last executing test programs: 1.727164991s ago: executing program 0 (id=897): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) openat$dlm_monitor(0xffffff9c, &(0x7f0000000000), 0x40, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000009c0)={&(0x7f0000000740)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x7, [@datasec={0x6, 0x0, 0x0, 0xf, 0x1, [], '\t'}, @datasec={0x0, 0x0, 0x0, 0xf, 0x3, [], "e10418"}]}, {0x0, [0x0, 0x2e, 0x61, 0x61, 0x30]}}, 0x0, 0x3b, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) nanosleep(&(0x7f0000000000)={0x80000000, 0x8}, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e"]) chdir(&(0x7f0000000100)='./file0\x00') r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) pwritev2(r4, &(0x7f0000000980)=[{0x0}, {&(0x7f0000000500)="be81e1310fb465f31a42f6efa58772d291c57be2782f6ff63ea3517e50771580447f7d195ee15e186027d518b2c77a051895fece1dc014c33d6928ab0376cf4077399b51451472f53be50af6897bc0fa353cad9156d19de3665191fdf17a2f07f4286cea5c10fbb81feb85e406524a47b1978139eaa8daec929e00572df90f9d8a3ce9b03cc2ee0eb9b4875c4e3d02e9570f627ef6771beca7", 0x99}, {0x0}], 0x3, 0x5, 0xa, 0x14) 1.238104642s ago: executing program 2 (id=918): mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0x13, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000900000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000000000bf090000000000005509010000000000852000000300000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x62, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0) 1.170517249s ago: executing program 2 (id=920): r0 = socket$netlink(0x10, 0x3, 0x0) getsockopt(r0, 0xc4, 0x8000, &(0x7f00000001c0), &(0x7f00000002c0)) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/11], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x18) openat$cgroup_root(0xffffff9c, &(0x7f0000000080)='./cgroup/syz1\x00', 0x200002, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = dup(0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = userfaultfd(0x80001) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r7 = getpid() process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000300)=""/43, 0x7ffff000}, {&(0x7f0000000480)=""/165, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2aa, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x18) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) ioctl$UFFDIO_COPY(r5, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000}) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r8 = socket(0x21, 0x2, 0x10000000000002) connect$rxrpc(r8, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8000, @multicast2}}, 0x24) sendmmsg(r8, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[{0x10, 0x110, 0x1}], 0x10, 0xe000}, 0x5}], 0x1, 0x0) recvmmsg(r8, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0xf000, 0x10002, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x8001}, 0x0) 752.865771ms ago: executing program 0 (id=923): syz_usb_connect$cdc_ecm(0x2, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04131d07c8000500c800c0ff01000300c8000300c9000700c8"], 0x20) 470.340379ms ago: executing program 2 (id=926): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000140)="240000005a001f001007f4f9002304000a04f511080004000201000208000380050000009277fa6b6d0e60e8908522e65d6e278f460b2cb57859f364783e6b3708a190f41960b82224c4653afc33332252049d3e82efd18881c184b0252e94ccace342aa9150042797abfd4424f1e961d81ba3bc884ddd7d46489f24ea25f323cdca7ac2ee91aeecf88b39c6a81240b0665235e8682abd242c9b98790ebcc89596434e495594f52a85c4c3eacf1788273bbd22ba1f381676caf10c670aaa4ea4ee51822bdf2df4289ac8ce669f2e6984590c6f9714e95e2aac3d2155f226061586a609cfb765a2e0b800"/254, 0xfe) 443.092475ms ago: executing program 2 (id=929): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000014c0)=@newsa={0x1a0, 0x10, 0x1, 0x0, 0x0, {{@in6=@remote, @in6=@mcast1}, {@in=@rand_addr=0x64010101, 0x2, 0x32}, @in6=@loopback, {0x0, 0x3, 0x0, 0x0, 0x1800000000000000}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xaf}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_esn_val={0x1c}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x8}}]}, 0x1a0}}, 0x0) 340.292201ms ago: executing program 2 (id=932): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', 0x0}) sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="4d7e00000000000000002a00000008002f000000000005003600000000000c0005000000000200000000050037000000000008000200", @ANYRES32=r3, @ANYBLOB="06000600fe000000060004"], 0x50}, 0x4, 0x700000000000000, 0x0, 0x4}, 0x4040084) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000000)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000000c0)={0x1c, r5, 0x1, 0xfffffffd, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x1c}}, 0x0) 340.177956ms ago: executing program 2 (id=933): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000280)={r2}, &(0x7f0000000080)=0x8) 264.628493ms ago: executing program 1 (id=934): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000000c0), 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="c2", 0x1}], 0x1) write$UHID_SET_REPORT_REPLY(r0, 0x0, 0xffe0) 260.060456ms ago: executing program 3 (id=935): r0 = socket(0x40000000015, 0x5, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24008000}, 0x0) setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4) ppoll(&(0x7f0000000080)=[{r0, 0x812}], 0x1, &(0x7f0000000180), 0x0, 0x0) 180.805686ms ago: executing program 0 (id=936): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'geneve0\x00', 0x0}) setsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000040)={@private0, r2}, 0x14) 180.578815ms ago: executing program 1 (id=937): r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000000040)=[{{&(0x7f0000000a00)={0xa, 0x4e20, 0x7992, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x23}}, 0x8}, 0x1c, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="20000000290000003200000000000000000000000000ffffac13f43037"], 0x20}}], 0x1, 0x40010) 180.424685ms ago: executing program 3 (id=938): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000001080)="442693e7a0d250a98129cc85c7c92c4b308ef6b94e354d0269a682801ba7617428a4773e487fda3f51a375b3b087203996bed5b9f043c0d0733209890c2ebfd6ce44b39ae727910ef74656c5953a5666a6586d40926c03cec6bc1515231efb3d8879d996b6e7211eb9c4d670f1817dce3d0d03d6bad660ba4b04dfab19b8de260b", 0x81, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c) shutdown(r0, 0x1) 180.349397ms ago: executing program 0 (id=939): r0 = gettid() prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) tkill(r0, 0x11) 117.966163ms ago: executing program 0 (id=940): r0 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0x1, 0x89}, &(0x7f00000003c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r0, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f) 117.868279ms ago: executing program 1 (id=941): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000340)={@val, @void, @eth={@broadcast, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x38, 0x28, 0x68, 0x0, 0x40, 0x6, 0x0, @multicast1, @rand_addr=0x64010100}, {{0x4e22, 0x4e20, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0x80, 0xfffe, 0x0, 0xff}}}}}}}, 0x3a) 117.481184ms ago: executing program 3 (id=942): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000380)={0x80000000, {{0xa, 0x4e20, 0x10, @mcast1, 0x8}}, {{0xa, 0x4e24, 0x6c8f, @dev={0xfe, 0x80, '\x00', 0x1f}}}}, 0x108) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000180)={[0x8aba, 0x4, 0x4, 0x804, 0x7, 0xf, 0x120000, 0xff, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x101, 0x6, 0x1], 0x8000000, 0x141200}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 117.38522ms ago: executing program 3 (id=943): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f00000000c0)={0x0, 0x0, "a4cd91", 0x9, 0xfc}) 43.306838ms ago: executing program 0 (id=944): r0 = socket$inet(0x2, 0x80000, 0x2) bind$inet(r0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000080b5b14b43be8dbde2ff5202372513bee973f0f2a87e848648e80628cbc13c293176198514e84923d4a9f84f842ce4069077181b97881a378a547bef552106dba6531d005f75e99ea5bc", @ANYRES16=r2, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x24044001) bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) bind$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(0xffffffffffffffff, &(0x7f00000002c0)="03", 0x1, 0x24008844, &(0x7f0000000040)={0xa, 0x2, 0x398, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='scalable\x00', 0x9) shutdown(0xffffffffffffffff, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) 43.182933ms ago: executing program 3 (id=945): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xb000000}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x6c}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 43.043028ms ago: executing program 1 (id=946): mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, 0x0) syz_open_procfs(0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x2000000b}) 42.975676ms ago: executing program 3 (id=947): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) socket$nl_generic(0x10, 0x3, 0x10) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="25003300d0000000080211000001080211000000505050505050d0"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 208.04µs ago: executing program 1 (id=948): r0 = openat$mice(0xffffffffffffff9c, &(0x7f00000002c0), 0x2) writev(r0, &(0x7f0000002540)=[{&(0x7f0000000040)="9d4de7", 0x3}], 0x1) read$FUSE(r0, 0x0, 0x0) 0s ago: executing program 1 (id=949): bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{}, {}, {}, {0x7, 0x0, 0xb, 0x7}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$SIOCPNDELRESOURCE(0xffffffffffffffff, 0x89ef, &(0x7f0000000000)=0x40) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0x2c00000000000000, 0xd, 0x1, 0x5, 0x4002004c5, 0x1000, 0x2, 0x0, 0x7, 0xe, 0x0, 0x6, 0x0, 0x4b], 0xdddd1000, 0x1c7056}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 1 (id=950): r0 = socket$inet(0x2, 0x1, 0x100) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f00000012c0)="09268a", 0x3, 0x11, 0x0, 0x0) kernel console output (not intermixed with test programs): 0000000000000008 RCX: 0000000000008933 [ 88.321158][ T6748] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 88.321164][ T6748] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 88.321169][ T6748] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 88.321175][ T6748] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 88.321187][ T6748] [ 88.321209][ T6748] audit: error in audit_log_task_context [ 88.383086][ T40] audit: type=1326 audit(1744902136.262:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.404689][ T40] audit: type=1326 audit(1744902136.262:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.411164][ T40] audit: type=1326 audit(1744902136.262:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.420368][ T40] audit: type=1326 audit(1744902136.262:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.427220][ T40] audit: type=1326 audit(1744902136.262:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.433811][ T40] audit: type=1326 audit(1744902136.272:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.440946][ T40] audit: type=1326 audit(1744902136.272:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.447657][ T40] audit: type=1326 audit(1744902136.272:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.453848][ T40] audit: type=1326 audit(1744902136.272:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 88.531496][ T6755] xt_CT: You must specify a L4 protocol and not use inversions on it [ 88.918864][ T6774] ufs: You didn't specify the type of your ufs filesystem [ 88.918864][ T6774] [ 88.918864][ T6774] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 88.918864][ T6774] [ 88.918864][ T6774] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 88.930478][ T6774] ufs: ufstype=old is supported read-only [ 88.933817][ T6774] syz.0.191: attempt to access beyond end of device [ 88.933817][ T6774] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0 [ 89.007012][ T6778] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 89.049096][ T6786] warning: `syz.3.196' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 89.053144][ T6786] random: crng reseeded on system resumption [ 89.059210][ T6786] Restarting kernel threads ... done. [ 89.177547][ T6791] af_packet: tpacket_rcv: packet too big, clamped from 57 to 4294967272. macoff=96 [ 89.214130][ T1454] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 89.375801][ T1454] usb 7-1: config index 0 descriptor too short (expected 23569, got 27) [ 89.379022][ T1454] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.384610][ T1454] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 89.388374][ T1454] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 89.391635][ T1454] usb 7-1: Manufacturer: syz [ 89.397169][ T1454] usb 7-1: config 0 descriptor?? [ 89.455626][ T1454] rc_core: IR keymap rc-hauppauge not found [ 89.457731][ T1454] Registered IR keymap rc-empty [ 89.460597][ T1454] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0 [ 89.466285][ T1454] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input21 [ 89.571576][ T6798] netlink: 'syz.1.199': attribute type 1 has an invalid length. [ 89.604665][ T6798] 8021q: adding VLAN 0 to HW filter on device bond1 [ 89.610709][ T9] usb 7-1: USB disconnect, device number 2 [ 89.611554][ T6798] netlink: 'syz.1.199': attribute type 1 has an invalid length. [ 89.632760][ T6798] bond1: (slave gretap2): making interface the new active one [ 89.637497][ T6798] bond1: (slave gretap2): Enslaving as an active interface with an up link [ 90.520952][ T94] Bluetooth: hci4: Frame reassembly failed (-84) [ 90.767795][ T6811] FAULT_INJECTION: forcing a failure. [ 90.767795][ T6811] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.771868][ T6811] CPU: 3 UID: 0 PID: 6811 Comm: syz.1.202 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 90.771882][ T6811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.771889][ T6811] Call Trace: [ 90.771894][ T6811] [ 90.771899][ T6811] dump_stack_lvl+0x16c/0x1f0 [ 90.771918][ T6811] should_fail_ex+0x512/0x640 [ 90.771932][ T6811] _copy_to_user+0x32/0xd0 [ 90.771946][ T6811] bpf_test_finish.isra.0+0x484/0x690 [ 90.771981][ T6811] ? find_held_lock+0x2b/0x80 [ 90.771998][ T6811] ? __might_fault+0xe3/0x190 [ 90.772014][ T6811] ? __might_fault+0xe3/0x190 [ 90.772042][ T6811] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 90.772059][ T6811] ? _copy_from_user+0x59/0xd0 [ 90.772074][ T6811] bpf_prog_test_run_xdp+0xa0d/0x1540 [ 90.772094][ T6811] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 90.772109][ T6811] ? __might_fault+0xe0/0x190 [ 90.772127][ T6811] ? fput+0x70/0xf0 [ 90.772137][ T6811] ? __bpf_prog_get+0xa0/0x290 [ 90.772153][ T6811] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 90.772168][ T6811] __sys_bpf+0x1485/0x4d80 [ 90.772181][ T6811] ? __pfx___sys_bpf+0x10/0x10 [ 90.772193][ T6811] ? ksys_write+0x190/0x240 [ 90.772210][ T6811] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 90.772233][ T6811] ? fput+0x70/0xf0 [ 90.772243][ T6811] ? ksys_write+0x1b9/0x240 [ 90.772257][ T6811] ? __pfx_ksys_write+0x10/0x10 [ 90.772273][ T6811] __ia32_sys_bpf+0x76/0xe0 [ 90.772286][ T6811] __do_fast_syscall_32+0x73/0x120 [ 90.772303][ T6811] do_fast_syscall_32+0x32/0x80 [ 90.772319][ T6811] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 90.772332][ T6811] RIP: 0023:0xf711e579 [ 90.772340][ T6811] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 90.772350][ T6811] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 90.772360][ T6811] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000240 [ 90.772367][ T6811] RDX: 000000000000004c RSI: 0000000000000000 RDI: 0000000000000000 [ 90.772372][ T6811] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 90.772378][ T6811] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 90.772384][ T6811] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 90.772400][ T6811] [ 90.869076][ T6816] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 90.904962][ T6820] FAULT_INJECTION: forcing a failure. [ 90.904962][ T6820] name failslab, interval 1, probability 0, space 0, times 0 [ 90.909994][ T6820] CPU: 2 UID: 0 PID: 6820 Comm: syz.3.205 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 90.910009][ T6820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 90.910015][ T6820] Call Trace: [ 90.910019][ T6820] [ 90.910024][ T6820] dump_stack_lvl+0x16c/0x1f0 [ 90.910043][ T6820] should_fail_ex+0x512/0x640 [ 90.910055][ T6820] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 90.910074][ T6820] should_failslab+0xc2/0x120 [ 90.910085][ T6820] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 90.910101][ T6820] ? __alloc_skb+0x2b2/0x380 [ 90.910117][ T6820] __alloc_skb+0x2b2/0x380 [ 90.910129][ T6820] ? __pfx___alloc_skb+0x10/0x10 [ 90.910142][ T6820] ? __mutex_trylock_common+0x90/0x250 [ 90.910153][ T6820] ? __pfx___mutex_trylock_common+0x10/0x10 [ 90.910166][ T6820] netlink_dump+0x698/0xd00 [ 90.910182][ T6820] ? __mutex_lock+0x1ca/0xb90 [ 90.910198][ T6820] ? __pfx_netlink_dump+0x10/0x10 [ 90.910212][ T6820] ? __rhashtable_lookup.constprop.0+0x3a5/0x760 [ 90.910226][ T6820] ? __netlink_dump_start+0x150/0x990 [ 90.910246][ T6820] ? netlink_lookup+0x258/0x520 [ 90.910260][ T6820] ? __pfx_netlink_lookup+0x10/0x10 [ 90.910278][ T6820] __netlink_dump_start+0x6d6/0x990 [ 90.910294][ T6820] ? __pfx_rtnl_bridge_getlink+0x10/0x10 [ 90.910309][ T6820] rtnetlink_rcv_msg+0xb3e/0xe90 [ 90.910323][ T6820] ? __pfx_rtnl_bridge_getlink+0x10/0x10 [ 90.910338][ T6820] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 90.910353][ T6820] ? __pfx_rtnl_dumpit+0x10/0x10 [ 90.910363][ T6820] ? __pfx_rtnl_bridge_getlink+0x10/0x10 [ 90.910382][ T6820] netlink_rcv_skb+0x16a/0x440 [ 90.910399][ T6820] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 90.910414][ T6820] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 90.910437][ T6820] ? netlink_deliver_tap+0x1ae/0xd30 [ 90.910454][ T6820] netlink_unicast+0x53a/0x7f0 [ 90.910471][ T6820] ? __pfx_netlink_unicast+0x10/0x10 [ 90.910490][ T6820] netlink_sendmsg+0x8d1/0xdd0 [ 90.910508][ T6820] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.910525][ T6820] ? __import_iovec+0x1c8/0x660 [ 90.910541][ T6820] ____sys_sendmsg+0xa95/0xc70 [ 90.910553][ T6820] ? __pfx_____sys_sendmsg+0x10/0x10 [ 90.910562][ T6820] ? get_compat_msghdr+0x11a/0x170 [ 90.910581][ T6820] ___sys_sendmsg+0x134/0x1d0 [ 90.910596][ T6820] ? __pfx____sys_sendmsg+0x10/0x10 [ 90.910626][ T6820] __sys_sendmsg+0x16d/0x220 [ 90.910644][ T6820] ? __pfx___sys_sendmsg+0x10/0x10 [ 90.910664][ T6820] ? rcu_is_watching+0x12/0xc0 [ 90.910680][ T6820] __do_fast_syscall_32+0x73/0x120 [ 90.910697][ T6820] do_fast_syscall_32+0x32/0x80 [ 90.910713][ T6820] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 90.910726][ T6820] RIP: 0023:0xf7f94579 [ 90.910734][ T6820] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 90.910745][ T6820] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 90.910755][ T6820] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 90.910761][ T6820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 90.910767][ T6820] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 90.910772][ T6820] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 90.910778][ T6820] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 90.910790][ T6820] [ 91.087379][ T6827] netlink: 12 bytes leftover after parsing attributes in process `syz.1.203'. [ 91.256249][ T6833] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 91.325151][ T6802] ufs: Invalid option: "grpquota‡9 [ 91.325151][ T6802] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 91.325151][ T6802] ›Á³®(T./file0" or missing value [ 91.337458][ T6802] ufs: wrong mount options [ 91.472385][ T6839] netlink: 'syz.3.208': attribute type 1 has an invalid length. [ 91.475503][ T6839] netlink: 'syz.3.208': attribute type 4 has an invalid length. [ 91.478078][ T6839] netlink: 15363 bytes leftover after parsing attributes in process `syz.3.208'. [ 91.903289][ T6841] input: syz0 as /devices/virtual/input/input22 [ 92.584207][ T5959] Bluetooth: hci4: command 0x1003 tx timeout [ 92.584245][ T5960] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 92.687268][ T6847] ufs: Invalid option: "grpquota‡9 [ 92.687268][ T6847] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 92.687268][ T6847] ›Á³®(T./file0" or missing value [ 92.695513][ T6847] ufs: wrong mount options [ 93.003092][ T6860] netlink: 'syz.0.214': attribute type 1 has an invalid length. [ 93.006464][ T6860] netlink: 'syz.0.214': attribute type 4 has an invalid length. [ 93.009571][ T6860] netlink: 15363 bytes leftover after parsing attributes in process `syz.0.214'. [ 94.073817][ T6858] ufs: Invalid option: "grpquota‡9 [ 94.073817][ T6858] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 94.073817][ T6858] ›Á³®(T./file0" or missing value [ 94.079721][ T6858] ufs: wrong mount options [ 94.638919][ T6886] netlink: 8 bytes leftover after parsing attributes in process `syz.3.220'. [ 95.007572][ T40] kauditd_printk_skb: 26 callbacks suppressed [ 95.007586][ T40] audit: type=1400 audit(1744902142.962:37): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A090EA3680EB06A1A5FD3F7614EFCD31267A0590DD509A5EFFE069ABB05AD3352B3AC017439E1DBC66F4DF20C0741B02DB717F35BBBCD4A734DE1F70C73C07EDA77D9616BE3DD1E63E92055FE373A94F022B1F018E4B2A80C8DE7F63E446A7147 pid=6898 comm="syz.0.224" [ 95.060726][ T6901] netlink: 'syz.1.225': attribute type 29 has an invalid length. [ 95.765647][ T6909] ufs: Invalid option: "grpquota‡9 [ 95.765647][ T6909] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 95.765647][ T6909] ›Á³®(T./file0" or missing value [ 95.770610][ T6909] ufs: wrong mount options [ 95.792047][ T6921] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 95.812314][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 95.817531][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 95.821107][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 95.826222][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 95.830023][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 95.833620][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 95.837365][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 95.840796][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 95.844997][ T6921] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 96.055775][ T6932] FAULT_INJECTION: forcing a failure. [ 96.055775][ T6932] name failslab, interval 1, probability 0, space 0, times 0 [ 96.060305][ T6932] CPU: 1 UID: 0 PID: 6932 Comm: syz.1.235 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 96.060319][ T6932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.060330][ T6932] Call Trace: [ 96.060335][ T6932] [ 96.060339][ T6932] dump_stack_lvl+0x16c/0x1f0 [ 96.060358][ T6932] should_fail_ex+0x512/0x640 [ 96.060372][ T6932] should_failslab+0xc2/0x120 [ 96.060383][ T6932] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 96.060400][ T6932] ? skb_clone+0x190/0x3f0 [ 96.060416][ T6932] skb_clone+0x190/0x3f0 [ 96.060431][ T6932] netlink_deliver_tap+0xabd/0xd30 [ 96.060449][ T6932] netlink_dump+0xb6d/0xd00 [ 96.060465][ T6932] ? __pfx_netlink_dump+0x10/0x10 [ 96.060479][ T6932] ? __rhashtable_lookup.constprop.0+0x3a5/0x760 [ 96.060494][ T6932] ? __netlink_dump_start+0x150/0x990 [ 96.060513][ T6932] ? netlink_lookup+0x258/0x520 [ 96.060527][ T6932] ? __pfx_netlink_lookup+0x10/0x10 [ 96.060545][ T6932] __netlink_dump_start+0x6d6/0x990 [ 96.060561][ T6932] ? __pfx_neigh_dump_info+0x10/0x10 [ 96.060578][ T6932] rtnetlink_rcv_msg+0xb3e/0xe90 [ 96.060593][ T6932] ? __pfx_neigh_dump_info+0x10/0x10 [ 96.060610][ T6932] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 96.060624][ T6932] ? __pfx_neigh_dump_info+0x10/0x10 [ 96.060645][ T6932] netlink_rcv_skb+0x16a/0x440 [ 96.060660][ T6932] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 96.060676][ T6932] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 96.060698][ T6932] ? netlink_deliver_tap+0x1ae/0xd30 [ 96.060715][ T6932] netlink_unicast+0x53a/0x7f0 [ 96.060731][ T6932] ? __pfx_netlink_unicast+0x10/0x10 [ 96.060750][ T6932] netlink_sendmsg+0x8d1/0xdd0 [ 96.060768][ T6932] ? __pfx_netlink_sendmsg+0x10/0x10 [ 96.060784][ T6932] ? __import_iovec+0x1c8/0x660 [ 96.060801][ T6932] ____sys_sendmsg+0xa95/0xc70 [ 96.060812][ T6932] ? __pfx_____sys_sendmsg+0x10/0x10 [ 96.060821][ T6932] ? get_compat_msghdr+0x11a/0x170 [ 96.060839][ T6932] ___sys_sendmsg+0x134/0x1d0 [ 96.060854][ T6932] ? __pfx____sys_sendmsg+0x10/0x10 [ 96.060883][ T6932] __sys_sendmsg+0x16d/0x220 [ 96.060897][ T6932] ? __pfx___sys_sendmsg+0x10/0x10 [ 96.060916][ T6932] ? rcu_is_watching+0x12/0xc0 [ 96.060932][ T6932] __do_fast_syscall_32+0x73/0x120 [ 96.060949][ T6932] do_fast_syscall_32+0x32/0x80 [ 96.060965][ T6932] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.060979][ T6932] RIP: 0023:0xf711e579 [ 96.060988][ T6932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 96.060998][ T6932] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 96.061008][ T6932] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080 [ 96.061015][ T6932] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 96.061020][ T6932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 96.061026][ T6932] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 96.061032][ T6932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.061044][ T6932] [ 96.158773][ C1] vkms_vblank_simulate: vblank timer overrun [ 96.224915][ T6943] syz.1.238 uses obsolete (PF_INET,SOCK_PACKET) [ 96.484631][ T6668] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 96.646739][ T6668] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 96.650813][ T6668] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 96.656465][ T6668] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 96.660352][ T6668] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 96.663666][ T6668] usb 5-1: Manufacturer: syz [ 96.674563][ T6668] usb 5-1: config 0 descriptor?? [ 96.746794][ T6668] rc_core: IR keymap rc-hauppauge not found [ 96.749462][ T6668] Registered IR keymap rc-empty [ 96.753433][ T6668] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 96.758567][ T6668] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input23 [ 96.885202][ T6668] usb 5-1: USB disconnect, device number 3 [ 96.927686][ T6964] FAULT_INJECTION: forcing a failure. [ 96.927686][ T6964] name failslab, interval 1, probability 0, space 0, times 0 [ 96.931637][ T6964] CPU: 0 UID: 0 PID: 6964 Comm: syz.2.240 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 96.931662][ T6964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.931670][ T6964] Call Trace: [ 96.931674][ T6964] [ 96.931678][ T6964] dump_stack_lvl+0x16c/0x1f0 [ 96.931697][ T6964] should_fail_ex+0x512/0x640 [ 96.931712][ T6964] should_failslab+0xc2/0x120 [ 96.931723][ T6964] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 96.931739][ T6964] ? skb_clone+0x190/0x3f0 [ 96.931757][ T6964] skb_clone+0x190/0x3f0 [ 96.931771][ T6964] netlink_deliver_tap+0xabd/0xd30 [ 96.931789][ T6964] netlink_unicast+0x6b2/0x7f0 [ 96.931806][ T6964] ? __pfx_netlink_unicast+0x10/0x10 [ 96.931826][ T6964] netlink_ack+0x696/0xb80 [ 96.931845][ T6964] netlink_rcv_skb+0x347/0x440 [ 96.931860][ T6964] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 96.931876][ T6964] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 96.931899][ T6964] ? netlink_deliver_tap+0x1ae/0xd30 [ 96.931941][ T6964] netlink_unicast+0x53a/0x7f0 [ 96.931958][ T6964] ? __pfx_netlink_unicast+0x10/0x10 [ 96.931977][ T6964] netlink_sendmsg+0x8d1/0xdd0 [ 96.931995][ T6964] ? __pfx_netlink_sendmsg+0x10/0x10 [ 96.932011][ T6964] ? __import_iovec+0x1c8/0x660 [ 96.932028][ T6964] ____sys_sendmsg+0xa95/0xc70 [ 96.932039][ T6964] ? __pfx_____sys_sendmsg+0x10/0x10 [ 96.932048][ T6964] ? get_compat_msghdr+0x11a/0x170 [ 96.932068][ T6964] ___sys_sendmsg+0x134/0x1d0 [ 96.932082][ T6964] ? __pfx____sys_sendmsg+0x10/0x10 [ 96.932112][ T6964] __sys_sendmsg+0x16d/0x220 [ 96.932126][ T6964] ? __pfx___sys_sendmsg+0x10/0x10 [ 96.932145][ T6964] ? rcu_is_watching+0x12/0xc0 [ 96.932161][ T6964] __do_fast_syscall_32+0x73/0x120 [ 96.932178][ T6964] do_fast_syscall_32+0x32/0x80 [ 96.932194][ T6964] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.932207][ T6964] RIP: 0023:0xf711e579 [ 96.932216][ T6964] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 96.932225][ T6964] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 96.932235][ T6964] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280 [ 96.932242][ T6964] RDX: 0000000000004000 RSI: 0000000000000000 RDI: 0000000000000000 [ 96.932248][ T6964] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 96.932253][ T6964] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 96.932259][ T6964] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.932274][ T6964] [ 97.496564][ T6991] input: syz0 as /devices/virtual/input/input24 [ 98.855083][ T7012] netlink: 36 bytes leftover after parsing attributes in process `syz.2.248'. [ 99.434090][ T63] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 99.606234][ T63] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 99.609256][ T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.614770][ T63] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 99.618088][ T63] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 99.621265][ T63] usb 5-1: Manufacturer: syz [ 99.626277][ T63] usb 5-1: config 0 descriptor?? [ 99.685803][ T63] rc_core: IR keymap rc-hauppauge not found [ 99.687874][ T63] Registered IR keymap rc-empty [ 99.690123][ T63] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 99.698773][ T63] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input25 [ 99.838031][ T63] usb 5-1: USB disconnect, device number 4 [ 100.395597][ T40] audit: type=1326 audit(1744902148.352:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.404886][ T40] audit: type=1326 audit(1744902148.352:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.412219][ T40] audit: type=1326 audit(1744902148.352:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.426406][ T40] audit: type=1326 audit(1744902148.352:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.434589][ T40] audit: type=1326 audit(1744902148.362:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.444536][ T40] audit: type=1326 audit(1744902148.362:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.453257][ T40] audit: type=1326 audit(1744902148.362:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.463081][ T40] audit: type=1326 audit(1744902148.362:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.480455][ T40] audit: type=1326 audit(1744902148.362:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 100.494202][ T40] audit: type=1326 audit(1744902148.362:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.3.258" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 102.324159][ T7093] netlink: 156 bytes leftover after parsing attributes in process `syz.2.270'. [ 102.330173][ T7093] netlink: 4 bytes leftover after parsing attributes in process `syz.2.270'. [ 102.394931][ T7069] ufs: Invalid option: "grpquota‡9 [ 102.394931][ T7069] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 102.394931][ T7069] ›Á³®(T./file0" or missing value [ 102.403332][ T7069] ufs: wrong mount options [ 102.438397][ T7095] netlink: 'syz.0.271': attribute type 1 has an invalid length. [ 102.442652][ T7095] netlink: 'syz.0.271': attribute type 4 has an invalid length. [ 102.449277][ T7095] netlink: 15363 bytes leftover after parsing attributes in process `syz.0.271'. [ 102.458343][ T7077] ufs: Invalid option: "grpquota‡9 [ 102.458343][ T7077] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 102.458343][ T7077] ›Á³®(T./file0" or missing value [ 102.467062][ T7077] ufs: wrong mount options [ 103.680841][ T7129] netlink: 'syz.0.281': attribute type 1 has an invalid length. [ 103.683346][ T7129] netlink: 'syz.0.281': attribute type 4 has an invalid length. [ 103.685884][ T7129] netlink: 15363 bytes leftover after parsing attributes in process `syz.0.281'. [ 103.904076][ T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 104.001363][ T7137] create_pit_timer: 32 callbacks suppressed [ 104.001373][ T7137] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 104.020513][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.025664][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.031932][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.036768][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.040766][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.044897][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.049440][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.053192][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.058827][ T7137] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 104.061759][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 104.065648][ T24] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 104.068458][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.073298][ T24] usb 6-1: config 0 descriptor?? [ 104.180853][ T7144] rdma_rxe: rxe_newlink: failed to add lo [ 104.227667][ T7146] tls_set_device_offload_rx: netdev not found [ 104.292638][ T7151] netlink: 28 bytes leftover after parsing attributes in process `syz.2.287'. [ 104.628577][ T7158] input: syz0 as /devices/virtual/input/input27 [ 104.831776][ T7160] netlink: 'syz.2.290': attribute type 1 has an invalid length. [ 104.834927][ T7160] netlink: 'syz.2.290': attribute type 4 has an invalid length. [ 104.837938][ T7160] netlink: 15363 bytes leftover after parsing attributes in process `syz.2.290'. [ 105.250897][ T7169] input: syz0 as /devices/virtual/input/input28 [ 105.739924][ T7177] input: syz0 as /devices/virtual/input/input29 [ 105.748490][ T7177] input: failed to attach handler leds to device input29, error: -6 [ 106.014606][ T24] usbhid 6-1:0.0: can't add hid device: -71 [ 106.017472][ T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 106.025863][ T24] usb 6-1: USB disconnect, device number 4 [ 106.110169][ T7183] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.299'. [ 106.361512][ T7197] rdma_rxe: rxe_newlink: failed to add lo [ 107.107791][ T7196] ufs: Invalid option: "grpquota‡9 [ 107.107791][ T7196] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 107.107791][ T7196] ›Á³®(T./file0" or missing value [ 107.114163][ T7196] ufs: wrong mount options [ 107.295176][ T7207] netlink: 'syz.0.305': attribute type 1 has an invalid length. [ 107.299095][ T7207] netlink: 'syz.0.305': attribute type 4 has an invalid length. [ 107.303845][ T7207] netlink: 15363 bytes leftover after parsing attributes in process `syz.0.305'. [ 107.656009][ T7230] input: syz0 as /devices/virtual/input/input30 [ 108.134214][ T833] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 108.289395][ T833] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 108.294092][ T833] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 108.296973][ T833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.301228][ T833] usb 6-1: config 0 descriptor?? [ 108.322002][ T7248] 9pnet_virtio: no channels available for device syz [ 108.327167][ T7248] netlink: 'syz.2.317': attribute type 1 has an invalid length. [ 108.331297][ T7248] netlink: 'syz.2.317': attribute type 4 has an invalid length. [ 108.334926][ T7248] netlink: 15363 bytes leftover after parsing attributes in process `syz.2.317'. [ 108.991975][ T7251] ufs: Invalid option: "grpquota‡9 [ 108.991975][ T7251] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 108.991975][ T7251] ›Á³®(T./file0" or missing value [ 108.998852][ T7251] ufs: wrong mount options [ 110.303726][ T833] usbhid 6-1:0.0: can't add hid device: -71 [ 110.310301][ T833] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 110.319444][ T833] usb 6-1: USB disconnect, device number 5 [ 110.372864][ T7258] ufs: Invalid option: "grpquota‡9 [ 110.372864][ T7258] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 110.372864][ T7258] ›Á³®(T./file0" or missing value [ 110.404438][ T7258] ufs: wrong mount options [ 110.411349][ T7267] ufs: Invalid option: "grpquota‡9 [ 110.411349][ T7267] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 110.411349][ T7267] ›Á³®(T./file0" or missing value [ 110.417275][ T7267] ufs: wrong mount options [ 110.431484][ T7273] netlink: 8 bytes leftover after parsing attributes in process `syz.2.323'. [ 110.713705][ T7285] input: syz0 as /devices/virtual/input/input31 [ 110.738381][ T7282] create_pit_timer: 4 callbacks suppressed [ 110.738389][ T7282] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 110.763072][ T7282] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 110.768373][ T7282] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 110.783766][ T7282] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 110.787924][ T7282] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 110.792122][ T7282] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 110.798145][ T7282] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 110.802244][ T7282] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 110.984091][ T7282] kvm: requested 193600 ns i8254 timer period limited to 200000 ns [ 111.621548][ T7308] 9pnet_virtio: no channels available for device syz [ 111.625590][ T7308] netlink: 'syz.0.333': attribute type 1 has an invalid length. [ 111.628178][ T7308] netlink: 'syz.0.333': attribute type 4 has an invalid length. [ 111.630633][ T7308] netlink: 15363 bytes leftover after parsing attributes in process `syz.0.333'. [ 111.781134][ T7310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'. [ 111.927003][ T7311] 9pnet_fd: Insufficient options for proto=fd [ 112.224079][ T6668] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 112.386176][ T6668] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.390941][ T6668] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 112.395403][ T6668] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.399373][ T6668] usb 6-1: config 0 descriptor?? [ 113.219941][ T7336] xt_TCPMSS: Only works on TCP SYN packets [ 113.253522][ T7340] tmpfs: Bad value for 'mpol' [ 113.260284][ T7340] netlink: 12 bytes leftover after parsing attributes in process `syz.2.345'. [ 113.342398][ T7346] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input32 [ 114.158151][ T7350] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 114.442322][ T6668] usbhid 6-1:0.0: can't add hid device: -71 [ 114.447328][ T6668] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 114.455096][ T6668] usb 6-1: USB disconnect, device number 6 [ 115.091581][ T7370] netlink: 72 bytes leftover after parsing attributes in process `syz.0.350'. [ 115.094471][ T7370] netlink: 72 bytes leftover after parsing attributes in process `syz.0.350'. [ 115.105073][ T7370] netlink: 4 bytes leftover after parsing attributes in process `syz.0.350'. [ 115.277602][ T7378] FAULT_INJECTION: forcing a failure. [ 115.277602][ T7378] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 115.281812][ T7378] CPU: 0 UID: 0 PID: 7378 Comm: syz.3.353 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 115.281827][ T7378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 115.281834][ T7378] Call Trace: [ 115.281838][ T7378] [ 115.281842][ T7378] dump_stack_lvl+0x16c/0x1f0 [ 115.281861][ T7378] should_fail_ex+0x512/0x640 [ 115.281876][ T7378] _copy_from_user+0x2e/0xd0 [ 115.281889][ T7378] get_compat_msghdr+0xa7/0x170 [ 115.281903][ T7378] ? __pfx_get_compat_msghdr+0x10/0x10 [ 115.281921][ T7378] ___sys_sendmsg+0x1ae/0x1d0 [ 115.281936][ T7378] ? __pfx____sys_sendmsg+0x10/0x10 [ 115.281963][ T7378] __sys_sendmsg+0x16d/0x220 [ 115.281977][ T7378] ? __pfx___sys_sendmsg+0x10/0x10 [ 115.281994][ T7378] ? rcu_is_watching+0x12/0xc0 [ 115.282009][ T7378] ? rcu_is_watching+0x12/0xc0 [ 115.282023][ T7378] __do_fast_syscall_32+0x73/0x120 [ 115.282040][ T7378] do_fast_syscall_32+0x32/0x80 [ 115.282056][ T7378] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 115.282069][ T7378] RIP: 0023:0xf7f94579 [ 115.282077][ T7378] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 115.282087][ T7378] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 115.282097][ T7378] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100 [ 115.282103][ T7378] RDX: 0000000000000044 RSI: 0000000000000000 RDI: 0000000000000000 [ 115.282109][ T7378] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 115.282115][ T7378] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 115.282120][ T7378] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 115.282132][ T7378] [ 115.810348][ T7396] 9pnet_virtio: no channels available for device syz [ 115.817669][ T7396] netlink: 'syz.1.359': attribute type 1 has an invalid length. [ 115.820071][ T7396] netlink: 4099 bytes leftover after parsing attributes in process `syz.1.359'. [ 115.870403][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.879446][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.882694][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.889831][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.893112][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.896040][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.898913][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.901833][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.904719][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.907208][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.909772][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.912365][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.914786][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.917675][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.920177][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.922573][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.925191][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.927806][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.930342][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.932978][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.935586][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.938650][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.941158][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.943664][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.946622][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.949068][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.951670][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.954184][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.957085][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.959560][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.962079][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.964621][ T57] hid-generic 0007:0000:0000.0002: unknown main item tag 0x0 [ 115.974831][ T57] hid-generic 0007:0000:0000.0002: hidraw1: HID vffffff.ff Device [syz0] on syz0 [ 116.134092][ T1454] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 116.315478][ T1454] usb 6-1: config 0 has no interfaces? [ 116.317630][ T1454] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 116.321021][ T1454] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.326302][ T1454] usb 6-1: config 0 descriptor?? [ 116.790881][ T7416] input: syz0 as /devices/virtual/input/input33 [ 116.965069][ T7420] FAULT_INJECTION: forcing a failure. [ 116.965069][ T7420] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 116.969888][ T7420] CPU: 3 UID: 0 PID: 7420 Comm: syz.3.366 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 116.969902][ T7420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 116.969908][ T7420] Call Trace: [ 116.969912][ T7420] [ 116.969917][ T7420] dump_stack_lvl+0x16c/0x1f0 [ 116.969936][ T7420] should_fail_ex+0x512/0x640 [ 116.969950][ T7420] _copy_from_user+0x2e/0xd0 [ 116.969964][ T7420] input_event_from_user+0x22b/0x3b0 [ 116.969976][ T7420] ? __pfx_input_event_from_user+0x10/0x10 [ 116.969987][ T7420] ? input_inject_event+0x1a5/0x390 [ 116.970005][ T7420] evdev_write+0x37b/0x750 [ 116.970016][ T7420] ? __pfx_evdev_write+0x10/0x10 [ 116.970026][ T7420] ? bpf_lsm_file_permission+0x9/0x10 [ 116.970041][ T7420] ? security_file_permission+0x71/0x210 [ 116.970055][ T7420] ? rw_verify_area+0xcf/0x680 [ 116.970070][ T7420] vfs_write+0x25c/0x1180 [ 116.970083][ T7420] ? __pfx_evdev_write+0x10/0x10 [ 116.970094][ T7420] ? __pfx_vfs_write+0x10/0x10 [ 116.970108][ T7420] ? find_held_lock+0x2b/0x80 [ 116.970122][ T7420] ? __fget_files+0x204/0x3c0 [ 116.970139][ T7420] ? __fget_files+0x20e/0x3c0 [ 116.970157][ T7420] ksys_write+0x205/0x240 [ 116.970171][ T7420] ? __pfx_ksys_write+0x10/0x10 [ 116.970186][ T7420] ? rcu_is_watching+0x12/0xc0 [ 116.970201][ T7420] __do_fast_syscall_32+0x73/0x120 [ 116.970219][ T7420] do_fast_syscall_32+0x32/0x80 [ 116.970234][ T7420] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 116.970247][ T7420] RIP: 0023:0xf7f94579 [ 116.970256][ T7420] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 116.970266][ T7420] RSP: 002b:00000000f50b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 116.970275][ T7420] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000080000040 [ 116.970282][ T7420] RDX: 0000000000002250 RSI: 0000000000000000 RDI: 0000000000000000 [ 116.970287][ T7420] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 116.970293][ T7420] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 116.970299][ T7420] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 116.970311][ T7420] [ 117.369961][ T7423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.367'. [ 117.562973][ T7431] input: syz0 as /devices/virtual/input/input34 [ 117.991625][ T7430] ufs: Invalid option: "grpquota‡9 [ 117.991625][ T7430] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 117.991625][ T7430] ›Á³®(T./file0" or missing value [ 117.996739][ T7430] ufs: wrong mount options [ 118.837162][ T7453] lo speed is unknown, defaulting to 1000 [ 118.872804][ T24] usb 6-1: USB disconnect, device number 7 [ 119.017323][ T7461] input: syz0 as /devices/virtual/input/input35 [ 119.075461][ T7455] block device autoloading is deprecated and will be removed. [ 119.079095][ T7455] syz.0.372: attempt to access beyond end of device [ 119.079095][ T7455] md2: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 119.093650][ T7455] random: crng reseeded on system resumption [ 120.721717][ T7480] create_pit_timer: 23 callbacks suppressed [ 120.721727][ T7480] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 120.942170][ T7486] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 121.565158][ T7509] input: syz0 as /devices/virtual/input/input36 [ 121.632178][ T7503] IPVS: set_ctl: invalid protocol: 103 10.1.1.1:20000 [ 121.637602][ T7503] netlink: 104 bytes leftover after parsing attributes in process `syz.3.384'. [ 122.584275][ T7528] sz1: rxe_newlink: already configured on lo [ 122.886404][ T7523] ufs: Invalid option: "grpquota‡9 [ 122.886404][ T7523] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 122.886404][ T7523] ›Á³®(T./file0" or missing value [ 122.894253][ T7523] ufs: wrong mount options [ 123.136922][ T7542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.396'. [ 123.277073][ T7547] FAULT_INJECTION: forcing a failure. [ 123.277073][ T7547] name failslab, interval 1, probability 0, space 0, times 0 [ 123.281790][ T7547] CPU: 0 UID: 0 PID: 7547 Comm: syz.0.398 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 123.281809][ T7547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.281818][ T7547] Call Trace: [ 123.281823][ T7547] [ 123.281828][ T7547] dump_stack_lvl+0x16c/0x1f0 [ 123.281852][ T7547] should_fail_ex+0x512/0x640 [ 123.281871][ T7547] should_failslab+0xc2/0x120 [ 123.281885][ T7547] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 123.281906][ T7547] ? skb_clone+0x190/0x3f0 [ 123.281928][ T7547] skb_clone+0x190/0x3f0 [ 123.281946][ T7547] netlink_deliver_tap+0xabd/0xd30 [ 123.281970][ T7547] netlink_unicast+0x6b2/0x7f0 [ 123.281992][ T7547] ? __pfx_netlink_unicast+0x10/0x10 [ 123.282017][ T7547] netlink_ack+0x696/0xb80 [ 123.282043][ T7547] netlink_rcv_skb+0x347/0x440 [ 123.282062][ T7547] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 123.282078][ T7547] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 123.282099][ T7547] ? __pfx_aa_get_newest_label+0x10/0x10 [ 123.282122][ T7547] ? bpf_lsm_capable+0x9/0x10 [ 123.282142][ T7547] ? security_capable+0x7e/0x260 [ 123.282156][ T7547] ? ns_capable+0xd7/0x110 [ 123.282175][ T7547] nfnetlink_rcv+0x1b3/0x430 [ 123.282197][ T7547] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 123.282218][ T7547] ? netlink_deliver_tap+0x1ae/0xd30 [ 123.282241][ T7547] netlink_unicast+0x53a/0x7f0 [ 123.282264][ T7547] ? __pfx_netlink_unicast+0x10/0x10 [ 123.282289][ T7547] netlink_sendmsg+0x8d1/0xdd0 [ 123.282311][ T7547] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.282338][ T7547] ? __import_iovec+0x1c8/0x660 [ 123.282360][ T7547] ____sys_sendmsg+0xa95/0xc70 [ 123.282372][ T7547] ? init_inodes+0x1294/0x2eb0 [ 123.282387][ T7547] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.282400][ T7547] ? get_compat_msghdr+0x11a/0x170 [ 123.282426][ T7547] ___sys_sendmsg+0x134/0x1d0 [ 123.282445][ T7547] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.282487][ T7547] __sys_sendmsg+0x16d/0x220 [ 123.282505][ T7547] ? __pfx___sys_sendmsg+0x10/0x10 [ 123.282531][ T7547] ? rcu_is_watching+0x12/0xc0 [ 123.282551][ T7547] __do_fast_syscall_32+0x73/0x120 [ 123.282573][ T7547] do_fast_syscall_32+0x32/0x80 [ 123.282594][ T7547] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.282611][ T7547] RIP: 0023:0xf7f04579 [ 123.282623][ T7547] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.282637][ T7547] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 123.282651][ T7547] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 123.282660][ T7547] RDX: 0000000004000084 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.282669][ T7547] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.282677][ T7547] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.282685][ T7547] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.282703][ T7547] [ 123.334882][ T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 123.406390][ T7552] FAULT_INJECTION: forcing a failure. [ 123.406390][ T7552] name failslab, interval 1, probability 0, space 0, times 0 [ 123.410878][ T7552] CPU: 0 UID: 0 PID: 7552 Comm: syz.0.400 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 123.410893][ T7552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 123.410901][ T7552] Call Trace: [ 123.410905][ T7552] [ 123.410910][ T7552] dump_stack_lvl+0x16c/0x1f0 [ 123.410930][ T7552] should_fail_ex+0x512/0x640 [ 123.410949][ T7552] ? __kmalloc_noprof+0xbf/0x510 [ 123.410966][ T7552] ? ethnl_default_notify+0x164/0x940 [ 123.410981][ T7552] should_failslab+0xc2/0x120 [ 123.410992][ T7552] __kmalloc_noprof+0xd2/0x510 [ 123.411007][ T7552] ? __pfx___ethnl_set_coalesce.isra.0+0x10/0x10 [ 123.411018][ T7552] ? rpm_resume+0x80c/0x1310 [ 123.411039][ T7552] ? __pfx_ethnl_default_notify+0x10/0x10 [ 123.411054][ T7552] ethnl_default_notify+0x164/0x940 [ 123.411069][ T7552] ? __pfx_ethnl_default_notify+0x10/0x10 [ 123.411088][ T7552] ? ethnl_set_coalesce+0xb8/0x170 [ 123.411099][ T7552] ? __pfx_ethnl_set_coalesce+0x10/0x10 [ 123.411111][ T7552] ? __pfx_ethnl_default_notify+0x10/0x10 [ 123.411125][ T7552] ethtool_notify+0xbf/0x200 [ 123.411139][ T7552] ethnl_default_set_doit+0x4e5/0xb10 [ 123.411154][ T7552] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 123.411169][ T7552] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 123.411181][ T7552] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 123.411195][ T7552] genl_family_rcv_msg_doit+0x206/0x2f0 [ 123.411206][ T7552] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 123.411217][ T7552] ? trace_cap_capable+0x18d/0x200 [ 123.411231][ T7552] ? bpf_lsm_capable+0x9/0x10 [ 123.411247][ T7552] ? security_capable+0x7e/0x260 [ 123.411257][ T7552] ? ns_capable+0xd7/0x110 [ 123.411272][ T7552] genl_rcv_msg+0x55c/0x800 [ 123.411284][ T7552] ? __pfx_genl_rcv_msg+0x10/0x10 [ 123.411295][ T7552] ? __pfx___dev_queue_xmit+0x10/0x10 [ 123.411308][ T7552] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 123.411322][ T7552] ? __lock_acquire+0xaa4/0x1ba0 [ 123.411335][ T7552] netlink_rcv_skb+0x16a/0x440 [ 123.411351][ T7552] ? __pfx_genl_rcv_msg+0x10/0x10 [ 123.411361][ T7552] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 123.411383][ T7552] ? __pfx_down_read+0x10/0x10 [ 123.411395][ T7552] ? netlink_deliver_tap+0x1ae/0xd30 [ 123.411411][ T7552] genl_rcv+0x28/0x40 [ 123.411427][ T7552] netlink_unicast+0x53a/0x7f0 [ 123.411444][ T7552] ? __pfx_netlink_unicast+0x10/0x10 [ 123.411464][ T7552] netlink_sendmsg+0x8d1/0xdd0 [ 123.411482][ T7552] ? __pfx_netlink_sendmsg+0x10/0x10 [ 123.411499][ T7552] ? __import_iovec+0x1c8/0x660 [ 123.411515][ T7552] ____sys_sendmsg+0xa95/0xc70 [ 123.411527][ T7552] ? __pfx_____sys_sendmsg+0x10/0x10 [ 123.411536][ T7552] ? get_compat_msghdr+0x11a/0x170 [ 123.411556][ T7552] ___sys_sendmsg+0x134/0x1d0 [ 123.411571][ T7552] ? __pfx____sys_sendmsg+0x10/0x10 [ 123.411601][ T7552] __sys_sendmsg+0x16d/0x220 [ 123.411615][ T7552] ? __pfx___sys_sendmsg+0x10/0x10 [ 123.411633][ T7552] ? rcu_is_watching+0x12/0xc0 [ 123.411648][ T7552] ? rcu_is_watching+0x12/0xc0 [ 123.411691][ T7552] __do_fast_syscall_32+0x73/0x120 [ 123.411712][ T7552] do_fast_syscall_32+0x32/0x80 [ 123.411727][ T7552] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 123.411741][ T7552] RIP: 0023:0xf7f04579 [ 123.411750][ T7552] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 123.411760][ T7552] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 123.411771][ T7552] RAX: ffffffffffffffda RBX: 000000000000000d RCX: 0000000080000540 [ 123.411777][ T7552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 123.411783][ T7552] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 123.411789][ T7552] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 123.411795][ T7552] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 123.411807][ T7552] [ 123.544970][ T24] usb 6-1: device descriptor read/64, error -71 [ 123.573102][ T7553] input: syz0 as /devices/virtual/input/input37 [ 123.787323][ T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 123.914074][ T24] usb 6-1: device descriptor read/64, error -71 [ 123.928114][ T7561] netlink: 8 bytes leftover after parsing attributes in process `syz.0.403'. [ 124.034416][ T24] usb usb6-port1: attempt power cycle [ 124.376059][ T24] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 124.380868][ T7572] netlink: 8 bytes leftover after parsing attributes in process `syz.3.406'. [ 124.394514][ T24] usb 6-1: device descriptor read/8, error -71 [ 124.644208][ T24] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 124.666510][ T24] usb 6-1: device descriptor read/8, error -71 [ 124.774317][ T24] usb usb6-port1: unable to enumerate USB device [ 124.815631][ T7583] netlink: 156 bytes leftover after parsing attributes in process `syz.2.411'. [ 124.855554][ T7586] fuse: Bad value for 'rootmode' [ 125.089307][ T7595] sz1: rxe_newlink: already configured on lo [ 125.264483][ T7597] netlink: 8 bytes leftover after parsing attributes in process `syz.3.415'. [ 126.250047][ T7619] ref_ctr_offset mismatch. inode: 0x23f offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 126.655069][ T29] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 126.817458][ T29] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 126.820618][ T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.823415][ T29] usb 6-1: Product: syz [ 126.825774][ T29] usb 6-1: Manufacturer: syz [ 126.827517][ T29] usb 6-1: SerialNumber: syz [ 126.831883][ T29] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 126.860274][ T6006] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 127.527411][ T7672] input: syz0 as /devices/virtual/input/input38 [ 127.743156][ T7677] 9pnet_virtio: no channels available for device syz [ 127.954173][ T6006] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 127.957242][ T6006] ath9k_htc: Failed to initialize the device [ 127.978531][ T6006] usb 6-1: ath9k_htc: USB layer deinitialized [ 129.134774][ T7691] netlink: 'syz.3.429': attribute type 1 has an invalid length. [ 129.138388][ T7691] netlink: 15411 bytes leftover after parsing attributes in process `syz.3.429'. [ 129.152999][ T6668] usb 6-1: USB disconnect, device number 12 [ 129.246817][ T7696] FAULT_INJECTION: forcing a failure. [ 129.246817][ T7696] name failslab, interval 1, probability 0, space 0, times 0 [ 129.250802][ T7696] CPU: 1 UID: 0 PID: 7696 Comm: syz.1.432 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 129.250817][ T7696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.250824][ T7696] Call Trace: [ 129.250828][ T7696] [ 129.250833][ T7696] dump_stack_lvl+0x16c/0x1f0 [ 129.250853][ T7696] should_fail_ex+0x512/0x640 [ 129.250866][ T7696] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 129.250883][ T7696] should_failslab+0xc2/0x120 [ 129.250893][ T7696] __kmalloc_cache_noprof+0x6a/0x3e0 [ 129.250907][ T7696] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 129.250922][ T7696] ? vcs_poll_data_get.part.0+0x41/0x260 [ 129.250941][ T7696] ? __pfx_vcs_poll+0x10/0x10 [ 129.250954][ T7696] vcs_poll_data_get.part.0+0x41/0x260 [ 129.250969][ T7696] vcs_poll+0x115/0x150 [ 129.250983][ T7696] ? __pfx_vcs_poll+0x10/0x10 [ 129.250999][ T7696] do_select+0xd67/0x17d0 [ 129.251023][ T7696] ? __pfx_do_select+0x10/0x10 [ 129.251036][ T7696] ? __pfx___might_resched+0x10/0x10 [ 129.251053][ T7696] ? __pfx___pollwait+0x10/0x10 [ 129.251068][ T7696] ? __pfx_pollwake+0x10/0x10 [ 129.251104][ T7696] ? find_held_lock+0x2b/0x80 [ 129.251119][ T7696] ? compat_core_sys_select+0x1dd/0x880 [ 129.251135][ T7696] ? compat_core_sys_select+0x685/0x880 [ 129.251149][ T7696] compat_core_sys_select+0x685/0x880 [ 129.251167][ T7696] ? __pfx_compat_core_sys_select+0x10/0x10 [ 129.251184][ T7696] ? find_held_lock+0x2b/0x80 [ 129.251206][ T7696] ? set_compat_user_sigmask+0x213/0x2a0 [ 129.251220][ T7696] ? __pfx_set_compat_user_sigmask+0x10/0x10 [ 129.251236][ T7696] do_compat_pselect+0x1fe/0x240 [ 129.251252][ T7696] ? __pfx_do_compat_pselect+0x10/0x10 [ 129.251267][ T7696] ? count_memcg_events_mm.constprop.0+0x138/0x340 [ 129.251283][ T7696] __ia32_compat_sys_pselect6_time32+0x17b/0x240 [ 129.251301][ T7696] ? __pfx___ia32_compat_sys_pselect6_time32+0x10/0x10 [ 129.251319][ T7696] ? rcu_is_watching+0x12/0xc0 [ 129.251334][ T7696] __do_fast_syscall_32+0x73/0x120 [ 129.251351][ T7696] do_fast_syscall_32+0x32/0x80 [ 129.251367][ T7696] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 129.251380][ T7696] RIP: 0023:0xf711e579 [ 129.251389][ T7696] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 129.251399][ T7696] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000134 [ 129.251408][ T7696] RAX: ffffffffffffffda RBX: 0000000000000040 RCX: 0000000080001dc0 [ 129.251415][ T7696] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 129.251421][ T7696] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 129.251426][ T7696] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 129.251432][ T7696] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 129.251444][ T7696] [ 129.341584][ C1] vkms_vblank_simulate: vblank timer overrun [ 129.593511][ T7709] rdma_rxe: rxe_newlink: failed to add lo [ 130.759693][ T7729] netlink: 'syz.1.439': attribute type 1 has an invalid length. [ 130.762807][ T7729] netlink: 15411 bytes leftover after parsing attributes in process `syz.1.439'. [ 131.103104][ T7734] netlink: 'syz.1.440': attribute type 1 has an invalid length. [ 131.110589][ T7734] netlink: 15411 bytes leftover after parsing attributes in process `syz.1.440'. [ 131.182844][ T7724] ufs: Invalid option: "grpquota‡9 [ 131.182844][ T7724] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 131.182844][ T7724] ›Á³®(T./file0" or missing value [ 131.188955][ T7724] ufs: wrong mount options [ 131.204674][ T7736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.442'. [ 131.207735][ T7736] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 131.274819][ T5324] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 131.426130][ T5324] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 131.434687][ T5324] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 131.437724][ T5324] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.440190][ T5324] usb 5-1: Product: syz [ 131.444052][ T5324] usb 5-1: Manufacturer: syz [ 131.446833][ T5324] usb 5-1: SerialNumber: syz [ 131.492654][ T7745] FAULT_INJECTION: forcing a failure. [ 131.492654][ T7745] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 131.500879][ T7745] CPU: 3 UID: 0 PID: 7745 Comm: syz.2.444 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 131.500896][ T7745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 131.500903][ T7745] Call Trace: [ 131.500907][ T7745] [ 131.500912][ T7745] dump_stack_lvl+0x16c/0x1f0 [ 131.500933][ T7745] should_fail_ex+0x512/0x640 [ 131.500950][ T7745] _copy_from_iter+0x2a4/0x15b0 [ 131.500967][ T7745] ? __pfx__copy_from_iter+0x10/0x10 [ 131.500981][ T7745] ? _copy_from_iter+0x161/0x15b0 [ 131.500999][ T7745] skb_copy_datagram_from_iter+0x124/0x740 [ 131.501015][ T7745] ? iov_iter_advance+0x7d/0x6c0 [ 131.501042][ T7745] tun_get_user+0x17ac/0x3b10 [ 131.501066][ T7745] ? __pfx_tun_get_user+0x10/0x10 [ 131.501081][ T7745] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 131.501099][ T7745] ? find_held_lock+0x2b/0x80 [ 131.501115][ T7745] ? tun_get+0x191/0x370 [ 131.501132][ T7745] tun_chr_write_iter+0xdc/0x210 [ 131.501148][ T7745] vfs_write+0x5ba/0x1180 [ 131.501165][ T7745] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 131.501182][ T7745] ? __pfx_vfs_write+0x10/0x10 [ 131.501202][ T7745] ? find_held_lock+0x2b/0x80 [ 131.501225][ T7745] ksys_write+0x12a/0x240 [ 131.501240][ T7745] ? __pfx_ksys_write+0x10/0x10 [ 131.501257][ T7745] ? rcu_is_watching+0x12/0xc0 [ 131.501272][ T7745] __do_fast_syscall_32+0x73/0x120 [ 131.501291][ T7745] do_fast_syscall_32+0x32/0x80 [ 131.501308][ T7745] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 131.501322][ T7745] RIP: 0023:0xf711e579 [ 131.501331][ T7745] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 131.501342][ T7745] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 131.501353][ T7745] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 131.501360][ T7745] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000 [ 131.501367][ T7745] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 131.501373][ T7745] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 131.501379][ T7745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 131.501392][ T7745] [ 131.672620][ T5324] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 131.682841][ T5324] usb 5-1: USB disconnect, device number 5 [ 132.100888][ T7754] rdma_rxe: rxe_newlink: failed to add lo [ 132.276419][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.279084][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.584088][ T5324] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 132.737520][ T7759] netlink: 'syz.3.448': attribute type 1 has an invalid length. [ 132.740053][ T7759] netlink: 15411 bytes leftover after parsing attributes in process `syz.3.448'. [ 132.744106][ T5324] usb 5-1: Using ep0 maxpacket: 8 [ 132.748117][ T5324] usb 5-1: config index 0 descriptor too short (expected 301, got 59) [ 132.750590][ T5324] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 132.753600][ T5324] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 132.774453][ T5324] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 132.778051][ T5324] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 2304, setting to 1024 [ 132.781987][ T5324] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 132.786481][ T5324] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 132.791402][ T5324] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 132.796535][ T5324] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.004827][ T5324] usb 5-1: usb_control_msg returned -32 [ 133.006612][ T5324] usbtmc 5-1:16.0: can't read capabilities [ 133.169112][ T7772] input: syz0 as /devices/virtual/input/input39 [ 133.941113][ T7785] netlink: 4 bytes leftover after parsing attributes in process `syz.3.454'. [ 134.100496][ T7790] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.125792][ T5988] kernel read not supported for file /dsp1 (pid: 5988 comm: kworker/0:4) [ 134.136984][ T7791] 9pnet_fd: Insufficient options for proto=fd [ 134.197605][ T7790] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.201380][ T7793] netlink: 'syz.1.457': attribute type 1 has an invalid length. [ 134.204893][ T7793] netlink: 15411 bytes leftover after parsing attributes in process `syz.1.457'. [ 134.307366][ T7790] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.433331][ T7790] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.559856][ T7790] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.595800][ T7790] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.615626][ T7790] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.628388][ T7790] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.837111][ T6006] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 134.997709][ T6006] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 135.002802][ T6006] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 135.007346][ T6006] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.041038][ T7807] rdma_rxe: rxe_newlink: failed to add lo [ 135.060482][ T6006] usb 7-1: config 0 descriptor?? [ 135.142493][ T57] usb 5-1: USB disconnect, device number 6 [ 135.194559][ T7731] [U]  [ 135.580193][ T7818] input: syz0 as /devices/virtual/input/input40 [ 136.515936][ T7831] netlink: 872 bytes leftover after parsing attributes in process `syz.1.467'. [ 137.009824][ T6006] usbhid 7-1:0.0: can't add hid device: -71 [ 137.016080][ T6006] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 137.035783][ T6006] usb 7-1: USB disconnect, device number 3 [ 137.990856][ T7851] rdma_rxe: rxe_newlink: failed to add lo [ 138.058150][ T1454] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 138.083574][ T7857] FAULT_INJECTION: forcing a failure. [ 138.083574][ T7857] name failslab, interval 1, probability 0, space 0, times 0 [ 138.088214][ T7857] CPU: 3 UID: 0 PID: 7857 Comm: syz.2.474 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 138.088229][ T7857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 138.088236][ T7857] Call Trace: [ 138.088240][ T7857] [ 138.088244][ T7857] dump_stack_lvl+0x16c/0x1f0 [ 138.088263][ T7857] should_fail_ex+0x512/0x640 [ 138.088275][ T7857] ? __kmalloc_noprof+0xbf/0x510 [ 138.088294][ T7857] ? nft_trans_alloc_gfp+0x26/0x2e0 [ 138.088306][ T7857] should_failslab+0xc2/0x120 [ 138.088317][ T7857] __kmalloc_noprof+0xd2/0x510 [ 138.088336][ T7857] nft_trans_alloc_gfp+0x26/0x2e0 [ 138.088349][ T7857] nft_delchain+0x29/0x310 [ 138.088365][ T7857] nf_tables_delchain+0xac4/0xd80 [ 138.088385][ T7857] ? __pfx_nf_tables_delchain+0x10/0x10 [ 138.088406][ T7857] ? __nla_parse+0x40/0x60 [ 138.088423][ T7857] nfnetlink_rcv_batch+0x1908/0x2350 [ 138.088448][ T7857] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 138.088464][ T7857] ? consume_skb+0xcc/0x100 [ 138.088481][ T7857] ? find_held_lock+0x2b/0x80 [ 138.088496][ T7857] ? __local_bh_enable_ip+0xa4/0x120 [ 138.088510][ T7857] ? lockdep_hardirqs_on+0x7c/0x110 [ 138.088533][ T7857] ? __pfx___dev_queue_xmit+0x10/0x10 [ 138.088558][ T7857] ? __nla_parse+0x40/0x60 [ 138.088574][ T7857] nfnetlink_rcv+0x3c1/0x430 [ 138.088590][ T7857] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 138.088611][ T7857] netlink_unicast+0x53a/0x7f0 [ 138.088629][ T7857] ? __pfx_netlink_unicast+0x10/0x10 [ 138.088648][ T7857] netlink_sendmsg+0x8d1/0xdd0 [ 138.088666][ T7857] ? __pfx_netlink_sendmsg+0x10/0x10 [ 138.088683][ T7857] ? __import_iovec+0x1c8/0x660 [ 138.088700][ T7857] ____sys_sendmsg+0xa95/0xc70 [ 138.088711][ T7857] ? __pfx_____sys_sendmsg+0x10/0x10 [ 138.088720][ T7857] ? get_compat_msghdr+0x11a/0x170 [ 138.088740][ T7857] ___sys_sendmsg+0x134/0x1d0 [ 138.088755][ T7857] ? __pfx____sys_sendmsg+0x10/0x10 [ 138.088785][ T7857] __sys_sendmsg+0x16d/0x220 [ 138.088799][ T7857] ? __pfx___sys_sendmsg+0x10/0x10 [ 138.088819][ T7857] ? rcu_is_watching+0x12/0xc0 [ 138.088834][ T7857] __do_fast_syscall_32+0x73/0x120 [ 138.088852][ T7857] do_fast_syscall_32+0x32/0x80 [ 138.088868][ T7857] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 138.088882][ T7857] RIP: 0023:0xf711e579 [ 138.088890][ T7857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 138.088901][ T7857] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 138.088911][ T7857] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800001c0 [ 138.088917][ T7857] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 138.088923][ T7857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 138.088932][ T7857] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 138.088938][ T7857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 138.088951][ T7857] [ 138.275758][ T1454] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 138.279471][ T1454] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 138.283333][ T1454] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 138.288109][ T1454] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 138.292079][ T1454] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.296943][ T1454] usb 5-1: config 0 descriptor?? [ 138.438734][ T7865] netlink: 136 bytes leftover after parsing attributes in process `syz.2.476'. [ 138.441723][ T7865] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 138.497659][ T7854] ufs: Invalid option: "grpquota‡9 [ 138.497659][ T7854] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 138.497659][ T7854] ›Á³®(T./file0" or missing value [ 138.503554][ T7854] ufs: wrong mount options [ 138.522325][ T7867] netlink: 'syz.3.477': attribute type 1 has an invalid length. [ 138.707885][ T7849] UHID_CREATE from different security context by process 462 (syz.0.472), this is not allowed. [ 138.724391][ T7849] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 138.730646][ T1454] usbhid 5-1:0.0: can't add hid device: -71 [ 138.732705][ T1454] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 138.745308][ T1454] usb 5-1: USB disconnect, device number 7 [ 138.836024][ T7872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.478'. [ 139.600928][ T7889] input: syz1 as /devices/virtual/input/input41 [ 140.360992][ T7902] rdma_rxe: rxe_newlink: failed to add lo [ 141.814130][ T6668] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 141.962019][ T7915] ufs: Invalid option: "grpquota‡9 [ 141.962019][ T7915] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 141.962019][ T7915] ›Á³®(T./file0" or missing value [ 141.969478][ T7915] ufs: wrong mount options [ 141.985480][ T6668] usb 5-1: config 0 has no interfaces? [ 141.988842][ T6668] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 141.992031][ T6668] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 141.994843][ T6668] usb 5-1: Manufacturer: syz [ 141.997891][ T6668] usb 5-1: config 0 descriptor?? [ 142.208063][ T6668] usb 5-1: USB disconnect, device number 8 [ 142.992819][ T7954] overlayfs: missing 'lowerdir' [ 143.000298][ T7954] sz1: rxe_newlink: already configured on lo [ 143.310535][ T7961] netlink: 16 bytes leftover after parsing attributes in process `syz.3.499'. [ 143.762811][ T7971] input: syz0 as /devices/virtual/input/input42 [ 144.690054][ T7990] 9pnet: Unknown protocol version 9 [ 145.015978][ T7993] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.104206][ T7993] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.170069][ T7993] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.265320][ T7993] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.366246][ T7993] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.372841][ T7993] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.380017][ T7993] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.397519][ T7993] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.096011][ T1454] usb 7-1: new low-speed USB device number 4 using dummy_hcd [ 146.247173][ T1454] usb 7-1: config 0 has no interfaces? [ 146.249519][ T1454] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 146.253281][ T1454] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.259401][ T1454] usb 7-1: config 0 descriptor?? [ 146.487642][ T8012] netlink: 8 bytes leftover after parsing attributes in process `syz.1.512'. [ 146.491377][ T8012] netlink: 4 bytes leftover after parsing attributes in process `syz.1.512'. [ 146.497211][ T8012] netlink: 'syz.1.512': attribute type 12 has an invalid length. [ 146.551297][ T8014] netlink: 'syz.1.513': attribute type 1 has an invalid length. [ 146.554408][ T8014] netlink: 15411 bytes leftover after parsing attributes in process `syz.1.513'. [ 146.900692][ T24] usb 6-1: new low-speed USB device number 13 using dummy_hcd [ 146.977414][ T1454] usb 7-1: USB disconnect, device number 4 [ 147.055403][ T24] usb 6-1: config 3 has no interfaces? [ 147.057252][ T24] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 147.060450][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.270734][ T8016] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.274642][ T8016] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.799120][ T6006] usb 6-1: USB disconnect, device number 13 [ 147.931946][ T8036] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 147.955053][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 147.964551][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 147.968620][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 147.972698][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 147.977351][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 147.981682][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 147.986520][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 147.991366][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 147.996493][ T8036] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 148.525855][ T8051] input: syz0 as /devices/virtual/input/input43 [ 148.929702][ T8052] ufs: Invalid option: "grpquota‡9 [ 148.929702][ T8052] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 148.929702][ T8052] ›Á³®(T./file0" or missing value [ 148.934764][ T8052] ufs: wrong mount options [ 149.695224][ T833] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 149.846091][ T833] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 149.849621][ T833] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 149.855600][ T833] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 149.859493][ T833] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 149.862929][ T833] usb 5-1: Manufacturer: syz [ 149.869222][ T833] usb 5-1: config 0 descriptor?? [ 149.877372][ T833] igorplugusb 5-1:0.0: incorrect number of endpoints [ 150.078197][ T1454] usb 5-1: USB disconnect, device number 9 [ 150.289801][ T8072] input: syz0 as /devices/virtual/input/input44 [ 150.568195][ T8074] input: syz0 as /devices/virtual/input/input45 [ 150.682486][ T8079] 9pnet_virtio: no channels available for device syz [ 150.805142][ T40] kauditd_printk_skb: 45 callbacks suppressed [ 150.805158][ T40] audit: type=1326 audit(1744902198.762:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8077 comm="syz.0.531" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f04579 code=0x0 [ 151.627108][ T8097] loop2: detected capacity change from 0 to 7 [ 151.635952][ T8097] Dev loop2: unable to read RDB block 7 [ 151.653632][ T8097] loop2: unable to read partition table [ 151.658447][ T8097] loop2: partition table beyond EOD, truncated [ 151.660665][ T8097] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 151.847013][ T8087] ufs: Invalid option: "grpquota‡9 [ 151.847013][ T8087] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 151.847013][ T8087] ›Á³®(T./file0" or missing value [ 151.854532][ T8087] ufs: wrong mount options [ 153.274592][ T8133] 9pnet: Unknown protocol version 9p200 [ 153.957695][ T8147] Cannot find add_set index 3 as target [ 154.642233][ T8159] create_pit_timer: 34 callbacks suppressed [ 154.642244][ T8159] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 154.801904][ T8159] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 154.812974][ T8159] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 154.822667][ T8159] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 154.848621][ T8159] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 155.931542][ T8193] input: syz0 as /devices/virtual/input/input46 [ 156.645196][ T8198] ufs: Invalid option: "grpquota‡9 [ 156.645196][ T8198] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 156.645196][ T8198] ›Á³®(T./file0" or missing value [ 156.650135][ T8198] ufs: wrong mount options [ 156.766189][ T8207] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 156.802020][ T8207] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 156.820603][ T8207] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 156.827643][ T8207] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 156.834247][ T8207] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 156.956570][ T8211] input: syz0 as /devices/virtual/input/input47 [ 157.476764][ T8235] overlayfs: missing 'workdir' [ 157.543046][ T8236] sz1: rxe_newlink: already configured on lo [ 158.897502][ T8255] ufs: Invalid option: "grpquota‡9 [ 158.897502][ T8255] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 158.897502][ T8255] ›Á³®(T./file0" or missing value [ 158.902761][ T8255] ufs: wrong mount options [ 159.418726][ T8269] netlink: 8 bytes leftover after parsing attributes in process `syz.1.575'. [ 160.182607][ T8286] ufs: Invalid option: "grpquota‡9 [ 160.182607][ T8286] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 160.182607][ T8286] ›Á³®(T./file0" or missing value [ 160.188963][ T8286] ufs: wrong mount options [ 160.354691][ T8297] input: syz0 as /devices/virtual/input/input48 [ 160.839142][ T8307] 9pnet: Unknown protocol version 9p2000. [ 162.037088][ T8327] ref_ctr_offset mismatch. inode: 0x328 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 162.124214][ T5324] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 162.305350][ T5324] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 162.308705][ T5324] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 162.311875][ T5324] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 162.316805][ T5324] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 162.319587][ T5324] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 162.322028][ T5324] usb 6-1: Manufacturer: syz [ 162.325100][ T5324] usb 6-1: config 0 descriptor?? [ 162.329732][ T5324] igorplugusb 6-1:0.0: incorrect number of endpoints [ 162.482909][ T8334] netlink: 'syz.2.590': attribute type 1 has an invalid length. [ 162.485963][ T8334] netlink: 15363 bytes leftover after parsing attributes in process `syz.2.590'. [ 162.532504][ T5989] usb 6-1: USB disconnect, device number 14 [ 162.856413][ T8343] 9pnet: Unknown protocol version 9p2000. [ 163.754348][ T8366] ref_ctr_offset mismatch. inode: 0x3ad offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 164.663653][ T8376] ref_ctr_offset mismatch. inode: 0x33d offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 164.789645][ T8382] create_pit_timer: 43 callbacks suppressed [ 164.789655][ T8382] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 164.822200][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 164.825817][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 164.829197][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 164.832686][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 164.836997][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 164.840428][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 164.844327][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 164.848817][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 164.852340][ T8382] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 165.221372][ T8390] ref_ctr_offset mismatch. inode: 0x3b8 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 165.384078][ T5989] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 165.535414][ T5989] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 165.544234][ T5989] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 165.547775][ T5989] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 165.558042][ T5989] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 165.560978][ T5989] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 165.566063][ T5989] usb 6-1: Manufacturer: syz [ 165.578680][ T5989] usb 6-1: config 0 descriptor?? [ 165.585164][ T5989] igorplugusb 6-1:0.0: incorrect number of endpoints [ 165.786328][ T5989] usb 6-1: USB disconnect, device number 15 [ 166.842971][ T8434] FAULT_INJECTION: forcing a failure. [ 166.842971][ T8434] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 166.850297][ T8434] CPU: 1 UID: 0 PID: 8434 Comm: syz.0.616 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 166.850321][ T8434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 166.850331][ T8434] Call Trace: [ 166.850337][ T8434] [ 166.850343][ T8434] dump_stack_lvl+0x16c/0x1f0 [ 166.850387][ T8434] should_fail_ex+0x512/0x640 [ 166.850413][ T8434] strncpy_from_user+0x3b/0x2e0 [ 166.850432][ T8434] bpf_prog_load+0x1aef/0x2490 [ 166.850456][ T8434] ? __pfx_bpf_prog_load+0x10/0x10 [ 166.850492][ T8434] ? bpf_lsm_bpf+0x9/0x10 [ 166.850516][ T8434] __sys_bpf+0x433c/0x4d80 [ 166.850536][ T8434] ? __pfx___sys_bpf+0x10/0x10 [ 166.850554][ T8434] ? ksys_write+0x190/0x240 [ 166.850580][ T8434] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 166.850619][ T8434] ? fput+0x70/0xf0 [ 166.850635][ T8434] ? ksys_write+0x1b9/0x240 [ 166.850655][ T8434] ? __pfx_ksys_write+0x10/0x10 [ 166.850680][ T8434] __ia32_sys_bpf+0x76/0xe0 [ 166.850701][ T8434] __do_fast_syscall_32+0x73/0x120 [ 166.850727][ T8434] do_fast_syscall_32+0x32/0x80 [ 166.850752][ T8434] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 166.850773][ T8434] RIP: 0023:0xf7f04579 [ 166.850786][ T8434] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 166.850802][ T8434] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 166.850819][ T8434] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000300 [ 166.850829][ T8434] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 166.850843][ T8434] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 166.850852][ T8434] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 166.850862][ T8434] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 166.850884][ T8434] [ 167.160637][ T8444] lo speed is unknown, defaulting to 1000 [ 167.533730][ T8449] ufs: Invalid option: "grpquota‡9 [ 167.533730][ T8449] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 167.533730][ T8449] ›Á³®(T./file0" or missing value [ 167.538725][ T8449] ufs: wrong mount options [ 168.500077][ T63] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 168.655519][ T63] usb 7-1: config index 0 descriptor too short (expected 23569, got 27) [ 168.658221][ T63] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 168.662845][ T63] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 168.666115][ T63] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 168.671465][ T63] usb 7-1: Manufacturer: syz [ 168.674786][ T63] usb 7-1: config 0 descriptor?? [ 168.678154][ T63] igorplugusb 7-1:0.0: incorrect number of endpoints [ 168.925323][ T5988] usb 7-1: USB disconnect, device number 5 [ 169.462825][ T8468] overlayfs: missing 'workdir' [ 169.520697][ T8470] rdma_rxe: rxe_newlink: failed to add lo [ 170.186896][ T5961] Bluetooth: hci0: command 0x0406 tx timeout [ 170.188835][ T67] Bluetooth: hci2: command 0x0406 tx timeout [ 170.190706][ T67] Bluetooth: hci1: command 0x0406 tx timeout [ 170.937330][ T8497] ufs: Invalid option: "grpquota‡9 [ 170.937330][ T8497] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 170.937330][ T8497] ›Á³®(T./file0" or missing value [ 170.942283][ T8497] ufs: wrong mount options [ 171.914166][ T5988] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 172.068562][ T5988] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.079280][ T5988] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 172.096857][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.104344][ T5988] usb 5-1: config 0 descriptor?? [ 172.520727][ T8535] create_pit_timer: 11 callbacks suppressed [ 172.520738][ T8535] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 172.548016][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 172.552399][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 172.556925][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 172.560976][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 172.566717][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 172.570511][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 172.575058][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 172.579707][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 172.586676][ T8535] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 173.218742][ T8550] ufs: Invalid option: "grpquota‡9 [ 173.218742][ T8550] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 173.218742][ T8550] ›Á³®(T./file0" or missing value [ 173.223729][ T8550] ufs: wrong mount options [ 174.007392][ T40] audit: type=1326 audit(1744902221.962:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 174.014188][ T40] audit: type=1326 audit(1744902221.962:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 174.020790][ T40] audit: type=1326 audit(1744902221.962:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 174.027409][ T40] audit: type=1326 audit(1744902221.962:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 174.034224][ T40] audit: type=1326 audit(1744902221.962:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 174.044092][ T40] audit: type=1326 audit(1744902221.962:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 174.050662][ T40] audit: type=1326 audit(1744902221.962:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f94598 code=0x7ffc0000 [ 174.062954][ T40] audit: type=1326 audit(1744902221.962:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f94598 code=0x7ffc0000 [ 174.070572][ T40] audit: type=1326 audit(1744902221.962:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 174.077266][ T5988] usbhid 5-1:0.0: can't add hid device: -71 [ 174.079188][ T5988] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 174.082609][ T5988] usb 5-1: USB disconnect, device number 10 [ 174.085623][ T40] audit: type=1326 audit(1744902221.962:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8558 comm="syz.3.647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 174.157570][ T8571] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 5, id = 0 [ 174.220647][ T8575] FAULT_INJECTION: forcing a failure. [ 174.220647][ T8575] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.225628][ T8575] CPU: 3 UID: 0 PID: 8575 Comm: syz.0.651 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 174.225644][ T8575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 174.225652][ T8575] Call Trace: [ 174.225656][ T8575] [ 174.225660][ T8575] dump_stack_lvl+0x16c/0x1f0 [ 174.225693][ T8575] should_fail_ex+0x512/0x640 [ 174.225711][ T8575] _copy_from_iter+0x2a4/0x15b0 [ 174.225725][ T8575] ? __alloc_skb+0x200/0x380 [ 174.225741][ T8575] ? __pfx__copy_from_iter+0x10/0x10 [ 174.225755][ T8575] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 174.225775][ T8575] netlink_sendmsg+0x829/0xdd0 [ 174.225793][ T8575] ? __pfx_netlink_sendmsg+0x10/0x10 [ 174.225809][ T8575] ? __import_iovec+0x1c8/0x660 [ 174.225826][ T8575] ____sys_sendmsg+0xa95/0xc70 [ 174.225837][ T8575] ? __pfx_____sys_sendmsg+0x10/0x10 [ 174.225846][ T8575] ? get_compat_msghdr+0x11a/0x170 [ 174.225865][ T8575] ___sys_sendmsg+0x134/0x1d0 [ 174.225885][ T8575] ? __pfx____sys_sendmsg+0x10/0x10 [ 174.225915][ T8575] __sys_sendmsg+0x16d/0x220 [ 174.225941][ T8575] ? __pfx___sys_sendmsg+0x10/0x10 [ 174.225961][ T8575] ? rcu_is_watching+0x12/0xc0 [ 174.225977][ T8575] __do_fast_syscall_32+0x73/0x120 [ 174.225995][ T8575] do_fast_syscall_32+0x32/0x80 [ 174.226011][ T8575] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 174.226024][ T8575] RIP: 0023:0xf7f04579 [ 174.226033][ T8575] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 174.226043][ T8575] RSP: 002b:00000000f500555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 174.226053][ T8575] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000180 [ 174.226060][ T8575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 174.226066][ T8575] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 174.226072][ T8575] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 174.226078][ T8575] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 174.226091][ T8575] [ 174.687680][ T8585] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 174.690541][ T8585] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 174.701546][ T8585] rdma_rxe: rxe_newlink: failed to add lo [ 175.254467][ T8591] ufs: Invalid option: "grpquota‡9 [ 175.254467][ T8591] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 175.254467][ T8591] ›Á³®(T./file0" or missing value [ 175.259574][ T8591] ufs: wrong mount options [ 175.312676][ T8595] netlink: 8 bytes leftover after parsing attributes in process `syz.1.656'. [ 176.667631][ T8625] ref_ctr_offset mismatch. inode: 0x341 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 177.686168][ T8642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.671'. [ 177.754284][ T8650] netlink: 8 bytes leftover after parsing attributes in process `syz.1.672'. [ 179.051569][ T8675] ref_ctr_offset mismatch. inode: 0x357 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 179.307042][ T8687] netlink: 8 bytes leftover after parsing attributes in process `syz.2.685'. [ 180.953815][ T8727] FAULT_INJECTION: forcing a failure. [ 180.953815][ T8727] name failslab, interval 1, probability 0, space 0, times 0 [ 180.963238][ T8727] CPU: 2 UID: 0 PID: 8727 Comm: syz.0.699 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 180.963255][ T8727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 180.963262][ T8727] Call Trace: [ 180.963266][ T8727] [ 180.963271][ T8727] dump_stack_lvl+0x16c/0x1f0 [ 180.963291][ T8727] should_fail_ex+0x512/0x640 [ 180.963304][ T8727] ? __kvmalloc_node_noprof+0x122/0x600 [ 180.963321][ T8727] should_failslab+0xc2/0x120 [ 180.963332][ T8727] __kvmalloc_node_noprof+0x135/0x600 [ 180.963348][ T8727] ? bpf_test_run_xdp_live+0x16b/0x500 [ 180.963365][ T8727] ? bpf_test_run_xdp_live+0x16b/0x500 [ 180.963378][ T8727] bpf_test_run_xdp_live+0x16b/0x500 [ 180.963393][ T8727] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 180.963409][ T8727] ? find_held_lock+0x2b/0x80 [ 180.963425][ T8727] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 180.963448][ T8727] ? 0xffffffffa0004340 [ 180.963457][ T8727] ? 0xffffffffa0004340 [ 180.963465][ T8727] ? 0xffffffffa0004340 [ 180.963473][ T8727] ? bpf_dispatcher_change_prog+0x54d/0xa80 [ 180.963490][ T8727] bpf_prog_test_run_xdp+0x824/0x1540 [ 180.963509][ T8727] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 180.963530][ T8727] ? __might_fault+0xe0/0x190 [ 180.963548][ T8727] ? fput+0x70/0xf0 [ 180.963558][ T8727] ? __bpf_prog_get+0xa0/0x290 [ 180.963575][ T8727] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 180.963590][ T8727] __sys_bpf+0x1485/0x4d80 [ 180.963603][ T8727] ? __pfx___sys_bpf+0x10/0x10 [ 180.963615][ T8727] ? ksys_write+0x190/0x240 [ 180.963632][ T8727] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 180.963655][ T8727] ? fput+0x70/0xf0 [ 180.963665][ T8727] ? ksys_write+0x1b9/0x240 [ 180.963679][ T8727] ? __pfx_ksys_write+0x10/0x10 [ 180.963696][ T8727] __ia32_sys_bpf+0x76/0xe0 [ 180.963709][ T8727] __do_fast_syscall_32+0x73/0x120 [ 180.963726][ T8727] do_fast_syscall_32+0x32/0x80 [ 180.963742][ T8727] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 180.963756][ T8727] RIP: 0023:0xf7f04579 [ 180.963764][ T8727] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 180.963774][ T8727] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 180.963785][ T8727] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000600 [ 180.963791][ T8727] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 180.963797][ T8727] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 180.963803][ T8727] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 180.963809][ T8727] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 180.963821][ T8727] [ 182.118704][ T8748] ntfs3(sr0): Primary boot signature is not NTFS. [ 182.121154][ T8748] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 182.358582][ T8757] netlink: 32 bytes leftover after parsing attributes in process `syz.3.706'. [ 182.370256][ T8757] netlink: 'syz.3.706': attribute type 10 has an invalid length. [ 182.402028][ T8757] veth0_vlan: left promiscuous mode [ 182.407801][ T8757] veth0_vlan: entered promiscuous mode [ 182.416051][ T8757] team0: Device veth0_vlan failed to register rx_handler [ 183.634775][ T8777] vivid-001: disconnect [ 184.177573][ T8785] 9pnet_virtio: no channels available for device syz [ 184.249019][ T8793] FAULT_INJECTION: forcing a failure. [ 184.249019][ T8793] name failslab, interval 1, probability 0, space 0, times 0 [ 184.253857][ T8793] CPU: 3 UID: 0 PID: 8793 Comm: syz.0.719 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 184.253881][ T8793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 184.253891][ T8793] Call Trace: [ 184.253898][ T8793] [ 184.253905][ T8793] dump_stack_lvl+0x16c/0x1f0 [ 184.253933][ T8793] should_fail_ex+0x512/0x640 [ 184.253956][ T8793] should_failslab+0xc2/0x120 [ 184.253974][ T8793] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 184.254016][ T8793] ? skb_clone+0x190/0x3f0 [ 184.254042][ T8793] skb_clone+0x190/0x3f0 [ 184.254065][ T8793] netlink_deliver_tap+0xabd/0xd30 [ 184.254094][ T8793] netlink_unicast+0x5df/0x7f0 [ 184.254121][ T8793] ? __pfx_netlink_unicast+0x10/0x10 [ 184.254154][ T8793] netlink_sendmsg+0x8d1/0xdd0 [ 184.254182][ T8793] ? __pfx_netlink_sendmsg+0x10/0x10 [ 184.254208][ T8793] ? __import_iovec+0x1c8/0x660 [ 184.254235][ T8793] ____sys_sendmsg+0xa95/0xc70 [ 184.254255][ T8793] ? __pfx_____sys_sendmsg+0x10/0x10 [ 184.254269][ T8793] ? get_compat_msghdr+0x11a/0x170 [ 184.254301][ T8793] ___sys_sendmsg+0x134/0x1d0 [ 184.254324][ T8793] ? __pfx____sys_sendmsg+0x10/0x10 [ 184.254379][ T8793] __sys_sendmsg+0x16d/0x220 [ 184.254401][ T8793] ? __pfx___sys_sendmsg+0x10/0x10 [ 184.254433][ T8793] ? rcu_is_watching+0x12/0xc0 [ 184.254464][ T8793] __do_fast_syscall_32+0x73/0x120 [ 184.254491][ T8793] do_fast_syscall_32+0x32/0x80 [ 184.254515][ T8793] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 184.254535][ T8793] RIP: 0023:0xf7f04579 [ 184.254548][ T8793] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 184.254564][ T8793] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 184.254581][ T8793] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000480 [ 184.254591][ T8793] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 184.254600][ T8793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 184.254609][ T8793] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 184.254619][ T8793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 184.254641][ T8793] [ 184.396519][ T8796] wireguard0: entered promiscuous mode [ 184.558560][ T8798] input: syz0 as /devices/virtual/input/input49 [ 185.293430][ T8810] FAULT_INJECTION: forcing a failure. [ 185.293430][ T8810] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 185.298400][ T8810] CPU: 0 UID: 0 PID: 8810 Comm: syz.0.724 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 185.298416][ T8810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 185.298423][ T8810] Call Trace: [ 185.298428][ T8810] [ 185.298432][ T8810] dump_stack_lvl+0x16c/0x1f0 [ 185.298458][ T8810] should_fail_ex+0x512/0x640 [ 185.298474][ T8810] _copy_from_iter+0x2a4/0x15b0 [ 185.298490][ T8810] ? __alloc_skb+0x200/0x380 [ 185.298505][ T8810] ? __pfx__copy_from_iter+0x10/0x10 [ 185.298520][ T8810] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 185.298541][ T8810] netlink_sendmsg+0x829/0xdd0 [ 185.298560][ T8810] ? __pfx_netlink_sendmsg+0x10/0x10 [ 185.298577][ T8810] ? __import_iovec+0x1c8/0x660 [ 185.298595][ T8810] ____sys_sendmsg+0xa95/0xc70 [ 185.298606][ T8810] ? __pfx_____sys_sendmsg+0x10/0x10 [ 185.298616][ T8810] ? get_compat_msghdr+0x11a/0x170 [ 185.298636][ T8810] ___sys_sendmsg+0x134/0x1d0 [ 185.298652][ T8810] ? __pfx____sys_sendmsg+0x10/0x10 [ 185.298684][ T8810] __sys_sendmsg+0x16d/0x220 [ 185.298698][ T8810] ? __pfx___sys_sendmsg+0x10/0x10 [ 185.298719][ T8810] ? rcu_is_watching+0x12/0xc0 [ 185.298736][ T8810] __do_fast_syscall_32+0x73/0x120 [ 185.298754][ T8810] do_fast_syscall_32+0x32/0x80 [ 185.298771][ T8810] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 185.298785][ T8810] RIP: 0023:0xf7f04579 [ 185.298794][ T8810] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 185.298806][ T8810] RSP: 002b:00000000f502655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 185.298817][ T8810] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000 [ 185.298824][ T8810] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 185.298830][ T8810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 185.298836][ T8810] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 185.298842][ T8810] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 185.298856][ T8810] [ 185.440126][ T8815] netlink: 24 bytes leftover after parsing attributes in process `syz.0.725'. [ 186.260456][ T8835] input: syz0 as /devices/virtual/input/input50 [ 186.331666][ T8769] vivid-001: reconnect [ 186.710557][ T8843] Cache volume key already in use (9p,syz,) [ 187.764175][ T63] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 187.925879][ T63] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 187.928509][ T63] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 187.932578][ T63] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 187.935455][ T63] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 187.937946][ T63] usb 6-1: Manufacturer: syz [ 187.942135][ T63] usb 6-1: config 0 descriptor?? [ 187.948426][ T63] igorplugusb 6-1:0.0: incorrect number of endpoints [ 188.153461][ T63] usb 6-1: USB disconnect, device number 16 [ 188.905611][ T8886] input: syz0 as /devices/virtual/input/input51 [ 190.150961][ T8911] FAULT_INJECTION: forcing a failure. [ 190.150961][ T8911] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 190.156524][ T8911] CPU: 3 UID: 0 PID: 8911 Comm: syz.2.751 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 190.156548][ T8911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 190.156558][ T8911] Call Trace: [ 190.156564][ T8911] [ 190.156572][ T8911] dump_stack_lvl+0x16c/0x1f0 [ 190.156601][ T8911] should_fail_ex+0x512/0x640 [ 190.156624][ T8911] _copy_from_user+0x2e/0xd0 [ 190.156646][ T8911] __sys_bpf+0x21d/0x4d80 [ 190.156669][ T8911] ? __pfx___sys_bpf+0x10/0x10 [ 190.156694][ T8911] ? ksys_write+0x190/0x240 [ 190.156721][ T8911] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 190.156760][ T8911] ? fput+0x70/0xf0 [ 190.156776][ T8911] ? ksys_write+0x1b9/0x240 [ 190.156797][ T8911] ? __pfx_ksys_write+0x10/0x10 [ 190.156824][ T8911] __ia32_sys_bpf+0x76/0xe0 [ 190.156845][ T8911] __do_fast_syscall_32+0x73/0x120 [ 190.156871][ T8911] do_fast_syscall_32+0x32/0x80 [ 190.156896][ T8911] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 190.156916][ T8911] RIP: 0023:0xf711e579 [ 190.156929][ T8911] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 190.156945][ T8911] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 190.156962][ T8911] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000640 [ 190.156973][ T8911] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 190.156983][ T8911] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 190.156992][ T8911] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 190.157002][ T8911] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 190.157024][ T8911] [ 192.072519][ T8941] ufs: Invalid option: "grpquota‡9 [ 192.072519][ T8941] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 192.072519][ T8941] ›Á³®(T./file0" or missing value [ 192.077957][ T8941] ufs: wrong mount options [ 192.146326][ T8952] FAULT_INJECTION: forcing a failure. [ 192.146326][ T8952] name failslab, interval 1, probability 0, space 0, times 0 [ 192.150402][ T8952] CPU: 1 UID: 0 PID: 8952 Comm: syz.0.762 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 192.150417][ T8952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 192.150424][ T8952] Call Trace: [ 192.150428][ T8952] [ 192.150433][ T8952] dump_stack_lvl+0x16c/0x1f0 [ 192.150452][ T8952] should_fail_ex+0x512/0x640 [ 192.150465][ T8952] ? fs_reclaim_acquire+0xae/0x150 [ 192.150479][ T8952] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 192.150494][ T8952] should_failslab+0xc2/0x120 [ 192.150505][ T8952] __kmalloc_noprof+0xd2/0x510 [ 192.150524][ T8952] tomoyo_realpath_from_path+0xc2/0x6e0 [ 192.150541][ T8952] ? tomoyo_profile+0x47/0x60 [ 192.150558][ T8952] tomoyo_path_number_perm+0x245/0x580 [ 192.150570][ T8952] ? tomoyo_path_number_perm+0x237/0x580 [ 192.150584][ T8952] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 192.150597][ T8952] ? find_held_lock+0x2b/0x80 [ 192.150624][ T8952] ? find_held_lock+0x2b/0x80 [ 192.150637][ T8952] ? hook_file_ioctl_common+0x145/0x410 [ 192.150652][ T8952] ? __fget_files+0x20e/0x3c0 [ 192.150670][ T8952] security_file_ioctl_compat+0x9b/0x240 [ 192.150685][ T8952] __do_compat_sys_ioctl+0x4e/0x2c0 [ 192.150700][ T8952] __do_fast_syscall_32+0x73/0x120 [ 192.150721][ T8952] do_fast_syscall_32+0x32/0x80 [ 192.150737][ T8952] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 192.150751][ T8952] RIP: 0023:0xf7f04579 [ 192.150759][ T8952] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 192.150770][ T8952] RSP: 002b:00000000f4fe455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 192.150780][ T8952] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000040186f40 [ 192.150787][ T8952] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000 [ 192.150793][ T8952] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 192.150798][ T8952] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 192.150804][ T8952] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 192.150817][ T8952] [ 192.150821][ T8952] ERROR: Out of memory at tomoyo_realpath_from_path. [ 192.322583][ T8952] ubi31: attaching mtd0 [ 192.330617][ T8952] ubi31: scanning is finished [ 192.334283][ T8952] ubi31: empty MTD device detected [ 192.356621][ T8954] create_pit_timer: 26 callbacks suppressed [ 192.356631][ T8954] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 192.390832][ T8954] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 192.424461][ T8954] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 192.759535][ T8952] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4 [ 193.707391][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.709686][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.162350][ T8991] rdma_rxe: rxe_newlink: failed to add lo [ 194.222730][ T8990] sz1: rxe_newlink: already configured on lo [ 195.682303][ T9009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.777'. [ 195.851819][ T9006] ufs: Invalid option: "grpquota‡9 [ 195.851819][ T9006] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 195.851819][ T9006] ›Á³®(T./file0" or missing value [ 195.857984][ T9006] ufs: wrong mount options [ 197.184111][ T9040] 9pnet_virtio: no channels available for device syz [ 197.187878][ T9040] netlink: 8 bytes leftover after parsing attributes in process `syz.2.784'. [ 197.713097][ T9048] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 198.088799][ T9055] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 198.167855][ T9055] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 198.178574][ T9055] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 198.190155][ T9055] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 198.667924][ T9075] ufs: Invalid option: "grpquota‡9 [ 198.667924][ T9075] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 198.667924][ T9075] ›Á³®(T./file0" or missing value [ 198.672939][ T9075] ufs: wrong mount options [ 198.677111][ T9074] ref_ctr_offset mismatch. inode: 0x41f offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 199.161102][ T9084] sz1: rxe_newlink: already configured on lo [ 199.569676][ T9091] rdma_rxe: rxe_newlink: failed to add lo [ 199.981306][ T9093] ubi31: attaching mtd0 [ 199.983747][ T9093] ubi31: scanning is finished [ 199.988505][ T9098] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 200.007494][ T9098] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 200.011205][ T9098] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 200.015209][ T9098] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 200.018591][ T9098] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 200.084093][ T9093] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 200.086582][ T9093] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 200.089043][ T9093] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 200.091355][ T9093] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 200.093793][ T9093] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 200.096110][ T9093] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 200.120891][ T9093] ubi31: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 349172732 [ 200.124469][ T9093] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 200.171735][ T9104] ubi31: background thread "ubi_bgt31d" started, PID 9104 [ 200.692911][ T9092] rtc_cmos 00:05: Alarms can be up to one day in the future [ 201.463209][ T63] rtc_cmos 00:05: Alarms can be up to one day in the future [ 201.468954][ T63] rtc_cmos 00:05: Alarms can be up to one day in the future [ 201.472766][ T63] rtc_cmos 00:05: Alarms can be up to one day in the future [ 201.477537][ T63] rtc_cmos 00:05: Alarms can be up to one day in the future [ 201.533896][ T63] rtc rtc0: __rtc_set_alarm: err=-22 [ 201.611999][ T9148] rdma_rxe: rxe_newlink: failed to add lo [ 201.911901][ T9135] ufs: Invalid option: "grpquota‡9 [ 201.911901][ T9135] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 201.911901][ T9135] ›Á³®(T./file0" or missing value [ 201.918442][ T9135] ufs: wrong mount options [ 202.277491][ T9160] input: syz0 as /devices/virtual/input/input52 [ 202.544643][ T9152] ufs: Invalid option: "grpquota‡9 [ 202.544643][ T9152] ŽòÁ÷&3h|é•q͉O_Ò†o‰´c¨a1[ð+@ÍEJȨR [ 202.544643][ T9152] ›Á³®(T./file0" or missing value [ 202.550175][ T9152] ufs: wrong mount options [ 202.797257][ T9171] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.836915][ T9171] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.897528][ T9171] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.312690][ T9171] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.507582][ T9183] rdma_rxe: rxe_newlink: failed to add lo [ 204.182748][ T9171] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.206771][ T9171] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.239140][ T9171] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.250025][ T9193] hugetlbfs: Bad value 'g' for mount option 'nr_inodes' [ 204.250025][ T9193] [ 204.255999][ T9193] netlink: 272 bytes leftover after parsing attributes in process `syz.1.816'. [ 204.265517][ T9190] netlink: 8 bytes leftover after parsing attributes in process `syz.2.815'. [ 204.275993][ T9171] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.288585][ T9193] 9pnet_fd: Insufficient options for proto=fd [ 204.294958][ T5960] Bluetooth: hci1: unexpected event for opcode 0x2003 [ 204.779160][ T9213] create_pit_timer: 96 callbacks suppressed [ 204.779174][ T9213] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 204.804592][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 204.808951][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 204.812857][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 204.820503][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 204.826137][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 204.834827][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 204.838316][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 204.842087][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 204.846669][ T9213] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 205.615157][ T1454] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 205.790214][ T1454] usb 6-1: Using ep0 maxpacket: 16 [ 205.793798][ T1454] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 205.799361][ T1454] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 205.803010][ T1454] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.805744][ T1454] usb 6-1: Product: syz [ 205.807151][ T1454] usb 6-1: Manufacturer: syz [ 205.809034][ T1454] usb 6-1: SerialNumber: syz [ 205.812442][ T1454] usb 6-1: config 0 descriptor?? [ 205.816238][ T1454] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 205.819524][ T1454] em28xx 6-1:0.0: DVB interface 0 found: bulk [ 206.419169][ T1454] em28xx 6-1:0.0: unknown em28xx chip ID (0) [ 206.588889][ T40] kauditd_printk_skb: 319 callbacks suppressed [ 206.588904][ T40] audit: type=1326 audit(1744902254.542:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.601629][ T40] audit: type=1326 audit(1744902254.542:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.608052][ T9296] capability: warning: `syz.3.858' uses deprecated v2 capabilities in a way that may be insecure [ 206.613728][ T40] audit: type=1326 audit(1744902254.542:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.625141][ T40] audit: type=1326 audit(1744902254.562:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.634583][ T40] audit: type=1326 audit(1744902254.562:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.643699][ T40] audit: type=1326 audit(1744902254.562:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=145 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.662655][ T40] audit: type=1326 audit(1744902254.562:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.671022][ T40] audit: type=1326 audit(1744902254.562:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.678780][ T40] audit: type=1326 audit(1744902254.562:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.688787][ T40] audit: type=1326 audit(1744902254.562:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9294 comm="syz.3.858" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000 [ 206.916615][ T5324] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 207.031528][ T1454] em28xx 6-1:0.0: read from i2c device at 0xa0 failed with unknown error (status=65) [ 207.034725][ T1454] em28xx 6-1:0.0: board has no eeprom [ 207.083721][ T5324] usb 5-1: config index 0 descriptor too short (expected 69, got 36) [ 207.086276][ T5324] usb 5-1: config 0 has an invalid descriptor of length 69, skipping remainder of the config [ 207.089407][ T5324] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 207.093464][ T5324] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 23861, setting to 64 [ 207.097799][ T5324] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 207.105392][ T5324] usb 5-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 207.109014][ T5324] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.111391][ T5324] usb 5-1: Product: syz [ 207.112941][ T5324] usb 5-1: Manufacturer: syz [ 207.116805][ T5324] usb 5-1: SerialNumber: syz [ 207.121358][ T5324] usb 5-1: config 0 descriptor?? [ 207.128107][ T9302] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 207.133321][ T5324] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 207.284059][ T1454] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 207.286560][ T1454] em28xx 6-1:0.0: dvb set to bulk mode. [ 207.288497][ T5989] em28xx 6-1:0.0: Binding DVB extension [ 207.297593][ T1454] usb 6-1: USB disconnect, device number 17 [ 207.299920][ T1454] em28xx 6-1:0.0: Disconnecting em28xx [ 207.314851][ T5989] em28xx 6-1:0.0: Registering input extension [ 207.317090][ T1454] em28xx 6-1:0.0: Closing input extension [ 207.328217][ T1454] em28xx 6-1:0.0: Freeing device [ 207.423824][ T9338] program syz.3.877 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 207.818300][ T9345] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 207.939005][ T5324] input: gspca_pac7302 as /devices/platform/dummy_hcd.0/usb5/5-1/input/input54 [ 207.948102][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.950361][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.952521][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.954688][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.956887][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.959264][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.961395][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.963621][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.965817][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.967989][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.970153][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.972353][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.974566][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.976737][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.978911][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.981103][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.983291][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.987083][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.989361][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.991710][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.993867][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.996097][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 207.998287][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.000518][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.002734][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.005030][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.007233][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.009450][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.011680][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.013963][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.016283][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.018475][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.020694][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.022914][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.025261][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.027768][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.030068][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.032450][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.035426][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.037686][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.040325][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.042608][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.044902][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.047174][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.049480][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.051750][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.054032][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.056278][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.058634][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.061052][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.063264][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.065569][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.067777][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.069982][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.072307][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.074474][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.076708][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.078919][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.081123][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.083316][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.086140][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.088390][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.090714][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.092929][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.095166][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.097464][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.100383][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.102622][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.104834][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.107359][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.109846][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.111953][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.114111][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.116287][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.118849][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.121013][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.123263][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.125558][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.127779][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.129931][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.132115][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.134515][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.137146][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.139342][ C2] gspca_pac7302 5-1:0.0: URB error -71, resubmitting [ 208.140357][ T5987] usb 5-1: USB disconnect, device number 11 [ 208.141381][ C2] gspca_main: Resubmit URB failed with error -19 [ 208.180462][ T9367] netem: incorrect gi model size [ 208.182766][ T9367] netem: change failed [ 208.915991][ T9406] 9pnet: Unknown protocol version 9p2000. [ 209.069431][ T9422] netlink: 36 bytes leftover after parsing attributes in process `syz.2.915'. [ 209.240475][ T9426] ref_ctr_offset mismatch. inode: 0x4c9 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa [ 209.762663][ T9445] netlink: 'syz.3.924': attribute type 10 has an invalid length. [ 209.766370][ T9445] hsr_slave_0: left promiscuous mode [ 209.768679][ T9445] hsr_slave_1: left promiscuous mode [ 209.942686][ T9455] netlink: 4 bytes leftover after parsing attributes in process `syz.2.929'. [ 210.021631][ T9462] dvmrp5: entered allmulticast mode [ 210.028751][ T9462] dvmrp5: left allmulticast mode [ 210.343436][ T9492] bridge_slave_0: left allmulticast mode [ 210.349181][ T9492] bridge_slave_0: left promiscuous mode [ 210.352659][ T9492] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.367614][ T9492] bridge_slave_1: left allmulticast mode [ 210.369400][ T9492] bridge_slave_1: left promiscuous mode [ 210.371231][ T9492] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.377558][ T9492] bond0: (slave bond_slave_0): Releasing backup interface [ 210.382014][ T9492] bond0: (slave bond_slave_1): Releasing backup interface [ 210.393684][ T9492] team0: Port device team_slave_0 removed [ 210.399465][ T9492] team0: Port device team_slave_1 removed [ 210.401680][ T9492] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 210.405147][ T9492] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 210.408484][ T9492] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 210.410829][ T9492] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 210.419409][ T5324] lo speed is unknown, defaulting to 1000 [ 210.425395][ T9507] [ 210.426206][ T9507] ====================================================== [ 210.428487][ T9507] WARNING: possible circular locking dependency detected [ 210.430670][ T9507] 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 Not tainted [ 210.433449][ T9507] ------------------------------------------------------ [ 210.436403][ T9507] syz.1.950/9507 is trying to acquire lock: [ 210.438253][ T9507] ffff88806b7c0aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x2d/0x9f0 [ 210.441586][ T9507] [ 210.441586][ T9507] but task is already holding lock: [ 210.443892][ T9507] ffff88806b7c0258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520 [ 210.446668][ T9507] [ 210.446668][ T9507] which lock already depends on the new lock. [ 210.446668][ T9507] [ 210.449930][ T9507] [ 210.449930][ T9507] the existing dependency chain (in reverse order) is: [ 210.452841][ T9507] [ 210.452841][ T9507] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}: [ 210.455269][ T9507] lock_sock_nested+0x41/0xf0 [ 210.456956][ T9507] sockopt_lock_sock+0x54/0x70 [ 210.458619][ T9507] do_ip_setsockopt+0xfe/0x3240 [ 210.460325][ T9507] ip_setsockopt+0x59/0xf0 [ 210.461919][ T9507] tcp_setsockopt+0xa4/0x100 [ 210.463540][ T9507] do_sock_setsockopt+0x221/0x470 [ 210.465287][ T9507] __sys_setsockopt+0x1a0/0x230 [ 210.467204][ T9507] __ia32_sys_setsockopt+0xbc/0x160 [ 210.468958][ T9507] __do_fast_syscall_32+0x73/0x120 [ 210.470707][ T9507] do_fast_syscall_32+0x32/0x80 [ 210.472376][ T9507] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 210.474513][ T9507] [ 210.474513][ T9507] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 210.476867][ T9507] __mutex_lock+0x199/0xb90 [ 210.478462][ T9507] start_sync_thread+0x120/0x28b0 [ 210.480208][ T9507] do_ip_vs_set_ctl+0x451/0x11d0 [ 210.481923][ T9507] nf_setsockopt+0x8a/0xf0 [ 210.483494][ T9507] ip_setsockopt+0xcb/0xf0 [ 210.485057][ T9507] tcp_setsockopt+0xa4/0x100 [ 210.486759][ T9507] smc_setsockopt+0x1b3/0xa00 [ 210.488452][ T9507] do_sock_setsockopt+0x221/0x470 [ 210.490221][ T9507] __sys_setsockopt+0x1a0/0x230 [ 210.491909][ T9507] __ia32_sys_setsockopt+0xbc/0x160 [ 210.493686][ T9507] __do_fast_syscall_32+0x73/0x120 [ 210.495435][ T9507] do_fast_syscall_32+0x32/0x80 [ 210.497121][ T9507] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 210.499276][ T9507] [ 210.499276][ T9507] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 210.501918][ T9507] __lock_acquire+0x1173/0x1ba0 [ 210.503603][ T9507] lock_acquire+0x179/0x350 [ 210.505201][ T9507] __mutex_lock+0x199/0xb90 [ 210.506884][ T9507] smc_switch_to_fallback+0x2d/0x9f0 [ 210.508671][ T9507] smc_sendmsg+0x13d/0x520 [ 210.510246][ T9507] __sys_sendto+0x495/0x510 [ 210.511782][ T9507] __ia32_sys_sendto+0xdd/0x1b0 [ 210.513403][ T9507] __do_fast_syscall_32+0x73/0x120 [ 210.515153][ T9507] do_fast_syscall_32+0x32/0x80 [ 210.516812][ T9507] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 210.518902][ T9507] [ 210.518902][ T9507] other info that might help us debug this: [ 210.518902][ T9507] [ 210.521942][ T9507] Chain exists of: [ 210.521942][ T9507] &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET [ 210.521942][ T9507] [ 210.525994][ T9507] Possible unsafe locking scenario: [ 210.525994][ T9507] [ 210.528329][ T9507] CPU0 CPU1 [ 210.529972][ T9507] ---- ---- [ 210.531626][ T9507] lock(sk_lock-AF_INET); [ 210.532992][ T9507] lock(rtnl_mutex); [ 210.534983][ T9507] lock(sk_lock-AF_INET); [ 210.537072][ T9507] lock(&smc->clcsock_release_lock); [ 210.538715][ T9507] [ 210.538715][ T9507] *** DEADLOCK *** [ 210.538715][ T9507] [ 210.541225][ T9507] 1 lock held by syz.1.950/9507: [ 210.542755][ T9507] #0: ffff88806b7c0258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520 [ 210.545550][ T9507] [ 210.545550][ T9507] stack backtrace: [ 210.547502][ T9507] CPU: 0 UID: 0 PID: 9507 Comm: syz.1.950 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) [ 210.547518][ T9507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 210.547527][ T9507] Call Trace: [ 210.547531][ T9507] [ 210.547536][ T9507] dump_stack_lvl+0x116/0x1f0 [ 210.547555][ T9507] print_circular_bug+0x275/0x350 [ 210.547574][ T9507] check_noncircular+0x14c/0x170 [ 210.547592][ T9507] __lock_acquire+0x1173/0x1ba0 [ 210.547605][ T9507] lock_acquire+0x179/0x350 [ 210.547615][ T9507] ? smc_switch_to_fallback+0x2d/0x9f0 [ 210.547626][ T9507] ? __pfx___might_resched+0x10/0x10 [ 210.547640][ T9507] ? futex_wait_queue+0x14c/0x220 [ 210.547651][ T9507] ? futex_unqueue+0xba/0x140 [ 210.547665][ T9507] __mutex_lock+0x199/0xb90 [ 210.547680][ T9507] ? smc_switch_to_fallback+0x2d/0x9f0 [ 210.547690][ T9507] ? __lock_acquire+0xaa4/0x1ba0 [ 210.547698][ T9507] ? smc_switch_to_fallback+0x2d/0x9f0 [ 210.547709][ T9507] ? __pfx___mutex_lock+0x10/0x10 [ 210.547724][ T9507] ? do_raw_spin_lock+0x12c/0x2b0 [ 210.547735][ T9507] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 210.547747][ T9507] ? smc_switch_to_fallback+0x2d/0x9f0 [ 210.547757][ T9507] ? __local_bh_enable_ip+0xa4/0x120 [ 210.547770][ T9507] smc_switch_to_fallback+0x2d/0x9f0 [ 210.547782][ T9507] smc_sendmsg+0x13d/0x520 [ 210.547792][ T9507] __sys_sendto+0x495/0x510 [ 210.547804][ T9507] ? __pfx___sys_sendto+0x10/0x10 [ 210.547817][ T9507] ? __sys_bind+0x176/0x260 [ 210.547829][ T9507] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 210.547845][ T9507] ? rcu_is_watching+0x12/0xc0 [ 210.547858][ T9507] __ia32_sys_sendto+0xdd/0x1b0 [ 210.547870][ T9507] ? lockdep_hardirqs_on+0x7c/0x110 [ 210.547883][ T9507] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 210.547898][ T9507] __do_fast_syscall_32+0x73/0x120 [ 210.547914][ T9507] do_fast_syscall_32+0x32/0x80 [ 210.547929][ T9507] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 210.547942][ T9507] RIP: 0023:0xf711e579 [ 210.547950][ T9507] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 210.547960][ T9507] RSP: 002b:00000000f510e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 210.547970][ T9507] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 210.547976][ T9507] RDX: 0000000000000000 RSI: 00000000200007fd RDI: 0000000080e68000 [ 210.547982][ T9507] RBP: 0000000000000010 R08: 0000000000000000 R09: 0000000000000000 [ 210.547988][ T9507] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 210.547994][ T9507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 210.548002][ T9507] VM DIAGNOSIS: 15:04:18 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854bdb65 RDI=ffffffff9ae12b40 RBP=ffffffff9ae12b00 RSP=ffffc90004c2f478 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e35312e36 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ae12b00 R15=ffffffff854bdb00 RIP=ffffffff854bdb8f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977b9000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f72237f0 CR3=000000006d032000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000056b2cc RBX=0000000000000001 RCX=ffffffff8b703439 RDX=ffffed10056665be RSI=ffffffff8bf45080 RDI=ffffffff8191a751 RBP=ffffed10037e5488 RSP=ffffc9000046fdf8 R8 =0000000000000000 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000005bea R12=0000000000000001 R13=ffff88801bf2a440 R14=ffffffff90868110 R15=0000000000000000 RIP=ffffffff8b701ccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080e68000 CR3=00000000227fc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000001000 RCX=0000000000000017 RDX=0000000000001000 RSI=0000000000000000 RDI=ffff88806b8c8a40 RBP=ffffc900010ffa98 RSP=ffffc900010ffa38 R8 =0000000000000000 R9 =0000000000000000 R10=ffff88806b8c8000 R11=0000000000002bd0 R12=0000000000082820 R13=0000000000001000 R14=00000000ffffffff R15=ffff88801b443040 RIP=ffffffff8b7047b6 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055eb31d15000 CR3=000000004d34c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=000000000002ec2d RCX=ffffffff822b31b6 RDX=ffff888012f82440 RSI=ffffffff822b31d3 RDI=0000000000000005 RBP=ffff88803fffa4a0 RSP=ffffc900040cf758 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=1ffffffff1c79889 R12=0000000000000000 R13=0000000000000001 R14=ffff88807ffce400 R15=0000000000000005 RIP=ffffffff81bb3d26 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097ab9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c32e341 CR3=00000000704b8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000