last executing test programs: 1.849167661s ago: executing program 1 (id=473): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@gettaction={0x14, 0x5a, 0xc6b747b6bf1c6b95}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x20008000) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884) 1.781785995s ago: executing program 1 (id=474): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010200000000000000000c0000000c00000002000000000000"], 0x0, 0x26, 0x0, 0x2, 0x0, 0x0, @void, @value}, 0x28) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x30, &(0x7f0000000100)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1c17}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8}, @IFLA_MTU={0x8, 0x4, 0x4c5}]}, 0x44}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) fsopen(&(0x7f0000000040)='ramfs\x00', 0x0) socket$can_raw(0x1d, 0x3, 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r1 = eventfd(0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000040)={r2, 0x0, 0x2, r1}) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="540000000008010100000000000000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}}, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xa}, 0x20) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 1.702717216s ago: executing program 1 (id=475): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r3}, 0x10) mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x2081012, &(0x7f0000000380)={'trans=virtio,', {[{@directio}, {@afid={'afid', 0x3d, 0x1}}, {@loose}, {@directio}, {@cache_mmap}, {@version_L}, {}], [{@smackfstransmute={'smackfstransmute', 0x3d, '+'}}, {@permit_directio}, {@fsname}, {@smackfsdef={'smackfsdef', 0x3d, '/dev/kvm\x00'}}, {@seclabel}]}}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.582497164s ago: executing program 1 (id=476): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x1}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={r1, 0x0, &(0x7f00000020c0)}, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x24, r5, 0x1, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x516a}]}, 0x24}, 0x1, 0x0, 0x0, 0x44}, 0x4040140) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYRES8=r3, @ANYRES32=r7, @ANYBLOB="00000002080009000e000000b47155744dd4b1eb1110921f37cc080001050014148c3dcffdffbd0f4018cf6203d851aadc0fb4600dc65d49ee2852f8640d8a1cd040df0bf9a8967097a4f5176aab633f4624fb5e9812e642d7b526725c31ea0eae3fdf2cab520b2490415a43202a8509e59c31cd62f9c37924f6a863a8e9e682952d97e9b5153034e18c24f208c32c96ea428b934bcd9711b06e5a19e31c9c476bd2d8ded66fc9d300cf1326e52fefbdb4cf350e85dbe6b7e27fd6cfdbee665da8158a817a243919936464ad3c276b01c9dcfb15bec20e00e5490293b0fb63ec36e9f996d9d4e6b065eff79ab88c56861ba4346c4daed810e5"], 0x54}}, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000100)={0x1f, 0x3}, 0x6) write$binfmt_misc(r8, &(0x7f0000000000), 0xd) ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000000)={'batadv_slave_1\x00', {0x2, 0x0, @loopback}}) 1.582227546s ago: executing program 1 (id=477): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) r1 = syz_usb_connect(0x1, 0x36, &(0x7f0000000480)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r2, &(0x7f0000000280)=""/239, 0xef) syz_usb_disconnect(r1) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f0000001640)={0x1, 0x0, &(0x7f0000001580)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f0000000080)=""/25, 0x19}, {&(0x7f00000000c0)=""/16, 0x10}, {&(0x7f00000011c0)=""/222, 0xde}, {&(0x7f00000012c0)=""/118, 0x76}, {&(0x7f0000001340)=""/129, 0x81}, {&(0x7f0000001400)=""/213, 0xd5}, {&(0x7f0000001500)=""/83, 0x53}], &(0x7f0000001600)=[0x5, 0x56, 0x0], 0x8}, 0x20) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @mcast2, 0x2}, 0x1c) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001680)=ANY=[@ANYBLOB="300000001a00010000000000000000008180f173de95bb000000000000001400010000000000ffbd0000ffff3a71f650d47fe8661eba"], 0x30}}, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000001c0)=ANY=[], 0x20) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 961.607539ms ago: executing program 2 (id=486): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) recvmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x3, 0x0, 0x0, &(0x7f00000035c0)=""/241, 0x6c5621a684f1998c, 0x1000000}}, {{&(0x7f0000000540)=@un=@abs, 0x80, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x7ffff}], 0x15, &(0x7f00000037c0)=""/236, 0xec}}, {{0x0, 0x0, &(0x7f0000003bc0)=[{0x0, 0xe00000000000000}, {&(0x7f0000003a00)=""/190, 0xfffffffffffffdac}, {&(0x7f0000003ac0)=""/131, 0x83}, {0x0}], 0x4, &(0x7f0000003c00)=""/65, 0x49}}, {{&(0x7f0000003c80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, 0x0, 0x0, &(0x7f0000003e00)=""/48, 0x30}}], 0x4, 0x40000121, 0x0) 852.748311ms ago: executing program 2 (id=487): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@gettaction={0x14, 0x5a, 0xc6b747b6bf1c6b95}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r2, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884) 852.540016ms ago: executing program 2 (id=488): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x0, 0x26, 0x0, 0x2, 0x0, 0x0, @void, @value}, 0x28) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x30, &(0x7f0000000100)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1c17}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MTU={0x8, 0x4, 0x4c5}]}, 0x44}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) fsopen(&(0x7f0000000040)='ramfs\x00', 0x0) socket$can_raw(0x1d, 0x3, 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) eventfd(0x0) eventfd(0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000600)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0xac, 0x0, 0xa, 0x801, 0x0, 0x0, {0x7, 0x0, 0x8}}, @NFT_MSG_NEWFLOWTABLE={0x164, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x6}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HOOK={0x118, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_batadv\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'pim6reg0\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'vxcan1\x00'}, {0x14, 0x1, 'hsr0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6tnl0\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'veth1_to_hsr\x00'}, {0x14, 0x1, 'vxcan1\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}, @NFT_MSG_NEWFLOWTABLE={0xb0, 0x16, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0x58, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_vlan\x00'}, {0x14, 0x1, 'pim6reg\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x3b, 0x2, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x50, 0x18, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELCHAIN={0x38, 0x5, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0xa0, 0x16, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x5c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'erspan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'nr0\x00'}, {0x14, 0x1, 'macvlan1\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x28, 0x2, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_FLAGS={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x438}}, 0x45) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xa}, 0x20) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 722.082895ms ago: executing program 2 (id=491): r0 = socket$phonet(0x23, 0x2, 0x1) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000300)=""/139, &(0x7f00000003c0)=0x8b) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000400)={@multicast2, @multicast1, 0x0}, &(0x7f0000000480)=0xc) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, r3, 0x1002, 0x8243}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_SPORT={0x6, 0x11, 0x4e22}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x5}, @IFLA_IPTUN_FLAGS={0x6, 0x8, 0x33}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x0) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c00000000080104000000000000000007000007140004800800024000000009080001000000fa2e050003002f00000006000240080500000600024008050000090001"], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x4040) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x14, 0x2, 0x8, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x404c080}, 0x80080) syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000700)=[@textreal={0x8, &(0x7f0000000640)="990f38f12a0f3066b9690a000066b80000008066ba000000000f3066b8070000000f23d80f21f86635400000c00f23f80f20950f009b4b423665660f38db280f20d86635080000002f22a16676562c", 0x4f}], 0x1, 0x13, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000}) r7 = pidfd_getfd(0xffffffffffffffff, r5, 0x0) bind$alg(r7, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20-generic\x00'}, 0x58) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000080)={[0x7, 0x1, 0x4b4e, 0x8, 0xf3, 0x0, 0xfffffffffffffd7b, 0x6, 0x4b, 0x3, 0x6, 0x7fffffff, 0x2, 0x3, 0xffffffffffffffff, 0x6], 0x8080000, 0x2c0c10}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 721.307517ms ago: executing program 0 (id=493): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) r1 = socket$kcm(0x10, 0x5, 0x4) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) rmdir(&(0x7f0000000700)='./cgroup/../file0\x00') bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000c40)={@cgroup=r2, 0x31, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000000000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBLED(r3, 0x4b64, &(0x7f0000000400)) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, 0x0) getsockname$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @local}, &(0x7f0000000240)=0x1c) unshare(0x68040200) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000740)={'wg2\x00', 0x0}) r7 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ip6_tables_names\x00') preadv(r7, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/30, 0x1e}], 0x1, 0x80000001, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=r6, @ANYBLOB="100001000000000005001100030000000c002b80080002"], 0x3c}}, 0x8000) socket$packet(0x11, 0x2, 0x300) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80602, 0x0) socket$netlink(0x10, 0x3, 0x15) openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) 642.35001ms ago: executing program 2 (id=494): r0 = socket$inet(0x2, 0x3, 0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x3ec0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) shutdown(r0, 0x0) syz_io_uring_setup(0x34e0, &(0x7f0000000200)={0x0, 0x825, 0x200, 0x0, 0x200000}, &(0x7f0000000480), &(0x7f0000000000)=0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='rxrpc_recvmsg\x00', r4}, 0x10) r5 = socket$inet6(0xa, 0x1, 0x84) bind$inet6(r5, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) shutdown(r5, 0x0) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8) sendto$inet6(r5, &(0x7f0000000100)="bc", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) close(r5) r6 = socket(0x21, 0x2, 0x10000000000002) connect$rxrpc(r6, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x3a) sendmmsg(r6, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18faff00000000001001000001000000000000000000"], 0x18, 0xe000}, 0x5}], 0x1, 0x0) recvmmsg(r6, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10002, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r7 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0) r8 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0) ioctl$MEDIA_IOC_ENUM_LINKS(r8, 0xc0287c02, &(0x7f0000000380)={0x80000000, 0x0, &(0x7f0000000500)=[{{}, {0x80000000}}]}) ioctl$MEDIA_IOC_ENUM_LINKS(r7, 0xc0287c02, &(0x7f0000000300)={r9, &(0x7f0000000340)=[{}, {0x80000000}], &(0x7f0000000480)=[{{}, {0x80000000}}]}) ioctl$MEDIA_IOC_ENUM_LINKS(r7, 0xc0287c02, &(0x7f0000000280)={r11, 0x0, &(0x7f0000000200)=[{{0x80000000, 0x0}}]}) ioctl$MEDIA_IOC_SETUP_LINK(r7, 0xc0347c03, &(0x7f0000000400)={{r10, r13, 0x3}, {r12}}) syz_io_uring_setup(0xa95, &(0x7f0000000280)={0x0, 0x800095b0, 0x10, 0x1}, &(0x7f0000000340)=0x0, &(0x7f00000005c0)) syz_io_uring_submit(r14, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) 642.134013ms ago: executing program 0 (id=495): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x3f000000, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000540)={[], [{@seclabel}]}) 642.0604ms ago: executing program 0 (id=496): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@gettaction={0x14, 0x5a, 0xc6b747b6bf1c6b95}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r2, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884) 572.595007ms ago: executing program 0 (id=497): r0 = socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x3c, 0x0, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x3c}}, 0x0) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x3c, 0x0, 0x4, 0x70bd2a, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xc7}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008800) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0x11, "b6acd7b8f7f0a0ae8c5d910c3378"}}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SDTEFACILITIES(r4, 0x89eb, &(0x7f0000000000)={0x7, 0x1ff, 0x3, 0x7, 0x7d, 0x23, 0x12, "0ce77c63a6b20266a30bc3be874857e156545972", "25f0f7a8af71a2757faf827a875c9dda8b601d87"}) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), r1) sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r5, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x100}]}, 0x1c}, 0x1, 0x0, 0x0, 0x845}, 0x8001) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}, 0x1, 0x0, 0x0, 0xc041}, 0x884) 572.39048ms ago: executing program 0 (id=498): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x80) recvmmsg(r1, &(0x7f0000000cc0)=[{{0x0, 0x8dff, &(0x7f00000003c0)=[{&(0x7f0000000080)=""/70, 0x46}], 0x1}, 0x6}], 0x1, 0x2000, 0x0) 572.03205ms ago: executing program 0 (id=499): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x0, 0x26, 0x0, 0x2, 0x0, 0x0, @void, @value}, 0x28) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vlan1\x00'}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1c17}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_MTU={0x8, 0x4, 0x4c5}]}, 0x3c}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) fsopen(&(0x7f0000000040)='ramfs\x00', 0x0) socket$can_raw(0x1d, 0x3, 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) r3 = eventfd(0x0) r4 = eventfd(0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000040)={r4, 0x0, 0x2, r3}) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="540000000008010100000000000000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000600)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0xac, 0x0, 0xa, 0x801, 0x0, 0x0, {0x7, 0x0, 0x8}}, @NFT_MSG_NEWFLOWTABLE={0x164, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x6}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HOOK={0x118, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_batadv\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'pim6reg0\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'vxcan1\x00'}, {0x14, 0x1, 'hsr0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ip6tnl0\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'veth1_to_hsr\x00'}, {0x14, 0x1, 'vxcan1\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}, @NFT_MSG_NEWFLOWTABLE={0xb0, 0x16, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0x58, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_vlan\x00'}, {0x14, 0x1, 'pim6reg\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x3b, 0x2, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x50, 0x18, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELCHAIN={0x38, 0x5, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0xa0, 0x16, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x5c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'erspan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'nr0\x00'}, {0x14, 0x1, 'macvlan1\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x28, 0x2, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_FLAGS={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x438}}, 0x45) syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6016000000102b00fc0100000000000000e2ff0000000000fe8000000000000000000400000000aa"], 0x0) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xa}, 0x20) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) 492.641695ms ago: executing program 2 (id=500): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f00000004c0)={0x9, 0x0, 0x20, 0x0, "cbfea29368cc60a1ff856ae471fe261fdfb44a306ea8d6996bbcb8eb45d73158"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff}) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xb, 0x5, 0xb) syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000800)={'wlan0\x00'}) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x5c, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x48, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x6, @remote, 0x3}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xb, 0x1, @l2={'ib', 0x3a, 'wg2\x00'}}]}]}, 0x5c}}, 0x0) sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x60, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x4c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xffffffff}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r5, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 292.704647ms ago: executing program 3 (id=502): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$l2tp(&(0x7f00000004c0), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4881}, 0x8000) 292.567302ms ago: executing program 3 (id=503): r0 = syz_genetlink_get_family_id$smc(&(0x7f00000005c0), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000f00", @ANYRES16=r0, @ANYBLOB="01000000000000000000020000201400020070696d367265673000000000000000000900010073"], 0x40}}, 0x0) 292.366445ms ago: executing program 3 (id=504): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r1, &(0x7f0000001e80)=@file={0x1, './file0\x00'}, 0x6e) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000002140)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='initcall_start\x00', r2}, 0x10) r4 = gettid() bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={r4, r3, 0x0, 0x1, &(0x7f00000001c0)='\x00'}, 0x11) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000340)=0xc) r5 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, 0x0}, &(0x7f00000000c0)=0xc) setresgid(0xee00, r6, r6) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_COALESCE(r7, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r8, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r10}, @void}}}, 0x28}, 0x1, 0x6c00}, 0x0) accept4$inet(0xffffffffffffffff, &(0x7f00000016c0)={0x2, 0x0, @local}, &(0x7f0000001700)=0x10, 0x80800) openat$fb0(0xffffffffffffff9c, &(0x7f0000001740), 0x800, 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r11) sendmsg$ETHTOOL_MSG_DEBUG_SET(r11, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r14 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r14, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="5c00000015006b05c84e21000ab16d6e230675f802000200360002005817d30461bc24eeb556a705251e6182149a36c23d3b48dfd8cdbf9367b098fa51f60a64c9f408000000e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r15 = ioctl$KVM_CREATE_VM(r13, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r15, 0xae60) socket$inet_icmp_raw(0x2, 0x3, 0x1) r16 = eventfd(0x400) ioctl$KVM_IRQFD(r15, 0x4020ae76, &(0x7f0000000900)={r16, 0x1, 0x2}) mount$binder(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='max=00000000020000000']) 142.428759ms ago: executing program 3 (id=505): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=@gettaction={0x14, 0x5a, 0xc6b747b6bf1c6b95}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r2, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x884) 142.212456ms ago: executing program 3 (id=506): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) r1 = socket$kcm(0x10, 0x5, 0x4) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) rmdir(&(0x7f0000000700)='./cgroup/../file0\x00') bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000c40)={@cgroup=r2, 0x31, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000000000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBLED(r3, 0x4b64, &(0x7f0000000400)) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, 0x0) getsockname$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @local}, &(0x7f0000000240)=0x1c) unshare(0x68040200) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000740)={'wg2\x00', 0x0}) r7 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ip6_tables_names\x00') preadv(r7, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/30, 0x1e}], 0x1, 0x80000001, 0x0) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=r6, @ANYBLOB="100001000000000005001100030000000c002b80080002"], 0x3c}}, 0x8000) socket$packet(0x11, 0x2, 0x300) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80602, 0x0) socket$netlink(0x10, 0x3, 0x15) openat$ipvs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) 341.15µs ago: executing program 3 (id=507): r0 = syz_open_dev$vim2m(&(0x7f0000000240), 0x2000a54, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1) (fail_nth: 9) 0s ago: executing program 1 (id=508): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="cb2b5208027355cf791c06000000edbaa37366643d", @ANYRES32=r1, @ANYRESHEX=r1, @ANYRESOCT=0x0, @ANYBLOB='\x00'/10, @ANYRESOCT=r2]) read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0}, 0xffffffffffffff54) write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0xfffffffe, 0x4c2a4a, 0x0, 0x0, 0x3}}, 0x50) syz_fuse_handle_req(r2, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100c4b600", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x9c33cbf2f2cca357}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130, 0x0, 0x0, {0x0, 0x0, 0x0, '\x00', {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0x0, 0xfffffffe}}}}}) r5 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$selinux_attr(r5, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d) r6 = memfd_create(&(0x7f00000005c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5\x00\x00\x00\x00\x00\x00\x00\x05L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0\xc8d\x96G\xcf\x066\x84\x82-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0) r7 = syz_clone(0x88200, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r8, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f00000000c0)='macvlan1\x00', 0x10) connect$inet(r8, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10) execveat(r6, &(0x7f0000000140)='\x00', 0x0, 0x0, 0x1000) r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1, 0x0) write$FUSE_INIT(r9, 0x0, 0x0) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4a20, @private=0xa010102}, 0x10) setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000000000)={0x2, @empty, 0x4e20, 0x208, 'wlc\x00', 0x5, 0xff, 0x4a}, 0x2c) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xffffffff]}, 0x0, 0x8) r10 = gettid() tkill(r10, 0x11) rt_sigaction(0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000)) ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000280)={0xffffffff, 0x1, {r7}, {r4}, 0x4, 0x5}) ptrace$ARCH_GET_UNTAG_MASK(0x1e, r11, &(0x7f0000000300), 0x4001) r12 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r12, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) bind$inet(r12, &(0x7f0000e15000)={0x2, 0x4e20, @multicast1}, 0x10) kernel console output (not intermixed with test programs): 3123][ T6234] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 41.474623][ T6234] ? avc_policy_seqno+0x9/0x20 [ 41.475849][ T6234] ? bpf_lsm_file_permission+0x9/0x10 [ 41.477245][ T6234] ? security_file_permission+0x71/0x210 [ 41.478856][ T6234] vfs_writev+0x363/0xdd0 [ 41.479977][ T6234] ? __pfx_lock_release+0x10/0x10 [ 41.481272][ T6234] ? lock_release+0x4e2/0x6f0 [ 41.482513][ T6234] ? __pfx_vfs_writev+0x10/0x10 [ 41.483972][ T6234] ? rcu_is_watching+0x12/0xc0 [ 41.485199][ T6234] ? __pfx_lock_release+0x10/0x10 [ 41.486545][ T6234] ? trace_lock_acquire+0x14e/0x1f0 [ 41.487883][ T6234] ? __fget_files+0x206/0x3a0 [ 41.489129][ T6234] ? do_writev+0x133/0x340 [ 41.490291][ T6234] do_writev+0x133/0x340 [ 41.491387][ T6234] ? __pfx_do_writev+0x10/0x10 [ 41.492609][ T6234] ? rcu_is_watching+0x12/0xc0 [ 41.494109][ T6234] ? rcu_is_watching+0x12/0xc0 [ 41.495351][ T6234] do_syscall_64+0xcd/0x250 [ 41.496656][ T6234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 41.498297][ T6234] RIP: 0033:0x7fc17ff85d19 [ 41.499419][ T6234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 41.504506][ T6234] RSP: 002b:00007fc180d1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 41.506564][ T6234] RAX: ffffffffffffffda RBX: 00007fc180175fa0 RCX: 00007fc17ff85d19 [ 41.508460][ T6234] RDX: 0000000000000003 RSI: 0000000020000140 RDI: 0000000000000003 [ 41.510380][ T6234] RBP: 00007fc180d1d090 R08: 0000000000000000 R09: 0000000000000000 [ 41.512354][ T6234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 41.514628][ T6234] R13: 0000000000000000 R14: 00007fc180175fa0 R15: 00007fff4a4b9c98 [ 41.516530][ T6234] [ 41.539994][ T6241] FAULT_INJECTION: forcing a failure. [ 41.539994][ T6241] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 41.540010][ T6241] CPU: 0 UID: 0 PID: 6241 Comm: syz.2.94 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 41.540022][ T6241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 41.540028][ T6241] Call Trace: [ 41.540032][ T6241] [ 41.540036][ T6241] dump_stack_lvl+0x16c/0x1f0 [ 41.540052][ T6241] should_fail_ex+0x497/0x5b0 [ 41.540067][ T6241] ? fs_reclaim_acquire+0xae/0x150 [ 41.540084][ T6241] should_fail_alloc_page+0xe7/0x130 [ 41.540097][ T6241] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 41.540113][ T6241] ? rcu_is_watching+0x12/0xc0 [ 41.540128][ T6241] ? vc_do_resize+0x1df/0x10b0 [ 41.540142][ T6241] __alloc_pages_noprof+0x190/0x25b0 [ 41.540154][ T6241] ? trace_lock_acquire+0x14e/0x1f0 [ 41.540169][ T6241] ? is_bpf_text_address+0x30/0x1a0 [ 41.540181][ T6241] ? lock_acquire+0x2f/0xb0 [ 41.540191][ T6241] ? is_bpf_text_address+0x30/0x1a0 [ 41.540203][ T6241] ? bpf_ksym_find+0x127/0x1c0 [ 41.540216][ T6241] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 41.540232][ T6241] ? is_bpf_text_address+0x94/0x1a0 [ 41.540244][ T6241] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 41.540256][ T6241] ? lock_release+0x4e2/0x6f0 [ 41.540266][ T6241] ? stack_depot_save_flags+0x38f/0x9e0 [ 41.540281][ T6241] ? __pfx_lock_release+0x10/0x10 [ 41.540292][ T6241] ? rcu_is_watching+0x12/0xc0 [ 41.540306][ T6241] ? trace_irq_enable.constprop.0+0xea/0x140 [ 41.540319][ T6241] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 41.540331][ T6241] ? stack_depot_save_flags+0x38f/0x9e0 [ 41.540345][ T6241] ? vc_do_resize+0x1df/0x10b0 [ 41.540359][ T6241] ___kmalloc_large_node+0x84/0x1b0 [ 41.540373][ T6241] ? kasan_save_stack+0x42/0x60 [ 41.540385][ T6241] __kmalloc_large_node_noprof+0x1c/0x70 [ 41.540399][ T6241] ? tty_ioctl+0x651/0x15d0 [ 41.540408][ T6241] __kmalloc_noprof.cold+0xc/0x61 [ 41.540423][ T6241] vc_do_resize+0x1df/0x10b0 [ 41.540439][ T6241] ? __pfx_vc_do_resize+0x10/0x10 [ 41.540455][ T6241] fbcon_do_set_font+0x427/0x910 [ 41.540467][ T6241] fbcon_set_font+0x9c0/0xb60 [ 41.540478][ T6241] ? __pfx_fbcon_set_font+0x10/0x10 [ 41.540488][ T6241] con_font_op+0x7fd/0xf50 [ 41.540499][ T6241] ? __pfx_con_font_op+0x10/0x10 [ 41.540509][ T6241] ? lock_acquire+0x2f/0xb0 [ 41.540519][ T6241] ? __might_fault+0xe3/0x190 [ 41.540538][ T6241] ? __might_fault+0xe3/0x190 [ 41.540553][ T6241] vt_ioctl+0x4ca/0x2f80 [ 41.540565][ T6241] ? __pfx_vt_ioctl+0x10/0x10 [ 41.540577][ T6241] ? kfree+0x14f/0x4b0 [ 41.540588][ T6241] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 41.540602][ T6241] ? do_vfs_ioctl+0x513/0x1990 [ 41.540616][ T6241] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 41.540628][ T6241] ? tty_jobctrl_ioctl+0x152/0xe00 [ 41.540641][ T6241] ? __pfx_vt_ioctl+0x10/0x10 [ 41.540653][ T6241] tty_ioctl+0x651/0x15d0 [ 41.540662][ T6241] ? __pfx_tty_ioctl+0x10/0x10 [ 41.540671][ T6241] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 41.540687][ T6241] ? __pfx_lock_release+0x10/0x10 [ 41.540697][ T6241] ? __fget_files+0x40/0x3a0 [ 41.540709][ T6241] ? selinux_file_ioctl+0x180/0x270 [ 41.540721][ T6241] ? selinux_file_ioctl+0xb4/0x270 [ 41.540734][ T6241] ? __pfx_tty_ioctl+0x10/0x10 [ 41.540743][ T6241] __x64_sys_ioctl+0x190/0x200 [ 41.540757][ T6241] do_syscall_64+0xcd/0x250 [ 41.540771][ T6241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 41.540784][ T6241] RIP: 0033:0x7fa1ae785d19 [ 41.540792][ T6241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 41.540802][ T6241] RSP: 002b:00007fa1af6a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 41.540812][ T6241] RAX: ffffffffffffffda RBX: 00007fa1ae975fa0 RCX: 00007fa1ae785d19 [ 41.540819][ T6241] RDX: 0000000020000100 RSI: 0000000000004b72 RDI: 0000000000000003 [ 41.540825][ T6241] RBP: 00007fa1af6a4090 R08: 0000000000000000 R09: 0000000000000000 [ 41.540831][ T6241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 41.540837][ T6241] R13: 0000000000000000 R14: 00007fa1ae975fa0 R15: 00007ffc116515b8 [ 41.540846][ T6241] [ 41.665435][ T6245] netlink: 4 bytes leftover after parsing attributes in process `syz.1.97'. [ 41.672806][ T6245] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 41.674749][ T6245] UDF-fs: Scanning with blocksize 2048 failed [ 41.677700][ T6245] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found [ 41.679572][ T6245] UDF-fs: Scanning with blocksize 4096 failed [ 41.776751][ T6259] netlink: 28 bytes leftover after parsing attributes in process `syz.2.102'. [ 41.823945][ T6268] netlink: 28 bytes leftover after parsing attributes in process `syz.2.104'. [ 41.827766][ T6268] FAULT_INJECTION: forcing a failure. [ 41.827766][ T6268] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 41.831182][ T6268] CPU: 2 UID: 0 PID: 6268 Comm: syz.2.104 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 41.833969][ T6268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 41.837165][ T6268] Call Trace: [ 41.838071][ T6268] [ 41.838999][ T6268] dump_stack_lvl+0x16c/0x1f0 [ 41.840185][ T6268] should_fail_ex+0x497/0x5b0 [ 41.841411][ T6268] _copy_from_user+0x2e/0xd0 [ 41.842616][ T6268] get_user_ifreq+0xf1/0x250 [ 41.844005][ T6268] inet_ioctl+0x381/0x3f0 [ 41.845150][ T6268] ? __pfx_inet_ioctl+0x10/0x10 [ 41.846418][ T6268] ? rcu_is_watching+0x12/0xc0 [ 41.847654][ T6268] ? __pfx_lock_release+0x10/0x10 [ 41.848974][ T6268] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 41.850547][ T6268] sock_do_ioctl+0x116/0x280 [ 41.851745][ T6268] ? __pfx_sock_do_ioctl+0x10/0x10 [ 41.853068][ T6268] ? preempt_count_add+0x76/0x150 [ 41.854395][ T6268] ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 41.856336][ T6268] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 41.858542][ T6268] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 41.860223][ T6268] sock_ioctl+0x228/0x6c0 [ 41.861539][ T6268] ? __pfx_sock_ioctl+0x10/0x10 [ 41.863197][ T6268] ? selinux_file_ioctl+0x180/0x270 [ 41.864981][ T6268] ? selinux_file_ioctl+0xb4/0x270 [ 41.866641][ T6268] ? __pfx_sock_ioctl+0x10/0x10 [ 41.868166][ T6268] __x64_sys_ioctl+0x190/0x200 [ 41.869716][ T6268] do_syscall_64+0xcd/0x250 [ 41.871218][ T6268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 41.873103][ T6268] RIP: 0033:0x7fa1ae785d19 [ 41.874579][ T6268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 41.880413][ T6268] RSP: 002b:00007fa1af6a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 41.882604][ T6268] RAX: ffffffffffffffda RBX: 00007fa1ae975fa0 RCX: 00007fa1ae785d19 [ 41.884689][ T6268] RDX: 0000000020000000 RSI: 0000000000008916 RDI: 0000000000000007 [ 41.886620][ T6268] RBP: 00007fa1af6a4090 R08: 0000000000000000 R09: 0000000000000000 [ 41.888748][ T6268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 41.890818][ T6268] R13: 0000000000000000 R14: 00007fa1ae975fa0 R15: 00007ffc116515b8 [ 41.892866][ T6268] [ 41.949591][ T6273] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6273 comm=syz.1.106 [ 41.954843][ T6273] netlink: 4 bytes leftover after parsing attributes in process `syz.1.106'. [ 41.958278][ T6273] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6273 comm=syz.1.106 [ 41.987984][ T6270] FAULT_INJECTION: forcing a failure. [ 41.987984][ T6270] name failslab, interval 1, probability 0, space 0, times 0 [ 41.991307][ T6270] CPU: 0 UID: 0 PID: 6270 Comm: syz.2.105 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 41.994052][ T6270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 41.997014][ T6270] Call Trace: [ 41.997947][ T6270] [ 41.998776][ T6270] dump_stack_lvl+0x16c/0x1f0 [ 42.000070][ T6270] should_fail_ex+0x497/0x5b0 [ 42.001320][ T6270] ? fs_reclaim_acquire+0xae/0x150 [ 42.002722][ T6270] should_failslab+0xc2/0x120 [ 42.004034][ T6270] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 42.005504][ T6270] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 42.007101][ T6270] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 42.008648][ T6270] mmu_topup_memory_caches+0x22/0xd0 [ 42.010029][ T6270] kvm_mmu_load+0xda/0x21f0 [ 42.011227][ T6270] ? kvm_apic_has_interrupt+0xb6/0x190 [ 42.012635][ T6270] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 42.014237][ T6270] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 42.015952][ T6270] ? __pfx_kvm_mmu_load+0x10/0x10 [ 42.017379][ T6270] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 42.018966][ T6270] ? kvm_check_and_inject_events+0x725/0x12e0 [ 42.020567][ T6270] vcpu_run+0x33a4/0x4f50 [ 42.021780][ T6270] ? __pfx___mutex_trylock_common+0x10/0x10 [ 42.023297][ T6270] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 42.024744][ T6270] ? __pfx_vcpu_run+0x10/0x10 [ 42.026009][ T6270] ? rcu_is_watching+0x12/0xc0 [ 42.027257][ T6270] ? trace_lock_acquire+0x14e/0x1f0 [ 42.028570][ T6270] ? trace_irq_enable.constprop.0+0xea/0x140 [ 42.030111][ T6270] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 42.031556][ T6270] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 42.032982][ T6270] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 42.034611][ T6270] kvm_vcpu_ioctl+0x6ce/0x1520 [ 42.035812][ T6270] ? do_vfs_ioctl+0x513/0x1990 [ 42.037040][ T6270] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 42.038434][ T6270] ? preempt_count_add+0x76/0x150 [ 42.039768][ T6270] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 42.041657][ T6270] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 42.043440][ T6270] ? __pfx_lock_release+0x10/0x10 [ 42.044771][ T6270] ? __fget_files+0x40/0x3a0 [ 42.045999][ T6270] ? selinux_file_ioctl+0x180/0x270 [ 42.047362][ T6270] ? selinux_file_ioctl+0xb4/0x270 [ 42.048736][ T6270] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 42.050104][ T6270] __x64_sys_ioctl+0x190/0x200 [ 42.051371][ T6270] do_syscall_64+0xcd/0x250 [ 42.052559][ T6270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 42.054117][ T6270] RIP: 0033:0x7fa1ae785d19 [ 42.055281][ T6270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 42.060291][ T6270] RSP: 002b:00007fa1af6a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 42.062468][ T6270] RAX: ffffffffffffffda RBX: 00007fa1ae975fa0 RCX: 00007fa1ae785d19 [ 42.064518][ T6270] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 42.066865][ T6270] RBP: 00007fa1af6a4090 R08: 0000000000000000 R09: 0000000000000000 [ 42.068917][ T6270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 42.070953][ T6270] R13: 0000000000000000 R14: 00007fa1ae975fa0 R15: 00007ffc116515b8 [ 42.072992][ T6270] [ 42.073976][ C0] vkms_vblank_simulate: vblank timer overrun [ 42.153235][ T6286] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.213679][ T6286] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.217855][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 42.294690][ T6286] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.375417][ T6286] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.507997][ T6286] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.511352][ T6306] xt_hashlimit: invalid interval [ 42.513919][ T6305] Illegal XDP return value 4294967274 on prog (id 21) dev N/A, expect packet loss! [ 42.514155][ T6286] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.522978][ T6286] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.530206][ T6286] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.535283][ T5943] Bluetooth: hci1: command tx timeout [ 42.537260][ T5943] Bluetooth: hci2: command tx timeout [ 42.539254][ T5944] Bluetooth: hci3: command tx timeout [ 42.545302][ T5944] Bluetooth: hci0: command tx timeout [ 42.570852][ T6315] netlink: 20 bytes leftover after parsing attributes in process `syz.2.121'. [ 42.636751][ T6325] sp0: Synchronizing with TNC [ 43.565571][ T6345] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3933611534 (251751138176 ns) > initial count (136114003904 ns). Using initial count to start timer. [ 43.624393][ T6348] netlink: 28 bytes leftover after parsing attributes in process `syz.2.131'. [ 43.908729][ T6369] overlayfs: missing 'lowerdir' [ 43.931412][ T6372] unknown channel width for channel at 909000KHz? [ 43.946601][ T6372] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6372 comm=syz.1.139 [ 43.984365][ T6374] FAULT_INJECTION: forcing a failure. [ 43.984365][ T6374] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 43.988641][ T6374] CPU: 0 UID: 0 PID: 6374 Comm: syz.1.140 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 43.991277][ T6374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 43.994062][ T6374] Call Trace: [ 43.994950][ T6374] [ 43.995860][ T6374] dump_stack_lvl+0x16c/0x1f0 [ 43.997071][ T6374] should_fail_ex+0x497/0x5b0 [ 43.998303][ T6374] _copy_to_user+0x32/0xd0 [ 43.999446][ T6374] simple_read_from_buffer+0xd0/0x160 [ 44.000794][ T6374] proc_fail_nth_read+0x198/0x270 [ 44.002061][ T6374] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 44.003447][ T6374] ? bpf_lsm_file_permission+0x9/0x10 [ 44.004812][ T6374] ? security_file_permission+0x71/0x210 [ 44.006221][ T6374] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 44.007604][ T6374] vfs_read+0x1df/0xbe0 [ 44.008703][ T6374] ? __fget_files+0x1fc/0x3a0 [ 44.010004][ T6374] ? __pfx___mutex_lock+0x10/0x10 [ 44.011370][ T6374] ? __pfx_vfs_read+0x10/0x10 [ 44.012577][ T6374] ? __fget_files+0x206/0x3a0 [ 44.013862][ T6374] ksys_read+0x12b/0x250 [ 44.014974][ T6374] ? __pfx_ksys_read+0x10/0x10 [ 44.016362][ T6374] ? rcu_is_watching+0x12/0xc0 [ 44.017624][ T6374] ? rcu_is_watching+0x12/0xc0 [ 44.018968][ T6374] do_syscall_64+0xcd/0x250 [ 44.020126][ T6374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 44.021648][ T6374] RIP: 0033:0x7fde34d8472c [ 44.022850][ T6374] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 44.028021][ T6374] RSP: 002b:00007fde35b91030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 44.030283][ T6374] RAX: ffffffffffffffda RBX: 00007fde34f75fa0 RCX: 00007fde34d8472c [ 44.032396][ T6374] RDX: 000000000000000f RSI: 00007fde35b910a0 RDI: 0000000000000005 [ 44.034456][ T6374] RBP: 00007fde35b91090 R08: 0000000000000000 R09: 0000000000000000 [ 44.036709][ T6374] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001 [ 44.038785][ T6374] R13: 0000000000000000 R14: 00007fde34f75fa0 R15: 00007ffc7c2106e8 [ 44.040933][ T6374] [ 44.041808][ C0] vkms_vblank_simulate: vblank timer overrun [ 44.062388][ T6379] netlink: 1788 bytes leftover after parsing attributes in process `syz.1.141'. [ 44.108282][ T6383] Cannot find set identified by id 0 to match [ 44.112190][ T6383] fuse: Unknown parameter '' [ 44.824379][ T39] kauditd_printk_skb: 39 callbacks suppressed [ 44.824393][ T39] audit: type=1400 audit(1734264099.237:282): avc: denied { ioctl } for pid=6386 comm="syz.3.144" path="socket:[11914]" dev="sockfs" ino=11914 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 44.835884][ T6387] syzkaller0: entered promiscuous mode [ 44.837757][ T6387] syzkaller0: entered allmulticast mode [ 45.115128][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20000. Sending cookies. [ 45.366687][ T39] audit: type=1400 audit(1734264099.787:283): avc: denied { mount } for pid=6402 comm="syz.3.150" name="/" dev="overlay" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 45.367104][ T6403] FAULT_INJECTION: forcing a failure. [ 45.367104][ T6403] name failslab, interval 1, probability 0, space 0, times 0 [ 45.376845][ T6403] CPU: 0 UID: 0 PID: 6403 Comm: syz.3.150 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 45.379477][ T6403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 45.382036][ T6403] Call Trace: [ 45.382857][ T6403] [ 45.383592][ T6403] dump_stack_lvl+0x16c/0x1f0 [ 45.384910][ T6403] should_fail_ex+0x497/0x5b0 [ 45.386322][ T6403] ? fs_reclaim_acquire+0xae/0x150 [ 45.387584][ T6403] should_failslab+0xc2/0x120 [ 45.388768][ T6403] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 45.390086][ T6403] ? security_file_alloc+0x34/0x2b0 [ 45.391382][ T6403] security_file_alloc+0x34/0x2b0 [ 45.392637][ T6403] init_file+0x93/0x480 [ 45.393651][ T6403] alloc_empty_file+0x91/0x1e0 [ 45.395098][ T6403] path_openat+0xe1/0x2d60 [ 45.396650][ T6403] ? getname+0x8d/0xe0 [ 45.398046][ T6403] ? do_sys_openat2+0x104/0x1e0 [ 45.399663][ T6403] ? __x64_sys_creat+0xcd/0x120 [ 45.401300][ T6403] ? do_syscall_64+0xcd/0x250 [ 45.402679][ T6403] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.404197][ T6403] ? __pfx_path_openat+0x10/0x10 [ 45.405464][ T6403] do_filp_open+0x20c/0x470 [ 45.406640][ T6403] ? __virt_addr_valid+0x2b4/0x590 [ 45.407891][ T6403] ? __pfx_do_filp_open+0x10/0x10 [ 45.409141][ T6403] ? trace_lock_acquire+0x14e/0x1f0 [ 45.410475][ T6403] ? _raw_spin_unlock+0x28/0x50 [ 45.411719][ T6403] ? alloc_fd+0x41f/0x760 [ 45.412838][ T6403] do_sys_openat2+0x17a/0x1e0 [ 45.414050][ T6403] ? __pfx_do_sys_openat2+0x10/0x10 [ 45.415861][ T6403] ? __fget_files+0x206/0x3a0 [ 45.417670][ T6403] __x64_sys_creat+0xcd/0x120 [ 45.419276][ T6403] ? __pfx___x64_sys_creat+0x10/0x10 [ 45.420631][ T6403] ? __pfx_ksys_write+0x10/0x10 [ 45.421847][ T6403] ? rcu_is_watching+0x12/0xc0 [ 45.423031][ T6403] ? rcu_is_watching+0x12/0xc0 [ 45.424258][ T6403] ? trace_irq_enable.constprop.0+0xea/0x140 [ 45.426221][ T6403] do_syscall_64+0xcd/0x250 [ 45.427373][ T6403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.428852][ T6403] RIP: 0033:0x7fc17ff85d19 [ 45.429977][ T6403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 45.434631][ T6403] RSP: 002b:00007fc180d1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 45.437544][ T6403] RAX: ffffffffffffffda RBX: 00007fc180175fa0 RCX: 00007fc17ff85d19 [ 45.439533][ T6403] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020000100 [ 45.441540][ T6403] RBP: 00007fc180d1d090 R08: 0000000000000000 R09: 0000000000000000 [ 45.443554][ T6403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 45.445708][ T6403] R13: 0000000000000000 R14: 00007fc180175fa0 R15: 00007fff4a4b9c98 [ 45.447724][ T6403] [ 45.448625][ C0] vkms_vblank_simulate: vblank timer overrun [ 45.472381][ T39] audit: type=1400 audit(1734264099.887:284): avc: denied { setopt } for pid=6404 comm="syz.3.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.759088][ T39] audit: type=1400 audit(1734264100.177:285): avc: denied { ioctl } for pid=6414 comm="syz.2.154" path="socket:[13156]" dev="sockfs" ino=13156 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 45.861796][ T6421] netlink: 24 bytes leftover after parsing attributes in process `syz.1.156'. [ 45.866526][ T6421] program syz.1.156 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 45.903016][ T39] audit: type=1400 audit(1734264100.317:286): avc: denied { create } for pid=6424 comm="syz.1.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 45.910477][ T39] audit: type=1400 audit(1734264100.317:287): avc: denied { setopt } for pid=6424 comm="syz.1.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 45.917471][ T39] audit: type=1400 audit(1734264100.317:288): avc: denied { write } for pid=6424 comm="syz.1.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 45.927059][ T6427] tmpfs: Bad value for 'mpol' [ 46.011004][ T6431] xt_hashlimit: invalid rate [ 46.013713][ T39] audit: type=1400 audit(1734264100.427:289): avc: denied { ioctl } for pid=6430 comm="syz.3.161" path="socket:[12021]" dev="sockfs" ino=12021 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 46.180238][ T6443] CUSE: info not properly terminated [ 46.658211][ T39] audit: type=1400 audit(1734264101.077:290): avc: denied { read } for pid=6446 comm="syz.2.166" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 46.665193][ T39] audit: type=1400 audit(1734264101.077:291): avc: denied { open } for pid=6446 comm="syz.2.166" path="/dev/nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 46.770138][ T6451] FAULT_INJECTION: forcing a failure. [ 46.770138][ T6451] name failslab, interval 1, probability 0, space 0, times 0 [ 46.773810][ T6451] CPU: 1 UID: 0 PID: 6451 Comm: syz.2.167 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 46.776693][ T6451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 46.779482][ T6451] Call Trace: [ 46.780346][ T6451] [ 46.781103][ T6451] dump_stack_lvl+0x16c/0x1f0 [ 46.782331][ T6451] should_fail_ex+0x497/0x5b0 [ 46.783538][ T6451] ? fs_reclaim_acquire+0xae/0x150 [ 46.784929][ T6451] should_failslab+0xc2/0x120 [ 46.786159][ T6451] __kmalloc_cache_noprof+0x68/0x410 [ 46.787506][ T6451] ? lock_acquire+0x2f/0xb0 [ 46.788680][ T6451] ? sctp_has_association+0x44/0x270 [ 46.789992][ T6451] sctp_association_new+0x97/0x2ab0 [ 46.791345][ T6451] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 46.792884][ T6451] sctp_connect_new_asoc+0x1b7/0x790 [ 46.794230][ T6451] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 46.795686][ T6451] ? selinux_sctp_bind_connect+0x112/0x2c0 [ 46.797286][ T6451] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 46.798757][ T6451] sctp_sendmsg+0x1610/0x1eb0 [ 46.800000][ T6451] ? avc_has_perm+0x11b/0x1c0 [ 46.801256][ T6451] ? __pfx_sctp_sendmsg+0x10/0x10 [ 46.802614][ T6451] ? __pfx_sock_has_perm+0x10/0x10 [ 46.803946][ T6451] ? __pfx_sctp_sendmsg+0x10/0x10 [ 46.805251][ T6451] inet_sendmsg+0x119/0x140 [ 46.806574][ T6451] __sys_sendto+0x42a/0x4f0 [ 46.807728][ T6451] ? __pfx___sys_sendto+0x10/0x10 [ 46.808975][ T6451] ? ksys_write+0x1ba/0x250 [ 46.810142][ T6451] ? __pfx_ksys_write+0x10/0x10 [ 46.811417][ T6451] __x64_sys_sendto+0xe0/0x1c0 [ 46.812626][ T6451] ? trace_irq_enable.constprop.0+0xea/0x140 [ 46.814193][ T6451] do_syscall_64+0xcd/0x250 [ 46.815352][ T6451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.816841][ T6451] RIP: 0033:0x7fa1ae785d19 [ 46.817977][ T6451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.822793][ T6451] RSP: 002b:00007fa1af6a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 46.824819][ T6451] RAX: ffffffffffffffda RBX: 00007fa1ae975fa0 RCX: 00007fa1ae785d19 [ 46.826771][ T6451] RDX: 0000000000034000 RSI: 0000000020847fff RDI: 0000000000000003 [ 46.828747][ T6451] RBP: 00007fa1af6a4090 R08: 000000002005ffe4 R09: 000000000000001c [ 46.830808][ T6451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 46.832801][ T6451] R13: 0000000000000000 R14: 00007fa1ae975fa0 R15: 00007ffc116515b8 [ 46.834795][ T6451] [ 46.888789][ T5937] Bluetooth: hci1: Malformed LE Event: 0x0d [ 47.053507][ T6479] dlm: Unknown command passed to DLM device : 8 [ 47.053507][ T6479] [ 47.058895][ T6479] mmap: syz.0.177 (6479) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 47.062751][ T6479] FAULT_INJECTION: forcing a failure. [ 47.062751][ T6479] name failslab, interval 1, probability 0, space 0, times 0 [ 47.066307][ T6479] CPU: 2 UID: 0 PID: 6479 Comm: syz.0.177 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 47.068878][ T6479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 47.071729][ T6479] Call Trace: [ 47.072579][ T6479] [ 47.073278][ T6479] dump_stack_lvl+0x16c/0x1f0 [ 47.074431][ T6479] should_fail_ex+0x497/0x5b0 [ 47.075632][ T6479] ? fs_reclaim_acquire+0xae/0x150 [ 47.076853][ T6479] should_failslab+0xc2/0x120 [ 47.077988][ T6479] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 47.079723][ T6479] ? __alloc_skb+0x2b1/0x380 [ 47.081281][ T6479] __alloc_skb+0x2b1/0x380 [ 47.082757][ T6479] ? __pfx___alloc_skb+0x10/0x10 [ 47.084258][ T6479] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 47.085763][ T6479] netlink_alloc_large_skb+0x69/0x130 [ 47.087026][ T6479] netlink_sendmsg+0x689/0xd70 [ 47.088167][ T6479] ? __pfx_netlink_sendmsg+0x10/0x10 [ 47.089728][ T6479] ____sys_sendmsg+0xaaf/0xc90 [ 47.091303][ T6479] ? copy_msghdr_from_user+0x10b/0x160 [ 47.093117][ T6479] ? __pfx_____sys_sendmsg+0x10/0x10 [ 47.094871][ T6479] ? rcu_is_watching+0x12/0xc0 [ 47.096450][ T6479] ? lock_release+0x4e2/0x6f0 [ 47.098002][ T6479] ? get_pid_task+0xfc/0x250 [ 47.099532][ T6479] ___sys_sendmsg+0x135/0x1e0 [ 47.101091][ T6479] ? get_pid_task+0x35/0x250 [ 47.102611][ T6479] ? __pfx____sys_sendmsg+0x10/0x10 [ 47.104329][ T6479] ? lock_release+0x4e2/0x6f0 [ 47.105907][ T6479] ? __pfx_lock_release+0x10/0x10 [ 47.107591][ T6479] ? trace_lock_acquire+0x14e/0x1f0 [ 47.108935][ T6479] ? __fget_files+0x206/0x3a0 [ 47.110068][ T6479] __sys_sendmsg+0x16e/0x220 [ 47.111187][ T6479] ? __pfx___sys_sendmsg+0x10/0x10 [ 47.112436][ T6479] ? rcu_is_watching+0x12/0xc0 [ 47.113645][ T6479] ? rcu_is_watching+0x12/0xc0 [ 47.114877][ T6479] do_syscall_64+0xcd/0x250 [ 47.116417][ T6479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.118469][ T6479] RIP: 0033:0x7f17fbd85d19 [ 47.119637][ T6479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.124327][ T6479] RSP: 002b:00007f17fcae8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 47.126580][ T6479] RAX: ffffffffffffffda RBX: 00007f17fbf75fa0 RCX: 00007f17fbd85d19 [ 47.128549][ T6479] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 000000000000000a [ 47.130528][ T6479] RBP: 00007f17fcae8090 R08: 0000000000000000 R09: 0000000000000000 [ 47.132722][ T6479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 47.135363][ T6479] R13: 0000000000000000 R14: 00007f17fbf75fa0 R15: 00007ffe64481278 [ 47.137256][ T6479] [ 47.158840][ T6484] tmpfs: Bad value for 'mpol' [ 47.188045][ T5937] Bluetooth: hci0: Malformed LE Event: 0x0d [ 47.225838][ T6495] kvm: kvm [6494]: vcpu0, guest rIP: 0x1a3 Unhandled WRMSR(0x186) = 0x8000 [ 47.265388][ T5944] Bluetooth: hci2: command 0x0406 tx timeout [ 47.348385][ T6507] tmpfs: Bad value for 'mpol' [ 47.446883][ T6515] netlink: 24 bytes leftover after parsing attributes in process `syz.0.190'. [ 47.943271][ T6520] netlink: 32 bytes leftover after parsing attributes in process `syz.1.191'. [ 47.963414][ T5944] Bluetooth: hci1: Malformed LE Event: 0x0d [ 48.145929][ T6529] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 48.289127][ T6541] 9p: Unknown access argument 18446744073709551615: -34 [ 48.342745][ T6549] tmpfs: Bad value for 'mpol' [ 48.412185][ T6565] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 48.414853][ T6565] FAULT_INJECTION: forcing a failure. [ 48.414853][ T6565] name failslab, interval 1, probability 0, space 0, times 0 [ 48.417881][ T6565] CPU: 3 UID: 0 PID: 6565 Comm: syz.3.209 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 48.420508][ T6565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 48.423109][ T6565] Call Trace: [ 48.423934][ T6565] [ 48.424646][ T6565] dump_stack_lvl+0x16c/0x1f0 [ 48.425826][ T6565] should_fail_ex+0x497/0x5b0 [ 48.426983][ T6565] ? kasan_save_stack+0x33/0x60 [ 48.428216][ T6565] ? kasan_save_track+0x14/0x30 [ 48.429447][ T6565] should_failslab+0xc2/0x120 [ 48.430663][ T6565] __kmalloc_node_track_caller_noprof+0xcf/0x510 [ 48.432231][ T6565] ? trace_lock_acquire+0x14e/0x1f0 [ 48.433526][ T6565] ? sidtab_do_lookup+0x1be/0x9d0 [ 48.434784][ T6565] ? security_netlbl_sid_to_secattr+0x1d8/0x4d0 [ 48.436322][ T6565] kstrdup+0x53/0x100 [ 48.437347][ T6565] security_netlbl_sid_to_secattr+0x1d8/0x4d0 [ 48.438916][ T6565] selinux_netlbl_inet_conn_request+0x135/0x330 [ 48.440488][ T6565] ? __pfx_selinux_netlbl_inet_conn_request+0x10/0x10 [ 48.442195][ T6565] ? selinux_skb_peerlbl_sid+0xfb/0x160 [ 48.443585][ T6565] selinux_inet_conn_request+0x1ed/0x2b0 [ 48.444981][ T6565] ? __pfx_selinux_inet_conn_request+0x10/0x10 [ 48.446561][ T6565] ? lock_release+0x4e2/0x6f0 [ 48.447800][ T6565] ? net_generic+0xea/0x2a0 [ 48.449039][ T6565] ? __pfx_lock_release+0x10/0x10 [ 48.450420][ T6565] ? trace_lock_acquire+0x14e/0x1f0 [ 48.451773][ T6565] ? inet_reqsk_alloc+0x9a/0x790 [ 48.453080][ T6565] security_inet_conn_request+0x211/0x240 [ 48.454575][ T6565] tcp_v6_route_req+0x27a/0x5c0 [ 48.455941][ T6565] subflow_v6_route_req+0x1e3/0x480 [ 48.457416][ T6565] tcp_conn_request+0xeeb/0x3e40 [ 48.458700][ T6565] ? ksys_write+0x12b/0x250 [ 48.459836][ T6565] ? __kernel_text_address+0xd/0x40 [ 48.461137][ T6565] ? __pfx_tcp_conn_request+0x10/0x10 [ 48.462537][ T6565] ? __pfx_lock_release+0x10/0x10 [ 48.463797][ T6565] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 48.465145][ T6565] ? stack_trace_save+0x95/0xd0 [ 48.466410][ T6565] ? rcu_is_watching+0x12/0xc0 [ 48.467611][ T6565] ? trace_irq_enable.constprop.0+0xea/0x140 [ 48.469171][ T6565] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 48.470638][ T6565] ? ref_tracker_alloc+0x2ef/0x5b0 [ 48.471922][ T6565] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 48.473301][ T6565] ? rcu_is_watching+0x12/0xc0 [ 48.474549][ T6565] ? trace_lock_acquire+0x14e/0x1f0 [ 48.475964][ T6565] ? __pfx_selinux_socket_sock_rcv_skb+0x10/0x10 [ 48.477606][ T6565] ? subflow_v6_conn_request+0x1f5/0x4d0 [ 48.479046][ T6565] ? rcu_read_lock_held+0x9/0x50 [ 48.480280][ T6565] subflow_v6_conn_request+0x1f5/0x4d0 [ 48.481668][ T6565] tcp_rcv_state_process+0xa3b/0x4c40 [ 48.483013][ T6565] ? csum_partial+0x46/0x60 [ 48.484157][ T6565] ? __pfx_csum_partial_ext+0x10/0x10 [ 48.485515][ T6565] ? __pfx_tcp_rcv_state_process+0x10/0x10 [ 48.486989][ T6565] ? lock_acquire+0x2f/0xb0 [ 48.488181][ T6565] ? sk_filter_trim_cap+0x275/0xac0 [ 48.489477][ T6565] ? __skb_checksum_complete+0x1cd/0x3f0 [ 48.490883][ T6565] ? __pfx___skb_checksum_complete+0x10/0x10 [ 48.492399][ T6565] ? __pfx_csum_partial_ext+0x10/0x10 [ 48.493695][ T6565] ? __pfx_csum_block_add_ext+0x10/0x10 [ 48.495205][ T6565] ? tcp_v6_do_rcv+0x492/0x1730 [ 48.496387][ T6565] tcp_v6_do_rcv+0x492/0x1730 [ 48.497590][ T6565] tcp_v6_rcv+0x3902/0x3fd0 [ 48.498714][ T6565] ? __pfx_tcp_v6_rcv+0x10/0x10 [ 48.499975][ T6565] ? lock_release+0x4e2/0x6f0 [ 48.501146][ T6565] ? __pfx_nf_nat_ipv6_local_in+0x10/0x10 [ 48.502605][ T6565] ? __pfx_lock_release+0x10/0x10 [ 48.503899][ T6565] ? __pfx_raw6_local_deliver+0x10/0x10 [ 48.505327][ T6565] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 48.506825][ T6565] ? nf_hook_slow+0x132/0x200 [ 48.508037][ T6565] ? __pfx_tcp_v6_rcv+0x10/0x10 [ 48.509288][ T6565] ip6_protocol_deliver_rcu+0x180/0x1510 [ 48.510715][ T6565] ip6_input_finish+0x14f/0x2f0 [ 48.511942][ T6565] ip6_input+0xa1/0xd0 [ 48.512956][ T6565] ? __pfx_ip6_input+0x10/0x10 [ 48.514136][ T6565] ipv6_rcv+0x265/0x680 [ 48.515188][ T6565] ? __pfx_ipv6_rcv+0x10/0x10 [ 48.516398][ T6565] __netif_receive_skb_one_core+0x12e/0x1e0 [ 48.517903][ T6565] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 48.519653][ T6565] ? rcu_is_watching+0x12/0xc0 [ 48.520842][ T6565] ? trace_irq_enable.constprop.0+0xea/0x140 [ 48.522453][ T6565] ? netif_receive_skb+0x109/0x7b0 [ 48.523728][ T6565] __netif_receive_skb+0x1d/0x160 [ 48.525012][ T6565] netif_receive_skb+0x13f/0x7b0 [ 48.526289][ T6565] ? __pfx_netif_receive_skb+0x10/0x10 [ 48.527684][ T6565] tun_rx_batched.isra.0+0x3eb/0x730 [ 48.529054][ T6565] ? __pfx_tun_rx_batched.isra.0+0x10/0x10 [ 48.530535][ T6565] ? tun_get_user+0x13e6/0x3e40 [ 48.531741][ T6565] ? lock_acquire+0x2f/0xb0 [ 48.532861][ T6565] ? tun_get_user+0x13e6/0x3e40 [ 48.534065][ T6565] tun_get_user+0x2a16/0x3e40 [ 48.535266][ T6565] ? __pfx_tun_get_user+0x10/0x10 [ 48.536546][ T6565] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 48.537903][ T6565] ? rcu_is_watching+0x12/0xc0 [ 48.539124][ T6565] ? lock_release+0x4e2/0x6f0 [ 48.540289][ T6565] ? __pfx_lock_release+0x10/0x10 [ 48.541542][ T6565] ? tun_get+0x30/0x370 [ 48.542592][ T6565] ? lock_acquire+0x2f/0xb0 [ 48.543745][ T6565] ? tun_get+0x30/0x370 [ 48.544839][ T6565] tun_chr_write_iter+0xdc/0x210 [ 48.546351][ T6565] vfs_write+0x5ae/0x1150 [ 48.547439][ T6565] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 48.548848][ T6565] ? __pfx_vfs_write+0x10/0x10 [ 48.550048][ T6565] ? __fget_files+0x40/0x3a0 [ 48.551199][ T6565] ksys_write+0x12b/0x250 [ 48.552297][ T6565] ? __pfx_ksys_write+0x10/0x10 [ 48.553488][ T6565] ? rcu_is_watching+0x12/0xc0 [ 48.554680][ T6565] ? rcu_is_watching+0x12/0xc0 [ 48.555911][ T6565] do_syscall_64+0xcd/0x250 [ 48.557037][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.558532][ T6565] RIP: 0033:0x7fc17ff847cf [ 48.559683][ T6565] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 48.564404][ T6565] RSP: 002b:00007fc180d1d000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 48.566492][ T6565] RAX: ffffffffffffffda RBX: 00007fc180175fa0 RCX: 00007fc17ff847cf [ 48.568543][ T6565] RDX: 000000000000008e RSI: 0000000020000080 RDI: 00000000000000c8 [ 48.570494][ T6565] RBP: 00007fc180d1d090 R08: 0000000000000000 R09: 0000000000000000 [ 48.572416][ T6565] R10: 000000000000008e R11: 0000000000000293 R12: 0000000000000001 [ 48.574325][ T6565] R13: 0000000000000000 R14: 00007fc180175fa0 R15: 00007fff4a4b9c98 [ 48.576264][ T6565] [ 48.605355][ T30] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 48.635755][ T6576] binfmt_misc: register: failed to install interpreter file ./file0 [ 48.685429][ T6583] netlink: 4 bytes leftover after parsing attributes in process `syz.2.216'. [ 48.708616][ T6585] FAULT_INJECTION: forcing a failure. [ 48.708616][ T6585] name failslab, interval 1, probability 0, space 0, times 0 [ 48.711763][ T6585] CPU: 1 UID: 0 PID: 6585 Comm: syz.2.217 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 48.712578][ T6586] block device autoloading is deprecated and will be removed. [ 48.714389][ T6585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 48.719503][ T6585] Call Trace: [ 48.720763][ T6585] [ 48.721849][ T6585] dump_stack_lvl+0x16c/0x1f0 [ 48.723089][ T6585] should_fail_ex+0x497/0x5b0 [ 48.724286][ T6585] ? fs_reclaim_acquire+0xae/0x150 [ 48.725613][ T6585] should_failslab+0xc2/0x120 [ 48.726820][ T6585] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 48.728493][ T6585] ? __alloc_skb+0x2b1/0x380 [ 48.730189][ T6585] __alloc_skb+0x2b1/0x380 [ 48.731367][ T6585] ? __pfx___alloc_skb+0x10/0x10 [ 48.732676][ T6585] ? __mutex_trylock_common+0x30/0x250 [ 48.734118][ T6585] ? __pfx___mutex_trylock_common+0x10/0x10 [ 48.735676][ T6585] ? __netlink_dump_start+0x154/0x970 [ 48.737075][ T6585] netlink_dump+0x699/0xd00 [ 48.738301][ T6585] ? __mutex_lock+0x1cc/0xa60 [ 48.740012][ T6585] ? lock_release+0x4e2/0x6f0 [ 48.741730][ T6585] ? __pfx_netlink_dump+0x10/0x10 [ 48.743125][ T6585] ? __netlink_dump_start+0x154/0x970 [ 48.744557][ T6585] ? netlink_lookup+0x259/0x520 [ 48.745782][ T6585] ? __pfx_netlink_lookup+0x10/0x10 [ 48.747117][ T6585] ? __mutex_trylock_common+0xea/0x250 [ 48.748688][ T6585] __netlink_dump_start+0x6ca/0x970 [ 48.749995][ T6585] ctnetlink_get_conntrack+0x5fc/0x7c0 [ 48.751343][ T6585] ? __pfx_ctnetlink_get_conntrack+0x10/0x10 [ 48.752872][ T6585] ? __pfx_ctnetlink_start+0x10/0x10 [ 48.754225][ T6585] ? __pfx_ctnetlink_dump_table+0x10/0x10 [ 48.755657][ T6585] ? __pfx_ctnetlink_done+0x10/0x10 [ 48.756973][ T6585] ? lock_release+0x4e2/0x6f0 [ 48.758237][ T6585] ? __pfx_lock_release+0x10/0x10 [ 48.760088][ T6585] nfnetlink_rcv_msg+0x9c3/0x11e0 [ 48.761985][ T6585] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 48.763358][ T6585] ? rcu_is_watching+0x12/0xc0 [ 48.764623][ T6585] ? lock_acquire+0x2f/0xb0 [ 48.765800][ T6585] ? avc_has_perm_noaudit+0x61/0x3a0 [ 48.767156][ T6585] netlink_rcv_skb+0x16b/0x440 [ 48.768546][ T6586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.214'. [ 48.768536][ T6585] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 48.772141][ T6585] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 48.773390][ T6585] ? bpf_lsm_capable+0x9/0x10 [ 48.774591][ T6585] ? security_capable+0x7e/0x260 [ 48.775834][ T6585] ? ns_capable+0xd7/0x110 [ 48.776954][ T6585] nfnetlink_rcv+0x1b4/0x430 [ 48.778189][ T6585] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 48.779574][ T6585] ? netlink_deliver_tap+0x1ae/0xd30 [ 48.780957][ T6585] netlink_unicast+0x53c/0x7f0 [ 48.782212][ T6585] ? __pfx_netlink_unicast+0x10/0x10 [ 48.783516][ T6585] netlink_sendmsg+0x8b8/0xd70 [ 48.784762][ T6585] ? __pfx_netlink_sendmsg+0x10/0x10 [ 48.786154][ T6585] ____sys_sendmsg+0xaaf/0xc90 [ 48.787363][ T6585] ? copy_msghdr_from_user+0x10b/0x160 [ 48.788767][ T6585] ? __pfx_____sys_sendmsg+0x10/0x10 [ 48.790163][ T6585] ? rcu_is_watching+0x12/0xc0 [ 48.791386][ T6585] ? lock_release+0x4e2/0x6f0 [ 48.792205][ T6590] netlink: 8 bytes leftover after parsing attributes in process `syz.1.219'. [ 48.792730][ T6585] ? get_pid_task+0xfc/0x250 [ 48.796139][ T6585] ___sys_sendmsg+0x135/0x1e0 [ 48.797300][ T6585] ? get_pid_task+0x35/0x250 [ 48.798636][ T6585] ? __pfx____sys_sendmsg+0x10/0x10 [ 48.800191][ T6585] ? lock_release+0x4e2/0x6f0 [ 48.801359][ T6585] ? __pfx_lock_release+0x10/0x10 [ 48.802597][ T6585] ? trace_lock_acquire+0x14e/0x1f0 [ 48.803862][ T6585] ? __fget_files+0x206/0x3a0 [ 48.805032][ T6585] __sys_sendmsg+0x16e/0x220 [ 48.806196][ T6585] ? __pfx___sys_sendmsg+0x10/0x10 [ 48.807429][ T6585] ? rcu_is_watching+0x12/0xc0 [ 48.808689][ T6585] ? rcu_is_watching+0x12/0xc0 [ 48.809903][ T6585] do_syscall_64+0xcd/0x250 [ 48.811068][ T6585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.812542][ T6585] RIP: 0033:0x7fa1ae785d19 [ 48.813659][ T6585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.818396][ T6585] RSP: 002b:00007fa1af6a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 48.820476][ T6585] RAX: ffffffffffffffda RBX: 00007fa1ae975fa0 RCX: 00007fa1ae785d19 [ 48.822409][ T6585] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000003 [ 48.824343][ T6585] RBP: 00007fa1af6a4090 R08: 0000000000000000 R09: 0000000000000000 [ 48.826294][ T6585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 48.828245][ T6585] R13: 0000000000000000 R14: 00007fa1ae975fa0 R15: 00007ffc116515b8 [ 48.830247][ T6585] [ 48.850503][ T6596] FAULT_INJECTION: forcing a failure. [ 48.850503][ T6596] name failslab, interval 1, probability 0, space 0, times 0 [ 48.854871][ T6596] CPU: 3 UID: 0 PID: 6596 Comm: syz.1.222 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 48.855324][ T30] usb 5-1: Using ep0 maxpacket: 8 [ 48.858225][ T6596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 48.858237][ T6596] Call Trace: [ 48.858242][ T6596] [ 48.864701][ T6596] dump_stack_lvl+0x16c/0x1f0 [ 48.865585][ T30] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 48.866358][ T6596] should_fail_ex+0x497/0x5b0 [ 48.868573][ T30] usb 5-1: config 179 has no interface number 0 [ 48.870294][ T6596] ? fs_reclaim_acquire+0xae/0x150 [ 48.871885][ T30] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 48.873455][ T6596] should_failslab+0xc2/0x120 [ 48.876187][ T30] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 48.877327][ T6596] __kmalloc_noprof+0xcb/0x510 [ 48.880036][ T30] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 48.881206][ T6596] ? __pfx_lock_release+0x10/0x10 [ 48.883934][ T30] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 48.885287][ T6596] ? trace_lock_acquire+0x14e/0x1f0 [ 48.885315][ T6596] tomoyo_encode2+0x100/0x3e0 [ 48.885338][ T6596] tomoyo_encode+0x29/0x50 [ 48.885357][ T6596] tomoyo_mount_acl+0x145/0x880 [ 48.888213][ T30] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 48.890000][ T6596] ? kernel_text_address+0x8d/0x100 [ 48.891217][ T30] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 48.892711][ T6596] ? __kernel_text_address+0xd/0x40 [ 48.892726][ T6596] ? unwind_get_return_address+0x59/0xa0 [ 48.892739][ T6596] ? arch_stack_walk+0xa7/0x100 [ 48.892752][ T6596] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 48.892766][ T6596] ? stack_trace_save+0x95/0xd0 [ 48.892781][ T6596] ? __pfx_lock_release+0x10/0x10 [ 48.892794][ T6596] ? trace_lock_acquire+0x14e/0x1f0 [ 48.892809][ T6596] ? tomoyo_mount_permission+0x149/0x420 [ 48.892820][ T6596] ? lock_acquire+0x2f/0xb0 [ 48.892831][ T6596] ? tomoyo_mount_permission+0x149/0x420 [ 48.892843][ T6596] tomoyo_mount_permission+0x16e/0x420 [ 48.892854][ T6596] ? tomoyo_mount_permission+0x149/0x420 [ 48.892866][ T6596] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 48.892879][ T6596] ? get_current_fs_domain+0x184/0x1f0 [ 48.894141][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.897770][ T6596] security_sb_mount+0x9b/0x260 [ 48.897787][ T6596] path_mount+0x129/0x1f20 [ 48.897802][ T6596] ? kmem_cache_free+0x152/0x4c0 [ 48.897819][ T6596] ? __pfx_path_mount+0x10/0x10 [ 48.897839][ T6596] ? putname+0x13c/0x180 [ 48.897860][ T6596] __x64_sys_mount+0x294/0x320 [ 48.897880][ T6596] ? __pfx___x64_sys_mount+0x10/0x10 [ 48.897902][ T6596] ? rcu_is_watching+0x12/0xc0 [ 48.897931][ T6596] ? rcu_is_watching+0x12/0xc0 [ 48.897959][ T6596] do_syscall_64+0xcd/0x250 [ 48.897987][ T6596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.898011][ T6596] RIP: 0033:0x7fde34d85d19 [ 48.898024][ T6596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.898041][ T6596] RSP: 002b:00007fde35b91038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 48.898058][ T6596] RAX: ffffffffffffffda RBX: 00007fde34f75fa0 RCX: 00007fde34d85d19 [ 48.898069][ T6596] RDX: 0000000020000080 RSI: 00000000200002c0 RDI: 0000000000000000 [ 48.898079][ T6596] RBP: 00007fde35b91090 R08: 0000000020000180 R09: 0000000000000000 [ 48.898090][ T6596] R10: 0000000002000000 R11: 0000000000000246 R12: 0000000000000001 [ 48.898100][ T6596] R13: 0000000000000000 R14: 00007fde34f75fa0 R15: 00007ffc7c2106e8 [ 48.898116][ T6596] [ 48.923679][ T5944] Bluetooth: hci1: Malformed LE Event: 0x0d [ 48.933007][ T6554] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 49.048236][ T6615] xt_hashlimit: size too large, truncated to 1048576 [ 49.179474][ T30] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:179.65/input/input6 [ 49.380357][ T6554] netlink: 8 bytes leftover after parsing attributes in process `syz.0.204'. [ 49.383855][ T30] usb 5-1: USB disconnect, device number 2 [ 49.385369][ C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 49.385386][ C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 49.390364][ T30] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 49.428313][ T1177] bond0: (slave bond_slave_0): interface is now down [ 49.430020][ T1177] bond0: (slave bond_slave_1): interface is now down [ 49.431818][ T1177] bond0: now running without any active interface! [ 49.480997][ T6635] FAULT_INJECTION: forcing a failure. [ 49.480997][ T6635] name failslab, interval 1, probability 0, space 0, times 0 [ 49.485062][ T6635] CPU: 3 UID: 0 PID: 6635 Comm: syz.3.237 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 49.487693][ T6635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 49.491119][ T6635] Call Trace: [ 49.492005][ T6635] [ 49.492866][ T6635] dump_stack_lvl+0x16c/0x1f0 [ 49.494142][ T6635] should_fail_ex+0x497/0x5b0 [ 49.495737][ T6635] ? fs_reclaim_acquire+0xae/0x150 [ 49.497626][ T6635] should_failslab+0xc2/0x120 [ 49.499320][ T6635] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 49.500785][ T6635] ? skb_clone+0x190/0x3f0 [ 49.501913][ T6635] skb_clone+0x190/0x3f0 [ 49.502974][ T6635] nfnetlink_rcv_batch+0x1d9/0x24e0 [ 49.504423][ T6635] ? kmem_cache_free+0x152/0x4c0 [ 49.506123][ T6635] ? kfree_skbmem+0x1a4/0x1f0 [ 49.507383][ T6635] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 49.509135][ T6635] ? __pfx_lock_release+0x10/0x10 [ 49.510638][ T6635] ? rcu_is_watching+0x12/0xc0 [ 49.512021][ T6635] ? lock_release+0x4e2/0x6f0 [ 49.513723][ T6635] ? avc_has_perm_noaudit+0x119/0x3a0 [ 49.515762][ T6635] ? avc_has_perm_noaudit+0x143/0x3a0 [ 49.517770][ T6635] ? __asan_memset+0x23/0x50 [ 49.519475][ T6635] ? __nla_validate_parse+0x601/0x2880 [ 49.521458][ T6635] ? __pfx___nla_validate_parse+0x10/0x10 [ 49.523503][ T6635] ? __pfx_ref_tracker_free+0x10/0x10 [ 49.525339][ T6635] ? cap_capable+0x1cf/0x240 [ 49.526604][ T6635] ? __nla_parse+0x40/0x60 [ 49.527780][ T6635] nfnetlink_rcv+0x3c3/0x430 [ 49.528992][ T6635] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 49.530388][ T6635] netlink_unicast+0x53c/0x7f0 [ 49.531646][ T6635] ? __pfx_netlink_unicast+0x10/0x10 [ 49.533012][ T6635] netlink_sendmsg+0x8b8/0xd70 [ 49.534273][ T6635] ? __pfx_netlink_sendmsg+0x10/0x10 [ 49.535678][ T6635] __sys_sendto+0x488/0x4f0 [ 49.536871][ T6635] ? __pfx___sys_sendto+0x10/0x10 [ 49.538172][ T6635] ? rcu_is_watching+0x12/0xc0 [ 49.539432][ T6635] ? rcu_is_watching+0x12/0xc0 [ 49.540671][ T6635] __x64_sys_sendto+0xe0/0x1c0 [ 49.541901][ T6635] ? trace_irq_enable.constprop.0+0xea/0x140 [ 49.543414][ T6635] do_syscall_64+0xcd/0x250 [ 49.544608][ T6635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 49.546662][ T6635] RIP: 0033:0x7fc17ff87bac [ 49.548315][ T6635] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 49.553087][ T6635] RSP: 002b:00007fc180d1bec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 49.555243][ T6635] RAX: ffffffffffffffda RBX: 00007fc180d1bfc0 RCX: 00007fc17ff87bac [ 49.557233][ T6635] RDX: 0000000000000020 RSI: 00007fc180d1c010 RDI: 0000000000000003 [ 49.559237][ T6635] RBP: 0000000000000000 R08: 00007fc180d1bf14 R09: 000000000000000c [ 49.561218][ T6635] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 49.563119][ T6635] R13: 00007fc180d1bf68 R14: 00007fc180d1c010 R15: 0000000000000000 [ 49.565364][ T6635] [ 49.834335][ T6645] netlink: 80 bytes leftover after parsing attributes in process `syz.3.241'. [ 49.837458][ T6645] netlink: 12 bytes leftover after parsing attributes in process `syz.3.241'. [ 49.840462][ T6645] netlink: 16 bytes leftover after parsing attributes in process `syz.3.241'. [ 49.877041][ T6647] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 49.883662][ T39] kauditd_printk_skb: 20 callbacks suppressed [ 49.883672][ T39] audit: type=1400 audit(1734264104.297:312): avc: denied { read } for pid=6646 comm="syz.1.242" name="snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 49.891695][ T39] audit: type=1400 audit(1734264104.307:313): avc: denied { open } for pid=6646 comm="syz.1.242" path="/dev/snapshot" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 49.903770][ T39] audit: type=1400 audit(1734264104.317:314): avc: denied { write } for pid=6650 comm="syz.0.243" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 49.938844][ T39] audit: type=1400 audit(1734264104.357:315): avc: denied { map } for pid=6646 comm="syz.1.242" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 49.946990][ T39] audit: type=1400 audit(1734264104.357:316): avc: denied { execute } for pid=6646 comm="syz.1.242" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 50.066156][ T39] audit: type=1400 audit(1734264104.487:317): avc: denied { bind } for pid=6658 comm="syz.3.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 50.709980][ T6647] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 50.711594][ T6647] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 50.713822][ T6647] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 50.716449][ T6647] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 50.718523][ T6647] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 50.720969][ T6647] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 50.723435][ T6647] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 50.725601][ T6647] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 50.728218][ T6647] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 50.730666][ T6647] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 50.732912][ T6647] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 50.734975][ T6647] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 50.737694][ T6647] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 50.779537][ T39] audit: type=1400 audit(1734264105.197:318): avc: denied { read } for pid=6671 comm="syz.1.249" name="media4" dev="devtmpfs" ino=985 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.786298][ T39] audit: type=1400 audit(1734264105.197:319): avc: denied { open } for pid=6671 comm="syz.1.249" path="/dev/media4" dev="devtmpfs" ino=985 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.792316][ T39] audit: type=1400 audit(1734264105.207:320): avc: denied { ioctl } for pid=6671 comm="syz.1.249" path="/dev/media4" dev="devtmpfs" ino=985 ioctlcmd=0x7c05 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 50.902398][ T39] audit: type=1400 audit(1734264105.317:321): avc: denied { create } for pid=6680 comm="syz.1.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 51.074517][ T6691] netlink: 12 bytes leftover after parsing attributes in process `syz.3.256'. [ 51.076979][ T6691] FAULT_INJECTION: forcing a failure. [ 51.076979][ T6691] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 51.080228][ T6691] CPU: 2 UID: 0 PID: 6691 Comm: syz.3.256 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 51.082787][ T6691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 51.085374][ T6691] Call Trace: [ 51.086218][ T6691] [ 51.086937][ T6691] dump_stack_lvl+0x16c/0x1f0 [ 51.088181][ T6691] should_fail_ex+0x497/0x5b0 [ 51.089303][ T6691] _copy_to_user+0x32/0xd0 [ 51.090442][ T6691] simple_read_from_buffer+0xd0/0x160 [ 51.091765][ T6691] proc_fail_nth_read+0x198/0x270 [ 51.092992][ T6691] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 51.094380][ T6691] ? bpf_lsm_file_permission+0x9/0x10 [ 51.095725][ T6691] ? security_file_permission+0x71/0x210 [ 51.097074][ T6691] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 51.098438][ T6691] vfs_read+0x1df/0xbe0 [ 51.099436][ T6691] ? __fget_files+0x1fc/0x3a0 [ 51.100598][ T6691] ? __pfx___mutex_lock+0x10/0x10 [ 51.101874][ T6691] ? __pfx_vfs_read+0x10/0x10 [ 51.103037][ T6691] ? __fget_files+0x206/0x3a0 [ 51.104222][ T6691] ksys_read+0x12b/0x250 [ 51.105272][ T6691] ? __pfx_ksys_read+0x10/0x10 [ 51.106448][ T6691] ? rcu_is_watching+0x12/0xc0 [ 51.107636][ T6691] ? rcu_is_watching+0x12/0xc0 [ 51.108829][ T6691] do_syscall_64+0xcd/0x250 [ 51.109949][ T6691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.111409][ T6691] RIP: 0033:0x7fc17ff8472c [ 51.112546][ T6691] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 51.117231][ T6691] RSP: 002b:00007fc180d1d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 51.119284][ T6691] RAX: ffffffffffffffda RBX: 00007fc180175fa0 RCX: 00007fc17ff8472c [ 51.121175][ T6691] RDX: 000000000000000f RSI: 00007fc180d1d0a0 RDI: 0000000000000003 [ 51.123068][ T6691] RBP: 00007fc180d1d090 R08: 0000000000000000 R09: 0000000000000000 [ 51.125131][ T6691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.127437][ T6691] R13: 0000000000000000 R14: 00007fc180175fa0 R15: 00007fff4a4b9c98 [ 51.129488][ T6691] [ 51.153854][ T6697] netlink: 48 bytes leftover after parsing attributes in process `syz.1.259'. [ 51.337481][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 51.406265][ T6722] netlink: 12 bytes leftover after parsing attributes in process `syz.2.265'. [ 51.408770][ T6722] netlink: 'syz.2.265': attribute type 25 has an invalid length. [ 51.413963][ T6722] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.416290][ T6722] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.418657][ T6722] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.420934][ T6722] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 51.985406][ T5944] Bluetooth: hci0: command 0x0c1a tx timeout [ 52.202386][ T5944] Bluetooth: hci2: Malformed LE Event: 0x0d [ 52.775305][ T5944] Bluetooth: hci3: command 0x0c1a tx timeout [ 52.775371][ T5937] Bluetooth: hci2: command 0x0406 tx timeout [ 52.776948][ T5943] Bluetooth: hci1: command 0x0c1a tx timeout [ 53.064249][ T5944] Bluetooth: hci3: Malformed LE Event: 0x0d [ 53.413039][ T5944] Bluetooth: hci0: Malformed LE Event: 0x0d [ 53.441177][ T6798] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.514201][ T6806] netlink: 24 bytes leftover after parsing attributes in process `syz.1.297'. [ 53.529581][ T6798] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.576960][ T6808] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 53.581203][ T6808] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.628195][ T6798] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.709780][ T6808] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 53.712785][ T6808] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.757749][ T6798] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.822229][ T6808] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 53.825024][ T6808] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.837082][ T6798] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.841999][ T6798] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.847264][ T6798] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.852819][ T6798] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.879250][ T6808] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 53.882558][ T6808] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.943449][ T6808] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.946400][ T6808] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.951123][ T6808] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.953794][ T6808] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.960300][ T6808] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.963048][ T6808] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.968689][ T6808] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.971392][ T6808] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.055526][ T5944] Bluetooth: hci0: command 0x0c1a tx timeout [ 54.059641][ T6834] netlink: 24 bytes leftover after parsing attributes in process `syz.1.306'. [ 54.126197][ T6838] netlink: 24 bytes leftover after parsing attributes in process `syz.1.306'. [ 54.128519][ T6838] nbd: device at index 64 is going down [ 54.130085][ T6838] FAULT_INJECTION: forcing a failure. [ 54.130085][ T6838] name failslab, interval 1, probability 0, space 0, times 0 [ 54.133843][ T6838] CPU: 1 UID: 0 PID: 6838 Comm: syz.1.306 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 54.136405][ T6838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 54.139325][ T6838] Call Trace: [ 54.140281][ T6838] [ 54.141131][ T6838] dump_stack_lvl+0x16c/0x1f0 [ 54.142526][ T6838] should_fail_ex+0x497/0x5b0 [ 54.143832][ T6838] ? fs_reclaim_acquire+0xae/0x150 [ 54.145294][ T6838] should_failslab+0xc2/0x120 [ 54.146630][ T6838] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 54.148245][ T6838] ? __alloc_skb+0x2b1/0x380 [ 54.149518][ T6838] __alloc_skb+0x2b1/0x380 [ 54.150823][ T6838] ? __pfx___alloc_skb+0x10/0x10 [ 54.152142][ T6838] ? genl_rcv_msg+0x4bd/0x800 [ 54.153448][ T6838] netlink_ack+0x15f/0xb80 [ 54.154711][ T6838] netlink_rcv_skb+0x348/0x440 [ 54.155788][ T6838] ? __pfx_genl_rcv_msg+0x10/0x10 [ 54.156929][ T6838] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 54.158167][ T6838] ? down_read+0xc9/0x330 [ 54.159319][ T6838] ? __pfx_down_read+0x10/0x10 [ 54.160407][ T6838] ? netlink_deliver_tap+0x1ae/0xd30 [ 54.161673][ T6838] genl_rcv+0x28/0x40 [ 54.162604][ T6838] netlink_unicast+0x53c/0x7f0 [ 54.163717][ T6838] ? __pfx_netlink_unicast+0x10/0x10 [ 54.164988][ T6838] netlink_sendmsg+0x8b8/0xd70 [ 54.166102][ T6838] ? __pfx_netlink_sendmsg+0x10/0x10 [ 54.167540][ T6838] ____sys_sendmsg+0xaaf/0xc90 [ 54.168904][ T6838] ? copy_msghdr_from_user+0x10b/0x160 [ 54.170423][ T6838] ? __pfx_____sys_sendmsg+0x10/0x10 [ 54.171932][ T6838] ? rcu_is_watching+0x12/0xc0 [ 54.172922][ T6848] dlm: Unknown command passed to DLM device : 8 [ 54.172922][ T6848] [ 54.173290][ T6838] ? lock_release+0x4e2/0x6f0 [ 54.173310][ T6838] ? get_pid_task+0xfc/0x250 [ 54.173327][ T6838] ___sys_sendmsg+0x135/0x1e0 [ 54.180137][ T6838] ? get_pid_task+0x35/0x250 [ 54.181507][ T6838] ? __pfx____sys_sendmsg+0x10/0x10 [ 54.182129][ T6848] tipc: Started in network mode [ 54.183050][ T6838] ? lock_release+0x4e2/0x6f0 [ 54.184776][ T6848] tipc: Node identity 4, cluster identity 4711 [ 54.185880][ T6838] ? __pfx_lock_release+0x10/0x10 [ 54.185895][ T6838] ? trace_lock_acquire+0x14e/0x1f0 [ 54.185911][ T6838] ? __fget_files+0x206/0x3a0 [ 54.185923][ T6838] __sys_sendmsg+0x16e/0x220 [ 54.185934][ T6838] ? __pfx___sys_sendmsg+0x10/0x10 [ 54.185945][ T6838] ? rcu_is_watching+0x12/0xc0 [ 54.185960][ T6838] ? rcu_is_watching+0x12/0xc0 [ 54.188264][ T6848] tipc: Node number set to 4 [ 54.189417][ T6838] do_syscall_64+0xcd/0x250 [ 54.199565][ T6838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.201039][ T6838] RIP: 0033:0x7fde34d85d19 [ 54.202068][ T6838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.206847][ T6838] RSP: 002b:00007fde35b70038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 54.209042][ T6838] RAX: ffffffffffffffda RBX: 00007fde34f76080 RCX: 00007fde34d85d19 [ 54.211159][ T6838] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005 [ 54.213267][ T6838] RBP: 00007fde35b70090 R08: 0000000000000000 R09: 0000000000000000 [ 54.215156][ T6838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.216921][ T6838] R13: 0000000000000000 R14: 00007fde34f76080 R15: 00007ffc7c2106e8 [ 54.218747][ T6838] [ 54.241714][ T6856] tmpfs: Bad value for 'mpol' [ 54.247847][ T6842] netlink: 4 bytes leftover after parsing attributes in process `syz.3.308'. [ 54.250163][ T6842] bridge_slave_1: left allmulticast mode [ 54.251625][ T6842] bridge_slave_1: left promiscuous mode [ 54.253256][ T6842] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.261116][ T6842] bridge_slave_0: left allmulticast mode [ 54.262712][ T6842] bridge_slave_0: left promiscuous mode [ 54.264533][ T6842] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.351684][ T6864] netlink: 'syz.2.316': attribute type 7 has an invalid length. [ 54.354161][ T6864] netlink: 204 bytes leftover after parsing attributes in process `syz.2.316'. [ 54.355340][ T6867] Cannot find set identified by id 0 to match [ 54.497096][ T6880] tmpfs: Bad value for 'mpol' [ 54.518561][ T6882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.323'. [ 54.548558][ T6886] netlink: 28 bytes leftover after parsing attributes in process `syz.1.324'. [ 54.855231][ T5944] Bluetooth: hci1: command 0x0c1a tx timeout [ 54.855313][ T5943] Bluetooth: hci2: command 0x0406 tx timeout [ 54.855874][ T5937] Bluetooth: hci3: command 0x0c1a tx timeout [ 55.277505][ T39] kauditd_printk_skb: 16 callbacks suppressed [ 55.277516][ T39] audit: type=1400 audit(1734264109.697:338): avc: denied { bind } for pid=6891 comm="syz.2.326" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 55.277659][ T6892] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2564 sclass=netlink_route_socket pid=6892 comm=syz.2.326 [ 55.288590][ T39] audit: type=1326 audit(1734264109.707:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6891 comm="syz.2.326" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa1ae785d19 code=0x0 [ 55.334644][ T6894] FAULT_INJECTION: forcing a failure. [ 55.334644][ T6894] name failslab, interval 1, probability 0, space 0, times 0 [ 55.337874][ T6894] CPU: 1 UID: 0 PID: 6894 Comm: syz.0.327 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 55.341105][ T6894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 55.344428][ T6894] Call Trace: [ 55.345591][ T6894] [ 55.346458][ T6894] dump_stack_lvl+0x16c/0x1f0 [ 55.347636][ T6894] should_fail_ex+0x497/0x5b0 [ 55.349254][ T6894] ? fs_reclaim_acquire+0xae/0x150 [ 55.350930][ T6894] should_failslab+0xc2/0x120 [ 55.352372][ T6894] kmem_cache_alloc_lru_noprof+0x73/0x3d0 [ 55.353821][ T6894] ? __d_alloc+0x31/0xaa0 [ 55.355186][ T6894] __d_alloc+0x31/0xaa0 [ 55.356497][ T6894] ? __pfx_lock_release+0x10/0x10 [ 55.358110][ T6894] d_alloc+0x4a/0x1e0 [ 55.359314][ T6894] d_alloc_parallel+0xe9/0x12b0 [ 55.360868][ T6894] ? lock_release+0x4e2/0x6f0 [ 55.362351][ T6894] ? __d_lookup+0x25c/0x4a0 [ 55.363786][ T6894] ? trace_lock_acquire+0x14e/0x1f0 [ 55.365434][ T6894] ? lock_release+0x4e2/0x6f0 [ 55.366934][ T6894] ? lookup_open.isra.0+0x229/0x14c0 [ 55.368620][ T6894] ? __d_lookup+0x7e/0x4a0 [ 55.370023][ T6894] ? __pfx_d_alloc_parallel+0x10/0x10 [ 55.371590][ T6894] ? __d_lookup+0x266/0x4a0 [ 55.372663][ T6894] lookup_open.isra.0+0xab5/0x14c0 [ 55.373891][ T6894] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 55.375222][ T6894] ? move_pages_huge_pmd+0x440/0x2570 [ 55.376490][ T6894] ? lock_acquire+0x2f/0xb0 [ 55.377560][ T6894] ? path_openat+0x153e/0x2d60 [ 55.378726][ T6894] ? move_pages_huge_pmd+0x440/0x2570 [ 55.379987][ T6894] ? __pfx_down_write+0x10/0x10 [ 55.381133][ T6894] ? mnt_get_write_access+0x20c/0x300 [ 55.382402][ T6894] path_openat+0x904/0x2d60 [ 55.383486][ T6894] ? __pfx_path_openat+0x10/0x10 [ 55.384671][ T6894] do_filp_open+0x20c/0x470 [ 55.385757][ T6894] ? __virt_addr_valid+0x2b4/0x590 [ 55.386975][ T6894] ? __pfx_do_filp_open+0x10/0x10 [ 55.388192][ T6894] ? trace_lock_acquire+0x14e/0x1f0 [ 55.389421][ T6894] ? _raw_spin_unlock+0x28/0x50 [ 55.390586][ T6894] ? alloc_fd+0x41f/0x760 [ 55.391610][ T6894] do_sys_openat2+0x17a/0x1e0 [ 55.392726][ T6894] ? __pfx_do_sys_openat2+0x10/0x10 [ 55.393961][ T6894] ? __fget_files+0x206/0x3a0 [ 55.395122][ T6894] __x64_sys_creat+0xcd/0x120 [ 55.396416][ T6894] ? __pfx___x64_sys_creat+0x10/0x10 [ 55.397666][ T6894] ? __pfx_ksys_write+0x10/0x10 [ 55.398835][ T6894] ? rcu_is_watching+0x12/0xc0 [ 55.399969][ T6894] ? rcu_is_watching+0x12/0xc0 [ 55.401130][ T6894] ? trace_irq_enable.constprop.0+0xea/0x140 [ 55.402562][ T6894] do_syscall_64+0xcd/0x250 [ 55.403636][ T6894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.405033][ T6894] RIP: 0033:0x7f17fbd85d19 [ 55.406105][ T6894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.410708][ T6894] RSP: 002b:00007f17fcae8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 55.412705][ T6894] RAX: ffffffffffffffda RBX: 00007f17fbf75fa0 RCX: 00007f17fbd85d19 [ 55.414641][ T6894] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020000100 [ 55.416958][ T6894] RBP: 00007f17fcae8090 R08: 0000000000000000 R09: 0000000000000000 [ 55.419285][ T6894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.421472][ T6894] R13: 0000000000000000 R14: 00007f17fbf75fa0 R15: 00007ffe64481278 [ 55.423682][ T6894] [ 55.460524][ T39] audit: type=1400 audit(1734264109.877:340): avc: denied { open } for pid=6905 comm="syz.0.331" path="/dev/ptyq5" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 55.467346][ T39] audit: type=1400 audit(1734264109.877:341): avc: denied { ioctl } for pid=6905 comm="syz.0.331" path="/dev/ptyq5" dev="devtmpfs" ino=132 ioctlcmd=0x5436 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 55.473814][ T39] audit: type=1400 audit(1734264109.887:342): avc: denied { create } for pid=6905 comm="syz.0.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 55.481791][ T39] audit: type=1400 audit(1734264109.887:343): avc: denied { listen } for pid=6905 comm="syz.0.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 55.488465][ T39] audit: type=1400 audit(1734264109.907:344): avc: denied { read write } for pid=6909 comm="syz.0.333" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 55.494647][ T39] audit: type=1400 audit(1734264109.907:345): avc: denied { open } for pid=6909 comm="syz.0.333" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 55.501342][ T39] audit: type=1400 audit(1734264109.907:346): avc: denied { ioctl } for pid=6909 comm="syz.0.333" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9371 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 55.527384][ T39] audit: type=1400 audit(1734264109.947:347): avc: denied { create } for pid=6907 comm="syz.1.332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 55.564503][ T6923] syzkaller1: entered promiscuous mode [ 55.566976][ T6923] syzkaller1: entered allmulticast mode [ 56.145339][ T5943] Bluetooth: hci0: command 0x0c1a tx timeout [ 56.439858][ T6942] FAULT_INJECTION: forcing a failure. [ 56.439858][ T6942] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 56.444263][ T6942] CPU: 0 UID: 0 PID: 6942 Comm: syz.0.344 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 56.447778][ T6942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 56.451283][ T6942] Call Trace: [ 56.452397][ T6942] [ 56.453404][ T6942] dump_stack_lvl+0x16c/0x1f0 [ 56.455081][ T6942] should_fail_ex+0x497/0x5b0 [ 56.456681][ T6942] ? fs_reclaim_acquire+0xae/0x150 [ 56.458520][ T6942] should_fail_alloc_page+0xe7/0x130 [ 56.460343][ T6942] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 56.462466][ T6942] __alloc_pages_noprof+0x190/0x25b0 [ 56.464339][ T6942] ? rcu_is_watching+0x12/0xc0 [ 56.465862][ T6942] ? lock_release+0x4e2/0x6f0 [ 56.467175][ T6942] ? is_bpf_text_address+0x8a/0x1a0 [ 56.468986][ T6942] ? __pfx_lock_release+0x10/0x10 [ 56.470747][ T6942] ? trace_lock_acquire+0x14e/0x1f0 [ 56.472212][ T6942] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 56.473753][ T6942] ? is_bpf_text_address+0x30/0x1a0 [ 56.475132][ T6942] ? bpf_ksym_find+0x127/0x1c0 [ 56.476663][ T6942] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 56.478765][ T6942] ? kernel_text_address+0x8d/0x100 [ 56.480440][ T6942] ? __kernel_text_address+0xd/0x40 [ 56.482247][ T6942] ? unwind_get_return_address+0x59/0xa0 [ 56.484004][ T6942] ? arch_stack_walk+0xa7/0x100 [ 56.485836][ T6942] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 56.487847][ T6942] ? policy_nodemask+0xea/0x4e0 [ 56.489545][ T6942] alloc_pages_mpol_noprof+0x2c9/0x610 [ 56.491441][ T6942] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 56.493488][ T6942] ? is_bpf_text_address+0x30/0x1a0 [ 56.495301][ T6942] ? lock_acquire+0x2f/0xb0 [ 56.496746][ T6942] ? is_bpf_text_address+0x30/0x1a0 [ 56.498574][ T6942] ? bpf_ksym_find+0x127/0x1c0 [ 56.500252][ T6942] folio_alloc_mpol_noprof+0x36/0xd0 [ 56.502088][ T6942] vma_alloc_folio_noprof+0xee/0x1b0 [ 56.503897][ T6942] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 56.505915][ T6942] ? trace_lock_acquire+0x14e/0x1f0 [ 56.507359][ T6942] ? rcu_is_watching+0x12/0xc0 [ 56.509047][ T6942] do_pte_missing+0x2017/0x3e00 [ 56.510609][ T6942] __handle_mm_fault+0x103c/0x2a40 [ 56.512314][ T6942] ? __pfx___handle_mm_fault+0x10/0x10 [ 56.513923][ T6942] ? lock_release+0x4e2/0x6f0 [ 56.515434][ T6942] ? follow_page_pte+0x3c3/0x1b20 [ 56.517152][ T6942] ? __pfx_lock_release+0x10/0x10 [ 56.518918][ T6942] ? __pfx___pte_offset_map_lock+0x10/0x10 [ 56.520914][ T6942] ? follow_page_pte+0x3f7/0x1b20 [ 56.522656][ T6942] handle_mm_fault+0x3fa/0xaa0 [ 56.524337][ T6942] __get_user_pages+0x8d9/0x3b50 [ 56.526044][ T6942] ? __pfx___get_user_pages+0x10/0x10 [ 56.527869][ T6942] ? down_read_killable+0xcc/0x380 [ 56.529665][ T6942] ? __pfx_down_read_killable+0x10/0x10 [ 56.531599][ T6942] ? __pfx_lock_release+0x10/0x10 [ 56.533316][ T6942] ? trace_lock_acquire+0x14e/0x1f0 [ 56.535031][ T6942] get_user_pages_unlocked+0x1c2/0x780 [ 56.536750][ T6942] ? __pfx_get_user_pages_unlocked+0x10/0x10 [ 56.538846][ T6942] ? get_user_pages_fast_only+0xaf/0x100 [ 56.540788][ T6942] ? __pfx_get_user_pages_fast_only+0x10/0x10 [ 56.542886][ T6942] ? __pfx___might_resched+0x10/0x10 [ 56.544715][ T6942] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 56.546847][ T6942] hva_to_pfn+0x8be/0xc20 [ 56.548365][ T6942] ? unwind_get_return_address+0x59/0xa0 [ 56.550278][ T6942] ? __pfx_hva_to_pfn+0x10/0x10 [ 56.551950][ T6942] ? rcu_is_watching+0x12/0xc0 [ 56.553598][ T6942] ? lock_release+0x4e2/0x6f0 [ 56.555230][ T6942] ? mmu_try_to_unsync_pages+0x2a1/0x800 [ 56.557160][ T6942] ? rcu_is_watching+0x12/0xc0 [ 56.558861][ T6942] ? lock_release+0x4e2/0x6f0 [ 56.560452][ T6942] ? xa_load+0x14a/0x2c0 [ 56.561538][ T6942] ? __pfx_lock_release+0x10/0x10 [ 56.563212][ T6942] kvm_follow_pfn+0x29f/0x3f0 [ 56.564778][ T6942] __kvm_faultin_pfn+0x11c/0x1a0 [ 56.566469][ T6942] ? __pfx___kvm_faultin_pfn+0x10/0x10 [ 56.568266][ T6942] ? __pfx_xa_load+0x10/0x10 [ 56.569800][ T6942] kvm_mmu_faultin_pfn+0x469/0x1f30 [ 56.571553][ T6942] ? __pfx_kvm_mmu_faultin_pfn+0x10/0x10 [ 56.573412][ T6942] ? __pfx_lock_release+0x10/0x10 [ 56.575150][ T6942] ? __kvm_mmu_topup_memory_cache+0x330/0x600 [ 56.577003][ T6942] ? put_page+0xdb/0x280 [ 56.578465][ T6942] kvm_tdp_page_fault+0x182/0x3d0 [ 56.580127][ T6942] kvm_mmu_do_page_fault+0x58d/0x690 [ 56.581817][ T6942] ? __pfx_kvm_mmu_do_page_fault+0x10/0x10 [ 56.583449][ T6942] ? unwind_get_return_address+0x59/0xa0 [ 56.585310][ T6942] ? arch_stack_walk+0xa7/0x100 [ 56.586987][ T6942] kvm_mmu_page_fault+0x20f/0x1bb0 [ 56.588628][ T6942] ? kvm_multiple_exception+0x57c/0xb40 [ 56.590499][ T6942] ? __pfx_kvm_mmu_page_fault+0x10/0x10 [ 56.592122][ T6942] ? kvm_requeue_exception+0x26/0x30 [ 56.593864][ T6942] ? __vmx_complete_interrupts+0x496/0x4e0 [ 56.596014][ T6942] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 56.598169][ T6942] ? vmx_vcpu_run+0x14b7/0x2a50 [ 56.599829][ T6942] handle_ept_violation+0x25a/0x640 [ 56.601655][ T6942] ? __pfx_handle_ept_violation+0x10/0x10 [ 56.603605][ T6942] vmx_handle_exit+0x733/0x1f70 [ 56.605252][ T6942] vcpu_run+0x3047/0x4f50 [ 56.606419][ T6942] ? __pfx___mutex_trylock_common+0x10/0x10 [ 56.608188][ T6942] ? __pfx_vcpu_run+0x10/0x10 [ 56.609781][ T6942] ? rcu_is_watching+0x12/0xc0 [ 56.611437][ T6942] ? trace_lock_acquire+0x14e/0x1f0 [ 56.613214][ T6942] ? trace_irq_enable.constprop.0+0xea/0x140 [ 56.614917][ T6942] ? kvm_arch_vcpu_ioctl_run+0x150/0x1740 [ 56.616850][ T6942] ? kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 56.618836][ T6942] kvm_arch_vcpu_ioctl_run+0x44a/0x1740 [ 56.620738][ T6942] kvm_vcpu_ioctl+0x6ce/0x1520 [ 56.622300][ T6942] ? do_vfs_ioctl+0x513/0x1990 [ 56.623910][ T6942] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 56.625753][ T6942] ? preempt_count_add+0x76/0x150 [ 56.627491][ T6942] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 56.629731][ T6942] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 56.632068][ T6942] ? __pfx_lock_release+0x10/0x10 [ 56.633842][ T6942] ? __fget_files+0x40/0x3a0 [ 56.635443][ T6942] ? selinux_file_ioctl+0x180/0x270 [ 56.637266][ T6942] ? selinux_file_ioctl+0xb4/0x270 [ 56.639083][ T6942] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 56.640875][ T6942] __x64_sys_ioctl+0x190/0x200 [ 56.642553][ T6942] do_syscall_64+0xcd/0x250 [ 56.644139][ T6942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.646218][ T6942] RIP: 0033:0x7f17fbd85d19 [ 56.647457][ T6942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.653366][ T6942] RSP: 002b:00007f17fcae8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 56.655582][ T6942] RAX: ffffffffffffffda RBX: 00007f17fbf75fa0 RCX: 00007f17fbd85d19 [ 56.657771][ T6942] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000f [ 56.659871][ T6942] RBP: 00007f17fcae8090 R08: 0000000000000000 R09: 0000000000000000 [ 56.661953][ T6942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.664105][ T6942] R13: 0000000000000000 R14: 00007f17fbf75fa0 R15: 00007ffe64481278 [ 56.666173][ T6942] [ 56.810052][ T6950] kvm: pic: non byte write [ 56.814259][ T6950] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194322 ns). Using initial count to start timer. [ 56.823477][ T6950] tipc: Enabled bearer , priority 10 [ 56.826608][ T6950] tipc: Enabled bearer , priority 0 [ 56.935352][ T5943] Bluetooth: hci1: command 0x0c1a tx timeout [ 56.945402][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout [ 56.945440][ T5944] Bluetooth: hci2: command 0x0406 tx timeout [ 57.085308][ T6963] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6963 comm=syz.2.350 [ 57.200526][ T6967] tipc: Started in network mode [ 57.202062][ T6967] tipc: Node identity 7f000001, cluster identity 4711 [ 57.204168][ T6967] tipc: Enabled bearer , priority 10 [ 57.217242][ T6969] binder: 6964:6969 ioctl c0046209 0 returned -22 [ 57.260176][ T6967] binder: 6966:6967 ioctl 4008af04 20000280 returned -22 [ 57.303836][ T5944] Bluetooth: hci1: Malformed LE Event: 0x0d [ 57.339355][ T6977] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.417816][ T6977] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.478910][ T6977] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.519484][ T6977] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.644669][ T6977] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.649487][ T6977] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.653272][ T6977] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.657142][ T6977] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.692362][ T6982] tmpfs: Bad value for 'mpol' [ 57.732872][ T6986] netlink: 'syz.1.359': attribute type 2 has an invalid length. [ 57.885930][ T6994] __nla_validate_parse: 1 callbacks suppressed [ 57.885941][ T6994] netlink: 12 bytes leftover after parsing attributes in process `syz.0.362'. [ 57.940452][ T5944] Bluetooth: hci3: Malformed LE Event: 0x0d [ 58.038271][ T7003] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.078141][ T7003] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.095843][ T7005] tmpfs: Bad value for 'mpol' [ 58.158849][ T7003] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.205228][ T6889] tipc: Node number set to 2130706433 [ 58.227193][ T7003] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.318861][ T7018] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 58.321638][ T7018] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 58.360686][ T7003] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.364563][ T7003] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.368778][ T7003] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.372578][ T7003] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.397404][ T5944] Bluetooth: hci3: Malformed LE Event: 0x0d [ 58.424724][ T7024] netlink: 8 bytes leftover after parsing attributes in process `syz.0.375'. [ 58.427263][ T7024] netlink: 4 bytes leftover after parsing attributes in process `syz.0.375'. [ 58.453217][ T7027] tmpfs: Bad value for 'mpol' [ 58.547309][ T7047] FAULT_INJECTION: forcing a failure. [ 58.547309][ T7047] name failslab, interval 1, probability 0, space 0, times 0 [ 58.550627][ T7047] CPU: 1 UID: 0 PID: 7047 Comm: syz.0.386 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 58.553108][ T7047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.555659][ T7047] Call Trace: [ 58.556448][ T7047] [ 58.557153][ T7047] dump_stack_lvl+0x16c/0x1f0 [ 58.558343][ T7047] should_fail_ex+0x497/0x5b0 [ 58.559447][ T7047] should_failslab+0xc2/0x120 [ 58.560582][ T7047] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 58.562015][ T7047] ? skb_clone+0x190/0x3f0 [ 58.563095][ T7047] skb_clone+0x190/0x3f0 [ 58.564242][ T7047] netlink_deliver_tap+0xabd/0xd30 [ 58.565502][ T7047] netlink_dump+0xb60/0xd00 [ 58.566993][ T7047] ? __pfx_netlink_dump+0x10/0x10 [ 58.568789][ T7047] ? __netlink_dump_start+0x154/0x970 [ 58.570656][ T7047] ? netlink_lookup+0x259/0x520 [ 58.572310][ T7047] ? __pfx_netlink_lookup+0x10/0x10 [ 58.572667][ T7049] tmpfs: Bad value for 'mpol' [ 58.573894][ T7047] ? __mutex_trylock_common+0xea/0x250 [ 58.576363][ T7047] __netlink_dump_start+0x6ca/0x970 [ 58.577654][ T7047] ctnetlink_get_conntrack+0x5fc/0x7c0 [ 58.579010][ T7047] ? __pfx_ctnetlink_get_conntrack+0x10/0x10 [ 58.580462][ T7047] ? __pfx_ctnetlink_start+0x10/0x10 [ 58.581798][ T7047] ? __pfx_ctnetlink_dump_table+0x10/0x10 [ 58.583149][ T7047] ? __pfx_ctnetlink_done+0x10/0x10 [ 58.584450][ T7047] ? lock_release+0x4e2/0x6f0 [ 58.585658][ T7047] ? __pfx_lock_release+0x10/0x10 [ 58.586894][ T7047] nfnetlink_rcv_msg+0x9c3/0x11e0 [ 58.588257][ T7047] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 58.589539][ T7047] ? rcu_is_watching+0x12/0xc0 [ 58.590702][ T7047] ? lock_acquire+0x2f/0xb0 [ 58.591777][ T7047] ? avc_has_perm_noaudit+0x61/0x3a0 [ 58.593031][ T7047] netlink_rcv_skb+0x16b/0x440 [ 58.594219][ T7047] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 58.595593][ T7047] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 58.596903][ T7047] ? bpf_lsm_capable+0x9/0x10 [ 58.598143][ T7047] ? security_capable+0x7e/0x260 [ 58.599522][ T7047] ? ns_capable+0xd7/0x110 [ 58.600656][ T7047] nfnetlink_rcv+0x1b4/0x430 [ 58.601823][ T7047] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 58.603053][ T7047] ? netlink_deliver_tap+0x1ae/0xd30 [ 58.604360][ T7047] netlink_unicast+0x53c/0x7f0 [ 58.605534][ T7047] ? __pfx_netlink_unicast+0x10/0x10 [ 58.606868][ T7047] netlink_sendmsg+0x8b8/0xd70 [ 58.608110][ T7047] ? __pfx_netlink_sendmsg+0x10/0x10 [ 58.609861][ T7047] ____sys_sendmsg+0xaaf/0xc90 [ 58.611092][ T7047] ? copy_msghdr_from_user+0x10b/0x160 [ 58.612494][ T7047] ? __pfx_____sys_sendmsg+0x10/0x10 [ 58.613874][ T7047] ? rcu_is_watching+0x12/0xc0 [ 58.615117][ T7047] ? lock_release+0x4e2/0x6f0 [ 58.616346][ T7047] ? get_pid_task+0xfc/0x250 [ 58.617550][ T7047] ___sys_sendmsg+0x135/0x1e0 [ 58.618832][ T7047] ? get_pid_task+0x35/0x250 [ 58.620125][ T7047] ? __pfx____sys_sendmsg+0x10/0x10 [ 58.621436][ T7047] ? lock_release+0x4e2/0x6f0 [ 58.622839][ T7047] ? __pfx_lock_release+0x10/0x10 [ 58.624150][ T7047] ? trace_lock_acquire+0x14e/0x1f0 [ 58.625520][ T7047] ? __fget_files+0x206/0x3a0 [ 58.626754][ T7047] __sys_sendmsg+0x16e/0x220 [ 58.627960][ T7047] ? __pfx___sys_sendmsg+0x10/0x10 [ 58.629510][ T7047] ? rcu_is_watching+0x12/0xc0 [ 58.630777][ T7047] ? rcu_is_watching+0x12/0xc0 [ 58.632052][ T7047] do_syscall_64+0xcd/0x250 [ 58.633243][ T7047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.634797][ T7047] RIP: 0033:0x7f17fbd85d19 [ 58.635944][ T7047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.641148][ T7047] RSP: 002b:00007f17fcae8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 58.643220][ T7047] RAX: ffffffffffffffda RBX: 00007f17fbf75fa0 RCX: 00007f17fbd85d19 [ 58.645230][ T7047] RDX: 0000000000000000 RSI: 0000000020001ac0 RDI: 0000000000000003 [ 58.647759][ T7047] RBP: 00007f17fcae8090 R08: 0000000000000000 R09: 0000000000000000 [ 58.649836][ T7047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.651862][ T7047] R13: 0000000000000000 R14: 00007f17fbf75fa0 R15: 00007ffe64481278 [ 58.653749][ T7047] [ 58.690200][ T7060] netlink: 4 bytes leftover after parsing attributes in process `syz.3.391'. [ 58.823034][ T7073] FAULT_INJECTION: forcing a failure. [ 58.823034][ T7073] name failslab, interval 1, probability 0, space 0, times 0 [ 58.825187][ T72] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 58.827309][ T7073] CPU: 3 UID: 0 PID: 7073 Comm: syz.0.394 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 58.831801][ T7073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.835227][ T7073] Call Trace: [ 58.836221][ T7073] [ 58.837065][ T7073] dump_stack_lvl+0x16c/0x1f0 [ 58.838350][ T7073] should_fail_ex+0x497/0x5b0 [ 58.839596][ T7073] ? fs_reclaim_acquire+0xae/0x150 [ 58.840936][ T7073] should_failslab+0xc2/0x120 [ 58.842181][ T7073] __kmalloc_noprof+0xcb/0x510 [ 58.843504][ T7073] nla_strdup+0xc6/0x150 [ 58.844626][ T7073] nf_tables_newtable+0xe08/0x1b40 [ 58.845976][ T7073] ? lock_release+0x4e2/0x6f0 [ 58.847205][ T7073] ? net_generic+0xea/0x2a0 [ 58.848422][ T7073] ? __pfx_nf_tables_newtable+0x10/0x10 [ 58.849865][ T7073] ? __nla_parse+0x40/0x60 [ 58.851021][ T7073] nfnetlink_rcv_batch+0x1a2a/0x24e0 [ 58.852396][ T7073] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 58.853875][ T7073] ? __pfx_lock_release+0x10/0x10 [ 58.855190][ T7073] ? lock_release+0x4e2/0x6f0 [ 58.856474][ T7073] ? avc_has_perm_noaudit+0x119/0x3a0 [ 58.858209][ T7073] ? avc_has_perm_noaudit+0x143/0x3a0 [ 58.859618][ T7073] ? __nla_parse+0x40/0x60 [ 58.860799][ T7073] nfnetlink_rcv+0x3c3/0x430 [ 58.862023][ T7073] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 58.863397][ T7073] netlink_unicast+0x53c/0x7f0 [ 58.864684][ T7073] ? __pfx_netlink_unicast+0x10/0x10 [ 58.866073][ T7073] netlink_sendmsg+0x8b8/0xd70 [ 58.867334][ T7073] ? __pfx_netlink_sendmsg+0x10/0x10 [ 58.868778][ T7073] ____sys_sendmsg+0xaaf/0xc90 [ 58.870057][ T7073] ? copy_msghdr_from_user+0x10b/0x160 [ 58.871477][ T7073] ? __pfx_____sys_sendmsg+0x10/0x10 [ 58.872857][ T7073] ? rcu_is_watching+0x12/0xc0 [ 58.874467][ T7073] ? lock_release+0x4e2/0x6f0 [ 58.875705][ T7073] ? get_pid_task+0xfc/0x250 [ 58.876891][ T7073] ___sys_sendmsg+0x135/0x1e0 [ 58.878359][ T7073] ? get_pid_task+0x35/0x250 [ 58.879901][ T7073] ? __pfx____sys_sendmsg+0x10/0x10 [ 58.881317][ T7073] ? lock_release+0x4e2/0x6f0 [ 58.882626][ T7073] ? __pfx_lock_release+0x10/0x10 [ 58.883935][ T7073] ? trace_lock_acquire+0x14e/0x1f0 [ 58.885339][ T7073] ? __fget_files+0x206/0x3a0 [ 58.887044][ T7073] __sys_sendmsg+0x16e/0x220 [ 58.888612][ T7073] ? __pfx___sys_sendmsg+0x10/0x10 [ 58.890346][ T7073] ? rcu_is_watching+0x12/0xc0 [ 58.891956][ T7073] ? rcu_is_watching+0x12/0xc0 [ 58.893587][ T7073] do_syscall_64+0xcd/0x250 [ 58.895151][ T7073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.897146][ T7073] RIP: 0033:0x7f17fbd85d19 [ 58.898751][ T7073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.905202][ T7073] RSP: 002b:00007f17fcae8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 58.908024][ T7073] RAX: ffffffffffffffda RBX: 00007f17fbf75fa0 RCX: 00007f17fbd85d19 [ 58.910696][ T7073] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 58.913352][ T7073] RBP: 00007f17fcae8090 R08: 0000000000000000 R09: 0000000000000000 [ 58.916101][ T7073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.918619][ T7073] R13: 0000000000000000 R14: 00007f17fbf75fa0 R15: 00007ffe64481278 [ 58.920667][ T7073] [ 58.941180][ T7080] netlink: 4 bytes leftover after parsing attributes in process `syz.3.396'. [ 58.943481][ T7080] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 58.945550][ T7080] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 58.947962][ T7080] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 58.949937][ T7080] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 58.952176][ T7083] tmpfs: Bad value for 'mpol' [ 58.986189][ T72] usb 7-1: Using ep0 maxpacket: 8 [ 58.989168][ T72] usb 7-1: config 0 has no interfaces? [ 58.990678][ T72] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 58.994371][ T72] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.999395][ T72] usb 7-1: config 0 descriptor?? [ 59.015611][ T5944] Bluetooth: hci2: command 0x0406 tx timeout [ 59.133835][ T7098] netlink: 8 bytes leftover after parsing attributes in process `syz.3.404'. [ 59.136167][ T7098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.404'. [ 59.144942][ T7100] netlink: 4 bytes leftover after parsing attributes in process `syz.1.403'. [ 59.204366][ T8] usb 7-1: USB disconnect, device number 2 [ 59.724374][ T7109] pim6reg1: entered promiscuous mode [ 59.726346][ T7109] pim6reg1: entered allmulticast mode [ 59.840451][ T7114] tmpfs: Bad value for 'mpol' [ 59.944132][ T7123] FAULT_INJECTION: forcing a failure. [ 59.944132][ T7123] name failslab, interval 1, probability 0, space 0, times 0 [ 59.947669][ T7123] CPU: 2 UID: 0 PID: 7123 Comm: syz.1.412 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 59.950452][ T7123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.953328][ T7123] Call Trace: [ 59.954235][ T7123] [ 59.955020][ T7123] dump_stack_lvl+0x16c/0x1f0 [ 59.956347][ T7123] should_fail_ex+0x497/0x5b0 [ 59.957610][ T7123] ? fs_reclaim_acquire+0xae/0x150 [ 59.958975][ T7123] should_failslab+0xc2/0x120 [ 59.960238][ T7123] __kmalloc_cache_noprof+0x68/0x410 [ 59.961590][ T7123] ? trace_irq_enable.constprop.0+0xea/0x140 [ 59.963186][ T7123] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 59.964750][ T7123] __request_module+0x2c6/0x6c0 [ 59.966100][ T7123] ? nfnetlink_rcv_batch+0x18f8/0x24e0 [ 59.967538][ T7123] ? __pfx___request_module+0x10/0x10 [ 59.969037][ T7123] ? __mutex_unlock_slowpath+0x164/0x690 [ 59.970553][ T7123] nfnetlink_rcv_batch+0x18f8/0x24e0 [ 59.971936][ T7123] ? kmem_cache_free+0x152/0x4c0 [ 59.973236][ T7123] ? kfree_skbmem+0x1a4/0x1f0 [ 59.974539][ T7123] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 59.976046][ T7123] ? __pfx_lock_release+0x10/0x10 [ 59.977327][ T7123] ? rcu_is_watching+0x12/0xc0 [ 59.978626][ T7123] ? lock_release+0x4e2/0x6f0 [ 59.979870][ T7123] ? avc_has_perm_noaudit+0x119/0x3a0 [ 59.981307][ T7123] ? avc_has_perm_noaudit+0x143/0x3a0 [ 59.982733][ T7123] ? __asan_memset+0x23/0x50 [ 59.983949][ T7123] ? __nla_validate_parse+0x601/0x2880 [ 59.985504][ T7123] ? __pfx___nla_validate_parse+0x10/0x10 [ 59.987284][ T7123] ? __pfx_ref_tracker_free+0x10/0x10 [ 59.988696][ T7123] ? cap_capable+0x1cf/0x240 [ 59.989959][ T7123] ? __nla_parse+0x40/0x60 [ 59.991139][ T7123] nfnetlink_rcv+0x3c3/0x430 [ 59.992330][ T7123] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 59.993659][ T7123] netlink_unicast+0x53c/0x7f0 [ 59.994945][ T7123] ? __pfx_netlink_unicast+0x10/0x10 [ 59.996400][ T7123] netlink_sendmsg+0x8b8/0xd70 [ 59.997765][ T7123] ? __pfx_netlink_sendmsg+0x10/0x10 [ 59.999205][ T7123] __sys_sendto+0x488/0x4f0 [ 60.000379][ T7123] ? __pfx___sys_sendto+0x10/0x10 [ 60.001684][ T7123] ? rcu_is_watching+0x12/0xc0 [ 60.002918][ T7123] ? rcu_is_watching+0x12/0xc0 [ 60.004188][ T7123] __x64_sys_sendto+0xe0/0x1c0 [ 60.005450][ T7123] ? trace_irq_enable.constprop.0+0xea/0x140 [ 60.007032][ T7123] do_syscall_64+0xcd/0x250 [ 60.008216][ T7123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.009746][ T7123] RIP: 0033:0x7fde34d87bac [ 60.010917][ T7123] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 60.015841][ T7123] RSP: 002b:00007fde35b8fec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 60.017972][ T7123] RAX: ffffffffffffffda RBX: 00007fde35b8ffc0 RCX: 00007fde34d87bac [ 60.019989][ T7123] RDX: 0000000000000020 RSI: 00007fde35b90010 RDI: 0000000000000003 [ 60.022018][ T7123] RBP: 0000000000000000 R08: 00007fde35b8ff14 R09: 000000000000000c [ 60.024075][ T7123] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 60.026167][ T7123] R13: 00007fde35b8ff68 R14: 00007fde35b90010 R15: 0000000000000000 [ 60.028196][ T7123] [ 60.029100][ C2] vkms_vblank_simulate: vblank timer overrun [ 60.114844][ T7141] tmpfs: Bad value for 'mpol' [ 60.121298][ T7143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.420'. [ 60.123602][ T7143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.420'. [ 60.244175][ T7151] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 60.304170][ T7162] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 60.307302][ T39] kauditd_printk_skb: 18 callbacks suppressed [ 60.307313][ T39] audit: type=1400 audit(1734264114.727:366): avc: denied { setopt } for pid=7160 comm="syz.3.426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 60.310227][ T7162] input: syz0 as /devices/virtual/input/input8 [ 60.315006][ T39] audit: type=1400 audit(1734264114.727:367): avc: denied { bind } for pid=7160 comm="syz.3.426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 60.324784][ T7162] nbd: must specify at least one socket [ 60.411309][ T7164] FAULT_INJECTION: forcing a failure. [ 60.411309][ T7164] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 60.414637][ T7164] CPU: 1 UID: 0 PID: 7164 Comm: syz.2.427 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 60.417337][ T7164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 60.420114][ T7164] Call Trace: [ 60.420989][ T7164] [ 60.421776][ T7164] dump_stack_lvl+0x16c/0x1f0 [ 60.422994][ T7164] should_fail_ex+0x497/0x5b0 [ 60.424237][ T7164] _copy_from_user+0x2e/0xd0 [ 60.425441][ T7164] move_addr_to_kernel+0x68/0x160 [ 60.426761][ T7164] __sys_connect+0xb0/0x170 [ 60.427944][ T7164] ? __pfx___sys_connect+0x10/0x10 [ 60.429268][ T7164] ? __pfx_ksys_write+0x10/0x10 [ 60.430644][ T7164] ? rcu_is_watching+0x12/0xc0 [ 60.431881][ T7164] __x64_sys_connect+0x72/0xb0 [ 60.433122][ T7164] do_syscall_64+0xcd/0x250 [ 60.434398][ T7164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.435928][ T7164] RIP: 0033:0x7fa1ae785d19 [ 60.437081][ T7164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.442116][ T7164] RSP: 002b:00007fa1af6a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 60.444264][ T7164] RAX: ffffffffffffffda RBX: 00007fa1ae975fa0 RCX: 00007fa1ae785d19 [ 60.446329][ T7164] RDX: 0000000000000010 RSI: 0000000020000180 RDI: 0000000000000003 [ 60.448351][ T7164] RBP: 00007fa1af6a4090 R08: 0000000000000000 R09: 0000000000000000 [ 60.450466][ T7164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.452489][ T7164] R13: 0000000000000000 R14: 00007fa1ae975fa0 R15: 00007ffc116515b8 [ 60.454531][ T7164] [ 60.560676][ T39] audit: type=1326 audit(1734264114.977:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7170 comm="syz.2.430" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa1ae785d19 code=0x0 [ 60.663769][ T7172] bridge0: entered allmulticast mode [ 60.762814][ T7174] tmpfs: Bad value for 'mpol' [ 60.797360][ T5944] Bluetooth: hci3: ACL packet for unknown connection handle 3122 [ 60.802248][ T39] audit: type=1400 audit(1734264115.217:369): avc: denied { name_bind } for pid=7177 comm="syz.0.433" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 60.813262][ T7178] Process accounting resumed [ 60.825733][ T39] audit: type=1400 audit(1734264115.237:370): avc: denied { ioctl } for pid=7179 comm="syz.0.434" path="socket:[21684]" dev="sockfs" ino=21684 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 60.833105][ T39] audit: type=1400 audit(1734264115.247:371): avc: denied { read } for pid=7179 comm="syz.0.434" name="hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 60.840550][ T39] audit: type=1400 audit(1734264115.247:372): avc: denied { open } for pid=7179 comm="syz.0.434" path="/dev/hpet" dev="devtmpfs" ino=630 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 60.848727][ T39] audit: type=1400 audit(1734264115.257:373): avc: denied { ioctl } for pid=7179 comm="syz.0.434" path="/dev/hpet" dev="devtmpfs" ino=630 ioctlcmd=0x9360 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 61.031422][ T39] audit: type=1400 audit(1734264115.447:374): avc: denied { getopt } for pid=7197 comm="syz.0.440" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 61.056368][ T7201] tmpfs: Bad value for 'mpol' [ 61.225863][ T7216] cgroup: fork rejected by pids controller in /syz0 [ 61.291104][ T7232] tmpfs: Bad value for 'mpol' [ 61.309498][ T7234] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 61.311631][ T7234] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 61.313761][ T7234] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 61.316150][ T7234] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 61.318385][ T7234] vxlan0: entered promiscuous mode [ 61.319691][ T7234] vxlan0: entered allmulticast mode [ 61.884035][ T7255] tmpfs: Bad value for 'mpol' [ 62.032612][ T7260] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 62.034749][ T7260] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 62.037012][ T7260] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 62.039031][ T7260] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 62.041066][ T7260] vxlan0: entered promiscuous mode [ 62.042344][ T7260] vxlan0: entered allmulticast mode [ 62.602262][ T7270] FAULT_INJECTION: forcing a failure. [ 62.602262][ T7270] name failslab, interval 1, probability 0, space 0, times 0 [ 62.605728][ T7270] CPU: 1 UID: 0 PID: 7270 Comm: syz.2.466 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 62.608491][ T7270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 62.611243][ T7270] Call Trace: [ 62.612107][ T7270] [ 62.612896][ T7270] dump_stack_lvl+0x16c/0x1f0 [ 62.614137][ T7270] should_fail_ex+0x497/0x5b0 [ 62.615363][ T7270] should_failslab+0xc2/0x120 [ 62.616599][ T7270] __kmalloc_cache_noprof+0x68/0x410 [ 62.618014][ T7270] addr_event.constprop.0+0xcc/0x560 [ 62.619478][ T7270] inetaddr_event+0xf0/0x150 [ 62.620729][ T7270] ? __pfx_inetaddr_event+0x10/0x10 [ 62.622100][ T7270] notifier_call_chain+0xb7/0x410 [ 62.623456][ T7270] ? __pfx_inetaddr_event+0x10/0x10 [ 62.624820][ T7270] blocking_notifier_call_chain+0x69/0xa0 [ 62.626308][ T7270] __inet_del_ifa+0x561/0xf40 [ 62.627558][ T7270] devinet_ioctl+0x1379/0x1f50 [ 62.628823][ T7270] ? __pfx_devinet_ioctl+0x10/0x10 [ 62.630152][ T7270] ? _copy_from_user+0x59/0xd0 [ 62.631406][ T7270] inet_ioctl+0x3aa/0x3f0 [ 62.632525][ T7270] ? __pfx_inet_ioctl+0x10/0x10 [ 62.633844][ T7270] ? rcu_is_watching+0x12/0xc0 [ 62.635079][ T7270] ? __pfx_lock_release+0x10/0x10 [ 62.636390][ T7270] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 62.637910][ T7270] sock_do_ioctl+0x116/0x280 [ 62.639106][ T7270] ? __pfx_sock_do_ioctl+0x10/0x10 [ 62.640454][ T7270] ? preempt_count_add+0x76/0x150 [ 62.641760][ T7270] ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 62.643443][ T7270] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 62.645147][ T7270] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 62.646927][ T7270] sock_ioctl+0x228/0x6c0 [ 62.648088][ T7270] ? __pfx_sock_ioctl+0x10/0x10 [ 62.649353][ T7270] ? selinux_file_ioctl+0x180/0x270 [ 62.650728][ T7270] ? selinux_file_ioctl+0xb4/0x270 [ 62.652065][ T7270] ? __pfx_sock_ioctl+0x10/0x10 [ 62.653345][ T7270] __x64_sys_ioctl+0x190/0x200 [ 62.654607][ T7270] do_syscall_64+0xcd/0x250 [ 62.655811][ T7270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.657350][ T7270] RIP: 0033:0x7fa1ae785d19 [ 62.658544][ T7270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.663350][ T7270] RSP: 002b:00007fa1af6a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 62.665495][ T7270] RAX: ffffffffffffffda RBX: 00007fa1ae975fa0 RCX: 00007fa1ae785d19 [ 62.667548][ T7270] RDX: 0000000020000000 RSI: 0000000000008916 RDI: 0000000000000007 [ 62.669634][ T7270] RBP: 00007fa1af6a4090 R08: 0000000000000000 R09: 0000000000000000 [ 62.671663][ T7270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 62.673730][ T7270] R13: 0000000000000000 R14: 00007fa1ae975fa0 R15: 00007ffc116515b8 [ 62.675749][ T7270] [ 62.692153][ T7272] tipc: Started in network mode [ 62.693467][ T7272] tipc: Node identity 7f000001, cluster identity 4711 [ 62.696001][ T7272] tipc: Enabled bearer , priority 10 [ 63.103061][ T7289] __nla_validate_parse: 8 callbacks suppressed [ 63.103077][ T7289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.473'. [ 63.115907][ T5943] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 63.119333][ T5943] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 63.121831][ T5943] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 63.123924][ T5943] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 63.126036][ T5943] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 63.127795][ T5943] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 63.133867][ T39] audit: type=1400 audit(1734264117.547:375): avc: denied { mounton } for pid=7290 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 63.202219][ T7290] chnl_net:caif_netlink_parms(): no params data found [ 63.257456][ T7290] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.259993][ T7290] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.262601][ T7290] bridge_slave_0: entered allmulticast mode [ 63.265106][ T7290] bridge_slave_0: entered promiscuous mode [ 63.268252][ T7290] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.270661][ T7290] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.272955][ T7290] bridge_slave_1: entered allmulticast mode [ 63.275494][ T7290] bridge_slave_1: entered promiscuous mode [ 63.292050][ T7290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 63.296285][ T7290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 63.313635][ T7290] team0: Port device team_slave_0 added [ 63.316705][ T7290] team0: Port device team_slave_1 added [ 63.331175][ T7290] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 63.332960][ T7290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.340940][ T7290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 63.344356][ T7290] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 63.346418][ T7290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 63.353050][ T7290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 63.373450][ T7290] hsr_slave_0: entered promiscuous mode [ 63.376073][ T7290] hsr_slave_1: entered promiscuous mode [ 63.378369][ T7290] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 63.380356][ T7290] Cannot create hsr debugfs directory [ 63.421992][ T7290] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.486977][ T7290] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.528293][ T7290] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.578041][ T7290] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.625304][ T9] usb 6-1: new low-speed USB device number 2 using dummy_hcd [ 63.663137][ T7290] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 63.666274][ T7290] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 63.669727][ T7290] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 63.672593][ T7290] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 63.682189][ T7290] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.684194][ T7290] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.686317][ T7290] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.688085][ T7290] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.704429][ T7290] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.706171][ T30] tipc: Node number set to 2130706433 [ 63.710768][ T1177] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.713675][ T1177] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.719883][ T7290] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.723578][ T1177] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.725902][ T1177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.730018][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.732445][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.748974][ T7314] netlink: 20 bytes leftover after parsing attributes in process `syz.2.480'. [ 63.752740][ T7314] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=262 sclass=netlink_xfrm_socket pid=7314 comm=syz.2.480 [ 63.786813][ T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 63.788888][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 63.791603][ T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 63.794552][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 63.797387][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 63.800884][ T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 63.802016][ T7290] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.802814][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 63.809152][ T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 63.812077][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 63.814828][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 63.818932][ T9] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 63.822730][ T7290] veth0_vlan: entered promiscuous mode [ 63.824280][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 63.828772][ T9] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 63.831715][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 63.834451][ T9] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 63.840660][ T7290] veth1_vlan: entered promiscuous mode [ 63.846728][ T9] usb 6-1: string descriptor 0 read error: -22 [ 63.848434][ T9] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 63.850808][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.854239][ T7290] veth0_macvtap: entered promiscuous mode [ 63.854773][ T9] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 63.858037][ T7290] veth1_macvtap: entered promiscuous mode [ 63.863254][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.866022][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.868838][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.871284][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.874213][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.877049][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.880184][ T7290] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.885085][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.888242][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.890827][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.893546][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.896149][ T7290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.898756][ T7290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.901899][ T7290] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.906243][ T7290] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.908533][ T7290] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.910632][ T7290] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.912738][ T7290] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.929801][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.931748][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.940386][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.942681][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.954058][ T7330] netlink: 12 bytes leftover after parsing attributes in process `syz.2.485'. [ 64.107868][ T25] usb 6-1: USB disconnect, device number 2 [ 64.167637][ T7346] tmpfs: Bad value for 'mpol' [ 64.275861][ T7355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.493'. [ 64.312459][ T7307] netlink: 20 bytes leftover after parsing attributes in process `syz.1.477'. [ 64.339149][ T7368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.497'. [ 64.490485][ T7375] kvm: pic: non byte write [ 64.495704][ T7375] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194322 ns). Using initial count to start timer. [ 64.506925][ T7375] tipc: Enabled bearer , priority 10 [ 64.510917][ T7375] tipc: Enabled bearer , priority 0 [ 64.547982][ T7378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.501'. [ 64.654233][ T7390] netlink: 12 bytes leftover after parsing attributes in process `syz.3.504'. [ 64.659341][ T7390] netlink: 8 bytes leftover after parsing attributes in process `syz.3.504'. [ 64.663142][ T7390] netlink: 'syz.3.504': attribute type 2 has an invalid length. [ 64.665915][ T7390] netlink: 12 bytes leftover after parsing attributes in process `syz.3.504'. [ 64.679564][ T7390] binder: Bad value for 'max' [ 64.854044][ T7400] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 64.857493][ T7400] FAULT_INJECTION: forcing a failure. [ 64.857493][ T7400] name failslab, interval 1, probability 0, space 0, times 0 [ 64.860738][ T7400] CPU: 0 UID: 0 PID: 7400 Comm: syz.3.507 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 64.863426][ T7400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.866205][ T7400] Call Trace: [ 64.867111][ T7400] [ 64.867899][ T7400] dump_stack_lvl+0x16c/0x1f0 [ 64.869167][ T7400] should_fail_ex+0x497/0x5b0 [ 64.870426][ T7400] ? fs_reclaim_acquire+0xae/0x150 [ 64.871672][ T7400] should_failslab+0xc2/0x120 [ 64.872845][ T7400] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 64.874381][ T7400] ? __pfx___might_resched+0x10/0x10 [ 64.875796][ T7400] ? alloc_vmap_area+0x636/0x2a70 [ 64.877102][ T7400] alloc_vmap_area+0x636/0x2a70 [ 64.878407][ T7400] ? __pfx_alloc_vmap_area+0x10/0x10 [ 64.879777][ T7400] __get_vm_area_node+0x19e/0x2f0 [ 64.881197][ T7400] __vmalloc_node_range_noprof+0x26a/0x1530 [ 64.882739][ T7400] ? vimc_scaler_s_stream+0x580/0x6d0 [ 64.884136][ T7400] ? rcu_is_watching+0x12/0xc0 [ 64.885418][ T7400] ? __mutex_lock+0x1cc/0xa60 [ 64.886667][ T7400] ? vimc_scaler_s_stream+0x580/0x6d0 [ 64.887135][ T7402] fuse: Unknown parameter 'Ë+RsUÏy' [ 64.888124][ T7400] ? __mutex_unlock_slowpath+0x164/0x690 [ 64.891363][ T7400] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 64.892881][ T7400] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 64.894410][ T7400] ? vimc_scaler_s_stream+0x580/0x6d0 [ 64.895870][ T7400] vmalloc_noprof+0x6b/0x90 [ 64.897046][ T7400] ? vimc_scaler_s_stream+0x580/0x6d0 [ 64.898473][ T7400] vimc_scaler_s_stream+0x580/0x6d0 [ 64.899818][ T7400] ? __pfx___media_pipeline_start+0x10/0x10 [ 64.901348][ T7400] call_s_stream+0xe6/0x350 [ 64.902559][ T7400] ? __pfx_call_s_stream+0x10/0x10 [ 64.903876][ T7400] ? __pfx_vimc_scaler_s_stream+0x10/0x10 [ 64.905295][ T7400] vimc_streamer_s_stream+0x5a3/0x9a0 [ 64.906685][ T7400] vimc_capture_start_streaming+0xa1/0x130 [ 64.908185][ T7400] ? __pfx_vimc_capture_start_streaming+0x10/0x10 [ 64.909795][ T7400] vb2_start_streaming+0x15f/0x5a0 [ 64.911120][ T7400] ? __bitmap_weight+0xdc/0x110 [ 64.912388][ T7400] vb2_core_streamon+0x2a7/0x450 [ 64.913737][ T7400] vb2_ioctl_streamon+0xf4/0x170 [ 64.915018][ T7400] __video_do_ioctl+0xaf0/0xf00 [ 64.916270][ T7400] ? __pfx___video_do_ioctl+0x10/0x10 [ 64.917651][ T7400] ? __might_fault+0xe3/0x190 [ 64.918818][ T7400] video_usercopy+0x4d2/0x1620 [ 64.920056][ T7400] ? __pfx___video_do_ioctl+0x10/0x10 [ 64.921367][ T7400] ? __pfx_video_usercopy+0x10/0x10 [ 64.922665][ T7400] v4l2_ioctl+0x1ba/0x250 [ 64.923722][ T7400] ? __pfx_v4l2_ioctl+0x10/0x10 [ 64.924913][ T7400] __x64_sys_ioctl+0x190/0x200 [ 64.926117][ T7400] do_syscall_64+0xcd/0x250 [ 64.927246][ T7400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.928710][ T7400] RIP: 0033:0x7fc17ff85d19 [ 64.929798][ T7400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.934529][ T7400] RSP: 002b:00007fc180d1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 64.936634][ T7400] RAX: ffffffffffffffda RBX: 00007fc180175fa0 RCX: 00007fc17ff85d19 [ 64.938673][ T7400] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003 [ 64.940645][ T7400] RBP: 00007fc180d1d090 R08: 0000000000000000 R09: 0000000000000000 [ 64.942635][ T7400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.944546][ T7400] R13: 0000000000000000 R14: 00007fc180175fa0 R15: 00007fff4a4b9c98 [ 64.946517][ T7400] [ 64.948133][ T7400] syz.3.507: vmalloc error: size 921600, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 64.952026][ T7400] CPU: 0 UID: 0 PID: 7400 Comm: syz.3.507 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 64.954640][ T7400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.957329][ T7400] Call Trace: [ 64.958209][ T7400] [ 64.958967][ T7400] dump_stack_lvl+0x16c/0x1f0 [ 64.960163][ T7400] warn_alloc+0x24d/0x3a0 [ 64.961257][ T7400] ? __pfx_warn_alloc+0x10/0x10 [ 64.962510][ T7400] ? kfree+0x14f/0x4b0 [ 64.963539][ T7400] ? __get_vm_area_node+0x1dc/0x2f0 [ 64.964883][ T7400] __vmalloc_node_range_noprof+0xd27/0x1530 [ 64.966422][ T7400] ? rcu_is_watching+0x12/0xc0 [ 64.967638][ T7400] ? __mutex_lock+0x1cc/0xa60 [ 64.968935][ T7400] ? vimc_scaler_s_stream+0x580/0x6d0 [ 64.970316][ T7400] ? __mutex_unlock_slowpath+0x164/0x690 [ 64.971961][ T7400] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 64.974083][ T7400] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 64.976145][ T7400] ? vimc_scaler_s_stream+0x580/0x6d0 [ 64.978034][ T7400] vmalloc_noprof+0x6b/0x90 [ 64.979178][ T7400] ? vimc_scaler_s_stream+0x580/0x6d0 [ 64.980556][ T7400] vimc_scaler_s_stream+0x580/0x6d0 [ 64.981870][ T7400] ? __pfx___media_pipeline_start+0x10/0x10 [ 64.983368][ T7400] call_s_stream+0xe6/0x350 [ 64.984559][ T7400] ? __pfx_call_s_stream+0x10/0x10 [ 64.985884][ T7400] ? __pfx_vimc_scaler_s_stream+0x10/0x10 [ 64.987370][ T7400] vimc_streamer_s_stream+0x5a3/0x9a0 [ 64.988823][ T7400] vimc_capture_start_streaming+0xa1/0x130 [ 64.990334][ T7400] ? __pfx_vimc_capture_start_streaming+0x10/0x10 [ 64.991971][ T7400] vb2_start_streaming+0x15f/0x5a0 [ 64.993312][ T7400] ? __bitmap_weight+0xdc/0x110 [ 64.994610][ T7400] vb2_core_streamon+0x2a7/0x450 [ 64.995971][ T7400] vb2_ioctl_streamon+0xf4/0x170 [ 64.997231][ T7400] __video_do_ioctl+0xaf0/0xf00 [ 64.998481][ T7400] ? __pfx___video_do_ioctl+0x10/0x10 [ 64.999877][ T7400] ? __might_fault+0xe3/0x190 [ 65.001118][ T7400] video_usercopy+0x4d2/0x1620 [ 65.002393][ T7400] ? __pfx___video_do_ioctl+0x10/0x10 [ 65.003712][ T7400] ? __pfx_video_usercopy+0x10/0x10 [ 65.005068][ T7400] v4l2_ioctl+0x1ba/0x250 [ 65.006219][ T7400] ? __pfx_v4l2_ioctl+0x10/0x10 [ 65.007491][ T7400] __x64_sys_ioctl+0x190/0x200 [ 65.008750][ T7400] do_syscall_64+0xcd/0x250 [ 65.009905][ T7400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.011400][ T7400] RIP: 0033:0x7fc17ff85d19 [ 65.012511][ T7400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.017397][ T7400] RSP: 002b:00007fc180d1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 65.019557][ T7400] RAX: ffffffffffffffda RBX: 00007fc180175fa0 RCX: 00007fc17ff85d19 [ 65.021492][ T7400] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003 [ 65.023615][ T7400] RBP: 00007fc180d1d090 R08: 0000000000000000 R09: 0000000000000000 [ 65.025718][ T7400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.027758][ T7400] R13: 0000000000000000 R14: 00007fc180175fa0 R15: 00007fff4a4b9c98 [ 65.029794][ T7400] [ 65.031285][ T7404] process 'syz.1.508' launched '/dev/fd/7' with NULL argv: empty string added [ 65.031316][ T7400] Mem-Info: [ 65.034551][ T7400] active_anon:11687 inactive_anon:0 isolated_anon:0 [ 65.034551][ T7400] active_file:15047 inactive_file:38405 isolated_file:0 [ 65.034551][ T7400] unevictable:1768 dirty:89 writeback:0 [ 65.034551][ T7400] slab_reclaimable:11660 slab_unreclaimable:73161 [ 65.034551][ T7400] mapped:26404 shmem:8920 pagetables:757 [ 65.034551][ T7400] sec_pagetables:307 bounce:0 [ 65.034551][ T7400] kernel_misc_reclaimable:0 [ 65.034551][ T7400] free:463048 free_pcp:1970 free_cma:0 [ 65.046409][ T7400] Node 0 active_anon:49848kB inactive_anon:0kB active_file:60188kB inactive_file:153544kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:105740kB dirty:356kB writeback:0kB shmem:35120kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12176kB pagetables:3028kB sec_pagetables:1228kB all_unreclaimable? no [ 65.054997][ T7400] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 65.062971][ T7400] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 65.070439][ T7400] lowmem_reserve[]: 0 1212 0 0 0 [ 65.071924][ T7400] Node 0 DMA32 free:232348kB boost:0kB min:27608kB low:34508kB high:41408kB reserved_highatomic:0KB active_anon:55552kB inactive_anon:0kB active_file:60188kB inactive_file:153544kB unevictable:3536kB writepending:356kB present:2080628kB managed:1269904kB mlocked:0kB bounce:0kB free_pcp:6248kB local_pcp:1364kB free_cma:0kB [ 65.080056][ T7400] lowmem_reserve[]: 0 0 0 0 0 [ 65.081444][ T7400] Node 1 Normal free:1595216kB boost:0kB min:39632kB low:49540kB high:59448kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781924kB mlocked:0kB bounce:0kB free_pcp:2276kB local_pcp:688kB free_cma:0kB [ 65.089114][ T7400] lowmem_reserve[]: 0 0 0 0 0 [ 65.090434][ T7400] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 65.093742][ T7400] Node 0 DMA32: 2*4kB (UE) 14*8kB (UE) 5*16kB (UME) 13*32kB (E) 6*64kB (UME) 3*128kB (E) 1*256kB (E) 6*512kB (M) 6*1024kB (M) 5*2048kB (UME) 50*4096kB (M) = 225896kB [ 65.098320][ T7400] Node 1 Normal: 2*4kB (ME) 9*8kB (ME) 10*16kB (ME) 85*32kB (UME) 53*64kB (UME) 15*128kB (UME) 7*256kB (UE) 6*512kB (UME) 3*1024kB (UE) 3*2048kB (UME) 384*4096kB (M) = 1595216kB [ 65.103308][ T7400] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 65.105880][ T7400] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 65.108304][ T7400] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 65.110787][ T7400] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 65.113217][ T7400] 67535 total pagecache pages [ 65.114589][ T7400] 0 pages in swap cache [ 65.115695][ T7400] Free swap = 124984kB [ 65.116846][ T7400] Total swap = 124996kB [ 65.117997][ T7400] 1048443 pages RAM [ 65.119010][ T7400] 0 pages HighMem/MovableOnly [ 65.120282][ T7400] 281646 pages reserved [ 65.121401][ T7400] 0 pages cma reserved [ 65.122494][ T7400] vimc vimc.0: subdev_call error Scaler [ 65.124243][ T7400] ------------[ cut here ]------------ [ 65.125783][ T7400] WARNING: CPU: 1 PID: 7400 at drivers/media/v4l2-core/v4l2-subdev.c:460 call_s_stream+0x2df/0x350 [ 65.128610][ T7400] Modules linked in: [ 65.130252][ T7400] CPU: 1 UID: 0 PID: 7400 Comm: syz.3.507 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 65.134618][ T7400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.137441][ T7400] RIP: 0010:call_s_stream+0x2df/0x350 [ 65.138896][ T7400] Code: c1 ea 03 80 3c 02 00 75 75 48 8b bb 08 01 00 00 44 89 e2 48 c7 c6 00 17 4f 8c e8 bc 43 39 fe e9 54 fe ff ff e8 62 79 0e fa 90 <0f> 0b 90 e9 cb fe ff ff 4c 89 f7 e8 11 27 71 fa e9 48 fd ff ff e8 [ 65.144221][ T7400] RSP: 0018:ffffc900046dfa60 EFLAGS: 00010293 [ 65.145973][ T7400] RAX: 0000000000000000 RBX: ffff88802b283020 RCX: ffffffff878b879e [ 65.148100][ T7400] RDX: ffff888051408000 RSI: ffffffff878b8a1e RDI: 0000000000000000 [ 65.150235][ T7400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 65.152475][ T7400] R10: 0000000000000000 R11: 00000000636d6976 R12: dffffc0000000000 [ 65.154912][ T7400] R13: 0000000000000000 R14: ffff88802b283198 R15: ffffffff87de3560 [ 65.157083][ T7400] FS: 00007fc180d1d6c0(0000) GS:ffff88806a700000(0000) knlGS:0000000000000000 [ 65.159488][ T7400] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 65.161275][ T7400] CR2: 00007fde35b71880 CR3: 000000004de08000 CR4: 0000000000352ef0 [ 65.163364][ T7400] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 65.165621][ T7400] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 65.168656][ T7400] Call Trace: [ 65.169822][ T7400] [ 65.170612][ T7400] ? __warn+0xea/0x3c0 [ 65.171713][ T7400] ? call_s_stream+0x2df/0x350 [ 65.172986][ T7400] ? report_bug+0x3c0/0x580 [ 65.174497][ T7400] ? handle_bug+0x54/0xa0 [ 65.176027][ T7400] ? exc_invalid_op+0x17/0x50 [ 65.177127][ T5944] Bluetooth: hci3: command tx timeout [ 65.177302][ T7400] ? asm_exc_invalid_op+0x1a/0x20 [ 65.180326][ T7400] ? __pfx_vimc_scaler_s_stream+0x10/0x10 [ 65.181896][ T7400] ? call_s_stream+0x5e/0x350 [ 65.183157][ T7400] ? call_s_stream+0x2de/0x350 [ 65.184445][ T7400] ? call_s_stream+0x2df/0x350 [ 65.185816][ T7400] ? __pfx_call_s_stream+0x10/0x10 [ 65.187188][ T7400] vimc_streamer_pipeline_terminate+0x218/0x320 [ 65.188979][ T7400] ? __pfx_vimc_scaler_s_stream+0x10/0x10 [ 65.190487][ T7400] vimc_streamer_s_stream+0x650/0x9a0 [ 65.191883][ T7400] vimc_capture_start_streaming+0xa1/0x130 [ 65.193394][ T7400] ? __pfx_vimc_capture_start_streaming+0x10/0x10 [ 65.195171][ T7400] vb2_start_streaming+0x15f/0x5a0 [ 65.196512][ T7400] ? __bitmap_weight+0xdc/0x110 [ 65.197859][ T7400] vb2_core_streamon+0x2a7/0x450 [ 65.199172][ T7400] vb2_ioctl_streamon+0xf4/0x170 [ 65.200472][ T7400] __video_do_ioctl+0xaf0/0xf00 [ 65.201767][ T7400] ? __pfx___video_do_ioctl+0x10/0x10 [ 65.203163][ T7400] ? __might_fault+0xe3/0x190 [ 65.204493][ T7400] video_usercopy+0x4d2/0x1620 [ 65.205869][ T7400] ? __pfx___video_do_ioctl+0x10/0x10 [ 65.207269][ T7400] ? __pfx_video_usercopy+0x10/0x10 [ 65.208657][ T7400] v4l2_ioctl+0x1ba/0x250 [ 65.209798][ T7400] ? __pfx_v4l2_ioctl+0x10/0x10 [ 65.211071][ T7400] __x64_sys_ioctl+0x190/0x200 [ 65.212350][ T7400] do_syscall_64+0xcd/0x250 [ 65.213572][ T7400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.215201][ T7400] RIP: 0033:0x7fc17ff85d19 [ 65.216397][ T7400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.221456][ T7400] RSP: 002b:00007fc180d1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 65.223570][ T7400] RAX: ffffffffffffffda RBX: 00007fc180175fa0 RCX: 00007fc17ff85d19 [ 65.225681][ T7400] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003 [ 65.227856][ T7400] RBP: 00007fc180d1d090 R08: 0000000000000000 R09: 0000000000000000 [ 65.229903][ T7400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.231852][ T7400] R13: 0000000000000000 R14: 00007fc180175fa0 R15: 00007fff4a4b9c98 [ 65.233855][ T7400] [ 65.234651][ T7400] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 65.236526][ T7400] CPU: 1 UID: 0 PID: 7400 Comm: syz.3.507 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 [ 65.239207][ T7400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.241958][ T7400] Call Trace: [ 65.242773][ T7400] [ 65.243566][ T7400] dump_stack_lvl+0x3d/0x1f0 [ 65.244812][ T7400] panic+0x71d/0x800 [ 65.245860][ T7400] ? __pfx_panic+0x10/0x10 [ 65.247034][ T7400] ? show_trace_log_lvl+0x29d/0x3d0 [ 65.248378][ T7400] ? check_panic_on_warn+0x1f/0xb0 [ 65.249626][ T7400] ? call_s_stream+0x2df/0x350 [ 65.250845][ T7400] check_panic_on_warn+0xab/0xb0 [ 65.252072][ T7400] __warn+0xf6/0x3c0 [ 65.253078][ T7400] ? call_s_stream+0x2df/0x350 [ 65.254297][ T7400] report_bug+0x3c0/0x580 [ 65.255398][ T7400] handle_bug+0x54/0xa0 [ 65.256468][ T7400] exc_invalid_op+0x17/0x50 [ 65.257658][ T7400] asm_exc_invalid_op+0x1a/0x20 [ 65.258905][ T7400] RIP: 0010:call_s_stream+0x2df/0x350 [ 65.260206][ T7400] Code: c1 ea 03 80 3c 02 00 75 75 48 8b bb 08 01 00 00 44 89 e2 48 c7 c6 00 17 4f 8c e8 bc 43 39 fe e9 54 fe ff ff e8 62 79 0e fa 90 <0f> 0b 90 e9 cb fe ff ff 4c 89 f7 e8 11 27 71 fa e9 48 fd ff ff e8 [ 65.264926][ T7400] RSP: 0018:ffffc900046dfa60 EFLAGS: 00010293 [ 65.266486][ T7400] RAX: 0000000000000000 RBX: ffff88802b283020 RCX: ffffffff878b879e [ 65.268478][ T7400] RDX: ffff888051408000 RSI: ffffffff878b8a1e RDI: 0000000000000000 [ 65.270966][ T7400] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 65.273469][ T7400] R10: 0000000000000000 R11: 00000000636d6976 R12: dffffc0000000000 [ 65.275492][ T7400] R13: 0000000000000000 R14: ffff88802b283198 R15: ffffffff87de3560 [ 65.277566][ T7400] ? __pfx_vimc_scaler_s_stream+0x10/0x10 [ 65.279029][ T7400] ? call_s_stream+0x5e/0x350 [ 65.280212][ T7400] ? call_s_stream+0x2de/0x350 [ 65.281424][ T7400] ? __pfx_call_s_stream+0x10/0x10 [ 65.282735][ T7400] vimc_streamer_pipeline_terminate+0x218/0x320 [ 65.284313][ T7400] ? __pfx_vimc_scaler_s_stream+0x10/0x10 [ 65.285749][ T7400] vimc_streamer_s_stream+0x650/0x9a0 [ 65.287067][ T7400] vimc_capture_start_streaming+0xa1/0x130 [ 65.288594][ T7400] ? __pfx_vimc_capture_start_streaming+0x10/0x10 [ 65.290719][ T7400] vb2_start_streaming+0x15f/0x5a0 [ 65.292369][ T7400] ? __bitmap_weight+0xdc/0x110 [ 65.293960][ T7400] vb2_core_streamon+0x2a7/0x450 [ 65.295288][ T7400] vb2_ioctl_streamon+0xf4/0x170 [ 65.296706][ T7400] __video_do_ioctl+0xaf0/0xf00 [ 65.297944][ T7400] ? __pfx___video_do_ioctl+0x10/0x10 [ 65.299340][ T7400] ? __might_fault+0xe3/0x190 [ 65.300595][ T7400] video_usercopy+0x4d2/0x1620 [ 65.301836][ T7400] ? __pfx___video_do_ioctl+0x10/0x10 [ 65.303169][ T7400] ? __pfx_video_usercopy+0x10/0x10 [ 65.304476][ T7400] v4l2_ioctl+0x1ba/0x250 [ 65.305591][ T7400] ? __pfx_v4l2_ioctl+0x10/0x10 [ 65.306842][ T7400] __x64_sys_ioctl+0x190/0x200 [ 65.308055][ T7400] do_syscall_64+0xcd/0x250 [ 65.309244][ T7400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.310761][ T7400] RIP: 0033:0x7fc17ff85d19 [ 65.311903][ T7400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.316868][ T7400] RSP: 002b:00007fc180d1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 65.319072][ T7400] RAX: ffffffffffffffda RBX: 00007fc180175fa0 RCX: 00007fc17ff85d19 [ 65.321132][ T7400] RDX: 0000000020000000 RSI: 0000000040045612 RDI: 0000000000000003 [ 65.323232][ T7400] RBP: 00007fc180d1d090 R08: 0000000000000000 R09: 0000000000000000 [ 65.325316][ T7400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.327380][ T7400] R13: 0000000000000000 R14: 00007fc180175fa0 R15: 00007fff4a4b9c98 [ 65.329500][ T7400] [ 65.330905][ T7400] Kernel Offset: disabled [ 65.332048][ T7400] Rebooting in 86400 seconds.. VM DIAGNOSIS: 11:19:19 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=ffff888032cf7220 RCX=ffffffff81e1766d RDX=1ffff1100659ee44 RSI=ffffffff81e1767b RDI=0000000000000007 RBP=ffff88804dd58000 RSP=ffffc900046cf1d8 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffff88802a8fe6d8 R13=0000000000000001 R14=000000000000000e R15=ffff88802a8fe6c8 RIP=ffffffff81e176db RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fde35b6ff98 CR3=000000004dd58000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000001000000 Opmask01=0000000001000003 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc11651950 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1ae8029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1ae8029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1ae8029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1ae8029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1ae802a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fa1ae802b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000003e8 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 0000000000000000 0000000000000000 00000000000003e8 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851b80e5 RDI=ffffffff9ab0cc20 RBP=ffffffff9ab0cbe0 RSP=ffffc900046df3c8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552031203a555043 R12=0000000000000000 R13=0000000000000033 R14=ffffffff851b8080 R15=0000000000000000 RIP=ffffffff851b810f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fc180d1d6c0 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fde35b71880 CR3=000000004de08000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000080000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff4a4ba030 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc1800029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc1800029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc1800029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc1800029cd ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc180002a53 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc180002b31 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 EAX=e08ee96b EBX=0000000a ECX=00000088 EDX=0000f1fb ESI=0000fff5 EDI=0000fff5 EBP=00000000 ESP=0000f69e EIP=0000e943 EFL=00000413 [D---A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =f200 000f2000 0000ffff 00009300 CS =0000 00000000 0000ffff 00009b00 SS =0000 00000000 0000ffff 00009300 DS =0000 00000000 0000ffff 00009300 FS =0000 00000000 0000ffff 00009300 GS =0000 00000000 0000ffff 00009300 LDT=0000 00000000 0000ffff 00008200 TR =0000 00000000 0000ffff 00008b00 GDT= 00000000 0000ffff IDT= 00000000 0000ffff CR0=00000030 CR2=00000000 CR3=00000000 CR4=00002040 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000000 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde34e029b2 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde34e029bf ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde34e029b9 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fde34e029cd info registers vcpu 3 CPU#3 RAX=fffff940001b9700 RBX=fffff940001b9701 RCX=ffffffff81d467df RDX=0000000000000001 RSI=0000000000000008 RDI=ffffea0000dcb800 RBP=fffff940001b9700 RSP=ffffc900056af7d0 R8 =0000000000000000 R9 =fffff940001b9700 R10=ffffea0000dcb807 R11=1ffff1100448308a R12=ffffea0000dcb800 R13=0000000000000000 R14=0000000000000000 R15=ffffc900056afcc8 RIP=ffffffff81fcab7b RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fad262a7d60 CR3=000000000df7e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=000000000000ffff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fad2574b6a3 00007fad2574b6a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffc39eb42f0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556abf5b69 000055556abf59b0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556abfebe3 000055556abfe9e0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100040880a2d8a4 0800010000000806 06012f8800001207 0208000003018004 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1881a2d890080001 000000080606012f 8600000001ffffff fffffffffff90801 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a20300020001a003 0008000198030208 0001900302080001 88030c0800018003 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0410002080a9a810 0009800406005fb4 00236f656469762f 7665642f01ffffff ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008013af2006e75 742f74656e2f7665 642f01ffffffffff ffffffe50800030c ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 45425f434900414e 41445f444c005242 494c444449005f44 4c00574f4e5f444e ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000004644 4c0057444c004441 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000