last executing test programs: 6.866994751s ago: executing program 2 (id=3678): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000012e40)={0x0, 0x0, &(0x7f0000012e00)={&(0x7f0000000400)={0x18, 0x0, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}}, 0x0) 6.864681476s ago: executing program 2 (id=3679): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='nr_inodes=M']) chdir(&(0x7f0000000140)='./file0\x00') r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200067e001009058b1e20"], 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) dup3(r2, r1, 0x0) setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000080)=0x401, 0x4) syz_usb_control_io(r0, 0x0, 0x0) syz_emit_ethernet(0x29a, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaa00aaaaaaaaaa0086dd60cb653e02643a00fe800000000000000000000000000000fe80000000000000000000000000000086009078000000000000000000000000000d7db4265c9f6aa3b46521199ea778d105c24ab977edb940e63f49a7129f45462e5eecc39f468544e3c13aa9017ccd638e784912ef2c2589d0d45cf0ed4bbe909218459bcbeaf63697aef1702b895af582b2e3b5cd435f497d415f29c5d941df10c1ca58197441e0e9b3400d9800081598a4a8a719ffe0621615f6d04dcae3360546cf06f2665bae2296931fd1d71c1f7e8f222b9ddc4e0bfb5e5c9a484353b785e79b4d8181cf146261723484c54803466e8b0034130c3818a2eaac43f1a6efc4f7772852ea05bff405aa28758ba53e0f20"], 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xffffffffffffffb3) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r4, 0xffffffffffffffff}, 0x4) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x1d, &(0x7f0000000680)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0x69}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000640)='percpu_alloc_percpu\x00', r6}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0xb8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000012002102000000000000000007000000"], 0x38}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000440)={0x18, &(0x7f0000000780)={0x40, 0x12, 0x100, "08ced3b89f4ae28df6f21503f77228bc36e26a50b8969778ae6d0e0e193bfb842b877fde45c5b048624da3402b830fb1ae3ba1a5fe67ca21711f85e54c457049ac09ed8fc5c04aa82785afd842b29ed92e3b1e4270636fb3a35ebbff272c31c6b6625a4a2d6f108c3c5306c280823cef7e60baab2af8b50c7e8999f895ef7c85b4900c8d5ec0db8a2d99e2c97621c4c6ff7a75c59dabf49c55aa965b2b863b1460efa2c6cd20d13a00d3801ba481fbc3f6de0e820b33aef016d0b5da4b0f555def4eea99d39b4230838817e449bfb62e2ae07926adaa8af1414303439aadf9a01e5806ea74838fb771449904bc5499e5c86140fb598b6d7f42880721e7e8dc79"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0x28}, &(0x7f0000000380)={0x0, 0x8, 0x1, 0x6}, &(0x7f00000003c0)={0x20, 0x1, 0x34, "66580c3942667f527a8e9c70dd2fa63d4e70038ae3e37dfaf7ef39cfd45171aa91dedf55c90fc6f60edc00bbeae07b7e09e3626d"}, &(0x7f0000000400)={0x20, 0x3, 0x1, 0x4}}) syz_open_dev$char_usb(0xc, 0xb4, 0x0) r7 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) write$nbd(r7, &(0x7f0000000240)={0x1000000, 0x0, 0x0, 0x0, 0x0, "82b0cfc44bf965941538be02000000000000000000007400a391793ba7f400000000a4fdf700"/48}, 0x40) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) close(r8) pipe(&(0x7f0000000600)) 3.610276525s ago: executing program 2 (id=3701): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) openat$bsg(0xffffff9c, &(0x7f0000000100), 0x80000, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0xfffffffe}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x6c}, 0x1, 0x0, 0x0, 0x14}, 0x0) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000000c0), 0x4) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(&(0x7f0000000340)=@nullb, &(0x7f0000000400)='./file0\x00', &(0x7f0000000500)='ext4\x00', 0x4000, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000)=[@mss, @window={0x3, 0x7}], 0x2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) writev(r4, &(0x7f0000000000)=[{&(0x7f0000000640)="f3", 0xf000}], 0x1) getsockopt$inet_opts(r3, 0x0, 0x19, 0xffffffffffffffff, &(0x7f0000000580)) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r6 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r6, 0x65, 0x1, 0x0, 0x0) close(r6) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) sendmmsg(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000100)="12d28d42f2d4751c3f0425996ca7706a78ed153b9908b65b418abebf9f0211d041a4a9649fd6b9ac9aa4768ee7640933ef6cabc6398cbf5a03d4b7da172f0ac2941c7c1c659823ce12ddb0b74c6581adcd1c30d46cdaa3c14c09c7de4ce884fd61e65aed2cdb9fc2566d34abf8ca8476ddb1", 0x72}, {&(0x7f0000000380)="78269da44e07e1a15b6b4daaa24eaca44add813430eb81c9abbd7538950dd7cfa44d9ef6444018d082cac1b4ab2d8bf66adf307d2a19135d8193fd053e70a4564ca5d2b356e5ed149eef70b88902650d61ea40978ebf4d37be178b04270b543ff0ad9dec2ac88ea63d6772d166ac2b2a8a5f9f8c9ced205147a666c356286333e5b34c45a7cbea7083cfa0d4b7f42bdea779450f3df3edb349a95b390cb773", 0x9f}, {&(0x7f0000000180)="c8766a89fad7e9490487724950b17b63995d693fa8d43299e26fbd77a65c98b597662e2b760da21228d7b0c90bcad7cd4a32125f3e0aef030db271fc8f59158fdc2e3d", 0x43}, {&(0x7f0000001a80)="e770ee9adf64fd9c42b037f92397e2d74912052da3a91f57158d0f0544f145adcb630a76f35e701613782ce5ead5f39d5a28b8cb4c91212afaba33f5c22a10fb2642a076b27d6761f8cf06a772e1ab155915e04d1a170fc86aa027e3b050864f72e7a08eca48b9f66ae0a24c129934413aaa3f3f77f3d7606b6aff67207f09f77650660f17f031f123aa43fbca00194ce854c60e65f5d40cabc0c2dddf26f74f232572c4546d676bc92bac68d7ba502527d6d7d6147881e0a2c4a18cf2e542d09461f467924c807e233abb59be7bba9842dbcbd6dcc51217cf55ab07ccc85f81bdc6a12da331fbb3e24ada9a549ee718c38ef98793", 0xf5}], 0x4}}], 0x1, 0x8815) recvmsg(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000a80)=""/4096, 0x248}], 0xa}, 0x0) write(r0, &(0x7f0000000040)="07000000010001", 0x7) 3.363319028s ago: executing program 2 (id=3702): epoll_create1(0x0) r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) close(r0) syz_open_dev$tty1(0xc, 0x4, 0x1) socket(0x10, 0x3, 0x0) openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0) r1 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100, 0xffffffff, 0x40000000}, &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x598c, &(0x7f00000003c0), &(0x7f0000000080)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x1}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r5 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000740)=0xa0000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@bridge_delneigh={0x1c, 0x1d, 0xf07, 0x70bd27, 0x0, {0x2, 0x0, 0x0, r6, 0x14, 0x67, 0x8}}, 0x1c}}, 0x20040001) r7 = dup(r5) ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000040)={@my=0x0}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r5, 0x7cb, &(0x7f0000000100)={&(0x7f0000001100)={{@local}, {@hyper}, 0x400, "a9e982103df53ce6b531b9df69f4a83ca7c6c257ffcec48fdd079a484b999da8d403d2d5ae19962553412682691cb347a8ca3723330043d55bab204ad8910cdf928e51f78c9f8c491e01c0d8e9144bb316d74615369a7a2ddabf419d3e2d65d38103fad0397dadd36dbe6316275a011b5f2870f38d732bfae62c9fdb0041aed9aefade394a2894e979f2fb2cd1316f801727ce4a8cfceb7bb8a9402f66c37d8206f69da312b8c1c5e8e99e2a0b16ba5295795122357d9bb1657833b8ae83ac9256afc32056ee35dba7b44623dfa55250ae9fa1f9a950b930b98a6361f11f0fbd38339dde08ba0f056107fd2dc5bfaa8af65fa3d207f1db778b17d00e0988be71bb3f9e9364b865ea45276dc6c18f32b285f198161939e68f211d940d7f5e225c5e15945f1fd125859f94b08a3e777789fb743af30d11c3c68fae32f3aaf941d7e3b0111f19e1006b1730006b876f66be174f674cfffac793cb0bf7ba79b82cf4be085a4b8d8bd131d54efd9deba758fa848320296b5268c9885bf752a7a5dc6f080e322acf3a9ee33e1895b55a171d8114f15117f84cd13f6069141e9e31332ebd5189fff0a38dd650d179ba03f4754a1fde5f15f7267db4b2dc9a5cf43b6bc13133ec7ee6a6722ff39479a10d2336cb54074b1e00264b3a5f379015bdda214080959d2d1f3d376be2e3a049c86c7235cf1a0440b0c7758d2c08e2a2f00cd408b7fdfb789d77628631f98c4b0ecc1f63b60de931f419e17833d3846aaafa8b59368b6e993a6999f5ea6f75b09e394e2fb1f36c6a7669184f33a93ebda47aa5cfa402e76badd8996a760fb0713fefe693956336604d48dd28c2ff08f9433f390fa7995fa4423be17dc484ea61af21f5d3ba81605a1a511aae387097483689502cfd5658cf430277bc0baedd616f5aed85394031652b120ff98f5f626d4667f7b00f65e8ddb68496ef402041fe33e9e44a050366c0996bd06795926fb7e769c8f64d19ae9892a5faea7216f2c2b6f556cae9a12679f111a1585b936f7ae3bcfde5c633409646950fc42d5b6361462d5a39674fdf2a290ab8ef142312060d46ef792b6dbe17f9728d5e77ca33eeb9ab5e6982091f31f53829c8ff64b13bcfbb5e76137a2e402029f5882c79f66310fd4a3af9d88518e9f39a53804ed066d0adf687634fd27525866f7a5730d6047d4e049b2f48d5ef5d88502482471eb9fafd60a2d234f69b19b232235030c5ca8975f2be003fb079dd28cb029a599169bfd17e53e94fe0802b3fd6ba43e8fad6c0ae124ca1384a66e007c9066b3da2875ab032d1354a604b472b7e27298fcbeadcad250eff76b1e7d77e1861fb38dbbbb75fdea353604ff34c6b9ca6b692305b5e3f634c7a6d431aeafb6f82456a69996793645fd91cccf5b38ff5e070f049c992003e11d6174a38e217d56f2e427901927a5c17"}, 0x418}) close_range(r4, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x80002, 0x0) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r9 = syz_open_dev$video(0x0, 0x7, 0x0) ioctl$VIDIOC_S_FMT(r9, 0xc0d05640, &(0x7f0000000340)={0x1}) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) r13 = dup(r12) ioctl$KVM_SET_MSRS(r13, 0xc048aeca, &(0x7f0000000040)=ANY=[@ANYRES16=r8]) keyctl$dh_compute(0x17, &(0x7f0000000400), 0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={'digest_null\x00'}}) io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0) 3.220064164s ago: executing program 2 (id=3705): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) mknod(0x0, 0x1000, 0x0) open(0x0, 0x14507f, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x11, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000001000"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendfile(r3, 0xffffffffffffffff, 0x0, 0x3) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)={'veth1_to_team\x00', @broadcast}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="03fe000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n'], 0x44}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000"], 0x7c}}, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) r5 = socket$inet(0x2, 0x3, 0x6) connect$inet(r5, &(0x7f0000000080)={0x2, 0xfffe, @remote}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r7 = syz_open_dev$video4linux(&(0x7f0000000000), 0x20, 0x0) ioctl$VIDIOC_SUBDEV_S_FMT(r7, 0xc0585605, &(0x7f0000000040)={0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3}}) lstat(0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) sendmmsg$inet(r5, &(0x7f0000001300)=[{{0x0, 0xe, 0x0}}], 0x300, 0x0) r8 = getpid() fcntl$setown(r1, 0x8, r8) syz_open_dev$vim2m(&(0x7f0000000240), 0x3, 0x2) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.279470421s ago: executing program 1 (id=3722): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) openat$bsg(0xffffff9c, &(0x7f0000000100), 0x80000, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0xfffffffe}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x6c}, 0x1, 0x0, 0x0, 0x14}, 0x0) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000000c0), 0x4) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(&(0x7f0000000340)=@nullb, &(0x7f0000000400)='./file0\x00', &(0x7f0000000500)='ext4\x00', 0x4000, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000000)=[@mss, @window={0x3, 0x7}], 0x2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042) writev(r4, &(0x7f0000000000)=[{&(0x7f0000000640)="f3", 0xf000}], 0x1) getsockopt$inet_opts(r3, 0x0, 0x19, 0xffffffffffffffff, &(0x7f0000000580)) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r6 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r6, &(0x7f0000000580), 0x10) close(r6) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) sendmmsg(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000100)="12d28d42f2d4751c3f0425996ca7706a78ed153b9908b65b418abebf9f0211d041a4a9649fd6b9ac9aa4768ee7640933ef6cabc6398cbf5a03d4b7da172f0ac2941c7c1c659823ce12ddb0b74c6581adcd1c30d46cdaa3c14c09c7de4ce884fd61e65aed2cdb9fc2566d34abf8ca8476ddb1", 0x72}, {&(0x7f0000000380)="78269da44e07e1a15b6b4daaa24eaca44add813430eb81c9abbd7538950dd7cfa44d9ef6444018d082cac1b4ab2d8bf66adf307d2a19135d8193fd053e70a4564ca5d2b356e5ed149eef70b88902650d61ea40978ebf4d37be178b04270b543ff0ad9dec2ac88ea63d6772d166ac2b2a8a5f9f8c9ced205147a666c356286333e5b34c45a7cbea7083cfa0d4b7f42bdea779450f3df3edb349a95b390cb773", 0x9f}, {&(0x7f0000000180)="c8766a89fad7e9490487724950b17b63995d693fa8d43299e26fbd77a65c98b597662e2b760da21228d7b0c90bcad7cd4a32125f3e0aef030db271fc8f59158fdc2e3d", 0x43}, {&(0x7f0000001a80)="e770ee9adf64fd9c42b037f92397e2d74912052da3a91f57158d0f0544f145adcb630a76f35e701613782ce5ead5f39d5a28b8cb4c91212afaba33f5c22a10fb2642a076b27d6761f8cf06a772e1ab155915e04d1a170fc86aa027e3b050864f72e7a08eca48b9f66ae0a24c129934413aaa3f3f77f3d7606b6aff67207f09f77650660f17f031f123aa43fbca00194ce854c60e65f5d40cabc0c2dddf26f74f232572c4546d676bc92bac68d7ba502527d6d7d6147881e0a2c4a18cf2e542d09461f467924c807e233abb59be7bba9842dbcbd6dcc51217cf55ab07ccc85f81bdc6a12da331fbb3e24ada9a549ee718c38ef98793", 0xf5}], 0x4}}], 0x1, 0x8815) recvmsg(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000a80)=""/4096, 0x248}], 0xa}, 0x0) write(r0, &(0x7f0000000040)="07000000010001", 0x7) 1.129202246s ago: executing program 1 (id=3723): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = socket$l2tp(0x2, 0x2, 0x73) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) close(r5) tee(r3, r4, 0x6, 0x0) rt_sigtimedwait(&(0x7f0000000140)={[0xfffffffffffffff9]}, 0x0, 0x0, 0x8) bind$l2tp(r2, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x15}, 0x3}, 0x10) recvfrom(r1, 0x0, 0x0, 0x40002100, 0x0, 0x0) 1.129087813s ago: executing program 1 (id=3724): r0 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x7d, 0x0, &(0x7f0000001040)) (fail_nth: 1) 1.009382466s ago: executing program 1 (id=3725): unshare(0x60040000) socket$phonet_pipe(0x23, 0x5, 0x2) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0) r4 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x1}, {0xfff3, 0x2}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x5}}}]}, 0x48}}, 0x0) r7 = io_uring_setup(0x371f, &(0x7f0000000680)={0x0, 0x0, 0x100, 0x0, 0xfffffffe}) io_uring_register$IORING_REGISTER_PBUF_RING(r7, 0x16, &(0x7f0000000740)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) io_uring_register$IORING_UNREGISTER_PBUF_RING(r7, 0x17, &(0x7f0000002080)={0x0}, 0x1) unshare(0x200) bind$phonet(r0, &(0x7f0000000080)={0x23, 0x1, 0x0, 0xfd}, 0x10) r8 = socket$kcm(0x2, 0x3, 0x84) socket$inet_sctp(0x2, 0x1, 0x84) recvmsg$kcm(r8, &(0x7f0000000e00)={0x0, 0x0, 0x0}, 0x0) r9 = syz_open_dev$radio(&(0x7f0000000640), 0x0, 0x2) read(r9, 0x0, 0x0) r10 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r10, &(0x7f0000000000)={0x23, 0x4, 0x2}, 0x10) 862.176626ms ago: executing program 0 (id=3726): r0 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x7d, 0x0, &(0x7f0000001040)) 789.628724ms ago: executing program 0 (id=3727): socket(0x2, 0x800, 0x7) socket$kcm(0x10, 0x400000002, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = syz_open_procfs(0x0, 0x0) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs2/binder1\x00', 0x406, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102379, 0x18feb) ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000140)=ANY=[@ANYBLOB="af5c0000100000000c01858083880b00060b8b0188058c8e"]) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) r2 = socket(0x840000000002, 0x3, 0x100) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) pwritev2(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="d0600b401f39b97bf93ecf49759e94b4519a0de2f87e5c417273a5dce55efb335b22dce602ca972f116438489fdab766171401f130eb1c9e78ec70db15755f97ca197fc3da0b85ea0d2f7bdffcc1caa5810430b5448f4ae272489f5c7ac1e4660c4f7b0446d5457181924a3d4dbfdfee93a14379adfe7c1effdacb69a945", 0x7e}], 0x1, 0xa, 0x6e6f2b53, 0x10) sendmsg$key(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x10}}, 0x10) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x109280, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r5}, 0x10) r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8) close(r7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='rxrpc_rx_abort\x00', r4, 0x0, 0x10001}, 0x22) bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0) ioctl$FBIOBLANK(r3, 0x4611, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') open(&(0x7f0000000000)='.\x00', 0x0, 0x0) 699.823004ms ago: executing program 0 (id=3728): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92513ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aa38c41a86fd19d8dc6245a1bbee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c10b1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40, @void, @value}, 0x90) r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0) write$binfmt_aout(0xffffffffffffffff, &(0x7f00000010c0)=ANY=[], 0x1a3) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140), 0xff79) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x8) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000640)='bbr\x00', 0x4) sendmmsg$inet(r1, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000d40)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b63eb7aaea4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74afa52db1ac07f7cce47d5e8ce5b2806ff7171c64a689a0ba35e934506a46a10b9a579dc436308", 0xf9}, {&(0x7f00000002c0)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df283b3ca3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef304ed0ffedd061941d9d022b25a4b9632856295fee3a314f6c196d953bcaf1aff06d181d51662fdaa52e46d7905c0b4c632602c810f1e6a6c98f0eaed1d795bc3495ea0b47ca0c44465d4b8b46dac524f2e179f22b486aaef3b7e436e9dc1ecdf10a3a2d59c839a8185d2fa5d802e15426193f256bb89fa695b0c2c5110a54f63b1a930f3bd73111ce745c418dd1b44e29bf1a828d1c5481bacf48436a994af54c666a056aa6d33b98167c6f894a4ee4825b3d21a9c491badf231d3ffdf241298140f49df0dc48c9a501b43d1b7fff2b9218775132d7d248412dcc552adcd4a26eaf7ce25f5a6cf8fe3d25bf3", 0x1ca}], 0x2}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)}, {0x0}, {0x0}], 0x3}}], 0x2, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f00000007c0), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r2, 0xc2c85512, 0x0) sendto$inet(r1, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) r3 = openat$incfs(0xffffffffffffffff, &(0x7f0000000040)='.pending_reads\x00', 0x200100, 0x4) fsmount(r3, 0x1, 0xf8) fcntl$dupfd(r1, 0x406, r0) 699.66374ms ago: executing program 0 (id=3729): r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x10, 0xa702) mmap(&(0x7f0000371000/0x5000)=nil, 0x5000, 0x0, 0x11, r0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_CLASS_OF_DEV={{0x7}}}}, 0x7) 649.059802ms ago: executing program 0 (id=3730): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) sendmmsg$inet(r0, &(0x7f0000002840)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c048) connect$inet(r0, &(0x7f0000002800)={0x2, 0x0, @empty}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 647.367876ms ago: executing program 0 (id=3731): socket(0x1, 0x2, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000680)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000840)='z', 0x1, 0x0, 0x0, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d00001400000000000000000000000800120000000200000000000000000006000000000000000000000000000400ac1e0001000000000000000000000000ac14140000000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000aa0000000000000000050006"], 0xa0}}, 0x0) sendto$inet6(r0, &(0x7f0000000040)="93", 0x34000, 0x0, 0x0, 0x44) 451.678178ms ago: executing program 3 (id=3732): r0 = getpgid(0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0) (async) epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) (async) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) (async) syz_usb_connect(0x6, 0x2d, &(0x7f0000000040)=ANY=[], 0x0) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r4, 0x10) (async, rerun: 64) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async, rerun: 64) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, &(0x7f0000000340)) (async, rerun: 32) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) (rerun: 32) sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000380)=ANY=[@ANYBLOB="24000000bf020000080800064025fba4860690222a87748eee4a00000005050001000700000083b6f2fa27f398227c4ade948777a61db5463158af681aa9509ca1ed977d69f39e514ac1c7e7c0a62c5b040b441744de27ea4027057fde09ab5726ddc4999de840843c8c21cf54a9a6bda7eb74c4b181052c51a2f284a637ea5eace0c3d30195e8fffff7722d23b1f094493bf3f13c9d2e687ec1bff219402738910c09a75097ad92ed2e274d3ee4fb05dbe8f8a30dffd8019bd9fbbbe66e9140a9387494a3e9e95da41ca68bfd6e95744dee9626d1043e10c3ec69fab311b9f3a76567c9c980f05d9d78f8"], 0x24}}, 0x4c800) (async) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) r7 = socket$alg(0x26, 0x5, 0x0) r8 = socket$netlink(0x10, 0x3, 0x4) writev(r8, &(0x7f0000000000), 0x0) (async, rerun: 32) bind$alg(r7, &(0x7f0000000740)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) (rerun: 32) openat$dlm_control(0xffffffffffffff9c, 0x0, 0x101, 0x0) (async) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="640000000206010800000000000000000000000014000780080012400003000008001140000000000500010006000000050005000200000005000400000000000900020073797a310000000015000300686173683a6970"], 0x64}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r9 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_SECURITY_KEY(r9, 0x110, 0x1, 0xfffffffffffffffe, 0x11) (async, rerun: 32) sendmmsg$unix(r2, &(0x7f00000bd000), 0x0, 0x0) (async, rerun: 32) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32=r5, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}, 0x1, 0x0, 0x0, 0x4048840}, 0x0) (async, rerun: 64) socket(0x10, 0x803, 0x0) (rerun: 64) 380.261285ms ago: executing program 3 (id=3733): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) sendmmsg$inet(r0, &(0x7f0000002840)=[{{&(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c048) connect$inet(r0, &(0x7f0000002800)={0x2, 0x0, @empty}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1) 280.115631ms ago: executing program 3 (id=3734): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, 0x0, 0x0) 279.734361ms ago: executing program 2 (id=3735): r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) mbind(&(0x7f0000a93000/0x3000)=nil, 0x3000, 0x4000, 0x0, 0x3, 0xc) bind$alg(r1, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r2 = accept4(r1, 0x0, 0x0, 0x0) sendmmsg$inet(r2, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000340)="be", 0x1}, {&(0x7f0000000400)='NL\v', 0x3}], 0x2}}], 0x1, 0x0) r3 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000e1ffffff070000001400080000000000000000000000000000000000050014"], 0x38}}, 0x0) r6 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$inet6_int(r6, 0x29, 0x10, &(0x7f0000000040)=0xa, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'}) r7 = gettid() timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x4, @tid=r7}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioperm(0x6, 0x3fc, 0xe6) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000440)={0xffffffffffffffff}) tee(r9, r8, 0x8, 0x0) connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x62) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000080), 0x200000, 0x4) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYRESHEX=r10, @ANYRESHEX=0x0, @ANYRESDEC=r10, @ANYRES64=0x0, @ANYRES64=r10, @ANYRES32=0x0, @ANYRES64=r10], 0x0, 0x8, 0xb7, &(0x7f0000000140)=""/183, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x10, 0xfffffffb, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), 0x0) open(&(0x7f0000000a40)='./bus\x00', 0x161a42, 0x0) 271.109513ms ago: executing program 3 (id=3736): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000440)=[@in={0x2, 0x0, @loopback}]}, &(0x7f00000001c0)=0x10) 270.136334ms ago: executing program 3 (id=3737): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0)=0x40010000) ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000100)=0x40) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f00000002c0)=0x1) ioctl$SNDCTL_DSP_GETIPTR(r0, 0x800c5011, &(0x7f0000000040)) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) syz_open_dev$char_usb(0xc, 0xb4, 0x3) r1 = io_uring_setup(0x168e, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) mremap(&(0x7f0000241000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) mremap(&(0x7f0000b8e000/0x4000)=nil, 0x4000, 0x2000, 0x0, &(0x7f00004e5000/0x2000)=nil) move_pages(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000a7a000/0x3000)=nil], &(0x7f00000001c0), 0x0, 0x0) 60.08196ms ago: executing program 1 (id=3738): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000440)=[@in={0x2, 0x0, @loopback}]}, &(0x7f00000001c0)=0x10) (fail_nth: 1) 59.630541ms ago: executing program 3 (id=3739): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r0}, 0x38) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0xfd, 0x9, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000004f00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x1e, 0x1, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xe, 0x0, &(0x7f0000000300)="14fd54ab72df97e6256c00000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r5 = socket$inet(0x2, 0x3, 0x4) r6 = getpid() process_vm_readv(r6, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000003f00000000000000", @ANYRESOCT=r6, @ANYRESOCT=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_open_procfs$namespace(r6, &(0x7f0000000040)='ns/time\x00') bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r1}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000500), &(0x7f0000000280), 0x4, r1, 0x0, 0x10000000}, 0x38) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="680000001a000000000000000000000014000000000000000000000000000000000000bad4c9244e01440000803e000000280101a1d8e656b0590d68d0d76a4a4e38207c18b38cea3c9c700be24a70446c454baa6f0421a4707aa17d16574e0fbe63958c"], 0x68}], 0x1}, 0x0) sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x2c, 0x3a, 0xb, 0x0, 0x0, {0x3}, [@nested={0xfffffffffffffec1, 0x0, 0x0, 0x1, [@typed={0x13, 0x3, 0x0, 0x0, @str='\r4\xd8\x02j,'}]}]}, 0x2c}}, 0x0) epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140)={[0x8]}, 0x8) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r8, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000440)=[@in={0x2, 0x0, @loopback}]}, &(0x7f00000001c0)=0x10) 0s ago: executing program 1 (id=3740): close(0xffffffffffffffff) socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) preadv(r0, 0x0, 0x0, 0xfffffffc, 0x7ff) prctl$PR_SET_PTRACER(0x59616d61, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]}) r1 = add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_WATCH_KEY(0x20, r1, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc) r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) write$sysctl(r2, &(0x7f0000000300)='1\x00', 0xfffffffffffffe65) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) write$sysctl(r2, &(0x7f0000000000)='2\x00', 0x2) kernel console output (not intermixed with test programs): 0000 [ 580.836351][T18222] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 580.838445][T18222] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 580.840540][T18222] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 580.842658][T18222] [ 580.849806][ T5383] usb 2-1: new high-speed USB device number 46 using ehci-pci [ 580.970650][ T57] vhci_hcd: vhci_device speed not set [ 581.064092][ T5383] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 581.066697][ T5383] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 581.068881][ T5383] usb 2-1: Product: QEMU USB Tablet [ 581.071862][ T5383] usb 2-1: Manufacturer: QEMU [ 581.073414][ T5383] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 581.106962][ T5383] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00F6/input/input188 [ 581.116919][T18234] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 581.118703][T18234] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 581.121686][T18234] vhci_hcd vhci_hcd.0: Device attached [ 581.182351][ T5383] hid-generic 0003:0627:0001.00F6: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 581.252254][T18237] afs: Unknown parameter 'obj_user' [ 581.320215][T13246] vhci_hcd: vhci_device speed not set [ 581.430383][T13246] usb 17-1: new full-speed USB device number 3 using vhci_hcd [ 581.996722][T18235] vhci_hcd: connection reset by peer [ 581.998703][T16167] vhci_hcd: stop threads [ 582.000021][T16167] vhci_hcd: release socket [ 582.007842][T16167] vhci_hcd: disconnect device [ 583.122521][T18283] syz.1.3429: attempt to access beyond end of device [ 583.122521][T18283] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 583.126086][T18283] EXT4-fs (loop1): unable to read superblock [ 583.143155][T18283] usb 2-1: USB disconnect, device number 46 [ 583.218091][T18285] hub 2-0:1.0: USB hub found [ 583.220129][T18285] hub 2-0:1.0: 6 ports detected [ 583.259742][ T5344] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 583.399792][ T9] usb 2-1: new high-speed USB device number 47 using ehci-pci [ 583.410833][T18286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3426'. [ 583.419729][ T5344] usb 5-1: Using ep0 maxpacket: 32 [ 583.424150][ T5344] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 583.428529][ T5344] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 583.431336][ T5344] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 583.433925][ T5344] usb 5-1: Product: syz [ 583.435342][ T5344] usb 5-1: Manufacturer: syz [ 583.436799][ T5344] usb 5-1: SerialNumber: syz [ 583.439243][ T5344] usb 5-1: config 0 descriptor?? [ 583.441806][T18270] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 583.594329][ T9] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 583.597662][ T9] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 583.600434][ T9] usb 2-1: Product: QEMU USB Tablet [ 583.604206][ T9] usb 2-1: Manufacturer: QEMU [ 583.606719][ T9] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 583.632562][ T9] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00F7/input/input189 [ 583.698391][ T9] hid-generic 0003:0627:0001.00F7: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 583.737641][ T9] usb 5-1: USB disconnect, device number 21 [ 583.924347][T18291] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3431'. [ 583.962318][T18293] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 584.090590][T18297] FAULT_INJECTION: forcing a failure. [ 584.090590][T18297] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 584.094181][T18297] CPU: 3 UID: 0 PID: 18297 Comm: syz.3.3435 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 584.097087][T18297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 584.099953][T18297] Call Trace: [ 584.100858][T18297] [ 584.101659][T18297] dump_stack_lvl+0x16c/0x1f0 [ 584.102970][T18297] should_fail_ex+0x497/0x5b0 [ 584.104239][T18297] _copy_from_user+0x30/0xf0 [ 584.105475][T18297] get_compat_msghdr+0xa8/0x170 [ 584.106791][T18297] ? __pfx_get_compat_msghdr+0x10/0x10 [ 584.108243][T18297] ? __pfx___lock_acquire+0x10/0x10 [ 584.109637][T18297] ___sys_sendmsg+0x1b0/0x1e0 [ 584.110918][T18297] ? __pfx____sys_sendmsg+0x10/0x10 [ 584.112375][T18297] ? lock_acquire+0x2f/0xb0 [ 584.113615][T18297] ? __fget_files+0x40/0x3f0 [ 584.114886][T18297] ? fdget+0x176/0x210 [ 584.115986][T18297] __sys_sendmsg+0x117/0x1f0 [ 584.117231][T18297] ? __pfx___sys_sendmsg+0x10/0x10 [ 584.118618][T18297] ? __fget_files+0x244/0x3f0 [ 584.119888][T18297] __do_fast_syscall_32+0x73/0x120 [ 584.121268][T18297] do_fast_syscall_32+0x32/0x80 [ 584.122630][T18297] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 584.124325][T18297] RIP: 0023:0xf7f32579 [ 584.125422][T18297] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 584.128860][T18295] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3433'. [ 584.130514][T18297] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 584.130527][T18297] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 584.130534][T18297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 584.130540][T18297] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 584.130545][T18297] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 584.130551][T18297] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 584.130563][T18297] [ 584.196531][T18295] netlink: 'syz.2.3433': attribute type 2 has an invalid length. [ 584.198537][T18295] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 584.422339][T18322] FAULT_INJECTION: forcing a failure. [ 584.422339][T18322] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 584.425845][T18322] CPU: 3 UID: 0 PID: 18322 Comm: syz.0.3443 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 584.428983][T18322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 584.431897][T18322] Call Trace: [ 584.432829][T18322] [ 584.433654][T18322] dump_stack_lvl+0x16c/0x1f0 [ 584.435048][T18322] should_fail_ex+0x497/0x5b0 [ 584.436360][T18322] _copy_from_user+0x30/0xf0 [ 584.437591][T18322] get_old_timespec32+0x153/0x1f0 [ 584.438961][T18322] ? __pfx_get_old_timespec32+0x10/0x10 [ 584.440400][T18322] ? __pfx_migrate_enable+0x10/0x10 [ 584.441802][T18322] do_compat_pselect+0x1c4/0x240 [ 584.443173][T18322] ? __pfx_do_compat_pselect+0x10/0x10 [ 584.444633][T18322] ? __pfx___seccomp_filter+0x10/0x10 [ 584.446081][T18322] __ia32_compat_sys_pselect6_time32+0x17c/0x240 [ 584.447774][T18322] ? __pfx___ia32_compat_sys_pselect6_time32+0x10/0x10 [ 584.449577][T18322] ? __secure_computing+0x273/0x3f0 [ 584.450974][T18322] __do_fast_syscall_32+0x73/0x120 [ 584.452473][T18322] do_fast_syscall_32+0x32/0x80 [ 584.453772][T18322] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 584.455488][T18322] RIP: 0023:0xf743e579 [ 584.456574][T18322] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 584.461677][T18322] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000134 [ 584.463910][T18322] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 0000000020000180 [ 584.465999][T18322] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000300 [ 584.468092][T18322] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 584.470189][T18322] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 584.472270][T18322] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 584.474381][T18322] [ 584.854029][T18341] macvlan0: entered promiscuous mode [ 584.855447][T18341] macvlan0: entered allmulticast mode [ 584.882278][T18335] usb 2-1: USB disconnect, device number 47 [ 584.927643][T18335] hub 2-0:1.0: USB hub found [ 584.930063][T18335] hub 2-0:1.0: 6 ports detected [ 584.938850][T18347] FAULT_INJECTION: forcing a failure. [ 584.938850][T18347] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 584.942702][T18347] CPU: 2 UID: 0 PID: 18347 Comm: syz.3.3451 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 584.945524][T18347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 584.948350][T18347] Call Trace: [ 584.949247][T18347] [ 584.950042][T18347] dump_stack_lvl+0x16c/0x1f0 [ 584.951307][T18347] should_fail_ex+0x497/0x5b0 [ 584.952526][T18347] _copy_from_user+0x30/0xf0 [ 584.953726][T18347] get_compat_msghdr+0xa8/0x170 [ 584.954998][T18347] ? __pfx_get_compat_msghdr+0x10/0x10 [ 584.956416][T18347] ? __pfx___lock_acquire+0x10/0x10 [ 584.957773][T18347] ___sys_sendmsg+0x1b0/0x1e0 [ 584.959016][T18347] ? __pfx____sys_sendmsg+0x10/0x10 [ 584.960459][T18347] ? lock_acquire+0x2f/0xb0 [ 584.961635][T18347] ? __fget_files+0x40/0x3f0 [ 584.962888][T18347] ? fdget+0x176/0x210 [ 584.963955][T18347] __sys_sendmsg+0x117/0x1f0 [ 584.965158][T18347] ? __pfx___sys_sendmsg+0x10/0x10 [ 584.966712][T18347] ? __fget_files+0x244/0x3f0 [ 584.968034][T18347] __do_fast_syscall_32+0x73/0x120 [ 584.969686][T18347] do_fast_syscall_32+0x32/0x80 [ 584.971579][T18347] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 584.973880][T18347] RIP: 0023:0xf7f32579 [ 584.975385][T18347] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 584.982282][T18347] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 584.985325][T18347] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 584.988165][T18347] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 584.990230][T18347] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 584.992247][T18347] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 584.994268][T18347] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 584.996303][T18347] [ 585.149680][ T5403] usb 2-1: new high-speed USB device number 48 using ehci-pci [ 585.347010][ T5403] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 585.350344][ T5403] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 585.353184][ T5403] usb 2-1: Product: QEMU USB Tablet [ 585.355345][ T5403] usb 2-1: Manufacturer: QEMU [ 585.362354][ T5403] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 585.384105][ T5403] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00F8/input/input190 [ 585.454733][ T5403] hid-generic 0003:0627:0001.00F8: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 585.714879][T18368] binder: 18362:18368 ioctl c0306201 20000280 returned -14 [ 585.857193][T18367] syz.2.3457: attempt to access beyond end of device [ 585.857193][T18367] loop2: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 585.862257][T18367] EXT4-fs (loop2): unable to read superblock [ 585.887348][T18367] usb 2-1: USB disconnect, device number 48 [ 586.309834][T18373] hub 2-0:1.0: USB hub found [ 586.311262][T18373] hub 2-0:1.0: 6 ports detected [ 586.393336][T18386] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 586.479703][ T5403] usb 2-1: new high-speed USB device number 49 using ehci-pci [ 586.580095][T13246] vhci_hcd: vhci_device speed not set [ 586.618799][ T39] audit: type=1326 audit(1729407425.944:7341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.3463" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 586.687899][ T5403] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 586.690461][ T5403] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 586.692722][ T5403] usb 2-1: Product: QEMU USB Tablet [ 586.694210][ T5403] usb 2-1: Manufacturer: QEMU [ 586.695596][ T5403] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 586.715650][ T5403] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00F9/input/input191 [ 586.728565][ T5403] hid-generic 0003:0627:0001.00F9: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 587.219818][ T5344] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 587.393196][ T5344] usb 8-1: config 0 has no interfaces? [ 587.394756][ T5344] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 587.402060][ T5344] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 587.406029][ T5344] usb 8-1: config 0 descriptor?? [ 588.488927][T18431] FAULT_INJECTION: forcing a failure. [ 588.488927][T18431] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 588.492677][T18431] CPU: 0 UID: 0 PID: 18431 Comm: syz.0.3473 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 588.495490][T18431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 588.498303][T18431] Call Trace: [ 588.499188][T18431] [ 588.499974][T18431] dump_stack_lvl+0x16c/0x1f0 [ 588.501211][T18431] should_fail_ex+0x497/0x5b0 [ 588.502476][T18431] _copy_from_user+0x30/0xf0 [ 588.503693][T18431] get_compat_msghdr+0xa8/0x170 [ 588.504986][T18431] ? __pfx_get_compat_msghdr+0x10/0x10 [ 588.506460][T18431] ? __pfx___lock_acquire+0x10/0x10 [ 588.507835][T18431] ___sys_sendmsg+0x1b0/0x1e0 [ 588.509085][T18431] ? __pfx____sys_sendmsg+0x10/0x10 [ 588.510468][T18431] ? lock_acquire+0x2f/0xb0 [ 588.511670][T18431] ? __fget_files+0x40/0x3f0 [ 588.512900][T18431] ? fdget+0x176/0x210 [ 588.513983][T18431] __sys_sendmsg+0x117/0x1f0 [ 588.515205][T18431] ? __pfx___sys_sendmsg+0x10/0x10 [ 588.516551][T18431] ? __fget_files+0x244/0x3f0 [ 588.517796][T18431] __do_fast_syscall_32+0x73/0x120 [ 588.519162][T18431] do_fast_syscall_32+0x32/0x80 [ 588.520452][T18431] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 588.522136][T18431] RIP: 0023:0xf743e579 [ 588.523218][T18431] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 588.528257][T18431] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 588.530450][T18431] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000140 [ 588.532514][T18431] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 588.534604][T18431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 588.536670][T18431] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 588.538740][T18431] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 588.540804][T18431] [ 588.663314][T18432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3472'. [ 588.793320][ T5344] usb 8-1: USB disconnect, device number 14 [ 588.840330][T18444] syz.2.3476: attempt to access beyond end of device [ 588.840330][T18444] loop2: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 588.843926][T18444] EXT4-fs (loop2): unable to read superblock [ 588.848952][T18443] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3475'. [ 588.867002][T18444] usb 2-1: USB disconnect, device number 49 [ 588.928173][T18444] hub 2-0:1.0: USB hub found [ 588.930403][T18444] hub 2-0:1.0: 6 ports detected [ 589.089838][ T5383] usb 2-1: new high-speed USB device number 50 using ehci-pci [ 589.274991][ T5383] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 589.278360][ T5383] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 589.281637][ T5383] usb 2-1: Product: QEMU USB Tablet [ 589.283393][ T5383] usb 2-1: Manufacturer: QEMU [ 589.284920][ T5383] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 589.307409][ T5383] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00FA/input/input192 [ 589.388218][T18449] netdevsim netdevsim1: Direct firmware load for .Þ failed with error -2 [ 589.393181][T18449] netdevsim netdevsim1: Falling back to sysfs fallback for: .Þ [ 589.410830][ T5383] hid-generic 0003:0627:0001.00FA: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 589.566232][T18450] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 589.742346][T18458] FAULT_INJECTION: forcing a failure. [ 589.742346][T18458] name failslab, interval 1, probability 0, space 0, times 0 [ 589.753449][T18458] CPU: 0 UID: 0 PID: 18458 Comm: syz.0.3479 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 589.757352][T18458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 589.761253][T18458] Call Trace: [ 589.762510][T18458] [ 589.763593][T18458] dump_stack_lvl+0x16c/0x1f0 [ 589.765363][T18458] should_fail_ex+0x497/0x5b0 [ 589.767176][T18458] ? fs_reclaim_acquire+0xae/0x150 [ 589.769085][T18458] should_failslab+0xc2/0x120 [ 589.770606][T18458] __kmalloc_noprof+0xcb/0x410 [ 589.772341][T18458] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 589.774430][T18458] tomoyo_realpath_from_path+0xbf/0x710 [ 589.776485][T18458] ? tomoyo_path_number_perm+0x232/0x5b0 [ 589.778570][T18458] tomoyo_path_number_perm+0x245/0x5b0 [ 589.780582][T18458] ? tomoyo_path_number_perm+0x232/0x5b0 [ 589.782611][T18458] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 589.784782][T18458] ? trace_lock_acquire+0x14a/0x1d0 [ 589.786723][T18458] ? lock_acquire+0x2f/0xb0 [ 589.788415][T18458] ? __fget_files+0x40/0x3f0 [ 589.790143][T18458] ? __fget_files+0x244/0x3f0 [ 589.791898][T18458] security_file_ioctl_compat+0x9b/0x240 [ 589.793984][T18458] __do_compat_sys_ioctl+0x52/0x2b0 [ 589.795940][T18458] __do_fast_syscall_32+0x73/0x120 [ 589.797848][T18458] do_fast_syscall_32+0x32/0x80 [ 589.799658][T18458] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 589.802013][T18458] RIP: 0023:0xf743e579 [ 589.803537][T18458] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 589.810100][T18458] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 589.812318][T18458] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 000000004008ae89 [ 589.814429][T18458] RDX: 0000000020000280 RSI: 0000000000000000 RDI: 0000000000000000 [ 589.816518][T18458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 589.818624][T18458] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 589.821065][T18458] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 589.823835][T18458] [ 589.846992][T18458] ERROR: Out of memory at tomoyo_realpath_from_path. [ 590.340151][T18503] FAULT_INJECTION: forcing a failure. [ 590.340151][T18503] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 590.344812][T18503] CPU: 1 UID: 0 PID: 18503 Comm: syz.1.3487 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 590.348215][T18503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 590.351755][T18503] Call Trace: [ 590.352926][T18503] [ 590.353971][T18503] dump_stack_lvl+0x16c/0x1f0 [ 590.355621][T18503] should_fail_ex+0x497/0x5b0 [ 590.357144][T18503] _copy_from_user+0x30/0xf0 [ 590.358738][T18503] __sys_bpf+0x215/0x5780 [ 590.360239][T18503] ? ksys_write+0x21e/0x260 [ 590.361961][T18503] ? __pfx___sys_bpf+0x10/0x10 [ 590.363595][T18503] ? vfs_write+0x14d/0x1140 [ 590.365188][T18503] ? __mutex_unlock_slowpath+0x164/0x650 [ 590.366904][T18503] ? fput+0x30/0x390 [ 590.368152][T18503] ? ksys_write+0x1ad/0x260 [ 590.369726][T18503] ? __pfx_ksys_write+0x10/0x10 [ 590.371420][T18503] __ia32_sys_bpf+0x76/0xe0 [ 590.373010][T18503] __do_fast_syscall_32+0x73/0x120 [ 590.374884][T18503] do_fast_syscall_32+0x32/0x80 [ 590.376231][T18503] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 590.377894][T18503] RIP: 0023:0xf7fa5579 [ 590.378991][T18503] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 590.384127][T18503] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 590.386314][T18503] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00000000200000c0 [ 590.388376][T18503] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 590.390505][T18503] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 590.392587][T18503] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 590.394741][T18503] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 590.396865][T18503] [ 590.397773][ C1] vkms_vblank_simulate: vblank timer overrun [ 590.589520][T18517] syz.1.3488: attempt to access beyond end of device [ 590.589520][T18517] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 590.600637][T18517] EXT4-fs (loop1): unable to read superblock [ 590.622517][T18517] usb 2-1: USB disconnect, device number 50 [ 590.697783][T18518] hub 2-0:1.0: USB hub found [ 590.700770][T18518] hub 2-0:1.0: 6 ports detected [ 590.879733][T13246] usb 2-1: new high-speed USB device number 51 using ehci-pci [ 591.634085][T13246] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 591.637218][T13246] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 591.640083][T13246] usb 2-1: Product: QEMU USB Tablet [ 591.641541][T13246] usb 2-1: Manufacturer: QEMU [ 591.642807][T13246] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 591.677910][T13246] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00FB/input/input193 [ 591.679366][T18540] syz.3.3492: attempt to access beyond end of device [ 591.679366][T18540] loop3: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 591.691760][T18540] EXT4-fs (loop3): unable to read superblock [ 591.801316][T13246] hid-generic 0003:0627:0001.00FB: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 592.868956][T14377] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 592.871995][T14377] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 593.514588][T18569] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 593.827434][T18581] vivid-002: disconnect [ 593.839247][T18580] vivid-002: reconnect [ 594.798916][ T57] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 594.981545][ T57] usb 5-1: config 0 has no interfaces? [ 594.983126][ T57] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 594.985517][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 594.988738][ T57] usb 5-1: config 0 descriptor?? [ 595.578397][ T57] usb 5-1: USB disconnect, device number 22 [ 595.636039][T18615] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 596.062733][ T57] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 596.211117][ T57] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 596.214195][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 596.217121][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 596.220124][ T57] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 596.223664][ T57] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 596.226156][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 596.229247][ T57] usb 7-1: config 0 descriptor?? [ 596.231181][T18625] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 596.558533][T18640] netlink: 'syz.0.3516': attribute type 2 has an invalid length. [ 596.603427][T18640] : entered promiscuous mode [ 596.644458][ T57] plantronics 0003:047F:FFFF.00FC: unknown main item tag 0x0 [ 596.646544][ T57] plantronics 0003:047F:FFFF.00FC: unknown main item tag 0x0 [ 596.648822][ T57] plantronics 0003:047F:FFFF.00FC: No inputs registered, leaving [ 596.652603][ T57] plantronics 0003:047F:FFFF.00FC: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 596.929750][ T5403] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 597.092638][ T5403] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 597.095809][ T5403] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 597.098526][ T5403] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 597.102458][ T5403] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.105343][ T5403] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 597.108162][ T5403] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 597.111908][ T5403] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.114906][ T5403] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 597.117860][ T5403] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 597.122105][ T5403] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.125391][ T5403] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 597.128710][ T5403] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 597.139662][ T5403] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.144407][ T5403] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 597.147600][ T5403] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 597.153219][ T5403] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.157197][ T5403] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 597.161790][ T5403] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 597.165892][ T5403] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.169511][ T5403] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 597.176274][ T5403] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 597.180269][ T5403] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.183481][ T5403] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 597.184709][T18650] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 597.186967][ T5403] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 597.193648][ T5403] usb 5-1: config 0 interface 0 has no altsetting 0 [ 597.198254][ T5403] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 597.201634][ T5403] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 597.204765][ T5403] usb 5-1: Product: syz [ 597.206370][ T5403] usb 5-1: Manufacturer: syz [ 597.208133][ T5403] usb 5-1: SerialNumber: syz [ 597.211546][ T5403] usb 5-1: config 0 descriptor?? [ 597.217054][ T5403] yurex 5-1:0.0: USB YUREX device now attached to Yurex #1 [ 597.622861][ T57] usb 7-1: USB disconnect, device number 26 [ 598.589464][T18676] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3528'. [ 598.899981][ T57] usb 8-1: new low-speed USB device number 15 using dummy_hcd [ 599.052723][ T57] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 599.054773][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 599.057442][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 599.065407][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 17081, setting to 8 [ 599.069775][ T57] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 599.071806][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 599.074264][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 599.076992][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 17081, setting to 8 [ 599.086156][ T57] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 599.088133][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 599.090788][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 599.093341][ T57] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 17081, setting to 8 [ 599.098510][ T57] usb 8-1: string descriptor 0 read error: -22 [ 599.100311][ T57] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 599.102734][ T57] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 599.107644][ T57] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 599.230190][T13246] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 599.273824][ T30] usb 5-1: USB disconnect, device number 23 [ 599.276622][ T30] yurex 5-1:0.0: USB YUREX #1 now disconnected [ 599.334837][ T64] usb 8-1: USB disconnect, device number 15 [ 599.384720][T18690] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3533'. [ 599.387836][T18690] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 599.391262][T18690] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 599.394956][T18690] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 599.397542][T18690] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 599.397593][T13246] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 599.397909][T18693] FAULT_INJECTION: forcing a failure. [ 599.397909][T18693] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 599.397925][T18693] CPU: 3 UID: 0 PID: 18693 Comm: syz.0.3534 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 599.397937][T18693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 599.397943][T18693] Call Trace: [ 599.397947][T18693] [ 599.397951][T18693] dump_stack_lvl+0x16c/0x1f0 [ 599.397996][T18693] should_fail_ex+0x497/0x5b0 [ 599.398021][T18693] _copy_from_user+0x30/0xf0 [ 599.398035][T18693] __sys_bpf+0x215/0x5780 [ 599.398048][T18693] ? ksys_write+0x21e/0x260 [ 599.398061][T18693] ? __pfx___sys_bpf+0x10/0x10 [ 599.398083][T18693] ? vfs_write+0x14d/0x1140 [ 599.398097][T18693] ? __mutex_unlock_slowpath+0x164/0x650 [ 599.398118][T18693] ? fput+0x30/0x390 [ 599.398130][T18693] ? ksys_write+0x1ad/0x260 [ 599.398140][T18693] ? __pfx_ksys_write+0x10/0x10 [ 599.398152][T18693] __ia32_sys_bpf+0x76/0xe0 [ 599.398165][T18693] __do_fast_syscall_32+0x73/0x120 [ 599.398181][T18693] do_fast_syscall_32+0x32/0x80 [ 599.398194][T18693] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 599.398209][T18693] RIP: 0023:0xf743e579 [ 599.398217][T18693] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 599.398226][T18693] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 599.398237][T18693] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000340 [ 599.398243][T18693] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 599.398249][T18693] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 599.398255][T18693] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 599.398261][T18693] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 599.398272][T18693] [ 599.466255][T13246] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 599.469786][T13246] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 599.473111][T13246] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 599.486729][T18685] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 599.502101][T13246] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 599.711028][T18685] FAULT_INJECTION: forcing a failure. [ 599.711028][T18685] name failslab, interval 1, probability 0, space 0, times 0 [ 599.714366][T18685] CPU: 0 UID: 0 PID: 18685 Comm: syz.1.3532 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 599.717357][T18685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 599.721338][T18685] Call Trace: [ 599.722616][T18685] [ 599.723726][T18685] dump_stack_lvl+0x16c/0x1f0 [ 599.725429][T18685] should_fail_ex+0x497/0x5b0 [ 599.727084][T18685] ? fs_reclaim_acquire+0xae/0x150 [ 599.728835][T18685] should_failslab+0xc2/0x120 [ 599.730667][T18685] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 599.732191][T18685] ? getname_flags.part.0+0x4c/0x550 [ 599.733611][T18685] ? vfs_write+0x14d/0x1140 [ 599.735113][T18685] getname_flags.part.0+0x4c/0x550 [ 599.737006][T18685] getname+0x8d/0xe0 [ 599.738519][T18685] do_sys_openat2+0x104/0x1e0 [ 599.739869][T18685] ? __pfx_do_sys_openat2+0x10/0x10 [ 599.741471][T18685] ? __fget_files+0x244/0x3f0 [ 599.742768][T18685] __ia32_compat_sys_openat+0x16e/0x210 [ 599.744815][T18685] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 599.747085][T18685] ? ksys_write+0x1ad/0x260 [ 599.748767][T18685] __do_fast_syscall_32+0x73/0x120 [ 599.750668][T18685] do_fast_syscall_32+0x32/0x80 [ 599.752338][T18685] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 599.753985][T18685] RIP: 0023:0xf7fa5579 [ 599.755351][T18685] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 599.762215][T18685] RSP: 002b:00000000f570556c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 599.765239][T18685] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000040 [ 599.767923][T18685] RDX: 0000000000000011 RSI: 0000000000000000 RDI: 0000000000000000 [ 599.769950][T18685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 599.772105][T18685] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 599.774194][T18685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 599.776907][T18685] [ 600.175582][T18710] delete_channel: no stack [ 600.956132][T18707] delete_channel: no stack [ 601.071768][T18716] usb 2-1: USB disconnect, device number 51 [ 601.206355][T18716] hub 2-0:1.0: USB hub found [ 601.207961][T18716] hub 2-0:1.0: 6 ports detected [ 601.366211][ T57] usb 6-1: USB disconnect, device number 13 [ 601.389687][ T9] usb 2-1: new high-speed USB device number 52 using ehci-pci [ 601.591987][ T9] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 601.594433][ T9] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 601.596511][ T9] usb 2-1: Product: QEMU USB Tablet [ 601.597879][ T9] usb 2-1: Manufacturer: QEMU [ 601.599117][ T9] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 601.614902][ T9] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00FD/input/input195 [ 601.682546][ T9] hid-generic 0003:0627:0001.00FD: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 602.555392][T18742] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3547'. [ 602.625580][T18743] usb 2-1: USB disconnect, device number 52 [ 602.638468][T18744] delete_channel: no stack [ 602.811786][T18747] hub 2-0:1.0: USB hub found [ 602.813362][T18747] hub 2-0:1.0: 6 ports detected [ 602.982948][T18732] delete_channel: no stack [ 602.989761][ T57] usb 2-1: new high-speed USB device number 53 using ehci-pci [ 603.167949][ T57] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 603.170717][ T57] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 603.173115][ T57] usb 2-1: Product: QEMU USB Tablet [ 603.175912][ T57] usb 2-1: Manufacturer: QEMU [ 603.178352][ T57] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 603.208220][ T57] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00FE/input/input196 [ 603.271610][ T57] hid-generic 0003:0627:0001.00FE: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 603.555573][ T30] usb 6-1: new low-speed USB device number 14 using dummy_hcd [ 603.679755][ T30] usb 6-1: device descriptor read/64, error -71 [ 603.890488][T18768] FAULT_INJECTION: forcing a failure. [ 603.890488][T18768] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 603.894283][T18768] CPU: 1 UID: 0 PID: 18768 Comm: syz.2.3553 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 603.897933][T18768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 603.900792][T18768] Call Trace: [ 603.901718][T18768] [ 603.903234][T18768] dump_stack_lvl+0x16c/0x1f0 [ 603.904581][T18768] should_fail_ex+0x497/0x5b0 [ 603.905953][T18768] _copy_from_user+0x30/0xf0 [ 603.907266][T18768] get_compat_msghdr+0xa8/0x170 [ 603.908641][T18768] ? __pfx_get_compat_msghdr+0x10/0x10 [ 603.910229][T18768] ? __pfx___lock_acquire+0x10/0x10 [ 603.911717][T18768] ___sys_sendmsg+0x1b0/0x1e0 [ 603.912983][T18768] ? __pfx____sys_sendmsg+0x10/0x10 [ 603.914370][T18768] ? lock_acquire+0x2f/0xb0 [ 603.915566][T18768] ? __fget_files+0x40/0x3f0 [ 603.916790][T18768] ? fdget+0x176/0x210 [ 603.917866][T18768] __sys_sendmsg+0x117/0x1f0 [ 603.919104][T18768] ? __pfx___sys_sendmsg+0x10/0x10 [ 603.920458][T18768] ? __pfx___seccomp_filter+0x10/0x10 [ 603.921891][T18768] ? __secure_computing+0x273/0x3f0 [ 603.923394][T18768] __do_fast_syscall_32+0x73/0x120 [ 603.924746][T18768] do_fast_syscall_32+0x32/0x80 [ 603.926057][T18768] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 603.927724][T18768] RIP: 0023:0xf7fa8579 [ 603.928814][T18768] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 603.933987][T18768] RSP: 002b:00000000f56e456c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 603.936206][T18768] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020000340 [ 603.938323][T18768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 603.940412][T18768] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 603.942560][T18768] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 603.944717][T18768] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 603.946950][T18768] [ 604.091198][ T30] usb 6-1: new low-speed USB device number 15 using dummy_hcd [ 604.229687][ T30] usb 6-1: device descriptor read/64, error -71 [ 604.339828][ T30] usb usb6-port1: attempt power cycle [ 604.576247][T18778] mmap: syz.0.3556 (18778) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 604.679738][ T30] usb 6-1: new low-speed USB device number 16 using dummy_hcd [ 604.710177][ T30] usb 6-1: device descriptor read/8, error -71 [ 604.959771][ T30] usb 6-1: new low-speed USB device number 17 using dummy_hcd [ 604.980158][ T30] usb 6-1: device descriptor read/8, error -71 [ 605.090111][ T30] usb usb6-port1: unable to enumerate USB device [ 605.416139][T18792] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 605.738187][T18807] netlink: 'syz.1.3563': attribute type 2 has an invalid length. [ 605.759287][T18807] : entered promiscuous mode [ 605.759905][T18808] delete_channel: no stack [ 606.110930][T18814] usb 2-1: USB disconnect, device number 53 [ 606.139687][ T7413] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 606.170895][T18815] hub 2-0:1.0: USB hub found [ 606.200681][T18815] hub 2-0:1.0: 6 ports detected [ 606.320729][ T7413] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 606.324103][ T7413] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 606.327321][ T7413] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 606.339553][ T7413] usb 6-1: config 0 interface 0 has no altsetting 0 [ 606.399796][T13246] usb 2-1: new high-speed USB device number 54 using ehci-pci [ 606.460752][ T7413] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 606.463073][ T7413] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 606.465742][ T7413] usb 6-1: config 0 interface 0 has no altsetting 0 [ 606.468233][ T7413] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 606.470981][ T7413] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 606.473947][ T7413] usb 6-1: config 0 interface 0 has no altsetting 0 [ 606.476457][ T7413] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 606.478797][ T7413] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 606.482739][ T7413] usb 6-1: config 0 interface 0 has no altsetting 0 [ 606.485726][ T7413] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 606.491865][ T7413] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 606.494732][ T7413] usb 6-1: config 0 interface 0 has no altsetting 0 [ 606.497694][ T7413] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 606.500949][ T7413] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 606.503739][ T7413] usb 6-1: config 0 interface 0 has no altsetting 0 [ 606.507392][ T7413] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 606.511477][ T7413] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 606.514392][ T7413] usb 6-1: config 0 interface 0 has no altsetting 0 [ 606.517772][ T7413] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 606.521006][ T7413] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 606.523873][ T7413] usb 6-1: config 0 interface 0 has no altsetting 0 [ 606.529908][ T7413] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 606.533409][ T7413] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 606.535641][ T7413] usb 6-1: Product: syz [ 606.536967][ T7413] usb 6-1: Manufacturer: syz [ 606.538285][ T7413] usb 6-1: SerialNumber: syz [ 606.542404][T18802] delete_channel: no stack [ 606.545451][ T7413] usb 6-1: config 0 descriptor?? [ 606.561494][ T7413] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 606.584120][T13246] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 606.599034][T13246] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 606.613701][T13246] usb 2-1: Product: QEMU USB Tablet [ 606.619296][T13246] usb 2-1: Manufacturer: QEMU [ 606.627612][T13246] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 606.687243][T13246] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.00FF/input/input197 [ 606.748826][T18819] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3568'. [ 606.839308][T13246] hid-generic 0003:0627:0001.00FF: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 606.893817][T18821] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 606.907790][T18821] batman_adv: batadv0: Adding interface: gretap1 [ 606.910498][T18821] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 606.917051][T18821] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 607.059250][T18829] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3572'. [ 607.359723][ T57] usb 5-1: new low-speed USB device number 24 using dummy_hcd [ 607.489705][ T57] usb 5-1: device descriptor read/64, error -71 [ 607.548323][T18832] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 607.750456][ T57] usb 5-1: new low-speed USB device number 25 using dummy_hcd [ 607.779521][T18835] FAULT_INJECTION: forcing a failure. [ 607.779521][T18835] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 607.783666][T18835] CPU: 0 UID: 0 PID: 18835 Comm: syz.2.3574 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 607.787146][T18835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 607.790191][T18835] Call Trace: [ 607.791072][T18835] [ 607.791856][T18835] dump_stack_lvl+0x16c/0x1f0 [ 607.793193][T18835] should_fail_ex+0x497/0x5b0 [ 607.794467][T18835] _copy_from_user+0x30/0xf0 [ 607.795714][T18835] keyctl_pkey_params_get_2+0x106/0x3d0 [ 607.797235][T18835] ? __pfx_keyctl_pkey_params_get_2+0x10/0x10 [ 607.798856][T18835] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 607.800456][T18835] keyctl_pkey_e_d_s+0xa9/0x340 [ 607.801771][T18835] ? __pfx_keyctl_pkey_e_d_s+0x10/0x10 [ 607.803238][T18835] ? ksys_write+0x1ad/0x260 [ 607.804548][T18835] ? __pfx_ksys_write+0x10/0x10 [ 607.805854][T18835] __do_compat_sys_keyctl+0x424/0x440 [ 607.807294][T18835] __do_fast_syscall_32+0x73/0x120 [ 607.808699][T18835] do_fast_syscall_32+0x32/0x80 [ 607.810050][T18835] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 607.811906][T18835] RIP: 0023:0xf7fa8579 [ 607.813049][T18835] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 607.818156][T18835] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000120 [ 607.820468][T18835] RAX: ffffffffffffffda RBX: 000000000000001b RCX: 0000000020000000 [ 607.822597][T18835] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 607.824819][T18835] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 607.827076][T18835] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 607.829318][T18835] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 607.831574][T18835] [ 607.909751][ T57] usb 5-1: device descriptor read/64, error -71 [ 608.037652][ T57] usb usb5-port1: attempt power cycle [ 608.183030][T18840] 9pnet_fd: Insufficient options for proto=fd [ 608.399733][ T57] usb 5-1: new low-speed USB device number 26 using dummy_hcd [ 608.420170][ T57] usb 5-1: device descriptor read/8, error -71 [ 608.496253][T18848] batadv8: entered promiscuous mode [ 608.498261][T18848] 8021q: adding VLAN 0 to HW filter on device batadv8 [ 608.517448][ T7413] usb 6-1: USB disconnect, device number 18 [ 608.519844][ T7413] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 608.589116][T18850] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 608.593445][T18850] batman_adv: batadv0: Adding interface: gretap1 [ 608.595752][T18850] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 608.604532][T18850] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 608.642172][T18852] FAULT_INJECTION: forcing a failure. [ 608.642172][T18852] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 608.646997][T18852] CPU: 1 UID: 0 PID: 18852 Comm: syz.3.3581 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 608.650603][T18852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 608.653361][T18852] Call Trace: [ 608.654248][T18852] [ 608.655031][T18852] dump_stack_lvl+0x16c/0x1f0 [ 608.656272][T18852] should_fail_ex+0x497/0x5b0 [ 608.657513][T18852] _copy_from_user+0x30/0xf0 [ 608.658742][T18852] get_compat_msghdr+0xa8/0x170 [ 608.660020][T18852] ? __pfx_get_compat_msghdr+0x10/0x10 [ 608.661425][T18852] ? __pfx___lock_acquire+0x10/0x10 [ 608.662815][T18852] ___sys_sendmsg+0x1b0/0x1e0 [ 608.664062][T18852] ? __pfx____sys_sendmsg+0x10/0x10 [ 608.665428][T18852] ? lock_acquire+0x2f/0xb0 [ 608.666640][T18852] ? __fget_files+0x40/0x3f0 [ 608.667938][T18852] ? fdget+0x176/0x210 [ 608.669012][T18852] __sys_sendmsg+0x117/0x1f0 [ 608.669718][ T57] usb 5-1: new low-speed USB device number 27 using dummy_hcd [ 608.670218][T18852] ? __pfx___sys_sendmsg+0x10/0x10 [ 608.670230][T18852] ? __fget_files+0x244/0x3f0 [ 608.670247][T18852] __do_fast_syscall_32+0x73/0x120 [ 608.676208][T18852] do_fast_syscall_32+0x32/0x80 [ 608.677478][T18852] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 608.679124][T18852] RIP: 0023:0xf7f32579 [ 608.680187][T18852] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 608.685285][T18852] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 608.687442][T18852] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000280 [ 608.689508][T18852] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 608.691568][T18852] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 608.693582][T18852] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 608.695626][T18852] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 608.697663][T18852] [ 608.709217][T18854] batadv1: entered promiscuous mode [ 608.716799][T18854] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 608.738431][T18857] FAULT_INJECTION: forcing a failure. [ 608.738431][T18857] name failslab, interval 1, probability 0, space 0, times 0 [ 608.742029][T18857] CPU: 0 UID: 0 PID: 18857 Comm: syz.3.3583 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 608.745109][T18857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 608.749042][T18857] Call Trace: [ 608.749790][ T57] usb 5-1: device descriptor read/8, error -71 [ 608.750305][T18857] [ 608.750316][T18857] dump_stack_lvl+0x16c/0x1f0 [ 608.754842][T18857] should_fail_ex+0x497/0x5b0 [ 608.756134][T18857] ? fs_reclaim_acquire+0xae/0x150 [ 608.757476][T18857] should_failslab+0xc2/0x120 [ 608.758828][T18857] kmem_cache_alloc_node_noprof+0x71/0x310 [ 608.760433][T18857] ? __alloc_skb+0x2b3/0x380 [ 608.761668][T18857] __alloc_skb+0x2b3/0x380 [ 608.763072][T18857] ? __pfx___alloc_skb+0x10/0x10 [ 608.764836][T18857] ? __lock_acquire+0xbdd/0x3ce0 [ 608.766573][T18857] ? aa_label_sk_perm+0x19d/0x5a0 [ 608.767936][T18857] alloc_skb_with_frags+0xe4/0x850 [ 608.769264][T18857] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 608.770839][T18857] sock_alloc_send_pskb+0x7f1/0x980 [ 608.772294][T18857] ? __pfx___lock_acquire+0x10/0x10 [ 608.773697][T18857] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 608.775327][T18857] ? __pfx_lock_release+0x10/0x10 [ 608.776685][T18857] ? trace_lock_acquire+0x14a/0x1d0 [ 608.778020][T18857] ? __pfx___might_resched+0x10/0x10 [ 608.779425][T18857] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 608.780989][T18857] hci_sock_sendmsg+0x1c8/0x25e0 [ 608.782275][T18857] ? aa_file_perm+0x4d5/0xfe0 [ 608.783510][T18857] ? __pfx_aa_sk_perm+0x10/0x10 [ 608.784840][T18857] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 608.786398][T18857] sock_write_iter+0x4fe/0x5b0 [ 608.787621][T18857] ? __pfx_sock_write_iter+0x10/0x10 [ 608.789004][T18857] ? bpf_lsm_file_permission+0x9/0x10 [ 608.790412][T18857] ? security_file_permission+0x71/0x210 [ 608.791886][T18857] vfs_write+0x6b5/0x1140 [ 608.793019][T18857] ? __pfx_sock_write_iter+0x10/0x10 [ 608.794425][T18857] ? trace_lock_acquire+0x14a/0x1d0 [ 608.795778][T18857] ? __pfx_vfs_write+0x10/0x10 [ 608.797059][T18857] ? __fget_files+0x40/0x3f0 [ 608.798282][T18857] ksys_write+0x1fa/0x260 [ 608.799413][T18857] ? __pfx_ksys_write+0x10/0x10 [ 608.800695][T18857] __do_fast_syscall_32+0x73/0x120 [ 608.802069][T18857] do_fast_syscall_32+0x32/0x80 [ 608.803346][T18857] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 608.805335][T18857] RIP: 0023:0xf7f32579 [ 608.806504][T18857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 608.811646][T18857] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 608.813920][T18857] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040 [ 608.816059][T18857] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000 [ 608.818149][T18857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 608.820225][T18857] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 608.822304][T18857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 608.825341][T18857] [ 608.870664][ T57] usb usb5-port1: unable to enumerate USB device [ 609.087658][T18871] syz.1.3586: attempt to access beyond end of device [ 609.087658][T18871] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 609.091201][T18871] EXT4-fs (loop1): unable to read superblock [ 609.140019][T18872] usb 2-1: USB disconnect, device number 54 [ 609.207017][T18873] hub 2-0:1.0: USB hub found [ 609.209457][T18873] hub 2-0:1.0: 6 ports detected [ 609.369743][T15083] usb 2-1: new high-speed USB device number 55 using ehci-pci [ 609.459721][ T7413] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 609.554304][T15083] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 609.556813][T15083] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 609.558935][T15083] usb 2-1: Product: QEMU USB Tablet [ 609.560554][T15083] usb 2-1: Manufacturer: QEMU [ 609.562201][T15083] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 609.577314][T15083] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0100/input/input198 [ 609.611057][ T7413] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 609.613976][ T7413] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 609.616480][ T7413] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 609.618895][ T7413] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 609.630127][T18862] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 609.634431][ T7413] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 609.657214][T15083] hid-generic 0003:0627:0001.0100: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 610.036601][ T57] IPVS: starting estimator thread 0... [ 610.119874][T18882] IPVS: using max 36 ests per chain, 86400 per kthread [ 610.313560][T18890] usb 2-1: USB disconnect, device number 55 [ 610.412660][T18890] hub 2-0:1.0: USB hub found [ 610.418046][T18890] hub 2-0:1.0: 6 ports detected [ 610.589767][T13246] usb 2-1: new high-speed USB device number 56 using ehci-pci [ 610.609827][ T57] usb 8-1: USB disconnect, device number 16 [ 610.769980][T13246] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 610.772720][T13246] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 610.775521][T13246] usb 2-1: Product: QEMU USB Tablet [ 610.777187][T13246] usb 2-1: Manufacturer: QEMU [ 610.778714][T13246] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 610.798453][T13246] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0101/input/input199 [ 610.861167][T13246] hid-generic 0003:0627:0001.0101: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 611.146269][T18898] delete_channel: no stack [ 611.157486][T18900] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3592'. [ 611.692105][T18895] delete_channel: no stack [ 613.344583][T18930] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3601'. [ 613.397040][T18932] FAULT_INJECTION: forcing a failure. [ 613.397040][T18932] name failslab, interval 1, probability 0, space 0, times 0 [ 613.400446][T18932] CPU: 1 UID: 0 PID: 18932 Comm: syz.3.3602 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 613.403167][T18932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 613.405872][T18932] Call Trace: [ 613.406736][T18932] [ 613.407491][T18932] dump_stack_lvl+0x16c/0x1f0 [ 613.408747][T18932] should_fail_ex+0x497/0x5b0 [ 613.409985][T18932] ? fs_reclaim_acquire+0xae/0x150 [ 613.411261][T18932] should_failslab+0xc2/0x120 [ 613.412419][T18932] __kmalloc_noprof+0xcb/0x410 [ 613.413639][T18932] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 613.415116][T18932] tomoyo_realpath_from_path+0xbf/0x710 [ 613.416557][T18932] ? tomoyo_path_number_perm+0x232/0x5b0 [ 613.418052][T18932] tomoyo_path_number_perm+0x245/0x5b0 [ 613.419476][T18932] ? tomoyo_path_number_perm+0x232/0x5b0 [ 613.421080][T18932] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 613.422725][T18932] ? trace_lock_acquire+0x14a/0x1d0 [ 613.424145][T18932] ? lock_acquire+0x2f/0xb0 [ 613.425376][T18932] ? __fget_files+0x40/0x3f0 [ 613.426617][T18932] ? __fget_files+0x244/0x3f0 [ 613.427859][T18932] security_file_ioctl_compat+0x9b/0x240 [ 613.429333][T18932] __do_compat_sys_ioctl+0x52/0x2b0 [ 613.430871][T18932] __do_fast_syscall_32+0x73/0x120 [ 613.432217][T18932] do_fast_syscall_32+0x32/0x80 [ 613.433588][T18932] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 613.435245][T18932] RIP: 0023:0xf7f32579 [ 613.436319][T18932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 613.441393][T18932] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 613.443649][T18932] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000004010ae42 [ 613.445723][T18932] RDX: 00000000200000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 613.447798][T18932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 613.449882][T18932] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 613.451944][T18932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 613.454322][T18932] [ 613.456012][T18932] ERROR: Out of memory at tomoyo_realpath_from_path. [ 613.699267][T18946] FAULT_INJECTION: forcing a failure. [ 613.699267][T18946] name failslab, interval 1, probability 0, space 0, times 0 [ 613.702711][T18946] CPU: 2 UID: 0 PID: 18946 Comm: syz.3.3607 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 613.705590][T18946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 613.708466][T18946] Call Trace: [ 613.709371][T18946] [ 613.710171][T18946] dump_stack_lvl+0x16c/0x1f0 [ 613.711458][T18946] should_fail_ex+0x497/0x5b0 [ 613.712736][T18946] ? fs_reclaim_acquire+0xae/0x150 [ 613.714107][T18946] should_failslab+0xc2/0x120 [ 613.715390][T18946] __kmalloc_noprof+0xcb/0x410 [ 613.716665][T18946] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 613.718166][T18946] tomoyo_realpath_from_path+0xbf/0x710 [ 613.719679][T18946] ? tomoyo_path_number_perm+0x232/0x5b0 [ 613.721168][T18946] tomoyo_path_number_perm+0x245/0x5b0 [ 613.722643][T18946] ? tomoyo_path_number_perm+0x232/0x5b0 [ 613.724179][T18946] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 613.725803][T18946] ? trace_lock_acquire+0x14a/0x1d0 [ 613.727209][T18946] ? lock_acquire+0x2f/0xb0 [ 613.728460][T18946] ? __fget_files+0x40/0x3f0 [ 613.729711][T18946] ? __fget_files+0x244/0x3f0 [ 613.731166][T18946] security_file_ioctl_compat+0x9b/0x240 [ 613.732640][T18946] __do_compat_sys_ioctl+0x52/0x2b0 [ 613.734089][T18946] __do_fast_syscall_32+0x73/0x120 [ 613.735482][T18946] do_fast_syscall_32+0x32/0x80 [ 613.736783][T18946] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 613.738475][T18946] RIP: 0023:0xf7f32579 [ 613.739566][T18946] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 613.744707][T18946] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 613.746926][T18946] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000001268 [ 613.749022][T18946] RDX: 0000000020000d40 RSI: 0000000000000000 RDI: 0000000000000000 [ 613.751126][T18946] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 613.751561][T18947] syz.1.3606: attempt to access beyond end of device [ 613.751561][T18947] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 613.753171][T18946] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 613.753181][T18946] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 613.753196][T18946] [ 613.753268][ C2] vkms_vblank_simulate: vblank timer overrun [ 613.756775][T18947] EXT4-fs (loop1): unable to read superblock [ 613.762910][T18946] ERROR: Out of memory at tomoyo_realpath_from_path. [ 613.773384][T18947] usb 2-1: USB disconnect, device number 56 [ 613.846443][T18952] hub 2-0:1.0: USB hub found [ 613.848180][T18952] hub 2-0:1.0: 6 ports detected [ 613.872567][T18954] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3610'. [ 614.019804][ T5383] usb 2-1: new high-speed USB device number 57 using ehci-pci [ 614.210192][T18967] tap0: tun_chr_ioctl cmd 1074025677 [ 614.211798][T18967] tap0: linktype set to 780 [ 614.218627][T18967] xt_CT: You must specify a L4 protocol and not use inversions on it [ 614.229162][ T5383] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 614.247698][ T5383] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 614.262771][ T5383] usb 2-1: Product: QEMU USB Tablet [ 614.266240][ T5383] usb 2-1: Manufacturer: QEMU [ 614.285892][ T5383] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 614.387184][ T5383] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0102/input/input200 [ 614.451284][ T5383] hid-generic 0003:0627:0001.0102: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 614.513068][T18973] FAULT_INJECTION: forcing a failure. [ 614.513068][T18973] name failslab, interval 1, probability 0, space 0, times 0 [ 614.516751][T18973] CPU: 2 UID: 0 PID: 18973 Comm: syz.2.3617 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 614.519726][T18973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 614.522597][T18973] Call Trace: [ 614.523475][T18973] [ 614.524251][T18973] dump_stack_lvl+0x16c/0x1f0 [ 614.525497][T18973] should_fail_ex+0x497/0x5b0 [ 614.526741][T18973] ? fs_reclaim_acquire+0xae/0x150 [ 614.528076][T18973] should_failslab+0xc2/0x120 [ 614.529302][T18973] kmem_cache_alloc_node_noprof+0x71/0x310 [ 614.531071][T18973] ? __alloc_skb+0x2b3/0x380 [ 614.532347][T18973] __alloc_skb+0x2b3/0x380 [ 614.533594][T18973] ? __pfx___alloc_skb+0x10/0x10 [ 614.534984][T18973] ? __lock_acquire+0xbdd/0x3ce0 [ 614.536341][T18973] ? aa_label_sk_perm+0x19d/0x5a0 [ 614.537722][T18973] alloc_skb_with_frags+0xe4/0x850 [ 614.539069][T18973] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 614.540459][T18973] sock_alloc_send_pskb+0x7f1/0x980 [ 614.541881][T18973] ? __pfx___lock_acquire+0x10/0x10 [ 614.543234][T18973] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 614.544701][T18973] ? __pfx_lock_release+0x10/0x10 [ 614.546021][T18973] ? trace_lock_acquire+0x14a/0x1d0 [ 614.547369][T18973] ? __pfx___might_resched+0x10/0x10 [ 614.549144][T18973] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 614.550991][T18973] hci_sock_sendmsg+0x1c8/0x25e0 [ 614.552682][T18973] ? aa_file_perm+0x4d5/0xfe0 [ 614.554005][T18973] ? __pfx_aa_sk_perm+0x10/0x10 [ 614.555344][T18973] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 614.556783][T18973] sock_write_iter+0x4fe/0x5b0 [ 614.558042][T18973] ? __pfx_sock_write_iter+0x10/0x10 [ 614.559413][T18973] ? bpf_lsm_file_permission+0x9/0x10 [ 614.560810][T18973] ? security_file_permission+0x71/0x210 [ 614.562577][T18973] vfs_write+0x6b5/0x1140 [ 614.563701][T18973] ? __pfx_sock_write_iter+0x10/0x10 [ 614.565067][T18973] ? trace_lock_acquire+0x14a/0x1d0 [ 614.566757][T18973] ? __pfx_vfs_write+0x10/0x10 [ 614.568020][T18973] ? __fget_files+0x40/0x3f0 [ 614.569243][T18973] ksys_write+0x1fa/0x260 [ 614.570524][T18973] ? __pfx_ksys_write+0x10/0x10 [ 614.571981][T18973] __do_fast_syscall_32+0x73/0x120 [ 614.573352][T18973] do_fast_syscall_32+0x32/0x80 [ 614.574722][T18973] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 614.576395][T18973] RIP: 0023:0xf7fa8579 [ 614.577490][T18973] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 614.582688][T18973] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 614.585305][T18973] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000000 [ 614.587667][T18973] RDX: 000000000000000d RSI: 0000000000000000 RDI: 0000000000000000 [ 614.590089][T18973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 614.592214][T18973] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 614.594332][T18973] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 614.596415][T18973] [ 614.597628][ C2] vkms_vblank_simulate: vblank timer overrun [ 615.036475][T18991] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3624'. [ 615.039474][T18991] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3624'. [ 615.125955][T19008] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3629'. [ 615.130177][T19008] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3629'. [ 615.282498][T19021] netlink: 5 bytes leftover after parsing attributes in process `syz.0.3634'. [ 615.294896][T19023] FAULT_INJECTION: forcing a failure. [ 615.294896][T19023] name failslab, interval 1, probability 0, space 0, times 0 [ 615.298156][T19023] CPU: 2 UID: 0 PID: 19023 Comm: syz.3.3635 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 615.300938][T19023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 615.303723][T19023] Call Trace: [ 615.304606][T19023] [ 615.305393][T19023] dump_stack_lvl+0x16c/0x1f0 [ 615.306653][T19023] should_fail_ex+0x497/0x5b0 [ 615.307897][T19023] ? fs_reclaim_acquire+0xae/0x150 [ 615.309219][T19023] should_failslab+0xc2/0x120 [ 615.310469][T19023] __kmalloc_noprof+0xcb/0x410 [ 615.311722][T19023] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 615.313183][T19023] tomoyo_realpath_from_path+0xbf/0x710 [ 615.314640][T19023] ? tomoyo_path_number_perm+0x232/0x5b0 [ 615.316094][T19023] tomoyo_path_number_perm+0x245/0x5b0 [ 615.317503][T19023] ? tomoyo_path_number_perm+0x232/0x5b0 [ 615.318971][T19023] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 615.320534][T19023] ? trace_lock_acquire+0x14a/0x1d0 [ 615.321911][T19023] ? lock_acquire+0x2f/0xb0 [ 615.323102][T19023] ? __fget_files+0x40/0x3f0 [ 615.324303][T19023] ? __fget_files+0x244/0x3f0 [ 615.325523][T19023] security_file_ioctl_compat+0x9b/0x240 [ 615.326981][T19023] __do_compat_sys_ioctl+0x52/0x2b0 [ 615.328363][T19023] __do_fast_syscall_32+0x73/0x120 [ 615.329772][T19023] do_fast_syscall_32+0x32/0x80 [ 615.331055][T19023] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 615.332692][T19023] RIP: 0023:0xf7f32579 [ 615.333752][T19023] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 615.338792][T19023] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 615.340941][T19023] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c020aa08 [ 615.343000][T19023] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 615.345029][T19023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 615.347005][T19023] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 615.349031][T19023] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 615.351071][T19023] [ 615.351958][ C2] vkms_vblank_simulate: vblank timer overrun [ 615.358936][T19023] ERROR: Out of memory at tomoyo_realpath_from_path. [ 615.543692][T19041] random: crng reseeded on system resumption [ 615.632541][T19046] usb 2-1: USB disconnect, device number 57 [ 615.683391][T19046] hub 2-0:1.0: USB hub found [ 615.687019][T19046] hub 2-0:1.0: 6 ports detected [ 615.860075][ T5383] usb 2-1: new high-speed USB device number 58 using ehci-pci [ 616.056634][ T5383] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 616.059391][ T5383] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 616.062267][ T5383] usb 2-1: Product: QEMU USB Tablet [ 616.064310][ T5383] usb 2-1: Manufacturer: QEMU [ 616.066796][ T5383] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 616.097792][ T5383] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0103/input/input201 [ 616.162067][ T5383] hid-generic 0003:0627:0001.0103: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 616.479925][T19062] random: crng reseeded on system resumption [ 616.490270][T19062] FAULT_INJECTION: forcing a failure. [ 616.490270][T19062] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 616.494122][T19062] CPU: 2 UID: 0 PID: 19062 Comm: syz.2.3646 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 616.496991][T19062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 616.500088][T19062] Call Trace: [ 616.501009][T19062] [ 616.501900][T19062] dump_stack_lvl+0x16c/0x1f0 [ 616.503193][T19062] should_fail_ex+0x497/0x5b0 [ 616.504577][T19062] should_fail_alloc_page+0xe7/0x130 [ 616.506067][T19062] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 616.507842][T19062] __alloc_pages_noprof+0x190/0x25a0 [ 616.509272][T19062] ? hlock_class+0x4e/0x130 [ 616.510515][T19062] ? __lock_acquire+0x163e/0x3ce0 [ 616.512239][T19062] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 616.514273][T19062] ? lock_acquire.part.0+0x11b/0x380 [ 616.516159][T19062] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 616.518683][T19062] ? policy_nodemask+0xea/0x4e0 [ 616.520476][T19062] alloc_pages_mpol_noprof+0x2c9/0x610 [ 616.522488][T19062] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 616.524629][T19062] ? rcu_is_watching+0x12/0xc0 [ 616.526369][T19062] ? trace_contention_end+0xea/0x140 [ 616.528311][T19062] ? __mutex_lock+0x1a6/0x9c0 [ 616.529991][T19062] get_zeroed_page_noprof+0x14/0x50 [ 616.531605][T19062] get_image_page+0x18/0x190 [ 616.533218][T19062] snapshot_write_next+0x7aa/0x1470 [ 616.535044][T19062] ? snapshot_write_next+0x40/0x1470 [ 616.536905][T19062] ? __pfx_wait_for_device_probe+0x10/0x10 [ 616.538970][T19062] ? snapshot_write+0x1ea/0x250 [ 616.540686][T19062] snapshot_write+0x1ea/0x250 [ 616.542372][T19062] ? __pfx_snapshot_write+0x10/0x10 [ 616.544192][T19062] ? bpf_lsm_file_permission+0x9/0x10 [ 616.546088][T19062] ? security_file_permission+0x71/0x210 [ 616.548620][T19062] ? __pfx_snapshot_write+0x10/0x10 [ 616.550571][T19062] vfs_write+0x28e/0x1140 [ 616.552171][T19062] ? __fget_files+0x23a/0x3f0 [ 616.554036][T19062] ? __pfx_lock_release+0x10/0x10 [ 616.555917][T19062] ? trace_lock_acquire+0x14a/0x1d0 [ 616.557860][T19062] ? __pfx_vfs_write+0x10/0x10 [ 616.559621][T19062] ? lock_acquire+0x2f/0xb0 [ 616.561430][T19062] ? __fget_files+0x40/0x3f0 [ 616.563129][T19062] ? __fget_files+0x244/0x3f0 [ 616.564833][T19062] ksys_write+0x12f/0x260 [ 616.566338][T19062] ? __pfx_ksys_write+0x10/0x10 [ 616.568075][T19062] __do_fast_syscall_32+0x73/0x120 [ 616.569907][T19062] do_fast_syscall_32+0x32/0x80 [ 616.571621][T19062] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 616.573860][T19062] RIP: 0023:0xf7fa8579 [ 616.574892][T19062] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 616.579982][T19062] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 616.582075][T19062] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 616.584053][T19062] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 616.586041][T19062] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 616.588030][T19062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 616.590020][T19062] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 616.592008][T19062] [ 616.592878][ C2] vkms_vblank_simulate: vblank timer overrun [ 616.695011][T19069] nbd: must specify a device to reconfigure [ 616.702249][T19071] netlink: 112 bytes leftover after parsing attributes in process `syz.3.3649'. [ 616.932688][T19078] FAULT_INJECTION: forcing a failure. [ 616.932688][T19078] name failslab, interval 1, probability 0, space 0, times 0 [ 616.935971][T19078] CPU: 2 UID: 0 PID: 19078 Comm: syz.1.3652 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 616.938850][T19078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 616.941630][T19078] Call Trace: [ 616.942523][T19078] [ 616.943299][T19078] dump_stack_lvl+0x16c/0x1f0 [ 616.944516][T19078] should_fail_ex+0x497/0x5b0 [ 616.945718][T19078] ? fs_reclaim_acquire+0xae/0x150 [ 616.947059][T19078] should_failslab+0xc2/0x120 [ 616.948293][T19078] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 616.949697][T19078] ? getname_flags.part.0+0x4c/0x550 [ 616.951178][T19078] ? vfs_write+0x14d/0x1140 [ 616.952372][T19078] getname_flags.part.0+0x4c/0x550 [ 616.953721][T19078] getname+0x8d/0xe0 [ 616.954758][T19078] do_sys_openat2+0x104/0x1e0 [ 616.955985][T19078] ? __pfx_do_sys_openat2+0x10/0x10 [ 616.957354][T19078] ? __fget_files+0x244/0x3f0 [ 616.958600][T19078] __ia32_compat_sys_openat+0x16e/0x210 [ 616.960054][T19078] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 616.961647][T19078] ? ksys_write+0x1ad/0x260 [ 616.962851][T19078] __do_fast_syscall_32+0x73/0x120 [ 616.964195][T19078] do_fast_syscall_32+0x32/0x80 [ 616.965468][T19078] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 616.967111][T19078] RIP: 0023:0xf7fa5579 [ 616.968183][T19078] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 616.973137][T19078] RSP: 002b:00000000f5726110 EFLAGS: 00000293 ORIG_RAX: 0000000000000127 [ 616.975296][T19078] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5726160 [ 616.977339][T19078] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 00000000f742bff4 [ 616.979395][T19078] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 616.981451][T19078] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 616.983518][T19078] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 616.985543][T19078] [ 617.249754][T15083] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 617.399752][T15083] usb 6-1: Using ep0 maxpacket: 8 [ 617.402454][T15083] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 617.407822][T15083] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 617.416026][T15083] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 617.419487][T15083] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 617.422940][T15083] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 617.425570][T15083] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 617.638217][T15083] usb 6-1: usb_control_msg returned -32 [ 617.638599][T19084] FAULT_INJECTION: forcing a failure. [ 617.638599][T19084] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 617.639992][T15083] usbtmc 6-1:16.0: can't read capabilities [ 617.644017][T19084] CPU: 3 UID: 0 PID: 19084 Comm: syz.3.3654 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 617.647634][T19084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 617.650402][T19084] Call Trace: [ 617.651274][T19084] [ 617.652051][T19084] dump_stack_lvl+0x16c/0x1f0 [ 617.653274][T19084] should_fail_ex+0x497/0x5b0 [ 617.654503][T19084] _copy_to_user+0x30/0xc0 [ 617.655674][T19084] simple_read_from_buffer+0xd0/0x160 [ 617.657069][T19084] proc_fail_nth_read+0x198/0x270 [ 617.658396][T19084] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 617.659833][T19084] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 617.661268][T19084] vfs_read+0x1ce/0xbd0 [ 617.662390][T19084] ? __fget_files+0x23a/0x3f0 [ 617.663620][T19084] ? fdget_pos+0x24c/0x360 [ 617.664785][T19084] ? __pfx_lock_release+0x10/0x10 [ 617.666115][T19084] ? trace_lock_acquire+0x14a/0x1d0 [ 617.667466][T19084] ? __pfx_vfs_read+0x10/0x10 [ 617.668696][T19084] ? __pfx___mutex_lock+0x10/0x10 [ 617.670041][T19084] ? __fget_files+0x244/0x3f0 [ 617.671266][T19084] ksys_read+0x12f/0x260 [ 617.672374][T19084] ? __pfx_ksys_read+0x10/0x10 [ 617.673626][T19084] __do_fast_syscall_32+0x73/0x120 [ 617.674975][T19084] do_fast_syscall_32+0x32/0x80 [ 617.676258][T19084] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 617.677985][T19084] RIP: 0023:0xf7f32579 [ 617.679054][T19084] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 617.684111][T19084] RSP: 002b:00000000f56b65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 617.686296][T19084] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56b6620 [ 617.688331][T19084] RDX: 000000000000000f RSI: 00000000f73bbff4 RDI: 0000000000000000 [ 617.690390][T19084] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 617.692417][T19084] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 617.694467][T19084] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 617.696507][T19084] [ 618.588293][ T39] audit: type=1326 audit(1729407457.914:7342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.596163][ T39] audit: type=1326 audit(1729407457.914:7343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.596804][T19105] FAULT_INJECTION: forcing a failure. [ 618.596804][T19105] name failslab, interval 1, probability 0, space 0, times 0 [ 618.597187][T19107] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3661'. [ 618.597204][T19107] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3661'. [ 618.607695][ T39] audit: type=1326 audit(1729407457.914:7344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.610395][T19105] CPU: 2 UID: 0 PID: 19105 Comm: syz.0.3660 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 618.613863][ T39] audit: type=1326 audit(1729407457.914:7345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.619156][T19105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 618.619165][T19105] Call Trace: [ 618.619169][T19105] [ 618.619174][T19105] dump_stack_lvl+0x16c/0x1f0 [ 618.619193][T19105] should_fail_ex+0x497/0x5b0 [ 618.619208][T19105] ? fs_reclaim_acquire+0xae/0x150 [ 618.619220][T19105] should_failslab+0xc2/0x120 [ 618.619235][T19105] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 618.641993][T19105] ? mpol_new+0x11b/0x2d0 [ 618.643395][T19105] mpol_new+0x11b/0x2d0 [ 618.644824][T19105] do_set_mempolicy+0x84/0x410 [ 618.646390][T19105] ? __pfx_do_set_mempolicy+0x10/0x10 [ 618.648217][T19105] ? __fget_files+0x244/0x3f0 [ 618.649467][T19105] kernel_set_mempolicy+0x1c6/0x1e0 [ 618.650838][T19105] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 618.652428][T19105] ? syscall_user_dispatch+0x77/0x140 [ 618.654263][T19105] __do_fast_syscall_32+0x73/0x120 [ 618.655793][T19105] do_fast_syscall_32+0x32/0x80 [ 618.657402][T19105] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 618.659249][T19105] RIP: 0023:0xf743e579 [ 618.660322][T19105] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 618.665686][T19105] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000114 [ 618.668322][T19105] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000020000080 [ 618.670451][T19105] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000000 [ 618.672309][T19105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 618.674312][T19105] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 618.676343][T19105] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 618.678392][T19105] [ 618.699704][ T39] audit: type=1326 audit(1729407457.914:7346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.707018][ T39] audit: type=1326 audit(1729407457.914:7347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.715446][T19111] netlink: 'syz.2.3662': attribute type 12 has an invalid length. [ 618.717452][ T39] audit: type=1326 audit(1729407457.914:7348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.717483][ T39] audit: type=1326 audit(1729407457.914:7349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.725467][T19111] netlink: 197276 bytes leftover after parsing attributes in process `syz.2.3662'. [ 618.733748][ T39] audit: type=1326 audit(1729407457.924:7350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.741474][ T39] audit: type=1326 audit(1729407457.924:7351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19106 comm="syz.2.3661" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa8579 code=0x7ffc0000 [ 618.754322][T19115] sp0: Synchronizing with TNC [ 618.989722][ T5550] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 619.153195][ T5550] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 619.158932][ T5550] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 619.183315][ T5550] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 619.188728][ T5550] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 619.193249][T19113] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 619.196801][ T5550] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 619.396664][ T57] usb 5-1: USB disconnect, device number 28 [ 619.605852][T19113] FAULT_INJECTION: forcing a failure. [ 619.605852][T19113] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 619.609807][T19113] CPU: 3 UID: 0 PID: 19113 Comm: syz.0.3663 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 619.612573][T19113] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 619.616173][T19113] Call Trace: [ 619.618005][T19113] [ 619.618795][T19113] dump_stack_lvl+0x16c/0x1f0 [ 619.620084][T19113] should_fail_ex+0x497/0x5b0 [ 619.621431][T19113] _copy_to_user+0x30/0xc0 [ 619.622669][T19113] simple_read_from_buffer+0xd0/0x160 [ 619.624087][T19113] proc_fail_nth_read+0x198/0x270 [ 619.625416][T19113] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 619.626893][T19113] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 619.628502][T19113] vfs_read+0x1ce/0xbd0 [ 619.629872][T19113] ? __fget_files+0x23a/0x3f0 [ 619.631111][T19113] ? fdget_pos+0x24c/0x360 [ 619.632280][T19113] ? __pfx_lock_release+0x10/0x10 [ 619.633601][T19113] ? trace_lock_acquire+0x14a/0x1d0 [ 619.635069][T19113] ? __pfx_vfs_read+0x10/0x10 [ 619.636327][T19113] ? __pfx___mutex_lock+0x10/0x10 [ 619.637611][T19113] ? __fget_files+0x244/0x3f0 [ 619.638874][T19113] ksys_read+0x12f/0x260 [ 619.640094][T19113] ? __pfx_ksys_read+0x10/0x10 [ 619.641378][T19113] __do_fast_syscall_32+0x73/0x120 [ 619.642779][T19113] do_fast_syscall_32+0x32/0x80 [ 619.644090][T19113] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 619.645740][T19113] RIP: 0023:0xf743e579 [ 619.646839][T19113] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 619.652147][T19113] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 619.654329][T19113] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5726620 [ 619.656377][T19113] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 619.658443][T19113] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 619.660506][T19113] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 619.662567][T19113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 619.664628][T19113] [ 619.682588][T19126] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3666'. [ 619.832493][T19131] 9pnet_fd: Insufficient options for proto=fd [ 620.037423][ T5550] usb 6-1: USB disconnect, device number 19 [ 620.219286][T19149] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 620.252076][T19154] syz.1.3670: attempt to access beyond end of device [ 620.252076][T19154] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 620.262835][T19154] EXT4-fs (loop1): unable to read superblock [ 620.285487][T19154] usb 2-1: USB disconnect, device number 58 [ 620.454647][T19162] hub 2-0:1.0: USB hub found [ 620.462397][T19162] hub 2-0:1.0: 6 ports detected [ 620.511831][T19166] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3676'. [ 620.679757][ T9] usb 2-1: new high-speed USB device number 59 using ehci-pci [ 621.006157][ T9] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 621.009363][ T9] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 621.012214][ T9] usb 2-1: Product: QEMU USB Tablet [ 621.013656][ T9] usb 2-1: Manufacturer: QEMU [ 621.015503][ T9] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 621.044300][ T9] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0104/input/input202 [ 621.059739][ T5383] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 621.154753][ T9] hid-generic 0003:0627:0001.0104: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 621.209836][ T5383] usb 7-1: Using ep0 maxpacket: 8 [ 621.213627][ T5383] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 621.220447][ T5383] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 621.262091][ T5383] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 621.265259][ T5383] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 621.269509][ T5383] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 621.326613][ T5383] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.559505][T19184] FAULT_INJECTION: forcing a failure. [ 621.559505][T19184] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 621.570487][T19184] CPU: 0 UID: 0 PID: 19184 Comm: syz.0.3682 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 621.573597][T19184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 621.576390][T19184] Call Trace: [ 621.577240][T19184] [ 621.578008][T19184] dump_stack_lvl+0x16c/0x1f0 [ 621.579205][T19184] should_fail_ex+0x497/0x5b0 [ 621.580484][T19184] _copy_from_user+0x30/0xf0 [ 621.581992][T19184] pppol2tp_setsockopt+0x176/0x650 [ 621.583484][T19184] ? __pfx_pppol2tp_setsockopt+0x10/0x10 [ 621.584966][T19184] ? __pfx_pppol2tp_setsockopt+0x10/0x10 [ 621.586461][T19184] do_sock_setsockopt+0x222/0x480 [ 621.588065][T19184] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 621.589597][T19184] ? fdget+0x176/0x210 [ 621.590710][T19184] __sys_setsockopt+0x1a4/0x270 [ 621.592001][T19184] ? __pfx___sys_setsockopt+0x10/0x10 [ 621.593989][T19184] ? fput+0x30/0x390 [ 621.595334][T19184] ? ksys_write+0x1ad/0x260 [ 621.596886][T19184] ? __pfx_ksys_write+0x10/0x10 [ 621.598586][T19184] __ia32_sys_setsockopt+0xbc/0x160 [ 621.600355][T19184] ? lockdep_hardirqs_on+0x7c/0x110 [ 621.602163][T19184] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 621.604368][T19184] __do_fast_syscall_32+0x73/0x120 [ 621.606194][T19184] do_fast_syscall_32+0x32/0x80 [ 621.607576][T19184] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 621.609216][T19184] RIP: 0023:0xf743e579 [ 621.610311][T19184] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 621.615250][T19184] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 621.617397][T19184] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000111 [ 621.619464][T19184] RDX: 0000000000000003 RSI: 0000000020000000 RDI: 0000000000000004 [ 621.621770][T19184] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 621.623823][T19184] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 621.625881][T19184] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 621.627925][T19184] [ 621.628868][ C0] vkms_vblank_simulate: vblank timer overrun [ 621.631094][ T5383] usb 7-1: usb_control_msg returned -32 [ 621.632642][ T5383] usbtmc 7-1:16.0: can't read capabilities [ 621.749844][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3685'. [ 621.902108][T19199] input: syz0 as /devices/virtual/input/input203 [ 621.919077][T19199] netlink: 'syz.1.3688': attribute type 1 has an invalid length. [ 621.922494][T19199] openvswitch: netlink: Actions may not be safe on all matching packets [ 621.999717][ T5522] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 622.061733][T19207] usb 2-1: USB disconnect, device number 59 [ 622.097108][T19207] hub 2-0:1.0: USB hub found [ 622.098834][T19207] hub 2-0:1.0: 6 ports detected [ 622.152383][ T5522] usb 8-1: config 5 has an invalid interface number: 9 but max is 1 [ 622.154583][ T5522] usb 8-1: config 5 has an invalid interface number: 73 but max is 1 [ 622.156754][ T5522] usb 8-1: config 5 has no interface number 0 [ 622.158520][ T5522] usb 8-1: config 5 has no interface number 1 [ 622.160723][ T5522] usb 8-1: config 5 interface 73 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 622.163569][ T5522] usb 8-1: config 5 interface 73 altsetting 9 has a duplicate endpoint with address 0xB, skipping [ 622.166425][ T5522] usb 8-1: config 5 interface 73 altsetting 9 bulk endpoint 0xF has invalid maxpacket 64 [ 622.169047][ T5522] usb 8-1: config 5 interface 73 altsetting 9 endpoint 0x9 has invalid maxpacket 1999, setting to 64 [ 622.171914][ T5522] usb 8-1: config 5 interface 73 altsetting 9 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 622.174661][ T5522] usb 8-1: config 5 interface 73 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 622.177521][ T5522] usb 8-1: config 5 interface 73 altsetting 9 has an invalid descriptor for endpoint zero, skipping [ 622.180556][ T5522] usb 8-1: config 5 interface 73 altsetting 9 endpoint 0x7 has invalid maxpacket 1023, setting to 64 [ 622.183446][ T5522] usb 8-1: config 5 interface 73 altsetting 9 has a duplicate endpoint with address 0xB, skipping [ 622.186371][ T5522] usb 8-1: config 5 interface 9 has no altsetting 0 [ 622.188140][ T5522] usb 8-1: config 5 interface 73 has no altsetting 0 [ 622.191730][ T5522] usb 8-1: New USB device found, idVendor=0af0, idProduct=7a01, bcdDevice= 0.00 [ 622.194157][ T5522] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 622.196297][ T5522] usb 8-1: Product: syz [ 622.197425][ T5522] usb 8-1: Manufacturer: Ї [ 622.198658][ T5522] usb 8-1: SerialNumber: syz [ 622.259861][ T5383] usb 2-1: new high-speed USB device number 60 using ehci-pci [ 622.418793][ T5522] hso 8-1:5.9: Not our interface [ 622.420724][ T5522] usb-storage 8-1:5.9: USB Mass Storage device detected [ 622.440627][ T5383] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 622.443169][ T5383] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 622.445499][ T5383] usb 2-1: Product: QEMU USB Tablet [ 622.447132][ T5383] usb 2-1: Manufacturer: QEMU [ 622.449250][ T5383] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 622.472792][ T5522] hso 8-1:5.73: Not our interface [ 622.473262][ T5383] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0105/input/input204 [ 622.474323][ T5522] usb-storage 8-1:5.73: USB Mass Storage device detected [ 622.480668][ T5383] hid-generic 0003:0627:0001.0105: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 622.535023][ T5522] usb 8-1: USB disconnect, device number 17 [ 622.763651][T19214] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 622.961157][T19219] 9pnet_fd: Insufficient options for proto=fd [ 623.312256][T19237] syz.3.3696: attempt to access beyond end of device [ 623.312256][T19237] loop3: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 623.315720][T19237] EXT4-fs (loop3): unable to read superblock [ 623.319919][T19237] usb 2-1: USB disconnect, device number 60 [ 623.344992][T19237] hub 2-0:1.0: USB hub found [ 623.346655][T19237] hub 2-0:1.0: 6 ports detected [ 623.539128][ T5383] usb 2-1: new high-speed USB device number 61 using ehci-pci [ 623.700748][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.702526][ T1375] ieee802154 phy1 wpan1: encryption failed: -22 [ 623.723721][ T5383] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 623.726421][ T5383] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 623.728686][ T5383] usb 2-1: Product: QEMU USB Tablet [ 623.731104][ T5383] usb 2-1: Manufacturer: QEMU [ 623.733969][ T5383] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 623.785824][ T5383] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0106/input/input205 [ 623.807418][ T5383] hid-generic 0003:0627:0001.0106: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 623.922631][ T5383] usb 7-1: USB disconnect, device number 27 [ 623.985619][T19255] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 624.194914][ T5522] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 624.351361][ T5522] usb 6-1: Using ep0 maxpacket: 8 [ 624.359334][ T5522] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 624.362108][ T5522] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 624.364441][ T5522] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.367383][ T5522] usb 6-1: config 0 descriptor?? [ 624.439706][ T57] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 624.529930][ T64] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 624.572364][ T5522] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 624.589666][ T57] usb 5-1: Using ep0 maxpacket: 8 [ 624.592311][ T57] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 624.594923][ T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 624.597498][ T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 624.600733][ T57] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 624.604183][ T57] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 624.606579][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.777704][T19252] FAULT_INJECTION: forcing a failure. [ 624.777704][T19252] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 624.783023][T19252] CPU: 3 UID: 0 PID: 19252 Comm: syz.1.3700 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 624.785795][T19252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 624.788547][T19252] Call Trace: [ 624.789422][T19252] [ 624.790221][T19252] dump_stack_lvl+0x16c/0x1f0 [ 624.791460][T19252] should_fail_ex+0x497/0x5b0 [ 624.792696][T19252] _copy_to_user+0x30/0xc0 [ 624.793882][T19252] simple_read_from_buffer+0xd0/0x160 [ 624.795269][T19252] proc_fail_nth_read+0x198/0x270 [ 624.796578][T19252] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 624.798031][T19252] ? __pfx___sanitizer_cov_trace_const_cmp4+0x10/0x10 [ 624.799782][T19252] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 624.801223][T19252] vfs_read+0x1ce/0xbd0 [ 624.802347][T19252] ? __fget_files+0x23a/0x3f0 [ 624.803578][T19252] ? fdget_pos+0x24c/0x360 [ 624.804748][T19252] ? __pfx_lock_release+0x10/0x10 [ 624.806082][T19252] ? trace_lock_acquire+0x14a/0x1d0 [ 624.807429][T19252] ? __pfx_vfs_read+0x10/0x10 [ 624.808655][T19252] ? __pfx___mutex_lock+0x10/0x10 [ 624.809929][T19252] ? __fget_files+0x244/0x3f0 [ 624.811068][T19252] ksys_read+0x12f/0x260 [ 624.812184][T19252] ? __pfx_ksys_read+0x10/0x10 [ 624.813448][T19252] __do_fast_syscall_32+0x73/0x120 [ 624.814823][T19252] do_fast_syscall_32+0x32/0x80 [ 624.816106][T19252] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 624.817813][T19252] RIP: 0023:0xf7fa5579 [ 624.818883][T19252] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 624.823920][T19252] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 624.826086][T19252] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5726620 [ 624.828125][T19252] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 624.830181][T19252] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 624.832254][T19252] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 624.834318][T19252] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 624.836378][T19252] [ 624.839338][ T57] usb 5-1: GET_CAPABILITIES returned 0 [ 624.840921][ T57] usbtmc 5-1:16.0: can't read capabilities [ 624.890855][ T5383] usb 6-1: USB disconnect, device number 20 [ 624.902423][ T5383] iowarrior 6-1:0.0: I/O-Warror #0 now disconnected [ 624.909858][ T64] usb 7-1: Using ep0 maxpacket: 8 [ 624.913657][ T64] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 624.913989][T19277] FAULT_INJECTION: forcing a failure. [ 624.913989][T19277] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 624.918679][ T64] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 624.923286][ T64] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 624.923311][T19277] CPU: 3 UID: 0 PID: 19277 Comm: syz.1.3710 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 624.926073][ T64] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 624.928947][T19277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 624.928961][T19277] Call Trace: [ 624.928965][T19277] [ 624.928970][T19277] dump_stack_lvl+0x16c/0x1f0 [ 624.928991][T19277] should_fail_ex+0x497/0x5b0 [ 624.933290][ T64] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 624.935838][T19277] _copy_from_user+0x30/0xf0 [ 624.936908][ T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.937645][T19277] __sys_bpf+0x215/0x5780 [ 624.946729][T19277] ? ksys_write+0x21e/0x260 [ 624.947941][T19277] ? __pfx___sys_bpf+0x10/0x10 [ 624.949293][T19277] ? vfs_write+0x14d/0x1140 [ 624.950558][T19277] ? __mutex_unlock_slowpath+0x164/0x650 [ 624.951990][T19277] ? fput+0x30/0x390 [ 624.953018][T19277] ? ksys_write+0x1ad/0x260 [ 624.954329][T19277] ? __pfx_ksys_write+0x10/0x10 [ 624.955693][T19277] __ia32_sys_bpf+0x76/0xe0 [ 624.956898][T19277] __do_fast_syscall_32+0x73/0x120 [ 624.958267][T19277] do_fast_syscall_32+0x32/0x80 [ 624.959557][T19277] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 624.961207][T19277] RIP: 0023:0xf7fa5579 [ 624.962317][T19277] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 624.967319][T19277] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 624.969502][T19277] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240 [ 624.971598][T19277] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 624.973655][T19277] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 624.975732][T19277] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 624.977804][T19277] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 624.979862][T19277] [ 624.984397][T19279] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 625.039571][T19261] FAULT_INJECTION: forcing a failure. [ 625.039571][T19261] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 625.043383][T19261] CPU: 3 UID: 0 PID: 19261 Comm: syz.0.3703 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 625.046275][T19261] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 625.049054][T19261] Call Trace: [ 625.049948][T19261] [ 625.050729][T19261] dump_stack_lvl+0x16c/0x1f0 [ 625.051963][T19261] should_fail_ex+0x497/0x5b0 [ 625.053205][T19261] _copy_to_user+0x30/0xc0 [ 625.054392][T19261] simple_read_from_buffer+0xd0/0x160 [ 625.055796][T19261] proc_fail_nth_read+0x198/0x270 [ 625.057110][T19261] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 625.058573][T19261] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 625.060014][T19261] vfs_read+0x1ce/0xbd0 [ 625.061122][T19261] ? __fget_files+0x23a/0x3f0 [ 625.062397][T19261] ? fdget_pos+0x24c/0x360 [ 625.063566][T19261] ? __pfx_lock_release+0x10/0x10 [ 625.064881][T19261] ? trace_lock_acquire+0x14a/0x1d0 [ 625.066256][T19261] ? __pfx_vfs_read+0x10/0x10 [ 625.067482][T19261] ? __pfx___mutex_lock+0x10/0x10 [ 625.068798][T19261] ? __fget_files+0x244/0x3f0 [ 625.070046][T19261] ksys_read+0x12f/0x260 [ 625.071151][T19261] ? __pfx_ksys_read+0x10/0x10 [ 625.072403][T19261] __do_fast_syscall_32+0x73/0x120 [ 625.073756][T19261] do_fast_syscall_32+0x32/0x80 [ 625.075039][T19261] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 625.076682][T19261] RIP: 0023:0xf743e579 [ 625.077767][T19261] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 625.082747][T19261] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 625.084904][T19261] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5726620 [ 625.086965][T19261] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 625.089007][T19261] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 625.091063][T19261] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 625.093114][T19261] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 625.095183][T19261] [ 625.106366][ T5550] usb 5-1: USB disconnect, device number 29 [ 625.151626][T19263] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 625.153662][T19263] macsec1: entered allmulticast mode [ 625.155106][T19263] mac80211_hwsim hwsim12 wlan0: entered allmulticast mode [ 625.602762][T19263] mac80211_hwsim hwsim12 wlan0: left allmulticast mode [ 625.604605][T19263] mac80211_hwsim hwsim12 wlan0: left promiscuous mode [ 625.672233][T19291] FAULT_INJECTION: forcing a failure. [ 625.672233][T19291] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 625.676530][T19291] CPU: 3 UID: 0 PID: 19291 Comm: syz.3.3714 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 625.679318][T19291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 625.682095][T19291] Call Trace: [ 625.682965][T19291] [ 625.683737][T19291] dump_stack_lvl+0x16c/0x1f0 [ 625.684970][T19291] should_fail_ex+0x497/0x5b0 [ 625.686233][T19291] _copy_from_user+0x30/0xf0 [ 625.687438][T19291] rose_setsockopt+0x178/0x560 [ 625.688685][T19291] ? __pfx_rose_setsockopt+0x10/0x10 [ 625.690084][T19291] ? __pfx_rose_setsockopt+0x10/0x10 [ 625.691461][T19291] do_sock_setsockopt+0x222/0x480 [ 625.692784][T19291] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 625.694253][T19291] ? fdget+0x176/0x210 [ 625.695330][T19291] __sys_setsockopt+0x1a4/0x270 [ 625.696609][T19291] ? __pfx___sys_setsockopt+0x10/0x10 [ 625.698039][T19291] ? fput+0x30/0x390 [ 625.699093][T19291] ? ksys_write+0x1ad/0x260 [ 625.700282][T19291] ? __pfx_ksys_write+0x10/0x10 [ 625.701567][T19291] __ia32_sys_setsockopt+0xbc/0x160 [ 625.702941][T19291] ? lockdep_hardirqs_on+0x7c/0x110 [ 625.704305][T19291] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 625.706038][T19291] __do_fast_syscall_32+0x73/0x120 [ 625.707381][T19291] do_fast_syscall_32+0x32/0x80 [ 625.708662][T19291] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 625.710358][T19291] RIP: 0023:0xf7f32579 [ 625.711431][T19291] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 625.716430][T19291] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 625.718610][T19291] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000104 [ 625.720661][T19291] RDX: 0000000000000003 RSI: 0000000020000000 RDI: 0000000000000004 [ 625.722735][T19291] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 625.724786][T19291] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 625.726872][T19291] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 625.728931][T19291] [ 625.908602][T19309] syz.3.3718: attempt to access beyond end of device [ 625.908602][T19309] loop3: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 625.912281][T19309] EXT4-fs (loop3): unable to read superblock [ 625.916756][T19309] usb 2-1: USB disconnect, device number 61 [ 625.952147][T19309] hub 2-0:1.0: USB hub found [ 625.953685][T19309] hub 2-0:1.0: 6 ports detected [ 626.004787][T19311] FAULT_INJECTION: forcing a failure. [ 626.004787][T19311] name failslab, interval 1, probability 0, space 0, times 0 [ 626.008392][T19311] CPU: 3 UID: 0 PID: 19311 Comm: syz.1.3720 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 626.011182][T19311] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 626.013965][T19311] Call Trace: [ 626.014841][T19311] [ 626.015620][T19311] dump_stack_lvl+0x16c/0x1f0 [ 626.016852][T19311] should_fail_ex+0x497/0x5b0 [ 626.018097][T19311] ? fs_reclaim_acquire+0xae/0x150 [ 626.019425][T19311] should_failslab+0xc2/0x120 [ 626.020657][T19311] __kmalloc_cache_noprof+0x6b/0x310 [ 626.022061][T19311] ? sctp_datamsg_from_user+0x8d/0x1320 [ 626.023495][T19311] ? __lock_acquire+0x163e/0x3ce0 [ 626.024807][T19311] sctp_datamsg_from_user+0x8d/0x1320 [ 626.026227][T19311] ? __sk_mem_raise_allocated+0x8a0/0x1740 [ 626.027752][T19311] ? __sk_mem_schedule+0xd0/0x100 [ 626.029067][T19311] sctp_sendmsg_to_asoc+0xafd/0x1ad0 [ 626.030468][T19311] ? print_usage_bug.part.0+0x510/0x560 [ 626.031914][T19311] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 626.033398][T19311] ? sctp_sendmsg+0x575/0x1f10 [ 626.034671][T19311] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 626.036000][T19311] ? mark_held_locks+0x9f/0xe0 [ 626.037255][T19311] ? sctp_sendmsg+0x575/0x1f10 [ 626.038526][T19311] ? sctp_sendmsg_check_sflags+0x176/0x320 [ 626.040050][T19311] sctp_sendmsg+0x129c/0x1f10 [ 626.041288][T19311] ? __pfx_sctp_sendmsg+0x10/0x10 [ 626.042649][T19311] ? __fget_files+0x23a/0x3f0 [ 626.043899][T19311] ? __pfx_aa_sk_perm+0x10/0x10 [ 626.045194][T19311] ? __pfx_sctp_sendmsg+0x10/0x10 [ 626.046537][T19311] inet_sendmsg+0x119/0x140 [ 626.047751][T19311] __sys_sendto+0x426/0x4d0 [ 626.048957][T19311] ? __pfx___sys_sendto+0x10/0x10 [ 626.050314][T19311] ? ksys_write+0x1ad/0x260 [ 626.051507][T19311] ? __pfx_ksys_write+0x10/0x10 [ 626.052793][T19311] __ia32_sys_sendto+0xdd/0x1b0 [ 626.054093][T19311] ? lockdep_hardirqs_on+0x7c/0x110 [ 626.055463][T19311] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 626.057181][T19311] __do_fast_syscall_32+0x73/0x120 [ 626.058540][T19311] do_fast_syscall_32+0x32/0x80 [ 626.059827][T19311] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 626.061495][T19311] RIP: 0023:0xf7fa5579 [ 626.062594][T19311] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 626.067614][T19311] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 626.069786][T19311] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040 [ 626.071834][T19311] RDX: 0000000000034000 RSI: 0000000000000000 RDI: 0000000000000000 [ 626.073904][T19311] RBP: 0000000000000044 R08: 0000000000000000 R09: 0000000000000000 [ 626.075956][T19311] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 626.078022][T19311] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 626.080079][T19311] [ 626.119809][ T5550] usb 2-1: new high-speed USB device number 62 using ehci-pci [ 626.138402][T19313] FAULT_INJECTION: forcing a failure. [ 626.138402][T19313] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 626.142827][ T57] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 626.144987][T19313] CPU: 3 UID: 0 PID: 19313 Comm: syz.1.3721 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 626.147783][T19313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 626.150605][T19313] Call Trace: [ 626.151480][T19313] [ 626.152263][T19313] dump_stack_lvl+0x16c/0x1f0 [ 626.153502][T19313] should_fail_ex+0x497/0x5b0 [ 626.154762][T19313] _copy_to_user+0x30/0xc0 [ 626.155932][T19313] simple_read_from_buffer+0xd0/0x160 [ 626.157332][T19313] proc_fail_nth_read+0x198/0x270 [ 626.158671][T19313] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 626.160122][T19313] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 626.161581][T19313] vfs_read+0x1ce/0xbd0 [ 626.162693][T19313] ? __fget_files+0x23a/0x3f0 [ 626.163926][T19313] ? fdget_pos+0x24c/0x360 [ 626.165096][T19313] ? __pfx_lock_release+0x10/0x10 [ 626.166432][T19313] ? trace_lock_acquire+0x14a/0x1d0 [ 626.167799][T19313] ? __pfx_vfs_read+0x10/0x10 [ 626.169033][T19313] ? __pfx___mutex_lock+0x10/0x10 [ 626.170399][T19313] ? __fget_files+0x244/0x3f0 [ 626.171642][T19313] ksys_read+0x12f/0x260 [ 626.172756][T19313] ? __pfx_ksys_read+0x10/0x10 [ 626.174040][T19313] __do_fast_syscall_32+0x73/0x120 [ 626.175387][T19313] do_fast_syscall_32+0x32/0x80 [ 626.176681][T19313] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 626.178362][T19313] RIP: 0023:0xf7fa5579 [ 626.179436][T19313] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 626.184472][T19313] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 626.186681][T19313] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5726620 [ 626.188821][T19313] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 626.190946][T19313] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 626.192998][T19313] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 626.195071][T19313] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 626.197128][T19313] [ 626.235126][T19318] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem [ 626.323994][ T5550] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 626.331390][ T5550] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 626.333581][ T5550] usb 2-1: Product: QEMU USB Tablet [ 626.335032][ T5550] usb 2-1: Manufacturer: QEMU [ 626.336354][ T5550] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 626.349656][ T57] usb 5-1: Using ep0 maxpacket: 32 [ 626.352361][ T57] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 626.354377][ T5550] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0107/input/input206 [ 626.354543][ T57] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 626.361064][ T57] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 626.364121][ T57] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 626.367571][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 626.371155][ T57] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 626.373632][ T57] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 626.375863][ T57] usb 5-1: Product: syz [ 626.379965][ T57] usb 5-1: Manufacturer: syz [ 626.381261][ T57] usb 5-1: SerialNumber: syz [ 626.383851][ T57] usb 5-1: config 0 descriptor?? [ 626.386590][ T57] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 626.390462][ T57] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 626.411460][ T5550] hid-generic 0003:0627:0001.0107: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 626.415816][T19323] FAULT_INJECTION: forcing a failure. [ 626.415816][T19323] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 626.428205][T19323] CPU: 0 UID: 0 PID: 19323 Comm: syz.1.3724 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 626.431355][T19323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 626.434358][T19323] Call Trace: [ 626.435252][T19323] [ 626.436038][T19323] dump_stack_lvl+0x16c/0x1f0 [ 626.437296][T19323] should_fail_ex+0x497/0x5b0 [ 626.438551][T19323] _copy_to_user+0x30/0xc0 [ 626.439698][T19323] simple_read_from_buffer+0xd0/0x160 [ 626.441315][T19323] proc_fail_nth_read+0x198/0x270 [ 626.442697][T19323] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 626.444174][T19323] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 626.445818][T19323] vfs_read+0x1ce/0xbd0 [ 626.446927][T19323] ? __fget_files+0x23a/0x3f0 [ 626.448493][T19323] ? fdget_pos+0x24c/0x360 [ 626.449908][T19323] ? __pfx_lock_release+0x10/0x10 [ 626.451631][T19323] ? trace_lock_acquire+0x14a/0x1d0 [ 626.453409][T19323] ? __pfx_vfs_read+0x10/0x10 [ 626.455037][T19323] ? __pfx___mutex_lock+0x10/0x10 [ 626.456767][T19323] ? __fget_files+0x244/0x3f0 [ 626.458547][T19323] ksys_read+0x12f/0x260 [ 626.459934][T19323] ? __pfx_ksys_read+0x10/0x10 [ 626.461346][T19323] __do_fast_syscall_32+0x73/0x120 [ 626.462710][T19323] do_fast_syscall_32+0x32/0x80 [ 626.464012][T19323] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 626.465689][T19323] RIP: 0023:0xf7fa5579 [ 626.466794][T19323] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 626.472017][T19323] RSP: 002b:00000000f57265a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 626.474228][T19323] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5726620 [ 626.476319][T19323] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 626.478407][T19323] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 626.480489][T19323] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 626.482590][T19323] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 626.484557][T19323] [ 626.485358][ C0] vkms_vblank_simulate: vblank timer overrun [ 626.608132][ T5550] usb 5-1: USB disconnect, device number 30 [ 626.613000][ T5550] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 626.723669][ T64] usb 7-1: usb_control_msg returned -71 [ 626.725147][ T64] usbtmc 7-1:16.0: can't read capabilities [ 626.732150][ T64] usb 7-1: USB disconnect, device number 28 [ 627.131266][T19355] FAULT_INJECTION: forcing a failure. [ 627.131266][T19355] name failslab, interval 1, probability 0, space 0, times 0 [ 627.134769][T19355] CPU: 0 UID: 0 PID: 19355 Comm: syz.3.3733 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 627.137479][T19355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 627.140299][T19355] Call Trace: [ 627.141181][T19355] [ 627.141999][T19355] dump_stack_lvl+0x16c/0x1f0 [ 627.143241][T19355] should_fail_ex+0x497/0x5b0 [ 627.144478][T19355] should_failslab+0xc2/0x120 [ 627.145718][T19355] __kmalloc_noprof+0xcb/0x410 [ 627.146983][T19355] ___neigh_create+0x1406/0x2ac0 [ 627.148277][T19355] ? trace_lock_acquire+0x14a/0x1d0 [ 627.149621][T19355] ? ip_finish_output2+0x364/0x2530 [ 627.150985][T19355] ? __pfx____neigh_create+0x10/0x10 [ 627.152402][T19355] ip_finish_output2+0x1f89/0x2530 [ 627.153846][T19355] ? nf_hook+0x3bf/0x6d0 [ 627.154994][T19355] ? __pfx_ip_finish_output2+0x10/0x10 [ 627.156448][T19355] ? ip_skb_dst_mtu+0x3fc/0xc70 [ 627.157766][T19355] ? __pfx_ip_skb_dst_mtu+0x10/0x10 [ 627.159160][T19355] ? __pfx_nf_hook+0x10/0x10 [ 627.160405][T19355] ? mark_lock+0xb5/0xc60 [ 627.161586][T19355] __ip_finish_output+0x49e/0x950 [ 627.162959][T19355] ip_finish_output+0x31/0x310 [ 627.164238][T19355] ip_output+0x13b/0x2a0 [ 627.165374][T19355] ? __pfx_ip_output+0x10/0x10 [ 627.166664][T19355] ip_send_skb+0x3e5/0x560 [ 627.167856][T19355] udp_send_skb+0x6f1/0x1510 [ 627.169096][T19355] udp_sendmsg+0x13fe/0x2b40 [ 627.170484][T19355] ? aa_label_sk_perm+0x19d/0x5a0 [ 627.171946][T19355] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 627.173497][T19355] ? __pfx_udp_sendmsg+0x10/0x10 [ 627.174836][T19355] ? __pfx___lock_acquire+0x10/0x10 [ 627.176224][T19355] ? __fget_files+0x23a/0x3f0 [ 627.177477][T19355] ? __pfx___might_resched+0x10/0x10 [ 627.178876][T19355] ? trace_lock_acquire+0x14a/0x1d0 [ 627.180250][T19355] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 627.181843][T19355] ? __pfx_aa_sk_perm+0x10/0x10 [ 627.183139][T19355] ? __pfx_udp_sendmsg+0x10/0x10 [ 627.184458][T19355] ? inet_sendmsg+0x105/0x140 [ 627.185738][T19355] inet_sendmsg+0x105/0x140 [ 627.186944][T19355] __sys_sendto+0x426/0x4d0 [ 627.188157][T19355] ? __pfx___sys_sendto+0x10/0x10 [ 627.189505][T19355] ? ksys_write+0x1ad/0x260 [ 627.190734][T19355] ? __pfx_ksys_write+0x10/0x10 [ 627.192028][T19355] __ia32_sys_sendto+0xdd/0x1b0 [ 627.193323][T19355] ? lockdep_hardirqs_on+0x7c/0x110 [ 627.194712][T19355] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 627.196444][T19355] __do_fast_syscall_32+0x73/0x120 [ 627.197815][T19355] do_fast_syscall_32+0x32/0x80 [ 627.199119][T19355] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 627.200802][T19355] RIP: 0023:0xf7f32579 [ 627.201899][T19355] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 627.206931][T19355] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 627.209139][T19355] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000 [ 627.211157][T19355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 627.213241][T19355] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 627.215342][T19355] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 627.217423][T19355] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 627.219520][T19355] [ 627.263333][T19359] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3735'. [ 627.392387][T19366] FAULT_INJECTION: forcing a failure. [ 627.392387][T19366] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 627.397145][T19366] CPU: 0 UID: 0 PID: 19366 Comm: syz.1.3738 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 627.401073][T19366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 627.405003][T19366] Call Trace: [ 627.406261][T19366] [ 627.407374][T19366] dump_stack_lvl+0x16c/0x1f0 [ 627.409140][T19366] should_fail_ex+0x497/0x5b0 [ 627.410929][T19366] _copy_from_user+0x30/0xf0 [ 627.412662][T19366] sctp_getsockopt+0x4a6a/0x7ae0 [ 627.414518][T19366] ? aa_label_sk_perm+0x19d/0x5a0 [ 627.416386][T19366] ? __lock_acquire+0xbdd/0x3ce0 [ 627.418243][T19366] ? __pfx_sctp_getsockopt+0x10/0x10 [ 627.420215][T19366] ? __pfx___lock_acquire+0x10/0x10 [ 627.422182][T19366] ? hlock_class+0x4e/0x130 [ 627.423889][T19366] ? __pfx___might_resched+0x10/0x10 [ 627.425845][T19366] ? __pfx___lock_acquire+0x10/0x10 [ 627.427780][T19366] ? aa_sk_perm+0x2f5/0xb20 [ 627.429484][T19366] ? __pfx_aa_sk_perm+0x10/0x10 [ 627.431311][T19366] ? find_held_lock+0x2d/0x110 [ 627.433103][T19366] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 627.435296][T19366] ? do_sock_getsockopt+0x3fe/0x870 [ 627.437229][T19366] do_sock_getsockopt+0x3fe/0x870 [ 627.439112][T19366] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 627.441166][T19366] ? __fget_files+0x244/0x3f0 [ 627.442970][T19366] __sys_getsockopt+0x1a1/0x270 [ 627.444784][T19366] ? __pfx___sys_getsockopt+0x10/0x10 [ 627.446787][T19366] ? fput+0x30/0x390 [ 627.448254][T19366] ? ksys_write+0x1ad/0x260 [ 627.449956][T19366] ? __pfx_ksys_write+0x10/0x10 [ 627.451768][T19366] __ia32_sys_getsockopt+0xbc/0x160 [ 627.453710][T19366] ? lockdep_hardirqs_on+0x7c/0x110 [ 627.455637][T19366] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 627.458067][T19366] __do_fast_syscall_32+0x73/0x120 [ 627.459971][T19366] do_fast_syscall_32+0x32/0x80 [ 627.461821][T19366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 627.464159][T19366] RIP: 0023:0xf7fa5579 [ 627.465684][T19366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 627.472682][T19366] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 000000000000016d [ 627.475140][T19366] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000084 [ 627.477198][T19366] RDX: 000000000000006f RSI: 0000000020000280 RDI: 00000000200001c0 [ 627.479448][T19366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 627.482330][T19366] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 627.485205][T19366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 627.487716][T19366] [ 627.525574][ T39] kauditd_printk_skb: 35 callbacks suppressed [ 627.525814][ T39] audit: type=1326 audit(1729407466.854:7387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19370 comm="syz.1.3740" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa5579 code=0x0 [ 627.620028][T19369] [ 627.620705][T19369] ====================================================== [ 627.622525][T19369] WARNING: possible circular locking dependency detected [ 627.624313][T19369] 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 Not tainted [ 627.626429][T19369] ------------------------------------------------------ [ 627.629625][T19369] syz.3.3739/19369 is trying to acquire lock: [ 627.631195][T19369] ffff888040000220 (&pgdat->kswapd_wait){....}-{2:2}, at: __wake_up+0x1c/0x60 [ 627.633481][T19369] [ 627.633481][T19369] but task is already holding lock: [ 627.635364][T19369] ffff888020b88a00 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc7/0xdb0 [ 627.637606][T19369] [ 627.637606][T19369] which lock already depends on the new lock. [ 627.637606][T19369] [ 627.640187][T19369] [ 627.640187][T19369] the existing dependency chain (in reverse order) is: [ 627.642483][T19369] [ 627.642483][T19369] -> #3 (&trie->lock){....}-{2:2}: [ 627.644354][T19369] _raw_spin_lock_irqsave+0x3a/0x60 [ 627.645836][T19369] trie_delete_elem+0xb0/0x820 [ 627.647197][T19369] 0xffffffffa00055d7 [ 627.648369][T19369] bpf_trace_run4+0x245/0x5a0 [ 627.649722][T19369] __traceiter_sched_switch+0x6c/0xc0 [ 627.651247][T19369] __schedule+0x15bd/0x5750 [ 627.652551][T19369] schedule+0xe7/0x350 [ 627.653753][T19369] futex_wait_queue+0xfc/0x1f0 [ 627.655114][T19369] __futex_wait+0x291/0x3c0 [ 627.656411][T19369] futex_wait+0xe9/0x380 [ 627.657689][T19369] do_futex+0x22b/0x350 [ 627.658879][T19369] __ia32_sys_futex_time32+0x1da/0x460 [ 627.660423][T19369] __do_fast_syscall_32+0x73/0x120 [ 627.661922][T19369] do_fast_syscall_32+0x32/0x80 [ 627.663310][T19369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 627.665060][T19369] [ 627.665060][T19369] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 627.666940][T19369] _raw_spin_lock_nested+0x31/0x40 [ 627.668389][T19369] raw_spin_rq_lock_nested+0x29/0x130 [ 627.669923][T19369] task_rq_lock+0xcf/0x3b0 [ 627.671204][T19369] cgroup_move_task+0x82/0x250 [ 627.672570][T19369] css_set_move_task+0x288/0x5f0 [ 627.673998][T19369] cgroup_post_fork+0x1c6/0x910 [ 627.675384][T19369] copy_process+0x5759/0x6ee0 [ 627.676731][T19369] kernel_clone+0xfd/0x960 [ 627.678014][T19369] user_mode_thread+0xb4/0xf0 [ 627.679357][T19369] rest_init+0x23/0x2b0 [ 627.680674][T19369] start_kernel+0x3e4/0x4d0 [ 627.682029][T19369] x86_64_start_reservations+0x18/0x30 [ 627.683579][T19369] x86_64_start_kernel+0xb2/0xc0 [ 627.684987][T19369] common_startup_64+0x13e/0x148 [ 627.686401][T19369] [ 627.686401][T19369] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 627.688287][T19369] _raw_spin_lock_irqsave+0x3a/0x60 [ 627.689823][T19369] try_to_wake_up+0xa1/0x14f0 [ 627.691174][T19369] autoremove_wake_function+0x16/0x150 [ 627.692735][T19369] __wake_up_common+0x131/0x1e0 [ 627.694136][T19369] __wake_up+0x31/0x60 [ 627.695344][T19369] wakeup_kswapd+0x45e/0x640 [ 627.696675][T19369] get_page_from_freelist+0x5e6/0x3070 [ 627.698251][T19369] __alloc_pages_noprof+0x223/0x25a0 [ 627.699668][T19369] alloc_pages_mpol_noprof+0x2c9/0x610 [ 627.701191][T19369] get_free_pages_noprof+0xc/0x40 [ 627.702648][T19369] kasan_populate_vmalloc_pte+0x2d/0x160 [ 627.704238][T19369] __apply_to_page_range+0x5fd/0xd30 [ 627.705766][T19369] alloc_vmap_area+0x93e/0x2a70 [ 627.707161][T19369] __get_vm_area_node+0x17e/0x2d0 [ 627.708600][T19369] __vmalloc_node_range_noprof+0x26a/0x15a0 [ 627.710270][T19369] copy_process+0x29b4/0x6ee0 [ 627.711625][T19369] kernel_clone+0xfd/0x960 [ 627.712917][T19369] user_mode_thread+0xb4/0xf0 [ 627.714297][T19369] call_usermodehelper_exec_work+0xcb/0x170 [ 627.715974][T19369] process_one_work+0x958/0x1b30 [ 627.717387][T19369] worker_thread+0x6c8/0xf00 [ 627.718723][T19369] kthread+0x2c1/0x3a0 [ 627.719926][T19369] ret_from_fork+0x45/0x80 [ 627.721226][T19369] ret_from_fork_asm+0x1a/0x30 [ 627.722616][T19369] [ 627.722616][T19369] -> #0 (&pgdat->kswapd_wait){....}-{2:2}: [ 627.724661][T19369] __lock_acquire+0x250b/0x3ce0 [ 627.726063][T19369] lock_acquire.part.0+0x11b/0x380 [ 627.727526][T19369] _raw_spin_lock_irqsave+0x3a/0x60 [ 627.728993][T19369] __wake_up+0x1c/0x60 [ 627.730178][T19369] wakeup_kswapd+0x45e/0x640 [ 627.731459][T19369] get_page_from_freelist+0x5e6/0x3070 [ 627.732965][T19369] __alloc_pages_noprof+0x223/0x25a0 [ 627.734439][T19369] alloc_pages_mpol_noprof+0x2c9/0x610 [ 627.735949][T19369] new_slab+0x2ba/0x3f0 [ 627.737149][T19369] ___slab_alloc+0xd1d/0x16f0 [ 627.738463][T19369] __slab_alloc.constprop.0+0x56/0xb0 [ 627.739925][T19369] __kmalloc_node_noprof+0x367/0x440 [ 627.741390][T19369] bpf_map_kmalloc_node+0x98/0x4a0 [ 627.742827][T19369] trie_update_elem+0x1ef/0xdb0 [ 627.744168][T19369] bpf_map_update_value+0x2c1/0x6c0 [ 627.745618][T19369] generic_map_update_batch+0x454/0x5f0 [ 627.747151][T19369] bpf_map_do_batch+0x576/0x640 [ 627.748502][T19369] __sys_bpf+0x1c9f/0x5780 [ 627.749760][T19369] __ia32_sys_bpf+0x76/0xe0 [ 627.751034][T19369] __do_fast_syscall_32+0x73/0x120 [ 627.752459][T19369] do_fast_syscall_32+0x32/0x80 [ 627.753842][T19369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 627.755570][T19369] [ 627.755570][T19369] other info that might help us debug this: [ 627.755570][T19369] [ 627.758091][T19369] Chain exists of: [ 627.758091][T19369] &pgdat->kswapd_wait --> &rq->__lock --> &trie->lock [ 627.758091][T19369] [ 627.761210][T19369] Possible unsafe locking scenario: [ 627.761210][T19369] [ 627.763092][T19369] CPU0 CPU1 [ 627.764423][T19369] ---- ---- [ 627.765783][T19369] lock(&trie->lock); [ 627.766830][T19369] lock(&rq->__lock); [ 627.768499][T19369] lock(&trie->lock); [ 627.770263][T19369] lock(&pgdat->kswapd_wait); [ 627.771478][T19369] [ 627.771478][T19369] *** DEADLOCK *** [ 627.771478][T19369] [ 627.773509][T19369] 2 locks held by syz.3.3739/19369: [ 627.774798][T19369] #0: ffffffff8ddb7840 (rcu_read_lock){....}-{1:2}, at: bpf_map_update_value+0x24b/0x6c0 [ 627.777266][T19369] #1: ffff888020b88a00 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc7/0xdb0 [ 627.779598][T19369] [ 627.779598][T19369] stack backtrace: [ 627.781091][T19369] CPU: 0 UID: 0 PID: 19369 Comm: syz.3.3739 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 627.783779][T19369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 627.786483][T19369] Call Trace: [ 627.787357][T19369] [ 627.788124][T19369] dump_stack_lvl+0x116/0x1f0 [ 627.789305][T19369] print_circular_bug+0x419/0x5d0 [ 627.790609][T19369] check_noncircular+0x31a/0x400 [ 627.791852][T19369] ? __pfx_check_noncircular+0x10/0x10 [ 627.793230][T19369] ? lockdep_lock+0xc6/0x200 [ 627.794413][T19369] ? __pfx_lockdep_lock+0x10/0x10 [ 627.795679][T19369] __lock_acquire+0x250b/0x3ce0 [ 627.796920][T19369] ? __pfx___lock_acquire+0x10/0x10 [ 627.798248][T19369] ? __rmqueue_pcplist+0xd41/0x1490 [ 627.799568][T19369] lock_acquire.part.0+0x11b/0x380 [ 627.800858][T19369] ? __wake_up+0x1c/0x60 [ 627.801961][T19369] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 627.803385][T19369] ? rcu_is_watching+0x12/0xc0 [ 627.804585][T19369] ? trace_lock_acquire+0x14a/0x1d0 [ 627.805904][T19369] ? find_held_lock+0x2d/0x110 [ 627.807104][T19369] ? __wake_up+0x1c/0x60 [ 627.808184][T19369] ? lock_acquire+0x2f/0xb0 [ 627.809339][T19369] ? __wake_up+0x1c/0x60 [ 627.810424][T19369] _raw_spin_lock_irqsave+0x3a/0x60 [ 627.811819][T19369] ? __wake_up+0x1c/0x60 [ 627.812937][T19369] __wake_up+0x1c/0x60 [ 627.813999][T19369] wakeup_kswapd+0x45e/0x640 [ 627.815230][T19369] get_page_from_freelist+0x5e6/0x3070 [ 627.816646][T19369] ? __pfx_get_page_from_freelist+0x10/0x10 [ 627.818158][T19369] ? should_fail_alloc_page+0xee/0x130 [ 627.819563][T19369] ? prepare_alloc_pages.constprop.0+0x16f/0x560 [ 627.821205][T19369] __alloc_pages_noprof+0x223/0x25a0 [ 627.822589][T19369] ? __pfx_lock_release+0x10/0x10 [ 627.823917][T19369] ? trace_lock_acquire+0x14a/0x1d0 [ 627.825315][T19369] ? lock_acquire+0x2f/0xb0 [ 627.826970][T19369] ? is_bpf_text_address+0x30/0x1a0 [ 627.828342][T19369] ? bpf_ksym_find+0x124/0x1c0 [ 627.829611][T19369] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 627.831150][T19369] ? hlock_class+0x4e/0x130 [ 627.832356][T19369] ? __lock_acquire+0x163e/0x3ce0 [ 627.833701][T19369] ? __pfx___lock_acquire+0x10/0x10 [ 627.835068][T19369] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 627.836635][T19369] ? policy_nodemask+0xea/0x4e0 [ 627.837930][T19369] alloc_pages_mpol_noprof+0x2c9/0x610 [ 627.839360][T19369] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 627.840920][T19369] ? __pfx_lock_release+0x10/0x10 [ 627.842268][T19369] ? get_freelist+0x1b2/0x1e0 [ 627.843433][T19369] new_slab+0x2ba/0x3f0 [ 627.844535][T19369] ___slab_alloc+0xd1d/0x16f0 [ 627.845793][T19369] ? bpf_map_kmalloc_node+0x98/0x4a0 [ 627.847179][T19369] ? bpf_map_get_memcg.isra.0+0x190/0x670 [ 627.848673][T19369] ? __pfx_lock_release+0x10/0x10 [ 627.850006][T19369] ? trace_lock_acquire+0x14a/0x1d0 [ 627.851370][T19369] ? bpf_map_kmalloc_node+0x98/0x4a0 [ 627.852767][T19369] ? __slab_alloc.constprop.0+0x56/0xb0 [ 627.854245][T19369] __slab_alloc.constprop.0+0x56/0xb0 [ 627.855692][T19369] __kmalloc_node_noprof+0x367/0x440 [ 627.857224][T19369] ? bpf_map_kmalloc_node+0x98/0x4a0 [ 627.858795][T19369] bpf_map_kmalloc_node+0x98/0x4a0 [ 627.860332][T19369] trie_update_elem+0x1ef/0xdb0 [ 627.861787][T19369] ? trace_lock_acquire+0x14a/0x1d0 [ 627.863292][T19369] ? bpf_map_update_value+0x24b/0x6c0 [ 627.864751][T19369] ? lock_acquire+0x2f/0xb0 [ 627.866121][T19369] bpf_map_update_value+0x2c1/0x6c0 [ 627.867563][T19369] generic_map_update_batch+0x454/0x5f0 [ 627.869235][T19369] ? __pfx_generic_map_update_batch+0x10/0x10 [ 627.870939][T19369] ? __pfx_generic_map_update_batch+0x10/0x10 [ 627.872545][T19369] bpf_map_do_batch+0x576/0x640 [ 627.873842][T19369] __sys_bpf+0x1c9f/0x5780 [ 627.875021][T19369] ? __pfx___sys_bpf+0x10/0x10 [ 627.876284][T19369] ? kmem_cache_free+0x152/0x4b0 [ 627.877597][T19369] ? putname+0x12e/0x170 [ 627.878728][T19369] ? do_futex+0x123/0x350 [ 627.879868][T19369] ? __pfx_do_futex+0x10/0x10 [ 627.881102][T19369] ? xfd_validate_state+0x5d/0x180 [ 627.882492][T19369] ? rcu_is_watching+0x12/0xc0 [ 627.883942][T19369] __ia32_sys_bpf+0x76/0xe0 [ 627.885308][T19369] __do_fast_syscall_32+0x73/0x120 [ 627.886837][T19369] do_fast_syscall_32+0x32/0x80 [ 627.888196][T19369] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 627.889927][T19369] RIP: 0023:0xf7f32579 [ 627.891030][T19369] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 627.896266][T19369] RSP: 002b:00000000f569556c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 627.898487][T19369] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000020000000 [ 627.900729][T19369] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000 [ 627.903004][T19369] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 627.905092][T19369] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 627.907189][T19369] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 627.909281][T19369] VM DIAGNOSIS: 06:57:47 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff8503ee80 RDI=ffffffff9a640260 RBP=ffffffff9a640220 RSP=ffffc900020a6b10 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=ffffffff9a640220 R14=ffffffff9a640270 R15=000000000000004e RIP=ffffffff8503eea7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c3bb096 CR3=00000000235c2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e80b1 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000001803074 RBX=0000000000000001 RCX=ffffffff8b139ef9 RDX=ffffed10056a7026 RSI=ffffffff8bb12ca0 RDI=ffffffff8164194c RBP=ffffed10036e9910 RSP=ffffc90000477e08 R8 =0000000000000000 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000001 R12=0000000000000001 R13=ffff88801b74c880 R14=ffffffff901ce548 R15=0000000000000000 RIP=ffffffff8b13b2df RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000000a18000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000c DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014000000000 0000000400000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000007a3a04 RBX=0000000000000002 RCX=ffffffff8b139ef9 RDX=ffffed10056c7026 RSI=ffffffff8bb12ca0 RDI=ffffffff8164194c RBP=ffffed10036ec000 RSP=ffffc90000487e08 R8 =0000000000000000 R9 =ffffed10056c7025 R10=ffff88802b63812b R11=0000000000000001 R12=0000000000000002 R13=ffff88801b760000 R14=ffffffff901ce548 R15=0000000000000000 RIP=ffffffff8b13b2df RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c392e25 CR3=00000000235c2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000c DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffff88802b4467c0 RCX=ffffc9002d52d000 RDX=0000000000040000 RSI=ffffffff8180ac66 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90007f1f2c0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed1005688cf9 R13=0000000000000001 R14=ffff88802b4467c8 R15=ffff88802b740100 RIP=ffffffff8180ac6d RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020cb7000 CR3=00000000235c2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000c DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000