last executing test programs: 403.162158ms ago: executing program 1 (id=371): socket$alg(0x26, 0x5, 0x0) 352.505487ms ago: executing program 1 (id=376): wait4(0x0, 0x0, 0x0, 0x0) 352.012156ms ago: executing program 1 (id=379): flock(0xffffffffffffffff, 0x0) 299.037259ms ago: executing program 1 (id=383): io_cancel(0x0, &(0x7f0000000000), &(0x7f0000000000)) 289.118916ms ago: executing program 1 (id=388): syz_open_dev$audion(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$audion(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$audion(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$audion(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$audion(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$audion(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$audion(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$audion(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$audion(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$audion(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$audion(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$audion(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$audion(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$audion(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$audion(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$audion(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$audion(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$audion(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$audion(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$audion(&(0x7f0000000500), 0x4, 0x800) 167.943519ms ago: executing program 2 (id=400): request_key(&(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000), 0x0) 167.416671ms ago: executing program 3 (id=403): socket$inet_tcp(0x2, 0x1, 0x0) 167.298118ms ago: executing program 4 (id=404): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/revoke-subject', 0x2, 0x0) 167.069364ms ago: executing program 3 (id=406): socket$l2tp(0x2, 0x2, 0x73) 166.928595ms ago: executing program 2 (id=407): socket$nl_generic(0x10, 0x3, 0x10) 107.300938ms ago: executing program 4 (id=408): syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$sndctrl(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$sndctrl(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$sndctrl(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$sndctrl(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$sndctrl(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$sndctrl(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$sndctrl(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$sndctrl(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$sndctrl(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$sndctrl(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$sndctrl(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$sndctrl(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$sndctrl(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$sndctrl(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$sndctrl(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$sndctrl(&(0x7f0000000500), 0x4, 0x800) 107.19565ms ago: executing program 3 (id=409): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 107.090341ms ago: executing program 0 (id=410): getdents(0xffffffffffffffff, &(0x7f0000000000), 0x0) 106.915344ms ago: executing program 2 (id=411): syz_open_dev$drirender(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$drirender(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$drirender(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$drirender(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$drirender(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$drirender(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$drirender(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$drirender(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$drirender(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$drirender(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$drirender(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$drirender(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$drirender(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$drirender(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$drirender(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$drirender(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$drirender(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$drirender(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$drirender(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$drirender(&(0x7f0000000500), 0x4, 0x800) 106.631792ms ago: executing program 3 (id=412): syz_open_dev$amidi(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$amidi(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$amidi(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$amidi(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$amidi(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$amidi(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$amidi(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$amidi(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$amidi(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$amidi(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$amidi(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$amidi(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$amidi(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$amidi(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$amidi(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$amidi(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$amidi(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$amidi(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$amidi(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$amidi(&(0x7f0000000500), 0x4, 0x800) 106.539903ms ago: executing program 0 (id=413): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy', 0x0, 0x0) 106.024019ms ago: executing program 2 (id=414): syz_init_net_socket$rose(0xb, 0x5, 0x0) 105.478207ms ago: executing program 4 (id=415): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/relabel-self', 0x2, 0x0) 92.055917ms ago: executing program 3 (id=416): renameat(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffffff, &(0x7f0000000000)) 87.741955ms ago: executing program 4 (id=417): uselib(&(0x7f0000000000)) 31.341432ms ago: executing program 2 (id=418): set_robust_list(&(0x7f0000000000), 0x0) 31.071386ms ago: executing program 0 (id=419): sched_setparam(0x0, &(0x7f0000000000)) 31.018736ms ago: executing program 3 (id=420): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse', 0x2, 0x0) 30.804274ms ago: executing program 4 (id=421): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/irnet', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/irnet', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/irnet', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/irnet', 0x800, 0x0) 30.589434ms ago: executing program 0 (id=422): getdents64(0xffffffffffffffff, &(0x7f0000000000), 0x0) 29.964069ms ago: executing program 2 (id=423): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vmci', 0x2, 0x0) 15.512157ms ago: executing program 0 (id=424): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/member', 0x2, 0x0) 15.291007ms ago: executing program 1 (id=425): gettid() 15.201533ms ago: executing program 4 (id=426): llistxattr(&(0x7f0000000000), &(0x7f0000000000), 0x0) 0s ago: executing program 0 (id=427): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.38' (ED25519) to the list of known hosts. [ 50.350300][ T5215] cgroup: Unknown subsys name 'net' [ 50.465596][ T5215] cgroup: Unknown subsys name 'cpuset' [ 50.473837][ T5215] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 51.785695][ T5215] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 54.239294][ T5317] mmap: syz.1.83 (5317) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 55.524208][ T5524] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 56.225887][ T5624] coredump: 79(syz.2.384): coredump has not been created, error -2 [ 56.480691][ T5657] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] PREEMPT SMP KASAN PTI [ 56.493407][ T5657] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f] [ 56.501845][ T5657] CPU: 1 UID: 0 PID: 5657 Comm: syz.3.420 Not tainted 6.11.0-next-20240916-syzkaller #0 [ 56.511588][ T5657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 56.521757][ T5657] RIP: 0010:fuse_get_req+0x699/0xd40 [ 56.527078][ T5657] Code: 24 50 48 83 c3 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 55 e1 e9 fe 48 8b 1b 48 83 c3 58 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 38 e1 e9 fe 48 8b 1b 81 e3 00 20 [ 56.546985][ T5657] RSP: 0018:ffffc900043174c0 EFLAGS: 00010202 [ 56.553077][ T5657] RAX: 000000000000000b RBX: 0000000000000058 RCX: ffffffff8314d542 [ 56.561155][ T5657] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888024ab6030 [ 56.569235][ T5657] RBP: ffffc900043175e8 R08: ffff888024ab6037 R09: 1ffff11004956c06 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 56.577314][ T5657] R10: dffffc0000000000 R11: ffffed1004956c07 R12: ffff888024ab6000 [ 56.585400][ T5657] R13: dffffc0000000000 R14: ffff88807869e040 R15: ffff888024ab6000 [ 56.593398][ T5657] FS: 0000555587ac4500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 56.602352][ T5657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.608959][ T5657] CR2: 00007fd811f07040 CR3: 000000002485c000 CR4: 00000000003506f0 [ 56.617136][ T5657] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 56.625269][ T5657] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 56.633265][ T5657] Call Trace: [ 56.636577][ T5657] [ 56.639532][ T5657] ? __die_body+0x5f/0xb0 [ 56.643914][ T5657] ? die_addr+0xb0/0xe0 [ 56.648090][ T5657] ? exc_general_protection+0x3dd/0x5d0 [ 56.653664][ T5657] ? asm_exc_general_protection+0x26/0x30 [ 56.659412][ T5657] ? fuse_get_req+0x602/0xd40 [ 56.664211][ T5657] ? fuse_get_req+0x699/0xd40 [ 56.669002][ T5657] ? __pfx_fuse_get_req+0x10/0x10 [ 56.674057][ T5657] fuse_simple_background+0x9d/0xb10 [ 56.679453][ T5657] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 56.685389][ T5657] cuse_channel_open+0x447/0x670 [ 56.690357][ T5657] ? __pfx_cuse_channel_open+0x10/0x10 [ 56.695932][ T5657] misc_open+0x2cc/0x340 [ 56.700202][ T5657] chrdev_open+0x521/0x600 [ 56.704815][ T5657] ? __pfx_apparmor_file_open+0x10/0x10 [ 56.710387][ T5657] ? __pfx_chrdev_open+0x10/0x10 [ 56.715356][ T5657] ? security_file_open+0x513/0x990 [ 56.720575][ T5657] ? __pfx_chrdev_open+0x10/0x10 [ 56.725531][ T5657] do_dentry_open+0x978/0x1460 [ 56.730494][ T5657] vfs_open+0x3e/0x330 [ 56.735029][ T5657] path_openat+0x2cb5/0x3b40 [ 56.739645][ T5657] ? mark_lock+0x9a/0x360 [ 56.744201][ T5657] ? __pfx_stack_trace_save+0x10/0x10 [ 56.749693][ T5657] ? __pfx_path_openat+0x10/0x10 [ 56.754661][ T5657] ? __lock_acquire+0x1384/0x2050 [ 56.759815][ T5657] do_filp_open+0x235/0x490 [ 56.764428][ T5657] ? __pfx_do_filp_open+0x10/0x10 [ 56.769480][ T5657] ? _raw_spin_unlock+0x28/0x50 [ 56.774372][ T5657] ? alloc_fd+0x5a1/0x640 [ 56.778834][ T5657] do_sys_openat2+0x13e/0x1d0 [ 56.783550][ T5657] ? __pfx_do_sys_openat2+0x10/0x10 [ 56.788774][ T5657] __x64_sys_openat+0x247/0x2a0 [ 56.793659][ T5657] ? __pfx___x64_sys_openat+0x10/0x10 [ 56.799151][ T5657] ? exc_page_fault+0x590/0x8c0 [ 56.804117][ T5657] ? do_syscall_64+0xb6/0x230 [ 56.808827][ T5657] do_syscall_64+0xf3/0x230 [ 56.813359][ T5657] ? clear_bhb_loop+0x35/0x90 [ 56.818070][ T5657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.824083][ T5657] RIP: 0033:0x7fd811f7def9 [ 56.828709][ T5657] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.848593][ T5657] RSP: 002b:00007ffca2356c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 56.857118][ T5657] RAX: ffffffffffffffda RBX: 00007fd812135f80 RCX: 00007fd811f7def9 [ 56.865120][ T5657] RDX: 0000000000000002 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 56.873208][ T5657] RBP: 00007fd811ff0b76 R08: 0000000000000000 R09: 0000000000000000 [ 56.881286][ T5657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 56.889277][ T5657] R13: 00007fd812135f80 R14: 00007fd812135f80 R15: 0000000000000b44 [ 56.897276][ T5657] [ 56.900313][ T5657] Modules linked in: [ 56.904299][ C1] vkms_vblank_simulate: vblank timer overrun [ 56.910955][ T5657] ---[ end trace 0000000000000000 ]--- [ 56.929396][ T5657] RIP: 0010:fuse_get_req+0x699/0xd40 [ 56.935214][ T5657] Code: 24 50 48 83 c3 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 55 e1 e9 fe 48 8b 1b 48 83 c3 58 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 38 e1 e9 fe 48 8b 1b 81 e3 00 20 [ 56.955016][ C1] vkms_vblank_simulate: vblank timer overrun [ 56.967262][ T5657] RSP: 0018:ffffc900043174c0 EFLAGS: 00010202 [ 56.973973][ T5657] RAX: 000000000000000b RBX: 0000000000000058 RCX: ffffffff8314d542 [ 56.982747][ T5657] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888024ab6030 [ 56.991521][ T5657] RBP: ffffc900043175e8 R08: ffff888024ab6037 R09: 1ffff11004956c06 [ 57.006437][ T5657] R10: dffffc0000000000 R11: ffffed1004956c07 R12: ffff888024ab6000 [ 57.014842][ T5657] R13: dffffc0000000000 R14: ffff88807869e040 R15: ffff888024ab6000 [ 57.023552][ T5657] FS: 0000555587ac4500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 57.032861][ T5657] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 57.039499][ T5657] CR2: 00007ffc8c72cfa8 CR3: 000000002485c000 CR4: 00000000003506f0 [ 57.048141][ T5657] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 57.056510][ T5657] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 57.064762][ T5657] Kernel panic - not syncing: Fatal exception [ 57.071263][ T5657] Kernel Offset: disabled [ 57.075593][ T5657] Rebooting in 86400 seconds..