last executing test programs: 4.784688929s ago: executing program 3 (id=1053): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x0, 0x100}}) setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f00000000c0), 0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) mkdir(&(0x7f0000000080)='./bus\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000440)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000001c0)='./bus\x00') mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x2000, 0x103) sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000002340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x40, 0x1, 0x4, 0x801, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x2}, @NFULA_CFG_TIMEOUT={0x8}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_FLAGS={0x6}, @NFULA_CFG_MODE={0xa, 0x2, {0xd7, 0x2}}]}, 0x40}}, 0x1080) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000480)={{0x3, 0x0, 0x400, 0x2, '\x00', 0x7}, 0x5, 0x4, 0x5, 0xffffffffffffffff, 0x4, 0x7, 'syz0\x00', &(0x7f0000000300)=['sched_switch\x00', 'GPL\x00', 'GPL\x00', '-,,:{\x00'], 0x1b}) mkdirat(0xffffffffffffffff, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r4, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10) syz_usb_control_io$hid(r6, 0x0, 0x0) syz_usb_control_io$hid(r6, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f00000001640605007948b30577f5d20addbc"], 0x0}, 0x0) r8 = syz_open_dev$hiddev(&(0x7f0000000d40), 0x0, 0x0) ioctl$HIDIOCGUSAGE(r8, 0xc018480b, 0x0) ioctl$HIDIOCGUSAGE(r8, 0x8004480e, 0x0) close_range(r5, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) 3.965769356s ago: executing program 2 (id=1058): memfd_secret(0x0) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x5}, 0x2) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r1, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0xfffffff9]}, 0x45c) ioctl$UI_SET_PROPBIT(r1, 0x5501, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) pipe(&(0x7f0000000040)) open(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) setpriority(0x1, r3, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4a, 0x0, 0x0) modify_ldt$read(0x0, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000540)={0x1, &(0x7f0000000500)=[{0x4, 0x0, 0x0, 0x7fffffff}]}) syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) 2.363356893s ago: executing program 2 (id=1059): r0 = syz_open_dev$ndb(0x0, 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) connect$pppoe(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x0, {0x2, @multicast, 'ip6gre0\x00'}}, 0x1e) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740), 0x0, &(0x7f0000000c00)=ANY=[@ANYRESOCT=r0]) r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) r3 = socket$kcm(0x10, 0x2, 0x0) socket(0xa, 0x3, 0x3a) r4 = socket$qrtr(0x2a, 0x2, 0x0) syz_io_uring_setup(0x400233, &(0x7f0000000080)={0x0, 0x0, 0x10, 0x14, 0x44}, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) r7 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, 0x0, 0x0) setsockopt$TIPC_CONN_TIMEOUT(r7, 0x10f, 0x82, &(0x7f0000000100), 0x4) sendmsg$tipc(r7, &(0x7f0000001680)={&(0x7f0000000000)=@id, 0x10, 0x0}, 0x0) r8 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETGAMMA(r8, 0xc02064d0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) connect$tipc(r7, &(0x7f0000000140)=@id, 0x10) syz_io_uring_submit(r5, r6, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x8ef8c9106625f8a9}) io_uring_enter(r1, 0x207a98, 0x0, 0x0, 0x0, 0x3f) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000c80)={'wpan4\x00'}) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x43, 0x0, 0xff69) setsockopt(r4, 0x3, 0x4, &(0x7f0000000b00)="f6c3c359a5e0391e91ae99adbe6d17de580bd088cbf1b7a0df221ef614ab6239281b1a93941d3e28aee1e0155fa554d728340c57b9a902db52c6c0330a24766ed03bd424ce1e06d8f56d1d502209251a17cfd65c740d8a8504bf461f8bec20ca352ea1f1fa2b07dfd564ab1a05d4ab3f089e678c0a9aae13acfadaa5ad378002ea5e20e5e4fa340254b6fa9d85bffb766cf794d15f5a904c77411586b7ed27e7e766a2ccaf2e7bc4d54732d3a25e6cce8b576e438cbd6875918c03dc524964e35153225ce1b9c6779cc985999c6ba5c2a64698cb1bce7769ade94e4825166f9488143d3c1b3b42cdc8407e93a76c3396e97659f541b8bc4a1a2ea7", 0xfb) r10 = socket$kcm(0x10, 0x0, 0x0) r11 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$CDROMREADMODE2(r11, 0x530c, &(0x7f0000000040)={0x0, 0xad}) sendmsg$kcm(r10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)=[{0x0}], 0x1}, 0x75) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) 2.071975661s ago: executing program 2 (id=1060): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x68000080) r2 = syz_usb_connect(0x3, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r2, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000000201030000000000000000000200000030000180"], 0x44}}, 0x0) r4 = socket$key(0xf, 0x3, 0x2) r5 = dup(r4) sendmsg$AUDIT_SET(r5, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20040051}, 0x4) bpf$ENABLE_STATS(0x20, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000bc0)={0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="000b230032a7469fda12473b05a699199a27b8b333a53f143fe0b901ffe8541f070000000000000000"], &(0x7f0000000b80)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r6 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000000), 0x4) bind$inet6(r6, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r7 = socket$inet6(0xa, 0x5, 0x0) listen(r7, 0x2) listen(r6, 0x80) r8 = socket$inet(0x2, 0x80001, 0x84) setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4) bind$inet(r8, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10) listen(r8, 0x3a5) r9 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r9, 0x89f1, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0xfffffffc, 0xcc, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x67, 0x0, 0x0, 0x0, 0x0, @loopback, @loopback}}}}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x20000000ec071, 0xffffffffffffffff, 0x6000) r10 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_CONG_MONITOR(r10, 0x114, 0x6, &(0x7f0000000100), 0x4) 1.774606299s ago: executing program 0 (id=1062): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0xffffff1f00000000) 1.770989575s ago: executing program 0 (id=1063): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x85, &(0x7f0000000200)={0x0, @in={{0x2, 0x0, @empty}}}, 0x90) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000009000000000000000000000000000000180001801400018008000100ac1414bb08000200ac0314bb18000280140001"], 0x44}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x7, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40900000000000000000004000095007400000000000000009686502f000000"], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x90) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) socket(0x28, 0x800, 0x0) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x50, 0x0, 0x0, 0x3}, {0x28, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40001, 0x0) ioctl$TIOCVHANGUP(r1, 0x5437, 0x0) io_setup(0x22, &(0x7f0000000600)) syz_emit_ethernet(0x8d, &(0x7f0000000480)={@random="591a1d9a2bdb", @link_local={0x1, 0x80, 0xc2, 0x25, 0x0, 0x3}, @void, {@ipv4={0x800, @dccp={{0x9, 0x4, 0x2, 0x1, 0x7f, 0x68, 0x0, 0x40, 0x21, 0x0, @local, @broadcast, {[@end, @lsrr={0x83, 0xf, 0xea, [@multicast1, @multicast1, @empty]}]}}, {{0x4e21, 0x4e24, 0x4, 0x1, 0x7, 0x0, 0x0, 0x0, 0x7, "226ba6", 0x5, '{-N'}, "c2043d1b39e38b9239f5d9a04e58aa0de8a6ef540aa185cd9e6653d60d0ddff70952b07107da83e2437388bf671b972427330245eb8b822dbfcb11db79563776fed5f8e16adecbe8e61f1c"}}}}}, 0x0) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9f2d010018000000000000000c000000000000000000000d00"/38], 0x0, 0x26}, 0x20) syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/4\x00') socket$netlink(0x10, 0x3, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0) sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="d824000028000100020000080000000002"], 0x24d8}], 0x1}, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x6, &(0x7f0000000400)=[{0x6, 0x6, 0x6, 0x1ff}, {0x7, 0x9, 0x7, 0x7}, {0x1, 0x9, 0x8, 0x5}, {0x101, 0xff, 0x8}, {0x800, 0xa, 0x7, 0x40}, {0x1000, 0xa, 0x7, 0x9}]}) r4 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r4, 0x29, 0xc8, 0x0, 0xc000000) setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}}, 0x5c) close_range(r3, 0xffffffffffffffff, 0x0) 1.677352708s ago: executing program 3 (id=1064): r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x501, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000003c0)={'ip6tnl0\x00', 0x0}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@map, 0xffffffffffffffff, 0x11, 0x0, 0xffffffffffffffff, @prog_id}, 0x20) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000000)={'ip6tnl0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @empty}}) syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) sendmsg$xdp(r3, 0x0, 0x801) r4 = getpid() r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r5}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000003f000000000000000000"], &(0x7f0000000140)='GPL\x00'}, 0x90) r7 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/wireless\x00') preadv(r7, &(0x7f0000000100)=[{&(0x7f0000000280)=""/254, 0xfe}], 0x1, 0x1fc, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r8 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r8, &(0x7f00000000c0)={0xe000001a}) ioctl$SNDCTL_DSP_STEREO(r8, 0xc0045003, &(0x7f00000002c0)) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x228, 0xb8, 0x0, 0x148, 0x0, 0x148, 0x1c0, 0x240, 0x240, 0x1c0, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3, 'syz1\x00'}}}, {{@uncond, 0x0, 0x94, 0xdc, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT0={0x48}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x284) ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800}) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='\b', 0x8}], 0x1) preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/223, 0xdf}], 0x1, 0xfffff62d, 0x0) 1.404317965s ago: executing program 1 (id=1066): socket$can_j1939(0x1d, 0x2, 0x7) socket$inet6_sctp(0xa, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/92, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000003380)) r1 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=""/4091}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 1.403808257s ago: executing program 0 (id=1067): getgid() ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r0 = signalfd(0xffffffffffffffff, 0x0, 0x0) close(0x4) socket$inet_icmp(0x2, 0x2, 0x1) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000001140)={0x2, 0x0, @local}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCGPGRP(r1, 0x540f, 0x0) mlockall(0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="021380ee02"], 0x10}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0xffffffffa0018000, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300090c00000000420b00000000000200130002000000000000000000001f0300060000000051020049e4f0000001c99a000000000000020001000020001000000002000000000300"], 0x60}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmmsg(r2, &(0x7f0000000180), 0x32bc45944b084a6, 0x0) kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0xa, &(0x7f0000000040)=0x2, 0x4) r4 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_NODELAY(r4, 0x84, 0x4, 0x0, &(0x7f0000001400)) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000040)={@multicast1=0xe0000300, @broadcast}, 0x8) close(0xffffffffffffffff) semctl$SEM_STAT_ANY(0x0, 0x0, 0x14, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x1e, &(0x7f0000000080)=0x6, 0x4) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000ffd000/0x1000)=nil) 1.40356331s ago: executing program 1 (id=1068): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x10b841, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') io_submit(0x0, 0x0, &(0x7f0000000140)) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1c, 0x8, &(0x7f0000000580)=ANY=[@ANYRES8=r1], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x20880, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'}) close(0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff}) r4 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0x0) pselect6(0x40, &(0x7f0000000500), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0) io_getevents(0x0, 0x101, 0x0, &(0x7f0000000640), 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) r5 = socket$inet6(0xa, 0x802, 0x0) sendmmsg(r5, &(0x7f0000002cc0), 0x1a3, 0x0) creat(0x0, 0x0) r6 = open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x0) open_tree(r4, &(0x7f0000000440)='./file0\x00', 0x0) fcntl$setlease(r6, 0x400, 0x0) pwritev2(r3, &(0x7f0000000480)=[{&(0x7f0000000200)="00db4cf39c", 0x5}, {&(0x7f00000005c0)="ded8eb0498ab7a4762a4b5e9d3cd7ee9a9d025d0a40fcc9a9c4af37e88d32c8f1f25911f3879abb372b4a78a3e378b9f6d1812d96450086959f9ece6c9094263273b478b3ec5ca501638d46c979af3fb09a61ef2d880dcf3be6fdccd40ff8334e2afa60711d92db7ad05b97da818f93acf9882584459a02c96e8e43a58d324eb", 0x80}], 0x2, 0xffff0001, 0x4, 0x10) fcntl$getflags(r6, 0x401) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="280000000203010100000000000000280005400000002209c2434b0bfffff901000000"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4008891) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x34}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r7}, 0x10) openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 1.33409194s ago: executing program 0 (id=1069): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000001300)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)='\"', 0x1}], 0x1, &(0x7f0000000780)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x6}, @iv={0x110, 0x117, 0x2, 0xf5, "6fee5bd5a7cf3656757b48657b94379799fe38da7a4a21ba8dfbc7327ea70ee7d2b7df1cd13fe9c5de8b4ad1b6e9a68ac3b373431c726335b81cde931a8fc436af8810b68938f3898f4f6b51192a8fc2cda16e11835ed52cbc4e9b46f50b776d977c7ae16932d6f87f1c78f29ea96789bd6a72375c9dec1b36dd8508a1cd8323ef9c15fcd2d8c62d8d0803daefcc48c137b73a32b825bef987f29e8500209f82102543f67a19ea74f446807b8b40617bf81d0bb4d74e9e0c97fd3bf789de96104f89e41033f4855aa4f6e1141f0dbbe238284207ec776945745be82c9e0e161c0642edfb9e487513c6222ad333e9f10a8a6c7a40a8"}, @assoc={0x18, 0x117, 0x4, 0x5b5c}], 0x158}], 0x1, 0x8000) 1.245201831s ago: executing program 0 (id=1070): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = eventfd(0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2, 0x0, 0x3}) 1.19639039s ago: executing program 3 (id=1071): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x24, &(0x7f0000000100)={&(0x7f0000002380)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0x2}]}, 0x28}}, 0x0) 1.115465355s ago: executing program 3 (id=1072): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000760009eeffffffffffffff0400090000", @ANYRES32=0x0, @ANYBLOB="04000d80080005"], 0x24}, 0x1, 0x5502000000000000}, 0x0) r2 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = dup(r2) ioctl$PTP_CLOCK_GETCAPS(r2, 0x80503d01, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={0x0, 0x1}) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, 0x0) syz_genetlink_get_family_id$smc(0x0, r3) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) memfd_secret(0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed"], 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) bpf$LINK_DETACH(0x22, 0x0, 0x0) 1.115112148s ago: executing program 3 (id=1073): r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x501, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000003c0)={'ip6tnl0\x00', 0x0}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@map, 0xffffffffffffffff, 0x11, 0x0, 0xffffffffffffffff, @prog_id}, 0x20) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000000)={'ip6tnl0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @empty}}) syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) sendmsg$xdp(r3, 0x0, 0x801) r4 = getpid() r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r5}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r6 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000003f000000000000000000"], &(0x7f0000000140)='GPL\x00'}, 0x90) r7 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/wireless\x00') preadv(r7, &(0x7f0000000100)=[{&(0x7f0000000280)=""/254, 0xfe}], 0x1, 0x1fc, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r8 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r8, &(0x7f00000000c0)={0xe000001a}) ioctl$SNDCTL_DSP_STEREO(r8, 0xc0045003, &(0x7f00000002c0)) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x228, 0xb8, 0x0, 0x148, 0x0, 0x148, 0x1c0, 0x240, 0x240, 0x1c0, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x70, 0xb8}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x3, 'syz1\x00'}}}, {{@uncond, 0x0, 0x94, 0xdc, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT0={0x48}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x284) ioctl$CAPI_REGISTER(r0, 0x400c4301, &(0x7f0000000080)={0x0, 0x0, 0x800}) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='\b', 0x8}], 0x1) preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/223, 0xdf}], 0x1, 0xfffff62d, 0x0) 576.101174ms ago: executing program 3 (id=1074): openat$procfs(0xffffffffffffff9c, &(0x7f0000001280)='/proc/sysvipc/sem\x00', 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000580)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEL_STATION(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_REASON_CODE={0x6}]}, 0x24}}, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}]}, @NFT_MSG_NEWSETELEM={0x38, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPR={0x4}]}]}]}], {0x14, 0x10}}, 0xbc}}, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000100)={0x0, 0x201, 0x600}, 0x8) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0) getrlimit(0xd, &(0x7f0000000000)) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) setrlimit(0x4, &(0x7f0000000380)={0x7, 0x8}) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0xe0, 0x0, 0x0, 0x0, 0x6622, 0x0, 0x40}}}}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095000000000000002d55710c64e30cd8655910b3eb2d1451a6bf4b04dc0af703f4c87963ba8fd1c024815f140290fb3f659193ae297fdcd50b6dc8d41dff00000000000000e272e53a081168e74d7189f0e655f66e08f0e108968d80ea3cac636aa60bea16f1e27d5761f66d6e252599ca89adacf4e13a2013988c4222d7cf1ff84820012fd6f16b20de6f1ea6691dcee8e86fa2109aa7898fe15f2c970063c482db5da9926d158ee55592221796e273ccf22a8ce8dd367473b0247773b358f02338ba5950707984fb201d101bfd1f78b0ea4f397c22d94b5a34491cf3f671af9dacdf409c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_pidfd_open(0x0, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) fanotify_init(0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) socket$can_j1939(0x1d, 0x2, 0x7) 480.207372ms ago: executing program 1 (id=1075): mount(&(0x7f0000000880)=@loop={'/dev/loop', 0x0}, &(0x7f00000008c0)='.\x00', &(0x7f0000000900)='erofs\x00', 0xffffff7f, 0x0) 450.145463ms ago: executing program 2 (id=1076): socket$can_j1939(0x1d, 0x2, 0x7) socket$inet6_sctp(0xa, 0x1, 0x84) socket$nl_route(0x10, 0x3, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/92, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000003380)) r1 = eventfd2(0x0, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000016c0)=""/175, 0x0}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=""/4091}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 315.073278ms ago: executing program 2 (id=1077): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00') openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000650404000100000004040000fb007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e4845500a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291beea56ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124e16b64a5d1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba515d4cc28d702287fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmsg$802154_raw(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)="18bdd2e6a8816338be952d8a7178ba2810d1c9ab69e61599bc9474", 0x1b}, 0x1, 0x0, 0x0, 0x801}, 0x24048000) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x1000, 0x1}, 0x48) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000b40)) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x51}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x2, 0x44, 0x7ffc0000}]}) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) preadv(r0, &(0x7f0000000b00)=[{&(0x7f0000000300)=""/30, 0x1e}], 0x1, 0x80000001, 0x0) 314.879626ms ago: executing program 1 (id=1078): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000001300)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)='\"', 0x1}], 0x1, &(0x7f0000000780)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x6}, @iv={0x110, 0x117, 0x2, 0xf5, "6fee5bd5a7cf3656757b48657b94379799fe38da7a4a21ba8dfbc7327ea70ee7d2b7df1cd13fe9c5de8b4ad1b6e9a68ac3b373431c726335b81cde931a8fc436af8810b68938f3898f4f6b51192a8fc2cda16e11835ed52cbc4e9b46f50b776d977c7ae16932d6f87f1c78f29ea96789bd6a72375c9dec1b36dd8508a1cd8323ef9c15fcd2d8c62d8d0803daefcc48c137b73a32b825bef987f29e8500209f82102543f67a19ea74f446807b8b40617bf81d0bb4d74e9e0c97fd3bf789de96104f89e41033f4855aa4f6e1141f0dbbe238284207ec776945745be82c9e0e161c0642edfb9e487513c6222ad333e9f10a8a6c7a40a8"}, @assoc={0x18, 0x117, 0x4, 0x5b5c}], 0x158}], 0x1, 0x8000) 252.98608ms ago: executing program 2 (id=1079): memfd_secret(0x0) r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x5}, 0x2) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r1, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0xfffffff9]}, 0x45c) ioctl$UI_SET_PROPBIT(r1, 0x5501, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) open_by_handle_at(0xffffffffffffffff, 0x0, 0x0) pipe(&(0x7f0000000040)) open(0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) setpriority(0x1, r3, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4a, 0x0, 0x0) modify_ldt$read(0x0, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000540)={0x1, &(0x7f0000000500)=[{0x4, 0x0, 0x0, 0x7fffffff}]}) syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0) socket$unix(0x1, 0x5, 0x0) 252.685426ms ago: executing program 1 (id=1080): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000340), 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) r1 = syz_io_uring_setup(0x126b, 0x0, &(0x7f0000000740), &(0x7f0000000780)) io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0x2, &(0x7f0000002d40)={0x0, 0x0, 0x0, 0x0}, 0x20) 83.510168ms ago: executing program 0 (id=1081): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_CAP_X86_DISABLE_EXITS(r6, 0x4068aea3, &(0x7f0000000180)={0xdc}) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000000)={0x101ff, 0x2, 0x2, 0x2000, &(0x7f0000001000/0x2000)=nil}) r7 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r7, &(0x7f0000000140), 0x10) sendmsg$can_bcm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000900)=ANY=[@ANYBLOB="05000000020c00"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="00000040010000000000000000000000645b01000000931133f6d9919fd48557d76811cd874f3c837bbfc1c8831026d40798a2be4cc414e02216198977dc3d41ed0880c64c39e5f4059bae641ed151129d36fa7aa47a5ded6da6b0330ae404ae876ec1a9f449c96beeb3c7734c99e9d4d76508ea78b1dabebeaa334d7022d422d26a04c39f283d2ecc456283549592b63c00bab20f8e40ae59087575656515162b6016bad8572f2de9955c9966e322447a85352dd27c44e87cda3bdbf60959a2129c942ef71104670f56e997917141299ab91fcfd07676dd0ee78a3e9b7245a5ae3bc9fca0a07f626759649be2d02d14198232b74730a1467ad275305e39936dd36f440f8ddce9f7de8c7dbde8543dc71de1bc41b5877faeac205b8eb7e486d23f0e0b268389d06f15f88c64eb8773b51cd988c1173a6c0feeb887cfc853e23392e108fd122c99337dabdd72a6fb2c70562fef5c66cc8f33b7c1b4c45a9cb83b7bf5020c84e82ebd89ca383e780137aba137e37b7e4d0000000000000000006fb6a4fbc716da11068688ea0285ae6e3888db07728ab99c97936096751b6ba2ff018322774dcf5e9987e0c95182cc20af2ccee4f581f99224ec9002fa0ddca3579bfa7e53edaf9867e526cde393c57a5d5d799ce8fb760f98f79f848f0c0b7ef85857ffbda95cdac8e23c98607515b9205ec9832ea94a695ac706bbf5b6c7baae145e45bc75c9654d0a3e73d5bfe48d00"/539], 0x80}}, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$IOCTL_STOP_ACCEL_DEV(0xffffffffffffffff, 0x40096101, &(0x7f0000000080)={{&(0x7f0000000580)={'Accelerator\x00', {&(0x7f00000004c0)=@adf_dec={@bank={'Bank', '0', 'InterruptCoalescingNumResponses\x00'}, {0x5}, {&(0x7f0000000200)=@adf_dec={@normal='NumberDcInstances\x00', {0x6}}}}}, {&(0x7f00000002c0)={'Accelerator0\x00'}}}}, 0x2}) socket(0x11, 0x800000003, 0x0) syz_pidfd_open(0x0, 0x0) syz_pidfd_open(0x0, 0x0) r8 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000006c0), 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r8, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x5b, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r8, 0xc06864ce, &(0x7f0000000440)={r9}) syz_emit_ethernet(0xa4, &(0x7f00000002c0)={@local, @random="ffffffff00", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "7377c2", 0x6e, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @local, {[@srh={0x0, 0x0, 0x4, 0x0, 0x0, 0x74d12e036ae6666d, 0xffff}], {0x0, 0x0, 0x66, 0x0, @opaque="426bccdc65c29a4bc2c1266dea7a5d91556e6bcf99e630bb84dc378b1de38f34f1affaee2dd464eee10d55665f304f4faf896314ca84b8858ff78dfaa0c8d0ba589c604890876f018e747742c2d85904376af37005afc26eff92bdb32028"}}}}}}, 0x0) r10 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r10) r11 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r11, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r11, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 0s ago: executing program 1 (id=1082): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002380)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0x2}]}, 0x28}}, 0x0) (fail_nth: 7) kernel console output (not intermixed with test programs): t=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 129.789315][ T39] audit: type=1400 audit(1724640339.278:458): avc: denied { ioctl } for pid=6562 comm="syz.2.280" path="/dev/ptyq9" dev="devtmpfs" ino=138 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 129.950962][ T6568] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 129.954204][ T6568] ecryptfs_parse_options: eCryptfs: unrecognized option [/ppp] [ 129.961150][ T6568] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 129.966522][ T6568] Error parsing options; rc = [-22] [ 130.033769][ T6572] trusted_key: syz.2.283 sent an empty control message without MSG_MORE. [ 130.074524][ T6572] loop0: detected capacity change from 0 to 7 [ 130.085652][ T6572] Dev loop0: unable to read RDB block 7 [ 130.089647][ T6572] loop0: unable to read partition table [ 130.092473][ T6572] loop0: partition table beyond EOD, truncated [ 130.095455][ T6572] loop_reread_partitions: partition scan of loop0 (被xd) failed (rc=-5) [ 130.622489][ T6580] erofs: (device loop3): erofs_read_superblock: cannot find valid erofs superblock [ 131.183774][ T58] usb 6-1: USB disconnect, device number 8 [ 131.330232][ T6594] netlink: 68 bytes leftover after parsing attributes in process `syz.1.292'. [ 131.375007][ T5365] usb 5-1: unable to get BOS descriptor or descriptor too short [ 131.392771][ T5365] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 131.397099][ T5365] usb 5-1: can't read configurations, error -71 [ 131.415372][ T6597] overlayfs: invalid origin (0000) [ 131.441766][ T5441] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 131.629719][ T5441] usb 7-1: Using ep0 maxpacket: 8 [ 131.642096][ T5441] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 131.647812][ T5441] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 131.652771][ T5441] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 131.661108][ T5441] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 131.665603][ T5441] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 131.677627][ T5441] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 131.683223][ T5441] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.796053][ T6610] netlink: 4 bytes leftover after parsing attributes in process `syz.3.299'. [ 131.958997][ T5441] usb 7-1: usb_control_msg returned -32 [ 131.966655][ T5441] usbtmc 7-1:16.0: can't read capabilities [ 131.969557][ T6614] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 131.972849][ T6614] ecryptfs_parse_options: eCryptfs: unrecognized option [/ppp] [ 131.976138][ T6614] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 131.981708][ T6614] Error parsing options; rc = [-22] [ 132.077556][ T39] audit: type=1400 audit(1724640341.568:459): avc: denied { create } for pid=6615 comm="syz.0.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1 [ 132.105097][ T39] audit: type=1400 audit(1724640341.608:460): avc: denied { write } for pid=6615 comm="syz.0.301" name="ppp" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 132.205103][ T39] audit: type=1400 audit(1724640341.708:461): avc: denied { bind } for pid=6615 comm="syz.0.301" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 132.568397][ T831] usb 7-1: USB disconnect, device number 7 [ 133.208700][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.214471][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.874086][ T5441] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 135.093219][ T5441] usb 5-1: Using ep0 maxpacket: 8 [ 135.097238][ T5441] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 135.109674][ T5441] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 135.114005][ T5441] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 135.117947][ T5441] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 135.122567][ T5441] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 135.128711][ T5441] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 135.132573][ T5441] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.354508][ T5441] usb 5-1: usb_control_msg returned -32 [ 135.356776][ T5441] usbtmc 5-1:16.0: can't read capabilities [ 135.733963][ T6691] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 135.916248][ T830] usb 5-1: USB disconnect, device number 10 [ 137.187364][ T6715] fuse: Bad value for 'group_id' [ 137.189925][ T6715] fuse: Bad value for 'group_id' [ 137.497103][ T6721] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.336'. [ 137.612423][ T39] audit: type=1400 audit(1724640347.118:462): avc: denied { getopt } for pid=6724 comm="syz.3.330" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 137.622763][ T6730] Bluetooth: MGMT ver 1.23 [ 138.748933][ T5365] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 138.939147][ T5365] usb 6-1: Using ep0 maxpacket: 8 [ 138.946446][ T5365] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 138.951551][ T5365] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 138.955738][ T5365] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 138.960117][ T5365] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 138.964099][ T5365] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 138.969737][ T5365] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 138.973512][ T5365] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.200280][ T5365] usb 6-1: usb_control_msg returned -32 [ 139.202892][ T5365] usbtmc 6-1:16.0: can't read capabilities [ 139.763638][ T830] usb 6-1: USB disconnect, device number 9 [ 140.417356][ T6784] syz.3.350: attempt to access beyond end of device [ 140.417356][ T6784] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 140.428265][ T6784] efs: cannot read volume header [ 140.468074][ T39] audit: type=1400 audit(1724640349.968:463): avc: denied { connect } for pid=6783 comm="syz.3.350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 140.494748][ T39] audit: type=1400 audit(1724640349.968:464): avc: denied { shutdown } for pid=6783 comm="syz.3.350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 140.583887][ T6791] netlink: 68 bytes leftover after parsing attributes in process `syz.3.353'. [ 140.730566][ T39] audit: type=1400 audit(1724640350.228:465): avc: denied { setcurrent } for pid=6794 comm="syz.2.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 140.792929][ T39] audit: type=1400 audit(1724640350.298:466): avc: denied { bind } for pid=6797 comm="syz.1.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 141.025564][ T39] audit: type=1400 audit(1724640350.528:467): avc: denied { write } for pid=6806 comm="syz.3.358" name="/" dev="9p" ino=38797652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 141.058876][ T39] audit: type=1400 audit(1724640350.528:468): avc: denied { add_name } for pid=6806 comm="syz.3.358" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 141.081601][ T39] audit: type=1400 audit(1724640350.528:469): avc: denied { create } for pid=6806 comm="syz.3.358" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 141.107296][ T6823] FAULT_INJECTION: forcing a failure. [ 141.107296][ T6823] name failslab, interval 1, probability 0, space 0, times 0 [ 141.113602][ T6823] CPU: 1 UID: 0 PID: 6823 Comm: syz.1.363 Not tainted 6.11.0-rc5-syzkaller #0 [ 141.117251][ T6823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 141.117658][ T39] audit: type=1400 audit(1724640350.528:470): avc: denied { associate } for pid=6806 comm="syz.3.358" name="cgroup.controllers" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 141.121636][ T6823] Call Trace: [ 141.121669][ T6823] [ 141.121675][ T6823] dump_stack_lvl+0x16c/0x1f0 [ 141.121697][ T6823] should_fail_ex+0x497/0x5b0 [ 141.133405][ T39] audit: type=1400 audit(1724640350.568:471): avc: denied { append } for pid=6806 comm="syz.3.358" path="/97/file0/cgroup.controllers" dev="9p" ino=38797701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 141.133469][ T6823] ? fs_reclaim_acquire+0xae/0x160 [ 141.149258][ T6823] should_failslab+0xc2/0x120 [ 141.151160][ T6823] __kmalloc_noprof+0xcb/0x400 [ 141.153096][ T6823] tomoyo_realpath_from_path+0xb9/0x720 [ 141.155382][ T6823] tomoyo_mount_acl+0x66d/0x880 [ 141.157368][ T6823] ? hlock_class+0x4e/0x130 [ 141.159044][ T6823] ? __lock_acquire+0x1620/0x3cb0 [ 141.160989][ T6823] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 141.163218][ T6823] ? __pfx___lock_acquire+0x10/0x10 [ 141.165391][ T6823] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.167864][ T6823] ? tomoyo_domain+0xbb/0x150 [ 141.169831][ T6823] ? tomoyo_profile+0x47/0x60 [ 141.171787][ T6823] tomoyo_mount_permission+0x16b/0x410 [ 141.174083][ T6823] ? tomoyo_mount_permission+0x146/0x410 [ 141.176407][ T6823] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 141.178904][ T6823] ? get_current_fs_domain+0x188/0x1f0 [ 141.181177][ T6823] security_sb_mount+0x8d/0xe0 [ 141.183164][ T6823] path_mount+0x129/0x1f20 [ 141.185044][ T6823] ? __pfx_path_mount+0x10/0x10 [ 141.187102][ T6823] ? putname+0x12e/0x170 [ 141.188891][ T6823] ? putname+0x12e/0x170 [ 141.190781][ T6823] __x64_sys_mount+0x294/0x320 [ 141.192715][ T6823] ? __pfx___x64_sys_mount+0x10/0x10 [ 141.194909][ T6823] do_syscall_64+0xcd/0x250 [ 141.196792][ T6823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.199228][ T6823] RIP: 0033:0x7fca9ad79e79 [ 141.201101][ T6823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.209030][ T6823] RSP: 002b:00007fca9baee038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 141.212494][ T6823] RAX: ffffffffffffffda RBX: 00007fca9af15f80 RCX: 00007fca9ad79e79 [ 141.215681][ T6823] RDX: 0000000020000900 RSI: 00000000200008c0 RDI: 0000000020000880 [ 141.218916][ T6823] RBP: 00007fca9baee090 R08: 0000000000000000 R09: 0000000000000000 [ 141.222088][ T6823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 141.225313][ T6823] R13: 0000000000000001 R14: 00007fca9af15f80 R15: 00007ffeec7b00c8 [ 141.228553][ T6823] [ 141.235940][ T6823] ERROR: Out of memory at tomoyo_realpath_from_path. [ 141.323671][ T6828] netlink: 68 bytes leftover after parsing attributes in process `syz.1.364'. [ 142.847982][ T6853] netlink: 68 bytes leftover after parsing attributes in process `syz.0.373'. [ 143.179009][ T5441] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 143.358858][ T5441] usb 6-1: Using ep0 maxpacket: 8 [ 143.370134][ T5441] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 143.373669][ T5441] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 143.377214][ T5441] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 143.388956][ T5441] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 143.395987][ T5441] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 143.419076][ T5441] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 143.422963][ T5441] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.684518][ T5441] usb 6-1: usb_control_msg returned -32 [ 143.686870][ T5441] usbtmc 6-1:16.0: can't read capabilities [ 143.788061][ T6878] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.380'. [ 144.511642][ T6886] netlink: 68 bytes leftover after parsing attributes in process `syz.0.383'. [ 144.648742][ T6893] FAULT_INJECTION: forcing a failure. [ 144.648742][ T6893] name failslab, interval 1, probability 0, space 0, times 0 [ 144.656076][ T6893] CPU: 1 UID: 0 PID: 6893 Comm: syz.3.384 Not tainted 6.11.0-rc5-syzkaller #0 [ 144.660159][ T6893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 144.664502][ T6893] Call Trace: [ 144.665617][ T6893] [ 144.666514][ T6893] dump_stack_lvl+0x16c/0x1f0 [ 144.668227][ T6893] should_fail_ex+0x497/0x5b0 [ 144.670139][ T6893] ? fs_reclaim_acquire+0xae/0x160 [ 144.672115][ T6893] should_failslab+0xc2/0x120 [ 144.674273][ T6893] __kmalloc_noprof+0xcb/0x400 [ 144.676397][ T6893] tomoyo_encode2+0x100/0x3e0 [ 144.678514][ T6893] tomoyo_encode+0x29/0x50 [ 144.680948][ T6893] tomoyo_realpath_from_path+0x19d/0x720 [ 144.683546][ T6893] tomoyo_mount_acl+0x66d/0x880 [ 144.685789][ T6893] ? hlock_class+0x4e/0x130 [ 144.687844][ T6893] ? __lock_acquire+0x1620/0x3cb0 [ 144.690264][ T6893] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 144.693070][ T6893] ? __pfx___lock_acquire+0x10/0x10 [ 144.695512][ T6893] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.698401][ T6893] ? tomoyo_domain+0xbb/0x150 [ 144.700642][ T6893] ? tomoyo_profile+0x47/0x60 [ 144.702780][ T6893] tomoyo_mount_permission+0x16b/0x410 [ 144.705518][ T6893] ? tomoyo_mount_permission+0x146/0x410 [ 144.708059][ T6893] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 144.710793][ T6893] ? get_current_fs_domain+0x188/0x1f0 [ 144.713261][ T6893] security_sb_mount+0x8d/0xe0 [ 144.715470][ T6893] path_mount+0x129/0x1f20 [ 144.717504][ T6893] ? __pfx_path_mount+0x10/0x10 [ 144.719725][ T6893] ? putname+0x12e/0x170 [ 144.721645][ T6893] ? putname+0x12e/0x170 [ 144.723558][ T6893] __x64_sys_mount+0x294/0x320 [ 144.725736][ T6893] ? __pfx___x64_sys_mount+0x10/0x10 [ 144.728159][ T6893] do_syscall_64+0xcd/0x250 [ 144.730259][ T6893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.732925][ T6893] RIP: 0033:0x7fe62d579e79 [ 144.734971][ T6893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.743506][ T6893] RSP: 002b:00007fe62e412038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 144.747254][ T6893] RAX: ffffffffffffffda RBX: 00007fe62d715f80 RCX: 00007fe62d579e79 [ 144.750810][ T6893] RDX: 0000000020000900 RSI: 00000000200008c0 RDI: 0000000020000880 [ 144.754352][ T6893] RBP: 00007fe62e412090 R08: 0000000000000000 R09: 0000000000000000 [ 144.758018][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 144.761596][ T6893] R13: 0000000000000001 R14: 00007fe62d715f80 R15: 00007ffeaaa9e548 [ 144.764912][ T6893] [ 144.767957][ T6893] ERROR: Out of memory at tomoyo_realpath_from_path. [ 145.547222][ T6918] netlink: 68 bytes leftover after parsing attributes in process `syz.0.393'. [ 145.739892][ T6928] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3348 sclass=netlink_route_socket pid=6928 comm=syz.2.395 [ 145.984353][ T6932] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.397'. [ 146.581483][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 146.581497][ T39] audit: type=1400 audit(1724640356.088:473): avc: denied { watch watch_reads } for pid=6939 comm="syz.0.401" path="/95/file0" dev="tmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 146.619812][ T39] audit: type=1400 audit(1724640356.118:474): avc: denied { ioctl } for pid=6939 comm="syz.0.401" path="socket:[16887]" dev="sockfs" ino=16887 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 146.647431][ T6943] netlink: 84 bytes leftover after parsing attributes in process `syz.0.401'. [ 147.325419][ T6952] netlink: 68 bytes leftover after parsing attributes in process `syz.2.405'. [ 147.689237][ T5368] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 147.871591][ T5368] usb 7-1: Using ep0 maxpacket: 8 [ 147.875778][ T5368] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 147.880310][ T5368] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 147.885387][ T5368] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 147.892387][ T5368] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 147.896521][ T5368] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 147.902477][ T5368] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 147.908125][ T5368] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.123635][ T5368] usb 7-1: usb_control_msg returned -32 [ 148.126121][ T5368] usbtmc 7-1:16.0: can't read capabilities [ 148.321646][ T6974] 9pnet_fd: Insufficient options for proto=fd [ 148.536925][ T39] audit: type=1400 audit(1724640358.038:475): avc: denied { create } for pid=6975 comm="syz.0.415" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 148.545060][ T39] audit: type=1400 audit(1724640358.038:476): avc: denied { ioctl } for pid=6975 comm="syz.0.415" path="socket:[16998]" dev="sockfs" ino=16998 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 148.556485][ T39] audit: type=1400 audit(1724640358.038:477): avc: denied { write } for pid=6975 comm="syz.0.415" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 149.110286][ T6855] usbtmc 6-1:16.0: stb usb_control_msg returned -110 [ 149.114966][ T5368] usb 6-1: USB disconnect, device number 10 [ 149.403082][ T6992] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.418'. [ 150.025984][ T39] audit: type=1400 audit(1724640359.528:478): avc: denied { read } for pid=6995 comm="syz.0.419" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 150.029363][ T6997] netlink: 56 bytes leftover after parsing attributes in process `syz.0.419'. [ 150.041724][ T39] audit: type=1400 audit(1724640359.528:479): avc: denied { open } for pid=6995 comm="syz.0.419" path="/104/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 150.052525][ T39] audit: type=1400 audit(1724640359.528:480): avc: denied { ioctl } for pid=6995 comm="syz.0.419" path="/104/file0/file0" dev="fuse" ino=0 ioctlcmd=0x933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 150.113754][ T39] audit: type=1400 audit(1724640359.618:481): avc: denied { mount } for pid=6995 comm="syz.0.419" name="/" dev="configfs" ino=2121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 150.449307][ T5370] usb 7-1: USB disconnect, device number 8 [ 150.571835][ T7009] FAULT_INJECTION: forcing a failure. [ 150.571835][ T7009] name failslab, interval 1, probability 0, space 0, times 0 [ 150.577415][ T39] audit: type=1400 audit(1724640360.078:482): avc: denied { unmount } for pid=5336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 150.578370][ T7009] CPU: 1 UID: 0 PID: 7009 Comm: syz.3.424 Not tainted 6.11.0-rc5-syzkaller #0 [ 150.589653][ T7009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 150.593801][ T7009] Call Trace: [ 150.595081][ T7009] [ 150.596286][ T7009] dump_stack_lvl+0x16c/0x1f0 [ 150.598401][ T7009] should_fail_ex+0x497/0x5b0 [ 150.600557][ T7009] ? fs_reclaim_acquire+0xae/0x160 [ 150.602813][ T7009] should_failslab+0xc2/0x120 [ 150.605029][ T7009] __kmalloc_cache_noprof+0x6b/0x300 [ 150.607591][ T7009] ? erofs_init_fs_context+0x47/0x3a0 [ 150.610153][ T7009] ? __pfx_erofs_init_fs_context+0x10/0x10 [ 150.612936][ T7009] erofs_init_fs_context+0x47/0x3a0 [ 150.615216][ T7009] ? __pfx_erofs_init_fs_context+0x10/0x10 [ 150.617975][ T7009] alloc_fs_context+0x54a/0x9c0 [ 150.620294][ T7009] path_mount+0xb08/0x1f20 [ 150.622068][ T7009] ? __pfx_path_mount+0x10/0x10 [ 150.624183][ T7009] ? putname+0x12e/0x170 [ 150.625930][ T7009] ? putname+0x12e/0x170 [ 150.627836][ T7009] __x64_sys_mount+0x294/0x320 [ 150.630068][ T7009] ? __pfx___x64_sys_mount+0x10/0x10 [ 150.632466][ T7009] do_syscall_64+0xcd/0x250 [ 150.634414][ T7009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.636981][ T7009] RIP: 0033:0x7fe62d579e79 [ 150.638953][ T7009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.647626][ T7009] RSP: 002b:00007fe62e412038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 150.651257][ T7009] RAX: ffffffffffffffda RBX: 00007fe62d715f80 RCX: 00007fe62d579e79 [ 150.654849][ T7009] RDX: 0000000020000900 RSI: 00000000200008c0 RDI: 0000000020000880 [ 150.658368][ T7009] RBP: 00007fe62e412090 R08: 0000000000000000 R09: 0000000000000000 [ 150.662032][ T7009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 150.665622][ T7009] R13: 0000000000000001 R14: 00007fe62d715f80 R15: 00007ffeaaa9e548 [ 150.669144][ T7009] [ 150.690943][ T7008] netlink: 68 bytes leftover after parsing attributes in process `syz.1.423'. [ 150.888096][ T7023] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.429'. [ 151.878979][ T5365] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 152.068889][ T5365] usb 6-1: Using ep0 maxpacket: 8 [ 152.079332][ T5365] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 152.082897][ T5365] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 152.086869][ T5365] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 152.091375][ T5365] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 152.095488][ T5365] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 152.098439][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 152.098493][ T39] audit: type=1400 audit(1724640361.598:486): avc: denied { bind } for pid=7039 comm="syz.2.433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 152.101095][ T5365] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 152.115485][ T5365] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.163444][ T7042] erofs: (device loop2): erofs_read_superblock: cannot find valid erofs superblock [ 152.332892][ T5365] usb 6-1: usb_control_msg returned -32 [ 152.335385][ T5365] usbtmc 6-1:16.0: can't read capabilities [ 152.697707][ T7065] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.440'. [ 152.856680][ T7072] netlink: 68 bytes leftover after parsing attributes in process `syz.2.443'. [ 152.898710][ T5365] usb 6-1: USB disconnect, device number 11 [ 153.808990][ T1288] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 153.983044][ T39] audit: type=1400 audit(1724640363.488:487): avc: denied { bind } for pid=7093 comm="syz.0.451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 153.988978][ T1288] usb 7-1: Using ep0 maxpacket: 8 [ 153.993421][ T39] audit: type=1400 audit(1724640363.488:488): avc: denied { setopt } for pid=7093 comm="syz.0.451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 154.012618][ T1288] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 154.016330][ T1288] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 154.021209][ T1288] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 154.025125][ T1288] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 154.029498][ T1288] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 154.036883][ T1288] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 154.056767][ T1288] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.094811][ T39] audit: type=1400 audit(1724640363.598:489): avc: denied { listen } for pid=7093 comm="syz.0.451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 154.309132][ T1288] usb 7-1: usb_control_msg returned -32 [ 154.319031][ T1288] usbtmc 7-1:16.0: can't read capabilities [ 154.875711][ T830] usb 7-1: USB disconnect, device number 9 [ 154.899287][ T39] audit: type=1400 audit(1724640364.404:490): avc: denied { watch watch_reads } for pid=7108 comm="syz.3.454" path="/117/file0" dev="tmpfs" ino=670 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 154.921277][ T39] audit: type=1400 audit(1724640364.404:491): avc: denied { read write } for pid=7107 comm="syz.1.455" name="video0" dev="devtmpfs" ino=876 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 154.932610][ T39] audit: type=1400 audit(1724640364.404:492): avc: denied { open } for pid=7107 comm="syz.1.455" path="/dev/video0" dev="devtmpfs" ino=876 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 154.944978][ T39] audit: type=1400 audit(1724640364.414:493): avc: denied { ioctl } for pid=7108 comm="syz.3.454" path="socket:[16225]" dev="sockfs" ino=16225 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 154.959121][ T39] audit: type=1400 audit(1724640364.414:494): avc: denied { create } for pid=7107 comm="syz.1.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 154.960653][ T7112] netlink: 84 bytes leftover after parsing attributes in process `syz.3.454'. [ 154.967488][ T39] audit: type=1400 audit(1724640364.424:495): avc: denied { write } for pid=7108 comm="syz.3.454" path="socket:[17676]" dev="sockfs" ino=17676 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 155.470214][ T830] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 155.587986][ T7129] xt_hashlimit: invalid rate [ 155.658910][ T830] usb 6-1: Using ep0 maxpacket: 8 [ 155.665388][ T830] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 155.675438][ T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 155.684632][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 155.688636][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 155.708015][ T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 155.717261][ T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 155.721396][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.936166][ T830] usb 6-1: usb_control_msg returned -32 [ 155.939066][ T830] usbtmc 6-1:16.0: can't read capabilities [ 156.560287][ T5368] usb 6-1: USB disconnect, device number 12 [ 156.670889][ T7161] mkiss: ax0: crc mode is auto. [ 156.692693][ T7161] netlink: 'syz.2.467': attribute type 4 has an invalid length. [ 156.696094][ T7161] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.467'. [ 157.181134][ T39] kauditd_printk_skb: 73 callbacks suppressed [ 157.181150][ T39] audit: type=1400 audit(1724640366.694:569): avc: denied { ioctl } for pid=7165 comm="syz.0.469" path="/dev/video6" dev="devtmpfs" ino=884 ioctlcmd=0x5629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1 [ 157.207823][ T39] audit: type=1400 audit(1724640366.704:570): avc: denied { remount } for pid=7172 comm="syz.1.470" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 157.244264][ T39] audit: type=1400 audit(1724640366.734:571): avc: denied { read } for pid=7175 comm="syz.3.478" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 157.256116][ T39] audit: type=1400 audit(1724640366.734:572): avc: denied { open } for pid=7175 comm="syz.3.478" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 157.547113][ T39] audit: type=1400 audit(1724640367.054:573): avc: denied { bind } for pid=7189 comm="syz.0.475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 157.591994][ T39] audit: type=1400 audit(1724640367.064:574): avc: denied { write } for pid=7189 comm="syz.0.475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 157.689337][ T39] audit: type=1400 audit(1724640367.194:575): avc: denied { create } for pid=7192 comm="syz.0.476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 157.706583][ T39] audit: type=1400 audit(1724640367.214:576): avc: denied { bind } for pid=7192 comm="syz.0.476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 157.747515][ T39] audit: type=1400 audit(1724640367.214:577): avc: denied { accept } for pid=7192 comm="syz.0.476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 157.768220][ T39] audit: type=1400 audit(1724640367.214:578): avc: denied { write } for pid=7192 comm="syz.0.476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 159.012363][ T7225] FAULT_INJECTION: forcing a failure. [ 159.012363][ T7225] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 159.029126][ T7225] CPU: 1 UID: 0 PID: 7225 Comm: syz.2.489 Not tainted 6.11.0-rc5-syzkaller #0 [ 159.032953][ T7225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 159.037392][ T7225] Call Trace: [ 159.038819][ T7225] [ 159.040130][ T7225] dump_stack_lvl+0x16c/0x1f0 [ 159.042071][ T7225] should_fail_ex+0x497/0x5b0 [ 159.043838][ T7225] _copy_from_iter+0x2a1/0x1150 [ 159.045674][ T7225] ? __pfx__copy_from_iter+0x10/0x10 [ 159.047918][ T7225] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 159.051110][ T7225] ? tun_build_skb.constprop.0+0x1b8/0x1390 [ 159.053872][ T7225] ? __pfx_lock_release+0x10/0x10 [ 159.056298][ T7225] copy_page_from_iter+0xa5/0x120 [ 159.058776][ T7225] tun_build_skb.constprop.0+0x294/0x1390 [ 159.061461][ T7225] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 159.064269][ T7225] ? avc_has_perm_noaudit+0x119/0x3a0 [ 159.066190][ T7225] ? __pfx_lock_release+0x10/0x10 [ 159.068315][ T7225] ? __pfx___lock_acquire+0x10/0x10 [ 159.070559][ T7225] ? __pfx_mark_lock+0x10/0x10 [ 159.072615][ T7225] tun_get_user+0x888/0x3c30 [ 159.074646][ T7225] ? __pfx_tun_get_user+0x10/0x10 [ 159.076593][ T7225] ? find_held_lock+0x2d/0x110 [ 159.078644][ T7225] ? __pfx_lock_release+0x10/0x10 [ 159.081114][ T7225] tun_chr_write_iter+0xe8/0x210 [ 159.083397][ T7225] vfs_write+0x6b6/0x1140 [ 159.085319][ T7225] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 159.087667][ T7225] ? __pfx_vfs_write+0x10/0x10 [ 159.089904][ T7225] ? __fget_files+0x256/0x400 [ 159.092165][ T7225] ? __fget_light+0x173/0x210 [ 159.094398][ T7225] ksys_write+0x12f/0x260 [ 159.096325][ T7225] ? __pfx_ksys_write+0x10/0x10 [ 159.099757][ T7225] do_syscall_64+0xcd/0x250 [ 159.101733][ T7225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.104218][ T7225] RIP: 0033:0x7fc3a457895f [ 159.106058][ T7225] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 159.113795][ T7225] RSP: 002b:00007fc3a53a5000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 159.117076][ T7225] RAX: ffffffffffffffda RBX: 00007fc3a4715f80 RCX: 00007fc3a457895f [ 159.120002][ T7225] RDX: 000000000000004f RSI: 00000000200000c0 RDI: 00000000000000c8 [ 159.122798][ T7225] RBP: 00007fc3a53a5090 R08: 0000000000000000 R09: 0000000000000000 [ 159.125917][ T7225] R10: 000000000000004f R11: 0000000000000293 R12: 0000000000000001 [ 159.129555][ T7225] R13: 0000000000000000 R14: 00007fc3a4715f80 R15: 00007ffd373f41e8 [ 159.133313][ T7225] [ 159.720707][ T7243] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 159.797803][ T7243] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 160.660079][ T7265] netlink: 56 bytes leftover after parsing attributes in process `syz.3.502'. [ 160.876472][ T7271] FAULT_INJECTION: forcing a failure. [ 160.876472][ T7271] name failslab, interval 1, probability 0, space 0, times 0 [ 160.888864][ T7271] CPU: 3 UID: 0 PID: 7271 Comm: syz.1.505 Not tainted 6.11.0-rc5-syzkaller #0 [ 160.892215][ T7271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.896764][ T7271] Call Trace: [ 160.898376][ T7271] [ 160.899638][ T7271] dump_stack_lvl+0x16c/0x1f0 [ 160.901683][ T7271] should_fail_ex+0x497/0x5b0 [ 160.903659][ T7271] ? fs_reclaim_acquire+0xae/0x160 [ 160.905971][ T7271] should_failslab+0xc2/0x120 [ 160.908147][ T7271] __kmalloc_node_noprof+0xd1/0x430 [ 160.910157][ T7271] ? seq_read_iter+0xde/0x12c0 [ 160.911917][ T7271] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 160.914368][ T7271] __kvmalloc_node_noprof+0x9d/0x1a0 [ 160.918701][ T7271] traverse.part.0.constprop.0+0x392/0x640 [ 160.920988][ T7271] ? __pfx___lock_acquire+0x10/0x10 [ 160.923183][ T7271] ? __pfx_mark_lock+0x10/0x10 [ 160.924829][ T7271] seq_read_iter+0x93a/0x12c0 [ 160.926497][ T7271] ? hlock_class+0x4e/0x130 [ 160.928497][ T7271] seq_read+0x390/0x4d0 [ 160.930271][ T7271] ? __pfx_seq_read+0x10/0x10 [ 160.931843][ T7271] ? __pfx___might_resched+0x10/0x10 [ 160.933749][ T7271] ? selinux_file_permission+0x125/0x590 [ 160.935650][ T7271] ? __pfx_seq_read+0x10/0x10 [ 160.937384][ T7271] proc_reg_read+0x243/0x340 [ 160.939236][ T7271] ? __pfx_proc_reg_read+0x10/0x10 [ 160.941688][ T7271] vfs_readv+0x6cb/0x8a0 [ 160.943296][ T7271] ? find_held_lock+0x2d/0x110 [ 160.945278][ T7271] ? __pfx_vfs_readv+0x10/0x10 [ 160.947241][ T7271] ? find_held_lock+0x2d/0x110 [ 160.949406][ T7271] ? __pfx_lock_release+0x10/0x10 [ 160.951907][ T7271] ? __x64_sys_preadv+0x22b/0x310 [ 160.954152][ T7271] __x64_sys_preadv+0x22b/0x310 [ 160.956300][ T7271] ? __pfx___x64_sys_preadv+0x10/0x10 [ 160.958682][ T7271] do_syscall_64+0xcd/0x250 [ 160.960720][ T7271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.963334][ T7271] RIP: 0033:0x7fca9ad79e79 [ 160.965329][ T7271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.973914][ T7271] RSP: 002b:00007fca9baee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 160.977513][ T7271] RAX: ffffffffffffffda RBX: 00007fca9af15f80 RCX: 00007fca9ad79e79 [ 160.980718][ T7271] RDX: 0000000000000001 RSI: 0000000020000b00 RDI: 0000000000000003 [ 160.984536][ T7271] RBP: 00007fca9baee090 R08: 0000000000000000 R09: 0000000000000000 [ 160.988116][ T7271] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 160.991431][ T7271] R13: 0000000000000000 R14: 00007fca9af15f80 R15: 00007ffeec7b00c8 [ 160.994596][ T7271] [ 160.995705][ C3] vkms_vblank_simulate: vblank timer overrun [ 161.365370][ T7279] FAULT_INJECTION: forcing a failure. [ 161.365370][ T7279] name failslab, interval 1, probability 0, space 0, times 0 [ 161.374840][ T7279] CPU: 1 UID: 0 PID: 7279 Comm: syz.2.508 Not tainted 6.11.0-rc5-syzkaller #0 [ 161.378593][ T7279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 161.383056][ T7279] Call Trace: [ 161.384478][ T7279] [ 161.385758][ T7279] dump_stack_lvl+0x16c/0x1f0 [ 161.387778][ T7279] should_fail_ex+0x497/0x5b0 [ 161.389844][ T7279] should_failslab+0xc2/0x120 [ 161.391866][ T7279] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 161.394203][ T7279] ? __build_skb+0x3f/0x90 [ 161.396111][ T7279] __build_skb+0x3f/0x90 [ 161.397917][ T7279] build_skb+0x22/0x280 [ 161.399671][ T7279] __tun_build_skb+0x2c/0x340 [ 161.401753][ T7279] tun_build_skb.constprop.0+0x8bf/0x1390 [ 161.404149][ T7279] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 161.406749][ T7279] ? avc_has_perm_noaudit+0x119/0x3a0 [ 161.409024][ T7279] ? __pfx_lock_release+0x10/0x10 [ 161.411295][ T7279] ? __pfx___lock_acquire+0x10/0x10 [ 161.413476][ T7279] ? __pfx_mark_lock+0x10/0x10 [ 161.415514][ T7279] tun_get_user+0x888/0x3c30 [ 161.417455][ T7279] ? __pfx_tun_get_user+0x10/0x10 [ 161.419654][ T7279] ? find_held_lock+0x2d/0x110 [ 161.421817][ T7279] ? __pfx_lock_release+0x10/0x10 [ 161.423917][ T7279] tun_chr_write_iter+0xe8/0x210 [ 161.426033][ T7279] vfs_write+0x6b6/0x1140 [ 161.427839][ T7279] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 161.430157][ T7279] ? __pfx_vfs_write+0x10/0x10 [ 161.432403][ T7279] ? __fget_files+0x256/0x400 [ 161.434469][ T7279] ? __fget_light+0x173/0x210 [ 161.436449][ T7279] ksys_write+0x12f/0x260 [ 161.438281][ T7279] ? __pfx_ksys_write+0x10/0x10 [ 161.440493][ T7279] do_syscall_64+0xcd/0x250 [ 161.442372][ T7281] No such timeout policy "syz0" [ 161.442809][ T7279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.447845][ T7279] RIP: 0033:0x7fc3a457895f [ 161.450397][ T7279] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 161.460394][ T7279] RSP: 002b:00007fc3a53a5000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 161.464033][ T7279] RAX: ffffffffffffffda RBX: 00007fc3a4715f80 RCX: 00007fc3a457895f [ 161.467631][ T7279] RDX: 000000000000004f RSI: 00000000200000c0 RDI: 00000000000000c8 [ 161.471339][ T7279] RBP: 00007fc3a53a5090 R08: 0000000000000000 R09: 0000000000000000 [ 161.475208][ T7279] R10: 000000000000004f R11: 0000000000000293 R12: 0000000000000001 [ 161.478977][ T7279] R13: 0000000000000000 R14: 00007fc3a4715f80 R15: 00007ffd373f41e8 [ 161.482743][ T7279] [ 162.169390][ T7295] mkiss: ax0: crc mode is auto. [ 162.209556][ T7295] netlink: 'syz.0.511': attribute type 4 has an invalid length. [ 162.221253][ T7295] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.511'. [ 162.506840][ T39] kauditd_printk_skb: 35 callbacks suppressed [ 162.506921][ T39] audit: type=1400 audit(1724640372.014:614): avc: denied { create } for pid=7302 comm="syz.3.516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 163.633388][ T39] audit: type=1400 audit(1724640373.134:615): avc: denied { create } for pid=7323 comm="syz.0.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 163.643308][ T39] audit: type=1400 audit(1724640373.154:616): avc: denied { write } for pid=7323 comm="syz.0.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 163.659446][ T39] audit: type=1400 audit(1724640373.174:617): avc: denied { read } for pid=7323 comm="syz.0.523" name="usbmon7" dev="devtmpfs" ino=745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 163.706490][ T39] audit: type=1400 audit(1724640373.194:618): avc: denied { open } for pid=7323 comm="syz.0.523" path="/dev/usbmon7" dev="devtmpfs" ino=745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 163.717679][ T39] audit: type=1400 audit(1724640373.224:619): avc: denied { ioctl } for pid=7323 comm="syz.0.523" path="/dev/usbmon7" dev="devtmpfs" ino=745 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 163.731878][ T7332] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 163.752506][ T39] audit: type=1400 audit(1724640373.264:620): avc: denied { name_bind } for pid=7331 comm="syz.3.525" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 163.761619][ T39] audit: type=1400 audit(1724640373.274:621): avc: denied { name_bind } for pid=7331 comm="syz.3.525" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 163.871055][ T7334] FAULT_INJECTION: forcing a failure. [ 163.871055][ T7334] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 163.878640][ T7334] CPU: 2 UID: 0 PID: 7334 Comm: syz.2.526 Not tainted 6.11.0-rc5-syzkaller #0 [ 163.882319][ T7334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 163.886848][ T7334] Call Trace: [ 163.888233][ T7334] [ 163.889520][ T7334] dump_stack_lvl+0x16c/0x1f0 [ 163.891545][ T7334] should_fail_ex+0x497/0x5b0 [ 163.893671][ T7334] _copy_to_user+0x30/0xc0 [ 163.895537][ T7334] simple_read_from_buffer+0xd0/0x160 [ 163.897683][ T7334] proc_fail_nth_read+0x19e/0x280 [ 163.899695][ T7334] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 163.902011][ T7334] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 163.904315][ T7334] vfs_read+0x1d4/0xbd0 [ 163.906112][ T7334] ? __fdget_pos+0xeb/0x180 [ 163.908007][ T7334] ? __pfx_vfs_read+0x10/0x10 [ 163.910641][ T7334] ? __pfx___mutex_lock+0x10/0x10 [ 163.912782][ T7334] ? __fget_files+0x256/0x400 [ 163.914814][ T7334] ksys_read+0x12f/0x260 [ 163.916583][ T7334] ? __pfx_ksys_read+0x10/0x10 [ 163.918592][ T7334] do_syscall_64+0xcd/0x250 [ 163.920496][ T7334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.922972][ T7334] RIP: 0033:0x7fc3a45788bc [ 163.924865][ T7334] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 163.932364][ T7334] RSP: 002b:00007fc3a53a5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 163.935394][ T7334] RAX: ffffffffffffffda RBX: 00007fc3a4715f80 RCX: 00007fc3a45788bc [ 163.938279][ T7334] RDX: 000000000000000f RSI: 00007fc3a53a50a0 RDI: 0000000000000004 [ 163.941326][ T7334] RBP: 00007fc3a53a5090 R08: 0000000000000000 R09: 0000000000000000 [ 163.944516][ T7334] R10: 0000000080000001 R11: 0000000000000246 R12: 0000000000000001 [ 163.947719][ T7334] R13: 0000000000000000 R14: 00007fc3a4715f80 R15: 00007ffd373f41e8 [ 163.951398][ T7334] [ 164.132202][ T7342] mkiss: ax0: crc mode is auto. [ 164.163043][ T7342] netlink: 'syz.1.528': attribute type 4 has an invalid length. [ 164.166460][ T7342] netlink: 128124 bytes leftover after parsing attributes in process `syz.1.528'. [ 164.512807][ T39] audit: type=1400 audit(1724640374.024:622): avc: denied { create } for pid=7346 comm="syz.2.531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 164.523850][ T39] audit: type=1400 audit(1724640374.024:623): avc: denied { write } for pid=7346 comm="syz.2.531" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 165.036049][ T7368] netlink: 4 bytes leftover after parsing attributes in process `syz.2.538'. [ 165.250024][ T7384] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.543'. [ 165.253994][ T7384] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 165.455915][ T7384] mmap: syz.0.543 (7384) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 165.738377][ T7399] netlink: 4 bytes leftover after parsing attributes in process `syz.0.548'. [ 165.769732][ T7401] Sensor A: ================= START STATUS ================= [ 165.773207][ T7401] Sensor A: Test Pattern: 75% Colorbar [ 165.776530][ T7401] Sensor A: Show Information: All [ 165.784962][ T7401] Sensor A: Vertical Flip: false [ 165.787246][ T7401] Sensor A: Horizontal Flip: false [ 165.791565][ T7401] Sensor A: Brightness: 128 [ 165.793668][ T7401] Sensor A: Contrast: 128 [ 165.795718][ T7401] Sensor A: Hue: 0 [ 165.797461][ T7401] Sensor A: Saturation: 128 [ 165.800996][ T7401] Sensor A: ================== END STATUS ================== [ 165.874107][ T7407] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 165.948560][ T7412] netlink: 68 bytes leftover after parsing attributes in process `syz.1.555'. [ 166.117138][ T7432] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 166.619941][ T7454] netlink: 68 bytes leftover after parsing attributes in process `syz.0.566'. [ 167.294228][ T7479] netlink: 68 bytes leftover after parsing attributes in process `syz.0.575'. [ 167.454470][ T7487] netlink: 68 bytes leftover after parsing attributes in process `syz.2.584'. [ 167.689920][ T39] kauditd_printk_skb: 20 callbacks suppressed [ 167.689943][ T39] audit: type=1326 audit(1724640377.204:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.707219][ T7499] FAULT_INJECTION: forcing a failure. [ 167.707219][ T7499] name failslab, interval 1, probability 0, space 0, times 0 [ 167.722148][ T7499] CPU: 2 UID: 0 PID: 7499 Comm: syz.1.582 Not tainted 6.11.0-rc5-syzkaller #0 [ 167.725542][ T7499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 167.729053][ T39] audit: type=1326 audit(1724640377.214:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.729898][ T7499] Call Trace: [ 167.741220][ T7499] [ 167.742501][ T39] audit: type=1326 audit(1724640377.214:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.742511][ T7499] dump_stack_lvl+0x16c/0x1f0 [ 167.752846][ T39] audit: type=1326 audit(1724640377.214:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.753985][ T7499] should_fail_ex+0x497/0x5b0 [ 167.754008][ T7499] ? fs_reclaim_acquire+0xae/0x160 [ 167.754023][ T7499] should_failslab+0xc2/0x120 [ 167.764278][ T39] audit: type=1326 audit(1724640377.234:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.765405][ T7499] __kmalloc_cache_noprof+0x6b/0x300 [ 167.765426][ T7499] ? shrinker_alloc+0xfb/0xbb0 [ 167.765444][ T7499] shrinker_alloc+0xfb/0xbb0 [ 167.767742][ T39] audit: type=1326 audit(1724640377.234:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.769498][ T7499] ? pcpu_memcg_post_alloc_hook+0x1e/0x6a0 [ 167.769517][ T7499] ? __pfx_shrinker_alloc+0x10/0x10 [ 167.769534][ T7499] ? lockdep_init_map_type+0x16d/0x7d0 [ 167.769552][ T7499] ? lockdep_init_map_type+0x16d/0x7d0 [ 167.769569][ T7499] ? __raw_spin_lock_init+0x3a/0x110 [ 167.779232][ T39] audit: type=1326 audit(1724640377.234:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.780131][ T7499] ? __init_rwsem+0x12d/0x1b0 [ 167.780152][ T7499] alloc_super+0x7cc/0xbd0 [ 167.780174][ T7499] ? __pfx_super_s_dev_test+0x10/0x10 [ 167.782330][ T39] audit: type=1326 audit(1724640377.234:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.784018][ T7499] sget_fc+0x116/0xc20 [ 167.784041][ T7499] ? __pfx_super_s_dev_set+0x10/0x10 [ 167.784060][ T7499] get_tree_bdev+0x155/0x610 [ 167.794939][ T39] audit: type=1326 audit(1724640377.234:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.795870][ T7499] ? __pfx_erofs_fc_fill_super+0x10/0x10 [ 167.795893][ T7499] ? __pfx_get_tree_bdev+0x10/0x10 [ 167.798167][ T39] audit: type=1326 audit(1724640377.254:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7494 comm="syz.2.581" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3a4579e79 code=0x7ffc0000 [ 167.800174][ T7499] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 167.800196][ T7499] ? cap_capable+0x1cf/0x240 [ 167.800215][ T7499] ? security_capable+0x98/0xd0 [ 167.800234][ T7499] vfs_get_tree+0x8f/0x380 [ 167.800248][ T7499] path_mount+0x14e6/0x1f20 [ 167.862698][ T7499] ? __pfx_path_mount+0x10/0x10 [ 167.864615][ T7499] ? putname+0x12e/0x170 [ 167.866253][ T7499] ? putname+0x12e/0x170 [ 167.867866][ T7499] __x64_sys_mount+0x294/0x320 [ 167.869724][ T7499] ? __pfx___x64_sys_mount+0x10/0x10 [ 167.871744][ T7499] do_syscall_64+0xcd/0x250 [ 167.873519][ T7499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.875834][ T7499] RIP: 0033:0x7fca9ad79e79 [ 167.877566][ T7499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.884635][ T7499] RSP: 002b:00007fca9baee038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 167.887831][ T7499] RAX: ffffffffffffffda RBX: 00007fca9af15f80 RCX: 00007fca9ad79e79 [ 167.890889][ T7499] RDX: 0000000020000900 RSI: 00000000200008c0 RDI: 0000000020000880 [ 167.893950][ T7499] RBP: 00007fca9baee090 R08: 0000000000000000 R09: 0000000000000000 [ 167.896977][ T7499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 167.900002][ T7499] R13: 0000000000000001 R14: 00007fca9af15f80 R15: 00007ffeec7b00c8 [ 167.903037][ T7499] [ 168.542208][ T7517] 9pnet_virtio: no channels available for device /dev/sr0 [ 168.769320][ T7526] input: syz0 as /devices/virtual/input/input8 [ 169.893577][ T7540] netlink: 68 bytes leftover after parsing attributes in process `syz.3.594'. [ 169.988515][ T7548] FAULT_INJECTION: forcing a failure. [ 169.988515][ T7548] name failslab, interval 1, probability 0, space 0, times 0 [ 169.994901][ T7548] CPU: 2 UID: 0 PID: 7548 Comm: syz.2.598 Not tainted 6.11.0-rc5-syzkaller #0 [ 169.998639][ T7548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 170.003262][ T7548] Call Trace: [ 170.004751][ T7548] [ 170.006025][ T7548] dump_stack_lvl+0x16c/0x1f0 [ 170.008238][ T7548] should_fail_ex+0x497/0x5b0 [ 170.010327][ T7548] ? fs_reclaim_acquire+0xae/0x160 [ 170.012507][ T7548] should_failslab+0xc2/0x120 [ 170.014522][ T7548] __kmalloc_noprof+0xcb/0x400 [ 170.016597][ T7548] ? lockdep_init_map_type+0x16d/0x7d0 [ 170.019000][ T7548] __list_lru_init+0xee/0x650 [ 170.021117][ T7548] ? __init_rwsem+0x12d/0x1b0 [ 170.022810][ T7548] alloc_super+0x8c6/0xbd0 [ 170.024516][ T7548] ? __pfx_super_s_dev_test+0x10/0x10 [ 170.026853][ T7548] sget_fc+0x116/0xc20 [ 170.028603][ T7548] ? __pfx_super_s_dev_set+0x10/0x10 [ 170.030851][ T7548] get_tree_bdev+0x155/0x610 [ 170.032801][ T7548] ? __pfx_erofs_fc_fill_super+0x10/0x10 [ 170.035197][ T7548] ? __pfx_get_tree_bdev+0x10/0x10 [ 170.037418][ T7548] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 170.039819][ T7548] ? cap_capable+0x1cf/0x240 [ 170.041810][ T7548] ? security_capable+0x98/0xd0 [ 170.044021][ T7548] vfs_get_tree+0x8f/0x380 [ 170.045945][ T7548] path_mount+0x14e6/0x1f20 [ 170.047861][ T7548] ? __pfx_path_mount+0x10/0x10 [ 170.049934][ T7548] ? putname+0x12e/0x170 [ 170.051658][ T7548] ? putname+0x12e/0x170 [ 170.053438][ T7548] __x64_sys_mount+0x294/0x320 [ 170.055432][ T7548] ? __pfx___x64_sys_mount+0x10/0x10 [ 170.057562][ T7548] do_syscall_64+0xcd/0x250 [ 170.059156][ T7548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.061297][ T7548] RIP: 0033:0x7fc3a4579e79 [ 170.062878][ T7548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.069663][ T7548] RSP: 002b:00007fc3a53a5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 170.072920][ T7548] RAX: ffffffffffffffda RBX: 00007fc3a4715f80 RCX: 00007fc3a4579e79 [ 170.075719][ T7548] RDX: 0000000020000900 RSI: 00000000200008c0 RDI: 0000000020000880 [ 170.078588][ T7548] RBP: 00007fc3a53a5090 R08: 0000000000000000 R09: 0000000000000000 [ 170.081987][ T7548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 170.084661][ T7548] R13: 0000000000000001 R14: 00007fc3a4715f80 R15: 00007ffd373f41e8 [ 170.087280][ T7548] [ 170.124626][ T7552] erofs: (device loop2): erofs_read_superblock: cannot find valid erofs superblock [ 170.125194][ T7549] IPVS: set_ctl: invalid protocol: 8 0.0.0.0:256 [ 170.820633][ T7571] netlink: 68 bytes leftover after parsing attributes in process `syz.2.606'. [ 170.944644][ T7566] ALSA: mixer_oss: invalid OSS volume '' [ 171.678209][ T7602] fuse: Bad value for 'user_id' [ 171.680757][ T7602] fuse: Bad value for 'user_id' [ 171.819843][ T7607] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 171.957686][ T7612] 9pnet_fd: Insufficient options for proto=fd [ 172.942110][ T7638] Sensor A: ================= START STATUS ================= [ 172.945152][ T7638] Sensor A: Test Pattern: 75% Colorbar [ 172.950156][ T7638] Sensor A: Show Information: All [ 172.952089][ T7638] Sensor A: Vertical Flip: false [ 172.988934][ T7638] Sensor A: Horizontal Flip: false [ 173.002675][ T7638] Sensor A: Brightness: 128 [ 173.004791][ T7638] Sensor A: Contrast: 128 [ 173.006738][ T7638] Sensor A: Hue: 0 [ 173.008439][ T7638] Sensor A: Saturation: 128 [ 173.009915][ T39] kauditd_printk_skb: 43 callbacks suppressed [ 173.009928][ T39] audit: type=1400 audit(1724640382.514:697): avc: denied { connect } for pid=7631 comm="syz.3.628" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 173.011408][ T7638] Sensor A: ================== END STATUS ================== [ 173.591858][ T7647] netlink: 68 bytes leftover after parsing attributes in process `syz.2.631'. [ 173.787792][ T39] audit: type=1400 audit(1724640383.294:698): avc: denied { read } for pid=7650 comm="syz.1.633" name="ppp" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 173.797560][ T39] audit: type=1400 audit(1724640383.304:699): avc: denied { open } for pid=7650 comm="syz.1.633" path="/dev/ppp" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 173.808944][ T39] audit: type=1400 audit(1724640383.314:700): avc: denied { listen } for pid=7650 comm="syz.1.633" laddr=::ffff:127.0.0.1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 173.883628][ T39] audit: type=1400 audit(1724640383.394:701): avc: denied { ioctl } for pid=7650 comm="syz.1.633" path="/dev/ppp" dev="devtmpfs" ino=716 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 173.947851][ T39] audit: type=1326 audit(1724640383.454:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7650 comm="syz.1.633" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca9ad79e79 code=0x0 [ 174.298933][ T58] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 174.363886][ T7674] netlink: 68 bytes leftover after parsing attributes in process `syz.2.640'. [ 174.416095][ T7676] netlink: 'syz.2.641': attribute type 1 has an invalid length. [ 174.423965][ T7676] netlink: 9388 bytes leftover after parsing attributes in process `syz.2.641'. [ 174.485027][ T39] audit: type=1400 audit(1724640383.994:703): avc: denied { shutdown } for pid=7675 comm="syz.2.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 174.494431][ T39] audit: type=1400 audit(1724640383.994:704): avc: denied { read } for pid=7675 comm="syz.2.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 174.509036][ T58] usb 5-1: Using ep0 maxpacket: 8 [ 174.513477][ T58] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 174.517400][ T58] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 174.522333][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 174.526894][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 174.531284][ T58] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 174.536771][ T58] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 174.541306][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 174.590655][ T7650] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 174.705272][ T7679] FAULT_INJECTION: forcing a failure. [ 174.705272][ T7679] name failslab, interval 1, probability 0, space 0, times 0 [ 174.710675][ T7679] CPU: 3 UID: 0 PID: 7679 Comm: syz.3.642 Not tainted 6.11.0-rc5-syzkaller #0 [ 174.715751][ T7679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 174.721793][ T7679] Call Trace: [ 174.723373][ T7679] [ 174.724801][ T7679] dump_stack_lvl+0x16c/0x1f0 [ 174.727094][ T7679] should_fail_ex+0x497/0x5b0 [ 174.728930][ T7679] ? fs_reclaim_acquire+0xae/0x160 [ 174.731268][ T7679] should_failslab+0xc2/0x120 [ 174.733351][ T7679] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 174.736272][ T7679] ? __d_alloc+0x31/0xaa0 [ 174.741547][ T7679] __d_alloc+0x31/0xaa0 [ 174.743513][ T7679] d_alloc_pseudo+0x1c/0xc0 [ 174.745591][ T7679] alloc_file_pseudo_noaccount+0xdc/0x210 [ 174.748041][ T7679] ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10 [ 174.751072][ T7679] bdev_file_open_by_dev+0x13e/0x210 [ 174.753525][ T7679] setup_bdev_super+0x39b/0x730 [ 174.755954][ T7679] get_tree_bdev+0x349/0x610 [ 174.758213][ T7679] ? __pfx_erofs_fc_fill_super+0x10/0x10 [ 174.760855][ T7679] ? __pfx_get_tree_bdev+0x10/0x10 [ 174.763006][ T7679] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 174.765242][ T7679] ? cap_capable+0x1cf/0x240 [ 174.767311][ T7679] ? security_capable+0x98/0xd0 [ 174.769784][ T7679] vfs_get_tree+0x8f/0x380 [ 174.772327][ T7679] path_mount+0x14e6/0x1f20 [ 174.774635][ T7679] ? __pfx_path_mount+0x10/0x10 [ 174.775999][ T58] usb 5-1: usb_control_msg returned -32 [ 174.776935][ T7679] ? putname+0x12e/0x170 [ 174.776959][ T7679] ? putname+0x12e/0x170 [ 174.776980][ T7679] __x64_sys_mount+0x294/0x320 [ 174.776998][ T7679] ? __pfx___x64_sys_mount+0x10/0x10 [ 174.779287][ T58] usbtmc 5-1:16.0: can't read capabilities [ 174.781002][ T7679] do_syscall_64+0xcd/0x250 [ 174.781031][ T7679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.781052][ T7679] RIP: 0033:0x7fe62d579e79 [ 174.781066][ T7679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.806486][ T7679] RSP: 002b:00007fe62e412038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 174.810083][ T7679] RAX: ffffffffffffffda RBX: 00007fe62d715f80 RCX: 00007fe62d579e79 [ 174.813654][ T7679] RDX: 0000000020000900 RSI: 00000000200008c0 RDI: 0000000020000880 [ 174.817634][ T7679] RBP: 00007fe62e412090 R08: 0000000000000000 R09: 0000000000000000 [ 174.821703][ T7679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 174.826278][ T7679] R13: 0000000000000001 R14: 00007fe62d715f80 R15: 00007ffeaaa9e548 [ 174.830233][ T7679] [ 174.837504][ T7679] /dev/loop3: Can't open blockdev [ 174.891934][ T39] audit: type=1400 audit(1724640384.404:705): avc: denied { create } for pid=7680 comm="syz.3.643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 175.040697][ C2] vkms_vblank_simulate: vblank timer overrun [ 175.197494][ T7692] infiniband syz1: set active [ 175.207160][ T7692] infiniband syz1: set active [ 175.217389][ T7692] infiniband syz1: set active [ 175.334683][ T831] usb 5-1: USB disconnect, device number 11 [ 175.519467][ T7704] netlink: 68 bytes leftover after parsing attributes in process `syz.1.649'. [ 175.693139][ T39] audit: type=1400 audit(1724640385.204:706): avc: denied { create } for pid=7707 comm="syz.1.651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 175.713963][ T7708] vxfs: WRONG superblock magic 00000000 at 1 [ 175.732051][ T7708] vxfs: WRONG superblock magic 00000000 at 8 [ 175.734825][ T7708] vxfs: can't find superblock. [ 176.195663][ T7728] overlayfs: failed to resolve './file1/file0': -2 [ 176.548224][ T7733] netlink: 68 bytes leftover after parsing attributes in process `syz.0.658'. [ 177.250285][ T8] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 177.438910][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 177.443849][ T8] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 177.447292][ T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 177.454354][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 177.460664][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 177.464750][ T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 177.474102][ T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 177.478287][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.730963][ T8] usb 5-1: usb_control_msg returned -32 [ 177.734144][ T8] usbtmc 5-1:16.0: can't read capabilities [ 178.311530][ T8] usb 5-1: USB disconnect, device number 12 [ 178.398749][ T7772] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 178.643557][ T7769] ALSA: mixer_oss: invalid OSS volume ' ' [ 179.208101][ T39] kauditd_printk_skb: 8 callbacks suppressed [ 179.208199][ T39] audit: type=1400 audit(1724640388.714:715): avc: denied { read } for pid=7786 comm="syz.3.673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 179.229735][ T58] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 179.324709][ T7787] netlink: 92 bytes leftover after parsing attributes in process `syz.3.673'. [ 179.408953][ T58] usb 6-1: Using ep0 maxpacket: 8 [ 179.413664][ T58] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 179.417288][ T58] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 179.422434][ T58] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 179.426725][ T58] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 179.431881][ T58] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 179.436997][ T58] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 179.442546][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.661661][ T58] usb 6-1: usb_control_msg returned -32 [ 179.664380][ T58] usbtmc 6-1:16.0: can't read capabilities [ 180.159902][ T7807] netlink: 400 bytes leftover after parsing attributes in process `syz.0.678'. [ 180.224942][ T58] usb 6-1: USB disconnect, device number 13 [ 180.752957][ T7812] 9pnet_fd: Insufficient options for proto=fd [ 181.030621][ T39] audit: type=1400 audit(1724640390.544:716): avc: denied { open } for pid=7815 comm="syz.2.682" path="/dev/ptyq8" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 181.351995][ T5337] Bluetooth: hci3: command 0x0405 tx timeout [ 181.670559][ T39] audit: type=1400 audit(1724640391.184:717): avc: denied { create } for pid=7835 comm="syz.3.685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 181.684938][ T39] audit: type=1400 audit(1724640391.194:718): avc: denied { getopt } for pid=7835 comm="syz.3.685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 184.400522][ T39] audit: type=1400 audit(1724640393.914:719): avc: denied { create } for pid=7906 comm="syz.2.709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 184.891318][ T39] audit: type=1400 audit(1724640394.404:720): avc: denied { create } for pid=7923 comm="syz.0.712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 185.167710][ T39] audit: type=1400 audit(1724640394.674:721): avc: denied { mount } for pid=7928 comm="syz.0.713" name="/" dev="autofs" ino=21283 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 185.181750][ T39] audit: type=1400 audit(1724640394.694:722): avc: denied { mounton } for pid=7928 comm="syz.0.713" path="/173/file1/bus" dev="autofs" ino=21285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1 [ 185.181872][ T7935] overlay: filesystem on ./file1 not supported [ 185.778274][ T7944] erofs: (device loop2): erofs_read_superblock: cannot find valid erofs superblock [ 185.904312][ T39] audit: type=1400 audit(1724640395.354:723): avc: denied { read } for pid=7945 comm="syz.2.718" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 185.914853][ T39] audit: type=1400 audit(1724640395.354:724): avc: denied { open } for pid=7945 comm="syz.2.718" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 185.927712][ T39] audit: type=1400 audit(1724640395.424:725): avc: denied { unmount } for pid=5336 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 186.030003][ T7949] netlink: 8 bytes leftover after parsing attributes in process `syz.2.718'. [ 186.053231][ T7949] netlink: 12 bytes leftover after parsing attributes in process `syz.2.718'. [ 186.065855][ T7949] geneve2: entered promiscuous mode [ 186.152058][ T7955] overlayfs: failed to resolve './file1/file0': -2 [ 186.440723][ T830] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 186.639138][ T830] usb 8-1: Using ep0 maxpacket: 8 [ 186.655485][ T830] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 186.676282][ T830] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 186.691099][ T830] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 186.694519][ T830] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 186.704312][ T830] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 186.712481][ T830] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 186.716719][ T830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.854006][ T7968] netlink: 68 bytes leftover after parsing attributes in process `syz.2.724'. [ 186.999466][ T830] usb 8-1: usb_control_msg returned -32 [ 187.004986][ T830] usbtmc 8-1:16.0: can't read capabilities [ 187.640611][ T5441] usb 8-1: USB disconnect, device number 8 [ 187.675190][ T7987] netlink: 68 bytes leftover after parsing attributes in process `syz.0.730'. [ 187.902895][ T7995] netlink: 68 bytes leftover after parsing attributes in process `syz.0.734'. [ 188.278937][ T5365] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 188.460115][ T5365] usb 6-1: Using ep0 maxpacket: 8 [ 188.464906][ T5365] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 188.468631][ T5365] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 188.473045][ T5365] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 188.478916][ T5365] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 188.483014][ T5365] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 188.488612][ T5365] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 188.492853][ T5365] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.521934][ T5441] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 188.709461][ T5441] usb 8-1: Using ep0 maxpacket: 8 [ 188.712040][ T5365] usb 6-1: usb_control_msg returned -32 [ 188.714506][ T5365] usbtmc 6-1:16.0: can't read capabilities [ 188.715600][ T5441] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 188.721273][ T5441] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 188.725392][ T5441] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 188.728470][ T5441] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 188.734543][ T5441] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 188.740161][ T5441] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 188.743727][ T5441] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.968932][ T5441] usb 8-1: usb_control_msg returned -32 [ 188.971470][ T5441] usbtmc 8-1:16.0: can't read capabilities [ 189.139035][ T8032] netlink: 68 bytes leftover after parsing attributes in process `syz.2.744'. [ 189.232346][ T8034] overlayfs: failed to resolve './file1/file0': -2 [ 189.272333][ T830] usb 6-1: USB disconnect, device number 14 [ 190.523617][ T8059] netlink: 68 bytes leftover after parsing attributes in process `syz.0.753'. [ 190.608440][ T8065] input: syz0 as /devices/virtual/input/input9 [ 191.214147][ T830] usb 8-1: USB disconnect, device number 9 [ 191.332973][ T8085] netlink: 68 bytes leftover after parsing attributes in process `syz.3.763'. [ 191.444421][ T8087] FAULT_INJECTION: forcing a failure. [ 191.444421][ T8087] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 191.452134][ T8087] CPU: 2 UID: 0 PID: 8087 Comm: syz.1.764 Not tainted 6.11.0-rc5-syzkaller #0 [ 191.456163][ T8087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 191.460537][ T8087] Call Trace: [ 191.462021][ T8087] [ 191.463364][ T8087] dump_stack_lvl+0x16c/0x1f0 [ 191.465538][ T8087] should_fail_ex+0x497/0x5b0 [ 191.467688][ T8087] _copy_to_user+0x30/0xc0 [ 191.469745][ T8087] simple_read_from_buffer+0xd0/0x160 [ 191.472177][ T8087] proc_fail_nth_read+0x19e/0x280 [ 191.474521][ T8087] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 191.477165][ T8087] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 191.479670][ T8087] vfs_read+0x1d4/0xbd0 [ 191.481673][ T8087] ? __fdget_pos+0xeb/0x180 [ 191.484051][ T8087] ? __pfx_vfs_read+0x10/0x10 [ 191.486072][ T8087] ? __pfx___mutex_lock+0x10/0x10 [ 191.488312][ T8087] ? __fget_files+0x256/0x400 [ 191.490439][ T8087] ksys_read+0x12f/0x260 [ 191.492016][ T8087] ? __pfx_ksys_read+0x10/0x10 [ 191.493892][ T8087] do_syscall_64+0xcd/0x250 [ 191.495536][ T8087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.497646][ T8087] RIP: 0033:0x7fca9ad788bc [ 191.499290][ T8087] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 191.506670][ T8087] RSP: 002b:00007fca9baee030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 191.509882][ T8087] RAX: ffffffffffffffda RBX: 00007fca9af15f80 RCX: 00007fca9ad788bc [ 191.513259][ T8087] RDX: 000000000000000f RSI: 00007fca9baee0a0 RDI: 0000000000000006 [ 191.517380][ T8087] RBP: 00007fca9baee090 R08: 0000000000000000 R09: 0000000000000000 [ 191.523379][ T8087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 191.527135][ T8087] R13: 0000000000000000 R14: 00007fca9af15f80 R15: 00007ffeec7b00c8 [ 191.530916][ T8087] [ 191.668618][ T8099] syzkaller1: entered promiscuous mode [ 191.671585][ T8099] syzkaller1: entered allmulticast mode [ 191.678133][ T39] audit: type=1400 audit(1724640401.184:726): avc: denied { relabelfrom } for pid=8096 comm="syz.3.767" name="" dev="pipefs" ino=19369 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 192.024039][ T8108] overlay: filesystem on ./file1 not supported [ 192.094760][ T8111] input: syz0 as /devices/virtual/input/input10 [ 192.687265][ T39] audit: type=1400 audit(1724640402.194:727): avc: denied { read } for pid=8126 comm="syz.1.776" path="socket:[23073]" dev="sockfs" ino=23073 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 192.697886][ T8127] netlink: 20 bytes leftover after parsing attributes in process `syz.1.776'. [ 192.739409][ T8127] netlink: 20 bytes leftover after parsing attributes in process `syz.1.776'. [ 192.880057][ T5370] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 193.068886][ T5370] usb 7-1: Using ep0 maxpacket: 8 [ 193.072512][ T5370] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 193.076129][ T5370] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 193.085201][ T5370] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 193.090507][ T5370] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 193.096042][ T5370] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 193.105511][ T5370] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 193.114754][ T5370] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.337099][ T5370] usb 7-1: usb_control_msg returned -32 [ 193.339954][ T5370] usbtmc 7-1:16.0: can't read capabilities [ 193.978882][ T5388] usb 7-1: USB disconnect, device number 10 [ 194.472951][ T8155] input: syz0 as /devices/virtual/input/input11 [ 194.656561][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.759159][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.529523][ T5388] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 195.676227][ T8177] netlink: 191384 bytes leftover after parsing attributes in process `syz.0.791'. [ 195.686874][ T8177] netlink: 8438 bytes leftover after parsing attributes in process `syz.0.791'. [ 195.738977][ T5388] usb 8-1: Using ep0 maxpacket: 8 [ 195.743887][ T5388] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 195.757342][ T5388] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 195.772884][ T5388] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 195.777189][ T5388] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 195.782535][ T5388] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 195.786981][ T8174] syzkaller1: entered promiscuous mode [ 195.788706][ T5388] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 195.791700][ T8174] syzkaller1: entered allmulticast mode [ 195.814718][ T5388] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.089747][ T5388] usb 8-1: usb_control_msg returned -32 [ 196.092126][ T5388] usbtmc 8-1:16.0: can't read capabilities [ 196.316903][ T8193] input: syz0 as /devices/virtual/input/input12 [ 196.621785][ T5368] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 196.667030][ T5388] usb 8-1: USB disconnect, device number 10 [ 196.808913][ T5368] usb 7-1: Using ep0 maxpacket: 8 [ 196.843895][ T5368] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 196.847372][ T5368] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 196.852964][ T5368] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 196.857216][ T5368] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 196.863469][ T5368] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 196.875117][ T5368] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 196.885165][ T5368] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.112046][ T5368] usb 7-1: usb_control_msg returned -32 [ 197.115002][ T5368] usbtmc 7-1:16.0: can't read capabilities [ 197.137868][ T8206] FAULT_INJECTION: forcing a failure. [ 197.137868][ T8206] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 197.144666][ T8206] CPU: 1 UID: 0 PID: 8206 Comm: syz.0.800 Not tainted 6.11.0-rc5-syzkaller #0 [ 197.148222][ T8206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 197.152947][ T8206] Call Trace: [ 197.154570][ T8206] [ 197.155851][ T8206] dump_stack_lvl+0x16c/0x1f0 [ 197.157978][ T8206] should_fail_ex+0x497/0x5b0 [ 197.160053][ T8206] _copy_from_user+0x30/0xf0 [ 197.161991][ T8206] kstrtouint_from_user+0xd7/0x1c0 [ 197.163981][ T8206] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 197.166115][ T8206] ? __pfx_lock_acquire+0x10/0x10 [ 197.168180][ T8206] proc_fail_nth_write+0x84/0x260 [ 197.170512][ T8206] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 197.173474][ T8206] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 197.176056][ T8206] vfs_write+0x29a/0x1140 [ 197.177816][ T8206] ? __fdget_pos+0xeb/0x180 [ 197.179483][ T8206] ? __pfx_vfs_write+0x10/0x10 [ 197.181530][ T8206] ? __pfx___mutex_lock+0x10/0x10 [ 197.183724][ T8206] ? __fget_files+0x256/0x400 [ 197.185701][ T8206] ksys_write+0x12f/0x260 [ 197.187807][ T8206] ? __pfx_ksys_write+0x10/0x10 [ 197.189910][ T8206] do_syscall_64+0xcd/0x250 [ 197.192212][ T8206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.194954][ T8206] RIP: 0033:0x7f3c23d7895f [ 197.196878][ T8206] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 197.205104][ T8206] RSP: 002b:00007f3c24a9b030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 197.208205][ T8206] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3c23d7895f [ 197.211205][ T8206] RDX: 0000000000000001 RSI: 00007f3c24a9b0a0 RDI: 0000000000000003 [ 197.214256][ T8206] RBP: 00007f3c24a9b090 R08: 0000000000000000 R09: 0000000000000000 [ 197.219156][ T8206] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 197.223372][ T8206] R13: 0000000000000001 R14: 00007f3c23f15f80 R15: 00007fff7b689928 [ 197.226761][ T8206] [ 197.254901][ T39] audit: type=1400 audit(1724640406.764:728): avc: denied { getopt } for pid=8207 comm="syz.3.802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 197.269329][ T39] audit: type=1400 audit(1724640406.774:729): avc: denied { mount } for pid=8210 comm="syz.1.804" name="/" dev="pstore" ino=5282 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 197.653221][ T39] audit: type=1400 audit(1724640407.164:730): avc: denied { unmount } for pid=5331 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 197.677499][ T5388] usb 7-1: USB disconnect, device number 11 [ 198.341012][ T8244] netlink: 68 bytes leftover after parsing attributes in process `syz.0.820'. [ 199.040021][ T39] audit: type=1326 audit(1724640408.554:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8263 comm="syz.1.818" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca9ad79e79 code=0x0 [ 199.327148][ T39] audit: type=1400 audit(1724640408.834:732): avc: denied { create } for pid=8276 comm="syz.3.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 199.514240][ T8285] netlink: 68 bytes leftover after parsing attributes in process `syz.3.825'. [ 199.544984][ T39] audit: type=1400 audit(1724640409.054:733): avc: denied { getopt } for pid=8286 comm="syz.2.826" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 199.896709][ T8303] netlink: 20 bytes leftover after parsing attributes in process `syz.2.832'. [ 199.902742][ T8303] netlink: 20 bytes leftover after parsing attributes in process `syz.2.832'. [ 200.007431][ T8312] netlink: 68 bytes leftover after parsing attributes in process `syz.1.835'. [ 200.738673][ T39] audit: type=1400 audit(1724640410.244:734): avc: denied { ioctl } for pid=8325 comm="syz.1.839" path="/dev/ptyq7" dev="devtmpfs" ino=136 ioctlcmd=0x5424 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 200.965840][ T5339] Bluetooth: hci0: link tx timeout [ 200.968518][ T5339] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 201.119017][ T5368] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 201.239020][ T1288] usb 7-1: new full-speed USB device number 12 using dummy_hcd [ 201.299049][ T5368] usb 5-1: Using ep0 maxpacket: 8 [ 201.320566][ T5368] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 201.328901][ T5368] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 201.332661][ T5368] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 201.336377][ T5368] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 201.346031][ T5368] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 201.356509][ T5368] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 201.366671][ T5368] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.398900][ T1288] usb 7-1: device descriptor read/64, error -71 [ 201.467447][ T39] audit: type=1400 audit(1724640410.974:735): avc: denied { bind } for pid=8349 comm="syz.1.848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 201.475658][ T39] audit: type=1400 audit(1724640410.974:736): avc: denied { node_bind } for pid=8349 comm="syz.1.848" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 201.593480][ T5368] usb 5-1: usb_control_msg returned -32 [ 201.596965][ T5368] usbtmc 5-1:16.0: can't read capabilities [ 201.698977][ T1288] usb 7-1: new full-speed USB device number 13 using dummy_hcd [ 201.748911][ T831] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 201.859122][ T1288] usb 7-1: device descriptor read/64, error -71 [ 201.948863][ T831] usb 6-1: Using ep0 maxpacket: 32 [ 201.955840][ T831] usb 6-1: unable to get BOS descriptor or descriptor too short [ 201.967534][ T831] usb 6-1: config 1 interface 0 altsetting 167 bulk endpoint 0x3 has invalid maxpacket 1024 [ 201.972465][ T831] usb 6-1: config 1 interface 0 has no altsetting 0 [ 201.977755][ T831] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 201.981880][ T831] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.985692][ T831] usb 6-1: Product: syz [ 201.987569][ T831] usb 6-1: Manufacturer: syz [ 201.989115][ T1288] usb usb7-port1: attempt power cycle [ 201.989582][ T831] usb 6-1: SerialNumber: syz [ 202.000196][ T8353] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 202.155128][ T5388] usb 5-1: USB disconnect, device number 13 [ 202.216858][ T39] audit: type=1400 audit(1724640411.724:737): avc: denied { getopt } for pid=8349 comm="syz.1.848" laddr=::1 lport=59757 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 202.409128][ T1288] usb 7-1: new full-speed USB device number 14 using dummy_hcd [ 202.439478][ T1288] usb 7-1: device descriptor read/8, error -71 [ 202.708976][ T1288] usb 7-1: new full-speed USB device number 15 using dummy_hcd [ 202.744396][ T1288] usb 7-1: device descriptor read/8, error -71 [ 202.859395][ T1288] usb usb7-port1: unable to enumerate USB device [ 202.961202][ T39] audit: type=1400 audit(1724640412.474:738): avc: denied { read } for pid=8384 comm="syz.1.857" lport=17 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 203.046983][ T831] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 203.049030][ T5337] Bluetooth: hci0: command 0x0405 tx timeout [ 203.063672][ T831] usb 6-1: USB disconnect, device number 15 [ 203.148869][ T8] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 203.349613][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 203.362827][ T8] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 203.369037][ T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 203.376815][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 203.381401][ T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 203.385739][ T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 203.400095][ T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 203.404187][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.624284][ T8] usb 5-1: usb_control_msg returned -32 [ 203.627326][ T8] usbtmc 5-1:16.0: can't read capabilities [ 203.788935][ T5441] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 203.979487][ T5441] usb 6-1: Using ep0 maxpacket: 8 [ 203.983808][ T5441] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 203.987317][ T5441] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 203.991961][ T5441] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 203.996355][ T5441] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 204.000770][ T5441] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 204.005812][ T5441] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 204.010445][ T5441] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.186568][ T8] usb 5-1: USB disconnect, device number 14 [ 204.241626][ T5441] usb 6-1: usb_control_msg returned -32 [ 204.244155][ T5441] usbtmc 6-1:16.0: can't read capabilities [ 204.305823][ T8425] netlink: 76 bytes leftover after parsing attributes in process `syz.2.871'. [ 204.320433][ T8425] : entered promiscuous mode [ 204.326960][ T8425] netlink: 76 bytes leftover after parsing attributes in process `syz.2.871'. [ 204.332294][ T8425] openvswitch: : Dropping previously announced user features [ 204.343372][ T8425] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8425 comm=syz.2.871 [ 204.784792][ T39] audit: type=1400 audit(1724640414.294:739): avc: denied { mounton } for pid=8435 comm="syz.2.875" path="/proc/476/task" dev="proc" ino=24191 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 204.795307][ T39] audit: type=1400 audit(1724640414.294:740): avc: denied { mount } for pid=8435 comm="syz.2.875" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 204.797870][ T5368] usb 6-1: USB disconnect, device number 16 [ 204.798928][ T8436] Bluetooth: MGMT ver 1.23 [ 204.909988][ T8443] tun0: tun_chr_ioctl cmd 1074025675 [ 204.913584][ T8443] tun0: persist enabled [ 204.915665][ T8443] tun0: tun_chr_ioctl cmd 1074025675 [ 204.917937][ T8443] tun0: persist disabled [ 204.927707][ T8443] netlink: 'syz.2.878': attribute type 3 has an invalid length. [ 204.937176][ T8443] netlink: 224 bytes leftover after parsing attributes in process `syz.2.878'. [ 204.998301][ T8446] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=8446 comm=syz.0.879 [ 205.085795][ T39] audit: type=1400 audit(1724640414.594:741): avc: denied { map } for pid=8449 comm="syz.3.880" path="socket:[25291]" dev="sockfs" ino=25291 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 205.147779][ T8455] veth1_to_bridge: entered allmulticast mode [ 205.158239][ T39] audit: type=1326 audit(1724640414.664:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8456 comm="syz.0.884" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c23d79e79 code=0x7ffc0000 [ 205.167843][ T39] audit: type=1326 audit(1724640414.674:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8456 comm="syz.0.884" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c23d79e79 code=0x7ffc0000 [ 205.178324][ T39] audit: type=1326 audit(1724640414.674:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8456 comm="syz.0.884" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f3c23d79e79 code=0x7ffc0000 [ 205.189329][ T39] audit: type=1326 audit(1724640414.674:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8456 comm="syz.0.884" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c23d79e79 code=0x7ffc0000 [ 205.200452][ T39] audit: type=1326 audit(1724640414.674:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8456 comm="syz.0.884" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c23d79e79 code=0x7ffc0000 [ 205.210138][ T39] audit: type=1326 audit(1724640414.674:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8456 comm="syz.0.884" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c23d79e79 code=0x7ffc0000 [ 206.399293][ T8483] netlink: 68 bytes leftover after parsing attributes in process `syz.1.892'. [ 206.465059][ T8487] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=8487 comm=syz.3.893 [ 206.995075][ T8509] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 207.162334][ T8513] netlink: 68 bytes leftover after parsing attributes in process `syz.2.903'. [ 207.556134][ T8533] netlink: 60 bytes leftover after parsing attributes in process `syz.3.909'. [ 208.145651][ T8547] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=24694 sclass=netlink_route_socket pid=8547 comm=syz.0.912 [ 208.149422][ T5339] Bluetooth: hci0: command 0x0405 tx timeout [ 208.316487][ T8553] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=8553 comm=syz.0.916 [ 208.619557][ T8569] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 208.677484][ T39] kauditd_printk_skb: 50 callbacks suppressed [ 208.677506][ T39] audit: type=1400 audit(1724640676.184:798): avc: denied { read } for pid=8570 comm="syz.0.924" dev="sockfs" ino=25404 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 208.785082][ T39] audit: type=1400 audit(1724640676.294:799): avc: denied { getopt } for pid=8590 comm="syz.3.931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 208.867905][ T8604] netlink: 68 bytes leftover after parsing attributes in process `syz.1.936'. [ 208.971054][ T8607] netlink: 68 bytes leftover after parsing attributes in process `syz.2.937'. [ 209.122610][ T8616] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=40566 sclass=netlink_route_socket pid=8616 comm=syz.2.940 [ 209.240250][ T8622] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 209.485928][ T39] audit: type=1400 audit(1724640676.994:800): avc: denied { setopt } for pid=8623 comm="syz.1.942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 209.498910][ T39] audit: type=1400 audit(1724640676.994:801): avc: denied { bind } for pid=8623 comm="syz.1.942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 209.538902][ T5368] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 209.749025][ T5368] usb 7-1: Using ep0 maxpacket: 8 [ 209.753540][ T5368] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 209.757340][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 209.763641][ T5368] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 209.809107][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 209.814213][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 209.829822][ T5368] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 209.833672][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 209.849804][ T5368] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 209.860359][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 209.865610][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 209.881909][ T5368] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 209.885100][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 209.890164][ T5368] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 209.895081][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 209.899858][ T5368] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 209.908078][ T5368] usb 7-1: string descriptor 0 read error: -22 [ 209.913670][ T5368] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 209.917761][ T5368] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 209.940324][ T5368] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 210.228999][ T5339] Bluetooth: hci0: command 0x0405 tx timeout [ 210.264780][ T5370] usb 7-1: USB disconnect, device number 16 [ 210.349155][ T5441] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 210.579045][ T5441] usb 6-1: Using ep0 maxpacket: 8 [ 210.586569][ T5441] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 210.591142][ T5441] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 210.595438][ T5441] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 210.600420][ T5441] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 210.605788][ T5441] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 210.611209][ T5441] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 210.616459][ T5441] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.875559][ T5441] usb 6-1: usb_control_msg returned -32 [ 210.878194][ T5441] usbtmc 6-1:16.0: can't read capabilities [ 211.133175][ T8674] CIFS: VFS: Malformed UNC in devname [ 211.255162][ T39] audit: type=1400 audit(1724640678.764:802): avc: denied { create } for pid=8683 comm="syz.3.963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 211.266956][ T8684] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 211.270794][ T5441] IPVS: starting estimator thread 0... [ 211.273066][ T8686] netlink: 68 bytes leftover after parsing attributes in process `syz.0.964'. [ 211.286254][ T8684] netlink: 56 bytes leftover after parsing attributes in process `syz.3.963'. [ 211.345670][ T8689] netlink: 68 bytes leftover after parsing attributes in process `syz.0.965'. [ 211.360859][ T8687] IPVS: using max 22 ests per chain, 52800 per kthread [ 211.462158][ T8700] netlink: 8 bytes leftover after parsing attributes in process `syz.2.969'. [ 211.463285][ T4785] usb 6-1: USB disconnect, device number 17 [ 211.468700][ T8700] macvlan0: entered promiscuous mode [ 211.472835][ T8700] macvlan0: entered allmulticast mode [ 211.627315][ T8717] netlink: 68 bytes leftover after parsing attributes in process `syz.2.973'. [ 211.721548][ T8719] overlayfs: failed to create directory ./file1/work (errno: 1); mounting read-only [ 211.724561][ T8732] FAULT_INJECTION: forcing a failure. [ 211.724561][ T8732] name failslab, interval 1, probability 0, space 0, times 0 [ 211.726610][ T8719] overlayfs: conflicting lowerdir path [ 211.746819][ T8732] CPU: 0 UID: 0 PID: 8732 Comm: syz.2.979 Not tainted 6.11.0-rc5-syzkaller #0 [ 211.750741][ T8732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 211.755371][ T8732] Call Trace: [ 211.756930][ T8732] [ 211.758249][ T8732] dump_stack_lvl+0x16c/0x1f0 [ 211.760243][ T8732] should_fail_ex+0x497/0x5b0 [ 211.762179][ T8732] ? fs_reclaim_acquire+0xae/0x160 [ 211.764460][ T8732] should_failslab+0xc2/0x120 [ 211.766543][ T8732] kmem_cache_alloc_node_noprof+0x71/0x310 [ 211.769168][ T8732] ? __alloc_skb+0x2b1/0x380 [ 211.771135][ T8732] __alloc_skb+0x2b1/0x380 [ 211.773096][ T8732] ? __pfx___alloc_skb+0x10/0x10 [ 211.775268][ T8732] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 211.777876][ T8732] netlink_alloc_large_skb+0x69/0x130 [ 211.780180][ T8732] netlink_sendmsg+0x689/0xd70 [ 211.782293][ T8732] ? __pfx_netlink_sendmsg+0x10/0x10 [ 211.784651][ T8732] ? __import_iovec+0x1fd/0x6e0 [ 211.786838][ T8732] ____sys_sendmsg+0xab5/0xc90 [ 211.789011][ T8732] ? copy_msghdr_from_user+0x10b/0x160 [ 211.791571][ T8732] ? __pfx_____sys_sendmsg+0x10/0x10 [ 211.793811][ T8732] ? find_held_lock+0x2d/0x110 [ 211.796094][ T8732] ? __pfx___lock_acquire+0x10/0x10 [ 211.798707][ T8732] ___sys_sendmsg+0x135/0x1e0 [ 211.801064][ T8732] ? __pfx____sys_sendmsg+0x10/0x10 [ 211.803367][ T8732] ? ksys_write+0x21c/0x260 [ 211.805292][ T8732] ? __fget_light+0x173/0x210 [ 211.807204][ T8732] __sys_sendmsg+0x117/0x1f0 [ 211.809485][ T8732] ? __pfx___sys_sendmsg+0x10/0x10 [ 211.811870][ T8732] do_syscall_64+0xcd/0x250 [ 211.813794][ T8732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.816605][ T8732] RIP: 0033:0x7fc3a4579e79 [ 211.818784][ T8732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.826551][ T8732] RSP: 002b:00007fc3a53a5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 211.829762][ T8732] RAX: ffffffffffffffda RBX: 00007fc3a4715f80 RCX: 00007fc3a4579e79 [ 211.833236][ T8732] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000005 [ 211.837210][ T8732] RBP: 00007fc3a53a5090 R08: 0000000000000000 R09: 0000000000000000 [ 211.840883][ T8732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 211.845106][ T8732] R13: 0000000000000000 R14: 00007fc3a4715f80 R15: 00007ffd373f41e8 [ 211.848691][ T8732] [ 212.048172][ T8755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61558 sclass=netlink_route_socket pid=8755 comm=syz.2.989 [ 212.049898][ T39] audit: type=1400 audit(1724640679.564:803): avc: denied { setopt } for pid=8754 comm="syz.3.990" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 212.051015][ T8750] netlink: 68 bytes leftover after parsing attributes in process `syz.0.986'. [ 212.245255][ T39] audit: type=1400 audit(1724640679.744:804): avc: denied { ioctl } for pid=8773 comm="syz.2.997" path="/dev/nullb0" dev="devtmpfs" ino=693 ioctlcmd=0x5429 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 212.262110][ T39] audit: type=1400 audit(1724640679.754:805): avc: denied { listen } for pid=8770 comm="syz.0.995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 212.294993][ T39] audit: type=1400 audit(1724640679.754:806): avc: denied { setopt } for pid=8770 comm="syz.0.995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 212.319244][ T5339] Bluetooth: hci0: command 0x0405 tx timeout [ 212.459707][ T39] audit: type=1400 audit(1724640679.974:807): avc: denied { name_connect } for pid=8789 comm="syz.2.1000" dest=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=sctp_socket permissive=1 [ 212.586313][ T8797] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1002'. [ 212.638028][ T8804] input: syz0 as /devices/virtual/input/input13 [ 213.156120][ T8790] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 213.162954][ T8790] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 213.180536][ T8790] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 213.184005][ T8790] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 213.626318][ T8790] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 213.629215][ T8790] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 213.876476][ T8846] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1013'. [ 213.909581][ T830] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 214.099265][ T830] usb 6-1: Using ep0 maxpacket: 8 [ 214.109144][ T830] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 214.112614][ T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 214.146409][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 214.150908][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 214.156354][ T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 214.162258][ T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 214.166378][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.219285][ T8] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 214.231266][ T8877] input: syz1 as /devices/virtual/input/input14 [ 214.377385][ T830] usb 6-1: usb_control_msg returned -32 [ 214.380717][ T830] usbtmc 6-1:16.0: can't read capabilities [ 214.429160][ T8] usb 8-1: Using ep0 maxpacket: 32 [ 214.436921][ T8] usb 8-1: unable to get BOS descriptor or descriptor too short [ 214.443318][ T8] usb 8-1: config 1 interface 0 altsetting 167 bulk endpoint 0x3 has invalid maxpacket 1024 [ 214.447756][ T8] usb 8-1: config 1 interface 0 has no altsetting 0 [ 214.456484][ T8] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 214.460628][ T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.464070][ T8] usb 8-1: Product: syz [ 214.465921][ T8] usb 8-1: Manufacturer: syz [ 214.467878][ T8] usb 8-1: SerialNumber: syz [ 214.479922][ T8848] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 214.934185][ T4785] usb 6-1: USB disconnect, device number 18 [ 215.023387][ T8887] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1023'. [ 215.204499][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 215.204514][ T39] audit: type=1400 audit(1724640682.714:818): avc: denied { read } for pid=8890 comm="syz.2.1025" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 215.220546][ T39] audit: type=1400 audit(1724640682.714:819): avc: denied { open } for pid=8890 comm="syz.2.1025" path="/dev/ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 215.230160][ T39] audit: type=1400 audit(1724640682.724:820): avc: denied { read } for pid=8890 comm="syz.2.1025" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 215.239649][ T39] audit: type=1400 audit(1724640682.724:821): avc: denied { open } for pid=8890 comm="syz.2.1025" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 215.281896][ T39] audit: type=1400 audit(1724640682.794:822): avc: denied { bind } for pid=8890 comm="syz.2.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 215.290461][ T39] audit: type=1400 audit(1724640682.794:823): avc: denied { name_bind } for pid=8890 comm="syz.2.1025" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 215.303723][ T39] audit: type=1400 audit(1724640682.794:824): avc: denied { node_bind } for pid=8890 comm="syz.2.1025" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 215.330272][ T39] audit: type=1400 audit(1724640682.794:825): avc: denied { ioctl } for pid=8890 comm="syz.2.1025" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 215.339048][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 215.342296][ T39] audit: type=1400 audit(1724640682.794:826): avc: denied { set_context_mgr } for pid=8890 comm="syz.2.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 215.353246][ T39] audit: type=1400 audit(1724640682.834:827): avc: denied { ioctl } for pid=8890 comm="syz.2.1025" path="/dev/fuse" dev="devtmpfs" ino=105 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 215.597316][ T8] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71 [ 215.607754][ T8900] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1029'. [ 215.611520][ T8] usb 8-1: USB disconnect, device number 11 [ 215.643245][ T8900] syzkaller1: entered promiscuous mode [ 215.645469][ T8900] syzkaller1: entered allmulticast mode [ 215.658845][ T8900] team0: entered promiscuous mode [ 215.661243][ T8900] team_slave_0: entered promiscuous mode [ 215.664104][ T8900] team_slave_1: entered promiscuous mode [ 215.667134][ T8900] team0: left promiscuous mode [ 215.669669][ T8900] team_slave_0: left promiscuous mode [ 215.676274][ T8900] team_slave_1: left promiscuous mode [ 216.248994][ T4785] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 216.438994][ T4785] usb 6-1: Using ep0 maxpacket: 32 [ 216.444529][ T4785] usb 6-1: unable to get BOS descriptor or descriptor too short [ 216.449590][ T4785] usb 6-1: config 1 interface 0 altsetting 167 bulk endpoint 0x3 has invalid maxpacket 1024 [ 216.454112][ T4785] usb 6-1: config 1 interface 0 has no altsetting 0 [ 216.460556][ T4785] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 216.464691][ T4785] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.468389][ T4785] usb 6-1: Product: syz [ 216.470770][ T4785] usb 6-1: Manufacturer: syz [ 216.473118][ T4785] usb 6-1: SerialNumber: syz [ 216.479208][ T8917] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 216.779568][ T8929] __nla_validate_parse: 1 callbacks suppressed [ 216.779584][ T8929] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1041'. [ 216.865958][ T8931] FAULT_INJECTION: forcing a failure. [ 216.865958][ T8931] name failslab, interval 1, probability 0, space 0, times 0 [ 216.871343][ T8931] CPU: 1 UID: 0 PID: 8931 Comm: syz.3.1042 Not tainted 6.11.0-rc5-syzkaller #0 [ 216.875273][ T8931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 216.879767][ T8931] Call Trace: [ 216.881236][ T8931] [ 216.882517][ T8931] dump_stack_lvl+0x16c/0x1f0 [ 216.884587][ T8931] should_fail_ex+0x497/0x5b0 [ 216.886579][ T8931] ? fs_reclaim_acquire+0xae/0x160 [ 216.888770][ T8931] should_failslab+0xc2/0x120 [ 216.890811][ T8931] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 216.893126][ T8931] ? alloc_empty_file+0x73/0x1e0 [ 216.895272][ T8931] ? __lock_acquire+0xbdd/0x3cb0 [ 216.897475][ T8931] alloc_empty_file+0x73/0x1e0 [ 216.899556][ T8931] path_openat+0xe0/0x2d20 [ 216.901500][ T8931] ? hlock_class+0x4e/0x130 [ 216.903448][ T8931] ? __lock_acquire+0x1620/0x3cb0 [ 216.905633][ T8931] ? __pfx_path_openat+0x10/0x10 [ 216.907662][ T8931] ? __pfx___lock_acquire+0x10/0x10 [ 216.909916][ T8931] ? find_held_lock+0x2d/0x110 [ 216.911883][ T8931] do_filp_open+0x1dc/0x430 [ 216.913833][ T8931] ? __pfx_do_filp_open+0x10/0x10 [ 216.915960][ T8931] ? find_held_lock+0x2d/0x110 [ 216.917969][ T8931] ? _raw_spin_unlock+0x28/0x50 [ 216.919967][ T8931] ? alloc_fd+0x2d7/0x6c0 [ 216.921575][ T8931] do_sys_openat2+0x17a/0x1e0 [ 216.923474][ T8931] ? __pfx_do_sys_openat2+0x10/0x10 [ 216.925700][ T8931] __x64_sys_openat+0x175/0x210 [ 216.927720][ T8931] ? __pfx___x64_sys_openat+0x10/0x10 [ 216.929864][ T8931] ? ksys_write+0x1ab/0x260 [ 216.931579][ T8931] do_syscall_64+0xcd/0x250 [ 216.933546][ T8931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.935888][ T8931] RIP: 0033:0x7fe62d579e79 [ 216.937627][ T8931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.945431][ T8931] RSP: 002b:00007fe62e412038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 216.948648][ T8931] RAX: ffffffffffffffda RBX: 00007fe62d715f80 RCX: 00007fe62d579e79 [ 216.951893][ T8931] RDX: 0000000000000000 RSI: 0000000020000100 RDI: ffffffffffffff9c [ 216.955181][ T8931] RBP: 00007fe62e412090 R08: 0000000000000000 R09: 0000000000000000 [ 216.958399][ T8931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 216.961776][ T8931] R13: 0000000000000000 R14: 00007fe62d715f80 R15: 00007ffeaaa9e548 [ 216.965099][ T8931] [ 217.114288][ T8937] input: syz0 as /devices/virtual/input/input15 [ 217.357602][ T5337] Bluetooth: hci4: command 0x1003 tx timeout [ 217.359218][ T5339] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 217.990270][ T8952] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1050'. [ 218.377642][ T8957] netlink: 'syz.0.1052': attribute type 14 has an invalid length. [ 218.420975][ T4785] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 218.430291][ T4785] usb 6-1: USB disconnect, device number 19 [ 218.740271][ T5368] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 218.925273][ T5368] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 218.930059][ T5368] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 218.939238][ T5368] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 218.949409][ T5368] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.966279][ T5368] usb 8-1: config 0 descriptor?? [ 219.082196][ T8975] input: syz0 as /devices/virtual/input/input16 [ 219.688865][ T5368] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 219.703994][ T5368] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 219.763026][ T5368] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 220.081399][ T6212] usb 8-1: USB disconnect, device number 12 [ 220.677833][ T8980] tmpfs: Unknown parameter '01777777777777777777777' [ 220.726788][ T39] kauditd_printk_skb: 11 callbacks suppressed [ 220.726803][ T39] audit: type=1400 audit(1724640688.234:839): avc: denied { connect } for pid=8979 comm="syz.2.1059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 220.797080][ T39] audit: type=1400 audit(1724640688.304:840): avc: denied { setopt } for pid=8979 comm="syz.2.1059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 220.810582][ T39] audit: type=1400 audit(1724640688.324:841): avc: denied { write } for pid=4805 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 220.818694][ T39] audit: type=1400 audit(1724640688.324:842): avc: denied { remove_name } for pid=4805 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 220.828751][ T39] audit: type=1400 audit(1724640688.324:843): avc: denied { rename } for pid=4805 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 220.848128][ T39] audit: type=1400 audit(1724640688.324:844): avc: denied { add_name } for pid=4805 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 220.857813][ T39] audit: type=1400 audit(1724640688.324:845): avc: denied { unlink } for pid=4805 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 220.867527][ T39] audit: type=1400 audit(1724640688.324:846): avc: denied { create } for pid=4805 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 220.867762][ T8980] netlink: 'syz.2.1059': attribute type 10 has an invalid length. [ 220.902047][ T8980] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 221.270331][ T1288] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 221.314712][ T39] audit: type=1400 audit(1724640688.824:847): avc: denied { read } for pid=8988 comm="syz.0.1063" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 221.326849][ T39] audit: type=1400 audit(1724640688.824:848): avc: denied { open } for pid=8988 comm="syz.0.1063" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 221.362343][ T8991] FAULT_INJECTION: forcing a failure. [ 221.362343][ T8991] name failslab, interval 1, probability 0, space 0, times 0 [ 221.369466][ T8991] CPU: 3 UID: 0 PID: 8991 Comm: syz.1.1061 Not tainted 6.11.0-rc5-syzkaller #0 [ 221.373238][ T8991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.377811][ T8991] Call Trace: [ 221.379033][ T8995] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.1063'. [ 221.379163][ T8991] [ 221.383612][ T8991] dump_stack_lvl+0x16c/0x1f0 [ 221.385453][ T8991] should_fail_ex+0x497/0x5b0 [ 221.387019][ T8991] should_failslab+0xc2/0x120 [ 221.388680][ T8991] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 221.390924][ T8991] ? skb_clone+0x190/0x3f0 [ 221.392690][ T8991] skb_clone+0x190/0x3f0 [ 221.394123][ T8991] dev_queue_xmit_nit+0x38f/0xba0 [ 221.395864][ T8991] dev_hard_start_xmit+0x56/0x790 [ 221.397684][ T8991] ? __kasan_slab_alloc+0x89/0x90 [ 221.399883][ T8991] __dev_queue_xmit+0x7c7/0x4300 [ 221.402077][ T8991] ? __pfx___dev_queue_xmit+0x10/0x10 [ 221.404505][ T8991] ? __asan_memcpy+0x3c/0x60 [ 221.406567][ T8991] ? __asan_memcpy+0x3c/0x60 [ 221.408618][ T8991] ? __skb_clone+0x570/0x760 [ 221.410700][ T8991] netlink_deliver_tap+0xa7d/0xd90 [ 221.412923][ T8991] netlink_unicast+0x5e1/0x7f0 [ 221.415037][ T8991] ? __pfx_netlink_unicast+0x10/0x10 [ 221.417359][ T8991] netlink_sendmsg+0x8b8/0xd70 [ 221.419299][ T8991] ? __pfx_netlink_sendmsg+0x10/0x10 [ 221.421263][ T8991] ? __import_iovec+0x1fd/0x6e0 [ 221.423420][ T8991] ____sys_sendmsg+0xab5/0xc90 [ 221.425523][ T8991] ? copy_msghdr_from_user+0x10b/0x160 [ 221.427876][ T8991] ? __pfx_____sys_sendmsg+0x10/0x10 [ 221.430206][ T8991] ? find_held_lock+0x2d/0x110 [ 221.432224][ T8991] ? __pfx___lock_acquire+0x10/0x10 [ 221.434555][ T8991] ___sys_sendmsg+0x135/0x1e0 [ 221.436630][ T8991] ? __pfx____sys_sendmsg+0x10/0x10 [ 221.438892][ T8991] ? ksys_write+0x21c/0x260 [ 221.440765][ T8991] ? __fget_light+0x173/0x210 [ 221.442806][ T8991] __sys_sendmsg+0x117/0x1f0 [ 221.444845][ T8991] ? __pfx___sys_sendmsg+0x10/0x10 [ 221.447054][ T8991] do_syscall_64+0xcd/0x250 [ 221.449003][ T8991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.451410][ T8991] RIP: 0033:0x7fca9ad79e79 [ 221.453399][ T8991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.461706][ T8991] RSP: 002b:00007fca9baee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 221.465246][ T8991] RAX: ffffffffffffffda RBX: 00007fca9af15f80 RCX: 00007fca9ad79e79 [ 221.468560][ T8991] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000005 [ 221.470258][ T1288] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 221.471735][ T8991] RBP: 00007fca9baee090 R08: 0000000000000000 R09: 0000000000000000 [ 221.475144][ T1288] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.478093][ T8991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 221.484585][ T8991] R13: 0000000000000000 R14: 00007fca9af15f80 R15: 00007ffeec7b00c8 [ 221.488074][ T8991] [ 221.492329][ T1288] usb 7-1: config 0 descriptor?? [ 221.496046][ T1288] cp210x 7-1:0.0: cp210x converter detected [ 221.919781][ T8985] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1060'. [ 221.937892][ T1288] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 222.021402][ T1288] cp210x 7-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 222.040662][ T1288] cp210x 7-1:0.0: GPIO initialisation failed: -71 [ 222.066574][ T1288] usb 7-1: cp210x converter now attached to ttyUSB0 [ 222.093374][ T1288] usb 7-1: USB disconnect, device number 17 [ 222.109577][ T1288] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 222.117419][ T1288] cp210x 7-1:0.0: device disconnected [ 222.707987][ T9035] ieee802154 phy0 wpan0: encryption failed: -22 [ 222.760432][ T9039] input: syz0 as /devices/virtual/input/input17 [ 223.093572][ T9045] FAULT_INJECTION: forcing a failure. [ 223.093572][ T9045] name failslab, interval 1, probability 0, space 0, times 0 [ 223.135846][ T9045] CPU: 3 UID: 0 PID: 9045 Comm: syz.1.1082 Not tainted 6.11.0-rc5-syzkaller #0 [ 223.141413][ T9045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 223.146536][ T9045] Call Trace: [ 223.148258][ T9045] [ 223.149603][ T9045] dump_stack_lvl+0x16c/0x1f0 [ 223.151804][ T9045] should_fail_ex+0x497/0x5b0 [ 223.153845][ T9045] ? fs_reclaim_acquire+0xae/0x160 [ 223.155979][ T9045] should_failslab+0xc2/0x120 [ 223.158042][ T9045] kmem_cache_alloc_node_noprof+0x71/0x310 [ 223.160558][ T9045] ? __alloc_skb+0x2b1/0x380 [ 223.162722][ T9045] __alloc_skb+0x2b1/0x380 [ 223.164706][ T9045] ? __pfx___alloc_skb+0x10/0x10 [ 223.166872][ T9045] ? if_nlmsg_size+0x451/0xa60 [ 223.169028][ T9045] rtmsg_ifinfo_build_skb+0x81/0x280 [ 223.171446][ T9045] rtmsg_ifinfo+0x9f/0x1a0 [ 223.173432][ T9045] netdev_state_change+0x12f/0x150 [ 223.175646][ T9045] ? __pfx_netdev_state_change+0x10/0x10 [ 223.177867][ T9045] ? kernel_text_address+0x6e/0xe0 [ 223.179841][ T9045] ? hlock_class+0x4e/0x130 [ 223.181644][ T9045] ? mark_lock+0xb5/0xc60 [ 223.183331][ T9045] ? netif_carrier_off+0x36/0xc0 [ 223.185638][ T9045] ? dev_change_proto_down+0x104/0x150 [ 223.188515][ T9045] do_setlink+0x32fb/0x4190 [ 223.190456][ T9045] ? __pfx_do_setlink+0x10/0x10 [ 223.192659][ T9045] ? __orc_find+0x104/0x130 [ 223.194488][ T9045] ? stack_access_ok+0xf9/0x270 [ 223.196568][ T9045] ? __module_address+0x55/0x3c0 [ 223.198432][ T9045] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 223.201206][ T9045] ? kernel_text_address+0x6e/0xe0 [ 223.203537][ T9045] ? __kernel_text_address+0xd/0x40 [ 223.205793][ T9045] ? unwind_get_return_address+0x45/0xe0 [ 223.208562][ T9045] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 223.211634][ T9045] ? __nla_validate_parse+0x601/0x2880 [ 223.214029][ T9045] ? __pfx___nla_validate_parse+0x10/0x10 [ 223.216560][ T9045] ? stack_trace_save+0x95/0xd0 [ 223.218721][ T9045] ? __pfx_stack_trace_save+0x10/0x10 [ 223.221143][ T9045] ? stack_depot_save_flags+0x28/0x8f0 [ 223.223736][ T9045] ? __nla_parse+0x40/0x60 [ 223.225629][ T9045] __rtnl_newlink+0xc35/0x1920 [ 223.227730][ T9045] ? __pfx___rtnl_newlink+0x10/0x10 [ 223.230014][ T9045] rtnl_newlink+0x67/0xa0 [ 223.231843][ T9045] ? __pfx_rtnl_newlink+0x10/0x10 [ 223.234000][ T9045] rtnetlink_rcv_msg+0x3c7/0xea0 [ 223.236145][ T9045] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 223.238589][ T9045] netlink_rcv_skb+0x16b/0x440 [ 223.240657][ T9045] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 223.242761][ T9045] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 223.244844][ T9045] ? netlink_deliver_tap+0x1ae/0xd90 [ 223.246468][ T9045] netlink_unicast+0x53c/0x7f0 [ 223.248333][ T9045] ? __pfx_netlink_unicast+0x10/0x10 [ 223.251015][ T9045] netlink_sendmsg+0x8b8/0xd70 [ 223.253238][ T9045] ? __pfx_netlink_sendmsg+0x10/0x10 [ 223.255808][ T9045] ? __import_iovec+0x1fd/0x6e0 [ 223.257983][ T9045] ____sys_sendmsg+0xab5/0xc90 [ 223.260119][ T9045] ? copy_msghdr_from_user+0x10b/0x160 [ 223.262451][ T9045] ? __pfx_____sys_sendmsg+0x10/0x10 [ 223.265038][ T9045] ? find_held_lock+0x2d/0x110 [ 223.267758][ T9045] ? __pfx___lock_acquire+0x10/0x10 [ 223.270413][ T9045] ___sys_sendmsg+0x135/0x1e0 [ 223.272446][ T9045] ? __pfx____sys_sendmsg+0x10/0x10 [ 223.274877][ T9045] ? ksys_write+0x21c/0x260 [ 223.276947][ T9045] ? __fget_light+0x173/0x210 [ 223.279126][ T9045] __sys_sendmsg+0x117/0x1f0 [ 223.280976][ T9045] ? __pfx___sys_sendmsg+0x10/0x10 [ 223.283164][ T9045] do_syscall_64+0xcd/0x250 [ 223.285156][ T9045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.288744][ T9045] RIP: 0033:0x7fca9ad79e79 [ 223.290418][ T9045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.298752][ T9045] RSP: 002b:00007fca9baee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 223.302502][ T9045] RAX: ffffffffffffffda RBX: 00007fca9af15f80 RCX: 00007fca9ad79e79 [ 223.305857][ T9045] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000005 [ 223.309293][ T9045] RBP: 00007fca9baee090 R08: 0000000000000000 R09: 0000000000000000 [ 223.312703][ T9045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 223.315926][ T9045] R13: 0000000000000000 R14: 00007fca9af15f80 R15: 00007ffeec7b00c8 [ 223.319273][ T9045] [ 223.320890][ C3] vkms_vblank_simulate: vblank timer overrun [ 223.388843][ T9054] ------------[ cut here ]------------ [ 223.391922][ T9054] WARNING: CPU: 3 PID: 9054 at include/linux/rwsem.h:195 follow_pte+0x414/0x4c0 [ 223.395953][ T9054] Modules linked in: [ 223.397618][ T9054] CPU: 3 UID: 0 PID: 9054 Comm: syz.1.1083 Not tainted 6.11.0-rc5-syzkaller #0 [ 223.405148][ T9054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 223.410331][ T9054] RIP: 0010:follow_pte+0x414/0x4c0 [ 223.412915][ T9054] Code: bf 98 01 00 00 be ff ff ff ff e8 a7 f0 41 09 31 ff 41 89 c4 89 c6 e8 7b 60 bb ff 45 85 e4 0f 85 80 fc ff ff e8 2d 5e bb ff 90 <0f> 0b 90 e9 72 fc ff ff e8 1f 5e bb ff 90 0f 0b 48 c7 c7 f8 29 13 [ 223.421572][ T9054] RSP: 0018:ffffc9000370f4d0 EFLAGS: 00010287 [ 223.424723][ T9054] RAX: 0000000000008069 RBX: 00007fbb8ac28000 RCX: ffffc900039d3000 [ 223.429474][ T9054] RDX: 0000000000040000 RSI: ffffffff81cf1b43 RDI: 0000000000000005 [ 223.433826][ T9054] RBP: ffff8880213cf000 R08: 0000000000000005 R09: 0000000000000000 [ 223.437386][ T9054] R10: 0000000000000000 R11: 00000000000001ff R12: 0000000000000000 [ 223.440355][ T9054] R13: ffffc9000370f530 R14: ffffc9000370f550 R15: ffff88801fa0af80 [ 223.443850][ T9054] FS: 00007fca9baee6c0(0000) GS:ffff88806b300000(0000) knlGS:0000000000000000 [ 223.447046][ T9054] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 223.449839][ T9054] CR2: 0000001b30b1fffc CR3: 000000005109c000 CR4: 0000000000352ef0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 223.453425][ T9054] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 223.457019][ T9054] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 223.460491][ T9054] Call Trace: [ 223.461977][ T9054] [ 223.463344][ T9054] ? show_regs+0x8c/0xa0 [ 223.465619][ T9054] ? __warn+0xe5/0x3c0 [ 223.467374][ T9054] ? follow_pte+0x414/0x4c0 [ 223.469525][ T9054] ? report_bug+0x3c0/0x580 [ 223.471590][ T9054] ? handle_bug+0x3d/0x70 [ 223.473539][ T9054] ? exc_invalid_op+0x17/0x50 [ 223.475609][ T9054] ? asm_exc_invalid_op+0x1a/0x20 [ 223.477622][ T9054] ? follow_pte+0x413/0x4c0 [ 223.479810][ T9054] ? follow_pte+0x414/0x4c0 [ 223.481819][ T9054] get_pat_info+0xf2/0x510 [ 223.483785][ T9054] ? __pfx_get_pat_info+0x10/0x10 [ 223.485923][ T9054] untrack_pfn+0xf7/0x4d0 [ 223.487844][ T9054] ? __pfx_untrack_pfn+0x10/0x10 [ 223.490256][ T9054] ? zap_page_range_single+0x307/0x560 [ 223.492552][ T9054] ? __pfx_lock_release+0x10/0x10 [ 223.494781][ T9054] ? uprobe_munmap+0x20/0x5d0 [ 223.496916][ T9054] unmap_single_vma+0x1bd/0x2b0 [ 223.499171][ T9054] zap_page_range_single+0x326/0x560 [ 223.501614][ T9054] ? __pfx_zap_page_range_single+0x10/0x10 [ 223.504331][ T9054] ? __pfx___might_resched+0x10/0x10 [ 223.506628][ T9054] ? vma_interval_tree_subtree_search+0x14d/0x1b0 [ 223.509179][ T9054] unmap_mapping_range+0x1ee/0x280 [ 223.511037][ T9054] ? __pfx_unmap_mapping_range+0x10/0x10 [ 223.513229][ T9054] ? inode_newsize_ok+0x13b/0x200 [ 223.515370][ T9054] truncate_pagecache+0x53/0x90 [ 223.517541][ T9054] simple_setattr+0xf2/0x120 [ 223.519772][ T9054] notify_change+0xec6/0x11f0 [ 223.521957][ T9054] do_truncate+0x15c/0x220 [ 223.524207][ T9054] ? __pfx_do_truncate+0x10/0x10 [ 223.526463][ T9054] path_openat+0x27a8/0x2d20 [ 223.528701][ T9054] ? __pfx_path_openat+0x10/0x10 [ 223.530503][ T9054] ? __pfx___lock_acquire+0x10/0x10 [ 223.533044][ T9054] ? find_held_lock+0x2d/0x110 [ 223.535068][ T9054] do_filp_open+0x1dc/0x430 [ 223.537335][ T9054] ? __pfx_do_filp_open+0x10/0x10 [ 223.539631][ T9054] ? find_held_lock+0x2d/0x110 [ 223.541788][ T9054] ? _raw_spin_unlock+0x28/0x50 [ 223.543923][ T9054] ? alloc_fd+0x2d7/0x6c0 [ 223.545855][ T9054] do_sys_openat2+0x17a/0x1e0 [ 223.547689][ T9054] ? __pfx_do_sys_openat2+0x10/0x10 [ 223.549946][ T9054] __x64_sys_openat+0x175/0x210 [ 223.552015][ T9054] ? __pfx___x64_sys_openat+0x10/0x10 [ 223.554708][ T9054] do_syscall_64+0xcd/0x250 [ 223.556648][ T9054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.559189][ T9054] RIP: 0033:0x7fca9ad79e79 [ 223.561132][ T9054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.569258][ T9054] RSP: 002b:00007fca9baee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 223.573081][ T9054] RAX: ffffffffffffffda RBX: 00007fca9af15f80 RCX: 00007fca9ad79e79 [ 223.576735][ T9054] RDX: 0000000000003f00 RSI: 0000000020000100 RDI: ffffffffffffff9c [ 223.580654][ T9054] RBP: 00007fca9ade793e R08: 0000000000000000 R09: 0000000000000000 [ 223.583874][ T9054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.587092][ T9054] R13: 0000000000000000 R14: 00007fca9af15f80 R15: 00007ffeec7b00c8 [ 223.590531][ T9054] [ 223.591811][ T9054] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 223.594755][ T9054] CPU: 3 UID: 0 PID: 9054 Comm: syz.1.1083 Not tainted 6.11.0-rc5-syzkaller #0 [ 223.598547][ T9054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 223.602902][ T9054] Call Trace: [ 223.604353][ T9054] [ 223.605650][ T9054] dump_stack_lvl+0x3d/0x1f0 [ 223.607654][ T9054] panic+0x6dc/0x7c0 [ 223.609252][ T9054] ? __pfx_panic+0x10/0x10 [ 223.611101][ T9054] ? show_trace_log_lvl+0x363/0x500 [ 223.613399][ T9054] ? follow_pte+0x414/0x4c0 [ 223.615389][ T9054] check_panic_on_warn+0xab/0xb0 [ 223.617902][ T9054] __warn+0xf1/0x3c0 [ 223.619481][ T9054] ? follow_pte+0x414/0x4c0 [ 223.621526][ T9054] report_bug+0x3c0/0x580 [ 223.623464][ T9054] handle_bug+0x3d/0x70 [ 223.625381][ T9054] exc_invalid_op+0x17/0x50 [ 223.627802][ T9054] asm_exc_invalid_op+0x1a/0x20 [ 223.629984][ T9054] RIP: 0010:follow_pte+0x414/0x4c0 [ 223.636550][ T9054] Code: bf 98 01 00 00 be ff ff ff ff e8 a7 f0 41 09 31 ff 41 89 c4 89 c6 e8 7b 60 bb ff 45 85 e4 0f 85 80 fc ff ff e8 2d 5e bb ff 90 <0f> 0b 90 e9 72 fc ff ff e8 1f 5e bb ff 90 0f 0b 48 c7 c7 f8 29 13 [ 223.650804][ T9054] RSP: 0018:ffffc9000370f4d0 EFLAGS: 00010287 [ 223.653410][ T9054] RAX: 0000000000008069 RBX: 00007fbb8ac28000 RCX: ffffc900039d3000 [ 223.656679][ T9054] RDX: 0000000000040000 RSI: ffffffff81cf1b43 RDI: 0000000000000005 [ 223.660196][ T9054] RBP: ffff8880213cf000 R08: 0000000000000005 R09: 0000000000000000 [ 223.663221][ T9054] R10: 0000000000000000 R11: 00000000000001ff R12: 0000000000000000 [ 223.666592][ T9054] R13: ffffc9000370f530 R14: ffffc9000370f550 R15: ffff88801fa0af80 [ 223.670397][ T9054] ? follow_pte+0x413/0x4c0 [ 223.672385][ T9054] get_pat_info+0xf2/0x510 [ 223.674179][ T9054] ? __pfx_get_pat_info+0x10/0x10 [ 223.676187][ T9054] untrack_pfn+0xf7/0x4d0 [ 223.678900][ T9054] ? __pfx_untrack_pfn+0x10/0x10 [ 223.680959][ T9054] ? zap_page_range_single+0x307/0x560 [ 223.683048][ T9054] ? __pfx_lock_release+0x10/0x10 [ 223.685319][ T9054] ? uprobe_munmap+0x20/0x5d0 [ 223.687465][ T9054] unmap_single_vma+0x1bd/0x2b0 [ 223.689481][ T9054] zap_page_range_single+0x326/0x560 [ 223.691636][ T9054] ? __pfx_zap_page_range_single+0x10/0x10 [ 223.694161][ T9054] ? __pfx___might_resched+0x10/0x10 [ 223.696469][ T9054] ? vma_interval_tree_subtree_search+0x14d/0x1b0 [ 223.698854][ T9054] unmap_mapping_range+0x1ee/0x280 [ 223.700769][ T9054] ? __pfx_unmap_mapping_range+0x10/0x10 [ 223.702775][ T9054] ? inode_newsize_ok+0x13b/0x200 [ 223.704800][ T9054] truncate_pagecache+0x53/0x90 [ 223.706491][ T9054] simple_setattr+0xf2/0x120 [ 223.708238][ T9054] notify_change+0xec6/0x11f0 [ 223.710388][ T9054] do_truncate+0x15c/0x220 [ 223.712519][ T9054] ? __pfx_do_truncate+0x10/0x10 [ 223.714759][ T9054] path_openat+0x27a8/0x2d20 [ 223.716728][ T9054] ? __pfx_path_openat+0x10/0x10 [ 223.718634][ T9054] ? __pfx___lock_acquire+0x10/0x10 [ 223.720402][ T9054] ? find_held_lock+0x2d/0x110 [ 223.722355][ T9054] do_filp_open+0x1dc/0x430 [ 223.724110][ T9054] ? __pfx_do_filp_open+0x10/0x10 [ 223.726123][ T9054] ? find_held_lock+0x2d/0x110 [ 223.728211][ T9054] ? _raw_spin_unlock+0x28/0x50 [ 223.730244][ T9054] ? alloc_fd+0x2d7/0x6c0 [ 223.732120][ T9054] do_sys_openat2+0x17a/0x1e0 [ 223.734169][ T9054] ? __pfx_do_sys_openat2+0x10/0x10 [ 223.736362][ T9054] __x64_sys_openat+0x175/0x210 [ 223.738082][ T9054] ? __pfx___x64_sys_openat+0x10/0x10 [ 223.740027][ T9054] do_syscall_64+0xcd/0x250 [ 223.741819][ T9054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.744118][ T9054] RIP: 0033:0x7fca9ad79e79 [ 223.745992][ T9054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.753051][ T9054] RSP: 002b:00007fca9baee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 223.756578][ T9054] RAX: ffffffffffffffda RBX: 00007fca9af15f80 RCX: 00007fca9ad79e79 [ 223.759793][ T9054] RDX: 0000000000003f00 RSI: 0000000020000100 RDI: ffffffffffffff9c [ 223.762981][ T9054] RBP: 00007fca9ade793e R08: 0000000000000000 R09: 0000000000000000 [ 223.766007][ T9054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.769034][ T9054] R13: 0000000000000000 R14: 00007fca9af15f80 R15: 00007ffeec7b00c8 [ 223.772085][ T9054] [ 223.773966][ T9054] Kernel Offset: disabled [ 223.776251][ T9054] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:47:13 Registers: info registers vcpu 0 CPU#0 RAX=000000000003ffff RBX=00000000002d0000 RCX=ffffc9002a5d2000 RDX=0000000000040000 RSI=ffffffff81cde5c6 RDI=0000000000000001 RBP=0000000000000000 RSP=ffffc9000372f688 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffffea00004c8d80 R13=0000000000000000 R14=1ffff920006e5ed9 R15=0000000013236225 RIP=ffffffff818a79c6 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fc3a53846c0 ffffffff 00c00000 GS =0000 ffff88806b000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000207ff000 CR3=000000002d7e4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81307d8f ffffffff81307d9d ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff81307d9d ffffffff81307d8f ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff81307d8f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3a45e8762 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3a45e876f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3a45e8769 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3a45e877d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3a45e8803 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc3a45e88e1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff820035b1 ffffffff8200357e ffffffff82003561 ffffffff820033d6 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff88e08790 ffffffff82003a3c ffffffff00040008 0000000f0010000c ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff82003827 ffffffff82003631 ffffffff820035b1 ffffffff8200357e ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802ab81880 RCX=00000000ffffffff RDX=0000000000000001 RSI=0000000000002820 RDI=0000000000000140 RBP=1ffff92000677fb1 RSP=ffffc900033bfd70 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffff88802ab81b30 R13=ffff88802ab81b38 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff88e40404 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f9b993d3d00 ffffffff 00c00000 GS =0000 ffff88806b100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f3c23ee52d8 CR3=000000002854a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000003400003 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697270203a732500 7325207461206465 7269707865207972 746e65203a732500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c5755051f560000 5600055144054140 574c555d40055c57 514b40051f560000 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=0fc59c300fc59c30 0fc59c300fc59c30 0fc59c300fc59c30 0fc59c300fc59c30 0fc59c300fc59c30 0fc59c300fc59c30 0fc59c300fc59c30 0fc59c300fc59c30 ZMM22=9bc0c0139bc0c013 9bc0c0139bc0c013 9bc0c0139bc0c013 9bc0c0139bc0c013 9bc0c0139bc0c013 9bc0c0139bc0c013 9bc0c0139bc0c013 9bc0c0139bc0c013 ZMM23=85df3c2985df3c29 85df3c2985df3c29 85df3c2985df3c29 85df3c2985df3c29 85df3c2985df3c29 85df3c2985df3c29 85df3c2985df3c29 85df3c2985df3c29 ZMM24=7a8d5f727a8d5f72 7a8d5f727a8d5f72 7a8d5f727a8d5f72 7a8d5f727a8d5f72 7a8d5f727a8d5f72 7a8d5f727a8d5f72 7a8d5f727a8d5f72 7a8d5f727a8d5f72 ZMM25=38f6b11238f6b112 38f6b11238f6b112 38f6b11238f6b112 38f6b11238f6b112 38f6b11238f6b112 38f6b11238f6b112 38f6b11238f6b112 38f6b11238f6b112 ZMM26=7ca141f07ca141f0 7ca141f07ca141f0 7ca141f07ca141f0 7ca141f07ca141f0 7ca141f07ca141f0 7ca141f07ca141f0 7ca141f07ca141f0 7ca141f07ca141f0 ZMM27=7aab1aa77aab1aa7 7aab1aa77aab1aa7 7aab1aa77aab1aa7 7aab1aa77aab1aa7 7aab1aa77aab1aa7 7aab1aa77aab1aa7 7aab1aa77aab1aa7 7aab1aa77aab1aa7 ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=5409000054090000 5409000054090000 5409000054090000 5409000054090000 5409000054090000 5409000054090000 5409000054090000 5409000054090000 info registers vcpu 2 CPU#2 RAX=00000000817e4aef RBX=00007f3c24a45720 RCX=ffffffff817e4aef RDX=0000000000000aef RSI=ffffffff817e4aef RDI=0000000000000001 RBP=0000000000000000 RSP=00007fff7b689978 R8 =00007f3c23f00000 R9 =00007f3c23f02000 R10=00000000817e4af3 R11=0000000000000001 R12=ffffffff817e4515 R13=00007f3c23f16018 R14=0000000000000008 R15=0000000000010272 RIP=00007f3c23c3a873 RFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000555562bc1500 ffffffff 00c00000 GS =0000 0000000000000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3ebe82 CR3=000000001fc3c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c23de8762 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c23de876f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c23de8769 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c23de877d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c23de8803 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c23de88e1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c23eeb488 00007f3c23eeb480 00007f3c23eeb478 00007f3c23eeb450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c24a4d100 00007f3c23eeb440 00007f3c23ee0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f3c23eeb498 00007f3c23eeb490 00007f3c23eeb488 00007f3c23eeb480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 0000000000000050 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fe6fe5 RDI=ffffffff9519f5a0 RBP=ffffffff9519f560 RSP=ffffc9000370eeb0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000069 R14=ffffffff84fe6f80 R15=0000000000000000 RIP=ffffffff84fe700f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fca9baee6c0 ffffffff 00c00000 GS =0000 ffff88806b300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000001b30b1fffc CR3=000000005109c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9ade8762 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9ade876f ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9ade8769 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9ade877d ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9ade8803 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9ade88e1 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9aeeb488 00007fca9aeeb480 00007fca9aeeb478 00007fca9aeeb450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9ba4d100 00007fca9aeeb440 00007fca9aeeb458 00007fca9aeeb4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fca9aeeb498 00007fca9aeeb490 00007fca9aeeb488 00007fca9aeeb480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000