last executing test programs: 3.294992372s ago: executing program 3 (id=625): r0 = socket$unix(0x1, 0x1, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfbffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xfff3, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000280)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0xd, 0x5}, {}, {0x7, 0x2}}}, 0x24}, 0x1, 0xca88}, 0x800) 3.204931176s ago: executing program 3 (id=626): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x10001, 0x0, 0x9, 0x2b9c9d, 0x1000000}) 3.20460867s ago: executing program 3 (id=627): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) chdir(&(0x7f00000000c0)='./bus\x00') r0 = creat(&(0x7f0000000440)='./bus\x00', 0xf2) open_by_handle_at(r0, &(0x7f0000000140)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0xfb, {0x6, 0x6, 0x7fff, 0x5, 0xf, 0x8000}}, 0x551002) 3.144402463s ago: executing program 3 (id=628): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @sk_skb=0x26}, 0x94) setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f0000000040)={@rand_addr=0x64010102, @empty, 0x2, "4f6fb4d1af0f724e6118ecfbac0200843af29708e2355d0e7ea0c5c8ce1a00", 0xfffffffc, 0x4, 0x81, 0x800}, 0x3c) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0) socket$unix(0x1, 0x1, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) openat$pidfd(0xffffffffffffff9c, 0x0, 0x40081, 0x0) r1 = socket(0xa, 0x1, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, 0x0, 0x0) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000001a00)=ANY=[], 0x610) socket(0xa, 0x1, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x4004090) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x20000004}, 0x40020) syz_open_dev$usbmon(&(0x7f0000000140), 0x0, 0x0) r4 = syz_usbip_server_init(0x1) syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0) write$usbip_server(r4, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000000300000001"], 0x35) socket$nl_netfilter(0x10, 0x3, 0xc) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004980), 0x0, 0x0) shutdown(0xffffffffffffffff, 0x1) 1.889661406s ago: executing program 2 (id=668): mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x2710, &(0x7f00000010c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xc000}}) 1.824815844s ago: executing program 2 (id=671): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c0000ff", @ANYRES16=r1, @ANYBLOB="430325bd7000fcffffff0c00000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4000044}, 0x0) 1.824577638s ago: executing program 0 (id=673): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x74, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$char_usb(r0, &(0x7f00000001c0)="64e9", 0x2) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000740)=[0x2], 0x0, 0x0, 0x1}}, 0x40) (fail_nth: 4) 1.82444499s ago: executing program 2 (id=674): socket$nl_route(0x10, 0x3, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0xb8082, 0x0) write$cgroup_int(r0, &(0x7f0000000040)=0x1f00, 0x12) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$rds(0x15, 0x5, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010007c0000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000010900020073797a310000000008000a40fffffffc400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c000180050001"], 0xa4}}, 0x40) bind$rds(r1, &(0x7f00000000c0)={0x2, 0x1, @loopback}, 0x10) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20940, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r6, 0x40085112, &(0x7f0000000300)=@v={0x93, 0x3, 0x80, 0x0, @generic}) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28) ioctl$KVM_RUN(r5, 0xae80, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xc, @private1={0xfc, 0x1, '\x00', 0xfe}, 0x14}, 0x1c, 0x0}, 0x20000800) setrlimit(0xf, &(0x7f0000000000)={0x2, 0x4000000005}) getpeername(0xffffffffffffffff, &(0x7f0000000240)=@ethernet={0x0, @remote}, &(0x7f0000000080)=0xfffffeb1) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) mmap$usbmon(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000008, 0x10010, r0, 0xc) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000005200010000000000000000000a000000080001"], 0x1c}}, 0x800) getpid() bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0xbb, &(0x7f0000000100)}, 0x10) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz0\x00', 0x200002, 0x0) openat$cgroup_ro(r7, &(0x7f0000000240)='memory.stat\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) 1.593365701s ago: executing program 0 (id=676): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000001100000000030000005800018044000400200001000a000008000000fffe800000000000000000000000000010f8000000200002000a00000000000000ff020000000000000000000000000001000000000d0001007564703a73797a"], 0x6c}}, 0x0) 1.513720574s ago: executing program 1 (id=677): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = creat(&(0x7f0000000440)='./bus\x00', 0xf2) open_by_handle_at(r0, &(0x7f0000000140)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0xfb, {0x6, 0x6, 0x7fff, 0x5, 0xf, 0x8000}}, 0x551002) 1.512711075s ago: executing program 1 (id=678): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x28011, r2, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newtclass={0x24, 0x28, 0x400, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x1, 0x1}, {0x0, 0x1}, {0xb, 0x9}}}, 0x24}}, 0x20000000) preadv(r2, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.512327781s ago: executing program 0 (id=679): r0 = socket$kcm(0xa, 0x922000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @empty, 0x9}, 0x80, 0x0}, 0x4000000000000000) 1.434399337s ago: executing program 0 (id=680): r0 = socket$nl_route(0x10, 0x3, 0x0) openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) (async) r1 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) lseek(r1, 0x8000000000000000, 0x4) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20101}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}, @IFLA_BOND_TLB_DYNAMIC_LB={0x5}]}}}]}, 0x44}}, 0x0) 1.434142384s ago: executing program 2 (id=681): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r0, &(0x7f0000000e00)={0xfc, {"a2e3ad09ed0d09f91b38071887f70e09d038e7ff7fc6e5539b0d9f0a8b089b3f383163030890e0879b0a71c6e70a9b336c959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b39070d074d090acd3b78130daa61d8e804003e065802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae13f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea77b5602984e4de7c6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cff7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f19880f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999b596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f203903dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efe5496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5ca00000000000000008734dd73583df292892448039ef799cf0630becdcce04579f5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001efe3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebd078ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9dec58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0006087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c2769310123cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1de51f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d4db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e593ded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaeb81abf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72932b99b380000000000000006859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec8982b6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002601e87b162dadc600", 0x1000}}, 0x1062) 1.299420674s ago: executing program 0 (id=682): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00'}) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000050000000100000001000013040000000200000088060000ff0f0000002e2e"], 0x0, 0x35}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180005000000ffff000077b9080000009500000000d3a07e"], &(0x7f0000000080)='GPL\x00', 0x7, 0x4fa, &(0x7f0000000cc0)=""/4096, 0x40f00, 0x5, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000002c0)={0x0, 0x2, 0x4, 0x9}, 0x1, 0x0, 0x0, 0xff3e, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94) sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x20008004) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x0, 0x0, 0x0, 0x8, 0xffffffba, 0x0, 0x40f00, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xd4, 0x0, 0x0, 0x0, 0xec}, 0x94) 1.299286631s ago: executing program 2 (id=683): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4004840}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc0100000000000000000000001f0000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0) 1.244940752s ago: executing program 0 (id=684): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000003d) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) syz_open_pts(r0, 0x24041) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32=r6, @ANYBLOB="080006005c"], 0x24}}, 0x4000) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r7], 0x1c}}, 0x4008054) fcntl$setsig(r1, 0xa, 0x20) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) 1.162586887s ago: executing program 2 (id=685): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005400e50100000000fdffffff07000000", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32=r5, @ANYBLOB="010000007f"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtaction={0x18c, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x178, 0x1, [@m_csum={0x148, 0x0, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c}]}, {0x100, 0x6, "db311510c434f2ce231f1258f7ec4fa3f7818f29609a026db035fd7572afaac6c985114a4aed36659f34f80328807ae25cacd9a9d9acd690e8a1b6ded6c672d4e820359a4b72c906a3cd70be85f6f0e6847b048b7788d1c9527f6ecbbb6ff9c83f6bd05e5e7d03cf7a1d755f6f157c45009775d40e39a36ab06fe1171e9a738dd8255a7c86f2d9d0ad8d25d3fe4001b9ad363c5d41cbea525530c0d27c97d981fb49e8156a3f139619bee0b6e2d9722a971feb6ecdb936387ed053e8d1e6a4062e899e070031cda7a4a3d91a834800889d83828f3a6614811b8b5afe6b6cb7c49eb8250c88e95be214ff4455ce68df3359a2a935d40690ddbad9f904"}, {0xc}, {0xc}}}, @m_nat={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x18c}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_MESH(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000000f00000008000300", @ANYRES64=r7], 0x2c}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'gre0\x00', &(0x7f0000000040)={'tunl0\x00', 0x0, 0x40, 0x1, 0xc47, 0x6, {{0xa, 0x4, 0x2, 0x2, 0x28, 0x67, 0x0, 0x7a, 0x0, 0x0, @multicast1, @loopback, {[@lsrr={0x83, 0x13, 0x96, [@multicast2, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback]}, @noop]}}}}}) sendmsg$nl_route(r6, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000006a0001002abd7000fddbdf250a000000000000000800050044f24259fef8cb75d880d332c7ef75d85ceb9af24d69478dc81ee733107e33b909", @ANYRES32=r10, @ANYBLOB="0400090004000b000400090004000b0008000a000100000004000b0004000900"], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x4041) 1.160854508s ago: executing program 1 (id=686): r0 = socket$kcm(0x2, 0xa, 0x2) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000100)=@ethtool_sfeatures={0x51, 0x1, [{0x10001, 0x8}]}}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/vlan/config\x00') pread64(r2, &(0x7f0000000780)=""/185, 0xb9, 0x3c) read$FUSE(r2, &(0x7f0000000200)={0x2020}, 0x2020) bind$bt_hci(r1, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='numa_maps\x00') preadv(r3, &(0x7f0000000000)=[{&(0x7f0000001200)=""/4112, 0x1010}], 0x1, 0x800, 0x0) write(r1, &(0x7f0000000040)="05000000010001", 0x7) recvmmsg(r1, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x40000000, &(0x7f0000000980)) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000000, 0x5d032, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xbdf210f25e63a962, 0x8031, 0xffffffffffffffff, 0x3000) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0) close(r4) ioctl$SIOCSIFHWADDR(r4, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008dffff"}) read$proc_mixer(r4, &(0x7f0000000000)=""/23, 0x17) 1.00284487s ago: executing program 1 (id=687): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = creat(&(0x7f0000000440)='./bus\x00', 0xf2) open_by_handle_at(r0, &(0x7f0000000140)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0xfb, {0x6, 0x6, 0x7fff, 0x5, 0xf, 0x8000}}, 0x551002) 954.835983ms ago: executing program 1 (id=688): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1c) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000005c0)={"341ce1e71f4aba54826499cb6a055b56a5a7336f377a556f824db28eb6743cf045afd0e932534b9eb3b847abbcef63c85319991745999ed89ff49783a84d57cf175a89f8733d74a1bdddcb0a6c3f7535e7976e79670b00006403f6710d606fafaf685ec19f369b7829b12aa2b8cd2ab52f9c688683979cdb9516cb61f2adb9aefd44fee30bddb81ebefa818f31f60d89a4e390920c7ed0e2512fd59f719e734b0a1d1f3ff7babb54258a1585514aac0b000000733671e0543929c06f72fc598939003ac6777f3497523536fd25ac4f1e265f5038fa7455f2cc6131d4a189a16b0f0b89e6a495e1d95b840c36488adc22cb2d1b8af57f6dce7214152ba1b3c0d3ad0a6db821518e44b24cb36a02d76ea11a1c45879fc77e7bb2af8c345ddddf49f41228df2114f2c27d16499fa36097a5015ad61a6a9484c09e0a2dfb50f70e0ae03be775e472cd31d6a31e615937c38e746a5c000000004242990dd497a2c52ab50300000000000000cebbd983c3f86dbe92c4b751c04693cb09af88521ab305ceabf6d2bab40bb1b219fbe95ace2f6c49fea798e76b4ef336dff5ac0f7ab022b800ac1aa42fd231b52465a410177ed85dcc9c6d794e2a85fa16e3cbc3a9d6c83ffd4d01e5ba898555eeffccf0cb28ce5df02fdcb486455bca57edf4fb14e1533554eb22527d66a28a960c430f6136927f54e670c46292454fe28485f35405025844fd24fe846f6656c77d9b5f2b4750ac4805897b02c85caba80000bb96f71f468c9e746d860238b3b113ab1eef51e1507f8832d5d69528080200548e491477cda51d7e083a134097438e9d7ea34eae8a2e6b516327db9310c7478a37f5c562037196131cc7c84fa29c3c2576f2ae7570b5a98aaa49ca7ddfd5a8c046ce82e4a2d06001000000010000008630b1410b674781855752c9c57c1c5ab0a74a336ce89b3a9c0d37a3ca4e698a798a85faf7f4f1dc020b7dd5750062c9810c4bc1ad7afe338f2b0f29059e684fe16098eb30da105be01ca11a29360ba76851d951b770d0f9cdafb1cb4241350d85b04ed737a9bfd70a081c43b65a95dda76d6850860ba3195040b14c8ad1a8b52472785521147182352a1dbd93595cbc26e813ccd75e16f9247fe82ed150c121f0041022521dc76476f0a9cffa3be1d3ffffffffffffffff29358bbfd8b7a12fe94a0355beb9420eee0a5c11220100c782b89e9430de84b220e8c0df4bd40be3400c58f149319f891fe86fba751dab3326bf2deb9e782b37ec9c7adf36025a091a4b3600000000000000000000000000000000000000000000000000000000000000000600"}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000001c0)={"5fbcdbfb555ab7b6da2c492fe4db90aeaf8e5347c79716e75fe060d73e9de531ef8085f88b3a09f05bf084c593b4dab8756600000000077eebf9940a0b60f02d333a2c2aa407522edaabb8cfccecb9d7e0cfd915c17f32bc1ac7e430af977b671ede8605c7c72a5d1397639fd21bf848190fbdbfaeb7e166205def53caa18404ba077c2b5713acbc3d125aea78dfd962dd250511376c3a3b5732114cc92d27be04c7c146cedcc9081a8435f9c67a0c5174df503a84dc11d1d98a2473fbd39de5d9c56ffa28098914b4d47ea99e8134deb75f944afd0df95136c08e057e4d839936c0755318e58ae63dd46f7009df574d263f87508d7e496efb29de0496d4018e8d6c6f7d016752a1d10bb1df8b406bb488dbb43ffd11eb1eb9b36d57cee3b9e4e2e72e97a8059bb8e8120bf04b1d0b929692cc3e5508293bb205beba29259f18213a602dde8a8a19dd2a16b26476ca4f24e86b84ee76d86aacc862c59e154e6bec6ec6e86eb3d9dd50c4ecf6de82c2419674da3b885ac6abaea4765d256727d8560fb55d0bee0c11b1e8a05d4b932254673e8f67abfca2f184a23839164b15e021bff742605fbeb628ab93803e90954074762487b0afc90eec0e31e75dda865693dd655a190f16dbdf7ce7693d27aaf31758d97e25ab40fc44dbc911639d99b592dd0c660b820a46b8374f7e8030031c39768fb9361164f5dad133cf0d5d66c617d3d62b1f0b80e9f88ffc872df05fb5822601dfe4b39179ace0a4f6808b39bad72a80a9a9bd579d0f9a104191ef6e708083218053d3daf8211dff0a87568b7c734ab79b26cf2a65d66b00f2c2f0d3ffd5fc35b58795406446275afb8df4247add7730331b045d384b0c9fa06284463eec7167512277a435ced48980aab83b37a85b7a33ce8fd8b2a543af82bd15955b12833a59645e1de6bd6ab86c4a046a0323415351e6ddb9bcb869d2e7d092b234bfa8c5be098abcd24d8b4a659b36d8af4f3136d23f9115ea6bdc62fb89e2de415e0f08bd6ec5cc53ee3a666049168a88191c6911ea5fe7972f5627923e8b5b9e7c5323da43d48b25caee3016f88c8178fb8ab1149547e33d7fff442fa3ab42408c87cdfe35a82034bd77399a0861ce16141670ffecde05c7393ae522430425707a4c7d988f34a494727e0b1920e93c95af07d3affe9d41bb82d59ff2149705bb782c9d85e53320268fb57096c6c47e616c457a371dda361170f706e53bf9a9ac5692b72d44072217ecb8646e841b6929251a080f56be308c47dac5d59db54bd1ca7499cf3bf7cb8bb763fed9a75d2eb69573b118e3ee78fb11d41c1ce314538fec8fc542c7bf4865841a2e71fc1efd9fa385903372e3670d96398128e75d786f242a6dbf2c053dc48ee2398763b1ba3550136c14ac7ad77d3c8e97b2f36b6af200"}) openat$vcsu(0xffffffffffffff9c, 0x0, 0x200, 0x0) 954.635324ms ago: executing program 1 (id=689): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000019500)={0xe, {0x3, 0xa3, 0x5f}}, 0xc) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="f5af25bd7000000000000e00000008000300", @ANYRES32=r1, @ANYBLOB="f5e6a8adeb3eb01917e1d760dadba740f162fac3550c07520a0fc2899e51f04adef7bdad89d58d0ddbbef21fcb5519e4a2b63dbea7250b288a99220e95f62d6fc173e9931d950c92b820781cc723e379cc87a9359336b24a65c5ffa90c2f6d7df9182974c2ae1658273c1663cea18ef900f38f7de0170943cfe8b29de9ea43f13ade4304be1842aec7fb305bd8fb193ddf2d795d3c48de3f615cc7a5e7faf7238fb72b440f6828c9aad2d71563fb"], 0x1c}, 0x1, 0xf0ffff, 0x0, 0x4}, 0x700) 98.431µs ago: executing program 3 (id=690): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x51, 0x4800, 0xfffa, {0x6, 0x1}, {0x17, 0x2}, @rumble={0x81, 0xd}}) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8) (fail_nth: 35) 0s ago: executing program 3 (id=691): unshare(0x6a040000) (fail_nth: 70) kernel console output (not intermixed with test programs): [ 67.201757][ T40] audit: type=1400 audit(1776687940.138:176): avc: denied { read } for pid=6175 comm="syz.0.62" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 67.213232][ T40] audit: type=1400 audit(1776687940.138:177): avc: denied { ioctl } for pid=6175 comm="syz.0.62" path="/dev/nvram" dev="devtmpfs" ino=631 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 67.221236][ T40] audit: type=1400 audit(1776687940.138:178): avc: denied { create } for pid=6175 comm="syz.0.62" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 67.231203][ T6030] usb 7-1: new low-speed USB device number 3 using dummy_hcd [ 67.261559][ T6183] tipc: Started in network mode [ 67.264331][ T6183] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 67.268849][ T6183] tipc: Enabled bearer , priority 10 [ 67.293472][ T40] audit: type=1400 audit(1776687940.228:179): avc: denied { create } for pid=6185 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 67.299707][ T40] audit: type=1400 audit(1776687940.228:180): avc: denied { getopt } for pid=6185 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 67.305804][ T40] audit: type=1400 audit(1776687940.238:181): avc: denied { create } for pid=6185 comm="syz.0.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 67.312201][ T40] audit: type=1400 audit(1776687940.238:182): avc: denied { ioctl } for pid=6185 comm="syz.0.65" path="/dev/bsg/0:0:0:0" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 67.380847][ T6030] usb 7-1: device descriptor read/64, error -71 [ 67.390491][ T40] audit: type=1400 audit(1776687940.328:183): avc: denied { write } for pid=6196 comm="syz.1.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 67.397032][ T40] audit: type=1400 audit(1776687940.328:184): avc: denied { read } for pid=6196 comm="syz.1.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 67.403362][ T40] audit: type=1400 audit(1776687940.328:185): avc: denied { ioctl } for pid=6196 comm="syz.1.70" path="socket:[11454]" dev="sockfs" ino=11454 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 67.494554][ T6030] usb usb7-port1: attempt power cycle [ 67.662465][ T6227] xt_hashlimit: size too large, truncated to 1048576 [ 67.761674][ T6240] use of bytesused == 0 is deprecated and will be removed in the future, [ 67.765010][ T6240] use the actual size instead. [ 67.775903][ T6240] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 67.783667][ T6240] tipc: Started in network mode [ 67.822219][ T6240] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 67.826638][ T6240] tipc: Enabled bearer , priority 10 [ 67.880310][ T6030] usb 7-1: new low-speed USB device number 4 using dummy_hcd [ 67.901924][ T6030] usb 7-1: device descriptor read/8, error -71 [ 67.912085][ T6249] nvme_fabrics: missing parameter 'transport=%s' [ 67.915199][ T6249] nvme_fabrics: missing parameter 'nqn=%s' [ 68.012850][ T6263] trusted_key: encrypted_key: keylen parameter is missing [ 68.170797][ T6030] usb 7-1: new low-speed USB device number 5 using dummy_hcd [ 68.200576][ T6030] usb 7-1: device descriptor read/8, error -71 [ 68.320265][ T6030] usb usb7-port1: unable to enumerate USB device [ 68.401421][ T6030] tipc: Node number set to 4269801488 [ 68.469927][ T5952] Bluetooth: hci0: command tx timeout [ 68.472713][ T5955] Bluetooth: hci3: command tx timeout [ 68.472741][ T5305] Bluetooth: hci2: command tx timeout [ 68.478037][ T6287] ======================================================= [ 68.478037][ T6287] WARNING: The mand mount option has been deprecated and [ 68.478037][ T6287] and is ignored by this kernel. Remove the mand [ 68.478037][ T6287] option from the mount to silence this warning. [ 68.478037][ T6287] ======================================================= [ 68.481201][ T6284] bond1: (slave bond_slave_1): Device is not our slave [ 68.488577][ T5305] Bluetooth: hci1: command tx timeout [ 68.494590][ T6284] bond1: option active_slave: invalid value (bond_slave_1) [ 68.503519][ T6284] bond1 (unregistering): Released all slaves [ 68.532385][ T6289] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6289 comm=syz.3.104 [ 68.642940][ T6302] Zero length message leads to an empty skb [ 68.653695][ T6305] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6305 comm=syz.1.110 [ 68.659045][ T6305] FAULT_INJECTION: forcing a failure. [ 68.659045][ T6305] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 68.665368][ T6305] CPU: 0 UID: 0 PID: 6305 Comm: syz.1.110 Not tainted syzkaller #0 PREEMPT(full) [ 68.665383][ T6305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 68.665389][ T6305] Call Trace: [ 68.665393][ T6305] [ 68.665397][ T6305] dump_stack_lvl+0x100/0x190 [ 68.665676][ T6305] should_fail_ex.cold+0x5/0xa [ 68.665693][ T6305] _copy_from_iter+0x1f4/0x1690 [ 68.665807][ T6305] ? __asan_memset+0x23/0x50 [ 68.665875][ T6305] ? __pfx__copy_from_iter+0x10/0x10 [ 68.665888][ T6305] ? __pfx___alloc_skb+0x10/0x10 [ 68.666001][ T6305] netlink_sendmsg+0x808/0xda0 [ 68.666080][ T6305] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.666094][ T6305] ? __might_fault+0x90/0x140 [ 68.666114][ T6305] ____sys_sendmsg+0x9e1/0xb70 [ 68.666128][ T6305] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.666144][ T6305] ? __pfx_____sys_sendmsg+0x10/0x10 [ 68.666164][ T6305] ___sys_sendmsg+0x190/0x1e0 [ 68.666181][ T6305] ? __pfx____sys_sendmsg+0x10/0x10 [ 68.666211][ T6305] __sys_sendmsg+0x170/0x220 [ 68.666223][ T6305] ? __pfx___sys_sendmsg+0x10/0x10 [ 68.666238][ T6305] ? fput+0x79/0x100 [ 68.666253][ T6305] ? rcu_is_watching+0x12/0xc0 [ 68.666320][ T6305] do_syscall_64+0x10b/0xf80 [ 68.666473][ T6305] ? clear_bhb_loop+0x40/0x90 [ 68.666486][ T6305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.666497][ T6305] RIP: 0033:0x7ff5fdd9c819 [ 68.666507][ T6305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 68.666517][ T6305] RSP: 002b:00007ff5febf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.666529][ T6305] RAX: ffffffffffffffda RBX: 00007ff5fe015fa0 RCX: 00007ff5fdd9c819 [ 68.666535][ T6305] RDX: 0000000000004010 RSI: 0000200000000280 RDI: 0000000000000005 [ 68.666541][ T6305] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 68.666547][ T6305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.666553][ T6305] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 68.666566][ T6305] [ 68.700518][ T6307] netlink: 'syz.0.108': attribute type 1 has an invalid length. [ 68.759260][ T6307] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9) [ 68.761811][ T6307] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 68.765780][ T6307] vhci_hcd vhci_hcd.0: Device attached [ 68.771363][ T6307] vhci_hcd vhci_hcd.0: port 0 already used [ 68.812985][ T6315] FAULT_INJECTION: forcing a failure. [ 68.812985][ T6315] name failslab, interval 1, probability 0, space 0, times 0 [ 68.817720][ T6315] CPU: 0 UID: 0 PID: 6315 Comm: syz.3.112 Not tainted syzkaller #0 PREEMPT(full) [ 68.817736][ T6315] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 68.817742][ T6315] Call Trace: [ 68.817747][ T6315] [ 68.817752][ T6315] dump_stack_lvl+0x100/0x190 [ 68.817772][ T6315] should_fail_ex.cold+0x5/0xa [ 68.817789][ T6315] should_failslab+0xc2/0x120 [ 68.817801][ T6315] __kmalloc_cache_noprof+0x7a/0x6f0 [ 68.817816][ T6315] ? hash_mac_create+0x358/0x1050 [ 68.817830][ T6315] ? find_held_lock+0x2b/0x80 [ 68.817843][ T6315] hash_mac_create+0x358/0x1050 [ 68.817857][ T6315] ? __pfx_hash_mac_create+0x10/0x10 [ 68.817870][ T6315] ip_set_create+0x6b8/0x14f0 [ 68.817886][ T6315] ? __pfx_ip_set_create+0x10/0x10 [ 68.817905][ T6315] ? find_held_lock+0x2b/0x80 [ 68.817918][ T6315] nfnetlink_rcv_msg+0x9d5/0x11e0 [ 68.817935][ T6315] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 68.817948][ T6315] ? __lock_acquire+0x4a5/0x2630 [ 68.817972][ T6315] ? avc_has_perm_noaudit+0x145/0x3b0 [ 68.818068][ T6315] netlink_rcv_skb+0x159/0x420 [ 68.818090][ T6315] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 68.818102][ T6315] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 68.818122][ T6315] ? ns_capable+0xd2/0xf0 [ 68.818139][ T6315] nfnetlink_rcv+0x1b3/0x440 [ 68.818151][ T6315] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 68.818162][ T6315] ? netlink_deliver_tap+0x1ae/0xcc0 [ 68.818178][ T6315] netlink_unicast+0x585/0x850 [ 68.818195][ T6315] ? __pfx_netlink_unicast+0x10/0x10 [ 68.818213][ T6315] netlink_sendmsg+0x8b0/0xda0 [ 68.818230][ T6315] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.818244][ T6315] ? __might_fault+0x90/0x140 [ 68.818264][ T6315] ____sys_sendmsg+0x9e1/0xb70 [ 68.818279][ T6315] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.818295][ T6315] ? __pfx_____sys_sendmsg+0x10/0x10 [ 68.818315][ T6315] ___sys_sendmsg+0x190/0x1e0 [ 68.818332][ T6315] ? __pfx____sys_sendmsg+0x10/0x10 [ 68.818362][ T6315] __sys_sendmsg+0x170/0x220 [ 68.818374][ T6315] ? __pfx___sys_sendmsg+0x10/0x10 [ 68.818391][ T6315] ? rcu_is_watching+0x12/0xc0 [ 68.818409][ T6315] do_syscall_64+0x10b/0xf80 [ 68.818420][ T6315] ? clear_bhb_loop+0x40/0x90 [ 68.818434][ T6315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.818445][ T6315] RIP: 0033:0x7fbde2d9c819 [ 68.818455][ T6315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 68.818465][ T6315] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.818477][ T6315] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 68.818484][ T6315] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 68.818490][ T6315] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 68.818496][ T6315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.818502][ T6315] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 68.818515][ T6315] [ 68.874122][ T6309] i2c i2c-1: Invalid block write size 34 [ 68.874737][ T6030] tipc: Node number set to 4269801488 [ 69.080456][ T3265] usb 38-1: SetAddress Request (2) to port 0 [ 69.083164][ T3265] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd [ 69.197346][ T6341] Invalid ELF header magic: != ELF [ 69.258846][ T6342] netlink: 'syz.3.117': attribute type 10 has an invalid length. [ 69.474724][ T6310] vhci_hcd: connection reset by peer [ 69.482611][ T12] vhci_hcd vhci_hcd.0: stop threads [ 69.485586][ T12] vhci_hcd vhci_hcd.0: release socket [ 69.489155][ T12] vhci_hcd vhci_hcd.0: disconnect device [ 69.655403][ T6360] netlink: ct family unspecified [ 69.694138][ T6362] tipc: Started in network mode [ 69.696169][ T6362] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 69.702285][ T6362] tipc: Enabled bearer , priority 10 [ 70.075095][ T6389] netlink: set zone limit has 4 unknown bytes [ 70.147022][ T6395] bond1: entered promiscuous mode [ 70.188986][ T6406] netlink: 'syz.1.145': attribute type 29 has an invalid length. [ 70.192501][ T6406] netlink: 'syz.1.145': attribute type 29 has an invalid length. [ 70.446352][ T6418] __nla_validate_parse: 24 callbacks suppressed [ 70.446462][ T6418] netlink: 4376 bytes leftover after parsing attributes in process `syz.3.149'. [ 70.453527][ T6418] netlink: 4376 bytes leftover after parsing attributes in process `syz.3.149'. [ 70.486897][ T6423] FAULT_INJECTION: forcing a failure. [ 70.486897][ T6423] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 70.494158][ T6423] CPU: 1 UID: 0 PID: 6423 Comm: syz.1.152 Not tainted syzkaller #0 PREEMPT(full) [ 70.494176][ T6423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 70.494182][ T6423] Call Trace: [ 70.494187][ T6423] [ 70.494191][ T6423] dump_stack_lvl+0x100/0x190 [ 70.495000][ T6423] should_fail_ex.cold+0x5/0xa [ 70.495015][ T6423] ? prepare_alloc_pages+0x16d/0x5f0 [ 70.495226][ T6423] should_fail_alloc_page+0xeb/0x140 [ 70.495239][ T6423] prepare_alloc_pages+0x1f0/0x5f0 [ 70.495251][ T6423] ? bpf_ksym_find+0x128/0x1c0 [ 70.495315][ T6423] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 70.495333][ T6423] ? __lock_acquire+0x4a5/0x2630 [ 70.495348][ T6423] ? arch_stack_walk+0xa6/0xf0 [ 70.495369][ T6423] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 70.495392][ T6423] ? debug_check_no_obj_freed+0x31f/0x630 [ 70.495541][ T6423] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 70.495556][ T6423] ? policy_nodemask+0xed/0x4f0 [ 70.495568][ T6423] alloc_pages_mpol+0x1fb/0x540 [ 70.495579][ T6423] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 70.495591][ T6423] ? _raw_spin_unlock+0x28/0x50 [ 70.495834][ T6423] ? __free_frozen_pages+0x59e/0x1040 [ 70.495848][ T6423] ? __pfx_vcs_write+0x10/0x10 [ 70.496060][ T6423] alloc_pages_noprof+0x1a/0x160 [ 70.496073][ T6423] get_free_pages_noprof+0x10/0xb0 [ 70.496084][ T6423] vcs_write+0x11a/0xd60 [ 70.496108][ T6423] ? __pfx_vcs_write+0x10/0x10 [ 70.496124][ T6423] ? bpf_lsm_file_permission+0x9/0x10 [ 70.496142][ T6423] ? security_file_permission+0x76/0x210 [ 70.496221][ T6423] ? iov_iter_advance+0xac/0x6d0 [ 70.496234][ T6423] ? rw_verify_area+0xce/0x6d0 [ 70.496252][ T6423] ? __pfx_vcs_write+0x10/0x10 [ 70.496266][ T6423] vfs_writev+0x5ea/0xe10 [ 70.496280][ T6423] ? __pfx_vfs_writev+0x10/0x10 [ 70.496290][ T6423] ? find_held_lock+0x2b/0x80 [ 70.496299][ T6423] ? ksys_write+0x190/0x250 [ 70.496316][ T6423] ? __fget_files+0x21f/0x3d0 [ 70.496333][ T6423] ? do_writev+0x13e/0x340 [ 70.496341][ T6423] do_writev+0x13e/0x340 [ 70.496351][ T6423] ? __pfx_do_writev+0x10/0x10 [ 70.496362][ T6423] ? rcu_is_watching+0x12/0xc0 [ 70.496380][ T6423] do_syscall_64+0x10b/0xf80 [ 70.496389][ T6423] ? clear_bhb_loop+0x40/0x90 [ 70.496418][ T6423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.496430][ T6423] RIP: 0033:0x7ff5fdd9c819 [ 70.496440][ T6423] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 70.496450][ T6423] RSP: 002b:00007ff5febf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 70.496513][ T6423] RAX: ffffffffffffffda RBX: 00007ff5fe015fa0 RCX: 00007ff5fdd9c819 [ 70.496520][ T6423] RDX: 000000000000000e RSI: 0000200000000c40 RDI: 0000000000000003 [ 70.496526][ T6423] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 70.496532][ T6423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.496538][ T6423] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 70.496551][ T6423] [ 70.549974][ T5305] Bluetooth: hci1: command tx timeout [ 70.550510][ T5952] Bluetooth: hci2: command tx timeout [ 70.559939][ T5952] Bluetooth: hci0: command tx timeout [ 70.559961][ T5952] Bluetooth: hci3: command tx timeout [ 70.575459][ T6428] FAULT_INJECTION: forcing a failure. [ 70.575459][ T6428] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.585576][ T6430] netlink: 80 bytes leftover after parsing attributes in process `syz.1.156'. [ 70.586518][ T6428] CPU: 0 UID: 0 PID: 6428 Comm: syz.0.155 Not tainted syzkaller #0 PREEMPT(full) [ 70.586533][ T6428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 70.586539][ T6428] Call Trace: [ 70.586543][ T6428] [ 70.586547][ T6428] dump_stack_lvl+0x100/0x190 [ 70.586567][ T6428] should_fail_ex.cold+0x5/0xa [ 70.586582][ T6428] _copy_from_user+0x2e/0xd0 [ 70.586597][ T6428] get_timespec64+0x8d/0x240 [ 70.586610][ T6428] ? __pfx_get_timespec64+0x10/0x10 [ 70.586626][ T6428] __x64_sys_recvmmsg+0x166/0x280 [ 70.586722][ T6428] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 70.586738][ T6428] ? rcu_is_watching+0x12/0xc0 [ 70.586756][ T6428] do_syscall_64+0x10b/0xf80 [ 70.586767][ T6428] ? clear_bhb_loop+0x40/0x90 [ 70.586781][ T6428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.586792][ T6428] RIP: 0033:0x7ffb3699c819 [ 70.586802][ T6428] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 70.586812][ T6428] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 70.586823][ T6428] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 70.586830][ T6428] RDX: 0000000000000001 RSI: 0000200000000900 RDI: 0000000000000004 [ 70.586836][ T6428] RBP: 00007ffb3777e090 R08: 0000200000000980 R09: 0000000000000000 [ 70.586842][ T6428] R10: 0000000040000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.586848][ T6428] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 70.586861][ T6428] [ 70.670660][ T6435] mmap: syz.1.156 (6435) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 70.836786][ T6456] netlink: 32 bytes leftover after parsing attributes in process `syz.1.166'. [ 70.845490][ T6030] tipc: Node number set to 4269801488 [ 70.886747][ T6461] syzkaller1: entered promiscuous mode [ 70.888615][ T6461] syzkaller1: entered allmulticast mode [ 70.899299][ T6461] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 71.815190][ T6515] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 71.819440][ T6515] block device autoloading is deprecated and will be removed. [ 72.021584][ T6521] netlink: 8 bytes leftover after parsing attributes in process `syz.0.189'. [ 72.063002][ T6528] netlink: 4376 bytes leftover after parsing attributes in process `syz.0.192'. [ 72.067566][ T6528] netlink: 4376 bytes leftover after parsing attributes in process `syz.0.192'. [ 72.154126][ T6537] netlink: 8 bytes leftover after parsing attributes in process `syz.1.195'. [ 72.159283][ T6537] netlink: 8 bytes leftover after parsing attributes in process `syz.1.195'. [ 72.332680][ T6550] netlink: 4376 bytes leftover after parsing attributes in process `syz.1.202'. [ 72.371757][ T6554] FAULT_INJECTION: forcing a failure. [ 72.371757][ T6554] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 72.378759][ T6554] CPU: 0 UID: 0 PID: 6554 Comm: syz.1.203 Not tainted syzkaller #0 PREEMPT(full) [ 72.378785][ T6554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 72.378795][ T6554] Call Trace: [ 72.378802][ T6554] [ 72.378810][ T6554] dump_stack_lvl+0x100/0x190 [ 72.379305][ T6554] should_fail_ex.cold+0x5/0xa [ 72.379332][ T6554] _copy_from_user+0x2e/0xd0 [ 72.379509][ T6554] vcs_write+0x2e3/0xd60 [ 72.379657][ T6554] ? __pfx_vcs_write+0x10/0x10 [ 72.379682][ T6554] ? bpf_lsm_file_permission+0x9/0x10 [ 72.379765][ T6554] ? security_file_permission+0x76/0x210 [ 72.379843][ T6554] ? iov_iter_advance+0xac/0x6d0 [ 72.379861][ T6554] ? rw_verify_area+0xce/0x6d0 [ 72.379946][ T6554] ? __pfx_vcs_write+0x10/0x10 [ 72.379968][ T6554] vfs_writev+0x5ea/0xe10 [ 72.379991][ T6554] ? __pfx_vfs_writev+0x10/0x10 [ 72.380008][ T6554] ? find_held_lock+0x2b/0x80 [ 72.380024][ T6554] ? ksys_write+0x190/0x250 [ 72.380060][ T6554] ? __fget_files+0x21f/0x3d0 [ 72.380087][ T6554] ? do_writev+0x13e/0x340 [ 72.380102][ T6554] do_writev+0x13e/0x340 [ 72.380118][ T6554] ? __pfx_do_writev+0x10/0x10 [ 72.380136][ T6554] ? rcu_is_watching+0x12/0xc0 [ 72.380166][ T6554] do_syscall_64+0x10b/0xf80 [ 72.380339][ T6554] ? clear_bhb_loop+0x40/0x90 [ 72.380361][ T6554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.380379][ T6554] RIP: 0033:0x7ff5fdd9c819 [ 72.380394][ T6554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 72.380410][ T6554] RSP: 002b:00007ff5febf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 72.380429][ T6554] RAX: ffffffffffffffda RBX: 00007ff5fe015fa0 RCX: 00007ff5fdd9c819 [ 72.380440][ T6554] RDX: 000000000000000e RSI: 0000200000000c40 RDI: 0000000000000003 [ 72.380450][ T6554] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 72.380460][ T6554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.380469][ T6554] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 72.380492][ T6554] [ 72.502295][ T6556] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 72.516122][ T6556] evm: overlay not supported [ 72.525005][ T40] kauditd_printk_skb: 56 callbacks suppressed [ 72.525016][ T40] audit: type=1400 audit(1776687945.458:242): avc: denied { read } for pid=6557 comm="syz.0.205" name="btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 72.537009][ T40] audit: type=1400 audit(1776687945.458:243): avc: denied { open } for pid=6557 comm="syz.0.205" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 72.548503][ T40] audit: type=1400 audit(1776687945.458:244): avc: denied { ioctl } for pid=6557 comm="syz.0.205" path="/dev/btrfs-control" dev="devtmpfs" ino=1342 ioctlcmd=0x565f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 72.567177][ T40] audit: type=1400 audit(1776687945.458:245): avc: denied { setopt } for pid=6557 comm="syz.0.205" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 72.649657][ T6566] nftables ruleset with unbound chain [ 72.657602][ T40] audit: type=1400 audit(1776687945.588:246): avc: denied { create } for pid=6564 comm="syz.0.208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 72.665143][ T6566] bridge0: port 3(ipvlan2) entered blocking state [ 72.668224][ T6566] bridge0: port 3(ipvlan2) entered disabled state [ 72.675051][ T6566] ipvlan2: entered allmulticast mode [ 72.677522][ T6566] bridge0: entered allmulticast mode [ 72.685363][ T6566] ipvlan2: left allmulticast mode [ 72.687812][ T6566] bridge0: left allmulticast mode [ 72.916554][ T40] audit: type=1400 audit(1776687945.848:247): avc: denied { create } for pid=6573 comm="syz.3.212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 72.939896][ T40] audit: type=1400 audit(1776687945.848:248): avc: denied { setopt } for pid=6573 comm="syz.3.212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 73.060274][ T40] audit: type=1400 audit(1776687945.988:249): avc: denied { setopt } for pid=6584 comm="syz.2.216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 73.077350][ T40] audit: type=1400 audit(1776687945.998:250): avc: denied { ioctl } for pid=6584 comm="syz.2.216" path="/dev/dri/card1" dev="devtmpfs" ino=636 ioctlcmd=0x64c6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 73.087652][ T40] audit: type=1400 audit(1776687945.998:251): avc: denied { bind } for pid=6584 comm="syz.2.216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 73.122010][ T6587] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 73.122932][ T6591] FAULT_INJECTION: forcing a failure. [ 73.122932][ T6591] name failslab, interval 1, probability 0, space 0, times 0 [ 73.128313][ T6591] CPU: 1 UID: 0 PID: 6591 Comm: syz.1.219 Not tainted syzkaller #0 PREEMPT(full) [ 73.128329][ T6591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 73.128335][ T6591] Call Trace: [ 73.128339][ T6591] [ 73.128344][ T6591] dump_stack_lvl+0x100/0x190 [ 73.128643][ T6591] should_fail_ex.cold+0x5/0xa [ 73.128660][ T6591] should_failslab+0xc2/0x120 [ 73.128730][ T6591] __kvmalloc_node_noprof+0xfa/0xa00 [ 73.128748][ T6591] ? hash_mac_create+0x451/0x1050 [ 73.128872][ T6591] hash_mac_create+0x451/0x1050 [ 73.128886][ T6591] ? __pfx_hash_mac_create+0x10/0x10 [ 73.128899][ T6591] ip_set_create+0x6b8/0x14f0 [ 73.128914][ T6591] ? __pfx_ip_set_create+0x10/0x10 [ 73.128932][ T6591] ? find_held_lock+0x2b/0x80 [ 73.128998][ T6591] nfnetlink_rcv_msg+0x9d5/0x11e0 [ 73.129015][ T6591] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 73.129028][ T6591] ? __lock_acquire+0x4a5/0x2630 [ 73.129051][ T6591] ? avc_has_perm_noaudit+0x145/0x3b0 [ 73.129299][ T6591] netlink_rcv_skb+0x159/0x420 [ 73.129315][ T6591] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 73.129328][ T6591] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 73.129348][ T6591] ? ns_capable+0xd2/0xf0 [ 73.129364][ T6591] nfnetlink_rcv+0x1b3/0x440 [ 73.129376][ T6591] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 73.129387][ T6591] ? netlink_deliver_tap+0x1ae/0xcc0 [ 73.129403][ T6591] netlink_unicast+0x585/0x850 [ 73.129420][ T6591] ? __pfx_netlink_unicast+0x10/0x10 [ 73.129438][ T6591] netlink_sendmsg+0x8b0/0xda0 [ 73.129455][ T6591] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.129469][ T6591] ? __might_fault+0x90/0x140 [ 73.129489][ T6591] ____sys_sendmsg+0x9e1/0xb70 [ 73.129589][ T6591] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.129605][ T6591] ? __pfx_____sys_sendmsg+0x10/0x10 [ 73.129625][ T6591] ___sys_sendmsg+0x190/0x1e0 [ 73.129642][ T6591] ? __pfx____sys_sendmsg+0x10/0x10 [ 73.129672][ T6591] __sys_sendmsg+0x170/0x220 [ 73.129684][ T6591] ? __pfx___sys_sendmsg+0x10/0x10 [ 73.129700][ T6591] ? rcu_is_watching+0x12/0xc0 [ 73.129720][ T6591] do_syscall_64+0x10b/0xf80 [ 73.129870][ T6591] ? clear_bhb_loop+0x40/0x90 [ 73.129897][ T6591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.129908][ T6591] RIP: 0033:0x7ff5fdd9c819 [ 73.129919][ T6591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 73.129929][ T6591] RSP: 002b:00007ff5febf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 73.129941][ T6591] RAX: ffffffffffffffda RBX: 00007ff5fe015fa0 RCX: 00007ff5fdd9c819 [ 73.129948][ T6591] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 73.129954][ T6591] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 73.129960][ T6591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 73.129966][ T6591] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 73.129979][ T6591] [ 73.253919][ T6586] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.268343][ T6598] overlayfs: failed to decode file handle (len=10, type=78, flags=0, err=-22) [ 73.373411][ T6586] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.380406][ T6606] debugfs: 'ttyS3' already exists in 'caif_serial' [ 73.623890][ T6586] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.627776][ T6632] FAULT_INJECTION: forcing a failure. [ 73.627776][ T6632] name failslab, interval 1, probability 0, space 0, times 0 [ 73.634489][ T6632] CPU: 1 UID: 0 PID: 6632 Comm: syz.0.231 Not tainted syzkaller #0 PREEMPT(full) [ 73.634504][ T6632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 73.634511][ T6632] Call Trace: [ 73.634515][ T6632] [ 73.634519][ T6632] dump_stack_lvl+0x100/0x190 [ 73.634912][ T6632] should_fail_ex.cold+0x5/0xa [ 73.634929][ T6632] ? __register_sysctl_table+0xbe4/0x1650 [ 73.634998][ T6632] should_failslab+0xc2/0x120 [ 73.635024][ T6632] __kmalloc_noprof+0xe0/0x850 [ 73.635044][ T6632] __register_sysctl_table+0xbe4/0x1650 [ 73.635067][ T6632] ? __pfx___register_sysctl_table+0x10/0x10 [ 73.635082][ T6632] ? is_module_address+0x69/0xf0 [ 73.635142][ T6632] ? register_net_sysctl_sz+0x222/0x430 [ 73.635336][ T6632] ? __asan_memcpy+0x3c/0x60 [ 73.635351][ T6632] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 73.635464][ T6632] nf_lwtunnel_net_init+0x60/0xf0 [ 73.635479][ T6632] ops_init+0x1e2/0x5f0 [ 73.635550][ T6632] setup_net+0x118/0x3a0 [ 73.635563][ T6632] ? __pfx_setup_net+0x10/0x10 [ 73.635575][ T6632] ? mutex_init_lockdep+0xf1/0x120 [ 73.635593][ T6632] copy_net_ns+0x46f/0x7c0 [ 73.635608][ T6632] create_new_namespaces+0x3ea/0xac0 [ 73.635629][ T6632] unshare_nsproxy_namespaces+0xf2/0x220 [ 73.635648][ T6632] ksys_unshare+0x438/0xab0 [ 73.635660][ T6632] ? __pfx_ksys_unshare+0x10/0x10 [ 73.635670][ T6632] ? ksys_write+0x1ac/0x250 [ 73.635686][ T6632] __x64_sys_unshare+0x31/0x40 [ 73.635696][ T6632] do_syscall_64+0x10b/0xf80 [ 73.635748][ T6632] ? clear_bhb_loop+0x40/0x90 [ 73.635761][ T6632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.635772][ T6632] RIP: 0033:0x7ffb3699c819 [ 73.635783][ T6632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 73.635793][ T6632] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 73.635805][ T6632] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 73.635811][ T6632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006a040000 [ 73.635818][ T6632] RBP: 00007ffb3777e090 R08: 0000000000000000 R09: 0000000000000000 [ 73.635824][ T6632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 73.635829][ T6632] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 73.635843][ T6632] [ 73.635894][ T6632] sysctl could not get directory: /net -12 [ 73.775921][ T6586] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.868025][ T6646] netlink: set zone limit has 4 unknown bytes [ 73.914248][ T77] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.940596][ T77] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.958475][ T77] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.968759][ T77] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.053023][ T6670] FAULT_INJECTION: forcing a failure. [ 74.053023][ T6670] name failslab, interval 1, probability 0, space 0, times 0 [ 74.058446][ T6670] CPU: 3 UID: 0 PID: 6670 Comm: syz.1.242 Not tainted syzkaller #0 PREEMPT(full) [ 74.058470][ T6670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 74.058480][ T6670] Call Trace: [ 74.058488][ T6670] [ 74.058495][ T6670] dump_stack_lvl+0x100/0x190 [ 74.058523][ T6670] should_fail_ex.cold+0x5/0xa [ 74.058548][ T6670] should_failslab+0xc2/0x120 [ 74.058567][ T6670] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 74.058591][ T6670] ? skb_clone+0x190/0x400 [ 74.058616][ T6670] skb_clone+0x190/0x400 [ 74.058636][ T6670] netlink_deliver_tap+0xaed/0xcc0 [ 74.058660][ T6670] ? __pfx_tc_dump_qdisc+0x10/0x10 [ 74.058712][ T6670] netlink_dump+0x631/0xd00 [ 74.058736][ T6670] ? __pfx_netlink_dump+0x10/0x10 [ 74.058756][ T6670] ? kasan_quarantine_put+0x104/0x240 [ 74.058791][ T6670] ? kfree_skbmem+0x19f/0x210 [ 74.058816][ T6670] netlink_recvmsg+0x7dc/0xa90 [ 74.058839][ T6670] ? __pfx_netlink_recvmsg+0x10/0x10 [ 74.058885][ T6670] ? __import_iovec+0x1d2/0x640 [ 74.059116][ T6670] ____sys_recvmsg+0x5b3/0x640 [ 74.059140][ T6670] ? __pfx_netlink_recvmsg+0x10/0x10 [ 74.059163][ T6670] ? __pfx_____sys_recvmsg+0x10/0x10 [ 74.059192][ T6670] ? rcu_is_watching+0x12/0xc0 [ 74.059218][ T6670] ? ___sys_recvmsg+0x177/0x1a0 [ 74.059239][ T6670] ? kfree+0x1dd/0x6c0 [ 74.059264][ T6670] ___sys_recvmsg+0x16a/0x1a0 [ 74.059294][ T6670] ? __pfx____sys_recvmsg+0x10/0x10 [ 74.059331][ T6670] ? __pfx___might_resched+0x10/0x10 [ 74.059359][ T6670] do_recvmmsg+0x301/0x760 [ 74.059387][ T6670] ? __pfx_do_recvmmsg+0x10/0x10 [ 74.059407][ T6670] ? ksys_write+0x190/0x250 [ 74.059427][ T6670] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 74.059443][ T6670] ? kernel_write+0x5e3/0x6c0 [ 74.059462][ T6670] ? __fget_files+0x21f/0x3d0 [ 74.059485][ T6670] __x64_sys_recvmmsg+0x22a/0x280 [ 74.059504][ T6670] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 74.059525][ T6670] ? rcu_is_watching+0x12/0xc0 [ 74.059551][ T6670] do_syscall_64+0x10b/0xf80 [ 74.059565][ T6670] ? clear_bhb_loop+0x40/0x90 [ 74.059585][ T6670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.059602][ T6670] RIP: 0033:0x7ff5fdd9c819 [ 74.059615][ T6670] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 74.059629][ T6670] RSP: 002b:00007ff5febf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 74.059648][ T6670] RAX: ffffffffffffffda RBX: 00007ff5fe015fa0 RCX: 00007ff5fdd9c819 [ 74.059658][ T6670] RDX: 0000000000000318 RSI: 0000200000007700 RDI: 0000000000000003 [ 74.059667][ T6670] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 74.059676][ T6670] R10: 0000000000000fc0 R11: 0000000000000246 R12: 0000000000000002 [ 74.059685][ T6670] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 74.059706][ T6670] [ 74.153537][ T3265] usb 38-1: device descriptor read/8, error -110 [ 74.215317][ T6678] team0: Port device vlan2 added [ 74.405936][ T6689] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.467975][ T6689] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.578303][ T6689] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.584945][ T3265] usb usb38-port1: attempt power cycle [ 74.594621][ T6692] netlink: 'syz.1.251': attribute type 30 has an invalid length. [ 74.676252][ T6689] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.868140][ T6706] tipc: Can't bind to reserved service type 2 [ 74.905768][ T6710] syz.3.259 uses obsolete (PF_INET,SOCK_PACKET) [ 75.129076][ T6733] overlayfs: failed to decode file handle (len=10, type=78, flags=0, err=-22) [ 75.165451][ T3265] usb usb38-port1: unable to enumerate USB device [ 75.297499][ T6739] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=6739 comm=syz.3.270 [ 75.492513][ T6745] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 75.869041][ T6747] netlink: 'syz.1.271': attribute type 3 has an invalid length. [ 75.948038][ T6752] __nla_validate_parse: 17 callbacks suppressed [ 75.948067][ T6752] netlink: 4376 bytes leftover after parsing attributes in process `syz.0.272'. [ 75.956293][ T6752] netlink: 4376 bytes leftover after parsing attributes in process `syz.0.272'. [ 76.006579][ T6756] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6756 comm=syz.0.275 [ 76.080010][ T6760] nbd: must specify an index to disconnect [ 76.117194][ T6764] netlink: 64 bytes leftover after parsing attributes in process `syz.1.279'. [ 76.253594][ T6775] 9pnet_virtio: no channels available for device syz [ 76.257088][ T6774] FAULT_INJECTION: forcing a failure. [ 76.257088][ T6774] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.263082][ T6774] CPU: 3 UID: 0 PID: 6774 Comm: syz.1.283 Not tainted syzkaller #0 PREEMPT(full) [ 76.263105][ T6774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 76.263115][ T6774] Call Trace: [ 76.263122][ T6774] [ 76.263129][ T6774] dump_stack_lvl+0x100/0x190 [ 76.263430][ T6774] should_fail_ex.cold+0x5/0xa [ 76.263456][ T6774] _copy_from_user+0x2e/0xd0 [ 76.263584][ T6774] vcs_write+0x2e3/0xd60 [ 76.263766][ T6774] ? __pfx_vcs_write+0x10/0x10 [ 76.263791][ T6774] ? bpf_lsm_file_permission+0x9/0x10 [ 76.263869][ T6774] ? security_file_permission+0x76/0x210 [ 76.263945][ T6774] ? iov_iter_advance+0xac/0x6d0 [ 76.263963][ T6774] ? rw_verify_area+0xce/0x6d0 [ 76.264078][ T6774] ? __pfx_vcs_write+0x10/0x10 [ 76.264100][ T6774] vfs_writev+0x5ea/0xe10 [ 76.264122][ T6774] ? __pfx_vfs_writev+0x10/0x10 [ 76.264138][ T6774] ? find_held_lock+0x2b/0x80 [ 76.264155][ T6774] ? ksys_write+0x190/0x250 [ 76.264185][ T6774] ? __fget_files+0x21f/0x3d0 [ 76.264212][ T6774] ? do_writev+0x13e/0x340 [ 76.264226][ T6774] do_writev+0x13e/0x340 [ 76.264242][ T6774] ? __pfx_do_writev+0x10/0x10 [ 76.264260][ T6774] ? rcu_is_watching+0x12/0xc0 [ 76.264289][ T6774] do_syscall_64+0x10b/0xf80 [ 76.264453][ T6774] ? clear_bhb_loop+0x40/0x90 [ 76.264475][ T6774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.264492][ T6774] RIP: 0033:0x7ff5fdd9c819 [ 76.264509][ T6774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 76.264525][ T6774] RSP: 002b:00007ff5febf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 76.264543][ T6774] RAX: ffffffffffffffda RBX: 00007ff5fe015fa0 RCX: 00007ff5fdd9c819 [ 76.264554][ T6774] RDX: 000000000000000e RSI: 0000200000000c40 RDI: 0000000000000003 [ 76.264564][ T6774] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 76.264573][ T6774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 76.264583][ T6774] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 76.264606][ T6774] [ 76.369596][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.285'. [ 76.375454][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.285'. [ 76.379496][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.0.285'. [ 76.435780][ T6785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.289'. [ 76.462612][ T6789] FAULT_INJECTION: forcing a failure. [ 76.462612][ T6789] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.474373][ T6789] CPU: 3 UID: 0 PID: 6789 Comm: syz.1.291 Not tainted syzkaller #0 PREEMPT(full) [ 76.474400][ T6789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 76.474410][ T6789] Call Trace: [ 76.474417][ T6789] [ 76.474424][ T6789] dump_stack_lvl+0x100/0x190 [ 76.474453][ T6789] should_fail_ex.cold+0x5/0xa [ 76.474478][ T6789] _copy_from_user+0x2e/0xd0 [ 76.474502][ T6789] input_event_from_user+0x123/0x310 [ 76.474637][ T6789] ? __pfx_input_event_from_user+0x10/0x10 [ 76.474663][ T6789] ? __pfx___might_resched+0x10/0x10 [ 76.474713][ T6789] ? input_inject_event+0x1a6/0x390 [ 76.474742][ T6789] evdev_write+0x342/0x610 [ 76.474773][ T6789] ? __pfx_evdev_write+0x10/0x10 [ 76.474800][ T6789] ? bpf_lsm_file_permission+0x9/0x10 [ 76.474826][ T6789] ? security_file_permission+0x76/0x210 [ 76.474846][ T6789] ? rw_verify_area+0xce/0x6d0 [ 76.474876][ T6789] vfs_write+0x2aa/0x1070 [ 76.474893][ T6789] ? __pfx_evdev_write+0x10/0x10 [ 76.474919][ T6789] ? __pfx_vfs_write+0x10/0x10 [ 76.474933][ T6789] ? find_held_lock+0x2b/0x80 [ 76.474947][ T6789] ? __fget_files+0x215/0x3d0 [ 76.474965][ T6789] ? __fget_files+0x215/0x3d0 [ 76.474987][ T6789] ? __fget_files+0x21f/0x3d0 [ 76.475012][ T6789] ksys_write+0x1f8/0x250 [ 76.475028][ T6789] ? __pfx_ksys_write+0x10/0x10 [ 76.475046][ T6789] ? rcu_is_watching+0x12/0xc0 [ 76.475079][ T6789] do_syscall_64+0x10b/0xf80 [ 76.475096][ T6789] ? clear_bhb_loop+0x40/0x90 [ 76.475116][ T6789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.475133][ T6789] RIP: 0033:0x7ff5fdd9c819 [ 76.475148][ T6789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 76.475163][ T6789] RSP: 002b:00007ff5febf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 76.475180][ T6789] RAX: ffffffffffffffda RBX: 00007ff5fe015fa0 RCX: 00007ff5fdd9c819 [ 76.475191][ T6789] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 76.475201][ T6789] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 76.475209][ T6789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 76.475218][ T6789] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 76.475239][ T6789] [ 76.505145][ T6791] FAULT_INJECTION: forcing a failure. [ 76.505145][ T6791] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.571102][ T6791] CPU: 1 UID: 0 PID: 6791 Comm: syz.0.292 Not tainted syzkaller #0 PREEMPT(full) [ 76.571124][ T6791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 76.571133][ T6791] Call Trace: [ 76.571139][ T6791] [ 76.571145][ T6791] dump_stack_lvl+0x100/0x190 [ 76.571171][ T6791] should_fail_ex.cold+0x5/0xa [ 76.571194][ T6791] _copy_from_user+0x2e/0xd0 [ 76.571213][ T6791] do_handle_open+0x60e/0xce0 [ 76.571237][ T6791] ? __fget_files+0x21f/0x3d0 [ 76.571255][ T6791] ? __pfx_do_handle_open+0x10/0x10 [ 76.571280][ T6791] ? ksys_write+0x1ac/0x250 [ 76.571309][ T6791] ? do_syscall_64+0x10b/0xf80 [ 76.571324][ T6791] do_syscall_64+0x10b/0xf80 [ 76.571336][ T6791] ? clear_bhb_loop+0x40/0x90 [ 76.571354][ T6791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.571368][ T6791] RIP: 0033:0x7ffb3699c819 [ 76.571380][ T6791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 76.571394][ T6791] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 76.571409][ T6791] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 76.571418][ T6791] RDX: 0000000000551002 RSI: 0000200000000140 RDI: 0000000000000003 [ 76.571426][ T6791] RBP: 00007ffb3777e090 R08: 0000000000000000 R09: 0000000000000000 [ 76.571435][ T6791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.571443][ T6791] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 76.571461][ T6791] [ 76.910171][ T6820] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 76.912430][ T6820] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 76.918868][ T6820] vhci_hcd vhci_hcd.0: Device attached [ 77.037286][ T1432] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.040887][ T1432] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.170027][ T6029] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 77.172785][ T842] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 77.340020][ T842] usb 5-1: Using ep0 maxpacket: 8 [ 77.346090][ T842] usb 5-1: config 0 has no interfaces? [ 77.348545][ T842] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 77.352710][ T842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.368782][ T842] usb 5-1: config 0 descriptor?? [ 77.577220][ T6821] usb 37-1: recv xbuf, 0 [ 77.582843][ T842] usb 5-1: string descriptor 0 read error: -71 [ 77.588379][ T12] vhci_hcd vhci_hcd.0: stop threads [ 77.590891][ T12] vhci_hcd vhci_hcd.0: release socket [ 77.593698][ T12] vhci_hcd vhci_hcd.0: disconnect device [ 77.594105][ T842] usb 5-1: USB disconnect, device number 2 [ 77.636435][ T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.648298][ T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.659124][ T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.659975][ T6029] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 77.675673][ T77] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.690942][ T1039] cfg80211: failed to load regulatory.db [ 77.742624][ T6841] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=3979591798 (509387750144 ns) > initial count (364801339648 ns). Using initial count to start timer. [ 77.757459][ T6843] netlink: 32 bytes leftover after parsing attributes in process `syz.3.307'. [ 77.814782][ T40] kauditd_printk_skb: 57 callbacks suppressed [ 77.814794][ T40] audit: type=1400 audit(1776687950.748:309): avc: denied { ioctl } for pid=6839 comm="syz.2.305" path="/dev/ptp1" dev="devtmpfs" ino=1288 ioctlcmd=0x3d08 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 77.822207][ T6849] tipc: Enabling of bearer rejected, already enabled [ 77.828008][ T40] audit: type=1400 audit(1776687950.758:310): avc: denied { prog_load } for pid=6839 comm="syz.2.305" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 77.862186][ T6851] netlink: 40 bytes leftover after parsing attributes in process `syz.3.310'. [ 77.868987][ T6851] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6851 comm=syz.3.310 [ 77.913337][ T40] audit: type=1400 audit(1776687950.848:311): avc: denied { prog_run } for pid=6852 comm="syz.3.311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 78.013281][ T6858] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 78.114994][ T6873] netlink: 8 bytes leftover after parsing attributes in process `syz.1.318'. [ 78.129928][ T6873] FAULT_INJECTION: forcing a failure. [ 78.129928][ T6873] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.135022][ T6873] CPU: 1 UID: 0 PID: 6873 Comm: syz.1.318 Not tainted syzkaller #0 PREEMPT(full) [ 78.135043][ T6873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 78.135052][ T6873] Call Trace: [ 78.135058][ T6873] [ 78.135064][ T6873] dump_stack_lvl+0x100/0x190 [ 78.135390][ T6873] should_fail_ex.cold+0x5/0xa [ 78.135412][ T6873] _copy_from_user+0x2e/0xd0 [ 78.135541][ T6873] copy_msghdr_from_user+0x9f/0x4f0 [ 78.135665][ T6873] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 78.135688][ T6873] ? rcu_is_watching+0x12/0xc0 [ 78.135766][ T6873] ? ___sys_recvmsg+0x177/0x1a0 [ 78.135786][ T6873] ? kfree+0x1dd/0x6c0 [ 78.135876][ T6873] ___sys_recvmsg+0xdd/0x1a0 [ 78.135896][ T6873] ? __pfx____sys_recvmsg+0x10/0x10 [ 78.135930][ T6873] ? __pfx___might_resched+0x10/0x10 [ 78.135957][ T6873] do_recvmmsg+0x301/0x760 [ 78.135979][ T6873] ? __pfx_do_recvmmsg+0x10/0x10 [ 78.135999][ T6873] ? ksys_write+0x190/0x250 [ 78.136020][ T6873] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 78.136179][ T6873] ? kernel_write+0x5e3/0x6c0 [ 78.136199][ T6873] ? __fget_files+0x21f/0x3d0 [ 78.136224][ T6873] __x64_sys_recvmmsg+0x22a/0x280 [ 78.136244][ T6873] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 78.136269][ T6873] ? rcu_is_watching+0x12/0xc0 [ 78.136290][ T6873] do_syscall_64+0x10b/0xf80 [ 78.136305][ T6873] ? clear_bhb_loop+0x40/0x90 [ 78.136326][ T6873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.136342][ T6873] RIP: 0033:0x7ff5fdd9c819 [ 78.136357][ T6873] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 78.136372][ T6873] RSP: 002b:00007ff5febf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 78.136388][ T6873] RAX: ffffffffffffffda RBX: 00007ff5fe015fa0 RCX: 00007ff5fdd9c819 [ 78.136398][ T6873] RDX: 0000000000000318 RSI: 0000200000007700 RDI: 0000000000000003 [ 78.136407][ T6873] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 78.136414][ T6873] R10: 0000000000000fc0 R11: 0000000000000246 R12: 0000000000000002 [ 78.136422][ T6873] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 78.136443][ T6873] [ 78.148080][ T6875] mkiss: ax0: crc mode is auto. [ 78.201414][ T40] audit: type=1400 audit(1776687951.128:312): avc: denied { map_create } for pid=6880 comm="syz.1.321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 78.218301][ T6881] FAULT_INJECTION: forcing a failure. [ 78.218301][ T6881] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.223854][ T40] audit: type=1400 audit(1776687951.128:313): avc: denied { map_read map_write } for pid=6880 comm="syz.1.321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 78.227078][ T6881] CPU: 1 UID: 0 PID: 6881 Comm: syz.3.322 Not tainted syzkaller #0 PREEMPT(full) [ 78.227093][ T6881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 78.227100][ T6881] Call Trace: [ 78.227103][ T6881] [ 78.227108][ T6881] dump_stack_lvl+0x100/0x190 [ 78.227127][ T6881] should_fail_ex.cold+0x5/0xa [ 78.227143][ T6881] _copy_from_user+0x2e/0xd0 [ 78.227158][ T6881] input_event_from_user+0x123/0x310 [ 78.227237][ T6881] ? __pfx_input_event_from_user+0x10/0x10 [ 78.227254][ T6881] ? __pfx___might_resched+0x10/0x10 [ 78.227276][ T6881] ? input_inject_event+0x1a6/0x390 [ 78.227295][ T6881] evdev_write+0x342/0x610 [ 78.227314][ T6881] ? __pfx_evdev_write+0x10/0x10 [ 78.227331][ T6881] ? bpf_lsm_file_permission+0x9/0x10 [ 78.227348][ T6881] ? security_file_permission+0x76/0x210 [ 78.227426][ T6881] ? rw_verify_area+0xce/0x6d0 [ 78.227445][ T6881] vfs_write+0x2aa/0x1070 [ 78.227456][ T6881] ? __pfx_evdev_write+0x10/0x10 [ 78.227473][ T6881] ? __pfx_vfs_write+0x10/0x10 [ 78.227483][ T6881] ? find_held_lock+0x2b/0x80 [ 78.227493][ T6881] ? __fget_files+0x215/0x3d0 [ 78.227505][ T6881] ? __fget_files+0x215/0x3d0 [ 78.227520][ T6881] ? __fget_files+0x21f/0x3d0 [ 78.227536][ T6881] ksys_write+0x1f8/0x250 [ 78.227546][ T6881] ? __pfx_ksys_write+0x10/0x10 [ 78.227558][ T6881] ? rcu_is_watching+0x12/0xc0 [ 78.227577][ T6881] do_syscall_64+0x10b/0xf80 [ 78.227589][ T6881] ? clear_bhb_loop+0x40/0x90 [ 78.227602][ T6881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.227614][ T6881] RIP: 0033:0x7fbde2d9c819 [ 78.227624][ T6881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 78.227635][ T6881] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 78.227646][ T6881] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 78.227653][ T6881] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 78.227659][ T6881] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 78.227665][ T6881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 78.227671][ T6881] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 78.227684][ T6881] [ 78.314051][ T40] audit: type=1400 audit(1776687951.128:314): avc: denied { write } for pid=6879 comm="syz.3.322" name="event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 78.321648][ T40] audit: type=1400 audit(1776687951.128:315): avc: denied { open } for pid=6879 comm="syz.3.322" path="/dev/input/event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 78.386495][ T6891] overlayfs: failed to decode file handle (len=10, type=78, flags=0, err=-22) [ 78.389567][ T6885] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=106 sclass=netlink_tcpdiag_socket pid=6885 comm=syz.3.323 [ 78.390633][ T6891] FAULT_INJECTION: forcing a failure. [ 78.390633][ T6891] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.399757][ T6891] CPU: 3 UID: 0 PID: 6891 Comm: syz.1.325 Not tainted syzkaller #0 PREEMPT(full) [ 78.399781][ T6891] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 78.399806][ T6891] Call Trace: [ 78.399813][ T6891] [ 78.399821][ T6891] dump_stack_lvl+0x100/0x190 [ 78.399851][ T6891] should_fail_ex.cold+0x5/0xa [ 78.399879][ T6891] _copy_to_user+0x32/0xd0 [ 78.399904][ T6891] simple_read_from_buffer+0xcb/0x170 [ 78.399928][ T6891] proc_fail_nth_read+0x1af/0x230 [ 78.399958][ T6891] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 78.399988][ T6891] ? rw_verify_area+0xce/0x6d0 [ 78.400015][ T6891] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 78.400043][ T6891] vfs_read+0x1e4/0xb30 [ 78.400066][ T6891] ? __pfx_vfs_read+0x10/0x10 [ 78.400082][ T6891] ? __fget_files+0x215/0x3d0 [ 78.400108][ T6891] ? __fget_files+0x21f/0x3d0 [ 78.400135][ T6891] ksys_read+0x12a/0x250 [ 78.400152][ T6891] ? __pfx_ksys_read+0x10/0x10 [ 78.400170][ T6891] ? rcu_is_watching+0x12/0xc0 [ 78.400202][ T6891] do_syscall_64+0x10b/0xf80 [ 78.400222][ T6891] ? clear_bhb_loop+0x40/0x90 [ 78.400243][ T6891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.400261][ T6891] RIP: 0033:0x7ff5fdd5d04e [ 78.400283][ T6891] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 78.400298][ T6891] RSP: 002b:00007ff5febf5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 78.400316][ T6891] RAX: ffffffffffffffda RBX: 00007ff5febf66c0 RCX: 00007ff5fdd5d04e [ 78.400327][ T6891] RDX: 000000000000000f RSI: 00007ff5febf60a0 RDI: 0000000000000004 [ 78.400338][ T6891] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 78.400349][ T6891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.400359][ T6891] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 78.400383][ T6891] [ 78.516068][ T6899] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 78.518433][ T6899] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 78.523171][ T40] audit: type=1400 audit(1776687951.458:316): avc: denied { read write } for pid=6900 comm="syz.1.328" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 78.524914][ T6899] vhci_hcd vhci_hcd.0: Device attached [ 78.541565][ T40] audit: type=1400 audit(1776687951.458:317): avc: denied { open } for pid=6900 comm="syz.1.328" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 78.549015][ T40] audit: type=1400 audit(1776687951.458:318): avc: denied { ioctl } for pid=6900 comm="syz.1.328" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 78.770414][ T6030] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 78.775576][ T6924] usb usb8: usbfs: process 6924 (syz.2.333) did not claim interface 0 before use [ 78.882866][ T6029] usb 37-1: new low-speed USB device number 3 using vhci_hcd [ 78.914475][ T6949] comedi comedi0: comedi_config --init_data is deprecated [ 78.920758][ T6030] usb 5-1: Using ep0 maxpacket: 8 [ 78.927055][ T6030] usb 5-1: config 0 has no interfaces? [ 78.928827][ T6030] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 78.932039][ T6030] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.937936][ T6030] usb 5-1: config 0 descriptor?? [ 78.942227][ T6951] netlink: 'syz.1.342': attribute type 29 has an invalid length. [ 78.945487][ T6951] netlink: 'syz.1.342': attribute type 29 has an invalid length. [ 78.960237][ T6953] af_packet: tpacket_rcv: packet too big, clamped from 39 to 4294967272. macoff=96 [ 78.988541][ T6956] openvswitch: netlink: Key type 16156 is out of range max 32 [ 78.995546][ T6957] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(19) [ 78.998122][ T6957] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 79.001374][ T6957] vhci_hcd vhci_hcd.0: Device attached [ 79.107127][ T6966] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37897 sclass=netlink_route_socket pid=6966 comm=syz.2.347 [ 79.119928][ T6011] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 79.146092][ T6903] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2 [ 79.148561][ T6030] usb 5-1: string descriptor 0 read error: -71 [ 79.152327][ T59] vhci_hcd vhci_hcd.0: stop threads [ 79.154279][ T59] vhci_hcd vhci_hcd.0: release socket [ 79.155767][ T6030] usb 5-1: USB disconnect, device number 3 [ 79.156616][ T59] vhci_hcd vhci_hcd.0: disconnect device [ 79.162235][ T6958] vhci_hcd: connection closed [ 79.162571][ T59] vhci_hcd vhci_hcd.1: stop threads [ 79.166870][ T59] vhci_hcd vhci_hcd.1: release socket [ 79.173962][ T59] vhci_hcd vhci_hcd.1: disconnect device [ 79.190545][ T842] vhci_hcd vhci_hcd.1: vhci_device speed not set [ 79.269932][ T6011] usb 8-1: Using ep0 maxpacket: 16 [ 79.272958][ T6011] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 79.278492][ T6011] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 79.282497][ T6011] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.285939][ T6011] usb 8-1: Product: syz [ 79.287683][ T6011] usb 8-1: Manufacturer: syz [ 79.289173][ T6011] usb 8-1: SerialNumber: syz [ 79.297100][ T6011] usb 8-1: config 0 descriptor?? [ 79.304272][ T6011] hub 8-1:0.0: bad descriptor, ignoring hub [ 79.306569][ T6011] hub 8-1:0.0: probe with driver hub failed with error -5 [ 79.315005][ T6011] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input5 [ 79.439256][ T6978] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2064 sclass=netlink_route_socket pid=6978 comm=syz.1.352 [ 79.445983][ T6979] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2064 sclass=netlink_route_socket pid=6979 comm=syz.1.352 [ 79.673667][ T6992] syz_tun: entered allmulticast mode [ 79.879222][ T7001] xt_hashlimit: size too large, truncated to 1048576 [ 79.961503][ T7005] FAULT_INJECTION: forcing a failure. [ 79.961503][ T7005] name failslab, interval 1, probability 0, space 0, times 0 [ 79.961533][ T7005] CPU: 0 UID: 0 PID: 7005 Comm: syz.2.362 Not tainted syzkaller #0 PREEMPT(full) [ 79.961551][ T7005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 79.961560][ T7005] Call Trace: [ 79.961566][ T7005] [ 79.961572][ T7005] dump_stack_lvl+0x100/0x190 [ 79.961602][ T7005] should_fail_ex.cold+0x5/0xa [ 79.961625][ T7005] should_failslab+0xc2/0x120 [ 79.961642][ T7005] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 79.961667][ T7005] ? skb_clone+0x190/0x400 [ 79.961687][ T7005] skb_clone+0x190/0x400 [ 79.961699][ T7005] netlink_deliver_tap+0xaed/0xcc0 [ 79.961813][ T7005] netlink_unicast+0x6a5/0x850 [ 79.961830][ T7005] ? __pfx_netlink_unicast+0x10/0x10 [ 79.961849][ T7005] netlink_ack+0x655/0xb80 [ 79.961867][ T7005] netlink_rcv_skb+0x333/0x420 [ 79.961882][ T7005] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 79.961896][ T7005] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 79.961917][ T7005] ? ns_capable+0xd2/0xf0 [ 79.961934][ T7005] nfnetlink_rcv+0x1b3/0x440 [ 79.961945][ T7005] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 79.961956][ T7005] ? netlink_deliver_tap+0x1ae/0xcc0 [ 79.961972][ T7005] netlink_unicast+0x585/0x850 [ 79.961989][ T7005] ? __pfx_netlink_unicast+0x10/0x10 [ 79.962012][ T7005] netlink_sendmsg+0x8b0/0xda0 [ 79.962029][ T7005] ? __pfx_netlink_sendmsg+0x10/0x10 [ 79.962044][ T7005] ? __might_fault+0x90/0x140 [ 79.962064][ T7005] ____sys_sendmsg+0x9e1/0xb70 [ 79.962080][ T7005] ? __pfx_netlink_sendmsg+0x10/0x10 [ 79.962095][ T7005] ? __pfx_____sys_sendmsg+0x10/0x10 [ 79.962116][ T7005] ___sys_sendmsg+0x190/0x1e0 [ 79.962133][ T7005] ? __pfx____sys_sendmsg+0x10/0x10 [ 79.962164][ T7005] __sys_sendmsg+0x170/0x220 [ 79.962176][ T7005] ? __pfx___sys_sendmsg+0x10/0x10 [ 79.962193][ T7005] ? rcu_is_watching+0x12/0xc0 [ 79.962212][ T7005] do_syscall_64+0x10b/0xf80 [ 79.962224][ T7005] ? clear_bhb_loop+0x40/0x90 [ 79.962237][ T7005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.962249][ T7005] RIP: 0033:0x7fa32ab9c819 [ 79.962260][ T7005] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 79.962271][ T7005] RSP: 002b:00007fa32bb15028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 79.962282][ T7005] RAX: ffffffffffffffda RBX: 00007fa32ae15fa0 RCX: 00007fa32ab9c819 [ 79.962289][ T7005] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 79.962295][ T7005] RBP: 00007fa32bb15090 R08: 0000000000000000 R09: 0000000000000000 [ 79.962301][ T7005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 79.962307][ T7005] R13: 00007fa32ae16038 R14: 00007fa32ae15fa0 R15: 00007ffd652ef618 [ 79.962320][ T7005] [ 80.012143][ T7009] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 80.128822][ T7014] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 80.130894][ T7014] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 80.135166][ T7014] vhci_hcd vhci_hcd.0: Device attached [ 80.150967][ T5305] Bluetooth: hci0: command tx timeout [ 80.389944][ T6011] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 80.500784][ T7041] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 80.542015][ T7047] sg_write: data in/out 808464396/14 bytes for SCSI command 0x2-- guessing data in; [ 80.542015][ T7047] program syz.1.378 not setting count and/or reply_len properly [ 80.549863][ T6011] usb 5-1: Using ep0 maxpacket: 8 [ 80.552829][ T6011] usb 5-1: config 0 has no interfaces? [ 80.554577][ T6011] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 80.557671][ T6011] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.563612][ T6011] usb 5-1: config 0 descriptor?? [ 80.600248][ T7040] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 80.768615][ T7016] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2 [ 80.771651][ T6011] usb 5-1: string descriptor 0 read error: -71 [ 80.772712][ T6011] usb 5-1: USB disconnect, device number 4 [ 80.776844][ T1161] vhci_hcd vhci_hcd.0: stop threads [ 80.779026][ T1161] vhci_hcd vhci_hcd.0: release socket [ 80.780903][ T1161] vhci_hcd vhci_hcd.0: disconnect device [ 81.205397][ T7054] __nla_validate_parse: 14 callbacks suppressed [ 81.205412][ T7054] netlink: 4376 bytes leftover after parsing attributes in process `syz.2.381'. [ 81.211025][ T7054] netlink: 4376 bytes leftover after parsing attributes in process `syz.2.381'. [ 81.242572][ T7056] overlayfs: failed to decode file handle (len=10, type=248, flags=0, err=-22) [ 81.246551][ T7058] netlink: 28 bytes leftover after parsing attributes in process `syz.2.383'. [ 81.403285][ T7070] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.483072][ T7070] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.550900][ T7070] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.623287][ T7070] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.724768][ T46] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.733723][ T46] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.744953][ T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.755133][ T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.987738][ T7085] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10) [ 81.989844][ T7085] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 81.993368][ T7085] vhci_hcd vhci_hcd.0: Device attached [ 81.996616][ T7086] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0 [ 82.000700][ T12] vhci_hcd vhci_hcd.1: stop threads [ 82.002438][ T12] vhci_hcd vhci_hcd.1: release socket [ 82.004232][ T12] vhci_hcd vhci_hcd.1: disconnect device [ 82.303829][ T7100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2584 sclass=netlink_route_socket pid=7100 comm=syz.2.400 [ 82.308915][ T7100] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2571 sclass=netlink_route_socket pid=7100 comm=syz.2.400 [ 82.316552][ T7100] netlink: 'syz.2.400': attribute type 1 has an invalid length. [ 82.330999][ T7100] bond2: entered promiscuous mode [ 82.332863][ T7100] bond2: entered allmulticast mode [ 82.334861][ T7100] 8021q: adding VLAN 0 to HW filter on device bond2 [ 82.344291][ T7100] erspan1: entered allmulticast mode [ 82.350431][ T7100] bond2: (slave erspan1): making interface the new active one [ 82.352888][ T7100] erspan1: entered promiscuous mode [ 82.355889][ T7100] bond2: (slave erspan1): Enslaving as an active interface with an up link [ 82.529922][ T7112] netlink: 8 bytes leftover after parsing attributes in process `syz.0.404'. [ 82.544662][ T7116] netlink: 28 bytes leftover after parsing attributes in process `syz.2.406'. [ 82.547695][ T7116] netlink: 28 bytes leftover after parsing attributes in process `syz.2.406'. [ 82.570943][ T7122] FAULT_INJECTION: forcing a failure. [ 82.570943][ T7122] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.570966][ T7122] CPU: 0 UID: 0 PID: 7122 Comm: syz.0.407 Not tainted syzkaller #0 PREEMPT(full) [ 82.570979][ T7122] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 82.570986][ T7122] Call Trace: [ 82.570990][ T7122] [ 82.570994][ T7122] dump_stack_lvl+0x100/0x190 [ 82.571014][ T7122] should_fail_ex.cold+0x5/0xa [ 82.571030][ T7122] _copy_from_user+0x2e/0xd0 [ 82.571045][ T7122] move_addr_to_kernel+0x65/0x170 [ 82.571069][ T7122] __sys_bind+0x11d/0x260 [ 82.571086][ T7122] ? __pfx___sys_bind+0x10/0x10 [ 82.571103][ T7122] ? __fget_files+0x21f/0x3d0 [ 82.571129][ T7122] ? __pfx_ksys_write+0x10/0x10 [ 82.571151][ T7122] __x64_sys_bind+0x72/0xb0 [ 82.571172][ T7122] ? lockdep_hardirqs_on+0x78/0x100 [ 82.571198][ T7122] do_syscall_64+0x10b/0xf80 [ 82.571212][ T7122] ? clear_bhb_loop+0x40/0x90 [ 82.571228][ T7122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.571240][ T7122] RIP: 0033:0x7ffb3699c819 [ 82.571249][ T7122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 82.571260][ T7122] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 82.571271][ T7122] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 82.571278][ T7122] RDX: 0000000000000020 RSI: 0000200000000000 RDI: 0000000000000005 [ 82.571285][ T7122] RBP: 00007ffb3777e090 R08: 0000000000000000 R09: 0000000000000000 [ 82.571291][ T7122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.571297][ T7122] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 82.571310][ T7122] [ 82.650440][ T7116] netlink: 28 bytes leftover after parsing attributes in process `syz.2.406'. [ 82.659432][ T7116] netlink: 28 bytes leftover after parsing attributes in process `syz.2.406'. [ 82.664032][ T7116] netlink: 28 bytes leftover after parsing attributes in process `syz.2.406'. [ 82.667318][ T7116] netlink: 28 bytes leftover after parsing attributes in process `syz.2.406'. [ 82.774584][ T7138] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 82.776777][ T7138] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 82.779596][ T7138] vhci_hcd vhci_hcd.0: Device attached [ 82.783223][ T7139] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0 [ 82.786993][ T1161] vhci_hcd vhci_hcd.2: stop threads [ 82.788748][ T1161] vhci_hcd vhci_hcd.2: release socket [ 82.792581][ T1161] vhci_hcd vhci_hcd.2: disconnect device [ 82.841104][ T7145] kvm: pic: single mode not supported [ 82.857142][ T7151] overlayfs: failed to decode file handle (len=10, type=251, flags=0, err=-22) [ 82.926493][ T53] usb 8-1: USB disconnect, device number 2 [ 83.012112][ T40] kauditd_printk_skb: 22 callbacks suppressed [ 83.012125][ T40] audit: type=1400 audit(1776687955.948:341): avc: denied { create } for pid=7163 comm="syz.1.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 83.020555][ T40] audit: type=1400 audit(1776687955.958:342): avc: denied { connect } for pid=7163 comm="syz.1.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 83.026467][ T40] audit: type=1400 audit(1776687955.958:343): avc: denied { setopt } for pid=7163 comm="syz.1.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 83.066338][ T7168] bond1: (slave bond_slave_1): Device is not our slave [ 83.068638][ T7168] bond1: option active_slave: invalid value (bond_slave_1) [ 83.079741][ T7168] bond1 (unregistering): Released all slaves [ 83.105141][ T7171] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7171 comm=syz.1.427 [ 83.179587][ T7175] capability: warning: `syz.1.429' uses deprecated v2 capabilities in a way that may be insecure [ 83.278500][ T7189] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 83.296315][ T7188] netlink: 'syz.1.434': attribute type 5 has an invalid length. [ 83.372682][ T40] audit: type=1400 audit(1776687956.298:344): avc: denied { create } for pid=7198 comm="syz.1.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 83.393910][ T7204] FAULT_INJECTION: forcing a failure. [ 83.393910][ T7204] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.398999][ T7204] CPU: 3 UID: 0 PID: 7204 Comm: syz.0.441 Not tainted syzkaller #0 PREEMPT(full) [ 83.399021][ T7204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 83.399030][ T7204] Call Trace: [ 83.399035][ T7204] [ 83.399041][ T7204] dump_stack_lvl+0x100/0x190 [ 83.399069][ T7204] should_fail_ex.cold+0x5/0xa [ 83.399093][ T7204] _copy_from_user+0x2e/0xd0 [ 83.399114][ T7204] copy_msghdr_from_user+0x9f/0x4f0 [ 83.399137][ T7204] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 83.399163][ T7204] ? rcu_is_watching+0x12/0xc0 [ 83.399187][ T7204] ? ___sys_recvmsg+0x177/0x1a0 [ 83.399207][ T7204] ? kfree+0x1dd/0x6c0 [ 83.399229][ T7204] ___sys_recvmsg+0xdd/0x1a0 [ 83.399251][ T7204] ? __pfx____sys_recvmsg+0x10/0x10 [ 83.399290][ T7204] ? __pfx___might_resched+0x10/0x10 [ 83.399316][ T7204] do_recvmmsg+0x301/0x760 [ 83.399338][ T7204] ? __pfx_do_recvmmsg+0x10/0x10 [ 83.399359][ T7204] ? ksys_write+0x190/0x250 [ 83.399380][ T7204] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 83.399397][ T7204] ? kernel_write+0x5e3/0x6c0 [ 83.399418][ T7204] ? __fget_files+0x21f/0x3d0 [ 83.399438][ T7204] __x64_sys_recvmmsg+0x22a/0x280 [ 83.399458][ T7204] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 83.399478][ T7204] ? rcu_is_watching+0x12/0xc0 [ 83.399503][ T7204] do_syscall_64+0x10b/0xf80 [ 83.399518][ T7204] ? clear_bhb_loop+0x40/0x90 [ 83.399535][ T7204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.399552][ T7204] RIP: 0033:0x7ffb3699c819 [ 83.399566][ T7204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 83.399581][ T7204] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 83.399598][ T7204] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 83.399608][ T7204] RDX: 0000000000000318 RSI: 0000200000007700 RDI: 0000000000000003 [ 83.399617][ T7204] RBP: 00007ffb3777e090 R08: 0000000000000000 R09: 0000000000000000 [ 83.399624][ T7204] R10: 0000000000000fc0 R11: 0000000000000246 R12: 0000000000000002 [ 83.399632][ T7204] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 83.399653][ T7204] [ 83.423105][ T7207] FAULT_INJECTION: forcing a failure. [ 83.423105][ T7207] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.460293][ T7208] Invalid ELF header type: 0 != 1 [ 83.461184][ T7207] CPU: 2 UID: 0 PID: 7207 Comm: syz.2.442 Not tainted syzkaller #0 PREEMPT(full) [ 83.461200][ T7207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 83.461206][ T7207] Call Trace: [ 83.461211][ T7207] [ 83.461215][ T7207] dump_stack_lvl+0x100/0x190 [ 83.461236][ T7207] should_fail_ex.cold+0x5/0xa [ 83.461252][ T7207] _copy_from_user+0x2e/0xd0 [ 83.461268][ T7207] input_event_from_user+0x123/0x310 [ 83.461287][ T7207] ? __pfx_input_event_from_user+0x10/0x10 [ 83.461305][ T7207] ? __pfx___might_resched+0x10/0x10 [ 83.461321][ T7207] ? input_inject_event+0x1a6/0x390 [ 83.461339][ T7207] evdev_write+0x342/0x610 [ 83.461359][ T7207] ? __pfx_evdev_write+0x10/0x10 [ 83.461376][ T7207] ? bpf_lsm_file_permission+0x9/0x10 [ 83.461393][ T7207] ? security_file_permission+0x76/0x210 [ 83.461407][ T7207] ? rw_verify_area+0xce/0x6d0 [ 83.461425][ T7207] vfs_write+0x2aa/0x1070 [ 83.461437][ T7207] ? __pfx_evdev_write+0x10/0x10 [ 83.461455][ T7207] ? __pfx_vfs_write+0x10/0x10 [ 83.461464][ T7207] ? find_held_lock+0x2b/0x80 [ 83.461474][ T7207] ? __fget_files+0x215/0x3d0 [ 83.461486][ T7207] ? __fget_files+0x215/0x3d0 [ 83.461501][ T7207] ? __fget_files+0x21f/0x3d0 [ 83.461517][ T7207] ksys_write+0x1f8/0x250 [ 83.461528][ T7207] ? __pfx_ksys_write+0x10/0x10 [ 83.461545][ T7207] ? rcu_is_watching+0x12/0xc0 [ 83.461570][ T7207] do_syscall_64+0x10b/0xf80 [ 83.461589][ T7207] ? clear_bhb_loop+0x40/0x90 [ 83.461611][ T7207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.461628][ T7207] RIP: 0033:0x7fa32ab9c819 [ 83.461644][ T7207] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 83.461661][ T7207] RSP: 002b:00007fa32bb15028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 83.461681][ T7207] RAX: ffffffffffffffda RBX: 00007fa32ae15fa0 RCX: 00007fa32ab9c819 [ 83.461691][ T7207] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 83.461700][ T7207] RBP: 00007fa32bb15090 R08: 0000000000000000 R09: 0000000000000000 [ 83.461707][ T7207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 83.461714][ T7207] R13: 00007fa32ae16038 R14: 00007fa32ae15fa0 R15: 00007ffd652ef618 [ 83.461728][ T7207] [ 83.461899][ T40] audit: type=1400 audit(1776687956.398:345): avc: denied { module_load } for pid=7198 comm="syz.1.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1 [ 83.568601][ T40] audit: type=1400 audit(1776687956.398:346): avc: denied { append } for pid=7209 comm="syz.0.443" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 83.623850][ T7214] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 83.624588][ T40] audit: type=1400 audit(1776687956.558:347): avc: denied { write } for pid=7209 comm="syz.0.443" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 83.626253][ T7214] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 83.627279][ T7214] vhci_hcd vhci_hcd.0: Device attached [ 83.638382][ T7211] nfs: Unknown parameter 'ÿÿÿÿÿÿÿÿ00000000000000000279' [ 83.644593][ T7215] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0 [ 83.648861][ T1161] vhci_hcd vhci_hcd.2: stop threads [ 83.651477][ T1161] vhci_hcd vhci_hcd.2: release socket [ 83.653864][ T1161] vhci_hcd vhci_hcd.2: disconnect device [ 83.733334][ T7223] FAULT_INJECTION: forcing a failure. [ 83.733334][ T7223] name failslab, interval 1, probability 0, space 0, times 0 [ 83.737426][ T7223] CPU: 3 UID: 0 PID: 7223 Comm: syz.3.447 Not tainted syzkaller #0 PREEMPT(full) [ 83.737442][ T7223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 83.737449][ T7223] Call Trace: [ 83.737454][ T7223] [ 83.737459][ T7223] dump_stack_lvl+0x100/0x190 [ 83.737479][ T7223] should_fail_ex.cold+0x5/0xa [ 83.737496][ T7223] should_failslab+0xc2/0x120 [ 83.737508][ T7223] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 83.737526][ T7223] ? __alloc_skb+0x140/0x710 [ 83.737537][ T7223] ? __alloc_skb+0x5b7/0x710 [ 83.737549][ T7223] __alloc_skb+0x140/0x710 [ 83.737559][ T7223] ? __alloc_skb+0x5b7/0x710 [ 83.737569][ T7223] ? __pfx___alloc_skb+0x10/0x10 [ 83.737583][ T7223] netlink_alloc_large_skb+0x69/0x150 [ 83.737601][ T7223] netlink_sendmsg+0x680/0xda0 [ 83.737618][ T7223] ? __pfx_netlink_sendmsg+0x10/0x10 [ 83.737632][ T7223] ? __might_fault+0x90/0x140 [ 83.737652][ T7223] ____sys_sendmsg+0x9e1/0xb70 [ 83.737667][ T7223] ? __pfx_netlink_sendmsg+0x10/0x10 [ 83.737683][ T7223] ? __pfx_____sys_sendmsg+0x10/0x10 [ 83.737703][ T7223] ___sys_sendmsg+0x190/0x1e0 [ 83.737720][ T7223] ? __pfx____sys_sendmsg+0x10/0x10 [ 83.737750][ T7223] __sys_sendmsg+0x170/0x220 [ 83.737762][ T7223] ? __pfx___sys_sendmsg+0x10/0x10 [ 83.737779][ T7223] ? rcu_is_watching+0x12/0xc0 [ 83.737798][ T7223] do_syscall_64+0x10b/0xf80 [ 83.737810][ T7223] ? clear_bhb_loop+0x40/0x90 [ 83.737824][ T7223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.737835][ T7223] RIP: 0033:0x7fbde2d9c819 [ 83.737845][ T7223] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 83.737857][ T7223] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 83.737868][ T7223] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 83.737875][ T7223] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003 [ 83.737881][ T7223] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 83.737888][ T7223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.737894][ T7223] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 83.737907][ T7223] [ 83.991136][ T6029] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 84.040987][ T40] audit: type=1400 audit(1776687956.978:348): avc: denied { map } for pid=7228 comm="syz.3.450" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=16193 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 84.049021][ T40] audit: type=1400 audit(1776687956.978:349): avc: denied { read write } for pid=7228 comm="syz.3.450" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=16193 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 84.060073][ T40] audit: type=1400 audit(1776687956.978:350): avc: denied { ioctl } for pid=7228 comm="syz.3.450" path="socket:[16979]" dev="sockfs" ino=16979 ioctlcmd=0x8b32 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 84.316948][ T7248] FAULT_INJECTION: forcing a failure. [ 84.316948][ T7248] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.322068][ T7248] CPU: 3 UID: 0 PID: 7248 Comm: syz.2.457 Not tainted syzkaller #0 PREEMPT(full) [ 84.322084][ T7248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 84.322090][ T7248] Call Trace: [ 84.322095][ T7248] [ 84.322099][ T7248] dump_stack_lvl+0x100/0x190 [ 84.322118][ T7248] should_fail_ex.cold+0x5/0xa [ 84.322135][ T7248] _copy_to_user+0x32/0xd0 [ 84.322150][ T7248] simple_read_from_buffer+0xcb/0x170 [ 84.322165][ T7248] proc_fail_nth_read+0x1af/0x230 [ 84.322185][ T7248] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 84.322204][ T7248] ? rw_verify_area+0xce/0x6d0 [ 84.322222][ T7248] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 84.322240][ T7248] vfs_read+0x1e4/0xb30 [ 84.322253][ T7248] ? __pfx_vfs_read+0x10/0x10 [ 84.322267][ T7248] ? __fget_files+0x215/0x3d0 [ 84.322284][ T7248] ? __fget_files+0x21f/0x3d0 [ 84.322300][ T7248] ksys_read+0x12a/0x250 [ 84.322310][ T7248] ? __pfx_ksys_read+0x10/0x10 [ 84.322322][ T7248] ? rcu_is_watching+0x12/0xc0 [ 84.322341][ T7248] do_syscall_64+0x10b/0xf80 [ 84.322353][ T7248] ? clear_bhb_loop+0x40/0x90 [ 84.322366][ T7248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.322377][ T7248] RIP: 0033:0x7fa32ab5d04e [ 84.322387][ T7248] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 84.322398][ T7248] RSP: 002b:00007fa32bb14fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 84.322410][ T7248] RAX: ffffffffffffffda RBX: 00007fa32bb156c0 RCX: 00007fa32ab5d04e [ 84.322416][ T7248] RDX: 000000000000000f RSI: 00007fa32bb150a0 RDI: 0000000000000006 [ 84.322423][ T7248] RBP: 00007fa32bb15090 R08: 0000000000000000 R09: 0000000000000000 [ 84.322429][ T7248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.322435][ T7248] R13: 00007fa32ae16038 R14: 00007fa32ae15fa0 R15: 00007ffd652ef618 [ 84.322449][ T7248] [ 84.396492][ T7257] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=7257 comm=syz.1.458 [ 84.498591][ T7269] tmpfs: Bad value for 'mpol' [ 84.530297][ T7273] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10) [ 84.532470][ T7273] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 84.535456][ T7273] vhci_hcd vhci_hcd.0: Device attached [ 84.770165][ T842] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 84.779920][ T1039] usb 39-1: new low-speed USB device number 3 using vhci_hcd [ 84.895947][ T7291] overlayfs: failed to decode file handle (len=10, type=65535, flags=0, err=-22) [ 84.910570][ T842] usb 6-1: device descriptor read/64, error -71 [ 85.108931][ T7317] bond1: (slave bond_slave_1): Device is not our slave [ 85.111398][ T7317] bond1: option active_slave: invalid value (bond_slave_1) [ 85.115116][ T7317] bond1 (unregistering): Released all slaves [ 85.165340][ T7322] ªªªªª6: renamed from wg2 (while UP) [ 85.170025][ T842] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 85.291950][ T7335] tipc: Enabling of bearer rejected, already enabled [ 85.299978][ T842] usb 6-1: device descriptor read/64, error -71 [ 85.303314][ T7337] FAULT_INJECTION: forcing a failure. [ 85.303314][ T7337] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 85.307925][ T7337] CPU: 3 UID: 0 PID: 7337 Comm: syz.0.488 Not tainted syzkaller #0 PREEMPT(full) [ 85.307949][ T7337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 85.307959][ T7337] Call Trace: [ 85.307965][ T7337] [ 85.307972][ T7337] dump_stack_lvl+0x100/0x190 [ 85.307999][ T7337] should_fail_ex.cold+0x5/0xa [ 85.308022][ T7337] _copy_from_user+0x2e/0xd0 [ 85.308039][ T7337] copy_msghdr_from_user+0x9f/0x4f0 [ 85.308067][ T7337] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 85.308093][ T7337] ? rcu_is_watching+0x12/0xc0 [ 85.308115][ T7337] ? ___sys_recvmsg+0x177/0x1a0 [ 85.308132][ T7337] ? kfree+0x1dd/0x6c0 [ 85.308156][ T7337] ___sys_recvmsg+0xdd/0x1a0 [ 85.308178][ T7337] ? __pfx____sys_recvmsg+0x10/0x10 [ 85.308206][ T7337] ? __pfx___might_resched+0x10/0x10 [ 85.308233][ T7337] do_recvmmsg+0x301/0x760 [ 85.308258][ T7337] ? __pfx_do_recvmmsg+0x10/0x10 [ 85.308278][ T7337] ? ksys_write+0x190/0x250 [ 85.308294][ T7337] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 85.308312][ T7337] ? kernel_write+0x5e3/0x6c0 [ 85.308334][ T7337] ? __fget_files+0x21f/0x3d0 [ 85.308357][ T7337] __x64_sys_recvmmsg+0x22a/0x280 [ 85.308374][ T7337] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 85.308393][ T7337] ? rcu_is_watching+0x12/0xc0 [ 85.308419][ T7337] do_syscall_64+0x10b/0xf80 [ 85.308432][ T7337] ? clear_bhb_loop+0x40/0x90 [ 85.308452][ T7337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.308464][ T7337] RIP: 0033:0x7ffb3699c819 [ 85.308480][ T7337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 85.308495][ T7337] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 85.308512][ T7337] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 85.308522][ T7337] RDX: 0000000000000318 RSI: 0000200000007700 RDI: 0000000000000003 [ 85.308545][ T7337] RBP: 00007ffb3777e090 R08: 0000000000000000 R09: 0000000000000000 [ 85.308554][ T7337] R10: 0000000000000fc0 R11: 0000000000000246 R12: 0000000000000002 [ 85.308563][ T7337] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 85.308585][ T7337] [ 85.408956][ T7343] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 85.412920][ T842] usb usb6-port1: attempt power cycle [ 85.481758][ T7351] snd_dummy snd_dummy.0: control 0:7:3:syz0:7 is already present [ 85.487916][ T7351] netlink: 'syz.2.493': attribute type 3 has an invalid length. [ 85.519276][ T7355] netlink: 'syz.2.495': attribute type 29 has an invalid length. [ 85.522779][ T7355] netlink: 'syz.2.495': attribute type 29 has an invalid length. [ 85.600863][ T7363] team0: Port device vlan2 added [ 85.762330][ T842] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 85.770287][ T7374] delete_channel: no stack [ 85.782743][ T842] usb 6-1: device descriptor read/8, error -71 [ 85.788508][ T7380] bridge0: port 3(vlan2) entered blocking state [ 85.790710][ T7380] bridge0: port 3(vlan2) entered disabled state [ 85.792758][ T7380] vlan2: entered allmulticast mode [ 85.795174][ T7380] geneve0: entered allmulticast mode [ 85.798244][ T7380] vlan2: entered promiscuous mode [ 85.800007][ T7380] geneve0: entered promiscuous mode [ 86.030572][ T842] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 86.061210][ T842] usb 6-1: device descriptor read/8, error -71 [ 86.166339][ T7422] vcan0: entered promiscuous mode [ 86.168045][ T7422] vcan0: entered allmulticast mode [ 86.182017][ T842] usb usb6-port1: unable to enumerate USB device [ 86.579271][ T7438] netlink: 'syz.3.526': attribute type 63 has an invalid length. [ 86.579997][ T7439] netlink: 'syz.3.526': attribute type 63 has an invalid length. [ 86.582998][ T7438] __nla_validate_parse: 90 callbacks suppressed [ 86.583012][ T7438] netlink: 5 bytes leftover after parsing attributes in process `syz.3.526'. [ 86.586126][ T7439] netlink: 5 bytes leftover after parsing attributes in process `syz.3.526'. [ 86.586159][ T7439] gretap0: entered allmulticast mode [ 86.586617][ T7439] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 86.815986][ T7445] netlink: 4376 bytes leftover after parsing attributes in process `syz.3.529'. [ 86.819330][ T7445] netlink: 4376 bytes leftover after parsing attributes in process `syz.3.529'. [ 87.033971][ T7458] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(16) [ 87.036142][ T7458] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 87.038692][ T7458] vhci_hcd vhci_hcd.0: Device attached [ 87.044226][ T7458] netlink: 40 bytes leftover after parsing attributes in process `syz.2.535'. [ 87.047777][ T7458] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7458 comm=syz.2.535 [ 87.066506][ T7456] kvm: MONITOR instruction emulated as NOP! [ 87.067672][ T7459] vhci_hcd: connection closed [ 87.071028][ T59] vhci_hcd vhci_hcd.2: stop threads [ 87.075528][ T59] vhci_hcd vhci_hcd.2: release socket [ 87.078443][ T59] vhci_hcd vhci_hcd.2: disconnect device [ 87.366029][ T7468] tipc: New replicast peer: 10.1.1.0 [ 87.368043][ T7468] tipc: Enabled bearer , priority 10 [ 87.371431][ T7468] netlink: 20 bytes leftover after parsing attributes in process `syz.3.538'. [ 87.433732][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.539'. [ 87.439083][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.539'. [ 87.443305][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.539'. [ 87.447292][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.539'. [ 87.535691][ T7274] vhci_hcd: connection reset by peer [ 87.538209][ T77] vhci_hcd vhci_hcd.1: stop threads [ 87.542358][ T77] vhci_hcd vhci_hcd.1: release socket [ 87.544380][ T77] vhci_hcd vhci_hcd.1: disconnect device [ 87.558686][ T7483] netlink: 'syz.0.543': attribute type 29 has an invalid length. [ 87.563186][ T7483] netlink: 'syz.0.543': attribute type 29 has an invalid length. [ 87.587743][ T7485] FAULT_INJECTION: forcing a failure. [ 87.587743][ T7485] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.593981][ T7485] CPU: 0 UID: 0 PID: 7485 Comm: syz.3.545 Not tainted syzkaller #0 PREEMPT(full) [ 87.594007][ T7485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 87.594017][ T7485] Call Trace: [ 87.594024][ T7485] [ 87.594031][ T7485] dump_stack_lvl+0x100/0x190 [ 87.594059][ T7485] should_fail_ex.cold+0x5/0xa [ 87.594105][ T7485] _copy_from_iter+0x1f4/0x1690 [ 87.594130][ T7485] ? __asan_memset+0x23/0x50 [ 87.594156][ T7485] ? __pfx__copy_from_iter+0x10/0x10 [ 87.594175][ T7485] ? __pfx___alloc_skb+0x10/0x10 [ 87.594205][ T7485] netlink_sendmsg+0x808/0xda0 [ 87.594234][ T7485] ? __pfx_netlink_sendmsg+0x10/0x10 [ 87.594261][ T7485] ? __might_fault+0x90/0x140 [ 87.594294][ T7485] ____sys_sendmsg+0x9e1/0xb70 [ 87.594317][ T7485] ? __pfx_netlink_sendmsg+0x10/0x10 [ 87.594342][ T7485] ? __pfx_____sys_sendmsg+0x10/0x10 [ 87.594376][ T7485] ___sys_sendmsg+0x190/0x1e0 [ 87.594403][ T7485] ? __pfx____sys_sendmsg+0x10/0x10 [ 87.594455][ T7485] __sys_sendmsg+0x170/0x220 [ 87.594475][ T7485] ? __pfx___sys_sendmsg+0x10/0x10 [ 87.594504][ T7485] ? rcu_is_watching+0x12/0xc0 [ 87.594534][ T7485] do_syscall_64+0x10b/0xf80 [ 87.594552][ T7485] ? clear_bhb_loop+0x40/0x90 [ 87.594573][ T7485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.594590][ T7485] RIP: 0033:0x7fbde2d9c819 [ 87.594606][ T7485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 87.594644][ T7485] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 87.594663][ T7485] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 87.594674][ T7485] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003 [ 87.594683][ T7485] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 87.594693][ T7485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.594701][ T7485] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 87.594723][ T7485] [ 87.705785][ T7491] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.758112][ T7499] FAULT_INJECTION: forcing a failure. [ 87.758112][ T7499] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.766452][ T7499] CPU: 3 UID: 0 PID: 7499 Comm: syz.0.550 Not tainted syzkaller #0 PREEMPT(full) [ 87.766471][ T7499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 87.766477][ T7499] Call Trace: [ 87.766482][ T7499] [ 87.766486][ T7499] dump_stack_lvl+0x100/0x190 [ 87.766507][ T7499] should_fail_ex.cold+0x5/0xa [ 87.766524][ T7499] _copy_from_user+0x2e/0xd0 [ 87.766539][ T7499] input_event_from_user+0x123/0x310 [ 87.766559][ T7499] ? __pfx_input_event_from_user+0x10/0x10 [ 87.766576][ T7499] ? __pfx___might_resched+0x10/0x10 [ 87.766593][ T7499] ? input_inject_event+0x1a6/0x390 [ 87.766611][ T7499] evdev_write+0x342/0x610 [ 87.766661][ T7499] ? __pfx_evdev_write+0x10/0x10 [ 87.766679][ T7499] ? bpf_lsm_file_permission+0x9/0x10 [ 87.766697][ T7499] ? security_file_permission+0x76/0x210 [ 87.766711][ T7499] ? rw_verify_area+0xce/0x6d0 [ 87.766730][ T7499] vfs_write+0x2aa/0x1070 [ 87.766741][ T7499] ? __pfx_evdev_write+0x10/0x10 [ 87.766758][ T7499] ? __pfx_vfs_write+0x10/0x10 [ 87.766769][ T7499] ? lock_release+0x19e/0x310 [ 87.766785][ T7499] ? __fget_files+0x21f/0x3d0 [ 87.766802][ T7499] ksys_write+0x1f8/0x250 [ 87.766813][ T7499] ? __pfx_ksys_write+0x10/0x10 [ 87.766825][ T7499] ? rcu_is_watching+0x12/0xc0 [ 87.766843][ T7499] do_syscall_64+0x10b/0xf80 [ 87.766855][ T7499] ? clear_bhb_loop+0x40/0x90 [ 87.766869][ T7499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.766880][ T7499] RIP: 0033:0x7ffb3699c819 [ 87.766890][ T7499] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 87.766901][ T7499] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 87.766913][ T7499] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 87.766919][ T7499] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 87.766926][ T7499] RBP: 00007ffb3777e090 R08: 0000000000000000 R09: 0000000000000000 [ 87.766932][ T7499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 87.766938][ T7499] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 87.766952][ T7499] [ 87.793620][ T7503] overlayfs: failed to decode file handle (len=10, type=248, flags=0, err=-22) [ 87.851979][ T7506] IPVS: set_ctl: invalid protocol: 47 10.1.1.2:20001 [ 87.900746][ T7491] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.982831][ T7514] overlayfs: failed to decode file handle (len=10, type=78, flags=0, err=-22) [ 87.991174][ T7491] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.028557][ T7519] netlink: 'syz.3.560': attribute type 3 has an invalid length. [ 88.033828][ T7519] netlink: 'syz.3.560': attribute type 3 has an invalid length. [ 88.039553][ T40] kauditd_printk_skb: 141 callbacks suppressed [ 88.039564][ T40] audit: type=1400 audit(1776687960.968:492): avc: denied { watch } for pid=7518 comm="syz.3.560" path="/139" dev="tmpfs" ino=782 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 88.050151][ T40] audit: type=1400 audit(1776687960.988:493): avc: denied { watch_reads } for pid=7518 comm="syz.3.560" path="/139" dev="tmpfs" ino=782 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 88.062525][ T40] audit: type=1400 audit(1776687960.998:494): avc: denied { mount } for pid=7518 comm="syz.3.560" name="/" dev="9p" ino=72876087 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 88.072676][ T40] audit: type=1400 audit(1776687960.998:495): avc: denied { add_name } for pid=7518 comm="syz.3.560" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 88.081010][ T40] audit: type=1400 audit(1776687960.998:496): avc: denied { create } for pid=7518 comm="syz.3.560" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 88.089113][ T40] audit: type=1400 audit(1776687960.998:497): avc: denied { associate } for pid=7518 comm="syz.3.560" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 88.090345][ T7491] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.100501][ T40] audit: type=1400 audit(1776687961.028:498): avc: denied { read write } for pid=7518 comm="syz.3.560" name="file0" dev="9p" ino=72876089 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 88.112087][ T40] audit: type=1400 audit(1776687961.048:499): avc: denied { open } for pid=7518 comm="syz.3.560" path="/139/file0/file0" dev="9p" ino=72876089 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 88.125283][ T40] audit: type=1400 audit(1776687961.058:500): avc: denied { ioctl } for pid=7518 comm="syz.3.560" path="/139/file0/file0" dev="9p" ino=72876089 ioctlcmd=0xae89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 88.149741][ T40] audit: type=1400 audit(1776687961.078:501): avc: denied { unmount } for pid=5945 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 88.224975][ T1161] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.238296][ T7532] FAULT_INJECTION: forcing a failure. [ 88.238296][ T7532] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.239613][ T1161] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.242693][ T7532] CPU: 2 UID: 0 PID: 7532 Comm: syz.2.567 Not tainted syzkaller #0 PREEMPT(full) [ 88.242709][ T7532] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.242716][ T7532] Call Trace: [ 88.242721][ T7532] [ 88.242726][ T7532] dump_stack_lvl+0x100/0x190 [ 88.242744][ T7532] should_fail_ex.cold+0x5/0xa [ 88.242761][ T7532] _copy_from_user+0x2e/0xd0 [ 88.242776][ T7532] __sys_bpf+0x243/0x4b90 [ 88.242796][ T7532] ? __pfx___sys_bpf+0x10/0x10 [ 88.242818][ T7532] ? proc_fail_nth_write+0x9f/0x220 [ 88.242835][ T7532] ? find_held_lock+0x2b/0x80 [ 88.242858][ T7532] ? find_held_lock+0x2b/0x80 [ 88.242874][ T7532] ? ksys_write+0x190/0x250 [ 88.242893][ T7532] ? ksys_write+0x190/0x250 [ 88.242915][ T7532] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 88.242933][ T7532] ? kernel_write+0x5e3/0x6c0 [ 88.242947][ T7532] ? __fget_files+0x215/0x3d0 [ 88.242966][ T7532] ? fput+0x79/0x100 [ 88.242980][ T7532] ? ksys_write+0x1ac/0x250 [ 88.242991][ T7532] ? __pfx_ksys_write+0x10/0x10 [ 88.243004][ T7532] __x64_sys_bpf+0x7b/0xc0 [ 88.243021][ T7532] ? lockdep_hardirqs_on+0x78/0x100 [ 88.243038][ T7532] do_syscall_64+0x10b/0xf80 [ 88.243048][ T7532] ? clear_bhb_loop+0x40/0x90 [ 88.243062][ T7532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.243073][ T7532] RIP: 0033:0x7fa32ab9c819 [ 88.243084][ T7532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.243094][ T7532] RSP: 002b:00007fa32bb15028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 88.243106][ T7532] RAX: ffffffffffffffda RBX: 00007fa32ae15fa0 RCX: 00007fa32ab9c819 [ 88.243113][ T7532] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c [ 88.243119][ T7532] RBP: 00007fa32bb15090 R08: 0000000000000000 R09: 0000000000000000 [ 88.243126][ T7532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.243132][ T7532] R13: 00007fa32ae16038 R14: 00007fa32ae15fa0 R15: 00007ffd652ef618 [ 88.243146][ T7532] [ 88.333973][ T59] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.343899][ T1161] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.426674][ T7546] tipc: Enabling of bearer rejected, already enabled [ 88.477870][ T7550] FAULT_INJECTION: forcing a failure. [ 88.477870][ T7550] name failslab, interval 1, probability 0, space 0, times 0 [ 88.485763][ T7550] CPU: 2 UID: 0 PID: 7550 Comm: syz.3.574 Not tainted syzkaller #0 PREEMPT(full) [ 88.485788][ T7550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.485798][ T7550] Call Trace: [ 88.485805][ T7550] [ 88.485812][ T7550] dump_stack_lvl+0x100/0x190 [ 88.485839][ T7550] should_fail_ex.cold+0x5/0xa [ 88.485864][ T7550] should_failslab+0xc2/0x120 [ 88.485883][ T7550] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 88.485907][ T7550] ? skb_clone+0x190/0x400 [ 88.485932][ T7550] skb_clone+0x190/0x400 [ 88.485949][ T7550] netlink_deliver_tap+0xaed/0xcc0 [ 88.485978][ T7550] netlink_dump+0x909/0xd00 [ 88.486003][ T7550] ? __pfx_netlink_dump+0x10/0x10 [ 88.486023][ T7550] ? kasan_quarantine_put+0x104/0x240 [ 88.486059][ T7550] ? kfree_skbmem+0x19f/0x210 [ 88.486086][ T7550] netlink_recvmsg+0x7dc/0xa90 [ 88.486109][ T7550] ? __pfx_netlink_recvmsg+0x10/0x10 [ 88.486137][ T7550] ? __import_iovec+0x1d2/0x640 [ 88.486162][ T7550] ____sys_recvmsg+0x5b3/0x640 [ 88.486186][ T7550] ? __pfx_netlink_recvmsg+0x10/0x10 [ 88.486217][ T7550] ? __pfx_____sys_recvmsg+0x10/0x10 [ 88.486249][ T7550] ? rcu_is_watching+0x12/0xc0 [ 88.486275][ T7550] ? ___sys_recvmsg+0x177/0x1a0 [ 88.486315][ T7550] ? kfree+0x1dd/0x6c0 [ 88.486341][ T7550] ___sys_recvmsg+0x16a/0x1a0 [ 88.486367][ T7550] ? __pfx____sys_recvmsg+0x10/0x10 [ 88.486406][ T7550] ? __pfx___might_resched+0x10/0x10 [ 88.486436][ T7550] do_recvmmsg+0x301/0x760 [ 88.486464][ T7550] ? __pfx_do_recvmmsg+0x10/0x10 [ 88.486488][ T7550] ? ksys_write+0x190/0x250 [ 88.486511][ T7550] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 88.486530][ T7550] ? kernel_write+0x5e3/0x6c0 [ 88.486553][ T7550] ? __fget_files+0x21f/0x3d0 [ 88.486580][ T7550] __x64_sys_recvmmsg+0x22a/0x280 [ 88.486602][ T7550] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 88.486647][ T7550] ? rcu_is_watching+0x12/0xc0 [ 88.486676][ T7550] do_syscall_64+0x10b/0xf80 [ 88.486692][ T7550] ? clear_bhb_loop+0x40/0x90 [ 88.486714][ T7550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.486732][ T7550] RIP: 0033:0x7fbde2d9c819 [ 88.486748][ T7550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.486765][ T7550] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 88.486784][ T7550] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 88.486795][ T7550] RDX: 0000000000000318 RSI: 0000200000007700 RDI: 0000000000000003 [ 88.486806][ T7550] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 88.486816][ T7550] R10: 0000000000000fc0 R11: 0000000000000246 R12: 0000000000000002 [ 88.486826][ T7550] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 88.486851][ T7550] [ 88.645826][ T7554] netlink: 'syz.1.576': attribute type 3 has an invalid length. [ 88.649924][ T6029] usb 7-1: new low-speed USB device number 6 using dummy_hcd [ 88.684541][ T7556] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7556 comm=syz.1.577 [ 88.691575][ T7556] FAULT_INJECTION: forcing a failure. [ 88.691575][ T7556] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.694801][ T7552] kvm: emulating exchange as write [ 88.697306][ T7556] CPU: 0 UID: 0 PID: 7556 Comm: syz.1.577 Not tainted syzkaller #0 PREEMPT(full) [ 88.697329][ T7556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.697339][ T7556] Call Trace: [ 88.697346][ T7556] [ 88.697353][ T7556] dump_stack_lvl+0x100/0x190 [ 88.697381][ T7556] should_fail_ex.cold+0x5/0xa [ 88.697407][ T7556] _copy_to_user+0x32/0xd0 [ 88.697430][ T7556] simple_read_from_buffer+0xcb/0x170 [ 88.697455][ T7556] proc_fail_nth_read+0x1af/0x230 [ 88.697484][ T7556] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 88.697513][ T7556] ? rw_verify_area+0xce/0x6d0 [ 88.697539][ T7556] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 88.697566][ T7556] vfs_read+0x1e4/0xb30 [ 88.697587][ T7556] ? __pfx_vfs_read+0x10/0x10 [ 88.697603][ T7556] ? __fget_files+0x215/0x3d0 [ 88.697629][ T7556] ? __fget_files+0x21f/0x3d0 [ 88.697656][ T7556] ksys_read+0x12a/0x250 [ 88.697673][ T7556] ? __pfx_ksys_read+0x10/0x10 [ 88.697691][ T7556] ? rcu_is_watching+0x12/0xc0 [ 88.697720][ T7556] do_syscall_64+0x10b/0xf80 [ 88.697737][ T7556] ? clear_bhb_loop+0x40/0x90 [ 88.697758][ T7556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.697776][ T7556] RIP: 0033:0x7ff5fdd5d04e [ 88.697791][ T7556] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 88.697806][ T7556] RSP: 002b:00007ff5febf5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 88.697824][ T7556] RAX: ffffffffffffffda RBX: 00007ff5febf66c0 RCX: 00007ff5fdd5d04e [ 88.697835][ T7556] RDX: 000000000000000f RSI: 00007ff5febf60a0 RDI: 0000000000000007 [ 88.697845][ T7556] RBP: 00007ff5febf6090 R08: 0000000000000000 R09: 0000000000000000 [ 88.697856][ T7556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.697866][ T7556] R13: 00007ff5fe016038 R14: 00007ff5fe015fa0 R15: 00007ffd36aac548 [ 88.697889][ T7556] [ 88.779927][ T6029] usb 7-1: device descriptor read/64, error -71 [ 88.968216][ T7566] FAULT_INJECTION: forcing a failure. [ 88.968216][ T7566] name failslab, interval 1, probability 0, space 0, times 0 [ 88.975083][ T7566] CPU: 3 UID: 0 PID: 7566 Comm: syz.3.581 Not tainted syzkaller #0 PREEMPT(full) [ 88.975099][ T7566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.975106][ T7566] Call Trace: [ 88.975110][ T7566] [ 88.975115][ T7566] dump_stack_lvl+0x100/0x190 [ 88.975135][ T7566] should_fail_ex.cold+0x5/0xa [ 88.975151][ T7566] ? __register_sysctl_table+0xbe4/0x1650 [ 88.975167][ T7566] should_failslab+0xc2/0x120 [ 88.975178][ T7566] __kmalloc_noprof+0xe0/0x850 [ 88.975197][ T7566] __register_sysctl_table+0xbe4/0x1650 [ 88.975217][ T7566] ? __pfx___register_sysctl_table+0x10/0x10 [ 88.975232][ T7566] ? is_module_address+0x69/0xf0 [ 88.975247][ T7566] ? register_net_sysctl_sz+0x222/0x430 [ 88.975318][ T7566] ? __asan_memcpy+0x3c/0x60 [ 88.975334][ T7566] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 88.975351][ T7566] nf_lwtunnel_net_init+0x60/0xf0 [ 88.975365][ T7566] ops_init+0x1e2/0x5f0 [ 88.975380][ T7566] setup_net+0x118/0x3a0 [ 88.975392][ T7566] ? __pfx_setup_net+0x10/0x10 [ 88.975405][ T7566] ? mutex_init_lockdep+0xf1/0x120 [ 88.975423][ T7566] copy_net_ns+0x46f/0x7c0 [ 88.975437][ T7566] create_new_namespaces+0x3ea/0xac0 [ 88.975458][ T7566] unshare_nsproxy_namespaces+0xf2/0x220 [ 88.975477][ T7566] ksys_unshare+0x438/0xab0 [ 88.975489][ T7566] ? __pfx_ksys_unshare+0x10/0x10 [ 88.975499][ T7566] ? ksys_write+0x1ac/0x250 [ 88.975515][ T7566] __x64_sys_unshare+0x31/0x40 [ 88.975525][ T7566] do_syscall_64+0x10b/0xf80 [ 88.975536][ T7566] ? clear_bhb_loop+0x40/0x90 [ 88.975549][ T7566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.975560][ T7566] RIP: 0033:0x7fbde2d9c819 [ 88.975570][ T7566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 88.975581][ T7566] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 88.975597][ T7566] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 88.975607][ T7566] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006a040000 [ 88.975616][ T7566] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 88.975624][ T7566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 88.975633][ T7566] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 88.975656][ T7566] [ 88.975664][ T7566] sysctl could not get directory: [ 89.029968][ T6029] usb 7-1: new low-speed USB device number 7 using dummy_hcd [ 89.058745][ T7566] /net -12 [ 89.179962][ T6029] usb 7-1: device descriptor read/64, error -71 [ 89.364236][ T6029] usb usb7-port1: attempt power cycle [ 89.455110][ T7578] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7578 comm=syz.0.586 [ 89.680796][ T7599] netlink: 'syz.3.597': attribute type 1 has an invalid length. [ 89.687403][ T7599] nbd: error processing sock list [ 89.687723][ T7597] overlayfs: failed to decode file handle (len=10, type=78, flags=0, err=-22) [ 89.732010][ T6029] usb 7-1: new low-speed USB device number 8 using dummy_hcd [ 89.752009][ T6029] usb 7-1: device descriptor read/8, error -71 [ 89.920461][ T1039] vhci_hcd vhci_hcd.1: vhci_device speed not set [ 90.050014][ T6029] usb 7-1: new low-speed USB device number 9 using dummy_hcd [ 90.074114][ T6029] usb 7-1: device descriptor read/8, error -71 [ 90.191099][ T6029] usb usb7-port1: unable to enumerate USB device [ 90.213644][ T7637] netlink: 'syz.1.613': attribute type 3 has an invalid length. [ 90.353435][ T7645] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.442288][ T7645] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.523226][ T7645] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.585777][ T7645] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.656964][ T1258] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.666130][ T1258] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.674136][ T1258] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.682494][ T1258] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.756432][ T7653] FAULT_INJECTION: forcing a failure. [ 90.756432][ T7653] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.762207][ T7653] CPU: 2 UID: 0 PID: 7653 Comm: syz.3.619 Not tainted syzkaller #0 PREEMPT(full) [ 90.762225][ T7653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 90.762232][ T7653] Call Trace: [ 90.762238][ T7653] [ 90.762244][ T7653] dump_stack_lvl+0x100/0x190 [ 90.762917][ T7653] should_fail_ex.cold+0x5/0xa [ 90.762985][ T7653] _copy_from_iter+0x1f4/0x1690 [ 90.763276][ T7653] ? __asan_memset+0x23/0x50 [ 90.763498][ T7653] ? __pfx__copy_from_iter+0x10/0x10 [ 90.763511][ T7653] ? __pfx___alloc_skb+0x10/0x10 [ 90.763899][ T7653] netlink_sendmsg+0x808/0xda0 [ 90.764162][ T7653] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.764177][ T7653] ? __might_fault+0x90/0x140 [ 90.764199][ T7653] ____sys_sendmsg+0x9e1/0xb70 [ 90.764216][ T7653] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.764232][ T7653] ? __pfx_____sys_sendmsg+0x10/0x10 [ 90.764253][ T7653] ___sys_sendmsg+0x190/0x1e0 [ 90.764269][ T7653] ? __pfx____sys_sendmsg+0x10/0x10 [ 90.764300][ T7653] __sys_sendmsg+0x170/0x220 [ 90.764313][ T7653] ? __pfx___sys_sendmsg+0x10/0x10 [ 90.764330][ T7653] ? rcu_is_watching+0x12/0xc0 [ 90.764493][ T7653] do_syscall_64+0x10b/0xf80 [ 90.765086][ T7653] ? clear_bhb_loop+0x40/0x90 [ 90.765102][ T7653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.765114][ T7653] RIP: 0033:0x7fbde2d9c819 [ 90.765167][ T7653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 90.765178][ T7653] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.765229][ T7653] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 90.765236][ T7653] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003 [ 90.765242][ T7653] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 90.765249][ T7653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.765255][ T7653] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 90.765269][ T7653] [ 91.260757][ T7672] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 91.262917][ T7672] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 91.265378][ T7672] vhci_hcd vhci_hcd.0: Device attached [ 91.520021][ T6029] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 91.522750][ T6033] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 91.598664][ T7698] tipc: Enabling of bearer rejected, already enabled [ 91.651130][ T7700] bond3: (slave bond_slave_1): Device is not our slave [ 91.654075][ T7700] bond3: option active_slave: invalid value (bond_slave_1) [ 91.660584][ T6033] usb 8-1: device descriptor read/64, error -71 [ 91.664519][ T7700] bond3 (unregistering): Released all slaves [ 91.788243][ T7709] __nla_validate_parse: 25 callbacks suppressed [ 91.788257][ T7709] netlink: 4376 bytes leftover after parsing attributes in process `syz.2.642'. [ 91.793788][ T7709] netlink: 4376 bytes leftover after parsing attributes in process `syz.2.642'. [ 91.832578][ T7711] netlink: 'syz.2.643': attribute type 29 has an invalid length. [ 91.836241][ T7711] netlink: 'syz.2.643': attribute type 29 has an invalid length. [ 91.840324][ T7711] netlink: 500 bytes leftover after parsing attributes in process `syz.2.643'. [ 91.893964][ T7713] netlink: set zone limit has 4 unknown bytes [ 91.910844][ T6033] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 91.919782][ T7720] netlink: 8 bytes leftover after parsing attributes in process `syz.0.646'. [ 91.925001][ T7720] netlink: 16 bytes leftover after parsing attributes in process `syz.0.646'. [ 91.959572][ T7727] FAULT_INJECTION: forcing a failure. [ 91.959572][ T7727] name failslab, interval 1, probability 0, space 0, times 0 [ 91.963764][ T7727] CPU: 3 UID: 0 PID: 7727 Comm: syz.0.648 Not tainted syzkaller #0 PREEMPT(full) [ 91.963781][ T7727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 91.963788][ T7727] Call Trace: [ 91.963793][ T7727] [ 91.963798][ T7727] dump_stack_lvl+0x100/0x190 [ 91.963817][ T7727] should_fail_ex.cold+0x5/0xa [ 91.963833][ T7727] should_failslab+0xc2/0x120 [ 91.963846][ T7727] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 91.963863][ T7727] ? __proc_create+0x2cb/0x8c0 [ 91.963883][ T7727] __proc_create+0x2cb/0x8c0 [ 91.963898][ T7727] ? __pfx___proc_create+0x10/0x10 [ 91.963912][ T7727] ? pcpu_chunk_relocate+0x134/0x1a0 [ 91.963934][ T7727] proc_create_reg+0x75/0x170 [ 91.963951][ T7727] proc_create_net_data+0x8e/0x1c0 [ 91.963967][ T7727] ? __pfx_proc_create_net_data+0x10/0x10 [ 91.963985][ T7727] ? __pfx_netlink_net_init+0x10/0x10 [ 91.964000][ T7727] netlink_net_init+0x50/0x80 [ 91.964012][ T7727] ops_init+0x1e2/0x5f0 [ 91.964027][ T7727] setup_net+0x118/0x3a0 [ 91.964040][ T7727] ? __pfx_setup_net+0x10/0x10 [ 91.964052][ T7727] ? mutex_init_lockdep+0xf1/0x120 [ 91.964071][ T7727] copy_net_ns+0x46f/0x7c0 [ 91.964086][ T7727] create_new_namespaces+0x3ea/0xac0 [ 91.964108][ T7727] unshare_nsproxy_namespaces+0xf2/0x220 [ 91.964127][ T7727] ksys_unshare+0x438/0xab0 [ 91.964139][ T7727] ? __pfx_ksys_unshare+0x10/0x10 [ 91.964149][ T7727] ? ksys_write+0x1ac/0x250 [ 91.964166][ T7727] __x64_sys_unshare+0x31/0x40 [ 91.964180][ T7727] do_syscall_64+0x10b/0xf80 [ 91.964193][ T7727] ? clear_bhb_loop+0x40/0x90 [ 91.964206][ T7727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.964217][ T7727] RIP: 0033:0x7ffb3699c819 [ 91.964228][ T7727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 91.964239][ T7727] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 91.964251][ T7727] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 91.964258][ T7727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006a040000 [ 91.964264][ T7727] RBP: 00007ffb3777e090 R08: 0000000000000000 R09: 0000000000000000 [ 91.964270][ T7727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 91.964277][ T7727] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 91.964290][ T7727] [ 92.039925][ T6033] usb 8-1: device descriptor read/64, error -71 [ 92.093488][ T7731] cdrom: dropping to single frame dma [ 92.171889][ T6033] usb usb8-port1: attempt power cycle [ 92.222548][ T7742] syzkaller0: entered promiscuous mode [ 92.224757][ T7742] syzkaller0: entered allmulticast mode [ 92.249541][ T7747] overlayfs: failed to decode file handle (len=10, type=0, flags=0, err=-22) [ 92.384972][ T7749] netlink: 4 bytes leftover after parsing attributes in process `syz.2.658'. [ 92.395274][ T7764] netlink: 80 bytes leftover after parsing attributes in process `syz.0.663'. [ 92.406111][ T7764] binder: 7763:7764 unknown command 131087 [ 92.408073][ T7764] binder: 7763:7764 ioctl c0306201 200000000080 returned -22 [ 92.486490][ T7770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.665'. [ 92.507072][ T7770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.665'. [ 92.510420][ T6033] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 92.513535][ T7770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.665'. [ 92.530796][ T6033] usb 8-1: device descriptor read/8, error -71 [ 92.607334][ T7788] FAULT_INJECTION: forcing a failure. [ 92.607334][ T7788] name failslab, interval 1, probability 0, space 0, times 0 [ 92.614291][ T7788] CPU: 1 UID: 0 PID: 7788 Comm: syz.0.673 Not tainted syzkaller #0 PREEMPT(full) [ 92.614308][ T7788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 92.614315][ T7788] Call Trace: [ 92.614320][ T7788] [ 92.614324][ T7788] dump_stack_lvl+0x100/0x190 [ 92.614344][ T7788] should_fail_ex.cold+0x5/0xa [ 92.614360][ T7788] should_failslab+0xc2/0x120 [ 92.614372][ T7788] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 92.614389][ T7788] ? do_getname_kernel+0x5d/0x250 [ 92.614407][ T7788] do_getname_kernel+0x5d/0x250 [ 92.614423][ T7788] kern_path+0x1f/0x50 [ 92.614435][ T7788] bpf_uprobe_multi_link_attach+0x424/0x13d0 [ 92.614456][ T7788] ? find_held_lock+0x2b/0x80 [ 92.614466][ T7788] ? __fget_files+0x215/0x3d0 [ 92.614482][ T7788] ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10 [ 92.614498][ T7788] ? __fget_files+0x21f/0x3d0 [ 92.614513][ T7788] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 92.614530][ T7788] __sys_bpf+0x3faf/0x4b90 [ 92.614550][ T7788] ? __pfx___sys_bpf+0x10/0x10 [ 92.614566][ T7788] ? proc_fail_nth_write+0x9f/0x220 [ 92.614578][ T7788] ? find_held_lock+0x2b/0x80 [ 92.614609][ T7788] ? find_held_lock+0x2b/0x80 [ 92.614625][ T7788] ? ksys_write+0x190/0x250 [ 92.614640][ T7788] ? ksys_write+0x190/0x250 [ 92.614658][ T7788] ? __mutex_unlock_slowpath+0x15d/0x8a0 [ 92.614673][ T7788] ? kernel_write+0x5e3/0x6c0 [ 92.614683][ T7788] ? __fget_files+0x215/0x3d0 [ 92.614702][ T7788] ? fput+0x79/0x100 [ 92.614716][ T7788] ? ksys_write+0x1ac/0x250 [ 92.614727][ T7788] ? __pfx_ksys_write+0x10/0x10 [ 92.614740][ T7788] __x64_sys_bpf+0x7b/0xc0 [ 92.614757][ T7788] ? lockdep_hardirqs_on+0x78/0x100 [ 92.614775][ T7788] do_syscall_64+0x10b/0xf80 [ 92.614784][ T7788] ? clear_bhb_loop+0x40/0x90 [ 92.614798][ T7788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.614809][ T7788] RIP: 0033:0x7ffb3699c819 [ 92.614819][ T7788] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 92.614830][ T7788] RSP: 002b:00007ffb3777e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 92.614842][ T7788] RAX: ffffffffffffffda RBX: 00007ffb36c15fa0 RCX: 00007ffb3699c819 [ 92.614848][ T7788] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c [ 92.614855][ T7788] RBP: 00007ffb3777e090 R08: 0000000000000000 R09: 0000000000000000 [ 92.614861][ T7788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.614867][ T7788] R13: 00007ffb36c16038 R14: 00007ffb36c15fa0 R15: 00007ffd4aee1818 [ 92.614880][ T7788] [ 92.866111][ T7797] tipc: Started in network mode [ 92.868803][ T7797] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 92.881598][ T7797] tipc: Enabled bearer , priority 10 [ 92.883277][ T7799] overlayfs: failed to resolve './file0': -2 [ 92.890010][ T6033] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 92.921046][ T6033] usb 8-1: device descriptor read/8, error -71 [ 92.982869][ T7805] bond1: entered promiscuous mode [ 92.985203][ T7805] 8021q: adding VLAN 0 to HW filter on device bond1 [ 93.031618][ T6033] usb usb8-port1: unable to enumerate USB device [ 93.174933][ T7817] netlink: 'syz.2.683': attribute type 29 has an invalid length. [ 93.182245][ T7817] netlink: 'syz.2.683': attribute type 29 has an invalid length. [ 93.219026][ T40] kauditd_printk_skb: 56 callbacks suppressed [ 93.219047][ T40] audit: type=1400 audit(1776687966.148:558): avc: denied { execmem } for pid=7814 comm="syz.0.684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 93.390769][ T7830] overlayfs: failed to resolve './file0': -2 [ 93.880101][ T1039] tipc: Node number set to 4269801488 [ 94.270934][ T7673] vhci_hcd: connection reset by peer [ 94.275488][ T46] vhci_hcd vhci_hcd.3: stop threads [ 94.277730][ T46] vhci_hcd vhci_hcd.3: release socket [ 94.280051][ T46] vhci_hcd vhci_hcd.3: disconnect device [ 94.305769][ T7837] FAULT_INJECTION: forcing a failure. [ 94.305769][ T7837] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.314946][ T7837] CPU: 0 UID: 0 PID: 7837 Comm: syz.3.690 Not tainted syzkaller #0 PREEMPT(full) [ 94.314993][ T7837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 94.315004][ T7837] Call Trace: [ 94.315012][ T7837] [ 94.315019][ T7837] dump_stack_lvl+0x100/0x190 [ 94.315365][ T7837] should_fail_ex.cold+0x5/0xa [ 94.315475][ T7837] _copy_from_user+0x2e/0xd0 [ 94.315682][ T7837] input_event_from_user+0x123/0x310 [ 94.316032][ T7837] ? __pfx_input_event_from_user+0x10/0x10 [ 94.316059][ T7837] ? __pfx___might_resched+0x10/0x10 [ 94.316164][ T7837] ? input_inject_event+0x1a6/0x390 [ 94.316189][ T7837] evdev_write+0x342/0x610 [ 94.316222][ T7837] ? __pfx_evdev_write+0x10/0x10 [ 94.316246][ T7837] ? bpf_lsm_file_permission+0x9/0x10 [ 94.316316][ T7837] ? security_file_permission+0x76/0x210 [ 94.316530][ T7837] ? rw_verify_area+0xce/0x6d0 [ 94.316561][ T7837] vfs_write+0x2aa/0x1070 [ 94.316578][ T7837] ? __pfx_evdev_write+0x10/0x10 [ 94.316605][ T7837] ? __pfx_vfs_write+0x10/0x10 [ 94.316619][ T7837] ? find_held_lock+0x2b/0x80 [ 94.316635][ T7837] ? __fget_files+0x215/0x3d0 [ 94.316657][ T7837] ? __fget_files+0x215/0x3d0 [ 94.316679][ T7837] ? __fget_files+0x21f/0x3d0 [ 94.316701][ T7837] ksys_write+0x1f8/0x250 [ 94.316716][ T7837] ? __pfx_ksys_write+0x10/0x10 [ 94.316733][ T7837] ? rcu_is_watching+0x12/0xc0 [ 94.316758][ T7837] do_syscall_64+0x10b/0xf80 [ 94.317108][ T7837] ? clear_bhb_loop+0x40/0x90 [ 94.317131][ T7837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.317150][ T7837] RIP: 0033:0x7fbde2d9c819 [ 94.317166][ T7837] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 94.317247][ T7837] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 94.317305][ T7837] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 94.317314][ T7837] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003 [ 94.317323][ T7837] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 94.317331][ T7837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 94.317339][ T7837] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 94.317359][ T7837] [ 94.410172][ T53] ------------[ cut here ]------------ [ 94.417708][ T53] [CRTC:39:crtc-0] vblank wait timed out [ 94.418083][ T7839] FAULT_INJECTION: forcing a failure. [ 94.418083][ T7839] name failslab, interval 1, probability 0, space 0, times 0 [ 94.419712][ T53] WARNING: drivers/gpu/drm/drm_atomic_helper.c:1921 at drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0, CPU#1: kworker/1:1/53 [ 94.423656][ T7839] CPU: 3 UID: 0 PID: 7839 Comm: syz.3.691 Not tainted syzkaller #0 PREEMPT(full) [ 94.423677][ T7839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 94.423686][ T7839] Call Trace: [ 94.423692][ T7839] [ 94.423699][ T7839] dump_stack_lvl+0x100/0x190 [ 94.423723][ T7839] should_fail_ex.cold+0x5/0xa [ 94.423746][ T7839] should_failslab+0xc2/0x120 [ 94.423763][ T7839] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 94.423785][ T7839] ? __proc_create+0x2cb/0x8c0 [ 94.423811][ T7839] __proc_create+0x2cb/0x8c0 [ 94.423830][ T7839] ? __pfx___proc_create+0x10/0x10 [ 94.423848][ T7839] ? pcpu_chunk_relocate+0x134/0x1a0 [ 94.423878][ T7839] proc_create_reg+0x75/0x170 [ 94.423901][ T7839] proc_create_net_data+0x8e/0x1c0 [ 94.423921][ T7839] ? __pfx_proc_create_net_data+0x10/0x10 [ 94.423947][ T7839] ? __pfx_netlink_net_init+0x10/0x10 [ 94.424601][ T7839] netlink_net_init+0x50/0x80 [ 94.424617][ T7839] ops_init+0x1e2/0x5f0 [ 94.424764][ T7839] setup_net+0x118/0x3a0 [ 94.424782][ T7839] ? __pfx_setup_net+0x10/0x10 [ 94.424799][ T7839] ? mutex_init_lockdep+0xf1/0x120 [ 94.424825][ T7839] copy_net_ns+0x46f/0x7c0 [ 94.424847][ T7839] create_new_namespaces+0x3ea/0xac0 [ 94.424878][ T7839] unshare_nsproxy_namespaces+0xf2/0x220 [ 94.424903][ T7839] ksys_unshare+0x438/0xab0 [ 94.424921][ T7839] ? __pfx_ksys_unshare+0x10/0x10 [ 94.424936][ T7839] ? ksys_write+0x1ac/0x250 [ 94.424959][ T7839] __x64_sys_unshare+0x31/0x40 [ 94.424973][ T7839] do_syscall_64+0x10b/0xf80 [ 94.424990][ T7839] ? clear_bhb_loop+0x40/0x90 [ 94.425009][ T7839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.425025][ T7839] RIP: 0033:0x7fbde2d9c819 [ 94.425040][ T7839] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 94.425055][ T7839] RSP: 002b:00007fbde3c87028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 94.425071][ T7839] RAX: ffffffffffffffda RBX: 00007fbde3015fa0 RCX: 00007fbde2d9c819 [ 94.425081][ T7839] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006a040000 [ 94.425090][ T7839] RBP: 00007fbde3c87090 R08: 0000000000000000 R09: 0000000000000000 [ 94.425099][ T7839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 94.425107][ T7839] R13: 00007fbde3016038 R14: 00007fbde3015fa0 R15: 00007ffe78876088 [ 94.425129][ T7839] [ 94.533378][ T53] Modules linked in: [ 94.535818][ T53] CPU: 1 UID: 0 PID: 53 Comm: kworker/1:1 Not tainted syzkaller #0 PREEMPT(full) [ 94.539736][ T53] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 94.544066][ T53] Workqueue: events drm_fb_helper_damage_work [ 94.546695][ T53] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0 [ 94.550571][ T53] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d d8 1d 3f 0b 8b b3 d0 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 43 8e 61 fc e9 7c fe ff ff e8 49 [ 94.558610][ T53] RSP: 0018:ffffc90000a6f6e8 EFLAGS: 00010246 [ 94.561343][ T53] RAX: 0000000000000000 RBX: ffff888028620040 RCX: 1ffff110050c4022 [ 94.564746][ T53] RDX: ffff888027e7eda0 RSI: 0000000000000027 RDI: ffffffff90e70900 [ 94.568110][ T53] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 94.571598][ T53] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 94.574956][ T53] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880596be700 [ 94.578145][ T53] FS: 0000000000000000(0000) GS:ffff8880d63e7000(0000) knlGS:0000000000000000 [ 94.581184][ T53] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 94.583486][ T53] CR2: 00002000000001e0 CR3: 000000002c8de000 CR4: 0000000000352ef0 [ 94.586301][ T53] Call Trace: [ 94.587465][ T53] [ 94.588526][ T53] ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10 [ 94.591199][ T53] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 94.593216][ T53] ? lockdep_hardirqs_on+0x78/0x100 [ 94.594946][ T53] ? __pfx_autoremove_wake_function+0x10/0x10 [ 94.596986][ T53] ? drm_atomic_helper_commit_hw_done+0x36d/0x490 [ 94.599228][ T53] drm_atomic_helper_commit_tail+0xff/0x130 [ 94.601490][ T53] commit_tail+0x338/0x430 [ 94.603073][ T53] drm_atomic_helper_commit+0x303/0x380 [ 94.604926][ T53] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 94.606997][ T53] drm_atomic_commit+0x230/0x300 [ 94.608705][ T53] ? __pfx_drm_atomic_commit+0x10/0x10 [ 94.610709][ T53] ? __pfx___drm_printfn_info+0x10/0x10 [ 94.612678][ T53] ? modeset_lock+0x114/0x6d0 [ 94.614166][ T53] drm_atomic_helper_dirtyfb+0x603/0x790 [ 94.616049][ T53] ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10 [ 94.618129][ T53] ? do_raw_spin_lock+0x128/0x260 [ 94.619938][ T53] ? find_held_lock+0x2b/0x80 [ 94.621529][ T53] ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10 [ 94.623602][ T53] drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310 [ 94.625584][ T53] drm_fb_helper_damage_work+0x348/0x640 [ 94.627669][ T53] ? __pfx_drm_fb_helper_damage_work+0x10/0x10 [ 94.629762][ T53] ? rcu_is_watching+0x12/0xc0 [ 94.631762][ T53] process_one_work+0xa0e/0x1980 [ 94.633510][ T53] ? __pfx_process_one_work+0x10/0x10 [ 94.635298][ T53] ? __pfx_drm_fb_helper_damage_work+0x10/0x10 [ 94.637356][ T53] worker_thread+0x5ef/0xe50 [ 94.638986][ T53] ? __pfx_worker_thread+0x10/0x10 [ 94.640814][ T53] ? kthread+0x13a/0x450 [ 94.642241][ T53] ? __pfx_worker_thread+0x10/0x10 [ 94.644001][ T53] kthread+0x370/0x450 [ 94.645500][ T53] ? __pfx_kthread+0x10/0x10 [ 94.647244][ T53] ret_from_fork+0x72b/0xd50 [ 94.649250][ T53] ? __pfx_ret_from_fork+0x10/0x10 [ 94.651582][ T53] ? __switch_to+0x800/0x1100 [ 94.653508][ T53] ? __pfx_kthread+0x10/0x10 [ 94.655508][ T53] ret_from_fork_asm+0x1a/0x30 [ 94.657578][ T53] [ 94.658901][ T53] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 94.661843][ T53] CPU: 1 UID: 0 PID: 53 Comm: kworker/1:1 Not tainted syzkaller #0 PREEMPT(full) [ 94.665544][ T53] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 94.669450][ T53] Workqueue: events drm_fb_helper_damage_work [ 94.671952][ T53] Call Trace: [ 94.673117][ T53] [ 94.674091][ T53] dump_stack_lvl+0x100/0x190 [ 94.675836][ T53] vpanic+0x552/0x970 [ 94.677515][ T53] ? __pfx_vpanic+0x10/0x10 [ 94.679401][ T53] panic+0xd1/0xe0 [ 94.680950][ T53] ? __pfx_panic+0x10/0x10 [ 94.682730][ T53] ? check_panic_on_warn+0x1f/0x90 [ 94.684695][ T53] check_panic_on_warn.cold+0x19/0x34 [ 94.686912][ T53] ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0 [ 94.689761][ T53] __warn.cold+0x191/0x328 [ 94.691565][ T53] __report_bug+0x296/0x3d0 [ 94.693427][ T53] ? drm_atomic_helper_wait_for_vblanks.part.0+0x738/0x8a0 [ 94.696376][ T53] ? __pfx___report_bug+0x10/0x10 [ 94.698440][ T53] ? lockdep_hardirqs_on+0x78/0x100 [ 94.700374][ T53] report_bug_entry+0xe1/0x290 [ 94.701963][ T53] ? drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0 [ 94.704822][ T53] handle_bug+0x1cd/0x2a0 [ 94.706197][ T53] exc_invalid_op+0x17/0x50 [ 94.707935][ T53] asm_exc_invalid_op+0x1a/0x20 [ 94.709636][ T53] RIP: 0010:drm_atomic_helper_wait_for_vblanks.part.0+0x73e/0x8a0 [ 94.712400][ T53] Code: 00 00 00 fc ff df 48 89 f9 48 c1 e9 03 0f b6 04 01 84 c0 74 08 3c 03 0f 8e 44 01 00 00 48 8d 3d d8 1d 3f 0b 8b b3 d0 00 00 00 <67> 48 0f b9 3a e9 e1 fc ff ff e8 43 8e 61 fc e9 7c fe ff ff e8 49 [ 94.719024][ T53] RSP: 0018:ffffc90000a6f6e8 EFLAGS: 00010246 [ 94.720955][ T53] RAX: 0000000000000000 RBX: ffff888028620040 RCX: 1ffff110050c4022 [ 94.724035][ T53] RDX: ffff888027e7eda0 RSI: 0000000000000027 RDI: ffffffff90e70900 [ 94.726687][ T53] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 94.729797][ T53] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 94.732398][ T53] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880596be700 [ 94.735383][ T53] ? drm_atomic_helper_wait_for_vblanks.part.0+0x6e6/0x8a0 [ 94.737843][ T53] ? __pfx_drm_atomic_helper_wait_for_vblanks.part.0+0x10/0x10 [ 94.740604][ T53] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 94.742673][ T53] ? lockdep_hardirqs_on+0x78/0x100 [ 94.744846][ T53] ? __pfx_autoremove_wake_function+0x10/0x10 [ 94.746911][ T53] ? drm_atomic_helper_commit_hw_done+0x36d/0x490 [ 94.749369][ T53] drm_atomic_helper_commit_tail+0xff/0x130 [ 94.751226][ T53] commit_tail+0x338/0x430 [ 94.752650][ T53] drm_atomic_helper_commit+0x303/0x380 [ 94.754947][ T53] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 94.757551][ T53] drm_atomic_commit+0x230/0x300 [ 94.759775][ T53] ? __pfx_drm_atomic_commit+0x10/0x10 [ 94.761901][ T53] ? __pfx___drm_printfn_info+0x10/0x10 [ 94.764181][ T53] ? modeset_lock+0x114/0x6d0 [ 94.766041][ T53] drm_atomic_helper_dirtyfb+0x603/0x790 [ 94.768340][ T53] ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10 [ 94.770344][ T53] ? do_raw_spin_lock+0x128/0x260 [ 94.772388][ T53] ? find_held_lock+0x2b/0x80 [ 94.774153][ T53] ? __pfx_drm_atomic_helper_dirtyfb+0x10/0x10 [ 94.776392][ T53] drm_fbdev_shmem_helper_fb_dirty+0x1cc/0x310 [ 94.778743][ T53] drm_fb_helper_damage_work+0x348/0x640 [ 94.780615][ T53] ? __pfx_drm_fb_helper_damage_work+0x10/0x10 [ 94.783120][ T53] ? rcu_is_watching+0x12/0xc0 [ 94.784797][ T53] process_one_work+0xa0e/0x1980 [ 94.786455][ T53] ? __pfx_process_one_work+0x10/0x10 [ 94.788672][ T53] ? __pfx_drm_fb_helper_damage_work+0x10/0x10 [ 94.790793][ T53] worker_thread+0x5ef/0xe50 [ 94.792601][ T53] ? __pfx_worker_thread+0x10/0x10 [ 94.794632][ T53] ? kthread+0x13a/0x450 [ 94.796055][ T53] ? __pfx_worker_thread+0x10/0x10 [ 94.798085][ T53] kthread+0x370/0x450 [ 94.799655][ T53] ? __pfx_kthread+0x10/0x10 [ 94.801241][ T53] ret_from_fork+0x72b/0xd50 [ 94.802974][ T53] ? __pfx_ret_from_fork+0x10/0x10 [ 94.804905][ T53] ? __switch_to+0x800/0x1100 [ 94.806673][ T53] ? __pfx_kthread+0x10/0x10 [ 94.808517][ T53] ret_from_fork_asm+0x1a/0x30 [ 94.810427][ T53] [ 94.812831][ T53] Kernel Offset: disabled [ 94.814498][ T53] Rebooting in 86400 seconds..