last executing test programs: 1.788824128s ago: executing program 2 (id=487): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xec) mount$9p_virtio(&(0x7f00000001c0), &(0x7f00000002c0)='./file0\x00', &(0x7f00000004c0), 0x8017, 0x0) chdir(&(0x7f0000000080)='./file0\x00') creat(&(0x7f0000000040)='./file0\x00', 0x83) 1.761406291s ago: executing program 2 (id=489): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x9) (fail_nth: 1) 1.270860997s ago: executing program 0 (id=497): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xc) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18) write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58) mount$9p_fd(0x0, &(0x7f00000025c0)='./file0\x00', &(0x7f0000002340), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) chdir(&(0x7f0000000100)='./file0\x00') read$FUSE(r0, &(0x7f0000000300)={0x2020}, 0x2020) mknodat$null(0xffffffffffffff9c, &(0x7f0000002440)='./file0\x00', 0x8000, 0x103) 1.260082774s ago: executing program 0 (id=498): r0 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000080)=0x1000, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x44, r2, 0x101, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x14, 0x51, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_KEY_DATA_WEP40={0x9, 0x1, "cf378e52b3"}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x90}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r2, 0x100, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]}, 0x2c}}, 0x20000000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) 1.030280166s ago: executing program 0 (id=499): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xc) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000140), 0x2, 0x2) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15) r2 = dup(r1) ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0286405, &(0x7f00000001c0)={0x8, 0x1, {0xffffffffffffffff}, {0xee01}, 0xffffffffffffffe3, 0x1}) capset(&(0x7f0000000200)={0x20071026, r3}, &(0x7f00000002c0)={0x100, 0x10001, 0x5, 0x2, 0xe6, 0xf}) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18) write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58) r4 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000440)=@mangle={'mangle\x00', 0x44, 0x6, 0x3c8, 0x168, 0x298, 0x98, 0x168, 0x200, 0x330, 0x330, 0x330, 0x330, 0x330, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0x298}}, {{@ip={@remote, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00', {}, {0xff}}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x84]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x4]}}}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x0, 0x1}}}, {{@ip={@rand_addr, @multicast2, 0x0, 0xffffff00, 'syzkaller0\x00', 'bond0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0x98}, @ECN={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f0000237000/0x4000)=nil, 0x4000, 0x9) mount$9p_fd(0x0, &(0x7f00000025c0)='./file0\x00', &(0x7f0000002340), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) openat$cgroup_ro(r2, &(0x7f0000000180)='cgroup.events\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') read$FUSE(r0, &(0x7f0000000300)={0x2020}, 0x2020) mknodat$null(0xffffffffffffff9c, &(0x7f0000002440)='./file0\x00', 0x8000, 0x103) 800.948948ms ago: executing program 0 (id=501): mknodat(0xffffffffffffff9c, 0x0, 0x1000, 0x10008) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18) write$FUSE_ATTR(r2, &(0x7f00000005c0)={0x78, 0x0, 0x0, {0x8, 0x2, 0x0, {0x2, 0xff, 0x6, 0xaf, 0x2, 0x177, 0xff, 0x9, 0x3, 0xa000, 0xc7e, 0x0, 0x0, 0x8, 0x3ff}}}, 0x78) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4014, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}}) r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000400)="ee72", 0x2}], 0x1) 620.236292ms ago: executing program 0 (id=502): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB="0c00990000000000000000000800a000ea15000008009f0003000000080026000816"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x0) 620.020143ms ago: executing program 2 (id=503): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r0, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0xc0) r1 = syz_open_procfs(0x0, &(0x7f0000000380)='net/tcp\x00') read$FUSE(r1, &(0x7f0000005dc0)={0x2020}, 0x2020) 519.240977ms ago: executing program 2 (id=505): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x28}}, 0x0) 518.56779ms ago: executing program 0 (id=506): r0 = socket(0x10, 0x3, 0x0) pipe(&(0x7f0000000d00)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r4, &(0x7f0000000500)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='p'], 0x70}}], 0x1, 0x2000c044) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@dev={0xfe, 0x80, '\x00', 0x1c}, 0x4e23, 0x0, 0x4e24, 0x0, 0x2, 0x80, 0x0, 0x11}, {0xe61, 0x0, 0x0, 0x2, 0x9, 0x1, 0xffd, 0xc}, {0xfffffffffffff5b9, 0x4, 0x7fffffffffffffff, 0x7}, 0x8000, 0x6e6bb5, 0x0, 0x1, 0x2, 0x3}, {{@in6=@local, 0x4d4, 0x3c}, 0xa, @in6=@remote, 0x43500, 0x0, 0x0, 0x4, 0xc, 0xd0, 0x1}}, 0xe8) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r7], 0x20}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000240), 0xfffffecc) splice(r1, 0x0, r3, 0x0, 0x714f, 0x0) r8 = socket$nl_rdma(0x10, 0x3, 0x14) setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0x7, &(0x7f0000000440)={0x1, 0x290, 0x8, 0xb63}, 0x10) sendto$inet6(r0, &(0x7f0000000280)="7800000018002507b9409b14ffff00000214ae04020206050a02040c430009003f000405100000000d0085a168d0bf46d389516a9069921a4b0005000a00000049935ade4a460c89b6ec0cff3959547f5000000000c902007a00004a324004001600040000d5808bd3e30a37e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x37ac}}, './file0\x00'}) r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0xd, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x8000}, [@alu={0x7, 0x1, 0x2, 0x3, 0xa, 0x4, 0x10}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfff}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x10000, 0xad, &(0x7f0000000100)=""/173, 0x41000, 0x24, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x2, 0x4, 0x1, 0xde1}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000240)=[0xffffffffffffffff, 0x1, 0x1, 0x1, 0x1], &(0x7f0000000300)=[{0x2, 0x1, 0x1, 0xa}, {0x5, 0x2, 0x3, 0x3}, {0x3, 0x2, 0xa, 0xa}, {0x1, 0x1, 0xd}, {0x0, 0x1, 0x3, 0x7}, {0x2, 0x5, 0xf}, {0x2, 0x4, 0xf, 0x7}, {0x1, 0x4, 0x8, 0x1}]}, 0x94) sendmsg$nl_generic(r0, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x7c, 0x35, 0x100, 0x70bd26, 0x25dfdbff, {0x6}, [@generic="a7278bb701adc7c602fa33921efcbe9c3412aa8a686feebc740351e75c308416735e75b3d9ff5d3c00f6253255ba11a15304ba6acaad6c842a05cadec2437a02046d124c95ec1a95f31fd4d97ec0e9", @typed={0x8, 0x61, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @typed={0x4, 0x10e}, @typed={0xc, 0xf4, 0x0, 0x0, @u64=0xffffffffffffff90}]}, 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x40000d5) dup3(r9, r10, 0x80000) 517.812053ms ago: executing program 2 (id=508): socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$CDROMVOLCTRL(r0, 0x31e, &(0x7f0000000080)={0xe1, 0x3, 0xfe, 0x8}) socket$nl_route(0x10, 0x3, 0x0) 517.649823ms ago: executing program 3 (id=509): r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000640), 0x4000, 0x0) ioctl$CDROM_SET_OPTIONS(r0, 0x5320, 0x14) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) (async) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'}) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_DEAUTHENTICATE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)={0xfffffffffffffe8b, r2, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x84) 449.877239ms ago: executing program 1 (id=511): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x11) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@ipv4_getrule={0x1c, 0x22, 0x100, 0x70bd26, 0x25dfdbff, {0x2, 0x14, 0x10, 0x7f, 0x5, 0x0, 0x0, 0x8, 0x10002}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008004}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000090600000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a7f9aa88000000001c00128009000100766c616e000000000c000280060001000100000008000500", @ANYRES32=r4], 0x44}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="400000001000030425bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0005000000000000180012800b0001006772657461700000080002800400120008000a00", @ANYRES32=r7], 0x40}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000) 449.443304ms ago: executing program 2 (id=512): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x7) recvmmsg(r0, &(0x7f0000002780)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x2, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x142ba3) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82803, 0xf) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000080)={r2, 0xfffffffd, {0x0, 0x0, 0x0, 0x2000000000000006, 0x6e, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4ad24bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x8]}}) r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, r3, 0x1}, 0x14}}, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000200)=0x14) sendmsg$MPTCP_PM_CMD_SET_LIMITS(r2, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x84, r3, 0x20, 0x70bd28, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x5}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x4}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x48, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xc9}, @MPTCP_PM_ADDR_ATTR_ID={0x5}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}]}, 0x84}, 0x1, 0x0, 0x0, 0x8000}, 0x20004810) openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r5, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5c, 0x9, 0x5, 0xffff2d37, 0x0, 0x6, 0x3, 0x0, 0x2ab, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0xb, 0x9, 0x1, 0x1f461e2c, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x800242, 0xffffffff, 0xe, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x3, 0x80092a3, 0x4, 0x1, 0x20000000, 0x82, 0x0, 0xffffffff, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0x1000, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x7b, 0x0, 0x0, 0x8, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0x6, 0x4, 0xff, 0x5, 0x5, 0x5f31, 0x4, 0x0, 0x2, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0xb, 0x8000, 0x1, 0x9, 0x9, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x9, 0x5, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x400002], [0x6, 0x6, 0x80000001, 0x5, 0xff, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x1, 0xb, 0x4, 0x5, 0x1005, 0x0, 0x1ef, 0xfffffffd, 0x2, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x7, 0x38, 0x800003, 0x200, 0x80, 0x2, 0xcc52, 0x950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0xbf, 0x10002, 0x3, 0x7ff, 0x3, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0xff], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x6, 0x6, 0x0, 0x3, 0x80ce7, 0x1ff, 0x3, 0x7, 0x5, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x4, 0x14c, 0x60a7, 0x6, 0x4, 0xffffffff, 0x80000000, 0x7, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0xb, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0x5a2b, 0xc, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0x2, 0xbfdffffc}, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0) r7 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$SIOCRSSCAUSE(r7, 0x89e1, &(0x7f0000000040)=0x68ed) 400.382012ms ago: executing program 3 (id=513): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="130000001900010000000000000000001c"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x4c800) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYRESDEC=r0], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000280)={0x0, &(0x7f0000000280), 0x0, 0x0, 0xdededede}) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240), 0x101001, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f00000000c0), 0x149000, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0xffffff7ffffffeb6}, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x1, &(0x7f0000000ac0)=ANY=[@ANYRESHEX, @ANYBLOB=',root', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYBLOB=',']) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) getpeername$qrtr(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000300)=0xc) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) r6 = accept4(r5, 0x0, 0x0, 0x800) sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, 0x0}], 0x1, 0x1, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) 400.229306ms ago: executing program 1 (id=514): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB="0c00990000000000000000000800a000ea15000008009f0003000000080026000816"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x0) 320.706924ms ago: executing program 1 (id=515): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), r2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200)='erspan0\x00', 0x10) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newsa={0x154, 0x10, 0x633, 0x0, 0x0, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@broadcast}, {@in=@private, 0x0, 0x32}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x8, {0x0, 0x0, 0x0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}]}, 0x154}}, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000240)=0x3, 0x4) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000002d00010026bdf000fcdbdf25041a0000040010"], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) close(0x3) 200.597762ms ago: executing program 3 (id=516): r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x180862) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x41fec472531e98ab, 0xde) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x14, 0x0, "00f9737227af149989fc8dbe43ea6affffffffdc25f5c660c9e6d680f985881a4c516bdd010f35000000b0000006000800000000000000005c9f00", "32d8cc26f7b91a74df2cfc06c89f3d9e6a7a30c50997d3bef409ff2176ff7bfe55cd4a1d0c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a00", "675237601a8ca5b07dcc141802c4dae4080043080000003300", [0x3ff]}}) ioctl$LOOP_CLR_FD(r0, 0x4c01) 200.023929ms ago: executing program 3 (id=517): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x28}}, 0x0) 139.762844ms ago: executing program 1 (id=518): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000001c0)='hugetlb.2MB.failcnt\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000180), 0x12) 139.279003ms ago: executing program 3 (id=519): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x49, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(r5, 0x0, 0x0) 127.343729ms ago: executing program 1 (id=520): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000) write$vhost_msg_v2(r0, &(0x7f00000039c0)={0x2, 0x0, {&(0x7f0000000680)=""/184, 0xfffffefd, 0x0, 0x3, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000040)={0x2, 0x0, {&(0x7f0000000740)=""/96, 0x60, 0x0, 0x1, 0x2}}, 0x48) write$vhost_msg_v2(r0, 0x0, 0x0) write$vhost_msg_v2(r0, &(0x7f0000000380)={0x2, 0x0, {&(0x7f0000000a80)=""/212, 0xd4, 0x0, 0x1, 0x2}}, 0x48) write$vhost_msg(r0, &(0x7f00000005c0)={0x1, {&(0x7f0000000f00)=""/4096, 0x1000, 0x0, 0x2, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48) 653.637µs ago: executing program 1 (id=521): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="62a02a3a3409"], 0xa) (fail_nth: 1) 0s ago: executing program 3 (id=522): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) open$dir(&(0x7f0000000080)='./file0/file1\x00', 0x8e8c1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1}, 0x80) r2 = socket(0x840000000002, 0x3, 0xff) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=@newsa={0x184, 0x10, 0x713, 0x0, 0x0, {{@in=@remote, @in6=@remote}, {@in=@multicast2, 0x0, 0x32}, @in=@rand_addr=0x64010102, {0x0, 0x7f}, {}, {0x0, 0x4}, 0x0, 0x0, 0x2, 0x1}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_aead={0x4c, 0x12, {{'aegis128-generic\x00'}, 0x0, 0x180}}]}, 0x184}, 0x1, 0x0, 0x0, 0x4001}, 0x1000c080) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r2, &(0x7f0000002440)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a90500040000746400009e15bec7357c00000064c6", 0x15}, {&(0x7f0000000000)="17460081ba60ccbb9d000000000000", 0xf}], 0x2}}, {{&(0x7f00000000c0)={0x2, 0x4e20, @private=0xa010101}, 0x10, 0x0}}], 0x2, 0x4004040) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r4, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20) mkdir(&(0x7f00000001c0)='./bus\x00', 0x40) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r8, 0x6, 0x9, 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000100)={0x1020004, r6, 0x80000}) r10 = syz_open_dev$dri(&(0x7f0000000180), 0x48, 0x80000) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r10, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r9}) fdatasync(r5) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r11, &(0x7f0000000300)=ANY=[], 0x15) r12 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0000, 0x0) ioctl$TIOCVHANGUP(r12, 0x5437, 0x2) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r13 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r13, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4) kernel console output (not intermixed with test programs): [ 44.186618][ T40] audit: type=1400 audit(1759854073.792:60): avc: denied { rlimitinh } for pid=5838 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 44.193764][ T40] audit: type=1400 audit(1759854073.792:61): avc: denied { siginh } for pid=5838 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '[localhost]:36478' (ED25519) to the list of known hosts. [ 46.256398][ T40] audit: type=1400 audit(1759854075.882:62): avc: denied { name_bind } for pid=5857 comm="sshd-session" src=30000 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 46.287247][ T40] audit: type=1400 audit(1759854075.912:63): avc: denied { write } for pid=5858 comm="sh" path="pipe:[2939]" dev="pipefs" ino=2939 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 46.307256][ T40] audit: type=1400 audit(1759854075.932:64): avc: denied { execute } for pid=5858 comm="sh" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 46.315051][ T40] audit: type=1400 audit(1759854075.942:65): avc: denied { execute_no_trans } for pid=5858 comm="sh" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 48.711129][ T40] audit: type=1400 audit(1759854078.342:66): avc: denied { mounton } for pid=5858 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 48.727730][ T5858] cgroup: Unknown subsys name 'net' [ 48.871101][ T5858] cgroup: Unknown subsys name 'cpuset' [ 48.876041][ T5858] cgroup: Unknown subsys name 'rlimit' [ 49.098011][ T5919] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 49.820981][ T5858] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.939767][ T40] kauditd_printk_skb: 13 callbacks suppressed [ 53.939778][ T40] audit: type=1400 audit(1759854083.572:80): avc: denied { execmem } for pid=5929 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 54.146726][ T40] audit: type=1400 audit(1759854083.772:81): avc: denied { create } for pid=5932 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 54.156311][ T40] audit: type=1400 audit(1759854083.782:82): avc: denied { read write } for pid=5932 comm="syz-executor" name="vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 54.164112][ T40] audit: type=1400 audit(1759854083.782:83): avc: denied { open } for pid=5932 comm="syz-executor" path="/dev/vhci" dev="devtmpfs" ino=1291 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 54.171781][ T40] audit: type=1400 audit(1759854083.782:84): avc: denied { ioctl } for pid=5933 comm="syz-executor" path="socket:[5893]" dev="sockfs" ino=5893 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 54.200315][ T5944] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 54.201185][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 54.204948][ T5945] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 54.205916][ T5943] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 54.208111][ T5945] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 54.210955][ T5943] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 54.211351][ T5941] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 54.212455][ T5941] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 54.212814][ T5945] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 54.213340][ T5945] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 54.213626][ T5945] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 54.214874][ T65] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 54.219257][ T5949] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 54.220084][ T65] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 54.222867][ T5949] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 54.225953][ T65] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 54.227351][ T40] audit: type=1400 audit(1759854083.852:85): avc: denied { read } for pid=5933 comm="syz-executor" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 54.227805][ T5949] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 54.231274][ T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 54.237617][ T40] audit: type=1400 audit(1759854083.852:86): avc: denied { open } for pid=5933 comm="syz-executor" path="net:[4026531833]" dev="nsfs" ino=4026531833 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 54.254865][ T5944] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 54.258594][ T40] audit: type=1400 audit(1759854083.852:87): avc: denied { mounton } for pid=5933 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 54.271959][ T5944] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 54.467844][ T40] audit: type=1400 audit(1759854084.102:88): avc: denied { module_request } for pid=5932 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 54.522102][ T5932] chnl_net:caif_netlink_parms(): no params data found [ 54.650380][ T5933] chnl_net:caif_netlink_parms(): no params data found [ 54.726849][ T5932] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.730282][ T5932] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.733101][ T5932] bridge_slave_0: entered allmulticast mode [ 54.736069][ T5932] bridge_slave_0: entered promiscuous mode [ 54.742290][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 54.774318][ T5932] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.777349][ T5932] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.780366][ T5932] bridge_slave_1: entered allmulticast mode [ 54.784237][ T5932] bridge_slave_1: entered promiscuous mode [ 54.913603][ T5932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.983457][ T5933] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.985774][ T5933] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.988881][ T5933] bridge_slave_0: entered allmulticast mode [ 54.991996][ T5933] bridge_slave_0: entered promiscuous mode [ 54.996486][ T5932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.001782][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.004484][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.007766][ T5946] bridge_slave_0: entered allmulticast mode [ 55.010529][ T5946] bridge_slave_0: entered promiscuous mode [ 55.013774][ T5934] chnl_net:caif_netlink_parms(): no params data found [ 55.018504][ T5933] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.021164][ T5933] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.023452][ T5933] bridge_slave_1: entered allmulticast mode [ 55.026374][ T5933] bridge_slave_1: entered promiscuous mode [ 55.054822][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.057827][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.060628][ T5946] bridge_slave_1: entered allmulticast mode [ 55.063441][ T5946] bridge_slave_1: entered promiscuous mode [ 55.152732][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.173806][ T5933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.178558][ T5932] team0: Port device team_slave_0 added [ 55.202676][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.206788][ T5933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.210928][ T5932] team0: Port device team_slave_1 added [ 55.302542][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.304658][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.312751][ T5932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.319519][ T5946] team0: Port device team_slave_0 added [ 55.346077][ T5933] team0: Port device team_slave_0 added [ 55.396334][ T5932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.399697][ T5932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.409467][ T5932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.414949][ T5946] team0: Port device team_slave_1 added [ 55.419567][ T5933] team0: Port device team_slave_1 added [ 55.422398][ T5934] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.424651][ T5934] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.427633][ T5934] bridge_slave_0: entered allmulticast mode [ 55.430733][ T5934] bridge_slave_0: entered promiscuous mode [ 55.502782][ T5934] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.505287][ T5934] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.508236][ T5934] bridge_slave_1: entered allmulticast mode [ 55.512854][ T5934] bridge_slave_1: entered promiscuous mode [ 55.615227][ T5934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.620020][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.622566][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.633674][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.639285][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.642110][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.652838][ T5933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.658707][ T5933] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.661456][ T5933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.673034][ T5933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.699666][ T5934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.704049][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.706957][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.718863][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.801160][ T5934] team0: Port device team_slave_0 added [ 55.807228][ T5932] hsr_slave_0: entered promiscuous mode [ 55.810401][ T5932] hsr_slave_1: entered promiscuous mode [ 55.846613][ T5934] team0: Port device team_slave_1 added [ 55.915014][ T5946] hsr_slave_0: entered promiscuous mode [ 55.917708][ T5946] hsr_slave_1: entered promiscuous mode [ 55.920294][ T5946] debugfs: 'hsr0' already exists in 'hsr' [ 55.922398][ T5946] Cannot create hsr debugfs directory [ 55.954852][ T5933] hsr_slave_0: entered promiscuous mode [ 55.958366][ T5933] hsr_slave_1: entered promiscuous mode [ 55.961338][ T5933] debugfs: 'hsr0' already exists in 'hsr' [ 55.963733][ T5933] Cannot create hsr debugfs directory [ 55.988897][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.991713][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 56.002126][ T5934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.007935][ T5934] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.010752][ T5934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 56.021825][ T5934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.248076][ T5934] hsr_slave_0: entered promiscuous mode [ 56.251616][ T5934] hsr_slave_1: entered promiscuous mode [ 56.255106][ T5934] debugfs: 'hsr0' already exists in 'hsr' [ 56.258520][ T5944] Bluetooth: hci0: command tx timeout [ 56.258529][ T5937] Bluetooth: hci3: command tx timeout [ 56.260520][ T5944] Bluetooth: hci1: command tx timeout [ 56.262990][ T5934] Cannot create hsr debugfs directory [ 56.337442][ T5944] Bluetooth: hci2: command tx timeout [ 56.539241][ T5932] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 56.548527][ T5932] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 56.555914][ T5932] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 56.567484][ T5932] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 56.603243][ T5946] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 56.611470][ T5946] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 56.618970][ T5946] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 56.626778][ T5946] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 56.666412][ T5933] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 56.677732][ T5933] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 56.683199][ T5933] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 56.688184][ T5933] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 56.783561][ T5934] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 56.788624][ T5934] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 56.794379][ T5934] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 56.799899][ T5934] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 56.826987][ T5932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.848512][ T5933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.865246][ T5932] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.881976][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.887019][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.889859][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.913275][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.915715][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.924196][ T5933] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.950359][ T83] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.953402][ T83] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.971105][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.975887][ T83] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.979321][ T83] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.001733][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.004746][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.015407][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.018441][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.058073][ T5934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.083565][ T40] audit: type=1400 audit(1759854086.712:89): avc: denied { sys_module } for pid=5932 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 57.121627][ T5934] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.134102][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.136413][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.143735][ T95] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.146134][ T95] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.199399][ T5932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.236003][ T5933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.246413][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.267205][ T5932] veth0_vlan: entered promiscuous mode [ 57.289437][ T5932] veth1_vlan: entered promiscuous mode [ 57.328252][ T5946] veth0_vlan: entered promiscuous mode [ 57.332454][ T5933] veth0_vlan: entered promiscuous mode [ 57.343294][ T5933] veth1_vlan: entered promiscuous mode [ 57.355866][ T5946] veth1_vlan: entered promiscuous mode [ 57.380059][ T5934] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.388611][ T5932] veth0_macvtap: entered promiscuous mode [ 57.397623][ T5932] veth1_macvtap: entered promiscuous mode [ 57.413159][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.419985][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.439713][ T1146] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.448941][ T5933] veth0_macvtap: entered promiscuous mode [ 57.452425][ T1146] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.455393][ T1146] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.465145][ T1146] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.473207][ T5946] veth0_macvtap: entered promiscuous mode [ 57.479888][ T5933] veth1_macvtap: entered promiscuous mode [ 57.488543][ T5946] veth1_macvtap: entered promiscuous mode [ 57.493439][ T5934] veth0_vlan: entered promiscuous mode [ 57.508192][ T5934] veth1_vlan: entered promiscuous mode [ 57.523591][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.539487][ T5933] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.552406][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.574089][ T1146] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.577490][ T1146] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.585056][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.588681][ T1146] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.594448][ T1146] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.605015][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.608971][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.614923][ T5934] veth0_macvtap: entered promiscuous mode [ 57.620049][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.631820][ T5934] veth1_macvtap: entered promiscuous mode [ 57.635708][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.639205][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.645180][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.671723][ T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.675042][ T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.709708][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.712537][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.718732][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.738728][ T5934] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.741130][ T5932] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 57.753313][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.755645][ T62] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.756338][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.787891][ T83] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.793457][ T83] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.801108][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.804000][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.806900][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.819479][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.822601][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.887685][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.890166][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.922313][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.925598][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.971127][ T6032] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 57.975658][ T6032] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 57.980207][ T6032] overlayfs: missing 'lowerdir' [ 58.108222][ T6049] warning: `syz.1.14' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 58.172471][ T6050] tipc: Started in network mode [ 58.173987][ T6050] tipc: Node identity a2513c7cee57, cluster identity 4711 [ 58.177043][ T6050] tipc: Enabled bearer , priority 0 [ 58.189180][ T6050] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode [ 58.192052][ T6050] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 58.275686][ T6039] tipc: Disabling bearer [ 58.337602][ T5944] Bluetooth: hci1: command tx timeout [ 58.337944][ T65] Bluetooth: hci3: command tx timeout [ 58.340318][ T5944] Bluetooth: hci0: command tx timeout [ 58.418139][ T65] Bluetooth: hci2: command tx timeout [ 58.680536][ T6083] random: crng reseeded on system resumption [ 59.057556][ T40] kauditd_printk_skb: 68 callbacks suppressed [ 59.057572][ T40] audit: type=1400 audit(1759854088.682:158): avc: denied { read write } for pid=6098 comm="syz.0.32" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 59.077680][ T40] audit: type=1400 audit(1759854088.682:159): avc: denied { open } for pid=6098 comm="syz.0.32" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 59.092569][ T40] audit: type=1400 audit(1759854088.692:160): avc: denied { map } for pid=6098 comm="syz.0.32" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 59.419164][ T40] audit: type=1400 audit(1759854089.052:161): avc: denied { mount } for pid=6109 comm="syz.2.36" name="/" dev="configfs" ino=2143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 59.434495][ T40] audit: type=1400 audit(1759854089.062:162): avc: denied { search } for pid=6109 comm="syz.2.36" name="/" dev="configfs" ino=2143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 59.455345][ T40] audit: type=1400 audit(1759854089.062:163): avc: denied { setattr } for pid=6109 comm="syz.2.36" name="/" dev="configfs" ino=2143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 59.483173][ T40] audit: type=1400 audit(1759854089.112:164): avc: denied { name_bind } for pid=6111 comm="syz.3.37" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 59.649843][ T6129] random: crng reseeded on system resumption [ 59.776375][ T6131] kvm: pic: single mode not supported [ 59.776425][ T6131] kvm: pic: level sensitive irq not supported [ 59.960453][ T40] audit: type=1400 audit(1759854089.592:165): avc: denied { ioctl } for pid=6136 comm="syz.1.46" path="/dev/vhost-net" dev="devtmpfs" ino=1300 ioctlcmd=0xaf00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 60.279194][ T6156] random: crng reseeded on system resumption [ 60.417282][ T65] Bluetooth: hci0: command tx timeout [ 60.417392][ T5937] Bluetooth: hci1: command tx timeout [ 60.428932][ T5937] Bluetooth: hci3: command tx timeout [ 60.512401][ T5937] Bluetooth: hci2: command tx timeout [ 60.606583][ T40] audit: type=1400 audit(1759854090.232:166): avc: denied { mounton } for pid=6180 comm="syz.3.64" path="/15/file0" dev="tmpfs" ino=95 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 60.724263][ T40] audit: type=1400 audit(1759854090.352:167): avc: denied { map_read map_write } for pid=6184 comm="syz.1.65" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 61.376372][ T6238] random: crng reseeded on system resumption [ 61.567490][ T6244] random: crng reseeded on system resumption [ 61.944332][ T6267] random: crng reseeded on system resumption [ 62.472053][ T6294] random: crng reseeded on system resumption [ 62.497667][ T5937] Bluetooth: hci3: command tx timeout [ 62.497690][ T65] Bluetooth: hci1: command tx timeout [ 62.507485][ T65] Bluetooth: hci0: command tx timeout [ 62.577359][ T65] Bluetooth: hci2: command tx timeout [ 62.680526][ T6304] netlink: 36 bytes leftover after parsing attributes in process `syz.1.116'. [ 62.898254][ T6324] netlink: 36 bytes leftover after parsing attributes in process `syz.1.126'. [ 63.113308][ T6348] Zero length message leads to an empty skb [ 63.159536][ T6352] netlink: 36 bytes leftover after parsing attributes in process `syz.3.137'. [ 63.418835][ T6372] random: crng reseeded on system resumption [ 63.668602][ T6386] random: crng reseeded on system resumption [ 63.852857][ T6401] random: crng reseeded on system resumption [ 63.973105][ T6409] sd 0:0:0:0: PR command failed: 1026 [ 63.975864][ T6412] syz.0.162: vmalloc error: size 20480, failed to allocate pages, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 63.978044][ T6409] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 63.982107][ T6412] CPU: 3 UID: 0 PID: 6412 Comm: syz.0.162 Not tainted syzkaller #0 PREEMPT(full) [ 63.982130][ T6412] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 63.982140][ T6412] Call Trace: [ 63.982146][ T6412] [ 63.982151][ T6412] dump_stack_lvl+0x16c/0x1f0 [ 63.982173][ T6412] warn_alloc+0x248/0x3a0 [ 63.982191][ T6412] ? __pfx_warn_alloc+0x10/0x10 [ 63.982209][ T6412] ? alloc_pages_mpol+0x25a/0x550 [ 63.982222][ T6412] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 63.982234][ T6412] ? __pfx_alloc_pages_bulk_mempolicy_noprof+0x10/0x10 [ 63.982257][ T6412] ? __kmalloc_node_noprof+0x364/0x8a0 [ 63.982273][ T6412] ? __get_vm_area_node+0x208/0x330 [ 63.982297][ T6412] __vmalloc_node_range_noprof+0x119b/0x1480 [ 63.982317][ T6412] ? vhost_task_create+0x1d2/0x370 [ 63.982332][ T6412] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 63.982355][ T6412] ? rcu_is_watching+0x12/0xc0 [ 63.982371][ T6412] ? vhost_task_create+0x1d2/0x370 [ 63.982382][ T6412] __vmalloc_node_noprof+0xad/0xf0 [ 63.982401][ T6412] ? vhost_task_create+0x1d2/0x370 [ 63.982433][ T6412] copy_process+0x2c77/0x76a0 [ 63.982472][ T6412] ? __pfx_copy_process+0x10/0x10 [ 63.982497][ T6412] ? lockdep_init_map_type+0x5c/0x280 [ 63.982514][ T6412] ? lockdep_init_map_type+0x5c/0x280 [ 63.982525][ T6412] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 63.982542][ T6412] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 63.982556][ T6412] vhost_task_create+0x1d2/0x370 [ 63.982567][ T6412] ? __pfx_vhost_task_create+0x10/0x10 [ 63.982583][ T6412] ? __pfx_vhost_task_fn+0x10/0x10 [ 63.982627][ T6412] kvm_mmu_post_init_vm+0x1b7/0x380 [ 63.982648][ T6412] kvm_arch_vcpu_ioctl_run+0x66/0x1970 [ 63.982671][ T6412] ? kvm_vcpu_ioctl+0x14c5/0x1690 [ 63.982694][ T6412] kvm_vcpu_ioctl+0x5eb/0x1690 [ 63.982714][ T6412] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 63.982733][ T6412] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 63.982755][ T6412] ? do_vfs_ioctl+0x128/0x14f0 [ 63.982778][ T6412] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 63.982800][ T6412] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 63.982827][ T6412] ? hook_file_ioctl_common+0x145/0x410 [ 63.982854][ T6412] ? selinux_file_ioctl+0x180/0x270 [ 63.982869][ T6412] ? selinux_file_ioctl+0xb4/0x270 [ 63.982883][ T6412] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 63.982896][ T6412] __x64_sys_ioctl+0x18e/0x210 [ 63.982912][ T6412] do_syscall_64+0xcd/0xfa0 [ 63.982930][ T6412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.982941][ T6412] RIP: 0033:0x7f4aefb8eec9 [ 63.982950][ T6412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 63.982965][ T6412] RSP: 002b:00007f4af0b11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 63.982980][ T6412] RAX: ffffffffffffffda RBX: 00007f4aefde5fa0 RCX: 00007f4aefb8eec9 [ 63.982991][ T6412] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000a [ 63.983000][ T6412] RBP: 00007f4af0b11090 R08: 0000000000000000 R09: 0000000000000000 [ 63.983010][ T6412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 63.983019][ T6412] R13: 00007f4aefde6038 R14: 00007f4aefde5fa0 R15: 00007fffcd521b28 [ 63.983043][ T6412] [ 63.983532][ T6412] Mem-Info: [ 63.985630][ T6409] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 63.988535][ T6412] active_anon:23699 inactive_anon:0 isolated_anon:0 [ 63.988535][ T6412] active_file:11206 inactive_file:40629 isolated_file:0 [ 63.988535][ T6412] unevictable:1768 dirty:1799 writeback:0 [ 63.988535][ T6412] slab_reclaimable:12100 slab_unreclaimable:67161 [ 63.988535][ T6412] mapped:24378 shmem:18784 pagetables:1138 [ 63.988535][ T6412] sec_pagetables:311 bounce:0 [ 63.988535][ T6412] kernel_misc_reclaimable:0 [ 63.988535][ T6412] free:442803 free_pcp:22719 free_cma:0 [ 64.118141][ T6412] Node 0 active_anon:94548kB inactive_anon:0kB active_file:44824kB inactive_file:162316kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:97512kB dirty:7196kB writeback:0kB shmem:71600kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12496kB pagetables:4868kB sec_pagetables:1244kB all_unreclaimable? no Balloon:0kB [ 64.132044][ T6412] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:112kB pagetables:180kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 64.144702][ T6412] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 64.157491][ T6412] lowmem_reserve[]: 0 1238 1238 1238 1238 [ 64.160688][ T6412] Node 0 DMA32 free:151828kB boost:0kB min:27580kB low:34472kB high:41364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:94672kB inactive_anon:0kB active_file:44824kB inactive_file:162316kB unevictable:3536kB writepending:7196kB zspages:0kB present:2080628kB managed:1268068kB mlocked:0kB bounce:0kB free_pcp:73332kB local_pcp:21744kB free_cma:0kB [ 64.165932][ T6426] random: crng reseeded on system resumption [ 64.174761][ T6412] lowmem_reserve[]: 0 0 0 0 0 [ 64.179310][ T6412] Node 1 Normal free:1604024kB boost:0kB min:39660kB low:49572kB high:59484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:3536kB writepending:0kB zspages:0kB present:2097152kB managed:1781892kB mlocked:0kB bounce:0kB free_pcp:16092kB local_pcp:5728kB free_cma:0kB [ 64.193542][ T6412] lowmem_reserve[]: 0 0 0 0 0 [ 64.195622][ T6412] Node 0 DMA: 0*4kB [ 64.198129][ T6412] 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 64.202893][ T6412] Node 0 DMA32: 236*4kB (UME) 111*8kB (UM) 46*16kB (UME) 22*32kB (UME) 24*64kB (UM) 17*128kB (UM) 12*256kB (UME) 9*512kB (UME) 6*1024kB (UME) 6*2048kB (UME) 29*4096kB (M) = 151880kB [ 64.211950][ T6412] Node 1 Normal: 8*4kB (UME) 29*8kB (UME) 25*16kB (UME) 17*32kB (UME) 14*64kB (UME) 11*128kB (UME) 2*256kB (U) 5*512kB (UM) 2*1024kB (UE) 1*2048kB (M) 389*4096kB (M) = 1604024kB [ 64.219775][ T6412] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 64.223831][ T6412] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 64.228146][ T6412] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 64.232239][ T6412] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 64.235194][ T6412] 70615 total pagecache pages [ 64.236738][ T6412] 0 pages in swap cache [ 64.238253][ T6412] Free swap = 124996kB [ 64.239632][ T6412] Total swap = 124996kB [ 64.240981][ T6412] 1048443 pages RAM [ 64.242502][ T6412] 0 pages HighMem/MovableOnly [ 64.244017][ T6412] 282113 pages reserved [ 64.245451][ T6412] 0 pages cma reserved [ 64.459490][ T6441] random: crng reseeded on system resumption [ 64.624206][ T6450] netlink: 16 bytes leftover after parsing attributes in process `syz.1.175'. [ 64.735422][ T6460] random: crng reseeded on system resumption [ 64.986736][ T6481] random: crng reseeded on system resumption [ 65.056496][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 65.056510][ T40] audit: type=1400 audit(1759854094.682:188): avc: denied { ioctl } for pid=6489 comm="syz.3.193" path="/dev/dma_heap/system" dev="devtmpfs" ino=712 ioctlcmd=0x4800 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 65.074170][ T6490] FAULT_INJECTION: forcing a failure. [ 65.074170][ T6490] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 65.080703][ T6490] CPU: 2 UID: 0 PID: 6490 Comm: syz.3.193 Not tainted syzkaller #0 PREEMPT(full) [ 65.080719][ T6490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.080726][ T6490] Call Trace: [ 65.080730][ T6490] [ 65.080735][ T6490] dump_stack_lvl+0x16c/0x1f0 [ 65.080760][ T6490] should_fail_ex+0x512/0x640 [ 65.080787][ T6490] should_fail_alloc_page+0xe7/0x130 [ 65.080808][ T6490] prepare_alloc_pages+0x3c2/0x610 [ 65.080829][ T6490] ? rcu_is_watching+0x12/0xc0 [ 65.080854][ T6490] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 65.080880][ T6490] ? __lock_acquire+0x62e/0x1ce0 [ 65.080919][ T6490] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 65.080951][ T6490] ? lockdep_unlock+0x64/0xe0 [ 65.080980][ T6490] ? find_held_lock+0x2b/0x80 [ 65.080995][ T6490] ? rcu_read_unlock+0x17/0x60 [ 65.081012][ T6490] __folio_alloc_noprof+0x11/0x220 [ 65.081029][ T6490] iommu_alloc_pages_node_sz+0x122/0x3c0 [ 65.081046][ T6490] ? __pfx_iommu_alloc_pages_node_sz+0x10/0x10 [ 65.081060][ T6490] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 65.081079][ T6490] ? stack_depot_save_flags+0x3de/0x9c0 [ 65.081100][ T6490] pfn_to_dma_pte+0x33e/0x6a0 [ 65.081118][ T6490] ? __pfx_pfn_to_dma_pte+0x10/0x10 [ 65.081131][ T6490] ? dma_buf_map_attachment+0x15e/0x5f0 [ 65.081145][ T6490] ? drm_ioctl+0x5c9/0xc30 [ 65.081162][ T6490] intel_iommu_map_pages+0x8af/0x1520 [ 65.081182][ T6490] ? lockdep_unlock+0x64/0xe0 [ 65.081204][ T6490] ? __pfx_intel_iommu_map_pages+0x10/0x10 [ 65.081224][ T6490] ? iommu_pgsize+0x294/0x300 [ 65.081244][ T6490] iommu_map_nosync+0x337/0x700 [ 65.081261][ T6490] ? __pfx_iommu_map_nosync+0x10/0x10 [ 65.081274][ T6490] ? lock_acquire+0x179/0x350 [ 65.081285][ T6490] ? find_held_lock+0x2b/0x80 [ 65.081299][ T6490] ? iommu_map_sg+0x5ee/0x9d0 [ 65.081314][ T6490] iommu_map_sg+0x1c1/0x9d0 [ 65.081334][ T6490] iommu_dma_map_sg+0x92d/0xe90 [ 65.081351][ T6490] __dma_map_sg_attrs+0x293/0x590 [ 65.081367][ T6490] dma_map_sgtable+0x78/0x100 [ 65.081397][ T6490] system_heap_map_dma_buf+0x66/0xf0 [ 65.081412][ T6490] dma_buf_map_attachment+0x15e/0x5f0 [ 65.081425][ T6490] dma_buf_map_attachment_unlocked+0x9e/0x150 [ 65.081438][ T6490] drm_gem_prime_import_dev+0x166/0x440 [ 65.081462][ T6490] virtgpu_gem_prime_import+0x16c/0x800 [ 65.081484][ T6490] ? __pfx_virtgpu_gem_prime_import+0x10/0x10 [ 65.081501][ T6490] ? __pfx___mutex_lock+0x10/0x10 [ 65.081517][ T6490] ? find_held_lock+0x2b/0x80 [ 65.081531][ T6490] ? __fget_files+0x204/0x3c0 [ 65.081543][ T6490] ? __fget_files+0x20e/0x3c0 [ 65.081555][ T6490] ? __pfx_virtgpu_gem_prime_import+0x10/0x10 [ 65.081573][ T6490] drm_gem_prime_fd_to_handle+0x1a9/0x5f0 [ 65.081593][ T6490] drm_prime_fd_to_handle_ioctl+0xd6/0x110 [ 65.081605][ T6490] drm_ioctl_kernel+0x1f4/0x3e0 [ 65.081618][ T6490] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 65.081629][ T6490] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 65.081648][ T6490] drm_ioctl+0x5c9/0xc30 [ 65.081663][ T6490] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 65.081675][ T6490] ? __pfx_drm_ioctl+0x10/0x10 [ 65.081695][ T6490] ? selinux_file_ioctl+0x180/0x270 [ 65.081707][ T6490] ? selinux_file_ioctl+0xb4/0x270 [ 65.081718][ T6490] ? __pfx_drm_ioctl+0x10/0x10 [ 65.081732][ T6490] __x64_sys_ioctl+0x18e/0x210 [ 65.081748][ T6490] do_syscall_64+0xcd/0xfa0 [ 65.081766][ T6490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.081777][ T6490] RIP: 0033:0x7faf2e98eec9 [ 65.081786][ T6490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.081800][ T6490] RSP: 002b:00007faf2f8ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 65.081811][ T6490] RAX: ffffffffffffffda RBX: 00007faf2ebe5fa0 RCX: 00007faf2e98eec9 [ 65.081817][ T6490] RDX: 00002000000000c0 RSI: 00000000c00c642e RDI: 0000000000000005 [ 65.081824][ T6490] RBP: 00007faf2f8ee090 R08: 0000000000000000 R09: 0000000000000000 [ 65.081832][ T6490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 65.081838][ T6490] R13: 00007faf2ebe6038 R14: 00007faf2ebe5fa0 R15: 00007fff4c970868 [ 65.081853][ T6490] [ 65.227433][ C2] vkms_vblank_simulate: vblank timer overrun [ 65.344466][ T40] audit: type=1400 audit(1759854094.972:189): avc: denied { ioctl } for pid=6503 comm="syz.0.200" path="socket:[12952]" dev="sockfs" ino=12952 ioctlcmd=0xf506 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 65.503245][ T6520] random: crng reseeded on system resumption [ 65.561342][ T40] audit: type=1400 audit(1759854095.192:190): avc: denied { create } for pid=6524 comm="syz.3.209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 65.572081][ T40] audit: type=1400 audit(1759854095.192:191): avc: denied { write } for pid=6524 comm="syz.3.209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 65.659601][ T6536] netlink: 8 bytes leftover after parsing attributes in process `syz.2.212'. [ 65.689415][ T40] audit: type=1400 audit(1759854095.322:192): avc: denied { add_name } for pid=6538 comm="syz.1.215" name="freezer.self_freezing" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 65.700694][ T40] audit: type=1400 audit(1759854095.322:193): avc: denied { create } for pid=6538 comm="syz.1.215" name="freezer.self_freezing" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 65.708098][ T40] audit: type=1400 audit(1759854095.322:194): avc: denied { associate } for pid=6538 comm="syz.1.215" name="freezer.self_freezing" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 65.716183][ T40] audit: type=1400 audit(1759854095.332:195): avc: denied { append } for pid=6538 comm="syz.1.215" path="/60/file0/freezer.self_freezing" dev="9p" ino=71827929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 65.724907][ T40] audit: type=1400 audit(1759854095.342:196): avc: denied { map } for pid=6538 comm="syz.1.215" path="/60/file0/freezer.self_freezing" dev="9p" ino=71827929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 65.762152][ T65] Bluetooth: hci3: Malformed LE Event: 0x0b [ 65.795831][ T40] audit: type=1400 audit(1759854095.422:197): avc: denied { bind } for pid=6549 comm="syz.3.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 65.845603][ T6559] random: crng reseeded on system resumption [ 66.155130][ T6585] fuse: Unknown parameter 'grou00000000000000000000' [ 66.195465][ T6588] random: crng reseeded on system resumption [ 66.564828][ T6610] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 66.687165][ T1338] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 66.837273][ T1338] usb 6-1: Using ep0 maxpacket: 8 [ 66.842714][ T1338] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 66.845893][ T1338] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 66.851679][ T1338] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 66.855640][ T1338] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.151954][ T6645] FAULT_INJECTION: forcing a failure. [ 67.151954][ T6645] name failslab, interval 1, probability 0, space 0, times 1 [ 67.155901][ T6645] CPU: 3 UID: 0 PID: 6645 Comm: syz.2.261 Not tainted syzkaller #0 PREEMPT(full) [ 67.155917][ T6645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.155924][ T6645] Call Trace: [ 67.155939][ T6645] [ 67.155944][ T6645] dump_stack_lvl+0x16c/0x1f0 [ 67.155983][ T6645] should_fail_ex+0x512/0x640 [ 67.156008][ T6645] ? __kmalloc_cache_noprof+0x5f/0x780 [ 67.156026][ T6645] should_failslab+0xc2/0x120 [ 67.156039][ T6645] __kmalloc_cache_noprof+0x72/0x780 [ 67.156054][ T6645] ? allocate_cgrp_cset_links+0xca/0x230 [ 67.156073][ T6645] ? allocate_cgrp_cset_links+0xca/0x230 [ 67.156087][ T6645] allocate_cgrp_cset_links+0xca/0x230 [ 67.156104][ T6645] find_css_set+0x785/0x1c70 [ 67.156126][ T6645] ? __pfx_find_css_set+0x10/0x10 [ 67.156143][ T6645] ? lockdep_unlock+0x64/0xe0 [ 67.156167][ T6645] cgroup_migrate_prepare_dst+0x10b/0x7f0 [ 67.156183][ T6645] cgroup_attach_task+0x3cc/0x730 [ 67.156196][ T6645] ? __pfx_cgroup_attach_task+0x10/0x10 [ 67.156215][ T6645] ? get_task_cred+0x189/0x360 [ 67.156228][ T6645] __cgroup1_procs_write.constprop.0+0x2bc/0x430 [ 67.156248][ T6645] ? __pfx___cgroup1_procs_write.constprop.0+0x10/0x10 [ 67.156268][ T6645] ? kernfs_root+0xf8/0x2a0 [ 67.156285][ T6645] cgroup_file_write+0x1ec/0x790 [ 67.156300][ T6645] ? __pfx_cgroup1_procs_write+0x10/0x10 [ 67.156318][ T6645] ? __pfx_cgroup_file_write+0x10/0x10 [ 67.156339][ T6645] kernfs_fop_write_iter+0x3af/0x570 [ 67.156353][ T6645] ? __pfx_cgroup_file_write+0x10/0x10 [ 67.156370][ T6645] vfs_write+0x7d3/0x11d0 [ 67.156389][ T6645] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 67.156399][ T6645] ? __pfx___mutex_lock+0x10/0x10 [ 67.156417][ T6645] ? __pfx_vfs_write+0x10/0x10 [ 67.156444][ T6645] ksys_write+0x12a/0x250 [ 67.156454][ T6645] ? __pfx_ksys_write+0x10/0x10 [ 67.156468][ T6645] do_syscall_64+0xcd/0xfa0 [ 67.156485][ T6645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.156497][ T6645] RIP: 0033:0x7fec4ff8eec9 [ 67.156507][ T6645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 67.156517][ T6645] RSP: 002b:00007fec50e4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 67.156527][ T6645] RAX: ffffffffffffffda RBX: 00007fec501e5fa0 RCX: 00007fec4ff8eec9 [ 67.156534][ T6645] RDX: 0000000000000012 RSI: 00002000000001c0 RDI: 0000000000000005 [ 67.156540][ T6645] RBP: 00007fec50e4c090 R08: 0000000000000000 R09: 0000000000000000 [ 67.156546][ T6645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 67.156552][ T6645] R13: 00007fec501e6038 R14: 00007fec501e5fa0 R15: 00007ffebf3c0738 [ 67.156567][ T6645] [ 67.285439][ T6647] loop6: detected capacity change from 0 to 524279808 [ 67.308222][ T6651] input input5: cannot allocate more than FF_MAX_EFFECTS effects [ 67.511431][ T6668] fuse: Unknown parameter 'group_id00000000000000000000' [ 67.998155][ T6683] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 68.030587][ T6683] netlink: 64 bytes leftover after parsing attributes in process `syz.3.275'. [ 68.040912][ T6683] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.162531][ T6689] random: crng reseeded on system resumption [ 68.238207][ T6691] block nbd0: not configured, cannot reconfigure [ 68.907671][ T6715] netlink: 'syz.0.289': attribute type 15 has an invalid length. [ 68.949042][ T65] Bluetooth: hci0: unexpected event 0x14 length: 20 > 6 [ 68.952793][ T6717] Bluetooth: MGMT ver 1.23 [ 69.284113][ T6731] random: crng reseeded on system resumption [ 69.452198][ T6743] random: crng reseeded on system resumption [ 69.473510][ T9] usb 6-1: USB disconnect, device number 2 [ 69.622156][ T6754] FAULT_INJECTION: forcing a failure. [ 69.622156][ T6754] name failslab, interval 1, probability 0, space 0, times 0 [ 69.629173][ T6754] CPU: 0 UID: 0 PID: 6754 Comm: syz.0.307 Not tainted syzkaller #0 PREEMPT(full) [ 69.629204][ T6754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.629216][ T6754] Call Trace: [ 69.629225][ T6754] [ 69.629234][ T6754] dump_stack_lvl+0x16c/0x1f0 [ 69.629281][ T6754] should_fail_ex+0x512/0x640 [ 69.629314][ T6754] ? __kmalloc_noprof+0xca/0x880 [ 69.629347][ T6754] should_failslab+0xc2/0x120 [ 69.629373][ T6754] __kmalloc_noprof+0xdd/0x880 [ 69.629403][ T6754] ? lsm_blob_alloc+0x68/0x90 [ 69.629438][ T6754] ? lsm_blob_alloc+0x68/0x90 [ 69.629464][ T6754] lsm_blob_alloc+0x68/0x90 [ 69.629493][ T6754] security_task_alloc+0x2d/0x260 [ 69.629521][ T6754] copy_process+0x220b/0x76a0 [ 69.629568][ T6754] ? __pfx_copy_process+0x10/0x10 [ 69.629603][ T6754] ? lockdep_init_map_type+0x5c/0x280 [ 69.629627][ T6754] ? lockdep_init_map_type+0x5c/0x280 [ 69.629650][ T6754] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 69.629682][ T6754] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 69.629710][ T6754] vhost_task_create+0x1d2/0x370 [ 69.629733][ T6754] ? __pfx_vhost_task_create+0x10/0x10 [ 69.629767][ T6754] ? __pfx_vhost_task_fn+0x10/0x10 [ 69.629806][ T6754] kvm_mmu_post_init_vm+0x1b7/0x380 [ 69.629833][ T6754] kvm_arch_vcpu_ioctl_run+0x66/0x1970 [ 69.629864][ T6754] ? kvm_vcpu_ioctl+0x14c5/0x1690 [ 69.629896][ T6754] kvm_vcpu_ioctl+0x5eb/0x1690 [ 69.629924][ T6754] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 69.629949][ T6754] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 69.629980][ T6754] ? do_vfs_ioctl+0x128/0x14f0 [ 69.630011][ T6754] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 69.630041][ T6754] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 69.630077][ T6754] ? hook_file_ioctl_common+0x145/0x410 [ 69.630116][ T6754] ? selinux_file_ioctl+0x180/0x270 [ 69.630137][ T6754] ? selinux_file_ioctl+0xb4/0x270 [ 69.630188][ T6754] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 69.630214][ T6754] __x64_sys_ioctl+0x18e/0x210 [ 69.630248][ T6754] do_syscall_64+0xcd/0xfa0 [ 69.630289][ T6754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.630312][ T6754] RIP: 0033:0x7f4aefb8eec9 [ 69.630331][ T6754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.630351][ T6754] RSP: 002b:00007f4af0b11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 69.630380][ T6754] RAX: ffffffffffffffda RBX: 00007f4aefde5fa0 RCX: 00007f4aefb8eec9 [ 69.630395][ T6754] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000a [ 69.630408][ T6754] RBP: 00007f4af0b11090 R08: 0000000000000000 R09: 0000000000000000 [ 69.630422][ T6754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 69.630434][ T6754] R13: 00007f4aefde6038 R14: 00007f4aefde5fa0 R15: 00007fffcd521b28 [ 69.630469][ T6754] [ 70.099074][ T40] kauditd_printk_skb: 34 callbacks suppressed [ 70.099087][ T40] audit: type=1400 audit(1759854099.732:232): avc: denied { write } for pid=6773 comm="syz.3.315" name="ip6_flowlabel" dev="proc" ino=4026533298 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 70.114540][ T6774] FAULT_INJECTION: forcing a failure. [ 70.114540][ T6774] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 70.121120][ T6776] fuse: Bad value for 'user_id' [ 70.121139][ T6776] fuse: Bad value for 'user_id' [ 70.127260][ T6774] CPU: 1 UID: 0 PID: 6774 Comm: syz.3.315 Not tainted syzkaller #0 PREEMPT(full) [ 70.127285][ T6774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.127295][ T6774] Call Trace: [ 70.127302][ T6774] [ 70.127309][ T6774] dump_stack_lvl+0x16c/0x1f0 [ 70.127356][ T6774] should_fail_ex+0x512/0x640 [ 70.127387][ T6774] _copy_from_user+0x2e/0xd0 [ 70.127415][ T6774] kstrtouint_from_user+0xd6/0x1d0 [ 70.127437][ T6774] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 70.127457][ T6774] ? __lock_acquire+0xb97/0x1ce0 [ 70.127497][ T6774] proc_fail_nth_write+0x83/0x220 [ 70.127518][ T6774] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 70.127544][ T6774] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 70.127562][ T6774] vfs_write+0x2a0/0x11d0 [ 70.127594][ T6774] ? __pfx___mutex_lock+0x10/0x10 [ 70.127621][ T6774] ? __pfx_vfs_write+0x10/0x10 [ 70.127656][ T6774] ? __fget_files+0x20e/0x3c0 [ 70.127681][ T6774] ksys_write+0x12a/0x250 [ 70.127697][ T6774] ? __pfx_ksys_write+0x10/0x10 [ 70.127720][ T6774] do_syscall_64+0xcd/0xfa0 [ 70.127747][ T6774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.127764][ T6774] RIP: 0033:0x7faf2e98d97f [ 70.127780][ T6774] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 70.127796][ T6774] RSP: 002b:00007faf2f8ee030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 70.127813][ T6774] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faf2e98d97f [ 70.127824][ T6774] RDX: 0000000000000001 RSI: 00007faf2f8ee0a0 RDI: 0000000000000004 [ 70.127834][ T6774] RBP: 00007faf2f8ee090 R08: 0000000000000000 R09: 0000000000000000 [ 70.127843][ T6774] R10: 000000000000004f R11: 0000000000000293 R12: 0000000000000001 [ 70.127853][ T6774] R13: 00007faf2ebe6038 R14: 00007faf2ebe5fa0 R15: 00007fff4c970868 [ 70.127879][ T6774] [ 70.137321][ T6778] random: crng reseeded on system resumption [ 70.265508][ T40] audit: type=1400 audit(1759854099.892:233): avc: denied { create } for pid=6787 comm="syz.3.320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 70.275105][ T40] audit: type=1400 audit(1759854099.892:234): avc: denied { setopt } for pid=6787 comm="syz.3.320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 70.391460][ T40] audit: type=1400 audit(1759854100.022:235): avc: denied { read write } for pid=6790 comm="syz.3.321" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 70.402104][ T40] audit: type=1400 audit(1759854100.022:236): avc: denied { open } for pid=6790 comm="syz.3.321" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 70.662898][ T6811] random: crng reseeded on system resumption [ 70.692653][ T6813] geneve0: entered promiscuous mode [ 70.695318][ T6813] geneve0: entered allmulticast mode [ 70.702385][ T6813] netlink: 24 bytes leftover after parsing attributes in process `syz.0.327'. [ 70.705372][ T6813] netlink: 24 bytes leftover after parsing attributes in process `syz.0.327'. [ 70.708634][ T6813] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 70.737131][ T6813] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.747513][ T6813] bridge_slave_0: left allmulticast mode [ 70.750306][ T6813] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.874278][ T6824] random: crng reseeded on system resumption [ 70.890124][ T6824] fuse: Bad value for 'fd' [ 71.221342][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.223750][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.474375][ T40] audit: type=1400 audit(1759854101.102:237): avc: denied { mount } for pid=6838 comm="syz.1.340" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 71.475328][ T6839] tmpfs: Bad value for 'nr_blocks' [ 71.483786][ T40] audit: type=1400 audit(1759854101.102:238): avc: denied { remount } for pid=6838 comm="syz.1.340" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 71.506371][ T40] audit: type=1400 audit(1759854101.132:239): avc: denied { unmount } for pid=5933 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 71.871424][ T40] audit: type=1400 audit(1759854101.502:240): avc: denied { create } for pid=6853 comm="syz.0.348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 71.877740][ T40] audit: type=1400 audit(1759854101.502:241): avc: denied { bind } for pid=6853 comm="syz.0.348" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 71.879305][ T6854] netlink: 48 bytes leftover after parsing attributes in process `syz.0.348'. [ 72.234951][ T6871] random: crng reseeded on system resumption [ 72.285205][ T6871] FAULT_INJECTION: forcing a failure. [ 72.285205][ T6871] name failslab, interval 1, probability 0, space 0, times 0 [ 72.290145][ T6871] CPU: 0 UID: 0 PID: 6871 Comm: syz.1.353 Not tainted syzkaller #0 PREEMPT(full) [ 72.290168][ T6871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.290177][ T6871] Call Trace: [ 72.290183][ T6871] [ 72.290188][ T6871] dump_stack_lvl+0x16c/0x1f0 [ 72.290229][ T6871] should_fail_ex+0x512/0x640 [ 72.290250][ T6871] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 72.290268][ T6871] should_failslab+0xc2/0x120 [ 72.290282][ T6871] kmem_cache_alloc_noprof+0x75/0x6e0 [ 72.290298][ T6871] ? __kvm_mmu_topup_memory_cache+0x455/0x600 [ 72.290312][ T6871] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 72.290328][ T6871] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 72.290341][ T6871] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 72.290365][ T6871] mmu_topup_memory_caches+0x25/0x170 [ 72.290398][ T6871] kvm_mmu_load+0xd6/0x23c0 [ 72.290426][ T6871] ? kvm_apic_has_interrupt+0x106/0x1f0 [ 72.290447][ T6871] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 72.290469][ T6871] ? __pfx_kvm_mmu_load+0x10/0x10 [ 72.290495][ T6871] ? kvm_cpu_has_injectable_intr+0x9c/0x1a0 [ 72.290518][ T6871] ? kvm_check_and_inject_events+0x71c/0x1310 [ 72.290575][ T6871] vcpu_run+0x359e/0x5590 [ 72.290597][ T6871] ? __lock_acquire+0xb97/0x1ce0 [ 72.290620][ T6871] ? __pfx_vcpu_run+0x10/0x10 [ 72.290638][ T6871] ? fpu_swap_kvm_fpstate+0x1be/0x410 [ 72.290653][ T6871] ? __local_bh_enable_ip+0xa4/0x120 [ 72.290670][ T6871] ? kvm_arch_vcpu_ioctl_run+0x1023/0x1970 [ 72.290690][ T6871] kvm_arch_vcpu_ioctl_run+0x1023/0x1970 [ 72.290714][ T6871] kvm_vcpu_ioctl+0x5eb/0x1690 [ 72.290728][ T6871] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 72.290741][ T6871] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 72.290757][ T6871] ? do_vfs_ioctl+0x128/0x14f0 [ 72.290776][ T6871] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 72.290798][ T6871] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 72.290822][ T6871] ? hook_file_ioctl_common+0x145/0x410 [ 72.290852][ T6871] ? selinux_file_ioctl+0x180/0x270 [ 72.290871][ T6871] ? selinux_file_ioctl+0xb4/0x270 [ 72.290886][ T6871] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 72.290898][ T6871] __x64_sys_ioctl+0x18e/0x210 [ 72.290915][ T6871] do_syscall_64+0xcd/0xfa0 [ 72.290934][ T6871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.290950][ T6871] RIP: 0033:0x7f8fd5d8eec9 [ 72.290960][ T6871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.290972][ T6871] RSP: 002b:00007f8fd6cd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 72.290983][ T6871] RAX: ffffffffffffffda RBX: 00007f8fd5fe5fa0 RCX: 00007f8fd5d8eec9 [ 72.290990][ T6871] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c [ 72.290996][ T6871] RBP: 00007f8fd6cd5090 R08: 0000000000000000 R09: 0000000000000000 [ 72.291003][ T6871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 72.291011][ T6871] R13: 00007f8fd5fe6038 R14: 00007f8fd5fe5fa0 R15: 00007ffedb4e2528 [ 72.291033][ T6871] [ 72.430347][ T6876] FAULT_INJECTION: forcing a failure. [ 72.430347][ T6876] name failslab, interval 1, probability 0, space 0, times 0 [ 72.434333][ T6876] CPU: 1 UID: 0 PID: 6876 Comm: syz.2.355 Not tainted syzkaller #0 PREEMPT(full) [ 72.434348][ T6876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.434354][ T6876] Call Trace: [ 72.434358][ T6876] [ 72.434363][ T6876] dump_stack_lvl+0x16c/0x1f0 [ 72.434383][ T6876] should_fail_ex+0x512/0x640 [ 72.434400][ T6876] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 72.434419][ T6876] should_failslab+0xc2/0x120 [ 72.434431][ T6876] kmem_cache_alloc_noprof+0x75/0x6e0 [ 72.434447][ T6876] ? skb_clone+0x190/0x3f0 [ 72.434477][ T6876] ? skb_clone+0x190/0x3f0 [ 72.434491][ T6876] ? __asan_memcpy+0x3c/0x60 [ 72.434506][ T6876] skb_clone+0x190/0x3f0 [ 72.434538][ T6876] netlink_trim+0x1f1/0x310 [ 72.434556][ T6876] netlink_broadcast_filtered+0xf1/0xf90 [ 72.434579][ T6876] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 72.434604][ T6876] nlmsg_notify+0x9e/0x220 [ 72.434616][ T6876] qdisc_notify.isra.0+0x225/0x3f0 [ 72.434632][ T6876] qdisc_graft+0xdc6/0x17c0 [ 72.434647][ T6876] ? __pfx_qdisc_graft+0x10/0x10 [ 72.434659][ T6876] ? lockdep_rtnl_is_held+0x26/0x40 [ 72.434673][ T6876] ? rcu_is_watching+0x12/0xc0 [ 72.434691][ T6876] ? qdisc_create+0x5b3/0xfc0 [ 72.434704][ T6876] tc_modify_qdisc+0xf5c/0x2170 [ 72.434718][ T6876] ? rcu_is_watching+0x12/0xc0 [ 72.434745][ T6876] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 72.434758][ T6876] ? __lock_acquire+0x62e/0x1ce0 [ 72.434786][ T6876] ? __pfx_tc_modify_qdisc+0x10/0x10 [ 72.434799][ T6876] rtnetlink_rcv_msg+0x3c6/0xe90 [ 72.434818][ T6876] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 72.434839][ T6876] ? ref_tracker_free+0x37c/0x830 [ 72.434851][ T6876] netlink_rcv_skb+0x158/0x420 [ 72.434860][ T6876] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 72.434878][ T6876] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 72.434893][ T6876] ? netlink_deliver_tap+0x1ae/0xd30 [ 72.434912][ T6876] netlink_unicast+0x5a7/0x870 [ 72.434932][ T6876] ? __pfx_netlink_unicast+0x10/0x10 [ 72.434954][ T6876] netlink_sendmsg+0x8c8/0xdd0 [ 72.434967][ T6876] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.434982][ T6876] ____sys_sendmsg+0xa98/0xc70 [ 72.434999][ T6876] ? copy_msghdr_from_user+0x10a/0x160 [ 72.435015][ T6876] ? __pfx_____sys_sendmsg+0x10/0x10 [ 72.435028][ T6876] ? kfree+0x252/0x6d0 [ 72.435041][ T6876] ? __pfx__kstrtoull+0x10/0x10 [ 72.435058][ T6876] ___sys_sendmsg+0x134/0x1d0 [ 72.435074][ T6876] ? __pfx____sys_sendmsg+0x10/0x10 [ 72.435104][ T6876] ? __pfx___might_resched+0x10/0x10 [ 72.435121][ T6876] __sys_sendmmsg+0x200/0x420 [ 72.435139][ T6876] ? __pfx___sys_sendmmsg+0x10/0x10 [ 72.435160][ T6876] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 72.435183][ T6876] ? fput+0x9b/0xd0 [ 72.435196][ T6876] ? ksys_write+0x1ac/0x250 [ 72.435205][ T6876] ? __pfx_ksys_write+0x10/0x10 [ 72.435217][ T6876] __x64_sys_sendmmsg+0x9c/0x100 [ 72.435233][ T6876] ? lockdep_hardirqs_on+0x7c/0x110 [ 72.435249][ T6876] do_syscall_64+0xcd/0xfa0 [ 72.435266][ T6876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.435276][ T6876] RIP: 0033:0x7fec4ff8eec9 [ 72.435285][ T6876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.435296][ T6876] RSP: 002b:00007fec50e4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 72.435306][ T6876] RAX: ffffffffffffffda RBX: 00007fec501e5fa0 RCX: 00007fec4ff8eec9 [ 72.435313][ T6876] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003 [ 72.435319][ T6876] RBP: 00007fec50e4c090 R08: 0000000000000000 R09: 0000000000000000 [ 72.435325][ T6876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 72.435331][ T6876] R13: 00007fec501e6038 R14: 00007fec501e5fa0 R15: 00007ffebf3c0738 [ 72.435346][ T6876] [ 72.644720][ T6888] tipc: Started in network mode [ 72.647004][ T6888] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 72.651036][ T6888] tipc: Enabling of bearer rejected, failed to enable media [ 72.965485][ T6909] fuse: Bad value for 'fd' [ 73.111650][ T6921] random: crng reseeded on system resumption [ 73.410669][ T6928] syzkaller0: entered promiscuous mode [ 73.412765][ T6928] syzkaller0: entered allmulticast mode [ 73.478269][ T60] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 73.569002][ T6930] random: crng reseeded on system resumption [ 73.638876][ T60] usb 7-1: Using ep0 maxpacket: 8 [ 73.647475][ T60] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 73.651122][ T60] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 73.655687][ T60] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 73.660868][ T60] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 73.665071][ T60] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 73.671036][ T60] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 73.674747][ T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.890069][ T60] usb 7-1: usb_control_msg returned -32 [ 73.892824][ T60] usbtmc 7-1:16.0: can't read capabilities [ 74.833533][ T6955] netlink: 'syz.3.386': attribute type 1 has an invalid length. [ 74.850370][ T6955] 8021q: adding VLAN 0 to HW filter on device bond1 [ 74.894198][ T6955] bond1: (slave veth3): Enslaving as an active interface with a down link [ 74.903517][ T6958] random: crng reseeded on system resumption [ 74.919833][ T6955] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 74.922829][ T6955] bond1: (slave batadv1): dev_set_mac_address on slave failed! ALB mode requires that the base driver support setting the hw address also when the network device's interface is open [ 75.241644][ T6971] random: crng reseeded on system resumption [ 75.266742][ T6972] FAULT_INJECTION: forcing a failure. [ 75.266742][ T6972] name failslab, interval 1, probability 0, space 0, times 0 [ 75.273340][ T6972] CPU: 0 UID: 0 PID: 6972 Comm: syz.0.390 Not tainted syzkaller #0 PREEMPT(full) [ 75.273364][ T6972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.273374][ T6972] Call Trace: [ 75.273381][ T6972] [ 75.273388][ T6972] dump_stack_lvl+0x16c/0x1f0 [ 75.273443][ T6972] should_fail_ex+0x512/0x640 [ 75.273477][ T6972] ? fs_reclaim_acquire+0xae/0x150 [ 75.273499][ T6972] should_failslab+0xc2/0x120 [ 75.273519][ T6972] __kmalloc_noprof+0xdd/0x880 [ 75.273543][ T6972] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 75.273569][ T6972] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 75.273587][ T6972] tomoyo_realpath_from_path+0xc2/0x6e0 [ 75.273608][ T6972] ? tomoyo_profile+0x47/0x60 [ 75.273632][ T6972] tomoyo_path_number_perm+0x245/0x580 [ 75.273655][ T6972] ? tomoyo_path_number_perm+0x237/0x580 [ 75.273683][ T6972] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 75.273710][ T6972] ? find_held_lock+0x2b/0x80 [ 75.273758][ T6972] ? find_held_lock+0x2b/0x80 [ 75.273780][ T6972] ? hook_file_ioctl_common+0x145/0x410 [ 75.273807][ T6972] ? __fget_files+0x20e/0x3c0 [ 75.273828][ T6972] security_file_ioctl+0x9b/0x240 [ 75.273848][ T6972] __x64_sys_ioctl+0xb7/0x210 [ 75.273874][ T6972] do_syscall_64+0xcd/0xfa0 [ 75.273901][ T6972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.273917][ T6972] RIP: 0033:0x7f4aefb8eec9 [ 75.273932][ T6972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.273947][ T6972] RSP: 002b:00007f4af0af0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.273965][ T6972] RAX: ffffffffffffffda RBX: 00007f4aefde6090 RCX: 00007f4aefb8eec9 [ 75.273975][ T6972] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 75.273986][ T6972] RBP: 00007f4af0af0090 R08: 0000000000000000 R09: 0000000000000000 [ 75.273996][ T6972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.274005][ T6972] R13: 00007f4aefde6128 R14: 00007f4aefde6090 R15: 00007fffcd521b28 [ 75.274031][ T6972] [ 75.274039][ T6972] ERROR: Out of memory at tomoyo_realpath_from_path. [ 75.425424][ T6981] netlink: 'syz.3.396': attribute type 8 has an invalid length. [ 75.674134][ T6996] fuse: Bad value for 'rootmode' [ 75.746601][ T7000] tmpfs: Unknown parameter '00000000000000000036' [ 75.920453][ T7004] 9pnet_fd: Insufficient options for proto=fd [ 76.009383][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 76.009395][ T40] audit: type=1400 audit(1759854105.642:258): avc: denied { getopt } for pid=7009 comm="syz.3.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 76.015834][ T7010] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 76.024628][ T40] audit: type=1400 audit(1759854105.652:259): avc: denied { append } for pid=7009 comm="syz.3.408" name="comedi4" dev="devtmpfs" ino=1306 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 76.075500][ T40] audit: type=1400 audit(1759854105.652:260): avc: denied { read } for pid=7009 comm="syz.3.408" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 76.085302][ T40] audit: type=1400 audit(1759854105.652:261): avc: denied { open } for pid=7009 comm="syz.3.408" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 76.103151][ T7014] FAULT_INJECTION: forcing a failure. [ 76.103151][ T7014] name failslab, interval 1, probability 0, space 0, times 0 [ 76.108985][ T7014] CPU: 2 UID: 0 PID: 7014 Comm: syz.3.410 Not tainted syzkaller #0 PREEMPT(full) [ 76.109010][ T7014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.109021][ T7014] Call Trace: [ 76.109028][ T7014] [ 76.109036][ T7014] dump_stack_lvl+0x16c/0x1f0 [ 76.109097][ T7014] should_fail_ex+0x512/0x640 [ 76.109132][ T7014] ? fs_reclaim_acquire+0xae/0x150 [ 76.109155][ T7014] should_failslab+0xc2/0x120 [ 76.109177][ T7014] __kmalloc_noprof+0xdd/0x880 [ 76.109204][ T7014] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 76.109230][ T7014] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 76.109249][ T7014] tomoyo_realpath_from_path+0xc2/0x6e0 [ 76.109271][ T7014] ? tomoyo_profile+0x47/0x60 [ 76.109297][ T7014] tomoyo_path_number_perm+0x245/0x580 [ 76.109324][ T7014] ? tomoyo_path_number_perm+0x237/0x580 [ 76.109354][ T7014] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 76.109383][ T7014] ? find_held_lock+0x2b/0x80 [ 76.109432][ T7014] ? find_held_lock+0x2b/0x80 [ 76.109455][ T7014] ? hook_file_ioctl_common+0x145/0x410 [ 76.109486][ T7014] ? __fget_files+0x20e/0x3c0 [ 76.109510][ T7014] security_file_ioctl+0x9b/0x240 [ 76.109531][ T7014] __x64_sys_ioctl+0xb7/0x210 [ 76.109560][ T7014] do_syscall_64+0xcd/0xfa0 [ 76.109590][ T7014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.109608][ T7014] RIP: 0033:0x7faf2e98eec9 [ 76.109624][ T7014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.109640][ T7014] RSP: 002b:00007faf2f8ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 76.109656][ T7014] RAX: ffffffffffffffda RBX: 00007faf2ebe5fa0 RCX: 00007faf2e98eec9 [ 76.109668][ T7014] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007 [ 76.109679][ T7014] RBP: 00007faf2f8ee090 R08: 0000000000000000 R09: 0000000000000000 [ 76.109689][ T7014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.109700][ T7014] R13: 00007faf2ebe6038 R14: 00007faf2ebe5fa0 R15: 00007fff4c970868 [ 76.109728][ T7014] [ 76.109736][ T7014] ERROR: Out of memory at tomoyo_realpath_from_path. [ 76.248726][ T54] usb 7-1: USB disconnect, device number 2 [ 76.324873][ T40] audit: type=1400 audit(1759854105.952:262): avc: denied { append } for pid=7024 comm="syz.1.414" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 76.416785][ T40] audit: type=1400 audit(1759854106.042:263): avc: denied { read write } for pid=7034 comm="syz.3.418" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 76.425849][ T40] audit: type=1400 audit(1759854106.042:264): avc: denied { open } for pid=7034 comm="syz.3.418" path="/dev/ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 76.436962][ T40] audit: type=1400 audit(1759854106.052:265): avc: denied { ioctl } for pid=7034 comm="syz.3.418" path="/dev/ppp" dev="devtmpfs" ino=730 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 76.472787][ T7039] FAULT_INJECTION: forcing a failure. [ 76.472787][ T7039] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.479902][ T7039] CPU: 3 UID: 0 PID: 7039 Comm: syz.2.419 Not tainted syzkaller #0 PREEMPT(full) [ 76.479929][ T7039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.479940][ T7039] Call Trace: [ 76.479947][ T7039] [ 76.479955][ T7039] dump_stack_lvl+0x16c/0x1f0 [ 76.479986][ T7039] should_fail_ex+0x512/0x640 [ 76.480018][ T7039] _copy_to_user+0x32/0xd0 [ 76.480049][ T7039] simple_read_from_buffer+0xcb/0x170 [ 76.480080][ T7039] proc_fail_nth_read+0x197/0x240 [ 76.480103][ T7039] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 76.480126][ T7039] ? rw_verify_area+0xcf/0x6c0 [ 76.480159][ T7039] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 76.480179][ T7039] vfs_read+0x1e1/0xcf0 [ 76.480217][ T7039] ? __pfx___mutex_lock+0x10/0x10 [ 76.480245][ T7039] ? __pfx_vfs_read+0x10/0x10 [ 76.480280][ T7039] ? __fget_files+0x20e/0x3c0 [ 76.480307][ T7039] ksys_read+0x12a/0x250 [ 76.480323][ T7039] ? __pfx_ksys_read+0x10/0x10 [ 76.480348][ T7039] do_syscall_64+0xcd/0xfa0 [ 76.480377][ T7039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.480395][ T7039] RIP: 0033:0x7fec4ff8d8dc [ 76.480411][ T7039] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 76.480432][ T7039] RSP: 002b:00007fec50e4c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 76.480449][ T7039] RAX: ffffffffffffffda RBX: 00007fec501e5fa0 RCX: 00007fec4ff8d8dc [ 76.480462][ T7039] RDX: 000000000000000f RSI: 00007fec50e4c0a0 RDI: 0000000000000004 [ 76.480477][ T7039] RBP: 00007fec50e4c090 R08: 0000000000000000 R09: 0000000000000000 [ 76.480492][ T7039] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 76.480502][ T7039] R13: 00007fec501e6038 R14: 00007fec501e5fa0 R15: 00007ffebf3c0738 [ 76.480530][ T7039] [ 76.524738][ T7042] netlink: 44 bytes leftover after parsing attributes in process `syz.2.421'. [ 76.635398][ T40] audit: type=1400 audit(1759854106.262:266): avc: denied { create } for pid=7049 comm="syz.0.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 76.646837][ T40] audit: type=1400 audit(1759854106.262:267): avc: denied { write } for pid=7049 comm="syz.0.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 76.767173][ T7060] binder: 7055:7060 ioctl ae80 0 returned -22 [ 76.839000][ T7052] infiniband syz0: set down [ 76.842023][ T7052] infiniband syz0: added bridge0 [ 76.880420][ T7052] RDS/IB: syz0: added [ 76.882532][ T7052] smc: adding ib device syz0 with port count 1 [ 76.885769][ T7052] smc: ib device syz0 port 1 has no pnetid [ 77.065482][ T7073] netlink: 44 bytes leftover after parsing attributes in process `syz.3.432'. [ 77.287452][ T6019] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 77.449304][ T6019] usb 6-1: config 0 has no interfaces? [ 77.454041][ T6019] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 77.458247][ T6019] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.462018][ T6019] usb 6-1: Product: syz [ 77.464321][ T6019] usb 6-1: Manufacturer: syz [ 77.466775][ T6019] usb 6-1: SerialNumber: syz [ 77.472168][ T6019] usb 6-1: config 0 descriptor?? [ 77.804842][ T7093] FAULT_INJECTION: forcing a failure. [ 77.804842][ T7093] name failslab, interval 1, probability 0, space 0, times 0 [ 77.809587][ T7093] CPU: 3 UID: 0 PID: 7093 Comm: syz.0.439 Not tainted syzkaller #0 PREEMPT(full) [ 77.809602][ T7093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.809609][ T7093] Call Trace: [ 77.809613][ T7093] [ 77.809617][ T7093] dump_stack_lvl+0x16c/0x1f0 [ 77.809637][ T7093] should_fail_ex+0x512/0x640 [ 77.809654][ T7093] ? fs_reclaim_acquire+0xae/0x150 [ 77.809668][ T7093] should_failslab+0xc2/0x120 [ 77.809680][ T7093] __kmalloc_noprof+0xdd/0x880 [ 77.809695][ T7093] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 77.809710][ T7093] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 77.809721][ T7093] tomoyo_realpath_from_path+0xc2/0x6e0 [ 77.809734][ T7093] ? tomoyo_profile+0x47/0x60 [ 77.809749][ T7093] tomoyo_path_number_perm+0x245/0x580 [ 77.809765][ T7093] ? tomoyo_path_number_perm+0x237/0x580 [ 77.809783][ T7093] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 77.809800][ T7093] ? find_held_lock+0x2b/0x80 [ 77.809830][ T7093] ? find_held_lock+0x2b/0x80 [ 77.809846][ T7093] ? hook_file_ioctl_common+0x145/0x410 [ 77.809864][ T7093] ? __fget_files+0x20e/0x3c0 [ 77.809877][ T7093] security_file_ioctl+0x9b/0x240 [ 77.809889][ T7093] __x64_sys_ioctl+0xb7/0x210 [ 77.809909][ T7093] do_syscall_64+0xcd/0xfa0 [ 77.809926][ T7093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.809938][ T7093] RIP: 0033:0x7f4aefb8eec9 [ 77.809947][ T7093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.809957][ T7093] RSP: 002b:00007f4af0af0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 77.809968][ T7093] RAX: ffffffffffffffda RBX: 00007f4aefde6090 RCX: 00007f4aefb8eec9 [ 77.809974][ T7093] RDX: 0000200000000180 RSI: 00000000402c542d RDI: 0000000000000003 [ 77.809981][ T7093] RBP: 00007f4af0af0090 R08: 0000000000000000 R09: 0000000000000000 [ 77.809987][ T7093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.809993][ T7093] R13: 00007f4aefde6128 R14: 00007f4aefde6090 R15: 00007fffcd521b28 [ 77.810007][ T7093] [ 77.810011][ T7093] ERROR: Out of memory at tomoyo_realpath_from_path. [ 77.995363][ T7101] netlink: 'syz.2.443': attribute type 72 has an invalid length. [ 78.003648][ T7101] netlink: 36 bytes leftover after parsing attributes in process `syz.2.443'. [ 78.056262][ T7105] FAULT_INJECTION: forcing a failure. [ 78.056262][ T7105] name failslab, interval 1, probability 0, space 0, times 0 [ 78.062318][ T7105] CPU: 0 UID: 0 PID: 7105 Comm: syz.2.445 Not tainted syzkaller #0 PREEMPT(full) [ 78.062343][ T7105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.062353][ T7105] Call Trace: [ 78.062361][ T7105] [ 78.062367][ T7105] dump_stack_lvl+0x16c/0x1f0 [ 78.062392][ T7105] should_fail_ex+0x512/0x640 [ 78.062416][ T7105] ? fs_reclaim_acquire+0xae/0x150 [ 78.062437][ T7105] should_failslab+0xc2/0x120 [ 78.062456][ T7105] __kmalloc_noprof+0xdd/0x880 [ 78.062504][ T7105] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 78.062530][ T7105] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 78.062547][ T7105] tomoyo_realpath_from_path+0xc2/0x6e0 [ 78.062567][ T7105] ? tomoyo_profile+0x47/0x60 [ 78.062591][ T7105] tomoyo_path_number_perm+0x245/0x580 [ 78.062615][ T7105] ? tomoyo_path_number_perm+0x237/0x580 [ 78.062642][ T7105] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 78.062669][ T7105] ? find_held_lock+0x2b/0x80 [ 78.062714][ T7105] ? find_held_lock+0x2b/0x80 [ 78.062734][ T7105] ? hook_file_ioctl_common+0x145/0x410 [ 78.062760][ T7105] ? __fget_files+0x20e/0x3c0 [ 78.062780][ T7105] security_file_ioctl+0x9b/0x240 [ 78.062798][ T7105] __x64_sys_ioctl+0xb7/0x210 [ 78.062824][ T7105] do_syscall_64+0xcd/0xfa0 [ 78.062850][ T7105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.062864][ T7105] RIP: 0033:0x7fec4ff8eec9 [ 78.062878][ T7105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.062893][ T7105] RSP: 002b:00007fec50e4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 78.062911][ T7105] RAX: ffffffffffffffda RBX: 00007fec501e5fa0 RCX: 00007fec4ff8eec9 [ 78.062923][ T7105] RDX: 0000200000000040 RSI: 000000004008af21 RDI: 0000000000000003 [ 78.062937][ T7105] RBP: 00007fec50e4c090 R08: 0000000000000000 R09: 0000000000000000 [ 78.062945][ T7105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.062953][ T7105] R13: 00007fec501e6038 R14: 00007fec501e5fa0 R15: 00007ffebf3c0738 [ 78.062974][ T7105] [ 78.062980][ T7105] ERROR: Out of memory at tomoyo_realpath_from_path. [ 78.607269][ T7124] random: crng reseeded on system resumption [ 79.072746][ T7141] kvm: pic: single mode not supported [ 79.231815][ T7152] fuse: Bad value for 'fd' [ 79.364797][ T7155] No such timeout policy "syz0" [ 80.019945][ T60] usb 6-1: USB disconnect, device number 3 [ 80.054111][ T7160] FAULT_INJECTION: forcing a failure. [ 80.054111][ T7160] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.060875][ T7160] CPU: 3 UID: 0 PID: 7160 Comm: syz.1.465 Not tainted syzkaller #0 PREEMPT(full) [ 80.060901][ T7160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.060911][ T7160] Call Trace: [ 80.060917][ T7160] [ 80.060924][ T7160] dump_stack_lvl+0x16c/0x1f0 [ 80.061008][ T7160] should_fail_ex+0x512/0x640 [ 80.061048][ T7160] _copy_from_iter+0x29f/0x1720 [ 80.061120][ T7160] ? __lock_acquire+0x62e/0x1ce0 [ 80.061167][ T7160] ? __pfx__copy_from_iter+0x10/0x10 [ 80.061198][ T7160] ? find_held_lock+0x2b/0x80 [ 80.061218][ T7160] ? rawv6_sendmsg+0xb68/0x4860 [ 80.061251][ T7160] rawv6_sendmsg+0x238c/0x4860 [ 80.061277][ T7160] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 80.061292][ T7160] ? avc_has_perm_noaudit+0x149/0x3b0 [ 80.061317][ T7160] ? avc_has_perm+0x144/0x1f0 [ 80.061337][ T7160] ? __pfx_avc_has_perm+0x10/0x10 [ 80.061382][ T7160] ? inode_has_perm+0x16f/0x1d0 [ 80.061405][ T7160] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 80.061422][ T7160] ? inet_sendmsg+0x119/0x140 [ 80.061442][ T7160] inet_sendmsg+0x119/0x140 [ 80.061463][ T7160] sock_write_iter+0x509/0x610 [ 80.061482][ T7160] ? __pfx_sock_write_iter+0x10/0x10 [ 80.061508][ T7160] ? bpf_lsm_file_permission+0x9/0x10 [ 80.061524][ T7160] ? security_file_permission+0x71/0x210 [ 80.061543][ T7160] ? rw_verify_area+0xcf/0x6c0 [ 80.061568][ T7160] vfs_write+0x7d3/0x11d0 [ 80.061592][ T7160] ? __pfx_sock_write_iter+0x10/0x10 [ 80.061612][ T7160] ? __pfx_vfs_write+0x10/0x10 [ 80.061634][ T7160] ? find_held_lock+0x2b/0x80 [ 80.061669][ T7160] ksys_write+0x1f8/0x250 [ 80.061683][ T7160] ? __pfx_ksys_write+0x10/0x10 [ 80.061705][ T7160] do_syscall_64+0xcd/0xfa0 [ 80.061730][ T7160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.061747][ T7160] RIP: 0033:0x7f8fd5d8eec9 [ 80.061762][ T7160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.061776][ T7160] RSP: 002b:00007f8fd6cd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 80.061792][ T7160] RAX: ffffffffffffffda RBX: 00007f8fd5fe5fa0 RCX: 00007f8fd5d8eec9 [ 80.061803][ T7160] RDX: 00000000000005ac RSI: 00002000000000c0 RDI: 0000000000000004 [ 80.061812][ T7160] RBP: 00007f8fd6cd5090 R08: 0000000000000000 R09: 0000000000000000 [ 80.061821][ T7160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.061830][ T7160] R13: 00007f8fd5fe6038 R14: 00007f8fd5fe5fa0 R15: 00007ffedb4e2528 [ 80.061853][ T7160] [ 81.057326][ T65] Bluetooth: hci0: command 0x0c1a tx timeout [ 81.057346][ T7135] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 81.964025][ T7135] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 81.972577][ T7135] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 81.980028][ T7135] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 81.982980][ T7135] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 81.988433][ T7135] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 81.991793][ T7135] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 81.993910][ T7135] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 81.996696][ T7135] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 82.001622][ T7135] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 82.003792][ T7135] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 82.007888][ T7135] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 82.056477][ T7168] futex_wake_op: syz.3.469 tries to shift op by 32; fix this program [ 82.059887][ T7168] xt_CT: You must specify a L4 protocol and not use inversions on it [ 82.134852][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 82.134862][ T40] audit: type=1400 audit(1759854111.762:279): avc: denied { bind } for pid=7176 comm="syz.3.472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 82.146072][ T7179] random: crng reseeded on system resumption [ 82.153050][ T40] audit: type=1400 audit(1759854111.762:280): avc: denied { name_bind } for pid=7176 comm="syz.3.472" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 82.163070][ T40] audit: type=1400 audit(1759854111.762:281): avc: denied { node_bind } for pid=7176 comm="syz.3.472" saddr=::ffff:0.0.0.0 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 82.173879][ T40] audit: type=1400 audit(1759854111.762:282): avc: denied { read } for pid=7176 comm="syz.3.472" path="socket:[19585]" dev="sockfs" ino=19585 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 82.177587][ T7182] FAULT_INJECTION: forcing a failure. [ 82.177587][ T7182] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.184522][ T40] audit: type=1400 audit(1759854111.762:283): avc: denied { read } for pid=7176 comm="syz.3.472" laddr=::ffff:127.0.0.1 lport=20001 faddr=::ffff:127.0.0.1 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 82.188362][ T7182] CPU: 3 UID: 0 PID: 7182 Comm: syz.3.474 Not tainted syzkaller #0 PREEMPT(full) [ 82.188383][ T7182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.188391][ T7182] Call Trace: [ 82.188397][ T7182] [ 82.188403][ T7182] dump_stack_lvl+0x16c/0x1f0 [ 82.188428][ T7182] should_fail_ex+0x512/0x640 [ 82.188454][ T7182] _copy_from_user+0x2e/0xd0 [ 82.188476][ T7182] copy_msghdr_from_user+0x98/0x160 [ 82.188498][ T7182] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 82.188527][ T7182] ___sys_sendmsg+0xfe/0x1d0 [ 82.188548][ T7182] ? __pfx____sys_sendmsg+0x10/0x10 [ 82.188589][ T7182] __sys_sendmsg+0x16d/0x220 [ 82.188609][ T7182] ? __pfx___sys_sendmsg+0x10/0x10 [ 82.188640][ T7182] do_syscall_64+0xcd/0xfa0 [ 82.188662][ T7182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.188676][ T7182] RIP: 0033:0x7faf2e98eec9 [ 82.188687][ T7182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.188701][ T7182] RSP: 002b:00007faf2f8ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.188715][ T7182] RAX: ffffffffffffffda RBX: 00007faf2ebe5fa0 RCX: 00007faf2e98eec9 [ 82.188724][ T7182] RDX: 0000000000004000 RSI: 0000200000001500 RDI: 0000000000000005 [ 82.188732][ T7182] RBP: 00007faf2f8ee090 R08: 0000000000000000 R09: 0000000000000000 [ 82.188740][ T7182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.188748][ T7182] R13: 00007faf2ebe6038 R14: 00007faf2ebe5fa0 R15: 00007fff4c970868 [ 82.188767][ T7182] [ 82.911393][ T7193] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 82.914479][ T7193] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 1th superblock [ 82.917466][ T7193] F2FS-fs (nbd0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 82.920092][ T7193] F2FS-fs (nbd0): Can't find valid F2FS filesystem in 2th superblock [ 83.041037][ T40] audit: type=1400 audit(1759854112.672:284): avc: denied { mount } for pid=7198 comm="syz.2.480" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 83.052070][ T40] audit: type=1400 audit(1759854112.682:285): avc: denied { watch watch_reads } for pid=7198 comm="syz.2.480" path="/102/file0" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1 [ 83.063638][ T7199] netlink: 76 bytes leftover after parsing attributes in process `syz.2.480'. [ 83.095016][ T7205] netlink: 76 bytes leftover after parsing attributes in process `syz.0.482'. [ 83.098789][ T7205] FAULT_INJECTION: forcing a failure. [ 83.098789][ T7205] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.102803][ T7205] CPU: 2 UID: 0 PID: 7205 Comm: syz.0.482 Not tainted syzkaller #0 PREEMPT(full) [ 83.102818][ T7205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.102825][ T7205] Call Trace: [ 83.102829][ T7205] [ 83.102836][ T7205] dump_stack_lvl+0x16c/0x1f0 [ 83.102876][ T7205] should_fail_ex+0x512/0x640 [ 83.102903][ T7205] _copy_from_user+0x2e/0xd0 [ 83.102921][ T7205] copy_msghdr_from_user+0x98/0x160 [ 83.102945][ T7205] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 83.102968][ T7205] ___sys_sendmsg+0xfe/0x1d0 [ 83.102985][ T7205] ? __pfx____sys_sendmsg+0x10/0x10 [ 83.103018][ T7205] __sys_sendmsg+0x16d/0x220 [ 83.103035][ T7205] ? __pfx___sys_sendmsg+0x10/0x10 [ 83.103059][ T7205] do_syscall_64+0xcd/0xfa0 [ 83.103077][ T7205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.103089][ T7205] RIP: 0033:0x7f4aefb8eec9 [ 83.103098][ T7205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.103115][ T7205] RSP: 002b:00007f4af0b11038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 83.103126][ T7205] RAX: ffffffffffffffda RBX: 00007f4aefde5fa0 RCX: 00007f4aefb8eec9 [ 83.103134][ T7205] RDX: 0000000020041080 RSI: 0000200000006040 RDI: 0000000000000007 [ 83.103140][ T7205] RBP: 00007f4af0b11090 R08: 0000000000000000 R09: 0000000000000000 [ 83.103147][ T7205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.103153][ T7205] R13: 00007f4aefde6038 R14: 00007f4aefde5fa0 R15: 00007fffcd521b28 [ 83.103168][ T7205] [ 83.138726][ T65] Bluetooth: hci0: command 0x0c1a tx timeout [ 83.144319][ C2] vkms_vblank_simulate: vblank timer overrun [ 83.218663][ T7207] netlink: 12 bytes leftover after parsing attributes in process `syz.3.483'. [ 83.252507][ T40] audit: type=1400 audit(1759854112.882:286): avc: denied { unmount } for pid=5934 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 83.580467][ T7223] FAULT_INJECTION: forcing a failure. [ 83.580467][ T7223] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.585893][ T7223] CPU: 0 UID: 0 PID: 7223 Comm: syz.1.491 Not tainted syzkaller #0 PREEMPT(full) [ 83.585918][ T7223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.585930][ T7223] Call Trace: [ 83.585937][ T7223] [ 83.585944][ T7223] dump_stack_lvl+0x16c/0x1f0 [ 83.585976][ T7223] should_fail_ex+0x512/0x640 [ 83.586008][ T7223] _copy_from_iter+0x29f/0x1720 [ 83.586040][ T7223] ? __lock_acquire+0x62e/0x1ce0 [ 83.586070][ T7223] ? __pfx__copy_from_iter+0x10/0x10 [ 83.586110][ T7223] vhost_chr_write_iter+0xc8/0x10f0 [ 83.586139][ T7223] ? get_pid_task+0xfc/0x250 [ 83.586159][ T7223] ? __pfx_vhost_chr_write_iter+0x10/0x10 [ 83.586192][ T7223] ? selinux_file_permission+0x126/0x660 [ 83.586214][ T7223] ? bpf_lsm_file_permission+0x9/0x10 [ 83.586232][ T7223] ? security_file_permission+0x71/0x210 [ 83.586255][ T7223] ? rw_verify_area+0xcf/0x6c0 [ 83.586285][ T7223] vfs_write+0x7d3/0x11d0 [ 83.586395][ T7223] ? __pfx_vhost_net_chr_write_iter+0x10/0x10 [ 83.586488][ T7223] ? __pfx_vfs_write+0x10/0x10 [ 83.586516][ T7223] ? find_held_lock+0x2b/0x80 [ 83.586551][ T7223] ksys_write+0x12a/0x250 [ 83.586566][ T7223] ? __pfx_ksys_write+0x10/0x10 [ 83.586591][ T7223] do_syscall_64+0xcd/0xfa0 [ 83.586617][ T7223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.586633][ T7223] RIP: 0033:0x7f8fd5d8eec9 [ 83.586649][ T7223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.586665][ T7223] RSP: 002b:00007f8fd6cd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 83.586681][ T7223] RAX: ffffffffffffffda RBX: 00007f8fd5fe5fa0 RCX: 00007f8fd5d8eec9 [ 83.586690][ T7223] RDX: 0000000000000048 RSI: 0000200000000180 RDI: 0000000000000003 [ 83.586698][ T7223] RBP: 00007f8fd6cd5090 R08: 0000000000000000 R09: 0000000000000000 [ 83.586707][ T7223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.586715][ T7223] R13: 00007f8fd5fe6038 R14: 00007f8fd5fe5fa0 R15: 00007ffedb4e2528 [ 83.586736][ T7223] [ 83.710301][ T7228] fuse: Unknown parameter '00000000000000000003' [ 83.801310][ T40] audit: type=1400 audit(1759854113.432:287): avc: denied { read } for pid=7241 comm="syz.1.496" path="socket:[20611]" dev="sockfs" ino=20611 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 83.853184][ T40] audit: type=1400 audit(1759854113.482:288): avc: denied { write } for pid=7241 comm="syz.1.496" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 83.854663][ T7244] netlink: 'syz.1.496': attribute type 33 has an invalid length. [ 83.864060][ T7244] netlink: 152 bytes leftover after parsing attributes in process `syz.1.496'. [ 84.017597][ T65] Bluetooth: hci3: command 0x0c1a tx timeout [ 84.017620][ T5937] Bluetooth: hci2: command 0x0c1a tx timeout [ 84.020612][ T65] Bluetooth: hci1: command 0x0c1a tx timeout [ 84.145143][ T7253] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=7253 comm=syz.0.498 [ 84.149706][ T7253] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=7253 comm=syz.0.498 [ 84.188941][ T7255] capability: warning: `syz.0.499' uses deprecated v2 capabilities in a way that may be insecure [ 84.193482][ T7255] Cannot find add_set index 0 as target [ 84.759451][ T7283] netlink: 'syz.1.511': attribute type 1 has an invalid length. [ 84.775765][ T7283] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.784329][ T7283] vlan2: entered promiscuous mode [ 84.790496][ T7283] bond1: entered promiscuous mode [ 84.802028][ T7284] netlink: 'syz.0.506': attribute type 4 has an invalid length. [ 84.803891][ T7283] gretap1: entered promiscuous mode [ 84.811134][ T7283] bond1: (slave gretap1): making interface the new active one [ 84.815014][ T7283] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 84.822190][ T7291] random: crng reseeded on system resumption [ 84.860398][ T7292] Invalid logical block size (-3) [ 85.169274][ T7309] FAULT_INJECTION: forcing a failure. [ 85.169274][ T7309] name failslab, interval 1, probability 0, space 0, times 0 [ 85.176846][ T7309] CPU: 3 UID: 0 PID: 7309 Comm: syz.1.521 Not tainted syzkaller #0 PREEMPT(full) [ 85.176865][ T7309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.176873][ T7309] Call Trace: [ 85.176877][ T7309] [ 85.176882][ T7309] dump_stack_lvl+0x16c/0x1f0 [ 85.176923][ T7309] should_fail_ex+0x512/0x640 [ 85.176944][ T7309] ? __kmalloc_noprof+0xca/0x880 [ 85.176962][ T7309] should_failslab+0xc2/0x120 [ 85.176978][ T7309] __kmalloc_noprof+0xdd/0x880 [ 85.176999][ T7309] ? kernfs_fop_write_iter+0x237/0x570 [ 85.177020][ T7309] ? kernfs_fop_write_iter+0x237/0x570 [ 85.177036][ T7309] kernfs_fop_write_iter+0x237/0x570 [ 85.177068][ T7309] vfs_write+0x7d3/0x11d0 [ 85.177088][ T7309] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 85.177112][ T7309] ? __pfx___mutex_lock+0x10/0x10 [ 85.177138][ T7309] ? __pfx_vfs_write+0x10/0x10 [ 85.177176][ T7309] ksys_write+0x12a/0x250 [ 85.177188][ T7309] ? __pfx_ksys_write+0x10/0x10 [ 85.177206][ T7309] do_syscall_64+0xcd/0xfa0 [ 85.177227][ T7309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.177242][ T7309] RIP: 0033:0x7f8fd5d8eec9 [ 85.177254][ T7309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.177267][ T7309] RSP: 002b:00007f8fd6cd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 85.177281][ T7309] RAX: ffffffffffffffda RBX: 00007f8fd5fe5fa0 RCX: 00007f8fd5d8eec9 [ 85.177289][ T7309] RDX: 000000000000000a RSI: 0000200000000140 RDI: 0000000000000004 [ 85.177298][ T7309] RBP: 00007f8fd6cd5090 R08: 0000000000000000 R09: 0000000000000000 [ 85.177306][ T7309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 85.177313][ T7309] R13: 00007f8fd5fe6038 R14: 00007f8fd5fe5fa0 R15: 00007ffedb4e2528 [ 85.177343][ T7309] [ 85.240503][ T65] Bluetooth: hci0: command 0x0c1a tx timeout [ 85.284973][ T7313] random: crng reseeded on system resumption [ 85.294944][ T7311] DMAR: ERROR: DMA PTE for vPFN 0xbeb00 already set (to 5f000003 not 5f000003) [ 85.301449][ T7311] ------------[ cut here ]------------ [ 85.303892][ T7311] WARNING: CPU: 1 PID: 7311 at drivers/iommu/intel/iommu.c:1679 intel_iommu_map_pages+0xaa7/0x1520 [ 85.309006][ T7311] Modules linked in: [ 85.311369][ T7311] CPU: 1 UID: 0 PID: 7311 Comm: syz.3.522 Not tainted syzkaller #0 PREEMPT(full) [ 85.316743][ T7311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.322662][ T7311] RIP: 0010:intel_iommu_map_pages+0xaa7/0x1520 [ 85.324535][ T7311] Code: 66 5c fc 8b 2d ea 75 cc 09 31 ff 89 ee e8 c1 0c 7e fc 85 ed 74 0e e8 78 11 7e fc 83 ed 01 89 2d cf 75 cc 09 e8 6a 11 7e fc 90 <0f> 0b 90 e9 da fa ff ff e8 5c 11 7e fc 4c 8b 7c 24 40 48 8d 43 ff [ 85.330134][ T7311] RSP: 0018:ffffc9000de9f5d0 EFLAGS: 00010283 [ 85.332382][ T7311] RAX: 0000000000005d94 RBX: ffff888057280800 RCX: ffffc900077b3000 [ 85.335553][ T7311] RDX: 0000000000080000 RSI: ffffffff853e5356 RDI: 0000000000000005 [ 85.339307][ T7311] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000000 [ 85.342758][ T7311] R10: 0000000000000005 R11: 0000000000000000 R12: 00000000000ffb00 [ 85.346079][ T7311] R13: 0000000000000001 R14: 000000005f000003 R15: 0000000000000002 [ 85.349383][ T7311] FS: 00007faf2f8ee6c0(0000) GS:ffff8880d6adf000(0000) knlGS:0000000000000000 [ 85.352944][ T7311] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.355733][ T7311] CR2: 0000555579c68808 CR3: 0000000057829000 CR4: 0000000000352ef0 [ 85.359889][ T7311] Call Trace: [ 85.361708][ T7311] [ 85.363343][ T7311] ? __pfx_intel_iommu_map_pages+0x10/0x10 [ 85.365861][ T7311] ? iommu_pgsize+0x294/0x300 [ 85.368398][ T7311] iommu_map_nosync+0x337/0x700 [ 85.370475][ T7311] ? __pfx_iommu_map_nosync+0x10/0x10 [ 85.372984][ T7311] ? lock_acquire+0x179/0x350 [ 85.376516][ T7311] ? find_held_lock+0x2b/0x80 [ 85.379500][ T7311] ? iommu_map_sg+0x5ee/0x9d0 [ 85.382250][ T7311] iommu_map_sg+0x1c1/0x9d0 [ 85.384710][ T7311] iommu_dma_map_sg+0x92d/0xe90 [ 85.387643][ T7311] __dma_map_sg_attrs+0x293/0x590 [ 85.390166][ T7311] dma_map_sgtable+0x78/0x100 [ 85.392435][ T7311] system_heap_map_dma_buf+0x66/0xf0 [ 85.394534][ T7311] dma_buf_map_attachment+0x15e/0x5f0 [ 85.396679][ T7311] dma_buf_map_attachment_unlocked+0x9e/0x150 [ 85.399294][ T7311] drm_gem_prime_import_dev+0x166/0x440 [ 85.401477][ T7311] virtgpu_gem_prime_import+0x16c/0x800 [ 85.404259][ T7311] ? __pfx_virtgpu_gem_prime_import+0x10/0x10 [ 85.407347][ T7311] ? __pfx___mutex_lock+0x10/0x10 [ 85.409537][ T7311] ? find_held_lock+0x2b/0x80 [ 85.411229][ T7311] ? __fget_files+0x204/0x3c0 [ 85.413084][ T7311] ? __fget_files+0x20e/0x3c0 [ 85.414726][ T7311] ? __pfx_virtgpu_gem_prime_import+0x10/0x10 [ 85.416586][ T7311] drm_gem_prime_fd_to_handle+0x1a9/0x5f0 [ 85.418543][ T7311] drm_prime_fd_to_handle_ioctl+0xd6/0x110 [ 85.420313][ T7311] drm_ioctl_kernel+0x1f4/0x3e0 [ 85.421903][ T7311] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 85.424005][ T7311] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 85.425666][ T7311] drm_ioctl+0x5c9/0xc30 [ 85.427023][ T7311] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 85.429156][ T7311] ? __pfx_drm_ioctl+0x10/0x10 [ 85.430732][ T7311] ? selinux_file_ioctl+0x180/0x270 [ 85.432416][ T7311] ? selinux_file_ioctl+0xb4/0x270 [ 85.433998][ T7311] ? __pfx_drm_ioctl+0x10/0x10 [ 85.435482][ T7311] __x64_sys_ioctl+0x18e/0x210 [ 85.436942][ T7311] do_syscall_64+0xcd/0xfa0 [ 85.438635][ T7311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.440700][ T7311] RIP: 0033:0x7faf2e98eec9 [ 85.442246][ T7311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.448845][ T7311] RSP: 002b:00007faf2f8ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.451332][ T7311] RAX: ffffffffffffffda RBX: 00007faf2ebe5fa0 RCX: 00007faf2e98eec9 [ 85.453668][ T7311] RDX: 00002000000000c0 RSI: 00000000c00c642e RDI: 000000000000000d [ 85.456048][ T7311] RBP: 00007faf2ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 85.458900][ T7311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.461319][ T7311] R13: 00007faf2ebe6038 R14: 00007faf2ebe5fa0 R15: 00007fff4c970868 [ 85.463869][ T7311] [ 85.464868][ T7311] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 85.467116][ T7311] CPU: 1 UID: 0 PID: 7311 Comm: syz.3.522 Not tainted syzkaller #0 PREEMPT(full) [ 85.470006][ T7311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.473538][ T7311] Call Trace: [ 85.474635][ T7311] [ 85.475780][ T7311] dump_stack_lvl+0x3d/0x1f0 [ 85.477450][ T7311] vpanic+0x640/0x6f0 [ 85.478805][ T7311] ? intel_iommu_map_pages+0xaa7/0x1520 [ 85.480569][ T7311] panic+0xca/0xd0 [ 85.481955][ T7311] ? __pfx_panic+0x10/0x10 [ 85.483524][ T7311] check_panic_on_warn+0xab/0xb0 [ 85.485124][ T7311] __warn+0xf6/0x3c0 [ 85.486349][ T7311] ? intel_iommu_map_pages+0xaa7/0x1520 [ 85.488137][ T7311] report_bug+0x3c3/0x580 [ 85.489493][ T7311] ? intel_iommu_map_pages+0xaa7/0x1520 [ 85.491289][ T7311] handle_bug+0x184/0x210 [ 85.492816][ T7311] exc_invalid_op+0x17/0x50 [ 85.494245][ T7311] asm_exc_invalid_op+0x1a/0x20 [ 85.496290][ T7311] RIP: 0010:intel_iommu_map_pages+0xaa7/0x1520 [ 85.498489][ T7311] Code: 66 5c fc 8b 2d ea 75 cc 09 31 ff 89 ee e8 c1 0c 7e fc 85 ed 74 0e e8 78 11 7e fc 83 ed 01 89 2d cf 75 cc 09 e8 6a 11 7e fc 90 <0f> 0b 90 e9 da fa ff ff e8 5c 11 7e fc 4c 8b 7c 24 40 48 8d 43 ff [ 85.505022][ T7311] RSP: 0018:ffffc9000de9f5d0 EFLAGS: 00010283 [ 85.506957][ T7311] RAX: 0000000000005d94 RBX: ffff888057280800 RCX: ffffc900077b3000 [ 85.509407][ T7311] RDX: 0000000000080000 RSI: ffffffff853e5356 RDI: 0000000000000005 [ 85.511849][ T7311] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000000 [ 85.514304][ T7311] R10: 0000000000000005 R11: 0000000000000000 R12: 00000000000ffb00 [ 85.516885][ T7311] R13: 0000000000000001 R14: 000000005f000003 R15: 0000000000000002 [ 85.519614][ T7311] ? intel_iommu_map_pages+0xaa6/0x1520 [ 85.521715][ T7311] ? __pfx_intel_iommu_map_pages+0x10/0x10 [ 85.523929][ T7311] ? iommu_pgsize+0x294/0x300 [ 85.525664][ T7311] iommu_map_nosync+0x337/0x700 [ 85.527192][ T7311] ? __pfx_iommu_map_nosync+0x10/0x10 [ 85.528857][ T7311] ? lock_acquire+0x179/0x350 [ 85.530327][ T7311] ? find_held_lock+0x2b/0x80 [ 85.531774][ T7311] ? iommu_map_sg+0x5ee/0x9d0 [ 85.533631][ T7311] iommu_map_sg+0x1c1/0x9d0 [ 85.535152][ T7311] iommu_dma_map_sg+0x92d/0xe90 [ 85.536659][ T7311] __dma_map_sg_attrs+0x293/0x590 [ 85.538232][ T7311] dma_map_sgtable+0x78/0x100 [ 85.539841][ T7311] system_heap_map_dma_buf+0x66/0xf0 [ 85.542280][ T7311] dma_buf_map_attachment+0x15e/0x5f0 [ 85.544669][ T7311] dma_buf_map_attachment_unlocked+0x9e/0x150 [ 85.547259][ T7311] drm_gem_prime_import_dev+0x166/0x440 [ 85.549472][ T7311] virtgpu_gem_prime_import+0x16c/0x800 [ 85.551735][ T7311] ? __pfx_virtgpu_gem_prime_import+0x10/0x10 [ 85.553715][ T7311] ? __pfx___mutex_lock+0x10/0x10 [ 85.555270][ T7311] ? find_held_lock+0x2b/0x80 [ 85.556683][ T7311] ? __fget_files+0x204/0x3c0 [ 85.558203][ T7311] ? __fget_files+0x20e/0x3c0 [ 85.560145][ T7311] ? __pfx_virtgpu_gem_prime_import+0x10/0x10 [ 85.562351][ T7311] drm_gem_prime_fd_to_handle+0x1a9/0x5f0 [ 85.564390][ T7311] drm_prime_fd_to_handle_ioctl+0xd6/0x110 [ 85.566348][ T7311] drm_ioctl_kernel+0x1f4/0x3e0 [ 85.567857][ T7311] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 85.569775][ T7311] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 85.571430][ T7311] drm_ioctl+0x5c9/0xc30 [ 85.572788][ T7311] ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10 [ 85.574744][ T7311] ? __pfx_drm_ioctl+0x10/0x10 [ 85.576266][ T7311] ? selinux_file_ioctl+0x180/0x270 [ 85.577910][ T7311] ? selinux_file_ioctl+0xb4/0x270 [ 85.579481][ T7311] ? __pfx_drm_ioctl+0x10/0x10 [ 85.580955][ T7311] __x64_sys_ioctl+0x18e/0x210 [ 85.582481][ T7311] do_syscall_64+0xcd/0xfa0 [ 85.583899][ T7311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.585690][ T7311] RIP: 0033:0x7faf2e98eec9 [ 85.587063][ T7311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.592885][ T7311] RSP: 002b:00007faf2f8ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.595576][ T7311] RAX: ffffffffffffffda RBX: 00007faf2ebe5fa0 RCX: 00007faf2e98eec9 [ 85.598569][ T7311] RDX: 00002000000000c0 RSI: 00000000c00c642e RDI: 000000000000000d [ 85.601126][ T7311] RBP: 00007faf2ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 85.603658][ T7311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.606049][ T7311] R13: 00007faf2ebe6038 R14: 00007faf2ebe5fa0 R15: 00007fff4c970868 [ 85.608520][ T7311] [ 85.610332][ T7311] Kernel Offset: disabled [ 85.611796][ T7311] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:21:55 Registers: info registers vcpu 0 CPU#0 RAX=00000000000d491b RBX=0000000000000000 RCX=ffffffff8b6512d9 RDX=0000000000000000 RSI=ffffffff8db02630 RDI=ffffffff8bf1cfc0 RBP=fffffbfff1c12f40 RSP=ffffffff8e007df8 R8 =0000000000000001 R9 =ffffed100d486655 R10=ffff88806a4332ab R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097a00 R14=ffffffff908323d0 R15=0000000000000000 RIP=ffffffff8b64fd8f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69df000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8fd6cd4f98 CR3=000000004ed42000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000002000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffedb4e28b0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e12fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e12fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e12fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e12fd9 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e1305f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e1313d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff852f7855 RDI=ffffffff9ae007c0 RBP=ffffffff9ae00780 RSP=ffffc9000de9ef40 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ae00780 R15=ffffffff852f77f0 RIP=ffffffff852f787f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007faf2f8ee6c0 ffffffff 00c00000 GS =0000 ffff8880d6adf000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000555579c68808 CR3=0000000057829000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 74756f656d69745f 657a656572665f6d ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec50012fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec50012fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec50012fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec50012fd9 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec5001305f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fec5001313d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0004000500000000 307a797300020009 000065636166692c 74656e3a68736168 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4012000800000000 0015000580070014 0000000a00050004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000307a7973 0002000900006563 6166692c74656e3a 6873616800030013 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080000000 RBX=0000000000000037 RCX=ffffffff84608cbc RDX=ffff8880229dc900 RSI=ffffffff84608c6b RDI=0000000000000003 RBP=dffffc0000000000 RSP=ffffc90003aaf970 R8 =0000000000000003 R9 =0000000000000100 R10=0000000000000037 R11=0000000000000000 R12=ffffc90003aafa50 R13=ffff88802c8b9bb0 R14=0000000000000036 R15=0000000000000000 RIP=ffffffff81bc64d7 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007ffa173c7880 ffffffff 00c00000 GS =0000 ffff8880d6bdf000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c411481 CR3=000000004ed61000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000010000002 Opmask01=0000000000004211 Opmask02=00000000013e002f Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3233323a3031632f 617461642f766564 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 00007ffcdbbc8430 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffa173dd7f0 00007ffa173dd7e0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffff0000000000ff ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffff000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e5552006d25203a 7d73257b52545441 20676e6974697277 20726f7272650065 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e55520041090c16 515f095752545441 0c4b424558455e5b 0c5e435e5e490049 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 0000000000000000 00007ffcdbbc8430 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a756b733a302e 30312d3533712d63 707276633a317463 3a554d45516e7663 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a302e30312d3533 712d63707276703a 29393030322c3948 43492b3533512843 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50647261646e6174 536e703a554d4551 6e76733a302e3072 623a343130322f31 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302f343064623a31 2b32316f70627e32 2d332e36312e312d 6e61696265642d33 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000014100 000000000000303d 44440045525f5346 0054242044492065 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 282b2e2fdf37342d 280bbfbf23243324 26312033fc040f18 1317140d080b0412 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343133bffc121104 1214041204110814 100411bffc040f18 1317140d080b0412 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000080000001 RBX=0000000000000003 RCX=00000000d30497a7 RDX=ffffffff816b765d RSI=ffffffff8bf1cf40 RDI=ffffffff8bf1cf80 RBP=ffffc900067bf168 RSP=ffffc900067bf070 R8 =2d3d70d8468c6755 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffffff81a75c80 R13=ffffc900067bf120 R14=0000000000000000 R15=ffff888029ea0000 RIP=ffffffff8b651a7d RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f8fd6cd56c0 ffffffff 00c00000 GS =0000 ffff8880d6cdf000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3ada7f CR3=0000000035003000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000ffffc000 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e12fbe ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e12fcb ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e12fc5 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e12fd9 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e1305f ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8fd5e1313d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 2323232323232323 2323232323232323 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000031647261632f 6972642f7665642f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000012475142400c 4a51470c5546470c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000