last executing test programs: 46.003134842s ago: executing program 3 (id=770): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000c40), r0) sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000100000000800", @ANYRES32=0x0, @ANYBLOB="050032000f00000005000f"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80084) 36.73621225s ago: executing program 3 (id=770): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000c40), r0) sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000100000000800", @ANYRES32=0x0, @ANYBLOB="050032000f00000005000f"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80084) 29.309088044s ago: executing program 3 (id=770): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000c40), r0) sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000100000000800", @ANYRES32=0x0, @ANYBLOB="050032000f00000005000f"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80084) 21.877199277s ago: executing program 3 (id=770): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000c40), r0) sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000100000000800", @ANYRES32=0x0, @ANYBLOB="050032000f00000005000f"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80084) 14.40400096s ago: executing program 3 (id=770): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000c40), r0) sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000100000000800", @ANYRES32=0x0, @ANYBLOB="050032000f00000005000f"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80084) 6.536659333s ago: executing program 3 (id=770): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000c40), r0) sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000000000100000000800", @ANYRES32=0x0, @ANYBLOB="050032000f00000005000f"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x80084) 2.351165499s ago: executing program 1 (id=1323): openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000a80)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3b]}, 0x45c) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_CREATE(r0, 0x5501) ioctl$UI_DEV_DESTROY(r0, 0x5502) (fail_nth: 3) 2.130654042s ago: executing program 1 (id=1324): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'w/dno'}}, {@cache_fscache}], [], 0x6b}}) 1.990691154s ago: executing program 1 (id=1325): syz_io_uring_setup(0x6916, &(0x7f00000002c0)={0x0, 0x0, 0x40, 0x0, 0x30}, &(0x7f0000000400)=0x0, &(0x7f0000000380)) (async) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) setsockopt$ax25_int(r2, 0x101, 0xc, &(0x7f0000000440)=0x3, 0x4) (async) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r4 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x7, 0x5, &(0x7f00000015c0)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000b7172fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e5ff00000000000000f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa244d88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f00000000f1a642aca9ff98c9036471ccff0522903e71cf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b707ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c000000000000246000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbb8c2f8ca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef4b96e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd71c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e71c440a85bbed692116e84fa3f8482b729038aa200a895111e3ca400da2fab1e5833ea05819a83130201d50c3ba20d95417cd2b9f9e34194d9375dc2531348b1c25dc728cc93cf67b82a6b57e3e3620690da49991f797e006d25b1fc333f4b9244c2288647b19ef6e9b56ad7b192838806e2bb2b2758163c6aeb6e3600000000000000000000000000000000975907222e8350e48ca81cd13614a5a1727fc5bcdfd270c410164e5f73fb68db7005428e815a8c7e8afef31a911b4f34619da026692d81d626204f20460a51f01e66d0554fea2682b54678d96baa0c10541423c8ad583c12a2da42a7ef2904ae8f8e20b856f03a02622695e2d9c9aa2fafab112e092b49321861cd5ef5e9c4cf"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000040)=r7, 0x4) sendmsg$inet(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="25b096f681cd731c3f3a9badc4e3cf5edeae1f3b5082d7ab3a97c053df68744e7c7e24d0b59997bab4bccff8363b275de3510b0ebe4275d8d2f153395668e3d608e358fc2294263c03f8dc4f8bf194e4fde4600a2dec2f483a914e2fde0cbc344a2b9fc18dd198966045a6d4d4eb8571e8bb69e6724e37fcbaa6e4c64050b47256b9bb17f5c0aa5101e015ecdcb62fec46fc0205512535", 0x97}, {&(0x7f0000000280)="d3a88bea5916e313729a3989393caca70c74cd74e62e524bdd37be131ad827f911027e70ccf679d8e7c0cd3333095f83d6d473db345ded2ac8acaa87503de74c82431758e8e11e3ecb7bce02d6cd65f4eb88cc49ceb9e39f7117eb0f62323dc9b80dea447b0c96a383f14281bb87b09de0a6153ceeaae2b50a2b0f0f41810f379f9c3a1f3938461829d716a4bda86ab11b41f754bc15d71b", 0xfed0}], 0x2}, 0x0) (async) r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r8, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r8, 0x4008af03, &(0x7f00000007c0)) (async) socket$packet(0x11, 0x3, 0x300) r9 = dup(r3) (async) r10 = fcntl$dupfd(r2, 0x0, r6) ioctl$VHOST_SET_VRING_ADDR(r10, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0}) ioctl$VHOST_NET_SET_BACKEND(r10, 0x4008af30, &(0x7f0000000080)={0x0, r9}) r11 = socket$nl_route(0x10, 0x3, 0x0) r12 = socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) (async) sendmsg$NL80211_CMD_START_AP(r12, 0x0, 0x0) (async) sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=ANY=[@ANYRESHEX=r0], 0x24}, 0x1, 0x0, 0x0, 0x80840}, 0x1) (async) syz_open_procfs(0x0, &(0x7f0000000140)='status\x00') syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) 1.300410147s ago: executing program 2 (id=1329): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f0000000300), 0xc4fffffe) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_CONNECT(r1, &(0x7f0000000280)={0x6, 0x118, 0xfa00, {{0x0, 0x0, "bdb727d73a2f2d268746a5b8703fb760d4504416d88503f4814c346818531475d5646ba611a2ac5cb14d1add09bd3dba0b5db03c8919a30c5320a9da9b5f65c4354e6d13890b84719d17a1e4cecde4e3c000f959ff1097bb3a20de0f56820dbf5d5177490e1453a3c91e0322dadafd7dc7cda79f015b68698097c319c9da581123292ba3b3b69a532ddb96a432c0c9655a0e8d430817f41f8dfd8c48576741be67bb297670c57e11dc8e3a46ff59e47bf293b1542922f2974a26376732657f79247645f88b72ef90ad3f9ddc1ca28b7f6c1f411c098b2927315033a7bac6c1370af4894813fe00ad80f4503a3f546c5668859555aad5c00d940e395ef55f3457", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, r2}}, 0x120) sendto$inet(r0, &(0x7f0000000180)="0100000000000000", 0x8, 0x0, &(0x7f0000000340)={0x2, 0x0, @local}, 0x10) recvfrom$inet(r0, 0x0, 0x0, 0x10022, 0x0, 0x4e) r3 = dup(r0) ioctl$I2C_PEC(r3, 0x708, 0x1) 1.300056246s ago: executing program 2 (id=1331): r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf) socket$nl_route(0x10, 0x3, 0x0) io_uring_setup(0x79af, 0x0) r3 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x4, @loopback}, 0x1c) listen(r3, 0x20000005) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) sendto$inet(r4, 0x0, 0x0, 0x20000ff9, &(0x7f0000000240)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r4, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0) recvmsg(r4, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104) r5 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r5, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000180)='wg0\x00', 0x10) r6 = accept4(r3, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r6) 1.220697346s ago: executing program 2 (id=1333): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'w/dno'}}, {@cache_fscache}], [], 0x6b}}) 1.21917183s ago: executing program 1 (id=1335): r0 = userfaultfd(0x80001) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_ZEROPAGE(r1, 0xc018aa06, &(0x7f0000000100)={{&(0x7f00003ea000/0x400000)=nil, 0x400000}, 0x1, 0x1a}) 1.011376972s ago: executing program 1 (id=1336): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) mknod$loop(&(0x7f0000000100)='./file0\x00', 0x0, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x24, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}]}, 0x24}}, 0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003100), r5) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r5, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, r6, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}}, 0x0) r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x126, 0x126, 0x2, [@enum64={0xc, 0x4, 0x0, 0x13, 0x1, 0x0, [{0x7, 0x6, 0x7f}, {0x5, 0x2, 0xffff}, {0x4, 0x4, 0xd487}, {0x2, 0x1, 0x7}]}, @typedef={0x10, 0x0, 0x0, 0x8, 0x5}, @func={0x3, 0x0, 0x0, 0xc, 0x2}, @enum64={0x8, 0x0, 0x0, 0x13, 0x1, 0x6}, @enum={0x8, 0x2, 0x0, 0x6, 0x4, [{0x9, 0x1}, {0xd, 0x5}]}, @const={0xd}, @datasec={0xa, 0xa, 0x0, 0xf, 0x1, [{0x2, 0x8, 0x9}, {0x4, 0x400, 0x2}, {0x5, 0x9, 0x2}, {0x1, 0x1, 0x2}, {0x3, 0x9, 0x3}, {0x4, 0x8, 0x5}, {0x4, 0x8, 0x7}, {0x4, 0x1, 0x5}, {0x5, 0x82c, 0xe1ed}, {0x5, 0x1, 0x4}], '1'}, @datasec={0xe, 0x1, 0x0, 0xf, 0x1, [{0x5, 0x5, 0x8}], '_'}]}}, 0x0, 0x142, 0x0, 0x0, 0x1, 0x0, @void, @value}, 0x28) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x15, 0x8, 0x4, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, r7, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x4}}, 0x0) r8 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) socket$inet(0x2, 0x3, 0x2) syz_open_dev$swradio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) mount(&(0x7f0000000040)=@sr0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='ocfs2\x00', 0xd, 0x0) 1.010913153s ago: executing program 2 (id=1337): r0 = userfaultfd(0x80001) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_ZEROPAGE(r1, 0xc018aa06, &(0x7f0000000100)={{&(0x7f00003ea000/0x400000)=nil, 0x400000}, 0x1}) (fail_nth: 4) 841.590178ms ago: executing program 2 (id=1338): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f0000000380)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000040)=""/2, 0x2, 0x0, 0xd15, 0x0, 0x4, 0x1}}, 0x120) readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000240)=""/80, 0x50}, {&(0x7f00000002c0)=""/179, 0xb3}], 0x2) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}], 0x1) signalfd(r0, &(0x7f0000000180)={[0x4]}, 0x8) syz_emit_ethernet(0xd2, &(0x7f0000000c40)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "142400", 0x9c, 0x2b, 0x0, @private2, @local, {[], {0x0, 0x1, 0x9c, 0x0, @wg=@initiation={0x1, 0x3, "48deb677a37716daeca8b329942d23b8580063e57fc6d6d5089709ac0b31ef53", "729c9214bf733a0cff213cbc9e0341bd60dd9faefd62fe8d0bda399f5a158a52f7c815b7c4655c5b52323f9d9dd67580", "d84b4910aedfaf2f25cac0f5cffe59d6071e325597e1b9ca38159b12", {"c1f922fdc72ef39b6817368485165f9c", "11d38bd93a382251949ca01fdf5a13ea"}}}}}}}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x54, r2, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @multicast1}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}]}]}, 0x54}}, 0x0) write$UHID_DESTROY(r0, &(0x7f0000000200), 0x4) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) 209.906756ms ago: executing program 0 (id=1341): r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf) socket$nl_route(0x10, 0x3, 0x0) io_uring_setup(0x79af, 0x0) r3 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r3, &(0x7f000047b000)={0xa, 0x4e20, 0x4, @loopback}, 0x1c) listen(r3, 0x20000005) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) sendto$inet(r4, 0x0, 0x0, 0x20000ff9, &(0x7f0000000240)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}, 0x10) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r4, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0) recvmsg(r4, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104) r5 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r5, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000180)='wg0\x00', 0x10) r6 = accept4(r3, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r6) 209.520667ms ago: executing program 0 (id=1342): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='romfs\x00', 0x0, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000002c0)={&(0x7f0000000140)="805b11", &(0x7f0000000400)=""/245, &(0x7f0000000180)="bef505993adaea77ffda14f2ed295cc9cb1c5c5c7b549a74ab94deb46ef58520e8dce1caa820568541e89cb5632d498307eeafe085a7bd0faee093bfe10a1ad29d73731867afdab4b920e8e3a0eb33d17403a8ef02859099c07f646a87484659685a44212004f743bf2e9cd2d2d416e254a2c44081d33926b7ee6fb6b46fc25f16a206097f2d5d5126a0678ac33b5d43ad6cfe4c1497ffa7ac7e3f6e655741647136be832a0f14325335b3a5def6", &(0x7f0000000500)="b09816d0dc31f0c1fe1a8a06165c70cf16edc24fd767b20b98cc1e8fc2a63f932c4057d5fbda818111a308b4b728319fbfb9470bacd6cc958a33baa25997b87e482a04dd993729eff39046deaa8382cd0220774d921567a630c6d574c70efd6d50755ae43ee631b9b5972e16101c59c76102282c61c5b86fce5fa8d3f69751fd33ece3b65c9bdcc5545d07e8a3b822ddf879dd0f3619b9d55d00b2673f4b44ecf631840da5e5bb56aab7c091636764522c23019ccc7e977dbf3aad0917b4f86f2de68d78ec69a7ae00", 0x81, r0, 0x4}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x10, &(0x7f0000000240)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ldst={0x3, 0x0, 0x3}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 150.114391ms ago: executing program 0 (id=1343): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) (async) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@ipv4_newroute={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@RTA_SRC={0x8, 0x2, @loopback}]}, 0x24}}, 0x0) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) (async) bind$unix(r1, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000005f40)={0x0, 0x0, &(0x7f0000005f00)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x80b, 0x0, 0x0, {}, [{0x54, 0x1, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) (async) sendmsg$nl_route_sched(r3, &(0x7f0000005f40)={0x0, 0x0, &(0x7f0000005f00)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x80b, 0x0, 0x0, {}, [{0x54, 0x1, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r4, 0xffffffffffffffff, 0x0) 149.7363ms ago: executing program 0 (id=1344): r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYRES64=r0, @ANYRES32=0x0, @ANYRES16=0x0, @ANYBLOB="000000000000000000000000000000000000000000020000000000000002160000615badc47c4f19b643cc5966ab2b0300000000ffffffffffffffff00000000000000000000ff0f000000000000000000000000000080ffffffff00fffffffffff8c77c033dad8aa6"], 0xc4}}, 0x4004) write$uinput_user_dev(r1, &(0x7f0000000a80)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3b]}, 0x45c) ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x2) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1) ioctl$UI_DEV_CREATE(r1, 0x5501) ioctl$UI_DEV_DESTROY(r1, 0x5502) 149.321759ms ago: executing program 1 (id=1345): r0 = userfaultfd(0x80001) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$sock_rose_SIOCRSCLRRT(r1, 0x89e4) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x400}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r2 = userfaultfd(0x80001) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000004580)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x22000c0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0x0) ftruncate(r4, 0x2008002) sendfile(r3, r4, 0x0, 0x80000001) ioctl$UFFDIO_ZEROPAGE(r2, 0xc018aa06, &(0x7f0000000100)={{&(0x7f00003ea000/0x400000)=nil, 0x400000}, 0x1}) 1.033487ms ago: executing program 0 (id=1346): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) mount$9p_fd(0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'w/dno'}}, {@cache_fscache}], [], 0x6b}}) 486.174µs ago: executing program 0 (id=1347): r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) (async) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) (async) r3 = dup3(r2, r1, 0x80000) (async, rerun: 32) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) (rerun: 32) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0) (async) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)) (async) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) (async) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) (async) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1) 0s ago: executing program 2 (id=1348): r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x20001401) ioctl$TUNSETOFFLOAD(r1, 0x4004743b, 0x20004000) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000000080)) sendmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000440)='-', 0x1}], 0x1}}], 0x1, 0x24005051) 0s ago: executing program 0 (id=1349): r0 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x27ff, 0x2800, 0x2800, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}}) kernel console output (not intermixed with test programs): ) entered disabled state [ 135.398320][ T5948] Bluetooth: hci3: command tx timeout [ 135.441396][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 135.447201][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 135.451797][ T12] bond0 (unregistering): Released all slaves [ 135.744053][ T1458] hid-generic 0000:0D17:0000.0024: unknown main item tag 0x0 [ 135.746590][ T1458] hid-generic 0000:0D17:0000.0024: unknown main item tag 0x0 [ 135.756661][ T9110] 9pnet_fd: Insufficient options for proto=fd [ 135.757379][ T1458] hid-generic 0000:0D17:0000.0024: hidraw1: HID v0.00 Device [syz0] on syz1 [ 135.836929][ T12] hsr_slave_0: left promiscuous mode [ 135.847572][ T12] hsr_slave_1: left promiscuous mode [ 135.850885][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.853038][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.855762][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 135.858546][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.881173][ T12] veth1_macvtap: left promiscuous mode [ 135.882687][ T12] veth0_macvtap: left promiscuous mode [ 135.884319][ T12] veth1_vlan: left promiscuous mode [ 135.885847][ T12] veth0_vlan: left promiscuous mode [ 136.667915][ T12] team0 (unregistering): Port device team_slave_1 removed [ 136.758700][ T12] team0 (unregistering): Port device team_slave_0 removed [ 137.476788][ T5948] Bluetooth: hci3: command tx timeout [ 137.565681][ T9142] input: syz1 as /devices/virtual/input/input30 [ 137.637440][ T9000] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 137.641717][ T1458] hid-generic 0000:0D17:0000.0025: unknown main item tag 0x0 [ 137.643681][ T1458] hid-generic 0000:0D17:0000.0025: unknown main item tag 0x0 [ 137.647142][ T9000] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 137.647518][ T1458] hid-generic 0000:0D17:0000.0025: hidraw1: HID v0.00 Device [syz0] on syz1 [ 137.656579][ T9000] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 137.662694][ T9161] 9pnet_fd: Insufficient options for proto=fd [ 137.668805][ T9000] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 137.698497][ T9000] 8021q: adding VLAN 0 to HW filter on device bond0 [ 137.705338][ T9000] 8021q: adding VLAN 0 to HW filter on device team0 [ 137.715236][ T39] kauditd_printk_skb: 65 callbacks suppressed [ 137.715248][ T39] audit: type=1400 audit(1730581054.344:604): avc: denied { getopt } for pid=9135 comm="syz.1.1083" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 137.724352][ T9000] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 137.727713][ T9000] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 137.728027][ T9136] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0) [ 137.734242][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.743772][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.747721][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.747781][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.814096][ T9000] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 137.835444][ T9000] veth0_vlan: entered promiscuous mode [ 137.840926][ T9000] veth1_vlan: entered promiscuous mode [ 137.851331][ T9000] veth0_macvtap: entered promiscuous mode [ 137.854407][ T9000] veth1_macvtap: entered promiscuous mode [ 137.860832][ T9000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 137.863654][ T9000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.868639][ T9000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 137.871388][ T9000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.874564][ T9000] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.882481][ T9000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.885218][ T9000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.887922][ T9000] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 137.890805][ T9000] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 137.895311][ T9000] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.900036][ T9000] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.902336][ T9000] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.904624][ T9000] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.907442][ T9000] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.963160][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.965222][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 137.979977][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 137.982115][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.075894][ T9197] input: syz1 as /devices/virtual/input/input31 [ 138.115682][ T9199] FAULT_INJECTION: forcing a failure. [ 138.115682][ T9199] name failslab, interval 1, probability 0, space 0, times 0 [ 138.115747][ T9199] CPU: 2 UID: 0 PID: 9199 Comm: syz.1.1096 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 138.115760][ T9199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 138.115767][ T9199] Call Trace: [ 138.115771][ T9199] [ 138.115776][ T9199] dump_stack_lvl+0x16c/0x1f0 [ 138.115791][ T9199] should_fail_ex+0x497/0x5b0 [ 138.115804][ T9199] ? fs_reclaim_acquire+0xae/0x150 [ 138.115817][ T9199] should_failslab+0xc2/0x120 [ 138.115830][ T9199] __kmalloc_cache_noprof+0x6b/0x300 [ 138.115842][ T9199] ? drm_atomic_state_alloc+0xb8/0x120 [ 138.115856][ T9199] drm_atomic_state_alloc+0xb8/0x120 [ 138.115868][ T9199] drm_client_modeset_commit_atomic+0xd8/0x800 [ 138.115887][ T9199] ? trace_contention_end+0xea/0x140 [ 138.115899][ T9199] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 138.115923][ T9199] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 138.115944][ T9199] drm_client_modeset_commit_locked+0x14d/0x580 [ 138.115963][ T9199] drm_fb_helper_pan_display+0x2a5/0x990 [ 138.115982][ T9199] fb_pan_display+0x477/0x7d0 [ 138.115995][ T9199] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 138.116012][ T9199] bit_update_start+0x49/0x1f0 [ 138.116027][ T9199] fbcon_switch+0xc11/0x14f0 [ 138.116045][ T9199] ? __pfx_fbcon_switch+0x10/0x10 [ 138.116065][ T9199] ? __pfx_bit_cursor+0x10/0x10 [ 138.116079][ T9199] ? fbcon_cursor+0x409/0x5f0 [ 138.116107][ T9199] ? is_console_locked+0x9/0x20 [ 138.116123][ T9199] ? con_is_visible+0x65/0x150 [ 138.116140][ T9199] redraw_screen+0x2bf/0x760 [ 138.116157][ T9199] ? __pfx_redraw_screen+0x10/0x10 [ 138.116173][ T9199] ? fbcon_set_disp+0x7d/0xe00 [ 138.116184][ T9199] ? rcu_is_watching+0x12/0xc0 [ 138.116200][ T9199] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 138.116215][ T9199] set_con2fb_map+0x79c/0x1060 [ 138.116232][ T9199] fbcon_set_con2fb_map_ioctl+0x16d/0x220 [ 138.116247][ T9199] ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10 [ 138.116263][ T9199] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 138.116286][ T9199] do_fb_ioctl+0x32a/0x7d0 [ 138.116302][ T9199] ? __pfx_do_fb_ioctl+0x10/0x10 [ 138.116320][ T9199] ? do_vfs_ioctl+0x513/0x1990 [ 138.116351][ T9199] ? selinux_file_ioctl+0x180/0x270 [ 138.116367][ T9199] fb_ioctl+0xe5/0x150 [ 138.116381][ T9199] ? __pfx_fb_ioctl+0x10/0x10 [ 138.116397][ T9199] __x64_sys_ioctl+0x18f/0x220 [ 138.116412][ T9199] do_syscall_64+0xcd/0x250 [ 138.116424][ T9199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.116440][ T9199] RIP: 0033:0x7f97c6d7e719 [ 138.116451][ T9199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.116461][ T9199] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 138.116473][ T9199] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 138.116481][ T9199] RDX: 00000000200000c0 RSI: 0000000000004610 RDI: 0000000000000003 [ 138.116488][ T9199] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 138.116494][ T9199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.116501][ T9199] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 138.116516][ T9199] [ 138.282901][ T9203] FAULT_INJECTION: forcing a failure. [ 138.282901][ T9203] name failslab, interval 1, probability 0, space 0, times 0 [ 138.288942][ T9203] CPU: 2 UID: 0 PID: 9203 Comm: syz.1.1098 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 138.292495][ T9203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 138.295295][ T9203] Call Trace: [ 138.296193][ T9203] [ 138.296971][ T9203] dump_stack_lvl+0x16c/0x1f0 [ 138.298253][ T9203] should_fail_ex+0x497/0x5b0 [ 138.299492][ T9203] ? fs_reclaim_acquire+0xae/0x150 [ 138.301634][ T9203] should_failslab+0xc2/0x120 [ 138.303178][ T9203] __kmalloc_noprof+0xcb/0x400 [ 138.304590][ T9203] video_usercopy+0x1ac/0x1600 [ 138.306017][ T9203] ? __pfx___video_do_ioctl+0x10/0x10 [ 138.307494][ T9203] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 138.309610][ T9203] ? __pfx_video_usercopy+0x10/0x10 [ 138.311559][ T9203] v4l2_ioctl+0x1ba/0x250 [ 138.313010][ T9203] ? __pfx_v4l2_ioctl+0x10/0x10 [ 138.314352][ T9203] __x64_sys_ioctl+0x18f/0x220 [ 138.315678][ T9203] do_syscall_64+0xcd/0x250 [ 138.316925][ T9203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.318541][ T9203] RIP: 0033:0x7f97c6d7e719 [ 138.319709][ T9203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.325371][ T9203] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 138.327701][ T9203] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 138.329910][ T9203] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003 [ 138.332541][ T9203] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 138.334886][ T9203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.337149][ T9203] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 138.340089][ T9203] [ 138.369217][ T6002] hid-generic 0000:0D17:0000.0026: unknown main item tag 0x0 [ 138.373735][ T6002] hid-generic 0000:0D17:0000.0026: unknown main item tag 0x0 [ 138.376891][ T6002] hid-generic 0000:0D17:0000.0026: hidraw1: HID v0.00 Device [syz0] on syz1 [ 138.502208][ T9213] FAULT_INJECTION: forcing a failure. [ 138.502208][ T9213] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 138.505669][ T9213] CPU: 2 UID: 0 PID: 9213 Comm: syz.1.1102 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 138.509121][ T9213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 138.513018][ T9213] Call Trace: [ 138.514246][ T9213] [ 138.515320][ T9213] dump_stack_lvl+0x16c/0x1f0 [ 138.517279][ T9213] should_fail_ex+0x497/0x5b0 [ 138.519142][ T9213] _copy_from_user+0x2e/0xd0 [ 138.520957][ T9213] __sys_bpf+0x21c/0x49a0 [ 138.522859][ T9213] ? ksys_write+0x21e/0x260 [ 138.524285][ T9213] ? reacquire_held_locks+0x450/0x4c0 [ 138.525841][ T9213] ? __pfx___sys_bpf+0x10/0x10 [ 138.527084][ T9213] ? vfs_write+0x306/0x1150 [ 138.528481][ T9213] ? __mutex_unlock_slowpath+0x164/0x650 [ 138.530102][ T9213] ? fput+0x30/0x390 [ 138.531221][ T9213] ? ksys_write+0x1ad/0x260 [ 138.532798][ T9213] ? __pfx_ksys_write+0x10/0x10 [ 138.534146][ T9213] __x64_sys_bpf+0x78/0xc0 [ 138.535339][ T9213] ? lockdep_hardirqs_on+0x7c/0x110 [ 138.536863][ T9213] do_syscall_64+0xcd/0x250 [ 138.538534][ T9213] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.540747][ T9213] RIP: 0033:0x7f97c6d7e719 [ 138.542733][ T9213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.549780][ T9213] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 138.553282][ T9213] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 138.555998][ T9213] RDX: 0000000000000094 RSI: 0000000020000340 RDI: 0000000000000005 [ 138.558720][ T9213] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 138.561258][ T9213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.563892][ T9213] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 138.565974][ T9213] [ 138.594985][ T9217] input: syz1 as /devices/virtual/input/input32 [ 138.671209][ T39] audit: type=1400 audit(1730581055.304:605): avc: denied { read } for pid=9220 comm="syz.2.1106" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 138.704004][ T8] hid-generic 0000:0D17:0000.0027: unknown main item tag 0x0 [ 138.707937][ T8] hid-generic 0000:0D17:0000.0027: unknown main item tag 0x0 [ 138.710665][ T8] hid-generic 0000:0D17:0000.0027: hidraw1: HID v0.00 Device [syz0] on syz1 [ 138.731834][ T39] audit: type=1400 audit(1730581055.364:606): avc: denied { read } for pid=9218 comm="syz.1.1105" path="socket:[25735]" dev="sockfs" ino=25735 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 138.739271][ T9224] netlink: 'syz.1.1105': attribute type 1 has an invalid length. [ 138.741315][ T9224] netlink: 512 bytes leftover after parsing attributes in process `syz.1.1105'. [ 138.743859][ T9224] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1105'. [ 138.750618][ T39] audit: type=1400 audit(1730581055.384:607): avc: denied { rmdir } for pid=9218 comm="syz.1.1105" name="file2" dev="9p" ino=36573861 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 138.786848][ T39] audit: type=1400 audit(1730581055.424:608): avc: denied { read } for pid=9229 comm="syz.0.1110" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 138.793063][ T39] audit: type=1400 audit(1730581055.424:609): avc: denied { open } for pid=9229 comm="syz.0.1110" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 138.799232][ T39] audit: type=1400 audit(1730581055.424:610): avc: denied { ioctl } for pid=9229 comm="syz.0.1110" path="/dev/nullb0" dev="devtmpfs" ino=707 ioctlcmd=0x127b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 139.071516][ T39] audit: type=1326 audit(1730581055.704:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9236 comm="syz.0.1112" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdeca97e719 code=0x0 [ 139.645008][ T9240] input: syz1 as /devices/virtual/input/input33 [ 139.820465][ T828] hid-generic 0000:0D17:0000.0028: unknown main item tag 0x0 [ 139.822469][ T828] hid-generic 0000:0D17:0000.0028: unknown main item tag 0x0 [ 139.825150][ T828] hid-generic 0000:0D17:0000.0028: hidraw1: HID v0.00 Device [syz0] on syz1 [ 140.238094][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 140.781350][ T9268] input: syz1 as /devices/virtual/input/input34 [ 140.830583][ T39] audit: type=1400 audit(1730581057.465:612): avc: denied { module_request } for pid=9275 comm="syz.0.1128" kmod="netdev-syzkaller1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 140.854089][ T39] audit: type=1400 audit(1730581057.485:613): avc: denied { connect } for pid=9275 comm="syz.0.1128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 140.867311][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 140.874707][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 140.877351][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 140.881431][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 140.883704][ T5954] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 140.885879][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 140.951223][ T828] hid-generic 0000:0D17:0000.0029: unknown main item tag 0x0 [ 140.953389][ T828] hid-generic 0000:0D17:0000.0029: unknown main item tag 0x0 [ 140.958044][ T9281] lo speed is unknown, defaulting to 1000 [ 140.958330][ T828] hid-generic 0000:0D17:0000.0029: hidraw1: HID v0.00 Device [syz0] on syz1 [ 141.036313][ T9281] chnl_net:caif_netlink_parms(): no params data found [ 141.109297][ T9281] bridge0: port 1(bridge_slave_0) entered blocking state [ 141.111280][ T9281] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.113237][ T9281] bridge_slave_0: entered allmulticast mode [ 141.117090][ T9281] bridge_slave_0: entered promiscuous mode [ 141.119828][ T9281] bridge0: port 2(bridge_slave_1) entered blocking state [ 141.122841][ T9281] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.124784][ T9281] bridge_slave_1: entered allmulticast mode [ 141.127413][ T9281] bridge_slave_1: entered promiscuous mode [ 141.129231][ T9305] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1134'. [ 141.131691][ T9305] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1134'. [ 141.158187][ T9281] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 141.161907][ T9281] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 141.183490][ T9281] team0: Port device team_slave_0 added [ 141.188904][ T9281] team0: Port device team_slave_1 added [ 141.208152][ T9281] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 141.210056][ T9281] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.217618][ T9281] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 141.221283][ T9281] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 141.223159][ T9281] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.229872][ T9281] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 141.263192][ T9281] hsr_slave_0: entered promiscuous mode [ 141.265341][ T9281] hsr_slave_1: entered promiscuous mode [ 141.267170][ T9281] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 141.269170][ T9281] Cannot create hsr debugfs directory [ 141.691617][ T9311] FAULT_INJECTION: forcing a failure. [ 141.691617][ T9311] name failslab, interval 1, probability 0, space 0, times 0 [ 141.691636][ T9311] CPU: 0 UID: 0 PID: 9311 Comm: syz.2.1136 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 141.691650][ T9311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.691657][ T9311] Call Trace: [ 141.691661][ T9311] [ 141.691666][ T9311] dump_stack_lvl+0x16c/0x1f0 [ 141.691681][ T9311] should_fail_ex+0x497/0x5b0 [ 141.691694][ T9311] ? fs_reclaim_acquire+0xae/0x150 [ 141.691707][ T9311] should_failslab+0xc2/0x120 [ 141.691722][ T9311] __kmalloc_noprof+0xcb/0x400 [ 141.691738][ T9311] drm_atomic_state_init+0xe4/0x320 [ 141.691750][ T9311] ? __kasan_kmalloc+0xaa/0xb0 [ 141.691762][ T9311] drm_atomic_state_alloc+0xd3/0x120 [ 141.691774][ T9311] drm_client_modeset_commit_atomic+0xd8/0x800 [ 141.691793][ T9311] ? trace_contention_end+0xea/0x140 [ 141.691806][ T9311] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 141.691830][ T9311] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 141.691852][ T9311] drm_client_modeset_commit_locked+0x14d/0x580 [ 141.691870][ T9311] drm_fb_helper_pan_display+0x2a5/0x990 [ 141.691889][ T9311] fb_pan_display+0x477/0x7d0 [ 141.691902][ T9311] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 141.691918][ T9311] bit_update_start+0x49/0x1f0 [ 141.691933][ T9311] fbcon_switch+0xc11/0x14f0 [ 141.691951][ T9311] ? __pfx_fbcon_switch+0x10/0x10 [ 141.691971][ T9311] ? __pfx_bit_cursor+0x10/0x10 [ 141.691985][ T9311] ? fbcon_cursor+0x409/0x5f0 [ 141.691999][ T9311] ? is_console_locked+0x9/0x20 [ 141.692014][ T9311] ? con_is_visible+0x65/0x150 [ 141.692031][ T9311] redraw_screen+0x2bf/0x760 [ 141.692048][ T9311] ? __pfx_redraw_screen+0x10/0x10 [ 141.692064][ T9311] ? fbcon_set_disp+0x7d/0xe00 [ 141.692076][ T9311] ? rcu_is_watching+0x12/0xc0 [ 141.692091][ T9311] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 141.692106][ T9311] set_con2fb_map+0x79c/0x1060 [ 141.692123][ T9311] fbcon_set_con2fb_map_ioctl+0x16d/0x220 [ 141.692138][ T9311] ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10 [ 141.692155][ T9311] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 141.692173][ T9311] do_fb_ioctl+0x32a/0x7d0 [ 141.692189][ T9311] ? __pfx_do_fb_ioctl+0x10/0x10 [ 141.692208][ T9311] ? do_vfs_ioctl+0x513/0x1990 [ 141.692240][ T9311] ? selinux_file_ioctl+0x180/0x270 [ 141.692255][ T9311] fb_ioctl+0xe5/0x150 [ 141.692276][ T9311] ? __pfx_fb_ioctl+0x10/0x10 [ 141.692292][ T9311] __x64_sys_ioctl+0x18f/0x220 [ 141.692308][ T9311] do_syscall_64+0xcd/0x250 [ 141.692319][ T9311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.692335][ T9311] RIP: 0033:0x7efc2197e719 [ 141.692356][ T9311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.692368][ T9311] RSP: 002b:00007efc22747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 141.692380][ T9311] RAX: ffffffffffffffda RBX: 00007efc21b35f80 RCX: 00007efc2197e719 [ 141.692387][ T9311] RDX: 00000000200000c0 RSI: 0000000000004610 RDI: 0000000000000003 [ 141.692394][ T9311] RBP: 00007efc22747090 R08: 0000000000000000 R09: 0000000000000000 [ 141.692401][ T9311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.692408][ T9311] R13: 0000000000000000 R14: 00007efc21b35f80 R15: 00007ffe569a1208 [ 141.692422][ T9311] [ 141.814093][ T9313] FAULT_INJECTION: forcing a failure. [ 141.814093][ T9313] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.818960][ T9313] CPU: 0 UID: 0 PID: 9313 Comm: syz.2.1137 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 141.822864][ T9313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.826862][ T9313] Call Trace: [ 141.828058][ T9313] [ 141.829133][ T9313] dump_stack_lvl+0x16c/0x1f0 [ 141.830852][ T9313] should_fail_ex+0x497/0x5b0 [ 141.832556][ T9313] _copy_from_user+0x2e/0xd0 [ 141.834189][ T9313] video_usercopy+0xed4/0x1600 [ 141.835878][ T9313] ? __pfx___video_do_ioctl+0x10/0x10 [ 141.837854][ T9313] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 141.840898][ T9313] ? __pfx_video_usercopy+0x10/0x10 [ 141.842895][ T9313] v4l2_ioctl+0x1ba/0x250 [ 141.844399][ T9313] ? __pfx_v4l2_ioctl+0x10/0x10 [ 141.846296][ T9313] __x64_sys_ioctl+0x18f/0x220 [ 141.848408][ T9313] do_syscall_64+0xcd/0x250 [ 141.850140][ T9313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.850172][ T9313] RIP: 0033:0x7efc2197e719 [ 141.850189][ T9313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.858996][ T9313] RSP: 002b:00007efc22747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 141.861401][ T9313] RAX: ffffffffffffffda RBX: 00007efc21b35f80 RCX: 00007efc2197e719 [ 141.863719][ T9313] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003 [ 141.865898][ T9313] RBP: 00007efc22747090 R08: 0000000000000000 R09: 0000000000000000 [ 141.868537][ T9313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.870998][ T9313] R13: 0000000000000000 R14: 00007efc21b35f80 R15: 00007ffe569a1208 [ 141.873759][ T9313] [ 141.874157][ T9315] input: syz1 as /devices/virtual/input/input35 [ 142.016421][ T30] kernel write not supported for file /full (pid: 30 comm: kworker/1:0) [ 142.022872][ T9322] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 142.036308][ T9321] netlink: 'syz.1.1141': attribute type 1 has an invalid length. [ 142.038396][ T9321] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.1141'. [ 142.044523][ T8] hid-generic 0000:0D17:0000.002A: unknown main item tag 0x0 [ 142.046685][ T8] hid-generic 0000:0D17:0000.002A: unknown main item tag 0x0 [ 142.049266][ T8] hid-generic 0000:0D17:0000.002A: hidraw1: HID v0.00 Device [syz0] on syz1 [ 142.126593][ T9329] FAULT_INJECTION: forcing a failure. [ 142.126593][ T9329] name failslab, interval 1, probability 0, space 0, times 0 [ 142.130810][ T9329] CPU: 2 UID: 0 PID: 9329 Comm: syz.1.1144 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 142.133573][ T9329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 142.136297][ T9329] Call Trace: [ 142.137123][ T9329] [ 142.137892][ T9329] dump_stack_lvl+0x16c/0x1f0 [ 142.139216][ T9329] should_fail_ex+0x497/0x5b0 [ 142.140622][ T9329] ? fs_reclaim_acquire+0xae/0x150 [ 142.142038][ T9329] should_failslab+0xc2/0x120 [ 142.143305][ T9329] __kmalloc_cache_node_noprof+0x6e/0x350 [ 142.144833][ T9329] ? __get_vm_area_node+0xe1/0x2d0 [ 142.146279][ T9329] __get_vm_area_node+0xe1/0x2d0 [ 142.147546][ T9329] __vmalloc_node_range_noprof+0x26a/0x15a0 [ 142.149052][ T9329] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.150487][ T9329] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.152115][ T9329] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 142.153878][ T9329] ? __pfx___lock_acquire+0x10/0x10 [ 142.155434][ T9329] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.156888][ T9329] __vmalloc_noprof+0x6d/0x90 [ 142.158132][ T9329] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.159926][ T9329] bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.161491][ T9329] ? security_capable+0x7e/0x260 [ 142.162815][ T9329] bpf_prog_alloc+0x3b/0x230 [ 142.164191][ T9329] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 142.165883][ T9329] bpf_prog_load+0x159e/0x2660 [ 142.167232][ T9329] ? __pfx_bpf_prog_load+0x10/0x10 [ 142.168632][ T9329] ? avc_has_perm_noaudit+0x143/0x3a0 [ 142.170155][ T9329] ? selinux_bpf+0xde/0x130 [ 142.171733][ T9329] __sys_bpf+0x402b/0x49a0 [ 142.172897][ T9329] ? ksys_write+0x21e/0x260 [ 142.174101][ T9329] ? reacquire_held_locks+0x450/0x4c0 [ 142.175618][ T9329] ? __pfx___sys_bpf+0x10/0x10 [ 142.176885][ T9329] ? vfs_write+0x306/0x1150 [ 142.178721][ T9329] ? __mutex_unlock_slowpath+0x164/0x650 [ 142.180197][ T9329] ? fput+0x30/0x390 [ 142.181255][ T9329] ? ksys_write+0x1ad/0x260 [ 142.182873][ T9329] ? __pfx_ksys_write+0x10/0x10 [ 142.184534][ T9329] __x64_sys_bpf+0x78/0xc0 [ 142.184561][ T9329] ? lockdep_hardirqs_on+0x7c/0x110 [ 142.184589][ T9329] do_syscall_64+0xcd/0x250 [ 142.184610][ T9329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.184637][ T9329] RIP: 0033:0x7f97c6d7e719 [ 142.184653][ T9329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.184672][ T9329] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 142.184693][ T9329] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 142.184706][ T9329] RDX: 0000000000000094 RSI: 0000000020000340 RDI: 0000000000000005 [ 142.184719][ T9329] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 142.184731][ T9329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.184744][ T9329] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 142.184768][ T9329] [ 142.186747][ T9329] warn_alloc: 1 callbacks suppressed [ 142.186761][ T9329] syz.1.1144: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null) [ 142.217698][ T9331] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1145'. [ 142.218794][ T9329] ,cpuset=syz1,mems_allowed=0-1 [ 142.225615][ T9329] CPU: 2 UID: 0 PID: 9329 Comm: syz.1.1144 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 142.228350][ T9329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 142.231077][ T9329] Call Trace: [ 142.231955][ T9329] [ 142.232979][ T9329] dump_stack_lvl+0x16c/0x1f0 [ 142.234699][ T9329] warn_alloc+0x24d/0x3a0 [ 142.235843][ T9329] ? __pfx_warn_alloc+0x10/0x10 [ 142.237149][ T9329] ? rcu_is_watching+0x12/0xc0 [ 142.238458][ T9329] ? trace_kmalloc+0x2d/0xe0 [ 142.239668][ T9329] ? __kasan_kmalloc+0x8a/0xb0 [ 142.240923][ T9329] ? __get_vm_area_node+0x1bc/0x2d0 [ 142.242366][ T9329] __vmalloc_node_range_noprof+0xd27/0x15a0 [ 142.243895][ T9329] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.245349][ T9329] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 142.247252][ T9329] ? __pfx___lock_acquire+0x10/0x10 [ 142.248615][ T9329] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.250053][ T9329] __vmalloc_noprof+0x6d/0x90 [ 142.251232][ T9329] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.252906][ T9329] bpf_prog_alloc_no_stats+0x54/0x5d0 [ 142.254544][ T9329] ? security_capable+0x7e/0x260 [ 142.256037][ T9329] bpf_prog_alloc+0x3b/0x230 [ 142.257359][ T9329] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 142.259204][ T9329] bpf_prog_load+0x159e/0x2660 [ 142.260676][ T9329] ? __pfx_bpf_prog_load+0x10/0x10 [ 142.262082][ T9329] ? avc_has_perm_noaudit+0x143/0x3a0 [ 142.263489][ T9329] ? selinux_bpf+0xde/0x130 [ 142.264698][ T9329] __sys_bpf+0x402b/0x49a0 [ 142.265892][ T9329] ? ksys_write+0x21e/0x260 [ 142.267092][ T9329] ? reacquire_held_locks+0x450/0x4c0 [ 142.268490][ T9329] ? __pfx___sys_bpf+0x10/0x10 [ 142.269743][ T9329] ? vfs_write+0x306/0x1150 [ 142.270937][ T9329] ? __mutex_unlock_slowpath+0x164/0x650 [ 142.272401][ T9329] ? fput+0x30/0x390 [ 142.273431][ T9329] ? ksys_write+0x1ad/0x260 [ 142.274642][ T9329] ? __pfx_ksys_write+0x10/0x10 [ 142.275929][ T9329] __x64_sys_bpf+0x78/0xc0 [ 142.277100][ T9329] ? lockdep_hardirqs_on+0x7c/0x110 [ 142.278483][ T9329] do_syscall_64+0xcd/0x250 [ 142.279674][ T9329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.281194][ T9329] RIP: 0033:0x7f97c6d7e719 [ 142.282368][ T9329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.287253][ T9329] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 142.289378][ T9329] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 142.291776][ T9329] RDX: 0000000000000094 RSI: 0000000020000340 RDI: 0000000000000005 [ 142.294093][ T9329] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 142.296148][ T9329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.298821][ T9329] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 142.301078][ T9329] [ 142.316262][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.324573][ T9329] Mem-Info: [ 142.324727][ T9333] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1145'. [ 142.325507][ T9329] active_anon:1509 inactive_anon:4640 isolated_anon:0 [ 142.325507][ T9329] active_file:9679 inactive_file:25457 isolated_file:0 [ 142.325507][ T9329] unevictable:1768 dirty:123 writeback:0 [ 142.325507][ T9329] slab_reclaimable:6988 slab_unreclaimable:75114 [ 142.325507][ T9329] mapped:18326 shmem:2569 pagetables:693 [ 142.325507][ T9329] sec_pagetables:312 bounce:0 [ 142.325507][ T9329] kernel_misc_reclaimable:0 [ 142.325507][ T9329] free:499950 free_pcp:3040 free_cma:0 [ 142.325538][ T9329] Node 0 active_anon:6036kB inactive_anon:18560kB active_file:38716kB inactive_file:98540kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:73304kB dirty:488kB writeback:0kB shmem:6740kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12144kB pagetables:2772kB sec_pagetables:1248kB all_unreclaimable? no [ 142.325586][ T9329] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:3288kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 142.364680][ T9329] Node 0 DMA free:15224kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:100kB local_pcp:0kB free_cma:0kB [ 142.372218][ T9329] lowmem_reserve[]: 0 1214 0 0 0 [ 142.373648][ T9329] Node 0 DMA32 free:395628kB boost:0kB min:27636kB low:34544kB high:41452kB reserved_highatomic:0KB active_anon:6036kB inactive_anon:18560kB active_file:38716kB inactive_file:98540kB unevictable:3536kB writepending:488kB present:2080628kB managed:1272192kB mlocked:0kB bounce:0kB free_pcp:11980kB local_pcp:9548kB free_cma:0kB [ 142.381547][ T9329] lowmem_reserve[]: 0 0 0 0 0 [ 142.382911][ T9329] Node 1 Normal free:1588184kB boost:0kB min:39600kB low:49500kB high:59400kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:3288kB unevictable:3536kB writepending:4kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:0kB free_cma:0kB [ 142.390314][ T9329] lowmem_reserve[]: 0 0 0 0 0 [ 142.391696][ T9329] Node 0 DMA: 2*4kB (U) 2*8kB (U) 2*16kB (U) 4*32kB (U) 5*64kB (U) 3*128kB (U) 2*256kB (U) 1*512kB (U) 1*1024kB (U) 2*2048kB (U) 2*4096kB (U) = 15224kB [ 142.395909][ T9329] Node 0 DMA32: 2*4kB (E) 334*8kB (UME) 103*16kB (UME) 245*32kB (UME) 135*64kB (UME) 221*128kB (UME) 205*256kB (UME) 138*512kB (UME) 84*1024kB (UM) 27*2048kB (UM) 20*4096kB (UM) = 395464kB [ 142.400671][ T9329] Node 1 Normal: 2*4kB (M) 12*8kB (UME) 49*16kB (UME) 127*32kB (UME) 64*64kB (UME) 27*128kB (UME) 15*256kB (UME) 8*512kB (UM) 5*1024kB (UME) 5*2048kB (U) 379*4096kB (UM) = 1588184kB [ 142.406039][ T9329] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 142.408442][ T9329] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 142.410915][ T9329] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 142.413403][ T9329] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 142.416203][ T9329] 37705 total pagecache pages [ 142.417477][ T9329] 0 pages in swap cache [ 142.418548][ T9329] Free swap = 123964kB [ 142.419599][ T9329] Total swap = 124996kB [ 142.422661][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.424516][ T9329] 1048443 pages RAM [ 142.426517][ T9329] 0 pages HighMem/MovableOnly [ 142.427747][ T9329] 281074 pages reserved [ 142.428844][ T9329] 0 pages cma reserved [ 142.475275][ T30] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 142.502216][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.601204][ T11] bridge_slave_1: left allmulticast mode [ 142.602870][ T11] bridge_slave_1: left promiscuous mode [ 142.604767][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.608064][ T11] bridge_slave_0: left allmulticast mode [ 142.609971][ T11] bridge_slave_0: left promiscuous mode [ 142.611763][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.636055][ T30] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 142.638290][ T30] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 142.641932][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 142.645369][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 142.648252][ T30] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 142.651563][ T30] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 142.653898][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.659716][ T30] usb 5-1: config 0 descriptor?? [ 142.661873][ T9335] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 142.772601][ T7363] hid-generic 0000:0D17:0000.002B: unknown main item tag 0x0 [ 142.775798][ T7363] hid-generic 0000:0D17:0000.002B: unknown main item tag 0x0 [ 142.779584][ T7363] hid-generic 0000:0D17:0000.002B: hidraw1: HID v0.00 Device [syz0] on syz1 [ 142.920215][ T5948] Bluetooth: hci3: command tx timeout [ 142.924088][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 142.928755][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 142.932463][ T11] bond0 (unregistering): Released all slaves [ 143.070319][ T30] plantronics 0003:047F:FFFF.002C: unknown main item tag 0xd [ 143.074916][ T30] plantronics 0003:047F:FFFF.002C: No inputs registered, leaving [ 143.090369][ T30] plantronics 0003:047F:FFFF.002C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 143.313621][ T11] hsr_slave_0: left promiscuous mode [ 143.325822][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 143.325833][ T39] audit: type=1400 audit(1730581059.966:617): avc: denied { accept } for pid=9334 comm="syz.0.1146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 143.334729][ T11] hsr_slave_1: left promiscuous mode [ 143.339863][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 143.341931][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 143.345964][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 143.348312][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 143.351565][ T30] usb 5-1: USB disconnect, device number 8 [ 143.373894][ T11] veth1_macvtap: left promiscuous mode [ 143.375522][ T11] veth0_macvtap: left promiscuous mode [ 143.376972][ T11] veth1_vlan: left promiscuous mode [ 143.378404][ T11] veth0_vlan: left promiscuous mode [ 143.947861][ T9372] syz.2.1155 (9372): drop_caches: 1 [ 143.986192][ T9372] syz.2.1155 (9372): drop_caches: 1 [ 144.223285][ T11] team0 (unregistering): Port device team_slave_1 removed [ 144.234573][ T8] hid-generic 0000:0D17:0000.002D: unknown main item tag 0x0 [ 144.237373][ T8] hid-generic 0000:0D17:0000.002D: unknown main item tag 0x0 [ 144.241521][ T8] hid-generic 0000:0D17:0000.002D: hidraw1: HID v0.00 Device [syz0] on syz1 [ 144.357220][ T11] team0 (unregistering): Port device team_slave_0 removed [ 144.974014][ T9390] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1156'. [ 144.993984][ T5948] Bluetooth: hci3: command tx timeout [ 144.996124][ T9281] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 144.999470][ T9281] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 145.003330][ T9281] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 145.017403][ T9281] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 145.061104][ T9281] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.080103][ T9281] 8021q: adding VLAN 0 to HW filter on device team0 [ 145.090410][ T1172] bridge0: port 1(bridge_slave_0) entered blocking state [ 145.092438][ T1172] bridge0: port 1(bridge_slave_0) entered forwarding state [ 145.095357][ T1172] bridge0: port 2(bridge_slave_1) entered blocking state [ 145.097241][ T1172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 145.234792][ T9281] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 145.253107][ T9281] veth0_vlan: entered promiscuous mode [ 145.254234][ T8] hid-generic 0000:0D17:0000.002E: unknown main item tag 0x0 [ 145.256822][ T8] hid-generic 0000:0D17:0000.002E: unknown main item tag 0x0 [ 145.261625][ T8] hid-generic 0000:0D17:0000.002E: hidraw1: HID v0.00 Device [syz0] on syz1 [ 145.264566][ T9281] veth1_vlan: entered promiscuous mode [ 145.283726][ T9281] veth0_macvtap: entered promiscuous mode [ 145.287246][ T9281] veth1_macvtap: entered promiscuous mode [ 145.294157][ T9281] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.297243][ T9281] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.299833][ T9281] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.302648][ T9281] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.306744][ T9281] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 145.310830][ T9281] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.314160][ T9281] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.317372][ T9281] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.320182][ T9281] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.323934][ T9281] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.327611][ T9281] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.330126][ T9281] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.333705][ T9281] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.335992][ T9281] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.371429][ T9193] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.374531][ T9193] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.388326][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.390410][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.688163][ T9445] FAULT_INJECTION: forcing a failure. [ 145.688163][ T9445] name failslab, interval 1, probability 0, space 0, times 0 [ 145.688196][ T9445] CPU: 0 UID: 0 PID: 9445 Comm: syz.0.1175 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 145.688225][ T9445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 145.688238][ T9445] Call Trace: [ 145.688245][ T9445] [ 145.688254][ T9445] dump_stack_lvl+0x16c/0x1f0 [ 145.688278][ T9445] should_fail_ex+0x497/0x5b0 [ 145.688299][ T9445] ? fs_reclaim_acquire+0xae/0x150 [ 145.688322][ T9445] should_failslab+0xc2/0x120 [ 145.688347][ T9445] __kmalloc_noprof+0xcb/0x400 [ 145.688376][ T9445] drm_atomic_state_init+0x17e/0x320 [ 145.688396][ T9445] ? __kasan_kmalloc+0xaa/0xb0 [ 145.688424][ T9445] drm_atomic_state_alloc+0xd3/0x120 [ 145.688446][ T9445] drm_client_modeset_commit_atomic+0xd8/0x800 [ 145.688498][ T9445] ? trace_contention_end+0xea/0x140 [ 145.688522][ T9445] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 145.688568][ T9445] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 145.688607][ T9445] drm_client_modeset_commit_locked+0x14d/0x580 [ 145.688640][ T9445] drm_fb_helper_pan_display+0x2a5/0x990 [ 145.688678][ T9445] fb_pan_display+0x477/0x7d0 [ 145.688701][ T9445] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 145.688731][ T9445] bit_update_start+0x49/0x1f0 [ 145.688757][ T9445] fbcon_switch+0xc11/0x14f0 [ 145.688789][ T9445] ? __pfx_fbcon_switch+0x10/0x10 [ 145.688829][ T9445] ? __pfx_bit_cursor+0x10/0x10 [ 145.688854][ T9445] ? fbcon_cursor+0x409/0x5f0 [ 145.688879][ T9445] ? is_console_locked+0x9/0x20 [ 145.688906][ T9445] ? con_is_visible+0x65/0x150 [ 145.688935][ T9445] redraw_screen+0x2bf/0x760 [ 145.688967][ T9445] ? __pfx_redraw_screen+0x10/0x10 [ 145.688996][ T9445] ? fbcon_set_disp+0x7d/0xe00 [ 145.689016][ T9445] ? rcu_is_watching+0x12/0xc0 [ 145.689043][ T9445] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 145.689071][ T9445] set_con2fb_map+0x79c/0x1060 [ 145.689102][ T9445] fbcon_set_con2fb_map_ioctl+0x16d/0x220 [ 145.689129][ T9445] ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10 [ 145.689160][ T9445] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 145.689192][ T9445] do_fb_ioctl+0x32a/0x7d0 [ 145.689228][ T9445] ? __pfx_do_fb_ioctl+0x10/0x10 [ 145.689262][ T9445] ? do_vfs_ioctl+0x513/0x1990 [ 145.689325][ T9445] ? selinux_file_ioctl+0x180/0x270 [ 145.689354][ T9445] fb_ioctl+0xe5/0x150 [ 145.689380][ T9445] ? __pfx_fb_ioctl+0x10/0x10 [ 145.689409][ T9445] __x64_sys_ioctl+0x18f/0x220 [ 145.689461][ T9445] do_syscall_64+0xcd/0x250 [ 145.689483][ T9445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.689512][ T9445] RIP: 0033:0x7fdeca97e719 [ 145.689529][ T9445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.689548][ T9445] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 145.689569][ T9445] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 145.689583][ T9445] RDX: 00000000200000c0 RSI: 0000000000004610 RDI: 0000000000000003 [ 145.689596][ T9445] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 0000000000000000 [ 145.689608][ T9445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.689620][ T9445] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 145.689648][ T9445] [ 145.880315][ T9452] FAULT_INJECTION: forcing a failure. [ 145.880315][ T9452] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 145.884918][ T9452] CPU: 1 UID: 0 PID: 9452 Comm: syz.1.1178 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 145.888508][ T9452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 145.892130][ T9452] Call Trace: [ 145.893281][ T9452] [ 145.894505][ T9452] dump_stack_lvl+0x16c/0x1f0 [ 145.896161][ T9452] should_fail_ex+0x497/0x5b0 [ 145.897874][ T9452] _copy_to_user+0x32/0xd0 [ 145.899408][ T9452] video_usercopy+0xf37/0x1600 [ 145.901043][ T9452] ? __pfx___video_do_ioctl+0x10/0x10 [ 145.902865][ T9452] ? __pfx_video_usercopy+0x10/0x10 [ 145.904640][ T9452] v4l2_ioctl+0x1ba/0x250 [ 145.906107][ T9452] ? __pfx_v4l2_ioctl+0x10/0x10 [ 145.907755][ T9452] __x64_sys_ioctl+0x18f/0x220 [ 145.909381][ T9452] do_syscall_64+0xcd/0x250 [ 145.910952][ T9452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.913159][ T9452] RIP: 0033:0x7f97c6d7e719 [ 145.914694][ T9452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.921350][ T9452] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 145.924311][ T9452] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 145.927019][ T9452] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003 [ 145.929734][ T9452] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 145.932433][ T9452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.935006][ T9452] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 145.937249][ T9452] [ 146.102384][ T9458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1181'. [ 146.105318][ T9458] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1181'. [ 146.156318][ T9464] FAULT_INJECTION: forcing a failure. [ 146.156318][ T9464] name failslab, interval 1, probability 0, space 0, times 0 [ 146.159833][ T9464] CPU: 2 UID: 0 PID: 9464 Comm: syz.1.1184 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 146.162890][ T9464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 146.166046][ T9464] Call Trace: [ 146.167072][ T9464] [ 146.168047][ T9464] dump_stack_lvl+0x16c/0x1f0 [ 146.169265][ T9464] should_fail_ex+0x497/0x5b0 [ 146.170503][ T9464] ? fs_reclaim_acquire+0xae/0x150 [ 146.171809][ T9464] should_failslab+0xc2/0x120 [ 146.173050][ T9464] __kmalloc_node_noprof+0xd1/0x430 [ 146.174629][ T9464] ? __vmalloc_node_range_noprof+0x3d8/0x15a0 [ 146.176216][ T9464] __vmalloc_node_range_noprof+0x3d8/0x15a0 [ 146.177754][ T9464] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 146.179203][ T9464] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 146.181103][ T9464] ? __pfx___lock_acquire+0x10/0x10 [ 146.182618][ T9464] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 146.184135][ T9464] __vmalloc_noprof+0x6d/0x90 [ 146.185400][ T9464] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 146.186890][ T9464] bpf_prog_alloc_no_stats+0x54/0x5d0 [ 146.188436][ T9464] ? security_capable+0x7e/0x260 [ 146.189881][ T9464] bpf_prog_alloc+0x3b/0x230 [ 146.191118][ T9464] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 146.192682][ T9464] bpf_prog_load+0x159e/0x2660 [ 146.193959][ T9464] ? __pfx_bpf_prog_load+0x10/0x10 [ 146.195317][ T9464] ? avc_has_perm_noaudit+0x143/0x3a0 [ 146.196743][ T9464] ? selinux_bpf+0xde/0x130 [ 146.198088][ T9464] __sys_bpf+0x402b/0x49a0 [ 146.199268][ T9464] ? ksys_write+0x21e/0x260 [ 146.200597][ T9464] ? reacquire_held_locks+0x450/0x4c0 [ 146.202129][ T9464] ? __pfx___sys_bpf+0x10/0x10 [ 146.203392][ T9464] ? vfs_write+0x306/0x1150 [ 146.204601][ T9464] ? __mutex_unlock_slowpath+0x164/0x650 [ 146.206084][ T9464] ? fput+0x30/0x390 [ 146.207130][ T9464] ? ksys_write+0x1ad/0x260 [ 146.208445][ T9464] ? __pfx_ksys_write+0x10/0x10 [ 146.209729][ T9464] __x64_sys_bpf+0x78/0xc0 [ 146.211018][ T9464] ? lockdep_hardirqs_on+0x7c/0x110 [ 146.212402][ T9464] do_syscall_64+0xcd/0x250 [ 146.213634][ T9464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.215188][ T9464] RIP: 0033:0x7f97c6d7e719 [ 146.216355][ T9464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.216369][ T9464] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 146.216381][ T9464] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 146.216388][ T9464] RDX: 0000000000000094 RSI: 0000000020000340 RDI: 0000000000000005 [ 146.216395][ T9464] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 146.216402][ T9464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.216409][ T9464] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 146.234968][ T9464] [ 146.288887][ T39] audit: type=1400 audit(1730581062.927:618): avc: denied { listen } for pid=9473 comm="syz.2.1188" lport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 146.418611][ T35] hid-generic 0000:0D17:0000.002F: unknown main item tag 0x0 [ 146.421551][ T35] hid-generic 0000:0D17:0000.002F: unknown main item tag 0x0 [ 146.427138][ T35] hid-generic 0000:0D17:0000.002F: hidraw1: HID v0.00 Device [syz0] on syz1 [ 146.513844][ T9480] sp0: Synchronizing with TNC [ 146.519193][ T9480] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1189'. [ 146.523076][ T9480] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 146.532056][ T9480] sp0: Found TNC [ 147.160202][ T9476] [U] è` [ 147.466206][ T9513] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1198'. [ 147.468657][ T9513] netlink: 'syz.0.1198': attribute type 7 has an invalid length. [ 147.470665][ T9513] netlink: 'syz.0.1198': attribute type 12 has an invalid length. [ 147.477287][ T9513] vxlan0: entered promiscuous mode [ 147.691212][ T9521] xt_hashlimit: size too large, truncated to 1048576 [ 147.729306][ T9193] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.427466][ T9528] FAULT_INJECTION: forcing a failure. [ 148.427466][ T9528] name failslab, interval 1, probability 0, space 0, times 0 [ 148.427557][ T9528] CPU: 3 UID: 0 PID: 9528 Comm: syz.0.1205 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 148.427581][ T9528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 148.427592][ T9528] Call Trace: [ 148.427598][ T9528] [ 148.427606][ T9528] dump_stack_lvl+0x16c/0x1f0 [ 148.427624][ T9528] should_fail_ex+0x497/0x5b0 [ 148.427644][ T9528] ? fs_reclaim_acquire+0xae/0x150 [ 148.427666][ T9528] should_failslab+0xc2/0x120 [ 148.427688][ T9528] __kmalloc_cache_noprof+0x6b/0x300 [ 148.427706][ T9528] ? ww_mutex_lock+0x37/0x140 [ 148.427719][ T9528] ? drm_atomic_helper_plane_duplicate_state+0x70/0xd0 [ 148.427751][ T9528] drm_atomic_helper_plane_duplicate_state+0x70/0xd0 [ 148.427779][ T9528] drm_atomic_get_plane_state+0x20b/0x590 [ 148.427809][ T9528] drm_client_modeset_commit_atomic+0x246/0x800 [ 148.427835][ T9528] ? trace_contention_end+0xea/0x140 [ 148.427855][ T9528] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 148.427896][ T9528] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 148.427921][ T9528] drm_client_modeset_commit_locked+0x14d/0x580 [ 148.427939][ T9528] drm_fb_helper_pan_display+0x2a5/0x990 [ 148.427960][ T9528] fb_pan_display+0x477/0x7d0 [ 148.427973][ T9528] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 148.427989][ T9528] bit_update_start+0x49/0x1f0 [ 148.428005][ T9528] fbcon_switch+0xc11/0x14f0 [ 148.428022][ T9528] ? __pfx_fbcon_switch+0x10/0x10 [ 148.428043][ T9528] ? __pfx_bit_cursor+0x10/0x10 [ 148.428064][ T9528] ? fbcon_cursor+0x409/0x5f0 [ 148.428079][ T9528] ? is_console_locked+0x9/0x20 [ 148.428094][ T9528] ? con_is_visible+0x65/0x150 [ 148.428111][ T9528] redraw_screen+0x2bf/0x760 [ 148.428131][ T9528] ? __pfx_redraw_screen+0x10/0x10 [ 148.428157][ T9528] ? fbcon_set_disp+0x7d/0xe00 [ 148.428169][ T9528] ? rcu_is_watching+0x12/0xc0 [ 148.428184][ T9528] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 148.428199][ T9528] set_con2fb_map+0x79c/0x1060 [ 148.428221][ T9528] fbcon_set_con2fb_map_ioctl+0x16d/0x220 [ 148.428236][ T9528] ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10 [ 148.428252][ T9528] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 148.428270][ T9528] do_fb_ioctl+0x32a/0x7d0 [ 148.428287][ T9528] ? __pfx_do_fb_ioctl+0x10/0x10 [ 148.428306][ T9528] ? do_vfs_ioctl+0x513/0x1990 [ 148.428338][ T9528] ? selinux_file_ioctl+0x180/0x270 [ 148.428353][ T9528] fb_ioctl+0xe5/0x150 [ 148.428368][ T9528] ? __pfx_fb_ioctl+0x10/0x10 [ 148.428384][ T9528] __x64_sys_ioctl+0x18f/0x220 [ 148.428399][ T9528] do_syscall_64+0xcd/0x250 [ 148.428410][ T9528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.428426][ T9528] RIP: 0033:0x7fdeca97e719 [ 148.428436][ T9528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.428446][ T9528] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 148.428459][ T9528] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 148.428468][ T9528] RDX: 00000000200000c0 RSI: 0000000000004610 RDI: 0000000000000003 [ 148.428475][ T9528] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 0000000000000000 [ 148.428482][ T9528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 148.428489][ T9528] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 148.428504][ T9528] [ 148.454669][ T9530] fuse: Bad value for 'fd' [ 148.476295][ T9532] FAULT_INJECTION: forcing a failure. [ 148.476295][ T9532] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 148.508861][ T6002] hid-generic 0000:0D17:0000.0030: unknown main item tag 0x0 [ 148.509522][ T9532] CPU: 1 UID: 0 PID: 9532 Comm: syz.0.1208 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 148.511392][ T6002] hid-generic 0000:0D17:0000.0030: unknown main item tag 0x0 [ 148.511899][ T9532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 148.511910][ T9532] Call Trace: [ 148.511915][ T9532] [ 148.511921][ T9532] dump_stack_lvl+0x16c/0x1f0 [ 148.511941][ T9532] should_fail_ex+0x497/0x5b0 [ 148.518415][ T6002] hid-generic 0000:0D17:0000.0030: hidraw1: HID v0.00 Device [syz0] on syz1 [ 148.518984][ T9532] _copy_to_user+0x32/0xd0 [ 148.563557][ T9532] simple_read_from_buffer+0xd0/0x160 [ 148.565095][ T9532] proc_fail_nth_read+0x198/0x270 [ 148.566575][ T9532] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 148.568098][ T9532] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 148.569577][ T9532] vfs_read+0x1df/0xbe0 [ 148.570713][ T9532] ? __fget_files+0x23a/0x3f0 [ 148.571980][ T9532] ? fdget_pos+0x24c/0x360 [ 148.573193][ T9532] ? __pfx_lock_release+0x10/0x10 [ 148.574543][ T9532] ? trace_lock_acquire+0x14a/0x1d0 [ 148.574783][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 148.575918][ T9532] ? __pfx_vfs_read+0x10/0x10 [ 148.575944][ T9532] ? __pfx___mutex_lock+0x10/0x10 [ 148.575959][ T9532] ? __fget_files+0x244/0x3f0 [ 148.575978][ T9532] ksys_read+0x12f/0x260 [ 148.581675][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 148.581889][ T9532] ? __pfx_ksys_read+0x10/0x10 [ 148.585813][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 148.586320][ T9532] do_syscall_64+0xcd/0x250 [ 148.589365][ T9532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.589411][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 148.590927][ T9532] RIP: 0033:0x7fdeca97d15c [ 148.593914][ T9532] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 148.594218][ T5954] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 148.598908][ T9532] RSP: 002b:00007fdecb6b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 148.598927][ T9532] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97d15c [ 148.598934][ T9532] RDX: 000000000000000f RSI: 00007fdecb6b70a0 RDI: 0000000000000004 [ 148.598941][ T9532] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 000000000000004e [ 148.598948][ T9532] R10: 0000000000010022 R11: 0000000000000246 R12: 0000000000000001 [ 148.601506][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 148.603182][ T9532] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 148.603203][ T9532] [ 148.688557][ T9535] lo speed is unknown, defaulting to 1000 [ 148.742847][ T39] audit: type=1400 audit(1730581065.377:619): avc: denied { write } for pid=9545 comm="syz.1.1211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 148.745383][ T9535] chnl_net:caif_netlink_parms(): no params data found [ 148.752207][ T9546] Timeout policy `syz0' can only be used by L3 protocol number 33024 [ 148.805505][ T9556] FAULT_INJECTION: forcing a failure. [ 148.805505][ T9556] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 148.808944][ T9556] CPU: 2 UID: 0 PID: 9556 Comm: syz.1.1213 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 148.811882][ T9556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 148.814766][ T9556] Call Trace: [ 148.815661][ T9556] [ 148.816449][ T9556] dump_stack_lvl+0x16c/0x1f0 [ 148.817735][ T9556] should_fail_ex+0x497/0x5b0 [ 148.819000][ T9556] _copy_to_user+0x32/0xd0 [ 148.820206][ T9556] simple_read_from_buffer+0xd0/0x160 [ 148.821740][ T9556] proc_fail_nth_read+0x198/0x270 [ 148.823080][ T9556] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 148.824547][ T9556] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 148.826029][ T9556] vfs_read+0x1df/0xbe0 [ 148.827153][ T9556] ? __fget_files+0x23a/0x3f0 [ 148.828422][ T9556] ? fdget_pos+0x24c/0x360 [ 148.829643][ T9556] ? __pfx_lock_release+0x10/0x10 [ 148.831238][ T9556] ? trace_lock_acquire+0x14a/0x1d0 [ 148.832777][ T9556] ? __pfx_vfs_read+0x10/0x10 [ 148.832799][ T9556] ? __pfx___mutex_lock+0x10/0x10 [ 148.832814][ T9556] ? __fget_files+0x244/0x3f0 [ 148.832833][ T9556] ksys_read+0x12f/0x260 [ 148.832848][ T9556] ? __pfx_ksys_read+0x10/0x10 [ 148.832867][ T9556] do_syscall_64+0xcd/0x250 [ 148.832879][ T9556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.832895][ T9556] RIP: 0033:0x7f97c6d7d15c [ 148.832906][ T9556] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 148.832916][ T9556] RSP: 002b:00007f97c7bbb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 148.832928][ T9556] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7d15c [ 148.832935][ T9556] RDX: 000000000000000f RSI: 00007f97c7bbb0a0 RDI: 0000000000000004 [ 148.832942][ T9556] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 148.832949][ T9556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 148.832956][ T9556] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 148.832969][ T9556] [ 148.847175][ T9535] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.869896][ T9535] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.872141][ T9535] bridge_slave_0: entered allmulticast mode [ 148.875299][ T9535] bridge_slave_0: entered promiscuous mode [ 148.878116][ T9535] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.880103][ T9535] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.880513][ T9560] random: crng reseeded on system resumption [ 148.881971][ T9535] bridge_slave_1: entered allmulticast mode [ 148.886179][ T9535] bridge_slave_1: entered promiscuous mode [ 148.910078][ T9535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 148.914789][ T9535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 148.938435][ T9535] team0: Port device team_slave_0 added [ 148.941721][ T9535] team0: Port device team_slave_1 added [ 148.967525][ T9535] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 148.969230][ T9535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.976600][ T9535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 148.981626][ T9535] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 148.984000][ T9535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 148.990806][ T9535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 149.019781][ T9535] hsr_slave_0: entered promiscuous mode [ 149.021980][ T9535] hsr_slave_1: entered promiscuous mode [ 149.024418][ T9535] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 149.026539][ T9535] Cannot create hsr debugfs directory [ 149.068415][ T39] audit: type=1400 audit(1730581065.707:620): avc: denied { ioctl } for pid=9559 comm="syz.1.1216" path="/dev/snapshot" dev="devtmpfs" ino=98 ioctlcmd=0x3305 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 149.068628][ T9560] Restarting kernel threads ... done. [ 149.567711][ T9567] FAULT_INJECTION: forcing a failure. [ 149.567711][ T9567] name failslab, interval 1, probability 0, space 0, times 0 [ 149.571292][ T9567] CPU: 3 UID: 0 PID: 9567 Comm: syz.2.1218 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 149.574088][ T9567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 149.576931][ T9567] Call Trace: [ 149.577848][ T9567] [ 149.578691][ T9567] dump_stack_lvl+0x16c/0x1f0 [ 149.579973][ T9567] should_fail_ex+0x497/0x5b0 [ 149.581236][ T9567] ? fs_reclaim_acquire+0xae/0x150 [ 149.582640][ T9567] should_failslab+0xc2/0x120 [ 149.583942][ T9567] __kmalloc_noprof+0xcb/0x400 [ 149.585240][ T9567] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 149.586834][ T9567] tomoyo_realpath_from_path+0xb9/0x720 [ 149.588323][ T9567] ? tomoyo_path_number_perm+0x232/0x590 [ 149.589913][ T9567] tomoyo_path_number_perm+0x245/0x590 [ 149.591481][ T9567] ? tomoyo_path_number_perm+0x232/0x590 [ 149.593073][ T9567] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 149.594719][ T9567] ? trace_lock_acquire+0x14a/0x1d0 [ 149.596113][ T9567] ? lock_acquire+0x2f/0xb0 [ 149.597320][ T9567] ? __fget_files+0x40/0x3f0 [ 149.598582][ T9567] ? __fget_files+0x244/0x3f0 [ 149.599852][ T9567] security_file_ioctl+0x9b/0x240 [ 149.601185][ T9567] __x64_sys_ioctl+0xbb/0x220 [ 149.602692][ T9567] do_syscall_64+0xcd/0x250 [ 149.603908][ T9567] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.605432][ T9567] RIP: 0033:0x7efc2197e719 [ 149.606581][ T9567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.612349][ T9567] RSP: 002b:00007efc22747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 149.614913][ T9567] RAX: ffffffffffffffda RBX: 00007efc21b35f80 RCX: 00007efc2197e719 [ 149.617169][ T9567] RDX: 0000000020000100 RSI: 00000000c018aa06 RDI: 0000000000000004 [ 149.619497][ T9567] RBP: 00007efc22747090 R08: 0000000000000000 R09: 0000000000000000 [ 149.621712][ T9567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 149.623839][ T9567] R13: 0000000000000000 R14: 00007efc21b35f80 R15: 00007ffe569a1208 [ 149.625979][ T9567] [ 149.626985][ T9567] ERROR: Out of memory at tomoyo_realpath_from_path. [ 149.771462][ T9193] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.772903][ T39] audit: type=1400 audit(1730581066.418:621): avc: denied { setopt } for pid=9571 comm="syz.2.1220" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 149.782933][ T39] audit: type=1400 audit(1730581066.428:622): avc: denied { name_bind } for pid=9571 comm="syz.2.1220" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 149.783614][ T9573] netlink: 'syz.2.1220': attribute type 3 has an invalid length. [ 149.790230][ T9573] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1220'. [ 149.858592][ T9193] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.901318][ T9593] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1226'. [ 149.904528][ T9586] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1226'. [ 149.961610][ T9193] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.983667][ T39] audit: type=1400 audit(1730581066.628:623): avc: denied { accept } for pid=9594 comm="syz.0.1229" lport=39903 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 149.985039][ T39] audit: type=1400 audit(1730581066.628:624): avc: denied { getopt } for pid=9594 comm="syz.0.1229" lport=39903 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 149.985849][ T39] audit: type=1400 audit(1730581066.628:625): avc: denied { write } for pid=9594 comm="syz.0.1229" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 149.986924][ T39] audit: type=1400 audit(1730581066.628:626): avc: denied { map } for pid=9594 comm="syz.0.1229" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 149.986946][ T39] audit: type=1400 audit(1730581066.628:627): avc: denied { execute } for pid=9594 comm="syz.0.1229" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 150.065712][ T9193] bridge_slave_1: left allmulticast mode [ 150.067445][ T9193] bridge_slave_1: left promiscuous mode [ 150.069019][ T9193] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.072863][ T9193] bridge_slave_0: left allmulticast mode [ 150.074586][ T9193] bridge_slave_0: left promiscuous mode [ 150.076381][ T9193] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.391702][ T9193] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 150.396819][ T9193] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 150.402340][ T9193] bond0 (unregistering): Released all slaves [ 150.509216][ T9614] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 150.672623][ T5948] Bluetooth: hci3: command tx timeout [ 150.758362][ T9193] hsr_slave_0: left promiscuous mode [ 150.761664][ T9193] hsr_slave_1: left promiscuous mode [ 150.767472][ T9193] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 150.769558][ T9193] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 150.772618][ T9193] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 150.774821][ T9193] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 150.778516][ T9635] input: syz1 as /devices/virtual/input/input40 [ 150.822526][ T9193] veth1_macvtap: left promiscuous mode [ 150.824778][ T9193] veth0_macvtap: left promiscuous mode [ 150.826645][ T9193] veth1_vlan: left promiscuous mode [ 150.828416][ T9193] veth0_vlan: left promiscuous mode [ 150.894455][ T9647] input: syz1 as /devices/virtual/input/input41 [ 150.905830][ T9642] FAULT_INJECTION: forcing a failure. [ 150.905830][ T9642] name failslab, interval 1, probability 0, space 0, times 0 [ 150.909658][ T9642] CPU: 2 UID: 0 PID: 9642 Comm: syz.2.1241 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 150.912513][ T9642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 150.915570][ T9642] Call Trace: [ 150.916465][ T9642] [ 150.917255][ T9642] dump_stack_lvl+0x16c/0x1f0 [ 150.918532][ T9642] should_fail_ex+0x497/0x5b0 [ 150.920025][ T9642] ? fs_reclaim_acquire+0xae/0x150 [ 150.921600][ T9642] should_failslab+0xc2/0x120 [ 150.922855][ T9642] __kmalloc_noprof+0xcb/0x400 [ 150.924120][ T9642] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 150.925704][ T9642] tomoyo_realpath_from_path+0xb9/0x720 [ 150.927467][ T9642] ? tomoyo_path_number_perm+0x232/0x590 [ 150.929536][ T9642] tomoyo_path_number_perm+0x245/0x590 [ 150.931225][ T9642] ? tomoyo_path_number_perm+0x232/0x590 [ 150.932716][ T9642] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 150.934358][ T9642] ? trace_lock_acquire+0x14a/0x1d0 [ 150.935672][ T9642] ? lock_acquire+0x2f/0xb0 [ 150.936821][ T9642] ? __fget_files+0x40/0x3f0 [ 150.938063][ T9642] ? __fget_files+0x244/0x3f0 [ 150.940493][ T9642] security_file_ioctl+0x9b/0x240 [ 150.940515][ T9642] __x64_sys_ioctl+0xbb/0x220 [ 150.940531][ T9642] do_syscall_64+0xcd/0x250 [ 150.940544][ T9642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.940560][ T9642] RIP: 0033:0x7efc2197e719 [ 150.940571][ T9642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.940582][ T9642] RSP: 002b:00007efc22747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 150.940594][ T9642] RAX: ffffffffffffffda RBX: 00007efc21b35f80 RCX: 00007efc2197e719 [ 150.940602][ T9642] RDX: 0000000000000000 RSI: 0000000000005502 RDI: 0000000000000004 [ 150.940608][ T9642] RBP: 00007efc22747090 R08: 0000000000000000 R09: 0000000000000000 [ 150.940615][ T9642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.940622][ T9642] R13: 0000000000000000 R14: 00007efc21b35f80 R15: 00007ffe569a1208 [ 150.940635][ T9642] [ 150.945314][ T9642] ERROR: Out of memory at tomoyo_realpath_from_path. [ 150.991769][ T9646] syz.0.1243: attempt to access beyond end of device [ 150.991769][ T9646] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128 [ 151.007818][ T9646] gfs2: error -5 reading superblock [ 151.073781][ T39] audit: type=1400 audit(1730581067.718:628): avc: denied { append } for pid=9643 comm="syz.1.1242" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 151.086357][ T9648] input: syz1 as /devices/virtual/input/input42 [ 151.121181][ T9658] FAULT_INJECTION: forcing a failure. [ 151.121181][ T9658] name failslab, interval 1, probability 0, space 0, times 0 [ 151.121210][ T9658] CPU: 2 UID: 0 PID: 9658 Comm: syz.2.1246 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 151.121224][ T9658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 151.121230][ T9658] Call Trace: [ 151.121235][ T9658] [ 151.121240][ T9658] dump_stack_lvl+0x16c/0x1f0 [ 151.121256][ T9658] should_fail_ex+0x497/0x5b0 [ 151.121268][ T9658] ? fs_reclaim_acquire+0xae/0x150 [ 151.121281][ T9658] should_failslab+0xc2/0x120 [ 151.121296][ T9658] __kmalloc_cache_noprof+0x6b/0x300 [ 151.121308][ T9658] ? drm_atomic_helper_crtc_duplicate_state+0x70/0xd0 [ 151.121329][ T9658] drm_atomic_helper_crtc_duplicate_state+0x70/0xd0 [ 151.121346][ T9658] drm_atomic_get_crtc_state+0x162/0x440 [ 151.121393][ T9658] drm_atomic_get_plane_state+0x436/0x590 [ 151.121421][ T9658] drm_client_modeset_commit_atomic+0x246/0x800 [ 151.121443][ T9658] ? trace_contention_end+0xea/0x140 [ 151.121456][ T9658] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 151.121481][ T9658] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 151.121502][ T9658] drm_client_modeset_commit_locked+0x14d/0x580 [ 151.121521][ T9658] drm_fb_helper_pan_display+0x2a5/0x990 [ 151.121541][ T9658] fb_pan_display+0x477/0x7d0 [ 151.121554][ T9658] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 151.121571][ T9658] bit_update_start+0x49/0x1f0 [ 151.121586][ T9658] fbcon_switch+0xc11/0x14f0 [ 151.121603][ T9658] ? __pfx_fbcon_switch+0x10/0x10 [ 151.121624][ T9658] ? __pfx_bit_cursor+0x10/0x10 [ 151.121638][ T9658] ? fbcon_cursor+0x409/0x5f0 [ 151.121651][ T9658] ? is_console_locked+0x9/0x20 [ 151.121667][ T9658] ? con_is_visible+0x65/0x150 [ 151.121683][ T9658] redraw_screen+0x2bf/0x760 [ 151.121700][ T9658] ? __pfx_redraw_screen+0x10/0x10 [ 151.121717][ T9658] ? fbcon_set_disp+0x7d/0xe00 [ 151.121730][ T9658] ? rcu_is_watching+0x12/0xc0 [ 151.121753][ T9658] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 151.121781][ T9658] set_con2fb_map+0x79c/0x1060 [ 151.121810][ T9658] fbcon_set_con2fb_map_ioctl+0x16d/0x220 [ 151.121834][ T9658] ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10 [ 151.121863][ T9658] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 151.121888][ T9658] do_fb_ioctl+0x32a/0x7d0 [ 151.121905][ T9658] ? __pfx_do_fb_ioctl+0x10/0x10 [ 151.121924][ T9658] ? do_vfs_ioctl+0x513/0x1990 [ 151.121955][ T9658] ? selinux_file_ioctl+0x180/0x270 [ 151.121971][ T9658] fb_ioctl+0xe5/0x150 [ 151.121986][ T9658] ? __pfx_fb_ioctl+0x10/0x10 [ 151.122002][ T9658] __x64_sys_ioctl+0x18f/0x220 [ 151.122017][ T9658] do_syscall_64+0xcd/0x250 [ 151.122028][ T9658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.122044][ T9658] RIP: 0033:0x7efc2197e719 [ 151.122056][ T9658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.122067][ T9658] RSP: 002b:00007efc22747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 151.122079][ T9658] RAX: ffffffffffffffda RBX: 00007efc21b35f80 RCX: 00007efc2197e719 [ 151.122086][ T9658] RDX: 00000000200000c0 RSI: 0000000000004610 RDI: 0000000000000003 [ 151.122093][ T9658] RBP: 00007efc22747090 R08: 0000000000000000 R09: 0000000000000000 [ 151.122100][ T9658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 151.122107][ T9658] R13: 0000000000000000 R14: 00007efc21b35f80 R15: 00007ffe569a1208 [ 151.122121][ T9658] [ 151.634244][ T55] hid-generic 0000:0D17:0000.0031: unknown main item tag 0x0 [ 151.636146][ T55] hid-generic 0000:0D17:0000.0031: unknown main item tag 0x0 [ 151.638855][ T55] hid-generic 0000:0D17:0000.0031: hidraw1: HID v0.00 Device [syz0] on syz1 [ 151.886501][ T9193] team0 (unregistering): Port device team_slave_1 removed [ 151.978838][ T9193] team0 (unregistering): Port device team_slave_0 removed [ 152.496791][ T5983] hid-generic 0000:0D17:0000.0032: unknown main item tag 0x0 [ 152.499352][ T5983] hid-generic 0000:0D17:0000.0032: unknown main item tag 0x0 [ 152.506338][ T9679] FAULT_INJECTION: forcing a failure. [ 152.506338][ T9679] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 152.512445][ T9679] CPU: 1 UID: 0 PID: 9679 Comm: syz.0.1253 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 152.513709][ T5983] hid-generic 0000:0D17:0000.0032: hidraw1: HID v0.00 Device [syz0] on syz1 [ 152.515479][ T9679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 152.520930][ T9679] Call Trace: [ 152.521907][ T9679] [ 152.522759][ T9679] dump_stack_lvl+0x16c/0x1f0 [ 152.524086][ T9679] should_fail_ex+0x497/0x5b0 [ 152.525387][ T9679] _copy_to_user+0x32/0xd0 [ 152.526599][ T9679] uhid_char_read+0x4a0/0x760 [ 152.527918][ T9679] ? __pfx_uhid_char_read+0x10/0x10 [ 152.529399][ T9679] ? avc_policy_seqno+0x9/0x20 [ 152.530665][ T9679] ? selinux_file_permission+0x11f/0x580 [ 152.532150][ T9679] ? bpf_lsm_file_permission+0x9/0x10 [ 152.533571][ T9679] ? security_file_permission+0x71/0x210 [ 152.535053][ T9679] ? __pfx_uhid_char_read+0x10/0x10 [ 152.536446][ T9679] vfs_readv+0x6bf/0x890 [ 152.537601][ T9679] ? find_held_lock+0x2d/0x110 [ 152.538871][ T9679] ? __pfx_vfs_readv+0x10/0x10 [ 152.540303][ T9679] ? find_held_lock+0x2d/0x110 [ 152.541662][ T9679] ? __pfx_lock_release+0x10/0x10 [ 152.543044][ T9679] ? trace_lock_acquire+0x14a/0x1d0 [ 152.544417][ T9679] ? __fget_files+0x244/0x3f0 [ 152.545665][ T9679] ? do_readv+0x289/0x370 [ 152.546907][ T9679] do_readv+0x289/0x370 [ 152.548012][ T9679] ? __pfx_do_readv+0x10/0x10 [ 152.549294][ T9679] do_syscall_64+0xcd/0x250 [ 152.550601][ T9679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.552594][ T9679] RIP: 0033:0x7fdeca97e719 [ 152.553810][ T9679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.560647][ T9679] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 152.563001][ T9679] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 152.565195][ T9679] RDX: 0000000000000002 RSI: 00000000200001c0 RDI: 0000000000000003 [ 152.567279][ T9679] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 0000000000000000 [ 152.569337][ T9679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 152.571606][ T9679] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 152.574240][ T9679] [ 152.671670][ T35] hid-generic 0000:0D17:0000.0033: unknown main item tag 0x0 [ 152.674004][ T35] hid-generic 0000:0D17:0000.0033: unknown main item tag 0x0 [ 152.683504][ T35] hid-generic 0000:0D17:0000.0033: hidraw1: HID v0.00 Device [syz0] on syz1 [ 152.762353][ T5948] Bluetooth: hci3: command tx timeout [ 152.890684][ T9535] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 152.895536][ T9535] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 152.903389][ T9535] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 152.915785][ T9535] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 152.985812][ T9535] 8021q: adding VLAN 0 to HW filter on device bond0 [ 153.001774][ T9535] 8021q: adding VLAN 0 to HW filter on device team0 [ 153.009210][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.011166][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.029428][ T94] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.032022][ T94] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.148719][ T9535] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 153.172437][ T9535] veth0_vlan: entered promiscuous mode [ 153.180115][ T9535] veth1_vlan: entered promiscuous mode [ 153.196280][ T9535] veth0_macvtap: entered promiscuous mode [ 153.201147][ T9535] veth1_macvtap: entered promiscuous mode [ 153.208734][ T9535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.212546][ T9535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.215320][ T9535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 153.218173][ T9535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.221739][ T9535] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.226937][ T9535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.229689][ T9535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.233134][ T9535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 153.236957][ T9535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 153.241062][ T9535] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.246170][ T9535] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.248659][ T9535] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.251522][ T9535] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.255671][ T9535] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.296159][ T9193] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.299084][ T9193] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.316450][ T94] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 153.319295][ T94] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 153.363597][ T9725] FAULT_INJECTION: forcing a failure. [ 153.363597][ T9725] name failslab, interval 1, probability 0, space 0, times 0 [ 153.366993][ T9725] CPU: 1 UID: 0 PID: 9725 Comm: syz.2.1260 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 153.369899][ T9725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 153.372915][ T9725] Call Trace: [ 153.373901][ T9725] [ 153.374770][ T9725] dump_stack_lvl+0x16c/0x1f0 [ 153.376149][ T9725] should_fail_ex+0x497/0x5b0 [ 153.377856][ T9725] ? fs_reclaim_acquire+0xae/0x150 [ 153.379473][ T9725] should_failslab+0xc2/0x120 [ 153.381687][ T9725] __kmalloc_noprof+0xcb/0x400 [ 153.382944][ T9725] tomoyo_encode2+0x100/0x3e0 [ 153.384167][ T9725] tomoyo_encode+0x29/0x50 [ 153.385368][ T9725] tomoyo_realpath_from_path+0x19d/0x720 [ 153.386863][ T9725] ? tomoyo_path_number_perm+0x232/0x590 [ 153.388335][ T9725] tomoyo_path_number_perm+0x245/0x590 [ 153.389891][ T9725] ? tomoyo_path_number_perm+0x232/0x590 [ 153.391560][ T9725] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 153.393210][ T9725] ? trace_lock_acquire+0x14a/0x1d0 [ 153.394604][ T9725] ? lock_acquire+0x2f/0xb0 [ 153.395796][ T9725] ? __fget_files+0x40/0x3f0 [ 153.397031][ T9725] ? __fget_files+0x244/0x3f0 [ 153.398340][ T9725] security_file_ioctl+0x9b/0x240 [ 153.399707][ T9725] __x64_sys_ioctl+0xbb/0x220 [ 153.400982][ T9725] do_syscall_64+0xcd/0x250 [ 153.402223][ T9725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.403829][ T9725] RIP: 0033:0x7efc2197e719 [ 153.405044][ T9725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.410107][ T9725] RSP: 002b:00007efc22747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 153.412285][ T9725] RAX: ffffffffffffffda RBX: 00007efc21b35f80 RCX: 00007efc2197e719 [ 153.414410][ T9725] RDX: 0000000020000100 RSI: 00000000c018aa06 RDI: 0000000000000004 [ 153.417291][ T9725] RBP: 00007efc22747090 R08: 0000000000000000 R09: 0000000000000000 [ 153.419803][ T9725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 153.422031][ T9725] R13: 0000000000000000 R14: 00007efc21b35f80 R15: 00007ffe569a1208 [ 153.424233][ T9725] [ 153.425510][ T9725] ERROR: Out of memory at tomoyo_realpath_from_path. [ 153.462364][ T9727] FAULT_INJECTION: forcing a failure. [ 153.462364][ T9727] name failslab, interval 1, probability 0, space 0, times 0 [ 153.465692][ T9727] CPU: 0 UID: 0 PID: 9727 Comm: syz.2.1261 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 153.468639][ T9727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 153.472144][ T9727] Call Trace: [ 153.473256][ T9727] [ 153.474648][ T9727] dump_stack_lvl+0x16c/0x1f0 [ 153.476159][ T9727] should_fail_ex+0x497/0x5b0 [ 153.477594][ T9727] ? fs_reclaim_acquire+0xae/0x150 [ 153.479057][ T9727] should_failslab+0xc2/0x120 [ 153.480453][ T9727] __kmalloc_cache_noprof+0x6b/0x300 [ 153.482121][ T9727] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 153.483664][ T9727] ? bpf_prog_alloc_no_stats+0x107/0x5d0 [ 153.485290][ T9727] ? __vmalloc_noprof+0x6d/0x90 [ 153.486677][ T9727] bpf_prog_alloc_no_stats+0x107/0x5d0 [ 153.488171][ T9727] bpf_prog_alloc+0x3b/0x230 [ 153.489495][ T9727] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 153.491374][ T9727] bpf_prog_load+0x159e/0x2660 [ 153.493611][ T9727] ? __pfx_bpf_prog_load+0x10/0x10 [ 153.495444][ T9727] ? avc_has_perm_noaudit+0x143/0x3a0 [ 153.496962][ T9727] ? selinux_bpf+0xde/0x130 [ 153.498191][ T9727] __sys_bpf+0x402b/0x49a0 [ 153.499633][ T9727] ? ksys_write+0x21e/0x260 [ 153.500910][ T9727] ? reacquire_held_locks+0x450/0x4c0 [ 153.502487][ T9727] ? __pfx___sys_bpf+0x10/0x10 [ 153.503837][ T9727] ? vfs_write+0x306/0x1150 [ 153.505147][ T9727] ? __mutex_unlock_slowpath+0x164/0x650 [ 153.506819][ T9727] ? fput+0x30/0x390 [ 153.507923][ T9727] ? ksys_write+0x1ad/0x260 [ 153.509255][ T9727] ? __pfx_ksys_write+0x10/0x10 [ 153.511551][ T9727] __x64_sys_bpf+0x78/0xc0 [ 153.513223][ T9727] ? lockdep_hardirqs_on+0x7c/0x110 [ 153.515070][ T9727] do_syscall_64+0xcd/0x250 [ 153.516753][ T9727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.518619][ T9727] RIP: 0033:0x7efc2197e719 [ 153.520300][ T9727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.526200][ T9727] RSP: 002b:00007efc22747038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 153.528421][ T9727] RAX: ffffffffffffffda RBX: 00007efc21b35f80 RCX: 00007efc2197e719 [ 153.530604][ T9727] RDX: 0000000000000094 RSI: 0000000020000340 RDI: 0000000000000005 [ 153.532720][ T9727] RBP: 00007efc22747090 R08: 0000000000000000 R09: 0000000000000000 [ 153.534875][ T9727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 153.537216][ T9727] R13: 0000000000000000 R14: 00007efc21b35f80 R15: 00007ffe569a1208 [ 153.539618][ T9727] [ 154.204289][ T9751] netlink: 'syz.1.1270': attribute type 10 has an invalid length. [ 154.211167][ T9751] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 154.217879][ T9751] netlink: 'syz.1.1270': attribute type 10 has an invalid length. [ 154.228253][ T9751] team0: Port device wlan1 added [ 154.464957][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 154.465083][ T39] audit: type=1400 audit(1730581071.108:633): avc: denied { create } for pid=9758 comm="syz.1.1274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 154.630561][ T9773] ptm ptm5: ldisc open failed (-12), clearing slot 5 [ 154.743899][ T9777] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration [ 154.814151][ T9785] block device autoloading is deprecated and will be removed. [ 154.817206][ T39] audit: type=1400 audit(1730581071.458:634): avc: denied { ioctl } for pid=9780 comm="syz.1.1280" path="/402/file0/file0" dev="fuse" ino=0 ioctlcmd=0x910 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 154.837015][ T9786] input: syz1 as /devices/virtual/input/input43 [ 154.937275][ T9797] input: syz1 as /devices/virtual/input/input44 [ 154.945190][ T9796] FAULT_INJECTION: forcing a failure. [ 154.945190][ T9796] name failslab, interval 1, probability 0, space 0, times 0 [ 154.945209][ T9796] CPU: 0 UID: 0 PID: 9796 Comm: syz.1.1286 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 154.945226][ T9796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 154.945237][ T9796] Call Trace: [ 154.945242][ T9796] [ 154.945249][ T9796] dump_stack_lvl+0x16c/0x1f0 [ 154.945286][ T9796] should_fail_ex+0x497/0x5b0 [ 154.945303][ T9796] ? fs_reclaim_acquire+0xae/0x150 [ 154.945317][ T9796] should_failslab+0xc2/0x120 [ 154.945403][ T9796] __kmalloc_cache_noprof+0x6b/0x300 [ 154.945423][ T9796] ? ww_mutex_lock+0x37/0x140 [ 154.945434][ T9796] ? drm_atomic_helper_plane_duplicate_state+0x70/0xd0 [ 154.945455][ T9796] drm_atomic_helper_plane_duplicate_state+0x70/0xd0 [ 154.945473][ T9796] drm_atomic_get_plane_state+0x20b/0x590 [ 154.945493][ T9796] drm_client_modeset_commit_atomic+0x246/0x800 [ 154.945513][ T9796] ? trace_contention_end+0xea/0x140 [ 154.945526][ T9796] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 154.945550][ T9796] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 154.945571][ T9796] drm_client_modeset_commit_locked+0x14d/0x580 [ 154.945589][ T9796] drm_fb_helper_pan_display+0x2a5/0x990 [ 154.945609][ T9796] fb_pan_display+0x477/0x7d0 [ 154.945624][ T9796] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 154.945661][ T9796] bit_update_start+0x49/0x1f0 [ 154.945678][ T9796] fbcon_switch+0xc11/0x14f0 [ 154.945696][ T9796] ? __pfx_fbcon_switch+0x10/0x10 [ 154.945716][ T9796] ? __pfx_bit_cursor+0x10/0x10 [ 154.945730][ T9796] ? fbcon_cursor+0x409/0x5f0 [ 154.945744][ T9796] ? is_console_locked+0x9/0x20 [ 154.945759][ T9796] ? con_is_visible+0x65/0x150 [ 154.945776][ T9796] redraw_screen+0x2bf/0x760 [ 154.945793][ T9796] ? __pfx_redraw_screen+0x10/0x10 [ 154.945809][ T9796] ? fbcon_set_disp+0x7d/0xe00 [ 154.945821][ T9796] ? rcu_is_watching+0x12/0xc0 [ 154.945836][ T9796] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 154.945851][ T9796] set_con2fb_map+0x79c/0x1060 [ 154.945868][ T9796] fbcon_set_con2fb_map_ioctl+0x16d/0x220 [ 154.945883][ T9796] ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10 [ 154.945899][ T9796] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 154.945918][ T9796] do_fb_ioctl+0x32a/0x7d0 [ 154.945934][ T9796] ? __pfx_do_fb_ioctl+0x10/0x10 [ 154.945953][ T9796] ? do_vfs_ioctl+0x513/0x1990 [ 154.945986][ T9796] ? selinux_file_ioctl+0x180/0x270 [ 154.946003][ T9796] fb_ioctl+0xe5/0x150 [ 154.946017][ T9796] ? __pfx_fb_ioctl+0x10/0x10 [ 154.946033][ T9796] __x64_sys_ioctl+0x18f/0x220 [ 154.946048][ T9796] do_syscall_64+0xcd/0x250 [ 154.946064][ T9796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.946083][ T9796] RIP: 0033:0x7f97c6d7e719 [ 154.946095][ T9796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.946106][ T9796] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.946117][ T9796] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 154.946125][ T9796] RDX: 00000000200000c0 RSI: 0000000000004610 RDI: 0000000000000003 [ 154.946132][ T9796] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 154.946139][ T9796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.946150][ T9796] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 154.946165][ T9796] [ 154.954248][ T9791] FAULT_INJECTION: forcing a failure. [ 154.954248][ T9791] name failslab, interval 1, probability 0, space 0, times 0 [ 154.954267][ T9791] CPU: 3 UID: 0 PID: 9791 Comm: syz.0.1283 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 154.954280][ T9791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 154.954287][ T9791] Call Trace: [ 154.954291][ T9791] [ 154.954296][ T9791] dump_stack_lvl+0x16c/0x1f0 [ 154.954311][ T9791] should_fail_ex+0x497/0x5b0 [ 154.954324][ T9791] ? fs_reclaim_acquire+0xae/0x150 [ 154.954336][ T9791] should_failslab+0xc2/0x120 [ 154.954350][ T9791] __kmalloc_noprof+0xcb/0x400 [ 154.954362][ T9791] ? d_absolute_path+0x137/0x1b0 [ 154.954375][ T9791] tomoyo_encode2+0x100/0x3e0 [ 154.954389][ T9791] tomoyo_encode+0x29/0x50 [ 154.954401][ T9791] tomoyo_realpath_from_path+0x19d/0x720 [ 154.954417][ T9791] tomoyo_path_number_perm+0x245/0x590 [ 154.954434][ T9791] ? tomoyo_path_number_perm+0x232/0x590 [ 154.954451][ T9791] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 154.954479][ T9791] ? trace_lock_acquire+0x14a/0x1d0 [ 154.954495][ T9791] ? lock_acquire+0x2f/0xb0 [ 154.954505][ T9791] ? __fget_files+0x40/0x3f0 [ 154.954522][ T9791] ? __fget_files+0x244/0x3f0 [ 154.954538][ T9791] security_file_ioctl+0x9b/0x240 [ 154.954551][ T9791] __x64_sys_ioctl+0xbb/0x220 [ 154.954566][ T9791] do_syscall_64+0xcd/0x250 [ 154.954578][ T9791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.954593][ T9791] RIP: 0033:0x7fdeca97e719 [ 154.954602][ T9791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.954613][ T9791] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.954642][ T9791] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 154.954649][ T9791] RDX: 0000000000000000 RSI: 0000000000005502 RDI: 0000000000000004 [ 154.954656][ T9791] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 0000000000000000 [ 154.954662][ T9791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.954669][ T9791] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 154.954682][ T9791] [ 154.954720][ T9791] ERROR: Out of memory at tomoyo_realpath_from_path. [ 155.599407][ T94] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.338228][ T5983] hid-generic 0000:0D17:0000.0034: unknown main item tag 0x0 [ 156.342691][ T5983] hid-generic 0000:0D17:0000.0034: unknown main item tag 0x0 [ 156.345671][ T5983] hid-generic 0000:0D17:0000.0034: hidraw1: HID v0.00 Device [syz0] on syz1 [ 156.387671][ T828] hid-generic 0000:0D17:0000.0035: unknown main item tag 0x0 [ 156.390345][ T828] hid-generic 0000:0D17:0000.0035: unknown main item tag 0x0 [ 156.396043][ T828] hid-generic 0000:0D17:0000.0035: hidraw2: HID v0.00 Device [syz0] on syz1 [ 156.429200][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 156.434435][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 156.438849][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 156.445308][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 156.449282][ T5954] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 156.453005][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 156.530827][ T9823] lo speed is unknown, defaulting to 1000 [ 156.585844][ T9823] chnl_net:caif_netlink_parms(): no params data found [ 156.644349][ T9823] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.646401][ T9823] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.648361][ T9823] bridge_slave_0: entered allmulticast mode [ 156.650588][ T9823] bridge_slave_0: entered promiscuous mode [ 156.654428][ T9823] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.656330][ T9823] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.658309][ T9823] bridge_slave_1: entered allmulticast mode [ 156.660330][ T9823] bridge_slave_1: entered promiscuous mode [ 156.680029][ T9823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 156.686418][ T9823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 156.710795][ T9823] team0: Port device team_slave_0 added [ 156.716407][ T9823] team0: Port device team_slave_1 added [ 156.738017][ T9823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 156.740205][ T9823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.748296][ T9823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 156.752069][ T9823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 156.754053][ T9823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.761469][ T9823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 156.790342][ T9823] hsr_slave_0: entered promiscuous mode [ 156.795894][ T9823] hsr_slave_1: entered promiscuous mode [ 156.798006][ T9823] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 156.800014][ T9823] Cannot create hsr debugfs directory [ 157.215300][ T39] audit: type=1400 audit(1730581073.859:635): avc: denied { watch } for pid=9836 comm="syz.2.1295" path="/333/net_prio.prioidx" dev="tmpfs" ino=1735 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 157.224066][ T39] audit: type=1400 audit(1730581073.859:636): avc: denied { watch_sb } for pid=9836 comm="syz.2.1295" path="/333/net_prio.prioidx" dev="tmpfs" ino=1735 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 157.261941][ T94] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.352557][ T94] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.358061][ T9839] FAULT_INJECTION: forcing a failure. [ 157.358061][ T9839] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 157.374328][ T9839] CPU: 1 UID: 0 PID: 9839 Comm: syz.0.1297 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 157.377859][ T9839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 157.377871][ T9839] Call Trace: [ 157.377876][ T9839] [ 157.377881][ T9839] dump_stack_lvl+0x16c/0x1f0 [ 157.377922][ T9839] should_fail_ex+0x497/0x5b0 [ 157.377944][ T9839] _copy_from_user+0x2e/0xd0 [ 157.387316][ T9839] userfaultfd_ioctl+0x15e5/0x3830 [ 157.388870][ T9839] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 157.390471][ T9839] ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 157.392602][ T9839] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 157.394687][ T9839] ? trace_lock_acquire+0x14a/0x1d0 [ 157.396497][ T9839] ? selinux_file_ioctl+0x180/0x270 [ 157.397928][ T9839] ? selinux_file_ioctl+0xb4/0x270 [ 157.399374][ T9839] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 157.400829][ T9839] ? __x64_sys_ioctl+0x18f/0x220 [ 157.402243][ T9839] __x64_sys_ioctl+0x18f/0x220 [ 157.403536][ T9839] do_syscall_64+0xcd/0x250 [ 157.404759][ T9839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.406405][ T9839] RIP: 0033:0x7fdeca97e719 [ 157.407616][ T9839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.412831][ T9839] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 157.415553][ T9839] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 157.417856][ T9839] RDX: 0000000020000100 RSI: 00000000c018aa06 RDI: 0000000000000004 [ 157.419915][ T9839] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 0000000000000000 [ 157.421991][ T9839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.424231][ T9839] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 157.426737][ T9839] [ 157.428302][ T39] audit: type=1400 audit(1730581074.049:637): avc: denied { read } for pid=9841 comm="syz.1.1298" name="file0" dev="tmpfs" ino=2165 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 157.434810][ T39] audit: type=1400 audit(1730581074.049:638): avc: denied { open } for pid=9841 comm="syz.1.1298" path="/410/file0" dev="tmpfs" ino=2165 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 157.442400][ T39] audit: type=1400 audit(1730581074.049:639): avc: denied { ioctl } for pid=9841 comm="syz.1.1298" path="/410/file0" dev="tmpfs" ino=2165 ioctlcmd=0x1280 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 157.457849][ T35] hid-generic 0000:0D17:0000.0036: unknown main item tag 0x0 [ 157.460010][ T35] hid-generic 0000:0D17:0000.0036: unknown main item tag 0x0 [ 157.469252][ T35] hid-generic 0000:0D17:0000.0036: hidraw1: HID v0.00 Device [syz0] on syz1 [ 157.474012][ T9847] FAULT_INJECTION: forcing a failure. [ 157.474012][ T9847] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 157.474581][ T94] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.478747][ T9847] CPU: 2 UID: 0 PID: 9847 Comm: syz.0.1300 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 157.487358][ T9847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 157.491465][ T9847] Call Trace: [ 157.492750][ T9847] [ 157.493956][ T9847] dump_stack_lvl+0x16c/0x1f0 [ 157.495823][ T9847] should_fail_ex+0x497/0x5b0 [ 157.497788][ T9847] _copy_from_user+0x2e/0xd0 [ 157.499380][ T9847] bpf_prog_load+0x1bce/0x2660 [ 157.500939][ T9847] ? __pfx_bpf_prog_load+0x10/0x10 [ 157.502982][ T9847] ? avc_has_perm_noaudit+0x143/0x3a0 [ 157.505087][ T9847] ? selinux_bpf+0xde/0x130 [ 157.506597][ T9847] __sys_bpf+0x402b/0x49a0 [ 157.507793][ T9847] ? ksys_write+0x21e/0x260 [ 157.509566][ T9847] ? reacquire_held_locks+0x450/0x4c0 [ 157.511029][ T9847] ? __pfx___sys_bpf+0x10/0x10 [ 157.512320][ T9847] ? vfs_write+0x306/0x1150 [ 157.513501][ T9847] ? __mutex_unlock_slowpath+0x164/0x650 [ 157.515003][ T9847] ? fput+0x30/0x390 [ 157.516025][ T9847] ? ksys_write+0x1ad/0x260 [ 157.517370][ T9847] ? __pfx_ksys_write+0x10/0x10 [ 157.518738][ T9847] __x64_sys_bpf+0x78/0xc0 [ 157.520020][ T9847] ? lockdep_hardirqs_on+0x7c/0x110 [ 157.521453][ T9847] do_syscall_64+0xcd/0x250 [ 157.522873][ T9847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.524477][ T9847] RIP: 0033:0x7fdeca97e719 [ 157.525817][ T9847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.531760][ T9847] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 157.534673][ T9847] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 157.536879][ T9847] RDX: 0000000000000094 RSI: 0000000020000340 RDI: 0000000000000005 [ 157.539109][ T9847] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 0000000000000000 [ 157.541237][ T9847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.543624][ T9847] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 157.545718][ T9847] [ 157.550909][ T39] audit: type=1326 audit(1730581074.189:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9850 comm="syz.1.1302" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f97c6d7e719 code=0x0 [ 157.603065][ T39] audit: type=1400 audit(1730581074.249:641): avc: denied { watch } for pid=9850 comm="syz.1.1302" path="/413/bus" dev="tmpfs" ino=2181 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 157.681389][ T6002] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 157.697970][ T94] bridge_slave_1: left allmulticast mode [ 157.697994][ T94] bridge_slave_1: left promiscuous mode [ 157.701962][ T94] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.705419][ T94] bridge_slave_0: left allmulticast mode [ 157.705437][ T94] bridge_slave_0: left promiscuous mode [ 157.705540][ T94] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.807277][ T9864] input: syz1 as /devices/virtual/input/input45 [ 157.861532][ T6002] usb 7-1: Using ep0 maxpacket: 8 [ 157.867462][ T6002] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 157.870722][ T6002] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.873610][ T6002] usb 7-1: Product: syz [ 157.874813][ T6002] usb 7-1: Manufacturer: syz [ 157.876114][ T6002] usb 7-1: SerialNumber: syz [ 157.881143][ T6002] usb 7-1: config 0 descriptor?? [ 158.078375][ T94] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 158.083422][ T94] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 158.092021][ T6002] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 158.099510][ T6002] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 158.100871][ T94] bond0 (unregistering): Released all slaves [ 158.104549][ T6002] usb 7-1: USB disconnect, device number 7 [ 158.107686][ T9860] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1305'. [ 158.225035][ T9884] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.234848][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.273391][ T9891] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 158.379538][ T39] audit: type=1326 audit(1730581075.019:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.0.1314" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdeca97e719 code=0x0 [ 158.435477][ T9895] syz.0.1314 (9895): attempted to duplicate a private mapping with mremap. This is not supported. [ 158.482279][ T9823] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 158.486647][ T9823] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 158.501585][ T9823] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 158.505255][ T9823] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 158.511571][ T5948] Bluetooth: hci3: command tx timeout [ 158.532169][ T94] hsr_slave_0: left promiscuous mode [ 158.534652][ T94] hsr_slave_1: left promiscuous mode [ 158.536910][ T94] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 158.539511][ T94] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 158.546690][ T94] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 158.548870][ T94] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 158.578398][ T94] veth1_macvtap: left promiscuous mode [ 158.579914][ T94] veth0_macvtap: left promiscuous mode [ 158.581646][ T94] veth1_vlan: left promiscuous mode [ 158.583172][ T94] veth0_vlan: left promiscuous mode [ 158.591640][ T65] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 159.161534][ T55] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 159.542780][ T9922] input: syz1 as /devices/virtual/input/input46 [ 159.548261][ T94] team0 (unregistering): Port device team_slave_1 removed [ 159.688576][ T94] team0 (unregistering): Port device team_slave_0 removed [ 159.752617][ T9931] input: syz1 as /devices/virtual/input/input47 [ 159.757772][ T9931] FAULT_INJECTION: forcing a failure. [ 159.757772][ T9931] name failslab, interval 1, probability 0, space 0, times 0 [ 159.766303][ T9931] CPU: 0 UID: 0 PID: 9931 Comm: syz.1.1323 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 159.769867][ T9931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 159.773505][ T9931] Call Trace: [ 159.774721][ T9931] [ 159.775775][ T9931] dump_stack_lvl+0x16c/0x1f0 [ 159.777425][ T9931] should_fail_ex+0x497/0x5b0 [ 159.779225][ T9931] ? fs_reclaim_acquire+0xae/0x150 [ 159.780812][ T9931] should_failslab+0xc2/0x120 [ 159.782301][ T9931] __kmalloc_node_track_caller_noprof+0xcf/0x430 [ 159.784268][ T9931] ? __pfx_mark_lock+0x10/0x10 [ 159.785773][ T9931] ? kasprintf+0xc8/0x100 [ 159.787284][ T9931] kvasprintf+0xbd/0x160 [ 159.788637][ T9931] ? __pfx_kvasprintf+0x10/0x10 [ 159.790190][ T9931] ? kernfs_put+0x47/0x50 [ 159.791678][ T9931] ? hlock_class+0x4e/0x130 [ 159.793320][ T9931] ? __lock_acquire+0x163e/0x3ce0 [ 159.794892][ T9931] kasprintf+0xc8/0x100 [ 159.796198][ T9931] ? __pfx_kasprintf+0x10/0x10 [ 159.797775][ T9931] ? __pfx___lock_acquire+0x10/0x10 [ 159.799387][ T9931] ? __pfx_input_devnode+0x10/0x10 [ 159.801131][ T9931] device_get_devnode+0x163/0x2c0 [ 159.802724][ T9931] devtmpfs_delete_node+0xc6/0x160 [ 159.804335][ T9931] ? __pfx_devtmpfs_delete_node+0x10/0x10 [ 159.806286][ T9931] ? find_held_lock+0x2d/0x110 [ 159.807766][ T9931] ? kobject_put+0xab/0x5a0 [ 159.809164][ T9931] ? __pfx_klist_children_put+0x10/0x10 [ 159.810872][ T9931] ? klist_children_put+0x44/0x60 [ 159.812430][ T9931] ? klist_put+0xf9/0x1b0 [ 159.813777][ T9931] device_del+0x735/0x9f0 [ 159.815095][ T9931] ? __pfx_device_del+0x10/0x10 [ 159.817085][ T9931] cdev_device_del+0x1d/0x110 [ 159.818594][ T9931] mousedev_disconnect+0x1c2/0x380 [ 159.820182][ T9931] __input_unregister_device+0x1d5/0x450 [ 159.822343][ T9931] input_unregister_device+0xb9/0x100 [ 159.824019][ T9931] uinput_destroy_device+0x1f4/0x260 [ 159.825691][ T9931] uinput_ioctl_handler.isra.0+0x888/0x1d70 [ 159.827556][ T9931] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 159.829584][ T9931] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 159.831880][ T9931] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 159.834037][ T9931] ? trace_lock_acquire+0x14a/0x1d0 [ 159.835704][ T9931] ? selinux_file_ioctl+0x180/0x270 [ 159.837801][ T9931] ? selinux_file_ioctl+0xb4/0x270 [ 159.839551][ T9931] ? __pfx_uinput_ioctl+0x10/0x10 [ 159.841341][ T9931] __x64_sys_ioctl+0x18f/0x220 [ 159.842857][ T9931] do_syscall_64+0xcd/0x250 [ 159.844274][ T9931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.846133][ T9931] RIP: 0033:0x7f97c6d7e719 [ 159.847529][ T9931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.853376][ T9931] RSP: 002b:00007f97c7bbb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 159.856201][ T9931] RAX: ffffffffffffffda RBX: 00007f97c6f35f80 RCX: 00007f97c6d7e719 [ 159.858838][ T9931] RDX: 0000000000000000 RSI: 0000000000005502 RDI: 0000000000000004 [ 159.861307][ T9931] RBP: 00007f97c7bbb090 R08: 0000000000000000 R09: 0000000000000000 [ 159.863723][ T9931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.866240][ T9931] R13: 0000000000000000 R14: 00007f97c6f35f80 R15: 00007ffee3f36f08 [ 159.868688][ T9931] [ 160.156898][ T9940] FAULT_INJECTION: forcing a failure. [ 160.156898][ T9940] name failslab, interval 1, probability 0, space 0, times 0 [ 160.156977][ T9940] CPU: 3 UID: 0 PID: 9940 Comm: syz.0.1326 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 160.156991][ T9940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.156998][ T9940] Call Trace: [ 160.157002][ T9940] [ 160.157007][ T9940] dump_stack_lvl+0x16c/0x1f0 [ 160.157023][ T9940] should_fail_ex+0x497/0x5b0 [ 160.157036][ T9940] ? fs_reclaim_acquire+0xae/0x150 [ 160.157067][ T9940] should_failslab+0xc2/0x120 [ 160.157082][ T9940] __kmalloc_node_track_caller_noprof+0xcf/0x430 [ 160.157097][ T9940] ? drm_atomic_get_connector_state+0x231/0x740 [ 160.157119][ T9940] krealloc_noprof+0x5d/0x130 [ 160.157135][ T9940] drm_atomic_get_connector_state+0x231/0x740 [ 160.157155][ T9940] drm_atomic_add_affected_connectors+0x2e7/0x400 [ 160.157174][ T9940] ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10 [ 160.157193][ T9940] ? modeset_lock+0x10e/0x6c0 [ 160.157210][ T9940] __drm_atomic_helper_set_config+0x5f1/0xe90 [ 160.157224][ T9940] ? __pfx___drm_atomic_helper_set_config+0x10/0x10 [ 160.157244][ T9940] ? drm_client_rotation+0x4d9/0x6a0 [ 160.157262][ T9940] drm_client_modeset_commit_atomic+0x557/0x800 [ 160.157313][ T9940] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 160.157343][ T9940] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 160.157365][ T9940] drm_client_modeset_commit_locked+0x14d/0x580 [ 160.157383][ T9940] drm_fb_helper_pan_display+0x2a5/0x990 [ 160.157404][ T9940] fb_pan_display+0x477/0x7d0 [ 160.157417][ T9940] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 160.157433][ T9940] bit_update_start+0x49/0x1f0 [ 160.157450][ T9940] fbcon_switch+0xc11/0x14f0 [ 160.157467][ T9940] ? __pfx_fbcon_switch+0x10/0x10 [ 160.157488][ T9940] ? __pfx_bit_cursor+0x10/0x10 [ 160.157501][ T9940] ? fbcon_cursor+0x409/0x5f0 [ 160.157516][ T9940] ? is_console_locked+0x9/0x20 [ 160.157531][ T9940] ? con_is_visible+0x65/0x150 [ 160.157548][ T9940] redraw_screen+0x2bf/0x760 [ 160.157565][ T9940] ? __pfx_redraw_screen+0x10/0x10 [ 160.157581][ T9940] ? fbcon_set_disp+0x7d/0xe00 [ 160.157593][ T9940] ? rcu_is_watching+0x12/0xc0 [ 160.157608][ T9940] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 160.157624][ T9940] set_con2fb_map+0x79c/0x1060 [ 160.157641][ T9940] fbcon_set_con2fb_map_ioctl+0x16d/0x220 [ 160.157656][ T9940] ? __pfx_fbcon_set_con2fb_map_ioctl+0x10/0x10 [ 160.157672][ T9940] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 160.157691][ T9940] do_fb_ioctl+0x32a/0x7d0 [ 160.157707][ T9940] ? __pfx_do_fb_ioctl+0x10/0x10 [ 160.157726][ T9940] ? do_vfs_ioctl+0x513/0x1990 [ 160.157759][ T9940] ? selinux_file_ioctl+0x180/0x270 [ 160.157775][ T9940] fb_ioctl+0xe5/0x150 [ 160.157789][ T9940] ? __pfx_fb_ioctl+0x10/0x10 [ 160.157805][ T9940] __x64_sys_ioctl+0x18f/0x220 [ 160.157821][ T9940] do_syscall_64+0xcd/0x250 [ 160.157832][ T9940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.157848][ T9940] RIP: 0033:0x7fdeca97e719 [ 160.157858][ T9940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.157869][ T9940] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.157881][ T9940] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 160.157889][ T9940] RDX: 00000000200000c0 RSI: 0000000000004610 RDI: 0000000000000003 [ 160.157895][ T9940] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 0000000000000000 [ 160.157902][ T9940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 160.157909][ T9940] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 160.157923][ T9940] [ 160.204063][ T7363] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.284914][ T9944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.286779][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 160.286790][ T39] audit: type=1400 audit(1730581076.869:644): avc: denied { sqpoll } for pid=9943 comm="syz.0.1327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 160.290752][ T9944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.298563][ T9944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.301630][ T9944] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 160.591281][ T5948] Bluetooth: hci3: command tx timeout [ 160.748467][ T9823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.752537][ T9954] futex_wake_op: syz.2.1329 tries to shift op by -1; fix this program [ 160.757854][ T9823] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.763985][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.766371][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 160.777065][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.779103][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 160.859882][ T6002] hid-generic 0000:0D17:0000.0037: unknown main item tag 0x0 [ 160.863197][ T6002] hid-generic 0000:0D17:0000.0037: unknown main item tag 0x0 [ 160.865934][ T6002] hid-generic 0000:0D17:0000.0037: hidraw1: HID v0.00 Device [syz0] on syz1 [ 160.926458][ T9823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 160.963553][ T9823] veth0_vlan: entered promiscuous mode [ 160.967857][ T9823] veth1_vlan: entered promiscuous mode [ 160.996007][ T9823] veth0_macvtap: entered promiscuous mode [ 161.000007][ T9823] veth1_macvtap: entered promiscuous mode [ 161.008879][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.012400][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.016638][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.021154][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.026093][ T9823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 161.032231][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.035209][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.038173][ T9823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.041043][ T9823] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.044353][ T9823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 161.050258][ T9823] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.061212][ T9823] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.063571][ T9823] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.065813][ T9823] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.134819][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.137200][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.143788][ T9976] FAULT_INJECTION: forcing a failure. [ 161.143788][ T9976] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.147114][ T9976] CPU: 0 UID: 0 PID: 9976 Comm: syz.2.1337 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 161.149770][ T9976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.152326][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.152836][ T9976] Call Trace: [ 161.152848][ T9976] [ 161.155318][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.160152][ T9976] dump_stack_lvl+0x16c/0x1f0 [ 161.161489][ T9976] should_fail_ex+0x497/0x5b0 [ 161.162743][ T9976] _copy_to_user+0x32/0xd0 [ 161.163926][ T9976] simple_read_from_buffer+0xd0/0x160 [ 161.165399][ T9976] proc_fail_nth_read+0x198/0x270 [ 161.166738][ T9976] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 161.168221][ T9976] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 161.169767][ T9976] vfs_read+0x1df/0xbe0 [ 161.170950][ T9976] ? __fget_files+0x23a/0x3f0 [ 161.172193][ T9976] ? fdget_pos+0x24c/0x360 [ 161.173435][ T9976] ? __pfx_lock_release+0x10/0x10 [ 161.174950][ T9976] ? trace_lock_acquire+0x14a/0x1d0 [ 161.176348][ T9976] ? __pfx_vfs_read+0x10/0x10 [ 161.178020][ T9976] ? __pfx___mutex_lock+0x10/0x10 [ 161.179567][ T9976] ? __fget_files+0x244/0x3f0 [ 161.180885][ T9976] ksys_read+0x12f/0x260 [ 161.182118][ T9976] ? __pfx_ksys_read+0x10/0x10 [ 161.183683][ T9976] do_syscall_64+0xcd/0x250 [ 161.185142][ T9976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.186890][ T9976] RIP: 0033:0x7efc2197d15c [ 161.188057][ T9976] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 161.193210][ T9976] RSP: 002b:00007efc22747030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 161.195859][ T9976] RAX: ffffffffffffffda RBX: 00007efc21b35f80 RCX: 00007efc2197d15c [ 161.197956][ T9976] RDX: 000000000000000f RSI: 00007efc227470a0 RDI: 0000000000000005 [ 161.200020][ T9976] RBP: 00007efc22747090 R08: 0000000000000000 R09: 0000000000000000 [ 161.202096][ T9976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.204161][ T9976] R13: 0000000000000000 R14: 00007efc21b35f80 R15: 00007ffe569a1208 [ 161.206248][ T9976] [ 161.240282][ T8] hid-generic 0000:0D15:0000.0038: unknown main item tag 0x0 [ 161.242578][ T8] hid-generic 0000:0D15:0000.0038: unknown main item tag 0x0 [ 161.247904][ T8] hid-generic 0000:0D15:0000.0038: hidraw1: HID v0.04 Device [syz0] on syz1 [ 161.282466][ T9981] (syz.1.1336,9981,1):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 161.285099][ T9981] (syz.1.1336,9981,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 161.360842][ T9983] tipc: Started in network mode [ 161.363124][ T9983] tipc: Node identity e0000001, cluster identity 4711 [ 161.365196][ T9983] tipc: Enabling of bearer rejected, failed to enable media [ 161.709506][ T9985] unknown channel width for channel at 909000KHz? [ 161.744570][ T9987] FAULT_INJECTION: forcing a failure. [ 161.744570][ T9987] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.748689][ T9987] CPU: 2 UID: 0 PID: 9987 Comm: syz.0.1340 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 161.751856][ T9987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.754935][ T9987] Call Trace: [ 161.755923][ T9987] [ 161.756816][ T9987] dump_stack_lvl+0x16c/0x1f0 [ 161.758238][ T9987] should_fail_ex+0x497/0x5b0 [ 161.759483][ T9987] strncpy_from_user+0x3b/0x2c0 [ 161.760767][ T9987] bpf_prog_load+0x1c30/0x2660 [ 161.762175][ T9987] ? __pfx_bpf_prog_load+0x10/0x10 [ 161.763511][ T9987] ? avc_has_perm_noaudit+0x143/0x3a0 [ 161.765510][ T9987] ? selinux_bpf+0xde/0x130 [ 161.767418][ T9987] __sys_bpf+0x402b/0x49a0 [ 161.768621][ T9987] ? ksys_write+0x21e/0x260 [ 161.770022][ T9987] ? reacquire_held_locks+0x450/0x4c0 [ 161.771683][ T9987] ? __pfx___sys_bpf+0x10/0x10 [ 161.773075][ T9987] ? vfs_write+0x306/0x1150 [ 161.774265][ T9987] ? __mutex_unlock_slowpath+0x164/0x650 [ 161.775713][ T9987] ? fput+0x30/0x390 [ 161.776876][ T9987] ? ksys_write+0x1ad/0x260 [ 161.778227][ T9987] ? __pfx_ksys_write+0x10/0x10 [ 161.779517][ T9987] __x64_sys_bpf+0x78/0xc0 [ 161.780697][ T9987] ? lockdep_hardirqs_on+0x7c/0x110 [ 161.782371][ T9987] do_syscall_64+0xcd/0x250 [ 161.783567][ T9987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.785126][ T9987] RIP: 0033:0x7fdeca97e719 [ 161.786573][ T9987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.791529][ T9987] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 161.793735][ T9987] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 161.795887][ T9987] RDX: 0000000000000094 RSI: 0000000020000340 RDI: 0000000000000005 [ 161.798011][ T9987] RBP: 00007fdecb6b7090 R08: 0000000000000000 R09: 0000000000000000 [ 161.800106][ T9987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.802178][ T9987] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 161.804615][ T9987] [ 161.864642][ T9991] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 161.872360][ T9991] VFS: Can't find a romfs filesystem on dev nullb0. [ 161.872360][ T9991] [ 161.978728][ T9999] input: syz1 as /devices/virtual/input/input48 [ 162.038329][ T39] audit: type=1400 audit(1730581078.679:645): avc: denied { ioctl } for pid=9997 comm="syz.1.1345" path="socket:[31884]" dev="sockfs" ino=31884 ioctlcmd=0x89e4 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 162.046930][ T39] audit: type=1400 audit(1730581078.689:646): avc: denied { mount } for pid=9997 comm="syz.1.1345" name="/" dev="ramfs" ino=31888 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 162.067687][T10003] binder: BINDER_SET_CONTEXT_MGR already set [ 162.069674][T10003] binder: 10002:10003 ioctl 4018620d 20000100 returned -16 [ 162.125217][T10011] ------------[ cut here ]------------ [ 162.126782][T10011] WARNING: CPU: 0 PID: 10011 at mm/util.c:670 __kvmalloc_node_noprof+0x180/0x1a0 [ 162.129229][T10011] Modules linked in: [ 162.130631][T10011] CPU: 0 UID: 0 PID: 10011 Comm: syz.0.1349 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 162.136348][T10011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 162.140077][T10011] RIP: 0010:__kvmalloc_node_noprof+0x180/0x1a0 [ 162.142115][T10011] Code: e9 1c ff ff ff e8 60 9c bf ff 41 81 e4 00 20 00 00 31 ff 44 89 e6 e8 8f 9e bf ff 45 85 e4 0f 85 3b ff ff ff e8 41 9c bf ff 90 <0f> 0b 90 31 ed e9 ed fe ff ff 48 c7 c7 28 59 5f 90 e8 4a 23 21 00 [ 162.147532][T10011] RSP: 0018:ffffc90005827a68 EFLAGS: 00010287 [ 162.149139][T10011] RAX: 000000000000179a RBX: 00000000da6b5000 RCX: ffffc90007072000 [ 162.151509][T10011] RDX: 0000000000040000 RSI: ffffffff81cde03f RDI: 0000000000000005 [ 162.153688][T10011] RBP: 0000000000000400 R08: 0000000000000005 R09: 0000000000000000 [ 162.156032][T10011] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 162.158736][T10011] R13: 00000000ffffffff R14: 0000000000000002 R15: dffffc0000000000 [ 162.161438][T10011] FS: 00007fdecb6b76c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000 [ 162.163995][T10011] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 162.165720][T10011] CR2: 00007fdeca962220 CR3: 00000000513c4000 CR4: 0000000000352ef0 [ 162.167861][T10011] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 162.170054][T10011] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 162.173229][T10011] Call Trace: [ 162.174477][T10011] [ 162.175374][T10011] ? __warn+0xea/0x3d0 [ 162.176872][T10011] ? __kvmalloc_node_noprof+0x180/0x1a0 [ 162.178944][T10011] ? report_bug+0x3c0/0x580 [ 162.180434][T10011] ? handle_bug+0x54/0xa0 [ 162.181749][T10011] ? exc_invalid_op+0x17/0x50 [ 162.183159][T10011] ? asm_exc_invalid_op+0x1a/0x20 [ 162.184674][T10011] ? __kvmalloc_node_noprof+0x17f/0x1a0 [ 162.186484][T10011] ? __kvmalloc_node_noprof+0x180/0x1a0 [ 162.188433][T10011] ? __kvmalloc_node_noprof+0x17f/0x1a0 [ 162.189899][T10011] __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 162.191757][T10011] vivid_update_format_cap+0x127b/0x2530 [ 162.193279][T10011] ? __pfx_vivid_update_format_cap+0x10/0x10 [ 162.194854][T10011] ? v4l2_match_dv_timings+0x1df/0x1010 [ 162.196325][T10011] vivid_vid_cap_s_dv_timings+0xc0f/0xfb0 [ 162.197916][T10011] vidioc_s_dv_timings+0xa5/0xc0 [ 162.199505][T10011] ? v4l_stub_s_dv_timings+0x1b/0x60 [ 162.200974][T10011] __video_do_ioctl+0xaf0/0xf00 [ 162.202290][T10011] ? __pfx___video_do_ioctl+0x10/0x10 [ 162.203695][T10011] ? __might_fault+0xe3/0x190 [ 162.205104][T10011] video_usercopy+0x4ce/0x1600 [ 162.206408][T10011] ? __pfx___video_do_ioctl+0x10/0x10 [ 162.207801][T10011] ? __pfx_video_usercopy+0x10/0x10 [ 162.209242][T10011] v4l2_ioctl+0x1ba/0x250 [ 162.210492][T10011] ? __pfx_v4l2_ioctl+0x10/0x10 [ 162.211823][T10011] __x64_sys_ioctl+0x18f/0x220 [ 162.213074][T10011] do_syscall_64+0xcd/0x250 [ 162.214553][T10011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.216121][T10011] RIP: 0033:0x7fdeca97e719 [ 162.217541][T10011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.223486][T10011] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 162.225852][T10011] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 162.227873][T10011] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003 [ 162.229903][T10011] RBP: 00007fdeca9f132e R08: 0000000000000000 R09: 0000000000000000 [ 162.232212][T10011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 162.234268][T10011] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 162.236661][T10011] [ 162.237616][T10011] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 162.239468][T10011] CPU: 0 UID: 0 PID: 10011 Comm: syz.0.1349 Not tainted 6.12.0-rc5-syzkaller-00299-g11066801dd4b #0 [ 162.242334][T10011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 162.245097][T10011] Call Trace: [ 162.245985][T10011] [ 162.246769][T10011] dump_stack_lvl+0x3d/0x1f0 [ 162.247978][T10011] panic+0x71d/0x800 [ 162.249007][T10011] ? __pfx_panic+0x10/0x10 [ 162.250340][T10011] ? show_trace_log_lvl+0x29d/0x3d0 [ 162.251814][T10011] ? __kvmalloc_node_noprof+0x180/0x1a0 [ 162.253455][T10011] check_panic_on_warn+0xab/0xb0 [ 162.254737][T10011] __warn+0xf6/0x3d0 [ 162.255782][T10011] ? __kvmalloc_node_noprof+0x180/0x1a0 [ 162.257371][T10011] report_bug+0x3c0/0x580 [ 162.259192][T10011] handle_bug+0x54/0xa0 [ 162.260714][T10011] exc_invalid_op+0x17/0x50 [ 162.261960][T10011] asm_exc_invalid_op+0x1a/0x20 [ 162.263262][T10011] RIP: 0010:__kvmalloc_node_noprof+0x180/0x1a0 [ 162.265003][T10011] Code: e9 1c ff ff ff e8 60 9c bf ff 41 81 e4 00 20 00 00 31 ff 44 89 e6 e8 8f 9e bf ff 45 85 e4 0f 85 3b ff ff ff e8 41 9c bf ff 90 <0f> 0b 90 31 ed e9 ed fe ff ff 48 c7 c7 28 59 5f 90 e8 4a 23 21 00 [ 162.270648][T10011] RSP: 0018:ffffc90005827a68 EFLAGS: 00010287 [ 162.272621][T10011] RAX: 000000000000179a RBX: 00000000da6b5000 RCX: ffffc90007072000 [ 162.275066][T10011] RDX: 0000000000040000 RSI: ffffffff81cde03f RDI: 0000000000000005 [ 162.277507][T10011] RBP: 0000000000000400 R08: 0000000000000005 R09: 0000000000000000 [ 162.280336][T10011] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 162.282801][T10011] R13: 00000000ffffffff R14: 0000000000000002 R15: dffffc0000000000 [ 162.284864][T10011] ? __kvmalloc_node_noprof+0x17f/0x1a0 [ 162.286431][T10011] ? __kvmalloc_node_noprof+0x17f/0x1a0 [ 162.287862][T10011] __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 162.289431][T10011] vivid_update_format_cap+0x127b/0x2530 [ 162.291139][T10011] ? __pfx_vivid_update_format_cap+0x10/0x10 [ 162.293047][T10011] ? v4l2_match_dv_timings+0x1df/0x1010 [ 162.294864][T10011] vivid_vid_cap_s_dv_timings+0xc0f/0xfb0 [ 162.296420][T10011] vidioc_s_dv_timings+0xa5/0xc0 [ 162.297900][T10011] ? v4l_stub_s_dv_timings+0x1b/0x60 [ 162.299768][T10011] __video_do_ioctl+0xaf0/0xf00 [ 162.301077][T10011] ? __pfx___video_do_ioctl+0x10/0x10 [ 162.302575][T10011] ? __might_fault+0xe3/0x190 [ 162.303911][T10011] video_usercopy+0x4ce/0x1600 [ 162.305163][T10011] ? __pfx___video_do_ioctl+0x10/0x10 [ 162.306579][T10011] ? __pfx_video_usercopy+0x10/0x10 [ 162.308066][T10011] v4l2_ioctl+0x1ba/0x250 [ 162.309226][T10011] ? __pfx_v4l2_ioctl+0x10/0x10 [ 162.310762][T10011] __x64_sys_ioctl+0x18f/0x220 [ 162.312111][T10011] do_syscall_64+0xcd/0x250 [ 162.313405][T10011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.315058][T10011] RIP: 0033:0x7fdeca97e719 [ 162.316451][T10011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.322146][T10011] RSP: 002b:00007fdecb6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 162.324454][T10011] RAX: ffffffffffffffda RBX: 00007fdecab35f80 RCX: 00007fdeca97e719 [ 162.326558][T10011] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003 [ 162.328720][T10011] RBP: 00007fdeca9f132e R08: 0000000000000000 R09: 0000000000000000 [ 162.330796][T10011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 162.332774][T10011] R13: 0000000000000000 R14: 00007fdecab35f80 R15: 00007fff9a18a958 [ 162.334798][T10011] [ 162.336280][T10011] Kernel Offset: disabled [ 162.337651][T10011] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:57:58 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000049 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff850b8175 RDI=ffffffff9aaeac00 RBP=ffffffff9aaeabc0 RSP=ffffc900058273c8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000049 R14=ffffffff850b8110 R15=0000000000000000 RIP=ffffffff850b819f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fdecb6b76c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fdeca962220 CR3=00000000513c4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fffffe00 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdeca9f21cb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdeca9f21d8 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdeca9f21d2 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdeca9f21e6 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdeca9f226c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fdeca9f234a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000030 6962762f7665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000013 4a41550c5546470c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49425f444c004854 41005f5952415242 494c5f444c005f00 656d65675f6b6364 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000362e3200414e 41004c004c005042 494c444449004600 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=dffffc0000000000 RBX=1ffff92000875f01 RCX=ffffffff81fb0d89 RDX=1ffff1102fffdea8 RSI=ffffffff81fb0dd2 RDI=0000000000000007 RBP=0000000000060d5e RSP=ffffc900043af808 R8 =0000000000000007 R9 =000000000007ffff R10=000000000000000c R11=0000000000000000 R12=000000000000000c R13=ffff88807ffd6540 R14=ffff88817ffef540 R15=ffffea0001835780 RIP=ffffffff81fb0df5 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f996b867d60 CR3=000000000df7c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=00000000000000ff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f996ad0c6a3 00007f996ad0c6a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff45b3bb70 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557df8f490 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055557df9a5ed 000055557df9a4e0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff45b3bfe4 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0310080009880300 08000980032eec08 0008f80301a08008 0008f00301a08008 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010880041888a2d9 ae08000100000008 060601268a000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000001ffffffff ffffffffa30809a4 0312020009a20303 a0020009a0031fff ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fffffe0800099803 1008000990031008 0009880300080009 80032eec080008f8 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49425f444c004854 41005f5952415242 494c5f444c005f00 656d65675f6b6364 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000362e3200414e 41004c004c005042 494c444449004600 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000022b78f RBX=0000000000000002 RCX=ffffffff8b235449 RDX=0000000000000000 RSI=ffffffff8b6cd040 RDI=ffffffff8bd1b2c0 RBP=ffffed1003b5f000 RSP=ffffc90000197e08 R8 =0000000000000001 R9 =ffffed100d507025 R10=ffff88806a83812b R11=0000000000000000 R12=0000000000000002 R13=ffff88801daf8000 R14=ffffffff905f59c8 R15=0000000000000000 RIP=ffffffff8b23682f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f97c7b99f98 CR3=0000000040bd0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df21cb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df21d8 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df21d2 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df21e6 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df226c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df234a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6f0c488 00007f97c6f0c480 00007f97c6f0c478 00007f97c6f0c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c7a6d100 00007f97c6f0c440 00007f97c6f0c458 00007f97c6f0c4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6f0c498 00007f97c6f0c490 00007f97c6f0c488 00007f97c6f0c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49425f444c004854 41005f5952415242 494c5f444c005f00 656d65675f6b6364 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000362e3200414e 41004c004c005042 494c444449004600 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=1ffff920006f9dd5 RBX=ffffc900037cef28 RCX=ffffc900037d0000 RDX=0000000000000001 RSI=ffff888027408000 RDI=ffffc900037cee48 RBP=dffffc0000000000 RSP=ffffc900037cee48 R8 =0000000000000001 R9 =0000000000000000 R10=ffffc900037cee98 R11=dffffc0000000000 R12=fffff520006f9dd5 R13=fffff520006f9dd4 R14=ffffc900037cee98 R15=ffffc900037ceea0 RIP=ffffffff813d731c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f97c7bbb6c0 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b2ee1fffc CR3=0000000040bd0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df21cb ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df21d8 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df21d2 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df21e6 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df226c ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6df234a ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6f0c488 00007f97c6f0c480 00007f97c6f0c478 00007f97c6f0c450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c7a6d100 00007f97c6f0c440 00007f97c6f0c458 00007f97c6f0c4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f97c6f0c498 00007f97c6f0c490 00007f97c6f0c488 00007f97c6f0c480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 0000000000000000 0000000000000000 00000000000000a0 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 49425f444c004854 41005f5952415242 494c5f444c005f00 656d65675f6b6364 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000362e3200414e 41004c004c005042 494c444449004600 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000