last executing test programs: 4.93480029s ago: executing program 3 (id=3169): ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000000)={0x0, 0x4, 0x8, 0xa}) mq_timedreceive(r1, 0x0, 0xfffffffffffffee3, 0x1, 0x0) mq_timedreceive(r1, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0xe}, 0x90) syz_usb_control_io(r3, 0x0, 0x0) r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) readv(r4, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x2) ioctl$HIDIOCSFLAG(r4, 0x4004480f, &(0x7f0000000000)=0x3) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000040), 0xfea7) syz_usb_connect(0x0, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x201, 0x29, 0xe3, 0xe0, 0x10, 0x2c7c, 0x620, 0x8c6e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x80, 0x2a, 0x20, 0x7, [{{0x9, 0x4, 0xdc, 0xa, 0x0, 0xff, 0x0, 0x0, 0x6, [@hid_hid={0x9, 0x21, 0x0, 0x4, 0x1, {0x22, 0xb5e}}, @hid_hid={0x9, 0x21, 0x1, 0x15, 0x1, {0x22, 0x675}}]}}]}}]}}, &(0x7f0000000780)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x110, 0x9, 0x5, 0x7, 0x20, 0x6}, 0x2d, &(0x7f0000000300)={0x5, 0xf, 0x2d, 0x4, [@wireless={0xb, 0x10, 0x1, 0xc, 0x62, 0x8, 0x8, 0x100, 0x2}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x8, 0x73, 0x6}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x6, 0xd, 0x1}, @ssp_cap={0xc, 0x10, 0xa, 0x6, 0x0, 0x3, 0xff0f, 0xfffa}]}, 0x7, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0xfcff}}, {0xf0, &(0x7f0000000580)=@string={0xf0, 0x3, "1bd2c98a30b76354455a5043db0ecf834fe248a9a142b47fe80c2f1cbcc53bd14e068947fc895b31338d65b72de1c1c81b6fa8e4a970e5442ff1c78ad353f6ff3189a69c60f7c6a0bb4f67bdf50ed9da9c7f435c6b8db44ebda3a42a17e1169cc6f68080873521588bda510717263d11d767e5ac566a5d01262e87ff9af1b749573e9697dd7a7c23af70a4e117d49ac2c675b627be4ff99faed344d09b4c328df51803fc50e64f7fd3dbeaa75f3a3f277419fec898f45a913328ca00fb6315ef8a5e0c556f22030f2a39790f55b32b87fa928d63da145620d7db6b1f6fa77f72066703e8e63b36e32840a8c5c20b"}}, {0x57, &(0x7f0000000380)=@string={0x57, 0x3, "551200b51526fae3273c19b9d960dd13279f91902106d9a8a536ca663f280c4060d80e558a0ab07338475610f78f48968529d51edad0bb219f8d39e58b57a8eca246cc62dedab03bbddd6e717f2be3353a64be42da"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x827}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x280a}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x440a}}, {0x2e, &(0x7f00000006c0)=@string={0x2e, 0x3, "e51dc7bea94cbe4597a209b8285d7da8e75126ebb89552e1f9e5474fc79e8dd442e13e2a4b663a68f0e9c303"}}]}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0) ioctl$HIDIOCGUSAGE(r4, 0xc018480b, 0x0) 4.739036118s ago: executing program 1 (id=3171): socket$inet(0x2, 0x4000000805, 0x0) (async, rerun: 64) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) (async, rerun: 64) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) (async, rerun: 32) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) (async, rerun: 32) ptrace$getsig(0x4202, r0, 0x9, 0x0) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x0, 0x12100, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) (async) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000280)={0x0, 0x0}) (async) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x39, &(0x7f0000000000)='/proc/sys\x00net/\x00\x00v4\x00\x00s/\x92y\x03\xc0\xb8+\xab\xbbY\xcb\xf3nc_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1\xeeu\x8b\x05\xb4\xa0'}, 0x30) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r6) (async) r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r7, &(0x7f0000000680)=""/184, 0xb8) (async) getdents64(r7, 0x0, 0x0) (async) setpgid(r5, r0) (async, rerun: 32) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) (rerun: 32) sendmsg$nl_xfrm(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c010000100001000000000000000000ac1414aa000000000000000000000000fc00000000000000000000000000000000000000000000000a0000000000", @ANYRES32=0x0, @ANYRES32=0x0], 0x13c}}, 0x0) (async, rerun: 64) bpf$MAP_CREATE(0x0, 0x0, 0x0) (rerun: 64) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r9 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r9, 0x541c, &(0x7f0000000000)) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x90) 4.545964264s ago: executing program 1 (id=3173): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read(r0, &(0x7f0000000140)=""/134, 0x86) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0xcf5) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5437, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) write$UHID_GET_REPORT_REPLY(r3, &(0x7f00000000c0)={0xa, {0x3, 0x81, 0x5}}, 0xa) r5 = accept4(r4, 0x0, 0x0, 0x0) sendmsg$nl_route(r5, &(0x7f0000000400)={0x0, 0xfffffeff, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES8=r3, @ANYRESDEC=r0, @ANYRES16], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x20040011}, 0x810) 3.636595744s ago: executing program 0 (id=3175): r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) close(r0) socket$inet_tcp(0x2, 0x1, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000008000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000180)={{}, 'syz0\x00'}) pselect6(0x40, &(0x7f00000001c0)={0x80000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) ioctl$UI_DEV_CREATE(r2, 0x5501) r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x0) r4 = socket(0x2a, 0x2, 0x0) sendto(r4, 0x0, 0x0, 0x0, &(0x7f0000000040)=@qipcrtr, 0x80) read$qrtrtun(r3, 0x0, 0x0) dup2(r3, r4) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r5 = epoll_create1(0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r5]) r6 = syz_io_uring_setup(0x3b67, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=0x0) syz_io_uring_setup(0x5c8b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6}, &(0x7f0000000180)=0x0, &(0x7f00000000c0)) syz_io_uring_submit(r8, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r6, 0xb15, 0x0, 0x0, 0x0, 0x0) openat$sr(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r9 = getpid() process_vm_readv(r9, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000680)=[{&(0x7f0000008480)=""/95, 0x5f}, {&(0x7f0000000380)=""/198, 0xc6}, {&(0x7f0000000240)=""/30, 0x1e}, {&(0x7f0000000480)=""/187, 0xbb}, {&(0x7f0000000540)=""/249, 0xf9}, {&(0x7f0000000640)=""/21, 0x15}], 0x6, 0x0) 3.096353263s ago: executing program 3 (id=3176): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl(r2, 0xbffff000, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) r3 = socket$kcm(0x2, 0xa, 0x2) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0xb, 0x101301) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) close(r0) close(r4) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x9c) pipe2$9p(0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x6d) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) openat$userio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000380)="2e9b756b1d64563d3d00072706005193df96c575963f08640857f6d5ff510728af8d74cfbec0231fdc1248eff7144aaf7c06ef4c41e4f61a738b63e99d8e91baa21c9e1fed9d5da792753400e364aa9785ce1fec74db1634918b0e68ff36c87153d8977d06197fc7fe3524db435ef1fc068d8724ec232689ec4960115cee499a5e005cb910e200436b75dd8b604e0c736ebe2b0b935f488055717c7e711e5b179cef3774c57b458b932d74ad46f75d6f441b7db469c905aeca52c32a2bf40007317080e213a0", 0xc6}], 0x1) r6 = socket(0x1d, 0x2, 0x6) ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000040)={'nicvf0\x00', &(0x7f0000000280)=@ethtool_ringparam={0x11, 0x0, 0x0, 0x0, 0x3, 0xfffffffd, 0x0, 0x0, 0x2bf5}}) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="a40000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400000000000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000fb0000000000000c00028005000100000000000800074000000000100005800a000100512e393331"], 0xa4}}, 0x0) 3.086645946s ago: executing program 1 (id=3184): ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000000)={0x0, 0x4, 0x8, 0xa}) mq_timedreceive(r1, 0x0, 0xfffffffffffffee3, 0x1, 0x0) mq_timedreceive(r1, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0xe}, 0x90) syz_usb_control_io(r3, 0x0, 0x0) r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) readv(r4, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x2) ioctl$HIDIOCSFLAG(r4, 0x4004480f, &(0x7f0000000000)=0x3) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000040), 0xfea7) syz_usb_connect(0x0, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x201, 0x29, 0xe3, 0xe0, 0x10, 0x2c7c, 0x620, 0x8c6e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x80, 0x2a, 0x20, 0x7, [{{0x9, 0x4, 0xdc, 0xa, 0x0, 0xff, 0x0, 0x0, 0x6, [@hid_hid={0x9, 0x21, 0x0, 0x4, 0x1, {0x22, 0xb5e}}, @hid_hid={0x9, 0x21, 0x1, 0x15, 0x1, {0x22, 0x675}}]}}]}}]}}, &(0x7f0000000780)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x110, 0x9, 0x5, 0x7, 0x20, 0x6}, 0x2d, &(0x7f0000000300)={0x5, 0xf, 0x2d, 0x4, [@wireless={0xb, 0x10, 0x1, 0xc, 0x62, 0x8, 0x8, 0x100, 0x2}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x8, 0x73, 0x6}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x6, 0xd, 0x1}, @ssp_cap={0xc, 0x10, 0xa, 0x6, 0x0, 0x3, 0xff0f, 0xfffa}]}, 0x7, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0xfcff}}, {0xf0, &(0x7f0000000580)=@string={0xf0, 0x3, "1bd2c98a30b76354455a5043db0ecf834fe248a9a142b47fe80c2f1cbcc53bd14e068947fc895b31338d65b72de1c1c81b6fa8e4a970e5442ff1c78ad353f6ff3189a69c60f7c6a0bb4f67bdf50ed9da9c7f435c6b8db44ebda3a42a17e1169cc6f68080873521588bda510717263d11d767e5ac566a5d01262e87ff9af1b749573e9697dd7a7c23af70a4e117d49ac2c675b627be4ff99faed344d09b4c328df51803fc50e64f7fd3dbeaa75f3a3f277419fec898f45a913328ca00fb6315ef8a5e0c556f22030f2a39790f55b32b87fa928d63da145620d7db6b1f6fa77f72066703e8e63b36e32840a8c5c20b"}}, {0x57, &(0x7f0000000380)=@string={0x57, 0x3, "551200b51526fae3273c19b9d960dd13279f91902106d9a8a536ca663f280c4060d80e558a0ab07338475610f78f48968529d51edad0bb219f8d39e58b57a8eca246cc62dedab03bbddd6e717f2be3353a64be42da"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x827}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x280a}}, {0x4, &(0x7f0000000680)=@lang_id={0x4, 0x3, 0x440a}}, {0x2e, &(0x7f00000006c0)=@string={0x2e, 0x3, "e51dc7bea94cbe4597a209b8285d7da8e75126ebb89552e1f9e5474fc79e8dd442e13e2a4b663a68f0e9c303"}}]}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0) ioctl$HIDIOCGUSAGE(r4, 0xc018480b, 0x0) 2.825826465s ago: executing program 2 (id=3178): bpf$PROG_LOAD(0x5, 0x0, 0x0) mount(&(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='hfs\x00', 0x0, &(0x7f0000000540)) 2.597248595s ago: executing program 2 (id=3179): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0xfffffeff, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES8, @ANYRESDEC, @ANYRES16], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x20040011}, 0x810) 2.546808763s ago: executing program 0 (id=3180): ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000000)={0x0, 0x4, 0x8, 0xa}) mq_timedreceive(r1, 0x0, 0xfffffffffffffee3, 0x1, 0x0) mq_timedreceive(r1, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2e, 0xffffffffffffffff, 0xe}, 0x90) syz_usb_control_io(r3, 0x0, 0x0) r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) readv(r4, &(0x7f0000000480)=[{&(0x7f0000001580)=""/4091, 0x18}], 0x2) ioctl$HIDIOCSFLAG(r4, 0x4004480f, &(0x7f0000000000)=0x3) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000040), 0xfea7) syz_usb_connect(0x0, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x201, 0x29, 0xe3, 0xe0, 0x10, 0x2c7c, 0x620, 0x8c6e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x80, 0x2a, 0x20, 0x7, [{{0x9, 0x4, 0xdc, 0xa, 0x0, 0xff, 0x0, 0x0, 0x6, [@hid_hid={0x9, 0x21, 0x0, 0x4, 0x1, {0x22, 0xb5e}}, @hid_hid={0x9, 0x21, 0x1, 0x15, 0x1, {0x22, 0x675}}]}}]}}]}}, &(0x7f0000000780)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x110, 0x9, 0x5, 0x7, 0x20, 0x6}, 0x2d, &(0x7f0000000300)={0x5, 0xf, 0x2d, 0x4, [@wireless={0xb, 0x10, 0x1, 0xc, 0x62, 0x8, 0x8, 0x100, 0x2}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x8, 0x73, 0x6}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x6, 0xd, 0x1}, @ssp_cap={0xc, 0x10, 0xa, 0x6, 0x0, 0x3, 0xff0f, 0xfffa}]}}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0) ioctl$HIDIOCGUSAGE(r4, 0xc018480b, 0x0) 2.105088132s ago: executing program 3 (id=3181): socket(0x2, 0x2, 0x0) syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x44000) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000d40), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000670000000500000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x81, 0xfff, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x0, 0x400000}, 0x48) r4 = socket$inet_smc(0x2b, 0x1, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r7 = openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) fcntl$setstatus(r7, 0x4, 0x0) r8 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r6, &(0x7f0000000300)=ANY=[], 0xc2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'macsec0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="34000000100001040000000000000000002fee6e000000a3b2774947f7cbd91f5a7fa57bdaf4c107ccf0ecadd4daa45940a96be81792ea954f42e4c9cf3e4fe6c28a374d1cff45981ca987d2583b65c527ef248f76fd7a02dbf6f0decf01d92019d5c273b04245b45703a8b5d4c8", @ANYRES32=r10, @ANYBLOB="80480000000000001400140074756c6c3000"/28], 0x34}}, 0x0) setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}, 0xc) close(r4) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=@delqdisc={0x1a4, 0x25, 0x200, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r10, {0x4, 0xb}, {0x6, 0xfff3}, {0xfff1, 0x1}}, [@qdisc_kind_options=@q_mq={0x7}, @TCA_STAB={0xd4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7, 0xfc, 0x4, 0x4, 0x2, 0x6, 0x2, 0x9}}, {0x16, 0x2, [0x8, 0x7, 0x800, 0x0, 0x9, 0xee, 0x4, 0xffff, 0x9]}}, {{0x1c, 0x1, {0xe, 0x4, 0x2, 0x400, 0x2, 0x9, 0x9b, 0x4}}, {0xc, 0x2, [0x11, 0x3, 0x94, 0x8]}}, {{0x1c, 0x1, {0x4, 0xe, 0x1, 0x400, 0x0, 0x4, 0xff, 0x1}}, {0x6, 0x2, [0x900]}}, {{0x1c, 0x1, {0x8, 0xa, 0xffff, 0x4, 0x1, 0x1, 0x5, 0x2}}, {0x8, 0x2, [0x8, 0x1]}}, {{0x1c, 0x1, {0x8, 0xff, 0x0, 0x6, 0x1, 0x4, 0x8, 0x5}}, {0xe, 0x2, [0x7, 0xfea9, 0x4c, 0x3, 0x2]}}]}, @qdisc_kind_options=@q_blackhole={0xe}, @TCA_RATE={0x6, 0x5, {0xd, 0x8}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0xcb2}, @TCA_STAB={0x84, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x27, 0x9, 0x9, 0x1, 0xd, 0x0, 0x1}}, {0x6, 0x2, [0x2]}}, {{0x1c, 0x1, {0xff, 0x10, 0x2, 0x1, 0x0, 0x1, 0xfffffffd, 0x3}}, {0xa, 0x2, [0x8, 0x40, 0x10]}}, {{0x1c, 0x1, {0x0, 0x0, 0x2, 0x1, 0x0, 0x8, 0xaf, 0xa}}, {0x18, 0x2, [0x7, 0x9, 0x4, 0xcf4, 0x7, 0x3, 0xfff, 0x40, 0x0, 0xda92]}}]}]}, 0x1a4}}, 0x1) r12 = socket$pppl2tp(0x18, 0x1, 0x1) r13 = socket$nl_rdma(0x10, 0x3, 0x14) ioctl$SIOCSIFMTU(r12, 0x8922, &(0x7f0000000000)={'lo\x00'}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r13, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000120000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b71c000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x98, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2c, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.099247474s ago: executing program 2 (id=3190): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0xfffffeff, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES8, @ANYRESDEC, @ANYRES16], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x20040011}, 0x810) 1.964468501s ago: executing program 2 (id=3182): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6a00000002060104000003000000000000000000ffff030000000000050005000200000005000100070000000c009bfd8a1300000900020073797a3000000000130003006861060000000000000066616365000000000000"], 0x58}}, 0x8000) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x6, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00'}) sendmsg$nl_route(r1, 0x0, 0x0) fcntl$lock(r0, 0x26, &(0x7f00000031c0)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRESDEC, @ANYRES64=r2], 0x3c}}, 0x0) fcntl$lock(r0, 0x7, &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fc000ff}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000680)={0x0, 0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r4, 0xc0182101, &(0x7f0000000180)={r5}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x47}, 0x90) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20008001}, 0x20000004) gettid() timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) write$UHID_INPUT(r7, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d30f91b5d520987f70e06d038e7ff7fc6e5539b3271298b089b0708356e090890e0878f0e1ac6e7049b3350959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d782c8ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5e3728ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246b80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5182cff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec6800068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a0ad367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x566}}, 0x1006) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r4, 0xc0502100, &(0x7f0000000480)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x40182103, &(0x7f0000000080)={r8, 0x3, r4, 0x5}) 1.345312854s ago: executing program 1 (id=3183): unshare(0x2000400) syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[], 0xa0}}, 0x0) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b1a, &(0x7f0000000000)={'wlan1\x00'}) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f00000000c0)={"8a5fc36851854a469326bb5782655ef2f6d6ab3232a65b7894913c9f4aa464cf5a6032a5e375fa987790c40838311a917462b8ee80b9959c46874619e3cab2c7673f22a5f1a796764868e36e60357badcace2cfb9a0223b49c3df0f57f0793d75f89870fa15ed13472cb662fd76dd583b259c809931332bbc5180ecf86c8a6d20bc6781c2aa971e63fe7d430e0016f91fa5e3595ec7cf07ff18837e3a9ad49e1026a04f3ec4900abf1aceeab8ed429a1628ab2ee856d161c3e1830ca29c27e7327c3910871063a6b35516e63e67fda3bd8f001201208912568cf104340b90c816976e62535c53a6e2bb55f3ce879df512d9ad8be030c36caedb1a4b2e25481efc30e85d5714756e5cce0d97a74d151b7b75faf46fe52df5b784abe89a001e2c130c92ed54444e91acbb00e43d29720a19927518323ba43ee5c25fc424dae7bd58a7919b4b33e4fef6f33bc2a9f33a6360bcd44e5314de73eaedc301dba9981bb2e74391c9ee7e154e5535fa9fae268bd5120b13c23439f2d74f7ddf3b35b4bc8788d055b7aeac0a05b3bbcafb102250a74d457518e1d62345e3b7af25b01cadecb18768f60f4a07b275c04c5857482e1b809a5e0668c5a591964066dd9a1ebedd33f23966f16488296092c275fdd6f2c30338f15dac9b157da77679c6f515222297d9017ed2c2e5a4412e2b792a0287c61ce147890f3c897c971843e8d3bc97f71fa1ea1601ede18e08d0386647399e5d00c7fdeb0225c0c489e4dd7ce49d6c6c07dc69bba06ed455ac51d6476283c80e1c17c3f0c103c145837f719080cdbebb3d87e620f43bd3cc7a15d4280b0b40afb5278bb584e105f2b01bf1eef2fb43095ce35956a7b947b646a34b283198b7892d9a76bc3f96076e621f2aa4e5fb1c21d83c595b11edc16bd39001625ceecc02a317b861410870627a1549f7964ca8c4a967a48f92493aa9c41aadb27d6ae94acf713109184a93db9185283cd184ce16b3f18463f38c1cc247f94dddbaf249e479b48b6a9a2d10d9aa5d9b3ef06af7bf2a950babf4bb0f13fafa7479ddee24c815f137d94deac20e27bf68b64db812ae665c101c2909eba44b81d1213b6dc2c0924e9a40e773a1d3010572d49e3e7c1a86214f0e5ea8d925db7023356a985aeb7c19ed9a44c2c55146b085d1d83a9a5f6c7e7b105477f67c9b873e093e85d09868b97816f450eabed6b543f9602a077198127ea02af34dc3f047b33f041e66c90451534e84ad70dc522f4d4b365dabc41c0afebb0ac132c27f465c5426e004aea6e07e94ff50c383cba7b4dc5a0a3773943e52ec564fff73ae4ccf3d3209ad6598e7cab96e1624287cc5f6474a992dc09e513b1f773d88e9019c24c6535d69d021d7c3c8adf6635c40272483926779d2b4df6c3a16a422c4957548bb61411234f4afbded721800e2cbaa1034968bcad"}) ioctl$BTRFS_IOC_SET_FEATURES(0xffffffffffffffff, 0x40309439, &(0x7f0000000000)) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000b59fa9b40000000001070000940001000000fc11c60000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r3}, 0x10) socket(0x10, 0x803, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f00000004c0), 0x100, 0x0) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) listen(0xffffffffffffffff, 0x7fff) r4 = getpid() process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x33, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) bind$unix(r5, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r6 = socket$unix(0x1, 0x2, 0x0) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) connect$unix(r6, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) writev(r6, &(0x7f0000000040)=[{&(0x7f0000000000)="d2", 0x1}], 0x1) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x1d, &(0x7f0000000080)=0x6, 0x4) recvmmsg(r5, &(0x7f0000000300), 0x40000000000049e, 0x1000000000fe, 0x0) 1.296825164s ago: executing program 3 (id=3185): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0022ba7d81000000000000006b7b50ff3b00"}) r1 = syz_open_pts(r0, 0x0) dup3(r1, r0, 0x0) r2 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=0x0) syz_io_uring_setup(0x2292, &(0x7f0000000640), &(0x7f0000000400)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r2, 0xb15, 0x0, 0x0, 0x0, 0x0) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) writev(r5, &(0x7f0000011200)=[{&(0x7f0000010200)="e36e11f9490a838ca8e83bfaa975b54d8a9cef706911ce3572771b2c53bf6171166a81ce7d964e818cab31f265ddc1fde31aaa253eed53376c4744dea0e673935fd8b605db85e4b4aeaf51c68ce451e769721093d74c4ec00da5cdcb65daeccc7e3fcec5bfc4cef3258fd4ec88736989610d56bfdad733f65b98d998d2192ba71a63244239242e200382b75c09cd8dbeaa6b78addf2f48cb62032c5724946d227b9bd9b8f9c486f5c2ea674632e0c53d7d28404be4fa827ea621973ca8711030af9455479c500f55cccb827a49caa192bf1f561f8f81a01739f7838a5cb2a13d69db74baa0dd043e32776f0e71fa6bc124e5c5d992f40a9afed8ac727e0628901950c96f295cdb6babe974824ddb639a481479abe037895237ea82135bf3979313e8735cd7928e8501f3118efdace7838f269b36b9362da69187fbba80fbee86a5aefd413f7a0edcdef0ca7b7404417ede1ace311968b9092cd5ecf428ca67c94de3dfe8bf42f5f19bc7bdaa10b110c31122006d062ea36b46fc20ddd389a47583ad09c383be509fe4af1fcff8edc3e56e1f00e0ea95923104141675a0b0c89a959de9a4390ebdaf1130f3d478e88d593f9bfed4a0900153692a16ef407f550ac93fbf5d73824833f34c5555716905110aa6b35ac7315113dc4a9926ec573b732fa240628f943e87e3a21ccb80b8c6c16b3a2f61d84b504309c4d541c82c567f9bd016caf007192b4ca0b7a9aebedfa909e075ff22e98188f5281b730c8d2b7a70293ef06d9df5d75ebec02bc00f88b847e251621652346d6a1b5fdc64677f22fab75fc441751507ab41f712d28ab3de8a55c63b9998c2438758aa627bdb9f25edef14183c9cf461f268d0956ade18f1663c5348fa8d786868b7f411697223262d93f17d0454b02f1778ef85bb", 0x28d}], 0x1) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0) io_setup(0x3, &(0x7f00000003c0)) socket$inet6(0xa, 0x3, 0x3c) writev(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000440)={[0x6, 0x7fffffff, 0x2, 0x5, 0xce44, 0x6, 0x181, 0x7, 0x0, 0x1, 0x7f, 0x3, 0x5, 0x5, 0x6f, 0xc], 0x6000, 0x40000}) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x22) r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r7, &(0x7f00000077c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r10, 0x46b5b071fb3773b1, 0x0, 0x0, {0x26}}, 0x14}}, 0x0) syz_fuse_handle_req(r7, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r7, 0x0, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0xb0, 0x0, 0x0, [{{0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, r8}}, {0x0, 0x0, 0x1, 0x8, '\x00'}}]}, 0x0, 0x0}) r11 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r11, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) 1.017215206s ago: executing program 2 (id=3186): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) connect$inet(0xffffffffffffffff, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x3) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps\x00') readv(r3, &(0x7f00000022c0)=[{&(0x7f00000021c0)=""/200, 0xc8}], 0x1) read$FUSE(r3, &(0x7f0000000180)={0x2020}, 0x2020) 876.403843ms ago: executing program 1 (id=3187): socket$nl_xfrm(0x10, 0x3, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={0x0}, 0x10) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x10001}, 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x820061, &(0x7f0000000040)=ANY=[@ANYBLOB='nr_inodes=A']) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f00000003c0)=ANY=[@ANYBLOB="e00000020000000001000000010000000a010100"], 0x14) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') fcntl$notify(r2, 0x402, 0x80000004) getdents64(r2, &(0x7f0000000200)=""/171, 0xab) syz_emit_ethernet(0x6a, &(0x7f00000005c0)={@multicast, @link_local={0x3}, @void, {@ipv4={0x800, @tcp={{0x12, 0x4, 0x0, 0x7, 0x5c, 0x0, 0x0, 0x0, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x80}, @broadcast, {[@rr={0x44, 0xb, 0xd, [@remote, @multicast2]}, @lsrr={0x83, 0x1b, 0x85, [@empty, @local, @rand_addr=0x64010100, @remote, @local, @multicast1]}, @timestamp={0x44, 0xc, 0x0, 0x0, 0x2, [0x3, 0x1]}]}}, {{0x4e21, 0x3, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x0, 0x0, 0xfffe}}}}}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="34030000", @ANYRES16=r4, @ANYBLOB="010000000000feffffff3b00000008000300", @ANYRES32, @ANYRESHEX], 0x334}}, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)=0xff, 0x4) recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000080)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, 0x0}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r6}, 0x48) bind$netrom(r2, &(0x7f0000000540)={{0x3, @default, 0x6}, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000000), &(0x7f0000000080)=@udp}, 0x20) socket$kcm(0x29, 0x2, 0x0) socket$kcm(0x29, 0x2, 0x0) 528.349318ms ago: executing program 0 (id=3188): bpf$PROG_LOAD(0x5, 0x0, 0x0) mount(&(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='hfs\x00', 0x0, &(0x7f0000000540)) 252.607072ms ago: executing program 0 (id=3189): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_script(r0, &(0x7f0000000100)={'#! ', './file0', [{}, {0x20, ']/'}], 0xa, "a1df5c837b3f1d3e0fc648ee870fe274a3bdffebcf0137bee198db1f7f2d812f09fc0ac19fda417167886360e801a799da07d13a02c30e"}, 0x46) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000001240)={@host}) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000080)={0x0, 0x5, 0x0, 0x40000000}) 224.534011ms ago: executing program 3 (id=3191): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10) listen(r0, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r0, 0x942e, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x9, 0x7, 0x10001, 0x9}, 0x48) sendmmsg(r1, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 185.911527ms ago: executing program 0 (id=3192): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0xfffffeff, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES8, @ANYRESDEC, @ANYRES16], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x20040011}, 0x810) 36.28578ms ago: executing program 0 (id=3193): r0 = gettid() r1 = inotify_init1(0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00') r3 = syz_open_procfs(r0, &(0x7f00000001c0)='mountstats\x00') r4 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000009c0)={'vcan0\x00', 0x0}) r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_GET_HW_INFO(r6, 0x3b8a, &(0x7f00000003c0)={0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) r7 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r7, &(0x7f0000000080)={0x1d, r5}, 0x18) sendmsg$can_j1939(r7, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee) r8 = socket$nl_route(0x10, 0x3, 0x0) connect$can_j1939(r7, &(0x7f0000000280)={0x1d, r5, 0x2}, 0x18) r9 = socket$can_j1939(0x1d, 0x2, 0x7) r10 = getpid() process_vm_readv(r10, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) process_vm_readv(r10, &(0x7f0000000100), 0x0, &(0x7f0000000380)=[{&(0x7f0000000200)=""/8, 0x8}, {&(0x7f0000000440)=""/150, 0x96}, {&(0x7f00000005c0)=""/121, 0x79}], 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x1, 0x700, 0x0, {0x0, 0x0, 0x74, r11}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) read$FUSE(r3, &(0x7f00000009c0)={0x2020}, 0x2020) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000060000e376e42b35fc1370eb40b1902193964a89d313"], &(0x7f00000000c0)='syzkaller\x00'}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r12}, 0x10) r13 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendto(r13, &(0x7f0000000640)="7656f5ef5ba194d7b498794f9abe9956610a2d827823bb308865ddbea67dd8ed86bf97a2473505952bc8a6f40cba7d605ae38bd65e14024b614be95067f1d80b247e3ce935d418c6c60dba6749dfdfd3dcfb13c8c38af912fe477267e0286df5a6ee296a6ace4872518b54a39f0db21efb1d2b4887013902e7ff4df404d3acd74d08d709e78d3e00dc3975957ec3aab1c346ab4ea31fe6b04e6437637059a4933c6b32314cbac9d8a7f56abc0fa544411cda66b61bb84fca0f3f3328994a8a3efd5fdbe7849bbd07a1dad8e582b40e1422e3504788b2dd75442041c211e9cc50a7be739c49a0c4a76b67dacdd0d985fb1341d35df836", 0xf6, 0x4040104, &(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x4, @remote, 0x9}, 0x80) syz_emit_vhci(&(0x7f0000000500)=ANY=[@ANYBLOB="040e0a62091006000000000000911402f8cdc4644277efc1ce3b84eb06c941"], 0xd) 35.850906ms ago: executing program 1 (id=3194): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ppoll(&(0x7f00000003c0)=[{0xffffffffffffffff, 0x461}], 0x1, &(0x7f0000000bc0), 0x0, 0x0) fsopen(0x0, 0x0) r1 = openat$nmem0(0xffffffffffffff9c, &(0x7f0000000380), 0x474980, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000480), &(0x7f00000004c0)=0x4) r2 = getpid() r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus/file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x6000) fchown(r0, 0x0, r4) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) ioctl$VHOST_VDPA_GET_GROUP_NUM(r5, 0x8004af81, &(0x7f0000000140)) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000540)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0186405, &(0x7f00000002c0)={0x9, 0xa, {0xffffffffffffffff}, {}, 0x5, 0x1}) prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x2, 0x0) 18.713704ms ago: executing program 3 (id=3201): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) syz_open_dev$loop(0x0, 0x6, 0x82200) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = socket$inet(0xa, 0x801, 0x84) connect$inet(r4, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) write$uinput_user_dev(r5, &(0x7f0000000a80)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='smaps\x00') r7 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x4, 0x1, 0x1100}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r8, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) readv(r6, &(0x7f00000022c0)=[{&(0x7f00000021c0)=""/200, 0xc8}], 0x1) read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020) 0s ago: executing program 2 (id=3202): r0 = accept4(0xffffffffffffffff, &(0x7f0000000080)=@rc, &(0x7f0000000100)=0x80, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x81200400}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="c72593f684bbe8a6e9aed5249e31c31c000000919be0cb5a331f6580816ae56b48519036b0fdc5d898b53d9dd4763d3ed7a7714e70de02de7510aafcf092731c704512aeda6ca8fe6abf587fbe17e3eae02bc7cec9248711c70664ecdf7921ac528e361d21f66cb0b65584ae52efef75f6ce64335a4508a525e2fc71f46b418efdfedc55b66757bd9114c69f064a75", @ANYRES16=r1, @ANYBLOB="00042dbd7000fedbdf258200000008000300", @ANYRES32=r4, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4c040}, 0x20004810) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b) r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r7, &(0x7f0000001080)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) recvmmsg(r7, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)=""/225, 0xe1}], 0x1}}], 0x1, 0x0, 0x0) sendfile(r7, r6, 0x0, 0xffefffff) getdents(r5, &(0x7f0000000000)=""/24, 0x18) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x0, 0x43, 0x2, 0x9, 0x0, @local, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8, 0x7f01, 0x5, 0xb}}) sendmsg$nl_route_sched(r0, &(0x7f0000000580)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)=@getqdisc={0x34, 0x26, 0x20, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xfff3, 0xfff2}, {0xffef, 0xffe0}, {0x0, 0xd}}, [{0x4}, {0x4}, {0x4}, {0x4}]}, 0x34}}, 0x40000) r9 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$FBIO_WAITFORVSYNC(r9, 0x40044620, 0x0) kernel console output (not intermixed with test programs): k+0x67/0xa0 [ 407.802739][T14179] ? __pfx_rtnl_newlink+0x10/0x10 [ 407.804787][T14179] rtnetlink_rcv_msg+0x3c7/0xea0 [ 407.806827][T14179] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 407.809052][T14179] netlink_rcv_skb+0x16b/0x440 [ 407.811013][T14179] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 407.813224][T14179] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 407.815418][T14179] ? netlink_deliver_tap+0x1ae/0xd90 [ 407.817639][T14179] netlink_unicast+0x53c/0x7f0 [ 407.819601][T14179] ? __pfx_netlink_unicast+0x10/0x10 [ 407.821713][T14179] netlink_sendmsg+0x8b8/0xd70 [ 407.823717][T14179] ? __pfx_netlink_sendmsg+0x10/0x10 [ 407.826034][T14179] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 407.826299][ T5627] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 407.828330][T14179] __sys_sendto+0x47f/0x4e0 [ 407.828358][T14179] ? __pfx___sys_sendto+0x10/0x10 [ 407.828401][T14179] ? ksys_write+0x1ab/0x260 [ 407.839446][T14179] ? __pfx_ksys_write+0x10/0x10 [ 407.841609][T14179] __x64_sys_sendto+0xe0/0x1c0 [ 407.843410][ T5627] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 407.843731][T14179] ? do_syscall_64+0x91/0x250 [ 407.843761][T14179] ? lockdep_hardirqs_on+0x7c/0x110 [ 407.843787][T14179] do_syscall_64+0xcd/0x250 [ 407.843815][T14179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.843835][T14179] RIP: 0033:0x7fac22f7cef9 [ 407.843852][T14179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 407.843869][T14179] RSP: 002b:00007fac23c8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 407.843888][T14179] RAX: ffffffffffffffda RBX: 00007fac23135f80 RCX: 00007fac22f7cef9 [ 407.843901][T14179] RDX: 0000000000010a73 RSI: 0000000020000000 RDI: 0000000000000003 [ 407.843913][T14179] RBP: 00007fac23c8f090 R08: 0000000000000000 R09: 4b6ae4f95a5de35b [ 407.843926][T14179] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001 [ 407.843959][T14179] R13: 0000000000000000 R14: 00007fac23135f80 R15: 00007ffe6770c958 [ 407.847780][ T5627] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 407.849796][T14179] [ 407.851542][ T5627] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 407.901704][ T5627] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 407.906685][ T5627] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 407.921323][ T5627] usb 7-1: config 0 descriptor?? [ 407.970723][T14184] input: syz1 as /devices/virtual/input/input33 [ 408.687397][T14167] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 408.690543][T14167] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 408.698970][ T5627] usbhid 7-1:0.0: can't add hid device: -71 [ 408.701695][ T5627] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 408.706060][ T5627] usb 7-1: USB disconnect, device number 28 [ 408.940360][T14204] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2744'. [ 408.978815][T14204] serio: Serial port pts2 [ 409.341008][T14226] syzkaller1: entered promiscuous mode [ 409.343212][T14226] syzkaller1: entered allmulticast mode [ 409.350577][T14226] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2748'. [ 409.869780][ T39] audit: type=1400 audit(1725733334.507:1706): avc: denied { read } for pid=14230 comm="syz.2.2751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 409.880348][ T39] audit: type=1400 audit(1725733334.517:1707): avc: denied { getattr } for pid=14230 comm="syz.2.2751" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 409.881193][T14231] netlink: 'syz.2.2751': attribute type 5 has an invalid length. [ 409.971308][ T39] audit: type=1400 audit(1725733334.607:1708): avc: denied { wake_alarm } for pid=14238 comm="syz.2.2755" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 410.141373][T14249] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2757'. [ 410.155935][T14249] FAULT_INJECTION: forcing a failure. [ 410.155935][T14249] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 410.161331][T14249] CPU: 2 UID: 0 PID: 14249 Comm: syz.2.2757 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 410.165205][T14249] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 410.168684][T14249] Call Trace: [ 410.169890][T14249] [ 410.170902][T14249] dump_stack_lvl+0x16c/0x1f0 [ 410.172503][T14249] should_fail_ex+0x497/0x5b0 [ 410.174111][T14249] _copy_from_user+0x30/0xf0 [ 410.175659][T14249] copy_msghdr_from_user+0x99/0x160 [ 410.177365][T14249] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 410.179274][T14249] ? find_held_lock+0x2d/0x110 [ 410.180878][T14249] ? __pfx___lock_acquire+0x10/0x10 [ 410.182586][T14249] ___sys_sendmsg+0xff/0x1e0 [ 410.184150][T14249] ? __pfx____sys_sendmsg+0x10/0x10 [ 410.185848][T14249] ? ksys_write+0x21c/0x260 [ 410.187392][T14249] ? __fget_light+0x173/0x210 [ 410.188925][T14249] __sys_sendmsg+0x117/0x1f0 [ 410.190470][T14249] ? __pfx___sys_sendmsg+0x10/0x10 [ 410.192160][T14249] do_syscall_64+0xcd/0x250 [ 410.193648][T14249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.195589][T14249] RIP: 0033:0x7f8a5257cef9 [ 410.197082][T14249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 410.203369][T14249] RSP: 002b:00007f8a53419038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 410.206073][T14249] RAX: ffffffffffffffda RBX: 00007f8a52735f80 RCX: 00007f8a5257cef9 [ 410.208661][T14249] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000010 [ 410.212218][T14249] RBP: 00007f8a53419090 R08: 0000000000000000 R09: 0000000000000000 [ 410.215594][T14249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 410.218569][T14249] R13: 0000000000000000 R14: 00007f8a52735f80 R15: 00007fff76cd3388 [ 410.221184][T14249] [ 410.249393][ T39] audit: type=1400 audit(1725733334.887:1709): avc: denied { setattr } for pid=14251 comm="syz.2.2758" name="NFC_LLCP" dev="sockfs" ino=54922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 410.266992][ T39] audit: type=1400 audit(1725733334.887:1710): avc: denied { ioctl } for pid=14251 comm="syz.2.2758" path="socket:[54922]" dev="sockfs" ino=54922 ioctlcmd=0x9425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 410.297322][T14255] syz.2.2759: attempt to access beyond end of device [ 410.297322][T14255] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 410.302562][T14255] hfs: can't find a HFS filesystem on dev nbd2 [ 410.354951][ T58] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 410.570928][ T58] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 410.575780][ T58] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 410.580220][ T58] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 410.586213][ T58] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 410.591734][ T58] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 410.599107][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.607254][ T58] usb 6-1: config 0 descriptor?? [ 411.025899][T14247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 411.054626][T14247] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 411.094660][ T58] usbhid 6-1:0.0: can't add hid device: -71 [ 411.096742][ T58] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 411.101242][ T58] usb 6-1: USB disconnect, device number 40 [ 411.673529][T14296] syz.2.2776: attempt to access beyond end of device [ 411.673529][T14296] loop2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 411.681175][T14296] FAT-fs (loop2): unable to read boot sector [ 412.170994][T14313] FAULT_INJECTION: forcing a failure. [ 412.170994][T14313] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 412.175568][T14313] CPU: 3 UID: 0 PID: 14313 Comm: syz.1.2779 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 412.179533][T14313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 412.183417][T14313] Call Trace: [ 412.184836][T14313] [ 412.185838][T14313] dump_stack_lvl+0x16c/0x1f0 [ 412.187536][T14313] should_fail_ex+0x497/0x5b0 [ 412.189170][T14313] _copy_from_user+0x30/0xf0 [ 412.190750][T14313] vmemdup_user+0x6c/0x100 [ 412.192264][T14313] setxattr_copy+0x148/0x200 [ 412.193893][T14313] path_setxattr+0xfc/0x280 [ 412.195562][T14313] ? __pfx_path_setxattr+0x10/0x10 [ 412.197304][T14313] ? __pfx_lock_release+0x10/0x10 [ 412.199154][T14313] ? __pfx_migrate_enable+0x10/0x10 [ 412.201036][T14313] ? fput+0x32/0x390 [ 412.202498][T14313] ? ksys_write+0x1ab/0x260 [ 412.204372][T14313] __x64_sys_setxattr+0xc4/0x160 [ 412.206357][T14313] ? syscall_trace_enter+0x8b/0x240 [ 412.208107][T14313] do_syscall_64+0xcd/0x250 [ 412.209661][T14313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.211637][T14313] RIP: 0033:0x7fac22f7cef9 [ 412.213128][T14313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 412.220365][T14313] RSP: 002b:00007fac23c8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 412.223483][T14313] RAX: ffffffffffffffda RBX: 00007fac23135f80 RCX: 00007fac22f7cef9 [ 412.226670][T14313] RDX: 0000000020000380 RSI: 0000000020000000 RDI: 00000000200001c0 [ 412.229401][T14313] RBP: 00007fac23c8f090 R08: 0000000000000000 R09: 0000000000000000 [ 412.232030][T14313] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 412.234935][T14313] R13: 0000000000000000 R14: 00007fac23135f80 R15: 00007ffe6770c958 [ 412.238278][T14313] [ 412.287013][T14316] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2781'. [ 412.377888][T14320] vcan0: entered allmulticast mode [ 412.380916][T14318] vcan0: left allmulticast mode [ 412.804825][ T5372] usb 8-1: new high-speed USB device number 25 using dummy_hcd [ 413.005937][ T5372] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 413.010973][ T5372] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 413.015765][ T5372] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 413.019955][ T5372] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 413.025528][ T5372] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 413.028623][ T5372] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.032438][ T5372] usb 8-1: config 0 descriptor?? [ 413.446659][T14326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 413.450228][T14326] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 413.457978][ T5372] usbhid 8-1:0.0: can't add hid device: -71 [ 413.460640][ T5372] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 413.465926][ T5372] usb 8-1: USB disconnect, device number 25 [ 413.749112][ T39] audit: type=1326 audit(1725733338.387:1711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.759331][ T39] audit: type=1326 audit(1725733338.387:1712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.768905][ T39] audit: type=1326 audit(1725733338.397:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.777744][ T39] audit: type=1326 audit(1725733338.397:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.788220][ T39] audit: type=1326 audit(1725733338.397:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.797703][ T39] audit: type=1326 audit(1725733338.397:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.806033][ T39] audit: type=1326 audit(1725733338.397:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.814761][ T39] audit: type=1326 audit(1725733338.397:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.824687][ T39] audit: type=1326 audit(1725733338.397:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.834481][ T39] audit: type=1326 audit(1725733338.397:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14350 comm="syz.1.2791" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 413.847655][T14351] netlink: 'syz.1.2791': attribute type 10 has an invalid length. [ 414.373589][T14366] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2795'. [ 414.729168][T14365] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2794'. [ 414.885940][T14376] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2799'. [ 415.773303][T14389] FAULT_INJECTION: forcing a failure. [ 415.773303][T14389] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 415.781047][T14389] CPU: 3 UID: 0 PID: 14389 Comm: syz.0.2803 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 415.785653][T14389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 415.790173][T14389] Call Trace: [ 415.791599][T14389] [ 415.792833][T14389] dump_stack_lvl+0x16c/0x1f0 [ 415.794792][T14389] should_fail_ex+0x497/0x5b0 [ 415.796744][T14389] _copy_from_user+0x30/0xf0 [ 415.798702][T14389] copy_msghdr_from_user+0x99/0x160 [ 415.800918][T14389] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 415.803559][T14389] ? __lock_acquire+0x1620/0x3cb0 [ 415.805648][T14389] ___sys_sendmsg+0xff/0x1e0 [ 415.807600][T14389] ? __pfx____sys_sendmsg+0x10/0x10 [ 415.809779][T14389] ? __pfx___might_resched+0x10/0x10 [ 415.811978][T14389] ? __might_fault+0xe3/0x190 [ 415.813933][T14389] __sys_sendmmsg+0x1a1/0x450 [ 415.815869][T14389] ? __pfx___sys_sendmmsg+0x10/0x10 [ 415.818006][T14389] ? vfs_write+0x14d/0x1140 [ 415.819921][T14389] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 415.822368][T14389] ? fput+0x32/0x390 [ 415.824014][T14389] ? ksys_write+0x1ab/0x260 [ 415.825884][T14389] ? __pfx_ksys_write+0x10/0x10 [ 415.827879][T14389] __x64_sys_sendmmsg+0x9c/0x100 [ 415.829940][T14389] ? lockdep_hardirqs_on+0x7c/0x110 [ 415.832116][T14389] do_syscall_64+0xcd/0x250 [ 415.834030][T14389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 415.836489][T14389] RIP: 0033:0x7f48dcb7cef9 [ 415.838383][T14389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 415.845966][T14389] RSP: 002b:00007f48dda44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 415.848779][T14389] RAX: ffffffffffffffda RBX: 00007f48dcd35f80 RCX: 00007f48dcb7cef9 [ 415.851415][T14389] RDX: 04924924924925c6 RSI: 0000000020000680 RDI: 0000000000000004 [ 415.853965][T14389] RBP: 00007f48dda44090 R08: 0000000000000000 R09: 0000000000000000 [ 415.856598][T14389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 415.859174][T14389] R13: 0000000000000000 R14: 00007f48dcd35f80 R15: 00007ffea587ee78 [ 415.862207][T14389] [ 416.035341][T14394] netlink: 792 bytes leftover after parsing attributes in process `syz.0.2804'. [ 416.223675][ T30] usb 8-1: new high-speed USB device number 26 using dummy_hcd [ 416.275733][T14399] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2806'. [ 416.279007][T14399] netlink: 112 bytes leftover after parsing attributes in process `syz.0.2806'. [ 416.282768][T14399] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2806'. [ 416.423670][ T30] usb 8-1: device descriptor read/64, error -71 [ 416.703714][ T30] usb 8-1: new high-speed USB device number 27 using dummy_hcd [ 416.853653][ T30] usb 8-1: device descriptor read/64, error -71 [ 416.966343][T14416] syzkaller1: entered promiscuous mode [ 416.968528][T14416] syzkaller1: entered allmulticast mode [ 416.983855][ T30] usb usb8-port1: attempt power cycle [ 417.427446][ T30] usb 8-1: new high-speed USB device number 28 using dummy_hcd [ 417.454256][ T30] usb 8-1: device descriptor read/8, error -71 [ 417.723703][ T30] usb 8-1: new high-speed USB device number 29 using dummy_hcd [ 417.754254][ T30] usb 8-1: device descriptor read/8, error -71 [ 417.883972][ T30] usb usb8-port1: unable to enumerate USB device [ 418.163326][T14438] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2815'. [ 418.167134][T14438] 0ªX¹¦À: renamed from caif0 [ 418.169901][T14438] FAULT_INJECTION: forcing a failure. [ 418.169901][T14438] name failslab, interval 1, probability 0, space 0, times 0 [ 418.174695][T14438] CPU: 0 UID: 0 PID: 14438 Comm: syz.1.2815 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 418.178801][T14438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 418.182957][T14438] Call Trace: [ 418.184126][T14438] [ 418.185141][T14438] dump_stack_lvl+0x16c/0x1f0 [ 418.186737][T14438] should_fail_ex+0x497/0x5b0 [ 418.188316][T14438] ? fs_reclaim_acquire+0xae/0x160 [ 418.190029][T14438] should_failslab+0xc2/0x120 [ 418.191623][T14438] __kmalloc_noprof+0xcb/0x400 [ 418.193234][T14438] __register_sysctl_table+0xeaf/0x1910 [ 418.195097][T14438] ? __pfx___register_sysctl_table+0x10/0x10 [ 418.197345][T14438] ? register_net_sysctl_sz+0x228/0x3e0 [ 418.199655][T14438] neigh_sysctl_register+0x31a/0x640 [ 418.201642][T14438] ? __pfx_neigh_proc_base_reachable_time+0x10/0x10 [ 418.204365][T14438] ? __pfx_neigh_sysctl_register+0x10/0x10 [ 418.206622][T14438] devinet_sysctl_register+0xb6/0x200 [ 418.208757][T14438] inetdev_event+0x170b/0x1990 [ 418.210388][T14438] ? __pfx_inetdev_event+0x10/0x10 [ 418.212135][T14438] ? cfg802154_netdev_notifier_call+0x391/0xa00 [ 418.214226][T14438] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 418.216219][T14438] notifier_call_chain+0xb9/0x410 [ 418.218287][T14438] ? __pfx_inetdev_event+0x10/0x10 [ 418.220413][T14438] call_netdevice_notifiers_info+0xbe/0x140 [ 418.222844][T14438] dev_change_name+0x5ab/0x920 [ 418.224470][T14438] ? __pfx_dev_change_name+0x10/0x10 [ 418.226254][T14438] ? __pfx_llist_add_batch+0x10/0x10 [ 418.228045][T14438] ? __asan_memset+0x23/0x50 [ 418.229603][T14438] do_setlink+0x3114/0x4190 [ 418.231163][T14438] ? vprintk_emit+0x1a2/0x600 [ 418.232750][T14438] ? __pfx_do_setlink+0x10/0x10 [ 418.234407][T14438] ? vprintk+0x86/0xa0 [ 418.235922][T14438] ? _printk+0xc8/0x100 [ 418.237334][T14438] ? __pfx__printk+0x10/0x10 [ 418.238912][T14438] ? ___ratelimit+0x24c/0x580 [ 418.240495][T14438] ? __pfx____ratelimit+0x10/0x10 [ 418.242185][T14438] ? kernel_text_address+0x8d/0x100 [ 418.243964][T14438] ? rcu_is_watching+0x12/0xc0 [ 418.245585][T14438] ? do_trace_netlink_extack+0x16d/0x1e0 [ 418.247489][T14438] ? __nla_validate_parse+0x601/0x2880 [ 418.249332][T14438] ? __pfx___nla_validate_parse+0x10/0x10 [ 418.251232][T14438] ? kfree_skbmem+0x1a4/0x1f0 [ 418.252619][T14438] ? stack_trace_save+0x95/0xd0 [ 418.254063][T14438] ? __pfx_mark_lock+0x10/0x10 [ 418.255870][T14438] ? stack_depot_save_flags+0x28/0x8f0 [ 418.258123][T14438] ? __nla_parse+0x40/0x60 [ 418.259743][T14438] rtnl_setlink+0x28d/0x3f0 [ 418.261436][T14438] ? __pfx_rtnl_setlink+0x10/0x10 [ 418.263546][T14438] ? hlock_class+0x4e/0x130 [ 418.265507][T14438] ? trace_contention_end+0xea/0x140 [ 418.267784][T14438] ? __mutex_lock+0x1a6/0x9c0 [ 418.269805][T14438] ? rtnetlink_rcv_msg+0x372/0xea0 [ 418.272007][T14438] ? __pfx___mutex_lock+0x10/0x10 [ 418.273983][T14438] ? rtnetlink_rcv_msg+0x35a/0xea0 [ 418.275986][T14438] ? __pfx_rtnl_setlink+0x10/0x10 [ 418.278127][T14438] rtnetlink_rcv_msg+0x3c7/0xea0 [ 418.280254][T14438] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 418.282606][T14438] netlink_rcv_skb+0x16b/0x440 [ 418.284430][T14438] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 418.286624][T14438] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 418.288893][T14438] ? netlink_deliver_tap+0x1ae/0xd90 [ 418.291438][T14438] netlink_unicast+0x53c/0x7f0 [ 418.293429][T14438] ? __pfx_netlink_unicast+0x10/0x10 [ 418.296087][T14438] netlink_sendmsg+0x8b8/0xd70 [ 418.298092][T14438] ? __pfx_netlink_sendmsg+0x10/0x10 [ 418.300391][T14438] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 418.302701][T14438] sock_write_iter+0x50a/0x5c0 [ 418.304767][T14438] ? __pfx_sock_write_iter+0x10/0x10 [ 418.307045][T14438] ? __pfx_file_has_perm+0x10/0x10 [ 418.308870][T14438] do_iter_readv_writev+0x531/0x800 [ 418.310948][T14438] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 418.313458][T14438] ? selinux_file_permission+0x125/0x590 [ 418.315855][T14438] ? bpf_lsm_file_permission+0x9/0x10 [ 418.317848][T14438] ? security_file_permission+0x98/0xc0 [ 418.319869][T14438] vfs_writev+0x36f/0xde0 [ 418.321692][T14438] ? __pfx_vfs_writev+0x10/0x10 [ 418.323348][T14438] ? __fget_files+0x24c/0x400 [ 418.325240][T14438] ? do_writev+0x287/0x370 [ 418.327029][T14438] do_writev+0x287/0x370 [ 418.328449][T14438] ? __pfx_do_writev+0x10/0x10 [ 418.330370][T14438] do_syscall_64+0xcd/0x250 [ 418.332023][T14438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.334200][T14438] RIP: 0033:0x7fac22f7cef9 [ 418.336118][T14438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 418.342954][T14438] RSP: 002b:00007fac23c8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 418.346442][T14438] RAX: ffffffffffffffda RBX: 00007fac23135f80 RCX: 00007fac22f7cef9 [ 418.349202][T14438] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000005 [ 418.351996][T14438] RBP: 00007fac23c8f090 R08: 0000000000000000 R09: 0000000000000000 [ 418.354612][T14438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 418.357218][T14438] R13: 0000000000000000 R14: 00007fac23135f80 R15: 00007ffe6770c958 [ 418.359846][T14438] [ 418.361724][T14438] sysctl could not get directory: /net/ipv4/neigh/0ªX¹¦À -12 [ 418.372614][T14438] 0ªX¹¦À: entered allmulticast mode [ 418.375146][T14438] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 419.014348][ T39] kauditd_printk_skb: 87 callbacks suppressed [ 419.014358][ T39] audit: type=1400 audit(1725733343.657:1808): avc: denied { lock } for pid=14459 comm="syz.3.2821" path="" dev="9p" ino=36574070 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 419.100939][T14469] fuse: Unknown parameter 'rootmode]00000000000000>00040000' [ 419.153291][T14472] fuse: Bad value for 'group_id' [ 419.155113][T14472] fuse: Bad value for 'group_id' [ 419.190737][T14475] FAULT_INJECTION: forcing a failure. [ 419.190737][T14475] name failslab, interval 1, probability 0, space 0, times 0 [ 419.195867][T14475] CPU: 1 UID: 0 PID: 14475 Comm: syz.3.2827 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 419.199545][T14475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 419.203188][T14475] Call Trace: [ 419.204363][T14475] [ 419.205408][T14475] dump_stack_lvl+0x16c/0x1f0 [ 419.207026][T14475] should_fail_ex+0x497/0x5b0 [ 419.208633][T14475] ? fs_reclaim_acquire+0xae/0x160 [ 419.210397][T14475] should_failslab+0xc2/0x120 [ 419.212019][T14475] kmem_cache_alloc_node_noprof+0x71/0x310 [ 419.214040][T14475] ? __alloc_skb+0x2b1/0x380 [ 419.215780][T14475] __alloc_skb+0x2b1/0x380 [ 419.217384][T14475] ? __pfx___alloc_skb+0x10/0x10 [ 419.219109][T14475] ? __nla_parse+0x40/0x60 [ 419.220702][T14475] ovs_vport_cmd_set+0x52/0x480 [ 419.222386][T14475] genl_family_rcv_msg_doit+0x202/0x2f0 [ 419.224368][T14475] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 419.226415][T14475] ? ns_capable+0xd7/0x110 [ 419.227962][T14475] genl_rcv_msg+0x565/0x800 [ 419.229531][T14475] ? __pfx_genl_rcv_msg+0x10/0x10 [ 419.231272][T14475] ? __pfx___lock_acquire+0x10/0x10 [ 419.233091][T14475] ? __pfx_ovs_vport_cmd_set+0x10/0x10 [ 419.235179][T14475] netlink_rcv_skb+0x16b/0x440 [ 419.235288][T14480] netlink: 'syz.2.2829': attribute type 4 has an invalid length. [ 419.236780][T14475] ? __pfx_genl_rcv_msg+0x10/0x10 [ 419.242035][T14475] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 419.243907][T14475] ? down_read+0xc9/0x330 [ 419.245378][T14475] ? __pfx_down_read+0x10/0x10 [ 419.247130][T14475] ? netlink_deliver_tap+0x1ae/0xd90 [ 419.249254][T14475] genl_rcv+0x28/0x40 [ 419.250695][T14475] netlink_unicast+0x53c/0x7f0 [ 419.252307][T14475] ? __pfx_netlink_unicast+0x10/0x10 [ 419.254166][T14475] netlink_sendmsg+0x8b8/0xd70 [ 419.255882][T14475] ? __pfx_netlink_sendmsg+0x10/0x10 [ 419.257666][T14475] ? __import_iovec+0x1fd/0x6e0 [ 419.259338][T14475] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 419.261141][T14475] ____sys_sendmsg+0xab5/0xc90 [ 419.262772][T14475] ? copy_msghdr_from_user+0x10b/0x160 [ 419.264658][T14475] ? __pfx_____sys_sendmsg+0x10/0x10 [ 419.266597][T14475] ? find_held_lock+0x2d/0x110 [ 419.268341][T14475] ? __pfx___lock_acquire+0x10/0x10 [ 419.270126][T14475] ___sys_sendmsg+0x135/0x1e0 [ 419.271748][T14475] ? __pfx____sys_sendmsg+0x10/0x10 [ 419.273553][T14475] ? ksys_write+0x21c/0x260 [ 419.275128][T14475] ? __fget_light+0x173/0x210 [ 419.276720][T14475] __sys_sendmsg+0x117/0x1f0 [ 419.278292][T14475] ? __pfx___sys_sendmsg+0x10/0x10 [ 419.280046][T14475] do_syscall_64+0xcd/0x250 [ 419.281623][T14475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.283720][T14475] RIP: 0033:0x7fe77d17cef9 [ 419.285252][T14475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 419.291725][T14475] RSP: 002b:00007fe77dfee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 419.294588][T14475] RAX: ffffffffffffffda RBX: 00007fe77d335f80 RCX: 00007fe77d17cef9 [ 419.297469][T14475] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 419.300074][T14475] RBP: 00007fe77dfee090 R08: 0000000000000000 R09: 0000000000000000 [ 419.303195][T14475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 419.306315][T14475] R13: 0000000000000000 R14: 00007fe77d335f80 R15: 00007ffc2f10a568 [ 419.308984][T14475] [ 419.433875][T14490] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1545 sclass=netlink_route_socket pid=14490 comm=syz.3.2832 [ 419.649343][ T39] audit: type=1400 audit(1725733344.287:1809): avc: denied { getopt } for pid=14496 comm="syz.1.2835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 419.657420][T14497] fuse: Unknown parameter 'roo(›ä¯ñ¹µtmode' [ 419.666243][ T39] audit: type=1400 audit(1725733344.297:1810): avc: denied { execheap } for pid=14496 comm="syz.1.2835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 419.847429][T14500] input: syz0 as /devices/virtual/input/input34 [ 419.867168][ T39] audit: type=1400 audit(1725733344.507:1811): avc: denied { write } for pid=14499 comm="syz.1.2836" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 420.198156][T14503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2837'. [ 420.203216][T14503] FAULT_INJECTION: forcing a failure. [ 420.203216][T14503] name failslab, interval 1, probability 0, space 0, times 0 [ 420.211009][T14503] CPU: 2 UID: 0 PID: 14503 Comm: syz.3.2837 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 420.215639][T14503] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 420.220378][T14503] Call Trace: [ 420.221863][T14503] [ 420.223190][T14503] dump_stack_lvl+0x16c/0x1f0 [ 420.225371][T14503] should_fail_ex+0x497/0x5b0 [ 420.227428][T14503] ? fs_reclaim_acquire+0xae/0x160 [ 420.229668][T14503] should_failslab+0xc2/0x120 [ 420.231770][T14503] kmem_cache_alloc_node_noprof+0x71/0x310 [ 420.234330][T14503] ? __alloc_skb+0x2b1/0x380 [ 420.236397][T14503] __alloc_skb+0x2b1/0x380 [ 420.238382][T14503] ? __pfx___alloc_skb+0x10/0x10 [ 420.240573][T14503] ? module_put+0xd/0x30 [ 420.242401][T14503] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 420.244629][T14503] netlink_ack+0x164/0xb90 [ 420.246625][T14503] netlink_rcv_skb+0x348/0x440 [ 420.248721][T14503] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 420.251104][T14503] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 420.253412][T14503] ? netlink_deliver_tap+0x1ae/0xd90 [ 420.255740][T14503] netlink_unicast+0x53c/0x7f0 [ 420.257845][T14503] ? __pfx_netlink_unicast+0x10/0x10 [ 420.260125][T14503] netlink_sendmsg+0x8b8/0xd70 [ 420.262229][T14503] ? __pfx_netlink_sendmsg+0x10/0x10 [ 420.264553][T14503] ? __import_iovec+0x1fd/0x6e0 [ 420.266726][T14503] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 420.269090][T14503] ____sys_sendmsg+0xab5/0xc90 [ 420.271204][T14503] ? copy_msghdr_from_user+0x10b/0x160 [ 420.273601][T14503] ? __pfx_____sys_sendmsg+0x10/0x10 [ 420.275400][T14503] ? find_held_lock+0x2d/0x110 [ 420.276824][T14503] ? __pfx___lock_acquire+0x10/0x10 [ 420.278378][T14503] ___sys_sendmsg+0x135/0x1e0 [ 420.279988][T14503] ? __pfx____sys_sendmsg+0x10/0x10 [ 420.281721][T14503] ? ksys_write+0x21c/0x260 [ 420.283186][T14503] ? __fget_light+0x173/0x210 [ 420.284628][T14503] __sys_sendmsg+0x117/0x1f0 [ 420.286297][T14503] ? __pfx___sys_sendmsg+0x10/0x10 [ 420.288188][T14503] do_syscall_64+0xcd/0x250 [ 420.289857][T14503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.291617][T14503] RIP: 0033:0x7fe77d17cef9 [ 420.292903][T14503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.299383][T14503] RSP: 002b:00007fe77dfee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 420.302425][T14503] RAX: ffffffffffffffda RBX: 00007fe77d335f80 RCX: 00007fe77d17cef9 [ 420.305248][T14503] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 420.307919][T14503] RBP: 00007fe77dfee090 R08: 0000000000000000 R09: 0000000000000000 [ 420.310592][T14503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 420.312829][T14503] R13: 0000000000000000 R14: 00007fe77d335f80 R15: 00007ffc2f10a568 [ 420.315264][T14503] [ 420.520281][T14517] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2842'. [ 420.726935][T14523] syzkaller0: entered promiscuous mode [ 420.729106][T14523] syzkaller0: entered allmulticast mode [ 420.738755][ T39] audit: type=1400 audit(1725733345.377:1812): avc: denied { map } for pid=14522 comm="syz.1.2844" path="socket:[53116]" dev="sockfs" ino=53116 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 420.747134][ T39] audit: type=1400 audit(1725733345.377:1813): avc: denied { read } for pid=14522 comm="syz.1.2844" path="socket:[53116]" dev="sockfs" ino=53116 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 420.820811][ T39] audit: type=1400 audit(1725733345.457:1814): avc: denied { watch } for pid=14524 comm="syz.0.2845" path="/dev/nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 420.830209][ T39] audit: type=1400 audit(1725733345.457:1815): avc: denied { watch_sb watch_reads } for pid=14524 comm="syz.0.2845" path="/dev/nvram" dev="devtmpfs" ino=633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 420.893649][ T57] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 421.085226][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 421.093643][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 421.105057][ T57] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 421.110306][ T57] usb 7-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00 [ 421.114559][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.124284][ T57] usb 7-1: config 0 descriptor?? [ 421.567851][ T57] waltop 0003:172F:0038.001B: unknown main item tag 0xe [ 421.574386][ T57] waltop 0003:172F:0038.001B: item fetching failed at offset 4/5 [ 421.586789][ T57] waltop 0003:172F:0038.001B: probe with driver waltop failed with error -22 [ 422.539985][T14531] netlink: 'syz.3.2847': attribute type 4 has an invalid length. [ 422.543485][T14531] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2847'. [ 422.599481][T14535] FAULT_INJECTION: forcing a failure. [ 422.599481][T14535] name failslab, interval 1, probability 0, space 0, times 0 [ 422.605018][T14535] CPU: 0 UID: 0 PID: 14535 Comm: syz.3.2848 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 422.609301][T14535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 422.613150][T14535] Call Trace: [ 422.614598][T14535] [ 422.615762][T14535] dump_stack_lvl+0x16c/0x1f0 [ 422.617562][T14535] should_fail_ex+0x497/0x5b0 [ 422.619491][T14535] ? fs_reclaim_acquire+0xae/0x160 [ 422.621577][T14535] should_failslab+0xc2/0x120 [ 422.623395][T14535] __kmalloc_noprof+0xcb/0x400 [ 422.625728][T14535] ? d_absolute_path+0x137/0x1b0 [ 422.628027][T14535] tomoyo_encode2+0x100/0x3e0 [ 422.630447][T14535] tomoyo_encode+0x29/0x50 [ 422.632599][T14535] tomoyo_realpath_from_path+0x19d/0x720 [ 422.635403][T14535] tomoyo_path_number_perm+0x245/0x590 [ 422.637513][T14535] ? tomoyo_path_number_perm+0x232/0x590 [ 422.640023][T14535] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 422.642632][T14535] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 422.645363][T14535] ? __fget_files+0x256/0x400 [ 422.647421][T14535] security_file_ioctl+0x75/0xc0 [ 422.649535][T14535] __x64_sys_ioctl+0xbb/0x220 [ 422.651697][T14535] do_syscall_64+0xcd/0x250 [ 422.653618][T14535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.656084][T14535] RIP: 0033:0x7fe77d17cef9 [ 422.658041][T14535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 422.665797][T14535] RSP: 002b:00007fe77dfee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 422.669251][T14535] RAX: ffffffffffffffda RBX: 00007fe77d335f80 RCX: 00007fe77d17cef9 [ 422.672580][T14535] RDX: 0000000020000140 RSI: 0000000080404521 RDI: 0000000000000003 [ 422.675855][T14535] RBP: 00007fe77dfee090 R08: 0000000000000000 R09: 0000000000000000 [ 422.678993][T14535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 422.682275][T14535] R13: 0000000000000000 R14: 00007fe77d335f80 R15: 00007ffc2f10a568 [ 422.685701][T14535] [ 422.689682][T14535] ERROR: Out of memory at tomoyo_realpath_from_path. [ 422.735928][T14540] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2849'. [ 422.747119][T14543] Bluetooth: MGMT ver 1.23 [ 422.977017][T14548] overlayfs: failed to resolve './file1': -2 [ 423.227474][T14560] FAULT_INJECTION: forcing a failure. [ 423.227474][T14560] name failslab, interval 1, probability 0, space 0, times 0 [ 423.232602][T14560] CPU: 1 UID: 0 PID: 14560 Comm: syz.3.2857 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 423.236995][T14560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 423.241366][T14560] Call Trace: [ 423.242910][T14560] [ 423.244039][T14560] dump_stack_lvl+0x16c/0x1f0 [ 423.245855][T14560] should_fail_ex+0x497/0x5b0 [ 423.247549][T14560] ? fs_reclaim_acquire+0xae/0x160 [ 423.249457][T14560] should_failslab+0xc2/0x120 [ 423.251411][T14560] __kmalloc_noprof+0xcb/0x400 [ 423.253179][T14560] sk_prot_alloc+0x1a8/0x2a0 [ 423.254740][T14560] sk_alloc+0x36/0xb90 [ 423.256348][T14560] bpf_prog_test_run_skb+0x32b/0x20f0 [ 423.258432][T14560] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 423.260520][T14560] ? fput+0x32/0x390 [ 423.261985][T14560] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 423.263980][T14560] __sys_bpf+0x10d2/0x4a00 [ 423.265672][T14560] ? ksys_write+0x21c/0x260 [ 423.267305][T14560] ? reacquire_held_locks+0x4b0/0x4c0 [ 423.269549][T14560] ? __pfx___sys_bpf+0x10/0x10 [ 423.271583][T14560] ? vfs_write+0x14d/0x1140 [ 423.273462][T14560] ? __mutex_unlock_slowpath+0x164/0x650 [ 423.275715][T14560] ? fput+0x32/0x390 [ 423.277362][T14560] ? ksys_write+0x1ab/0x260 [ 423.279260][T14560] ? __pfx_ksys_write+0x10/0x10 [ 423.281249][T14560] __x64_sys_bpf+0x78/0xc0 [ 423.283022][T14560] ? lockdep_hardirqs_on+0x7c/0x110 [ 423.285175][T14560] do_syscall_64+0xcd/0x250 [ 423.287046][T14560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.289423][T14560] RIP: 0033:0x7fe77d17cef9 [ 423.291073][T14560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.297617][T14560] RSP: 002b:00007fe77dfee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 423.300863][T14560] RAX: ffffffffffffffda RBX: 00007fe77d335f80 RCX: 00007fe77d17cef9 [ 423.304121][T14560] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a [ 423.307383][T14560] RBP: 00007fe77dfee090 R08: 0000000000000000 R09: 0000000000000000 [ 423.310439][T14560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 423.313739][T14560] R13: 0000000000000000 R14: 00007fe77d335f80 R15: 00007ffc2f10a568 [ 423.316608][T14560] [ 423.361290][T14562] netlink: 'syz.3.2858': attribute type 1 has an invalid length. [ 423.664884][ T58] usb 7-1: USB disconnect, device number 29 [ 423.694459][T14572] FAULT_INJECTION: forcing a failure. [ 423.694459][T14572] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 423.699538][T14572] CPU: 2 UID: 0 PID: 14572 Comm: syz.1.2860 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 423.703524][T14572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 423.707455][T14572] Call Trace: [ 423.708558][T14572] [ 423.709619][T14572] dump_stack_lvl+0x16c/0x1f0 [ 423.711274][T14572] should_fail_ex+0x497/0x5b0 [ 423.712856][T14572] ? fs_reclaim_acquire+0xae/0x160 [ 423.714611][T14572] should_fail_alloc_page+0xe7/0x130 [ 423.716343][T14572] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 423.718394][T14572] __alloc_pages_noprof+0x194/0x2460 [ 423.720105][T14572] ? __orc_find+0x104/0x130 [ 423.721663][T14572] ? bpf_ksym_find+0x127/0x1c0 [ 423.723423][T14572] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 423.725761][T14572] ? is_bpf_text_address+0x94/0x1a0 [ 423.727523][T14572] ? kernel_text_address+0x8d/0x100 [ 423.729256][T14572] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 423.731167][T14572] ? hlock_class+0x4e/0x130 [ 423.732693][T14572] ? __lock_acquire+0xbdd/0x3cb0 [ 423.734369][T14572] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 423.736510][T14572] ? policy_nodemask+0xea/0x4e0 [ 423.738366][T14572] alloc_pages_mpol_noprof+0x275/0x610 [ 423.740459][T14572] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 423.742508][T14572] ? mt_find+0x82f/0xa20 [ 423.744258][T14572] ? __pfx_lock_release+0x10/0x10 [ 423.746614][T14572] __pud_alloc+0x39/0x610 [ 423.748395][T14572] __handle_mm_fault+0x995/0x5660 [ 423.750277][T14572] ? __pfx_mt_find+0x10/0x10 [ 423.752138][T14572] ? __pfx___handle_mm_fault+0x10/0x10 [ 423.754412][T14572] handle_mm_fault+0x498/0xa60 [ 423.756155][T14572] __get_user_pages+0x475/0x15c0 [ 423.757917][T14572] ? __pfx___get_user_pages+0x10/0x10 [ 423.760125][T14572] get_user_pages_remote+0x25e/0xb30 [ 423.760830][T14575] netlink: 'syz.3.2862': attribute type 25 has an invalid length. [ 423.762274][T14572] ? __pfx_get_user_pages_remote+0x10/0x10 [ 423.765046][T14575] netlink: 'syz.3.2862': attribute type 7 has an invalid length. [ 423.766974][T14572] ? down_read+0xc9/0x330 [ 423.771751][T14572] ? __might_fault+0x13b/0x190 [ 423.773547][T14572] get_arg_page+0x13e/0x640 [ 423.775144][T14572] ? __pfx_get_arg_page+0x10/0x10 [ 423.777223][T14572] ? __might_fault+0xe3/0x190 [ 423.779364][T14572] copy_string_kernel+0x199/0x240 [ 423.781373][T14572] ? count.constprop.0.isra.0+0xf4/0x170 [ 423.783340][T14572] do_execveat_common.isra.0+0x34e/0x630 [ 423.785287][T14572] __x64_sys_execve+0x8c/0xb0 [ 423.786922][T14572] do_syscall_64+0xcd/0x250 [ 423.788575][T14572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.790936][T14572] RIP: 0033:0x7fac22f7cef9 [ 423.792764][T14572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.799700][T14572] RSP: 002b:00007fac229ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 423.802502][T14572] RAX: ffffffffffffffda RBX: 00007fac23136058 RCX: 00007fac22f7cef9 [ 423.805283][T14572] RDX: 00000000200001c0 RSI: 0000000020000100 RDI: 0000000020000000 [ 423.808358][T14572] RBP: 00007fac229ff090 R08: 0000000000000000 R09: 0000000000000000 [ 423.811235][T14572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 423.814200][T14572] R13: 0000000000000000 R14: 00007fac23136058 R15: 00007ffe6770c958 [ 423.817131][T14572] [ 423.977224][T14583] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2864'. [ 424.114312][ T5598] usb 8-1: new high-speed USB device number 30 using dummy_hcd [ 424.132979][ T39] audit: type=1326 audit(1725733348.767:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.142455][ T39] audit: type=1326 audit(1725733348.767:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.152248][ T39] audit: type=1326 audit(1725733348.767:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.162916][ T39] audit: type=1326 audit(1725733348.777:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.172892][ T39] audit: type=1326 audit(1725733348.777:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.181318][ T39] audit: type=1326 audit(1725733348.777:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.191630][ T39] audit: type=1326 audit(1725733348.777:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.201377][ T39] audit: type=1326 audit(1725733348.777:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.209496][ T39] audit: type=1326 audit(1725733348.777:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.218240][ T39] audit: type=1326 audit(1725733348.777:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14593 comm="syz.1.2867" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x7ffc0000 [ 424.295792][ T5598] usb 8-1: config 0 has an invalid interface number: 115 but max is 0 [ 424.299823][ T5598] usb 8-1: config 0 has no interface number 0 [ 424.302637][ T5598] usb 8-1: config 0 interface 115 has no altsetting 0 [ 424.309971][ T5598] usb 8-1: New USB device found, idVendor=0524, idProduct=a4a3, bcdDevice=1c.92 [ 424.314559][ T5598] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 424.318090][ T5598] usb 8-1: Product: syz [ 424.319801][ T5598] usb 8-1: Manufacturer: syz [ 424.321788][ T5598] usb 8-1: SerialNumber: syz [ 424.326324][ T5598] usb 8-1: config 0 descriptor?? [ 424.361891][T14605] autofs: Unknown parameter 'M\V™¯ñÞaë{iÜ6vé ŒpÖTÚ Ä5YÈ@“R›Fž¥Œeø·' [ 424.537798][ T5598] usb 8-1: USB disconnect, device number 30 [ 425.334245][T14625] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2876'. [ 425.399543][T14628] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 425.411442][T14628] CIFS mount error: No usable UNC path provided in device string! [ 425.411442][T14628] [ 425.416492][T14628] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 425.421443][T14628] overlayfs: missing 'lowerdir' [ 425.533466][T14632] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2878'. [ 426.519411][T14668] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2891'. [ 426.560725][T14672] input: syz0 as /devices/virtual/input/input35 [ 426.827064][T14679] block nbd3: shutting down sockets [ 427.237010][T14687] block nbd2: not configured, cannot reconfigure [ 427.254681][T14687] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2896'. [ 427.305046][T14691] netlink: 'syz.3.2897': attribute type 4 has an invalid length. [ 427.763673][ T5372] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 427.951818][ T5372] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 427.958182][ T5372] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 427.966381][ T5372] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 427.973139][ T5372] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 427.982069][ T5372] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 427.988890][ T5372] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.997118][ T5372] usb 6-1: config 0 descriptor?? [ 428.412680][T14699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 428.418588][T14699] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 428.430112][ T5372] usbhid 6-1:0.0: can't add hid device: -71 [ 428.432892][ T5372] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 428.438569][ T5372] usb 6-1: USB disconnect, device number 41 [ 428.492155][T14719] block nbd2: not configured, cannot reconfigure [ 428.529114][T14719] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2905'. [ 428.698348][T14724] serio: Serial port pts2 [ 429.126563][T14734] FAULT_INJECTION: forcing a failure. [ 429.126563][T14734] name failslab, interval 1, probability 0, space 0, times 0 [ 429.132349][T14734] CPU: 3 UID: 0 PID: 14734 Comm: syz.2.2908 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 429.136590][T14734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 429.140462][T14734] Call Trace: [ 429.141712][T14734] [ 429.142843][T14734] dump_stack_lvl+0x16c/0x1f0 [ 429.144640][T14734] should_fail_ex+0x497/0x5b0 [ 429.146443][T14734] ? fs_reclaim_acquire+0xae/0x160 [ 429.148413][T14734] should_failslab+0xc2/0x120 [ 429.150189][T14734] __kmalloc_node_noprof+0xd1/0x430 [ 429.152097][T14734] ? alloc_slab_obj_exts+0x41/0xa0 [ 429.154007][T14734] alloc_slab_obj_exts+0x41/0xa0 [ 429.155874][T14734] new_slab+0x20f/0x260 [ 429.157445][T14734] ___slab_alloc+0xdac/0x1870 [ 429.159216][T14734] ? copy_process+0x4ba/0x8de0 [ 429.160987][T14734] ? copy_process+0x4ba/0x8de0 [ 429.162792][T14734] ? __slab_alloc.constprop.0+0x56/0xb0 [ 429.164885][T14734] __slab_alloc.constprop.0+0x56/0xb0 [ 429.166964][T14734] kmem_cache_alloc_node_noprof+0xed/0x310 [ 429.169216][T14734] ? copy_process+0x4ba/0x8de0 [ 429.171038][T14734] copy_process+0x4ba/0x8de0 [ 429.173334][T14734] ? __might_fault+0x13b/0x190 [ 429.175618][T14734] ? __pfx___lock_acquire+0x10/0x10 [ 429.177950][T14734] ? __pfx_copy_process+0x10/0x10 [ 429.180171][T14734] ? get_pid_task+0xfc/0x250 [ 429.182228][T14734] ? __pfx_lock_release+0x10/0x10 [ 429.184487][T14734] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 429.186975][T14734] ? find_held_lock+0x2d/0x110 [ 429.189105][T14734] ? find_held_lock+0x2d/0x110 [ 429.191207][T14734] kernel_clone+0xfd/0x960 [ 429.193149][T14734] ? __pfx_kernel_clone+0x10/0x10 [ 429.195337][T14734] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 429.197618][T14734] __do_sys_clone+0xba/0x100 [ 429.199523][T14734] ? __pfx___do_sys_clone+0x10/0x10 [ 429.201742][T14734] do_syscall_64+0xcd/0x250 [ 429.203688][T14734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 429.206237][T14734] RIP: 0033:0x7f8a5257cef9 [ 429.208062][T14734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 429.215872][T14734] RSP: 002b:00007f8a533f7fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 429.217330][T14738] usb 1-1: USB disconnect, device number 2 [ 429.219187][T14734] RAX: ffffffffffffffda RBX: 00007f8a52736058 RCX: 00007f8a5257cef9 [ 429.219202][T14734] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 429.219214][T14734] RBP: 00007f8a533f8090 R08: 0000000000000000 R09: 0000000000000000 [ 429.219226][T14734] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 429.219237][T14734] R13: 0000000000000001 R14: 00007f8a52736058 R15: 00007fff76cd3388 [ 429.237376][T14734] [ 429.306563][T14740] hub 1-0:1.0: USB hub found [ 429.309811][T14740] hub 1-0:1.0: 6 ports detected [ 429.533660][ T5598] usb 1-1: new high-speed USB device number 3 using ehci-pci [ 429.545023][T14747] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 429.783593][ T5598] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 429.787650][ T5598] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 429.791237][ T5598] usb 1-1: Product: QEMU USB Tablet [ 429.794117][ T5598] usb 1-1: Manufacturer: QEMU [ 429.796254][ T5598] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1 [ 429.819344][ T5598] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.001C/input/input36 [ 429.893677][ T5589] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 429.912172][ T5598] hid-generic 0003:0627:0001.001C: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 430.053990][ T5589] usb 7-1: device descriptor read/64, error -71 [ 430.333654][ T5372] usb 8-1: new high-speed USB device number 31 using dummy_hcd [ 430.343710][ T5589] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 430.513645][ T5589] usb 7-1: device descriptor read/64, error -71 [ 430.515470][ T5372] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 430.519709][ T5372] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 430.524061][ T5372] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 430.528271][ T5372] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 430.533233][ T5372] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 430.536379][ T5372] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.541224][ T5372] usb 8-1: config 0 descriptor?? [ 430.603955][ T58] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 430.644522][ T5589] usb usb7-port1: attempt power cycle [ 430.783860][ T58] usb 6-1: Using ep0 maxpacket: 32 [ 430.787958][ T58] usb 6-1: config 0 has no interfaces? [ 430.790451][ T58] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 430.794586][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.799799][ T58] usb 6-1: config 0 descriptor?? [ 430.952091][T14758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 430.956519][T14758] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 430.962004][ T5372] usbhid 8-1:0.0: can't add hid device: -71 [ 430.964636][ T5372] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 430.969154][ T5372] usb 8-1: USB disconnect, device number 31 [ 431.004450][ T5382] usb 6-1: USB disconnect, device number 42 [ 431.028429][T14766] Cannot find del_set index 0 as target [ 431.063139][ T5589] usb 7-1: new high-speed USB device number 32 using dummy_hcd [ 431.105654][ T5589] usb 7-1: device descriptor read/8, error -71 [ 431.211771][T14763] FAULT_INJECTION: forcing a failure. [ 431.211771][T14763] name failslab, interval 1, probability 0, space 0, times 0 [ 431.217464][T14763] CPU: 2 UID: 0 PID: 14763 Comm: syz.1.2916 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 431.221190][T14763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 431.225252][T14763] Call Trace: [ 431.226682][T14763] [ 431.227936][T14763] dump_stack_lvl+0x16c/0x1f0 [ 431.229769][T14763] should_fail_ex+0x497/0x5b0 [ 431.231361][T14763] ? fs_reclaim_acquire+0xae/0x160 [ 431.233066][T14763] should_failslab+0xc2/0x120 [ 431.234646][T14763] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 431.236424][T14763] ? alloc_empty_file+0x73/0x1e0 [ 431.238269][T14763] ? __lock_acquire+0xbdd/0x3cb0 [ 431.240035][T14763] alloc_empty_file+0x73/0x1e0 [ 431.241981][T14763] path_openat+0xe0/0x2d20 [ 431.244032][T14763] ? hlock_class+0x4e/0x130 [ 431.246086][T14763] ? __lock_acquire+0x1620/0x3cb0 [ 431.248371][T14763] ? __pfx_path_openat+0x10/0x10 [ 431.250591][T14763] ? __pfx___lock_acquire+0x10/0x10 [ 431.252944][T14763] do_filp_open+0x1dc/0x430 [ 431.255012][T14763] ? __pfx_do_filp_open+0x10/0x10 [ 431.257288][T14763] ? find_held_lock+0x2d/0x110 [ 431.259484][T14763] ? _raw_spin_unlock+0x28/0x50 [ 431.261694][T14763] ? alloc_fd+0x2d7/0x6c0 [ 431.263636][T14763] do_sys_openat2+0x17a/0x1e0 [ 431.265759][T14763] ? __pfx_do_sys_openat2+0x10/0x10 [ 431.268097][T14763] __x64_sys_openat+0x175/0x210 [ 431.270289][T14763] ? __pfx___x64_sys_openat+0x10/0x10 [ 431.272719][T14763] ? ksys_write+0x1ab/0x260 [ 431.274794][T14763] do_syscall_64+0xcd/0x250 [ 431.276876][T14763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.279516][T14763] RIP: 0033:0x7fac22f7b890 [ 431.281534][T14763] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44 [ 431.290032][T14763] RSP: 002b:00007fac23c8cef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 431.293772][T14763] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fac22f7b890 [ 431.297301][T14763] RDX: 0000000000000002 RSI: 00007fac22feeddc RDI: 00000000ffffff9c [ 431.300838][T14763] RBP: 00007fac22feeddc R08: 0000000000000000 R09: 0000000000000000 [ 431.304461][T14763] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 431.308000][T14763] R13: 000000000000003f R14: 0000000020000540 R15: 00007ffe6770c958 [ 431.311516][T14763] [ 431.373731][ T5589] usb 7-1: new high-speed USB device number 33 using dummy_hcd [ 431.404997][ T5589] usb 7-1: device descriptor read/8, error -71 [ 431.661175][ T5589] usb usb7-port1: unable to enumerate USB device [ 432.933650][ T5382] usb 8-1: new high-speed USB device number 32 using dummy_hcd [ 433.124871][T14806] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2929'. [ 433.126196][ T5382] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 433.132924][ T5382] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 433.139186][ T5382] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 433.143699][ T5382] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 433.148613][ T5382] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 433.152317][ T5382] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.163763][T14806] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2929'. [ 433.164278][ T5382] usb 8-1: config 0 descriptor?? [ 433.585210][T14797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 433.593228][T14797] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 433.601584][ T5382] usbhid 8-1:0.0: can't add hid device: -71 [ 433.604473][ T5382] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 433.611710][ T5382] usb 8-1: USB disconnect, device number 32 [ 434.152162][T14822] FAULT_INJECTION: forcing a failure. [ 434.152162][T14822] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 434.158744][T14822] CPU: 1 UID: 0 PID: 14822 Comm: syz.3.2935 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 434.163080][T14822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 434.167530][T14822] Call Trace: [ 434.168915][T14822] [ 434.170197][T14822] dump_stack_lvl+0x16c/0x1f0 [ 434.172267][T14822] should_fail_ex+0x497/0x5b0 [ 434.174292][T14822] _copy_from_user+0x30/0xf0 [ 434.176244][T14822] bpf_test_init.isra.0+0xf1/0x150 [ 434.178317][T14822] bpf_prog_test_run_skb+0x246/0x20f0 [ 434.180601][T14822] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 434.183052][T14822] ? fput+0x32/0x390 [ 434.184775][T14822] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 434.187231][T14822] __sys_bpf+0x10d2/0x4a00 [ 434.189142][T14822] ? ksys_write+0x21c/0x260 [ 434.191098][T14822] ? reacquire_held_locks+0x4b0/0x4c0 [ 434.193372][T14822] ? __pfx___sys_bpf+0x10/0x10 [ 434.195549][T14822] ? vfs_write+0x14d/0x1140 [ 434.197490][T14822] ? __mutex_unlock_slowpath+0x164/0x650 [ 434.199857][T14822] ? fput+0x32/0x390 [ 434.201533][T14822] ? ksys_write+0x1ab/0x260 [ 434.203467][T14822] ? __pfx_ksys_write+0x10/0x10 [ 434.205555][T14822] __x64_sys_bpf+0x78/0xc0 [ 434.207452][T14822] ? lockdep_hardirqs_on+0x7c/0x110 [ 434.209654][T14822] do_syscall_64+0xcd/0x250 [ 434.211609][T14822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.214104][T14822] RIP: 0033:0x7fe77d17cef9 [ 434.216021][T14822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.224073][T14822] RSP: 002b:00007fe77dfee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 434.227503][T14822] RAX: ffffffffffffffda RBX: 00007fe77d335f80 RCX: 00007fe77d17cef9 [ 434.230712][T14822] RDX: 0000000000000048 RSI: 00000000200002c0 RDI: 000000000000000a [ 434.234060][T14822] RBP: 00007fe77dfee090 R08: 0000000000000000 R09: 0000000000000000 [ 434.237403][T14822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 434.240598][T14822] R13: 0000000000000000 R14: 00007fe77d335f80 R15: 00007ffc2f10a568 [ 434.243543][T14822] [ 434.871680][T14835] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2938'. [ 434.992996][T14847] vivid-000: disconnect [ 435.027650][ T39] kauditd_printk_skb: 60 callbacks suppressed [ 435.027660][ T39] audit: type=1400 audit(1725733359.667:1886): avc: denied { read } for pid=14846 comm="syz.2.2941" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 435.165049][T14846] vivid-000: reconnect [ 435.493603][T11644] usb 7-1: new high-speed USB device number 34 using dummy_hcd [ 435.680075][ T39] audit: type=1400 audit(1725733360.317:1887): avc: denied { accept } for pid=14867 comm="syz.0.2947" lport=47313 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 435.709971][ T39] audit: type=1400 audit(1725733360.327:1888): avc: denied { write } for pid=14867 comm="syz.0.2947" path="socket:[58481]" dev="sockfs" ino=58481 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 435.735762][ T39] audit: type=1400 audit(1725733360.327:1889): avc: denied { setopt } for pid=14867 comm="syz.0.2947" lport=47313 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 435.744492][T11644] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 435.749317][T11644] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 435.753223][T11644] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 435.807389][ T39] audit: type=1400 audit(1725733360.327:1890): avc: denied { shutdown } for pid=14867 comm="syz.0.2947" lport=47313 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 435.830844][T11644] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 435.858308][T11644] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 435.861874][T11644] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.880184][T11644] usb 7-1: config 0 descriptor?? [ 436.332431][T14854] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 436.336467][T14854] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 436.378683][T11644] usbhid 7-1:0.0: can't add hid device: -71 [ 436.381316][T11644] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 436.391034][T11644] usb 7-1: USB disconnect, device number 34 [ 436.827383][ T39] audit: type=1326 audit(1725733361.467:1891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14886 comm="syz.1.2955" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac22f7cef9 code=0x0 [ 437.129778][T14899] 9pnet_virtio: no channels available for device syz [ 437.875840][T14910] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2960'. [ 438.122392][T14918] overlayfs: failed to resolve './file0': -2 [ 438.193723][T14922] SELinux: Context system_u:object_r:var_lib_t:s0 is not valid (left unmapped). [ 438.201316][ T39] audit: type=1400 audit(1725733362.837:1892): avc: denied { relabelto } for pid=14915 comm="syz.0.2961" name="file0" dev="tmpfs" ino=608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:var_lib_t:s0" [ 438.243400][ T39] audit: type=1400 audit(1725733362.837:1893): avc: denied { associate } for pid=14915 comm="syz.0.2961" name="file0" dev="tmpfs" ino=608 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:var_lib_t:s0" [ 438.348967][ T39] audit: type=1400 audit(1725733362.987:1894): avc: denied { rmdir } for pid=13146 comm="syz-executor" name="file0" dev="tmpfs" ino=608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:var_lib_t:s0" [ 438.613929][T11644] usb 8-1: new high-speed USB device number 33 using dummy_hcd [ 438.815742][T11644] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 438.820022][T11644] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 438.826083][T11644] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 438.829774][T11644] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 438.836646][T11644] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 438.840089][T11644] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.845657][T11644] usb 8-1: config 0 descriptor?? [ 439.318985][T14927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 439.323053][T14927] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 439.416016][T11644] usbhid 8-1:0.0: can't add hid device: -71 [ 439.418901][T11644] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 439.444300][T11644] usb 8-1: USB disconnect, device number 33 [ 439.862053][T14953] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.2971'. [ 439.866257][T14953] FAULT_INJECTION: forcing a failure. [ 439.866257][T14953] name failslab, interval 1, probability 0, space 0, times 0 [ 439.871065][T14953] CPU: 1 UID: 0 PID: 14953 Comm: syz.1.2971 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 439.875529][T14953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 439.879625][T14953] Call Trace: [ 439.881093][T14953] [ 439.883819][T14953] dump_stack_lvl+0x16c/0x1f0 [ 439.883840][T14953] should_fail_ex+0x497/0x5b0 [ 439.883854][T14953] ? fs_reclaim_acquire+0xae/0x160 [ 439.883870][T14953] should_failslab+0xc2/0x120 [ 439.883881][T14953] __kmalloc_node_noprof+0xd1/0x430 [ 439.883897][T14953] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 439.883915][T14953] __kvmalloc_node_noprof+0x9d/0x1a0 [ 439.883930][T14953] bucket_table_alloc.isra.0+0x86/0x470 [ 439.883948][T14953] rhashtable_init_noprof+0x41a/0x7e0 [ 439.883958][T14953] ? __init_waitqueue_head+0xca/0x150 [ 439.883971][T14953] rhltable_init_noprof+0x20/0x60 [ 439.883982][T14953] sta_info_init+0x27/0x160 [ 439.908541][T14953] ieee80211_alloc_hw_nm+0x840/0x2260 [ 439.910583][T14953] ? __local_bh_enable_ip+0xa4/0x120 [ 439.912736][T14953] mac80211_hwsim_new_radio+0x1d6/0x54d0 [ 439.914781][T14953] ? __pfx__printk+0x10/0x10 [ 439.916796][T14953] ? __pfx____ratelimit+0x10/0x10 [ 439.918666][T14953] ? rcu_is_watching+0x12/0xc0 [ 439.920526][T14953] ? do_trace_netlink_extack+0x16d/0x1e0 [ 439.922829][T14953] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 439.925096][T14953] hwsim_new_radio_nl+0xb42/0x12b0 [ 439.927232][T14953] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 439.929204][T14953] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 439.932411][T14953] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 439.935067][T14953] genl_family_rcv_msg_doit+0x202/0x2f0 [ 439.937498][T14953] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 439.939827][T14953] ? ns_capable+0xd7/0x110 [ 439.941539][T14953] genl_rcv_msg+0x565/0x800 [ 439.943474][T14953] ? __pfx_genl_rcv_msg+0x10/0x10 [ 439.945224][T14953] ? __pfx___lock_acquire+0x10/0x10 [ 439.947472][T14953] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 439.949636][T14953] netlink_rcv_skb+0x16b/0x440 [ 439.951558][T14953] ? __pfx_genl_rcv_msg+0x10/0x10 [ 439.953769][T14953] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 439.956011][T14953] ? down_read+0xc9/0x330 [ 439.957866][T14953] ? __pfx_down_read+0x10/0x10 [ 439.959966][T14953] ? netlink_deliver_tap+0x1ae/0xd90 [ 439.962271][T14953] genl_rcv+0x28/0x40 [ 439.963949][T14953] netlink_unicast+0x53c/0x7f0 [ 439.965636][T14953] ? __pfx_netlink_unicast+0x10/0x10 [ 439.967538][T14953] netlink_sendmsg+0x8b8/0xd70 [ 439.969222][T14953] ? __pfx_netlink_sendmsg+0x10/0x10 [ 439.971062][T14953] ? __import_iovec+0x1fd/0x6e0 [ 439.972961][T14953] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 439.974874][T14953] ____sys_sendmsg+0xab5/0xc90 [ 439.976566][T14953] ? copy_msghdr_from_user+0x10b/0x160 [ 439.978441][T14953] ? __pfx_____sys_sendmsg+0x10/0x10 [ 439.980238][T14953] ? find_held_lock+0x2d/0x110 [ 439.981911][T14953] ? __pfx___lock_acquire+0x10/0x10 [ 439.983543][T14953] ___sys_sendmsg+0x135/0x1e0 [ 439.985444][T14953] ? __pfx____sys_sendmsg+0x10/0x10 [ 439.987316][T14953] ? ksys_write+0x21c/0x260 [ 439.988890][T14953] ? __fget_light+0x173/0x210 [ 439.990525][T14953] __sys_sendmsg+0x117/0x1f0 [ 439.992124][T14953] ? __pfx___sys_sendmsg+0x10/0x10 [ 439.993928][T14953] do_syscall_64+0xcd/0x250 [ 439.995642][T14953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.998119][T14953] RIP: 0033:0x7fac22f7cef9 [ 439.999671][T14953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.006352][T14953] RSP: 002b:00007fac23c8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 440.009308][T14953] RAX: ffffffffffffffda RBX: 00007fac23135f80 RCX: 00007fac22f7cef9 [ 440.012604][T14953] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 440.015934][T14953] RBP: 00007fac23c8f090 R08: 0000000000000000 R09: 0000000000000000 [ 440.019071][T14953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 440.021859][T14953] R13: 0000000000000000 R14: 00007fac23135f80 R15: 00007ffe6770c958 [ 440.024876][T14953] [ 440.075681][T14955] usb usb4: usbfs: process 14955 (syz.2.2972) did not claim interface 0 before use [ 440.116414][T14958] FAULT_INJECTION: forcing a failure. [ 440.116414][T14958] name failslab, interval 1, probability 0, space 0, times 0 [ 440.121539][T14958] CPU: 1 UID: 0 PID: 14958 Comm: syz.1.2974 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 440.126032][T14958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 440.130514][T14958] Call Trace: [ 440.131957][T14958] [ 440.133236][T14958] dump_stack_lvl+0x16c/0x1f0 [ 440.135242][T14958] should_fail_ex+0x497/0x5b0 [ 440.137234][T14958] ? fs_reclaim_acquire+0xae/0x160 [ 440.139259][T14958] should_failslab+0xc2/0x120 [ 440.140863][T14958] __kmalloc_noprof+0xcb/0x400 [ 440.142550][T14958] ? __pfx_lock_acquire+0x10/0x10 [ 440.144634][T14958] tomoyo_realpath_from_path+0xb9/0x720 [ 440.146619][T14961] usb usb4: usbfs: process 14961 (syz.2.2975) did not claim interface 0 before use [ 440.146987][T14958] ? tomoyo_profile+0x47/0x60 [ 440.152920][T14958] tomoyo_path_number_perm+0x245/0x590 [ 440.155524][T14958] ? tomoyo_path_number_perm+0x232/0x590 [ 440.157992][T14958] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 440.160289][T14958] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 440.162361][T14958] ? __fget_files+0x256/0x400 [ 440.164396][T14958] security_file_ioctl+0x75/0xc0 [ 440.166548][T14958] __x64_sys_ioctl+0xbb/0x220 [ 440.168646][T14958] do_syscall_64+0xcd/0x250 [ 440.170725][T14958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.172846][T14958] RIP: 0033:0x7fac22f7cef9 [ 440.174389][T14958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.182113][T14958] RSP: 002b:00007fac23c8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 440.185834][T14958] RAX: ffffffffffffffda RBX: 00007fac23135f80 RCX: 00007fac22f7cef9 [ 440.189413][T14958] RDX: 00000000200004c0 RSI: 00000000c0185500 RDI: 0000000000000003 [ 440.192951][T14958] RBP: 00007fac23c8f090 R08: 0000000000000000 R09: 0000000000000000 [ 440.196458][T14958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 440.199969][T14958] R13: 0000000000000000 R14: 00007fac23135f80 R15: 00007ffe6770c958 [ 440.203504][T14958] [ 440.208323][T14958] ERROR: Out of memory at tomoyo_realpath_from_path. [ 440.212754][T14958] usb usb4: usbfs: process 14958 (syz.1.2974) did not claim interface 0 before use [ 440.239546][ T39] audit: type=1400 audit(1725733364.877:1895): avc: denied { remount } for pid=14962 comm="syz.3.2976" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 440.268902][T14961] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2975'. [ 440.325164][ T1380] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.460290][ T39] audit: type=1400 audit(1725733365.097:1896): avc: granted { setsecparam } for pid=14974 comm="syz.2.2979" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 440.843578][T14979] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 440.846051][T14979] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 440.850765][T14979] vhci_hcd vhci_hcd.0: Device attached [ 440.867738][T14979] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 440.918700][T14981] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 440.929755][T14981] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 441.043750][ T833] vhci_hcd: vhci_device speed not set [ 441.123758][ T833] usb 13-1: new high-speed USB device number 3 using vhci_hcd [ 441.180941][T14982] vhci_hcd: connection reset by peer [ 441.182963][T11169] vhci_hcd: stop threads [ 441.185629][T11169] vhci_hcd: release socket [ 441.187257][T11169] vhci_hcd: disconnect device [ 442.410773][T15014] fuse: Unknown parameter 'grou00000000000000000000' [ 443.405026][T15024] FAULT_INJECTION: forcing a failure. [ 443.405026][T15024] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 443.411379][T15024] CPU: 3 UID: 0 PID: 15024 Comm: syz.3.2994 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 443.415227][T15024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 443.419254][T15024] Call Trace: [ 443.420657][T15024] [ 443.421884][T15024] dump_stack_lvl+0x16c/0x1f0 [ 443.423701][T15024] should_fail_ex+0x497/0x5b0 [ 443.425506][T15024] _copy_from_iter+0x2a1/0x1150 [ 443.427379][T15024] ? __pfx__copy_from_iter+0x10/0x10 [ 443.429511][T15024] ? __virt_addr_valid+0x5e/0x590 [ 443.431652][T15024] ? __phys_addr_symbol+0x30/0x80 [ 443.433516][T15024] ? __check_object_size+0x497/0x720 [ 443.435797][T15024] file_tty_write.constprop.0+0x49f/0x9b0 [ 443.437928][T15024] vfs_write+0x6b6/0x1140 [ 443.439685][T15024] ? __pfx_tty_write+0x10/0x10 [ 443.441660][T15024] ? __pfx_vfs_write+0x10/0x10 [ 443.443642][T15024] ? __fget_files+0x256/0x400 [ 443.445613][T15024] ? __fget_light+0x173/0x210 [ 443.447554][T15024] ksys_write+0x12f/0x260 [ 443.449356][T15024] ? __pfx_ksys_write+0x10/0x10 [ 443.451527][T15024] do_syscall_64+0xcd/0x250 [ 443.453565][T15024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 443.456185][T15024] RIP: 0033:0x7fe77d17cef9 [ 443.458161][T15024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 443.466651][T15024] RSP: 002b:00007fe77dfcd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 443.470355][T15024] RAX: ffffffffffffffda RBX: 00007fe77d336058 RCX: 00007fe77d17cef9 [ 443.473858][T15024] RDX: 00000000fffffdef RSI: 0000000020001040 RDI: 0000000000000005 [ 443.477405][T15024] RBP: 00007fe77dfcd090 R08: 0000000000000000 R09: 0000000000000000 [ 443.480917][T15024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 443.484628][T15024] R13: 0000000000000000 R14: 00007fe77d336058 R15: 00007ffc2f10a568 [ 443.488105][T15024] [ 444.113746][ T10] usb 7-1: new high-speed USB device number 35 using dummy_hcd [ 444.158140][ T39] audit: type=1400 audit(1725733368.797:1897): avc: denied { read } for pid=15044 comm="syz.1.3000" path="socket:[58603]" dev="sockfs" ino=58603 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 444.253999][ T39] audit: type=1400 audit(1725733368.897:1898): avc: denied { read write } for pid=12908 comm="syz-executor" name="loop1" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 444.265164][ T39] audit: type=1400 audit(1725733368.897:1899): avc: denied { open } for pid=12908 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 444.276271][ T39] audit: type=1400 audit(1725733368.897:1900): avc: denied { ioctl } for pid=12908 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 444.287850][ T39] audit: type=1400 audit(1725733368.917:1901): avc: denied { prog_load } for pid=15046 comm="syz.1.3001" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 444.295606][ T39] audit: type=1400 audit(1725733368.917:1902): avc: denied { bpf } for pid=15046 comm="syz.1.3001" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 444.303661][ T10] usb 7-1: Using ep0 maxpacket: 8 [ 444.305207][ T39] audit: type=1400 audit(1725733368.917:1903): avc: denied { perfmon } for pid=15046 comm="syz.1.3001" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 444.313802][ T39] audit: type=1400 audit(1725733368.917:1904): avc: denied { prog_run } for pid=15046 comm="syz.1.3001" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 444.319779][ T10] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 444.325415][ T10] usb 7-1: config 0 has no interface number 0 [ 444.328223][ T10] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 444.333201][ T10] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 444.339269][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.348745][ T10] usb 7-1: config 0 descriptor?? [ 444.362957][ T10] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 444.421907][T15048] fuse: Unknown parameter 'grou00000000000000000000' [ 445.293658][ T5382] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 445.296869][ T39] kauditd_printk_skb: 74 callbacks suppressed [ 445.296878][ T39] audit: type=1400 audit(1725733369.937:1979): avc: denied { module_request } for pid=15054 comm="syz.0.3003" kmod="net-pf-10-proto-5" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 445.312295][ T39] audit: type=1400 audit(1725733369.947:1980): avc: denied { ioctl } for pid=15056 comm="syz.1.3004" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 445.323681][ T39] audit: type=1400 audit(1725733369.947:1981): avc: denied { ioctl } for pid=15056 comm="syz.1.3004" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 445.334420][ T39] audit: type=1400 audit(1725733369.957:1982): avc: denied { ioctl } for pid=15056 comm="syz.1.3004" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 445.386415][ T39] audit: type=1400 audit(1725733370.027:1983): avc: denied { ioctl } for pid=15056 comm="syz.1.3004" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 445.413963][ T39] audit: type=1400 audit(1725733370.057:1984): avc: denied { read } for pid=4812 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 445.423631][ T39] audit: type=1400 audit(1725733370.057:1985): avc: denied { search } for pid=4812 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 445.432899][ T39] audit: type=1400 audit(1725733370.057:1986): avc: denied { append } for pid=4812 comm="syslogd" name="messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 445.445926][ T39] audit: type=1400 audit(1725733370.057:1987): avc: denied { append open } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 445.458287][ T39] audit: type=1400 audit(1725733370.057:1988): avc: denied { getattr } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 445.512953][ T5382] usb 6-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 445.516947][ T5382] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 445.520166][ T5382] usb 6-1: Product: syz [ 445.521923][ T5382] usb 6-1: Manufacturer: syz [ 445.523968][ T5382] usb 6-1: SerialNumber: syz [ 445.532793][ T5382] usb 6-1: config 0 descriptor?? [ 445.543309][ T5382] i2c-tiny-usb 6-1:0.0: version 6d.cc found at bus 006 address 043 [ 446.234104][ T833] vhci_hcd: vhci_device speed not set [ 446.257669][T15080] block nbd0: shutting down sockets [ 446.296589][ T5382] (null): failure setting delay to 10us [ 446.298925][ T5382] i2c-tiny-usb 6-1:0.0: probe with driver i2c-tiny-usb failed with error -5 [ 446.303187][ T5382] usb 6-1: USB disconnect, device number 43 [ 446.522121][T15082] hub 6-0:1.0: USB hub found [ 446.524854][T15082] hub 6-0:1.0: 1 port detected [ 446.648903][ T5382] usb 7-1: USB disconnect, device number 35 [ 446.663579][ T5382] iowarrior 7-1:0.1: I/O-Warror #0 now disconnected [ 446.775059][T15086] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3010'. [ 446.782837][T15086] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 447.134940][T15093] fuse: Unknown parameter 'grou00000000000000000000' [ 447.426170][T15096] syzkaller0: entered allmulticast mode [ 450.070925][T15121] netlink: 'syz.2.3018': attribute type 4 has an invalid length. [ 450.127880][T15121] netlink: 'syz.2.3018': attribute type 4 has an invalid length. [ 450.336915][ T39] kauditd_printk_skb: 324 callbacks suppressed [ 450.336954][ T39] audit: type=1400 audit(1725733374.977:2313): avc: denied { prog_load } for pid=15125 comm="syz.3.3021" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 450.410986][ T39] audit: type=1400 audit(1725733374.987:2314): avc: denied { bpf } for pid=15125 comm="syz.3.3021" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 450.423880][ T39] audit: type=1400 audit(1725733374.987:2315): avc: denied { perfmon } for pid=15125 comm="syz.3.3021" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 450.429988][ T39] audit: type=1400 audit(1725733374.997:2316): avc: denied { perfmon } for pid=15125 comm="syz.3.3021" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 450.438492][ T39] audit: type=1400 audit(1725733375.007:2317): avc: denied { perfmon } for pid=15125 comm="syz.3.3021" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 450.446571][ T39] audit: type=1400 audit(1725733375.017:2318): avc: denied { perfmon } for pid=15125 comm="syz.3.3021" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 450.467448][ T39] audit: type=1400 audit(1725733375.027:2319): avc: denied { perfmon } for pid=15125 comm="syz.3.3021" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 450.522069][ T39] audit: type=1400 audit(1725733375.027:2320): avc: denied { bpf } for pid=15125 comm="syz.3.3021" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 450.581691][ T39] audit: type=1400 audit(1725733375.047:2321): avc: denied { bpf } for pid=15125 comm="syz.3.3021" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 450.599222][ T39] audit: type=1400 audit(1725733375.047:2322): avc: denied { prog_run } for pid=15125 comm="syz.3.3021" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 451.257854][T15139] fuse: Unknown parameter 'group_i00000000000000000000' [ 452.326368][T15154] syzkaller0: entered promiscuous mode [ 452.329759][T15154] syzkaller0: entered allmulticast mode [ 453.526426][T15179] fuse: Unknown parameter 'group_i00000000000000000000' [ 453.911863][T15184] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3037'. [ 455.541848][ T39] kauditd_printk_skb: 1124 callbacks suppressed [ 455.541864][ T39] audit: type=1400 audit(1725733380.177:3447): avc: denied { prog_load } for pid=15201 comm="syz.1.3042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 455.587577][ T39] audit: type=1400 audit(1725733380.187:3448): avc: denied { bpf } for pid=15201 comm="syz.1.3042" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 455.619200][ T39] audit: type=1400 audit(1725733380.197:3449): avc: denied { read } for pid=4812 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 455.644907][ T39] audit: type=1400 audit(1725733380.197:3450): avc: denied { search } for pid=4812 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 455.703754][ T39] audit: type=1400 audit(1725733380.197:3451): avc: denied { append } for pid=4812 comm="syslogd" name="messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 455.734281][ T39] audit: type=1400 audit(1725733380.197:3452): avc: denied { append open } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 455.753932][ T39] audit: type=1400 audit(1725733380.207:3453): avc: denied { getattr } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 455.788517][ T39] audit: type=1400 audit(1725733380.227:3454): avc: denied { create } for pid=15201 comm="syz.1.3042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 455.827842][ T39] audit: type=1400 audit(1725733380.467:3455): avc: denied { create } for pid=15210 comm="syz.0.3044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 455.845567][ T39] audit: type=1400 audit(1725733380.467:3456): avc: denied { map_create } for pid=15210 comm="syz.0.3044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 456.250380][T15222] fuse: Unknown parameter 'group_i00000000000000000000' [ 456.393378][T15224] ipt_ECN: cannot use operation on non-tcp rule [ 457.204206][ T58] usb 8-1: new high-speed USB device number 34 using dummy_hcd [ 457.243873][ T10] usb 7-1: new high-speed USB device number 36 using dummy_hcd [ 457.389276][ T58] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 457.395342][ T58] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 457.399695][ T58] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 457.403934][ T58] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 457.409110][ T58] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 457.413029][ T58] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.422755][ T58] usb 8-1: config 0 descriptor?? [ 457.439613][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 457.444369][ T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 457.447222][ T10] usb 7-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00 [ 457.450594][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.459633][ T10] usb 7-1: config 0 descriptor?? [ 457.906431][T15235] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 457.909494][T15235] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 457.919142][ T58] usbhid 8-1:0.0: can't add hid device: -71 [ 457.921223][ T58] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 457.927326][ T58] usb 8-1: USB disconnect, device number 34 [ 458.232278][ T10] usbhid 7-1:0.0: can't add hid device: -71 [ 458.237836][ T10] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 458.241224][ T10] usb 7-1: USB disconnect, device number 36 [ 458.329699][T15248] fuse: Unknown parameter '0x000000000000000b' [ 458.564311][T15252] IPVS: set_ctl: invalid protocol: 0 255.255.255.255:20004 [ 459.424733][T15265] CIFS mount error: No usable UNC path provided in device string! [ 459.424733][T15265] [ 459.429131][T15265] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 459.772720][T15273] ipt_ECN: cannot use operation on non-tcp rule [ 460.249843][T15279] overlayfs: missing 'lowerdir' [ 460.354210][T11644] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 460.544940][ T39] kauditd_printk_skb: 891 callbacks suppressed [ 460.544953][ T39] audit: type=1400 audit(1725733385.187:4348): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.565277][ T39] audit: type=1400 audit(1725733385.197:4349): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.565422][T11644] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 460.580553][ T39] audit: type=1400 audit(1725733385.197:4350): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.582714][T11644] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 460.595968][ T39] audit: type=1400 audit(1725733385.207:4351): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.609427][ T39] audit: type=1400 audit(1725733385.207:4352): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.613805][T11644] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 460.619125][ T39] audit: type=1400 audit(1725733385.207:4353): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.621510][T11644] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 460.653690][ T39] audit: type=1400 audit(1725733385.287:4354): avc: denied { unmount } for pid=12043 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 460.663912][T11644] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 460.667671][T11644] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.677689][T11644] usb 6-1: config 0 descriptor?? [ 460.681126][ T39] audit: type=1400 audit(1725733385.317:4355): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x550a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.702890][ T39] audit: type=1400 audit(1725733385.317:4356): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.723632][ T39] audit: type=1400 audit(1725733385.327:4357): avc: denied { ioctl } for pid=15275 comm="syz.1.3065" path="/dev/raw-gadget" dev="devtmpfs" ino=763 ioctlcmd=0x5505 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 460.939998][T15282] ALSA: mixer_oss: invalid OSS volume '' [ 461.186792][T15277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 461.191049][T15277] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 461.203303][T11644] usbhid 6-1:0.0: can't add hid device: -71 [ 461.206194][T11644] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 461.217510][T11644] usb 6-1: USB disconnect, device number 44 [ 461.361987][T15293] fuse: Unknown parameter 'group_id00000000000000000000' [ 462.803496][T15312] usb usb1: usbfs: process 15312 (syz.2.3072) did not claim interface 0 before use [ 462.857843][T15316] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.861219][T15316] bridge0: port 1(bridge_slave_0) entered disabled state [ 462.865250][T15316] bridge0: entered allmulticast mode [ 462.891679][T15316] bridge0: port 2(bridge_slave_1) entered listening state [ 463.275128][T15330] CIFS mount error: No usable UNC path provided in device string! [ 463.275128][T15330] [ 463.278895][T15330] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 463.743758][ T5372] usb 6-1: new high-speed USB device number 45 using dummy_hcd [ 463.963613][ T5372] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 463.967698][ T5372] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 463.971369][ T5372] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 463.975335][ T5372] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 463.979692][ T5372] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 463.982750][ T5372] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.005912][ T5372] usb 6-1: config 0 descriptor?? [ 464.141573][T15343] fuse: Bad value for 'user_id' [ 464.155238][T15343] fuse: Bad value for 'user_id' [ 464.477164][T15332] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 464.491000][T15332] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 464.497514][ T5372] usbhid 6-1:0.0: can't add hid device: -71 [ 464.499538][ T5372] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 464.503135][ T5372] usb 6-1: USB disconnect, device number 45 [ 465.554629][ T39] kauditd_printk_skb: 504 callbacks suppressed [ 465.554645][ T39] audit: type=1400 audit(1725733390.197:4862): avc: denied { create } for pid=15355 comm="syz.1.3086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 465.583926][ T39] audit: type=1400 audit(1725733390.207:4863): avc: denied { read } for pid=4812 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 465.618127][ T39] audit: type=1400 audit(1725733390.237:4864): avc: denied { search } for pid=4812 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 465.629420][ T39] audit: type=1400 audit(1725733390.237:4865): avc: denied { append } for pid=4812 comm="syslogd" name="messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 465.645241][ T39] audit: type=1400 audit(1725733390.237:4866): avc: denied { append open } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 465.650243][T15356] mkiss: ax0: crc mode is auto. [ 465.657104][ T39] audit: type=1400 audit(1725733390.237:4867): avc: denied { getattr } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 465.674487][ T39] audit: type=1400 audit(1725733390.237:4868): avc: denied { setopt } for pid=15355 comm="syz.1.3086" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 465.682981][ T39] audit: type=1400 audit(1725733390.247:4869): avc: denied { read write } for pid=12043 comm="syz-executor" name="loop2" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 465.699244][ T39] audit: type=1400 audit(1725733390.247:4870): avc: denied { read write open } for pid=12043 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=662 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 465.712234][ T39] audit: type=1400 audit(1725733390.247:4871): avc: denied { ioctl } for pid=12043 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=662 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 465.790191][T15356] block nbd1: shutting down sockets [ 465.925887][ T35] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use /scripts/get_dvb_firmware to get the firmware [ 465.953095][ T35] dvb_usb_az6027 5-1:0.0: probe with driver dvb_usb_az6027 failed with error -110 [ 465.961317][ T35] usb 5-1: USB disconnect, device number 45 [ 466.036929][T15370] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.039920][T15370] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.055127][T15370] bridge0: entered allmulticast mode [ 466.091701][T15370] bridge0: port 2(bridge_slave_1) entered listening state [ 466.577386][T15374] program syz.1.3092 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 466.924438][T15384] CIFS mount error: No usable UNC path provided in device string! [ 466.924438][T15384] [ 466.943809][T15384] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 467.118712][T15388] 9pnet_fd: Insufficient options for proto=fd [ 467.210110][T15388] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 467.518123][T15396] block device autoloading is deprecated and will be removed. [ 467.643649][ T833] usb 8-1: new high-speed USB device number 35 using dummy_hcd [ 467.847209][ T833] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 467.851498][ T833] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 467.858120][ T833] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 467.883751][ T833] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 467.883800][ T833] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 467.895276][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.913078][ T833] usb 8-1: config 0 descriptor?? [ 467.950582][T15399] fuse: Bad value for 'user_id' [ 467.953702][T15399] fuse: Bad value for 'user_id' [ 468.001964][ C2] ata1: illegal qc_active transition (00000000->00400000) [ 468.334774][ T1074] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 468.340782][ T1074] ata1.00: configured for UDMA/100 [ 468.461517][T15394] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 468.477604][T15394] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 468.516397][ T833] usbhid 8-1:0.0: can't add hid device: -71 [ 468.524164][ T833] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 468.529777][ T833] usb 8-1: USB disconnect, device number 35 [ 468.847859][T15416] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 469.800084][T15441] overlayfs: missing 'lowerdir' [ 469.832426][T15436] nfs4: Unknown parameter 'qåt' [ 469.840950][T15443] nfs4: Unknown parameter 'qåt' [ 470.079161][T15446] fuse: Bad value for 'user_id' [ 470.081506][T15446] fuse: Bad value for 'user_id' [ 470.576957][ T39] kauditd_printk_skb: 467 callbacks suppressed [ 470.576972][ T39] audit: type=1400 audit(1725733395.217:5339): avc: denied { map_create } for pid=15449 comm="syz.0.3115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 470.608713][ T39] audit: type=1400 audit(1725733395.237:5340): avc: denied { read } for pid=4812 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 470.618360][ T39] audit: type=1400 audit(1725733395.237:5341): avc: denied { search } for pid=4812 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 470.631565][ T39] audit: type=1400 audit(1725733395.237:5342): avc: denied { append } for pid=4812 comm="syslogd" name="messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 470.645080][ T39] audit: type=1400 audit(1725733395.237:5343): avc: denied { append open } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 470.658114][ T39] audit: type=1400 audit(1725733395.237:5344): avc: denied { getattr } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 470.671126][ T39] audit: type=1400 audit(1725733395.247:5345): avc: denied { prog_load } for pid=15449 comm="syz.0.3115" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 470.682367][ T39] audit: type=1400 audit(1725733395.247:5346): avc: denied { bpf } for pid=15449 comm="syz.0.3115" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 470.694049][ T39] audit: type=1400 audit(1725733395.267:5347): avc: denied { create } for pid=15452 comm="syz.3.3117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 470.702702][ T39] audit: type=1400 audit(1725733395.267:5348): avc: denied { bind } for pid=15452 comm="syz.3.3117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 470.781681][T15457] FAULT_INJECTION: forcing a failure. [ 470.781681][T15457] name failslab, interval 1, probability 0, space 0, times 0 [ 470.787266][T15457] CPU: 3 UID: 0 PID: 15457 Comm: syz.2.3119 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 470.790971][T15457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 470.795421][T15457] Call Trace: [ 470.796569][T15457] [ 470.797804][T15457] dump_stack_lvl+0x16c/0x1f0 [ 470.799790][T15457] should_fail_ex+0x497/0x5b0 [ 470.801919][T15457] ? fs_reclaim_acquire+0xae/0x160 [ 470.804188][T15457] should_failslab+0xc2/0x120 [ 470.806192][T15457] __kmalloc_noprof+0xcb/0x400 [ 470.808483][T15457] ? __pfx_lock_acquire+0x10/0x10 [ 470.810804][T15457] tomoyo_realpath_from_path+0xb9/0x720 [ 470.813286][T15457] ? tomoyo_profile+0x47/0x60 [ 470.815270][T15457] tomoyo_path_number_perm+0x245/0x590 [ 470.817777][T15457] ? tomoyo_path_number_perm+0x232/0x590 [ 470.820357][T15457] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 470.823124][T15457] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 470.825875][T15457] ? __fget_files+0x256/0x400 [ 470.828082][T15457] security_file_ioctl+0x75/0xc0 [ 470.830528][T15457] __x64_sys_ioctl+0xbb/0x220 [ 470.832787][T15457] do_syscall_64+0xcd/0x250 [ 470.835036][T15457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 470.837903][T15457] RIP: 0033:0x7f8a5257cef9 [ 470.839998][T15457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 470.849058][T15457] RSP: 002b:00007f8a53419038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 470.852835][T15457] RAX: ffffffffffffffda RBX: 00007f8a52735f80 RCX: 00007f8a5257cef9 [ 470.856560][T15457] RDX: 0000000020000000 RSI: 00000000fffff000 RDI: 0000000000000003 [ 470.860162][T15457] RBP: 00007f8a53419090 R08: 0000000000000000 R09: 0000000000000000 [ 470.863655][T15457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 470.867029][T15457] R13: 0000000000000000 R14: 00007f8a52735f80 R15: 00007fff76cd3388 [ 470.870577][T15457] [ 470.905351][T15457] ERROR: Out of memory at tomoyo_realpath_from_path. [ 470.936780][T15458] Bluetooth: (null): Invalid header checksum [ 471.012230][T11182] Bluetooth: (null): Invalid header checksum [ 471.015248][T11182] Bluetooth: (null): Invalid header checksum [ 471.103983][T11179] Bluetooth: (null): Invalid header checksum [ 471.215203][T11169] Bluetooth: (null): Invalid header checksum [ 471.325868][T11179] Bluetooth: (null): Invalid header checksum [ 471.357854][T15473] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3123'. [ 471.424718][T15473] team1: Mode changed to "loadbalance" [ 471.893718][ T833] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 472.075039][ T833] usb 5-1: Using ep0 maxpacket: 8 [ 472.104860][ T833] usb 5-1: New USB device found, idVendor=05c6, idProduct=900f, bcdDevice=ef.46 [ 472.108565][ T833] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 472.111851][ T833] usb 5-1: Product: syz [ 472.113364][ T833] usb 5-1: Manufacturer: syz [ 472.153383][ T833] usb 5-1: SerialNumber: syz [ 472.174265][ T833] usb 5-1: config 0 descriptor?? [ 472.232293][T15491] fuse: Bad value for 'fd' [ 472.271062][T15493] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 472.367275][T15494] fuse: Unknown parameter '0x0000000000000005' [ 472.435418][T15493] syz.2.3129[15493] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 472.442431][T15493] xt_l2tp: unknown flags: 18 [ 472.672211][ T5381] usb 5-1: USB disconnect, device number 46 [ 472.740744][T15505] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3131'. [ 472.765075][T15505] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 473.067035][T15514] fuse: Bad value for 'fd' [ 473.307168][T15519] overlayfs: failed to resolve './file0': -2 [ 474.282361][T15537] 9pnet_virtio: no channels available for device syz [ 474.321514][T15535] netlink: 14 bytes leftover after parsing attributes in process `syz.2.3139'. [ 475.589986][ T39] kauditd_printk_skb: 628 callbacks suppressed [ 475.590001][ T39] audit: type=1400 audit(1725733400.227:5977): avc: denied { unmount } for pid=12043 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 475.602010][ T39] audit: type=1400 audit(1725733400.237:5978): avc: denied { write } for pid=15547 comm="syz.1.3144" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 475.617485][ T39] audit: type=1400 audit(1725733400.247:5979): avc: denied { read } for pid=4812 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 475.626802][ T39] audit: type=1400 audit(1725733400.247:5980): avc: denied { read write } for pid=15547 comm="syz.1.3144" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 475.642138][ T39] audit: type=1400 audit(1725733400.257:5981): avc: denied { read write open } for pid=15547 comm="syz.1.3144" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 475.652970][ T39] audit: type=1400 audit(1725733400.257:5982): avc: denied { search } for pid=4812 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 475.661121][ T39] audit: type=1400 audit(1725733400.257:5983): avc: denied { read } for pid=4812 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 475.672102][ T39] audit: type=1400 audit(1725733400.277:5984): avc: denied { search } for pid=4812 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 475.680416][ T39] audit: type=1400 audit(1725733400.277:5985): avc: denied { append } for pid=4812 comm="syslogd" name="messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 475.689588][T15550] 9pnet_fd: Insufficient options for proto=fd [ 475.690728][ T39] audit: type=1400 audit(1725733400.277:5986): avc: denied { append open } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 475.740022][T15550] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 476.025790][T15553] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3146'. [ 476.068271][T15553] team1: Mode changed to "loadbalance" [ 476.435411][T15557] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3145'. [ 476.438081][T15561] fuse: Bad value for 'fd' [ 476.554954][T15557] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 477.564464][ T35] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 477.790216][ T35] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 477.803429][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 477.812780][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 477.825407][ T35] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 477.835423][ T35] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 477.843633][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 477.855411][ T35] usb 5-1: config 0 descriptor?? [ 478.357177][T15581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 478.369478][T15581] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 478.380502][ T35] usbhid 5-1:0.0: can't add hid device: -71 [ 478.383244][ T35] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 478.393742][ T35] usb 5-1: USB disconnect, device number 47 [ 479.234329][T15616] usb 1-1: USB disconnect, device number 3 [ 479.357510][T15618] hub 1-0:1.0: USB hub found [ 479.362417][T15618] hub 1-0:1.0: 6 ports detected [ 479.554252][ T35] usb 1-1: new high-speed USB device number 4 using ehci-pci [ 479.775407][ T35] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 479.778656][ T35] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 479.802665][ T35] usb 1-1: Product: QEMU USB Tablet [ 479.804840][ T35] usb 1-1: Manufacturer: QEMU [ 479.806666][ T35] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1 [ 479.859254][ T35] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.001D/input/input39 [ 479.981284][ T35] hid-generic 0003:0627:0001.001D: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 480.596013][ T39] kauditd_printk_skb: 462 callbacks suppressed [ 480.596030][ T39] audit: type=1400 audit(1725733405.237:6449): avc: denied { write } for pid=15635 comm="syz.3.3167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 480.612396][ T39] audit: type=1400 audit(1725733405.247:6450): avc: denied { create } for pid=15635 comm="syz.3.3167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 480.632808][ T39] audit: type=1400 audit(1725733405.247:6451): avc: denied { read } for pid=4812 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 480.658760][ T39] audit: type=1400 audit(1725733405.247:6452): avc: denied { search } for pid=4812 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 480.701917][ T39] audit: type=1400 audit(1725733405.267:6453): avc: denied { append } for pid=4812 comm="syslogd" name="messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 480.730374][ T39] audit: type=1400 audit(1725733405.267:6454): avc: denied { append open } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 480.745559][T15632] syz.2.3166: attempt to access beyond end of device [ 480.745559][T15632] nbd2: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 480.752512][ T39] audit: type=1400 audit(1725733405.267:6455): avc: denied { getattr } for pid=4812 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 480.762260][T15632] SQUASHFS error: Failed to read block 0x0: -5 [ 480.767029][T15632] unable to read squashfs_super_block [ 480.773898][ T39] audit: type=1400 audit(1725733405.267:6456): avc: denied { connect } for pid=15635 comm="syz.3.3167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 480.798756][T15634] block nbd0: not configured, cannot reconfigure [ 480.801739][ T39] audit: type=1400 audit(1725733405.307:6458): avc: denied { read } for pid=15635 comm="syz.3.3167" dev="nsfs" ino=4026533315 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 480.817893][ T39] audit: type=1400 audit(1725733405.307:6459): avc: denied { read open } for pid=15635 comm="syz.3.3167" path="net:[4026533315]" dev="nsfs" ino=4026533315 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 480.914130][T15636] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3167'. [ 481.163523][T15634] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3165'. [ 481.460043][ T5372] usb 8-1: new high-speed USB device number 36 using dummy_hcd [ 481.562285][T15656] fuse: Bad value for 'fd' [ 481.674548][ T5372] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 481.680442][ T5372] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 481.685401][ T5372] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 481.689738][ T5372] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 481.695456][ T5372] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 481.699400][ T5372] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.711292][ T5372] usb 8-1: config 0 descriptor?? [ 482.274918][T15643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 482.323867][T15643] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 482.350720][ T5372] usbhid 8-1:0.0: can't add hid device: -71 [ 482.354711][ T5372] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 482.361133][ T5372] usb 8-1: USB disconnect, device number 36 [ 482.569765][T15669] input: syz0 as /devices/virtual/input/input40 [ 483.032857][T15675] usb 1-1: USB disconnect, device number 4 [ 483.091022][T15675] hub 1-0:1.0: USB hub found [ 483.093419][T15675] hub 1-0:1.0: 6 ports detected [ 483.276593][ T58] usb 1-1: new high-speed USB device number 5 using ehci-pci [ 483.280016][ T35] usb 6-1: new high-speed USB device number 46 using dummy_hcd [ 483.502311][ T58] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 483.509518][ T35] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 483.518668][ T58] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 483.524302][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 483.532150][ T58] usb 1-1: Product: QEMU USB Tablet [ 483.534290][ T58] usb 1-1: Manufacturer: QEMU [ 483.537473][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 483.543565][ T58] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1 [ 483.549488][ T35] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 483.566553][ T35] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 483.574254][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.604853][ T58] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.001E/input/input41 [ 483.616654][ T35] usb 6-1: config 0 descriptor?? [ 483.677218][ T58] hid-generic 0003:0627:0001.001E: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 484.103638][ T5589] usb 5-1: new high-speed USB device number 48 using dummy_hcd [ 484.108062][T15674] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 484.113264][T15674] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 484.122379][ T35] usbhid 6-1:0.0: can't add hid device: -71 [ 484.125347][ T35] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 484.130012][ T35] usb 6-1: USB disconnect, device number 46 [ 484.253105][T15699] syzkaller1: entered promiscuous mode [ 484.255703][T15699] syzkaller1: entered allmulticast mode [ 484.272910][T15699] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3181'. [ 484.291412][ T5589] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 484.298647][ T5589] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 484.303260][ T5589] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 484.313721][ T5589] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 484.319285][ T5589] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 484.329762][ T5589] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.342915][ T5589] usb 5-1: config 0 descriptor?? [ 484.804189][T15691] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 484.808195][T15691] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 484.828695][ T5589] usbhid 5-1:0.0: can't add hid device: -71 [ 484.831574][ T5589] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 484.838266][ T5589] usb 5-1: USB disconnect, device number 48 [ 485.335690][T15714] netlink: 792 bytes leftover after parsing attributes in process `syz.1.3187'. [ 485.705012][ T39] kauditd_printk_skb: 576 callbacks suppressed [ 485.705027][ T39] audit: type=1400 audit(1725733410.347:7035): avc: denied { prog_load } for pid=15716 comm="syz.0.3188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 485.716632][ T39] audit: type=1400 audit(1725733410.347:7036): avc: denied { bpf } for pid=15716 comm="syz.0.3188" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 485.796488][ T39] audit: type=1400 audit(1725733410.437:7037): avc: denied { read write } for pid=15718 comm="syz.0.3189" name="vmci" dev="devtmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 485.808615][ T39] audit: type=1400 audit(1725733410.437:7038): avc: denied { read write open } for pid=15718 comm="syz.0.3189" path="/dev/vmci" dev="devtmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 485.822987][ T39] audit: type=1400 audit(1725733410.437:7039): avc: denied { ioctl } for pid=15718 comm="syz.0.3189" path="/dev/vmci" dev="devtmpfs" ino=694 ioctlcmd=0x7a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 485.853168][ T39] audit: type=1400 audit(1725733410.437:7040): avc: denied { ioctl } for pid=15718 comm="syz.0.3189" path="/dev/vmci" dev="devtmpfs" ino=694 ioctlcmd=0x7b1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 485.866391][ T39] audit: type=1400 audit(1725733410.447:7041): avc: denied { unmount } for pid=13044 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 485.875294][ T39] audit: type=1400 audit(1725733410.497:7042): avc: denied { read write } for pid=12908 comm="syz-executor" name="loop1" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 485.885797][ T39] audit: type=1400 audit(1725733410.497:7043): avc: denied { read write open } for pid=12908 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 485.901163][ T39] audit: type=1400 audit(1725733410.497:7044): avc: denied { ioctl } for pid=12908 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=661 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 486.102148][T15731] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3202'. [ 486.368982][T15737] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3193'. [ 486.573917][T15740] ------------[ cut here ]------------ [ 486.577479][T15740] platform vkms: [drm] vblank wait timed out on crtc 0 [ 486.609283][T15740] WARNING: CPU: 0 PID: 15740 at drivers/gpu/drm/drm_vblank.c:1307 drm_wait_one_vblank+0x333/0x550 [ 486.613673][T15740] Modules linked in: [ 486.615201][T15740] CPU: 0 UID: 0 PID: 15740 Comm: syz.2.3202 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 486.621273][T15740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 486.625735][T15740] RIP: 0010:drm_wait_one_vblank+0x333/0x550 [ 486.628089][T15740] Code: 85 ed 0f 84 54 01 00 00 e8 fa f1 68 fc 4c 89 e7 e8 d2 84 85 00 89 e9 4c 89 ea 48 c7 c7 40 9e c6 8b 48 89 c6 e8 fe 3c 2b fc 90 <0f> 0b 90 90 e9 0e fe ff ff e8 cf f1 68 fc 90 48 8d 7b 08 48 b8 00 [ 486.643669][T15740] RSP: 0018:ffffc90003e37b28 EFLAGS: 00010286 [ 486.647438][T15740] RAX: 0000000000000000 RBX: ffff888024e48000 RCX: ffffc90030bc5000 [ 486.652822][T15740] RDX: 0000000000040000 RSI: ffffffff814e1d16 RDI: 0000000000000001 [ 486.657065][T15740] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 486.660398][T15740] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888025495010 [ 486.664956][T15740] R13: ffff888024429c20 R14: 1ffff920007c6f67 R15: 00000001c2efb903 [ 486.668406][T15740] FS: 00007f8a533956c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000 [ 486.672363][T15740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 486.675158][T15740] CR2: 0000000021000000 CR3: 000000004b7f4000 CR4: 0000000000350ef0 [ 486.678682][T15740] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 486.681893][T15740] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 486.688757][T15740] Call Trace: [ 486.690552][T15740] [ 486.691893][T15740] ? show_regs+0x8c/0xa0 [ 486.693658][T15740] ? __warn+0xe5/0x3c0 [ 486.695293][T15740] ? preempt_schedule_notrace+0x62/0xe0 [ 486.697430][T15740] ? drm_wait_one_vblank+0x333/0x550 [ 486.699452][T15740] ? report_bug+0x3c0/0x580 [ 486.701193][T15740] ? handle_bug+0x3d/0x70 [ 486.702851][T15740] ? exc_invalid_op+0x17/0x50 [ 486.704960][T15740] ? asm_exc_invalid_op+0x1a/0x20 [ 486.706998][T15740] ? __warn_printk+0x1a6/0x350 [ 486.708899][T15740] ? drm_wait_one_vblank+0x333/0x550 [ 486.710996][T15740] ? drm_wait_one_vblank+0x332/0x550 [ 486.713087][T15740] ? __pfx_drm_wait_one_vblank+0x10/0x10 [ 486.715566][T15740] ? mark_held_locks+0x9f/0xe0 [ 486.717492][T15740] ? __pfx_autoremove_wake_function+0x10/0x10 [ 486.719870][T15740] ? lockdep_hardirqs_on+0x7c/0x110 [ 486.721879][T15740] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 486.724295][T15740] ? drm_vblank_get+0x14f/0x280 [ 486.726106][T15740] drm_fb_helper_ioctl+0x156/0x1a0 [ 486.727885][T15740] ? __pfx_drm_fb_helper_ioctl+0x10/0x10 [ 486.729824][T15740] do_fb_ioctl+0x3d4/0x7d0 [ 486.731487][T15740] ? __pfx_do_fb_ioctl+0x10/0x10 [ 486.733386][T15740] ? do_vfs_ioctl+0x515/0x1ad0 [ 486.735122][T15740] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 486.737457][T15740] ? selinux_file_ioctl+0x180/0x270 [ 486.739263][T15740] ? selinux_file_ioctl+0xb4/0x270 [ 486.741028][T15740] fb_ioctl+0xf1/0x160 [ 486.742581][T15740] ? __pfx_fb_ioctl+0x10/0x10 [ 486.744548][T15740] __x64_sys_ioctl+0x193/0x220 [ 486.746540][T15740] do_syscall_64+0xcd/0x250 [ 486.748356][T15740] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.750698][T15740] RIP: 0033:0x7f8a5257cef9 [ 486.752487][T15740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.760065][T15740] RSP: 002b:00007f8a53395038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 486.763343][T15740] RAX: ffffffffffffffda RBX: 00007f8a527362e0 RCX: 00007f8a5257cef9 [ 486.766585][T15740] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000006 [ 486.769686][T15740] RBP: 00007f8a525ef046 R08: 0000000000000000 R09: 0000000000000000 [ 486.772751][T15740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.775996][T15740] R13: 0000000000000000 R14: 00007f8a527362e0 R15: 00007fff76cd3388 [ 486.779138][T15740] [ 486.780380][T15740] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 486.783246][T15740] CPU: 0 UID: 0 PID: 15740 Comm: syz.2.3202 Not tainted 6.11.0-rc6-syzkaller-00308-gb31c44928842 #0 [ 486.787418][T15740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 486.791401][T15740] Call Trace: [ 486.792733][T15740] [ 486.793920][T15740] dump_stack_lvl+0x3d/0x1f0 [ 486.795777][T15740] panic+0x6dc/0x7c0 [ 486.797344][T15740] ? __pfx_panic+0x10/0x10 [ 486.799164][T15740] ? show_trace_log_lvl+0x363/0x500 [ 486.801247][T15740] ? drm_wait_one_vblank+0x333/0x550 [ 486.803367][T15740] check_panic_on_warn+0xab/0xb0 [ 486.805341][T15740] __warn+0xf1/0x3c0 [ 486.806911][T15740] ? preempt_schedule_notrace+0x62/0xe0 [ 486.809112][T15740] ? drm_wait_one_vblank+0x333/0x550 [ 486.811173][T15740] report_bug+0x3c0/0x580 [ 486.812894][T15740] handle_bug+0x3d/0x70 [ 486.814569][T15740] exc_invalid_op+0x17/0x50 [ 486.816354][T15740] asm_exc_invalid_op+0x1a/0x20 [ 486.818296][T15740] RIP: 0010:drm_wait_one_vblank+0x333/0x550 [ 486.820619][T15740] Code: 85 ed 0f 84 54 01 00 00 e8 fa f1 68 fc 4c 89 e7 e8 d2 84 85 00 89 e9 4c 89 ea 48 c7 c7 40 9e c6 8b 48 89 c6 e8 fe 3c 2b fc 90 <0f> 0b 90 90 e9 0e fe ff ff e8 cf f1 68 fc 90 48 8d 7b 08 48 b8 00 [ 486.828126][T15740] RSP: 0018:ffffc90003e37b28 EFLAGS: 00010286 [ 486.830408][T15740] RAX: 0000000000000000 RBX: ffff888024e48000 RCX: ffffc90030bc5000 [ 486.833101][T15740] RDX: 0000000000040000 RSI: ffffffff814e1d16 RDI: 0000000000000001 [ 486.835963][T15740] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 486.839013][T15740] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888025495010 [ 486.842133][T15740] R13: ffff888024429c20 R14: 1ffff920007c6f67 R15: 00000001c2efb903 [ 486.845053][T15740] ? __warn_printk+0x1a6/0x350 [ 486.846691][T15740] ? drm_wait_one_vblank+0x332/0x550 [ 486.848772][T15740] ? __pfx_drm_wait_one_vblank+0x10/0x10 [ 486.850984][T15740] ? mark_held_locks+0x9f/0xe0 [ 486.852852][T15740] ? __pfx_autoremove_wake_function+0x10/0x10 [ 486.855219][T15740] ? lockdep_hardirqs_on+0x7c/0x110 [ 486.857240][T15740] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 486.859515][T15740] ? drm_vblank_get+0x14f/0x280 [ 486.861422][T15740] drm_fb_helper_ioctl+0x156/0x1a0 [ 486.863479][T15740] ? __pfx_drm_fb_helper_ioctl+0x10/0x10 [ 486.865654][T15740] do_fb_ioctl+0x3d4/0x7d0 [ 486.867427][T15740] ? __pfx_do_fb_ioctl+0x10/0x10 [ 486.869380][T15740] ? do_vfs_ioctl+0x515/0x1ad0 [ 486.871268][T15740] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 486.873916][T15740] ? selinux_file_ioctl+0x180/0x270 [ 486.875924][T15740] ? selinux_file_ioctl+0xb4/0x270 [ 486.877925][T15740] fb_ioctl+0xf1/0x160 [ 486.879528][T15740] ? __pfx_fb_ioctl+0x10/0x10 [ 486.881348][T15740] __x64_sys_ioctl+0x193/0x220 [ 486.883253][T15740] do_syscall_64+0xcd/0x250 [ 486.885031][T15740] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.887337][T15740] RIP: 0033:0x7f8a5257cef9 [ 486.889091][T15740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.896447][T15740] RSP: 002b:00007f8a53395038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 486.899518][T15740] RAX: ffffffffffffffda RBX: 00007f8a527362e0 RCX: 00007f8a5257cef9 [ 486.902526][T15740] RDX: 0000000000000000 RSI: 0000000040044620 RDI: 0000000000000006 [ 486.905535][T15740] RBP: 00007f8a525ef046 R08: 0000000000000000 R09: 0000000000000000 [ 486.908613][T15740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.911531][T15740] R13: 0000000000000000 R14: 00007f8a527362e0 R15: 00007fff76cd3388 [ 486.914626][T15740] [ 486.916410][T15740] Kernel Offset: disabled [ 486.918294][T15740] Rebooting in 86400 seconds.. VM DIAGNOSIS: 17:58:49 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85030a45 RDI=ffffffff9a5b4f60 RBP=ffffffff9a5b4f20 RSP=ffffc90003e37500 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000020 R14=ffffffff850309e0 R15=0000000000000000 RIP=ffffffff85030a6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f8a533956c0 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000021000000 CR3=000000004b7f4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00316c6e747a7973 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a525efe6a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a525efe77 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a525efe71 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a525efe85 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a525eff0b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a525effe9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a526ff488 00007f8a526ff480 00007f8a526ff478 00007f8a526ff450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a5326d100 00007f8a526ff440 00007f8a526f0004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f8a526ff498 00007f8a526ff490 00007f8a526ff488 00007f8a526ff480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 754a069fc61491bd 5767b655dcfefd8e 416bf471fce225a5 08455a3364cef675 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 efef52ae8455b6b0 6cf6211d368e52ac 2179dfec6406c711 8724c9cec72be0ea ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 e317be7f58bf6afe a86cdaae1245701c 7392f0fcaa1075de 02de704e71a7d73e ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3d76d49d3db598d8 c5fdb0369051486b e56a8180651f335a cbe09b910000001c ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=ffff888051120b02 RCX=0000000000000001 RDX=1ffff1100a22415b RSI=000000001b5d732a RDI=ffffffff96926528 RBP=0000000000000000 RSP=ffffc9000cd97578 R8 =0000000000000000 R9 =fffffbfff2d248e0 R10=ffffffff96924707 R11=0000000000000000 R12=0000000000000000 R13=ffff888051120ae0 R14=0000000000000004 R15=ffff888051120000 RIP=ffffffff81698c21 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fe77dfee6c0 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000021000000 CR3=000000004bfbc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000020520001 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77dfabf90 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2973252865746972 770073252f64252f 6b7361742f666c65 732f636f72702f00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0c56000d40514c57 520056000a41000a 4e5644510a434940 560a464a57550a00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=1ffff920007ddeda RCX=1ffff1100d4e7dc0 RDX=ffffed100a224006 RSI=ffffffff8bb0fac0 RDI=ffff88806a73ee00 RBP=ffff888051120000 RSP=ffffc90003eef6a8 R8 =0000000000000000 R9 =ffffed100a224086 R10=ffff888051120437 R11=0000000000000000 R12=0000000000000007 R13=ffff888051120014 R14=ffff888051120a00 R15=ffff888051120034 RIP=ffffffff815dd57c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fe77dfcd6c0 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002047d000 CR3=000000004bfbc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8157dfb7 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dcbefe6a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dcbefe77 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dcbefe71 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dcbefe85 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dcbeff0b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dcbeffe9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dccff488 00007f48dccff480 00007f48dccff478 00007f48dccff450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dd86d100 00007f48dccff440 00007f48dccff458 00007f48dccff4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f48dccff498 00007f48dccff490 00007f48dccff488 00007f48dccff480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000006a5889 RBX=0000000000000003 RCX=ffffffff8b16fad9 RDX=0000000000000000 RSI=ffffffff8b4cd740 RDI=ffffffff8bb0fb40 RBP=ffffed1003b53488 RSP=ffffc900001a7e08 R8 =0000000000000001 R9 =ffffed100d526fd9 R10=ffff88806a937ecb R11=0000000000000000 R12=0000000000000003 R13=ffff88801da9a440 R14=ffffffff90144c58 R15=0000000000000000 RIP=ffffffff8b170ecf RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fe77df8af98 CR3=000000004bfbc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=0000000000000fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 ffffffff8100a093 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77d1efe6a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77d1efe77 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77d1efe71 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77d1efe85 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77d1eff0b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77d1effe9 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77d2ff488 00007fe77d2ff480 00007fe77d2ff478 00007fe77d2ff450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77de6d100 00007fe77d2ff440 00007fe77d2ff458 00007fe77d2ff4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe77d2ff498 00007fe77d2ff490 00007fe77d2ff488 00007fe77d2ff480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6161616161616161 6161616161616161 6161616161616161 6161616161616161 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000