last executing test programs: 1.58063147s ago: executing program 3 (id=653): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/198, 0xc6}], 0x1, 0x1a, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0xc, @pix_mp={0x4, 0x2, 0x30395056, 0x3, 0x1, [{0xfffffff7, 0x9}, {0x200, 0x1}, {0x3, 0x7fff}, {0x9, 0xb}, {0x2, 0x2d85780d}, {0x40, 0x3}, {0x80, 0x6}, {0x8, 0x4}], 0x8, 0x1, 0x8, 0x1, 0x5}}) bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x58) open(&(0x7f0000000100)='./bus\x00', 0x121040, 0x0) mount(&(0x7f0000000380)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000001c0)='./bus\x00', 0x0, 0x1000, 0x0) unlink(&(0x7f0000000080)='./bus\x00') r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$DEVLINK_CMD_SB_POOL_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x4c810) accept4$alg(r1, 0x0, 0x0, 0x80000) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000280)={'ip6tnl0\x00', {0x2, 0x0, @empty}}) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000c40), r3) open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESOCT=r4]) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f0000000240)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r8 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r7, r8, 0x12}, 0x10) write$tcp_congestion(r6, 0x0, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) r10 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r10, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x45c) write$input_event(r10, &(0x7f00000005c0), 0x200005d8) io_uring_setup(0x104c, &(0x7f0000001440)) 1.575120392s ago: executing program 3 (id=656): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000500)={@val={0x0, 0x800}, @val={0x2, 0x4, 0x6, 0x3, 0x80, 0x6}, @mpls={[], @ipv4=@udp={{0x5, 0x4, 0x0, 0x8, 0x40, 0x0, 0x0, 0x9, 0x11, 0x0, @rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x14}}, {0x0, 0x4e23, 0x2c, 0x0, @opaque="46e3a0ee14bf49a3ab6afa2df7461c915f0a4948a7f36228e590e08b1c61d84a611dfb7e"}}}}, 0x4e) (fail_nth: 3) 1.36303116s ago: executing program 0 (id=659): r0 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x1000, 0xbe, &(0x7f00000014c0)="4c31b2ed2ab19bc6c297a214780c6108318e78cc57e236b68321befbc8d3c6321641f6c66ce72c53e363a3bc56b9b0557ed3c9a6815b162413a0ab68af7f0ff394f586c95d634312cbfb14333a812a5ff08ed7fec0cf0a83b2a5d58c903eee14c4a76299352526361ca2a02b6caa5e166d2c5b010815101b1cdfaf92a4693307838f45d67334239080cc24b25668130d103feb2ea625d31be9d4e634d33a0579d986f93dd547e6a58b5d228de38d426c7d605be469e6b644cd9194b9291eb41ae4b9c371bbde8a5328af05a9ab3044f841304791478a6bc53fb7a82e742f145f40b80f0016a1ec9bed82edf9447a1ece0eee38f1f30234856ca6519215e3d677e37171a2d30aa42f7e0d0e1bc3b9eba5f4f7b9109a70ee0abbd1aa3d087b3919ede1a3344051d181d37c3360ed4b4b09c0dcdec0561e6d5db1e1b32595ad8274c4a9ad836cb6e00a06c91a8d7b92bd804a5356faa1b0471faa0a46b140c824763fd6ca6c0eb02e97b24b924ce71ad9c887175f541151285d3ff72a18a2d7066f59a83a28870d5a8ee8b05cd41de9fc46788d7264dac0c576bfdaa80e071e60271326cd2e3d625e649cf83d6a0948f295d670c4b583823fe9a46c3388da5db5175e9aec3c7f571e1e7887dd2ac1ad1156f7c21c130de8f6e09de50fe62020c76dd65b48c125bbcca8ae72396524cc72e64954a9dc819f609a8a494ac8cd195d89ce0d65659be7441f0750038024a5252f265d4627ec4758e9319cce75bcaeb747bc47641964265de5a4bb126fb66108855bf48445db28df22f370d9fc7d607eda5495f04614e86e681741247a9f46f36724f41ba5a097e22f2c4bd4f55c27620ab1fc4180ab3c760ab64c1ebfbea2d05504b8a3224f4566b1b970465b20ad4cf00a7dddcc3c3da50cc0e2b381d2522d8543234fbc849d326e2f93180c542ddd913bfe56d0c71ed29072d40ee390327d51b6ea258efe47e610097184cda8f75db63c390af9dbaab95c8c4497a03238742243ba9cf45190733bfe28198193f5b495e53c998f48307876acc298654e342ed7adc28aefe7f9d7b67d94a70c9f29454c6d42917f246745ebf8add62d550f86dae929f1ce4b522b11b09c0a2d9fd9c009e9eace0105779b809936457aa600a6f97804d8aba3cfec9d9d4dea879fcbc0483e6bf49be7c7c4cda5e1691d779c2e8cc98c87e448496dda0f68d33a5d75bed7d89597efaf45c7603c3b6797ae47cd56016b0ddbf09a4631db618a263bf7bbbe37a8ede37321c63a2eedd033a66cb70dcde83d33eaa99b57ee7307492e54c7f12ef1a7bc7264a839374a21939e12ae27e591f8f8800e3e7d9ab8854eabb4a8bd288056333e2cdf995b9cbe6ce782c0e4ce9c8d1b4b0307f853b65d397739a8cdcb7ee22302ab1f5cec5bfc376a903b2c2358a0734f0da7385155d09f83af5b41fe7af1c751455e73aebaffb05592bf1cbc31f814016451e9572b35b08b0b27e475d66571266a71a4988dc6ccdab130b8cb05fedceafc573865a81c669b6e6d7d55c0c6fe6670789a0fd7b20f5411b20a9ce748753a47624f17efa93637d425fc9a2ef123cb8d68752b13e9f8e082a5e4341ebc8337072ff8fd0bb12346668f8a9e658571024d80ebedeed14188437d17b2bceec80c5343baaa07e94e9324470ba3bd2f521c5911b39913eea69022bbebe64a9647535593d5850c3f7ebb011c5f242611a435f719f4cab97843f07c09ac75cba3a679a5dd9909a2f7df1a3472cb62ab69ca59f110c8da07382f8ca5beecf11a3a67c135194ef0046751654821772a79286892229d190c5f3860d20101112b2309ef0f385667e43387a7a8b249fb55c62bd3bebac0de2eefcb68e9ff2d6b9e11cbb6029aa66fccb20e5ac18e4715f46495460d627303fafd0d6b9bc9461b40e0afadf83d27f52fb7e45238995e1f4d2d676cdd7f335afced1dff46bdaf0f258cfd3d75f79e1811354089d2a18c8ecf0320c1fad288c82f43855823ed60078e76102840eeeb1d38d775700c498bbb82a657d590d121e99b142560eac2b110982ba2789b8933211c6c4d4b1c4efa94807e3a468c1bb5d010eca3edc689581ecb3202023f7c28f45655e0b33aac3a415562af16c740df0c86dad59e4bd1423fb39fdf5473f548fe3ce25067835397ecdd98d7adcb696f519811980664136f07082372a976d0a038d291ade4157abe29928257471befd1b104a3a06f2a69971798e3e277d7c6b214958b2943a191cdf8e98134cd6222f692cac8e979eafdbb6a6d95d8e453b49bc459cb9d911bf60b449631a701f356b0d6af2e6739e5f7b61a50454269d12f698b86319ea80a6ea124e58bfe24a8e69b36a6d7011b3a02595793cde00abd520aed704ca921c6916bb5c854757799b989fbf5ebe7ca82bf5328a3ca1c921df22038d8454a5d3510be4b3f8a4e6e0503fe5e3405652ecec1332eb33c01714ebb13b3dbc210ea545513f68350a30450bf6716e3289669f6b8c3ecfd432bbb6a0bfa8a136f2869c392dde5fde3f1fbad85a8e1112a89e18a3e3e7d3774df2b025f3ff45dd79054078173942d1ac7a7a08fc56bf24bd59e611e2734f53529d1edf988db54fb82baa49c34f9c301ad3c68e88f8d1bcdbab6e85f7dbe1324e8f6037b70e697311a4fc10c74e6e495fd6b07f1cea723922c6f931d0836689f20b73a49be950937d60fec2ef30be17c190124910d977a519988a737d94035b14100be4e5667e8b431c3aa81184ebc2813ed6d315505eb7eb744ea0cacab9677026db4c0aeb8b2d93e1f64e0dea0560a37f912504d1c26f545911ae41fe4d73cc8c365a31c1094748e38cf5b4f0232d3fefc43d68342f6611a33d8b45ca26d9479e4f33bdda0ee5999a3b2827346935418bb8c8cf4969e39d0132b74a376109f5c8d85e0a6c54e5f76a52f84d3bffb71ba6c46b72f50e101c556dd609f3ec6301c0623c9841cc0d2fe0f4a9b607c96a44cf011cc050eb62999cd8ce6dbe899a2562131b1e6cb6f6b343d0a7f4c5a57ead1b46072cc09f830387e6231137d09563f743ca72aa139d17641e952479ab9c0e73ca60cfbc238aaa6007883468ceec4f3f1c8d7a5a222a4943b197430c3c16a7fa322b4e02030d22d1cc165eb85e4940d67a208f5aed18810d33bf65043dc3e79f6c465965de7191223171afb2fe6987408297bdcd34ec59d4fffbc080570d56170aa01dac2e7968fc93b29b2e3cf12debc4e4ec4f48e9f83e0c4436a24f7e20b129d7c36d28bd5231c6206aa1611afe736adadc4ccdce9960523eac0e2015f0e6191843fdacab48d456662b386fbfde30927596a0b12f1eb19abf156238f6a356dc68adf6744563cf5c70d885dbfc25fb6fc0c56197edf935c6069ccd9cb8b9e03a7da93f7f6f94dbf7c49fc84ce3615d3139f6729e188843fffd5c54197d1fde00401131cec0e6fd76010863cd0e291d4352fe74fbdba644b9dad7d098d9c005cd95764c170dd5a7d9b963344e7aa61821f939b78524b22ee28354bcf1be100155971b01940fdf7a3f1442cb9e2fcf5b33f82fba094be29fe510b25ddacff99989a36125725e84d4587d9fc3eb6b1d61fbf0069c3771959394a53776f0be3004ceda454af7246e46eec71ee009cfa50c0d34c35e9abc9f587fd41a7002148a9f987fbc9ebc2217ab1ea43cf981fc9227305ad94d34f59ed5da0b665e65afafa26dfab9c616d2c25c4cd0894c3b7094e28a9a32acec1ddfaef783b541bb2d87dec42f0a2f5534ef2bfd103dfdd79281823e44e9fe2576c9e7c435008f8f589a35b8b43ef492aa6de629f9f148c71b4d820a9891ed3efeb1eb973c08c1de01cd3a3a13b3d9e795788f031799516abe3be320dbf23d42da41a64fce7f18a2eb95ec1f5ec9d93a88ac9841f3cb255265b563cbd8312e9eab73fe0f538dee67aca389cbf3b45334a3bbfa282989714a19ff0616f40d935fbba2366b9b89dbea93555f9d49f219a96a4351b9f36d95b04194ba254e2532537831a20643db4cb3e16f0152569a91d02beed0da1f8718d999551d27463ce18b05f717a6df2493f6e803acd75e0707c6adf222887539935f838b64975a4a02b01f10de907372d8ba6c21beca5df75b6a3e4f95cf5235265cb990e2a9a07bd7edeea5416aa91e6e13c878aa9a723286a97e5b105dff6d604f6d892cbb5f64f013a16bf8a53f6c2a3f6a7219fab89f1622a2be0e6c7fc1e4cdf40d3cfaff855bb7d0db4e95afe5261a149e7650da1b719cd7a6397aef96bc0c1448c72605d167e1b2ccac95ae57d4a27233b5a3ed09ffef85a8f9ff17b74afc80c9e6ecba78a03eeae865c4fffa125b1a2fbc9b9d40149125637befdedfc85680ab8758d6f1873e5b8935e51eb05f53d042ea41305fc94222f260b6491f797c833c9309821093edb2cbd3f18c7d61d8c332eeb0987bbf400fea4f8546931fff1449ff9cddea4e795c4186d7cffc2a518f984a3eec9531372e65ff95bf638ca85f783ef38dac92180996cf69e9c2473ad7593962663f280a0599b3f59792905aa5ffb90573cf778c4844252bb44dc30fef0ff72775257bd2e5fda8d93e8ba79ac45cfca42d558b240241a59211c18d0245c2c15c052eda80a70cc85ec3adbcb89ba6dcbb3ac830e866bf6a7e7b6f2614964a018b650a64124f98e6a686e72effe0044e4e35ca38eea161403607e9954cb9caf40aa0946045a779fb8d6e5164d096fd40988dca82eee2dba34a6ef772b3ec7cbad612a02c0feaf3cb39a04402c509440ec2725efe74b62101c434377716101d0896bdd54547a9bce3fd7b0dc78bd7d959e2ce2bcb6ae23655eb1f127da35473e7399ee793a8ccbdfb7a3565bc6be649bd98641ef8b968c06c33710c276e0760da858e2f8cbdf6da60eef102abd09ff4707faf47ba3df11d40931a2b99785e42c7070c8b96157e7adcaa55479d569b43a7516177d58ae3b49e2c5c173613cc83275aab88cfb963981107c7481e36a3387c61d7dd1cc935f867616d31b1852136415efdc171af33770d59ebebae83adc2f560e0652e057e484e2612a126996209fef6ed4becdbacafddcff7eca78949e6b5f38ffc5c3110e60fab62846b897f0d4e2aa40f576a852c4682d12af3870ca3a2c0b78a81decc8789698184e684f8bee7fbcc724e741db020198b7f2407e006f9c31f6e0430301f81e3f78d58d1bb9464e722d2bce0ce5e1624bae7690e4edbccbe2b1625ef2202a30a3a94b98cbed08aedf82d612babc986b542ea78aaaaaa6a5c96221d3f89cadbfd5c62db6f038ea508fb5e87ba1840a287263a2abdc25def94f14b04e2570542ac967f992ceed58283f6a2aef3e0e35a5d8fd8bf958bfb76b5073d90c9503301fada0e72f58fec9ad2a0ffd71262f9ee0f040d8c5774ea4bc51e654db9f368a2c1a7beeb9d9394fa7a866c38040327217ca1ba4bfae66ebe2c5c687fef2d4241ff8174fefd5c1b42bb226a8d033dd934d3492f4d07204bb878e2e4e7be19ff9ac1f1f73f99d10e3f07cb1b9cd177b33e1050a074d699370d2db5f560ffe56de627f310cbedc2d4019a577fa3abaa2bace0355c6defcf0c2cf2a1b5b1afbc7198851c3d9b557b09b1ef6e571600e2fd3c434e3d59b2c0cd930d4ce692174cad9dcaecca0098b7a3312821eb69c6fc7dc846fb13eeb3485d617334b6b979f06e3bc1a9a3dd7f21b9977e8c84f3c1a0428f780242eb8f66ac7de6a2ef6c07c45d16cb59b746c6f6568104e483fb97a3b112030d75df12ea006c3a2a6b3dd83fa38d083aad85e", &(0x7f0000000580)=""/190, 0x5, 0x0, 0x4c, 0xb1, &(0x7f0000000640)="012f809351586d14ae66be25bf72bc891438d83e7ce087e1db969a51c21e3873e5a0937afbba225c88d1a983f23b2fba54aa2050aa47e4d61aab64a64842b35274986ada08add5cd66f1f7ce", &(0x7f00000006c0)="9b5e940b17749d6e0882dea7992d10dafc32dde14aaaa05d488d79196b3b0b491a9c71f74a0d5dcfd0d26d0f2091046cc030479a01fb4a8091dca6969e025e2986c66cdc824c25261b8b96f7f9b6abfd76cc7193a10c1e09fb1765086362b99e67e51bfd443f59a47ad349445f1a787d81692e6a912a22c5afe77b294a27425d4435cba1cbbdfaa6ff19a6604040b07d15b0269a5d251e16150b3273701c385527fae6e65e8e4e2a19f195788b2254628d", 0x1, 0x0, 0x9}, 0x50) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000440), 0xffffffffffffffff) r4 = socket$phonet_pipe(0x23, 0x5, 0x2) r5 = accept$phonet_pipe(r4, &(0x7f0000000380), &(0x7f00000003c0)=0x11) accept$phonet_pipe(r5, &(0x7f00000000c0), &(0x7f0000000100)=0x10) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f00000010c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000ee15660000080006000200000018000180140002007665746830"], 0x34}}, 0x0) r6 = socket$igmp(0x2, 0x3, 0x2) r7 = syz_open_dev$dri(&(0x7f0000000080), 0x3ff, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r7, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_SETPLANE(r7, 0xc03064b7, &(0x7f0000000040)={r8, 0x0, 0x0, 0x28dd, 0x9c0, 0xffffffff, 0x0, 0x0, 0x200000, 0x40000000, 0xffffffff, 0x97a}) ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) setsockopt$MRT_ADD_VIF(r6, 0x0, 0xca, &(0x7f0000000040)={0x1, 0x8, 0x8, 0xbf, @vifc_lcl_ifindex=r9, @multicast2}, 0x10) r10 = timerfd_create(0x0, 0x0) close(r10) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/cgroup', 0x2c4040, 0x4c) lseek(r10, 0x5, 0x2) r11 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r2) sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYRES16=r10, @ANYRES8=r2, @ANYRES8=r4, @ANYRES32=r11, @ANYRESOCT=r2, @ANYRESHEX=r11], 0x94}}, 0x0) r12 = socket(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r12, 0x8946, &(0x7f0000000100)={'veth0_to_bridge\x00', &(0x7f0000000000)=@ethtool_cmd={0x1c, 0x4}}) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, 0x0) r13 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_CREATE_BUFS(r13, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200]}}}) ioctl$VIDIOC_QBUF(r13, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x7, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x2, 0xc, 0x0, 0x0, 0x6, 0x0, "8000"}, 0x0, 0x2, {}, 0x2}) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @reserved}) 1.342023243s ago: executing program 3 (id=662): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd2000100000004000000060ec97000fc83c00fe8000000000000000000000000000aaff02000000000000000000000000000106"], 0xffe) (fail_nth: 2) 1.339970103s ago: executing program 0 (id=663): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setreuid(0xee00, 0x0) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r2, r2, 0xee00) setfsuid(r2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000100)=0x8f44, 0x4) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x209, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x64}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async) setreuid(0xee00, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) (async) add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) (async) setresuid(r2, r2, 0xee00) (async) setfsuid(r2) (async) socket$nl_netfilter(0x10, 0x3, 0xc) (async) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000100)=0x8f44, 0x4) (async) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) (async) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x209, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x64}}, 0x0) (async) 1.121990986s ago: executing program 0 (id=665): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_OPENQRY(r0, 0x4bfb, &(0x7f00000002c0)) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r1) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)={0x4c, r2, 0x2, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x8}]}, 0x4c}}, 0x0) 1.057695522s ago: executing program 0 (id=667): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}}) r2 = userfaultfd(0x801) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ppoll(&(0x7f0000000180)=[{r2, 0x4047, 0x700}], 0x1, 0x0, 0x0, 0x0) close(r2) syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x6559, 0x13580, 0x3}, &(0x7f0000000040), &(0x7f0000000140)) 1.055242865s ago: executing program 3 (id=670): unshare(0x2040400) (async) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="616e310000000000000000001c0012800b0001006970766c616e00000c00028006000200010000000000000000000000fda01060ef68a11e3589f1225417aa20aa66558a53ae59ef76f88a0a911b3a4f3564574e2d87ae0d0609e63cc313c9ebadd55b85669255f4539a7ccb636a97ec0f427620e9"], 0x50}, 0x1, 0x0, 0x0, 0x840}, 0x0) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mknodat(r2, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) (async) chdir(&(0x7f00000000c0)='./bus\x00') (async) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async) mkdir(&(0x7f0000000240)='./bus\x00', 0x0) chdir(&(0x7f00000003c0)='./bus\x00') (async) renameat2(r3, &(0x7f00000001c0)='./file0\x00', r3, &(0x7f0000000200)='./bus/file0\x00', 0x0) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./bus\x00') (async) r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r4, &(0x7f0000000180)=""/105, 0x69) setsockopt(r0, 0x84, 0x82, &(0x7f00000000c0)='n\x00\x00\x00\x00\x00\x00\x00', 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async) sendto$inet6(r0, &(0x7f0000000040)='l', 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async) creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="6c000000040801020000000000000000030000030500030011000000050003003a0000000900010067797a3100000000340004800800014000000fce080001400000003a080001400000000208000140000007ff0800014000000005080001400000000f06000240"], 0x6c}}, 0x200400c0) (async) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) (async) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone3(&(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) write$binfmt_script(r6, &(0x7f0000000600)={'#! ', '', [{0x20, '`pperdir'}, {0x20, 'overlay\x00'}], 0xa, "fbd7e910ad5595a75e5502a9293639e6f6f100589a2e54c32c3f100204f7f9acb147120ba72ef8401acc2d822dc579307022ec7d350f6545c60443e950d87b895cbd42a665be2725b9da38931dbe8c90139216fcd8daed35b21578985fa3664fe0e9469bb94181d8815798e1da7c060e27f7f8c7e85ecef2cc6f186eac8438db86a217fe62572b0488378ebebfe6e9880a9ff39fdb5ae61dfad5580e8b7bcf2cb0da507ce4cd4fb908d940dd8984c55d20"}, 0xc7) 1.00108868s ago: executing program 3 (id=672): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x402, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) flock(r1, 0x5) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r3, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) flock(r4, 0x2) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000180)=0x14) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f00000001c0)=0x3) 782.332299ms ago: executing program 2 (id=675): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000500)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000000)=0x4, 0x4) 781.731145ms ago: executing program 1 (id=676): mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0) chdir(0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000844}, 0x0) mount(&(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000080)='xfs\x00', 0x230b03a, 0x0) r3 = syz_open_procfs(0x0, 0x0) fchdir(r3) mount(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000200)='btrfs\x00', 0x0, 0x0) openat$autofs(0xffffffffffffff9c, 0x0, 0x140, 0x0) syz_open_procfs(0x0, 0x0) syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="043ec20d0400000000000000000005f8063058080005aaaaaaaaaa1049e3cbe3a117ed8d7bb35efc2e0095d1555782fc63f4fd3299625a6a8f068fb0f42b93cb868719d061e42ede93cf7130e242770190cfdc6965856c1fa3e37aa9ccee0ec3e80baef63cf30800000000000000007f03fb07090300c5ffffffffffffeae1868c7c6939fbfedbcdf38f136d2f5435bbb0e0dc5b108404d8601807fae90e29c96af023f7c21fe5c1149621ab70e49c942a409beb6b587ec298e8a971fb2556c6b734c8c9ffbbf3c8556747b2390f243453bae72913e041ab4693b2f5db7ac73576ab0d0d5d53503ccd4c2f76a2a05a834086e8169c50c9cfabdca0669910f83576d6a8214c1926a2ff4559104ad02bca3bdf10e1a629d2e2168b88f7234e484d69c8e039385f25fbc46beb8d9881d04da8d881c6efdbaffcefe07678697b83c3c92f6103e8a5ca851ff9ad44090b8c882c3940fab8229b66f81ea4d650411a87e8127773a5c2adef15"], 0x2c5) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$netrom(r6, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) sendto$netrom(r6, 0x0, 0x0, 0x40004, &(0x7f0000000000)={{0x6, @rose, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @null]}, 0x48) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r4, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), r7) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r9 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r9, 0x0, 0x20, &(0x7f0000000000), 0x4) sendmsg$NL80211_CMD_TRIGGER_SCAN(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYRESOCT, @ANYRES16=r0, @ANYBLOB="0500000000000000000021"], 0x38}, 0x1, 0x0, 0x0, 0x8084}, 0x4000980) 731.347726ms ago: executing program 2 (id=677): syz_open_dev$sndctrl(&(0x7f0000000000), 0x5b, 0x20040) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$int_out(r2, 0x2, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 4) 574.058719ms ago: executing program 1 (id=678): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'user:', 'trusted:', 0x20, 0x40}, 0x32, 0xfffffffffffffffc) r2 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r1, 0x800448d3, &(0x7f00000000c0)={@none, 0x6, 0x1998, 0x0, 0x1405, 0x2, "51d77656f4fe5fd2174d63614acd5d4a722b89ff122629e4c120dfb706f20125e9ba69e482a9f59737b79e14403b3985775efbde03f0329df7e5862e64dee2826e2aac5dcbc7872862a06479026adeb0c7a12bb06c227fa91fc86c1e07bef6ae6f5d206777e657f2efacb0679cec0001cd2943b0c28ffc4b230bfc3153dc09de"}) r3 = add_key$keyring(&(0x7f0000000040), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, r2) keyctl$instantiate(0xc, r2, &(0x7f0000000000)=@encrypted_load={'load ', 'default', 0x20, 'trusted:', '\x00', 0x20, 0x1, 0x20, [0x37, 0x31, 0x39, 0x62]}, 0x31, r3) 573.585978ms ago: executing program 1 (id=679): r0 = mq_open(&(0x7f0000000000)='}\x00', 0x800, 0x108, &(0x7f0000000040)={0x9, 0x7, 0x6, 0x7}) mq_getsetattr(r0, &(0x7f0000000080)={0xf, 0x6, 0x10001, 0x6}, &(0x7f00000000c0)) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_sco_SCO_CONNINFO(r1, 0x11, 0x2, &(0x7f0000000100)=""/179, &(0x7f00000001c0)=0xb3) r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) tee(r2, r0, 0x8, 0x8) ioctl$BTRFS_IOC_DEV_REPLACE(r1, 0xca289435, &(0x7f0000000240)={0x2, 0x9, @status={[0x8, 0x9, 0x100000001, 0x7, 0x40000000000, 0x6]}, [0x4, 0x6, 0x5f2, 0x4a, 0x1, 0x7b2, 0x3e, 0x0, 0x5e2c, 0x1, 0x62e, 0x2, 0xfffffffffffffffa, 0x6, 0xfffffffffffffff9, 0x3, 0x6, 0xfe, 0x6, 0x9, 0x5, 0x10001, 0x100000001, 0xdde9, 0x2, 0x401, 0x468a5a70, 0x400, 0xb02, 0xb9, 0x4, 0x7fffffffffffffff, 0x9, 0x4, 0x3, 0x5, 0xb, 0x9, 0x8, 0x3, 0x2af0a94d, 0x9, 0x3, 0x1a1e0000000, 0xf04, 0x2, 0x2, 0xd092, 0x5, 0x9, 0x7, 0xb0, 0x0, 0x0, 0x6, 0x6, 0xa7b5, 0x9, 0x25d4, 0x2, 0x2, 0x8000000000000001, 0xfff, 0x66a958b2]}) ioctl$EXT4_IOC_SETFSUUID(r0, 0x4008662c, &(0x7f0000000c80)={0x0, 0x0, "cf9dbe00974ca227c518637103a68482"}) mq_timedreceive(r2, &(0x7f0000000cc0)=""/211, 0xd3, 0x8, 0x0) shutdown(r1, 0x0) sched_setscheduler(0xffffffffffffffff, 0x5, &(0x7f0000000dc0)=0x9) ioctl$UI_GET_SYSNAME(r2, 0x8040552c, &(0x7f0000000e00)) mq_timedsend(r0, &(0x7f0000000e40)="2f9991d870262747686baa6542829289b863620684517ded4869250194230504c02b15c1b9ba4b950c7e1e5367762a0d106f7adc88f9db26bb2b380c7e259e9351f79542a6ee07ae045e1c9fac227735155eff6029ed7efc277cfad16ff56e3cbdf6008430451315fc2dc7b5d94f89dea0918bc196526f5bcb1d3ad9c8325eabe6bf9b85c56f457152fbc10cc11020f91acffdc795ad22f9e5663f9e2e9a73d49aeb7a2a08dc32dfc053e3b319252219b1a75c8c28aafb2e6204505f2d0f9ccf87b97763fd50ccf24024601c645f6aad3a69bcdfb2d165cb6d7772cf24280ad12f9f632dfe60c9142415a261f883a63e081be5af50a41c850d8a79b5067225a2fa9e860bdd62df59179540e938cc57edb8f0aaccd2e43669b17e1f574ea397b334e1a2f91cbe85b68bf43fa899537875761ab2716be150c6cc76e62a987e3b9666f20293b8bae4f2a33a09bb6cc79e223c2dee5b5115ec20a21059e4e0b468e63082a33695141c119f434fb66bdbd40eee46aee73cb77d0d081d357ec2440826ed3e23be52c09ab7f495ad5f4fe47285d77c405056a28c6ee59129d21bbf10ef5b637560272f2cbad3039f2bffaadde22d8dbe7b59c410a125e0dab0810e246917e7fa03ba0f2529b25283c66f59f1dde758f97848f1ad9ddb92caf5f2a5a7c7c801cc308cdcfa4bd94ff95abfc9c88712b9d0b7823c3ce07fc8cb10a320105b34975cb68d947bdcf31f9ec068f85b8a71985c87a32a05071f30f8b2ecde50d96f6ec04761c4c1ce3dd234637c58566765bc25d32dfbc9b3cf4e0beaaf5c9255e72ba2b983c01fb035e0690a5cb492c679d4609caac907445089beec4c11cecdbbce055f81795c548c4c769b67723e204a928827881302657bc545e4da70df9439040767a1884c8a8b27709cf5ed521996671aabb72de655e22da12b84ed78c37d6cbee73e5d5090cd0131d5f493f5254e5ac49e4da62c5436cdd50f206ee69ad92e11efc16dda0ccfed95b4000bedc4faa3a990562a6bf047ed2b4bf9cd04d89c83debee88e6200989c9e8c06139ec196c5c962ddafd5e0b219ee27f5339d63728de4d894b41cfc34627be436c639c1029123856089c3dee1447ecccf04c8e344e9fc5ad76f1d452b804c5c11578c8b432b4e7219c7902e46afa1598b86298607c8e92334f610eec871b0036e569b9b70ccdbf35e9f462c3bae95707d82568c65ffdf3eff89221eda9172f7b8a4ff86bd669bd744b8e30ed2aca3c43fff267202ed8ca5e60dc98d5aba6dde3752e656afec767349f14e19007151091a3183b90b98fbd3669c1f8a8fece80df32210b5f06cc810fc2b7ef2a126e6118a5c7925a8f2915ab26ab8cb98858440eaf47cd5e088154ea63f7be329056b58f90831da021e61fb51f0e26086f44c7b2f6b53db54ddd4346074fc4892c26eba4b1702f9250c25f1910a69a9e45144eed1d216cbf131083e9da45542dd0f13fdf25a3051a8fd95de9485b37630640bed25c0e2af3b3d62444b850df8d8f5753f01b81e548c105cda4e13126a7e3f0a6123540e3c40d7806b6070d78fb6948254237eb1d033cd836987da7c394bda6ffe68d80cc825c18782690490414ed3435fd6097d6ff57eadfd9c058620e0070f1f1c95668b2f27c1b9a1b0c199dc65a51d3bcaa8cd8152a5f93468a283f96a7caebeacf8fc8d6b35a59c6ee16f134ed9351fc1f0cb83f6cb4a8a597f0a3f17c24d84c97dc4b8311a196db5d03390dd695eb1ca89b6dae8f0b7d6f2c9060a9aa161454b21c7421dca18283845c58d2720d169a82fd04813c41392b105ca4ac398634d403d5154e9aa7397bd5fa076b960655cb86df0f90320caab78b0252f73c31308df1e2af4528dec090076fa635caf04bb2a997e331afb4ad2ae85a59577827c52a07ab51a56723a8a24f4c4846d66ff95c1b780c924b014207d6d0bf23278b81b5d3fb4615652e3f34bb85d7dcaa63e0231bb50b1211c5ff1874abcc19b3054b66394c19a43f0c6c42d34cdd082609aa6461c6d54184af5afb19f890a8d681473d766199a5d4503997a95dd328fdaf93014395dfc6caa342fbf8cbb00864592d91f48ad321fcd0f026d6752b6e2dc024caa3c7fb144d6002636432aeefebca1b1972038a2515c39a8240cca785ca3bc93c9052d603df130b548c2d5b1753513f3795d203c1024c13e10a4a6f130d522c0c766e543e5435dde5089f826fafa4a5ad98e4d780e51c609265bda2a9bcbbc1c39ba2149554ddedceb60fcefb0d7df6f0e05ee5c074f5bbecff717680331cd93559aa0c140480344f4cdd815c85b38d2ab8ca8b2d2624db976bf4b1a052f6b124baee8b1f635e769a6c2e8c288b8cbffe4e0f78e146668e4ff7f22b237db310cd5b821d1f71e3fdad697b30ddae483efb4835c44d584ab668741551d8de18c9225a799e61dc7cddd16b3e1b7a18d43d13ddd5f1e84ee1339c000db8e43e51c9b578e3d2be01c6a15898e4759c602f898b3356ba672fd77b1e8cf1f90931bf86c5965a28b484b90a24ba80535f40a61698bc5929895e38d9f96b7d6238bab54d5e445e116085aae1abd1be3beb37e59ec3d8b1e165dffb012ae831ad69059ab15e490683669c628b9d32d6674ccfd11083e00fc3f136e761622b0ed240f8140879ede4e01211ae10cc39942db00667e0ed0a7ee896cb4dfc1a4954491752eb8f03f9b85abd29c0ec66a9beebede19384a3175a33a3fe23ee7e0a12544718c73f698631412895e39166aa4159934b32dd2878ad2784331a863ce9a1c2074da7944a6354d80f4e9a428d49233889645fcead2d909f03801bb18957431ab5edf90748d8e8e813be3e09a837cc276be989c7f301829811ca6e0974a565ecaba61a83fb4208a84f168ad295072daadf8a78fcfd272ff00d04be40a3828da9510ee3b76a3e8c2fe43ca124c2b52b85c691d84731d917701e4175d1c8210d2c69ab6cb0328bd3c63ec5e26e756d9721892310b43351d33b992a36f4dc59da5c2178990da0d6b6039304423bed9f862635a2275b9e5bf1b5f25e258f2b16a8b72b023274675b5ead4cdc992304b9dbb3e8bc088927e8d1494fd99a5352244c6898a9a35710553bff8881ebf2948dd90d61c51fc82fc86bf1b61e51c080e820d18cb0247836c274c13c047769d31a7afe47cacad24d14ee81fe342a31be71fad39b801584899bb8bff25206b61da7e36ba642adf7555851ca3e7a3c8df1aa52ffa51f0a5713752ea209f5c81b62ffd6339ae3e505dc210655f099cce346aa68f678e853ab4776c581dc79d29fbbe19e07b2353c07853020746ed5703d24d06e0fc4286b8dc025bbd571d4e2de6aaca6998c8924f7e399464af6164100eb6756906348b9e64a8d7a87b052245baf5cbd39acd79f21ba09f04f61cbde3ba76af1ced0eaef759fec7d523bad4fd160d94283ef10a0f64d194cc48d47edc41b465734b9837d56c23e7c37d5a2553796388b892879ba373720192d267fe35e2da3602a0575cd99b604a88e03643f2e0a2505e0e7f4a11172a5bb1b8c7a0091a3275382513359decc056fababbf2090db6d6de8b52f04c8abe3cf5cbe263084b0200c3a747d72078d86997a60120ba33842f3f63ae7fc32cfb0aca2e5148c050514b1ed7142783f6930f915a49aec5a3c79e2f26ad8b6f0c8e815c911e82b6bf6fefc53f5bb3c84d07e2834229cef2864f107d9f95de05e9f42bdcdafefde6773c099424f971d2039fc31855170e8d6080912362aec35a71d7a8d878c7e92d7ee3cf61e38809ef9603629e47c02f0a0e0c2f0c850a922215eb76c8ba3b17f07f26df5ac2f5bc0d38220ef7b9a7fa65321a267e057da37a0b8a56a15520c9721916084bd01b1776b0ded33bc2168bbd0eda3c995cc2cd16be5a7baaaec38f35a34b2dc30f31a69086cd142f7f825ad054b8edb4c4e69cc71b79d4ebf75461282b517c606826876251dd7d347ee9a28d502993d6dff843591cfe9885f88b1e29c8b691480b66f5022f54481d8a75c7e5f1f700309a84c14c54457b2f759decc9adc275d7e82706d308c8198181b18ae4903da5a929693b291ed223856be5f2ad0d2c7e0acf903a4f3d3bdf4b7b3680b41675a043436249ce9514042322f2e643f70710f9b1e7e877d2dd30c59f16f0e5eb97c34b8437488142990ba88b9fc4025715ed2b4e0cc36f2470a9cde50968fd9b4990782355443a46cc86bd581db7091ca8832cb2901c0823e332d1a678668367e4e9a318490e331650e2c95880f94534bef62aa70bba271486309e6482c0a54337746cb419410b611b995d03fd5f9b84ba2b394cfbbc08ea033d51461ca8da8bb3090fe704c9fbd4526f4f9c7d1e8467862b332e3cd1dfba678779bb3b7dffcc19149fc855770c2c8b0500e42a7fe21867302643d021ae0dab3f36ea67a6fa7f83a1012ad973909145bde463e5b9d5e791014df00189b302886aca868ca025323d6ce2b94e54674b47060d9cc4f6d005619378586ae54062a4a65e6dd0b8890b953636a63d57f505543ac2e422ccaf54db5d03a738009689251d4dd259914a5168938dc02c11ad634f4c83cce3efe03aa4deb471942848d90ae5dcd467aa1889aecbe6da75eb8de0cbbbab9890a5e4673746cd2b2139a53678ee2a8a878b085263cb7c353a2dcf128b4febd97b7240cb2292366270267a2d6f125204fe6391b6ab3831b7f076c79241a492720f8fc1f194ffda2bfe7a7ad9a78e3265273a2d5fa42087f6fb52903a3611353c4a71214afadc23d16fe5feda41bb85833efbd49a061bf50cdf983d28e196378a4c8fd14bfce30928b23bc46e0e7a3cce05720aff7a67e045345ba5b29a0d6355a5b569dbc4857748af5184bb9365908363aae8c806922efc19b73986ddd31bfc5a99654c816d1f5dad1160bd1fd5bb746e075decfa85866ce2611e69adaa8833c5079e77d073621efb7c4fe9439bc8ba4c980656dae82117bb63bd5dde2e07cebaaba21f9aa77dcdc3edbe6a11915bc18975907b2a83ca0474a37c3e41217ac94e89e31e3f8f1989f9a95240bc5835f442790e895c9bb68ca6ab6d46b32d6b70bb07803a3ad7ebc2d3f99aaac5134a0bd893f7a5db371723393290cabc71e6b35f6d6eec56cec893b02367176bd475b8fdf0b458be67913c137a4719739fbf82e2da808ec53f68f1c8e882406533dc5332261a85550bcb0df1ad1017dd5e16b9ec8ad9912aad961c1713150c3914c99fd3a48182f0644eccc0bc7e0fc19449bb0245c24ff92cd6fe1dc8c4e4c513be82a25419e8ed8298f8d13ea3a57b0339a12e44eeeeed477587f69564a6d3773114d3eb39dce3b22cb17262c797ef50378db11c9e67e952408cfcfcc562033d9bd88743b73856d14ebb25b8f312a5d3767e8e38ca6cd82e2a03040a2da15b8ff4d35a98db4bb1cc4f469ba60da28d402418e423b3b268110d4ab4ef85782c9001d31ad3912e0620b261ae60d9656570abdab0bcfa2eeba862395cde6809b9e6fb6e3e67bfd2b8d30302c08035f26656aef12b3dbcd7ebf5c902638da8b72cc6a3bde674912bc7f6f65868907bc4e4f8a6ece3f417ae842f36ca876c87b8a510c33ef41ae97db1b2a3926ea84e4b1e6f511410f4ef7c5f1335bdb2be96bfca461788b7d6e0c96aee39b6965af0a67bfc9e0a12749f15ccf6ab4a3495acb11fb7d13f1338436956ce8daae29b47ffb436ccd6ca3dc6fd625bfadb02f61e5bfc80d39b3799e5a4fa174e5a443682a3361e39f671ec9038a6752ffbcc857612e86047", 0x1000, 0xa9, &(0x7f0000001e40)) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000001f40)={&(0x7f0000001e80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001f00)={&(0x7f0000001ec0)={0x14, 0x0, 0x1, 0x401, 0x0, 0x0, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x8001}, 0x40) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001fc0), r2) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000020c0)={&(0x7f0000001f80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002080)={&(0x7f0000002000)={0x48, r3, 0x8, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x401, 0x20}}}}, [@NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}], @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x4000841) sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000002200)={&(0x7f0000002100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000021c0)={&(0x7f0000002140)={0x74, 0x7, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x2e, 0x7, 0x1, 0x0, "6c22081b48b6f4a1dc4a8bd57dbb3e6e00396f2bf1162101752974da130b66e790a2c9c946517df896a4"}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x74}, 0x1, 0x0, 0x0, 0x400c0}, 0x20000095) ioctl$HIDIOCGDEVINFO(r2, 0x801c4803, &(0x7f0000002240)=""/58) mq_timedsend(r0, &(0x7f0000002280)="f7a4bab64e326fb42f141eec2f2980ec365f324a01ece66b", 0x18, 0x9bb8, &(0x7f00000022c0)={0x77359400}) ioctl$BTRFS_IOC_GET_FEATURES(0xffffffffffffffff, 0x80189439, &(0x7f0000002300)) r4 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r4, 0xc0096616, &(0x7f0000002340)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}) tee(r2, r0, 0x59e7efbb, 0xb) close(r2) syz_clone3(&(0x7f0000002740)={0x20100, &(0x7f00000025c0)=0xffffffffffffffff, &(0x7f0000002600), &(0x7f0000002640), {0x37}, &(0x7f0000002680)=""/48, 0x30, &(0x7f00000026c0)=""/26, &(0x7f0000002700)=[0x0], 0x1, {r2}}, 0x58) r6 = syz_io_uring_complete(0x0) sendmmsg$unix(r2, &(0x7f0000002840)=[{{&(0x7f0000002380)=@abs={0x0, 0x0, 0x947}, 0x6e, &(0x7f0000002580)=[{&(0x7f0000002400)="c7f06491e6946ac81fca976eda792e40d02507cff3acc1c453cc0b86acc713af974555ffb350eaa1a1736689a296e5214aa9e86015ae6ddd31e19911ca2ce9c87d7d1e53", 0x44}, {&(0x7f0000002480)="12374e58c7c853cbe57eff74101b4472f44c7a2f365a5c4817096dda397ed2906e9bc02c200b99a45467d10552c5ab92df9e71eee91fd454e4c55cfcd8e204f27e2c4cb7fcdbe1340af4a52ce065198dac87b951499aa8ab96f1354ba2ea0e26836b39da2b62d3f5155f62", 0x6b}, {&(0x7f0000002500)="f673a1ba3c481fb3896c0f4c23da6ef324116b96916f4d281a96dd12c15ac1f18d54d90fda251da085ab3e969d06610d161dbf66df55c97e4acd5bb4ae52fec50e5f3bc11c78c85ea440c426df5ef620c8e1f3b7f4670f342f0d", 0x5a}], 0x3, &(0x7f00000027c0)=[@rights={{0x30, 0x1, 0x1, [r1, r4, r4, r2, r4, r1, r5, r4]}}, @rights={{0x18, 0x1, 0x1, [r2, r6]}}], 0x48, 0x40}}], 0x1, 0x8010) socket$nl_generic(0x10, 0x3, 0x10) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000002880)={0x2, 0x1, 0xdddd1000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) close(0xffffffffffffffff) 543.641224ms ago: executing program 1 (id=680): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe) r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r1, 0x800448d3, &(0x7f00000000c0)={@none, 0x6, 0x1998, 0x0, 0x1405, 0x2, "51d77656f4fe5fd2174d63614acd5d4a722b89ff122629e4c120dfb706f20125e9ba69e482a9f59737b79e14403b3985775efbde03f0329df7e5862e64dee2826e2aac5dcbc7872862a06479026adeb0c7a12bb06c227fa91fc86c1e07bef6ae6f5d206777e657f2efacb0679cec0001cd2943b0c28ffc4b230bfc3153dc09de"}) 513.649903ms ago: executing program 1 (id=681): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_TRY_ENCODER_CMD(r0, 0xc028564e, &(0x7f0000000040)={0x1, 0x1, [0x6, 0x4, 0x81, 0x7fff, 0x1, 0x8, 0x5, 0xb022]}) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000080)={0x0, 0x2, 0x2, {0x8, @raw_data="19886bad03452935ead7132703f5e4a7cd96d1c8ba0c076bf16fec29c09b91343877abb3a3fefae1613662edb44d1d7465f3a4ff67c0faf752a0c37997669fe755b3474cb59dc381783ace231bff7925a2421df21d58bf7cdb622eff08c45598d92041898c7a0f6cebeea044b7be64f25da01f6fb4231b3bc686e423f30b6eb039bf57fe66af4c760b4ca6e3e7a05ca985a12a66e7910e70bb941054f264666a146768b1c7c87a137a085f82f693e84d671d6bb600db43635943c1743bf68a918c7d45a1d684646b"}, 0x5}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000180)=@int=0x6, 0x4) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x5, 0x10}, &(0x7f0000000200)=0xc) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000240)={r3, 0xa675}, 0x8) r4 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_UPGRADEABLE_SERVICE(r4, 0x110, 0x5, &(0x7f0000000280), 0x2) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6, 0x10, 0xffffffffffffffff, 0x8000000) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_REMOVE={0x7, 0xa, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r6}}) ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000340)={0x1, 0x0, &(0x7f0000000300)=[0x0]}) ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000500)={&(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0], &(0x7f0000000480)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x2, 0x1, 0x8}) ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000540)={0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000740)={&(0x7f0000000600)=[0x0], &(0x7f0000000640)=[{}], &(0x7f00000006c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000700)=[0x0], 0x1, 0x9, 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000840)={&(0x7f00000007c0)=[0x0], &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0x0, 0xbbbbbbbb}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000900)={&(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000008c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, 0xe0e0e0e0}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000c40)={&(0x7f0000000940)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000980)=[{}, {}, {}, {}, {}, {}, {}, {}], &(0x7f0000000bc0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000c00)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x4, 0x8}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000d40)={&(0x7f0000000cc0)=[0x0, 0x0], &(0x7f0000000d00)=[0x0, 0x0, 0x0], 0x2, 0x0, 0xe0e0e0e0}) ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000dc0)={0x401, 0x8, &(0x7f0000000580)=[r7, 0x0, 0x0, 0x0, r8, r10, r11, 0x0], &(0x7f00000005c0)=[0x3, 0x6, 0x4, 0xfffffffd, 0x9], &(0x7f0000000d80)=[r12, r13, r14, 0x0, r15, r16], 0xfffffffffffffffd, 0x0, 0x2}) r17 = syz_open_dev$dri(&(0x7f0000000e00), 0x3, 0x200100) ioctl$DRM_IOCTL_MODE_GETGAMMA(r17, 0xc02064a4, &(0x7f0000000f00)={r9, 0x3, &(0x7f0000000e40)=[0x0, 0x9, 0x9], &(0x7f0000000e80)=[0x65a4, 0xfff9, 0x82d], &(0x7f0000000ec0)=[0x8, 0x3, 0xb9d3, 0x4, 0x6, 0xfff, 0x9]}) r18 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001240)={0xffffffffffffffff, 0xe0, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000f80)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0xa, &(0x7f0000000fc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xcf, &(0x7f0000001040)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000001080), &(0x7f00000010c0), 0x8, 0x7d, 0x8, 0x8, &(0x7f0000001100)}}, 0x10) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000001340)={'tunl0\x00', &(0x7f0000001280)={'gretap0\x00', 0x0, 0x40, 0x10, 0xc, 0x7, {{0x1d, 0x4, 0x2, 0x3, 0x74, 0x66, 0x0, 0x3, 0x4, 0x0, @broadcast, @loopback, {[@timestamp_prespec={0x44, 0x2c, 0x26, 0x3, 0x2, [{@multicast1, 0x80000001}, {@multicast1, 0x9}, {@dev={0xac, 0x14, 0x14, 0x32}, 0xfffffffc}, {@remote, 0x5}, {@dev={0xac, 0x14, 0x14, 0x23}, 0xfffff001}]}, @rr={0x7, 0x13, 0x55, [@remote, @local, @private=0xa010101, @local]}, @rr={0x7, 0x1f, 0x6f, [@remote, @rand_addr=0x64010102, @private=0xa010102, @rand_addr=0x64010102, @loopback, @loopback, @private=0xa010100]}]}}}}}) getpeername$packet(0xffffffffffffffff, &(0x7f0000001380)={0x11, 0x0, 0x0}, &(0x7f00000013c0)=0x14) sendmsg$nl_route(r18, &(0x7f0000001500)={&(0x7f0000000f40)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000014c0)={&(0x7f0000001400)=@RTM_DELMDB={0x98, 0x55, 0x2, 0x70bd2b, 0x25dfdbfd, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {r19, 0x1, 0x1, 0x1, {@in6_addr=@remote, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r20, 0x177fcfc2da14380b, 0x0, 0x1, {@in6_addr=@mcast2, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x3, 0x2, {@ip4=@rand_addr=0x64010101, 0x8edd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r21, 0x1, 0x2, 0x4, {@in6_addr=@remote}}}]}, 0x98}, 0x1, 0x0, 0x0, 0x40}, 0x0) 432.041799ms ago: executing program 1 (id=682): r0 = socket(0x840000000002, 0x3, 0xff) r1 = syz_open_dev$video(&(0x7f0000000000), 0x0, 0x101000) ioctl$VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f0000000200)={0x9, @sdr={0x50424752, 0x8}}) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24) sendmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000001880)=[{{0x0, 0x2, 0x0}}], 0xf000, 0x10002, 0x0) recvmsg$kcm(r2, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) recvfrom(r0, &(0x7f0000000380)=""/67, 0x43, 0x120, &(0x7f0000000440)=@generic={0xa, "7179f79230da3cb9a677b12c6bfdf3827e3e8ed0813ac75c57f4e70db6786d8ff3aa4c897b1fff1766e3afcb78ec228001dba757146e7b56fe6ba70aa0493cac89555f01227bb20bb4eb17197d3b8b40d796be94eb28e7ac6379f8458a66675df5060e0bb4de086f603e10b1dbbae07e4beab3e816269dbf9eb67063bf4a"}, 0x80) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)={0x4c, r4, 0x1, 0x0, 0x0, {0x24}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xab}}, {0x8}, {0x6}}]}, 0x4c}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r8, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x20, r6, 0x100, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x0, 0x1}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x41) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x42280, 0x0) close(0x4) ioctl$KVM_CHECK_EXTENSION(r11, 0xae01, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r12 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r6, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r13}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000800}, 0x8010) 431.867078ms ago: executing program 2 (id=683): syz_open_dev$sndctrl(&(0x7f0000000000), 0x5b, 0x20040) listen(0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) accept(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@timestamp_addr={0x44, 0x14, 0xa, 0x1, 0x0, [{}, {@dev}]}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$int_out(r3, 0x2, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 182.344508ms ago: executing program 2 (id=684): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x30, 0x3d, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @ipv4=@private=0xa0100fe}]}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x30}}, 0x0) (fail_nth: 4) 150.288547ms ago: executing program 0 (id=685): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x50, &(0x7f0000000180)={&(0x7f00000003c0)={0x30, 0x3d, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @ipv4=@private=0xa0100fe}]}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x30}}, 0x0) 72.491433ms ago: executing program 3 (id=686): r0 = socket$l2tp(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) connect$l2tp(r0, &(0x7f0000000240)={0x2, 0x0, @loopback}, 0x10) syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0) (fail_nth: 4) 72.135392ms ago: executing program 0 (id=687): openat$vcsu(0xffffff9c, 0x0, 0x401, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8815}, 0x24040009) mkdir(0x0, 0x0) mount(0x0, 0x0, 0x0, 0x0, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4010, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}}) chmod(&(0x7f0000000140)='./file0\x00', 0x0) r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0) write$binfmt_misc(r3, &(0x7f0000000300), 0x4) (fail_nth: 5) 2.265118ms ago: executing program 2 (id=688): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001028a006000104000000000000000000e50ceeb542e68e0043788b408f766fe356475e49ef9831e6c828b94d810b37efe00a476912fdadadcdf564a729ed87ccc1a0911d7a30dc7d1fdccb5e2f126b7d96d08148bce2681a00f6f9fd1c24e5c5d8d65e1d5572382e892a8df3986aa6373c717c6ab523e2c72bc642ebc755f24d3693a6f6c1ac7ab52dbc491a09624496ca5ed442803f1326bfaa279bbbdd870480e53ddf6890ab9a98dc331d98", @ANYRES32=0x0, @ANYBLOB="00000000001400001c00128009000100626f6e64000000000c0002800500060000000000"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000) 0s ago: executing program 2 (id=689): r0 = io_uring_setup(0x177f, &(0x7f00000002c0)={0x0, 0xa6f1, 0x0, 0x2, 0x3b0}) pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff}, 0x80) r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0x0) pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0xbc) close_range(r0, 0xffffffffffffffff, 0x1000000) kernel console output (not intermixed with test programs): ng dummy_hcd [ 70.057410][ T63] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 70.185543][ T63] usb 7-1: device descriptor read/64, error -71 [ 70.205029][ T6258] usb 6-1: Using ep0 maxpacket: 16 [ 70.211108][ T6258] usb 6-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 70.214602][ T6258] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.218828][ T6258] usb 6-1: Product: syz [ 70.220110][ T6258] usb 6-1: Manufacturer: syz [ 70.221403][ T6258] usb 6-1: SerialNumber: syz [ 70.224795][ T6258] usb 6-1: config 0 descriptor?? [ 70.231599][ T6258] ssu100 6-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 70.434978][ T63] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 70.575008][ T63] usb 7-1: device descriptor read/64, error -71 [ 70.695220][ T63] usb usb7-port1: attempt power cycle [ 71.019061][ T6732] netlink: 'syz.3.274': attribute type 2 has an invalid length. [ 71.019662][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.023403][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.034106][ T6258] ssu100 6-1:0.0: probe with driver ssu100 failed with error -71 [ 71.037296][ T6258] usb 6-1: USB disconnect, device number 4 [ 71.045004][ T63] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 71.065364][ T63] usb 7-1: device descriptor read/8, error -71 [ 71.095637][ T5949] Bluetooth: hci1: command 0x0c1a tx timeout [ 71.103964][ T6734] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.109842][ T6734] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 71.112125][ T6734] macvlan2: entered allmulticast mode [ 71.113618][ T6734] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode [ 71.119105][ T6734] mac80211_hwsim hwsim2 wlan0: left promiscuous mode [ 71.240154][ T39] kauditd_printk_skb: 6 callbacks suppressed [ 71.240164][ T39] audit: type=1400 audit(1733702124.417:268): avc: denied { write } for pid=6735 comm="syz.0.276" name="001" dev="devtmpfs" ino=764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 71.315761][ T63] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 71.357141][ T63] usb 7-1: device descriptor read/8, error -71 [ 71.465210][ T63] usb usb7-port1: unable to enumerate USB device [ 71.510365][ T39] audit: type=1400 audit(1733702124.687:269): avc: denied { ioctl } for pid=6748 comm="syz.0.282" path="socket:[10111]" dev="sockfs" ino=10111 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 71.633454][ T6760] io-wq is not configured for unbound workers [ 71.815895][ T5949] Bluetooth: hci3: command 0x0c1a tx timeout [ 71.815950][ T5943] Bluetooth: hci2: command 0x0c1a tx timeout [ 71.901009][ T39] audit: type=1400 audit(1733702125.077:270): avc: denied { read } for pid=6763 comm="syz.3.289" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 71.907926][ T39] audit: type=1400 audit(1733702125.077:271): avc: denied { open } for pid=6763 comm="syz.3.289" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 71.913978][ T39] audit: type=1400 audit(1733702125.087:272): avc: denied { ioctl } for pid=6763 comm="syz.3.289" path="/dev/dri/card1" dev="devtmpfs" ino=636 ioctlcmd=0x64a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 71.915046][ T30] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 72.069837][ T30] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 72.072378][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 72.076325][ T30] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 72.078786][ T30] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 72.081080][ T30] usb 5-1: Manufacturer: syz [ 72.087747][ T30] usb 5-1: config 0 descriptor?? [ 72.144975][ T30] rc_core: IR keymap rc-hauppauge not found [ 72.146623][ T30] Registered IR keymap rc-empty [ 72.149372][ T30] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 72.153100][ T30] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input7 [ 72.466383][ T6774] netlink: 12 bytes leftover after parsing attributes in process `syz.2.291'. [ 72.493383][ T6769] rc rc0: two consecutive events of type space [ 72.525619][ T6778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.292'. [ 72.693836][ T30] usb 5-1: USB disconnect, device number 7 [ 72.704053][ T39] audit: type=1400 audit(1733702125.877:273): avc: denied { lock } for pid=6783 comm="syz.3.296" path="socket:[12831]" dev="sockfs" ino=12831 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 72.805109][ T9] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 72.956796][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 72.960502][ T9] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 72.963788][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.968882][ T6786] block nbd3: shutting down sockets [ 72.969965][ T9] usb 7-1: config 0 descriptor?? [ 72.977169][ T9] pwc: Askey VC010 type 2 USB webcam detected. [ 73.175238][ T5949] Bluetooth: hci1: command 0x0c1a tx timeout [ 73.381772][ T9] pwc: recv_control_msg error -32 req 02 val 2b00 [ 73.384001][ T9] pwc: recv_control_msg error -32 req 02 val 2700 [ 73.386197][ T9] pwc: recv_control_msg error -32 req 02 val 2c00 [ 73.388375][ T9] pwc: recv_control_msg error -32 req 04 val 1000 [ 73.389899][ T39] audit: type=1326 audit(1733702126.567:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6792 comm="syz.1.299" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a2f7fed9 code=0x7ffc0000 [ 73.390409][ T9] pwc: recv_control_msg error -32 req 04 val 1300 [ 73.398209][ T39] audit: type=1326 audit(1733702126.567:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6792 comm="syz.1.299" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a2f7fed9 code=0x7ffc0000 [ 73.399987][ T9] pwc: recv_control_msg error -32 req 04 val 1400 [ 73.407686][ T39] audit: type=1326 audit(1733702126.567:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6792 comm="syz.1.299" exe="/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7f27a2f7fed9 code=0x7ffc0000 [ 73.409584][ T9] pwc: recv_control_msg error -32 req 02 val 2000 [ 73.418200][ T39] audit: type=1326 audit(1733702126.567:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6792 comm="syz.1.299" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27a2f7fed9 code=0x7ffc0000 [ 73.510424][ T5949] Bluetooth: hci3: Invalid handle: 0xc300 > 0x0eff [ 73.634173][ T9] pwc: recv_control_msg error -71 req 04 val 1500 [ 73.637414][ T9] pwc: recv_control_msg error -71 req 02 val 2500 [ 73.645606][ T9] pwc: recv_control_msg error -71 req 02 val 2400 [ 73.648187][ T9] pwc: recv_control_msg error -71 req 02 val 2600 [ 73.650324][ T9] pwc: recv_control_msg error -71 req 02 val 2900 [ 73.652358][ T9] pwc: recv_control_msg error -71 req 02 val 2800 [ 73.654342][ T9] pwc: recv_control_msg error -71 req 04 val 1100 [ 73.657359][ T9] pwc: recv_control_msg error -71 req 04 val 1200 [ 73.661594][ T9] pwc: Registered as video103. [ 73.663409][ T9] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb7/7-1/input/input8 [ 73.670145][ T9] usb 7-1: USB disconnect, device number 7 [ 73.747246][ T6809] sg_write: data in/out 11/10 bytes for SCSI command 0xff-- guessing data in; [ 73.747246][ T6809] program syz.1.303 not setting count and/or reply_len properly [ 73.895649][ T5949] Bluetooth: hci3: command 0x0c1a tx timeout [ 73.905087][ T5949] Bluetooth: hci2: command 0x0c1a tx timeout [ 75.047294][ T6836] bond_slave_0: entered promiscuous mode [ 75.050053][ T6836] bond_slave_1: entered promiscuous mode [ 75.058465][ T6836] vlan2: entered promiscuous mode [ 75.059909][ T6836] bond0: entered promiscuous mode [ 75.063951][ T6836] bond0: left promiscuous mode [ 75.066054][ T6836] bond_slave_0: left promiscuous mode [ 75.068158][ T6836] bond_slave_1: left promiscuous mode [ 75.255219][ T5949] Bluetooth: hci1: command 0x0c1a tx timeout [ 75.293067][ T6851] netlink: 12 bytes leftover after parsing attributes in process `syz.2.319'. [ 75.733517][ T6879] input: syz0 as /devices/virtual/input/input9 [ 75.975079][ T5949] Bluetooth: hci2: command 0x0c1a tx timeout [ 75.985030][ T5949] Bluetooth: hci3: command 0x0c1a tx timeout [ 76.515467][ T6037] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 76.815895][ T6037] usb 7-1: device descriptor read/64, error -71 [ 77.054998][ T6037] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 77.208189][ T6037] usb 7-1: device descriptor read/64, error -71 [ 77.335432][ T6908] netlink: 12 bytes leftover after parsing attributes in process `syz.0.342'. [ 77.343421][ T6037] usb usb7-port1: attempt power cycle [ 77.374991][ T39] kauditd_printk_skb: 7 callbacks suppressed [ 77.375001][ T39] audit: type=1400 audit(1733702130.547:285): avc: denied { watch } for pid=6911 comm="syz.3.343" path="/82/bus/net_prio.prioidx" dev="overlay" ino=456 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 77.382712][ T39] audit: type=1400 audit(1733702130.557:286): avc: denied { watch_sb watch_reads } for pid=6911 comm="syz.3.343" path="/82/bus/net_prio.prioidx" dev="overlay" ino=456 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 77.428574][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.3.349'. [ 77.432882][ T6922] bridge0: entered promiscuous mode [ 77.528557][ T39] audit: type=1804 audit(1733702130.707:287): pid=6930 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.0.352" name="/newroot/99/file0" dev="fuse" ino=1 res=1 errno=0 [ 77.549191][ T39] audit: type=1400 audit(1733702130.727:288): avc: denied { write } for pid=6931 comm="syz.3.353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 77.705371][ T6037] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 77.725501][ T6037] usb 7-1: device descriptor read/8, error -71 [ 77.975034][ T6037] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 78.005447][ T6037] usb 7-1: device descriptor read/8, error -71 [ 78.055780][ T5949] Bluetooth: hci2: command 0x0c1a tx timeout [ 78.115212][ T6037] usb usb7-port1: unable to enumerate USB device [ 79.312959][ T39] audit: type=1400 audit(1733702132.487:289): avc: denied { create } for pid=6995 comm="syz.2.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 79.318922][ T39] audit: type=1400 audit(1733702132.497:290): avc: denied { bind } for pid=6995 comm="syz.2.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 79.323840][ T39] audit: type=1400 audit(1733702132.497:291): avc: denied { ioctl } for pid=6995 comm="syz.2.364" path="socket:[11961]" dev="sockfs" ino=11961 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 79.357742][ T39] audit: type=1400 audit(1733702132.537:292): avc: denied { unmount } for pid=5937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 80.274985][ T57] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 80.414974][ T57] usb 8-1: device descriptor read/64, error -71 [ 80.586293][ T39] audit: type=1400 audit(1733702133.757:293): avc: denied { create } for pid=7016 comm="syz.1.374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 80.597311][ T39] audit: type=1400 audit(1733702133.757:294): avc: denied { connect } for pid=7016 comm="syz.1.374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 80.975050][ T57] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 81.116582][ T57] usb 8-1: device descriptor read/64, error -71 [ 81.235145][ T57] usb usb8-port1: attempt power cycle [ 81.257251][ T1019] cfg80211: failed to load regulatory.db [ 81.555445][ T6037] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 81.585007][ T57] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 81.615371][ T57] usb 8-1: device descriptor read/8, error -71 [ 81.705318][ T6037] usb 7-1: Using ep0 maxpacket: 16 [ 81.707909][ T6037] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 81.710146][ T6037] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 81.712729][ T6037] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 81.716637][ T6037] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 81.718952][ T6037] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.721005][ T6037] usb 7-1: Product: syz [ 81.722102][ T6037] usb 7-1: Manufacturer: syz [ 81.723322][ T6037] usb 7-1: SerialNumber: syz [ 81.875119][ T57] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 81.896430][ T57] usb 8-1: device descriptor read/8, error -71 [ 82.005332][ T57] usb usb8-port1: unable to enumerate USB device [ 82.136156][ T6037] usb 7-1: 0:2 : does not exist [ 82.749346][ T6037] usb 7-1: 1:0: failed to get current value for ch 0 (-22) [ 82.765856][ T6037] usb 7-1: USB disconnect, device number 12 [ 83.136005][ T6814] udevd[6814]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 83.761877][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 83.761887][ T39] audit: type=1400 audit(1733702136.937:299): avc: denied { read } for pid=7085 comm="syz.1.400" name="usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 83.769593][ T39] audit: type=1400 audit(1733702136.937:300): avc: denied { open } for pid=7085 comm="syz.1.400" path="/dev/usbmon0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 83.776833][ T39] audit: type=1400 audit(1733702136.947:301): avc: denied { ioctl } for pid=7085 comm="syz.1.400" path="/dev/usbmon0" dev="devtmpfs" ino=737 ioctlcmd=0x9206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 84.892801][ T39] audit: type=1804 audit(1733702138.067:302): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.416" name="/newroot/104/file0" dev="fuse" ino=1 res=1 errno=0 [ 85.012120][ T39] audit: type=1400 audit(1733702138.187:303): avc: denied { create } for pid=7145 comm="syz.2.421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 85.021653][ T39] audit: type=1400 audit(1733702138.187:304): avc: denied { write } for pid=7145 comm="syz.2.421" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 85.239341][ T39] audit: type=1400 audit(1733702138.417:305): avc: denied { read } for pid=7147 comm="syz.1.422" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 85.272363][ T7163] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 85.853870][ T7174] openvswitch: netlink: IPv4 tunnel dst address is zero [ 86.326680][ T39] audit: type=1400 audit(1733702139.507:306): avc: denied { write } for pid=7192 comm="syz.2.438" name="/" dev="9p" ino=36449060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 86.332478][ T7193] overlay: ./file0 is not a directory [ 86.332632][ T39] audit: type=1400 audit(1733702139.507:307): avc: denied { add_name } for pid=7192 comm="syz.2.438" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 86.339494][ T39] audit: type=1400 audit(1733702139.507:308): avc: denied { create } for pid=7192 comm="syz.2.438" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 86.481948][ T7198] netlink: 92 bytes leftover after parsing attributes in process `syz.2.440'. [ 86.901037][ T7212] syzkaller0: entered allmulticast mode [ 86.951364][ T7217] overlay: ./file0 is not a directory [ 87.065085][ T8] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 87.225018][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 87.228589][ T8] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 87.231462][ T8] usb 6-1: config 0 has no interface number 0 [ 87.233619][ T8] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 87.237646][ T8] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 87.240786][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.245041][ T8] usb 6-1: config 0 descriptor?? [ 87.250336][ T8] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 87.565425][ T7224] ======================================================= [ 87.565425][ T7224] WARNING: The mand mount option has been deprecated and [ 87.565425][ T7224] and is ignored by this kernel. Remove the mand [ 87.565425][ T7224] option from the mount to silence this warning. [ 87.565425][ T7224] ======================================================= [ 87.679269][ T7237] tipc: Started in network mode [ 87.680585][ T7237] tipc: Node identity 3e2caf7ad6e8, cluster identity 4711 [ 87.682276][ T7234] befs: Unknown parameter 'çú&¿•§“¬'Õy¨)#大 [ 87.682276][ T7234] s' [ 87.682444][ T7237] tipc: Enabled bearer , priority 0 [ 87.686945][ T7237] FAULT_INJECTION: forcing a failure. [ 87.686945][ T7237] name failslab, interval 1, probability 0, space 0, times 1 [ 87.690178][ T7237] CPU: 0 UID: 0 PID: 7237 Comm: syz.3.454 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 87.692804][ T7237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.695450][ T7237] Call Trace: [ 87.696303][ T7237] [ 87.697088][ T7237] dump_stack_lvl+0x16c/0x1f0 [ 87.698308][ T7237] should_fail_ex+0x497/0x5b0 [ 87.699487][ T7237] ? fs_reclaim_acquire+0xae/0x150 [ 87.700839][ T7237] should_failslab+0xc2/0x120 [ 87.702300][ T7237] __kmalloc_noprof+0xcb/0x510 [ 87.703740][ T7237] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 87.705504][ T7237] tomoyo_realpath_from_path+0xb9/0x720 [ 87.707369][ T7237] ? tomoyo_path_number_perm+0x235/0x590 [ 87.709229][ T7237] ? tomoyo_path_number_perm+0x235/0x590 [ 87.711263][ T7237] tomoyo_path_number_perm+0x248/0x590 [ 87.713230][ T7237] ? tomoyo_path_number_perm+0x235/0x590 [ 87.715300][ T7237] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 87.717498][ T7237] ? __pfx_lock_release+0x10/0x10 [ 87.719303][ T7237] ? trace_lock_acquire+0x14e/0x1f0 [ 87.721076][ T7237] ? lock_acquire+0x2f/0xb0 [ 87.722630][ T7237] ? __fget_files+0x40/0x3a0 [ 87.724268][ T7237] ? __fget_files+0x206/0x3a0 [ 87.725885][ T7237] security_file_ioctl+0x9b/0x240 [ 87.727710][ T7237] __x64_sys_ioctl+0xb7/0x200 [ 87.729419][ T7237] do_syscall_64+0xcd/0x250 [ 87.731053][ T7237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.733219][ T7237] RIP: 0033:0x7f214cf7fed9 [ 87.734745][ T7237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.741221][ T7237] RSP: 002b:00007f214dd29058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.744127][ T7237] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7fed9 [ 87.746870][ T7237] RDX: 0000000020002280 RSI: 0000000000008914 RDI: 0000000000000004 [ 87.749622][ T7237] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 87.751962][ T7237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.754775][ T7237] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 87.757599][ T7237] [ 87.763603][ T7237] ERROR: Out of memory at tomoyo_realpath_from_path. [ 87.795357][ T7237] tipc: Resetting bearer [ 87.799411][ T7236] tipc: Resetting bearer [ 87.838157][ T5949] Bluetooth: hci2: unexpected event for opcode 0x0c26 [ 88.575194][ T73] usb 6-1: USB disconnect, device number 5 [ 88.667960][ T7257] overlay: ./file0 is not a directory [ 88.777891][ T6037] tipc: Node number set to 3905204090 [ 88.961421][ T7236] tipc: Disabling bearer [ 88.973848][ T39] kauditd_printk_skb: 30 callbacks suppressed [ 88.973859][ T39] audit: type=1400 audit(1733702142.147:339): avc: denied { search } for pid=5651 comm="dhcpcd" name="netdev:wlan2" dev="debugfs" ino=16408 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 88.981985][ T7248] tipc: Started in network mode [ 88.983832][ T7248] tipc: Node identity ac14142f, cluster identity 4711 [ 88.986145][ T7248] tipc: New replicast peer: 0.0.0.0 [ 88.987812][ T7248] tipc: Enabled bearer , priority 10 [ 88.990931][ T7251] tipc: New replicast peer: 100.1.1.0 [ 89.018594][ T39] audit: type=1400 audit(1733702142.197:340): avc: denied { mount } for pid=7262 comm="syz.2.461" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 89.035099][ T39] audit: type=1400 audit(1733702142.197:341): avc: denied { remount } for pid=7262 comm="syz.2.461" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 89.167660][ T7281] syzkaller1: entered promiscuous mode [ 89.169583][ T7281] syzkaller1: entered allmulticast mode [ 89.176981][ T7281] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7281 comm=syz.1.464 [ 89.291971][ T39] audit: type=1400 audit(1733702142.467:342): avc: denied { unmount } for pid=5937 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 89.411755][ T7299] netlink: 1272 bytes leftover after parsing attributes in process `syz.2.470'. [ 89.415255][ T7299] openvswitch: netlink: Flow actions attr not present in new flow. [ 89.456811][ T7305] FAULT_INJECTION: forcing a failure. [ 89.456811][ T7305] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 89.460394][ T7305] CPU: 0 UID: 0 PID: 7305 Comm: syz.2.472 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 89.463715][ T7305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.466577][ T7305] Call Trace: [ 89.467600][ T7305] [ 89.468518][ T7305] dump_stack_lvl+0x16c/0x1f0 [ 89.469945][ T7305] should_fail_ex+0x497/0x5b0 [ 89.471665][ T7305] _copy_from_user+0x2e/0xd0 [ 89.473014][ T7305] copy_msghdr_from_user+0x99/0x160 [ 89.474387][ T7305] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 89.476371][ T7305] ___sys_sendmsg+0xff/0x1e0 [ 89.477813][ T7305] ? __pfx____sys_sendmsg+0x10/0x10 [ 89.479278][ T7305] ? __pfx_lock_release+0x10/0x10 [ 89.480808][ T7305] ? trace_lock_acquire+0x14e/0x1f0 [ 89.482434][ T7305] ? __fget_files+0x206/0x3a0 [ 89.483908][ T7305] __sys_sendmsg+0x16e/0x220 [ 89.485588][ T7305] ? __pfx___sys_sendmsg+0x10/0x10 [ 89.486924][ T7305] do_syscall_64+0xcd/0x250 [ 89.488195][ T7305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.489795][ T7305] RIP: 0033:0x7fb9b537fed9 [ 89.491035][ T7305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.496470][ T7305] RSP: 002b:00007fb9b6214058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 89.498689][ T7305] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537fed9 [ 89.500844][ T7305] RDX: 0000000000008010 RSI: 0000000020000180 RDI: 0000000000000003 [ 89.502981][ T7305] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 89.505131][ T7305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.507285][ T7305] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 89.509309][ T7305] [ 89.531615][ T7307] netlink: 8 bytes leftover after parsing attributes in process `syz.3.473'. [ 89.536403][ T7307] netlink: 24 bytes leftover after parsing attributes in process `syz.3.473'. [ 89.641041][ T39] audit: type=1400 audit(1733702142.817:343): avc: denied { read write } for pid=7317 comm="syz.1.478" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 89.647462][ T39] audit: type=1400 audit(1733702142.817:344): avc: denied { open } for pid=7317 comm="syz.1.478" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 89.654242][ T39] audit: type=1400 audit(1733702142.817:345): avc: denied { ioctl } for pid=7317 comm="syz.1.478" path="/dev/raw-gadget" dev="devtmpfs" ino=849 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 89.792367][ T7327] FAULT_INJECTION: forcing a failure. [ 89.792367][ T7327] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 89.796210][ T7327] CPU: 3 UID: 0 PID: 7327 Comm: syz.2.482 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 89.799018][ T7327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.801866][ T7327] Call Trace: [ 89.802748][ T7327] [ 89.803558][ T7327] dump_stack_lvl+0x16c/0x1f0 [ 89.804818][ T7327] should_fail_ex+0x497/0x5b0 [ 89.806073][ T7327] _copy_from_user+0x2e/0xd0 [ 89.807318][ T7327] copy_msghdr_from_user+0x99/0x160 [ 89.808702][ T7327] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 89.810227][ T7327] ___sys_sendmsg+0xff/0x1e0 [ 89.811510][ T7327] ? __pfx____sys_sendmsg+0x10/0x10 [ 89.812900][ T7327] ? __pfx_lock_release+0x10/0x10 [ 89.814238][ T7327] ? trace_lock_acquire+0x14e/0x1f0 [ 89.815614][ T7327] ? __fget_files+0x206/0x3a0 [ 89.817096][ T7327] __sys_sendmsg+0x16e/0x220 [ 89.818729][ T7327] ? __pfx___sys_sendmsg+0x10/0x10 [ 89.820564][ T7327] do_syscall_64+0xcd/0x250 [ 89.822229][ T7327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.824328][ T7327] RIP: 0033:0x7fb9b537fed9 [ 89.825971][ T7327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.832171][ T7327] RSP: 002b:00007fb9b6214058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 89.834554][ T7327] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537fed9 [ 89.837138][ T7327] RDX: 0000000000000840 RSI: 0000000020000180 RDI: 0000000000000003 [ 89.839892][ T7327] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 89.842743][ T7327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.845605][ T7327] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 89.848453][ T7327] [ 89.851224][ T39] audit: type=1400 audit(1733702143.037:346): avc: denied { search } for pid=5333 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 89.883150][ T7329] syz.2.483[7329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.883205][ T7329] syz.2.483[7329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.886210][ T7329] syz.2.483[7329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.891607][ T39] audit: type=1400 audit(1733702143.067:347): avc: denied { write } for pid=7328 comm="syz.2.483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 89.899674][ T39] audit: type=1400 audit(1733702143.077:348): avc: denied { create } for pid=7328 comm="syz.2.483" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 89.915346][ T30] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 89.947302][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.484'. [ 89.962828][ T7329] infiniband syz2: set down [ 89.965056][ T7329] infiniband syz2: added ipvlan1 [ 89.985062][ T6037] tipc: Node number set to 2886997039 [ 89.987111][ T7329] RDS/IB: syz2: added [ 89.988479][ T7329] smc: adding ib device syz2 with port count 1 [ 89.990098][ T7329] smc: ib device syz2 port 1 has pnetid [ 90.065450][ T30] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 90.068781][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 90.071113][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 90.073985][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 90.076538][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 90.078861][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 90.081637][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 90.084035][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 90.086703][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 90.094997][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 90.098175][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 90.101204][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 90.104006][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 90.110384][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 90.113409][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 90.118087][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 90.121009][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 90.123300][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 90.127248][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 90.130204][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 90.133072][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 90.136754][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 90.141839][ T30] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 90.144874][ T30] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 90.148287][ T30] usb 6-1: config 0 interface 0 has no altsetting 0 [ 90.150194][ T7340] netlink: 12 bytes leftover after parsing attributes in process `syz.0.486'. [ 90.152154][ T30] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 90.156116][ T30] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 90.159004][ T30] usb 6-1: Product: syz [ 90.160475][ T30] usb 6-1: Manufacturer: syz [ 90.162185][ T30] usb 6-1: SerialNumber: syz [ 90.174325][ T30] usb 6-1: config 0 descriptor?? [ 90.181113][ T30] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 90.201138][ T7345] openvswitch: netlink: IPv4 tunnel dst address is zero [ 90.210450][ T7347] FAULT_INJECTION: forcing a failure. [ 90.210450][ T7347] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.214816][ T7347] CPU: 3 UID: 0 PID: 7347 Comm: syz.2.489 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 90.217575][ T7347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.220609][ T7347] Call Trace: [ 90.221492][ T7347] [ 90.222281][ T7347] dump_stack_lvl+0x16c/0x1f0 [ 90.223542][ T7347] should_fail_ex+0x497/0x5b0 [ 90.224773][ T7347] _copy_from_user+0x2e/0xd0 [ 90.226033][ T7347] copy_msghdr_from_user+0x99/0x160 [ 90.227443][ T7347] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 90.228952][ T7347] ___sys_sendmsg+0xff/0x1e0 [ 90.230150][ T7347] ? __pfx____sys_sendmsg+0x10/0x10 [ 90.231518][ T7347] ? __pfx_lock_release+0x10/0x10 [ 90.232820][ T7347] ? trace_lock_acquire+0x14e/0x1f0 [ 90.234200][ T7347] ? __fget_files+0x206/0x3a0 [ 90.235449][ T7347] __sys_sendmsg+0x16e/0x220 [ 90.236674][ T7347] ? __pfx___sys_sendmsg+0x10/0x10 [ 90.238015][ T7347] do_syscall_64+0xcd/0x250 [ 90.239219][ T7347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.240747][ T7347] RIP: 0033:0x7fb9b537fed9 [ 90.241936][ T7347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.246904][ T7347] RSP: 002b:00007fb9b6214058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.249086][ T7347] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537fed9 [ 90.251171][ T7347] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 90.253350][ T7347] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 90.255850][ T7347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.258597][ T7347] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 90.261346][ T7347] [ 90.395297][ T6037] usb 6-1: USB disconnect, device number 6 [ 90.398339][ T6037] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 90.853991][ T7390] syzkaller0: entered allmulticast mode [ 90.897116][ T7393] netlink: 48 bytes leftover after parsing attributes in process `syz.2.504'. [ 90.899803][ T7393] netlink: 32 bytes leftover after parsing attributes in process `syz.2.504'. [ 91.717955][ T7403] FAULT_INJECTION: forcing a failure. [ 91.717955][ T7403] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 91.723032][ T7403] CPU: 2 UID: 0 PID: 7403 Comm: syz.2.508 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 91.726841][ T7403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.730569][ T7403] Call Trace: [ 91.731714][ T7403] [ 91.732737][ T7403] dump_stack_lvl+0x16c/0x1f0 [ 91.734398][ T7403] should_fail_ex+0x497/0x5b0 [ 91.736121][ T7403] _copy_to_user+0x32/0xd0 [ 91.737580][ T7403] simple_read_from_buffer+0xd0/0x160 [ 91.739280][ T7403] proc_fail_nth_read+0x198/0x270 [ 91.740940][ T7403] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 91.742795][ T7403] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 91.744229][ T7403] vfs_read+0x1df/0xbe0 [ 91.745267][ T7403] ? __fget_files+0x1fc/0x3a0 [ 91.746462][ T7403] ? __pfx___mutex_lock+0x10/0x10 [ 91.747752][ T7403] ? __pfx_vfs_read+0x10/0x10 [ 91.748947][ T7403] ? __fget_files+0x206/0x3a0 [ 91.750093][ T7403] ksys_read+0x12b/0x250 [ 91.751184][ T7403] ? __pfx_ksys_read+0x10/0x10 [ 91.752443][ T7403] do_syscall_64+0xcd/0x250 [ 91.753595][ T7403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.755081][ T7403] RIP: 0033:0x7fb9b537e8ec [ 91.756191][ T7403] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 91.761048][ T7403] RSP: 002b:00007fb9b6214050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 91.763153][ T7403] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537e8ec [ 91.765175][ T7403] RDX: 000000000000000f RSI: 00007fb9b62140b0 RDI: 0000000000000005 [ 91.767181][ T7403] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 91.769179][ T7403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.771392][ T7403] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 91.773357][ T7403] [ 91.807606][ T7405] xt_hashlimit: size too large, truncated to 1048576 [ 91.914208][ T7407] could not allocate digest TFM handle blake2s-224 [ 91.994012][ T7418] netlink: 'syz.1.512': attribute type 1 has an invalid length. [ 91.997064][ T7418] netlink: 'syz.1.512': attribute type 3 has an invalid length. [ 91.999084][ T7418] netlink: 224 bytes leftover after parsing attributes in process `syz.1.512'. [ 92.022838][ T7420] FAULT_INJECTION: forcing a failure. [ 92.022838][ T7420] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.034722][ T7420] CPU: 0 UID: 0 PID: 7420 Comm: syz.1.513 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 92.037956][ T7420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.040792][ T7420] Call Trace: [ 92.041597][ T7420] [ 92.042352][ T7420] dump_stack_lvl+0x16c/0x1f0 [ 92.043545][ T7420] should_fail_ex+0x497/0x5b0 [ 92.044690][ T7420] _copy_from_user+0x2e/0xd0 [ 92.045795][ T7420] copy_msghdr_from_user+0x99/0x160 [ 92.047066][ T7420] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 92.048456][ T7420] ___sys_sendmsg+0xff/0x1e0 [ 92.049609][ T7420] ? __pfx____sys_sendmsg+0x10/0x10 [ 92.050991][ T7420] ? __pfx_lock_release+0x10/0x10 [ 92.052193][ T7420] ? trace_lock_acquire+0x14e/0x1f0 [ 92.053453][ T7420] ? __fget_files+0x206/0x3a0 [ 92.054634][ T7420] __sys_sendmsg+0x16e/0x220 [ 92.055804][ T7420] ? __pfx___sys_sendmsg+0x10/0x10 [ 92.057054][ T7420] do_syscall_64+0xcd/0x250 [ 92.058226][ T7420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.059770][ T7420] RIP: 0033:0x7f27a2f7fed9 [ 92.060861][ T7420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.065548][ T7420] RSP: 002b:00007f27a3e72058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.067598][ T7420] RAX: ffffffffffffffda RBX: 00007f27a3145fa0 RCX: 00007f27a2f7fed9 [ 92.069697][ T7420] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004 [ 92.071696][ T7420] RBP: 00007f27a3e720a0 R08: 0000000000000000 R09: 0000000000000000 [ 92.073674][ T7420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.075656][ T7420] R13: 0000000000000000 R14: 00007f27a3145fa0 R15: 00007fffc0400e98 [ 92.077662][ T7420] [ 92.118586][ T7425] overlay: ./file0 is not a directory [ 92.235407][ T7432] xt_hashlimit: size too large, truncated to 1048576 [ 92.503527][ T7444] tmpfs: Bad value for 'mpol' [ 92.579773][ T7450] overlay: ./file0 is not a directory [ 92.630187][ T7452] FAULT_INJECTION: forcing a failure. [ 92.630187][ T7452] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.633637][ T7452] CPU: 1 UID: 0 PID: 7452 Comm: syz.2.525 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 92.636212][ T7452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.638859][ T7452] Call Trace: [ 92.639727][ T7452] [ 92.640495][ T7452] dump_stack_lvl+0x16c/0x1f0 [ 92.641842][ T7452] should_fail_ex+0x497/0x5b0 [ 92.643035][ T7452] _copy_to_iter+0x2a1/0x1560 [ 92.644207][ T7452] ? pipe_read+0x8b7/0x13f0 [ 92.645344][ T7452] ? find_held_lock+0x2d/0x110 [ 92.646582][ T7452] ? __pfx__copy_to_iter+0x10/0x10 [ 92.647896][ T7452] ? __pfx___mutex_lock+0x10/0x10 [ 92.649165][ T7452] copy_page_to_iter+0xf1/0x180 [ 92.650403][ T7452] pipe_read+0x53d/0x13f0 [ 92.651502][ T7452] ? __pfx_pipe_read+0x10/0x10 [ 92.652722][ T7452] ? __pfx_autoremove_wake_function+0x10/0x10 [ 92.654238][ T7452] ? bpf_lsm_file_permission+0x9/0x10 [ 92.655570][ T7452] ? security_file_permission+0x71/0x210 [ 92.657015][ T7452] vfs_read+0xa4c/0xbe0 [ 92.658074][ T7452] ? __pfx_vfs_read+0x10/0x10 [ 92.659265][ T7452] ? __fget_files+0x40/0x3a0 [ 92.660436][ T7452] ksys_read+0x207/0x250 [ 92.661493][ T7452] ? __pfx_ksys_read+0x10/0x10 [ 92.662698][ T7452] do_syscall_64+0xcd/0x250 [ 92.663850][ T7452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.665342][ T7452] RIP: 0033:0x7fb9b537fed9 [ 92.666423][ T7452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.671134][ T7452] RSP: 002b:00007fb9b6214058 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 92.673137][ T7452] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537fed9 [ 92.675047][ T7452] RDX: 0000000000000010 RSI: 0000000020000100 RDI: 0000000000000003 [ 92.677012][ T7452] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 92.678788][ T7452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.680723][ T7452] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 92.682670][ T7452] [ 92.789202][ T7465] netlink: 260 bytes leftover after parsing attributes in process `syz.3.531'. [ 92.892830][ T7469] netlink: 52 bytes leftover after parsing attributes in process `syz.2.530'. [ 92.895265][ T7469] netlink: 32 bytes leftover after parsing attributes in process `syz.2.530'. [ 92.968709][ T7473] FAULT_INJECTION: forcing a failure. [ 92.968709][ T7473] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.973176][ T7473] CPU: 3 UID: 0 PID: 7473 Comm: syz.0.534 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 92.976999][ T7473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.980787][ T7473] Call Trace: [ 92.981975][ T7473] [ 92.983039][ T7473] dump_stack_lvl+0x16c/0x1f0 [ 92.984631][ T7473] should_fail_ex+0x497/0x5b0 [ 92.986211][ T7473] _copy_from_user+0x2e/0xd0 [ 92.987876][ T7473] copy_msghdr_from_user+0x99/0x160 [ 92.989292][ T7473] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 92.990788][ T7473] ___sys_sendmsg+0xff/0x1e0 [ 92.991998][ T7473] ? __pfx____sys_sendmsg+0x10/0x10 [ 92.993390][ T7473] ? __pfx_lock_release+0x10/0x10 [ 92.995170][ T7473] ? trace_lock_acquire+0x14e/0x1f0 [ 92.997013][ T7473] ? __fget_files+0x206/0x3a0 [ 92.998668][ T7473] __sys_sendmsg+0x16e/0x220 [ 93.000297][ T7473] ? __pfx___sys_sendmsg+0x10/0x10 [ 93.002111][ T7473] do_syscall_64+0xcd/0x250 [ 93.003599][ T7473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.005681][ T7473] RIP: 0033:0x7fdcdb37fed9 [ 93.007199][ T7473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.013765][ T7473] RSP: 002b:00007fdcdc149058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 93.016624][ T7473] RAX: ffffffffffffffda RBX: 00007fdcdb545fa0 RCX: 00007fdcdb37fed9 [ 93.019384][ T7473] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 93.022123][ T7473] RBP: 00007fdcdc1490a0 R08: 0000000000000000 R09: 0000000000000000 [ 93.024426][ T7473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 93.026399][ T7473] R13: 0000000000000000 R14: 00007fdcdb545fa0 R15: 00007ffe5e070cb8 [ 93.028455][ T7473] [ 93.046457][ T7471] netlink: 'syz.3.533': attribute type 3 has an invalid length. [ 93.048738][ T7471] netlink: 44 bytes leftover after parsing attributes in process `syz.3.533'. [ 93.078300][ T7478] FAULT_INJECTION: forcing a failure. [ 93.078300][ T7478] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 93.081769][ T7478] CPU: 0 UID: 0 PID: 7478 Comm: syz.1.536 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 93.084818][ T7478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.087524][ T7478] Call Trace: [ 93.088596][ T7478] [ 93.089599][ T7478] dump_stack_lvl+0x16c/0x1f0 [ 93.091190][ T7478] should_fail_ex+0x497/0x5b0 [ 93.092812][ T7478] _copy_from_user+0x2e/0xd0 [ 93.094357][ T7478] copy_msghdr_from_user+0x99/0x160 [ 93.096712][ T7478] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 93.098768][ T7478] ___sys_sendmsg+0xff/0x1e0 [ 93.100645][ T7478] ? __pfx____sys_sendmsg+0x10/0x10 [ 93.102460][ T7478] ? __pfx_lock_release+0x10/0x10 [ 93.104182][ T7478] ? trace_lock_acquire+0x14e/0x1f0 [ 93.106117][ T7478] ? __fget_files+0x206/0x3a0 [ 93.107670][ T7478] __sys_sendmsg+0x16e/0x220 [ 93.109203][ T7478] ? __pfx___sys_sendmsg+0x10/0x10 [ 93.110959][ T7478] do_syscall_64+0xcd/0x250 [ 93.112457][ T7478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.114362][ T7478] RIP: 0033:0x7f27a2f7fed9 [ 93.115805][ T7478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.122103][ T7478] RSP: 002b:00007f27a3e72058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 93.124821][ T7478] RAX: ffffffffffffffda RBX: 00007f27a3145fa0 RCX: 00007f27a2f7fed9 [ 93.127420][ T7478] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 93.130053][ T7478] RBP: 00007f27a3e720a0 R08: 0000000000000000 R09: 0000000000000000 [ 93.132690][ T7478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 93.135329][ T7478] R13: 0000000000000000 R14: 00007f27a3145fa0 R15: 00007fffc0400e98 [ 93.137957][ T7478] [ 93.681190][ T7509] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 93.739494][ T7510] evm: overlay not supported [ 93.851755][ T7516] FAULT_INJECTION: forcing a failure. [ 93.851755][ T7516] name failslab, interval 1, probability 0, space 0, times 0 [ 93.856811][ T7516] CPU: 3 UID: 0 PID: 7516 Comm: syz.0.551 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 93.860715][ T7516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.864346][ T7516] Call Trace: [ 93.865305][ T7516] [ 93.866459][ T7516] dump_stack_lvl+0x16c/0x1f0 [ 93.867807][ T7516] should_fail_ex+0x497/0x5b0 [ 93.869409][ T7516] ? fs_reclaim_acquire+0xae/0x150 [ 93.871197][ T7516] should_failslab+0xc2/0x120 [ 93.872543][ T7516] __kmalloc_cache_noprof+0x68/0x410 [ 93.873441][ T7515] syzkaller0: entered allmulticast mode [ 93.874259][ T7516] ? __filemap_get_folio+0x2a5/0xaf0 [ 93.874292][ T7516] netfs_perform_write+0x186c/0x2140 [ 93.874316][ T7516] ? __pfx_netfs_perform_write+0x10/0x10 [ 93.882991][ T7516] ? __pfx_timestamp_truncate+0x10/0x10 [ 93.884485][ T7516] ? ns_to_timespec64+0x59/0xc0 [ 93.886508][ T7516] ? generic_update_time+0xcf/0xf0 [ 93.888649][ T7516] ? mnt_put_write_access_file+0x45/0xf0 [ 93.891278][ T7516] netfs_file_write_iter+0x432/0x4f0 [ 93.893652][ T7516] v9fs_file_write_iter+0x9b/0x100 [ 93.895933][ T7516] vfs_write+0x5ae/0x1150 [ 93.897953][ T7516] ? __pfx_v9fs_file_write_iter+0x10/0x10 [ 93.900437][ T7516] ? __pfx___mutex_lock+0x10/0x10 [ 93.902699][ T7516] ? __pfx_vfs_write+0x10/0x10 [ 93.904937][ T7516] ksys_write+0x12b/0x250 [ 93.906535][ T7516] ? __pfx_ksys_write+0x10/0x10 [ 93.908611][ T7516] do_syscall_64+0xcd/0x250 [ 93.910665][ T7516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.913294][ T7516] RIP: 0033:0x7fdcdb37fed9 [ 93.915277][ T7516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.923548][ T7516] RSP: 002b:00007fdcdc149058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 93.926709][ T7516] RAX: ffffffffffffffda RBX: 00007fdcdb545fa0 RCX: 00007fdcdb37fed9 [ 93.929855][ T7516] RDX: 0000000000000004 RSI: 0000000020000300 RDI: 0000000000000007 [ 93.932442][ T7516] RBP: 00007fdcdc1490a0 R08: 0000000000000000 R09: 0000000000000000 [ 93.934527][ T7516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 93.936416][ T7516] R13: 0000000000000000 R14: 00007fdcdb545fa0 R15: 00007ffe5e070cb8 [ 93.938375][ T7516] [ 94.101284][ T7520] FAULT_INJECTION: forcing a failure. [ 94.101284][ T7520] name failslab, interval 1, probability 0, space 0, times 0 [ 94.105828][ T7522] syz.0.552: attempt to access beyond end of device [ 94.105828][ T7522] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 94.106272][ T7520] CPU: 0 UID: 0 PID: 7520 Comm: syz.3.553 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 94.108907][ T7522] syz.0.552: attempt to access beyond end of device [ 94.108907][ T7522] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0 [ 94.112141][ T7520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.115261][ T7522] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 94.118590][ T7520] Call Trace: [ 94.118599][ T7520] [ 94.118605][ T7520] dump_stack_lvl+0x16c/0x1f0 [ 94.120856][ T7522] syz.0.552: attempt to access beyond end of device [ 94.120856][ T7522] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 94.121842][ T7520] should_fail_ex+0x497/0x5b0 [ 94.122559][ T7522] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 94.124024][ T7520] ? fs_reclaim_acquire+0xae/0x150 [ 94.127109][ T7522] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found [ 94.128587][ T7520] should_failslab+0xc2/0x120 [ 94.130799][ T7522] UDF-fs: Scanning with blocksize 1024 failed [ 94.132531][ T7520] __kmalloc_noprof+0xcb/0x510 [ 94.132551][ T7520] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 94.141637][ T7520] tomoyo_realpath_from_path+0xb9/0x720 [ 94.143482][ T7520] ? tomoyo_path_number_perm+0x235/0x590 [ 94.145384][ T7520] ? tomoyo_path_number_perm+0x235/0x590 [ 94.147285][ T7520] tomoyo_path_number_perm+0x248/0x590 [ 94.149134][ T7520] ? tomoyo_path_number_perm+0x235/0x590 [ 94.151067][ T7520] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 94.153150][ T7520] ? __pfx_lock_release+0x10/0x10 [ 94.154774][ T7520] ? trace_lock_acquire+0x14e/0x1f0 [ 94.156568][ T7520] ? lock_acquire+0x2f/0xb0 [ 94.158094][ T7520] ? __fget_files+0x40/0x3a0 [ 94.159648][ T7520] ? __fget_files+0x206/0x3a0 [ 94.161272][ T7520] security_file_ioctl+0x9b/0x240 [ 94.163005][ T7520] __x64_sys_ioctl+0xb7/0x200 [ 94.164609][ T7520] do_syscall_64+0xcd/0x250 [ 94.166175][ T7520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.168182][ T7520] RIP: 0033:0x7f214cf7fed9 [ 94.169706][ T7520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.176174][ T7520] RSP: 002b:00007f214dd29058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.178998][ T7520] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7fed9 [ 94.181655][ T7520] RDX: 0000000020000000 RSI: 00000000c008561c RDI: 0000000000000003 [ 94.184323][ T7520] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 94.186981][ T7520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.189591][ T7520] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 94.192257][ T7520] [ 94.195047][ T7520] ERROR: Out of memory at tomoyo_realpath_from_path. [ 94.195595][ T7522] syz.0.552: attempt to access beyond end of device [ 94.195595][ T7522] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0 [ 94.196177][ T7523] FAULT_INJECTION: forcing a failure. [ 94.196177][ T7523] name failslab, interval 1, probability 0, space 0, times 0 [ 94.196202][ T7523] CPU: 1 UID: 0 PID: 7523 Comm: syz.0.552 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 94.196222][ T7523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.196233][ T7523] Call Trace: [ 94.196239][ T7523] [ 94.196247][ T7523] dump_stack_lvl+0x16c/0x1f0 [ 94.196274][ T7523] should_fail_ex+0x497/0x5b0 [ 94.196291][ T7523] ? fs_reclaim_acquire+0xae/0x150 [ 94.196327][ T7523] should_failslab+0xc2/0x120 [ 94.196350][ T7523] __kmalloc_noprof+0xcb/0x510 [ 94.196370][ T7523] ? d_absolute_path+0x137/0x1b0 [ 94.196393][ T7523] ? rcu_is_watching+0x12/0xc0 [ 94.196420][ T7523] tomoyo_encode2+0x100/0x3e0 [ 94.196448][ T7523] tomoyo_encode+0x29/0x50 [ 94.196470][ T7523] tomoyo_realpath_from_path+0x19d/0x720 [ 94.196500][ T7523] tomoyo_path_number_perm+0x248/0x590 [ 94.196519][ T7523] ? tomoyo_path_number_perm+0x235/0x590 [ 94.196542][ T7523] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 94.196585][ T7523] ? __pfx_lock_release+0x10/0x10 [ 94.196604][ T7523] ? trace_lock_acquire+0x14e/0x1f0 [ 94.196632][ T7523] ? lock_acquire+0x2f/0xb0 [ 94.196650][ T7523] ? __fget_files+0x40/0x3a0 [ 94.196672][ T7523] ? __fget_files+0x206/0x3a0 [ 94.196698][ T7523] security_file_ioctl+0x9b/0x240 [ 94.196722][ T7523] __x64_sys_ioctl+0xb7/0x200 [ 94.196749][ T7523] do_syscall_64+0xcd/0x250 [ 94.196772][ T7523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.196797][ T7523] RIP: 0033:0x7fdcdb37fed9 [ 94.200733][ T7522] syz.0.552: attempt to access beyond end of device [ 94.200733][ T7522] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 94.204814][ T7523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.207594][ T7522] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 94.211154][ T7523] RSP: 002b:00007fdcdc128058 EFLAGS: 00000246 [ 94.212411][ T7522] syz.0.552: attempt to access beyond end of device [ 94.212411][ T7522] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 94.213118][ T7523] ORIG_RAX: 0000000000000010 [ 94.214511][ T7522] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 94.216001][ T7523] RAX: ffffffffffffffda RBX: 00007fdcdb546080 RCX: 00007fdcdb37fed9 [ 94.216016][ T7523] RDX: 0000000000000000 RSI: 000000000000ab04 RDI: 0000000000000003 [ 94.216027][ T7523] RBP: 00007fdcdc1280a0 R08: 0000000000000000 R09: 0000000000000000 [ 94.216038][ T7523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.216044][ T7523] R13: 0000000000000000 R14: 00007fdcdb546080 R15: 00007ffe5e070cb8 [ 94.216058][ T7523] [ 94.217520][ T7523] ERROR: Out of memory at tomoyo_realpath_from_path. [ 94.218418][ T7522] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found [ 94.275366][ T7522] UDF-fs: Scanning with blocksize 2048 failed [ 94.277851][ T7522] syz.0.552: attempt to access beyond end of device [ 94.277851][ T7522] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 94.281997][ T7522] syz.0.552: attempt to access beyond end of device [ 94.281997][ T7522] nbd0: rw=0, sector=2048, nr_sectors = 8 limit=0 [ 94.286671][ T7522] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 94.289965][ T7522] syz.0.552: attempt to access beyond end of device [ 94.289965][ T7522] nbd0: rw=0, sector=4096, nr_sectors = 8 limit=0 [ 94.294525][ T7522] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 94.298015][ T7522] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found [ 94.300720][ T7522] UDF-fs: Scanning with blocksize 4096 failed [ 94.302945][ T7522] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1) [ 94.344553][ T7535] FAULT_INJECTION: forcing a failure. [ 94.344553][ T7535] name failslab, interval 1, probability 0, space 0, times 0 [ 94.348654][ T7535] CPU: 2 UID: 0 PID: 7535 Comm: syz.1.559 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 94.351208][ T7535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.353826][ T7535] Call Trace: [ 94.354632][ T7535] [ 94.355498][ T7535] dump_stack_lvl+0x16c/0x1f0 [ 94.356709][ T7535] should_fail_ex+0x497/0x5b0 [ 94.357894][ T7535] ? fs_reclaim_acquire+0xae/0x150 [ 94.359213][ T7535] should_failslab+0xc2/0x120 [ 94.360420][ T7535] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 94.361925][ T7535] ? __alloc_skb+0x2b1/0x380 [ 94.363150][ T7535] __alloc_skb+0x2b1/0x380 [ 94.364255][ T7535] ? __pfx___alloc_skb+0x10/0x10 [ 94.365534][ T7535] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 94.367064][ T7535] netlink_alloc_large_skb+0x69/0x130 [ 94.368376][ T7535] netlink_sendmsg+0x689/0xd70 [ 94.369548][ T7535] ? __pfx_netlink_sendmsg+0x10/0x10 [ 94.370839][ T7535] ____sys_sendmsg+0xaaf/0xc90 [ 94.372013][ T7535] ? copy_msghdr_from_user+0x10b/0x160 [ 94.373334][ T7535] ? __pfx_____sys_sendmsg+0x10/0x10 [ 94.374681][ T7535] ___sys_sendmsg+0x135/0x1e0 [ 94.375911][ T7535] ? __pfx____sys_sendmsg+0x10/0x10 [ 94.377264][ T7535] ? __pfx_lock_release+0x10/0x10 [ 94.378480][ T7535] ? trace_lock_acquire+0x14e/0x1f0 [ 94.379769][ T7535] ? __fget_files+0x206/0x3a0 [ 94.380924][ T7535] __sys_sendmsg+0x16e/0x220 [ 94.382056][ T7535] ? __pfx___sys_sendmsg+0x10/0x10 [ 94.383351][ T7535] do_syscall_64+0xcd/0x250 [ 94.384481][ T7535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.385978][ T7535] RIP: 0033:0x7f27a2f7fed9 [ 94.387111][ T7535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.391877][ T7535] RSP: 002b:00007f27a3e72058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.393959][ T7535] RAX: ffffffffffffffda RBX: 00007f27a3145fa0 RCX: 00007f27a2f7fed9 [ 94.395937][ T7535] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 94.397950][ T7535] RBP: 00007f27a3e720a0 R08: 0000000000000000 R09: 0000000000000000 [ 94.399937][ T7535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.401974][ T7535] R13: 0000000000000000 R14: 00007f27a3145fa0 R15: 00007fffc0400e98 [ 94.404009][ T7535] [ 94.432690][ T7541] netlink: 8 bytes leftover after parsing attributes in process `syz.1.561'. [ 94.453086][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 94.453096][ T39] audit: type=1804 audit(1733702147.627:354): pid=7541 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.561" name="/newroot/127/bus/file0" dev="overlay" ino=673 res=1 errno=0 [ 94.548121][ T7549] FAULT_INJECTION: forcing a failure. [ 94.548121][ T7549] name failslab, interval 1, probability 0, space 0, times 0 [ 94.551245][ T7549] CPU: 0 UID: 0 PID: 7549 Comm: syz.3.564 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 94.553845][ T7549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.556470][ T7549] Call Trace: [ 94.557292][ T7549] [ 94.558064][ T7549] dump_stack_lvl+0x16c/0x1f0 [ 94.559209][ T7549] should_fail_ex+0x497/0x5b0 [ 94.560419][ T7549] ? fs_reclaim_acquire+0xae/0x150 [ 94.561709][ T7549] should_failslab+0xc2/0x120 [ 94.562915][ T7549] __kmalloc_noprof+0xcb/0x510 [ 94.564092][ T7549] ? d_absolute_path+0x137/0x1b0 [ 94.565471][ T7549] ? rcu_is_watching+0x12/0xc0 [ 94.566646][ T7549] tomoyo_encode2+0x100/0x3e0 [ 94.567852][ T7549] tomoyo_encode+0x29/0x50 [ 94.569005][ T7549] tomoyo_realpath_from_path+0x19d/0x720 [ 94.570738][ T7549] tomoyo_path_number_perm+0x248/0x590 [ 94.572624][ T7549] ? tomoyo_path_number_perm+0x235/0x590 [ 94.574635][ T7549] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 94.576955][ T7549] ? __pfx_lock_release+0x10/0x10 [ 94.578725][ T7549] ? trace_lock_acquire+0x14e/0x1f0 [ 94.580552][ T7549] ? lock_acquire+0x2f/0xb0 [ 94.582194][ T7549] ? __fget_files+0x40/0x3a0 [ 94.583675][ T7549] ? __fget_files+0x206/0x3a0 [ 94.584849][ T7549] security_file_ioctl+0x9b/0x240 [ 94.586117][ T7549] __x64_sys_ioctl+0xb7/0x200 [ 94.587271][ T7549] do_syscall_64+0xcd/0x250 [ 94.588390][ T7549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.589842][ T7549] RIP: 0033:0x7f214cf7fed9 [ 94.590974][ T7549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.595757][ T7549] RSP: 002b:00007f214dd29058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.597866][ T7549] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7fed9 [ 94.600090][ T7549] RDX: 0000000020000440 RSI: 0000000000004b72 RDI: 0000000000000003 [ 94.602363][ T7549] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 94.604435][ T7549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.607115][ T7549] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 94.609390][ T7549] [ 94.610401][ T7549] ERROR: Out of memory at tomoyo_realpath_from_path. [ 94.639211][ T7552] FAULT_INJECTION: forcing a failure. [ 94.639211][ T7552] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.642559][ T7552] CPU: 3 UID: 0 PID: 7552 Comm: syz.3.565 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 94.645711][ T7552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.648644][ T7552] Call Trace: [ 94.649722][ T7552] [ 94.650671][ T7552] dump_stack_lvl+0x16c/0x1f0 [ 94.652126][ T7552] should_fail_ex+0x497/0x5b0 [ 94.653643][ T7552] _copy_from_iter+0x2a1/0x1560 [ 94.655128][ T7552] ? __pfx__copy_from_iter+0x10/0x10 [ 94.656744][ T7552] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 94.658255][ T7552] ? tun_build_skb.constprop.0+0x1b8/0x1120 [ 94.659747][ T7552] ? __pfx_lock_release+0x10/0x10 [ 94.661001][ T7552] ? trace_lock_acquire+0x14e/0x1f0 [ 94.662308][ T7552] ? __pfx_lock_release+0x10/0x10 [ 94.663571][ T7552] copy_page_from_iter+0xa5/0x120 [ 94.664796][ T7552] tun_build_skb.constprop.0+0x294/0x1120 [ 94.666596][ T7552] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 94.668259][ T7552] ? __pfx___lock_acquire+0x10/0x10 [ 94.669612][ T7552] ? register_lock_class+0xb1/0x1240 [ 94.671389][ T7552] ? __lock_acquire+0xcc5/0x3c40 [ 94.672996][ T7552] tun_get_user+0x870/0x3e40 [ 94.674196][ T7552] ? find_held_lock+0x2d/0x110 [ 94.675492][ T7552] ? __pfx_tun_get_user+0x10/0x10 [ 94.677324][ T7552] ? find_held_lock+0x2d/0x110 [ 94.678620][ T7552] ? __pfx_lock_release+0x10/0x10 [ 94.679956][ T7552] tun_chr_write_iter+0xdc/0x210 [ 94.681253][ T7552] vfs_write+0x5ae/0x1150 [ 94.682390][ T7552] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 94.684243][ T7552] ? __pfx_vfs_write+0x10/0x10 [ 94.685840][ T7552] ? __fget_files+0x40/0x3a0 [ 94.687438][ T7552] ksys_write+0x12b/0x250 [ 94.688906][ T7552] ? __pfx_ksys_write+0x10/0x10 [ 94.690534][ T7552] do_syscall_64+0xcd/0x250 [ 94.692048][ T7552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.693608][ T7552] RIP: 0033:0x7f214cf7e98f [ 94.694787][ T7552] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 94.699823][ T7552] RSP: 002b:00007f214dd29020 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 94.701986][ T7552] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7e98f [ 94.704051][ T7552] RDX: 0000000000000074 RSI: 0000000020000000 RDI: 00000000000000c8 [ 94.706099][ T7552] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 94.708279][ T7552] R10: 0000000000000074 R11: 0000000000000293 R12: 0000000000000001 [ 94.710328][ T7552] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 94.712415][ T7552] [ 94.728791][ T5946] cgroup: fork rejected by pids controller in /syz1 [ 94.735404][ T7555] openvswitch: netlink: IPv4 tunnel dst address is zero [ 94.791043][ T7559] FAULT_INJECTION: forcing a failure. [ 94.791043][ T7559] name failslab, interval 1, probability 0, space 0, times 0 [ 94.795666][ T7559] CPU: 1 UID: 0 PID: 7559 Comm: syz.3.569 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 94.798417][ T7559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.801159][ T7559] Call Trace: [ 94.802035][ T7559] [ 94.802824][ T7559] dump_stack_lvl+0x16c/0x1f0 [ 94.804066][ T7559] should_fail_ex+0x497/0x5b0 [ 94.805316][ T7559] ? fs_reclaim_acquire+0xae/0x150 [ 94.806672][ T7559] should_failslab+0xc2/0x120 [ 94.807925][ T7559] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 94.809620][ T7559] ? __alloc_skb+0x2b1/0x380 [ 94.810829][ T7559] __alloc_skb+0x2b1/0x380 [ 94.812007][ T7559] ? __pfx___alloc_skb+0x10/0x10 [ 94.813290][ T7559] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 94.814848][ T7559] netlink_alloc_large_skb+0x69/0x130 [ 94.816257][ T7559] netlink_sendmsg+0x689/0xd70 [ 94.817521][ T7559] ? __pfx_netlink_sendmsg+0x10/0x10 [ 94.818930][ T7559] ____sys_sendmsg+0xaaf/0xc90 [ 94.820179][ T7559] ? copy_msghdr_from_user+0x10b/0x160 [ 94.821583][ T7559] ? __pfx_____sys_sendmsg+0x10/0x10 [ 94.822963][ T7559] ___sys_sendmsg+0x135/0x1e0 [ 94.824180][ T7559] ? __pfx____sys_sendmsg+0x10/0x10 [ 94.825525][ T7559] ? __pfx_lock_release+0x10/0x10 [ 94.826863][ T7559] ? trace_lock_acquire+0x14e/0x1f0 [ 94.828235][ T7559] ? __fget_files+0x206/0x3a0 [ 94.829483][ T7559] __sys_sendmsg+0x16e/0x220 [ 94.830689][ T7559] ? __pfx___sys_sendmsg+0x10/0x10 [ 94.832069][ T7559] do_syscall_64+0xcd/0x250 [ 94.833261][ T7559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.834786][ T7559] RIP: 0033:0x7f214cf7fed9 [ 94.835950][ T7559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.841030][ T7559] RSP: 002b:00007f214dd29058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.843186][ T7559] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7fed9 [ 94.845217][ T7559] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 94.847276][ T7559] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 94.849307][ T7559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.851337][ T7559] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 94.853379][ T7559] [ 95.013556][ T1140] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.066665][ T39] audit: type=1400 audit(1733702148.247:355): avc: denied { create } for pid=7564 comm="syz.0.572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 95.074125][ T39] audit: type=1400 audit(1733702148.247:356): avc: denied { ioctl } for pid=7564 comm="syz.0.572" path="socket:[17746]" dev="sockfs" ino=17746 ioctlcmd=0x89ea scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 95.092148][ T1140] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.176305][ T5943] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.182367][ T5943] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.189691][ T5943] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.196554][ T5943] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.196779][ T1140] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.198993][ T5943] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 95.204230][ T5943] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.211582][ T39] audit: type=1400 audit(1733702148.387:357): avc: denied { mounton } for pid=7575 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 95.241413][ T7578] FAULT_INJECTION: forcing a failure. [ 95.241413][ T7578] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.245109][ T7578] CPU: 2 UID: 0 PID: 7578 Comm: syz.2.577 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 95.248727][ T7578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.252616][ T7578] Call Trace: [ 95.253790][ T7578] [ 95.254848][ T7578] dump_stack_lvl+0x16c/0x1f0 [ 95.256560][ T7578] should_fail_ex+0x497/0x5b0 [ 95.258259][ T7578] _copy_to_user+0x32/0xd0 [ 95.259928][ T7578] simple_read_from_buffer+0xd0/0x160 [ 95.261901][ T7578] proc_fail_nth_read+0x198/0x270 [ 95.263806][ T7578] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 95.265865][ T7578] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 95.267838][ T7578] vfs_read+0x1df/0xbe0 [ 95.269327][ T7578] ? __fget_files+0x1fc/0x3a0 [ 95.270966][ T7578] ? __pfx___mutex_lock+0x10/0x10 [ 95.272724][ T7578] ? __pfx_vfs_read+0x10/0x10 [ 95.274093][ T7578] ? __fget_files+0x206/0x3a0 [ 95.275277][ T7578] ksys_read+0x12b/0x250 [ 95.276324][ T7578] ? __pfx_ksys_read+0x10/0x10 [ 95.277629][ T7578] do_syscall_64+0xcd/0x250 [ 95.278766][ T7578] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.280235][ T7578] RIP: 0033:0x7fb9b537e8ec [ 95.281323][ T7578] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 95.286118][ T7578] RSP: 002b:00007fb9b6214050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 95.288131][ T7578] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537e8ec [ 95.290049][ T7578] RDX: 000000000000000f RSI: 00007fb9b62140b0 RDI: 0000000000000004 [ 95.292070][ T7578] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 95.294094][ T7578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.296136][ T7578] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 95.298727][ T7578] [ 95.340207][ T1140] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.382972][ T7575] chnl_net:caif_netlink_parms(): no params data found [ 95.481931][ T7575] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.483828][ T7575] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.491524][ T7575] bridge_slave_0: entered allmulticast mode [ 95.493762][ T7575] bridge_slave_0: entered promiscuous mode [ 95.507469][ T7575] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.513058][ T7575] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.517700][ T7575] bridge_slave_1: entered allmulticast mode [ 95.520920][ T7575] bridge_slave_1: entered promiscuous mode [ 95.561365][ T7575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.573682][ T7575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.588367][ T1140] bridge_slave_1: left allmulticast mode [ 95.590007][ T1140] bridge_slave_1: left promiscuous mode [ 95.592222][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.601133][ T1140] bridge_slave_0: left allmulticast mode [ 95.602686][ T1140] bridge_slave_0: left promiscuous mode [ 95.604293][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.730855][ T7603] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 95.771923][ T7607] FAULT_INJECTION: forcing a failure. [ 95.771923][ T7607] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.772899][ T39] audit: type=1400 audit(1733702148.947:358): avc: denied { mounton } for pid=7606 comm="syz.3.586" path="/proc/373/task" dev="proc" ino=19567 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 95.784051][ T7607] CPU: 3 UID: 3327 PID: 7607 Comm: syz.3.586 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 95.787702][ T7607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.791281][ T7607] Call Trace: [ 95.792419][ T7607] [ 95.793425][ T7607] dump_stack_lvl+0x16c/0x1f0 [ 95.795027][ T7607] should_fail_ex+0x497/0x5b0 [ 95.795993][ T5949] Bluetooth: hci2: unexpected event for opcode 0x0c26 [ 95.796601][ T7607] _copy_to_iter+0x469/0x1560 [ 95.800131][ T7607] ? __pfx__copy_to_iter+0x10/0x10 [ 95.801893][ T7607] ? __virt_addr_valid+0x1a4/0x590 [ 95.803627][ T7607] ? __virt_addr_valid+0x5e/0x590 [ 95.805308][ T7607] ? __phys_addr_symbol+0x30/0x80 [ 95.807023][ T7607] ? __check_object_size+0x488/0x710 [ 95.808739][ T7607] seq_read_iter+0x725/0x12b0 [ 95.810298][ T7607] seq_read+0x39f/0x4e0 [ 95.811679][ T7607] ? __pfx_seq_read+0x10/0x10 [ 95.813239][ T7607] ? inode_security+0x101/0x130 [ 95.814843][ T7607] ? avc_policy_seqno+0x9/0x20 [ 95.816387][ T7607] ? __pfx_seq_read+0x10/0x10 [ 95.817899][ T7607] vfs_read+0x1df/0xbe0 [ 95.819242][ T7607] ? __fget_files+0x1fc/0x3a0 [ 95.820750][ T7607] ? __pfx_lock_release+0x10/0x10 [ 95.822408][ T7607] ? __pfx_vfs_read+0x10/0x10 [ 95.824043][ T7607] ? lock_acquire+0x2f/0xb0 [ 95.825684][ T7607] ? __fget_files+0x40/0x3a0 [ 95.827281][ T7607] ? __fget_files+0x206/0x3a0 [ 95.828897][ T7607] __x64_sys_pread64+0x1f6/0x250 [ 95.830594][ T7607] ? __pfx___x64_sys_pread64+0x10/0x10 [ 95.832489][ T7607] do_syscall_64+0xcd/0x250 [ 95.834079][ T7607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.836114][ T7607] RIP: 0033:0x7f214cf7fed9 [ 95.837638][ T7607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.844171][ T7607] RSP: 002b:00007f214dd29058 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 95.847037][ T7607] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7fed9 [ 95.849695][ T7607] RDX: 000000000000000f RSI: 0000000020000140 RDI: 0000000000000005 [ 95.852351][ T7607] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 95.855036][ T7607] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 95.857720][ T7607] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 95.860418][ T7607] [ 95.913510][ T7615] program syz.0.589 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 96.080536][ T1140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.085181][ T1140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 96.089005][ T1140] bond0 (unregistering): Released all slaves [ 96.125392][ T39] audit: type=1400 audit(1733702149.297:359): avc: denied { create } for pid=7614 comm="syz.0.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 96.131474][ T39] audit: type=1400 audit(1733702149.307:360): avc: denied { ioctl } for pid=7614 comm="syz.0.589" path="socket:[18533]" dev="sockfs" ino=18533 ioctlcmd=0x8b32 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 96.136195][ T7575] team0: Port device team_slave_0 added [ 96.143314][ T7575] team0: Port device team_slave_1 added [ 96.149357][ T7620] FAULT_INJECTION: forcing a failure. [ 96.149357][ T7620] name failslab, interval 1, probability 0, space 0, times 0 [ 96.152809][ T7620] CPU: 1 UID: 0 PID: 7620 Comm: syz.3.590 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 96.155538][ T7620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.158174][ T7620] Call Trace: [ 96.159031][ T7620] [ 96.159772][ T7620] dump_stack_lvl+0x16c/0x1f0 [ 96.161011][ T7620] should_fail_ex+0x497/0x5b0 [ 96.162239][ T7620] ? rcu_is_watching+0x12/0xc0 [ 96.163504][ T7620] should_failslab+0xc2/0x120 [ 96.164736][ T7620] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 96.166150][ T7620] ? lock_acquire+0x2f/0xb0 [ 96.167345][ T7620] ? __inet_hash_connect+0x69f/0x1900 [ 96.168739][ T7620] ? __inet_hash_connect+0x918/0x1900 [ 96.170135][ T7620] __inet_hash_connect+0x918/0x1900 [ 96.171517][ T7620] ? __pfx___inet6_check_established+0x10/0x10 [ 96.173114][ T7620] ? __pfx___inet_hash_connect+0x10/0x10 [ 96.174576][ T7620] ? rcu_is_watching+0x12/0xc0 [ 96.175841][ T7620] dccp_v6_connect+0x9fb/0x1560 [ 96.177111][ T7620] ? __pfx_dccp_v6_connect+0x10/0x10 [ 96.178510][ T7620] ? __pfx_mark_lock+0x10/0x10 [ 96.179747][ T7620] __inet_stream_connect+0x3c7/0x1020 [ 96.181161][ T7620] ? find_held_lock+0x2d/0x110 [ 96.182420][ T7620] ? __pfx___inet_stream_connect+0x10/0x10 [ 96.183951][ T7620] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 96.185347][ T7620] ? __pfx_inet_stream_connect+0x10/0x10 [ 96.186805][ T7620] ? mark_held_locks+0x9f/0xe0 [ 96.188061][ T7620] ? __local_bh_enable_ip+0xa4/0x120 [ 96.189430][ T7620] ? __pfx_inet_stream_connect+0x10/0x10 [ 96.190903][ T7620] inet_stream_connect+0x57/0xa0 [ 96.192158][ T7620] __sys_connect_file+0x13e/0x1a0 [ 96.193470][ T7620] __sys_connect+0x14f/0x170 [ 96.194678][ T7620] ? __pfx___sys_connect+0x10/0x10 [ 96.196028][ T7620] ? __pfx_ksys_write+0x10/0x10 [ 96.197305][ T7620] __x64_sys_connect+0x72/0xb0 [ 96.198555][ T7620] ? lockdep_hardirqs_on+0x7c/0x110 [ 96.199912][ T7620] do_syscall_64+0xcd/0x250 [ 96.201136][ T7620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.202664][ T7620] RIP: 0033:0x7f214cf7fed9 [ 96.203801][ T7620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.208524][ T7620] RSP: 002b:00007f214dd08058 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 96.210582][ T7620] RAX: ffffffffffffffda RBX: 00007f214d146080 RCX: 00007f214cf7fed9 [ 96.212467][ T7620] RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000006 [ 96.214382][ T7620] RBP: 00007f214dd080a0 R08: 0000000000000000 R09: 0000000000000000 [ 96.216358][ T7620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 96.218304][ T7620] R13: 0000000000000000 R14: 00007f214d146080 R15: 00007ffca096b718 [ 96.220303][ T7620] [ 96.247751][ T7575] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.249549][ T7575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.256059][ T7575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.259684][ T7575] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.261817][ T7575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.272103][ T7575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.353368][ T7575] hsr_slave_0: entered promiscuous mode [ 96.355888][ T7575] hsr_slave_1: entered promiscuous mode [ 96.357661][ T7575] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.359624][ T7575] Cannot create hsr debugfs directory [ 96.548471][ T1140] hsr_slave_0: left promiscuous mode [ 96.555616][ T1140] hsr_slave_1: left promiscuous mode [ 96.558870][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 96.575098][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 96.584727][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 96.587046][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 96.603293][ T1140] veth1_macvtap: left promiscuous mode [ 96.605385][ T1140] veth0_macvtap: left promiscuous mode [ 96.606999][ T1140] veth1_vlan: left promiscuous mode [ 96.609354][ T1140] veth0_vlan: left promiscuous mode [ 97.091362][ T7654] FAULT_INJECTION: forcing a failure. [ 97.091362][ T7654] name failslab, interval 1, probability 0, space 0, times 0 [ 97.095707][ T7654] CPU: 2 UID: 0 PID: 7654 Comm: syz.3.596 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 97.098941][ T7654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.101752][ T7654] Call Trace: [ 97.102901][ T7654] [ 97.103778][ T7654] dump_stack_lvl+0x16c/0x1f0 [ 97.104997][ T7654] should_fail_ex+0x497/0x5b0 [ 97.106296][ T7654] ? fs_reclaim_acquire+0xae/0x150 [ 97.107717][ T7654] should_failslab+0xc2/0x120 [ 97.108935][ T7654] __kmalloc_noprof+0xcb/0x510 [ 97.110132][ T7654] ? rcu_is_watching+0x12/0xc0 [ 97.111361][ T7654] tomoyo_encode2+0x100/0x3e0 [ 97.112594][ T7654] tomoyo_encode+0x29/0x50 [ 97.113761][ T7654] tomoyo_realpath_from_path+0x19d/0x720 [ 97.115607][ T7654] ? tomoyo_path_number_perm+0x235/0x590 [ 97.117519][ T7654] tomoyo_path_number_perm+0x248/0x590 [ 97.119797][ T7654] ? tomoyo_path_number_perm+0x235/0x590 [ 97.122175][ T7654] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 97.124730][ T7654] ? __pfx_lock_release+0x10/0x10 [ 97.126430][ T7654] ? trace_lock_acquire+0x14e/0x1f0 [ 97.128123][ T7654] ? lock_acquire+0x2f/0xb0 [ 97.129644][ T7654] ? __fget_files+0x40/0x3a0 [ 97.131218][ T7654] ? __fget_files+0x206/0x3a0 [ 97.133121][ T7654] security_file_ioctl+0x9b/0x240 [ 97.135427][ T7654] __x64_sys_ioctl+0xb7/0x200 [ 97.135457][ T7654] do_syscall_64+0xcd/0x250 [ 97.135483][ T7654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.135507][ T7654] RIP: 0033:0x7f214cf7fed9 [ 97.135523][ T7654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.135539][ T7654] RSP: 002b:00007f214dd29058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 97.135557][ T7654] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7fed9 [ 97.135572][ T7654] RDX: 0000000000000000 RSI: 00000000801c581f RDI: 0000000000000004 [ 97.135584][ T7654] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 97.135594][ T7654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.135605][ T7654] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 97.135629][ T7654] [ 97.137942][ T7654] ERROR: Out of memory at tomoyo_realpath_from_path. [ 97.231606][ T7661] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 97.257893][ T5949] Bluetooth: hci3: command tx timeout [ 97.354394][ T1140] team0 (unregistering): Port device team_slave_1 removed [ 97.419132][ T1140] team0 (unregistering): Port device team_slave_0 removed [ 97.914490][ T5949] Bluetooth: hci1: unexpected event for opcode 0x2043 [ 97.971656][ T39] audit: type=1400 audit(1733702151.147:361): avc: denied { ioctl } for pid=7678 comm="syz.2.604" path="socket:[17844]" dev="sockfs" ino=17844 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 98.049479][ T7685] overlay: ./file0 is not a directory [ 98.160239][ T39] audit: type=1400 audit(1733702151.337:362): avc: denied { mount } for pid=7688 comm="syz.3.607" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 98.197348][ T7692] openvswitch: netlink: Flow actions attr not present in new flow. [ 98.236895][ T39] audit: type=1400 audit(1733702151.407:363): avc: denied { create } for pid=7696 comm="syz.2.610" name="blkio.bfq.io_wait_time" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 98.285149][ T7575] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.289508][ T7575] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.292978][ T7575] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.301068][ T7575] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.329261][ T7575] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.338905][ T7575] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.348010][ T1235] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.350314][ T1235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.365921][ T77] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.367740][ T77] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.371851][ T7702] FAULT_INJECTION: forcing a failure. [ 98.371851][ T7702] name failslab, interval 1, probability 0, space 0, times 0 [ 98.374331][ T7715] process 'syz.2.613' launched './file1' with NULL argv: empty string added [ 98.383306][ T7702] CPU: 3 UID: 0 PID: 7702 Comm: syz.0.611 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 98.386347][ T7702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.389150][ T7702] Call Trace: [ 98.390016][ T7702] [ 98.390793][ T7702] dump_stack_lvl+0x16c/0x1f0 [ 98.392043][ T7702] should_fail_ex+0x497/0x5b0 [ 98.393313][ T7702] ? fs_reclaim_acquire+0xae/0x150 [ 98.394629][ T7702] should_failslab+0xc2/0x120 [ 98.395849][ T7702] __kmalloc_node_noprof+0xd1/0x510 [ 98.397179][ T7702] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 98.398563][ T7702] ? __pfx_mark_lock+0x10/0x10 [ 98.399766][ T7702] __kvmalloc_node_noprof+0xad/0x1a0 [ 98.401081][ T7702] __kvm_mmu_topup_memory_cache+0x451/0x600 [ 98.402845][ T7702] ? vcpu_run+0x1aab/0x4f50 [ 98.404145][ T7702] mmu_topup_memory_caches+0x22/0xd0 [ 98.405470][ T7702] kvm_mmu_load+0xda/0x21f0 [ 98.406644][ T7702] ? mark_held_locks+0x9f/0xe0 [ 98.407854][ T7702] ? kvm_apic_has_interrupt+0xb6/0x190 [ 98.409222][ T7702] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 98.410752][ T7702] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 98.412331][ T7702] ? __pfx_kvm_mmu_load+0x10/0x10 [ 98.413659][ T7702] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 98.415204][ T7702] ? kvm_check_and_inject_events+0x725/0x12e0 [ 98.416807][ T7702] ? record_steal_time+0x51/0xbe0 [ 98.418143][ T7702] vcpu_run+0x33a4/0x4f50 [ 98.418486][ T7718] syz.2.614: attempt to access beyond end of device [ 98.418486][ T7718] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0 [ 98.419236][ T7702] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 98.422989][ T7718] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 98.424242][ T7702] ? __pfx_vcpu_run+0x10/0x10 [ 98.428531][ T7718] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 98.428643][ T7702] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 98.431202][ T7718] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found [ 98.432643][ T7702] ? rcu_is_watching+0x12/0xc0 [ 98.436468][ T7702] ? trace_lock_acquire+0x14e/0x1f0 [ 98.437032][ T7718] UDF-fs: Scanning with blocksize 512 failed [ 98.437800][ T7702] ? __local_bh_enable_ip+0xa4/0x120 [ 98.441207][ T7702] ? lockdep_hardirqs_on+0x7c/0x110 [ 98.442614][ T7702] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 98.444098][ T7702] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 98.445562][ T7702] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 98.447025][ T7702] kvm_vcpu_ioctl+0x6ce/0x1520 [ 98.448243][ T7702] ? do_vfs_ioctl+0x513/0x1990 [ 98.449507][ T7702] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 98.450831][ T7702] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 98.452526][ T7702] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 98.454201][ T7702] ? __pfx_lock_release+0x10/0x10 [ 98.455465][ T7702] ? selinux_file_ioctl+0x180/0x270 [ 98.456793][ T7702] ? selinux_file_ioctl+0xb4/0x270 [ 98.458162][ T7702] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 98.459489][ T7702] __x64_sys_ioctl+0x190/0x200 [ 98.460739][ T7702] do_syscall_64+0xcd/0x250 [ 98.461873][ T7702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.463392][ T7702] RIP: 0033:0x7fdcdb37fed9 [ 98.464496][ T7702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 98.469357][ T7702] RSP: 002b:00007fdcdc149058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 98.471563][ T7702] RAX: ffffffffffffffda RBX: 00007fdcdb545fa0 RCX: 00007fdcdb37fed9 [ 98.473644][ T7702] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 98.475163][ T8] usb 8-1: new low-speed USB device number 13 using dummy_hcd [ 98.475780][ T7702] RBP: 00007fdcdc1490a0 R08: 0000000000000000 R09: 0000000000000000 [ 98.475790][ T7702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 98.475798][ T7702] R13: 0000000000000000 R14: 00007fdcdb545fa0 R15: 00007ffe5e070cb8 [ 98.475812][ T7702] [ 98.478235][ T7718] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 98.487003][ T7575] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 98.487023][ T7575] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.500180][ T7718] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 98.503442][ T7718] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found [ 98.507125][ T7718] UDF-fs: Scanning with blocksize 1024 failed [ 98.510435][ T7718] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 98.513106][ T7718] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 98.515558][ T7718] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found [ 98.517396][ T7718] UDF-fs: Scanning with blocksize 2048 failed [ 98.528639][ T7718] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 98.532521][ T7718] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 98.535445][ T7718] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found [ 98.537445][ T7718] UDF-fs: Scanning with blocksize 4096 failed [ 98.539339][ T7718] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 98.596217][ T7575] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.608707][ T7575] veth0_vlan: entered promiscuous mode [ 98.611992][ T7575] veth1_vlan: entered promiscuous mode [ 98.623959][ T7575] veth0_macvtap: entered promiscuous mode [ 98.626720][ T7575] veth1_macvtap: entered promiscuous mode [ 98.633672][ T7575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.637192][ T7575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.639501][ T7575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.642045][ T7575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.644453][ T7575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.648174][ T7575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.652808][ T8] usb 8-1: unable to get BOS descriptor or descriptor too short [ 98.655714][ T7575] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.658453][ T8] usb 8-1: config 1 has an invalid interface number: 222 but max is 0 [ 98.660469][ T8] usb 8-1: config 1 has no interface number 0 [ 98.662021][ T8] usb 8-1: config 1 interface 222 altsetting 7 endpoint 0xD has invalid maxpacket 1024, setting to 8 [ 98.664769][ T8] usb 8-1: config 1 interface 222 has no altsetting 0 [ 98.675040][ T7575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.678022][ T7575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.680620][ T7575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.684499][ T7575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.687422][ T8] usb 8-1: string descriptor 0 read error: -22 [ 98.689081][ T8] usb 8-1: New USB device found, idVendor=19d2, idProduct=1057, bcdDevice= 9.6c [ 98.691342][ T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 98.696359][ T7689] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 98.698691][ T7575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.699562][ T8] option 8-1:1.222: GSM modem (1-port) converter detected [ 98.701521][ T7575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.702083][ T7575] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.705408][ T5949] Bluetooth: hci2: unexpected event for opcode 0x0c26 [ 98.709627][ T7575] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.711990][ T7575] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.714237][ T7575] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.716578][ T7575] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.755307][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.757921][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.774183][ T1235] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.776235][ T1235] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.902190][ T7689] netlink: 28 bytes leftover after parsing attributes in process `syz.3.607'. [ 98.904619][ T7689] netlink: 'syz.3.607': attribute type 7 has an invalid length. [ 98.906733][ T7689] netlink: 'syz.3.607': attribute type 8 has an invalid length. [ 98.908698][ T7689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.607'. [ 98.918446][ T7689] ip6gretap0: entered promiscuous mode [ 98.920601][ T7689] batadv_slave_1: entered promiscuous mode [ 98.925427][ T7689] gretap0: entered promiscuous mode [ 98.935459][ T73] usb 8-1: USB disconnect, device number 13 [ 98.938744][ T73] option 8-1:1.222: device disconnected [ 99.141205][ T7758] netlink: 36 bytes leftover after parsing attributes in process `syz.0.626'. [ 99.345053][ T5949] Bluetooth: hci3: command tx timeout [ 99.474363][ T39] kauditd_printk_skb: 8 callbacks suppressed [ 99.474374][ T39] audit: type=1400 audit(1733702152.647:372): avc: denied { unmount } for pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 99.851205][ T39] audit: type=1400 audit(1733702153.027:373): avc: denied { write } for pid=7769 comm="syz.2.629" name="vlan0" dev="proc" ino=4026533669 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 100.201969][ T7773] netlink: 12 bytes leftover after parsing attributes in process `syz.3.630'. [ 100.265848][ T7781] netlink: 8 bytes leftover after parsing attributes in process `syz.3.633'. [ 100.340712][ T7790] overlay: ./file0 is not a directory [ 100.349865][ T39] audit: type=1400 audit(1733702153.527:374): avc: denied { create } for pid=7788 comm="syz.2.635" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1 [ 100.422293][ T7801] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 100.490241][ T7807] FAULT_INJECTION: forcing a failure. [ 100.490241][ T7807] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 100.493621][ T7807] CPU: 0 UID: 0 PID: 7807 Comm: syz.0.639 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 100.496620][ T7807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.499503][ T7807] Call Trace: [ 100.500391][ T7807] [ 100.501180][ T7807] dump_stack_lvl+0x16c/0x1f0 [ 100.502435][ T7807] should_fail_ex+0x497/0x5b0 [ 100.503694][ T7807] __kvm_read_guest_page+0x16b/0x210 [ 100.505096][ T7807] kvm_fetch_guest_virt+0x128/0x1a0 [ 100.506493][ T7807] __do_insn_fetch_bytes+0x420/0x6d0 [ 100.507898][ T7807] ? __pfx___do_insn_fetch_bytes+0x10/0x10 [ 100.509476][ T7807] ? __pfx___lock_acquire+0x10/0x10 [ 100.510883][ T7807] ? find_held_lock+0x2d/0x110 [ 100.512159][ T7807] x86_decode_insn+0xb91/0x5530 [ 100.513460][ T7807] ? vmx_segment_cache_test_set+0x14b/0x400 [ 100.515035][ T7807] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 100.516602][ T7807] ? __pfx_x86_decode_insn+0x10/0x10 [ 100.517948][ T7807] ? vmx_cache_reg+0x333/0x5e0 [ 100.519213][ T7807] ? kvm_register_read_raw+0xe9/0x240 [ 100.520626][ T7807] ? init_decode_cache+0xd/0x210 [ 100.521925][ T7807] ? init_emulate_ctxt+0x338/0x510 [ 100.523292][ T7807] ? __pfx_init_emulate_ctxt+0x10/0x10 [ 100.524725][ T7807] ? mark_lock+0xb5/0xc60 [ 100.525877][ T7807] x86_emulate_instruction+0x975/0x1a50 [ 100.527357][ T7807] handle_ud+0x104/0x280 [ 100.528513][ T7807] ? __pfx_handle_ud+0x10/0x10 [ 100.529795][ T7807] handle_exception_nmi+0x83e/0x1410 [ 100.531193][ T7807] ? trace_lock_acquire+0x14e/0x1f0 [ 100.532568][ T7807] ? __pfx_handle_exception_nmi+0x10/0x10 [ 100.534056][ T7807] vmx_handle_exit+0x733/0x1f70 [ 100.535350][ T7807] vcpu_run+0x3047/0x4f50 [ 100.536507][ T7807] ? __pfx_vcpu_run+0x10/0x10 [ 100.537762][ T7807] ? complete_emulated_mmio+0x394/0x7f0 [ 100.539269][ T7807] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 100.540763][ T7807] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 100.542436][ T7807] kvm_vcpu_ioctl+0x6ce/0x1520 [ 100.543735][ T7807] ? do_vfs_ioctl+0x513/0x1990 [ 100.545008][ T7807] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 100.547024][ T7807] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 100.549291][ T7807] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 100.551515][ T7807] ? __pfx_lock_release+0x10/0x10 [ 100.553293][ T7807] ? selinux_file_ioctl+0x180/0x270 [ 100.555068][ T7807] ? selinux_file_ioctl+0xb4/0x270 [ 100.556441][ T7807] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 100.557708][ T7807] __x64_sys_ioctl+0x190/0x200 [ 100.558891][ T7807] do_syscall_64+0xcd/0x250 [ 100.559998][ T7807] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.561427][ T7807] RIP: 0033:0x7fdcdb37fed9 [ 100.562527][ T7807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.564794][ T7820] netlink: 8 bytes leftover after parsing attributes in process `syz.3.641'. [ 100.567827][ T7807] RSP: 002b:00007fdcdc149058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 100.567852][ T7807] RAX: ffffffffffffffda RBX: 00007fdcdb545fa0 RCX: 00007fdcdb37fed9 [ 100.567865][ T7807] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006 [ 100.567876][ T7807] RBP: 00007fdcdc1490a0 R08: 0000000000000000 R09: 0000000000000000 [ 100.567888][ T7807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.567900][ T7807] R13: 0000000000000000 R14: 00007fdcdb545fa0 R15: 00007ffe5e070cb8 [ 100.567924][ T7807] [ 100.798049][ T7849] warning: `syz.3.646' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 100.924731][ T7862] FAULT_INJECTION: forcing a failure. [ 100.924731][ T7862] name failslab, interval 1, probability 0, space 0, times 0 [ 100.928829][ T7862] CPU: 2 UID: 0 PID: 7862 Comm: syz.0.648 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 100.931594][ T7862] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.934406][ T7862] Call Trace: [ 100.935271][ T7862] [ 100.936078][ T7862] dump_stack_lvl+0x16c/0x1f0 [ 100.937384][ T7862] should_fail_ex+0x497/0x5b0 [ 100.938625][ T7862] ? fs_reclaim_acquire+0xae/0x150 [ 100.940081][ T7862] should_failslab+0xc2/0x120 [ 100.941328][ T7862] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 100.942816][ T7862] ? __alloc_skb+0x2b1/0x380 [ 100.944084][ T7862] __alloc_skb+0x2b1/0x380 [ 100.945309][ T7862] ? __pfx___alloc_skb+0x10/0x10 [ 100.946743][ T7862] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 100.948485][ T7862] netlink_alloc_large_skb+0x69/0x130 [ 100.949989][ T7862] netlink_sendmsg+0x689/0xd70 [ 100.951300][ T7862] ? __pfx_netlink_sendmsg+0x10/0x10 [ 100.952725][ T7862] ____sys_sendmsg+0xaaf/0xc90 [ 100.954084][ T7862] ? copy_msghdr_from_user+0x10b/0x160 [ 100.955633][ T7862] ? __pfx_____sys_sendmsg+0x10/0x10 [ 100.957035][ T7862] ___sys_sendmsg+0x135/0x1e0 [ 100.958346][ T7862] ? __pfx____sys_sendmsg+0x10/0x10 [ 100.959747][ T7862] ? __pfx_lock_release+0x10/0x10 [ 100.961115][ T7862] ? trace_lock_acquire+0x14e/0x1f0 [ 100.962441][ T7862] ? __fget_files+0x206/0x3a0 [ 100.963720][ T7862] __sys_sendmsg+0x16e/0x220 [ 100.964909][ T7862] ? __pfx___sys_sendmsg+0x10/0x10 [ 100.966215][ T7862] do_syscall_64+0xcd/0x250 [ 100.967425][ T7862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.968996][ T7862] RIP: 0033:0x7fdcdb37fed9 [ 100.970138][ T7862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.975199][ T7862] RSP: 002b:00007fdcdc149058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 100.977311][ T7862] RAX: ffffffffffffffda RBX: 00007fdcdb545fa0 RCX: 00007fdcdb37fed9 [ 100.979308][ T7862] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005 [ 100.981276][ T7862] RBP: 00007fdcdc1490a0 R08: 0000000000000000 R09: 0000000000000000 [ 100.983266][ T7862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.985254][ T7862] R13: 0000000000000000 R14: 00007fdcdb545fa0 R15: 00007ffe5e070cb8 [ 100.987415][ T7862] [ 101.035508][ T39] audit: type=1400 audit(1733702154.217:375): avc: denied { ioctl } for pid=7872 comm="syz.0.649" path="socket:[20595]" dev="sockfs" ino=20595 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 101.101178][ T39] audit: type=1400 audit(1733702154.277:376): avc: denied { ioctl } for pid=7888 comm="syz.3.653" path="socket:[19881]" dev="sockfs" ino=19881 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 101.153098][ T7900] FAULT_INJECTION: forcing a failure. [ 101.153098][ T7900] name failslab, interval 1, probability 0, space 0, times 0 [ 101.157754][ T7900] CPU: 1 UID: 0 PID: 7900 Comm: syz.3.656 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 101.160498][ T7900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.163339][ T7900] Call Trace: [ 101.164206][ T7900] [ 101.165021][ T7900] dump_stack_lvl+0x16c/0x1f0 [ 101.166254][ T7900] should_fail_ex+0x497/0x5b0 [ 101.167494][ T7900] ? fs_reclaim_acquire+0xae/0x150 [ 101.168840][ T7900] should_failslab+0xc2/0x120 [ 101.170277][ T7900] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 101.171839][ T7900] ? __alloc_skb+0x2b1/0x380 [ 101.173035][ T7900] ? __pfx_mark_lock+0x10/0x10 [ 101.174271][ T7900] __alloc_skb+0x2b1/0x380 [ 101.175476][ T7900] ? __pfx___alloc_skb+0x10/0x10 [ 101.176763][ T7900] ? find_held_lock+0x2d/0x110 [ 101.178027][ T7900] ? __might_fault+0x13b/0x190 [ 101.179294][ T7900] alloc_skb_with_frags+0xe4/0x850 [ 101.180700][ T7900] ? __might_fault+0xe3/0x190 [ 101.181875][ T7900] sock_alloc_send_pskb+0x7f1/0x980 [ 101.183130][ T7900] ? _copy_from_iter+0x15e/0x1560 [ 101.184440][ T7900] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 101.185850][ T7900] ? __lock_acquire+0xcc5/0x3c40 [ 101.187094][ T7900] ? hlock_class+0x4e/0x130 [ 101.188231][ T7900] ? __lock_acquire+0xcc5/0x3c40 [ 101.189540][ T7900] ? iov_iter_advance+0x7d/0x6c0 [ 101.190870][ T7900] tun_get_user+0xd3b/0x3e40 [ 101.192039][ T7900] ? find_held_lock+0x2d/0x110 [ 101.193283][ T7900] ? __pfx_tun_get_user+0x10/0x10 [ 101.194545][ T7900] ? find_held_lock+0x2d/0x110 [ 101.195767][ T7900] ? __pfx_lock_release+0x10/0x10 [ 101.197040][ T7900] tun_chr_write_iter+0xdc/0x210 [ 101.198261][ T7900] vfs_write+0x5ae/0x1150 [ 101.199359][ T7900] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 101.200736][ T7900] ? __pfx_vfs_write+0x10/0x10 [ 101.201922][ T7900] ? __fget_files+0x40/0x3a0 [ 101.203119][ T7900] ksys_write+0x12b/0x250 [ 101.204229][ T7900] ? __pfx_ksys_write+0x10/0x10 [ 101.205462][ T7900] do_syscall_64+0xcd/0x250 [ 101.206589][ T7900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.208444][ T7900] RIP: 0033:0x7f214cf7fed9 [ 101.209968][ T7900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.216562][ T7900] RSP: 002b:00007f214dd29058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 101.219528][ T7900] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7fed9 [ 101.222186][ T7900] RDX: 000000000000004e RSI: 0000000020000500 RDI: 0000000000000003 [ 101.224404][ T7900] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 101.227212][ T7900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.229998][ T7900] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 101.232614][ T7900] [ 101.324457][ T39] audit: type=1400 audit(1733702154.497:377): avc: denied { create } for pid=7910 comm="syz.0.659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 101.330063][ T7911] team0: entered allmulticast mode [ 101.331547][ T7911] team_slave_0: entered allmulticast mode [ 101.333117][ T7911] team_slave_1: entered allmulticast mode [ 101.334644][ T39] audit: type=1400 audit(1733702154.497:378): avc: denied { accept } for pid=7910 comm="syz.0.659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 101.371169][ T7916] FAULT_INJECTION: forcing a failure. [ 101.371169][ T7916] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 101.373212][ T7918] FAULT_INJECTION: forcing a failure. [ 101.373212][ T7918] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 101.374675][ T7916] CPU: 3 UID: 0 PID: 7916 Comm: syz.2.661 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 101.381498][ T7916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.384542][ T7916] Call Trace: [ 101.385448][ T7916] [ 101.386254][ T7916] dump_stack_lvl+0x16c/0x1f0 [ 101.387533][ T7916] should_fail_ex+0x497/0x5b0 [ 101.388794][ T7916] _copy_from_user+0x2e/0xd0 [ 101.390027][ T7916] wext_handle_ioctl+0xc5/0x2b0 [ 101.391397][ T7916] ? __pfx_wext_handle_ioctl+0x10/0x10 [ 101.392837][ T7916] ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 101.395186][ T7916] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 101.397660][ T7916] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 101.400174][ T7916] sock_ioctl+0x3a6/0x6c0 [ 101.401724][ T7916] ? __pfx_sock_ioctl+0x10/0x10 [ 101.403287][ T7916] ? selinux_file_ioctl+0x180/0x270 [ 101.404838][ T7916] ? selinux_file_ioctl+0xb4/0x270 [ 101.406262][ T7916] ? __pfx_sock_ioctl+0x10/0x10 [ 101.407553][ T7916] __x64_sys_ioctl+0x190/0x200 [ 101.408820][ T7916] do_syscall_64+0xcd/0x250 [ 101.410031][ T7916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.411632][ T7916] RIP: 0033:0x7fb9b537fed9 [ 101.412840][ T7916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.418113][ T7916] RSP: 002b:00007fb9b6214058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 101.420339][ T7916] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537fed9 [ 101.422475][ T7916] RDX: 0000000020000000 RSI: 0000000000008b18 RDI: 0000000000000003 [ 101.424616][ T7916] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 101.425110][ T5949] Bluetooth: hci3: command tx timeout [ 101.426685][ T7916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.426696][ T7916] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 101.426710][ T7916] [ 101.426718][ T7918] CPU: 0 UID: 0 PID: 7918 Comm: syz.3.662 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 101.435895][ T7918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.438767][ T7918] Call Trace: [ 101.439647][ T7918] [ 101.440453][ T7918] dump_stack_lvl+0x16c/0x1f0 [ 101.441704][ T7918] should_fail_ex+0x497/0x5b0 [ 101.443003][ T7918] _copy_from_iter+0x2a1/0x1560 [ 101.444273][ T7918] ? register_lock_class+0xb1/0x1240 [ 101.445652][ T7918] ? __pfx__copy_from_iter+0x10/0x10 [ 101.447031][ T7918] ? __lock_acquire+0xcc5/0x3c40 [ 101.448321][ T7918] ? hlock_class+0x4e/0x130 [ 101.449509][ T7918] ? __lock_acquire+0xcc5/0x3c40 [ 101.450867][ T7918] tun_get_user+0x34e/0x3e40 [ 101.452087][ T7918] ? find_held_lock+0x2d/0x110 [ 101.453382][ T7918] ? __pfx_tun_get_user+0x10/0x10 [ 101.454693][ T7918] ? find_held_lock+0x2d/0x110 [ 101.455961][ T7918] ? __pfx_lock_release+0x10/0x10 [ 101.457279][ T7918] tun_chr_write_iter+0xdc/0x210 [ 101.458573][ T7918] vfs_write+0x5ae/0x1150 [ 101.459743][ T7918] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 101.461331][ T7918] ? __pfx_vfs_write+0x10/0x10 [ 101.462737][ T7918] ? __fget_files+0x40/0x3a0 [ 101.463951][ T7918] ksys_write+0x12b/0x250 [ 101.465093][ T7918] ? __pfx_ksys_write+0x10/0x10 [ 101.466314][ T7918] do_syscall_64+0xcd/0x250 [ 101.467438][ T7918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.468914][ T7918] RIP: 0033:0x7f214cf7fed9 [ 101.470067][ T7918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.475269][ T7918] RSP: 002b:00007f214dd29058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 101.477387][ T7918] RAX: ffffffffffffffda RBX: 00007f214d145fa0 RCX: 00007f214cf7fed9 [ 101.479435][ T7918] RDX: 0000000000000ffe RSI: 00000000200000c0 RDI: 0000000000000003 [ 101.481374][ T7918] RBP: 00007f214dd290a0 R08: 0000000000000000 R09: 0000000000000000 [ 101.483507][ T7918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.485525][ T7918] R13: 0000000000000000 R14: 00007f214d145fa0 R15: 00007ffca096b718 [ 101.487509][ T7918] [ 101.489574][ T39] audit: type=1326 audit(1733702154.667:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.0.663" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdb37fed9 code=0x7ffc0000 [ 101.510857][ T39] audit: type=1326 audit(1733702154.677:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.0.663" exe="/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fdcdb37fed9 code=0x7ffc0000 [ 101.518477][ T39] audit: type=1326 audit(1733702154.677:381): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7919 comm="syz.0.663" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdb37fed9 code=0x7ffc0000 [ 101.583295][ T7932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.666'. [ 101.594520][ T7932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.666'. [ 101.597976][ T7932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.666'. [ 101.600212][ T7932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.666'. [ 101.652103][ T7940] fuse: Unknown parameter '–' [ 101.782464][ T7954] bio_check_eod: 11 callbacks suppressed [ 101.782476][ T7954] syz.2.674: attempt to access beyond end of device [ 101.782476][ T7954] nbd2: rw=0, sector=64, nr_sectors = 1 limit=0 [ 101.787445][ T7954] syz.2.674: attempt to access beyond end of device [ 101.787445][ T7954] nbd2: rw=0, sector=256, nr_sectors = 1 limit=0 [ 101.790592][ T7954] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 101.793102][ T7954] syz.2.674: attempt to access beyond end of device [ 101.793102][ T7954] nbd2: rw=0, sector=512, nr_sectors = 1 limit=0 [ 101.798340][ T7954] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 101.801159][ T7954] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found [ 101.803825][ T7954] UDF-fs: Scanning with blocksize 512 failed [ 101.806967][ T7954] syz.2.674: attempt to access beyond end of device [ 101.806967][ T7954] nbd2: rw=0, sector=64, nr_sectors = 2 limit=0 [ 101.810265][ T7954] syz.2.674: attempt to access beyond end of device [ 101.810265][ T7954] nbd2: rw=0, sector=512, nr_sectors = 2 limit=0 [ 101.813541][ T7954] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 101.816426][ T7954] syz.2.674: attempt to access beyond end of device [ 101.816426][ T7954] nbd2: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 101.820070][ T7954] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 101.823183][ T7954] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found [ 101.826144][ T7954] UDF-fs: Scanning with blocksize 1024 failed [ 101.828266][ T7954] syz.2.674: attempt to access beyond end of device [ 101.828266][ T7954] nbd2: rw=0, sector=64, nr_sectors = 4 limit=0 [ 101.831652][ T7954] syz.2.674: attempt to access beyond end of device [ 101.831652][ T7954] nbd2: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 101.833094][ T7956] bpf: Bad value for 'mode' [ 101.835130][ T7954] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 101.838694][ T7954] syz.2.674: attempt to access beyond end of device [ 101.838694][ T7954] nbd2: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 101.841978][ T7954] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 101.844343][ T7954] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found [ 101.849026][ T7954] UDF-fs: Scanning with blocksize 2048 failed [ 101.851344][ T7954] syz.2.674: attempt to access beyond end of device [ 101.851344][ T7954] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0 [ 101.854573][ T7954] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 101.857242][ T7954] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 101.860222][ T7954] UDF-fs: warning (device nbd2): udf_load_vrs: No anchor found [ 101.862140][ T7954] UDF-fs: Scanning with blocksize 4096 failed [ 101.863688][ T7954] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 101.986213][ T5949] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 101.990067][ T5949] Bluetooth: hci1: Injecting HCI hardware error event [ 101.994277][ T5949] Bluetooth: hci1: hardware error 0x00 [ 102.017715][ T5943] Bluetooth: hci3: unexpected event 0x3e length: 706 > 260 [ 102.017736][ T5943] Bluetooth: hci3: unexpected subevent 0x0d length: 705 > 260 [ 102.021862][ T5943] Bluetooth: hci3: adv larger than maximum supported [ 102.021920][ T5943] Bluetooth: hci3: adv larger than maximum supported [ 102.031331][ T7961] FAULT_INJECTION: forcing a failure. [ 102.031331][ T7961] name failslab, interval 1, probability 0, space 0, times 0 [ 102.039751][ T7961] CPU: 1 UID: 0 PID: 7961 Comm: syz.2.677 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 102.043534][ T7961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.046646][ T7961] Call Trace: [ 102.047585][ T7961] [ 102.048452][ T7961] dump_stack_lvl+0x16c/0x1f0 [ 102.049709][ T7961] should_fail_ex+0x497/0x5b0 [ 102.050959][ T7961] ? fs_reclaim_acquire+0xae/0x150 [ 102.052299][ T7961] should_failslab+0xc2/0x120 [ 102.053534][ T7961] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 102.055000][ T7961] ? __pfx_mark_lock+0x10/0x10 [ 102.056311][ T7961] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 102.057956][ T7967] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 102.058207][ T7961] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 102.058227][ T7961] mmu_topup_memory_caches+0x22/0xd0 [ 102.064325][ T7961] kvm_mmu_load+0xda/0x21f0 [ 102.065571][ T7961] ? mark_held_locks+0x9f/0xe0 [ 102.066920][ T7961] ? kvm_apic_has_interrupt+0xb6/0x190 [ 102.068694][ T7961] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 102.070572][ T7961] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 102.072187][ T7961] ? __pfx_kvm_mmu_load+0x10/0x10 [ 102.073495][ T7961] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 102.075072][ T7961] ? kvm_check_and_inject_events+0x725/0x12e0 [ 102.076587][ T7961] ? record_steal_time+0x51/0xbe0 [ 102.078352][ T7961] vcpu_run+0x33a4/0x4f50 [ 102.079982][ T7961] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 102.082061][ T7961] ? __pfx_vcpu_run+0x10/0x10 [ 102.083465][ T7961] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 102.084952][ T7961] ? rcu_is_watching+0x12/0xc0 [ 102.086237][ T7961] ? trace_lock_acquire+0x14e/0x1f0 [ 102.087657][ T7961] ? __local_bh_enable_ip+0xa4/0x120 [ 102.088999][ T7961] ? lockdep_hardirqs_on+0x7c/0x110 [ 102.090491][ T7961] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 102.092067][ T7961] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 102.093614][ T7961] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 102.095147][ T7961] kvm_vcpu_ioctl+0x6ce/0x1520 [ 102.096435][ T7961] ? do_vfs_ioctl+0x513/0x1990 [ 102.097949][ T7961] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 102.099408][ T7961] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 102.101346][ T7961] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 102.103205][ T7961] ? __pfx_lock_release+0x10/0x10 [ 102.104615][ T7961] ? selinux_file_ioctl+0x180/0x270 [ 102.106036][ T7961] ? selinux_file_ioctl+0xb4/0x270 [ 102.107469][ T7961] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 102.108900][ T7961] __x64_sys_ioctl+0x190/0x200 [ 102.110192][ T7961] do_syscall_64+0xcd/0x250 [ 102.111438][ T7961] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.113016][ T7961] RIP: 0033:0x7fb9b537fed9 [ 102.114217][ T7961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.119415][ T7961] RSP: 002b:00007fb9b6214058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 102.121639][ T7961] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537fed9 [ 102.123767][ T7961] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 102.125876][ T7961] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 102.128009][ T7961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 102.130109][ T7961] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 102.132230][ T7961] [ 102.208955][ T7973] sctp: [Deprecated]: syz.1.681 (pid 7973) Use of int in max_burst socket option deprecated. [ 102.208955][ T7973] Use struct sctp_assoc_value instead [ 102.276144][ T7978] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 102.536889][ T7986] FAULT_INJECTION: forcing a failure. [ 102.536889][ T7986] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 102.541722][ T7986] CPU: 2 UID: 0 PID: 7986 Comm: syz.2.684 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 102.545642][ T7986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.549529][ T7986] Call Trace: [ 102.549725][ T7988] openvswitch: netlink: IPv4 tunnel dst address is zero [ 102.550748][ T7986] [ 102.553709][ T7986] dump_stack_lvl+0x16c/0x1f0 [ 102.555514][ T7986] should_fail_ex+0x497/0x5b0 [ 102.558182][ T7986] _copy_from_iter+0x2a1/0x1560 [ 102.560720][ T7986] ? trace_lock_acquire+0x14e/0x1f0 [ 102.562641][ T7986] ? __alloc_skb+0x1fe/0x380 [ 102.564332][ T7986] ? __pfx__copy_from_iter+0x10/0x10 [ 102.566308][ T7986] ? __virt_addr_valid+0x1a4/0x590 [ 102.568245][ T7986] ? __virt_addr_valid+0x5e/0x590 [ 102.570133][ T7986] ? __phys_addr_symbol+0x30/0x80 [ 102.571988][ T7986] ? __check_object_size+0x488/0x710 [ 102.573837][ T7986] netlink_sendmsg+0x813/0xd70 [ 102.575710][ T7986] ? __pfx_netlink_sendmsg+0x10/0x10 [ 102.577437][ T7986] ____sys_sendmsg+0xaaf/0xc90 [ 102.579103][ T7986] ? copy_msghdr_from_user+0x10b/0x160 [ 102.580784][ T7986] ? __pfx_____sys_sendmsg+0x10/0x10 [ 102.582072][ T7986] ___sys_sendmsg+0x135/0x1e0 [ 102.583370][ T7986] ? __pfx____sys_sendmsg+0x10/0x10 [ 102.584734][ T7986] ? __pfx_lock_release+0x10/0x10 [ 102.586062][ T7986] ? trace_lock_acquire+0x14e/0x1f0 [ 102.587427][ T7986] ? __fget_files+0x206/0x3a0 [ 102.588872][ T7986] __sys_sendmsg+0x16e/0x220 [ 102.590433][ T7986] ? __pfx___sys_sendmsg+0x10/0x10 [ 102.592227][ T7986] do_syscall_64+0xcd/0x250 [ 102.593675][ T7986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.595177][ T7986] RIP: 0033:0x7fb9b537fed9 [ 102.596407][ T7986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.599240][ T7990] FAULT_INJECTION: forcing a failure. [ 102.599240][ T7990] name failslab, interval 1, probability 0, space 0, times 0 [ 102.602114][ T7986] RSP: 002b:00007fb9b6214058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 102.602137][ T7986] RAX: ffffffffffffffda RBX: 00007fb9b5545fa0 RCX: 00007fb9b537fed9 [ 102.602151][ T7986] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 102.602163][ T7986] RBP: 00007fb9b62140a0 R08: 0000000000000000 R09: 0000000000000000 [ 102.616107][ T7986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 102.619076][ T7986] R13: 0000000000000000 R14: 00007fb9b5545fa0 R15: 00007ffff8c44258 [ 102.621679][ T7986] [ 102.622502][ T7990] CPU: 3 UID: 0 PID: 7990 Comm: syz.0.687 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 102.625331][ T7990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.628111][ T7990] Call Trace: [ 102.628989][ T7990] [ 102.629747][ T7990] dump_stack_lvl+0x16c/0x1f0 [ 102.630969][ T7990] should_fail_ex+0x497/0x5b0 [ 102.632108][ T7990] ? fs_reclaim_acquire+0xae/0x150 [ 102.633403][ T7990] should_failslab+0xc2/0x120 [ 102.634561][ T7990] __kmalloc_cache_noprof+0x68/0x410 [ 102.636089][ T7990] ? __pfx___folio_start_writeback+0x10/0x10 [ 102.637664][ T7990] ? do_raw_spin_lock+0x12d/0x2c0 [ 102.638926][ T7990] netfs_buffer_make_space+0x432/0x6b0 [ 102.640279][ T7990] netfs_buffer_append_folio+0x298/0x360 [ 102.641615][ T7990] netfs_write_folio+0x540/0x1930 [ 102.642835][ T7990] netfs_writepages+0x29a/0x9d0 [ 102.644019][ T7990] ? __pfx_netfs_writepages+0x10/0x10 [ 102.645365][ T7990] ? __pfx___lock_acquire+0x10/0x10 [ 102.646643][ T7990] ? __pfx___lock_acquire+0x10/0x10 [ 102.647933][ T7990] ? __pfx_netfs_writepages+0x10/0x10 [ 102.649246][ T7990] do_writepages+0x1b3/0x820 [ 102.650453][ T7990] ? find_held_lock+0x2d/0x110 [ 102.651659][ T7990] ? __pfx_do_writepages+0x10/0x10 [ 102.652934][ T7990] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 102.654434][ T7990] ? __pfx_lock_release+0x10/0x10 [ 102.655720][ T7990] ? do_raw_spin_lock+0x12d/0x2c0 [ 102.657103][ T7990] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 102.658465][ T7990] ? lock_acquire+0x2f/0xb0 [ 102.659589][ T7990] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 102.661045][ T7990] ? do_raw_spin_unlock+0x172/0x230 [ 102.662367][ T7990] ? _raw_spin_unlock+0x28/0x50 [ 102.663688][ T7990] filemap_fdatawrite_wbc+0x104/0x160 [ 102.665044][ T7990] __filemap_fdatawrite_range+0xb3/0xf0 [ 102.666440][ T7990] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 102.667996][ T7990] file_write_and_wait_range+0xca/0x140 [ 102.669348][ T7990] v9fs_file_fsync+0xdb/0x1c0 [ 102.670478][ T7990] ? __pfx_v9fs_file_fsync+0x10/0x10 [ 102.671793][ T7990] ? __up_read+0x1fb/0x760 [ 102.672892][ T7990] ? __pfx_v9fs_file_fsync+0x10/0x10 [ 102.674241][ T7990] vfs_fsync_range+0x136/0x220 [ 102.675431][ T7990] netfs_file_write_iter+0x3dd/0x4f0 [ 102.676780][ T7990] v9fs_file_write_iter+0x9b/0x100 [ 102.678117][ T7990] vfs_write+0x5ae/0x1150 [ 102.679283][ T7990] ? __pfx_v9fs_file_write_iter+0x10/0x10 [ 102.680773][ T7990] ? __pfx___mutex_lock+0x10/0x10 [ 102.682142][ T7990] ? __pfx_vfs_write+0x10/0x10 [ 102.683430][ T7990] ksys_write+0x12b/0x250 [ 102.684619][ T7990] ? __pfx_ksys_write+0x10/0x10 [ 102.685964][ T7990] do_syscall_64+0xcd/0x250 [ 102.687230][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.688894][ T7990] RIP: 0033:0x7fdcdb37fed9 [ 102.690155][ T7990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.695235][ T7990] RSP: 002b:00007fdcdc149058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 102.697393][ T7990] RAX: ffffffffffffffda RBX: 00007fdcdb545fa0 RCX: 00007fdcdb37fed9 [ 102.699437][ T7990] RDX: 0000000000000004 RSI: 0000000020000300 RDI: 0000000000000007 [ 102.701312][ T7990] RBP: 00007fdcdc1490a0 R08: 0000000000000000 R09: 0000000000000000 [ 102.703347][ T7990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 102.705366][ T7990] R13: 0000000000000000 R14: 00007fdcdb545fa0 R15: 00007ffe5e070cb8 [ 102.707582][ T7990] [ 102.713215][ T7990] ------------[ cut here ]------------ [ 102.714626][ T7990] WARNING: CPU: 0 PID: 7990 at lib/iov_iter.c:255 _copy_from_iter+0x3a0/0x1560 [ 102.716948][ T7990] Modules linked in: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 102.718033][ T7990] CPU: 0 UID: 0 PID: 7990 Comm: syz.0.687 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 102.722639][ T7990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.726044][ T7990] RIP: 0010:_copy_from_iter+0x3a0/0x1560 [ 102.727779][ T7990] Code: 5e fd 0f 01 cb 48 89 d9 4c 89 f7 48 89 ee f3 a4 0f 1f 00 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 1e ff ff ff e8 01 3a fb fc 90 <0f> 0b 90 e9 ae fd ff ff e8 f3 39 fb fc 89 ee bf 01 00 00 00 e8 c7 [ 102.732885][ T7990] RSP: 0018:ffffc90003b46ef8 EFLAGS: 00010293 [ 102.734614][ T7990] RAX: 0000000000000000 RBX: 0000000000000004 RCX: ffffffff849ec958 [ 102.736888][ T7990] RDX: ffff88802b0d2440 RSI: ffffffff849ecc3f RDI: 0000000000000001 [ 102.738989][ T7990] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 102.741074][ T7990] R10: 0000000000000000 R11: 0000000000000003 R12: ffff888031c62420 [ 102.743447][ T7990] R13: ffffc90003b472e8 R14: ffff888031c62420 R15: dffffc0000000000 [ 102.745889][ T7990] FS: 00007fdcdc1496c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000 [ 102.748203][ T7990] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.750026][ T7990] CR2: 00007fdcdc0756c0 CR3: 0000000052d20000 CR4: 0000000000352ef0 [ 102.752024][ T7990] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 102.753924][ T7990] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 102.756076][ T7990] Call Trace: [ 102.757002][ T7990] [ 102.757744][ T7990] ? __warn+0xea/0x3c0 [ 102.758771][ T7990] ? _copy_from_iter+0x3a0/0x1560 [ 102.759989][ T7990] ? report_bug+0x3c0/0x580 [ 102.761181][ T7990] ? handle_bug+0x54/0xa0 [ 102.762263][ T7990] ? exc_invalid_op+0x17/0x50 [ 102.763450][ T7990] ? asm_exc_invalid_op+0x1a/0x20 [ 102.764742][ T7990] ? _copy_from_iter+0xb8/0x1560 [ 102.766106][ T7990] ? _copy_from_iter+0x39f/0x1560 [ 102.767467][ T7990] ? _copy_from_iter+0x3a0/0x1560 [ 102.768736][ T7990] ? _copy_from_iter+0x39f/0x1560 [ 102.769986][ T7990] ? __pfx_lock_release+0x10/0x10 [ 102.771345][ T7990] ? trace_lock_acquire+0x14e/0x1f0 [ 102.772605][ T7990] ? __pfx__copy_from_iter+0x10/0x10 [ 102.773913][ T7990] ? __virt_addr_valid+0x1a4/0x590 [ 102.775268][ T7990] ? __virt_addr_valid+0x5e/0x590 [ 102.776550][ T7990] ? __phys_addr_symbol+0x30/0x80 [ 102.777893][ T7990] ? __check_object_size+0x488/0x710 [ 102.779274][ T7990] p9pdu_vwritef+0x2d0/0x1cf0 [ 102.780477][ T7990] ? p9pdu_writef+0xc4/0x100 [ 102.781628][ T7990] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 102.783013][ T7990] ? __pfx_p9_tag_alloc+0x10/0x10 [ 102.784278][ T7990] ? __pfx_mark_lock+0x10/0x10 [ 102.785587][ T7990] p9_client_prepare_req+0x244/0x4d0 [ 102.787030][ T7990] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 102.788441][ T7990] ? __pfx_mark_lock+0x10/0x10 [ 102.789745][ T7990] ? hlock_class+0x4e/0x130 [ 102.790897][ T7990] ? mark_lock+0xb5/0xc60 [ 102.792012][ T7990] p9_client_rpc+0x1c3/0xc10 [ 102.793290][ T7990] ? mark_lock+0xb5/0xc60 [ 102.794356][ T7990] ? __pfx_p9_client_rpc+0x10/0x10 [ 102.795686][ T7990] ? __pfx_register_lock_class+0x10/0x10 [ 102.797184][ T7990] ? __pfx_mark_lock+0x10/0x10 [ 102.798349][ T7990] ? hlock_class+0x4e/0x130 [ 102.799459][ T7990] ? __lock_acquire+0x15a9/0x3c40 [ 102.800718][ T7990] p9_client_write+0x31f/0x680 [ 102.801881][ T7990] ? __pfx_p9_client_write+0x10/0x10 [ 102.803214][ T7990] ? lock_acquire.part.0+0x11b/0x380 [ 102.804482][ T7990] ? find_held_lock+0x2d/0x110 [ 102.805797][ T7990] v9fs_issue_write+0xe2/0x180 [ 102.806991][ T7990] ? __pfx_v9fs_issue_write+0x10/0x10 [ 102.808269][ T7990] ? rcu_is_watching+0x12/0xc0 [ 102.809432][ T7990] ? trace_netfs_sreq+0x198/0x220 [ 102.810635][ T7990] netfs_do_issue_write+0x92/0x110 [ 102.811854][ T7990] netfs_advance_write+0x384/0xc80 [ 102.813132][ T7990] netfs_write_folio+0xc19/0x1930 [ 102.814358][ T7990] netfs_writepages+0x29a/0x9d0 [ 102.815671][ T7990] ? __pfx_netfs_writepages+0x10/0x10 [ 102.817086][ T7990] ? __pfx___lock_acquire+0x10/0x10 [ 102.818382][ T7990] ? __pfx___lock_acquire+0x10/0x10 [ 102.819662][ T7990] ? __pfx_netfs_writepages+0x10/0x10 [ 102.820952][ T7990] do_writepages+0x1b3/0x820 [ 102.822165][ T7990] ? find_held_lock+0x2d/0x110 [ 102.823367][ T7990] ? __pfx_do_writepages+0x10/0x10 [ 102.824605][ T7990] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 102.826110][ T7990] ? __pfx_lock_release+0x10/0x10 [ 102.827345][ T7990] ? do_raw_spin_lock+0x12d/0x2c0 [ 102.828565][ T7990] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 102.829943][ T7990] ? lock_acquire+0x2f/0xb0 [ 102.831073][ T7990] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 102.832517][ T7990] ? do_raw_spin_unlock+0x172/0x230 [ 102.833817][ T7990] ? _raw_spin_unlock+0x28/0x50 [ 102.835072][ T7990] filemap_fdatawrite_wbc+0x104/0x160 [ 102.836382][ T7990] __filemap_fdatawrite_range+0xb3/0xf0 [ 102.837703][ T7990] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 102.839225][ T7990] file_write_and_wait_range+0xca/0x140 [ 102.840622][ T7990] v9fs_file_fsync+0xdb/0x1c0 [ 102.841885][ T7990] ? __pfx_v9fs_file_fsync+0x10/0x10 [ 102.843553][ T7990] ? __up_read+0x1fb/0x760 [ 102.844862][ T7990] ? __pfx_v9fs_file_fsync+0x10/0x10 [ 102.846583][ T7990] vfs_fsync_range+0x136/0x220 [ 102.847927][ T7990] netfs_file_write_iter+0x3dd/0x4f0 [ 102.849438][ T7990] v9fs_file_write_iter+0x9b/0x100 [ 102.851006][ T7990] vfs_write+0x5ae/0x1150 [ 102.852248][ T7990] ? __pfx_v9fs_file_write_iter+0x10/0x10 [ 102.853957][ T7990] ? __pfx___mutex_lock+0x10/0x10 [ 102.855968][ T7990] ? __pfx_vfs_write+0x10/0x10 [ 102.857540][ T7990] ksys_write+0x12b/0x250 [ 102.858993][ T7990] ? __pfx_ksys_write+0x10/0x10 [ 102.860667][ T7990] do_syscall_64+0xcd/0x250 [ 102.862213][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 102.864213][ T7990] RIP: 0033:0x7fdcdb37fed9 [ 102.865741][ T7990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.871321][ T7990] RSP: 002b:00007fdcdc149058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 102.873468][ T7990] RAX: ffffffffffffffda RBX: 00007fdcdb545fa0 RCX: 00007fdcdb37fed9 [ 102.875621][ T7990] RDX: 0000000000000004 RSI: 0000000020000300 RDI: 0000000000000007 [ 102.877682][ T7990] RBP: 00007fdcdc1490a0 R08: 0000000000000000 R09: 0000000000000000 [ 102.879734][ T7990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 102.881769][ T7990] R13: 0000000000000000 R14: 00007fdcdb545fa0 R15: 00007ffe5e070cb8 [ 102.883808][ T7990] [ 102.884614][ T7990] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 102.886504][ T7990] CPU: 0 UID: 0 PID: 7990 Comm: syz.0.687 Not tainted 6.13.0-rc1-syzkaller-00378-g62b5a46999c7 #0 [ 102.889228][ T7990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 102.891931][ T7990] Call Trace: [ 102.892804][ T7990] [ 102.893577][ T7990] dump_stack_lvl+0x3d/0x1f0 [ 102.894786][ T7990] panic+0x71d/0x800 [ 102.895790][ T7990] ? __pfx_panic+0x10/0x10 [ 102.896879][ T7990] ? show_trace_log_lvl+0x29d/0x3d0 [ 102.898228][ T7990] ? check_panic_on_warn+0x1f/0xb0 [ 102.899537][ T7990] ? _copy_from_iter+0x3a0/0x1560 [ 102.900827][ T7990] check_panic_on_warn+0xab/0xb0 [ 102.902094][ T7990] __warn+0xf6/0x3c0 [ 102.903125][ T7990] ? _copy_from_iter+0x3a0/0x1560 [ 102.904427][ T7990] report_bug+0x3c0/0x580 [ 102.905554][ T7990] handle_bug+0x54/0xa0 [ 102.906644][ T7990] exc_invalid_op+0x17/0x50 [ 102.907845][ T7990] asm_exc_invalid_op+0x1a/0x20 [ 102.909113][ T7990] RIP: 0010:_copy_from_iter+0x3a0/0x1560 [ 102.910510][ T7990] Code: 5e fd 0f 01 cb 48 89 d9 4c 89 f7 48 89 ee f3 a4 0f 1f 00 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 1e ff ff ff e8 01 3a fb fc 90 <0f> 0b 90 e9 ae fd ff ff e8 f3 39 fb fc 89 ee bf 01 00 00 00 e8 c7 [ 102.916281][ T7990] RSP: 0018:ffffc90003b46ef8 EFLAGS: 00010293 [ 102.918347][ T7990] RAX: 0000000000000000 RBX: 0000000000000004 RCX: ffffffff849ec958 [ 102.921021][ T7990] RDX: ffff88802b0d2440 RSI: ffffffff849ecc3f RDI: 0000000000000001 [ 102.923670][ T7990] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 102.925805][ T7990] R10: 0000000000000000 R11: 0000000000000003 R12: ffff888031c62420 [ 102.927736][ T7990] R13: ffffc90003b472e8 R14: ffff888031c62420 R15: dffffc0000000000 [ 102.929622][ T7990] ? _copy_from_iter+0xb8/0x1560 [ 102.930840][ T7990] ? _copy_from_iter+0x39f/0x1560 [ 102.932150][ T7990] ? _copy_from_iter+0x39f/0x1560 [ 102.933438][ T7990] ? __pfx_lock_release+0x10/0x10 [ 102.934725][ T7990] ? trace_lock_acquire+0x14e/0x1f0 [ 102.936116][ T7990] ? __pfx__copy_from_iter+0x10/0x10 [ 102.937756][ T7990] ? __virt_addr_valid+0x1a4/0x590 [ 102.939195][ T7990] ? __virt_addr_valid+0x5e/0x590 [ 102.940784][ T7990] ? __phys_addr_symbol+0x30/0x80 [ 102.942387][ T7990] ? __check_object_size+0x488/0x710 [ 102.944042][ T7990] p9pdu_vwritef+0x2d0/0x1cf0 [ 102.945290][ T7990] ? p9pdu_writef+0xc4/0x100 [ 102.946505][ T7990] ? __pfx_p9pdu_vwritef+0x10/0x10 [ 102.948039][ T7990] ? __pfx_p9_tag_alloc+0x10/0x10 [ 102.949536][ T7990] ? __pfx_mark_lock+0x10/0x10 [ 102.950905][ T7990] p9_client_prepare_req+0x244/0x4d0 [ 102.952469][ T7990] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 102.954124][ T7990] ? __pfx_mark_lock+0x10/0x10 [ 102.955462][ T7990] ? hlock_class+0x4e/0x130 [ 102.956733][ T7990] ? mark_lock+0xb5/0xc60 [ 102.958062][ T7990] p9_client_rpc+0x1c3/0xc10 [ 102.959577][ T7990] ? mark_lock+0xb5/0xc60 [ 102.960969][ T7990] ? __pfx_p9_client_rpc+0x10/0x10 [ 102.962505][ T7990] ? __pfx_register_lock_class+0x10/0x10 [ 102.964246][ T7990] ? __pfx_mark_lock+0x10/0x10 [ 102.965614][ T7990] ? hlock_class+0x4e/0x130 [ 102.966868][ T7990] ? __lock_acquire+0x15a9/0x3c40 [ 102.968444][ T7990] p9_client_write+0x31f/0x680 [ 102.969944][ T7990] ? __pfx_p9_client_write+0x10/0x10 [ 102.971632][ T7990] ? lock_acquire.part.0+0x11b/0x380 [ 102.973216][ T7990] ? find_held_lock+0x2d/0x110 [ 102.974565][ T7990] v9fs_issue_write+0xe2/0x180 [ 102.976071][ T7990] ? __pfx_v9fs_issue_write+0x10/0x10 [ 102.977728][ T7990] ? rcu_is_watching+0x12/0xc0 [ 102.979145][ T7990] ? trace_netfs_sreq+0x198/0x220 [ 102.980631][ T7990] netfs_do_issue_write+0x92/0x110 [ 102.982120][ T7990] netfs_advance_write+0x384/0xc80 [ 102.983618][ T7990] netfs_write_folio+0xc19/0x1930 [ 102.985203][ T7990] netfs_writepages+0x29a/0x9d0 [ 102.986751][ T7990] ? __pfx_netfs_writepages+0x10/0x10 [ 102.988074][ T7990] ? __pfx___lock_acquire+0x10/0x10 [ 102.989498][ T7990] ? __pfx___lock_acquire+0x10/0x10 [ 102.990888][ T7990] ? __pfx_netfs_writepages+0x10/0x10 [ 102.992346][ T7990] do_writepages+0x1b3/0x820 [ 102.993490][ T7990] ? find_held_lock+0x2d/0x110 [ 102.994719][ T7990] ? __pfx_do_writepages+0x10/0x10 [ 102.996054][ T7990] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 102.997505][ T7990] ? __pfx_lock_release+0x10/0x10 [ 102.998757][ T7990] ? do_raw_spin_lock+0x12d/0x2c0 [ 102.999976][ T7990] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 103.001241][ T7990] ? lock_acquire+0x2f/0xb0 [ 103.002325][ T7990] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 103.003754][ T7990] ? do_raw_spin_unlock+0x172/0x230 [ 103.004995][ T7990] ? _raw_spin_unlock+0x28/0x50 [ 103.006177][ T7990] filemap_fdatawrite_wbc+0x104/0x160 [ 103.007463][ T7990] __filemap_fdatawrite_range+0xb3/0xf0 [ 103.008799][ T7990] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 103.010308][ T7990] file_write_and_wait_range+0xca/0x140 [ 103.011851][ T7990] v9fs_file_fsync+0xdb/0x1c0 [ 103.013361][ T7990] ? __pfx_v9fs_file_fsync+0x10/0x10 [ 103.015102][ T7990] ? __up_read+0x1fb/0x760 [ 103.016464][ T7990] ? __pfx_v9fs_file_fsync+0x10/0x10 [ 103.018241][ T7990] vfs_fsync_range+0x136/0x220 [ 103.019864][ T7990] netfs_file_write_iter+0x3dd/0x4f0 [ 103.021662][ T7990] v9fs_file_write_iter+0x9b/0x100 [ 103.023406][ T7990] vfs_write+0x5ae/0x1150 [ 103.024860][ T7990] ? __pfx_v9fs_file_write_iter+0x10/0x10 [ 103.026810][ T7990] ? __pfx___mutex_lock+0x10/0x10 [ 103.028547][ T7990] ? __pfx_vfs_write+0x10/0x10 [ 103.029880][ T7990] ksys_write+0x12b/0x250 [ 103.031334][ T7990] ? __pfx_ksys_write+0x10/0x10 [ 103.032913][ T7990] do_syscall_64+0xcd/0x250 [ 103.034107][ T7990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.036061][ T7990] RIP: 0033:0x7fdcdb37fed9 [ 103.037399][ T7990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.043244][ T7990] RSP: 002b:00007fdcdc149058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 103.046010][ T7990] RAX: ffffffffffffffda RBX: 00007fdcdb545fa0 RCX: 00007fdcdb37fed9 [ 103.048628][ T7990] RDX: 0000000000000004 RSI: 0000000020000300 RDI: 0000000000000007 [ 103.051185][ T7990] RBP: 00007fdcdc1490a0 R08: 0000000000000000 R09: 0000000000000000 [ 103.053673][ T7990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.055974][ T7990] R13: 0000000000000000 R14: 00007fdcdb545fa0 R15: 00007ffe5e070cb8 [ 103.058275][ T7990] [ 103.060050][ T7990] Kernel Offset: disabled [ 103.061241][ T7990] Rebooting in 86400 seconds.. VM DIAGNOSIS: 23:55:56 Registers: info registers vcpu 0 CPU#0 RAX=000000000000004e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851ca555 RDI=ffffffff9ab10be0 RBP=ffffffff9ab10ba0 RSP=ffffc90003b46858 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007 R12=0000000000000000 R13=000000000000004e R14=ffffffff851ca4f0 R15=0000000000000000 RIP=ffffffff851ca57f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007fdcdc1496c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fdcdc0756c0 CR3=0000000052d20000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000316e616c77 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4c42 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4c4f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4c49 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4c5d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4ce3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4dc1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ac3c49a00aa76bfe 567b6e1457a7db01 8022ec78cbafe366 17ff1f7b894caaf3 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4abf6370b69ebf9d 2616e8b3ea4b7ee0 badbb1103e600004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 668a45f87963ace7 28eb94be96d7408b 3b7d1917ebb40bb2 7b22015f5589ac3c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a8 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=1ffff9200082af00 RCX=ffffffff8208b7c1 RDX=ffff8880212a8000 RSI=ffffffff8208b922 RDI=0000000000000005 RBP=0000000000055589 RSP=ffffc900041577f8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000003 R12=ffff88807ffd6680 R13=0000000000000001 R14=ffff88817ffef540 R15=ffffc90004157cc8 RIP=ffffffff819a0681 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fdfeee77d60 CR3=000000000df7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdfee3106a3 00007fdfee3106a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc378c59a0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555559534a0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555555959162 0000555555959070 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555555955840 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0110808080100001 0800010000000806 060102f602f81000 0100000608060000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0004080640100008 0129d40806880605 0280100006800404 0130c40010000100 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0002080600000004 0806401000080129 d407080000100000 1000028004018004 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a04460002000288 0342018080808082 000286037a797301 ffffffffffffffff ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0050280804800304 8004028003028004 2003000800100303 ffffffff04000300 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080000002 RBX=0000000000000000 RCX=ffffffff81e50aa2 RDX=ffff8880212b4880 RSI=00000000000000f4 RDI=0000000000000005 RBP=ffffea0000eee2c0 RSP=ffffc900046577c8 R8 =0000000000000005 R9 =00000000000000f4 R10=0000000000000000 R11=0000000000000007 R12=ffffea0000483888 R13=ffff88804a24a3e0 R14=dffffc0000000000 R15=ffffea0000eee2c0 RIP=ffffffff819a0658 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00005555787cc500 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fb9b60756c0 CR3=0000000035e52000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000400000 Opmask01=00000000ffffffff Opmask02=00000000fff80800 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc556c7ed0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c5f5f0045544156 4952505f4342494c ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000042494c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6362696c5f5f0045 5441564952505f43 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000017eee9 RBX=0000000000000003 RCX=ffffffff8b2a0759 RDX=0000000000000000 RSI=ffffffff8b6cd840 RDI=ffffffff8bd1b6a0 RBP=ffffed1003ad3488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d526fed R10=ffff88806a937f6b R11=0000000000000000 R12=0000000000000003 R13=ffff88801d69a440 R14=ffffffff905f12d0 R15=0000000000000000 RIP=ffffffff8b2a1b3f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffc48d07c28 CR3=0000000030e8e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000316e616c77 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4c42 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4c4f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4c49 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4c5d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4ce3 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007effaf5f4dc1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ac3c49a00aa76bfe 567b6e1457a7db01 8022ec78cbafe366 17ff1f7b894caaf3 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4abf6370b69ebf9d 2616e8b3ea4b7ee0 badbb1103e600004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 668a45f87963ace7 28eb94be96d7408b 3b7d1917ebb40bb2 7b22015f5589ac3c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a8 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000