last executing test programs: 1.578471899s ago: executing program 3 (id=443): setfsgid(0x0) 1.577595194s ago: executing program 3 (id=448): syz_open_dev$hidraw(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$hidraw(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$hidraw(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$hidraw(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$hidraw(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$hidraw(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$hidraw(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$hidraw(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$hidraw(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$hidraw(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$hidraw(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$hidraw(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$hidraw(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$hidraw(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$hidraw(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$hidraw(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$hidraw(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$hidraw(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$hidraw(&(0x7f0000000500), 0x4, 0x800) 1.497902219s ago: executing program 3 (id=453): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_stats', 0x0, 0x0) 1.489953069s ago: executing program 3 (id=457): fchmodat(0xffffffffffffffff, &(0x7f0000000000), 0x0) 1.426125405s ago: executing program 3 (id=462): fchownat(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0) 1.411010917s ago: executing program 3 (id=464): pause() 294.529008ms ago: executing program 1 (id=573): syz_open_dev$sndhw(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$sndhw(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$sndhw(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$sndhw(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$sndhw(&(0x7f0000000140), 0xa, 0x0) syz_open_dev$sndhw(&(0x7f0000000180), 0xa, 0x1) syz_open_dev$sndhw(&(0x7f00000001c0), 0xa, 0x2) syz_open_dev$sndhw(&(0x7f0000000200), 0xa, 0x800) syz_open_dev$sndhw(&(0x7f0000000240), 0x14, 0x0) syz_open_dev$sndhw(&(0x7f0000000280), 0x14, 0x1) syz_open_dev$sndhw(&(0x7f00000002c0), 0x14, 0x2) syz_open_dev$sndhw(&(0x7f0000000300), 0x14, 0x800) syz_open_dev$sndhw(&(0x7f0000000340), 0x1e, 0x0) syz_open_dev$sndhw(&(0x7f0000000380), 0x1e, 0x1) syz_open_dev$sndhw(&(0x7f00000003c0), 0x1e, 0x2) syz_open_dev$sndhw(&(0x7f0000000400), 0x1e, 0x800) syz_open_dev$sndhw(&(0x7f0000000440), 0x28, 0x0) syz_open_dev$sndhw(&(0x7f0000000480), 0x28, 0x1) syz_open_dev$sndhw(&(0x7f00000004c0), 0x28, 0x2) syz_open_dev$sndhw(&(0x7f0000000500), 0x28, 0x800) 244.832723ms ago: executing program 1 (id=577): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video1', 0x2, 0x0) 244.7016ms ago: executing program 1 (id=579): vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) 194.008234ms ago: executing program 4 (id=582): umount2(&(0x7f0000000000), 0x0) 193.874998ms ago: executing program 0 (id=583): socket$inet6_tcp(0xa, 0x1, 0x0) 193.714116ms ago: executing program 1 (id=585): socket$phonet(0x23, 0x2, 0x1) 184.460302ms ago: executing program 0 (id=586): clock_nanosleep(0x0, 0x0, &(0x7f0000000000), 0x0) 184.3463ms ago: executing program 4 (id=587): faccessat2(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) 167.476611ms ago: executing program 2 (id=588): fchdir(0xffffffffffffffff) 118.353169ms ago: executing program 1 (id=589): syz_open_dev$vcsu(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$vcsu(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$vcsu(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$vcsu(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$vcsu(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$vcsu(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$vcsu(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$vcsu(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$vcsu(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$vcsu(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$vcsu(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$vcsu(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$vcsu(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$vcsu(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$vcsu(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$vcsu(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$vcsu(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$vcsu(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$vcsu(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$vcsu(&(0x7f0000000500), 0x4, 0x800) 118.153208ms ago: executing program 4 (id=590): llistxattr(&(0x7f0000000000), &(0x7f0000000000), 0x0) 118.026355ms ago: executing program 0 (id=591): syz_open_dev$admmidi(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$admmidi(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$admmidi(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$admmidi(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$admmidi(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$admmidi(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$admmidi(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$admmidi(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$admmidi(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$admmidi(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$admmidi(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$admmidi(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$admmidi(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$admmidi(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$admmidi(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$admmidi(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$admmidi(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$admmidi(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$admmidi(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$admmidi(&(0x7f0000000500), 0x4, 0x800) 117.810233ms ago: executing program 2 (id=592): unlink(&(0x7f0000000000)) 117.519215ms ago: executing program 1 (id=593): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/bluetooth/6lowpan_control', 0x2, 0x0) 114.169375ms ago: executing program 4 (id=594): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self', 0x800, 0x0) 106.186483ms ago: executing program 2 (id=595): ustat(0x0, &(0x7f0000000000)) 50.35302ms ago: executing program 0 (id=597): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey', 0x800, 0x0) 50.229753ms ago: executing program 2 (id=598): syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) 50.076575ms ago: executing program 4 (id=599): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/acpi_thermal_rel', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/acpi_thermal_rel', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/acpi_thermal_rel', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/acpi_thermal_rel', 0x800, 0x0) 30.518554ms ago: executing program 2 (id=600): removexattr(&(0x7f0000000000), &(0x7f0000000000)) 30.411442ms ago: executing program 4 (id=601): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp', 0x800, 0x0) 27.833275ms ago: executing program 0 (id=602): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mISDNtimer', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mISDNtimer', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mISDNtimer', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mISDNtimer', 0x800, 0x0) 89.233µs ago: executing program 0 (id=603): socket$nl_rdma(0x10, 0x3, 0x14) 0s ago: executing program 2 (id=604): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse', 0x2, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.234' (ED25519) to the list of known hosts. [ 67.193104][ T5216] cgroup: Unknown subsys name 'net' [ 67.347426][ T5216] cgroup: Unknown subsys name 'cpuset' [ 67.356755][ T5216] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 68.904904][ T5216] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 71.780817][ T1267] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.792152][ T1267] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.929438][ T5440] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 74.446926][ T5296] coredump: 12(syz.1.59): interrupted: fatal signal pending [ 74.476409][ T5296] coredump: 12(syz.1.59): written to core: VMAs: 17, size 53436416; core: 37031888 bytes, pos 49180672 [ 75.215839][ T5704] mmap: syz.4.466 (5704) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 76.114903][ T5795] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 76.607525][ T5847] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] PREEMPT SMP KASAN PTI [ 76.620617][ T5847] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f] [ 76.629254][ T5847] CPU: 1 UID: 0 PID: 5847 Comm: syz.2.604 Not tainted 6.11.0-next-20240919-syzkaller #0 [ 76.639034][ T5847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 76.649133][ T5847] RIP: 0010:fuse_get_req+0x699/0xd40 [ 76.654756][ T5847] Code: 24 50 48 83 c3 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 45 ce e9 fe 48 8b 1b 48 83 c3 58 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 28 ce e9 fe 48 8b 1b 81 e3 00 20 [ 76.674513][ T5847] RSP: 0018:ffffc900044ff4c0 EFLAGS: 00010202 [ 76.680632][ T5847] RAX: 000000000000000b RBX: 0000000000000058 RCX: ffffffff8314dac2 [ 76.688674][ T5847] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88803090a030 [ 76.696683][ T5847] RBP: ffffc900044ff5e8 R08: ffff88803090a037 R09: 1ffff11006121406 [ 76.704900][ T5847] R10: dffffc0000000000 R11: ffffed1006121407 R12: ffff88803090a000 [ 76.713015][ T5847] R13: dffffc0000000000 R14: ffff888077a9b840 R15: ffff88803090a000 [ 76.721031][ T5847] FS: 0000555564107500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 76.730012][ T5847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.736828][ T5847] CR2: 00007f7b96f07050 CR3: 000000002d5c2000 CR4: 00000000003506f0 [ 76.745109][ T5847] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 76.753227][ T5847] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 76.761588][ T5847] Call Trace: [ 76.764996][ T5847] [ 76.768013][ T5847] ? __die_body+0x5f/0xb0 [ 76.772390][ T5847] ? die_addr+0xb0/0xe0 [ 76.776589][ T5847] ? exc_general_protection+0x3dd/0x5d0 [ 76.782246][ T5847] ? asm_exc_general_protection+0x26/0x30 [ 76.788168][ T5847] ? fuse_get_req+0x602/0xd40 [ 76.792995][ T5847] ? fuse_get_req+0x699/0xd40 [ 76.797839][ T5847] ? __pfx_fuse_get_req+0x10/0x10 [ 76.802986][ T5847] fuse_simple_background+0x9d/0xb10 [ 76.808489][ T5847] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 76.814119][ T5847] cuse_channel_open+0x447/0x670 [ 76.819383][ T5847] ? __pfx_cuse_channel_open+0x10/0x10 [ 76.825038][ T5847] misc_open+0x2cc/0x340 [ 76.829461][ T5847] chrdev_open+0x521/0x600 [ 76.834026][ T5847] ? __pfx_apparmor_file_open+0x10/0x10 [ 76.839813][ T5847] ? __pfx_chrdev_open+0x10/0x10 [ 76.844805][ T5847] ? security_file_open+0x513/0x990 [ 76.850057][ T5847] ? __pfx_chrdev_open+0x10/0x10 [ 76.855215][ T5847] do_dentry_open+0x978/0x1460 [ 76.860037][ T5847] vfs_open+0x3e/0x330 [ 76.864177][ T5847] path_openat+0x2cb5/0x3b40 [ 76.869017][ T5847] ? mark_lock+0x9a/0x360 [ 76.873520][ T5847] ? __pfx_stack_trace_save+0x10/0x10 [ 76.878948][ T5847] ? __pfx_path_openat+0x10/0x10 [ 76.883929][ T5847] ? __lock_acquire+0x1384/0x2050 [ 76.889281][ T5847] do_filp_open+0x235/0x490 [ 76.893836][ T5847] ? __pfx_do_filp_open+0x10/0x10 [ 76.898961][ T5847] ? _raw_spin_unlock+0x28/0x50 [ 76.903872][ T5847] ? alloc_fd+0x5a1/0x640 [ 76.908336][ T5847] do_sys_openat2+0x13e/0x1d0 [ 76.913156][ T5847] ? __pfx_do_sys_openat2+0x10/0x10 [ 76.918498][ T5847] __x64_sys_openat+0x247/0x2a0 [ 76.923397][ T5847] ? __pfx___x64_sys_openat+0x10/0x10 [ 76.928825][ T5847] ? exc_page_fault+0x590/0x8c0 [ 76.933748][ T5847] ? do_syscall_64+0xb6/0x230 [ 76.938468][ T5847] do_syscall_64+0xf3/0x230 [ 76.943031][ T5847] ? clear_bhb_loop+0x35/0x90 [ 76.947768][ T5847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.953716][ T5847] RIP: 0033:0x7f7b96f7def9 [ 76.958204][ T5847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.958526][ T5647] coredump: 93(syz.3.408): written to core: VMAs: 17, size 53436416; core: 41295698 bytes, pos 53440512 [ 76.977909][ T5847] RSP: 002b:00007ffc638b9578 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 76.977939][ T5847] RAX: ffffffffffffffda RBX: 00007f7b97135f80 RCX: 00007f7b96f7def9 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 76.977955][ T5847] RDX: 0000000000000002 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 76.977970][ T5847] RBP: 00007f7b96ff0b76 R08: 0000000000000000 R09: 0000000000000000 [ 76.977983][ T5847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.977997][ T5847] R13: 00007f7b97135f80 R14: 00007f7b97135f80 R15: 0000000000000b46 [ 76.978020][ T5847] [ 76.978028][ T5847] Modules linked in: [ 76.978427][ T5847] ---[ end trace 0000000000000000 ]--- [ 77.068355][ T5847] RIP: 0010:fuse_get_req+0x699/0xd40 [ 77.074612][ T5847] Code: 24 50 48 83 c3 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 45 ce e9 fe 48 8b 1b 48 83 c3 58 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 28 ce e9 fe 48 8b 1b 81 e3 00 20 [ 77.106587][ T5847] RSP: 0018:ffffc900044ff4c0 EFLAGS: 00010202 [ 77.120660][ T5847] RAX: 000000000000000b RBX: 0000000000000058 RCX: ffffffff8314dac2 [ 77.140268][ T5847] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88803090a030 [ 77.149366][ T5847] RBP: ffffc900044ff5e8 R08: ffff88803090a037 R09: 1ffff11006121406 [ 77.163128][ T5847] R10: dffffc0000000000 R11: ffffed1006121407 R12: ffff88803090a000 [ 77.171188][ T5847] R13: dffffc0000000000 R14: ffff888077a9b840 R15: ffff88803090a000 [ 77.179619][ T5847] FS: 0000555564107500(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 77.194575][ T5847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.201503][ T5847] CR2: 00005586410140a8 CR3: 000000002d5c2000 CR4: 00000000003506f0 [ 77.212986][ T5847] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 77.221253][ T5847] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 77.230558][ T5847] Kernel panic - not syncing: Fatal exception [ 77.237103][ T5847] Kernel Offset: disabled [ 77.241452][ T5847] Rebooting in 86400 seconds..