_rcv_msg+0x10/0x10 [ 92.396518][ T6411] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 92.398544][ T6411] ? down_read+0xc9/0x330 [ 92.400134][ T6411] ? __pfx_down_read+0x10/0x10 [ 92.401903][ T6411] ? netlink_deliver_tap+0x1ae/0xcf0 [ 92.403869][ T6411] genl_rcv+0x28/0x40 [ 92.405332][ T6411] netlink_unicast+0x53c/0x7f0 [ 92.407098][ T6411] ? __pfx_netlink_unicast+0x10/0x10 [ 92.408971][ T6411] ? __phys_addr_symbol+0x30/0x80 [ 92.410829][ T6411] ? __check_object_size+0x488/0x710 [ 92.412744][ T6411] netlink_sendmsg+0x8b8/0xd70 [ 92.414503][ T6411] ? __pfx_netlink_sendmsg+0x10/0x10 [ 92.416444][ T6411] ____sys_sendmsg+0x9ae/0xb40 [ 92.418149][ T6411] ? __pfx_____sys_sendmsg+0x10/0x10 [ 92.420110][ T6411] ? get_compat_msghdr+0x11b/0x170 [ 92.422003][ T6411] ? __pfx___lock_acquire+0x10/0x10 [ 92.423937][ T6411] ___sys_sendmsg+0x135/0x1e0 [ 92.425665][ T6411] ? __pfx____sys_sendmsg+0x10/0x10 [ 92.427556][ T6411] ? ksys_write+0x21e/0x260 [ 92.429172][ T6411] ? __pfx_lock_release+0x10/0x10 [ 92.431019][ T6411] ? fdget+0x176/0x210 [ 92.432514][ T6411] __sys_sendmsg+0x117/0x1f0 [ 92.434218][ T6411] ? __pfx___sys_sendmsg+0x10/0x10 [ 92.436262][ T6411] ? __fget_files+0x244/0x3f0 [ 92.438143][ T6411] __do_fast_syscall_32+0x73/0x120 [ 92.440030][ T6411] do_fast_syscall_32+0x32/0x80 [ 92.441826][ T6411] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.444134][ T6411] RIP: 0023:0xf73ae579 [ 92.445632][ T6411] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 92.452744][ T6411] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 92.455844][ T6411] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000300 [ 92.458701][ T6411] RDX: 0000000000004050 RSI: 0000000000000000 RDI: 0000000000000000 [ 92.461717][ T6411] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 92.464798][ T6411] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 92.467802][ T6411] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.470664][ T6411] [ 92.908518][ T6417] input: syz0 as /devices/virtual/input/input7 [ 94.880582][ T6434] netlink: 'syz.2.288': attribute type 9 has an invalid length. [ 94.882755][ T6434] netlink: 8 bytes leftover after parsing attributes in process `syz.2.288'. [ 95.358355][ T6451] mkiss: ax0: crc mode is auto. [ 96.358514][ T6447] syz.2.293 (6447) used greatest stack depth: 20640 bytes left [ 96.557252][ T6460] FAULT_INJECTION: forcing a failure. [ 96.557252][ T6460] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 96.561066][ T6460] CPU: 1 UID: 0 PID: 6460 Comm: syz.3.297 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 96.564336][ T6460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.567812][ T6460] Call Trace: [ 96.569032][ T6460] [ 96.570124][ T6460] dump_stack_lvl+0x16c/0x1f0 [ 96.571849][ T6460] should_fail_ex+0x497/0x5b0 [ 96.573866][ T6460] _copy_to_user+0x30/0xc0 [ 96.575493][ T6460] simple_read_from_buffer+0xd0/0x160 [ 96.577387][ T6460] proc_fail_nth_read+0x198/0x270 [ 96.579229][ T6460] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 96.581236][ T6460] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 96.583281][ T6460] vfs_read+0x1ce/0xbd0 [ 96.584923][ T6460] ? __fget_files+0x23a/0x3f0 [ 96.586673][ T6460] ? fdget_pos+0x24c/0x360 [ 96.588140][ T6460] ? __pfx_lock_release+0x10/0x10 [ 96.589552][ T6460] ? __pfx_vfs_read+0x10/0x10 [ 96.590927][ T6460] ? __pfx___mutex_lock+0x10/0x10 [ 96.592843][ T6460] ? __fget_files+0x244/0x3f0 [ 96.594357][ T6460] ksys_read+0x12f/0x260 [ 96.595514][ T6460] ? __pfx_ksys_read+0x10/0x10 [ 96.596959][ T6460] __do_fast_syscall_32+0x73/0x120 [ 96.598428][ T6460] do_fast_syscall_32+0x32/0x80 [ 96.599736][ T6460] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.601637][ T6460] RIP: 0023:0xf7fef579 [ 96.603138][ T6460] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 96.609911][ T6460] RSP: 002b:00000000f57765a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 96.612904][ T6460] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5776620 [ 96.615755][ T6460] RDX: 000000000000000f RSI: 00000000f747bff4 RDI: 0000000000000000 [ 96.618576][ T6460] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 96.621385][ T6460] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 96.624197][ T6460] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.627055][ T6460] [ 96.879515][ T6472] FAULT_INJECTION: forcing a failure. [ 96.879515][ T6472] name failslab, interval 1, probability 0, space 0, times 0 [ 96.882829][ T6472] CPU: 1 UID: 0 PID: 6472 Comm: syz.2.301 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 96.885564][ T6472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.888830][ T6472] Call Trace: [ 96.890066][ T6472] [ 96.891173][ T6472] dump_stack_lvl+0x16c/0x1f0 [ 96.892887][ T6472] should_fail_ex+0x497/0x5b0 [ 96.894622][ T6472] ? fs_reclaim_acquire+0xae/0x160 [ 96.896267][ T6472] should_failslab+0xc2/0x120 [ 96.897984][ T6472] __kmalloc_noprof+0xcb/0x410 [ 96.899722][ T6472] ? __kmalloc_noprof+0x207/0x410 [ 96.901530][ T6472] tomoyo_realpath_from_path+0xbf/0x710 [ 96.903574][ T6472] ? tomoyo_fill_path_info+0x233/0x420 [ 96.905567][ T6472] tomoyo_mount_acl+0x1af/0x880 [ 96.907327][ T6472] ? hlock_class+0x4e/0x130 [ 96.908917][ T6472] ? __lock_acquire+0x163e/0x3ce0 [ 96.910761][ T6472] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 96.912726][ T6472] ? __pfx___lock_acquire+0x10/0x10 [ 96.914305][ T6472] ? stack_trace_save+0x95/0xd0 [ 96.915605][ T6472] ? __pfx_lock_release+0x10/0x10 [ 96.917441][ T6472] ? do_fast_syscall_32+0x32/0x80 [ 96.919261][ T6472] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.921493][ T6472] ? tomoyo_domain+0xbb/0x150 [ 96.923061][ T6472] ? tomoyo_profile+0x47/0x60 [ 96.924622][ T6472] tomoyo_mount_permission+0x16b/0x410 [ 96.926576][ T6472] ? tomoyo_mount_permission+0x146/0x410 [ 96.928778][ T6472] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 96.931038][ T6472] ? get_current_fs_domain+0x188/0x1f0 [ 96.933127][ T6472] security_sb_mount+0x9b/0x260 [ 96.934896][ T6472] path_mount+0x129/0x1f10 [ 96.936528][ T6472] ? kmem_cache_free+0x152/0x4b0 [ 96.938330][ T6472] ? __pfx_path_mount+0x10/0x10 [ 96.939992][ T6472] ? putname+0x12e/0x170 [ 96.941101][ T6472] __ia32_sys_mount+0x292/0x310 [ 96.942379][ T6472] ? __pfx___ia32_sys_mount+0x10/0x10 [ 96.943937][ T6472] __do_fast_syscall_32+0x73/0x120 [ 96.945756][ T6472] do_fast_syscall_32+0x32/0x80 [ 96.947531][ T6472] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.949833][ T6472] RIP: 0023:0xf7fb3579 [ 96.951343][ T6472] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 96.958225][ T6472] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 96.960714][ T6472] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000040 [ 96.963352][ T6472] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 96.966207][ T6472] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 96.969052][ T6472] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 96.971859][ T6472] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.974595][ T6472] [ 96.977180][ T6472] ERROR: Out of memory at tomoyo_realpath_from_path. [ 97.127262][ T6476] FAULT_INJECTION: forcing a failure. [ 97.127262][ T6476] name failslab, interval 1, probability 0, space 0, times 0 [ 97.131040][ T6476] CPU: 3 UID: 0 PID: 6476 Comm: syz.2.302 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 97.133657][ T6476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.136417][ T6476] Call Trace: [ 97.137286][ T6476] [ 97.138056][ T6476] dump_stack_lvl+0x16c/0x1f0 [ 97.139292][ T6476] should_fail_ex+0x497/0x5b0 [ 97.140513][ T6476] ? fs_reclaim_acquire+0xae/0x160 [ 97.141833][ T6476] should_failslab+0xc2/0x120 [ 97.143076][ T6476] __kmalloc_noprof+0xcb/0x410 [ 97.144425][ T6476] ? lockdep_hardirqs_on+0x7c/0x110 [ 97.145781][ T6476] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 97.147630][ T6476] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 97.149065][ T6476] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 97.150654][ T6476] ? bpf_lsm_capable+0x9/0x10 [ 97.151919][ T6476] ? security_capable+0x7e/0x260 [ 97.153218][ T6476] ? ns_capable+0xd7/0x110 [ 97.154403][ T6476] genl_rcv_msg+0x565/0x800 [ 97.155596][ T6476] ? __pfx_genl_rcv_msg+0x10/0x10 [ 97.156899][ T6476] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 97.158291][ T6476] ? __pfx_nl80211_register_beacons+0x10/0x10 [ 97.159872][ T6476] ? __pfx_nl80211_post_doit+0x10/0x10 [ 97.161278][ T6476] netlink_rcv_skb+0x165/0x410 [ 97.162543][ T6476] ? __pfx_genl_rcv_msg+0x10/0x10 [ 97.163851][ T6476] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 97.165218][ T6476] ? down_read+0xc9/0x330 [ 97.166344][ T6476] ? __pfx_down_read+0x10/0x10 [ 97.167554][ T6476] ? netlink_deliver_tap+0x1ae/0xcf0 [ 97.168923][ T6476] genl_rcv+0x28/0x40 [ 97.169966][ T6476] netlink_unicast+0x53c/0x7f0 [ 97.171212][ T6476] ? __pfx_netlink_unicast+0x10/0x10 [ 97.172576][ T6476] ? __phys_addr_symbol+0x30/0x80 [ 97.173878][ T6476] ? __check_object_size+0x488/0x710 [ 97.175250][ T6476] netlink_sendmsg+0x8b8/0xd70 [ 97.176493][ T6476] ? __pfx_netlink_sendmsg+0x10/0x10 [ 97.177855][ T6476] ____sys_sendmsg+0x9ae/0xb40 [ 97.179100][ T6476] ? __pfx_____sys_sendmsg+0x10/0x10 [ 97.180470][ T6476] ? get_compat_msghdr+0x11b/0x170 [ 97.181803][ T6476] ? __pfx___lock_acquire+0x10/0x10 [ 97.183174][ T6476] ___sys_sendmsg+0x135/0x1e0 [ 97.184403][ T6476] ? __pfx____sys_sendmsg+0x10/0x10 [ 97.185733][ T6476] ? ksys_write+0x21e/0x260 [ 97.186921][ T6476] ? __pfx_lock_release+0x10/0x10 [ 97.188232][ T6476] ? fdget+0x176/0x210 [ 97.189303][ T6476] __sys_sendmsg+0x117/0x1f0 [ 97.190515][ T6476] ? __pfx___sys_sendmsg+0x10/0x10 [ 97.191847][ T6476] ? __fget_files+0x244/0x3f0 [ 97.193077][ T6476] __do_fast_syscall_32+0x73/0x120 [ 97.194406][ T6476] do_fast_syscall_32+0x32/0x80 [ 97.195671][ T6476] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 97.197294][ T6476] RIP: 0023:0xf7fb3579 [ 97.198520][ T6476] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 97.203549][ T6476] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 97.205711][ T6476] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 97.207747][ T6476] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 97.209773][ T6476] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 97.211818][ T6476] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 97.213901][ T6476] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 97.215940][ T6476] [ 97.497442][ T30] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 97.658801][ T30] usb 7-1: config 0 has no interfaces? [ 97.660367][ T30] usb 7-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 97.663653][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.666453][ T6485] FAULT_INJECTION: forcing a failure. [ 97.666453][ T6485] name failslab, interval 1, probability 0, space 0, times 0 [ 97.669462][ T30] usb 7-1: config 0 descriptor?? [ 97.681288][ T6485] CPU: 3 UID: 0 PID: 6485 Comm: syz.0.305 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 97.684074][ T6485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.687087][ T6485] Call Trace: [ 97.688301][ T6485] [ 97.689353][ T6485] dump_stack_lvl+0x16c/0x1f0 [ 97.691042][ T6485] should_fail_ex+0x497/0x5b0 [ 97.692311][ T6485] ? fs_reclaim_acquire+0xae/0x160 [ 97.693961][ T6485] should_failslab+0xc2/0x120 [ 97.695569][ T6485] kmem_cache_alloc_node_noprof+0x71/0x310 [ 97.697525][ T6485] ? __alloc_skb+0x2b3/0x380 [ 97.699109][ T6485] ? rtnl_newlink+0x71/0xa0 [ 97.700657][ T6485] __alloc_skb+0x2b3/0x380 [ 97.702216][ T6485] ? __pfx___alloc_skb+0x10/0x10 [ 97.703938][ T6485] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 97.705702][ T6485] netlink_ack+0x164/0xb20 [ 97.707259][ T6485] netlink_rcv_skb+0x327/0x410 [ 97.708895][ T6485] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 97.710728][ T6485] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 97.712534][ T6485] ? netlink_deliver_tap+0x1ae/0xcf0 [ 97.714334][ T6485] netlink_unicast+0x53c/0x7f0 [ 97.715979][ T6485] ? __pfx_netlink_unicast+0x10/0x10 [ 97.717912][ T6485] ? __phys_addr_symbol+0x30/0x80 [ 97.719648][ T6485] ? __check_object_size+0x488/0x710 [ 97.721449][ T6485] netlink_sendmsg+0x8b8/0xd70 [ 97.723094][ T6485] ? __pfx_netlink_sendmsg+0x10/0x10 [ 97.724878][ T6485] ____sys_sendmsg+0x9ae/0xb40 [ 97.726526][ T6485] ? __pfx_____sys_sendmsg+0x10/0x10 [ 97.728312][ T6485] ? get_compat_msghdr+0x11b/0x170 [ 97.730344][ T6485] ? __pfx___lock_acquire+0x10/0x10 [ 97.732368][ T6485] ___sys_sendmsg+0x135/0x1e0 [ 97.734031][ T6485] ? __pfx____sys_sendmsg+0x10/0x10 [ 97.735846][ T6485] ? ksys_write+0x21e/0x260 [ 97.737411][ T6485] ? __pfx_lock_release+0x10/0x10 [ 97.739183][ T6485] ? fdget+0x176/0x210 [ 97.740629][ T6485] __sys_sendmsg+0x117/0x1f0 [ 97.742257][ T6485] ? __pfx___sys_sendmsg+0x10/0x10 [ 97.744029][ T6485] ? __fget_files+0x244/0x3f0 [ 97.745696][ T6485] __do_fast_syscall_32+0x73/0x120 [ 97.747488][ T6485] do_fast_syscall_32+0x32/0x80 [ 97.749136][ T6485] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 97.751260][ T6485] RIP: 0023:0xf73ae579 [ 97.752629][ T6485] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 97.759069][ T6485] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 97.761879][ T6485] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000380 [ 97.764605][ T6485] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 97.767290][ T6485] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 97.769952][ T6485] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 97.772613][ T6485] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 97.775367][ T6485] [ 97.837692][ T6487] nbd: must specify at least one socket [ 97.928850][ T6493] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 97.935184][ T6493] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 97.935463][ T6492] netlink: 47 bytes leftover after parsing attributes in process `syz.0.307'. [ 98.010255][ T6496] netlink: 12 bytes leftover after parsing attributes in process `syz.0.308'. [ 98.030063][ T62] usb 7-1: USB disconnect, device number 10 [ 98.389563][ T6498] netlink: 160 bytes leftover after parsing attributes in process `syz.1.309'. [ 98.432015][ T6504] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 98.712503][ T6510] XFS (sr0): Invalid superblock magic number [ 98.864919][ T6510] netlink: 'syz.3.312': attribute type 2 has an invalid length. [ 98.867016][ T6510] netlink: 24 bytes leftover after parsing attributes in process `syz.3.312'. [ 98.869728][ T6510] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 99.173457][ T6524] syzkaller1: entered promiscuous mode [ 99.175268][ T6524] syzkaller1: entered allmulticast mode [ 99.754800][ T6546] tipc: Started in network mode [ 99.756550][ T6546] tipc: Node identity 080211, cluster identity 4711 [ 99.758643][ T6546] FAULT_INJECTION: forcing a failure. [ 99.758643][ T6546] name failslab, interval 1, probability 0, space 0, times 0 [ 99.762152][ T6546] CPU: 2 UID: 0 PID: 6546 Comm: syz.0.319 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 99.764821][ T6546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 99.768639][ T6546] Call Trace: [ 99.769872][ T6546] [ 99.770974][ T6546] dump_stack_lvl+0x16c/0x1f0 [ 99.772302][ T6546] should_fail_ex+0x497/0x5b0 [ 99.773548][ T6546] should_failslab+0xc2/0x120 [ 99.774813][ T6546] __kmalloc_cache_noprof+0x6b/0x310 [ 99.776246][ T6546] ? tipc_disc_create+0x9d/0x640 [ 99.777550][ T6546] tipc_disc_create+0x9d/0x640 [ 99.778819][ T6546] tipc_enable_bearer+0xa22/0xfa0 [ 99.780138][ T6546] ? __pfx_tipc_enable_bearer+0x10/0x10 [ 99.781644][ T6546] ? __mutex_trylock_common+0xea/0x250 [ 99.783099][ T6546] ? __nla_parse+0x40/0x60 [ 99.784286][ T6546] __tipc_nl_bearer_enable+0x32a/0x420 [ 99.785858][ T6546] ? __mutex_lock+0x1a6/0x9c0 [ 99.787345][ T6546] ? __pfx___tipc_nl_bearer_enable+0x10/0x10 [ 99.789436][ T6546] ? __pfx___mutex_lock+0x10/0x10 [ 99.791001][ T6546] ? __nla_parse+0x40/0x60 [ 99.792177][ T6546] tipc_nl_bearer_enable+0x21/0x40 [ 99.793513][ T6546] genl_family_rcv_msg_doit+0x202/0x2f0 [ 99.795059][ T6546] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 99.796929][ T6546] ? __radix_tree_lookup+0x21f/0x2c0 [ 99.798665][ T6546] genl_rcv_msg+0x565/0x800 [ 99.800146][ T6546] ? __pfx_genl_rcv_msg+0x10/0x10 [ 99.801837][ T6546] ? __pfx_tipc_nl_bearer_enable+0x10/0x10 [ 99.803436][ T6546] netlink_rcv_skb+0x165/0x410 [ 99.804693][ T6546] ? __pfx_genl_rcv_msg+0x10/0x10 [ 99.806284][ T6546] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 99.807773][ T6546] ? down_read+0xc9/0x330 [ 99.809017][ T6546] ? __pfx_down_read+0x10/0x10 [ 99.810608][ T6546] ? netlink_deliver_tap+0x1ae/0xcf0 [ 99.812454][ T6546] genl_rcv+0x28/0x40 [ 99.813811][ T6546] netlink_unicast+0x53c/0x7f0 [ 99.815440][ T6546] ? __pfx_netlink_unicast+0x10/0x10 [ 99.817169][ T6546] ? __phys_addr_symbol+0x30/0x80 [ 99.818516][ T6546] ? __check_object_size+0x488/0x710 [ 99.820293][ T6546] netlink_sendmsg+0x8b8/0xd70 [ 99.821949][ T6546] ? __pfx_netlink_sendmsg+0x10/0x10 [ 99.823775][ T6546] ____sys_sendmsg+0x9ae/0xb40 [ 99.825390][ T6546] ? __pfx_____sys_sendmsg+0x10/0x10 [ 99.827178][ T6546] ? get_compat_msghdr+0x11b/0x170 [ 99.828860][ T6546] ? __pfx___lock_acquire+0x10/0x10 [ 99.830601][ T6546] ___sys_sendmsg+0x135/0x1e0 [ 99.832129][ T6546] ? __pfx____sys_sendmsg+0x10/0x10 [ 99.833477][ T6546] ? ksys_write+0x21e/0x260 [ 99.834665][ T6546] ? __pfx_lock_release+0x10/0x10 [ 99.835973][ T6546] ? fdget+0x176/0x210 [ 99.837037][ T6546] __sys_sendmsg+0x117/0x1f0 [ 99.838236][ T6546] ? __pfx___sys_sendmsg+0x10/0x10 [ 99.839569][ T6546] ? __fget_files+0x244/0x3f0 [ 99.840802][ T6546] __do_fast_syscall_32+0x73/0x120 [ 99.842356][ T6546] do_fast_syscall_32+0x32/0x80 [ 99.844000][ T6546] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 99.846176][ T6546] RIP: 0023:0xf73ae579 [ 99.847636][ T6546] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 99.854022][ T6546] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 99.856186][ T6546] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020004300 [ 99.858320][ T6546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 99.860521][ T6546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 99.863219][ T6546] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 99.865780][ T6546] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 99.868505][ T6546] [ 99.874656][ T6546] tipc: Disabling bearer [ 99.882739][ T6546] tipc: Enabling of bearer rejected, failed to create discoverer [ 99.940093][ T6548] netlink: 'syz.0.320': attribute type 10 has an invalid length. [ 99.945790][ T6548] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.948020][ T6548] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.956232][ T6548] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.958198][ T6548] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.960794][ T6548] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.963002][ T6548] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.967615][ T6548] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 100.076049][ T6550] netlink: 'syz.0.321': attribute type 2 has an invalid length. [ 100.078019][ T6554] netlink: 'syz.1.322': attribute type 1 has an invalid length. [ 100.078848][ T6550] netlink: 244 bytes leftover after parsing attributes in process `syz.0.321'. [ 100.116753][ T6554] netlink: 28 bytes leftover after parsing attributes in process `syz.1.322'. [ 100.120092][ T6554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.322'. [ 100.122736][ T6554] netlink: 12 bytes leftover after parsing attributes in process `syz.1.322'. [ 100.347886][ T6574] autofs: Bad value for 'fd' [ 100.426112][ T39] audit: type=1804 audit(1727432270.683:6): pid=6574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.325" name="/newroot/77/bus/bus" dev="overlay" ino=440 res=1 errno=0 [ 100.436191][ T6577] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 100.448856][ T6574] evm: overlay not supported [ 100.462926][ T6577] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 100.519447][ T56] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 100.537518][ T39] audit: type=1326 audit(1727432270.793:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz.3.330" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fef579 code=0x0 [ 100.555858][ T6584] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 100.667520][ T56] usb 7-1: device descriptor read/64, error -71 [ 100.704344][ T6588] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 100.707441][ T6588] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 100.725621][ T6588] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 100.736511][ T6588] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 100.739017][ T6588] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 100.746372][ T6588] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 100.763392][ T6588] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 100.766865][ T6588] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 100.785056][ T6588] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 100.917570][ T56] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 101.176002][ T6601] tipc: Started in network mode [ 101.178299][ T6601] tipc: Node identity ac1414aa, cluster identity 4711 [ 101.185675][ T6601] tipc: Enabled bearer , priority 10 [ 101.237400][ T56] usb 7-1: device descriptor read/64, error -71 [ 101.239406][ T4443] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 101.347568][ T56] usb usb7-port1: attempt power cycle [ 101.388896][ T4443] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 101.392658][ T4443] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 101.396469][ T4443] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 101.400814][ T4443] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 101.409588][ T4443] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 101.412780][ T4443] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 101.418351][ T4443] usb 8-1: Manufacturer: syz [ 101.426022][ T4443] usb 8-1: config 0 descriptor?? [ 101.797411][ T56] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 101.817905][ T56] usb 7-1: device descriptor read/8, error -71 [ 101.837092][ T4443] appleir 0003:05AC:8243.0005: unknown main item tag 0x0 [ 101.840186][ T4443] appleir 0003:05AC:8243.0005: No inputs registered, leaving [ 101.846145][ T4443] appleir 0003:05AC:8243.0005: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 102.059802][ T56] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 102.078063][ T56] usb 7-1: device descriptor read/8, error -71 [ 102.187845][ T56] usb usb7-port1: unable to enumerate USB device [ 102.309226][ T62] tipc: Node number set to 2886997162 [ 102.593665][ T6602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 102.598822][ T6602] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 102.767421][ T5347] Bluetooth: hci3: command 0x0c1a tx timeout [ 102.767528][ T4780] Bluetooth: hci2: command 0x0c1a tx timeout [ 102.767561][ T66] Bluetooth: hci1: command 0x0c1a tx timeout [ 102.908292][ T6604] FAULT_INJECTION: forcing a failure. [ 102.908292][ T6604] name failslab, interval 1, probability 0, space 0, times 0 [ 102.911469][ T6604] CPU: 2 UID: 0 PID: 6604 Comm: syz.0.336 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 102.914073][ T6604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.916875][ T6604] Call Trace: [ 102.918070][ T6604] [ 102.919164][ T6604] dump_stack_lvl+0x16c/0x1f0 [ 102.920855][ T6604] should_fail_ex+0x497/0x5b0 [ 102.922564][ T6604] ? fs_reclaim_acquire+0xae/0x160 [ 102.924224][ T6604] should_failslab+0xc2/0x120 [ 102.925927][ T6604] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 102.927846][ T6604] ? fib_insert_alias+0x43c/0xe30 [ 102.929892][ T6604] fib_insert_alias+0x43c/0xe30 [ 102.931678][ T6604] ? kmem_cache_alloc_noprof+0x174/0x2f0 [ 102.933694][ T6604] ? lockdep_rtnl_is_held+0x26/0x40 [ 102.935514][ T6604] ? fib_table_insert+0x80d/0x1d70 [ 102.937301][ T6604] fib_table_insert+0xaab/0x1d70 [ 102.939055][ T6604] ? __nla_validate_parse+0x605/0x2b10 [ 102.940978][ T6604] ? __pfx_fib_table_insert+0x10/0x10 [ 102.942904][ T6604] ? __nla_validate+0x3e/0x50 [ 102.944587][ T6604] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 102.946682][ T6604] ? rtm_to_fib_config+0x6f7/0x1270 [ 102.948554][ T6604] ? inet_rtm_newroute+0x11f/0x200 [ 102.950455][ T6604] inet_rtm_newroute+0x11f/0x200 [ 102.952237][ T6604] ? __pfx_inet_rtm_newroute+0x10/0x10 [ 102.954207][ T6604] ? __pfx_inet_rtm_newroute+0x10/0x10 [ 102.956186][ T6604] rtnetlink_rcv_msg+0x3c7/0xea0 [ 102.957910][ T6604] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 102.959871][ T6604] ? __pfx___dev_queue_xmit+0x10/0x10 [ 102.961881][ T6604] netlink_rcv_skb+0x165/0x410 [ 102.963597][ T6604] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 102.965653][ T6604] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 102.967805][ T6604] ? netlink_deliver_tap+0x1ae/0xcf0 [ 102.969739][ T6604] netlink_unicast+0x53c/0x7f0 [ 102.971462][ T6604] ? __pfx_netlink_unicast+0x10/0x10 [ 102.973315][ T6604] ? __phys_addr_symbol+0x30/0x80 [ 102.975097][ T6604] ? __check_object_size+0x488/0x710 [ 102.977011][ T6604] netlink_sendmsg+0x8b8/0xd70 [ 102.978714][ T6604] ? __pfx_netlink_sendmsg+0x10/0x10 [ 102.980611][ T6604] ____sys_sendmsg+0x9ae/0xb40 [ 102.982290][ T6604] ? __pfx_____sys_sendmsg+0x10/0x10 [ 102.983743][ T6604] ? get_compat_msghdr+0x11b/0x170 [ 102.985261][ T6604] ? __pfx___lock_acquire+0x10/0x10 [ 102.987140][ T6604] ___sys_sendmsg+0x135/0x1e0 [ 102.988726][ T6604] ? __pfx____sys_sendmsg+0x10/0x10 [ 102.990468][ T6604] ? ksys_write+0x21e/0x260 [ 102.991951][ T6604] ? __pfx_lock_release+0x10/0x10 [ 102.993598][ T6604] ? fdget+0x176/0x210 [ 102.994678][ T6604] __sys_sendmsg+0x117/0x1f0 [ 102.995871][ T6604] ? __pfx___sys_sendmsg+0x10/0x10 [ 102.997416][ T6604] ? __fget_files+0x244/0x3f0 [ 102.999185][ T6604] __do_fast_syscall_32+0x73/0x120 [ 103.001025][ T6604] do_fast_syscall_32+0x32/0x80 [ 103.002822][ T6604] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 103.004876][ T6604] RIP: 0023:0xf73ae579 [ 103.005904][ T6604] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 103.011772][ T6604] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 103.013897][ T6604] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080 [ 103.016438][ T6604] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 103.019171][ T6604] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 103.021909][ T6604] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 103.024708][ T6604] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 103.027589][ T6604] [ 103.135251][ T6608] input: syz1 as /devices/virtual/input/input8 [ 103.215392][ T6612] netlink: 4 bytes leftover after parsing attributes in process `syz.0.340'. [ 103.220096][ T6612] netlink: 12 bytes leftover after parsing attributes in process `syz.0.340'. [ 103.411271][ T6623] input: syz0 as /devices/virtual/input/input9 [ 103.878661][ T9] usb 8-1: USB disconnect, device number 13 [ 104.847497][ T4780] Bluetooth: hci2: command 0x0c1a tx timeout [ 104.849992][ T4780] Bluetooth: hci1: command 0x0c1a tx timeout [ 104.858310][ T5347] Bluetooth: hci3: command 0x0c1a tx timeout [ 105.147386][ T4443] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 105.190284][ T6647] netlink: 28 bytes leftover after parsing attributes in process `syz.1.352'. [ 105.192765][ T6647] netlink: 'syz.1.352': attribute type 7 has an invalid length. [ 105.195258][ T6647] netlink: 'syz.1.352': attribute type 8 has an invalid length. [ 105.197839][ T6647] netlink: 4 bytes leftover after parsing attributes in process `syz.1.352'. [ 105.211133][ T6647] erspan0: entered promiscuous mode [ 105.217614][ T6647] batadv_slave_1: entered promiscuous mode [ 105.221726][ T6647] gretap0: entered promiscuous mode [ 105.283181][ T6653] netlink: 'syz.2.355': attribute type 10 has an invalid length. [ 105.286589][ T6653] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.289313][ T6653] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.297255][ T6651] XFS (sr0): Invalid superblock magic number [ 105.297484][ T4443] usb 5-1: Using ep0 maxpacket: 8 [ 105.298890][ T6653] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.299248][ T4443] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 105.299268][ T4443] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 105.299279][ T4443] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.300269][ T4443] usb 5-1: config 0 descriptor?? [ 105.301968][ T6653] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.318967][ T6653] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.321456][ T6653] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.332855][ T6653] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 105.508985][ T4443] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 105.607135][ T6685] FAULT_INJECTION: forcing a failure. [ 105.607135][ T6685] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 105.611234][ T6685] CPU: 2 UID: 0 PID: 6685 Comm: syz.2.364 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 105.614515][ T6685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 105.614526][ T6685] Call Trace: [ 105.614530][ T6685] [ 105.614534][ T6685] dump_stack_lvl+0x16c/0x1f0 [ 105.614558][ T6685] should_fail_ex+0x497/0x5b0 [ 105.623311][ T6685] _copy_to_user+0x30/0xc0 [ 105.623327][ T6685] bpf_test_finish.isra.0+0x52b/0x680 [ 105.623346][ T6685] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 105.623363][ T6685] ? krealloc_noprof+0xff/0x130 [ 105.623379][ T6685] bpf_prog_test_run_skb+0x11bb/0x2140 [ 105.631251][ T6685] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 105.632781][ T6685] ? fput+0x30/0x390 [ 105.633822][ T6685] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 105.635369][ T6685] __sys_bpf+0x1921/0x5780 [ 105.636549][ T6685] ? ksys_write+0x21e/0x260 [ 105.637741][ T6685] ? __pfx___sys_bpf+0x10/0x10 [ 105.639004][ T6685] ? vfs_write+0x14d/0x1140 [ 105.640201][ T6685] ? __mutex_unlock_slowpath+0x164/0x650 [ 105.641674][ T6685] ? fput+0x30/0x390 [ 105.642735][ T6685] ? ksys_write+0x1ad/0x260 [ 105.644220][ T6685] ? __pfx_ksys_write+0x10/0x10 [ 105.645751][ T6685] __ia32_sys_bpf+0x76/0xe0 [ 105.646976][ T6685] __do_fast_syscall_32+0x73/0x120 [ 105.648319][ T6685] do_fast_syscall_32+0x32/0x80 [ 105.649599][ T6685] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 105.651267][ T6685] RIP: 0023:0xf7fb3579 [ 105.652338][ T6685] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 105.657331][ T6685] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 105.659509][ T6685] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000200002c0 [ 105.661573][ T6685] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 105.663658][ T6685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 105.665732][ T6685] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 105.667818][ T6685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 105.669882][ T6685] [ 105.685375][ T39] audit: type=1800 audit(1727432275.943:8): pid=6687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.363" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 105.764035][ T39] audit: type=1326 audit(1727432276.023:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.769831][ T39] audit: type=1326 audit(1727432276.023:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.775913][ T39] audit: type=1326 audit(1727432276.023:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=99 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.781921][ T39] audit: type=1326 audit(1727432276.023:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.787974][ T39] audit: type=1326 audit(1727432276.023:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.794378][ T39] audit: type=1326 audit(1727432276.023:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.800941][ T39] audit: type=1326 audit(1727432276.023:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.806571][ T39] audit: type=1326 audit(1727432276.023:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.812149][ T39] audit: type=1326 audit(1727432276.023:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6688 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 105.947401][ T5732] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 105.983380][ T6694] netlink: 8 bytes leftover after parsing attributes in process `syz.2.367'. [ 105.992697][ T6694] ieee802154 phy0 wpan0: encryption failed: -22 [ 106.107499][ T5732] usb 6-1: Using ep0 maxpacket: 8 [ 106.112519][ T5732] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 106.114999][ T5732] usb 6-1: config 0 has no interface number 0 [ 106.117426][ T5732] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 106.123929][ T5732] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 106.129346][ T5732] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.134688][ T5732] usb 6-1: config 0 descriptor?? [ 106.145096][ T5732] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1 [ 106.261796][ T62] usb 5-1: USB disconnect, device number 7 [ 106.265743][ T62] iowarrior 5-1:0.0: I/O-Warror #0 now disconnected [ 106.348936][ T6702] FAULT_INJECTION: forcing a failure. [ 106.348936][ T6702] name failslab, interval 1, probability 0, space 0, times 0 [ 106.352427][ T6702] CPU: 2 UID: 0 PID: 6702 Comm: syz.0.369 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 106.355117][ T6702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 106.357897][ T6702] Call Trace: [ 106.358787][ T6702] [ 106.359573][ T6702] dump_stack_lvl+0x16c/0x1f0 [ 106.360761][ T6702] should_fail_ex+0x497/0x5b0 [ 106.361910][ T6702] ? fs_reclaim_acquire+0xae/0x160 [ 106.363297][ T6702] should_failslab+0xc2/0x120 [ 106.364549][ T6702] __kmalloc_noprof+0xcb/0x410 [ 106.365818][ T6702] nla_alloc_flow_actions+0x20/0x80 [ 106.367208][ T6702] ovs_nla_copy_actions+0x6a/0x330 [ 106.368574][ T6702] get_flow_actions+0xd6/0x1a0 [ 106.369844][ T6702] ? __pfx_get_flow_actions+0x10/0x10 [ 106.371442][ T6702] ? hlock_class+0x4e/0x130 [ 106.372765][ T6702] ? __lock_acquire+0xbdd/0x3ce0 [ 106.374079][ T6702] ovs_nla_init_match_and_action.constprop.0+0x1cb/0x380 [ 106.375912][ T6702] ? __pfx_ovs_nla_init_match_and_action.constprop.0+0x10/0x10 [ 106.377904][ T6702] ? ovs_nla_get_ufid+0xd0/0x1f0 [ 106.379197][ T6702] ovs_flow_cmd_set+0x27c/0xa00 [ 106.380482][ T6702] ? stack_trace_save+0x95/0xd0 [ 106.381800][ T6702] ? __pfx_ovs_flow_cmd_set+0x10/0x10 [ 106.383238][ T6702] ? kasan_save_stack+0x42/0x60 [ 106.384513][ T6702] ? kasan_save_stack+0x33/0x60 [ 106.385794][ T6702] ? kasan_save_track+0x14/0x30 [ 106.387088][ T6702] ? genl_family_rcv_msg_doit+0xbf/0x2f0 [ 106.388556][ T6702] ? genl_rcv_msg+0x565/0x800 [ 106.389820][ T6702] ? netlink_rcv_skb+0x165/0x410 [ 106.391153][ T6702] ? genl_rcv+0x28/0x40 [ 106.392245][ T6702] ? netlink_unicast+0x53c/0x7f0 [ 106.393539][ T6702] ? __sys_sendmsg+0x117/0x1f0 [ 106.395004][ T6702] ? __do_fast_syscall_32+0x73/0x120 [ 106.396435][ T6702] ? do_fast_syscall_32+0x32/0x80 [ 106.397798][ T6702] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 106.399690][ T6702] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 106.401741][ T6702] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 106.403855][ T6702] genl_family_rcv_msg_doit+0x202/0x2f0 [ 106.405493][ T6702] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 106.407103][ T6702] ? bpf_lsm_capable+0x9/0x10 [ 106.408344][ T6702] ? security_capable+0x7e/0x260 [ 106.409638][ T6702] ? ns_capable+0xd7/0x110 [ 106.410817][ T6702] genl_rcv_msg+0x565/0x800 [ 106.411989][ T6702] ? __pfx_genl_rcv_msg+0x10/0x10 [ 106.413293][ T6702] ? __pfx_ovs_flow_cmd_set+0x10/0x10 [ 106.415449][ T6702] netlink_rcv_skb+0x165/0x410 [ 106.415470][ T6702] ? __pfx_genl_rcv_msg+0x10/0x10 [ 106.415483][ T6702] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 106.415498][ T6702] ? down_read+0xc9/0x330 [ 106.420972][ T6702] ? __pfx_down_read+0x10/0x10 [ 106.422256][ T6702] ? netlink_deliver_tap+0x1ae/0xcf0 [ 106.423664][ T6702] genl_rcv+0x28/0x40 [ 106.424767][ T6702] netlink_unicast+0x53c/0x7f0 [ 106.425865][ T6702] ? __pfx_netlink_unicast+0x10/0x10 [ 106.427136][ T6702] ? __phys_addr_symbol+0x30/0x80 [ 106.428430][ T6702] ? __check_object_size+0x488/0x710 [ 106.429762][ T6702] netlink_sendmsg+0x8b8/0xd70 [ 106.431021][ T6702] ? __pfx_netlink_sendmsg+0x10/0x10 [ 106.432404][ T6702] ____sys_sendmsg+0x9ae/0xb40 [ 106.433660][ T6702] ? __pfx_____sys_sendmsg+0x10/0x10 [ 106.435029][ T6702] ? get_compat_msghdr+0x11b/0x170 [ 106.436326][ T6702] ? __pfx___lock_acquire+0x10/0x10 [ 106.437689][ T6702] ___sys_sendmsg+0x135/0x1e0 [ 106.438937][ T6702] ? __pfx____sys_sendmsg+0x10/0x10 [ 106.440307][ T6702] ? ksys_write+0x21e/0x260 [ 106.441545][ T6702] ? __pfx_lock_release+0x10/0x10 [ 106.442922][ T6702] ? fdget+0x176/0x210 [ 106.444007][ T6702] __sys_sendmsg+0x117/0x1f0 [ 106.445219][ T6702] ? __pfx___sys_sendmsg+0x10/0x10 [ 106.446576][ T6702] ? __fget_files+0x244/0x3f0 [ 106.447811][ T6702] __do_fast_syscall_32+0x73/0x120 [ 106.449178][ T6702] do_fast_syscall_32+0x32/0x80 [ 106.450475][ T6702] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 106.452119][ T6702] RIP: 0023:0xf73ae579 [ 106.453197][ T6702] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 106.458163][ T6702] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 106.460370][ T6702] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 106.462598][ T6702] RDX: 000000000000c000 RSI: 0000000000000000 RDI: 0000000000000000 [ 106.464780][ T6702] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 106.466989][ T6702] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 106.469193][ T6702] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 106.471338][ T6702] [ 106.480591][ T6702] openvswitch: netlink: Actions may not be safe on all matching packets [ 106.927458][ T4780] Bluetooth: hci1: command 0x0c1a tx timeout [ 106.927565][ T66] Bluetooth: hci3: command 0x0c1a tx timeout [ 106.927702][ T5349] Bluetooth: hci2: command 0x0c1a tx timeout [ 107.031974][ T6710] netlink: 'syz.0.372': attribute type 9 has an invalid length. [ 107.033998][ T6710] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.372'. [ 107.074883][ T6712] netlink: 40 bytes leftover after parsing attributes in process `syz.0.373'. [ 107.600270][ T6722] netlink: 40 bytes leftover after parsing attributes in process `syz.0.377'. [ 107.637433][ T62] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 107.644923][ T6724] openvswitch: netlink: Actions may not be safe on all matching packets [ 107.816544][ T62] usb 8-1: config 0 has no interfaces? [ 107.818239][ T62] usb 8-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 107.820585][ T62] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.826595][ T62] usb 8-1: config 0 descriptor?? [ 108.124107][ T6747] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 108.128102][ T6747] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 108.284890][ T978] usb 8-1: USB disconnect, device number 14 [ 108.606975][ T4443] usb 6-1: USB disconnect, device number 9 [ 108.609945][ T4443] iowarrior 6-1:0.1: I/O-Warror #1 now disconnected [ 108.839649][ T6755] FAULT_INJECTION: forcing a failure. [ 108.839649][ T6755] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 108.843440][ T6755] CPU: 1 UID: 0 PID: 6755 Comm: syz.3.389 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 108.846456][ T6755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 108.849411][ T6755] Call Trace: [ 108.850576][ T6755] [ 108.851733][ T6755] dump_stack_lvl+0x16c/0x1f0 [ 108.853611][ T6755] should_fail_ex+0x497/0x5b0 [ 108.855265][ T6755] ? fs_reclaim_acquire+0xae/0x160 [ 108.856712][ T6755] should_fail_alloc_page+0xe7/0x130 [ 108.858193][ T6755] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 108.860049][ T6755] __alloc_pages_noprof+0x190/0x25c0 [ 108.861880][ T6755] ? __pfx___lock_acquire+0x10/0x10 [ 108.863593][ T6755] ? hlock_class+0x4e/0x130 [ 108.865111][ T6755] ? mark_lock+0xb5/0xc60 [ 108.866729][ T6755] ? hlock_class+0x4e/0x130 [ 108.868408][ T6755] ? mark_lock+0xb5/0xc60 [ 108.870098][ T6755] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 108.872213][ T6755] ? find_held_lock+0x2d/0x110 [ 108.874029][ T6755] ? __skb_flow_dissect+0x400/0x7c80 [ 108.875724][ T6755] ? hlock_class+0x4e/0x130 [ 108.876980][ T6755] ? mark_lock+0xb5/0xc60 [ 108.878193][ T6755] ? hlock_class+0x4e/0x130 [ 108.879648][ T6755] ? mark_lock+0xb5/0xc60 [ 108.881112][ T6755] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 108.883203][ T6755] ? policy_nodemask+0xea/0x4e0 [ 108.884901][ T6755] alloc_pages_mpol_noprof+0x275/0x610 [ 108.886699][ T6755] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 108.888914][ T6755] ? find_held_lock+0x2d/0x110 [ 108.890657][ T6755] folio_alloc_mpol_noprof+0x36/0xd0 [ 108.892186][ T6755] vma_alloc_folio_noprof+0xee/0x1b0 [ 108.893939][ T6755] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 108.896038][ T6755] ? __pfx___lock_acquire+0x10/0x10 [ 108.897888][ T6755] ? __pfx_lock_acquire+0x10/0x10 [ 108.899676][ T6755] do_wp_page+0x10d1/0x4880 [ 108.901186][ T6755] ? __pfx_lock_acquire+0x10/0x10 [ 108.902796][ T6755] ? __pfx_do_wp_page+0x10/0x10 [ 108.904529][ T6755] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 108.906185][ T6755] __handle_mm_fault+0x1a93/0x2a10 [ 108.907798][ T6755] ? __pfx_mt_find+0x10/0x10 [ 108.909010][ T6755] ? __pfx_lock_acquire+0x10/0x10 [ 108.910910][ T6755] ? __pfx___handle_mm_fault+0x10/0x10 [ 108.912869][ T6755] ? find_vma+0xc0/0x140 [ 108.914205][ T6755] ? __pfx_find_vma+0x10/0x10 [ 108.915913][ T6755] handle_mm_fault+0x3fa/0xaa0 [ 108.917510][ T6755] do_user_addr_fault+0x7a3/0x13f0 [ 108.918909][ T6755] exc_page_fault+0x5c/0xc0 [ 108.920283][ T6755] asm_exc_page_fault+0x26/0x30 [ 108.921960][ T6755] RIP: 0010:_copy_to_user+0xa7/0xc0 [ 108.923783][ T6755] Code: 89 ee 48 89 ef e8 09 7a 04 fd 4d 85 f6 75 b5 e8 4f 78 04 fd 89 de 4c 89 e7 e8 a5 c6 65 fd 0f 01 cb 48 89 d9 48 89 ef 4c 89 e6 a4 0f 1f 00 0f 01 ca 48 89 cb eb 8d 66 66 2e 0f 1f 84 00 00 00 [ 108.931556][ T6755] RSP: 0018:ffffc900061f7a28 EFLAGS: 00050246 [ 108.933709][ T6755] RAX: 0000000000000001 RBX: 0000000000000e40 RCX: 0000000000000140 [ 108.936463][ T6755] RDX: 0000000000000000 RSI: ffff888012e00d40 RDI: 0000000020001000 [ 108.939549][ T6755] RBP: 0000000020000300 R08: 0000000000000000 R09: ffffed10025c01cf [ 108.942291][ T6755] R10: ffff888012e00e7f R11: 0000000000000000 R12: ffff888012e00040 [ 108.944351][ T6755] R13: 0000000020001140 R14: 0000000000000000 R15: 0000000000000e40 [ 108.946464][ T6755] ? _copy_to_user+0x9b/0xc0 [ 108.947973][ T6755] bpf_test_finish.isra.0+0x19c/0x680 [ 108.949472][ T6755] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 108.951556][ T6755] ? krealloc_noprof+0xff/0x130 [ 108.953266][ T6755] bpf_prog_test_run_skb+0x11bb/0x2140 [ 108.955255][ T6755] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 108.957471][ T6755] ? fput+0x30/0x390 [ 108.958953][ T6755] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 108.961209][ T6755] __sys_bpf+0x1921/0x5780 [ 108.962773][ T6755] ? ksys_write+0x21e/0x260 [ 108.964335][ T6755] ? __pfx___sys_bpf+0x10/0x10 [ 108.966007][ T6755] ? vfs_write+0x14d/0x1140 [ 108.967813][ T6755] ? __mutex_unlock_slowpath+0x164/0x650 [ 108.969594][ T6755] ? fput+0x30/0x390 [ 108.970842][ T6755] ? ksys_write+0x1ad/0x260 [ 108.972029][ T6755] ? __pfx_ksys_write+0x10/0x10 [ 108.973315][ T6755] __ia32_sys_bpf+0x76/0xe0 [ 108.974532][ T6755] __do_fast_syscall_32+0x73/0x120 [ 108.975865][ T6755] do_fast_syscall_32+0x32/0x80 [ 108.977430][ T6755] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 108.979578][ T6755] RIP: 0023:0xf7fef579 [ 108.981052][ T6755] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 108.986791][ T6755] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 108.989333][ T6755] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240 [ 108.992271][ T6755] RDX: 000000000000004c RSI: 0000000000000000 RDI: 0000000000000000 [ 108.995145][ T6755] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 108.997180][ T6755] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 108.999239][ T6755] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 109.001369][ T6755] [ 109.022403][ T66] Bluetooth: hci3: command 0x0c1a tx timeout [ 109.096727][ T6764] FAULT_INJECTION: forcing a failure. [ 109.096727][ T6764] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 109.101001][ T6763] hsr_slave_0: left promiscuous mode [ 109.101939][ T6764] CPU: 2 UID: 0 PID: 6764 Comm: syz.1.386 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 109.105271][ T6764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 109.108261][ T6764] Call Trace: [ 109.109161][ T6764] [ 109.109993][ T6764] dump_stack_lvl+0x16c/0x1f0 [ 109.111326][ T6764] should_fail_ex+0x497/0x5b0 [ 109.112610][ T6764] _copy_from_iter+0x29b/0x13e0 [ 109.113899][ T6764] ? __alloc_skb+0x200/0x380 [ 109.115133][ T6764] ? __pfx__copy_from_iter+0x10/0x10 [ 109.116535][ T6764] ? __virt_addr_valid+0x5e/0x590 [ 109.117911][ T6764] ? __phys_addr_symbol+0x30/0x80 [ 109.119284][ T6764] ? __check_object_size+0x488/0x710 [ 109.120895][ T6764] netlink_sendmsg+0x813/0xd70 [ 109.122234][ T6764] ? __pfx_netlink_sendmsg+0x10/0x10 [ 109.123654][ T6764] ____sys_sendmsg+0x9ae/0xb40 [ 109.124919][ T6764] ? __pfx_____sys_sendmsg+0x10/0x10 [ 109.126310][ T6764] ? get_compat_msghdr+0x11b/0x170 [ 109.127876][ T6764] ? __pfx___lock_acquire+0x10/0x10 [ 109.129367][ T6764] ___sys_sendmsg+0x135/0x1e0 [ 109.130727][ T6764] ? __pfx____sys_sendmsg+0x10/0x10 [ 109.132202][ T6764] ? ksys_write+0x21e/0x260 [ 109.133484][ T6764] ? __pfx_lock_release+0x10/0x10 [ 109.134925][ T6764] ? fdget+0x176/0x210 [ 109.136085][ T6764] __sys_sendmsg+0x117/0x1f0 [ 109.137395][ T6764] ? __pfx___sys_sendmsg+0x10/0x10 [ 109.138921][ T6764] ? __fget_files+0x244/0x3f0 [ 109.140183][ T6764] __do_fast_syscall_32+0x73/0x120 [ 109.141534][ T6764] do_fast_syscall_32+0x32/0x80 [ 109.142838][ T6764] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 109.144493][ T6764] RIP: 0023:0xf7f37579 [ 109.145566][ T6764] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 109.150625][ T6764] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 109.152815][ T6764] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080 [ 109.154884][ T6764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 109.156866][ T6764] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 109.158953][ T6764] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 109.161003][ T6764] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 109.163084][ T6764] [ 109.168180][ T6763] hsr_slave_1: left promiscuous mode [ 109.482922][ T6774] input: syz1 as /devices/virtual/input/input11 [ 109.677486][ T6782] input: syz1 as /devices/virtual/input/input12 [ 109.828875][ T62] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 109.988540][ T62] usb 8-1: config 0 has no interfaces? [ 109.990101][ T62] usb 8-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 109.992500][ T62] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.008107][ T62] usb 8-1: config 0 descriptor?? [ 110.075866][ T6790] netlink: 12 bytes leftover after parsing attributes in process `syz.0.401'. [ 110.237574][ T6795] netlink: 4 bytes leftover after parsing attributes in process `syz.0.402'. [ 110.263698][ T6798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 110.267164][ T6798] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 110.325288][ T6801] FAULT_INJECTION: forcing a failure. [ 110.325288][ T6801] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 110.330364][ T6801] CPU: 2 UID: 0 PID: 6801 Comm: syz.0.403 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 110.333616][ T6801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 110.337000][ T6801] Call Trace: [ 110.338066][ T6801] [ 110.339009][ T6801] dump_stack_lvl+0x16c/0x1f0 [ 110.340584][ T6801] should_fail_ex+0x497/0x5b0 [ 110.342114][ T6801] _copy_from_user+0x30/0xf0 [ 110.343797][ T6801] kstrtouint_from_user+0xd7/0x1c0 [ 110.345787][ T6801] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 110.347608][ T6801] ? __pfx_lock_acquire+0x10/0x10 [ 110.349236][ T6801] proc_fail_nth_write+0x84/0x250 [ 110.350845][ T6801] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 110.352628][ T6801] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 110.354426][ T6801] vfs_write+0x28e/0x1140 [ 110.355829][ T6801] ? __fget_files+0x23a/0x3f0 [ 110.357348][ T6801] ? fdget_pos+0x24c/0x360 [ 110.358784][ T6801] ? __pfx_lock_release+0x10/0x10 [ 110.360392][ T6801] ? __pfx_vfs_write+0x10/0x10 [ 110.361946][ T6801] ? __pfx___mutex_lock+0x10/0x10 [ 110.363670][ T6801] ? __fget_files+0x244/0x3f0 [ 110.365269][ T6801] ksys_write+0x12f/0x260 [ 110.366742][ T6801] ? __pfx_ksys_write+0x10/0x10 [ 110.368395][ T6801] __do_fast_syscall_32+0x73/0x120 [ 110.370116][ T6801] do_fast_syscall_32+0x32/0x80 [ 110.371763][ T6801] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 110.373745][ T6801] RIP: 0023:0xf73ae579 [ 110.374787][ T6801] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 110.379729][ T6801] RSP: 002b:00000000f56755a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 110.381899][ T6801] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5675620 [ 110.383973][ T6801] RDX: 0000000000000001 RSI: 00000000f739bff4 RDI: 0000000000000000 [ 110.386030][ T6801] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 110.388033][ T6801] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 110.390036][ T6801] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 110.392044][ T6801] [ 110.410691][ T5931] usb 8-1: USB disconnect, device number 15 [ 110.578754][ T6808] FAULT_INJECTION: forcing a failure. [ 110.578754][ T6808] name failslab, interval 1, probability 0, space 0, times 0 [ 110.582058][ T6808] CPU: 2 UID: 0 PID: 6808 Comm: syz.0.406 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 110.584735][ T6808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 110.587548][ T6808] Call Trace: [ 110.588434][ T6808] [ 110.589216][ T6808] dump_stack_lvl+0x16c/0x1f0 [ 110.590471][ T6808] should_fail_ex+0x497/0x5b0 [ 110.591703][ T6808] ? fs_reclaim_acquire+0xae/0x160 [ 110.593038][ T6808] should_failslab+0xc2/0x120 [ 110.594276][ T6808] __kmalloc_noprof+0xcb/0x410 [ 110.595605][ T6808] nla_strdup+0xc6/0x150 [ 110.596719][ T6808] nf_tables_newtable+0xe08/0x1b40 [ 110.598084][ T6808] ? net_generic+0xea/0x2a0 [ 110.599284][ T6808] ? __pfx_nf_tables_newtable+0x10/0x10 [ 110.600736][ T6808] ? __nla_parse+0x40/0x60 [ 110.601912][ T6808] nfnetlink_rcv_batch+0x1a28/0x24e0 [ 110.603322][ T6808] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 110.604793][ T6808] ? __pfx_lock_release+0x10/0x10 [ 110.606123][ T6808] ? __local_bh_enable_ip+0xa4/0x120 [ 110.607506][ T6808] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.608889][ T6808] ? __pfx___dev_queue_xmit+0x10/0x10 [ 110.610476][ T6808] ? __nla_parse+0x40/0x60 [ 110.611816][ T6808] nfnetlink_rcv+0x3c3/0x430 [ 110.613011][ T6808] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 110.614369][ T6808] netlink_unicast+0x53c/0x7f0 [ 110.615629][ T6808] ? __pfx_netlink_unicast+0x10/0x10 [ 110.617019][ T6808] ? __phys_addr_symbol+0x30/0x80 [ 110.618354][ T6808] ? __check_object_size+0x488/0x710 [ 110.619754][ T6808] netlink_sendmsg+0x8b8/0xd70 [ 110.621021][ T6808] ? __pfx_netlink_sendmsg+0x10/0x10 [ 110.622443][ T6808] ____sys_sendmsg+0x9ae/0xb40 [ 110.623709][ T6808] ? __pfx_____sys_sendmsg+0x10/0x10 [ 110.625095][ T6808] ? get_compat_msghdr+0x11b/0x170 [ 110.626460][ T6808] ? __pfx___lock_acquire+0x10/0x10 [ 110.627836][ T6808] ___sys_sendmsg+0x135/0x1e0 [ 110.629087][ T6808] ? __pfx____sys_sendmsg+0x10/0x10 [ 110.630476][ T6808] ? ksys_write+0x21e/0x260 [ 110.631670][ T6808] ? __pfx_lock_release+0x10/0x10 [ 110.633001][ T6808] ? fdget+0x176/0x210 [ 110.634075][ T6808] __sys_sendmsg+0x117/0x1f0 [ 110.635275][ T6808] ? __pfx___sys_sendmsg+0x10/0x10 [ 110.636613][ T6808] ? __fget_files+0x244/0x3f0 [ 110.637858][ T6808] __do_fast_syscall_32+0x73/0x120 [ 110.639246][ T6808] do_fast_syscall_32+0x32/0x80 [ 110.640535][ T6808] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 110.642201][ T6808] RIP: 0023:0xf73ae579 [ 110.643279][ T6808] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 110.648249][ T6808] RSP: 002b:00000000f569656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 110.650435][ T6808] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000080 [ 110.652485][ T6808] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 110.654547][ T6808] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 110.656606][ T6808] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 110.658600][ T6808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 110.660679][ T6808] [ 111.056753][ T6825] FAULT_INJECTION: forcing a failure. [ 111.056753][ T6825] name failslab, interval 1, probability 0, space 0, times 0 [ 111.064341][ T6825] CPU: 0 UID: 0 PID: 6825 Comm: syz.3.413 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 111.067090][ T6825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 111.069918][ T6825] Call Trace: [ 111.070814][ T6825] [ 111.071599][ T6825] dump_stack_lvl+0x16c/0x1f0 [ 111.072851][ T6825] should_fail_ex+0x497/0x5b0 [ 111.074088][ T6825] ? fs_reclaim_acquire+0xae/0x160 [ 111.075476][ T6825] should_failslab+0xc2/0x120 [ 111.076751][ T6825] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 111.078191][ T6825] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 111.079911][ T6825] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 111.081495][ T6825] mmu_topup_memory_caches+0x22/0xd0 [ 111.083106][ T6825] kvm_mmu_load+0xda/0x20d0 [ 111.084541][ T6825] ? mark_held_locks+0x9f/0xe0 [ 111.085824][ T6825] ? kvm_apic_has_interrupt+0xb6/0x190 [ 111.087267][ T6825] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 111.089002][ T6825] ? kvm_deliver_exception_payload+0x47/0x200 [ 111.090658][ T6825] ? __pfx_kvm_mmu_load+0x10/0x10 [ 111.092014][ T6825] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 111.093602][ T6825] ? kvm_check_and_inject_events+0x646/0x1000 [ 111.095258][ T6825] ? emulator_set_msr_with_filter+0x121/0x180 [ 111.096901][ T6825] vcpu_run+0x2e03/0x4cf0 [ 111.098366][ T6825] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 111.099888][ T6825] ? __pfx_vcpu_run+0x10/0x10 [ 111.101188][ T6825] ? __pfx_lock_acquire+0x10/0x10 [ 111.102595][ T6825] ? mark_held_locks+0x9f/0xe0 [ 111.103949][ T6825] ? fpu_swap_kvm_fpstate+0xe0/0x420 [ 111.105359][ T6825] ? __local_bh_enable_ip+0xa4/0x120 [ 111.106786][ T6825] ? lockdep_hardirqs_on+0x7c/0x110 [ 111.108654][ T6825] ? fpu_swap_kvm_fpstate+0x1c8/0x420 [ 111.110094][ T6825] ? __local_bh_enable_ip+0xa4/0x120 [ 111.111531][ T6825] ? kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 111.113052][ T6825] kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 111.114707][ T6825] kvm_vcpu_ioctl+0x6c7/0x1510 [ 111.116093][ T6825] ? tomoyo_path_number_perm+0x467/0x5b0 [ 111.117703][ T6825] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 111.119228][ T6825] ? tomoyo_path_number_perm+0x190/0x5b0 [ 111.120838][ T6825] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 111.122581][ T6825] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 111.124432][ T6825] ? do_vfs_ioctl+0x513/0x1950 [ 111.125730][ T6825] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 111.127106][ T6825] kvm_vcpu_compat_ioctl+0x210/0x3f0 [ 111.128597][ T6825] ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10 [ 111.130252][ T6825] ? __fget_files+0x244/0x3f0 [ 111.131547][ T6825] ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10 [ 111.133122][ T6825] __do_compat_sys_ioctl+0x259/0x2b0 [ 111.134605][ T6825] __do_fast_syscall_32+0x73/0x120 [ 111.135995][ T6825] do_fast_syscall_32+0x32/0x80 [ 111.137323][ T6825] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.139064][ T6825] RIP: 0023:0xf7fef579 [ 111.140146][ T6825] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 111.145451][ T6825] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 111.148089][ T6825] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80 [ 111.150119][ T6825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 111.152496][ T6825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 111.154660][ T6825] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 111.156657][ T6825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 111.158668][ T6825] [ 111.396725][ T6837] FAULT_INJECTION: forcing a failure. [ 111.396725][ T6837] name failslab, interval 1, probability 0, space 0, times 0 [ 111.400177][ T6837] CPU: 3 UID: 0 PID: 6837 Comm: syz.3.416 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 111.403053][ T6837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 111.406160][ T6837] Call Trace: [ 111.407298][ T6837] [ 111.408089][ T6837] dump_stack_lvl+0x16c/0x1f0 [ 111.409341][ T6837] should_fail_ex+0x497/0x5b0 [ 111.410619][ T6837] ? fs_reclaim_acquire+0xae/0x160 [ 111.411971][ T6837] should_failslab+0xc2/0x120 [ 111.413224][ T6837] __kmalloc_node_track_caller_noprof+0xcf/0x440 [ 111.414899][ T6837] ? __request_module+0x2e4/0x6c0 [ 111.416237][ T6837] kstrdup+0x3c/0x80 [ 111.417286][ T6837] __request_module+0x2e4/0x6c0 [ 111.418595][ T6837] ? dev_load+0x1ff/0x240 [ 111.419751][ T6837] ? __pfx___request_module+0x10/0x10 [ 111.421163][ T6837] ? aa_get_newest_label+0x376/0x680 [ 111.422621][ T6837] ? __pfx_aa_get_newest_label+0x10/0x10 [ 111.424105][ T6837] ? apparmor_capable+0x114/0x1d0 [ 111.425573][ T6837] ? dev_load+0x1de/0x240 [ 111.426855][ T6837] dev_load+0x1ff/0x240 [ 111.428019][ T6837] devinet_ioctl+0x10f/0x1e10 [ 111.429383][ T6837] ? __might_fault+0xe3/0x190 [ 111.430658][ T6837] ? __pfx_devinet_ioctl+0x10/0x10 [ 111.432033][ T6837] ? _copy_from_user+0x5d/0xf0 [ 111.433346][ T6837] inet_ioctl+0x3aa/0x3f0 [ 111.434516][ T6837] ? __pfx_inet_ioctl+0x10/0x10 [ 111.435816][ T6837] ? find_held_lock+0x2d/0x110 [ 111.437099][ T6837] ? tomoyo_path_number_perm+0x292/0x5b0 [ 111.438601][ T6837] ? __pfx_lock_release+0x10/0x10 [ 111.439950][ T6837] ? tomoyo_path_number_perm+0x190/0x5b0 [ 111.441436][ T6837] sock_do_ioctl+0x116/0x280 [ 111.442690][ T6837] ? __pfx_sock_do_ioctl+0x10/0x10 [ 111.444051][ T6837] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 111.445397][ T6837] compat_sock_ioctl+0x318/0x7e0 [ 111.446726][ T6837] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 111.448353][ T6837] ? __fget_files+0x244/0x3f0 [ 111.449848][ T6837] ? __fget_files+0x244/0x3f0 [ 111.451209][ T6837] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 111.453006][ T6837] __do_compat_sys_ioctl+0x259/0x2b0 [ 111.454533][ T6837] __do_fast_syscall_32+0x73/0x120 [ 111.455955][ T6837] do_fast_syscall_32+0x32/0x80 [ 111.457237][ T6837] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.458896][ T6837] RIP: 0023:0xf7fef579 [ 111.459969][ T6837] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 111.464975][ T6837] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 111.467144][ T6837] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000000008914 [ 111.469205][ T6837] RDX: 0000000020002280 RSI: 0000000000000000 RDI: 0000000000000000 [ 111.471270][ T6837] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 111.473306][ T6837] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 111.475364][ T6837] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 111.477425][ T6837] [ 111.629707][ T6846] netlink: 'syz.3.419': attribute type 4 has an invalid length. [ 111.769768][ T6859] FAULT_INJECTION: forcing a failure. [ 111.769768][ T6859] name failslab, interval 1, probability 0, space 0, times 0 [ 111.773500][ T6859] CPU: 0 UID: 0 PID: 6859 Comm: syz.2.423 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 111.776242][ T6859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 111.779124][ T6859] Call Trace: [ 111.780030][ T6859] [ 111.780834][ T6859] dump_stack_lvl+0x16c/0x1f0 [ 111.782124][ T6859] should_fail_ex+0x497/0x5b0 [ 111.783406][ T6859] ? fs_reclaim_acquire+0xae/0x160 [ 111.784785][ T6859] should_failslab+0xc2/0x120 [ 111.786056][ T6859] __kmalloc_noprof+0xcb/0x410 [ 111.787358][ T6859] ? rcu_is_watching+0x12/0xc0 [ 111.788625][ T6859] tomoyo_encode2+0x100/0x3e0 [ 111.789898][ T6859] tomoyo_realpath_from_path+0x1a7/0x710 [ 111.791414][ T6859] ? tomoyo_profile+0x47/0x60 [ 111.792685][ T6859] tomoyo_path_number_perm+0x245/0x5b0 [ 111.794118][ T6859] ? tomoyo_path_number_perm+0x232/0x5b0 [ 111.795631][ T6859] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 111.797251][ T6859] ? __fget_files+0x244/0x3f0 [ 111.798526][ T6859] ? __fget_files+0x244/0x3f0 [ 111.799803][ T6859] security_file_ioctl_compat+0x9b/0x240 [ 111.801313][ T6859] __do_compat_sys_ioctl+0x52/0x2b0 [ 111.802687][ T6859] __do_fast_syscall_32+0x73/0x120 [ 111.804077][ T6859] do_fast_syscall_32+0x32/0x80 [ 111.805389][ T6859] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.807080][ T6859] RIP: 0023:0xf7fb3579 [ 111.808177][ T6859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 111.813277][ T6859] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 111.815522][ T6859] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000004048aecb [ 111.817633][ T6859] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 111.819748][ T6859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 111.821855][ T6859] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 111.823985][ T6859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 111.826108][ T6859] [ 111.828094][ T6859] ERROR: Out of memory at tomoyo_realpath_from_path. [ 111.969226][ T5732] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 112.097083][ T62] libceph: connect (1)[c::]:6789 error -101 [ 112.100196][ T62] libceph: mon0 (1)[c::]:6789 connect error [ 112.164187][ T5732] usb 8-1: config 0 has no interfaces? [ 112.166509][ T5732] usb 8-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 112.170251][ T5732] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.180734][ T5732] usb 8-1: config 0 descriptor?? [ 112.199423][ T6881] dccp_invalid_packet: pskb_may_pull failed [ 112.359649][ T62] libceph: connect (1)[c::]:6789 error -101 [ 112.361725][ T62] libceph: mon0 (1)[c::]:6789 connect error [ 112.455857][ T6884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 112.459053][ T6884] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.642849][ T9] usb 8-1: USB disconnect, device number 16 [ 112.839437][ T6869] ceph: No mds server is up or the cluster is laggy [ 112.867718][ T62] libceph: connect (1)[c::]:6789 error -101 [ 112.869562][ T62] libceph: mon0 (1)[c::]:6789 connect error [ 113.258941][ T6906] netlink: 'syz.0.435': attribute type 15 has an invalid length. [ 113.261172][ T6906] netlink: 24 bytes leftover after parsing attributes in process `syz.0.435'. [ 113.415483][ T6914] netlink: 24 bytes leftover after parsing attributes in process `syz.3.438'. [ 113.439929][ T6917] FAULT_INJECTION: forcing a failure. [ 113.439929][ T6917] name failslab, interval 1, probability 0, space 0, times 0 [ 113.444724][ T6917] CPU: 0 UID: 0 PID: 6917 Comm: syz.2.441 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 113.448556][ T6917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 113.452210][ T6917] Call Trace: [ 113.453467][ T6917] [ 113.454579][ T6917] dump_stack_lvl+0x16c/0x1f0 [ 113.456307][ T6917] should_fail_ex+0x497/0x5b0 [ 113.458023][ T6917] ? fs_reclaim_acquire+0xae/0x160 [ 113.459848][ T6917] should_failslab+0xc2/0x120 [ 113.461474][ T6917] kmem_cache_alloc_node_noprof+0x71/0x310 [ 113.463530][ T6917] ? alloc_vmap_area+0x636/0x2a70 [ 113.465376][ T6917] alloc_vmap_area+0x636/0x2a70 [ 113.467107][ T6917] ? __pfx_alloc_vmap_area+0x10/0x10 [ 113.469155][ T6917] __get_vm_area_node+0x17e/0x2d0 [ 113.470871][ T6917] __vmalloc_node_range_noprof+0x26a/0x15b0 [ 113.472900][ T6917] ? xt_compat_init_offsets+0xe1/0x1f0 [ 113.474629][ T6917] ? __mutex_trylock_common+0xea/0x250 [ 113.476603][ T6917] ? xt_compat_init_offsets+0xe1/0x1f0 [ 113.478515][ T6917] ? trace_contention_end+0xea/0x140 [ 113.480386][ T6917] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 113.482618][ T6917] ? xt_find_table_lock+0x58/0x4f0 [ 113.484340][ T6917] ? __pfx___mutex_lock+0x10/0x10 [ 113.486180][ T6917] ? __pfx_lock_release+0x10/0x10 [ 113.488153][ T6917] ? xt_compat_init_offsets+0xe1/0x1f0 [ 113.490267][ T6917] vmalloc_noprof+0x6b/0x90 [ 113.491611][ T6917] ? xt_compat_init_offsets+0xe1/0x1f0 [ 113.493398][ T6917] xt_compat_init_offsets+0xe1/0x1f0 [ 113.495328][ T6917] compat_table_info+0xb7/0x5b0 [ 113.497008][ T6917] ? xt_find_table_lock+0x13f/0x4f0 [ 113.498840][ T6917] compat_get_entries+0x210/0x7d0 [ 113.500673][ T6917] ? __local_bh_enable_ip+0xa4/0x120 [ 113.502612][ T6917] ? __pfx_compat_get_entries+0x10/0x10 [ 113.504490][ T6917] ? aa_get_newest_label+0x376/0x680 [ 113.505870][ T6917] ? __pfx_aa_get_newest_label+0x10/0x10 [ 113.507356][ T6917] ? bpf_lsm_capable+0x9/0x10 [ 113.508589][ T6917] ? security_capable+0x7e/0x260 [ 113.510039][ T6917] do_ipt_get_ctl+0x598/0xaa0 [ 113.511848][ T6917] ? __mutex_unlock_slowpath+0x164/0x650 [ 113.513944][ T6917] ? __pfx_do_ipt_get_ctl+0x10/0x10 [ 113.515817][ T6917] ? find_held_lock+0x2d/0x110 [ 113.517530][ T6917] ? __pfx_lock_release+0x10/0x10 [ 113.519257][ T6917] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 113.521304][ T6917] nf_getsockopt+0x79/0xe0 [ 113.522877][ T6917] ip_getsockopt+0x18e/0x1e0 [ 113.524490][ T6917] ? __pfx_ip_getsockopt+0x10/0x10 [ 113.526257][ T6917] ? __pfx___lock_acquire+0x10/0x10 [ 113.528069][ T6917] tcp_getsockopt+0x9e/0x100 [ 113.529646][ T6917] smc_getsockopt+0x163/0x360 [ 113.531317][ T6917] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 113.533484][ T6917] ? __pfx_smc_getsockopt+0x10/0x10 [ 113.535230][ T6917] ? __pfx_smc_getsockopt+0x10/0x10 [ 113.536997][ T6917] do_sock_getsockopt+0x3fe/0x870 [ 113.538773][ T6917] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 113.540549][ T6917] ? __fget_files+0x244/0x3f0 [ 113.542223][ T6917] __sys_getsockopt+0x1a1/0x270 [ 113.543921][ T6917] ? __pfx___sys_getsockopt+0x10/0x10 [ 113.545759][ T6917] ? fput+0x30/0x390 [ 113.547147][ T6917] ? ksys_write+0x1ad/0x260 [ 113.548761][ T6917] ? __pfx_ksys_write+0x10/0x10 [ 113.550472][ T6917] __ia32_sys_getsockopt+0xbc/0x160 [ 113.552306][ T6917] ? lockdep_hardirqs_on+0x7c/0x110 [ 113.554114][ T6917] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 113.556448][ T6917] __do_fast_syscall_32+0x73/0x120 [ 113.558133][ T6917] do_fast_syscall_32+0x32/0x80 [ 113.559721][ T6917] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 113.561792][ T6917] RIP: 0023:0xf7fb3579 [ 113.563161][ T6917] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 113.569169][ T6917] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 113.571973][ T6917] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 113.574698][ T6917] RDX: 0000000000000041 RSI: 00000000200001c0 RDI: 00000000200000c0 [ 113.577405][ T6917] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 113.579936][ T6917] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 113.582384][ T6917] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 113.584911][ T6917] [ 113.593226][ T6917] syz.2.441: vmalloc error: size 32, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 113.601789][ T6917] CPU: 0 UID: 0 PID: 6917 Comm: syz.2.441 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 113.605345][ T6917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 113.608958][ T6917] Call Trace: [ 113.610111][ T6917] [ 113.610944][ T6917] dump_stack_lvl+0x16c/0x1f0 [ 113.612186][ T6917] warn_alloc+0x24d/0x3a0 [ 113.613661][ T6917] ? __pfx_warn_alloc+0x10/0x10 [ 113.615351][ T6917] ? kfree+0x14f/0x4b0 [ 113.616780][ T6917] ? __get_vm_area_node+0x1bc/0x2d0 [ 113.618579][ T6917] __vmalloc_node_range_noprof+0xd34/0x15b0 [ 113.620606][ T6917] ? __mutex_trylock_common+0xea/0x250 [ 113.622514][ T6917] ? xt_compat_init_offsets+0xe1/0x1f0 [ 113.624381][ T6917] ? trace_contention_end+0xea/0x140 [ 113.626205][ T6917] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 113.628374][ T6917] ? xt_find_table_lock+0x58/0x4f0 [ 113.630150][ T6917] ? __pfx___mutex_lock+0x10/0x10 [ 113.631888][ T6917] ? __pfx_lock_release+0x10/0x10 [ 113.633639][ T6917] ? xt_compat_init_offsets+0xe1/0x1f0 [ 113.635537][ T6917] vmalloc_noprof+0x6b/0x90 [ 113.637137][ T6917] ? xt_compat_init_offsets+0xe1/0x1f0 [ 113.638962][ T6917] xt_compat_init_offsets+0xe1/0x1f0 [ 113.640547][ T6917] compat_table_info+0xb7/0x5b0 [ 113.641748][ T6917] ? xt_find_table_lock+0x13f/0x4f0 [ 113.643189][ T6917] compat_get_entries+0x210/0x7d0 [ 113.644503][ T6917] ? __local_bh_enable_ip+0xa4/0x120 [ 113.645872][ T6917] ? __pfx_compat_get_entries+0x10/0x10 [ 113.647320][ T6917] ? aa_get_newest_label+0x376/0x680 [ 113.648699][ T6917] ? __pfx_aa_get_newest_label+0x10/0x10 [ 113.650191][ T6917] ? bpf_lsm_capable+0x9/0x10 [ 113.651390][ T6917] ? security_capable+0x7e/0x260 [ 113.652681][ T6917] do_ipt_get_ctl+0x598/0xaa0 [ 113.653918][ T6917] ? __mutex_unlock_slowpath+0x164/0x650 [ 113.655387][ T6917] ? __pfx_do_ipt_get_ctl+0x10/0x10 [ 113.656740][ T6917] ? find_held_lock+0x2d/0x110 [ 113.657965][ T6917] ? __pfx_lock_release+0x10/0x10 [ 113.659293][ T6917] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 113.660897][ T6917] nf_getsockopt+0x79/0xe0 [ 113.662235][ T6917] ip_getsockopt+0x18e/0x1e0 [ 113.663670][ T6917] ? __pfx_ip_getsockopt+0x10/0x10 [ 113.664994][ T6917] ? __pfx___lock_acquire+0x10/0x10 [ 113.666303][ T6917] tcp_getsockopt+0x9e/0x100 [ 113.667537][ T6917] smc_getsockopt+0x163/0x360 [ 113.668763][ T6917] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 113.670594][ T6917] ? __pfx_smc_getsockopt+0x10/0x10 [ 113.672377][ T6917] ? __pfx_smc_getsockopt+0x10/0x10 [ 113.674179][ T6917] do_sock_getsockopt+0x3fe/0x870 [ 113.675928][ T6917] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 113.677756][ T6917] ? __fget_files+0x244/0x3f0 [ 113.679372][ T6917] __sys_getsockopt+0x1a1/0x270 [ 113.680865][ T6917] ? __pfx___sys_getsockopt+0x10/0x10 [ 113.682274][ T6917] ? fput+0x30/0x390 [ 113.683345][ T6917] ? ksys_write+0x1ad/0x260 [ 113.684542][ T6917] ? __pfx_ksys_write+0x10/0x10 [ 113.685820][ T6917] __ia32_sys_getsockopt+0xbc/0x160 [ 113.687197][ T6917] ? lockdep_hardirqs_on+0x7c/0x110 [ 113.688556][ T6917] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 113.690431][ T6917] __do_fast_syscall_32+0x73/0x120 [ 113.691769][ T6917] do_fast_syscall_32+0x32/0x80 [ 113.693037][ T6917] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 113.694710][ T6917] RIP: 0023:0xf7fb3579 [ 113.695780][ T6917] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 113.701026][ T6917] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 113.703525][ T6917] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 113.706034][ T6917] RDX: 0000000000000041 RSI: 00000000200001c0 RDI: 00000000200000c0 [ 113.708713][ T6917] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 113.711462][ T6917] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 113.714282][ T6917] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 113.717073][ T6917] [ 113.721709][ T6917] Mem-Info: [ 113.722670][ T6917] active_anon:5838 inactive_anon:140 isolated_anon:0 [ 113.722670][ T6917] active_file:6916 inactive_file:41735 isolated_file:0 [ 113.722670][ T6917] unevictable:778 dirty:638 writeback:0 [ 113.722670][ T6917] slab_reclaimable:5324 slab_unreclaimable:51840 [ 113.722670][ T6917] mapped:20610 shmem:3807 pagetables:735 [ 113.722670][ T6917] sec_pagetables:312 bounce:0 [ 113.722670][ T6917] kernel_misc_reclaimable:0 [ 113.722670][ T6917] free:84666 free_pcp:2331 free_cma:0 [ 113.740714][ T6917] Node 0 active_anon:64kB inactive_anon:24kB active_file:48kB inactive_file:80kB unevictable:1576kB isolated(anon):0kB isolated(file):0kB mapped:1612kB dirty:84kB writeback:0kB shmem:1556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9560kB pagetables:1264kB sec_pagetables:1180kB all_unreclaimable? no [ 113.751936][ T6917] Node 1 active_anon:23288kB inactive_anon:536kB active_file:27540kB inactive_file:166936kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:80828kB dirty:2468kB writeback:0kB shmem:13672kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1880kB pagetables:1676kB sec_pagetables:68kB all_unreclaimable? no [ 113.763885][ T6917] Node 0 DMA free:972kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:8kB inactive_file:0kB unevictable:40kB writepending:0kB present:15992kB managed:15360kB mlocked:40kB bounce:0kB free_pcp:272kB local_pcp:88kB free_cma:0kB [ 113.764261][ T6913] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3964470754 (7928941508 ns) > initial count (7309493280 ns). Using initial count to start timer. [ 113.775955][ T6917] lowmem_reserve[]: 0 273 0 0 0 [ 113.780887][ T6917] Node 0 DMA32 free:21524kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:8kB active_file:136kB inactive_file:0kB unevictable:1536kB writepending:84kB present:1032196kB managed:306260kB mlocked:0kB bounce:0kB free_pcp:868kB local_pcp:156kB free_cma:0kB [ 113.789018][ T6917] lowmem_reserve[]: 0 0 0 0 0 [ 113.790440][ T6917] Node 1 DMA32 free:316168kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:23288kB inactive_anon:536kB active_file:27540kB inactive_file:166936kB unevictable:1536kB writepending:2468kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:8276kB local_pcp:1632kB free_cma:0kB [ 113.799640][ T6917] lowmem_reserve[]: 0 0 0 0 0 [ 113.801774][ T6917] Node 0 DMA: 25*4kB (UE) 43*8kB (UE) 5*16kB (UE) 14*32kB (UE) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 972kB [ 113.807896][ T6917] Node 0 DMA32: 635*4kB (UEH) 119*8kB (UMEH) 19*16kB (UMH) 74*32kB (UMEH) 46*64kB (UMEH) 28*128kB (UMEH) 11*256kB (MEH) 10*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 21652kB [ 113.814874][ T6917] Node 1 DMA32: 15*4kB (UM) 44*8kB (U) 16*16kB (UE) 73*32kB (UE) 145*64kB (UME) 54*128kB (UME) 30*256kB (UM) 27*512kB (UM) 27*1024kB (UME) 11*2048kB (UME) 55*4096kB (UM) = 316156kB [ 113.821935][ T6917] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 113.825113][ T6917] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 113.828534][ T6917] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 113.832199][ T6917] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 113.835747][ T6917] 53213 total pagecache pages [ 113.837948][ T6917] 739 pages in swap cache [ 113.839624][ T6917] Free swap = 110612kB [ 113.841234][ T6917] Total swap = 124996kB [ 113.842860][ T6917] 524155 pages RAM [ 113.844310][ T6917] 0 pages HighMem/MovableOnly [ 113.846090][ T6917] 206687 pages reserved [ 113.847685][ T6917] 0 pages cma reserved [ 114.421361][ T6941] libceph: resolve '. [ 114.421361][ T6941] #)|.fǝa2sow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 114.421361][ T6941] ' (ret=-3): failed [ 115.146638][ T6941] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 115.154897][ T6941] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 115.157033][ T6941] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 116.608233][ T66] Bluetooth: hci1: command 0x0c1a tx timeout [ 116.857456][ T4443] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 116.877456][ T62] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 117.007429][ T62] usb 8-1: device descriptor read/64, error -71 [ 117.019756][ T4443] usb 5-1: config 0 has no interfaces? [ 117.021481][ T4443] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 117.024328][ T4443] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.027541][ T4443] usb 5-1: config 0 descriptor?? [ 117.167521][ T66] Bluetooth: hci3: command 0x0c1a tx timeout [ 117.167967][ T5347] Bluetooth: hci2: command 0x0c1a tx timeout [ 117.247523][ T62] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 117.294838][ T6985] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 117.298335][ T6985] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.378000][ T62] usb 8-1: device descriptor read/64, error -71 [ 117.475175][ T9] usb 5-1: USB disconnect, device number 8 [ 117.487606][ T62] usb usb8-port1: attempt power cycle [ 117.827891][ T62] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 117.850815][ T62] usb 8-1: device descriptor read/8, error -71 [ 118.087572][ T62] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 118.111143][ T62] usb 8-1: device descriptor read/8, error -71 [ 118.172646][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 118.172665][ T39] audit: type=1326 audit(1727432288.433:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6991 comm="syz.0.463" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ae579 code=0x0 [ 118.218066][ T62] usb usb8-port1: unable to enumerate USB device [ 119.143608][ T7006] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 119.222781][ T39] audit: type=1326 audit(1727432289.483:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.231348][ T39] audit: type=1326 audit(1727432289.483:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.237658][ T39] audit: type=1326 audit(1727432289.483:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.243803][ T39] audit: type=1326 audit(1727432289.483:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.252139][ T39] audit: type=1326 audit(1727432289.483:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.259696][ T39] audit: type=1326 audit(1727432289.483:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.265910][ T39] audit: type=1326 audit(1727432289.483:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.274581][ T39] audit: type=1326 audit(1727432289.483:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.280461][ T39] audit: type=1326 audit(1727432289.483:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.2.467" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fb3579 code=0x7ffc0000 [ 119.939257][ T7027] hsr0: entered promiscuous mode [ 119.941313][ T7027] hsr_slave_0: left promiscuous mode [ 119.943555][ T7027] hsr_slave_1: left promiscuous mode [ 119.956161][ T7027] hsr0 (unregistering): left promiscuous mode [ 120.157534][ T9] usb 8-1: new high-speed USB device number 21 using dummy_hcd [ 120.319872][ T9] usb 8-1: config 0 has no interfaces? [ 120.321982][ T9] usb 8-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 120.324391][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.329381][ T9] usb 8-1: config 0 descriptor?? [ 120.591103][ T7043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.594407][ T7043] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.680595][ T828] usb 8-1: USB disconnect, device number 21 [ 120.866203][ T7051] veth1_to_team: entered allmulticast mode [ 120.885466][ T7051] 9pnet_fd: Insufficient options for proto=fd [ 121.006045][ T7053] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 121.230929][ T7065] FAULT_INJECTION: forcing a failure. [ 121.230929][ T7065] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 121.234322][ T7065] CPU: 3 UID: 0 PID: 7065 Comm: syz.2.487 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 121.236903][ T7065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 121.239970][ T7065] Call Trace: [ 121.240857][ T7065] [ 121.241649][ T7065] dump_stack_lvl+0x16c/0x1f0 [ 121.242921][ T7065] should_fail_ex+0x497/0x5b0 [ 121.244176][ T7065] _copy_from_user+0x30/0xf0 [ 121.245395][ T7065] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 121.246902][ T7065] do_procmap_query+0x111/0xfe0 [ 121.248208][ T7065] ? do_vfs_ioctl+0x513/0x1950 [ 121.249487][ T7065] ? __pfx_do_procmap_query+0x10/0x10 [ 121.250859][ T7065] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 121.252115][ T7065] ? __fget_files+0x244/0x3f0 [ 121.253548][ T7065] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 121.255068][ T7065] procfs_procmap_ioctl+0x7d/0xb0 [ 121.256357][ T7065] compat_ptr_ioctl+0x6b/0xa0 [ 121.257849][ T7065] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 121.259295][ T7065] __do_compat_sys_ioctl+0x259/0x2b0 [ 121.260620][ T7065] __do_fast_syscall_32+0x73/0x120 [ 121.261969][ T7065] do_fast_syscall_32+0x32/0x80 [ 121.263291][ T7065] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 121.264859][ T7065] RIP: 0023:0xf7fb3579 [ 121.265993][ T7065] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 121.270850][ T7065] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 121.272870][ T7065] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0686611 [ 121.274808][ T7065] RDX: 0000000020000180 RSI: 0000000000000000 RDI: 0000000000000000 [ 121.276740][ T7065] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 121.278688][ T7065] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 121.280606][ T7065] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 121.282559][ T7065] [ 121.285886][ T7072] netlink: 'syz.0.490': attribute type 2 has an invalid length. [ 121.289836][ T7072] netlink: 36 bytes leftover after parsing attributes in process `syz.0.490'. [ 123.048832][ T7113] netlink: 44 bytes leftover after parsing attributes in process `syz.2.504'. [ 123.052999][ T7113] fuse: Unknown parameter '0x0000000000000005' [ 123.217154][ T7117] netlink: 4 bytes leftover after parsing attributes in process `syz.0.506'. [ 123.224597][ T7117] netlink: 12 bytes leftover after parsing attributes in process `syz.0.506'. [ 123.469432][ T7124] netlink: 40 bytes leftover after parsing attributes in process `syz.0.508'. [ 123.634520][ T7133] overlayfs: failed to get inode (-116) [ 123.636832][ T7133] overlayfs: failed to get inode (-116) [ 124.818040][ T62] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 124.877928][ T7161] FAULT_INJECTION: forcing a failure. [ 124.877928][ T7161] name failslab, interval 1, probability 0, space 0, times 0 [ 124.882990][ T7161] CPU: 0 UID: 0 PID: 7161 Comm: syz.1.523 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 124.886513][ T7161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 124.889680][ T7161] Call Trace: [ 124.890605][ T7161] [ 124.891421][ T7161] dump_stack_lvl+0x16c/0x1f0 [ 124.892852][ T7161] should_fail_ex+0x497/0x5b0 [ 124.894248][ T7161] ? fs_reclaim_acquire+0xae/0x160 [ 124.895961][ T7161] should_failslab+0xc2/0x120 [ 124.897235][ T7161] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 124.897692][ T7144] netlink: 4 bytes leftover after parsing attributes in process `syz.3.517'. [ 124.898752][ T7161] ? __d_alloc+0x35/0x8c0 [ 124.903033][ T7161] __d_alloc+0x35/0x8c0 [ 124.904171][ T7161] d_alloc+0x4a/0x1e0 [ 124.905254][ T7161] d_alloc_parallel+0xe9/0x12b0 [ 124.906630][ T7161] ? __pfx_d_alloc_parallel+0x10/0x10 [ 124.908054][ T7161] ? lockdep_init_map_type+0x16d/0x7d0 [ 124.909497][ T7161] ? lockdep_init_map_type+0x16d/0x7d0 [ 124.910949][ T7161] __lookup_slow+0x194/0x460 [ 124.912177][ T7161] ? __pfx___lookup_slow+0x10/0x10 [ 124.913537][ T7161] ? __startup_64+0x120/0x2a0 [ 124.914811][ T7161] ? __startup_64+0x120/0x2a0 [ 124.916098][ T7161] ? lookup_fast+0x155/0x540 [ 124.917333][ T7161] walk_component+0x350/0x5b0 [ 124.918605][ T7161] path_lookupat+0x17f/0x770 [ 124.919838][ T7161] filename_lookup+0x1e5/0x5b0 [ 124.921119][ T7161] ? __pfx_filename_lookup+0x10/0x10 [ 124.922566][ T7161] ? trace_kmem_cache_alloc+0x2d/0xe0 [ 124.923990][ T7161] ? kmem_cache_alloc_noprof+0x174/0x2f0 [ 124.925507][ T7161] ? getname_kernel+0x52/0x370 [ 124.927161][ T7161] kern_path+0x35/0x50 [ 124.928556][ T7161] bpf_uprobe_multi_link_attach+0x31c/0xf50 [ 124.930569][ T7161] ? __might_fault+0x13b/0x190 [ 124.932196][ T7161] ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10 [ 124.934366][ T7161] ? __fget_files+0x244/0x3f0 [ 124.935983][ T7161] ? fput+0x30/0x390 [ 124.937318][ T7161] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 124.939348][ T7161] __sys_bpf+0x4897/0x5780 [ 124.940863][ T7161] ? ksys_write+0x21e/0x260 [ 124.942445][ T7161] ? __pfx___sys_bpf+0x10/0x10 [ 124.944075][ T7161] ? vfs_write+0x14d/0x1140 [ 124.945628][ T7161] ? __mutex_unlock_slowpath+0x164/0x650 [ 124.947585][ T7161] ? fput+0x30/0x390 [ 124.948861][ T7161] ? ksys_write+0x1ad/0x260 [ 124.950436][ T7161] ? __pfx_ksys_write+0x10/0x10 [ 124.951872][ T7161] __ia32_sys_bpf+0x76/0xe0 [ 124.953110][ T7161] __do_fast_syscall_32+0x73/0x120 [ 124.954521][ T7161] do_fast_syscall_32+0x32/0x80 [ 124.955810][ T7161] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 124.957478][ T7161] RIP: 0023:0xf7f37579 [ 124.958583][ T7161] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 124.963822][ T7161] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 124.966011][ T7161] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00000000200005c0 [ 124.968082][ T7161] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 124.970126][ T7161] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 124.972193][ T7161] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 124.974268][ T7161] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 124.976323][ T7161] [ 124.980011][ T62] usb 7-1: config 0 has no interfaces? [ 124.985589][ T62] usb 7-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 124.988672][ T62] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.002526][ T62] usb 7-1: config 0 descriptor?? [ 125.265752][ T7169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.274876][ T7169] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 125.409703][ T828] usb 7-1: USB disconnect, device number 15 [ 126.132500][ T7188] netlink: 24 bytes leftover after parsing attributes in process `syz.3.529'. [ 126.313157][ T7188] block nbd3: shutting down sockets [ 126.793539][ T7214] netlink: 24 bytes leftover after parsing attributes in process `syz.2.537'. [ 126.796549][ T7214] netlink: 228 bytes leftover after parsing attributes in process `syz.2.537'. [ 126.801691][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.2.537'. [ 127.172648][ T7234] IPv6: NLM_F_REPLACE set, but no existing node found! [ 127.174936][ T7234] FAULT_INJECTION: forcing a failure. [ 127.174936][ T7234] name failslab, interval 1, probability 0, space 0, times 0 [ 127.179030][ T7234] CPU: 0 UID: 0 PID: 7234 Comm: syz.2.543 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 127.181565][ T7234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.184263][ T7234] Call Trace: [ 127.185128][ T7234] [ 127.185878][ T7234] dump_stack_lvl+0x16c/0x1f0 [ 127.187113][ T7234] should_fail_ex+0x497/0x5b0 [ 127.188319][ T7234] ? fs_reclaim_acquire+0xae/0x160 [ 127.189644][ T7234] should_failslab+0xc2/0x120 [ 127.190846][ T7234] kmem_cache_alloc_node_noprof+0x71/0x310 [ 127.192332][ T7234] ? __alloc_skb+0x2b3/0x380 [ 127.193515][ T7234] __alloc_skb+0x2b3/0x380 [ 127.194679][ T7234] ? __pfx___alloc_skb+0x10/0x10 [ 127.195944][ T7234] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 127.197255][ T7234] netlink_ack+0x164/0xb20 [ 127.198454][ T7234] netlink_rcv_skb+0x327/0x410 [ 127.199653][ T7234] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 127.200970][ T7234] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 127.202291][ T7234] ? rcu_is_watching+0x12/0xc0 [ 127.203540][ T7234] netlink_unicast+0x53c/0x7f0 [ 127.204705][ T7234] ? __pfx_netlink_unicast+0x10/0x10 [ 127.206063][ T7234] ? __phys_addr_symbol+0x30/0x80 [ 127.207313][ T7234] ? __check_object_size+0x488/0x710 [ 127.208605][ T7234] netlink_sendmsg+0x8b8/0xd70 [ 127.209841][ T7234] ? __pfx_netlink_sendmsg+0x10/0x10 [ 127.211213][ T7234] ____sys_sendmsg+0x9ae/0xb40 [ 127.212421][ T7234] ? __pfx_____sys_sendmsg+0x10/0x10 [ 127.213737][ T7234] ? get_compat_msghdr+0x11b/0x170 [ 127.215060][ T7234] ? __pfx___lock_acquire+0x10/0x10 [ 127.216311][ T7234] ___sys_sendmsg+0x135/0x1e0 [ 127.217495][ T7234] ? __pfx____sys_sendmsg+0x10/0x10 [ 127.218813][ T7234] ? ksys_write+0x21e/0x260 [ 127.219943][ T7234] ? __pfx_lock_release+0x10/0x10 [ 127.221222][ T7234] ? fdget+0x176/0x210 [ 127.222273][ T7234] __sys_sendmsg+0x117/0x1f0 [ 127.223441][ T7234] ? __pfx___sys_sendmsg+0x10/0x10 [ 127.224764][ T7234] ? __fget_files+0x244/0x3f0 [ 127.225929][ T7234] __do_fast_syscall_32+0x73/0x120 [ 127.227181][ T7234] do_fast_syscall_32+0x32/0x80 [ 127.228360][ T7234] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 127.229924][ T7234] RIP: 0023:0xf7fb3579 [ 127.230942][ T7234] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 127.235568][ T7234] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 127.237597][ T7234] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100 [ 127.239609][ T7234] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 127.241593][ T7234] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 127.243662][ T7234] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 127.245696][ T7234] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 127.247801][ T7234] [ 127.347862][ T978] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 127.462555][ T7242] FAULT_INJECTION: forcing a failure. [ 127.462555][ T7242] name failslab, interval 1, probability 0, space 0, times 0 [ 127.466595][ T7242] CPU: 2 UID: 0 PID: 7242 Comm: syz.3.546 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 127.470087][ T7242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.473491][ T7242] Call Trace: [ 127.474578][ T7242] [ 127.475512][ T7242] dump_stack_lvl+0x16c/0x1f0 [ 127.476995][ T7242] should_fail_ex+0x497/0x5b0 [ 127.478516][ T7242] ? fs_reclaim_acquire+0xae/0x160 [ 127.479715][ T7239] [ 127.480097][ T7242] should_failslab+0xc2/0x120 [ 127.480886][ T7239] ====================================================== [ 127.482364][ T7242] kmem_cache_alloc_node_noprof+0x71/0x310 [ 127.484549][ T7239] WARNING: possible circular locking dependency detected [ 127.486319][ T7242] ? __alloc_skb+0x2b3/0x380 [ 127.488584][ T7239] 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 Not tainted [ 127.490061][ T7242] __alloc_skb+0x2b3/0x380 [ 127.493624][ T7239] ------------------------------------------------------ [ 127.495025][ T7242] ? __pfx___alloc_skb+0x10/0x10 [ 127.497451][ T7239] syz.2.545/7239 is trying to acquire lock: [ 127.499042][ T7242] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 127.500928][ T7239] ffff888060c8f1d0 [ 127.502530][ T7242] netlink_ack+0x164/0xb20 [ 127.502554][ T7242] netlink_rcv_skb+0x327/0x410 [ 127.503686][ T7239] (&sb->s_type->i_mutex_key [ 127.505209][ T7242] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 127.506730][ T7239] #12){+.+.}-{3:3} [ 127.508160][ T7242] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 127.509905][ T7239] , at: process_measurement+0x39c/0x2370 [ 127.511088][ T7242] ? netlink_deliver_tap+0x1ae/0xcf0 [ 127.512757][ T7239] [ 127.512757][ T7239] but task is already holding lock: [ 127.514538][ T7242] netlink_unicast+0x53c/0x7f0 [ 127.516192][ T7239] ffff8880570d3118 [ 127.518463][ T7242] ? __pfx_netlink_unicast+0x10/0x10 [ 127.519951][ T7239] (&mm->mmap_lock [ 127.521125][ T7242] ? __phys_addr_symbol+0x30/0x80 [ 127.522806][ T7239] ){++++}-{3:3} [ 127.523955][ T7242] ? __check_object_size+0x488/0x710 [ 127.525545][ T7239] , at: __do_sys_remap_file_pages+0x184/0x900 [ 127.526655][ T7242] netlink_sendmsg+0x8b8/0xd70 [ 127.528351][ T7239] [ 127.528351][ T7239] which lock already depends on the new lock. [ 127.528351][ T7239] [ 127.530256][ T7242] ? __pfx_netlink_sendmsg+0x10/0x10 [ 127.531742][ T7239] [ 127.531742][ T7239] the existing dependency chain (in reverse order) is: [ 127.531749][ T7239] [ 127.531749][ T7239] -> #1 [ 127.534943][ T7242] ____sys_sendmsg+0x9ae/0xb40 [ 127.536625][ T7239] ( [ 127.539413][ T7242] ? __pfx_____sys_sendmsg+0x10/0x10 [ 127.540978][ T7239] &mm->mmap_lock [ 127.542469][ T7242] ? get_compat_msghdr+0x11b/0x170 [ 127.543267][ T7239] ){++++}-{3:3} [ 127.544878][ T7242] ? __pfx___lock_acquire+0x10/0x10 [ 127.546009][ T7239] : [ 127.546015][ T7239] down_read_killable+0x9d/0x380 [ 127.547566][ T7242] ___sys_sendmsg+0x135/0x1e0 [ 127.548660][ T7239] lock_mm_and_find_vma+0x3a9/0x6a0 [ 127.550289][ T7242] ? __pfx____sys_sendmsg+0x10/0x10 [ 127.551066][ T7239] do_user_addr_fault+0x2b5/0x13f0 [ 127.552731][ T7242] ? ksys_write+0x21e/0x260 [ 127.554219][ T7239] exc_page_fault+0x5c/0xc0 [ 127.556212][ T7242] ? __pfx_lock_release+0x10/0x10 [ 127.557841][ T7239] asm_exc_page_fault+0x26/0x30 [ 127.559713][ T7242] ? fdget+0x176/0x210 [ 127.561140][ T7239] fault_in_readable+0x126/0x230 [ 127.562708][ T7242] __sys_sendmsg+0x117/0x1f0 [ 127.564322][ T7239] fault_in_iov_iter_readable+0x101/0x2c0 [ 127.566066][ T7242] ? __pfx___sys_sendmsg+0x10/0x10 [ 127.567401][ T7239] generic_perform_write+0x21b/0x920 [ 127.569421][ T7242] ? __fget_files+0x244/0x3f0 [ 127.570973][ T7239] shmem_file_write_iter+0x10e/0x140 [ 127.573005][ T7242] __do_fast_syscall_32+0x73/0x120 [ 127.574643][ T7239] vfs_write+0x6b5/0x1140 [ 127.576509][ T7242] do_fast_syscall_32+0x32/0x80 [ 127.578042][ T7239] ksys_write+0x12f/0x260 [ 127.579950][ T7242] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 127.581650][ T7239] __do_fast_syscall_32+0x73/0x120 [ 127.583258][ T7242] RIP: 0023:0xf7fef579 [ 127.583275][ T7242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 127.584953][ T7239] do_fast_syscall_32+0x32/0x80 [ 127.586481][ T7242] RSP: 002b:00000000f577656c EFLAGS: 00000296 [ 127.588580][ T7239] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 127.590412][ T7242] ORIG_RAX: 0000000000000172 [ 127.591756][ T7239] [ 127.591756][ T7239] -> #0 ( [ 127.598221][ T7242] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100 [ 127.598238][ T7242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 127.600184][ T7239] &sb->s_type->i_mutex_key#12 [ 127.602168][ T7242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 127.604368][ T7239] ){+.+.}-{3:3} [ 127.606063][ T7242] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 127.607741][ T7239] : [ 127.607747][ T7239] __lock_acquire+0x250b/0x3ce0 [ 127.610300][ T7242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 127.612872][ T7239] lock_acquire+0x1b1/0x560 [ 127.614407][ T7242] [ 127.616917][ T7239] down_write+0x93/0x200 [ 127.630646][ T7239] process_measurement+0x39c/0x2370 [ 127.632502][ T7239] ima_file_mmap+0x146/0x1d0 [ 127.634204][ T7239] security_mmap_file+0x8bd/0x990 [ 127.636043][ T7239] __do_sys_remap_file_pages+0x526/0x900 [ 127.638031][ T7239] __do_fast_syscall_32+0x73/0x120 [ 127.639892][ T7239] do_fast_syscall_32+0x32/0x80 [ 127.641696][ T7239] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 127.643961][ T7239] [ 127.643961][ T7239] other info that might help us debug this: [ 127.643961][ T7239] [ 127.647295][ T7239] Possible unsafe locking scenario: [ 127.647295][ T7239] [ 127.649751][ T7239] CPU0 CPU1 [ 127.651525][ T7239] ---- ---- [ 127.653304][ T7239] lock(&mm->mmap_lock); [ 127.654897][ T7239] lock(&sb->s_type->i_mutex_key#12); [ 127.657713][ T7239] lock(&mm->mmap_lock); [ 127.659962][ T7239] lock(&sb->s_type->i_mutex_key#12); [ 127.661793][ T7239] [ 127.661793][ T7239] *** DEADLOCK *** [ 127.661793][ T7239] [ 127.664454][ T7239] 1 lock held by syz.2.545/7239: [ 127.666099][ T7239] #0: ffff8880570d3118 (&mm->mmap_lock){++++}-{3:3}, at: __do_sys_remap_file_pages+0x184/0x900 [ 127.669662][ T7239] [ 127.669662][ T7239] stack backtrace: [ 127.671678][ T7239] CPU: 3 UID: 0 PID: 7239 Comm: syz.2.545 Not tainted 6.11.0-syzkaller-11558-g075dbe9f6e3c #0 [ 127.675115][ T7239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.678693][ T7239] Call Trace: [ 127.679799][ T7239] [ 127.680785][ T7239] dump_stack_lvl+0x116/0x1f0 [ 127.682427][ T7239] print_circular_bug+0x419/0x5d0 [ 127.684122][ T7239] check_noncircular+0x31a/0x400 [ 127.685748][ T7239] ? __pfx_check_noncircular+0x10/0x10 [ 127.687566][ T7239] ? register_lock_class+0xb1/0x1240 [ 127.689281][ T7239] ? raid5_make_request+0x246e/0x4480 [ 127.691061][ T7239] ? lockdep_lock+0xc6/0x200 [ 127.692602][ T7239] ? __pfx_lockdep_lock+0x10/0x10 [ 127.694288][ T7239] __lock_acquire+0x250b/0x3ce0 [ 127.695908][ T7239] ? __pfx___lock_acquire+0x10/0x10 [ 127.697652][ T7239] ? hlock_class+0x4e/0x130 [ 127.699187][ T7239] lock_acquire+0x1b1/0x560 [ 127.700721][ T7239] ? process_measurement+0x39c/0x2370 [ 127.702483][ T7239] ? __pfx_lock_acquire+0x10/0x10 [ 127.704090][ T7239] ? __pfx_ima_match_policy+0x10/0x10 [ 127.705811][ T7239] ? __pfx___might_resched+0x10/0x10 [ 127.707552][ T7239] down_write+0x93/0x200 [ 127.708959][ T7239] ? process_measurement+0x39c/0x2370 [ 127.710723][ T7239] ? __pfx_down_write+0x10/0x10 [ 127.712305][ T7239] process_measurement+0x39c/0x2370 [ 127.714027][ T7239] ? __pfx___lock_acquire+0x10/0x10 [ 127.715747][ T7239] ? __pfx_process_measurement+0x10/0x10 [ 127.717589][ T7239] ? find_held_lock+0x2d/0x110 [ 127.719145][ T7239] ? aa_file_perm+0x4c6/0xfe0 [ 127.720719][ T7239] ? __pfx_lock_release+0x10/0x10 [ 127.722454][ T7239] ? __pfx_aa_file_perm+0x10/0x10 [ 127.724151][ T7239] ? mtree_load+0x326/0xa40 [ 127.725690][ T7239] ima_file_mmap+0x146/0x1d0 [ 127.727228][ T7239] ? __pfx_ima_file_mmap+0x10/0x10 [ 127.728855][ T7239] security_mmap_file+0x8bd/0x990 [ 127.730509][ T7239] __do_sys_remap_file_pages+0x526/0x900 [ 127.732306][ T7239] ? __pfx_do_futex+0x10/0x10 [ 127.733826][ T7239] ? __pfx___do_sys_remap_file_pages+0x10/0x10 [ 127.735857][ T7239] ? __ia32_sys_futex_time32+0x1da/0x460 [ 127.737699][ T7239] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 127.739637][ T7239] __do_fast_syscall_32+0x73/0x120 [ 127.741494][ T7239] do_fast_syscall_32+0x32/0x80 [ 127.743110][ T7239] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 127.745130][ T7239] RIP: 0023:0xf7fb3579 [ 127.746477][ T7239] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 127.752909][ T7239] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 0000000000000101 [ 127.755647][ T7239] RAX: ffffffffffffffda RBX: 0000000020491000 RCX: 0000000000001000 [ 127.758201][ T7239] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 127.760749][ T7239] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 127.763311][ T7239] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 127.765944][ T7239] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 127.768524][ T7239] [ 127.797801][ T978] usb 5-1: Using ep0 maxpacket: 8 [ 127.800664][ T978] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 127.804235][ T978] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 127.807927][ T978] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 127.811069][ T978] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 127.815336][ T978] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 127.822780][ T978] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.052199][ T978] usb 5-1: GET_CAPABILITIES returned 0 [ 128.054007][ T978] usbtmc 5-1:16.0: can't read capabilities [ 128.272784][ T978] usb 5-1: USB disconnect, device number 9 [ 132.138708][ T1374] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.140942][ T1374] ieee802154 phy1 wpan1: encryption failed: -22 VM DIAGNOSIS: 10:18:17 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b440080 RCX=ffffffff81803a44 RDX=ffff88801b760000 RSI=ffffffff81803a1f RDI=0000000000000005 RBP=ffffc90000457d78 RSP=ffffc90000457ca0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=fffffbfff1bb84c6 R12=1ffff9200008af98 R13=0000000000000001 R14=0000000000000003 R15=ffffed1005688011 RIP=ffffffff81803a21 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000031ee1ff8 CR3=000000002a742000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000003d63b4 RBX=0000000000000001 RCX=ffffffff8b10f659 RDX=ffffed10056a7026 RSI=ffffffff8bb11980 RDI=ffffffff81638d5c RBP=ffffed10036ec910 RSP=ffffc90000477e08 R8 =0000000000000000 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000000 R12=0000000000000001 R13=ffff88801b764880 R14=ffffffff901ca708 R15=0000000000000000 RIP=ffffffff8b110a3f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020032000 CR3=000000002a742000 CR4=00352ef0 DR0=0000000000000000 DR1=000000000000000a DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080000001 RBX=0000000000000018 RCX=ffffffff816c8731 RDX=ffff888024c54880 RSI=0000000000000000 RDI=0000000000000001 RBP=1ffff9200482de61 RSP=ffffc9002416f2f0 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=6c6c615f5f203f20 R12=0000000000000001 R13=0000000000000000 R14=ffff888022810000 R15=0000000000000001 RIP=ffffffff818c29dc RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5775fbc CR3=000000005fff0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000067 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85027735 RDI=ffffffff9a62b260 RBP=ffffffff9a62b220 RSP=ffffc90022f570c8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e31312e36 R12=0000000000000000 R13=0000000000000067 R14=ffffffff850276d0 R15=0000000000000000 RIP=ffffffff8502775f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f745e4f0 CR3=000000005839a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000