last executing test programs: 6.682589338s ago: executing program 3 (id=450): syz_emit_ethernet(0x7b, &(0x7f0000000140)={@multicast, @remote, @void, {@mpls_mc={0x8848, {[{0xc, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x7, 0x0, 0x1}, {0xfffff}, {0x8000, 0x0, 0x1}, {0x4}, {0xc305}], @llc={@snap={0x1fe, 0xaa, 'K', "a725ad", 0x15, "4dbea055152f4bf91ad61d40d16339a8b200b7fee4e35a229e7de4e7afe5bbc5dfc1d24501638f9cb36760c1fbaaede865a053ae78bdbee8b4844f83669d4f37d0d2a43fa5e38f136b"}}}}}}, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8815}, 0x4000000) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) r1 = memfd_create(&(0x7f0000000780)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93\x00\x04\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaaVR\xbf\xecX\x17\x06h\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa4&\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\x00\x00\x00\x00\x00\x00\x00N\xb1N\xfd\xacy\x11\x9cg\x0e\xd3IU\xacq\x01\x1f;S\xf4\xfc\xdf\xe9/\xb22\x06\xea\xb8\xc3\xe1\x02\xf5E5{b5\xa4\x83P\x14k\xc27I\x89V\x1d\b1\x18\x18y\xef\x02U\xd4\x00B\xf4\xfc\xf6$\xed\x98\xc3jp\x88\xa6\xf5^\xaek]\x8b\x06\xce*\x86\xb59UKG$ \x90gV\x8bt\x96i\xa79\v\x02\x00\x00\x00\x00\x00\x00\x00\xcb\x8b\r;\xf0\x10I\xe7\x8c\xf0s]\x9e\xd4\xd6\xc7\xf1\x96CX\xf1\x94\x9f\xce\xf5\x9a\xb4\xd6\xc5\xe3AVf\xe8RF\xee\x97\x8577o,\xed\xc9S\xa1G\x15F\x9f\xac\xe7\xc0\xdb\xb9\xc2\x10\x87\xe49\xc0\xe2\x99\xbf\xda\x16\xef\x9e\xd67\xa0j9\xea\xd8\xf0\x9a\x87\xa6\x9c\xb3#\xd8\xaeS\xb5\xc2\x80\x9d\xd3\xb5\xee2`Q\x95\xf1m\xa4\x1f\xe5\xab\x17\xe6\xda(\xa1\xf0\xd0\xe3\x97\xcf\x06\x1a\"\xdfT\xd3\x01\xe3>\x82\x81\"-\x8b\x05\xde\xe4\xa5m\'\xbb\xd9(D\xfb\xa9\x1d\xe4l\x93>\x98', 0x3) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000040), 0x6) ioctl$sock_bt_hci(r2, 0x400448e6, &(0x7f0000000080)='|w') bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, 0x0, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256\x00'}, 0x58) r5 = accept4(r4, 0x0, 0x0, 0x800) recvmmsg$unix(r5, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0) 6.562327626s ago: executing program 0 (id=452): openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$inet(0x2, 0x1, 0x100) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) shutdown(r2, 0x1) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x24, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e23}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x87d4b69a72310a97) r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r6, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910000000000000cb041818000100009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0xe4}, 0x48) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) tkill(r7, 0xb) syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000041}, 0x55fdb4595c3d8036) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}}) connect$llc(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048054}, 0x0) 6.422248806s ago: executing program 3 (id=453): socket$nl_generic(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) r0 = getpgid(0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0xb) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2fdfffffd}, 0xc) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc07"], 0x48) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e37bcdba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007f13a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff1ae0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a0064341697e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a202a991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0x2000, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000002480), 0xce4, r4}, 0x38) mount$pvfs2(&(0x7f0000000100), &(0x7f0000000200)='./file0\x00', &(0x7f0000000280), 0x200000, &(0x7f00000023c0)={[{}, {'/dev/iommu\x00'}, {'}[I'}, {'/dev/iommu\x00'}, {'&-+*\x02'}, {'%$*('}], [{@func={'func', 0x3d, 'POLICY_CHECK'}}, {@appraise}, {@smackfsdef={'smackfsdef', 0x3d, '--#!&(@'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@context={'context', 0x3d, 'root'}}]}) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x3ff, r4, 0x0, 0x100000000000000}, 0x38) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x1c, 0x7, 0x6, 0x401, 0x0, 0x0, {0x5, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004055}, 0x48000) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xc9, 0xff, 0x7fff7ffc}]}) close_range(r6, 0xffffffffffffffff, 0x0) 5.53225871s ago: executing program 3 (id=455): r0 = openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x103000, 0x0) ioctl$CDROMREADAUDIO(r0, 0x2284, &(0x7f0000000180)={@lba=0x102, 0x1, 0x0, 0x0}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet_smc(0x2b, 0x1, 0x0) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) semget$private(0x0, 0x4000, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) setitimer(0x0, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000000000010325bc7008fcffffff06000000"], 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0) semctl$SETALL(0x0, 0x0, 0x11, 0x0) write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0xa00}}, 0x1006) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) shutdown(0xffffffffffffffff, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(0xffffffffffffffff, 0x29, 0x2d, &(0x7f00000003c0)={0x1, {{0xa, 0x4e23, 0x8caa, @private2={0xfc, 0x2, '\x00', 0x1}, 0x1}}}, 0x84) r4 = socket$inet6_udp(0xa, 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x842cc0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x8) r6 = openat(0xffffffffffffff9c, &(0x7f0000001b40)='./file0\x00', 0x0, 0x0) flock(r6, 0x2) flock(r5, 0x2) flock(r5, 0x2) close_range(r4, 0xffffffffffffffff, 0x0) r7 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00') ioctl$NS_GET_USERNS(r7, 0xb701, 0x0) 5.445404764s ago: executing program 0 (id=456): socket$packet(0x11, 0x3, 0x300) socket$inet6_sctp(0xa, 0x1, 0x84) syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x2, 0x400, 0x0, 0x37d}, &(0x7f00000001c0)=0x0, &(0x7f0000000080)) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) io_uring_setup(0x30aa, &(0x7f00000007c0)={0x0, 0x760, 0x80, 0x1, 0x14c}) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x88a01, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a30000000005c000000090a010400000000000000000300000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000023200011800e000100636f6e6e6c696d69740000000c0002800800014000000000140000001000d57cace5d6dd194600000000000a"], 0xa4}}, 0x4) mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0) futex(0x0, 0x8c, 0x1, 0x0, 0x0, 0x2) syz_io_uring_setup(0x6414, &(0x7f0000000300)={0x0, 0x235d, 0x10100, 0x0, 0x400002d8}, 0x0, &(0x7f0000000100)) syz_io_uring_submit(0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000080)=0x74000000) write$dsp(r1, &(0x7f0000002000)='`', 0x88020) r4 = syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0xa4000) ioctl$NBD_PRINT_DEBUG(r4, 0xab06) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) socket$l2tp(0x2, 0x2, 0x73) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) eventfd2(0x3, 0x1) ioctl$KVM_SET_IRQCHIP(r6, 0xae64, 0x0) 4.431777555s ago: executing program 3 (id=458): socket$packet(0x11, 0x3, 0x300) socket$inet6_sctp(0xa, 0x1, 0x84) syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x2, 0x400, 0x0, 0x37d}, &(0x7f00000001c0)=0x0, &(0x7f0000000080)) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) io_uring_setup(0x30aa, &(0x7f00000007c0)={0x0, 0x760, 0x80, 0x1, 0x14c}) r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x88a01, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000030000000900010073797a30000000005c000000090a010400000000000000000300000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000023200011800e000100636f6e6e6c696d69740000000c0002800800014000000000140000001000d57cace5d6dd194600000000000a"], 0xa4}}, 0x4) mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0) futex(0x0, 0x8c, 0x1, 0x0, 0x0, 0x2) syz_io_uring_setup(0x6414, &(0x7f0000000300)={0x0, 0x235d, 0x10100, 0x0, 0x400002d8}, 0x0, &(0x7f0000000100)) syz_io_uring_submit(0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000080)=0x74000000) write$dsp(r1, &(0x7f0000002000)='`', 0x88020) r4 = syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0xa4000) ioctl$NBD_PRINT_DEBUG(r4, 0xab06) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) socket$l2tp(0x2, 0x2, 0x73) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) eventfd2(0x3, 0x1) ioctl$KVM_SET_IRQCHIP(r6, 0xae64, 0x0) 3.531578506s ago: executing program 2 (id=459): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002140), 0x8004, &(0x7f0000000000)=ANY=[@ANYBLOB="40e25c2641a2d58fae5d4eb09b0a61ed4fb4cdb1c9451b6d8af8d3d1bdaf19f095dcef52c28f830ba66c3b8c4066af38793386ad6b229b8ad1c65460b533b4252b5827a51a2707a02bb59c52efd8b103c136cc90b25650044dff1e", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) lgetxattr(&(0x7f0000002040)='./file0\x00', &(0x7f0000002180)=@known='system.posix_acl_default\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 3.511517868s ago: executing program 1 (id=461): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) futex(0x0, 0x6, 0x1, &(0x7f0000000080)={0x77359400}, 0x0, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x46, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=@newlink={0x38, 0x10, 0x308, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x20000, 0x202}, [@IFLA_LINK={0x8}, @IFLA_PROTO_DOWN={0x5, 0x27, 0xf1}, @IFLA_WEIGHT={0x8, 0xf, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x3, 0x0, 0x7, 0xfa11, 0xffffffff}, 0x0) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc0f8565c, &(0x7f0000000000)={0x0, 0x6, 0x0, {0xa, @pix_mp={0x0, 0x0, 0x41414270, 0x0, 0x0, [{}, {}, {0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x7}], 0x7}}, 0xfffffffc}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000300)='cgroup.threads\x00', 0x2, 0x0) r2 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000180)={0x3, 0x980900, 0x1}) 3.402200457s ago: executing program 2 (id=462): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x15, 0x0, 0x40b, 0x9, 0xfffffffe}) write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x100) ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80206433, &(0x7f0000000140)=""/179) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_CQM(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x30, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x1000000}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0xefffffff]}]}]}, 0x30}}, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000200)={0x84, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0xc0145b0d, 0x0) 2.817323549s ago: executing program 2 (id=463): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$TCXONC(r5, 0x540a, 0x0) ioctl$TCXONC(r5, 0x540a, 0x1) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r6, 0x0, 0x20040040) r7 = dup(r4) syz_emit_ethernet(0x6e, &(0x7f0000000a80)={@link_local, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0xff, @local, @mcast2, {[], @param_prob={0x4, 0x1, 0x0, 0x1, {0x3, 0x6, '|6M', 0x6, 0x2f, 0xff, @mcast2, @private0, [@fragment={0x33, 0x0, 0x1a, 0x0, 0x0, 0x8, 0x66}]}}}}}}}, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c) ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r3, 0x8982, &(0x7f0000000100)) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) read(0xffffffffffffffff, &(0x7f0000000040)=""/138, 0x8a) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x11}, 0x28000080) sendmsg$inet6(r4, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) 2.247064195s ago: executing program 1 (id=464): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_SET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYRES32, @ANYBLOB="200000885c1849957b6c01c161febdbc2047e34dfc1982079e06ec6ce5aafa263b972457cd09a98e611ae64a03", @ANYBLOB="010000000000000c003cc2a1686f6c5d665d0000000059d200"/42], 0x20}}, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[@ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x840}, 0x20000000) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000020000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r3, 0x58, &(0x7f0000000040)={0x0, 0x0}}, 0x10) r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540)={r4, 0xfffffff8}, 0xc) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x10, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000800000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_msg, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={r6, 0x0, 0xe, 0x0, &(0x7f0000000640)="c1dfb080cd21d308098e00000800", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) sendmsg$nl_generic(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f00000003c0)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r8, 0x0) r9 = syz_open_procfs(0x0, &(0x7f0000000380)='clear_refs\x00') unshare(0x2a020480) r10 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r10, 0x5421, 0x0) writev(r9, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r12, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000fddbdf252000000024002d80080002000300000008000300020000000500040000000000050001000600000008000300", @ANYRES32=r13, @ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x20004000) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r7, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x142042}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022cbd7000ffdbdf252100000008000300", @ANYRES32=r13, @ANYBLOB="14202d0500f01d47df03c6000000000000001e00"], 0x30}, 0x1, 0x0, 0x0, 0x40040}, 0x1) r14 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r14, 0x114, 0x8, 0x0, 0x0) 2.069837154s ago: executing program 1 (id=465): openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$inet(0x2, 0x1, 0x100) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) shutdown(r2, 0x1) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x24, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x87d4b69a72310a97) r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r6, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0) r7 = gettid() bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910000000000000cb041818000100009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0xe4}, 0x48) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) tkill(r7, 0xb) syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000041}, 0x55fdb4595c3d8036) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x117, 0x5, 0x101, 0x200}}) connect$llc(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048054}, 0x0) 2.069158714s ago: executing program 0 (id=466): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYRESDEC, @ANYRES32, @ANYRES64, @ANYRES8, @ANYRESDEC, @ANYRESHEX, @ANYRES16, @ANYRES64=0x0], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26}) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x934860, 0x0) chroot(&(0x7f0000000040)='./file0\x00') umount2(&(0x7f00000000c0)='./file0\x00', 0x0) read$FUSE(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f0000000080)={0x100, 0x1, 0xfc}, 0xc) r4 = socket$igmp(0x2, 0x3, 0x2) r5 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r5, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) sendto$inet6(r5, 0x0, 0x0, 0x24000088, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback, 0xfffffffe}, 0x1c) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x41, &(0x7f0000000200)=0x3fd0, 0x4) sendto$inet6(r3, &(0x7f0000000580)="9f00411867bf222f5d6c85bd52bdcd33097a3782c74c511e4c23cbec573449f0d9b18a61c7960069effebc45634046279cf7d1286414dbe0896308c5eab71e194e93fdc176c382c92746cab4e15f2ed97513d1ebef7361098d2d54df21677779845dfe4171988e09fa3ceae4375b3dba10e53ddc02d30abd0f575816e6ffe893b54a", 0x82, 0x80, 0x0, 0x0) recvmmsg(r5, &(0x7f0000005480)=[{{0x0, 0x0, 0x0}, 0x789}], 0x1, 0x2000, 0x0) setsockopt$MRT_ADD_MFC_PROXY(r4, 0x0, 0xd2, &(0x7f0000000040)={@multicast1, @broadcast, 0xfffe, "4f6fb4d1af0f724e6118ecd4ac1100843af297baebb0efcdf5a284da279c011a", 0x0, 0x2, 0x0, 0x1000000e}, 0x3c) socket$nl_route(0x10, 0x3, 0x0) socket(0x25, 0x80000, 0x8) 1.74266824s ago: executing program 2 (id=467): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401"], 0x38}, 0x1, 0x0, 0x0, 0x40008c0}, 0x4400) (fail_nth: 6) 1.612245995s ago: executing program 2 (id=468): openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40, 0x2) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000680), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r1, {0x7, 0x2b, 0xb, 0x7181430c, 0x0, 0xfffe, 0x2, 0xfffffff6, 0x0, 0x0, 0x20}}, 0x50) close(r0) chown(&(0x7f00000003c0)='./file0\x00', 0x0, 0xee01) (fail_nth: 6) 1.491928188s ago: executing program 2 (id=469): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) futex(&(0x7f0000000040)=0x2, 0x6, 0x1, &(0x7f0000000080)={0x77359400}, 0x0, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x46, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=@newlink={0x38, 0x10, 0x308, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x20000, 0x202}, [@IFLA_LINK={0x8}, @IFLA_PROTO_DOWN={0x5, 0x27, 0xf1}, @IFLA_WEIGHT={0x8, 0xf, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x3, 0x0, 0x7, 0xfa11, 0xffffffff}, 0x0) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc0f8565c, &(0x7f0000000000)={0x0, 0x6, 0x0, {0xa, @pix_mp={0x0, 0x0, 0x41414270, 0x0, 0x0, [{}, {}, {0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x7}], 0x7}}, 0xfffffffc}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000300)='cgroup.threads\x00', 0x2, 0x0) r3 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000180)={0x3, 0x980900, 0x1}) ioctl$VIDIOC_DQEVENT(r3, 0x80885659, &(0x7f0000000240)={0x0, @src_change}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0) r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0) ioctl$EVIOCGMASK(r4, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"}) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xf8, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x5, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x9, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}, 0x40, 0x80}, [@tmpl={0x44, 0x5, [{{@in6=@mcast2, 0x3, 0x3c}, 0x0, @in6=@empty, 0x0, 0x0, 0x3}]}]}, 0xf8}}, 0x4810) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100), 0x2, 0x6}}, 0x20) sendmsg$nl_xfrm(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="02000000000000005000110000000000000000000000ffff7f000001fc00000000000000000000000000000164010102000000000000000000000000fc0200000000000000000000000000003c00000000000000020008002c"], 0xcc}, 0x1, 0x0, 0x0, 0x800}, 0x42000) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af60, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) syz_usb_connect(0x0, 0x12, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00'}) 1.361604736s ago: executing program 3 (id=470): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) socket(0x1e, 0x4, 0x0) recvmsg$unix(0xffffffffffffffff, 0x0, 0x21) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x16, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="1802000003000000000000000000000085000000a0000000850000005000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e02742e8680d85ff9782762f86dd", 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) ioctl$VIDIOC_QBUF(r1, 0xc058ff0b, &(0x7f0000000200)=@mmap={0xfffffffe, 0x1, 0x4, 0x10, 0x200, {}, {0x5, 0x8, 0xe, 0x9f, 0x0, 0x7b}, 0xabdb, 0x1, {}, 0xbaa}) mount(&(0x7f0000000040)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='ocfs2\x00', 0x204001, 0x0) 1.117543389s ago: executing program 0 (id=471): socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x400, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0x6}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x7}, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) shutdown(r4, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, 0x0, 0x0) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002940), 0x40000000000017d, 0x811) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="a60a00000000000061118000000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x94) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x100}) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000400000/0xc00000)=nil, 0x800000}) 1.116461188s ago: executing program 1 (id=472): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$kcm(0x2, 0x5, 0x84) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) futex(0x0, 0x6, 0x1, &(0x7f0000000080)={0x77359400}, 0x0, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x46, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)=@newlink={0x38, 0x10, 0x308, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x20000, 0x202}, [@IFLA_LINK={0x8}, @IFLA_PROTO_DOWN={0x5, 0x27, 0xf1}, @IFLA_WEIGHT={0x8, 0xf, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x3, 0x0, 0x7, 0xfa11, 0xffffffff}, 0x0) ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc0f8565c, &(0x7f0000000000)={0x0, 0x6, 0x0, {0xa, @pix_mp={0x0, 0x0, 0x41414270, 0x0, 0x0, [{}, {}, {0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x7}], 0x7}}, 0xfffffffc}) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000300)='cgroup.threads\x00', 0x2, 0x0) r2 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000180)={0x3, 0x980900, 0x1}) 394.86744ms ago: executing program 3 (id=473): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_HYPERV_EVENTFD(r0, 0x4018aebd, 0x0) syz_open_dev$hidraw(&(0x7f0000000280), 0x82, 0x2) syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040bd2842000000000000010902"], 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000040), 0x6) ioctl$sock_bt_hci(r1, 0x400448e7, &(0x7f0000000080)) 151.992857ms ago: executing program 1 (id=474): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0x4fed0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) (fail_nth: 4) 127.256864ms ago: executing program 0 (id=475): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0x23, 0x2, 0x0) close(0x4) 573.767µs ago: executing program 1 (id=476): ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x8, 0x9, 0x1000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x1000, 0x0, 0x3}, 0x20) open(&(0x7f0000000000)='./file1\x00', 0x10f0c2, 0x0) move_pages(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000002000/0x2000)=nil], &(0x7f0000000140), 0x0, 0x2) 0s ago: executing program 0 (id=477): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, [@map_fd={0x18, 0x0, 0x1, 0x0, r0}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, @generic={0x83, 0x2, 0x7, 0x400, 0x80000}, @exit, @map_idx={0x18, 0x3, 0x5, 0x0, 0xb}]}, &(0x7f00000001c0)='GPL\x00', 0x52bfedb2, 0x93, &(0x7f0000000480)=""/147, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0x5, 0x81, 0x6}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000540)=[r0, r0, r0, r0, r0, r0, r0, r0, r0], &(0x7f0000000580)=[{0x2, 0x1800000, 0xf, 0x5}], 0x10, 0x1}, 0x94) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="100026bd7000ffdbdf250e0000002c000280080008000600000005000d008c22e552a85693c1dcb1f9adf4bc0000000005000d"], 0x40}, 0x1, 0x0, 0x0, 0x1d58078d8c26741e}, 0x44000) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008"], 0x48}}, 0x0) sendmmsg$inet(r2, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, r5, 0x25, 0x2, @void}, 0x10) syz_emit_ethernet(0x4a, &(0x7f0000000a40)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6900000000f805fffe800000000000000000000000000039fe8000000000000000000000000000aa4e214e24", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="51c2000390780003"], 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000700)={0x34, r8, 0x1, 0x0, 0x4000000, {{}, {}, {0x18, 0x17, {0xfffffffd, 0x5, @udp='udp:syz1\x00'}}}}, 0x34}}, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, r8, 0x1, 0x70bd2b, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x1b, 0x9, @l2={'eth', 0x3a, 'sit0\x00'}}}}, ["", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x44}, 0x40) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:13010' (ED25519) to the list of known hosts. [ 47.983544][ T5850] cgroup: Unknown subsys name 'net' [ 48.158854][ T5850] cgroup: Unknown subsys name 'cpuset' [ 48.163879][ T5850] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 49.167310][ T5850] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.890520][ T5943] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 53.893364][ T5939] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 53.895670][ T5943] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 53.898504][ T5939] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 53.901603][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 53.901772][ T5943] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 53.903750][ T5939] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 53.904339][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 53.905614][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 53.906618][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 53.908471][ T5939] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 53.912499][ T5954] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 53.912990][ T5952] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 53.913611][ T5952] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 53.926840][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 53.927012][ T5939] Bluetooth: hci0: unexpected qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0x114000) cc 0x0c38 length: 249 > 2 [ 53.935132][ T5952] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 53.936344][ T5295] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 53.941922][ T63] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 53.943361][ T5295] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 54.241812][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 54.361534][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 54.394067][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 54.411551][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.415510][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.419285][ T5938] bridge_slave_0: entered allmulticast mode [ 54.423457][ T5938] bridge_slave_0: entered promiscuous mode [ 54.433728][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 54.474667][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.477809][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.480510][ T5938] bridge_slave_1: entered allmulticast mode [ 54.483162][ T5938] bridge_slave_1: entered promiscuous mode [ 54.575634][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.588870][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.663505][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.666452][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.669134][ T5945] bridge_slave_0: entered allmulticast mode [ 54.672326][ T5945] bridge_slave_0: entered promiscuous mode [ 54.676530][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.679914][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.683037][ T5940] bridge_slave_0: entered allmulticast mode [ 54.687626][ T5940] bridge_slave_0: entered promiscuous mode [ 54.700200][ T5938] team0: Port device team_slave_0 added [ 54.703108][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.705620][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.708475][ T5945] bridge_slave_1: entered allmulticast mode [ 54.711402][ T5945] bridge_slave_1: entered promiscuous mode [ 54.713973][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.716474][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.719428][ T5940] bridge_slave_1: entered allmulticast mode [ 54.723231][ T5940] bridge_slave_1: entered promiscuous mode [ 54.728476][ T5938] team0: Port device team_slave_1 added [ 54.784196][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.798502][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.825544][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.828559][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.838669][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.856829][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.860833][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.863890][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.867352][ T5947] bridge_slave_0: entered allmulticast mode [ 54.871125][ T5947] bridge_slave_0: entered promiscuous mode [ 54.875762][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.878952][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.891331][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.916993][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.921071][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.924311][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.936072][ T5947] bridge_slave_1: entered allmulticast mode [ 54.939498][ T5947] bridge_slave_1: entered promiscuous mode [ 54.955246][ T5945] team0: Port device team_slave_0 added [ 54.960395][ T5945] team0: Port device team_slave_1 added [ 54.994507][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.996790][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.006121][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.041240][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.044296][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.055527][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.073981][ T5938] hsr_slave_0: entered promiscuous mode [ 55.077700][ T5938] hsr_slave_1: entered promiscuous mode [ 55.086866][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.092371][ T5940] team0: Port device team_slave_0 added [ 55.095905][ T5940] team0: Port device team_slave_1 added [ 55.106422][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.145548][ T5945] hsr_slave_0: entered promiscuous mode [ 55.147855][ T5945] hsr_slave_1: entered promiscuous mode [ 55.150002][ T5945] debugfs: 'hsr0' already exists in 'hsr' [ 55.151876][ T5945] Cannot create hsr debugfs directory [ 55.164060][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.166309][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.174300][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.201989][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.204230][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.212682][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.221717][ T5947] team0: Port device team_slave_0 added [ 55.240919][ T5947] team0: Port device team_slave_1 added [ 55.323961][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.326515][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.335147][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.349650][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.352545][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 55.362063][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.391026][ T5940] hsr_slave_0: entered promiscuous mode [ 55.393429][ T5940] hsr_slave_1: entered promiscuous mode [ 55.395514][ T5940] debugfs: 'hsr0' already exists in 'hsr' [ 55.400560][ T5940] Cannot create hsr debugfs directory [ 55.510195][ T5947] hsr_slave_0: entered promiscuous mode [ 55.513831][ T5947] hsr_slave_1: entered promiscuous mode [ 55.517721][ T5947] debugfs: 'hsr0' already exists in 'hsr' [ 55.520080][ T5947] Cannot create hsr debugfs directory qemu-system-x86_64: ahci: PRDT length for NCQ command (0x0) is smaller than the requested size (0xa8000) [ 55.668545][ T5938] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 55.680430][ T5938] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 55.711409][ T5938] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 55.722083][ T5938] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 55.727491][ T1111] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 55.730386][ T1111] ata1: failed to read log page 10h (errno=-5) [ 55.733023][ T1111] ata1.00: NCQ disabled due to excessive errors [ 55.746083][ T1111] ata1.00: exception Emask 0x1 SAct 0x40004000 SErr 0x0 action 0x0 [ 55.748821][ T1111] ata1.00: irq_stat 0x41000000 [ 55.750451][ T1111] ata1.00: failed command: READ FPDMA QUEUED [ 55.752660][ T1111] ata1.00: cmd 60/40:70:1e:7b:03/05:00:00:00:00/40 tag 14 ncq dma 688128 in [ 55.752660][ T1111] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 55.758950][ T1111] ata1.00: status: { DRDY } [ 55.760655][ T1111] ata1.00: error: { ABRT } [ 55.762215][ T1111] ata1.00: failed command: WRITE FPDMA QUEUED [ 55.764386][ T1111] ata1.00: cmd 61/a0:f0:b6:15:08/08:00:00:00:00/40 tag 30 ncq dma 1130496 ou [ 55.764386][ T1111] res 50/04:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 55.770374][ T1111] ata1.00: status: { DRDY } [ 55.771941][ T1111] ata1.00: error: { ABRT } [ 55.774172][ T1111] ata1.00: configured for UDMA/100 [ 55.777113][ T1111] sd 0:0:0:0: [sda] tag#14 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 55.780716][ T1111] sd 0:0:0:0: [sda] tag#14 Sense Key : Aborted Command [current] [ 55.783286][ T1111] sd 0:0:0:0: [sda] tag#14 Add. Sense: No additional sense information [ 55.785603][ T1111] sd 0:0:0:0: [sda] tag#14 CDB: Read(10) 28 00 00 03 7b 1e 00 05 40 00 [ 55.788378][ T1111] I/O error, dev sda, sector 228126 op 0x0:(READ) flags 0x84700 phys_seg 168 prio class 2 [ 55.791892][ T1111] ata1: EH complete [ 55.837997][ T5945] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 55.845565][ T5945] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 55.853744][ T5945] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 55.873320][ T5945] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 55.913535][ T5940] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 55.926789][ T5940] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 55.934481][ T5940] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 55.941465][ T5940] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 55.976879][ T5295] Bluetooth: hci2: command tx timeout [ 55.976885][ T5951] Bluetooth: hci1: command tx timeout [ 55.977553][ T5943] Bluetooth: hci3: command tx timeout [ 55.986160][ T5943] Bluetooth: hci0: command tx timeout [ 55.989984][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.996082][ T5947] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 56.001268][ T5947] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 56.006662][ T5947] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 56.010979][ T5947] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 56.070340][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.099570][ T99] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.101988][ T99] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.129910][ T99] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.132538][ T99] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.144835][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.177265][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.200849][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.203319][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.208153][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.211276][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.237629][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.285559][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.301113][ T184] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.303676][ T184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.313727][ T169] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.316193][ T169] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.350243][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.394031][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.403428][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.405746][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.418784][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.421321][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.454493][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.461702][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.516366][ T5945] veth0_vlan: entered promiscuous mode [ 56.534578][ T5945] veth1_vlan: entered promiscuous mode [ 56.549020][ T5938] veth0_vlan: entered promiscuous mode [ 56.563189][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.570827][ T5938] veth1_vlan: entered promiscuous mode [ 56.586868][ T5945] veth0_macvtap: entered promiscuous mode [ 56.594343][ T5945] veth1_macvtap: entered promiscuous mode [ 56.628555][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.643257][ T5940] veth0_vlan: entered promiscuous mode [ 56.653613][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.662605][ T5938] veth0_macvtap: entered promiscuous mode [ 56.669868][ T5940] veth1_vlan: entered promiscuous mode [ 56.674467][ T5938] veth1_macvtap: entered promiscuous mode [ 56.686979][ T46] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.703297][ T46] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.708245][ T46] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.711207][ T46] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.724911][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.738367][ T5940] veth0_macvtap: entered promiscuous mode [ 56.744865][ T5940] veth1_macvtap: entered promiscuous mode [ 56.764614][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.781890][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.806862][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.810143][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.828840][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.838017][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.842818][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.843204][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.849437][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.849768][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.872922][ T169] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.892787][ T169] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.897180][ T169] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.909673][ T169] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.920684][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.924307][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.928241][ T184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.940149][ T184] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.976421][ T5947] veth0_vlan: entered promiscuous mode [ 56.994949][ T5945] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 56.997807][ T184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.000584][ T5947] veth1_vlan: entered promiscuous mode [ 57.004365][ T184] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.023839][ T184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.026658][ T184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.044656][ T184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.048085][ T184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.084929][ T5947] veth0_macvtap: entered promiscuous mode [ 57.100100][ T5947] veth1_macvtap: entered promiscuous mode [ 57.121305][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.133086][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.197210][ T46] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.205383][ T6034] FAULT_INJECTION: forcing a failure. [ 57.205383][ T6034] name failslab, interval 1, probability 0, space 0, times 1 [ 57.206611][ T46] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.210645][ T6034] CPU: 3 UID: 0 PID: 6034 Comm: syz.3.4 Not tainted syzkaller #0 PREEMPT(full) [ 57.210660][ T6034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 57.210666][ T6034] Call Trace: [ 57.210671][ T6034] [ 57.210675][ T6034] dump_stack_lvl+0x100/0x190 [ 57.210696][ T6034] should_fail_ex.cold+0x5/0xa [ 57.210710][ T6034] should_failslab+0xc2/0x120 [ 57.210722][ T6034] __kmalloc_cache_noprof+0x7a/0x6f0 [ 57.210736][ T6034] ? nbd_alloc_and_init_config+0x97/0x2a0 [ 57.210752][ T6034] nbd_alloc_and_init_config+0x97/0x2a0 [ 57.210764][ T6034] nbd_genl_connect+0x47c/0x1a40 [ 57.210779][ T6034] ? __pfx_nbd_genl_connect+0x10/0x10 [ 57.210794][ T6034] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 57.210808][ T6034] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 57.210823][ T6034] genl_family_rcv_msg_doit+0x214/0x300 [ 57.210837][ T6034] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 57.210849][ T6034] ? genl_get_cmd+0x3ef/0x720 [ 57.210864][ T6034] ? kasan_save_track+0x14/0x30 [ 57.210873][ T6034] ? __kasan_slab_alloc+0x89/0x90 [ 57.210883][ T6034] ? __radix_tree_lookup+0x217/0x2b0 [ 57.210901][ T6034] genl_rcv_msg+0x560/0x800 [ 57.210915][ T6034] ? __pfx_genl_rcv_msg+0x10/0x10 [ 57.210927][ T6034] ? __pfx_nbd_genl_connect+0x10/0x10 [ 57.210941][ T6034] ? __lock_acquire+0x4a5/0x2630 [ 57.210958][ T6034] netlink_rcv_skb+0x159/0x420 [ 57.210968][ T6034] ? __pfx_genl_rcv_msg+0x10/0x10 [ 57.210981][ T6034] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 57.210997][ T6034] ? netlink_deliver_tap+0x1ae/0xcc0 [ 57.211015][ T6034] genl_rcv+0x28/0x40 [ 57.211025][ T6034] netlink_unicast+0x5aa/0x870 [ 57.211037][ T6034] ? __pfx_netlink_unicast+0x10/0x10 [ 57.211053][ T6034] netlink_sendmsg+0x8b0/0xda0 [ 57.211093][ T6034] ? __pfx_netlink_sendmsg+0x10/0x10 [ 57.211112][ T6034] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 57.211130][ T6034] ____sys_sendmsg+0x9e1/0xb70 [ 57.211142][ T6034] ? __pfx_netlink_sendmsg+0x10/0x10 [ 57.211154][ T6034] ? __pfx_____sys_sendmsg+0x10/0x10 [ 57.211172][ T6034] ___sys_sendmsg+0x190/0x1e0 [ 57.211186][ T6034] ? __pfx____sys_sendmsg+0x10/0x10 [ 57.211214][ T6034] __sys_sendmsg+0x170/0x220 [ 57.211235][ T6034] ? __pfx___sys_sendmsg+0x10/0x10 [ 57.211262][ T6034] ? __pfx_ksys_write+0x10/0x10 [ 57.211281][ T6034] __do_fast_syscall_32+0xe3/0x8c0 [ 57.211300][ T6034] do_fast_syscall_32+0x32/0x70 [ 57.211321][ T6034] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 57.211334][ T6034] RIP: 0023:0xf705ef6c [ 57.211344][ T6034] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 57.211353][ T6034] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 57.211364][ T6034] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080001ac0 [ 57.211370][ T6034] RDX: 0000000004004800 RSI: 0000000000000000 RDI: 0000000000000000 [ 57.211376][ T6034] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 57.211382][ T6034] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 57.211388][ T6034] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 57.211400][ T6034] [ 57.211406][ T6034] nbd: couldn't allocate config [ 57.351100][ T46] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.354373][ T46] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.443351][ T6039] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5'. [ 57.605942][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.619093][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.750196][ T6043] tap0: tun_chr_ioctl cmd 1074025675 [ 57.752416][ T6043] tap0: persist enabled [ 57.777151][ T6043] tap0: tun_chr_ioctl cmd 1074025675 [ 57.779149][ T6043] tap0: persist enabled [ 57.781339][ T169] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.790530][ T169] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 58.056566][ T5943] Bluetooth: hci2: command tx timeout [ 58.066090][ T5943] Bluetooth: hci0: command tx timeout [ 58.067377][ T5951] Bluetooth: hci1: command tx timeout [ 58.070757][ T5295] Bluetooth: hci3: command tx timeout [ 58.458360][ T6055] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 58.526422][ T6056] syzkaller0: entered promiscuous mode [ 58.529305][ T6056] syzkaller0: entered allmulticast mode [ 58.877254][ T6065] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13'. [ 59.907706][ T6069] futex_wake_op: syz.3.14 tries to shift op by 144; fix this program [ 59.955039][ T6065] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 59.980684][ T6065] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 60.216980][ T6069] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.221695][ T6069] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.314187][ T6069] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.324060][ T6069] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 60.452688][ T46] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.457967][ T46] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.462032][ T46] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.472093][ T46] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.476930][ T5295] Bluetooth: hci3: command tx timeout [ 60.479426][ T5295] Bluetooth: hci1: command tx timeout [ 60.482246][ T5295] Bluetooth: hci0: command tx timeout [ 60.484540][ T5295] Bluetooth: hci2: command tx timeout [ 60.754688][ T6073] syzkaller0: entered promiscuous mode [ 60.757206][ T6073] syzkaller0: entered allmulticast mode [ 61.609032][ T6085] process 'syz.1.17' launched './file2' with NULL argv: empty string added [ 61.635768][ T6083] mkiss: ax0: crc mode is auto. [ 62.546282][ T5951] Bluetooth: hci2: command tx timeout [ 62.546419][ T5295] Bluetooth: hci0: command tx timeout [ 62.546648][ T5943] Bluetooth: hci1: command tx timeout [ 62.546761][ T5943] Bluetooth: hci3: command tx timeout [ 66.219828][ T6115] exFAT-fs (nbd1): unable to read boot sector [ 66.222015][ T6115] exFAT-fs (nbd1): failed to read boot sector [ 66.223971][ T6115] exFAT-fs (nbd1): failed to recognize exfat type [ 66.517390][ T6129] futex_wake_op: syz.1.29 tries to shift op by 144; fix this program [ 66.531671][ T6130] pvfs2: Unknown parameter '/dev/iommu' [ 66.574746][ T6132] syzkaller0: entered promiscuous mode [ 66.582884][ T6132] syzkaller0: entered allmulticast mode [ 66.736619][ T6126] nbd0: detected capacity change from 0 to 63 [ 66.754461][ T5951] block nbd0: Receive control failed (result -32) [ 66.754477][ T5295] block nbd0: Receive control failed (result -32) [ 66.755637][ T5946] block nbd0: Receive control failed (result -32) [ 66.761529][ T5941] block nbd0: Send control failed (result -32) [ 66.761630][ T5941] block nbd0: Request send failed, requeueing [ 66.766458][ T5941] block nbd0: Dead connection, failed to find a fallback [ 66.790362][ T5362] block nbd0: Dead connection, failed to find a fallback [ 66.792833][ T5362] block nbd0: shutting down sockets [ 66.794626][ T5362] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 66.799711][ T5362] Buffer I/O error on dev nbd0, logical block 0, async page read [ 66.802830][ T5941] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 66.817141][ T5941] Buffer I/O error on dev nbd0, logical block 1, async page read [ 66.825985][ T5941] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 66.829304][ T5941] Buffer I/O error on dev nbd0, logical block 2, async page read [ 66.831979][ T5941] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 66.835528][ T5941] Buffer I/O error on dev nbd0, logical block 3, async page read [ 66.839348][ T5941] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 66.842716][ T5941] Buffer I/O error on dev nbd0, logical block 0, async page read [ 66.845516][ T6138] FAULT_INJECTION: forcing a failure. [ 66.845516][ T6138] name failslab, interval 1, probability 0, space 0, times 0 [ 66.854077][ T6138] CPU: 2 UID: 0 PID: 6138 Comm: syz.0.31 Not tainted syzkaller #0 PREEMPT(full) [ 66.854101][ T6138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 66.854112][ T6138] Call Trace: [ 66.854119][ T6138] [ 66.854126][ T6138] dump_stack_lvl+0x100/0x190 [ 66.854158][ T6138] should_fail_ex.cold+0x5/0xa [ 66.854182][ T6138] should_failslab+0xc2/0x120 [ 66.854203][ T6138] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 66.854232][ T6138] ? __alloc_skb+0x140/0x710 [ 66.854272][ T6138] __alloc_skb+0x140/0x710 [ 66.854296][ T6138] ? __alloc_skb+0x5b7/0x710 [ 66.854321][ T6138] ? __pfx___alloc_skb+0x10/0x10 [ 66.854345][ T6138] ? genl_rcv_msg+0x4be/0x800 [ 66.854375][ T6138] netlink_ack+0x117/0xb80 [ 66.854402][ T6138] netlink_rcv_skb+0x333/0x420 [ 66.854420][ T6138] ? __pfx_genl_rcv_msg+0x10/0x10 [ 66.854442][ T6138] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 66.854472][ T6138] ? netlink_deliver_tap+0x1ae/0xcc0 [ 66.854503][ T6138] genl_rcv+0x28/0x40 [ 66.854522][ T6138] netlink_unicast+0x5aa/0x870 [ 66.854545][ T6138] ? __pfx_netlink_unicast+0x10/0x10 [ 66.854573][ T6138] netlink_sendmsg+0x8b0/0xda0 [ 66.854596][ T6138] ? __pfx_netlink_sendmsg+0x10/0x10 [ 66.854618][ T6138] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 66.854643][ T6138] ____sys_sendmsg+0x9e1/0xb70 [ 66.854663][ T6138] ? __pfx_netlink_sendmsg+0x10/0x10 [ 66.854684][ T6138] ? __pfx_____sys_sendmsg+0x10/0x10 [ 66.854717][ T6138] ___sys_sendmsg+0x190/0x1e0 [ 66.854742][ T6138] ? __pfx____sys_sendmsg+0x10/0x10 [ 66.854793][ T6138] __sys_sendmsg+0x170/0x220 [ 66.854822][ T6138] ? __pfx___sys_sendmsg+0x10/0x10 [ 66.854858][ T6138] ? __pfx_ksys_write+0x10/0x10 [ 66.854883][ T6138] __do_fast_syscall_32+0xe3/0x8c0 [ 66.854906][ T6138] do_fast_syscall_32+0x32/0x70 [ 66.854926][ T6138] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 66.854948][ T6138] RIP: 0023:0xf7fa7f6c [ 66.854965][ T6138] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 66.854981][ T6138] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 66.855000][ T6138] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000680 [ 66.855036][ T6138] RDX: 0000000000040000 RSI: 0000000000000000 RDI: 0000000000000000 [ 66.855047][ T6138] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 66.855058][ T6138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 66.855067][ T6138] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 66.855092][ T6138] [ 66.886027][ T5941] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 67.046079][ T5941] Buffer I/O error on dev nbd0, logical block 1, async page read [ 67.052712][ T5941] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 67.058037][ T5941] Buffer I/O error on dev nbd0, logical block 2, async page read [ 67.061420][ T5941] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 67.067120][ T5941] Buffer I/O error on dev nbd0, logical block 3, async page read [ 67.070666][ T5941] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 67.074395][ T5941] Buffer I/O error on dev nbd0, logical block 0, async page read [ 67.077746][ T5941] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 67.081945][ T5941] Buffer I/O error on dev nbd0, logical block 1, async page read [ 67.085060][ T5941] ldm_validate_partition_table(): Disk read failed. [ 67.088648][ T5941] Dev nbd0: unable to read RDB block 0 [ 67.091359][ T5941] nbd0: unable to read partition table [ 67.166607][ T5941] ldm_validate_partition_table(): Disk read failed. [ 67.172762][ T5941] Dev nbd0: unable to read RDB block 0 [ 67.177089][ T5941] nbd0: unable to read partition table [ 69.105360][ T6181] syzkaller0: entered promiscuous mode [ 69.107353][ T6181] syzkaller0: entered allmulticast mode [ 69.560512][ T6198] FAULT_INJECTION: forcing a failure. [ 69.560512][ T6198] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 69.564720][ T6198] CPU: 0 UID: 0 PID: 6198 Comm: syz.1.47 Not tainted syzkaller #0 PREEMPT(full) [ 69.564735][ T6198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 69.564741][ T6198] Call Trace: [ 69.564746][ T6198] [ 69.564750][ T6198] dump_stack_lvl+0x100/0x190 [ 69.564769][ T6198] should_fail_ex.cold+0x5/0xa [ 69.564783][ T6198] _copy_from_user+0x2e/0xd0 [ 69.564797][ T6198] drm_ioctl+0x520/0xc60 [ 69.564815][ T6198] ? __pfx_drm_gem_flink_ioctl+0x10/0x10 [ 69.564828][ T6198] ? __pfx_drm_ioctl+0x10/0x10 [ 69.564850][ T6198] drm_compat_ioctl+0x376/0x4b0 [ 69.564868][ T6198] ? __pfx_drm_compat_ioctl+0x10/0x10 [ 69.564885][ T6198] __ia32_compat_sys_ioctl+0x2cf/0x360 [ 69.564903][ T6198] __do_fast_syscall_32+0xe3/0x8c0 [ 69.564916][ T6198] do_fast_syscall_32+0x32/0x70 [ 69.564927][ T6198] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 69.564941][ T6198] RIP: 0023:0xf7f35f6c [ 69.564950][ T6198] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 69.564960][ T6198] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 69.564971][ T6198] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c008640a [ 69.564978][ T6198] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000 [ 69.564983][ T6198] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 69.564989][ T6198] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 69.564995][ T6198] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 69.565007][ T6198] [ 69.633287][ T6200] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 70.392087][ T6211] netlink: 8 bytes leftover after parsing attributes in process `syz.3.51'. [ 71.497513][ T6191] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 73.415920][ T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!! [ 73.746235][ T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 73.895919][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 73.900425][ T10] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 73.902949][ T10] usb 5-1: config 0 has no interface number 0 [ 73.904903][ T10] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 73.908534][ T10] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 50335, setting to 1024 [ 73.912020][ T10] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 73.914792][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.922697][ T10] usb 5-1: config 0 descriptor?? [ 73.925553][ T6228] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 73.947263][ T10] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 74.195179][ T6245] exFAT-fs (nbd2): unable to read boot sector [ 74.197893][ T6245] exFAT-fs (nbd2): failed to read boot sector [ 74.200278][ T6245] exFAT-fs (nbd2): failed to recognize exfat type [ 74.581988][ T5955] usb 5-1: USB disconnect, device number 2 [ 74.770568][ T6244] exFAT-fs (nbd3): unable to read boot sector [ 74.772655][ T6244] exFAT-fs (nbd3): failed to read boot sector [ 74.774635][ T6244] exFAT-fs (nbd3): failed to recognize exfat type [ 75.620375][ T6265] FAULT_INJECTION: forcing a failure. [ 75.620375][ T6265] name failslab, interval 1, probability 0, space 0, times 0 [ 75.624570][ T6265] CPU: 2 UID: 0 PID: 6265 Comm: syz.2.69 Not tainted syzkaller #0 PREEMPT(full) [ 75.624584][ T6265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 75.624591][ T6265] Call Trace: [ 75.624595][ T6265] [ 75.624600][ T6265] dump_stack_lvl+0x100/0x190 [ 75.624621][ T6265] should_fail_ex.cold+0x5/0xa [ 75.624634][ T6265] ? tomoyo_realpath_from_path+0xb6/0x690 [ 75.624650][ T6265] should_failslab+0xc2/0x120 [ 75.624662][ T6265] __kmalloc_noprof+0xe0/0x850 [ 75.624681][ T6265] tomoyo_realpath_from_path+0xb6/0x690 [ 75.624699][ T6265] tomoyo_path_number_perm+0x23c/0x580 [ 75.624711][ T6265] ? tomoyo_path_number_perm+0x22e/0x580 [ 75.624724][ T6265] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 75.624749][ T6265] ? find_held_lock+0x2b/0x80 [ 75.624760][ T6265] ? hook_file_ioctl_common+0x146/0x410 [ 75.624773][ T6265] ? __fget_files+0x215/0x3d0 [ 75.624786][ T6265] ? __fget_files+0x21f/0x3d0 [ 75.624798][ T6265] security_file_ioctl_compat+0xd3/0x230 [ 75.624813][ T6265] __ia32_compat_sys_ioctl+0xc2/0x360 [ 75.624831][ T6265] __do_fast_syscall_32+0xe3/0x8c0 [ 75.624844][ T6265] do_fast_syscall_32+0x32/0x70 [ 75.624855][ T6265] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 75.624869][ T6265] RIP: 0023:0xf7f55f6c [ 75.624878][ T6265] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 75.624887][ T6265] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 75.624898][ T6265] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000404c534a [ 75.624904][ T6265] RDX: 0000000080000380 RSI: 0000000000000000 RDI: 0000000000000000 [ 75.624910][ T6265] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 75.624915][ T6265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.624921][ T6265] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 75.624933][ T6265] [ 75.624937][ T6265] ERROR: Out of memory at tomoyo_realpath_from_path. [ 75.770085][ T6270] netlink: 14 bytes leftover after parsing attributes in process `syz.2.72'. [ 75.780145][ T6270] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 75.787865][ T6270] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 75.795012][ T6270] bond0 (unregistering): Released all slaves [ 75.815861][ T5955] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 75.976729][ T5955] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 75.979115][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 75.981073][ T5955] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 75.982513][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 75.985335][ T5955] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 75.996077][ T5955] usb 5-1: config 0 interface 0 has no altsetting 0 [ 76.006643][ T5955] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 76.009510][ T5955] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 76.013005][ T5955] usb 5-1: config 0 interface 0 has no altsetting 0 [ 76.015743][ T5955] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 76.018845][ T5955] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 76.022406][ T5955] usb 5-1: config 0 interface 0 has no altsetting 0 [ 76.025545][ T5955] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 76.029000][ T5955] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 76.032378][ T5955] usb 5-1: config 0 interface 0 has no altsetting 0 [ 76.035157][ T5955] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 76.041287][ T5955] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 76.044751][ T5955] usb 5-1: config 0 interface 0 has no altsetting 0 [ 76.047930][ T5955] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 76.051389][ T5955] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 76.055108][ T5955] usb 5-1: config 0 interface 0 has no altsetting 0 [ 76.058575][ T5955] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 76.061695][ T5955] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 76.066917][ T5955] usb 5-1: config 0 interface 0 has no altsetting 0 [ 76.071861][ T5955] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 76.075251][ T5955] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 76.080440][ T5955] usb 5-1: config 0 interface 0 has no altsetting 0 [ 76.087580][ T5955] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 76.091353][ T5955] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 76.094525][ T5955] usb 5-1: Product: syz [ 76.096384][ T5955] usb 5-1: Manufacturer: syz [ 76.098407][ T5955] usb 5-1: SerialNumber: syz [ 76.105839][ T5955] usb 5-1: config 0 descriptor?? [ 76.120441][ T5955] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 76.368838][ T5955] usb 5-1: USB disconnect, device number 3 [ 76.375048][ T5955] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 77.103797][ T6292] netlink: 20 bytes leftover after parsing attributes in process `syz.1.77'. [ 77.841582][ T40] audit: type=1326 audit(1774670136.743:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 77.852274][ T6310] syz.1.83 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 77.873524][ T6309] mmap: syz.3.82 (6309) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 77.984647][ T40] audit: type=1326 audit(1774670136.753:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 77.993819][ T40] audit: type=1326 audit(1774670136.753:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 78.220356][ T40] audit: type=1326 audit(1774670136.753:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 78.272057][ T40] audit: type=1326 audit(1774670136.763:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 78.279217][ T40] audit: type=1326 audit(1774670136.763:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 78.286042][ T40] audit: type=1326 audit(1774670136.763:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 78.292549][ T40] audit: type=1326 audit(1774670136.763:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 78.299538][ T40] audit: type=1326 audit(1774670136.763:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 78.307197][ T40] audit: type=1326 audit(1774670136.763:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 80.123339][ T6333] FAULT_INJECTION: forcing a failure. [ 80.123339][ T6333] name failslab, interval 1, probability 0, space 0, times 0 [ 80.130134][ T6333] CPU: 0 UID: 0 PID: 6333 Comm: syz.3.90 Not tainted syzkaller #0 PREEMPT(full) [ 80.130155][ T6333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 80.130161][ T6333] Call Trace: [ 80.130166][ T6333] [ 80.130170][ T6333] dump_stack_lvl+0x100/0x190 [ 80.130191][ T6333] should_fail_ex.cold+0x5/0xa [ 80.130205][ T6333] should_failslab+0xc2/0x120 [ 80.130217][ T6333] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 80.130234][ T6333] ? __alloc_skb+0x140/0x710 [ 80.130252][ T6333] __alloc_skb+0x140/0x710 [ 80.130266][ T6333] ? __alloc_skb+0x5b7/0x710 [ 80.130281][ T6333] ? __pfx___alloc_skb+0x10/0x10 [ 80.130299][ T6333] netlink_alloc_large_skb+0x69/0x150 [ 80.130312][ T6333] netlink_sendmsg+0x680/0xda0 [ 80.130325][ T6333] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.130337][ T6333] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 80.130350][ T6333] sock_write_iter+0x524/0x5a0 [ 80.130362][ T6333] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.130372][ T6333] ? __pfx_sock_write_iter+0x10/0x10 [ 80.130384][ T6333] ? get_pid_task+0xfc/0x250 [ 80.130401][ T6333] ? bpf_lsm_file_permission+0x9/0x10 [ 80.130411][ T6333] ? security_file_permission+0x76/0x210 [ 80.130426][ T6333] ? rw_verify_area+0xce/0x6d0 [ 80.130442][ T6333] vfs_write+0x6ac/0x1070 [ 80.130453][ T6333] ? __pfx_sock_write_iter+0x10/0x10 [ 80.130466][ T6333] ? __pfx_vfs_write+0x10/0x10 [ 80.130475][ T6333] ? find_held_lock+0x2b/0x80 [ 80.130493][ T6333] ksys_write+0x1f8/0x250 [ 80.130503][ T6333] ? __pfx_ksys_write+0x10/0x10 [ 80.130513][ T6333] ? __pfx_ksys_write+0x10/0x10 [ 80.130526][ T6333] __do_fast_syscall_32+0xe3/0x8c0 [ 80.130539][ T6333] do_fast_syscall_32+0x32/0x70 [ 80.130550][ T6333] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.130565][ T6333] RIP: 0023:0xf705ef6c [ 80.130574][ T6333] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 80.130584][ T6333] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 80.130596][ T6333] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000 [ 80.130602][ T6333] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.130608][ T6333] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.130613][ T6333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.130619][ T6333] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.130631][ T6333] [ 80.139107][ T6335] futex_wake_op: syz.0.89 tries to shift op by 144; fix this program [ 80.839119][ T6351] Device name cannot be null; rc = [-22] [ 80.880702][ T6354] netlink: 8 bytes leftover after parsing attributes in process `syz.1.99'. [ 81.748428][ T6363] FAULT_INJECTION: forcing a failure. [ 81.748428][ T6363] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.753894][ T6363] CPU: 0 UID: 0 PID: 6363 Comm: syz.0.101 Not tainted syzkaller #0 PREEMPT(full) [ 81.753909][ T6363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 81.753915][ T6363] Call Trace: [ 81.753919][ T6363] [ 81.753924][ T6363] dump_stack_lvl+0x100/0x190 [ 81.753943][ T6363] should_fail_ex.cold+0x5/0xa [ 81.753957][ T6363] _copy_to_user+0x32/0xd0 [ 81.753972][ T6363] simple_read_from_buffer+0xcb/0x170 [ 81.753990][ T6363] proc_fail_nth_read+0x1af/0x230 [ 81.754004][ T6363] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 81.754018][ T6363] ? rw_verify_area+0xce/0x6d0 [ 81.754034][ T6363] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 81.754047][ T6363] vfs_read+0x1e4/0xb30 [ 81.754058][ T6363] ? __pfx_vfs_read+0x10/0x10 [ 81.754067][ T6363] ? find_held_lock+0x2b/0x80 [ 81.754078][ T6363] ? __fget_files+0x215/0x3d0 [ 81.754090][ T6363] ? __fget_files+0x21f/0x3d0 [ 81.754104][ T6363] ksys_read+0x12a/0x250 [ 81.754114][ T6363] ? __pfx_ksys_read+0x10/0x10 [ 81.754127][ T6363] do_int80_emulation+0x141/0x6b0 [ 81.754140][ T6363] asm_int80_emulation+0x1a/0x20 [ 81.754152][ T6363] RIP: 0023:0xf71a5cab [ 81.754161][ T6363] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 81.754171][ T6363] RSP: 002b:00000000f54664bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 81.754183][ T6363] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54665d0 [ 81.754189][ T6363] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000 [ 81.754195][ T6363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 81.754200][ T6363] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 81.754206][ T6363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.754218][ T6363] [ 81.945097][ T6368] input: syz0 as /devices/virtual/input/input5 [ 82.086438][ T6372] /dev/nullb0: Can't open blockdev [ 82.839508][ T6380] ubi0: attaching mtd0 [ 82.845205][ T6380] ubi0: scanning is finished [ 82.848811][ T6380] ubi0: empty MTD device detected [ 82.963738][ T6382] netlink: 8 bytes leftover after parsing attributes in process `syz.0.108'. [ 83.189348][ T6380] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 83.203186][ T6380] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 83.227419][ T6380] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 83.236580][ T6380] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 83.246543][ T6380] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 83.254043][ T6380] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 83.290134][ T6380] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 490570863 [ 83.303244][ T6380] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 83.317536][ T6389] ubi0: background thread "ubi_bgt0d" started, PID 6389 [ 83.650285][ T6390] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 83.965705][ T6397] FAULT_INJECTION: forcing a failure. [ 83.965705][ T6397] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.970652][ T6397] CPU: 0 UID: 0 PID: 6397 Comm: syz.1.112 Not tainted syzkaller #0 PREEMPT(full) [ 83.970675][ T6397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 83.970686][ T6397] Call Trace: [ 83.970692][ T6397] [ 83.970698][ T6397] dump_stack_lvl+0x100/0x190 [ 83.970730][ T6397] should_fail_ex.cold+0x5/0xa [ 83.970754][ T6397] _copy_from_user+0x2e/0xd0 [ 83.970778][ T6397] get_compat_msghdr+0xb3/0x4b0 [ 83.970807][ T6397] ? __pfx_get_compat_msghdr+0x10/0x10 [ 83.970828][ T6397] ? _kstrtoull+0x13c/0x1f0 [ 83.970855][ T6397] ? __lock_acquire+0x4a5/0x2630 [ 83.970884][ T6397] ___sys_recvmsg+0x193/0x1a0 [ 83.970927][ T6397] ? __pfx____sys_recvmsg+0x10/0x10 [ 83.970952][ T6397] ? find_held_lock+0x2b/0x80 [ 83.970985][ T6397] do_recvmmsg+0x563/0x760 [ 83.971010][ T6397] ? __pfx_do_recvmmsg+0x10/0x10 [ 83.971035][ T6397] ? ksys_write+0x190/0x250 [ 83.971052][ T6397] ? ksys_write+0x190/0x250 [ 83.971079][ T6397] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 83.971104][ T6397] __sys_recvmmsg+0x21f/0x270 [ 83.971132][ T6397] ? __pfx___sys_recvmmsg+0x10/0x10 [ 83.971160][ T6397] ? ksys_write+0x1ac/0x250 [ 83.971182][ T6397] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 83.971211][ T6397] ? __do_fast_syscall_32+0x94/0x8c0 [ 83.971231][ T6397] ? lockdep_hardirqs_on+0x78/0x100 [ 83.971260][ T6397] __do_fast_syscall_32+0xe3/0x8c0 [ 83.971283][ T6397] do_fast_syscall_32+0x32/0x70 [ 83.971303][ T6397] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 83.971328][ T6397] RIP: 0023:0xf7f35f6c [ 83.971345][ T6397] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 83.971362][ T6397] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000151 [ 83.971381][ T6397] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080002a80 [ 83.971394][ T6397] RDX: 0000000000000001 RSI: 0000000040002126 RDI: 0000000000000000 [ 83.971404][ T6397] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 83.971415][ T6397] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 83.971425][ T6397] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 83.971456][ T6397] [ 84.375934][ T6029] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 84.525965][ T6029] usb 6-1: Using ep0 maxpacket: 8 [ 84.529984][ T6029] usb 6-1: unable to get BOS descriptor or descriptor too short [ 84.534815][ T6029] usb 6-1: config 143 has an invalid interface number: 169 but max is 0 [ 84.538557][ T6029] usb 6-1: config 143 has no interface number 0 [ 84.541341][ T6029] usb 6-1: config 143 interface 169 has no altsetting 0 [ 84.546862][ T6029] usb 6-1: string descriptor 0 read error: -22 [ 84.548966][ T6029] usb 6-1: New USB device found, idVendor=0fe9, idProduct=db98, bcdDevice=be.fb [ 84.551816][ T6029] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.559276][ T6029] dvb-usb: found a 'DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2)' in warm state. [ 84.562472][ T6029] dvb-usb: bulk message failed: -22 (2/0) [ 84.573652][ T6029] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 84.584265][ T6029] dvbdev: DVB: registering new adapter (DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2)) [ 84.589206][ T6029] usb 6-1: media controller created [ 84.601501][ T6029] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 84.620586][ T6029] cxusb: set interface failed [ 84.622752][ T6029] dvb-usb: bulk message failed: -22 (1/0) [ 84.626756][ T6029] dvb-usb: bulk message failed: -22 (3/0) [ 84.629239][ T6029] usb 6-1: bluebird_gpio_write failed. [ 84.645893][ T6029] dvb-usb: bulk message failed: -22 (3/0) [ 84.648133][ T6029] usb 6-1: bluebird_gpio_write failed. [ 84.667417][ T6029] DVB: Unable to find symbol dib7000p_attach() [ 84.669740][ T6029] dvb-usb: no frontend was attached by 'DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2)' [ 84.715939][ T6029] rc_core: IR keymap rc-dvico-mce not found [ 84.717975][ T6029] Registered IR keymap rc-empty [ 84.722450][ T6029] rc rc0: DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2) as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0 [ 84.729816][ T6029] input: DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2) as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input6 [ 84.737549][ T6029] dvb-usb: schedule remote query interval to 100 msecs. [ 84.740129][ T6029] dvb-usb: DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2) successfully initialized and connected. [ 84.789816][ T29] usb 6-1: USB disconnect, device number 2 [ 84.826397][ T29] dvb-usb: DViCO FusionHDTV DVB-T Dual Digital 4 ( successfully deinitialized and disconnected. [ 85.046294][ T6414] netlink: 8 bytes leftover after parsing attributes in process `syz.2.118'. [ 85.311361][ T6029] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 85.478451][ T6029] usb 8-1: config 0 has no interfaces? [ 85.481308][ T6029] usb 8-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 85.485525][ T6029] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.492324][ T6029] usb 8-1: config 0 descriptor?? [ 85.547394][ T6427] /dev/sr0: Can't open blockdev [ 85.687164][ T6433] netlink: 4 bytes leftover after parsing attributes in process `syz.1.123'. [ 85.709930][ T6412] hid-generic 0003:0627:0001.0001: pid 6412 passed too short report [ 85.712763][ T6433] bond1: (slave ip6gretap1): making interface the new active one [ 85.713448][ T34] usb 8-1: USB disconnect, device number 2 [ 85.718437][ T6433] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 85.804156][ T6440] Zero length message leads to an empty skb [ 85.808852][ T6440] ubi: mtd0 is already attached to ubi0 [ 85.859776][ T6442] netlink: 8 bytes leftover after parsing attributes in process `syz.1.127'. [ 86.270782][ T1457] cfg80211: failed to load regulatory.db [ 88.229465][ T6459] FAULT_INJECTION: forcing a failure. [ 88.229465][ T6459] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.233937][ T6459] CPU: 2 UID: 0 PID: 6459 Comm: syz.0.132 Not tainted syzkaller #0 PREEMPT(full) [ 88.233951][ T6459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.233958][ T6459] Call Trace: [ 88.233962][ T6459] [ 88.233967][ T6459] dump_stack_lvl+0x100/0x190 [ 88.233987][ T6459] should_fail_ex.cold+0x5/0xa [ 88.234000][ T6459] _copy_from_iter+0x1f4/0x1690 [ 88.234017][ T6459] ? __pfx__copy_from_iter+0x10/0x10 [ 88.234032][ T6459] ? find_held_lock+0x2b/0x80 [ 88.234042][ T6459] ? rawv6_sendmsg+0xb3c/0x4420 [ 88.234052][ T6459] ? rawv6_sendmsg+0xb3c/0x4420 [ 88.234063][ T6459] rawv6_sendmsg+0x244a/0x4420 [ 88.234073][ T6459] ? is_bpf_text_address+0x8a/0x1a0 [ 88.234097][ T6459] ? bpf_get_uprobe_info+0x34a/0x3f0 [ 88.234110][ T6459] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 88.234119][ T6459] ? __kernel_text_address+0xd/0x30 [ 88.234135][ T6459] ? unwind_get_return_address+0x59/0xa0 [ 88.234148][ T6459] ? __lock_acquire+0x4a5/0x2630 [ 88.234175][ T6459] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 88.234186][ T6459] ? inet_sendmsg+0x11c/0x140 [ 88.234199][ T6459] inet_sendmsg+0x11c/0x140 [ 88.234211][ T6459] sock_write_iter+0x4ea/0x5a0 [ 88.234224][ T6459] ? __pfx_inet_sendmsg+0x10/0x10 [ 88.234236][ T6459] ? __pfx_sock_write_iter+0x10/0x10 [ 88.234248][ T6459] ? get_pid_task+0xfc/0x250 [ 88.234264][ T6459] ? bpf_lsm_file_permission+0x9/0x10 [ 88.234275][ T6459] ? security_file_permission+0x76/0x210 [ 88.234289][ T6459] ? rw_verify_area+0xce/0x6d0 [ 88.234306][ T6459] vfs_write+0x6ac/0x1070 [ 88.234317][ T6459] ? __pfx_sock_write_iter+0x10/0x10 [ 88.234336][ T6459] ? __pfx_vfs_write+0x10/0x10 [ 88.234349][ T6459] ? find_held_lock+0x2b/0x80 [ 88.234380][ T6459] ksys_write+0x1f8/0x250 [ 88.234396][ T6459] ? __pfx_ksys_write+0x10/0x10 [ 88.234414][ T6459] ? __pfx_ksys_write+0x10/0x10 [ 88.234436][ T6459] __do_fast_syscall_32+0xe3/0x8c0 [ 88.234459][ T6459] do_fast_syscall_32+0x32/0x70 [ 88.234478][ T6459] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 88.234496][ T6459] RIP: 0023:0xf7fa7f6c [ 88.234505][ T6459] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 88.234515][ T6459] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 88.234525][ T6459] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800000c0 [ 88.234532][ T6459] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000000 [ 88.234537][ T6459] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 88.234543][ T6459] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 88.234548][ T6459] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 88.234560][ T6459] [ 88.724700][ T6456] pvfs2: Unknown parameter '/dev/iommu' [ 89.955884][ T50] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 90.105973][ T50] usb 6-1: Using ep0 maxpacket: 8 [ 90.109716][ T50] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 90.112241][ T50] usb 6-1: config 0 has no interface number 0 [ 90.114183][ T50] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 90.117811][ T50] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 50335, setting to 1024 [ 90.121567][ T50] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 90.124583][ T50] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.129837][ T50] usb 6-1: config 0 descriptor?? [ 90.132906][ T6490] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 90.139471][ T50] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 90.368211][ T50] usb 6-1: USB disconnect, device number 3 [ 90.371730][ T6502] overlayfs: failed lookup in lower (newroot/34, name='file1', err=-40): overlapping layers [ 90.629666][ T6510] syz.2.146 uses obsolete (PF_INET,SOCK_PACKET) [ 90.638108][ T1457] Process accounting resumed [ 91.120348][ T6513] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 91.234674][ T6499] Process accounting resumed [ 91.656059][ T50] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 91.825883][ T50] usb 5-1: Using ep0 maxpacket: 8 [ 91.830413][ T50] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 91.833903][ T50] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 91.840418][ T50] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 91.843583][ T50] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 91.849225][ T50] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 91.852138][ T50] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.903737][ T6522] netlink: 8 bytes leftover after parsing attributes in process `syz.1.153'. [ 92.068649][ T50] usb 5-1: GET_CAPABILITIES returned 0 [ 92.070516][ T50] usbtmc 5-1:16.0: can't read capabilities [ 92.115705][ T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 92.276182][ T50] usb 5-1: USB disconnect, device number 4 [ 92.306420][ T10] usb 8-1: Using ep0 maxpacket: 8 [ 92.311838][ T10] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 92.321345][ T10] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 92.329654][ T10] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 92.336395][ T10] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 92.350525][ T10] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 92.357884][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.590340][ T10] usb 8-1: GET_CAPABILITIES returned 0 [ 92.594645][ T10] usbtmc 8-1:16.0: can't read capabilities [ 92.794423][ T6521] FAULT_INJECTION: forcing a failure. [ 92.794423][ T6521] name failslab, interval 1, probability 0, space 0, times 0 [ 92.805932][ T6521] CPU: 2 UID: 0 PID: 6521 Comm: syz.3.152 Not tainted syzkaller #0 PREEMPT(full) [ 92.805951][ T6521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 92.805958][ T6521] Call Trace: [ 92.805965][ T6521] [ 92.805971][ T6521] dump_stack_lvl+0x100/0x190 [ 92.805994][ T6521] should_fail_ex.cold+0x5/0xa [ 92.806009][ T6521] ? tomoyo_realpath_from_path+0xb6/0x690 [ 92.806026][ T6521] should_failslab+0xc2/0x120 [ 92.806040][ T6521] __kmalloc_noprof+0xe0/0x850 [ 92.806064][ T6521] tomoyo_realpath_from_path+0xb6/0x690 [ 92.806086][ T6521] tomoyo_path_number_perm+0x23c/0x580 [ 92.806101][ T6521] ? tomoyo_path_number_perm+0x22e/0x580 [ 92.806170][ T6521] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 92.806201][ T6521] ? find_held_lock+0x2b/0x80 [ 92.806213][ T6521] ? hook_file_ioctl_common+0x146/0x410 [ 92.806230][ T6521] ? __fget_files+0x215/0x3d0 [ 92.806245][ T6521] ? __fget_files+0x21f/0x3d0 [ 92.806259][ T6521] security_file_ioctl_compat+0xd3/0x230 [ 92.806277][ T6521] __ia32_compat_sys_ioctl+0xc2/0x360 [ 92.806299][ T6521] __do_fast_syscall_32+0xe3/0x8c0 [ 92.806315][ T6521] do_fast_syscall_32+0x32/0x70 [ 92.806329][ T6521] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.806345][ T6521] RIP: 0023:0xf705ef6c [ 92.806356][ T6521] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 92.806368][ T6521] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 92.806380][ T6521] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c0145b0d [ 92.806387][ T6521] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 92.806394][ T6521] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 92.806401][ T6521] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 92.806407][ T6521] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.806422][ T6521] [ 92.806428][ T6521] ERROR: Out of memory at tomoyo_realpath_from_path. [ 92.919057][ T10] usb 8-1: USB disconnect, device number 3 [ 94.268722][ T6558] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 94.517216][ T6564] FAULT_INJECTION: forcing a failure. [ 94.517216][ T6564] name failslab, interval 1, probability 0, space 0, times 0 [ 94.526332][ T6564] CPU: 3 UID: 0 PID: 6564 Comm: syz.0.164 Not tainted syzkaller #0 PREEMPT(full) [ 94.526351][ T6564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 94.526358][ T6564] Call Trace: [ 94.526362][ T6564] [ 94.526366][ T6564] dump_stack_lvl+0x100/0x190 [ 94.526386][ T6564] should_fail_ex.cold+0x5/0xa [ 94.526400][ T6564] should_failslab+0xc2/0x120 [ 94.526412][ T6564] __kmalloc_cache_noprof+0x7a/0x6f0 [ 94.526427][ T6564] ? resv_map_alloc+0x46/0x400 [ 94.526436][ T6564] ? ksys_write+0x190/0x250 [ 94.526448][ T6564] resv_map_alloc+0x46/0x400 [ 94.526458][ T6564] hugetlbfs_get_inode+0x2fe/0x750 [ 94.526470][ T6564] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 94.526484][ T6564] hugetlb_file_setup+0x15b/0x5b0 [ 94.526497][ T6564] ksys_mmap_pgoff+0x232/0x650 [ 94.526510][ T6564] ? fput+0x79/0x100 [ 94.526522][ T6564] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 94.526533][ T6564] ? __pfx_ksys_write+0x10/0x10 [ 94.526546][ T6564] __do_fast_syscall_32+0xe3/0x8c0 [ 94.526559][ T6564] do_fast_syscall_32+0x32/0x70 [ 94.526570][ T6564] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 94.526584][ T6564] RIP: 0023:0xf7fa7f6c [ 94.526593][ T6564] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 94.526603][ T6564] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 00000000000000c0 [ 94.526615][ T6564] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000ff5000 [ 94.526621][ T6564] RDX: 0000000000000002 RSI: 000000000004c831 RDI: 00000000ffffffff [ 94.526627][ T6564] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 94.526633][ T6564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 94.526638][ T6564] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 94.526651][ T6564] [ 96.189968][ T6578] ======================================================= [ 96.189968][ T6578] WARNING: The mand mount option has been deprecated and [ 96.189968][ T6578] and is ignored by this kernel. Remove the mand [ 96.189968][ T6578] option from the mount to silence this warning. [ 96.189968][ T6578] ======================================================= [ 96.204265][ T6578] tmpfs: Unknown parameter 'inodu32' [ 96.321700][ T6582] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.169'. [ 96.481047][ T6588] warning: `syz.0.172' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 96.521132][ T6588] mac80211_hwsim hwsim7 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 96.525029][ T6587] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.171'. [ 96.723789][ T40] kauditd_printk_skb: 177 callbacks suppressed [ 96.723806][ T40] audit: type=1326 audit(1774670155.623:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.737879][ T40] audit: type=1326 audit(1774670155.623:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.754746][ T40] audit: type=1326 audit(1774670155.643:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=57 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.765222][ T40] audit: type=1326 audit(1774670155.643:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.773582][ T6605] netlink: 24 bytes leftover after parsing attributes in process `syz.3.179'. [ 96.775696][ T40] audit: type=1326 audit(1774670155.643:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.789162][ T40] audit: type=1326 audit(1774670155.643:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.798177][ T40] audit: type=1326 audit(1774670155.643:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.809028][ T40] audit: type=1326 audit(1774670155.643:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.818947][ T6601] Illegal XDP return value 4294967262 on prog (id 17) dev N/A, expect packet loss! [ 96.819177][ T40] audit: type=1326 audit(1774670155.643:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.831966][ T40] audit: type=1326 audit(1774670155.643:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6598 comm="syz.1.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 96.887914][ T6609] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 97.020756][ T6613] netlink: 8 bytes leftover after parsing attributes in process `syz.3.180'. [ 97.095209][ T6618] Bluetooth: MGMT ver 1.23 [ 97.375947][ T39] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 97.525977][ T39] usb 5-1: Using ep0 maxpacket: 8 [ 97.533921][ T39] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 97.537858][ T39] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 97.541129][ T39] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 97.544572][ T39] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 97.549058][ T39] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 97.552709][ T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.764248][ T39] usb 5-1: GET_CAPABILITIES returned 0 [ 97.766612][ T39] usbtmc 5-1:16.0: can't read capabilities [ 97.826969][ T6630] syz.2.184 (6630) used greatest stack depth: 19088 bytes left [ 97.968241][ T39] usb 5-1: USB disconnect, device number 5 [ 98.239431][ T6624] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 98.243586][ T6624] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 98.249796][ T6624] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 98.253616][ T6624] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 98.255684][ T6624] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 98.258786][ T6624] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 98.263808][ T6624] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 98.265982][ T6624] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 98.268902][ T6624] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 98.273145][ T6624] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 98.275402][ T6624] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 98.279048][ T6624] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 99.415913][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout [ 100.205250][ T6663] binder: 6660:6663 ioctl c0306201 0 returned -14 [ 100.206085][ T6662] binder: 6660:6662 ioctl c0306201 0 returned -14 [ 100.305877][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout [ 100.308070][ T5951] Bluetooth: hci2: command 0x0c1a tx timeout [ 100.308108][ T5295] Bluetooth: hci1: command 0x0c1a tx timeout [ 100.313056][ T1225] wlan1: Trigger new scan to find an IBSS to join [ 101.058252][ T6670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.193'. [ 101.093585][ T6672] futex_wake_op: syz.1.194 tries to shift op by 144; fix this program [ 101.655855][ T5295] Bluetooth: hci0: command 0x0c1a tx timeout [ 101.753604][ T6683] pvfs2: Unknown parameter '/dev/iommu' [ 102.213636][ T6687] FAULT_INJECTION: forcing a failure. [ 102.213636][ T6687] name failslab, interval 1, probability 0, space 0, times 0 [ 102.217757][ T6687] CPU: 1 UID: 0 PID: 6687 Comm: syz.3.200 Not tainted syzkaller #0 PREEMPT(full) [ 102.217771][ T6687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 102.217778][ T6687] Call Trace: [ 102.217782][ T6687] [ 102.217787][ T6687] dump_stack_lvl+0x100/0x190 [ 102.217807][ T6687] should_fail_ex.cold+0x5/0xa [ 102.217820][ T6687] ? tomoyo_realpath_from_path+0xb6/0x690 [ 102.217836][ T6687] should_failslab+0xc2/0x120 [ 102.217848][ T6687] __kmalloc_noprof+0xe0/0x850 [ 102.217867][ T6687] tomoyo_realpath_from_path+0xb6/0x690 [ 102.217885][ T6687] tomoyo_path_number_perm+0x23c/0x580 [ 102.217897][ T6687] ? tomoyo_path_number_perm+0x22e/0x580 [ 102.217911][ T6687] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 102.217936][ T6687] ? find_held_lock+0x2b/0x80 [ 102.217946][ T6687] ? hook_file_ioctl_common+0x146/0x410 [ 102.217960][ T6687] ? __fget_files+0x215/0x3d0 [ 102.217973][ T6687] ? __fget_files+0x21f/0x3d0 [ 102.217985][ T6687] security_file_ioctl_compat+0xd3/0x230 [ 102.218000][ T6687] __ia32_compat_sys_ioctl+0xc2/0x360 [ 102.218017][ T6687] __do_fast_syscall_32+0xe3/0x8c0 [ 102.218031][ T6687] do_fast_syscall_32+0x32/0x70 [ 102.218042][ T6687] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 102.218056][ T6687] RIP: 0023:0xf705ef6c [ 102.218064][ T6687] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 102.218080][ T6687] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 102.218090][ T6687] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0306201 [ 102.218096][ T6687] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000 [ 102.218102][ T6687] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 102.218107][ T6687] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 102.218113][ T6687] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 102.218126][ T6687] [ 102.218131][ T6687] ERROR: Out of memory at tomoyo_realpath_from_path. [ 102.376873][ T5295] Bluetooth: hci1: command 0x0c1a tx timeout [ 102.377683][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout [ 102.379090][ T5295] Bluetooth: hci2: command 0x0c1a tx timeout [ 102.415762][ T6695] futex_wake_op: syz.3.203 tries to shift op by 144; fix this program [ 103.406014][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 103.406025][ T40] audit: type=1326 audit(1774670162.293:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406058][ T40] audit: type=1326 audit(1774670162.293:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406079][ T40] audit: type=1326 audit(1774670162.293:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406102][ T40] audit: type=1326 audit(1774670162.293:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406124][ T40] audit: type=1326 audit(1774670162.293:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406146][ T40] audit: type=1326 audit(1774670162.293:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406169][ T40] audit: type=1326 audit(1774670162.293:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406191][ T40] audit: type=1326 audit(1774670162.293:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406211][ T40] audit: type=1326 audit(1774670162.293:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.406314][ T40] audit: type=1326 audit(1774670162.293:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz.2.207" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 103.586181][ T6721] FAULT_INJECTION: forcing a failure. [ 103.586181][ T6721] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.591665][ T6721] CPU: 2 UID: 0 PID: 6721 Comm: syz.3.210 Not tainted syzkaller #0 PREEMPT(full) [ 103.591690][ T6721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 103.591700][ T6721] Call Trace: [ 103.591707][ T6721] [ 103.591714][ T6721] dump_stack_lvl+0x100/0x190 [ 103.591745][ T6721] should_fail_ex.cold+0x5/0xa [ 103.591767][ T6721] _copy_from_user+0x2e/0xd0 [ 103.591791][ T6721] get_compat_msghdr+0xb3/0x4b0 [ 103.591818][ T6721] ? __pfx_get_compat_msghdr+0x10/0x10 [ 103.591851][ T6721] ___sys_sendmsg+0x1b6/0x1e0 [ 103.591876][ T6721] ? __pfx____sys_sendmsg+0x10/0x10 [ 103.591926][ T6721] __sys_sendmsg+0x170/0x220 [ 103.591954][ T6721] ? __pfx___sys_sendmsg+0x10/0x10 [ 103.591993][ T6721] ? __pfx_ksys_write+0x10/0x10 [ 103.592017][ T6721] __do_fast_syscall_32+0xe3/0x8c0 [ 103.592039][ T6721] do_fast_syscall_32+0x32/0x70 [ 103.592058][ T6721] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 103.592080][ T6721] RIP: 0023:0xf705ef6c [ 103.592095][ T6721] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 103.592110][ T6721] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 103.592128][ T6721] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001440 [ 103.592138][ T6721] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 103.592147][ T6721] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 103.592154][ T6721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.592164][ T6721] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 103.592186][ T6721] [ 103.747501][ T5295] Bluetooth: hci0: command 0x0c1a tx timeout [ 103.885053][ T6734] futex_wake_op: syz.3.213 tries to shift op by 144; fix this program [ 103.941641][ T6728] ALSA: mixer_oss: invalid OSS volume '' [ 103.952053][ T6728] ALSA: mixer_oss: invalid OSS volume '9[&?ļx;Bb[rSHٝsr' [ 103.965010][ T6728] ALSA: mixer_oss: invalid OSS volume '`~'5{&]c} {x.e8' [ 104.025942][ T6728] ALSA: mixer_oss: invalid OSS volume 'j'|]jpi?.>̡|' [ 104.029057][ T6728] ALSA: mixer_oss: invalid OSS volume '\SO\ ,4Qx' [ 104.031758][ T6728] ALSA: mixer_oss: invalid OSS volume 'Qq*h0;bZ1#<3 P' [ 104.034492][ T6728] ALSA: mixer_oss: invalid OSS volume 'S ߌ_q' [ 104.037124][ T6728] ALSA: mixer_oss: invalid OSS volume '):{bvijp"g_6fݢ' [ 104.039927][ T6728] ALSA: mixer_oss: invalid OSS volume 'Xr]X[*ۇ8tf;v6' [ 104.042603][ T6728] ALSA: mixer_oss: invalid OSS volume '8L&wrˍ' [ 104.044832][ T6728] ALSA: mixer_oss: invalid OSS volume 'zap1oRR|/`' [ 104.047758][ T6728] ALSA: mixer_oss: invalid OSS volume '_y4"PI]Yye3O|K7qa' [ 104.051537][ T6728] ALSA: mixer_oss: invalid OSS volume '\Qa2` g34%aFa v' [ 104.054840][ T6728] ALSA: mixer_oss: invalid OSS volume 'Avb4xf[k'3Rg' [ 104.058271][ T6728] ALSA: mixer_oss: invalid OSS volume 'uneB?' [ 104.061142][ T6728] ALSA: mixer_oss: invalid OSS volume 'Y*)i-?9j(/1G:ECWw' [ 104.064730][ T6728] ALSA: mixer_oss: invalid OSS volume 'ұB;T`@$EcXMYd,' [ 104.069129][ T6728] ALSA: mixer_oss: invalid OSS volume 'b@h#' [ 104.071803][ T6728] ALSA: mixer_oss: invalid OSS volume 'h4XS4v=0_>&' [ 104.075608][ T6728] ALSA: mixer_oss: invalid OSS volume '|/"tj' [ 104.079042][ T6728] ALSA: mixer_oss: invalid OSS volume '-z5c^J6$' [ 104.084469][ T6728] ALSA: mixer_oss: invalid OSS volume '0Ty󉴪jP&at' [ 104.089859][ T6728] ALSA: mixer_oss: invalid OSS volume '|~\' [ 104.093868][ T6728] ALSA: mixer_oss: invalid OSS volume '@^3bɜ}G$#\("/oL' [ 104.099720][ T6728] ALSA: mixer_oss: invalid OSS volume 'I :' [ 104.105429][ T6728] ALSA: mixer_oss: invalid OSS volume '%^vhcGJPr('⍯Q=' [ 104.108442][ T6728] ALSA: mixer_oss: invalid OSS volume ' Gj;4Ìz3WҼ0F=%' [ 104.111213][ T6728] ALSA: mixer_oss: invalid OSS volume ';4 4fh߇GIבQ5oJ' [ 104.115035][ T6728] ALSA: mixer_oss: invalid OSS volume 'Wl]Y1-J<A>o' [ 104.220741][ T6740] bridge_slave_0: left allmulticast mode [ 104.225745][ T6740] bridge_slave_0: left promiscuous mode [ 104.229829][ T6740] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.257239][ T6741] FAULT_INJECTION: forcing a failure. [ 104.257239][ T6741] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 104.262945][ T6741] CPU: 3 UID: 0 PID: 6741 Comm: syz.1.215 Not tainted syzkaller #0 PREEMPT(full) [ 104.262969][ T6741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 104.262980][ T6741] Call Trace: [ 104.262988][ T6741] [ 104.262996][ T6741] dump_stack_lvl+0x100/0x190 [ 104.263027][ T6741] should_fail_ex.cold+0x5/0xa [ 104.263049][ T6741] _copy_from_user+0x2e/0xd0 [ 104.263071][ T6741] get_compat_msghdr+0xb3/0x4b0 [ 104.263098][ T6741] ? __pfx_get_compat_msghdr+0x10/0x10 [ 104.263123][ T6741] ? _kstrtoull+0x13c/0x1f0 [ 104.263150][ T6741] ? __lock_acquire+0x4a5/0x2630 [ 104.263179][ T6741] ___sys_recvmsg+0x193/0x1a0 [ 104.263202][ T6741] ? __pfx____sys_recvmsg+0x10/0x10 [ 104.263226][ T6741] ? find_held_lock+0x2b/0x80 [ 104.263259][ T6741] do_recvmmsg+0x563/0x760 [ 104.263284][ T6741] ? __pfx_do_recvmmsg+0x10/0x10 [ 104.263309][ T6741] ? ksys_write+0x190/0x250 [ 104.263331][ T6741] ? ksys_write+0x190/0x250 [ 104.263357][ T6741] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 104.263382][ T6741] __sys_recvmmsg+0x21f/0x270 [ 104.263410][ T6741] ? __pfx___sys_recvmmsg+0x10/0x10 [ 104.263439][ T6741] ? ksys_write+0x1ac/0x250 [ 104.263459][ T6741] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 104.263487][ T6741] ? __do_fast_syscall_32+0x94/0x8c0 [ 104.263505][ T6741] ? lockdep_hardirqs_on+0x78/0x100 [ 104.263532][ T6741] __do_fast_syscall_32+0xe3/0x8c0 [ 104.263553][ T6741] do_fast_syscall_32+0x32/0x70 [ 104.263572][ T6741] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 104.263595][ T6741] RIP: 0023:0xf7f35f6c [ 104.263610][ T6741] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 104.263625][ T6741] RSP: 002b:00000000f53d550c EFLAGS: 00000292 ORIG_RAX: 0000000000000151 [ 104.263642][ T6741] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080002380 [ 104.263654][ T6741] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.263663][ T6741] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 104.263673][ T6741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.263683][ T6741] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 104.263706][ T6741] [ 104.344020][ T99] wlan1: Trigger new scan to find an IBSS to join [ 104.419002][ T6740] bridge_slave_1: left allmulticast mode [ 104.423585][ T6740] bridge_slave_1: left promiscuous mode [ 104.425510][ T6740] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.432534][ T6740] bond0: (slave bond_slave_0): Releasing backup interface [ 104.439102][ T6740] bond0: (slave bond_slave_1): Releasing backup interface [ 104.452229][ T6740] team0: Port device team_slave_0 removed [ 104.455894][ T5295] Bluetooth: hci3: command 0x0c1a tx timeout [ 104.456183][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout [ 104.458478][ T5295] Bluetooth: hci1: command 0x0c1a tx timeout [ 104.466422][ T6740] team0: Port device team_slave_1 removed [ 104.469616][ T6740] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 104.472789][ T6740] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.479268][ T6740] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 104.482385][ T6740] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.508238][ T6740] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 105.258709][ T1225] wlan1: Creating new IBSS network, BSSID 66:ae:4d:0a:ae:cb [ 105.286808][ T6750] netlink: 268 bytes leftover after parsing attributes in process `syz.1.217'. [ 105.290864][ T6750] netlink: 136 bytes leftover after parsing attributes in process `syz.1.217'. [ 105.294472][ T6750] netlink: 16 bytes leftover after parsing attributes in process `syz.1.217'. [ 105.796005][ T6749] syz.1.217: page allocation failure: order:0, mode:0x340cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_THISNODE), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 105.801932][ T6749] CPU: 2 UID: 0 PID: 6749 Comm: syz.1.217 Not tainted syzkaller #0 PREEMPT(full) [ 105.801960][ T6749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 105.801967][ T6749] Call Trace: [ 105.801970][ T6749] [ 105.801975][ T6749] dump_stack_lvl+0x100/0x190 [ 105.801996][ T6749] warn_alloc.cold+0x95/0x1c1 [ 105.802015][ T6749] ? __pfx_warn_alloc+0x10/0x10 [ 105.802031][ T6749] ? __mutex_unlock_slowpath+0x15c/0x790 [ 105.802057][ T6749] ? __alloc_frozen_pages_noprof+0xd68/0x2ba0 [ 105.802081][ T6749] __alloc_frozen_pages_noprof+0xf36/0x2ba0 [ 105.802106][ T6749] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 105.802123][ T6749] ? __pfx_css_rstat_updated+0x10/0x10 [ 105.802138][ T6749] ? __lock_acquire+0x4a5/0x2630 [ 105.802154][ T6749] ? __lock_acquire+0x4a5/0x2630 [ 105.802174][ T6749] __folio_alloc_noprof+0x13/0x2f0 [ 105.802191][ T6749] alloc_migration_target+0x1d7/0x6d0 [ 105.802205][ T6749] migrate_pages_batch+0x4f2/0x4530 [ 105.802219][ T6749] ? __pfx_alloc_migration_target+0x10/0x10 [ 105.802237][ T6749] ? __pfx_migrate_pages_batch+0x10/0x10 [ 105.802255][ T6749] ? __pfx___schedule+0x10/0x10 [ 105.802272][ T6749] ? __lock_acquire+0x4a5/0x2630 [ 105.802296][ T6749] migrate_pages_sync+0x12c/0x880 [ 105.802310][ T6749] ? __pfx_alloc_migration_target+0x10/0x10 [ 105.802325][ T6749] ? __pfx_migrate_pages_sync+0x10/0x10 [ 105.802344][ T6749] migrate_pages+0x1aae/0x28a0 [ 105.802360][ T6749] ? __pfx_alloc_migration_target+0x10/0x10 [ 105.802375][ T6749] ? __pfx_migrate_pages+0x10/0x10 [ 105.802391][ T6749] ? __lock_acquire+0x4a5/0x2630 [ 105.802406][ T6749] ? mtree_load+0x32d/0xa40 [ 105.802419][ T6749] move_pages_and_store_status+0xf1/0x230 [ 105.802433][ T6749] ? __pfx_move_pages_and_store_status+0x10/0x10 [ 105.802453][ T6749] kernel_move_pages+0xc47/0x13f0 [ 105.802471][ T6749] ? __pfx_kernel_move_pages+0x10/0x10 [ 105.802488][ T6749] ? xfd_validate_state+0x129/0x190 [ 105.802507][ T6749] __ia32_sys_move_pages+0xdd/0x1b0 [ 105.802521][ T6749] ? __do_fast_syscall_32+0x94/0x8c0 [ 105.802531][ T6749] ? lockdep_hardirqs_on+0x78/0x100 [ 105.802548][ T6749] __do_fast_syscall_32+0xe3/0x8c0 [ 105.802560][ T6749] do_fast_syscall_32+0x32/0x70 [ 105.802571][ T6749] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 105.802585][ T6749] RIP: 0023:0xf7f35f6c [ 105.802594][ T6749] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 105.802603][ T6749] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 000000000000013d [ 105.802614][ T6749] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000000020a0 [ 105.802620][ T6749] RDX: 0000000080000040 RSI: 0000000080001180 RDI: 0000000080000000 [ 105.802626][ T6749] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 105.802632][ T6749] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 105.802638][ T6749] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 105.802651][ T6749] [ 105.802845][ T6749] Mem-Info: [ 105.871809][ T6755] 9p: Unknown Cache mode or invalid value fscac [ 105.877848][ T6749] active_anon:12994 inactive_anon:38 isolated_anon:0 [ 105.877848][ T6749] active_file:10587 inactive_file:46087 isolated_file:0 [ 105.877848][ T6749] unevictable:1768 dirty:387 writeback:0 [ 105.877848][ T6749] slab_reclaimable:7997 slab_unreclaimable:51311 [ 105.877848][ T6749] mapped:29082 shmem:5181 pagetables:1092 [ 105.877848][ T6749] sec_pagetables:294 bounce:0 [ 105.877848][ T6749] kernel_misc_reclaimable:0 [ 105.877848][ T6749] free:45699 free_pcp:4543 free_cma:0 [ 105.907942][ T6749] Node 0 active_anon:28kB inactive_anon:28kB active_file:0kB inactive_file:20kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:12kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8648kB pagetables:1360kB sec_pagetables:1140kB all_unreclaimable? yes Balloon:0kB [ 105.916529][ T6749] Node 1 active_anon:51948kB inactive_anon:124kB active_file:42348kB inactive_file:184328kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:116312kB dirty:1536kB writeback:0kB shmem:17188kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4380kB pagetables:3008kB sec_pagetables:36kB all_unreclaimable? no Balloon:0kB [ 105.925424][ T6749] Node 0 DMA free:2736kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 105.933900][ T6749] lowmem_reserve[]: 0 285 285 285 285 [ 105.935529][ T6749] Node 0 DMA32 free:27616kB boost:16384kB min:29452kB low:32716kB high:35980kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28kB inactive_anon:28kB active_file:0kB inactive_file:20kB unevictable:3536kB writepending:12kB zspages:0kB present:1032196kB managed:292500kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 105.944404][ T6749] lowmem_reserve[]: 0 0 0 0 0 [ 105.945841][ T6749] Node 1 DMA32 free:151292kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:51948kB inactive_anon:124kB active_file:42348kB inactive_file:184328kB unevictable:3536kB writepending:1536kB zspages:2040kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:18272kB local_pcp:192kB free_cma:0kB [ 105.955044][ T6749] lowmem_reserve[]: 0 0 0 0 0 [ 105.956572][ T6749] Node 0 DMA: 22*4kB (U) 5*8kB (UM) 6*16kB (U) 25*32kB (UM) 7*64kB (UM) 2*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2752kB [ 105.960974][ T6749] Node 0 DMA32: 626*4kB (UME) 187*8kB (UME) 58*16kB (UME) 237*32kB (UME) 52*64kB (UME) 24*128kB (UM) 10*256kB (UME) 8*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 27616kB [ 105.967534][ T6749] Node 1 DMA32: 295*4kB (ME) 558*8kB (UME) 539*16kB (UME) 150*32kB (UME) 153*64kB (UME) 119*128kB (UME) 84*256kB (UME) 45*512kB (UME) 19*1024kB (UME) 9*2048kB (UM) 6*4096kB (UM) = 151100kB [ 105.974088][ T6749] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 105.979315][ T6749] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 105.981924][ T6749] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 105.984658][ T6749] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 105.987565][ T6749] 62390 total pagecache pages [ 105.988951][ T6749] 539 pages in swap cache [ 105.990194][ T6749] Free swap = 119564kB [ 105.991415][ T6749] Total swap = 124996kB [ 105.992626][ T6749] 524155 pages RAM [ 105.993716][ T6749] 0 pages HighMem/MovableOnly [ 105.995074][ T6749] 210137 pages reserved [ 105.996707][ T6749] 0 pages cma reserved [ 106.185721][ T6763] futex_wake_op: syz.1.222 tries to shift op by 144; fix this program [ 106.205320][ T6765] netlink: 8 bytes leftover after parsing attributes in process `syz.2.223'. [ 107.410469][ T6767] /dev/sr0: Can't open blockdev [ 107.912442][ T6790] FAULT_INJECTION: forcing a failure. [ 107.912442][ T6790] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 107.917491][ T6790] CPU: 3 UID: 0 PID: 6790 Comm: syz.3.230 Not tainted syzkaller #0 PREEMPT(full) [ 107.917506][ T6790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.917512][ T6790] Call Trace: [ 107.917517][ T6790] [ 107.917521][ T6790] dump_stack_lvl+0x100/0x190 [ 107.917547][ T6790] should_fail_ex.cold+0x5/0xa [ 107.917569][ T6790] _copy_from_user+0x2e/0xd0 [ 107.917592][ T6790] get_compat_msghdr+0xb3/0x4b0 [ 107.917619][ T6790] ? __pfx_get_compat_msghdr+0x10/0x10 [ 107.917652][ T6790] ___sys_sendmsg+0x1b6/0x1e0 [ 107.917675][ T6790] ? __pfx____sys_sendmsg+0x10/0x10 [ 107.917723][ T6790] __sys_sendmsg+0x170/0x220 [ 107.917749][ T6790] ? __pfx___sys_sendmsg+0x10/0x10 [ 107.917780][ T6790] ? __pfx_ksys_write+0x10/0x10 [ 107.917794][ T6790] __do_fast_syscall_32+0xe3/0x8c0 [ 107.917807][ T6790] do_fast_syscall_32+0x32/0x70 [ 107.917818][ T6790] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 107.917832][ T6790] RIP: 0023:0xf705ef6c [ 107.917841][ T6790] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 107.917850][ T6790] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 107.917861][ T6790] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000340 [ 107.917867][ T6790] RDX: 000000000404c000 RSI: 0000000000000000 RDI: 0000000000000000 [ 107.917888][ T6790] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 107.917894][ T6790] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 107.917899][ T6790] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 107.917912][ T6790] [ 108.248446][ T6795] netlink: 24 bytes leftover after parsing attributes in process `syz.3.231'. [ 108.429606][ T40] kauditd_printk_skb: 415 callbacks suppressed [ 108.429647][ T40] audit: type=1326 audit(1774670167.333:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.440289][ T40] audit: type=1326 audit(1774670167.283:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.449426][ T40] audit: type=1326 audit(1774670167.343:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.463445][ T40] audit: type=1326 audit(1774670167.343:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.481697][ T40] audit: type=1326 audit(1774670167.343:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.499278][ T40] audit: type=1326 audit(1774670167.343:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.527025][ T40] audit: type=1326 audit(1774670167.343:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.538452][ T40] audit: type=1326 audit(1774670167.343:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.562183][ T40] audit: type=1326 audit(1774670167.343:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.570727][ T40] audit: type=1326 audit(1774670167.343:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 108.747396][ T6804] netlink: 'syz.0.232': attribute type 16 has an invalid length. [ 108.750779][ T6804] netlink: 48 bytes leftover after parsing attributes in process `syz.0.232'. [ 108.790665][ T6804] veth1_macvtap: entered allmulticast mode [ 108.833947][ T6807] netlink: zone id is out of range [ 108.835625][ T6807] netlink: zone id is out of range [ 108.847450][ T6807] netlink: set zone limit has 8 unknown bytes [ 109.206351][ T39] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 109.365930][ T39] usb 8-1: Using ep0 maxpacket: 8 [ 109.369915][ T39] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 109.373244][ T39] usb 8-1: config 0 has no interface number 0 [ 109.375678][ T39] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 109.380823][ T39] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 50335, setting to 1024 [ 109.388913][ T39] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 109.392552][ T39] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.399665][ T39] usb 8-1: config 0 descriptor?? [ 109.402240][ T6811] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 109.410972][ T39] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 109.712178][ T34] usb 8-1: USB disconnect, device number 4 [ 110.742551][ T6842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.754512][ T6842] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.788027][ T6842] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 111.089870][ T6846] pvfs2: Unknown parameter '/dev/iommu' [ 111.549927][ T6852] 9pnet_virtio: no channels available for device syz [ 112.275935][ T34] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 112.445875][ T34] usb 7-1: Using ep0 maxpacket: 8 [ 112.449711][ T34] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 112.453541][ T34] usb 7-1: config 0 has no interface number 0 [ 112.457460][ T34] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 112.462036][ T34] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 50335, setting to 1024 [ 112.476363][ T34] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 112.479886][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.485674][ T34] usb 7-1: config 0 descriptor?? [ 112.490233][ T6866] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 112.495647][ T34] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 112.790400][ T34] usb 7-1: USB disconnect, device number 2 [ 113.490156][ T6889] (syz.2.256,6889,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 113.497357][ T6889] (syz.2.256,6889,3):ocfs2_fill_super:1177 ERROR: status = -22 [ 114.313673][ T6893] syzkaller0: entered promiscuous mode [ 114.315490][ T6893] syzkaller0: entered allmulticast mode [ 114.577866][ T40] kauditd_printk_skb: 433 callbacks suppressed [ 114.577882][ T40] audit: type=1326 audit(1774670173.483:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.615542][ T6904] FAULT_INJECTION: forcing a failure. [ 114.615542][ T6904] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 114.615594][ T40] audit: type=1326 audit(1774670173.503:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.625513][ T6904] CPU: 3 UID: 0 PID: 6904 Comm: syz.2.262 Not tainted syzkaller #0 PREEMPT(full) [ 114.625537][ T6904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 114.625546][ T6904] Call Trace: [ 114.625554][ T6904] [ 114.625561][ T6904] dump_stack_lvl+0x100/0x190 [ 114.625589][ T6904] should_fail_ex.cold+0x5/0xa [ 114.625609][ T6904] _copy_from_user+0x2e/0xd0 [ 114.625630][ T6904] get_compat_msghdr+0xb3/0x4b0 [ 114.625654][ T6904] ? __pfx_get_compat_msghdr+0x10/0x10 [ 114.625684][ T6904] ___sys_sendmsg+0x1b6/0x1e0 [ 114.625706][ T6904] ? __pfx____sys_sendmsg+0x10/0x10 [ 114.625751][ T6904] __sys_sendmsg+0x170/0x220 [ 114.625776][ T6904] ? __pfx___sys_sendmsg+0x10/0x10 [ 114.625820][ T6904] ? __pfx_ksys_write+0x10/0x10 [ 114.625834][ T6904] __do_fast_syscall_32+0xe3/0x8c0 [ 114.625848][ T6904] do_fast_syscall_32+0x32/0x70 [ 114.625859][ T6904] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 114.625874][ T6904] RIP: 0023:0xf7f55f6c [ 114.625886][ T6904] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 114.625901][ T6904] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 114.625918][ T6904] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000400 [ 114.625928][ T6904] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 114.625937][ T6904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 114.625946][ T6904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.625960][ T6904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 114.625981][ T6904] [ 114.739077][ T40] audit: type=1326 audit(1774670173.503:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.742652][ T40] audit: type=1326 audit(1774670173.503:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.742687][ T40] audit: type=1326 audit(1774670173.503:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.742708][ T40] audit: type=1326 audit(1774670173.513:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.747393][ T40] audit: type=1326 audit(1774670173.513:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.747435][ T40] audit: type=1326 audit(1774670173.513:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.750382][ T40] audit: type=1326 audit(1774670173.513:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 114.750413][ T40] audit: type=1326 audit(1774670173.513:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6897 comm="syz.0.260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 117.692089][ T1457] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 117.879071][ T1457] usb 6-1: config 0 has no interfaces? [ 117.881517][ T1457] usb 6-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 117.885442][ T1457] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.901841][ T1457] usb 6-1: config 0 descriptor?? [ 118.120544][ T50] usb 6-1: USB disconnect, device number 4 [ 119.760754][ T6975] overlayfs: missing 'lowerdir' [ 119.767924][ T40] kauditd_printk_skb: 417 callbacks suppressed [ 119.767934][ T40] audit: type=1326 audit(1774670178.673:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.0.281" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x0 [ 119.925869][ T40] audit: type=1326 audit(1774670178.823:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.0.281" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 119.943663][ T40] audit: type=1326 audit(1774670178.833:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.0.281" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa7f6c code=0x7ffc0000 [ 120.073402][ T40] audit: type=1326 audit(1774670178.973:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 120.222583][ T40] audit: type=1326 audit(1774670178.973:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 120.230659][ T40] audit: type=1326 audit(1774670178.973:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 120.241308][ T40] audit: type=1326 audit(1774670178.973:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.283" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 120.251941][ T40] audit: type=1326 audit(1774670178.973:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 120.260244][ T40] audit: type=1326 audit(1774670178.983:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 120.267698][ T40] audit: type=1326 audit(1774670178.983:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.283" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 120.681641][ T6994] syzkaller1: entered promiscuous mode [ 120.683479][ T6994] syzkaller1: entered allmulticast mode [ 120.789786][ T6999] geneve2: entered promiscuous mode [ 121.896960][ T7020] pvfs2: Unknown parameter '/dev/iommu' [ 121.995933][ T9] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 122.155917][ T9] usb 8-1: Using ep0 maxpacket: 8 [ 122.163212][ T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 122.168745][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 122.176646][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 122.188356][ T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 122.198693][ T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 122.237870][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.470763][ T9] usb 8-1: GET_CAPABILITIES returned 0 [ 122.472652][ T9] usbtmc 8-1:16.0: can't read capabilities [ 122.682187][ T9] usb 8-1: USB disconnect, device number 5 [ 122.789756][ T7029] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 125.193429][ T7054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 126.137134][ T7067] syzkaller0: entered promiscuous mode [ 126.139027][ T7067] syzkaller0: entered allmulticast mode [ 127.538332][ T7082] FAULT_INJECTION: forcing a failure. [ 127.538332][ T7082] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 127.543416][ T7082] CPU: 1 UID: 0 PID: 7082 Comm: syz.0.309 Not tainted syzkaller #0 PREEMPT(full) [ 127.543434][ T7082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 127.543442][ T7082] Call Trace: [ 127.543448][ T7082] [ 127.543454][ T7082] dump_stack_lvl+0x100/0x190 [ 127.543477][ T7082] should_fail_ex.cold+0x5/0xa [ 127.543492][ T7082] _copy_to_user+0x32/0xd0 [ 127.543509][ T7082] simple_read_from_buffer+0xcb/0x170 [ 127.543530][ T7082] proc_fail_nth_read+0x1af/0x230 [ 127.543546][ T7082] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 127.543562][ T7082] ? rw_verify_area+0xce/0x6d0 [ 127.543580][ T7082] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 127.543595][ T7082] vfs_read+0x1e4/0xb30 [ 127.543608][ T7082] ? __pfx_vfs_read+0x10/0x10 [ 127.543618][ T7082] ? find_held_lock+0x2b/0x80 [ 127.543631][ T7082] ? __fget_files+0x215/0x3d0 [ 127.543646][ T7082] ? __fget_files+0x21f/0x3d0 [ 127.543662][ T7082] ksys_read+0x12a/0x250 [ 127.543673][ T7082] ? __pfx_ksys_read+0x10/0x10 [ 127.543689][ T7082] do_int80_emulation+0x141/0x6b0 [ 127.543705][ T7082] asm_int80_emulation+0x1a/0x20 [ 127.543718][ T7082] RIP: 0023:0xf71a5cab [ 127.543729][ T7082] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 127.543741][ T7082] RSP: 002b:00000000f54664bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 127.543753][ T7082] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f54665d0 [ 127.543760][ T7082] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000 [ 127.543767][ T7082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 127.543773][ T7082] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 127.543780][ T7082] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 127.543794][ T7082] [ 127.976277][ T6079] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 128.099996][ T7090] FAULT_INJECTION: forcing a failure. [ 128.099996][ T7090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 128.105988][ T7090] CPU: 1 UID: 0 PID: 7090 Comm: syz.3.312 Not tainted syzkaller #0 PREEMPT(full) [ 128.106011][ T7090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 128.106021][ T7090] Call Trace: [ 128.106027][ T7090] [ 128.106033][ T7090] dump_stack_lvl+0x100/0x190 [ 128.106065][ T7090] should_fail_ex.cold+0x5/0xa [ 128.106087][ T7090] _copy_from_user+0x2e/0xd0 [ 128.106111][ T7090] get_compat_msghdr+0xb3/0x4b0 [ 128.106140][ T7090] ? __pfx_get_compat_msghdr+0x10/0x10 [ 128.106175][ T7090] ___sys_sendmsg+0x1b6/0x1e0 [ 128.106199][ T7090] ? __pfx____sys_sendmsg+0x10/0x10 [ 128.106250][ T7090] __sys_sendmsg+0x170/0x220 [ 128.106279][ T7090] ? __pfx___sys_sendmsg+0x10/0x10 [ 128.106314][ T7090] ? __pfx_ksys_write+0x10/0x10 [ 128.106339][ T7090] __do_fast_syscall_32+0xe3/0x8c0 [ 128.106362][ T7090] do_fast_syscall_32+0x32/0x70 [ 128.106381][ T7090] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.106405][ T7090] RIP: 0023:0xf705ef6c [ 128.106421][ T7090] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 128.106438][ T7090] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 128.106456][ T7090] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 128.106467][ T7090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 128.106477][ T7090] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 128.106487][ T7090] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 128.106497][ T7090] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 128.106520][ T7090] [ 128.135955][ T6079] usb 6-1: Using ep0 maxpacket: 32 [ 128.247281][ T6079] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 128.251877][ T6079] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 128.256916][ T6079] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 128.261634][ T6079] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 128.265703][ T6079] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.271101][ T6079] usb 6-1: config 0 descriptor?? [ 128.273756][ T7088] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 128.280821][ T6079] hub 6-1:0.0: USB hub found [ 128.484597][ T6079] hub 6-1:0.0: config failed, can't read hub descriptor (err -22) [ 128.701235][ C0] raw-gadget.0 gadget.1: ignoring, device is not running [ 128.704480][ T6079] usbhid 6-1:0.0: can't add hid device: -71 [ 128.707172][ T6079] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 128.727289][ T6079] usb 6-1: USB disconnect, device number 5 [ 129.155900][ T34] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 129.197399][ T40] kauditd_printk_skb: 278 callbacks suppressed [ 129.197411][ T40] audit: type=1326 audit(1774670188.103:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208294][ T40] audit: type=1326 audit(1774670188.103:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208324][ T40] audit: type=1326 audit(1774670188.103:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208346][ T40] audit: type=1326 audit(1774670188.103:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208367][ T40] audit: type=1326 audit(1774670188.103:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208388][ T40] audit: type=1326 audit(1774670188.103:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208410][ T40] audit: type=1326 audit(1774670188.103:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208431][ T40] audit: type=1326 audit(1774670188.103:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208452][ T40] audit: type=1326 audit(1774670188.103:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.208473][ T40] audit: type=1326 audit(1774670188.103:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7098 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705ef6c code=0x7ffc0000 [ 129.296997][ T34] usb 6-1: device descriptor read/64, error -71 [ 129.482969][ T7103] mkiss: ax0: crc mode is auto. [ 129.545887][ T34] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 129.685904][ T34] usb 6-1: device descriptor read/64, error -71 [ 129.806156][ T34] usb usb6-port1: attempt power cycle [ 130.156102][ T34] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 130.176612][ T34] usb 6-1: device descriptor read/8, error -71 [ 130.254736][ T7111] syzkaller0: entered promiscuous mode [ 130.256603][ T7111] syzkaller0: entered allmulticast mode [ 130.415935][ T34] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 130.436361][ T34] usb 6-1: device descriptor read/8, error -71 [ 130.546123][ T34] usb usb6-port1: unable to enumerate USB device [ 130.835602][ T7113] FAULT_INJECTION: forcing a failure. [ 130.835602][ T7113] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.841990][ T7113] CPU: 1 UID: 0 PID: 7113 Comm: syz.1.318 Not tainted syzkaller #0 PREEMPT(full) [ 130.842014][ T7113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 130.842022][ T7113] Call Trace: [ 130.842027][ T7113] [ 130.842032][ T7113] dump_stack_lvl+0x100/0x190 [ 130.842054][ T7113] should_fail_ex.cold+0x5/0xa [ 130.842069][ T7113] _copy_to_user+0x32/0xd0 [ 130.842085][ T7113] simple_read_from_buffer+0xcb/0x170 [ 130.842107][ T7113] proc_fail_nth_read+0x1af/0x230 [ 130.842123][ T7113] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 130.842138][ T7113] ? rw_verify_area+0xce/0x6d0 [ 130.842154][ T7113] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 130.842169][ T7113] vfs_read+0x1e4/0xb30 [ 130.842181][ T7113] ? __pfx_vfs_read+0x10/0x10 [ 130.842190][ T7113] ? find_held_lock+0x2b/0x80 [ 130.842202][ T7113] ? __fget_files+0x215/0x3d0 [ 130.842216][ T7113] ? __fget_files+0x21f/0x3d0 [ 130.842230][ T7113] ksys_read+0x12a/0x250 [ 130.842241][ T7113] ? __pfx_ksys_read+0x10/0x10 [ 130.842255][ T7113] do_int80_emulation+0x141/0x6b0 [ 130.842269][ T7113] asm_int80_emulation+0x1a/0x20 [ 130.842281][ T7113] RIP: 0023:0xf7135cab [ 130.842290][ T7113] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 130.842301][ T7113] RSP: 002b:00000000f53f64bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 130.842313][ T7113] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f53f65d0 [ 130.842319][ T7113] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000 [ 130.842325][ T7113] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 130.842332][ T7113] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 130.842338][ T7113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 130.842352][ T7113] [ 131.243638][ T7127] (syz.0.323,7127,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 131.246924][ T7127] (syz.0.323,7127,3):ocfs2_fill_super:1177 ERROR: status = -22 [ 131.583663][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.1.321'. [ 131.939048][ T7142] netlink: 'syz.0.328': attribute type 17 has an invalid length. [ 131.989841][ T7143] netlink: 'syz.0.328': attribute type 10 has an invalid length. [ 131.992231][ T7143] netlink: 40 bytes leftover after parsing attributes in process `syz.0.328'. [ 132.040645][ T7144] comedi comedi0: dt2815: I/O port conflict (0x4f27,2) [ 132.518810][ T7142] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.522324][ T7142] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.571961][ T7142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.577947][ T7142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.650319][ T7143] team0: Port device geneve0 added [ 133.287984][ T34] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 133.352150][ T7158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.333'. [ 133.457350][ T34] usb 7-1: config 0 has no interfaces? [ 133.459182][ T34] usb 7-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 133.464934][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.468922][ T34] usb 7-1: config 0 descriptor?? [ 133.674393][ T34] usb 7-1: USB disconnect, device number 3 [ 133.855941][ T6029] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 134.015917][ T6029] usb 8-1: Using ep0 maxpacket: 32 [ 134.020113][ T6029] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 134.027130][ T6029] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 134.031047][ T6029] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 134.033704][ T6029] usb 8-1: Product: syz [ 134.035205][ T6029] usb 8-1: Manufacturer: syz [ 134.036927][ T6029] usb 8-1: SerialNumber: syz [ 134.041039][ T6029] usb 8-1: config 0 descriptor?? [ 134.043858][ T7164] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 134.047902][ T6029] hub 8-1:0.0: bad descriptor, ignoring hub [ 134.049849][ T6029] hub 8-1:0.0: probe with driver hub failed with error -5 [ 134.249133][ T7164] FAULT_INJECTION: forcing a failure. [ 134.249133][ T7164] name failslab, interval 1, probability 0, space 0, times 0 [ 134.254489][ T7164] CPU: 2 UID: 0 PID: 7164 Comm: syz.3.334 Not tainted syzkaller #0 PREEMPT(full) [ 134.254511][ T7164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 134.254521][ T7164] Call Trace: [ 134.254527][ T7164] [ 134.254534][ T7164] dump_stack_lvl+0x100/0x190 [ 134.254565][ T7164] should_fail_ex.cold+0x5/0xa [ 134.254587][ T7164] should_failslab+0xc2/0x120 [ 134.254630][ T7164] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 134.254656][ T7164] ? do_getname+0x35/0x390 [ 134.254677][ T7164] ? find_held_lock+0x2b/0x80 [ 134.254698][ T7164] do_getname+0x35/0x390 [ 134.254723][ T7164] do_sys_openat2+0xc5/0x1e0 [ 134.254747][ T7164] ? __pfx_do_sys_openat2+0x10/0x10 [ 134.254767][ T7164] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 134.254790][ T7164] ? __fget_files+0x21f/0x3d0 [ 134.254813][ T7164] __ia32_compat_sys_openat+0x12d/0x210 [ 134.254838][ T7164] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 134.254863][ T7164] ? ksys_write+0x1ac/0x250 [ 134.254889][ T7164] do_int80_emulation+0x141/0x6b0 [ 134.254912][ T7164] asm_int80_emulation+0x1a/0x20 [ 134.254931][ T7164] RIP: 0023:0xf7195cab [ 134.254946][ T7164] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 134.254964][ T7164] RSP: 002b:00000000f544d03c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 134.254981][ T7164] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f544d100 [ 134.254993][ T7164] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 134.255003][ T7164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 134.255014][ T7164] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 134.255024][ T7164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 134.255045][ T7164] [ 134.376276][ T6079] usb 8-1: USB disconnect, device number 6 [ 134.493353][ T40] kauditd_printk_skb: 285 callbacks suppressed [ 134.493372][ T40] audit: type=1326 audit(1774670193.393:2086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.515980][ T40] audit: type=1326 audit(1774670193.393:2087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.524382][ T40] audit: type=1326 audit(1774670193.403:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.553817][ T40] audit: type=1326 audit(1774670193.403:2089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.574129][ T40] audit: type=1326 audit(1774670193.403:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.585866][ T40] audit: type=1326 audit(1774670193.403:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.603994][ T7175] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 134.605927][ T40] audit: type=1326 audit(1774670193.403:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.628705][ T40] audit: type=1326 audit(1774670193.403:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.645938][ T40] audit: type=1326 audit(1774670193.403:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 134.653248][ T40] audit: type=1326 audit(1774670193.403:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7171 comm="syz.1.337" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 135.281501][ T7191] syzkaller0: entered allmulticast mode [ 135.289454][ T7191] syzkaller0 (unregistering): left allmulticast mode [ 135.541585][ T7199] 8021q: adding VLAN 0 to HW filter on device bond0 [ 135.544757][ T7199] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.557361][ T7199] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 136.218837][ T169] Bluetooth: hci4: Frame reassembly failed (-84) [ 137.536579][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.540812][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.016700][ T7224] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 138.019076][ T7224] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 138.023361][ T7224] vhci_hcd vhci_hcd.0: Device attached [ 138.215940][ T5295] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 138.267862][ T7226] vhci_hcd: connection closed [ 138.271020][ T1225] vhci_hcd vhci_hcd.2: stop threads [ 138.275301][ T1225] vhci_hcd vhci_hcd.2: release socket [ 138.278682][ T1225] vhci_hcd vhci_hcd.2: disconnect device [ 138.315998][ T34] usb 42-1: enqueue for inactive port 0 [ 138.631169][ T7234] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 138.806945][ T34] usb usb42-port1: attempt power cycle [ 139.051075][ T7240] FAULT_INJECTION: forcing a failure. [ 139.051075][ T7240] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.061535][ T7240] CPU: 1 UID: 0 PID: 7240 Comm: syz.0.354 Not tainted syzkaller #0 PREEMPT(full) [ 139.061551][ T7240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.061557][ T7240] Call Trace: [ 139.061561][ T7240] [ 139.061566][ T7240] dump_stack_lvl+0x100/0x190 [ 139.061586][ T7240] should_fail_ex.cold+0x5/0xa [ 139.061600][ T7240] strncpy_from_user+0x3b/0x2d0 [ 139.061616][ T7240] do_getname+0x78/0x390 [ 139.061631][ T7240] user_path_at+0x26/0x60 [ 139.061642][ T7240] __ia32_sys_umount+0x109/0x190 [ 139.061654][ T7240] ? __pfx___ia32_sys_umount+0x10/0x10 [ 139.061670][ T7240] __do_fast_syscall_32+0xe3/0x8c0 [ 139.061683][ T7240] do_fast_syscall_32+0x32/0x70 [ 139.061694][ T7240] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.061709][ T7240] RIP: 0023:0xf7fa7f6c [ 139.061718][ T7240] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 139.061761][ T7240] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000034 [ 139.061772][ T7240] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000000003 [ 139.061778][ T7240] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 139.061784][ T7240] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.061792][ T7240] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 139.061800][ T7240] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.061819][ T7240] [ 139.404346][ T7253] FAULT_INJECTION: forcing a failure. [ 139.404346][ T7253] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.411884][ T34] usb usb42-port1: unable to enumerate USB device [ 139.415194][ T7253] CPU: 3 UID: 0 PID: 7253 Comm: syz.2.359 Not tainted syzkaller #0 PREEMPT(full) [ 139.415209][ T7253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.415216][ T7253] Call Trace: [ 139.415220][ T7253] [ 139.415225][ T7253] dump_stack_lvl+0x100/0x190 [ 139.415244][ T7253] should_fail_ex.cold+0x5/0xa [ 139.415258][ T7253] _copy_to_user+0x32/0xd0 [ 139.415273][ T7253] simple_read_from_buffer+0xcb/0x170 [ 139.415291][ T7253] proc_fail_nth_read+0x1af/0x230 [ 139.415306][ T7253] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 139.415320][ T7253] ? rw_verify_area+0xce/0x6d0 [ 139.415335][ T7253] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 139.415349][ T7253] vfs_read+0x1e4/0xb30 [ 139.415361][ T7253] ? __pfx_vfs_read+0x10/0x10 [ 139.415369][ T7253] ? find_held_lock+0x2b/0x80 [ 139.415380][ T7253] ? __fget_files+0x215/0x3d0 [ 139.415394][ T7253] ? __fget_files+0x21f/0x3d0 [ 139.415408][ T7253] ksys_read+0x12a/0x250 [ 139.415418][ T7253] ? __pfx_ksys_read+0x10/0x10 [ 139.415431][ T7253] do_int80_emulation+0x141/0x6b0 [ 139.415444][ T7253] asm_int80_emulation+0x1a/0x20 [ 139.415456][ T7253] RIP: 0023:0xf7155cab [ 139.415465][ T7253] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 139.415475][ T7253] RSP: 002b:00000000f54164bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 139.415486][ T7253] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f54165d0 [ 139.415493][ T7253] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000 [ 139.415498][ T7253] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.415504][ T7253] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 139.415510][ T7253] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.415523][ T7253] [ 139.516837][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 139.516860][ T40] audit: type=1326 audit(1774670198.423:2132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 139.526790][ T40] audit: type=1326 audit(1774670198.433:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7135cab code=0x7ffc0000 [ 139.538653][ T40] audit: type=1326 audit(1774670198.443:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 139.554624][ T40] audit: type=1326 audit(1774670198.443:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 139.567453][ T40] audit: type=1326 audit(1774670198.453:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 139.579669][ T40] audit: type=1326 audit(1774670198.453:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 139.589847][ T40] audit: type=1326 audit(1774670198.453:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7135cab code=0x7ffc0000 [ 139.599268][ T40] audit: type=1326 audit(1774670198.453:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 139.612300][ T40] audit: type=1326 audit(1774670198.453:2140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 139.622442][ T40] audit: type=1326 audit(1774670198.453:2141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 139.667401][ T7257] random: crng reseeded on system resumption [ 139.679126][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.682367][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.688178][ T7257] FAULT_INJECTION: forcing a failure. [ 139.688178][ T7257] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.692543][ T7257] CPU: 1 UID: 0 PID: 7257 Comm: syz.3.358 Not tainted syzkaller #0 PREEMPT(full) [ 139.692559][ T7257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.692565][ T7257] Call Trace: [ 139.692570][ T7257] [ 139.692575][ T7257] dump_stack_lvl+0x100/0x190 [ 139.692596][ T7257] should_fail_ex.cold+0x5/0xa [ 139.692610][ T7257] _copy_from_user+0x2e/0xd0 [ 139.692625][ T7257] memdup_user+0x6b/0xe0 [ 139.692636][ T7257] strndup_user+0x78/0xe0 [ 139.692647][ T7257] __ia32_sys_mount+0x136/0x310 [ 139.692661][ T7257] ? __pfx___ia32_sys_mount+0x10/0x10 [ 139.692675][ T7257] ? __pfx_ksys_write+0x10/0x10 [ 139.692691][ T7257] __do_fast_syscall_32+0xe3/0x8c0 [ 139.692707][ T7257] do_fast_syscall_32+0x32/0x70 [ 139.692719][ T7257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.692733][ T7257] RIP: 0023:0xf705ef6c [ 139.692743][ T7257] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 139.692754][ T7257] RSP: 002b:00000000f540b50c EFLAGS: 00000292 ORIG_RAX: 0000000000000015 [ 139.692765][ T7257] RAX: ffffffffffffffda RBX: 00000000800001c0 RCX: 0000000080000000 [ 139.692772][ T7257] RDX: 0000000080000200 RSI: 000000000021000d RDI: 0000000000000000 [ 139.692778][ T7257] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.692784][ T7257] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 139.692790][ T7257] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.692803][ T7257] [ 140.148241][ T7263] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 140.423213][ T7271] netlink: 8 bytes leftover after parsing attributes in process `syz.3.364'. [ 140.745946][ T34] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 140.861667][ T7278] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 140.895878][ T34] usb 8-1: Using ep0 maxpacket: 16 [ 140.901392][ T34] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 140.908571][ T34] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 140.912512][ T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.918581][ T34] usb 8-1: Product: syz [ 140.920462][ T34] usb 8-1: Manufacturer: syz [ 140.922495][ T34] usb 8-1: SerialNumber: syz [ 140.928858][ T34] usb 8-1: config 0 descriptor?? [ 140.939983][ T34] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 140.944046][ T34] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 141.545024][ T34] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 141.793592][ T7292] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.460036][ T7292] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.657281][ T7292] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.742495][ T34] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 142.745435][ T34] em28xx 8-1:0.0: board has no eeprom [ 142.826034][ T34] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 142.831672][ T7292] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.834359][ T34] em28xx 8-1:0.0: dvb set to bulk mode. [ 142.840303][ T7216] em28xx 8-1:0.0: Binding DVB extension [ 142.854724][ T34] usb 8-1: USB disconnect, device number 7 [ 142.861193][ T34] em28xx 8-1:0.0: Disconnecting em28xx [ 142.870719][ T7304] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 142.871514][ T7216] em28xx 8-1:0.0: Registering input extension [ 142.873413][ T7304] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 142.876676][ T34] em28xx 8-1:0.0: Closing input extension [ 142.880796][ T7304] vhci_hcd vhci_hcd.0: Device attached [ 142.934128][ T34] em28xx 8-1:0.0: Freeing device [ 142.979779][ T1141] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 142.991221][ T1141] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.012737][ T184] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.016477][ T184] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.126227][ T7216] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 143.132679][ T829] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 143.276173][ T7216] usb 7-1: Using ep0 maxpacket: 32 [ 143.281816][ T7216] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 143.285249][ T7216] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 143.290186][ T7216] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 143.294131][ T7216] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 143.298513][ T7216] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 143.302765][ T7216] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 143.309202][ T7216] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 143.313198][ T7216] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.319518][ T7216] usb 7-1: config 0 descriptor?? [ 143.327403][ T7316] FAULT_INJECTION: forcing a failure. [ 143.327403][ T7316] name failslab, interval 1, probability 0, space 0, times 0 [ 143.336120][ T7316] CPU: 2 UID: 0 PID: 7316 Comm: syz.3.376 Not tainted syzkaller #0 PREEMPT(full) [ 143.336139][ T7316] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.336149][ T7316] Call Trace: [ 143.336154][ T7316] [ 143.336160][ T7316] dump_stack_lvl+0x100/0x190 [ 143.336189][ T7316] should_fail_ex.cold+0x5/0xa [ 143.336209][ T7316] ? tomoyo_encode2+0xfb/0x3c0 [ 143.336227][ T7316] should_failslab+0xc2/0x120 [ 143.336245][ T7316] __kmalloc_noprof+0xe0/0x850 [ 143.336274][ T7316] tomoyo_encode2+0xfb/0x3c0 [ 143.336299][ T7316] tomoyo_encode+0x29/0x50 [ 143.336318][ T7316] tomoyo_realpath_from_path+0x18c/0x690 [ 143.336342][ T7316] tomoyo_path_number_perm+0x23c/0x580 [ 143.336361][ T7316] ? tomoyo_path_number_perm+0x22e/0x580 [ 143.336381][ T7316] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 143.336431][ T7316] ? find_held_lock+0x2b/0x80 [ 143.336449][ T7316] ? hook_file_ioctl_common+0x146/0x410 [ 143.336469][ T7316] ? __fget_files+0x215/0x3d0 [ 143.336489][ T7316] ? __fget_files+0x21f/0x3d0 [ 143.336508][ T7316] security_file_ioctl_compat+0xd3/0x230 [ 143.336527][ T7316] __ia32_compat_sys_ioctl+0xc2/0x360 [ 143.336553][ T7316] __do_fast_syscall_32+0xe3/0x8c0 [ 143.336574][ T7316] do_fast_syscall_32+0x32/0x70 [ 143.336590][ T7316] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 143.336609][ T7316] RIP: 0023:0xf705ef6c [ 143.336620][ T7316] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 143.336635][ T7316] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 143.336651][ T7316] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000000000ae80 [ 143.336661][ T7316] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 143.336670][ T7316] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.336679][ T7316] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 143.336689][ T7316] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.336709][ T7316] [ 143.336762][ T7316] ERROR: Out of memory at tomoyo_realpath_from_path. [ 143.528209][ T7216] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 143.535284][ T7216] usb 7-1: USB disconnect, device number 4 [ 143.540788][ T7216] usblp0: removed [ 143.546509][ T5948] udevd[5948]: setting owner of /dev/usb/lp0 to uid=0, gid=7 failed: No such file or directory [ 143.805612][ T7332] random: crng reseeded on system resumption [ 143.841076][ T7332] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 143.850672][ T7333] netlink: 24 bytes leftover after parsing attributes in process `syz.0.380'. [ 143.853534][ T7333] netlink: 24 bytes leftover after parsing attributes in process `syz.0.380'. [ 144.253886][ T7337] FAULT_INJECTION: forcing a failure. [ 144.253886][ T7337] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.259094][ T7337] CPU: 0 UID: 0 PID: 7337 Comm: syz.3.382 Not tainted syzkaller #0 PREEMPT(full) [ 144.259109][ T7337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.259116][ T7337] Call Trace: [ 144.259120][ T7337] [ 144.259125][ T7337] dump_stack_lvl+0x100/0x190 [ 144.259145][ T7337] should_fail_ex.cold+0x5/0xa [ 144.259158][ T7337] _copy_from_user+0x2e/0xd0 [ 144.259173][ T7337] get_compat_msghdr+0xb3/0x4b0 [ 144.259190][ T7337] ? __pfx_get_compat_msghdr+0x10/0x10 [ 144.259210][ T7337] ___sys_sendmsg+0x1b6/0x1e0 [ 144.259225][ T7337] ? __pfx____sys_sendmsg+0x10/0x10 [ 144.259258][ T7337] __sys_sendmsg+0x170/0x220 [ 144.259282][ T7337] ? __pfx___sys_sendmsg+0x10/0x10 [ 144.259314][ T7337] ? __pfx_ksys_write+0x10/0x10 [ 144.259337][ T7337] __do_fast_syscall_32+0xe3/0x8c0 [ 144.259360][ T7337] do_fast_syscall_32+0x32/0x70 [ 144.259379][ T7337] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 144.259401][ T7337] RIP: 0023:0xf705ef6c [ 144.259416][ T7337] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 144.259433][ T7337] RSP: 002b:00000000f544d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 144.259449][ T7337] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 144.259461][ T7337] RDX: 0000000030040805 RSI: 0000000000000000 RDI: 0000000000000000 [ 144.259471][ T7337] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 144.259480][ T7337] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 144.259491][ T7337] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 144.259514][ T7337] [ 145.882700][ T7308] vhci_hcd: connection reset by peer [ 145.886757][ T13] vhci_hcd vhci_hcd.2: stop threads [ 145.888611][ T13] vhci_hcd vhci_hcd.2: release socket [ 145.890850][ T13] vhci_hcd vhci_hcd.2: disconnect device [ 146.060197][ T40] kauditd_printk_skb: 836 callbacks suppressed [ 146.060210][ T40] audit: type=1326 audit(1774670204.963:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.080336][ T40] audit: type=1326 audit(1774670204.973:2979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.080408][ T40] audit: type=1326 audit(1774670204.973:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.080647][ T40] audit: type=1326 audit(1774670204.973:2980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.080670][ T40] audit: type=1326 audit(1774670204.973:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.080801][ T40] audit: type=1326 audit(1774670204.973:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.089401][ T40] audit: type=1326 audit(1774670204.973:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.089454][ T40] audit: type=1326 audit(1774670204.973:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.089583][ T40] audit: type=1326 audit(1774670204.973:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.089715][ T40] audit: type=1326 audit(1774670204.973:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7352 comm="syz.2.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55f6c code=0x7ffc0000 [ 146.647427][ T5295] Bluetooth: hci0: unexpected event for opcode 0x0000 [ 146.842496][ T7367] netlink: 4 bytes leftover after parsing attributes in process `syz.0.390'. [ 146.909542][ T7373] pvfs2: Unknown parameter '/dev/iommu' [ 146.996888][ T7376] netlink: 36 bytes leftover after parsing attributes in process `syz.2.392'. [ 147.446008][ T6029] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 147.635199][ T6029] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 147.642063][ T6029] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 147.694870][ T6029] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 147.737346][ T6029] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 147.741319][ T6029] usb 7-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 147.748770][ T6029] usb 7-1: Product: syz [ 147.751842][ T6029] usb 7-1: SerialNumber: syz [ 147.764587][ T6029] cdc_ncm 7-1:1.0: CDC Union missing and no IAD found [ 147.768139][ T6029] cdc_ncm 7-1:1.0: bind() failure [ 147.801819][ T7390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.396'. [ 147.966015][ T34] usb 7-1: USB disconnect, device number 5 [ 148.406201][ T829] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 149.339337][ T7417] (syz.1.403,7417,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 149.351259][ T7417] (syz.1.403,7417,3):ocfs2_fill_super:1177 ERROR: status = -22 [ 150.409929][ T7430] pvfs2: Unknown parameter '/dev/iommu' [ 150.666705][ T829] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 150.708491][ T5295] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 150.714648][ T5295] Bluetooth: hci0: Injecting HCI hardware error event [ 150.719704][ T5295] Bluetooth: hci0: hardware error 0x00 [ 150.845885][ T829] usb 5-1: Using ep0 maxpacket: 32 [ 150.861499][ T829] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 150.914967][ T829] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 150.941275][ T829] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.956913][ T829] usb 5-1: Product: syz [ 150.962533][ T829] usb 5-1: Manufacturer: syz [ 150.969272][ T829] usb 5-1: SerialNumber: syz [ 151.055931][ T829] usb 5-1: config 0 descriptor?? [ 151.067812][ T7428] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 151.124984][ T829] hub 5-1:0.0: bad descriptor, ignoring hub [ 151.127748][ T829] hub 5-1:0.0: probe with driver hub failed with error -5 [ 151.350588][ T829] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input9 [ 151.432281][ T29] usb 5-1: USB disconnect, device number 6 [ 151.432372][ C3] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 151.865905][ T29] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 151.875569][ T7451] syzkaller0: entered promiscuous mode [ 151.909936][ T7451] syzkaller0: entered allmulticast mode [ 152.031189][ T29] usb 5-1: config 0 has no interfaces? [ 152.033822][ T29] usb 5-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 152.046109][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.056544][ T29] usb 5-1: config 0 descriptor?? [ 152.267458][ T829] usb 5-1: USB disconnect, device number 7 [ 152.777607][ T5295] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 152.874592][ T7460] netlink: 'syz.2.414': attribute type 9 has an invalid length. [ 152.877443][ T7460] netlink: 32 bytes leftover after parsing attributes in process `syz.2.414'. [ 152.918359][ T7469] FAULT_INJECTION: forcing a failure. [ 152.918359][ T7469] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 152.922873][ T7469] CPU: 2 UID: 0 PID: 7469 Comm: syz.0.417 Not tainted syzkaller #0 PREEMPT(full) [ 152.922888][ T7469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 152.922895][ T7469] Call Trace: [ 152.922899][ T7469] [ 152.922903][ T7469] dump_stack_lvl+0x100/0x190 [ 152.922923][ T7469] should_fail_ex.cold+0x5/0xa [ 152.922937][ T7469] _copy_from_user+0x2e/0xd0 [ 152.922952][ T7469] get_compat_msghdr+0xb3/0x4b0 [ 152.922968][ T7469] ? __pfx_get_compat_msghdr+0x10/0x10 [ 152.922989][ T7469] ___sys_sendmsg+0x1b6/0x1e0 [ 152.923015][ T7469] ? __pfx____sys_sendmsg+0x10/0x10 [ 152.923045][ T7469] __sys_sendmsg+0x170/0x220 [ 152.923062][ T7469] ? __pfx___sys_sendmsg+0x10/0x10 [ 152.923083][ T7469] ? __pfx_ksys_write+0x10/0x10 [ 152.923097][ T7469] __do_fast_syscall_32+0xe3/0x8c0 [ 152.923110][ T7469] do_fast_syscall_32+0x32/0x70 [ 152.923121][ T7469] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 152.923135][ T7469] RIP: 0023:0xf7fa7f6c [ 152.923144][ T7469] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 152.923154][ T7469] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 152.923164][ T7469] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 152.923171][ T7469] RDX: 0000000004000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 152.923177][ T7469] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 152.923183][ T7469] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 152.923189][ T7469] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 152.923202][ T7469] [ 153.363307][ T7474] blk_print_req_error: 138 callbacks suppressed [ 153.363320][ T7474] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.368820][ T7474] buffer_io_error: 138 callbacks suppressed [ 153.368831][ T7474] Buffer I/O error on dev nbd0, logical block 0, async page read [ 153.373372][ T7474] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.376476][ T7474] Buffer I/O error on dev nbd0, logical block 1, async page read [ 153.378983][ T7474] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.381929][ T7474] Buffer I/O error on dev nbd0, logical block 2, async page read [ 153.384366][ T7474] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.387458][ T7474] Buffer I/O error on dev nbd0, logical block 3, async page read [ 153.389911][ T7474] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.393492][ T7474] Buffer I/O error on dev nbd0, logical block 0, async page read [ 153.395989][ T7474] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.398962][ T7474] Buffer I/O error on dev nbd0, logical block 1, async page read [ 153.401270][ T7474] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.404360][ T7474] Buffer I/O error on dev nbd0, logical block 2, async page read [ 153.406977][ T7474] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.410001][ T7474] Buffer I/O error on dev nbd0, logical block 3, async page read [ 153.412479][ T7474] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.415432][ T7474] Buffer I/O error on dev nbd0, logical block 0, async page read [ 153.418033][ T7474] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 1 [ 153.421134][ T7474] Buffer I/O error on dev nbd0, logical block 1, async page read [ 153.424334][ T7474] ldm_validate_partition_table(): Disk read failed. [ 153.426844][ T7474] Dev nbd0: unable to read RDB block 0 [ 153.428927][ T7474] nbd0: unable to read partition table [ 154.195932][ T10] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 154.345969][ T10] usb 6-1: Using ep0 maxpacket: 8 [ 154.349559][ T10] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 154.352442][ T10] usb 6-1: config 0 has no interface number 0 [ 154.354463][ T10] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 154.358377][ T10] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 50335, setting to 1024 [ 154.362242][ T10] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 154.365459][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.370331][ T10] usb 6-1: config 0 descriptor?? [ 154.372659][ T7489] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 154.389016][ T10] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 154.640069][ T10] usb 6-1: USB disconnect, device number 10 [ 155.214850][ T7501] syzkaller0: entered promiscuous mode [ 155.217135][ T7501] syzkaller0: entered allmulticast mode [ 157.447037][ T7529] (syz.1.433,7529,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 157.449701][ T7529] (syz.1.433,7529,3):ocfs2_fill_super:1177 ERROR: status = -22 [ 157.551982][ T7531] netlink: 8 bytes leftover after parsing attributes in process `syz.2.434'. [ 159.144500][ T7542] FAULT_INJECTION: forcing a failure. [ 159.144500][ T7542] name failslab, interval 1, probability 0, space 0, times 0 [ 159.149059][ T7542] CPU: 3 UID: 0 PID: 7542 Comm: syz.0.437 Not tainted syzkaller #0 PREEMPT(full) [ 159.149082][ T7542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 159.149091][ T7542] Call Trace: [ 159.149095][ T7542] [ 159.149100][ T7542] dump_stack_lvl+0x100/0x190 [ 159.149120][ T7542] should_fail_ex.cold+0x5/0xa [ 159.149134][ T7542] ? tomoyo_encode2+0xfb/0x3c0 [ 159.149148][ T7542] should_failslab+0xc2/0x120 [ 159.149161][ T7542] __kmalloc_noprof+0xe0/0x850 [ 159.149180][ T7542] tomoyo_encode2+0xfb/0x3c0 [ 159.149197][ T7542] tomoyo_encode+0x29/0x50 [ 159.149211][ T7542] tomoyo_realpath_from_path+0x18c/0x690 [ 159.149229][ T7542] tomoyo_path_number_perm+0x23c/0x580 [ 159.149242][ T7542] ? tomoyo_path_number_perm+0x22e/0x580 [ 159.149255][ T7542] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 159.149281][ T7542] ? find_held_lock+0x2b/0x80 [ 159.149292][ T7542] ? hook_file_ioctl_common+0x146/0x410 [ 159.149305][ T7542] ? __fget_files+0x215/0x3d0 [ 159.149318][ T7542] ? __fget_files+0x21f/0x3d0 [ 159.149330][ T7542] security_file_ioctl_compat+0xd3/0x230 [ 159.149345][ T7542] __ia32_compat_sys_ioctl+0xc2/0x360 [ 159.149363][ T7542] __do_fast_syscall_32+0xe3/0x8c0 [ 159.149376][ T7542] do_fast_syscall_32+0x32/0x70 [ 159.149388][ T7542] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 159.149402][ T7542] RIP: 0023:0xf7fa7f6c [ 159.149411][ T7542] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 159.149421][ T7542] RSP: 002b:00000000f546650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 159.149431][ T7542] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000c048aeca [ 159.149438][ T7542] RDX: 0000000080000580 RSI: 0000000000000000 RDI: 0000000000000000 [ 159.149444][ T7542] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 159.149450][ T7542] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 159.149455][ T7542] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 159.149469][ T7542] [ 159.149480][ T7542] ERROR: Out of memory at tomoyo_realpath_from_path. [ 159.238058][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.241496][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.256313][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.259494][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.262631][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.265610][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.270170][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.273060][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.276253][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.279431][ T7542] netlink: 11 bytes leftover after parsing attributes in process `syz.0.437'. [ 159.565274][ T7558] pvfs2: Unknown parameter '/dev/iommu' [ 159.679571][ T7563] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 159.831355][ T40] kauditd_printk_skb: 589 callbacks suppressed [ 159.831366][ T40] audit: type=1326 audit(1774670218.713:3577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.846119][ T40] audit: type=1326 audit(1774670218.733:3578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.856247][ T40] audit: type=1326 audit(1774670218.763:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.863321][ T40] audit: type=1326 audit(1774670218.763:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.873448][ T40] audit: type=1326 audit(1774670218.773:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.887970][ T40] audit: type=1326 audit(1774670218.773:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.899059][ T40] audit: type=1326 audit(1774670218.773:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.899086][ T40] audit: type=1326 audit(1774670218.773:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.899110][ T40] audit: type=1326 audit(1774670218.793:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 159.899133][ T40] audit: type=1326 audit(1774670218.793:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7560 comm="syz.1.444" exe="/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf7f35f6c code=0x7ffc0000 [ 161.689240][ T7600] pvfs2: Unknown parameter '/dev/iommu' [ 161.987720][ T7602] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 162.856072][ T7617] blk_print_req_error: 54 callbacks suppressed [ 162.856108][ T7617] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 162.862008][ T7617] buffer_io_error: 54 callbacks suppressed [ 162.862019][ T7617] Buffer I/O error on dev nbd0, logical block 0, async page read [ 162.866808][ T7617] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 162.870103][ T7617] Buffer I/O error on dev nbd0, logical block 1, async page read [ 162.874821][ T7617] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 162.878442][ T7617] Buffer I/O error on dev nbd0, logical block 2, async page read [ 162.881555][ T7617] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 162.902709][ T7617] Buffer I/O error on dev nbd0, logical block 3, async page read [ 162.905860][ T7617] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 162.909073][ T7617] Buffer I/O error on dev nbd0, logical block 0, async page read [ 162.947279][ T7617] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 162.950468][ T7617] Buffer I/O error on dev nbd0, logical block 1, async page read [ 162.957455][ T7617] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 162.960636][ T7617] Buffer I/O error on dev nbd0, logical block 2, async page read [ 163.009594][ T7617] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 163.012747][ T7617] Buffer I/O error on dev nbd0, logical block 3, async page read [ 163.015291][ T7617] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 163.018502][ T7617] Buffer I/O error on dev nbd0, logical block 0, async page read [ 163.025979][ T7617] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 163.029052][ T7617] Buffer I/O error on dev nbd0, logical block 1, async page read [ 163.031873][ T7617] ldm_validate_partition_table(): Disk read failed. [ 163.034158][ T7617] Dev nbd0: unable to read RDB block 0 [ 163.053195][ T7617] nbd0: unable to read partition table [ 164.499003][ T7629] fuse: Unknown parameter '@\&AՏ]N [ 164.499003][ T7629] aOͱEmѽR l;@f8y3k"T`3%+X''+Rر6̐VPM0x0000000000000003' [ 166.217746][ T7651] __nla_validate_parse: 135 callbacks suppressed [ 166.217762][ T7651] netlink: 40 bytes leftover after parsing attributes in process `syz.2.467'. [ 166.227974][ T7651] FAULT_INJECTION: forcing a failure. [ 166.227974][ T7651] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 166.233832][ T7651] CPU: 2 UID: 0 PID: 7651 Comm: syz.2.467 Not tainted syzkaller #0 PREEMPT(full) [ 166.233855][ T7651] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 166.233864][ T7651] Call Trace: [ 166.233870][ T7651] [ 166.233876][ T7651] dump_stack_lvl+0x100/0x190 [ 166.233914][ T7651] should_fail_ex.cold+0x5/0xa [ 166.233933][ T7651] _copy_from_user+0x2e/0xd0 [ 166.233954][ T7651] kstrtouint_from_user+0xd6/0x1d0 [ 166.233977][ T7651] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 166.233998][ T7651] ? __lock_acquire+0x4a5/0x2630 [ 166.234020][ T7651] ? lock_acquire+0x1cf/0x380 [ 166.234044][ T7651] proc_fail_nth_write+0x83/0x220 [ 166.234063][ T7651] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 166.234088][ T7651] vfs_write+0x2aa/0x1070 [ 166.234104][ T7651] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 166.234125][ T7651] ? __pfx_vfs_write+0x10/0x10 [ 166.234138][ T7651] ? find_held_lock+0x2b/0x80 [ 166.234153][ T7651] ? __fget_files+0x215/0x3d0 [ 166.234173][ T7651] ? __fget_files+0x21f/0x3d0 [ 166.234194][ T7651] ksys_write+0x12a/0x250 [ 166.234209][ T7651] ? __pfx_ksys_write+0x10/0x10 [ 166.234230][ T7651] do_int80_emulation+0x141/0x6b0 [ 166.234250][ T7651] asm_int80_emulation+0x1a/0x20 [ 166.234266][ T7651] RIP: 0023:0xf7155cab [ 166.234280][ T7651] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 166.234294][ T7651] RSP: 002b:00000000f54164bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 166.234310][ T7651] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54165d0 [ 166.234320][ T7651] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 166.234329][ T7651] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 166.234337][ T7651] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 166.234346][ T7651] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 166.234367][ T7651] [ 166.326105][ T7653] FAULT_INJECTION: forcing a failure. [ 166.326105][ T7653] name failslab, interval 1, probability 0, space 0, times 0 [ 166.330663][ T7653] CPU: 0 UID: 0 PID: 7653 Comm: syz.2.468 Not tainted syzkaller #0 PREEMPT(full) [ 166.330679][ T7653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 166.330686][ T7653] Call Trace: [ 166.330691][ T7653] [ 166.330696][ T7653] dump_stack_lvl+0x100/0x190 [ 166.330716][ T7653] should_fail_ex.cold+0x5/0xa [ 166.330729][ T7653] ? tomoyo_encode2+0xfb/0x3c0 [ 166.330743][ T7653] should_failslab+0xc2/0x120 [ 166.330756][ T7653] __kmalloc_noprof+0xe0/0x850 [ 166.330772][ T7653] ? rcu_is_watching+0x12/0xc0 [ 166.330792][ T7653] tomoyo_encode2+0xfb/0x3c0 [ 166.330808][ T7653] tomoyo_encode+0x29/0x50 [ 166.330822][ T7653] tomoyo_realpath_from_path+0x18c/0x690 [ 166.330841][ T7653] tomoyo_path_number_perm+0x23c/0x580 [ 166.330854][ T7653] ? tomoyo_path_number_perm+0x22e/0x580 [ 166.330867][ T7653] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 166.330899][ T7653] ? from_kgid+0x8f/0xd0 [ 166.330910][ T7653] ? __pfx_from_kgid+0x10/0x10 [ 166.330924][ T7653] tomoyo_path_chown+0x14b/0x1b0 [ 166.330941][ T7653] ? __pfx_tomoyo_path_chown+0x10/0x10 [ 166.330958][ T7653] ? from_vfsuid+0xea/0x140 [ 166.330973][ T7653] ? __pfx_from_vfsuid+0x10/0x10 [ 166.330990][ T7653] security_path_chown+0x12a/0x2d0 [ 166.331004][ T7653] chown_common+0x3da/0x6e0 [ 166.331020][ T7653] ? __pfx_chown_common+0x10/0x10 [ 166.331034][ T7653] ? mnt_get_write_access+0x52/0x2f0 [ 166.331052][ T7653] ? mnt_get_write_access+0x1e9/0x2f0 [ 166.331069][ T7653] do_fchownat+0x18e/0x1f0 [ 166.331083][ T7653] ? __pfx_do_fchownat+0x10/0x10 [ 166.331097][ T7653] ? ksys_write+0x1ac/0x250 [ 166.331110][ T7653] __ia32_sys_chown16+0xe3/0x110 [ 166.331123][ T7653] __do_fast_syscall_32+0xe3/0x8c0 [ 166.331137][ T7653] do_fast_syscall_32+0x32/0x70 [ 166.331148][ T7653] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 166.331162][ T7653] RIP: 0023:0xf7f55f6c [ 166.331172][ T7653] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 166.331182][ T7653] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 00000000000000b6 [ 166.331193][ T7653] RAX: ffffffffffffffda RBX: 00000000800003c0 RCX: 0000000000000000 [ 166.331199][ T7653] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 0000000000000000 [ 166.331205][ T7653] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 166.331211][ T7653] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 166.331217][ T7653] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 166.331230][ T7653] [ 166.331246][ T7653] ERROR: Out of memory at tomoyo_realpath_from_path. [ 166.528527][ T7643] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 166.691301][ T7661] (syz.3.470,7661,0):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 166.693980][ T7661] (syz.3.470,7661,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 167.820861][ T7674] FAULT_INJECTION: forcing a failure. [ 167.820861][ T7674] name failslab, interval 1, probability 0, space 0, times 0 [ 167.828080][ T7674] CPU: 3 UID: 0 PID: 7674 Comm: syz.1.474 Not tainted syzkaller #0 PREEMPT(full) [ 167.828105][ T7674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 167.828115][ T7674] Call Trace: [ 167.828121][ T7674] [ 167.828129][ T7674] dump_stack_lvl+0x100/0x190 [ 167.828161][ T7674] should_fail_ex.cold+0x5/0xa [ 167.828185][ T7674] should_failslab+0xc2/0x120 [ 167.828205][ T7674] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 167.828234][ T7674] ? __alloc_skb+0x140/0x710 [ 167.828265][ T7674] __alloc_skb+0x140/0x710 [ 167.828288][ T7674] ? __alloc_skb+0x5b7/0x710 [ 167.828312][ T7674] ? __pfx___alloc_skb+0x10/0x10 [ 167.828361][ T7674] hci_sock_sendmsg+0x1b01/0x2620 [ 167.828394][ T7674] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 167.828421][ T7674] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 167.828444][ T7674] sock_write_iter+0x524/0x5a0 [ 167.828464][ T7674] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 167.828490][ T7674] ? __pfx_sock_write_iter+0x10/0x10 [ 167.828509][ T7674] ? get_pid_task+0xfc/0x250 [ 167.828540][ T7674] ? bpf_lsm_file_permission+0x9/0x10 [ 167.828558][ T7674] ? security_file_permission+0x76/0x210 [ 167.828582][ T7674] ? rw_verify_area+0xce/0x6d0 [ 167.828611][ T7674] vfs_write+0x6ac/0x1070 [ 167.828630][ T7674] ? __pfx_sock_write_iter+0x10/0x10 [ 167.828652][ T7674] ? __pfx_vfs_write+0x10/0x10 [ 167.828674][ T7674] ? find_held_lock+0x2b/0x80 [ 167.828709][ T7674] ksys_write+0x1f8/0x250 [ 167.828727][ T7674] ? __pfx_ksys_write+0x10/0x10 [ 167.828795][ T7674] ? __pfx_ksys_write+0x10/0x10 [ 167.828823][ T7674] __do_fast_syscall_32+0xe3/0x8c0 [ 167.828846][ T7674] do_fast_syscall_32+0x32/0x70 [ 167.828869][ T7674] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 167.828891][ T7674] RIP: 0023:0xf7f35f6c [ 167.828906][ T7674] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 167.828923][ T7674] RSP: 002b:00000000f53f650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 167.828940][ T7674] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000 [ 167.828952][ T7674] RDX: 000000000000000d RSI: 0000000000000000 RDI: 0000000000000000 [ 167.828961][ T7674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 167.828971][ T7674] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 167.828981][ T7674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 167.829009][ T7674] [ 167.895924][ T39] usb 8-1: new high-speed USB device number 8 using dummy_hcd qemu-system-x86_64: hw/ide/core.c:934: ide_dma_cb: Assertion `prep_size >= 0 && prep_size <= n * 512' failed. Read from remote host localhost: Connection reset by peer client_loop: send disconnect: Broken pipe