last executing test programs: 5.369780886s ago: executing program 2 (id=1846): inotify_init1(0x800) r0 = syz_io_uring_setup(0x7932, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x2000, 0x36d}, &(0x7f00000000c0), &(0x7f0000000000)=0x0) syz_io_uring_setup(0x1c24, &(0x7f00000002c0)={0x0, 0x0, 0x10, 0x0, 0x2}, &(0x7f0000000040)=0x0, &(0x7f0000000080)) r3 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil) shmat(r3, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmctl$IPC_RMID(r3, 0x0) remap_file_pages(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x4c, 0x6e6a9ace1e35a607}) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r4, 0x6, 0x3, &(0x7f0000000040)=0xb6, 0x4) connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) io_uring_enter(r0, 0xec4, 0x0, 0x0, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) io_pgetevents(0x0, 0x2, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x5c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0x9}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x4, 0x4, 0x400, 0x2, 0x9, 0xa}}, {0x4}}]}, @qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x2}}]}, 0x5c}}, 0x44880) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x801) r9 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_MSFILTER(r9, 0x29, 0x30, 0x0, 0x310) 4.549506704s ago: executing program 2 (id=1849): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bridge_slave_0\x00', 0x0}) r2 = creat(&(0x7f0000000200)='./file0\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000640)=0x6) ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000500)={"a0453822", 0x0, 0x6, 0x2, 0x0, 0x0, "4d013e77df2a87ba315ab8da00", "10221b8c", '\v\x00', "1eb15fbb", ["d8085781ae0cff21223446fe", "51f3d17dc9ed6f291acb3a10", "2ce50f8a285d9700c522afe1", '\x00\x00\x00\x00\x00\x007i\x00']}) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknodat(r2, &(0x7f00000002c0)='./file0\x00', 0x2, 0xfffffffe) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mq_open(&(0x7f0000000800)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xba\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb~\xf4\x7f\b\xa0\xf5s\x8e\xa8y\t\x90\xa2\n\x19[H6\xc6T\xe6\xb0\x11Z\xbfW\xb8\x1f\v\x89\xaf\xed\xea\xe0\x83\xc9\x9b\x9d\xe7\xba-\xa3^Y\x1d\x8dEa\x93\xcc\x96B\xd8?\xd7\xda\xd4\xd68\xa1\x9d\xf2\x8aQ/\n\xc6\x8c\xd0\x00\x96r\xe8iVO\xa4\x18p\x03\xca\x94>\xa8\x83#\x8f\xcf\x7fm\xecu\x01\x95Q4\xf55%)9+H?<\xe0_\xe5\xbc\x02k\r\x97u=\x1b\x03Z7\xa4\xa8\xa7\xc7\xadN\xeaZ.\x81\'s\x97\xa4U\xe2\x06\xdf\x1b\xffv\x85P(\xec0\x8f\xc3\xbb\x1b-r!\x9b4\xc4\xdb\xb1H\xa6\x8e\xfer\xf5\x88O~}2K\xb21\xf7\x9f\f8x\x1b\xb0\xc4\xfcr\xa9\xf8>TZB\xf2\x8dgh(-\xc7\xae6\xef^pK\xaf\x00'/1099, 0x42, 0x1f, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r8, @ANYBLOB="f2ffffffffffffffa3888c9802a5f02ace86566a3c837fcc6c1ce9d393a12f78f0485d"], 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r8, @ANYBLOB="28000e0080000000fff49c5ded0dadb5ffffffffff0802110000000802110000000000000000000000000064000100080026006c090000086110474be6acd3b8f1ee54d3d83c80289f015a3b54f3366e000000000000006858e4c5ea55d9396249dcd7087d95086c4a057dbe6c6009bec8e4ff1e2a49dfc22abceb74a5b6ba4f2e3573884354cf8fdda4cc5d5122824f5db6ffed11a8d1d09d2f008dfa11229c9383c5cbfc93a0a3e2b4a2214372ecf9b5972b6d7c08129425b8b5bad1c706dfa8d1f6d29b70b5fea887a62210925d6ea044f42d5182c9b8092ed57c7782eebe82a5dce11035545ec0f3de0e0000bba2f01bd1fe7779b145974b1128909b16bbd2e4d8bcd2d5b5406d1109896868a717150e9350081969ace9d280c5359786a566429701d5de0c42e8844d7e6e48b23f97931ab9f1f7c6c50e25d27749d81c18db10cd0ab9ea608fc7b5c46fb8db17dde2cb6fb1c33c7cb8d71c5063"], 0x54}}, 0x8886) close(r2) r9 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x402, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="300000001900090000000000000000001c140000fe000001000000001400120002"], 0x30}}, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="000000000000000000000000000000048f03741f79b27a9979d550475657575038b97bf5d97f310774018b41ade96a6df041846143ca172d70d8ca7602230782e8bc0dd0635dc90332954fef8357fa5eea6e68ca38421ecbf192f7b4069b7a683feef8442e0a569d996958b69aedc4e50fcc84c69c530af984807eb27ca9100893605cc99733470295fc50906a77009308cc8d93649e91a238014345f579996f1637484889c9092b7abe71c02a84d599ead162", @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r9, @ANYBLOB=',\x00']) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYRES16=r1], 0x24}, 0x1, 0x0, 0x0, 0x200040c0}, 0x24008050) times(&(0x7f0000000000)) 4.036414097s ago: executing program 3 (id=1854): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000ac0)={0x3, &(0x7f0000000a80)=[{0x48}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x16}]}, 0x8) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$phonet_pipe(0x23, 0x5, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) 3.718538989s ago: executing program 3 (id=1855): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@gettfilter={0x6c, 0x2e, 0x2, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x10, 0x10}, {0xffe0, 0x9}, {0xe, 0x2}}, [{0x8, 0xb, 0xc6}, {0x8, 0xb, 0x6}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x890}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0x2}, {0x8, 0xb, 0xa}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0xb}]}, 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e79d04f58235054feecaaea1b8c11e2754afcce883c5115c43d7d00"], 0xc) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, 0x0, 0xc0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = getpid() syz_pidfd_open(r5, 0x0) timer_create(0x2, &(0x7f00000001c0)={0x0, 0x2e, 0x4, @tid=r5}, &(0x7f0000000280)) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) shmat(0x0, &(0x7f00003e8000/0x1000)=nil, 0x4000) r6 = socket$unix(0x1, 0x5, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x4c, &(0x7f0000000080)=0xcdb, 0x4) connect$unix(r6, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000080)={'veth0_virt_wifi\x00', @random="030000004180"}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x48) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000000)={r7, 0x58, &(0x7f0000000300)}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'}) 3.444542396s ago: executing program 2 (id=1859): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="180200000000000600000000000000008500000053000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) r2 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0x5, 0x0, 0x0) writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1) syz_genetlink_get_family_id$gtp(&(0x7f0000001100), r2) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x24) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket(0x1e, 0x4, 0x0) r7 = gettid() setpriority(0x2, r7, 0xbc53) setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000000)=@req3={0x64f, 0x7fffffff, 0x0, 0x3, 0x1ff, 0x401, 0x9}, 0x1c) recvmmsg(r6, &(0x7f0000008140)=[{{0x0, 0x0, &(0x7f0000002880)=[{&(0x7f0000000140)=""/8, 0x8}], 0x1}}], 0x1, 0x7fb10727dda9, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4048aecb, &(0x7f0000000080)) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r1, 0x0, 0xe, 0x0, &(0x7f00000000c0)="c1b9545dd30a1d31677b2d0bfa91", 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0xf526143fa5576b02, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f0000000180)={0x4}) ioctl$KVM_REGISTER_COALESCED_MMIO(r8, 0x4010ae67, &(0x7f00000001c0)={0x100000, 0xb000}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r8, 0x4010ae68, &(0x7f0000000200)={0xdddd0000, 0x103000}) 2.789786224s ago: executing program 3 (id=1861): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f000081c000/0x1000)=nil, 0x1000, 0x8, 0x1010, 0xffffffffffffffff, 0xab880000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) socket$inet6_sctp(0xa, 0x1, 0x84) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x7, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = socket$igmp(0x2, 0x3, 0x2) prctl$PR_SET_SECUREBITS(0x1c, 0x1e) setreuid(0xee01, 0xee01) fcntl$setstatus(r3, 0x4, 0x42800) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000001000000850008000000000000000000000000009500000000000000f3a674f29403ea5dc877d10a1b9ab65fce713fb0281c33639821990ab9c09f402c610c84b54e6f8dbb5bfc1e99ebcd886675cd6134b571e0b2f416faee826b6c6bbbf5e952bb77a2dce071a75c70238e"], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x34, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0205710, &(0x7f00000002c0)={0x1, 0xff, 0x1, 0x0, 0x5}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r6 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000700)='notify_on_release\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f00000003c0)=0x1ff, 0x12) mkdirat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz0\x00', 0x1ff) 2.282794042s ago: executing program 2 (id=1865): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) connect$unix(r0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x15, 0x4, &(0x7f0000000400)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x400, 0x0, 0x0, 0x41000, 0x70, '\x00', 0x0, @sk_reuseport=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x30, 0xe1515f8735398f3, @val=@uprobe_multi={&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000400)=[0x5, 0x3], 0x0, 0x0, 0x1}}, 0x3c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0], 0x0, 0xfffffffe, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94) mknodat(r1, &(0x7f00000001c0)='./file0\x00', 0x120, 0xc) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) r4 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8000}, &(0x7f0000000480)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x2001}) io_uring_enter(r5, 0x8aa, 0x39, 0x0, 0x0, 0x0) fsopen(&(0x7f0000000040)='cifs\x00', 0x1) r8 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r8, &(0x7f0000000040), 0x10) listen(r8, 0x0) r9 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r9, &(0x7f0000000080), 0x10) sendmmsg(r9, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094) 1.879943115s ago: executing program 3 (id=1866): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000002c0)={0x0, 0x1, 0x0, &(0x7f0000000600)=""/42, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000300)={0x0, 0xfffffff3}) 1.729713261s ago: executing program 3 (id=1868): setsockopt(0xffffffffffffffff, 0x86, 0x100, &(0x7f0000000300)="1a000000020000", 0xfffffffffffffedd) syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x11, 0x3, 0x10) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-ssse3\x00'}, 0x58) accept4(r3, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r5 = dup(r4) write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) r6 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r5}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r6, 0x2ded, 0x4000, 0x0, 0x0, 0x0) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0) 1.6419648s ago: executing program 2 (id=1869): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="e80000000008010100000000000000000100000a050003000600000006000240600600000900010073797a31000000002c000480080001400000000b08000140ffffffca080001408000000008000140ffffc2b008000140000000010900010000000000000000004c00048008000140000000040800014000000009080001400000000108000140000000030800014000000005080001400000000a08000140800000000800"], 0xe8}, 0x1, 0x0, 0x0, 0x4000}, 0x40008d8) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r3, 0x2ded, 0x4008, 0x0, 0x0, 0x22) msgget$private(0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='fsi_master_gpio_crc_rsp_error\x00', r1, 0x0, 0x6}, 0x18) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000f40)=ANY=[], 0x0) r7 = gettid() timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r8 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc2b02) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000200)=ANY=[@ANYRES8=r6], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$CEC_TRANSMIT(r8, 0xc0386105, &(0x7f0000000d40)={0x0, 0x0, 0x4, 0x0, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059"}) ppoll(&(0x7f0000000280)=[{0xffffffffffffffff, 0x4022}, {r8, 0x20}, {0xffffffffffffffff, 0x10}], 0x3, &(0x7f0000000300)={0x0, 0x3938700}, &(0x7f00000003c0)={[0x0, 0x9]}, 0x8) 1.119765126s ago: executing program 0 (id=1872): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$phonet_pipe(0x23, 0x5, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) 869.616861ms ago: executing program 0 (id=1873): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) connect$unix(r0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x15, 0x4, &(0x7f0000000400)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x400, 0x0, 0x0, 0x41000, 0x70, '\x00', 0x0, @sk_reuseport=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x30, 0xe1515f8735398f3, @val=@uprobe_multi={&(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000400)=[0x5, 0x3], 0x0, 0x0, 0x1}}, 0x3c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0], 0x0, 0xfffffffe, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94) mknodat(r1, &(0x7f00000001c0)='./file0\x00', 0x120, 0xc) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) r4 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r5 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8000}, &(0x7f0000000480)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x2001}) io_uring_enter(r5, 0x8aa, 0x39, 0x0, 0x0, 0x0) fsopen(&(0x7f0000000040)='cifs\x00', 0x1) r8 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r8, &(0x7f0000000040), 0x10) listen(r8, 0x0) r9 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r9, &(0x7f0000000080), 0x10) sendmmsg(r9, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094) 869.23745ms ago: executing program 3 (id=1874): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f000081c000/0x1000)=nil, 0x1000, 0x8, 0x1010, 0xffffffffffffffff, 0xab880000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) socket$inet6_sctp(0xa, 0x1, 0x84) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x7, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = socket$igmp(0x2, 0x3, 0x2) prctl$PR_SET_SECUREBITS(0x1c, 0x1e) setreuid(0xee01, 0xee01) fcntl$setstatus(r3, 0x4, 0x42800) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000001000000850008000000000000000000000000009500000000000000f3a674f29403ea5dc877d10a1b9ab65fce713fb0281c33639821990ab9c09f402c610c84b54e6f8dbb5bfc1e99ebcd886675cd6134b571e0b2f416faee826b6c6bbbf5e952bb77a2dce071a75c70238e"], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x34, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0205710, &(0x7f00000002c0)={0x1, 0xff, 0x1, 0x0, 0x5}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r6 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000700)='notify_on_release\x00', 0x2, 0x0) write$cgroup_int(r6, &(0x7f00000003c0)=0x1ff, 0x12) mkdirat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz0\x00', 0x1ff) 669.427723ms ago: executing program 1 (id=1875): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/tcp\x00') r1 = socket$nl_crypto(0x10, 0x3, 0x15) getsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, 0x0, &(0x7f0000001800)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r2, &(0x7f00000004c0)='<', 0x1, 0x48010, 0x0, 0x0) lseek(r0, 0xd7, 0x0) 669.139379ms ago: executing program 1 (id=1876): remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x1000, 0x4000013) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0xb, &(0x7f00000002c0)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_tunnel_key={0x58, 0x1, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xb, @empty=0x4000000}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001080)='cpuacct.usage_all\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040)) modify_ldt$read(0x0, &(0x7f0000000400)=""/241, 0xf1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000400"/19], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r2}, 0x10) socket$alg(0x26, 0x5, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x4, 0x316}, &(0x7f0000000340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r3, 0x3516, 0x7f00, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) landlock_restrict_self(0xffffffffffffffff, 0x0) bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) r7 = gettid() waitid(0x1, r7, 0x0, 0x80000002, 0x0) write$binfmt_misc(r6, &(0x7f0000000000), 0xd) 555.144564ms ago: executing program 1 (id=1877): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000001000810000000000000000000000000a040000031200010000000001"], 0x64}}, 0x0) (fail_nth: 1) 554.658835ms ago: executing program 0 (id=1878): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='syscall\x00') r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$WPAN_SECURITY(r2, 0x0, 0x1, 0x0, &(0x7f0000000040)) (async) r3 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="0006000000001400a50f00009bdeb2d45f7bb9b21aa1598853226935aaaf20e5f729b19ece9248cfbd3e9ade931d808c72e1491b303b4099515ceb5cfa5b7e8efc642186b9eb45bcf35ed97cc78a98140a8e92b500"/100]) (async, rerun: 64) read$FUSE(r1, &(0x7f0000005380)={0x2020}, 0x2020) (rerun: 64) write$UHID_INPUT(r1, &(0x7f0000000a00)={0x8, {"2285e53deb134f529a0de7344a807f6efd9e7c77b4e436be093b538152a4ba9c657763bbce591b759643902700561f449893f21730b8745b6c2ab2d4e6b90dc7cbd4a90651da22824be5fb6e6be8fa455e8da93ef4af115ed8af09e8e04034355daa709dfcaa4e0855effc29b4f78b099f905518719066c88908d19032a169d034bb3aa888da0ebabc519df8e159c1f1f0936535c04ad3e7a2518df42e93b7baf334d1251a774f4d70d526b9e5b419ee370226a9ac39a81d0a18823a83775c359d8bb253f88f06fcb7980107825d5dbb58ef1449315f30bd07a2c4a4aa8b274170b91ba310a20f9348e075aa774482aa0764b2e64e597bfc2e0deb920724f3eec8f43e22bab410522ce991ffaad309e0eaaa044683cdaab0b7f8bdcf8c7fb0adb8c5fb7803365652125041c7e994b3fc093dac722dae5ff80c5389a437fbc8fe2f6466f863fa7ba2f14b1bae450cd26589236d5a911f3a956eb0bbddcd08323fdff47da1451952dd71bfbba6ee1ffdbacc23fbb1f33e4cc4f502e4e39ad0fa4146358ed1133b4c30e0d5f0c4db46e3e4f9c3eacc38910b94a263a095724a8c20e1f9330707e1c8bcffe7683e3751625be925736a0bf4a3ed4d22c118ae8d980d691c717711340eece624f317708b9a6d6099b7505d9d7fa2154985fdcf7be95b93b14dec8c36bdc0fa4421f824c8b4b943959de276988150d3c63bd4b620575ca879151c1720e28f081ab799795778596a85ba4ff81b49614b79f92d42c6989722afa2eefd5896f5595ae73a56981b9e48697cc4134c4d51b5fdf9a39ca6ccf4a0655c4e3a86f1561a00a1508c0e0ee484e6e21cbacf74492c01cf7cc30157f5eb6f61586de071d4a356e5065e4d7630dd5c6b31857bd85c18c4410e4ba9bc62322fdec90a0fb3e207852ae439b91593d4394cbf898897b85a93a9d67de90daeb9a3c93ba65a13567a9dd20c7d6d90ebae8a3828b71840a16c09cf487f6c87c00559c26f145afdf9dc494b750f3997379dbf35e20777fd97f5b8b526b8da5bcf289a413f2a6b583cf3b2426657916dd9eff9e70d37601d5f118839508cdc83a8ee14bbb85ac6e5f126f9802089cf0e8f5ece22c255bf3deda78b553a10d68c16e41cd8b2deff1801fa4d817b8a9f82f18736f9d44e2e159e981dff92c67eda8c57640d8d6622e096312aa871e81f51d359524caba7b58320640693a9757ffdd6d9c2089cd1ca21a033bd017a4fcde141a0efb6e526179029cd602572850efa2ff5d9d46f68dcceebac5a8c2aa3fea6c59fdea10c786a07c036912962e001b844f73b31b0b9052a88047641eee2504e97d227fd5b5ae1f08207367b9f14b0ac70e02c2c7d4109f5b16128afbe687c2753e3010ab6ae611ef2fbc12ce646097bde6c2c91491e53a8dd6de57c916d9bbf559213667ad03500fba09447b5b1e4b14ed22301eeefff1d1d477ac670a2ee376ccd617fc6adfdb33213e7122eae21dc78accf4533f763ac24129ba2c6c5ab43edaf9b6c35505ea12d4b7f4b51f773fb16a2d423860a0bee10e3ba16245b7b371e21f5468426e772b35c6dff5e91407bf94c6e6e63cb8a458c3b1b9f0d00eed9675b931201b71a2c6c1a2dea4341e86504f143deb33dbd0dea84b49b7c0aa1ac4299729de7bcb52d83e8a6fe29d16ff2462bfb2cdc9369c122c0d7e1b671efe63c2bda57eb7f2e4f568ad4f205ef39463907337f6b3bccb593d8ec3cd9ed8be08acc4c5db1f91a660e76a237fa6824de5983c2cb15c56143267725a666a05c9c4f17b9eb1ad1b60c037016bbfa7a7a4978f85b4e0dd4e48c7a9972a0c42241d060d90b4bb8062fa1892617c346dd29ae3dc690d19420aaf6907c5f5c216846587937e1b24dabf4fba1dcc7c25aa0217a6c87f1db97a1a99b95df8de5a2e2644ceb0f8ae25ae6286b00981c0ba201de232633dcaea04a0bd899addc8d882ea0cfdac86f31c4220977ed179056b0e38d04bd833446f000d01c26ba9ba975e3c4d9ec3aeb172ce1535ca608834662fae42d03a7a6ff03099c4c5fae9018e64923434b9877a7d492168a2528548056366ec6bfff337628b5a1ce82148b4e42d2d17be629bd18a683ccf583f4fe5ec2e7e7bbd563a0bbc68dc706126903cddbf80eea7e3825cf437fcd2179b7a188866758a1938b4969a520fb3f1179b1059d4ac8121b9ff6b6a9eec46693b01412b575cfb2b08c05898dc1fce102b2d6d52bc2047d923fd0467ff53f9df252a846a22ae325c5a6c82ad1a153d1688758582ff65f770c7fed6babcca1a43b2a2742978693b31f0f1178d1590446b27a5f8dae91394bf087b2a35b9efe3eec80bf0b3ca90a197ba90ea32927cf2d8988b9571c5b277ab459f06a964fa1fd67a505eca0e8dfdb7cc05d712238d0643f601ea8a2dd32024ff8ee2a26eb7c4fa8ccadefa926c41c90ba06da725ed7a2c541c86181450fd6225311342e43e20ee8afffce902b38d66d290771566391b77938907a6863942a54480087777bba4beeb8672d9f4aeb54157a640162ad40f0e2519957f9764e95cc6de234e9d36f52c9e56cb7f5d79002194f1f62f275a4583f80edeeff4155597efceab782a8270b58a4ead03d50a15d00550ae50ce139651518f80ee6ffc6333c7f91e3fb87ae56427f4252d3aa40d87068cefb408f581c3eadcaeb64d956f48d2b5ac97f01fa8e6dc93ea56ad73f7611805947c306948fba4cdce074830284515d5b5c4f1d237009514b14f73dd69302a634870c40ea37ddf58ba8ce0535caeb06a2b8584aa3d0fc5b6cc0a9800058352ca78e7531c415fd855a351d4af69ee5ffeccafd7bd5c4b9559778450f49cc5a56990135fe6008c8845874b25404241058413353aabf37bffd7ff2754d9197d2fa48049113c71af97fd04d76c28e36ec8c2139937937661836d1f08d683c0e9400e40bea8aa2f1675434af8ac753772bd768c5e6bf6b274c3edeafd6e7fc2bbc1eb8b0454aae3a745b72c5c94c3a1f9525254d65da02b31db6a07f763ea05abe86e93703f7c6bfd0f485e09d9cbd5c78671f78e904f6eccd53bf8061348b078093b4e88b7be3fd40439f69686e55d2b6e2c7d83c02a386e163927f0b57a8c82a1a882dfda3ef8cf762aa7a0a56b5e312f011df54aee525610438222e62b954dafc7e74115c91554b5ce81a51e2ccf0e0e8cf022d7370b195bc9096df28647248f3a315f2cca95f4d73acb3d46c89fe264ac13050d7fcc7adcd70f95c912f80e56ec9636b230efe98dda521d0a750e190c0256ef00d6370e6a66f7a743bde1ef1f36794976b1bfca8e19853359d3e5e61a535134fcc988ba16723c4dac29dc0a13349bf297777e460ddb847136a125073bda62f2c00959cf3db88110fb4a05099fa2688fba6cbe504b70e99f5c5d36cc8a0bad20a724a8fa53dab7ab82e9ed7ab97c912ed8d5c366cba41bec2b78d09046b4b3690b3863ba12a13ddb909cc5527c0c8d4ba7668b99ed972787fd28ae547bcfe83b4abfa320c3ab57d254b2f254ce1eb516fadca23d22cf09cfb8556467f34c5fd760ceafe1e890153f19159de71392f9309c1022bfd729d0419e2acb5cfa44ff233163db3b19887a4f1abff8ca45ad2cd703a0ed9bd39763ffe925c1a87882621ae0ef40b5a049e4fa2d000860d384f9b9fb42361f640dc8cc56bdac41eddbe640f6d2fd5523f59dd627f6998b5faa66a11afd4610ffadcd518dfe6ae18e2669c69e8af36e2dfd02d95a502e44bbbc23743f41a8e1cc429ffd39eeb8ddcba34ba01320de41cd6a79c0231d3676dadaca55dad64b2e4d9ed35420ba5caae135dafd259b5a9744a6a17a5bfe34a28bc1b90813eedfb9614f0dc29f429627a4c0e2dafbd29856f3f58e9b71f2c486b30f3017b7b6bca26911a5319e2a7a78c6c59d5566599977691ad51d1878dd7da341d507959092b41bdf269c147630fc139126c96ad48e48e90f2a85cc2aad7d057d14d9622a235155b1392fba68e127cb53a277b566070def55ba4a2b8e6361606fc387e3f643f67431ef0326ec1e06fdd3a7c0e1066b81d86d7bbb42ade22b7c1f3b131b9cd7d49fff32d49ec7d90e2762bf7420e77822f80f339664860cc1ce245d2c078e747148800a0d5e58693a4712ab245a76400358b3f9e3ab2bcdc81444ecb251d2fb5c5b429dd39408f350ca3c0fb72f6380519079ec7f7dfcb47fdf8d28627493e15872d927e81b70f5608cfeb479017dbe1d61f250091c944c25da1d409d47aa22d3c7ed94dae8b8cf5e92603fe74c60b1108d20cd281b8b9523e567e4762b39c0652b8506f095e909142256aad03ff94ab56559bac738d9c8bd0890ecce2ff66e7bd0009717ae7a7f293cedb86f99054ae6fcbd939de2accdbf36707a9d44679329cce92572af9fe666adb037245693d83c8689610828c4d331a9e71443d113b642bba8bf19e61e0aec607b426c76e6c7e15d0a3e4d9497821eab5449b3250e834bba5c0f2cbc262e7544304f3e1b483414bb3d7a271d56c94cbf30cca6769085b411118050a1476daba3fa85e3855f281f41e928b5ca2d84430b30dd2aa47574700f5dcb7a6de8de42964943c6ed68020f5575b2723849b5b12ca072f3caba6f8a5001ef99e7c57217d915bd63ce15ebe03e41adb7f82f3f9a295cb60abd878efebf5074ede278368669c0651a0185d1051bdcff62eeca9b94d5eb6ececf1fa2bbf4631c4a19cf016d7deb7bd890b84d62616eac091a730122287cf5701645b7b408a1ef31b85d159474d3c5d0f6edef0c44a2063deb7d0d99a882c7dcc4f947e41bbd25857e59c0e6d2d0b08f186f5c9f41e63e8b34838b00598544b496aa482d929639e8b685bf4d724dcbff192c0c629174a62aab2f878ed507b833245f3ea846aa30a1133b5db72056f1adacd2225e118cdcd2fe8372e9cadf1da1805d23b81e74cdb77da32bbbb5bab4fe021c986c8f42f42ff07aaaac76e3754b4561d94a8f5f8300daa1740cc3c7d4dd6a1acdb84e59f59ab5a58d865cc5c81f36b9623732cc1531b0eb8009c63913d56e3de92f689bdff2daa6e816039222d9bdf2ee43de33b51ad3e43b18838a64703c7d3d14ae546c28ee55f4db8ace88b372c39c1540064994c1d9d19382585441e0c76634d4c5da0acd5d810b0c6959f10ab7430a815b929c16f4913ff0535307c60fbebd4dc6846e6f3716c977bfaee07586db3cafe8fddcf5a3acc7ee11e4ddb9e19144db36241c957434f5cdfceb1066bc55d95bc6e745ba9196354f1c3c1ec70c8bc531b7a25965e66d07ae44aad2c15314de06d096c2f0f96fd3551d3b9498484e80c24cc2525effb1d70fff7dea0c855852b88e6fa0461eefeedcb6218083797694780986a05793fe233d807e4b6defceded9ceaa96d223512180e2b95d7e5ed8b4205b81ef6f453e8b3aa353b85ad2bde88d24063debb8e98e5f57591041bff233c980b5fd54999567c9068e2f2a9c079d269dee43fe507dcde1482246d96eb3da66fdbe31b3f1740af0486301c97fb6158559b3cc72f3e3eacb61835b86ebcc6ee770be8156b299672b5f12222778bbb3105a009e2d60a484b4f3884f98c2e94cab5bf2185ff6d5d534e391fb23619599f6ca67ec79ab08b9d983cde1fe45b8aa7b51f4d2c2c83b4eb816e901180ef0a782673d10b326dd3fd85ec3b3322df266b4456bdb467c09c968a9c1c23ed075d1270c3578d80e4d3424dbfe870618e7f9c75ea91acfddadc4f694e955efc221cd3eb8aaa9dbb54b1e8a3f3e1b2d804de06bb6a1a92a450d1c0", 0x1000}}, 0x1006) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) (async) r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="1e031800"], 0x22) socket$nl_route(0x10, 0x3, 0x0) (async) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) recvfrom$inet6(r6, &(0x7f0000000000)=""/46, 0x2e, 0x101a1, &(0x7f0000000040)={0xa, 0x4e20, 0x2, @private1, 0xc3fa}, 0x1c) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000200)={'ip6tnl0\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x2f, 0x1, 0x6, 0x0, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @mcast1, 0x7800, 0x7800, 0x3, 0x2}}) (async) r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) r8 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r8, 0x7a7, &(0x7f0000000100)=0xb0000) (async) ioctl$IOCTL_VMCI_INIT_CONTEXT(r8, 0x7a0, &(0x7f0000000140)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r8, 0x7a8, &(0x7f0000000300)={{@host, 0x9}, @host, 0x0, 0x8, 0x1, 0x4, 0x4, 0x8001, 0x3b}) (async, rerun: 32) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="66643deaf549d6a077c82fef4223c3f534da70b0334d83942e4e0b3e2219a683d993572c289a67a6fd0c52539fab605232384d899415049f61dee1bc764082b921b1ebf00c6bff03000059c57c9f044ef773f493a1d6aa24fb212618ef343f7eb4d778ba3d01551174b28caed1d040b210fec55436bf233b0bea463bc5602fcd132b3b0527b975374d112109038bcf95325020f7e425e54c102799", @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) (async, rerun: 32) r9 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r9, 0x84, 0x2, &(0x7f00000002c0)={0x95, 0x1000, 0x5, 0xb}, 0x8) (async) read$FUSE(r7, &(0x7f0000006840)={0x2020, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x3, {0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, {0x0, 0x2000000000, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x4, 0x2000, 0x7, r10, 0x0, 0xf0ee, 0xffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async) socket$nl_route(0x10, 0x3, 0x0) 498.608216ms ago: executing program 1 (id=1879): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r1, 0x8b32, &(0x7f0000000040)) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="928608d7ca35b6a56ba73cc1388a3b071e07185fd0179ec707f3df424b2e959532be4ebf202f7c340322d5ace3276dc67b42b3da98e0c12feb75c796abed259f6b645c14afcdcdd60ca14636314eeb05a6ed6bf705bcba7c0156bbbca45efa8576ab289189405de338378a8e9b44efd9f4b0a637890d11517fb852e3fe421f347dfe514a9416b89cd15ba0c3fdfa5ee8f0889382b22492c3689012dd75655814ca9abfa57765", @ANYRES64, @ANYRES32=r0, @ANYRESHEX=r1, @ANYRESDEC=r0, @ANYRES8=r0, @ANYRES8=r0, @ANYRESDEC=r0, @ANYRESHEX=r0], 0x64}, 0x1, 0x0, 0x0, 0x40090}, 0x20000014) 423.297289ms ago: executing program 1 (id=1880): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async) 413.483111ms ago: executing program 2 (id=1881): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="e80000000008010100000000000000000100000a050003000600000006000240600600000900010073797a31000000002c000480080001400000000b08000140ffffffca080001408000000008000140ffffc2b008000140000000010900010000000000000000004c00048008000140000000040800014000000009080001400000000108000140000000030800014000000005080001400000000a08000140800000000800"], 0xe8}, 0x1, 0x0, 0x0, 0x4000}, 0x40008d8) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r3, 0x2ded, 0x4008, 0x0, 0x0, 0x22) msgget$private(0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='fsi_master_gpio_crc_rsp_error\x00', r1, 0x0, 0x6}, 0x18) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000f40)=ANY=[], 0x0) r7 = gettid() timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r8 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc2b02) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000200)=ANY=[@ANYRES8=r6], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$CEC_TRANSMIT(r8, 0xc0386105, &(0x7f0000000d40)={0x0, 0x0, 0x4, 0x0, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059"}) ppoll(&(0x7f0000000280)=[{0xffffffffffffffff, 0x4022}, {r8, 0x20}, {0xffffffffffffffff, 0x10}], 0x3, &(0x7f0000000300)={0x0, 0x3938700}, &(0x7f00000003c0)={[0x0, 0x9]}, 0x8) 412.989746ms ago: executing program 0 (id=1882): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$phonet_pipe(0x23, 0x5, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) 410.731524ms ago: executing program 1 (id=1883): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f000081c000/0x1000)=nil, 0x1000, 0x8, 0x1010, 0xffffffffffffffff, 0xab880000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) socket$inet6_sctp(0xa, 0x1, 0x84) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x7, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = socket$igmp(0x2, 0x3, 0x2) prctl$PR_SET_SECUREBITS(0x1c, 0x1e) setreuid(0xee01, 0xee01) fcntl$setstatus(r3, 0x4, 0x42800) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_int(r4, &(0x7f0000000700)='notify_on_release\x00', 0x2, 0x0) write$cgroup_int(r5, &(0x7f00000003c0)=0x1ff, 0x12) mkdirat$cgroup(r4, &(0x7f00000001c0)='syz0\x00', 0x1ff) 59.108721ms ago: executing program 0 (id=1884): r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=0x0) capset(&(0x7f0000000040)={0x20071026, r2}, &(0x7f0000000080)={0x4, 0x1000, 0x4, 0x8, 0x87c, 0x1}) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000140)={0x1, 0x0, [{0x5, 0x5, 0x0, 0x0, @irqchip={0x8, 0x3}}]}) 0s ago: executing program 0 (id=1885): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f00000006c0)=ANY=[@ANYBLOB="b40800000000000073114100000000008510000002000000b7000000000000009500c2000000000095000012000000000e09b9445761db3ed82f7be4b9f1628b9a5c40384cb45e62e827e611f21a01a76f66f616553959b478ad3c46bb20e558783b21dd5307760617deec8b1b75c00853ee69e33ba2c01c28950365dd46fcc9f2ac6d20197fd68292e8445824f49b6fba41a316e13e462e31ca00d2622d56318d78e271d364329e7ae732bf8dade587bb30d67e23f78662621b74aabfd8eaf399893bab50fed33101f5a1085f991877907bd6117db675155932860499977f7384a8d94e810492c284fc7cc784ed942bf11d72897a7896f5f8c957984312e9d39eaa478a3065afd52404cb058b"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r1}, 0x10) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='cachefiles_mkdir\x00', r1, 0x0, 0x80000}, 0x18) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) close(r3) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) close(r4) bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r0, 0x0, 0x0}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000600)={r4, 0x0, 0x0}, 0x10) (fail_nth: 1) kernel console output (not intermixed with test programs): 0000 RSI: 0000000000000000 RDI: 0000000000000000 [ 85.412618][ T7170] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 85.414865][ T7170] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 85.417185][ T7170] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 85.419450][ T7170] [ 85.420445][ C3] vkms_vblank_simulate: vblank timer overrun [ 85.683682][ T7183] netlink: 16 bytes leftover after parsing attributes in process `syz.2.344'. [ 85.710433][ T7183] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 86.251541][ T7203] FAULT_INJECTION: forcing a failure. [ 86.251541][ T7203] name failslab, interval 1, probability 0, space 0, times 0 [ 86.255207][ T7203] CPU: 2 UID: 0 PID: 7203 Comm: syz.1.349 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 86.258274][ T7203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 86.261358][ T7203] Call Trace: [ 86.262370][ T7203] [ 86.263252][ T7203] dump_stack_lvl+0x16c/0x1f0 [ 86.264638][ T7203] should_fail_ex+0x497/0x5b0 [ 86.266009][ T7203] ? fs_reclaim_acquire+0xae/0x150 [ 86.267495][ T7203] should_failslab+0xc2/0x120 [ 86.268904][ T7203] __kmalloc_noprof+0xce/0x4f0 [ 86.270299][ T7203] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 86.271922][ T7203] ? tomoyo_realpath_from_path+0xbf/0x710 [ 86.273590][ T7203] tomoyo_realpath_from_path+0xbf/0x710 [ 86.275189][ T7203] ? tomoyo_path_number_perm+0x235/0x5b0 [ 86.276905][ T7203] tomoyo_path_number_perm+0x248/0x5b0 [ 86.278484][ T7203] ? tomoyo_path_number_perm+0x235/0x5b0 [ 86.280128][ T7203] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 86.281918][ T7203] ? __pfx_lock_release+0x10/0x10 [ 86.283375][ T7203] ? trace_lock_acquire+0x14e/0x1f0 [ 86.284898][ T7203] ? lock_acquire+0x2f/0xb0 [ 86.286217][ T7203] ? __fget_files+0x40/0x3a0 [ 86.287575][ T7203] ? __fget_files+0x206/0x3a0 [ 86.288948][ T7203] security_file_ioctl_compat+0x9b/0x240 [ 86.290563][ T7203] __do_compat_sys_ioctl+0x4e/0x2c0 [ 86.292100][ T7203] __do_fast_syscall_32+0x73/0x120 [ 86.293585][ T7203] do_fast_syscall_32+0x32/0x80 [ 86.295003][ T7203] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 86.296879][ T7203] RIP: 0023:0xf7ff6579 [ 86.298062][ T7203] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 86.303630][ T7203] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 86.306126][ T7203] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80 [ 86.308428][ T7203] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.310853][ T7203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 86.313115][ T7203] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 86.315374][ T7203] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 86.317659][ T7203] [ 86.321760][ T7203] ERROR: Out of memory at tomoyo_realpath_from_path. [ 87.460412][ T7254] FAULT_INJECTION: forcing a failure. [ 87.460412][ T7254] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.464189][ T7254] CPU: 2 UID: 0 PID: 7254 Comm: syz.0.367 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 87.467258][ T7254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.470365][ T7254] Call Trace: [ 87.471347][ T7254] [ 87.472262][ T7254] dump_stack_lvl+0x16c/0x1f0 [ 87.473665][ T7254] should_fail_ex+0x497/0x5b0 [ 87.475044][ T7254] _copy_from_user+0x2e/0xd0 [ 87.476411][ T7254] get_compat_msghdr+0xa8/0x170 [ 87.477838][ T7254] ? __pfx_get_compat_msghdr+0x10/0x10 [ 87.479410][ T7254] ___sys_sendmsg+0x1b0/0x1e0 [ 87.480834][ T7254] ? __pfx____sys_sendmsg+0x10/0x10 [ 87.482350][ T7254] ? __pfx_lock_release+0x10/0x10 [ 87.483810][ T7254] ? trace_lock_acquire+0x14e/0x1f0 [ 87.485345][ T7254] ? __fget_files+0x206/0x3a0 [ 87.486751][ T7254] __sys_sendmsg+0x16e/0x220 [ 87.488135][ T7254] ? __pfx___sys_sendmsg+0x10/0x10 [ 87.489629][ T7254] __do_fast_syscall_32+0x73/0x120 [ 87.491136][ T7254] do_fast_syscall_32+0x32/0x80 [ 87.492588][ T7254] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 87.494417][ T7254] RIP: 0023:0xf706e579 [ 87.495567][ T7254] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 87.501157][ T7254] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 87.503531][ T7254] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000380 [ 87.505887][ T7254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 87.508243][ T7254] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 87.510534][ T7254] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 87.512826][ T7254] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 87.515107][ T7254] [ 87.663759][ T7262] netlink: 16 bytes leftover after parsing attributes in process `syz.1.369'. [ 87.706697][ T7262] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 88.784271][ T6003] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 88.938541][ T6003] usb 6-1: Using ep0 maxpacket: 32 [ 88.941977][ T6003] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 88.944304][ T6003] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 88.947407][ T6003] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 88.958727][ T6003] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 88.962408][ T6003] usb 6-1: config 0 interface 0 has no altsetting 0 [ 88.969280][ T6003] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 88.971867][ T6003] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 88.974231][ T6003] usb 6-1: Product: syz [ 88.975466][ T6003] usb 6-1: Manufacturer: syz [ 88.976806][ T6003] usb 6-1: SerialNumber: syz [ 88.989657][ T6003] usb 6-1: config 0 descriptor?? [ 88.993871][ T6003] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 89.000017][ T6003] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 89.314583][ C1] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 89.315612][ T7297] ldusb 6-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 89.316424][ T6006] usb 6-1: USB disconnect, device number 3 [ 89.323133][ T6006] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 89.592613][ T7297] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 89.597116][ T7297] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 89.610075][ T7297] bond0 (unregistering): Released all slaves [ 89.625636][ T7326] netlink: 4 bytes leftover after parsing attributes in process `syz.0.390'. [ 89.628434][ T7326] syz_tun: left allmulticast mode [ 89.630102][ T7326] syz_tun: left promiscuous mode [ 89.632365][ T7326] bridge0: port 3(syz_tun) entered disabled state [ 89.636807][ T7326] bridge_slave_1: left allmulticast mode [ 89.639171][ T7326] bridge_slave_1: left promiscuous mode [ 89.640945][ T7326] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.644491][ T7326] bridge_slave_0: left allmulticast mode [ 89.646106][ T7326] bridge_slave_0: left promiscuous mode [ 89.647784][ T7326] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.153206][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 90.472236][ T7366] netlink: 'syz.0.408': attribute type 10 has an invalid length. [ 90.494142][ T7366] team0: Port device netdevsim0 added [ 90.505864][ T7366] netlink: 'syz.0.408': attribute type 10 has an invalid length. [ 90.525894][ T7366] team0: Port device netdevsim0 removed [ 90.539226][ T7366] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 90.958399][ T7369] FAULT_INJECTION: forcing a failure. [ 90.958399][ T7369] name failslab, interval 1, probability 0, space 0, times 0 [ 90.962560][ T7369] CPU: 3 UID: 0 PID: 7369 Comm: syz.2.403 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 90.965784][ T7369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.968852][ T7369] Call Trace: [ 90.969778][ T7369] [ 90.970645][ T7369] dump_stack_lvl+0x16c/0x1f0 [ 90.971991][ T7369] should_fail_ex+0x497/0x5b0 [ 90.973300][ T7369] ? fs_reclaim_acquire+0xae/0x150 [ 90.974791][ T7369] should_failslab+0xc2/0x120 [ 90.976159][ T7369] __kmalloc_noprof+0xce/0x4f0 [ 90.977488][ T7369] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 90.979052][ T7369] ? tomoyo_realpath_from_path+0xbf/0x710 [ 90.980681][ T7369] tomoyo_realpath_from_path+0xbf/0x710 [ 90.982323][ T7369] ? tomoyo_path_number_perm+0x235/0x5b0 [ 90.983965][ T7369] tomoyo_path_number_perm+0x248/0x5b0 [ 90.985555][ T7369] ? tomoyo_path_number_perm+0x235/0x5b0 [ 90.987164][ T7369] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 90.988832][ T7369] ? __pfx_lock_release+0x10/0x10 [ 90.990208][ T7369] ? trace_lock_acquire+0x14e/0x1f0 [ 90.991738][ T7369] ? lock_acquire+0x2f/0xb0 [ 90.993036][ T7369] ? __fget_files+0x40/0x3a0 [ 90.994356][ T7369] ? __fget_files+0x206/0x3a0 [ 90.995687][ T7369] security_file_ioctl_compat+0x9b/0x240 [ 90.997223][ T7369] __do_compat_sys_ioctl+0x4e/0x2c0 [ 90.998674][ T7369] __do_fast_syscall_32+0x73/0x120 [ 91.000098][ T7369] do_fast_syscall_32+0x32/0x80 [ 91.001491][ T7369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 91.003214][ T7369] RIP: 0023:0xf7f22579 [ 91.004404][ T7369] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 91.010134][ T7369] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 91.013374][ T7369] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005404 [ 91.016260][ T7369] RDX: 0000000020000380 RSI: 0000000000000000 RDI: 0000000000000000 [ 91.018450][ T7369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 91.020634][ T7369] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 91.022815][ T7369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 91.025048][ T7369] [ 91.026004][ C3] vkms_vblank_simulate: vblank timer overrun [ 91.029302][ T7369] ERROR: Out of memory at tomoyo_realpath_from_path. [ 92.079998][ T7398] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 92.115782][ T7398] nvme_fabrics: missing parameter 'transport=%s' [ 92.117774][ T7398] nvme_fabrics: missing parameter 'nqn=%s' [ 92.120797][ T7398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.415'. [ 92.124483][ T7398] netlink: 12 bytes leftover after parsing attributes in process `syz.1.415'. [ 93.331194][ T7445] futex_wake_op: syz.3.426 tries to shift op by 144; fix this program [ 93.459233][ T7450] FAULT_INJECTION: forcing a failure. [ 93.459233][ T7450] name failslab, interval 1, probability 0, space 0, times 0 [ 93.479321][ T7450] CPU: 2 UID: 0 PID: 7450 Comm: syz.1.427 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 93.482537][ T7450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.486496][ T7450] Call Trace: [ 93.487550][ T7450] [ 93.488675][ T7450] dump_stack_lvl+0x16c/0x1f0 [ 93.490274][ T7450] should_fail_ex+0x497/0x5b0 [ 93.491810][ T7450] ? fs_reclaim_acquire+0xae/0x150 [ 93.493499][ T7450] should_failslab+0xc2/0x120 [ 93.494986][ T7450] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 93.496720][ T7450] ? getname_flags.part.0+0x4c/0x550 [ 93.498609][ T7450] getname_flags.part.0+0x4c/0x550 [ 93.500423][ T7450] getname+0x8d/0xe0 [ 93.501827][ T7450] do_sys_openat2+0x104/0x1e0 [ 93.503726][ T7450] ? __pfx_do_sys_openat2+0x10/0x10 [ 93.505595][ T7450] ? __fget_files+0x206/0x3a0 [ 93.507455][ T7450] __ia32_sys_creat+0xcc/0x120 [ 93.509398][ T7450] ? __pfx___ia32_sys_creat+0x10/0x10 [ 93.511553][ T7450] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 93.514179][ T7450] ? lockdep_hardirqs_on+0x7c/0x110 [ 93.516282][ T7450] __do_fast_syscall_32+0x73/0x120 [ 93.518343][ T7450] do_fast_syscall_32+0x32/0x80 [ 93.520329][ T7450] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.522865][ T7450] RIP: 0023:0xf7ff6579 [ 93.524520][ T7450] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 93.532088][ T7450] RSP: 002b:00000000f512555c EFLAGS: 00000296 ORIG_RAX: 0000000000000008 [ 93.534823][ T7450] RAX: ffffffffffffffda RBX: 0000000020000040 RCX: 0000000000000000 [ 93.537893][ T7450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 93.541039][ T7450] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 93.544177][ T7450] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 93.547186][ T7450] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.549498][ T7450] [ 93.896393][ T7466] kvm: pic: level sensitive irq not supported [ 97.053380][ T7572] FAULT_INJECTION: forcing a failure. [ 97.053380][ T7572] name failslab, interval 1, probability 0, space 0, times 0 [ 97.060706][ T7572] CPU: 2 UID: 0 PID: 7572 Comm: syz.3.457 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 97.064753][ T7572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.068912][ T7572] Call Trace: [ 97.070233][ T7572] [ 97.071402][ T7572] dump_stack_lvl+0x16c/0x1f0 [ 97.073295][ T7572] should_fail_ex+0x497/0x5b0 [ 97.075151][ T7572] ? fs_reclaim_acquire+0xae/0x150 [ 97.077169][ T7572] should_failslab+0xc2/0x120 [ 97.079000][ T7572] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 97.081088][ T7572] ? getname_flags.part.0+0x4c/0x550 [ 97.083138][ T7572] getname_flags.part.0+0x4c/0x550 [ 97.085161][ T7572] getname_flags+0x93/0xf0 [ 97.086943][ T7572] __ia32_sys_rename+0x57/0xa0 [ 97.088829][ T7572] __do_fast_syscall_32+0x73/0x120 [ 97.090814][ T7572] do_fast_syscall_32+0x32/0x80 [ 97.092705][ T7572] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 97.095122][ T7572] RIP: 0023:0xf711e579 [ 97.096720][ T7572] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 97.104055][ T7572] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000026 [ 97.107258][ T7572] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000020000140 [ 97.110363][ T7572] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 97.113358][ T7572] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 97.116387][ T7572] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 97.119469][ T7572] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 97.122527][ T7572] [ 99.744940][ T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 99.900599][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 99.903200][ T9] usb 6-1: config 0 has no interfaces? [ 99.904813][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 99.907699][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.917781][ T9] usb 6-1: config 0 descriptor?? [ 100.161829][ T6002] usb 6-1: USB disconnect, device number 4 [ 101.153800][ T7678] kvm: pic: level sensitive irq not supported [ 101.288606][ T7681] kvm: pic: level sensitive irq not supported [ 102.850711][ T7739] Invalid source name [ 102.853903][ T7740] Invalid source name [ 102.855573][ T7740] UBIFS error (pid: 7740): cannot open "./file0", error -22 [ 102.859122][ T7739] UBIFS error (pid: 7739): cannot open "./file0", error -22 [ 103.389722][ T7745] FAULT_INJECTION: forcing a failure. [ 103.389722][ T7745] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.396035][ T7745] CPU: 2 UID: 0 PID: 7745 Comm: syz.0.510 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 103.400037][ T7745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 103.403831][ T7745] Call Trace: [ 103.405115][ T7745] [ 103.406263][ T7745] dump_stack_lvl+0x16c/0x1f0 [ 103.408165][ T7745] should_fail_ex+0x497/0x5b0 [ 103.410003][ T7745] _copy_from_user+0x2e/0xd0 [ 103.411812][ T7745] get_compat_msghdr+0xa8/0x170 [ 103.413682][ T7745] ? __pfx_get_compat_msghdr+0x10/0x10 [ 103.415836][ T7745] ___sys_sendmsg+0x1b0/0x1e0 [ 103.417659][ T7745] ? __pfx____sys_sendmsg+0x10/0x10 [ 103.419673][ T7745] ? __pfx_lock_release+0x10/0x10 [ 103.421568][ T7745] ? trace_lock_acquire+0x14e/0x1f0 [ 103.423570][ T7745] ? __fget_files+0x206/0x3a0 [ 103.425352][ T7745] __sys_sendmsg+0x16e/0x220 [ 103.426694][ T7745] ? __pfx___sys_sendmsg+0x10/0x10 [ 103.428436][ T7745] __do_fast_syscall_32+0x73/0x120 [ 103.430516][ T7745] do_fast_syscall_32+0x32/0x80 [ 103.432041][ T7745] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 103.433878][ T7745] RIP: 0023:0xf706e579 [ 103.435048][ T7745] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 103.440472][ T7745] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 103.442804][ T7745] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000 [ 103.445058][ T7745] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 103.447274][ T7745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 103.450026][ T7745] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 103.453046][ T7745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 103.455864][ T7745] [ 103.575922][ T7756] kvm: pic: level sensitive irq not supported [ 104.635295][ T7776] kvm: pic: level sensitive irq not supported [ 104.991415][ T7786] vlan2: entered promiscuous mode [ 104.994859][ T7786] vlan2: entered allmulticast mode [ 106.278691][ T7818] FAULT_INJECTION: forcing a failure. [ 106.278691][ T7818] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 106.282638][ T7818] CPU: 0 UID: 0 PID: 7818 Comm: syz.3.532 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 106.286408][ T7818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 106.289490][ T7818] Call Trace: [ 106.290480][ T7818] [ 106.291359][ T7818] dump_stack_lvl+0x16c/0x1f0 [ 106.292744][ T7818] should_fail_ex+0x497/0x5b0 [ 106.294106][ T7818] _copy_from_user+0x2e/0xd0 [ 106.295447][ T7818] get_compat_msghdr+0xa8/0x170 [ 106.296860][ T7818] ? __pfx_get_compat_msghdr+0x10/0x10 [ 106.298450][ T7818] ___sys_sendmsg+0x1b0/0x1e0 [ 106.299833][ T7818] ? __pfx____sys_sendmsg+0x10/0x10 [ 106.301367][ T7818] ? trace_lock_acquire+0x14e/0x1f0 [ 106.302897][ T7818] __sys_sendmmsg+0x2fa/0x420 [ 106.304292][ T7818] ? __pfx___sys_sendmmsg+0x10/0x10 [ 106.305812][ T7818] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 106.307544][ T7818] ? fput+0x67/0x440 [ 106.308695][ T7818] ? ksys_write+0x1ba/0x250 [ 106.310002][ T7818] ? __pfx_ksys_write+0x10/0x10 [ 106.311485][ T7818] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 106.313112][ T7818] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 106.314989][ T7818] __do_fast_syscall_32+0x73/0x120 [ 106.316483][ T7818] do_fast_syscall_32+0x32/0x80 [ 106.317888][ T7818] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 106.319716][ T7818] RIP: 0023:0xf711e579 [ 106.320915][ T7818] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 106.326340][ T7818] RSP: 002b:00000000f511055c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 106.328582][ T7818] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020003a80 [ 106.330880][ T7818] RDX: 0000000000000001 RSI: 000000002c000011 RDI: 0000000000000000 [ 106.333165][ T7818] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 106.335446][ T7818] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 106.337762][ T7818] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 106.340052][ T7818] [ 106.355198][ T7816] kvm: pic: level sensitive irq not supported [ 106.412931][ T7825] kvm: pic: level sensitive irq not supported [ 106.755087][ T7835] kvm: pic: level sensitive irq not supported [ 114.048628][ T6003] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 114.198581][ T6003] usb 8-1: Using ep0 maxpacket: 32 [ 114.205396][ T6003] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 114.208647][ T6003] usb 8-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 114.211408][ T6003] usb 8-1: config 0 interface 0 has no altsetting 0 [ 114.213310][ T6003] usb 8-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00 [ 114.215983][ T6003] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.232102][ T6003] usb 8-1: config 0 descriptor?? [ 114.643350][ T8030] netlink: 20 bytes leftover after parsing attributes in process `syz.3.592'. [ 114.663222][ T6003] usbhid 8-1:0.0: can't add hid device: -71 [ 114.665088][ T6003] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 114.669007][ T6003] usb 8-1: USB disconnect, device number 3 [ 115.752762][ T8082] FAULT_INJECTION: forcing a failure. [ 115.752762][ T8082] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 115.756668][ T8082] CPU: 3 UID: 0 PID: 8082 Comm: syz.0.611 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 115.759739][ T8082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 115.762810][ T8082] Call Trace: [ 115.763787][ T8082] [ 115.764648][ T8082] dump_stack_lvl+0x16c/0x1f0 [ 115.766017][ T8082] should_fail_ex+0x497/0x5b0 [ 115.767398][ T8082] _copy_from_user+0x2e/0xd0 [ 115.768756][ T8082] get_compat_msghdr+0xa8/0x170 [ 115.770168][ T8082] ? __pfx_get_compat_msghdr+0x10/0x10 [ 115.771777][ T8082] ___sys_sendmsg+0x1b0/0x1e0 [ 115.773147][ T8082] ? __pfx____sys_sendmsg+0x10/0x10 [ 115.774685][ T8082] ? __pfx_lock_release+0x10/0x10 [ 115.776155][ T8082] ? trace_lock_acquire+0x14e/0x1f0 [ 115.777669][ T8082] ? __fget_files+0x206/0x3a0 [ 115.779115][ T8082] __sys_sendmsg+0x16e/0x220 [ 115.780548][ T8082] ? __pfx___sys_sendmsg+0x10/0x10 [ 115.782063][ T8082] __do_fast_syscall_32+0x73/0x120 [ 115.783545][ T8082] do_fast_syscall_32+0x32/0x80 [ 115.784969][ T8082] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 115.786813][ T8082] RIP: 0023:0xf706e579 [ 115.788003][ T8082] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 115.793470][ T8082] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 115.795845][ T8082] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000080 [ 115.798099][ T8082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 115.800405][ T8082] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 115.802621][ T8082] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 115.804890][ T8082] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 115.807159][ T8082] [ 115.808190][ C3] vkms_vblank_simulate: vblank timer overrun [ 115.950125][ T8086] bond1: entered promiscuous mode [ 115.951652][ T8086] bond1: entered allmulticast mode [ 115.953286][ T8086] 8021q: adding VLAN 0 to HW filter on device bond1 [ 116.773782][ T8114] FAULT_INJECTION: forcing a failure. [ 116.773782][ T8114] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 116.782157][ T8114] CPU: 1 UID: 0 PID: 8114 Comm: syz.3.620 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 116.785235][ T8114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 116.788327][ T8114] Call Trace: [ 116.789302][ T8114] [ 116.790163][ T8114] dump_stack_lvl+0x16c/0x1f0 [ 116.791533][ T8114] should_fail_ex+0x497/0x5b0 [ 116.792914][ T8114] _copy_to_user+0x32/0xd0 [ 116.794209][ T8114] simple_read_from_buffer+0xd0/0x160 [ 116.795779][ T8114] proc_fail_nth_read+0x198/0x270 [ 116.797248][ T8114] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 116.798874][ T8114] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 116.800513][ T8114] vfs_read+0x1df/0xbe0 [ 116.801718][ T8114] ? __fget_files+0x1fc/0x3a0 [ 116.803089][ T8114] ? __pfx___mutex_lock+0x10/0x10 [ 116.804576][ T8114] ? __pfx_vfs_read+0x10/0x10 [ 116.805943][ T8114] ? __fget_files+0x206/0x3a0 [ 116.807329][ T8114] ksys_read+0x12b/0x250 [ 116.808576][ T8114] ? __pfx_ksys_read+0x10/0x10 [ 116.809963][ T8114] __do_fast_syscall_32+0x73/0x120 [ 116.811446][ T8114] do_fast_syscall_32+0x32/0x80 [ 116.812870][ T8114] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 116.814695][ T8114] RIP: 0023:0xf711e579 [ 116.815891][ T8114] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 116.821408][ T8114] RSP: 002b:00000000f5110590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 116.823797][ T8114] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5110620 [ 116.826047][ T8114] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000 [ 116.828329][ T8114] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 116.830635][ T8114] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 116.832898][ T8114] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 116.835177][ T8114] [ 119.120335][ T8190] FAULT_INJECTION: forcing a failure. [ 119.120335][ T8190] name failslab, interval 1, probability 0, space 0, times 0 [ 119.124309][ T8190] CPU: 1 UID: 0 PID: 8190 Comm: syz.0.637 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 119.127368][ T8190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 119.130418][ T8190] Call Trace: [ 119.131603][ T8190] [ 119.132685][ T8190] dump_stack_lvl+0x16c/0x1f0 [ 119.134040][ T8190] should_fail_ex+0x497/0x5b0 [ 119.135410][ T8190] ? fs_reclaim_acquire+0xae/0x150 [ 119.136892][ T8190] should_failslab+0xc2/0x120 [ 119.138247][ T8190] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 119.139826][ T8190] ? getname_flags.part.0+0x4c/0x550 [ 119.141344][ T8190] getname_flags.part.0+0x4c/0x550 [ 119.142854][ T8190] getname+0x8d/0xe0 [ 119.144004][ T8190] do_sys_openat2+0x104/0x1e0 [ 119.145377][ T8190] ? __pfx_do_sys_openat2+0x10/0x10 [ 119.146905][ T8190] ? __pfx___schedule+0x10/0x10 [ 119.148314][ T8190] ? __fget_files+0x206/0x3a0 [ 119.149712][ T8190] __ia32_compat_sys_openat+0x16e/0x210 [ 119.151300][ T8190] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 119.153079][ T8190] ? ksys_write+0x1ba/0x250 [ 119.154396][ T8190] __do_fast_syscall_32+0x73/0x120 [ 119.155909][ T8190] do_fast_syscall_32+0x32/0x80 [ 119.157324][ T8190] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 119.159134][ T8190] RIP: 0023:0xf706e579 [ 119.160317][ T8190] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 119.166295][ T8190] RSP: 002b:00000000f501e4f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 119.168667][ T8190] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f724ce8c [ 119.170919][ T8190] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73a3ff4 [ 119.173201][ T8190] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 119.175452][ T8190] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 119.177699][ T8190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 119.179968][ T8190] [ 119.315050][ T8196] FAULT_INJECTION: forcing a failure. [ 119.315050][ T8196] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 119.318892][ T8196] CPU: 1 UID: 0 PID: 8196 Comm: syz.3.640 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 119.321884][ T8196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 119.324918][ T8196] Call Trace: [ 119.325895][ T8196] [ 119.326777][ T8196] dump_stack_lvl+0x16c/0x1f0 [ 119.328146][ T8196] should_fail_ex+0x497/0x5b0 [ 119.329512][ T8196] _copy_from_user+0x2e/0xd0 [ 119.330836][ T8196] move_addr_to_kernel+0x68/0x160 [ 119.332293][ T8196] __sys_sendto+0x1ba/0x4f0 [ 119.333598][ T8196] ? __pfx___sys_sendto+0x10/0x10 [ 119.335048][ T8196] ? ksys_write+0x1ba/0x250 [ 119.336377][ T8196] __ia32_sys_sendto+0xdd/0x1b0 [ 119.337789][ T8196] ? lockdep_hardirqs_on+0x7c/0x110 [ 119.339338][ T8196] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 119.341227][ T8196] __do_fast_syscall_32+0x73/0x120 [ 119.342694][ T8196] do_fast_syscall_32+0x32/0x80 [ 119.344098][ T8196] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 119.345919][ T8196] RIP: 0023:0xf711e579 [ 119.347110][ T8196] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 119.352595][ T8196] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 119.354975][ T8196] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020847fff [ 119.357280][ T8196] RDX: 000000000000fee4 RSI: 0000000000000000 RDI: 000000002005ffe4 [ 119.359524][ T8196] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000 [ 119.361804][ T8196] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 119.364056][ T8196] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 119.366328][ T8196] [ 123.006734][ T8280] netlink: 40 bytes leftover after parsing attributes in process `syz.3.659'. [ 123.971003][ T8298] tipc: Started in network mode [ 123.973043][ T8298] tipc: Node identity 7, cluster identity 5 [ 123.975307][ T8298] tipc: Node number set to 7 [ 124.217654][ T8307] netlink: 28 bytes leftover after parsing attributes in process `syz.2.669'. [ 124.221106][ T8307] netlink: 28 bytes leftover after parsing attributes in process `syz.2.669'. [ 124.627612][ T8321] tmpfs: Group quota inode hardlimit too large. [ 125.224339][ T8331] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 125.227187][ T8331] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 125.232757][ T8331] vhci_hcd vhci_hcd.0: Device attached [ 125.426386][ T8332] vhci_hcd: connection closed [ 125.428179][ T12] vhci_hcd: stop threads [ 125.431309][ T12] vhci_hcd: release socket [ 125.438127][ T12] vhci_hcd: disconnect device [ 125.449937][ T1923] vhci_hcd: vhci_device speed not set [ 127.392707][ T8385] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 127.394619][ T8385] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 127.397265][ T8385] vhci_hcd vhci_hcd.0: Device attached [ 127.660762][ T8386] vhci_hcd: connection closed [ 127.660981][ T1129] vhci_hcd: stop threads [ 127.663643][ T1129] vhci_hcd: release socket [ 127.665015][ T1129] vhci_hcd: disconnect device [ 127.698600][ T1923] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 127.700815][ T1923] usb 43-1: enqueue for inactive port 0 [ 127.778672][ T1923] vhci_hcd: vhci_device speed not set [ 129.107674][ T8412] netlink: 8 bytes leftover after parsing attributes in process `syz.0.703'. [ 130.839377][ T8443] FAULT_INJECTION: forcing a failure. [ 130.839377][ T8443] name failslab, interval 1, probability 0, space 0, times 0 [ 130.843473][ T8443] CPU: 1 UID: 0 PID: 8443 Comm: syz.2.702 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 130.847152][ T8443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.850166][ T8443] Call Trace: [ 130.851129][ T8443] [ 130.852014][ T8443] dump_stack_lvl+0x16c/0x1f0 [ 130.853491][ T8443] should_fail_ex+0x497/0x5b0 [ 130.855254][ T8443] ? fs_reclaim_acquire+0xae/0x150 [ 130.857197][ T8443] should_failslab+0xc2/0x120 [ 130.858998][ T8443] __kmalloc_noprof+0xce/0x4f0 [ 130.860838][ T8443] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 130.862722][ T8443] ? tomoyo_realpath_from_path+0xbf/0x710 [ 130.864375][ T8443] tomoyo_realpath_from_path+0xbf/0x710 [ 130.866298][ T8443] ? tomoyo_path_number_perm+0x235/0x5b0 [ 130.868452][ T8443] tomoyo_path_number_perm+0x248/0x5b0 [ 130.870552][ T8443] ? tomoyo_path_number_perm+0x235/0x5b0 [ 130.872691][ T8443] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 130.874460][ T8443] ? __pfx_lock_release+0x10/0x10 [ 130.875866][ T8443] ? trace_lock_acquire+0x14e/0x1f0 [ 130.877353][ T8443] ? lock_acquire+0x2f/0xb0 [ 130.878614][ T8443] ? __fget_files+0x40/0x3a0 [ 130.879948][ T8443] ? __fget_files+0x206/0x3a0 [ 130.881267][ T8443] security_file_ioctl_compat+0x9b/0x240 [ 130.882873][ T8443] __do_compat_sys_ioctl+0x4e/0x2c0 [ 130.884364][ T8443] __do_fast_syscall_32+0x73/0x120 [ 130.885789][ T8443] do_fast_syscall_32+0x32/0x80 [ 130.887200][ T8443] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 130.889103][ T8443] RIP: 0023:0xf7f22579 [ 130.890370][ T8443] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 130.897045][ T8443] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 130.899470][ T8443] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008b1b [ 130.901721][ T8443] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 130.904011][ T8443] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 130.906471][ T8443] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 130.909140][ T8443] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 130.911451][ T8443] [ 130.913037][ T8443] ERROR: Out of memory at tomoyo_realpath_from_path. [ 130.916270][ T8443] warning: `syz.2.702' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 132.013221][ T8483] netlink: 12 bytes leftover after parsing attributes in process `syz.3.715'. [ 132.154730][ T8489] Bluetooth: MGMT ver 1.23 [ 132.187621][ T8492] netlink: 156 bytes leftover after parsing attributes in process `syz.0.719'. [ 132.191352][ T8492] netlink: 8 bytes leftover after parsing attributes in process `syz.0.719'. [ 132.195286][ T8493] netlink: 156 bytes leftover after parsing attributes in process `syz.0.719'. [ 132.199021][ T8493] netlink: 8 bytes leftover after parsing attributes in process `syz.0.719'. [ 132.287458][ T1411] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.290170][ T1411] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.191913][ T8521] IPv6: NLM_F_CREATE should be specified when creating new route [ 133.410067][ T8530] netlink: 8 bytes leftover after parsing attributes in process `syz.2.729'. [ 133.682828][ T8543] netlink: 4 bytes leftover after parsing attributes in process `syz.1.733'. [ 133.687832][ T8543] macvtap1: entered promiscuous mode [ 134.063603][ T8552] FAULT_INJECTION: forcing a failure. [ 134.063603][ T8552] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 134.067231][ T8552] CPU: 3 UID: 0 PID: 8552 Comm: syz.2.735 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 134.070166][ T8552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 134.073976][ T8552] Call Trace: [ 134.075272][ T8552] [ 134.076487][ T8552] dump_stack_lvl+0x16c/0x1f0 [ 134.078377][ T8552] should_fail_ex+0x497/0x5b0 [ 134.080250][ T8552] _copy_from_user+0x2e/0xd0 [ 134.082159][ T8552] get_compat_msghdr+0xa8/0x170 [ 134.084170][ T8552] ? __pfx_get_compat_msghdr+0x10/0x10 [ 134.086410][ T8552] ___sys_sendmsg+0x1b0/0x1e0 [ 134.088317][ T8552] ? __pfx____sys_sendmsg+0x10/0x10 [ 134.090400][ T8552] ? __pfx_lock_release+0x10/0x10 [ 134.092392][ T8552] ? trace_lock_acquire+0x14e/0x1f0 [ 134.094415][ T8552] ? __fget_files+0x206/0x3a0 [ 134.096330][ T8552] __sys_sendmsg+0x16e/0x220 [ 134.098143][ T8552] ? __pfx___sys_sendmsg+0x10/0x10 [ 134.100181][ T8552] __do_fast_syscall_32+0x73/0x120 [ 134.101667][ T8552] do_fast_syscall_32+0x32/0x80 [ 134.103480][ T8552] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 134.105958][ T8552] RIP: 0023:0xf7f22579 [ 134.107603][ T8552] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 134.115024][ T8552] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 134.118264][ T8552] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280 [ 134.121356][ T8552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 134.123909][ T8552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 134.126087][ T8552] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 134.128263][ T8552] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 134.130412][ T8552] [ 134.131525][ C3] vkms_vblank_simulate: vblank timer overrun [ 134.159815][ T5957] Bluetooth: hci3: unexpected event for opcode 0x0c7c [ 134.348729][ T5957] Bluetooth: hci3: link tx timeout [ 134.350339][ T5957] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 135.320464][ T8589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.746'. [ 136.480434][ T5951] Bluetooth: hci3: command 0x0405 tx timeout [ 136.851559][ T8621] netlink: 32 bytes leftover after parsing attributes in process `syz.3.756'. [ 136.911795][ T8625] netlink: 40 bytes leftover after parsing attributes in process `syz.3.756'. [ 137.333017][ T8642] netlink: 4 bytes leftover after parsing attributes in process `syz.0.761'. [ 137.338120][ T8642] macvtap1: entered promiscuous mode [ 137.879579][ T8661] netlink: 32 bytes leftover after parsing attributes in process `syz.1.769'. [ 137.899821][ T8661] netlink: 8 bytes leftover after parsing attributes in process `syz.1.769'. [ 139.322360][ T8699] FAULT_INJECTION: forcing a failure. [ 139.322360][ T8699] name failslab, interval 1, probability 0, space 0, times 0 [ 139.327470][ T8699] CPU: 1 UID: 0 PID: 8699 Comm: syz.0.779 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 139.331671][ T8699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 139.335884][ T8699] Call Trace: [ 139.337265][ T8699] [ 139.338476][ T8699] dump_stack_lvl+0x16c/0x1f0 [ 139.340369][ T8699] should_fail_ex+0x497/0x5b0 [ 139.342284][ T8699] ? fs_reclaim_acquire+0xae/0x150 [ 139.344338][ T8699] should_failslab+0xc2/0x120 [ 139.346222][ T8699] __kmalloc_noprof+0xce/0x4f0 [ 139.348148][ T8699] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 139.350483][ T8699] ? tomoyo_realpath_from_path+0xbf/0x710 [ 139.352772][ T8699] tomoyo_realpath_from_path+0xbf/0x710 [ 139.354991][ T8699] ? tomoyo_path_number_perm+0x235/0x5b0 [ 139.357269][ T8699] tomoyo_path_number_perm+0x248/0x5b0 [ 139.359478][ T8699] ? tomoyo_path_number_perm+0x235/0x5b0 [ 139.361741][ T8699] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 139.364166][ T8699] ? __pfx_lock_release+0x10/0x10 [ 139.366211][ T8699] ? trace_lock_acquire+0x14e/0x1f0 [ 139.368296][ T8699] ? lock_acquire+0x2f/0xb0 [ 139.370092][ T8699] ? __fget_files+0x40/0x3a0 [ 139.371969][ T8699] ? __fget_files+0x206/0x3a0 [ 139.373855][ T8699] security_file_ioctl_compat+0x9b/0x240 [ 139.376105][ T8699] __do_compat_sys_ioctl+0x4e/0x2c0 [ 139.378200][ T8699] __do_fast_syscall_32+0x73/0x120 [ 139.380278][ T8699] do_fast_syscall_32+0x32/0x80 [ 139.382249][ T8699] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 139.384807][ T8699] RIP: 0023:0xf706e579 [ 139.386483][ T8699] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 139.394117][ T8699] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 139.397515][ T8699] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000ae41 [ 139.400659][ T8699] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 139.403802][ T8699] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 139.406975][ T8699] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 139.410129][ T8699] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 139.413339][ T8699] [ 139.423414][ T8699] ERROR: Out of memory at tomoyo_realpath_from_path. [ 144.190290][ T56] usb 8-1: new full-speed USB device number 4 using dummy_hcd [ 144.344086][ T56] usb 8-1: not running at top speed; connect to a high speed hub [ 144.348588][ T56] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64 [ 144.356713][ T56] usb 8-1: New USB device found, idVendor=056a, idProduct=00de, bcdDevice= 0.40 [ 144.359504][ T56] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.362505][ T56] usb 8-1: Product: syz [ 144.364461][ T56] usb 8-1: Manufacturer: syz [ 144.366478][ T56] usb 8-1: SerialNumber: syz [ 144.398967][ T8808] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 144.625406][ T56] usbhid 8-1:1.0: can't add hid device: -71 [ 144.627904][ T56] usbhid 8-1:1.0: probe with driver usbhid failed with error -71 [ 144.639166][ T56] usb 8-1: USB disconnect, device number 4 [ 147.424698][ T8895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.831'. [ 147.430860][ T8895] macvtap1: entered promiscuous mode [ 148.138370][ T8910] netlink: 4 bytes leftover after parsing attributes in process `syz.1.835'. [ 148.143777][ T8910] macvtap1: entered promiscuous mode [ 150.100048][ T8] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 150.285595][ T8] usb 5-1: not running at top speed; connect to a high speed hub [ 150.293000][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64 [ 150.300158][ T8] usb 5-1: New USB device found, idVendor=056a, idProduct=00de, bcdDevice= 0.40 [ 150.303548][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.306559][ T8] usb 5-1: Product: syz [ 150.308144][ T8] usb 5-1: Manufacturer: syz [ 150.318567][ T8] usb 5-1: SerialNumber: syz [ 150.328995][ T8937] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 150.682391][ T8] usbhid 5-1:1.0: can't add hid device: -71 [ 150.684731][ T8] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 150.689354][ T8] usb 5-1: USB disconnect, device number 3 [ 150.887563][ T8958] tipc: Started in network mode [ 150.889106][ T8958] tipc: Node identity 10000, cluster identity 4711 [ 150.890996][ T8958] tipc: Node number set to 65536 [ 151.937673][ T8979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.853'. [ 151.943770][ T8979] macvtap1: entered promiscuous mode [ 152.959482][ T9001] FAULT_INJECTION: forcing a failure. [ 152.959482][ T9001] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 152.969949][ T9001] CPU: 2 UID: 0 PID: 9001 Comm: syz.1.859 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 152.972769][ T9001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 152.975662][ T9001] Call Trace: [ 152.976618][ T9001] [ 152.977454][ T9001] dump_stack_lvl+0x16c/0x1f0 [ 152.978745][ T9001] should_fail_ex+0x497/0x5b0 [ 152.980045][ T9001] _copy_to_user+0x32/0xd0 [ 152.981275][ T9001] simple_read_from_buffer+0xd0/0x160 [ 152.982758][ T9001] proc_fail_nth_read+0x198/0x270 [ 152.984171][ T9001] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 152.985705][ T9001] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 152.987271][ T9001] vfs_read+0x1df/0xbe0 [ 152.988431][ T9001] ? __fget_files+0x1fc/0x3a0 [ 152.989896][ T9001] ? __pfx___mutex_lock+0x10/0x10 [ 152.991310][ T9001] ? __pfx_vfs_read+0x10/0x10 [ 152.992628][ T9001] ? __fget_files+0x206/0x3a0 [ 152.993934][ T9001] ksys_read+0x12b/0x250 [ 152.995130][ T9001] ? __pfx_ksys_read+0x10/0x10 [ 152.996511][ T9001] __do_fast_syscall_32+0x73/0x120 [ 152.997966][ T9001] do_fast_syscall_32+0x32/0x80 [ 152.999329][ T9001] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 153.001113][ T9001] RIP: 0023:0xf7ff6579 [ 153.002284][ T9001] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 153.007601][ T9001] RSP: 002b:00000000f5146590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 153.009858][ T9001] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5146620 [ 153.012054][ T9001] RDX: 000000000000000f RSI: 00000000f7483ff4 RDI: 0000000000000000 [ 153.014292][ T9001] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 153.016586][ T9001] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 153.018860][ T9001] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 153.021239][ T9001] [ 154.286445][ T9014] uprobe: syz.2.864:9014 failed to unregister, leaking uprobe [ 155.257355][ T9075] tipc: Started in network mode [ 155.258985][ T9075] tipc: Node identity 10000, cluster identity 4711 [ 155.261146][ T9075] tipc: Node number set to 65536 [ 156.581818][ T9101] netlink: 4 bytes leftover after parsing attributes in process `syz.3.888'. [ 156.586972][ T9101] macvtap1: entered promiscuous mode [ 159.118808][ T9134] uprobe: syz.1.897:9134 failed to unregister, leaking uprobe [ 163.801269][ T9265] netlink: 'syz.2.935': attribute type 10 has an invalid length. [ 163.848069][ T9265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 163.873717][ T9265] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 166.051483][ T9323] FAULT_INJECTION: forcing a failure. [ 166.051483][ T9323] name failslab, interval 1, probability 0, space 0, times 0 [ 166.056503][ T9323] CPU: 3 UID: 0 PID: 9323 Comm: syz.0.952 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 166.059570][ T9323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 166.062716][ T9323] Call Trace: [ 166.063714][ T9323] [ 166.064584][ T9323] dump_stack_lvl+0x16c/0x1f0 [ 166.065990][ T9323] should_fail_ex+0x497/0x5b0 [ 166.067379][ T9323] ? fs_reclaim_acquire+0xae/0x150 [ 166.068851][ T9323] should_failslab+0xc2/0x120 [ 166.070184][ T9323] __kmalloc_cache_noprof+0x68/0x420 [ 166.071696][ T9323] ? trace_lock_acquire+0x14e/0x1f0 [ 166.073229][ T9323] alloc_pipe_info+0x10e/0x590 [ 166.074577][ T9323] splice_direct_to_actor+0x793/0xa40 [ 166.076140][ T9323] ? __pfx_direct_splice_actor+0x10/0x10 [ 166.077720][ T9323] ? __pfx_aa_file_perm+0x10/0x10 [ 166.079196][ T9323] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 166.080918][ T9323] ? __fget_files+0x1fc/0x3a0 [ 166.082322][ T9323] do_splice_direct+0x178/0x250 [ 166.083882][ T9323] ? __pfx_do_splice_direct+0x10/0x10 [ 166.085526][ T9323] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 166.087540][ T9323] do_sendfile+0xaed/0xe30 [ 166.088713][ T9323] ? __pfx_do_sendfile+0x10/0x10 [ 166.090135][ T9323] ? __fget_files+0x206/0x3a0 [ 166.091461][ T9323] __ia32_compat_sys_sendfile+0x1e7/0x230 [ 166.093115][ T9323] ? ksys_write+0x1ba/0x250 [ 166.094410][ T9323] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 166.096201][ T9323] __do_fast_syscall_32+0x73/0x120 [ 166.097629][ T9323] do_fast_syscall_32+0x32/0x80 [ 166.098997][ T9323] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 166.100754][ T9323] RIP: 0023:0xf706e579 [ 166.101910][ T9323] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 166.108142][ T9323] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 166.110477][ T9323] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000005 [ 166.112781][ T9323] RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000000000000000 [ 166.114973][ T9323] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 166.117215][ T9323] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 166.119464][ T9323] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 166.121774][ T9323] [ 166.123021][ C3] vkms_vblank_simulate: vblank timer overrun [ 170.198743][ T5955] Bluetooth: hci2: command 0x0406 tx timeout [ 170.200616][ T5955] Bluetooth: hci1: command 0x0406 tx timeout [ 170.202341][ T5955] Bluetooth: hci0: command 0x0406 tx timeout [ 172.873671][ T9487] Illegal XDP return value 965776015 on prog (id 47) dev N/A, expect packet loss! [ 174.098662][ T57] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 174.258555][ T57] usb 8-1: Using ep0 maxpacket: 8 [ 174.261339][ T57] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 174.263568][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 174.268655][ T57] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 174.274441][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 174.280008][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 174.289818][ T57] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 174.295170][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 174.299564][ T57] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 174.305321][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 174.309046][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 174.313787][ T57] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 174.318730][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 174.321903][ T57] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 174.325371][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 174.329438][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 174.336447][ T57] usb 8-1: string descriptor 0 read error: -22 [ 174.338284][ T57] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 174.341616][ T57] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.348262][ T57] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 174.553521][ T9515] 9pnet_fd: Insufficient options for proto=fd [ 174.555792][ T57] usb 8-1: USB disconnect, device number 5 [ 177.742490][ T9610] FAULT_INJECTION: forcing a failure. [ 177.742490][ T9610] name failslab, interval 1, probability 0, space 0, times 0 [ 177.746376][ T9610] CPU: 1 UID: 0 PID: 9610 Comm: syz.3.1031 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 177.749480][ T9610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 177.752592][ T9610] Call Trace: [ 177.753855][ T9610] [ 177.754952][ T9610] dump_stack_lvl+0x16c/0x1f0 [ 177.756391][ T9610] should_fail_ex+0x497/0x5b0 [ 177.757776][ T9610] ? fs_reclaim_acquire+0xae/0x150 [ 177.759292][ T9610] should_failslab+0xc2/0x120 [ 177.760671][ T9610] __kmalloc_node_noprof+0xd1/0x520 [ 177.762193][ T9610] ? lock_acquire.part.0+0x11b/0x380 [ 177.763746][ T9610] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 177.765333][ T9610] __kvmalloc_node_noprof+0xad/0x1a0 [ 177.766920][ T9610] seq_read_iter+0x82a/0x12b0 [ 177.768710][ T9610] ? rw_verify_area+0xd0/0x700 [ 177.770508][ T9610] vfs_read+0x87f/0xbe0 [ 177.772345][ T9610] ? __pfx_vfs_read+0x10/0x10 [ 177.773736][ T9610] ksys_read+0x12b/0x250 [ 177.774970][ T9610] ? __pfx_ksys_read+0x10/0x10 [ 177.776585][ T9610] __do_fast_syscall_32+0x73/0x120 [ 177.778109][ T9610] do_fast_syscall_32+0x32/0x80 [ 177.779539][ T9610] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 177.781362][ T9610] RIP: 0023:0xf711e579 [ 177.782547][ T9610] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 177.788031][ T9610] RSP: 002b:00000000f511055c EFLAGS: 00000296 ORIG_RAX: 0000000000000003 [ 177.790418][ T9610] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020002340 [ 177.792690][ T9610] RDX: 0000000000002020 RSI: 0000000000000000 RDI: 0000000000000000 [ 177.794943][ T9610] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 177.797210][ T9610] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 177.799458][ T9610] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 177.801722][ T9610] [ 178.000128][ T9619] FAULT_INJECTION: forcing a failure. [ 178.000128][ T9619] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 178.003928][ T9619] CPU: 1 UID: 0 PID: 9619 Comm: syz.0.1034 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 178.006987][ T9619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 178.010080][ T9619] Call Trace: [ 178.011079][ T9619] [ 178.011951][ T9619] dump_stack_lvl+0x16c/0x1f0 [ 178.013331][ T9619] should_fail_ex+0x497/0x5b0 [ 178.014907][ T9619] _copy_to_user+0x32/0xd0 [ 178.016586][ T9619] simple_read_from_buffer+0xd0/0x160 [ 178.018574][ T9619] proc_fail_nth_read+0x198/0x270 [ 178.020467][ T9619] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 178.022526][ T9619] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 178.024593][ T9619] vfs_read+0x1df/0xbe0 [ 178.026160][ T9619] ? __fget_files+0x1fc/0x3a0 [ 178.028040][ T9619] ? __pfx___mutex_lock+0x10/0x10 [ 178.029521][ T9619] ? __pfx_vfs_read+0x10/0x10 [ 178.031645][ T9619] ? __fget_files+0x206/0x3a0 [ 178.033036][ T9619] ksys_read+0x12b/0x250 [ 178.034286][ T9619] ? __pfx_ksys_read+0x10/0x10 [ 178.035720][ T9619] __do_fast_syscall_32+0x73/0x120 [ 178.037221][ T9619] do_fast_syscall_32+0x32/0x80 [ 178.038649][ T9619] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 178.040488][ T9619] RIP: 0023:0xf706e579 [ 178.041684][ T9619] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 178.047216][ T9619] RSP: 002b:00000000f5060590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 178.049606][ T9619] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5060620 [ 178.052013][ T9619] RDX: 000000000000000f RSI: 00000000f73a3ff4 RDI: 0000000000000000 [ 178.054390][ T9619] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 178.056687][ T9619] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 178.058982][ T9619] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 178.061270][ T9619] [ 178.112849][ T9623] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1037'. [ 178.222547][ T40] audit: type=1804 audit(1737064199.170:2): pid=9623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1037" name="/newroot/254/file0/file0" dev="9p" ino=38928620 res=1 errno=0 [ 178.749088][ T5951] Bluetooth: hci3: command 0x0405 tx timeout [ 179.253032][ C2] vcan0: j1939_tp_rxtimer: 0xffff888025a07400: rx timeout, send abort [ 179.256492][ C2] vcan0: j1939_tp_rxtimer: 0xffff888021e82000: rx timeout, send abort [ 179.259102][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff888025a07400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 179.267336][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff888021e82000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 180.398436][ T9670] cgroup: fork rejected by pids controller in /syz3 [ 180.456326][ T9711] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1054'. [ 180.655887][ T40] audit: type=1804 audit(1737064201.600:3): pid=9711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1054" name="/newroot/271/file0/file0" dev="9p" ino=38928620 res=1 errno=0 [ 182.112946][ T9764] FAULT_INJECTION: forcing a failure. [ 182.112946][ T9764] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 182.116802][ T9764] CPU: 1 UID: 0 PID: 9764 Comm: syz.2.1066 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 182.119975][ T9764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 182.122992][ T9764] Call Trace: [ 182.123978][ T9764] [ 182.124848][ T9764] dump_stack_lvl+0x16c/0x1f0 [ 182.126269][ T9764] should_fail_ex+0x497/0x5b0 [ 182.127652][ T9764] _copy_from_user+0x2e/0xd0 [ 182.129007][ T9764] io_submit_one+0xbc/0x1da0 [ 182.130348][ T9764] ? __pfx_io_submit_one+0x10/0x10 [ 182.131835][ T9764] ? __might_fault+0x13b/0x190 [ 182.133225][ T9764] ? lock_acquire+0x2f/0xb0 [ 182.134547][ T9764] ? __might_fault+0xe3/0x190 [ 182.135966][ T9764] ? __ia32_compat_sys_io_submit+0x1ba/0x3a0 [ 182.137708][ T9764] __ia32_compat_sys_io_submit+0x1ba/0x3a0 [ 182.139406][ T9764] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 182.141239][ T9764] __do_fast_syscall_32+0x73/0x120 [ 182.142734][ T9764] do_fast_syscall_32+0x32/0x80 [ 182.144163][ T9764] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 182.145999][ T9764] RIP: 0023:0xf7f22579 [ 182.147205][ T9764] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 182.152673][ T9764] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8 [ 182.155053][ T9764] RAX: ffffffffffffffda RBX: 00000000f504d000 RCX: 0000000000000001 [ 182.157356][ T9764] RDX: 0000000020000540 RSI: 0000000000000000 RDI: 0000000000000000 [ 182.159670][ T9764] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 182.161952][ T9764] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 182.164249][ T9764] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 182.166565][ T9764] [ 182.668818][ T69] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 182.839781][ T69] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 182.842570][ T69] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 182.845700][ T69] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 182.848592][ T69] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 182.852115][ T69] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 182.856644][ T69] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 182.859606][ T69] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 182.862033][ T69] usb 6-1: Product: syz [ 182.863300][ T69] usb 6-1: Manufacturer: syz [ 182.867451][ T69] cdc_wdm 6-1:1.0: skipping garbage [ 182.869156][ T69] cdc_wdm 6-1:1.0: skipping garbage [ 182.872485][ T69] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 182.874322][ T69] cdc_wdm 6-1:1.0: Unknown control protocol [ 183.087811][ T6002] usb 6-1: USB disconnect, device number 5 [ 192.528380][T10036] FAULT_INJECTION: forcing a failure. [ 192.528380][T10036] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 192.532530][T10036] CPU: 1 UID: 0 PID: 10036 Comm: syz.3.1141 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 192.535634][T10036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 192.538690][T10036] Call Trace: [ 192.539807][T10036] [ 192.540744][T10036] dump_stack_lvl+0x16c/0x1f0 [ 192.542119][T10036] should_fail_ex+0x497/0x5b0 [ 192.543494][T10036] _copy_from_user+0x2e/0xd0 [ 192.544899][T10036] get_old_itimerspec32+0x83/0x1e0 [ 192.546389][T10036] ? __pfx_get_old_itimerspec32+0x10/0x10 [ 192.548027][T10036] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 192.549756][T10036] __ia32_sys_timer_settime32+0x1a6/0x2c0 [ 192.551412][T10036] ? __pfx___ia32_sys_timer_settime32+0x10/0x10 [ 192.553201][T10036] ? __pfx_native_tss_update_io_bitmap+0x10/0x10 [ 192.555033][T10036] ? ksys_write+0x1ba/0x250 [ 192.556360][T10036] __do_fast_syscall_32+0x73/0x120 [ 192.557828][T10036] do_fast_syscall_32+0x32/0x80 [ 192.559272][T10036] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 192.561090][T10036] RIP: 0023:0xf711e579 [ 192.562266][T10036] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 192.567810][T10036] RSP: 002b:00000000f511055c EFLAGS: 00000296 ORIG_RAX: 0000000000000104 [ 192.570187][T10036] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000 [ 192.572468][T10036] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 192.574750][T10036] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 192.577018][T10036] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 192.579284][T10036] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 192.581562][T10036] [ 193.712745][ T1411] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.714759][ T1411] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.027021][T10106] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 195.062604][T10111] FAULT_INJECTION: forcing a failure. [ 195.062604][T10111] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 195.068678][T10111] CPU: 3 UID: 0 PID: 10111 Comm: syz.3.1165 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 195.072821][T10111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 195.076924][T10111] Call Trace: [ 195.078199][T10111] [ 195.079336][T10111] dump_stack_lvl+0x16c/0x1f0 [ 195.081122][T10111] should_fail_ex+0x497/0x5b0 [ 195.082914][T10111] _copy_from_user+0x2e/0xd0 [ 195.084661][T10111] get_compat_msghdr+0xa8/0x170 [ 195.086504][T10111] ? __pfx_get_compat_msghdr+0x10/0x10 [ 195.088580][T10111] ___sys_sendmsg+0x1b0/0x1e0 [ 195.090362][T10111] ? __pfx____sys_sendmsg+0x10/0x10 [ 195.092342][T10111] ? __pfx_lock_release+0x10/0x10 [ 195.094236][T10111] ? trace_lock_acquire+0x14e/0x1f0 [ 195.096268][T10111] ? __fget_files+0x206/0x3a0 [ 195.098067][T10111] __sys_sendmsg+0x16e/0x220 [ 195.099818][T10111] ? __pfx___sys_sendmsg+0x10/0x10 [ 195.101763][T10111] __do_fast_syscall_32+0x73/0x120 [ 195.103699][T10111] do_fast_syscall_32+0x32/0x80 [ 195.105576][T10111] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 195.108003][T10111] RIP: 0023:0xf711e579 [ 195.109537][T10111] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 195.116729][T10111] RSP: 002b:00000000f511055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 195.119888][T10111] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000140 [ 195.122899][T10111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 195.126055][T10111] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 195.129050][T10111] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 195.132008][T10111] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 195.135020][T10111] [ 195.136272][ C3] vkms_vblank_simulate: vblank timer overrun [ 196.120649][T10145] FAULT_INJECTION: forcing a failure. [ 196.120649][T10145] name failslab, interval 1, probability 0, space 0, times 0 [ 196.124253][T10145] CPU: 1 UID: 0 PID: 10145 Comm: syz.0.1177 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 196.127375][T10145] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 196.130566][T10145] Call Trace: [ 196.131929][T10145] [ 196.133139][T10145] dump_stack_lvl+0x16c/0x1f0 [ 196.135073][T10145] should_fail_ex+0x497/0x5b0 [ 196.136965][T10145] ? fs_reclaim_acquire+0xae/0x150 [ 196.138970][T10145] should_failslab+0xc2/0x120 [ 196.140833][T10145] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 196.143205][T10145] ? __pfx_mark_lock+0x10/0x10 [ 196.145132][T10145] ? mark_lock+0xb5/0xc60 [ 196.146951][T10145] ? __alloc_skb+0x2b3/0x380 [ 196.148385][T10145] __alloc_skb+0x2b3/0x380 [ 196.150134][T10145] ? __pfx___alloc_skb+0x10/0x10 [ 196.151765][T10145] ? __lock_acquire+0xcc5/0x3c40 [ 196.153190][T10145] ? aa_label_sk_perm+0x19d/0x5a0 [ 196.154649][T10145] alloc_skb_with_frags+0xe4/0x850 [ 196.156172][T10145] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 196.157790][T10145] sock_alloc_send_pskb+0x7f1/0x980 [ 196.159327][T10145] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 196.160976][T10145] ? __pfx_lock_release+0x10/0x10 [ 196.162437][T10145] ? __pfx___might_resched+0x10/0x10 [ 196.163975][T10145] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 196.165708][T10145] hci_sock_sendmsg+0x1c8/0x25e0 [ 196.167183][T10145] ? aa_file_perm+0x4d5/0xfe0 [ 196.168604][T10145] ? __pfx_aa_sk_perm+0x10/0x10 [ 196.170349][T10145] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 196.171910][T10145] sock_write_iter+0x4fe/0x5b0 [ 196.173287][T10145] ? __pfx_sock_write_iter+0x10/0x10 [ 196.174788][T10145] ? bpf_lsm_file_permission+0x9/0x10 [ 196.176375][T10145] ? security_file_permission+0x71/0x210 [ 196.177994][T10145] vfs_write+0x5ae/0x1150 [ 196.179262][T10145] ? __pfx_sock_write_iter+0x10/0x10 [ 196.180786][T10145] ? __pfx_vfs_write+0x10/0x10 [ 196.182134][T10145] ? __fget_files+0x40/0x3a0 [ 196.183443][T10145] ksys_write+0x207/0x250 [ 196.184700][T10145] ? __pfx_ksys_write+0x10/0x10 [ 196.186367][T10145] __do_fast_syscall_32+0x73/0x120 [ 196.188370][T10145] do_fast_syscall_32+0x32/0x80 [ 196.189849][T10145] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 196.191715][T10145] RIP: 0023:0xf706e579 [ 196.192907][T10145] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 196.198541][T10145] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 196.200969][T10145] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200005c0 [ 196.203607][T10145] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000 [ 196.205961][T10145] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 196.208281][T10145] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 196.210567][T10145] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 196.212889][T10145] [ 199.192556][T10218] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1199'. [ 199.689113][T10224] FAULT_INJECTION: forcing a failure. [ 199.689113][T10224] name failslab, interval 1, probability 0, space 0, times 0 [ 199.696490][T10224] CPU: 1 UID: 0 PID: 10224 Comm: syz.3.1201 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 199.699631][T10224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 199.702830][T10224] Call Trace: [ 199.703890][T10224] [ 199.704780][T10224] dump_stack_lvl+0x16c/0x1f0 [ 199.706218][T10224] should_fail_ex+0x497/0x5b0 [ 199.707649][T10224] ? fs_reclaim_acquire+0xae/0x150 [ 199.709175][T10224] should_failslab+0xc2/0x120 [ 199.710582][T10224] __kmalloc_noprof+0xce/0x4f0 [ 199.712007][T10224] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 199.713725][T10224] ? tomoyo_realpath_from_path+0xbf/0x710 [ 199.715437][T10224] tomoyo_realpath_from_path+0xbf/0x710 [ 199.717065][T10224] ? tomoyo_path_number_perm+0x235/0x5b0 [ 199.718792][T10224] tomoyo_path_number_perm+0x248/0x5b0 [ 199.720440][T10224] ? tomoyo_path_number_perm+0x235/0x5b0 [ 199.722251][T10224] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 199.724054][T10224] ? __pfx_lock_release+0x10/0x10 [ 199.725531][T10224] ? trace_lock_acquire+0x14e/0x1f0 [ 199.727051][T10224] ? lock_acquire+0x2f/0xb0 [ 199.728345][T10224] ? __fget_files+0x40/0x3a0 [ 199.729777][T10224] ? __fget_files+0x206/0x3a0 [ 199.731151][T10224] security_file_ioctl_compat+0x9b/0x240 [ 199.732738][T10224] __do_compat_sys_ioctl+0x4e/0x2c0 [ 199.734230][T10224] __do_fast_syscall_32+0x73/0x120 [ 199.735745][T10224] do_fast_syscall_32+0x32/0x80 [ 199.737100][T10224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 199.738865][T10224] RIP: 0023:0xf711e579 [ 199.740090][T10224] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 199.745863][T10224] RSP: 002b:00000000f511055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 199.748299][T10224] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000c0145401 [ 199.750606][T10224] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 199.752912][T10224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 199.755981][T10224] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 199.758614][T10224] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 199.760934][T10224] [ 199.766665][T10224] ERROR: Out of memory at tomoyo_realpath_from_path. [ 199.806983][ T40] audit: type=1800 audit(1737064220.750:4): pid=10227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1202" name="bus" dev="overlay" ino=1528 res=0 errno=0 [ 202.206992][T10299] FAULT_INJECTION: forcing a failure. [ 202.206992][T10299] name failslab, interval 1, probability 0, space 0, times 0 [ 202.210764][T10299] CPU: 3 UID: 0 PID: 10299 Comm: syz.3.1221 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 202.213880][T10299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 202.217007][T10299] Call Trace: [ 202.217985][T10299] [ 202.218876][T10299] dump_stack_lvl+0x16c/0x1f0 [ 202.220269][T10299] should_fail_ex+0x497/0x5b0 [ 202.221678][T10299] ? fs_reclaim_acquire+0xae/0x150 [ 202.223231][T10299] should_failslab+0xc2/0x120 [ 202.224624][T10299] __kmalloc_noprof+0xce/0x4f0 [ 202.226050][T10299] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 202.227673][T10299] ? tomoyo_realpath_from_path+0xbf/0x710 [ 202.229333][T10299] tomoyo_realpath_from_path+0xbf/0x710 [ 202.230974][T10299] ? tomoyo_path_number_perm+0x235/0x5b0 [ 202.232617][T10299] tomoyo_path_number_perm+0x248/0x5b0 [ 202.234203][T10299] ? tomoyo_path_number_perm+0x235/0x5b0 [ 202.235855][T10299] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 202.237636][T10299] ? __pfx_lock_release+0x10/0x10 [ 202.239117][T10299] ? trace_lock_acquire+0x14e/0x1f0 [ 202.240655][T10299] ? lock_acquire+0x2f/0xb0 [ 202.242000][T10299] ? __fget_files+0x40/0x3a0 [ 202.243351][T10299] ? __fget_files+0x206/0x3a0 [ 202.244721][T10299] security_file_ioctl_compat+0x9b/0x240 [ 202.246364][T10299] __do_compat_sys_ioctl+0x4e/0x2c0 [ 202.247879][T10299] __do_fast_syscall_32+0x73/0x120 [ 202.249364][T10299] do_fast_syscall_32+0x32/0x80 [ 202.250811][T10299] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 202.252653][T10299] RIP: 0023:0xf711e579 [ 202.253860][T10299] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 202.259351][T10299] RSP: 002b:00000000f511055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 202.261783][T10299] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000007002 [ 202.264072][T10299] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 202.266372][T10299] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 202.268669][T10299] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 202.270983][T10299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 202.273284][T10299] [ 202.274247][ C3] vkms_vblank_simulate: vblank timer overrun [ 202.276142][T10299] ERROR: Out of memory at tomoyo_realpath_from_path. [ 202.306573][T10301] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1222'. [ 203.577933][T10341] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1232'. [ 203.580665][T10341] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 203.582974][T10341] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 203.620770][T10341] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 203.622992][T10341] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 204.545404][T10363] netlink: 'syz.1.1238': attribute type 10 has an invalid length. [ 206.106333][T10387] tipc: Started in network mode [ 206.108645][T10387] tipc: Node identity ffffffff, cluster identity 4711 [ 206.111213][T10387] tipc: Node number set to 4294967295 [ 208.028816][ T57] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 208.178543][ T57] usb 7-1: Using ep0 maxpacket: 8 [ 208.182165][ T57] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 208.184560][ T57] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 208.187391][ T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 208.190383][ T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 208.193244][ T57] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 208.196957][ T57] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 208.199564][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.407033][ T57] usb 7-1: GET_CAPABILITIES returned 0 [ 208.408981][ T57] usbtmc 7-1:16.0: can't read capabilities [ 208.621847][ T8] usb 7-1: USB disconnect, device number 2 [ 210.366854][T10484] 8021q: adding VLAN 0 to HW filter on device bond1 [ 210.374686][T10484] bond0: (slave bond1): Enslaving as an active interface with an up link [ 211.788288][T10523] 8021q: adding VLAN 0 to HW filter on device bond1 [ 211.930594][T10523] bond0: (slave bond1): Enslaving as an active interface with an up link [ 212.213087][T10529] FAULT_INJECTION: forcing a failure. [ 212.213087][T10529] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 212.216848][T10529] CPU: 3 UID: 0 PID: 10529 Comm: syz.0.1285 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 212.219941][T10529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 212.222971][T10529] Call Trace: [ 212.223936][T10529] [ 212.224786][T10529] dump_stack_lvl+0x16c/0x1f0 [ 212.226157][T10529] should_fail_ex+0x497/0x5b0 [ 212.227513][T10529] _copy_to_user+0x32/0xd0 [ 212.228801][T10529] simple_read_from_buffer+0xd0/0x160 [ 212.230337][T10529] proc_fail_nth_read+0x198/0x270 [ 212.231775][T10529] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 212.233356][T10529] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 212.234952][T10529] vfs_read+0x1df/0xbe0 [ 212.236165][T10529] ? __fget_files+0x1fc/0x3a0 [ 212.237478][T10529] ? __pfx___mutex_lock+0x10/0x10 [ 212.238901][T10529] ? __pfx_vfs_read+0x10/0x10 [ 212.240260][T10529] ? __fget_files+0x206/0x3a0 [ 212.241625][T10529] ksys_read+0x12b/0x250 [ 212.242868][T10529] ? __pfx_ksys_read+0x10/0x10 [ 212.244250][T10529] __do_fast_syscall_32+0x73/0x120 [ 212.245737][T10529] do_fast_syscall_32+0x32/0x80 [ 212.247172][T10529] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 212.249039][T10529] RIP: 0023:0xf706e579 [ 212.250220][T10529] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 212.255535][T10529] RSP: 002b:00000000f5060590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 212.257624][T10529] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5060620 [ 212.259882][T10529] RDX: 000000000000000f RSI: 00000000f73a3ff4 RDI: 0000000000000000 [ 212.262136][T10529] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 212.264376][T10529] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 212.266610][T10529] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 212.268871][T10529] [ 212.269877][ C3] vkms_vblank_simulate: vblank timer overrun [ 212.483428][T10536] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1287'. [ 212.489390][T10536] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.492786][T10536] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.504690][T10536] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 212.509807][T10536] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 213.308598][ T5988] usb 8-1: new full-speed USB device number 6 using dummy_hcd [ 213.479804][ T5988] usb 8-1: config index 0 descriptor too short (expected 31, got 27) [ 213.482206][ T5988] usb 8-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid wMaxPacketSize 0 [ 213.485027][ T5988] usb 8-1: config 1 interface 0 has no altsetting 0 [ 213.488777][ T5988] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72 [ 213.491469][ T5988] usb 8-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3 [ 213.493811][ T5988] usb 8-1: Product: syz [ 213.495042][ T5988] usb 8-1: Manufacturer: syz [ 213.496406][ T5988] usb 8-1: SerialNumber: syz [ 214.112751][ T5988] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 214.342033][ T6003] usb 8-1: USB disconnect, device number 6 [ 214.345619][ T6003] usblp0: removed [ 214.457428][T10572] autofs: Unknown parameter 'no9á ‘ýPƒ¹G!8°‰™…EŸ8-ö¤ ™ŠÇÅ–èEeÕ¬( IrÝ\•žu}ibˆŒÞêT0;´Œmy´[Gc¯î#Ï>QkÏübYü&“àÌ#“w„@/VV¼Lë~1ƒ2§÷lÿh–O„h'®ÈûrK1‚\kU{!e½úó¬Üš7»ßß [ 214.457428][T10572] ÄUúeâ[¦ÓÎ%#s' [ 214.598553][ T56] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 214.761244][ T56] usb 6-1: Using ep0 maxpacket: 32 [ 214.765100][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 214.768084][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.770760][ T56] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 214.774225][ T56] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 214.776697][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.780557][ T56] usb 6-1: config 0 descriptor?? [ 215.243825][ T56] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5011.0002/input/input5 [ 215.312342][ T56] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:0458:5011.0002/input/input6 [ 215.360921][ T56] kye 0003:0458:5011.0002: input,hiddev0,hidraw1: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.1-1/input0 [ 216.351157][ C1] kye 0003:0458:5011.0002: usb_submit_urb(ctrl) failed: -1 [ 217.150224][ T6002] usb 6-1: USB disconnect, device number 6 [ 217.930123][T10649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 217.937372][T10650] FAULT_INJECTION: forcing a failure. [ 217.937372][T10650] name failslab, interval 1, probability 0, space 0, times 0 [ 217.941569][T10650] CPU: 2 UID: 0 PID: 10650 Comm: syz.1.1317 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 217.944694][T10650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 217.947770][T10650] Call Trace: [ 217.947832][T10649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 217.948728][T10650] [ 217.948735][T10650] dump_stack_lvl+0x16c/0x1f0 [ 217.948753][T10650] should_fail_ex+0x497/0x5b0 [ 217.948767][T10650] ? fs_reclaim_acquire+0xae/0x150 [ 217.948781][T10650] should_failslab+0xc2/0x120 [ 217.948796][T10650] __kmalloc_cache_noprof+0x68/0x420 [ 217.948808][T10650] ? trace_lock_acquire+0x14e/0x1f0 [ 217.948825][T10650] alloc_pipe_info+0x10e/0x590 [ 217.948840][T10650] splice_direct_to_actor+0x793/0xa40 [ 217.948853][T10650] ? __pfx_direct_splice_actor+0x10/0x10 [ 217.948866][T10650] ? __pfx_aa_file_perm+0x10/0x10 [ 217.948878][T10650] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 217.948890][T10650] ? __fget_files+0x1fc/0x3a0 [ 217.948904][T10650] do_splice_direct+0x178/0x250 [ 217.948916][T10650] ? __pfx_do_splice_direct+0x10/0x10 [ 217.948927][T10650] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 217.976700][T10650] ? bpf_lsm_file_permission+0x9/0x10 [ 217.978668][T10650] ? security_file_permission+0x71/0x210 [ 217.980769][T10650] do_sendfile+0xaed/0xe30 [ 217.982448][T10650] ? __pfx_do_sendfile+0x10/0x10 [ 217.984237][T10650] ? lock_acquire+0x2f/0xb0 [ 217.985963][T10650] ? __might_fault+0xe3/0x190 [ 217.987787][T10650] __ia32_compat_sys_sendfile+0x163/0x230 [ 217.989820][T10650] ? __pfx___ia32_compat_sys_sendfile+0x10/0x10 [ 217.992005][T10650] __do_fast_syscall_32+0x73/0x120 [ 217.993794][T10650] do_fast_syscall_32+0x32/0x80 [ 217.995391][T10650] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 217.997193][T10650] RIP: 0023:0xf7ff6579 [ 217.998361][T10650] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 218.003867][T10650] RSP: 002b:00000000f512555c EFLAGS: 00000296 ORIG_RAX: 00000000000000bb [ 218.006294][T10650] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000003 [ 218.008538][T10650] RDX: 00000000200004c0 RSI: 000000000000c0e1 RDI: 0000000000000000 [ 218.010781][T10650] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 218.013019][T10650] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 218.015305][T10650] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 218.017563][T10650] [ 226.270213][T10870] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1384'. [ 228.434800][T10929] FAULT_INJECTION: forcing a failure. [ 228.434800][T10929] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 228.438871][T10929] CPU: 0 UID: 0 PID: 10929 Comm: syz.1.1403 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 228.441950][T10929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 228.445161][T10929] Call Trace: [ 228.446219][T10929] [ 228.447098][T10929] dump_stack_lvl+0x16c/0x1f0 [ 228.448491][T10929] should_fail_ex+0x497/0x5b0 [ 228.449922][T10929] _copy_from_user+0x2e/0xd0 [ 228.451314][T10929] io_submit_one+0xbc/0x1da0 [ 228.452669][T10929] ? __pfx_io_submit_one+0x10/0x10 [ 228.454407][T10929] ? __might_fault+0x13b/0x190 [ 228.455897][T10929] ? lock_acquire+0x2f/0xb0 [ 228.457224][T10929] ? __might_fault+0xe3/0x190 [ 228.458684][T10929] ? __ia32_compat_sys_io_submit+0x1ba/0x3a0 [ 228.460415][T10929] __ia32_compat_sys_io_submit+0x1ba/0x3a0 [ 228.462101][T10929] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 228.464030][T10929] __do_fast_syscall_32+0x73/0x120 [ 228.465544][T10929] do_fast_syscall_32+0x32/0x80 [ 228.467030][T10929] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 228.468852][T10929] RIP: 0023:0xf7ff6579 [ 228.470028][T10929] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 228.475904][T10929] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8 [ 228.478297][T10929] RAX: ffffffffffffffda RBX: 00000000f50fc000 RCX: 0000000000000020 [ 228.480648][T10929] RDX: 0000000020000780 RSI: 0000000000000000 RDI: 0000000000000000 [ 228.482986][T10929] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 228.485318][T10929] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 228.487681][T10929] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 228.489946][T10929] [ 229.137846][T10952] capability: warning: `syz.3.1410' uses 32-bit capabilities (legacy support in use) [ 238.812611][T11178] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1479'. [ 238.815397][T11178] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1479'. [ 239.732731][ T5948] block nbd2: Receive control failed (result -107) [ 239.829303][T11207] nbd2: detected capacity change from 0 to 20 [ 239.834284][ T5935] block nbd2: Dead connection, failed to find a fallback [ 239.836757][ T5935] block nbd2: shutting down sockets [ 239.838425][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.841950][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.844310][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.847019][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.850072][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.852690][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.855088][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.857526][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.860513][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.863095][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.865332][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.867917][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.870338][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.872934][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.875271][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.877843][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.880387][ T5935] ldm_validate_partition_table(): Disk read failed. [ 239.882499][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.885091][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.887353][ T5935] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 239.889980][ T5935] Buffer I/O error on dev nbd2, logical block 0, async page read [ 239.892355][ T5935] Dev nbd2: unable to read RDB block 0 [ 239.894041][ T5935] nbd2: unable to read partition table [ 239.896178][ T5935] nbd2: partition table beyond EOD, truncated [ 239.901850][T11220] ldm_validate_partition_table(): Disk read failed. [ 239.905009][T11220] Dev nbd2: unable to read RDB block 0 [ 239.907141][T11220] nbd2: unable to read partition table [ 239.909942][T11220] nbd2: partition table beyond EOD, truncated [ 239.915559][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 239.918672][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=9, location=9 [ 239.921974][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8, location=8 [ 239.924993][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=7, location=7 [ 239.927430][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 239.930194][ T5935] ldm_validate_partition_table(): Disk read failed. [ 239.930516][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 239.932424][ T5935] Dev nbd2: unable to read RDB block 0 [ 239.934494][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=4, location=4 [ 239.936090][ T5935] nbd2: unable to read partition table [ 239.939362][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=3, location=3 [ 239.940110][ T5935] nbd2: partition table beyond EOD, truncated [ 239.942308][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=2, location=2 [ 239.946318][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 239.949002][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 239.951440][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=1, location=1 [ 239.953814][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=0, location=0 [ 239.956317][T11220] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 239.959012][T11220] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 240.730677][T11242] FAULT_INJECTION: forcing a failure. [ 240.730677][T11242] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 240.734885][T11242] CPU: 2 UID: 0 PID: 11242 Comm: syz.3.1499 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 240.738415][T11242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 240.741747][T11242] Call Trace: [ 240.742700][T11242] [ 240.743553][T11242] dump_stack_lvl+0x16c/0x1f0 [ 240.744907][T11242] should_fail_ex+0x497/0x5b0 [ 240.746269][T11242] _copy_to_user+0x32/0xd0 [ 240.747591][T11242] simple_read_from_buffer+0xd0/0x160 [ 240.749126][T11242] proc_fail_nth_read+0x198/0x270 [ 240.750590][T11242] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 240.752175][T11242] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 240.753740][T11242] vfs_read+0x1df/0xbe0 [ 240.754930][T11242] ? __fget_files+0x1fc/0x3a0 [ 240.756306][T11242] ? __pfx___mutex_lock+0x10/0x10 [ 240.757796][T11242] ? __pfx_vfs_read+0x10/0x10 [ 240.759155][T11242] ? __fget_files+0x206/0x3a0 [ 240.760494][T11242] ksys_read+0x12b/0x250 [ 240.761693][T11242] ? __pfx_ksys_read+0x10/0x10 [ 240.763076][T11242] __do_fast_syscall_32+0x73/0x120 [ 240.763445][T11246] binder: 11245:11246 ioctl 4018620d 0 returned -22 [ 240.764548][T11242] do_fast_syscall_32+0x32/0x80 [ 240.767977][T11242] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 240.768570][T11246] netlink: 'syz.0.1501': attribute type 10 has an invalid length. [ 240.770010][T11242] RIP: 0023:0xf711e579 [ 240.770028][T11242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 240.770045][T11242] RSP: 002b:00000000f5110590 EFLAGS: 00000293 [ 240.773908][T11246] bond0: (slave wlan1): Opening slave failed [ 240.779616][T11242] ORIG_RAX: 0000000000000003 [ 240.779626][T11242] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5110620 [ 240.779633][T11242] RDX: 000000000000000f RSI: 00000000f7453ff4 RDI: 0000000000000000 [ 240.779640][T11242] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 240.779646][T11242] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 240.779652][T11242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 240.779665][T11242] [ 241.118642][ T8] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 241.258671][ T8] usb 5-1: device descriptor read/64, error -71 [ 241.518584][ T8] usb 5-1: new low-speed USB device number 5 using dummy_hcd [ 241.658607][ T8] usb 5-1: device descriptor read/64, error -71 [ 241.768666][ T8] usb usb5-port1: attempt power cycle [ 242.128560][ T8] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 242.216931][ T8] usb 5-1: device descriptor read/8, error -71 [ 242.548816][ T8] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 242.612026][ T8] usb 5-1: device descriptor read/8, error -71 [ 242.737411][ T8] usb usb5-port1: unable to enumerate USB device [ 245.824169][T11389] FAULT_INJECTION: forcing a failure. [ 245.824169][T11389] name failslab, interval 1, probability 0, space 0, times 0 [ 245.828924][T11389] CPU: 2 UID: 0 PID: 11389 Comm: syz.2.1540 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 245.832684][T11389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 245.836593][T11389] Call Trace: [ 245.837843][T11389] [ 245.838982][T11389] dump_stack_lvl+0x16c/0x1f0 [ 245.840753][T11389] should_fail_ex+0x497/0x5b0 [ 245.842515][T11389] ? fs_reclaim_acquire+0xae/0x150 [ 245.844431][T11389] should_failslab+0xc2/0x120 [ 245.846210][T11389] __kmalloc_noprof+0xce/0x4f0 [ 245.847995][T11389] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 245.850070][T11389] ? tomoyo_realpath_from_path+0xbf/0x710 [ 245.852191][T11389] tomoyo_realpath_from_path+0xbf/0x710 [ 245.854221][T11389] ? tomoyo_path_number_perm+0x235/0x5b0 [ 245.856398][T11389] tomoyo_path_number_perm+0x248/0x5b0 [ 245.858424][T11389] ? tomoyo_path_number_perm+0x235/0x5b0 [ 245.860513][T11389] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 245.862745][T11389] ? __pfx_lock_release+0x10/0x10 [ 245.864596][T11389] ? trace_lock_acquire+0x14e/0x1f0 [ 245.866546][T11389] ? lock_acquire+0x2f/0xb0 [ 245.868237][T11389] ? __fget_files+0x40/0x3a0 [ 245.869959][T11389] ? __fget_files+0x206/0x3a0 [ 245.871730][T11389] security_file_ioctl_compat+0x9b/0x240 [ 245.873789][T11389] __do_compat_sys_ioctl+0x4e/0x2c0 [ 245.875736][T11389] __do_fast_syscall_32+0x73/0x120 [ 245.877621][T11389] do_fast_syscall_32+0x32/0x80 [ 245.879376][T11389] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 245.881598][T11389] RIP: 0023:0xf7f22579 [ 245.883100][T11389] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 245.890049][T11389] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 245.893138][T11389] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01064b5 [ 245.896091][T11389] RDX: 0000000020000140 RSI: 0000000000000000 RDI: 0000000000000000 [ 245.899015][T11389] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 245.901941][T11389] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 245.904863][T11389] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 245.907762][T11389] [ 245.913133][T11389] ERROR: Out of memory at tomoyo_realpath_from_path. [ 247.616552][T11432] FAULT_INJECTION: forcing a failure. [ 247.616552][T11432] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 247.620405][T11432] CPU: 1 UID: 0 PID: 11432 Comm: syz.1.1556 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 247.623575][T11432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 247.626679][T11432] Call Trace: [ 247.627641][T11432] [ 247.628511][T11432] dump_stack_lvl+0x16c/0x1f0 [ 247.629871][T11432] should_fail_ex+0x497/0x5b0 [ 247.631250][T11432] _copy_from_user+0x2e/0xd0 [ 247.632584][T11432] get_compat_msghdr+0xa8/0x170 [ 247.633984][T11432] ? __pfx_get_compat_msghdr+0x10/0x10 [ 247.635587][T11432] ___sys_sendmsg+0x1b0/0x1e0 [ 247.636950][T11432] ? __pfx____sys_sendmsg+0x10/0x10 [ 247.638462][T11432] ? __pfx_lock_release+0x10/0x10 [ 247.640054][T11432] ? trace_lock_acquire+0x14e/0x1f0 [ 247.641415][T11432] ? __fget_files+0x206/0x3a0 [ 247.642695][T11432] __sys_sendmsg+0x16e/0x220 [ 247.644040][T11432] ? __pfx___sys_sendmsg+0x10/0x10 [ 247.645531][T11432] __do_fast_syscall_32+0x73/0x120 [ 247.647019][T11432] do_fast_syscall_32+0x32/0x80 [ 247.648426][T11432] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 247.650236][T11432] RIP: 0023:0xf7ff6579 [ 247.651425][T11432] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 247.656845][T11432] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 247.659229][T11432] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020001080 [ 247.661473][T11432] RDX: 0000000004080080 RSI: 0000000000000000 RDI: 0000000000000000 [ 247.663731][T11432] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 247.666019][T11432] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 247.668291][T11432] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 247.670556][T11432] [ 247.884241][T11437] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1558'. [ 248.834252][T11468] FAULT_INJECTION: forcing a failure. [ 248.834252][T11468] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 248.840088][T11468] CPU: 0 UID: 0 PID: 11468 Comm: syz.2.1566 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 248.843900][T11468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 248.847309][T11468] Call Trace: [ 248.848354][T11468] [ 248.849195][T11468] dump_stack_lvl+0x16c/0x1f0 [ 248.850561][T11468] should_fail_ex+0x497/0x5b0 [ 248.851918][T11468] _copy_to_user+0x32/0xd0 [ 248.853208][T11468] simple_read_from_buffer+0xd0/0x160 [ 248.855098][T11468] proc_fail_nth_read+0x198/0x270 [ 248.857045][T11468] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 248.859022][T11468] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 248.860677][T11468] vfs_read+0x1df/0xbe0 [ 248.861983][T11468] ? __fget_files+0x1fc/0x3a0 [ 248.863765][T11468] ? __pfx___mutex_lock+0x10/0x10 [ 248.865730][T11468] ? __pfx_vfs_read+0x10/0x10 [ 248.867348][T11468] ? __fget_files+0x206/0x3a0 [ 248.868938][T11468] ksys_read+0x12b/0x250 [ 248.870328][T11468] ? __pfx_ksys_read+0x10/0x10 [ 248.871960][T11468] __do_fast_syscall_32+0x73/0x120 [ 248.873902][T11468] do_fast_syscall_32+0x32/0x80 [ 248.875809][T11468] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.877910][T11468] RIP: 0023:0xf7f22579 [ 248.879396][T11468] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 248.885655][T11468] RSP: 002b:00000000f5076590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 248.888302][T11468] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5076620 [ 248.891017][T11468] RDX: 000000000000000f RSI: 00000000f73b3ff4 RDI: 0000000000000000 [ 248.893374][T11468] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 248.895657][T11468] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 248.898034][T11468] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 248.900951][T11468] [ 249.289870][T11491] fuse: Unknown parameter '01777777777777777777777ÿÿ0x0000000000000003º½ËQÚ¤Š-{:;' [ 249.738543][ T6002] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 249.891154][ T6002] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 249.894753][ T6002] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 249.897691][ T6002] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 249.900601][ T6002] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.906862][T11502] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 249.913886][ T6002] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 250.113064][ T6002] usb 8-1: USB disconnect, device number 7 [ 250.138908][ T8] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 250.311557][ T8] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 250.314861][ T8] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 250.319170][ T8] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 250.319927][T11502] FAULT_INJECTION: forcing a failure. [ 250.319927][T11502] name failslab, interval 1, probability 0, space 0, times 0 [ 250.322779][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.326174][T11502] CPU: 2 UID: 0 PID: 11502 Comm: syz.3.1576 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 250.332096][T11502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 250.335699][T11502] Call Trace: [ 250.337101][T11502] [ 250.338310][T11502] dump_stack_lvl+0x16c/0x1f0 [ 250.340232][T11502] should_fail_ex+0x497/0x5b0 [ 250.342145][T11502] ? fs_reclaim_acquire+0xae/0x150 [ 250.344167][T11502] should_failslab+0xc2/0x120 [ 250.345564][T11502] __kmalloc_noprof+0xce/0x4f0 [ 250.346967][T11502] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 250.348687][T11502] ? tomoyo_realpath_from_path+0xbf/0x710 [ 250.350362][T11502] tomoyo_realpath_from_path+0xbf/0x710 [ 250.351972][T11502] ? tomoyo_path_number_perm+0x235/0x5b0 [ 250.353608][T11502] tomoyo_path_number_perm+0x248/0x5b0 [ 250.355665][T11502] ? tomoyo_path_number_perm+0x235/0x5b0 [ 250.357277][T11502] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 250.359030][T11502] ? __pfx_lock_release+0x10/0x10 [ 250.360486][T11502] ? trace_lock_acquire+0x14e/0x1f0 [ 250.361992][T11502] ? lock_acquire+0x2f/0xb0 [ 250.363330][T11502] ? __fget_files+0x40/0x3a0 [ 250.364698][T11502] ? __fget_files+0x206/0x3a0 [ 250.366529][T11502] security_file_ioctl_compat+0x9b/0x240 [ 250.368805][T11502] __do_compat_sys_ioctl+0x4e/0x2c0 [ 250.371024][T11502] __do_fast_syscall_32+0x73/0x120 [ 250.373082][T11502] do_fast_syscall_32+0x32/0x80 [ 250.374536][T11502] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 250.376368][T11502] RIP: 0023:0xf711e579 [ 250.377553][T11502] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 250.383084][T11502] RSP: 002b:00000000f511055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 250.385493][T11502] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000081f8943c [ 250.387693][T11502] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 250.389890][T11502] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 250.392857][T11502] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 250.395358][T11502] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 250.397631][T11502] [ 250.398781][T11509] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 250.399841][T11502] ERROR: Out of memory at tomoyo_realpath_from_path. [ 250.404882][ T8] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 250.609835][ T69] usb 7-1: USB disconnect, device number 3 [ 250.822897][T11509] bridge1: entered allmulticast mode [ 251.302034][T11537] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1587'. [ 255.196441][ T1411] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.198301][ T1411] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.630439][T11681] FAULT_INJECTION: forcing a failure. [ 256.630439][T11681] name failslab, interval 1, probability 0, space 0, times 0 [ 256.634064][T11681] CPU: 2 UID: 0 PID: 11681 Comm: syz.2.1631 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 256.637115][T11681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 256.640152][T11681] Call Trace: [ 256.641164][T11681] [ 256.642042][T11681] dump_stack_lvl+0x16c/0x1f0 [ 256.643415][T11681] should_fail_ex+0x497/0x5b0 [ 256.644777][T11681] ? fs_reclaim_acquire+0xae/0x150 [ 256.646255][T11681] should_failslab+0xc2/0x120 [ 256.647608][T11681] __kmalloc_noprof+0xce/0x4f0 [ 256.648980][T11681] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 256.650632][T11681] ? tomoyo_realpath_from_path+0xbf/0x710 [ 256.652302][T11681] tomoyo_realpath_from_path+0xbf/0x710 [ 256.653876][T11681] ? tomoyo_path_number_perm+0x235/0x5b0 [ 256.655497][T11681] tomoyo_path_number_perm+0x248/0x5b0 [ 256.657043][T11681] ? tomoyo_path_number_perm+0x235/0x5b0 [ 256.658623][T11681] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 256.660315][T11681] ? __pfx_lock_release+0x10/0x10 [ 256.661794][T11681] ? trace_lock_acquire+0x14e/0x1f0 [ 256.663290][T11681] ? lock_acquire+0x2f/0xb0 [ 256.664592][T11681] ? __fget_files+0x40/0x3a0 [ 256.665951][T11681] ? __fget_files+0x206/0x3a0 [ 256.667314][T11681] security_file_ioctl_compat+0x9b/0x240 [ 256.668900][T11681] __do_compat_sys_ioctl+0x4e/0x2c0 [ 256.670422][T11681] __do_fast_syscall_32+0x73/0x120 [ 256.671940][T11681] do_fast_syscall_32+0x32/0x80 [ 256.673342][T11681] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 256.675171][T11681] RIP: 0023:0xf7f22579 [ 256.676264][T11681] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 256.681408][T11681] RSP: 002b:00000000f507655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 256.683767][T11681] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657 [ 256.686034][T11681] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 256.688289][T11681] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 256.690560][T11681] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 256.692833][T11681] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 256.695099][T11681] [ 256.699170][T11681] ERROR: Out of memory at tomoyo_realpath_from_path. [ 265.070514][T11857] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 271.507866][T11972] FAULT_INJECTION: forcing a failure. [ 271.507866][T11972] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 271.511773][T11972] CPU: 1 UID: 0 PID: 11972 Comm: syz.1.1718 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 271.514884][T11972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 271.517954][T11972] Call Trace: [ 271.518997][T11972] [ 271.519857][T11972] dump_stack_lvl+0x16c/0x1f0 [ 271.521247][T11972] should_fail_ex+0x497/0x5b0 [ 271.522676][T11972] _copy_from_user+0x2e/0xd0 [ 271.524031][T11972] get_compat_msghdr+0xa8/0x170 [ 271.525455][T11972] ? __pfx_get_compat_msghdr+0x10/0x10 [ 271.527035][T11972] ___sys_sendmsg+0x1b0/0x1e0 [ 271.528405][T11972] ? __pfx____sys_sendmsg+0x10/0x10 [ 271.529963][T11972] ? trace_lock_acquire+0x14e/0x1f0 [ 271.531488][T11972] __sys_sendmmsg+0x2fa/0x420 [ 271.532888][T11972] ? __pfx___sys_sendmmsg+0x10/0x10 [ 271.534410][T11972] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 271.536168][T11972] ? fput+0x67/0x440 [ 271.537359][T11972] ? ksys_write+0x1ba/0x250 [ 271.538706][T11972] ? __pfx_ksys_write+0x10/0x10 [ 271.540142][T11972] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 271.541797][T11972] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 271.543729][T11972] __do_fast_syscall_32+0x73/0x120 [ 271.545218][T11972] do_fast_syscall_32+0x32/0x80 [ 271.546640][T11972] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 271.548485][T11972] RIP: 0023:0xf7ff6579 [ 271.549703][T11972] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 271.555269][T11972] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 271.557647][T11972] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000540 [ 271.559941][T11972] RDX: 0000000000000002 RSI: 0000000002004000 RDI: 0000000000000000 [ 271.562241][T11972] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 271.564505][T11972] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 271.566796][T11972] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 271.569106][T11972] [ 273.623006][T12025] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1735'. [ 273.625785][T12025] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1735'. [ 274.375530][T12043] sctp: [Deprecated]: syz.0.1739 (pid 12043) Use of int in maxseg socket option. [ 274.375530][T12043] Use struct sctp_assoc_value instead [ 275.335554][T12065] evm: overlay not supported [ 275.382023][T12069] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1745'. [ 277.100222][T12112] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1762'. [ 277.102897][T12112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1762'. [ 277.265481][T12116] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 277.270355][T12116] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 277.340265][T12118] Invalid source name [ 279.118567][ T6002] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 279.323006][ T6002] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 279.327065][ T6002] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 279.330794][ T6002] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 279.334187][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.350212][T12169] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 279.354292][ T6002] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 279.682473][ T6002] usb 5-1: USB disconnect, device number 8 [ 281.113090][T12199] netlink: 'syz.3.1787': attribute type 4 has an invalid length. [ 281.327271][T12210] autofs: Unknown parameter 'fä' [ 282.042723][T12220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1794'. [ 282.596986][T12233] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1798'. [ 282.601232][T12233] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1798'. [ 283.142953][T12242] FAULT_INJECTION: forcing a failure. [ 283.142953][T12242] name failslab, interval 1, probability 0, space 0, times 0 [ 283.146711][T12242] CPU: 0 UID: 0 PID: 12242 Comm: syz.1.1801 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 283.149798][T12242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 283.152894][T12242] Call Trace: [ 283.153890][T12242] [ 283.154737][T12242] dump_stack_lvl+0x16c/0x1f0 [ 283.156033][T12242] should_fail_ex+0x497/0x5b0 [ 283.157385][T12242] ? fs_reclaim_acquire+0xae/0x150 [ 283.158831][T12242] should_failslab+0xc2/0x120 [ 283.160157][T12242] __kmalloc_noprof+0xce/0x4f0 [ 283.161548][T12242] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 283.163106][T12242] ? tomoyo_realpath_from_path+0xbf/0x710 [ 283.164732][T12242] tomoyo_realpath_from_path+0xbf/0x710 [ 283.166298][T12242] ? tomoyo_path_number_perm+0x235/0x5b0 [ 283.167830][T12242] tomoyo_path_number_perm+0x248/0x5b0 [ 283.169351][T12242] ? tomoyo_path_number_perm+0x235/0x5b0 [ 283.170915][T12242] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 283.172601][T12242] ? __pfx_lock_release+0x10/0x10 [ 283.173996][T12242] ? trace_lock_acquire+0x14e/0x1f0 [ 283.175447][T12242] ? lock_acquire+0x2f/0xb0 [ 283.176711][T12242] ? __fget_files+0x40/0x3a0 [ 283.178044][T12242] ? __fget_files+0x206/0x3a0 [ 283.179367][T12242] security_file_ioctl_compat+0x9b/0x240 [ 283.180926][T12242] __do_compat_sys_ioctl+0x4e/0x2c0 [ 283.182414][T12242] __do_fast_syscall_32+0x73/0x120 [ 283.183852][T12242] do_fast_syscall_32+0x32/0x80 [ 283.185232][T12242] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 283.186955][T12242] RIP: 0023:0xf7ff6579 [ 283.188110][T12242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 283.193449][T12242] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 283.195735][T12242] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000ae80 [ 283.197920][T12242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 283.200093][T12242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 283.202237][T12242] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 283.204347][T12242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 283.206505][T12242] [ 283.207550][T12242] ERROR: Out of memory at tomoyo_realpath_from_path. [ 283.211034][T12242] kvm: pic: level sensitive irq not supported [ 283.222006][T12242] kvm: pic: non byte read [ 283.232419][T12242] kvm: pic: non byte read [ 283.234403][T12242] kvm: pic: non byte read [ 283.236132][T12242] kvm: pic: non byte read [ 285.831333][T12306] capability: warning: `syz.0.1819' uses deprecated v2 capabilities in a way that may be insecure [ 286.810649][T12329] cgroup: Invalid name [ 286.812746][T12330] cgroup: Invalid name [ 286.817479][T12330] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 286.821148][T12329] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 287.067396][T12339] FAULT_INJECTION: forcing a failure. [ 287.067396][T12339] name failslab, interval 1, probability 0, space 0, times 0 [ 287.074123][T12339] CPU: 3 UID: 0 PID: 12339 Comm: syz.0.1829 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 287.077118][T12339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 287.080064][T12339] Call Trace: [ 287.080998][T12339] [ 287.081888][T12339] dump_stack_lvl+0x16c/0x1f0 [ 287.083265][T12339] should_fail_ex+0x497/0x5b0 [ 287.084598][T12339] ? fs_reclaim_acquire+0xae/0x150 [ 287.086103][T12339] should_failslab+0xc2/0x120 [ 287.087457][T12339] __kmalloc_noprof+0xce/0x4f0 [ 287.088852][T12339] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 287.090446][T12339] ? tomoyo_realpath_from_path+0xbf/0x710 [ 287.092037][T12339] tomoyo_realpath_from_path+0xbf/0x710 [ 287.093570][T12339] ? tomoyo_path_number_perm+0x235/0x5b0 [ 287.095223][T12339] tomoyo_path_number_perm+0x248/0x5b0 [ 287.096738][T12339] ? tomoyo_path_number_perm+0x235/0x5b0 [ 287.098344][T12339] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 287.100000][T12339] ? __pfx_lock_release+0x10/0x10 [ 287.101385][T12339] ? trace_lock_acquire+0x14e/0x1f0 [ 287.102847][T12339] ? lock_acquire+0x2f/0xb0 [ 287.104142][T12339] ? __fget_files+0x40/0x3a0 [ 287.105470][T12339] ? __fget_files+0x206/0x3a0 [ 287.106804][T12339] security_file_ioctl_compat+0x9b/0x240 [ 287.108383][T12339] __do_compat_sys_ioctl+0x4e/0x2c0 [ 287.109818][T12339] __do_fast_syscall_32+0x73/0x120 [ 287.111255][T12339] do_fast_syscall_32+0x32/0x80 [ 287.112605][T12339] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.114373][T12339] RIP: 0023:0xf706e579 [ 287.115523][T12339] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 287.120772][T12339] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 287.123086][T12339] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004010ae68 [ 287.125257][T12339] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 287.127463][T12339] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 287.129627][T12339] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 287.131743][T12339] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 287.133861][T12339] [ 287.134795][ C3] vkms_vblank_simulate: vblank timer overrun [ 287.143992][T12339] ERROR: Out of memory at tomoyo_realpath_from_path. [ 287.906676][T12366] FAULT_INJECTION: forcing a failure. [ 287.906676][T12366] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 287.910988][T12366] CPU: 0 UID: 0 PID: 12366 Comm: syz.3.1837 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 287.914927][T12366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 287.918708][T12366] Call Trace: [ 287.920057][T12366] [ 287.921275][T12366] dump_stack_lvl+0x16c/0x1f0 [ 287.923029][T12366] should_fail_ex+0x497/0x5b0 [ 287.924717][T12366] _copy_from_user+0x2e/0xd0 [ 287.926378][T12366] get_compat_msghdr+0xa8/0x170 [ 287.928110][T12366] ? __pfx_get_compat_msghdr+0x10/0x10 [ 287.930076][T12366] ___sys_sendmsg+0x1b0/0x1e0 [ 287.931887][T12366] ? __pfx____sys_sendmsg+0x10/0x10 [ 287.933776][T12366] ? __pfx_lock_release+0x10/0x10 [ 287.935185][T12366] ? trace_lock_acquire+0x14e/0x1f0 [ 287.936688][T12366] ? __fget_files+0x206/0x3a0 [ 287.938358][T12366] __sys_sendmsg+0x16e/0x220 [ 287.939959][T12366] ? __pfx___sys_sendmsg+0x10/0x10 [ 287.941920][T12366] __do_fast_syscall_32+0x73/0x120 [ 287.943436][T12366] do_fast_syscall_32+0x32/0x80 [ 287.945073][T12366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 287.946957][T12366] RIP: 0023:0xf711e579 [ 287.948225][T12366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 287.954673][T12366] RSP: 002b:00000000f511055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 287.957623][T12366] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200001c0 [ 287.960498][T12366] RDX: 0000000000004041 RSI: 0000000000000000 RDI: 0000000000000000 [ 287.963475][T12366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 287.966458][T12366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 287.969562][T12366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 287.972147][T12366] [ 290.234221][T12420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1849'. [ 290.239040][T12420] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1849'. [ 290.329784][T12422] vlan2: entered promiscuous mode [ 290.332217][T12422] vlan2: entered allmulticast mode [ 290.807475][T12433] FAULT_INJECTION: forcing a failure. [ 290.807475][T12433] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 290.813354][T12433] CPU: 3 UID: 0 PID: 12433 Comm: syz.0.1856 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 290.817456][T12433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 290.820647][T12433] Call Trace: [ 290.821712][T12433] [ 290.822875][T12433] dump_stack_lvl+0x16c/0x1f0 [ 290.824374][T12433] should_fail_ex+0x497/0x5b0 [ 290.826067][T12433] _copy_from_user+0x2e/0xd0 [ 290.827924][T12433] get_compat_msghdr+0xa8/0x170 [ 290.829865][T12433] ? __pfx_get_compat_msghdr+0x10/0x10 [ 290.831986][T12433] ___sys_sendmsg+0x1b0/0x1e0 [ 290.833853][T12433] ? __pfx____sys_sendmsg+0x10/0x10 [ 290.835927][T12433] ? __pfx_lock_release+0x10/0x10 [ 290.837878][T12433] ? trace_lock_acquire+0x14e/0x1f0 [ 290.839956][T12433] ? __fget_files+0x206/0x3a0 [ 290.841815][T12433] __sys_sendmsg+0x16e/0x220 [ 290.843656][T12433] ? __pfx___sys_sendmsg+0x10/0x10 [ 290.845698][T12433] __do_fast_syscall_32+0x73/0x120 [ 290.847573][T12433] do_fast_syscall_32+0x32/0x80 [ 290.848993][T12433] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 290.850781][T12433] RIP: 0023:0xf706e579 [ 290.851898][T12433] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 290.857095][T12433] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 290.859715][T12433] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000440 [ 290.862239][T12433] RDX: 0000000004004850 RSI: 0000000000000000 RDI: 0000000000000000 [ 290.864404][T12433] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 290.867318][T12433] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 290.870329][T12433] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 290.873428][T12433] [ 290.874579][ C3] vkms_vblank_simulate: vblank timer overrun [ 293.007109][T12473] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1869'. [ 293.012182][T12473] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1869'. [ 293.378574][ T5988] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 293.861186][T12506] FAULT_INJECTION: forcing a failure. [ 293.861186][T12506] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 293.865142][T12506] CPU: 0 UID: 0 PID: 12506 Comm: syz.1.1877 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 293.868193][T12506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 293.871277][T12506] Call Trace: [ 293.872238][T12506] [ 293.873091][T12506] dump_stack_lvl+0x16c/0x1f0 [ 293.874495][T12506] should_fail_ex+0x497/0x5b0 [ 293.875852][T12506] _copy_from_user+0x2e/0xd0 [ 293.877187][T12506] get_compat_msghdr+0xa8/0x170 [ 293.878618][T12506] ? __pfx_get_compat_msghdr+0x10/0x10 [ 293.880178][T12506] ___sys_sendmsg+0x1b0/0x1e0 [ 293.881548][T12506] ? __pfx____sys_sendmsg+0x10/0x10 [ 293.883067][T12506] ? __pfx_lock_release+0x10/0x10 [ 293.884589][T12506] ? trace_lock_acquire+0x14e/0x1f0 [ 293.886104][T12506] ? __fget_files+0x206/0x3a0 [ 293.887465][T12506] __sys_sendmsg+0x16e/0x220 [ 293.888806][T12506] ? __pfx___sys_sendmsg+0x10/0x10 [ 293.890292][T12506] __do_fast_syscall_32+0x73/0x120 [ 293.891781][T12506] do_fast_syscall_32+0x32/0x80 [ 293.893183][T12506] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 293.895046][T12506] RIP: 0023:0xf7ff6579 [ 293.896220][T12506] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 293.901689][T12506] RSP: 002b:00000000f514655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 293.904101][T12506] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0 [ 293.906401][T12506] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 293.908633][T12506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 293.910875][T12506] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 293.911571][T12508] program syz.0.1878 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 293.913127][T12506] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 293.913143][T12506] [ 293.920101][T12508] program syz.0.1878 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 293.923510][T12508] program syz.0.1878 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 293.926818][T12508] program syz.0.1878 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 293.930538][T12508] program syz.0.1878 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 294.068473][T12522] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1881'. [ 294.087895][T12522] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1881'. [ 294.457111][T12536] FAULT_INJECTION: forcing a failure. [ 294.457111][T12536] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 294.461319][T12536] CPU: 2 UID: 0 PID: 12536 Comm: syz.0.1885 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 294.464398][T12536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 294.467580][T12536] Call Trace: [ 294.468547][T12536] [ 294.469528][T12536] dump_stack_lvl+0x16c/0x1f0 [ 294.470903][T12536] should_fail_ex+0x497/0x5b0 [ 294.472263][T12536] _copy_from_user+0x2e/0xd0 [ 294.473599][T12536] __sys_bpf+0x215/0x57a0 [ 294.474851][T12536] ? __pfx_lock_release+0x10/0x10 [ 294.476300][T12536] ? __pfx___sys_bpf+0x10/0x10 [ 294.477726][T12536] ? vfs_write+0x306/0x1150 [ 294.479080][T12536] ? __mutex_unlock_slowpath+0x164/0x690 [ 294.480755][T12536] ? fput+0x67/0x440 [ 294.481903][T12536] ? ksys_write+0x1ba/0x250 [ 294.483225][T12536] ? __pfx_ksys_write+0x10/0x10 [ 294.484687][T12536] __ia32_sys_bpf+0x76/0xe0 [ 294.486034][T12536] __do_fast_syscall_32+0x73/0x120 [ 294.487570][T12536] do_fast_syscall_32+0x32/0x80 [ 294.488980][T12536] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 294.490798][T12536] RIP: 0023:0xf706e579 [ 294.491972][T12536] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 294.497646][T12536] RSP: 002b:00000000f506055c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 294.500018][T12536] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000020000600 [ 294.502319][T12536] RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000 [ 294.503618][T12527] [ 294.504609][T12536] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 294.505330][T12527] ============================= [ 294.507574][T12536] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 294.508954][T12527] [ BUG: Invalid wait context ] [ 294.511209][T12536] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 294.512594][T12527] 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 Not tainted [ 294.514973][T12536] [ 294.518470][T12527] ----------------------------- [ 294.518475][T12527] syz.2.1881/12527 is trying to lock: [ 294.518536][ T5988] usb 7-1: device descriptor read/64, error -71 [ 294.524305][T12527] ffff888023099298 (&sighand->siglock){-.-.}-{3:3}, at: __lock_task_sighand+0xc2/0x340 [ 294.527644][T12527] other info that might help us debug this: [ 294.529566][T12527] context-{5:5} [ 294.530601][T12527] 4 locks held by syz.2.1881/12527: [ 294.532141][T12527] #0: ffff888065f2c0a8 (&ctx->uring_lock){+.+.}-{4:4}, at: io_handle_tw_list+0x27c/0x540 [ 294.535006][T12527] #1: ffff8880124a2928 (&acct->lock){+.+.}-{2:2}, at: io_wq_enqueue+0x20a/0xb30 [ 294.538433][T12527] #2: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 [ 294.541092][T12527] #3: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: __lock_task_sighand+0x3f/0x340 [ 294.543829][T12527] stack backtrace: [ 294.544916][T12527] CPU: 0 UID: 0 PID: 12527 Comm: syz.2.1881 Not tainted 6.13.0-rc7-syzkaller-00102-gce69b4019001 #0 [ 294.547962][T12527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 294.550981][T12527] Call Trace: [ 294.551921][T12527] [ 294.552770][T12527] dump_stack_lvl+0x116/0x1f0 [ 294.554138][T12527] __lock_acquire+0x878/0x3c40 [ 294.555641][T12527] ? __pfx___lock_acquire+0x10/0x10 [ 294.557738][T12527] ? __pfx___lock_acquire+0x10/0x10 [ 294.559381][T12527] ? ipv6_add_dev+0x993/0x13e0 [ 294.560757][T12527] lock_acquire.part.0+0x11b/0x380 [ 294.562221][T12527] ? __lock_task_sighand+0xc2/0x340 [ 294.563710][T12527] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 294.565334][T12527] ? rcu_is_watching+0x12/0xc0 [ 294.566792][T12527] ? trace_lock_acquire+0x14e/0x1f0 [ 294.568403][T12527] ? trace_lock_acquire+0x14e/0x1f0 [ 294.569893][T12527] ? __lock_task_sighand+0xc2/0x340 [ 294.571376][T12527] ? lock_acquire+0x2f/0xb0 [ 294.572675][T12527] ? __lock_task_sighand+0xc2/0x340 [ 294.574171][T12527] _raw_spin_lock_irqsave+0x3a/0x60 [ 294.575815][T12527] ? __lock_task_sighand+0xc2/0x340 [ 294.577928][T12527] __lock_task_sighand+0xc2/0x340 [ 294.579863][T12527] group_send_sig_info+0x290/0x300 [ 294.581326][T12527] ? __pfx_group_send_sig_info+0x10/0x10 [ 294.582934][T12527] ? __pfx___lock_acquire+0x10/0x10 [ 294.584417][T12527] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 294.586124][T12527] ? try_to_wake_up+0x158/0x1490 [ 294.587541][T12527] bpf_send_signal_common+0x415/0x520 [ 294.589076][T12527] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 294.590776][T12527] ? trace_lock_acquire+0x14e/0x1f0 [ 294.592259][T12527] ? bpf_trace_run2+0x1c2/0x590 [ 294.593662][T12527] bpf_send_signal+0x1d/0x30 [ 294.595008][T12527] bpf_prog_631417f49dd64198+0x25/0x48 [ 294.596825][T12527] bpf_trace_run2+0x231/0x590 [ 294.598449][T12527] ? __pfx_bpf_trace_run2+0x10/0x10 [ 294.600220][T12527] ? hlock_class+0x4e/0x130 [ 294.601770][T12527] trace_contention_end.constprop.0+0xf0/0x170 [ 294.603857][T12527] __pv_queued_spin_lock_slowpath+0x27e/0xc90 [ 294.605945][T12527] ? hlock_class+0x4e/0x130 [ 294.607491][T12527] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 294.609701][T12527] ? lock_acquire.part.0+0x11b/0x380 [ 294.611488][T12527] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 294.613398][T12527] do_raw_spin_lock+0x210/0x2c0 [ 294.615063][T12527] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 294.616889][T12527] ? lock_acquire+0x2f/0xb0 [ 294.618438][T12527] ? io_wq_enqueue+0x20a/0xb30 [ 294.620079][T12527] io_wq_enqueue+0x20a/0xb30 [ 294.621661][T12527] ? __pfx_io_wq_enqueue+0x10/0x10 [ 294.623403][T12527] ? __pfx_io_wq_work_match_item+0x10/0x10 [ 294.625390][T12527] ? io_prep_async_work+0x654/0x770 [ 294.627170][T12527] io_queue_iowq+0x28b/0x5c0 [ 294.628743][T12527] io_req_task_submit+0x142/0x1f0 [ 294.630469][T12527] io_poll_task_func+0x8cf/0xee0 [ 294.632163][T12527] ? __pfx_snd_rawmidi_poll+0x10/0x10 [ 294.633995][T12527] ? __pfx_io_poll_task_func+0x10/0x10 [ 294.635853][T12527] ? lock_acquire+0x2f/0xb0 [ 294.637397][T12527] ? io_handle_tw_list+0x29e/0x540 [ 294.638967][T12527] ? __pfx_io_poll_task_func+0x10/0x10 [ 294.640543][T12527] io_handle_tw_list+0x172/0x540 [ 294.641978][T12527] ? __pfx_io_handle_tw_list+0x10/0x10 [ 294.643532][T12527] ? lock_acquire.part.0+0x11b/0x380 [ 294.645073][T12527] ? find_held_lock+0x2d/0x110 [ 294.646464][T12527] tctx_task_work_run+0xac/0x390 [ 294.647885][T12527] tctx_task_work+0x7b/0xd0 [ 294.649198][T12527] ? __pfx_tctx_task_work+0x10/0x10 [ 294.650700][T12527] ? _raw_spin_unlock_irq+0x23/0x50 [ 294.652188][T12527] ? lockdep_hardirqs_on+0x7c/0x110 [ 294.653686][T12527] task_work_run+0x14e/0x250 [ 294.655028][T12527] ? __pfx_task_work_run+0x10/0x10 [ 294.656501][T12527] ? futex_wait+0x121/0x380 [ 294.657815][T12527] get_signal+0x1d3/0x2610 [ 294.659114][T12527] ? migrate_enable+0x1ef/0x260 [ 294.660519][T12527] ? __pfx_migrate_enable+0x10/0x10 [ 294.662027][T12527] ? __pfx_get_signal+0x10/0x10 [ 294.663427][T12527] ? do_futex+0x123/0x350 [ 294.664703][T12527] ? __pfx_do_futex+0x10/0x10 [ 294.666065][T12527] arch_do_signal_or_restart+0x90/0x7e0 [ 294.667654][T12527] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 294.669419][T12527] syscall_exit_to_user_mode+0x150/0x2a0 [ 294.671039][T12527] do_int80_emulation+0x111/0x200 [ 294.672494][T12527] asm_int80_emulation+0x1a/0x20 [ 294.673928][T12527] RIP: 0023:0xf7f22579 [ 294.675107][T12527] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 294.680574][T12527] RSP: 002b:00000000f505560c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 294.682948][T12527] RAX: fffffffffffffe00 RBX: 00000000f73e5018 RCX: 0000000000000080 [ 294.685152][T12527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f73e501c [ 294.687329][T12527] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000 [ 294.689553][T12527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 294.691706][T12527] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 294.693896][T12527] [ 294.818557][ T5988] usb 7-1: new high-speed USB device number 5 using dummy_hcd VM DIAGNOSIS: 21:51:55 Registers: info registers vcpu 0 CPU#0 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85145f15 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc900032bed38 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36 R12=0000000000000000 R13=000000000000002e R14=ffffffff85145eb0 R15=0000000000000000 RIP=ffffffff85145f3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f5f1ffc CR3=000000006a7bc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000003 RCX=1ffffffff203a53a RDX=ffff888023f30000 RSI=ffffffff81484a84 RDI=ffffffff81484a71 RBP=ffff8880124a2910 RSP=ffffc9000393fa70 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff901cf6d7 R11=0000000000000000 R12=0000000000000003 R13=0000000000000003 R14=ffff88802b53fc40 R15=ffffed1002494522 RIP=ffffffff81484a86 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020a90000 CR3=000000006a7bc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000008 RCX=ffffffff817947a1 RDX=ffff888020ef2440 RSI=ffffffff8179478d RDI=0000000000000001 RBP=1ffff92000665f39 RSP=ffffc9000332f9b8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=3030303030302052 R12=0000000000000001 R13=0000000000000000 R14=ffff888021604880 R15=0000000000000001 RIP=ffffffff8179478f RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f505ffac CR3=000000006c0a8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=ffff88804c7ceb60 RCX=ffff88804c7ceb68 RDX=1ffff110098f9d6d RSI=ffffffff8bb17240 RDI=ffff88801f169f20 RBP=0000000000000000 RSP=ffffc90003affbf0 R8 =0000000000000000 R9 =fffffbfff1d23820 R10=ffffffff8e91c103 R11=0000000000000000 R12=ffffc90003affd68 R13=ffff88801f169f18 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff849e1120 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000585174c0 CR3=000000004d3a2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000