000000200)=0x14) r10 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYRES16=r10], 0x5}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=@newtfilter={0x44, 0x2c, 0x701, 0x0, 0x0, {0x0, r9, {}, {}, {0x3}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x14, 0x2, [@TCA_TCINDEX_HASH={0x8, 0x1, 0x106a}, @TCA_TCINDEX_MASK={0x8}]}}]}, 0x44}}, 0x0) setsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f0000000140)={@local, r9}, 0x14) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timerfd_settime(r4, 0x1, &(0x7f0000000040)={{}, {r11, r12+30000000}}, &(0x7f0000000080)) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) 14:22:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x3, 0x6) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x23) sendto$inet(r0, 0x0, 0x0, 0x8000, 0x0, 0x0) write$binfmt_script(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2321202e2f66696c65300a39980cfd5d119cc412426f414c2eb7bc2d439869d0593b7a006ccdda539411ec667437310e0397af7b26dbbf13714ca0ccab6c0763c0864f2fea7e85d59b39b5398efae1a1180d0f5554b97b45955e9dc17897f25ded9952fb6124961517d17313a52170ff06cd39f00bd05fba4914890ef5ff6b052de7d553acf39f25a1bf78be6519cdb6613a70b02186c01d69e6ad84038d38eb7d7df3c60d4291e3668e3c5a56ec4d2d722b741e97ff7694e109a1cb3259c822587fef47c12231d478faa71692bf0563d40bb798d17034212c3a3be2f1e23d15956bf9fa2ab1aef5529e410b17a5448d568f170f6aa30b7da3b8cf42e44d4760d14dcb9ccfd99bbcce52a5c75e8f04e895aa"], 0x14) 14:22:36 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(0x0, 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 401.460748][T12397] netlink: 'syz-executor.4': attribute type 2 has an invalid length. 14:22:36 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000d10ffc)=0xfffffffffffffff9, 0x4) socket$bt_cmtp(0x1f, 0x3, 0x5) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) shutdown(r0, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x1}, 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040), 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) [ 401.739234][T12431] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 402.002222][ T3953] usb 5-1: new high-speed USB device number 5 using dummy_hcd 14:22:37 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f00000005c0), 0x0, &(0x7f0000000200)={0x0, 0x1c9c380}, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xfffffffffffffffe) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) sync_file_range(0xffffffffffffffff, 0x0, 0x0, 0x0) 14:22:37 executing program 1: r0 = socket$inet6(0xa, 0x801, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$EVIOCSABS20(r1, 0x401845e0, &(0x7f0000000040)={0x9, 0x5, 0x3, 0x3f, 0xfffff669, 0x7fff}) listen(r0, 0xffeffffefffffffb) syz_emit_ethernet(0x56, &(0x7f0000000100)={@local, @random="192bce5e2dfb", [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x20, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x9274}]}}}}}}}}, 0x0) syz_emit_ethernet(0x56, &(0x7f0000000200)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, '\x00', 0x20, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x14, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}]}}}}}}}}, 0x0) 14:22:37 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x2c8, &(0x7f0000000100)={&(0x7f00000001c0)={0x24, 0x23, 0x847, 0x0, 0x0, {0x2804}, [@typed={0x10, 0x18, @str='\x01\xac\x0f\x00\x06\xac\x0f\x00\x02\xac\x0f\x00'}]}, 0x269}}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001f00)=[{{&(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000200)=""/242, 0xf2}], 0x1}, 0x6}, {{&(0x7f0000000300)=@hci, 0x80, &(0x7f0000000140)=[{&(0x7f0000000380)=""/218, 0xda}], 0x1}, 0x5}, {{&(0x7f0000000480)=@sco, 0x80, &(0x7f0000001940)=[{&(0x7f0000000500)=""/113, 0x71}, {&(0x7f0000000580)=""/4096, 0x1000}, {&(0x7f0000001580)=""/251, 0xfb}, {&(0x7f0000001680)=""/72, 0x48}, {&(0x7f0000001700)=""/62, 0x3e}, {&(0x7f0000001740)=""/246, 0xf6}, {&(0x7f0000001840)=""/248, 0xf8}], 0x7, &(0x7f00000019c0)=""/45, 0x2d}, 0x8}, {{0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000001a00)=""/69, 0x45}, {&(0x7f0000001a80)=""/37, 0x25}], 0x2, &(0x7f0000001b00)=""/108, 0x6c}, 0x46}, {{&(0x7f0000001b80)=@x25, 0x80, &(0x7f0000001e00)=[{&(0x7f0000001c00)=""/72, 0x48}, {&(0x7f0000001c80)=""/204, 0xcc}, {&(0x7f0000001d80)=""/56, 0x38}, {&(0x7f0000001dc0)=""/41, 0x29}], 0x4, &(0x7f0000001e40)=""/155, 0x9b}, 0x1}], 0x5, 0x203, &(0x7f0000002040)={0x0, 0x1c9c380}) getsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f0000002080)=0x81, &(0x7f00000020c0)=0x1) 14:22:37 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(0x0, 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:37 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100), 0xe7) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) open_by_handle_at(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="bc000000020000008f5d498b389990b2d8c0e61a9b6bfbd67ca9b2d7a003abcc6c1f059b2f02ebfeb2afe20fb88c68f3f37fb87d5e0db50a02dc59c896d56c84a9010000807e7bffb8ea278a55e26209bbde6c74f62e5c9e875f6679a8b81404b5ad6fa65d0c7f9f55a3a69de96ff9fe4cae73c3471196d15adbc697a2a487ded35847904ec2c6d0336dacb8a5f102ad11b3db1d2bcfc4a04d9a7db7f2073ff8311f72affe682d96cf0ed345b9c006597e55944caf5392c6d498c420"], 0x4200) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f00000004c0)={{{@in6=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@local}}, &(0x7f00000005c0)=0xe8) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'lapb0\x00', r3}) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) r4 = io_uring_setup(0x928, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x1fd}) fcntl$F_GET_RW_HINT(r4, 0x40b, &(0x7f0000000480)) sendto$inet6(r0, 0x0, 0x0, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @loopback}, 0x1c) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000380), &(0x7f00000003c0)=0x4) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000200)='tls\x00', 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_256={{0x303}, "01bf4acfb23bc82c", "b4fc78fcd2ff522f675cbe33b067712a7577fd307906290060b073d01c76c1fc", "4932efc8", "aeaaf2efa590d694"}, 0x38) r6 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r7 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) setsockopt$inet6_opts(r7, 0x29, 0xf, &(0x7f0000000300)=ANY=[@ANYBLOB="2c0d000010000000010200000107000000000000000001000158b6395fca34d11a8392da691de0cab7c3b9b7baff5e3eaeee40315f2801b14e3f2df408489d0cfbde938bca21ff468e9650fb72d2f830d84db0827d8b0619b22d16b9595028c8f3150100"/120], 0x78) r8 = accept4$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x1c, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r8, 0x6, 0x1d, &(0x7f0000000180), &(0x7f00000001c0)=0x14) sendto$inet6(r0, &(0x7f00000005c0), 0x100e3, 0x0, 0x0, 0xfffffffffffffd94) 14:22:37 executing program 0: r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0xfff, 0x100) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e20, 0x78, @remote, 0x2}}, [0x7, 0x2, 0x3, 0x80, 0xffffffffffff90aa, 0x2, 0x3f, 0xfff, 0xffffffffffffff81, 0x98, 0x5, 0xc1d5, 0x4, 0x403, 0xca1]}, &(0x7f0000000280)=0x100) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f00000002c0)={r4, 0x2, 0x5, [0x9, 0x3, 0x2, 0x8, 0x8001]}, 0x12) r5 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10) write(r0, &(0x7f0000000080)="240000001a005f0414f9f407000904000a000000000000000000000008000f0000000000", 0x24) [ 402.242289][ T3953] usb 5-1: Using ep0 maxpacket: 8 [ 402.315248][ T3953] usb 5-1: device descriptor read/all, error -71 [ 402.366846][T12467] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 14:22:37 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(0x0, 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 402.409578][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 14:22:37 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x1000006) read(r0, &(0x7f00003fefff)=""/1, 0x1) readv(r0, &(0x7f00000002c0)=[{&(0x7f0000cd8000)=""/1, 0x2e171c03}], 0x1) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000b28000)) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) poll(0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) tkill(0x0, 0x0) 14:22:37 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) dup3(r1, r0, 0x0) getsockname(r0, 0x0, &(0x7f0000000000)) 14:22:37 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 402.792361][ T32] audit: type=1804 audit(1571494957.835:53): pid=12494 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/59/file0/bus" dev="ramfs" ino=32288 res=1 14:22:37 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:38 executing program 2: r0 = socket$kcm(0x11, 0x3, 0x300) close(r0) socket$kcm(0xa, 0x40122000080003, 0x11) sendmsg(r0, &(0x7f0000001bc0)={&(0x7f0000001340)=@un=@abs, 0x2bb, 0x0}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x541b, 0x70f000) 14:22:38 executing program 1: inotify_init() ioctl$INOTIFY_IOC_SETNEXTWD(0xffffffffffffffff, 0x40044900, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]}) r0 = creat(0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, 0x0, 0x0) 14:22:38 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x1000006) read(r0, &(0x7f00003fefff)=""/1, 0x1) readv(r0, &(0x7f00000002c0)=[{&(0x7f0000cd8000)=""/1, 0x2e171c03}], 0x1) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)) fcntl$setsig(0xffffffffffffffff, 0xa, 0x12) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) [ 403.094129][ T32] audit: type=1804 audit(1571494958.145:54): pid=12502 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/60/file0/bus" dev="ramfs" ino=33133 res=1 [ 403.126697][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 14:22:38 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:38 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x80006, 0x0) write$uinput_user_dev(r0, &(0x7f0000000140)={'\ayz0\x05\xf0\x00\x00\x00\x80\xff\xff\xff\f\x00\x00\xfe\xff\xff\xff\x05\xff\xff\xff\x92\xc0\x00\x00\x05\x00'}, 0x45c) [ 403.357653][ T32] audit: type=1804 audit(1571494958.405:55): pid=12516 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/61/file0/bus" dev="ramfs" ino=32333 res=1 14:22:38 executing program 5: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet6(0x10, 0x0, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x0) write(r3, &(0x7f00000001c0), 0xfffffef3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000180)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00'}) 14:22:38 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x10, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:38 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) r1 = syz_open_dev$sndseq(0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000000)={0x0, 0x0, 0x0, 'queue0\x00'}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) close(0xffffffffffffffff) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000280)={'\x00\x00\x00\xe6\xff\xff\xff\x00\x00\x00\x00\x00\x02\x00', 0x5002}) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet6(0x10, 0x0, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000080)='threaded\x00', 0xfffffe58) r5 = creat(&(0x7f0000000180)='./bus\x00', 0x0) ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f00000002c0)={0x0, 0x7}) write(r4, &(0x7f00000001c0), 0xfffffef3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000180)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f0000000100)={0x0, 0x81, 0x0, 'queue0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x90\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00'}) 14:22:38 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x1000006) read(r0, &(0x7f00003fefff)=""/1, 0x1) readv(r0, &(0x7f00000002c0)=[{&(0x7f0000cd8000)=""/1, 0x2e171c03}], 0x1) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000080)) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000b28000)) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) poll(0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$setown(0xffffffffffffffff, 0x8, 0x0) tkill(0x0, 0x0) 14:22:38 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)) openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'eql\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\xf2\a\x00'}) io_setup(0x0, &(0x7f0000000240)) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xe3}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000100)) ptrace(0x10, r1) ptrace$pokeuser(0x6, r1, 0x388, 0xfffffffffffffffe) openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'eql\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 0x2a13}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_ifreq(r2, 0x8923, &(0x7f0000000700)={'eql:\xb3\x87\x00\x00\x00\x00\x00\x00\x00\x02\x00', @ifru_flags=0x3301}) [ 403.744060][ T32] audit: type=1804 audit(1571494958.795:56): pid=12536 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/62/file0/bus" dev="ramfs" ino=32382 res=1 14:22:38 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x10, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:39 executing program 4: r0 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040), 0x4) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) listen(r0, 0x400000001ffffffd) r1 = socket$inet6(0xa, 0x6, 0x0) openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000440)='TIPC\x00') perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$clear(0x7, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000003d40)=[{{0x0, 0xffffffbf, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}], 0x4000000000000d0, 0x0) [ 403.964164][T12540] : renamed from eql [ 404.057423][ T32] audit: type=1804 audit(1571494959.105:57): pid=12553 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/63/file0/bus" dev="ramfs" ino=32409 res=1 14:22:39 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x10, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:39 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/rt_acct\x00') lseek(r0, 0x3, 0x0) write$P9_RFLUSH(r0, &(0x7f0000001140)={0x7, 0x6d, 0x2}, 0x7) perf_event_open(&(0x7f00000010c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x6, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f0000000300)=0x80, 0x4) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) syz_open_dev$vcsn(&(0x7f0000000180)='/dev/vcs#\x00', 0x20, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000080)='highspeed\x00', 0xa) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000003c0), 0x4) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='clear_refs\x00') r4 = syz_open_procfs(0x0, &(0x7f0000000180)='stat\x00') sendfile(r3, r4, 0x0, 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, 0x0, 0x0) openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x43af667370f30e9e, 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES16=0x0], 0x2bcf) lseek(0xffffffffffffffff, 0x3, 0x0) ioctl$VIDIOC_ENUMSTD(r1, 0xc0405619, &(0x7f00000001c0)={0xbb, 0x7, "3b38f5f59ae91206f12d07cec800", {0x6, 0x8}, 0x1}) setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, 0x0, 0x0) shutdown(r2, 0x1) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='clear_refs\x00') r6 = syz_open_procfs(0x0, &(0x7f0000000180)='stat\x00') sendfile(r5, r6, 0x0, 0x1) r7 = socket$inet6(0xa, 0x3, 0x6) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x810, r7, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x800, 0x0, 0x100000003, 0x1, 0x4f, 0x2, 0x400000000}, 0x20) connect$inet6(r7, &(0x7f0000000500)={0xa, 0x0, 0x0, @mcast2, 0x7ff}, 0x9) r8 = syz_open_procfs(0x0, 0x0) sendfile(r7, r8, &(0x7f0000000240), 0x4000000000dc) dup3(r5, r7, 0x80000) recvmsg(r2, &(0x7f0000001440)={0x0, 0x0, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0, 0x7115}, 0x109) 14:22:39 executing program 1: r0 = socket$inet(0x2, 0xa, 0x0) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @dev}, 0x10) [ 404.368417][ T32] audit: type=1804 audit(1571494959.415:58): pid=12563 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/64/file0/bus" dev="ramfs" ino=33232 res=1 [ 404.491450][T12568] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET) 14:22:39 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:39 executing program 1: r0 = syz_open_dev$binderN(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0046209, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) [ 404.699783][ T32] audit: type=1804 audit(1571494959.745:59): pid=12577 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/65/file0/bus" dev="ramfs" ino=33264 res=1 14:22:39 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) r0 = socket$unix(0x1, 0x5, 0x0) fchown(r0, 0x0, 0x0) 14:22:40 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:40 executing program 2: r0 = eventfd2(0x0, 0x0) prctl$PR_SET_MM(0x23, 0x0, &(0x7f0000cfa000/0x2000)=nil) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) dup3(r0, r1, 0x0) ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, 0x0) 14:22:40 executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x1, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x3, 0x202000) close(r2) fsconfig$FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000140)='*\x00', &(0x7f0000000180)="047b5a97ec5fe6706ae6d73b73b92e08021b59154918141f3e37b033752de1", 0x1f) ioctl$BLKALIGNOFF(r2, 0x127a, &(0x7f0000000040)) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc2c45512, &(0x7f00000001c0)={0x9, 0x0, 0x0, 0x0, 0x0}) 14:22:40 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000006c0)={'vcan0\x00', 0x0}) connect(r1, &(0x7f0000000000)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x80) sendmsg$can_bcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="00200000020000000000ff000000671a77bba45086d21c20ab00"/45], 0x20000248}}, 0x0) sendmsg$can_bcm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="010000001bb0d1d045c35f7d00000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0020000002000000000000000000000075838bab01c86e7c"], 0x200001b8}}, 0x0) 14:22:40 executing program 0: gettid() openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0x32600) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) socket$kcm(0x29, 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz0\x00', 0x200002, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) socket$kcm(0xa, 0x922000000003, 0x11) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, &(0x7f00000000c0), 0x4) socket$kcm(0xa, 0x922000000003, 0x11) r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000000)) r2 = openat$cgroup_ro(r1, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) ioctl$TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000140)=0x6) sendmsg$kcm(r2, 0x0, 0x40c7) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r3 = openat$cgroup_int(r0, &(0x7f0000000040)='memory.max\x00', 0x2, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[], 0x32600) write$cgroup_subtree(r4, &(0x7f0000000240)=ANY=[@ANYBLOB="006d656d6f727920d5ac3c87683a4251072d42c213c465978fcbc4ea910e89715c0dda05dd629f5122111e308ec79d0c81e240aec9145ab4"], 0x38) openat$cgroup(r4, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0xb2) gettid() socket$kcm(0xa, 0x1, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$kcm(0xa, 0x2, 0x11) sendmsg$kcm(r5, &(0x7f0000000480)={&(0x7f0000000080)=@in6={0x2, 0x0, 0x0, @mcast2={0xff, 0x2, [0xe803, 0x7fffef55, 0xffffffff00000000]}}, 0x80, &(0x7f0000000340), 0x4a, &(0x7f0000000180), 0x2}, 0x0) sendmsg$kcm(r5, &(0x7f0000000100)={&(0x7f00000002c0)=@caif=@rfm={0x25, 0x7fffffff, "3fe2799549cc712de788fad999ade184"}, 0xfffffffffffffc1c, 0x0, 0xfffffdd2, 0x0, 0x2a9}, 0x4004004) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x8000) write$cgroup_int(r3, 0x0, 0x0) [ 405.109845][ T32] audit: type=1804 audit(1571494960.155:60): pid=12594 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/66/file0/bus" dev="ramfs" ino=32488 res=1 [ 405.203903][ T32] audit: type=1326 audit(1571494960.215:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=12591 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c89a code=0x0 14:22:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000580)='/proc/self/attr/current\x00', 0x2, 0x0) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/mISDNtimer\x00', 0x0, 0x0) dup3(r0, r1, 0x0) 14:22:40 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x5, 0x0, 0x0) 14:22:40 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_udp_int(r1, 0x11, 0xa, &(0x7f00000017c0), &(0x7f0000000180)=0x4) 14:22:40 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 405.385614][T12600] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 405.396072][T12600] CPU: 1 PID: 12600 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0 [ 405.404023][T12600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.414132][T12600] Call Trace: [ 405.417468][T12600] dump_stack+0x191/0x1f0 [ 405.421861][T12600] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 405.427794][T12600] dump_header+0x1e7/0xd00 [ 405.432248][T12600] ? _raw_spin_unlock_irqrestore+0x4b/0x70 [ 405.438093][T12600] ? ___ratelimit+0x542/0x720 [ 405.442919][T12600] ? task_will_free_mem+0x14c/0x810 [ 405.448179][T12600] oom_kill_process+0x210/0x560 [ 405.453081][T12600] out_of_memory+0x1796/0x1c70 [ 405.457892][T12600] ? kmsan_internal_set_origin+0x6a/0xb0 [ 405.470701][T12600] memory_max_write+0x90b/0xb60 [ 405.475706][T12600] ? memory_max_show+0x1b0/0x1b0 [ 405.480672][T12600] cgroup_file_write+0x41a/0x8e0 [ 405.485660][T12600] ? cgroup_seqfile_stop+0x150/0x150 [ 405.490973][T12600] kernfs_fop_write+0x55f/0x840 [ 405.495870][T12600] ? kernfs_fop_read+0x9a0/0x9a0 [ 405.501108][T12600] __vfs_write+0x1a9/0xcb0 [ 405.505687][T12600] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 405.511799][T12600] ? __sb_start_write+0x10b/0x230 [ 405.516871][T12600] vfs_write+0x481/0x920 [ 405.521326][T12600] ksys_write+0x265/0x430 [ 405.525688][T12600] __se_sys_write+0x92/0xb0 [ 405.530219][T12600] __x64_sys_write+0x4a/0x70 [ 405.534856][T12600] do_syscall_64+0xb6/0x160 [ 405.539397][T12600] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 405.545317][T12600] RIP: 0033:0x459a59 [ 405.549239][T12600] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 405.569128][T12600] RSP: 002b:00007ff2045b8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 405.577585][T12600] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459a59 [ 405.585585][T12600] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 405.593604][T12600] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 405.601812][T12600] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff2045b96d4 [ 405.609826][T12600] R13: 00000000004c9ef3 R14: 00000000004e1c48 R15: 00000000ffffffff [ 405.618127][T12600] memory: usage 3764kB, limit 0kB, failcnt 0 [ 405.625122][T12600] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 14:22:40 executing program 1: syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) syz_open_dev$sndseq(0x0, 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) close(0xffffffffffffffff) pipe(&(0x7f0000000140)={0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000180)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) vmsplice(r0, 0x0, 0x0, 0x0) [ 405.632224][T12600] Memory cgroup stats for /syz0: [ 405.635706][T12600] anon 2301952 [ 405.635706][T12600] file 0 [ 405.635706][T12600] kernel_stack 131072 [ 405.635706][T12600] slab 1118208 [ 405.635706][T12600] sock 0 [ 405.635706][T12600] shmem 0 [ 405.635706][T12600] file_mapped 0 [ 405.635706][T12600] file_dirty 0 [ 405.635706][T12600] file_writeback 0 [ 405.635706][T12600] anon_thp 2097152 [ 405.635706][T12600] inactive_anon 0 [ 405.635706][T12600] active_anon 2301952 [ 405.635706][T12600] inactive_file 0 [ 405.635706][T12600] active_file 0 [ 405.635706][T12600] unevictable 0 [ 405.635706][T12600] slab_reclaimable 0 [ 405.635706][T12600] slab_unreclaimable 1118208 [ 405.635706][T12600] pgfault 3300 [ 405.635706][T12600] pgmajfault 0 [ 405.635706][T12600] workingset_refault 0 [ 405.635706][T12600] workingset_activate 0 [ 405.635706][T12600] workingset_nodereclaim 0 [ 405.635706][T12600] pgrefill 0 [ 405.635706][T12600] pgscan 0 [ 405.635706][T12600] pgsteal 0 [ 405.635706][T12600] pgactivate 0 [ 405.729786][T12600] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=12598,uid=0 [ 405.746775][T12600] Memory cgroup out of memory: Killed process 12598 (syz-executor.0) total-vm:72576kB, anon-rss:2148kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:131072kB oom_score_adj:1000 [ 405.770056][ T1831] oom_reaper: reaped process 12598 (syz-executor.0), now anon-rss:0kB, file-rss:33856kB, shmem-rss:0kB [ 405.883469][ T32] audit: type=1326 audit(1571494960.935:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=12591 comm="syz-executor.5" exe="/root/syz-executor.5" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c89a code=0x0 14:22:41 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00008a7000)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c000000070605"], 0x7}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r1, 0x0, r3, 0x0, 0x4ffe0, 0x0) 14:22:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_udp_int(r1, 0x11, 0xa, &(0x7f00000017c0), &(0x7f0000000180)=0x4) 14:22:41 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000016c0)={0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setuid(r1) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0x2, 0x0, 0x0) 14:22:41 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(0x0, 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:41 executing program 4: [ 406.297155][T12640] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. 14:22:41 executing program 2: 14:22:41 executing program 0: [ 406.443489][T11489] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 406.453856][T11489] CPU: 1 PID: 11489 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0 [ 406.461796][T11489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.471919][T11489] Call Trace: [ 406.475270][T11489] dump_stack+0x191/0x1f0 [ 406.479636][T11489] dump_header+0x1e7/0xd00 [ 406.484090][T11489] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 406.490283][T11489] ? ___ratelimit+0x542/0x720 [ 406.495068][T11489] ? task_will_free_mem+0x2c9/0x810 [ 406.500302][T11489] oom_kill_process+0x210/0x560 [ 406.505189][T11489] out_of_memory+0x1796/0x1c70 [ 406.509978][T11489] ? kmsan_internal_set_origin+0x6a/0xb0 [ 406.515660][T11489] try_charge+0x2889/0x3d70 [ 406.520244][T11489] mem_cgroup_try_charge+0xa29/0xe40 [ 406.525603][T11489] mem_cgroup_try_charge_delay+0x7e/0x140 [ 406.531394][T11489] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 406.537332][T11489] handle_mm_fault+0x522b/0x9f70 [ 406.542334][T11489] do_user_addr_fault+0x905/0x1510 [ 406.548120][T11489] __do_page_fault+0x1a2/0x410 [ 406.552954][T11489] do_page_fault+0xbb/0x500 [ 406.557514][T11489] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 406.562951][T11489] page_fault+0x4e/0x60 [ 406.567210][T11489] RIP: 0033:0x47461d [ 406.571133][T11489] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 14:22:41 executing program 4: [ 406.590896][T11489] RSP: 002b:0000000000a6d5f0 EFLAGS: 00010246 [ 406.596994][T11489] RAX: 0000000000a6d710 RBX: 0000000000715f20 RCX: 00000000ffffffff [ 406.604985][T11489] RDX: 0000000000a6fcc0 RSI: 00000000004bf2cf RDI: 0000000000715f20 [ 406.613078][T11489] RBP: 0000000000a6fc90 R08: 0000000000a74ef0 R09: 00000000004bf2cf [ 406.621079][T11489] R10: 0000000002a16940 R11: 0000000000000246 R12: 00000000004bf2cf [ 406.629093][T11489] R13: 0000000000a6fcc0 R14: 0000000000000000 R15: 0000000000a6fdf0 [ 406.638267][T11489] memory: usage 1372kB, limit 0kB, failcnt 20 [ 406.644482][T11489] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 406.651384][T11489] Memory cgroup stats for /syz0: [ 406.651698][T11489] anon 131072 [ 406.651698][T11489] file 0 [ 406.651698][T11489] kernel_stack 0 [ 406.651698][T11489] slab 1118208 [ 406.651698][T11489] sock 0 [ 406.651698][T11489] shmem 0 [ 406.651698][T11489] file_mapped 0 [ 406.651698][T11489] file_dirty 0 [ 406.651698][T11489] file_writeback 0 [ 406.651698][T11489] anon_thp 0 [ 406.651698][T11489] inactive_anon 0 [ 406.651698][T11489] active_anon 131072 [ 406.651698][T11489] inactive_file 0 [ 406.651698][T11489] active_file 0 [ 406.651698][T11489] unevictable 0 [ 406.651698][T11489] slab_reclaimable 0 [ 406.651698][T11489] slab_unreclaimable 1118208 [ 406.651698][T11489] pgfault 3333 [ 406.651698][T11489] pgmajfault 0 [ 406.651698][T11489] workingset_refault 0 [ 406.651698][T11489] workingset_activate 0 [ 406.651698][T11489] workingset_nodereclaim 0 [ 406.651698][T11489] pgrefill 0 [ 406.651698][T11489] pgscan 0 [ 406.651698][T11489] pgsteal 0 [ 406.651698][T11489] pgactivate 0 [ 406.651698][T11489] pgdeactivate 0 [ 406.751628][T11489] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=11489,uid=0 [ 406.767325][T11489] Memory cgroup out of memory: Killed process 11489 (syz-executor.0) total-vm:72444kB, anon-rss:100kB, file-rss:35776kB, shmem-rss:0kB, UID:0 pgtables:122880kB oom_score_adj:0 14:22:41 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(0x0, 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 406.787124][ T1831] oom_reaper: reaped process 11489 (syz-executor.0), now anon-rss:0kB, file-rss:34880kB, shmem-rss:0kB 14:22:41 executing program 1: 14:22:41 executing program 4: 14:22:42 executing program 2: 14:22:42 executing program 5: 14:22:42 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(0x0, 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:42 executing program 4: 14:22:42 executing program 1: 14:22:42 executing program 4: 14:22:42 executing program 2: 14:22:42 executing program 0: 14:22:42 executing program 5: 14:22:42 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:42 executing program 2: 14:22:42 executing program 1: 14:22:42 executing program 4: 14:22:42 executing program 2: 14:22:42 executing program 4: 14:22:42 executing program 5: 14:22:42 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:42 executing program 1: 14:22:43 executing program 2: [ 407.930863][ T32] kauditd_printk_skb: 5 callbacks suppressed [ 407.930902][ T32] audit: type=1804 audit(1571494962.975:68): pid=12688 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/72/file0/bus" dev="ramfs" ino=33605 res=1 14:22:43 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x1) setresuid(0x0, r1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x10fab679f0c3fa11, 0x0) 14:22:43 executing program 5: 14:22:43 executing program 4: 14:22:43 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:43 executing program 2: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) rt_sigtimedwait(&(0x7f00000005c0), 0x0, 0x0, 0x8) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000100)) ptrace(0x10, r0) ptrace$pokeuser(0x6, r0, 0x388, 0xfffffffffffffffe) sync_file_range(0xffffffffffffffff, 0x0, 0x0, 0x0) 14:22:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000f3ff950000000000000017a56a01c73dacb15f284ccf39f486a0ef063f58e52d447d9d0070d52bafd9c4365dde7f3bbf02e9e67ef97a9029fd334749c2aba9c74e66b880084c49dc9d0654d65380438afb2c0c710cdaee6d1639c8a46f7f20161953d412002048bf8f117b054e35b249be84525d88d6ddd903a3083385703b008d81c83512000000000000000000b6af22d26b8a402c4219fbc2fcbe377bdefa6b1464269c367bff8cf7373d509b775a8fcc57a3b371f294748a65f80b422e4f8dfc3faee005e064b10879955a8e87b7e415485d185d14cdf56ba81846e2970d8074cb825aecfee02f4259ae9ada05094301a26db128856977825cd89817f8407b34b1dc5c5dabca0605d756e8076b09f1756815dba414a1ebfa2e75cfde9591814483591756b13bdc67d1a0bba3f59569a37bb624c27f1b52a4e6c1a28a5a3e19844a31d83e77a63a87c6a6a88d2d0a6bdf2b4bfb08c8508337e95ceb7d1895dca84af36b7ca3136166a6267819ed4b827757e324c0b9d01fdcffa169109d0b5f37f519c42ade3e6b97c3d0f0c0a7430b82982d006c9972e56f45bcca7a99a4cc6d0bdcb4b16fd58a1096e93db6244c446e2d85db5c748310d60e2f4b62c381c43e3674bc93e320a5b1b288578c4b7558e56b277f66894ecec87ad02cea7f056c4830c027"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x1000000000002, 0x0) write$binfmt_elf64(r2, &(0x7f00000005c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f000031aff8)={r0, r1}) 14:22:43 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') fchdir(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) quotactl(0x2080000202, &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000040)='-0-') 14:22:43 executing program 4: r0 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x2005, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) [ 408.435107][ T32] audit: type=1804 audit(1571494963.485:69): pid=12700 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/73/file0/bus" dev="ramfs" ino=33825 res=1 14:22:43 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(0xffffffffffffffff, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:43 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x1000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$admmidi(0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet(0x2, 0x76755c23ee56488f, 0x3f) listen(r1, 0x5) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = accept4(r1, 0x0, 0x0, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) ioctl$EVIOCGPHYS(0xffffffffffffffff, 0x80404507, &(0x7f00000000c0)=""/25) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x5, 'syz1\x00', 0xfffffffc}) ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r4, 0x40505330, &(0x7f0000000180)={{0x2, 0x8}, {0x1, 0xd}, 0x0, 0x2, 0x1}) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x4, 0x2152f0c30d36198b, 0x1}) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x1000000000054}, 0x98) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0}}, 0x0) [ 408.724712][ T32] audit: type=1804 audit(1571494963.775:70): pid=12719 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/74/file0/bus" dev="ramfs" ino=33857 res=1 14:22:43 executing program 5: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000140)='sysfs\x00*\x86OK\xc0\v\xce\x1b\xdb\x04,r&\xeb\x016\xd9bN\xa1\xd23t\xa6`\xfeZ\xc1sr/\xd3g\xad\"\xe8U0\x05\xa2\xe8\xbe\v\xc5QCy\xafr\x13\xd3+\x8d]\x06\xdc\x8f\xbf,\x84\x9e\xd9\xcd\xef\xc7K\x03\xdf\xa9\xcbZ\x90\xb2\vK$\xd7\x86,5f\xfc\xa51g\xd5BB5CZ=\xbbv\xbc}0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0xfc36, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f00000000c0)={'veth0_to_bond\x00', 0x815}) syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c250f30882050300eef70000000109022400010000000009040200026833cb0009050112080000000009058c0a08000000000c40c8a32820aaf2f1c0bc93b09135d69436d6b9023df703f2edd2591d9cdda8418ea687e52e305e68f5f2f9f3354ae888248ed0fa23b2f36d0000000001d36a4ad60ffd07d800000000000000cea3"], 0x0) r2 = syz_open_dev$audion(&(0x7f0000000100)='\x06\x00', 0x80000034f, 0x100600) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000180)={&(0x7f0000000140)=[0x6], 0x1, 0x872e, 0x7, 0x2, 0x3b3, 0xc69b, {0x3, 0x5, 0x5034, 0xffff, 0x7ff, 0x3, 0x400, 0xfff, 0x9, 0xf800, 0x5, 0x6, 0xff, 0xfffffffa, "5c1345e8e97c604962581a51bde297f0228f6f0011d4a0ab7aada30056ef7351"}}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000001140)='/dev/sequencer2\x00', 0x20082, 0x0) 14:22:47 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r0, 0x400) setsockopt(r1, 0x0, 0x4, 0x0, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e24, @local}, 0x10) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000180)={{{@in=@broadcast, @in6=@local}}, {{@in6=@mcast1}, 0x0, @in=@multicast1}}, &(0x7f0000000000)=0xe8) 14:22:47 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000100)={0x6386049c5d319236, 0x2, 0x2000, 0x1000, &(0x7f0000fff000/0x1000)=nil}) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040)={r0, r4}) r5 = socket$inet(0x10, 0x3, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS(0xffffffffffffffff, 0x80605414, &(0x7f0000000400)=""/4096) sendmsg(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000380)="24000000180007351dfffd946f6105000a1002001f00000903000800080017c00000ff7e280000001100ffffba16a0aa1c0900000000000020000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) 14:22:47 executing program 0: syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000020000102505a1a44000010203010902680002010000000904000001020d0000052406000105240000000d240f0100000000000000000006391a0000000c241b0000000000000000000905810300000000000904010100020d00000904010102020d0000090582020000000000090503020000000000"], 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r2, 0x3) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = getpid() rt_tgsigqueueinfo(r3, r3, 0x16, &(0x7f0000000000)) ptrace(0x10, r3) ptrace$getregset(0x4204, r3, 0x2, &(0x7f0000000100)={&(0x7f0000001300)=""/4096, 0x1000}) setpriority(0x0, r3, 0x7fffffff) [ 412.599544][ T32] audit: type=1804 audit(1571494967.645:72): pid=12759 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/76/file0/bus" dev="ramfs" ino=34872 res=1 14:22:47 executing program 5: stat(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000400)='/proc/capi/capi20\x00', 0x200800, 0x0) getegid() lstat(0x0, &(0x7f0000000580)) socketpair$unix(0x1, 0x5, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) socket$alg(0x26, 0x5, 0x0) getgid() syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000440)='/dev/vbi#\x00', 0x0, 0x2) fsconfig$FSCONFIG_SET_FD(r1, 0x5, 0x0, 0x0, 0xffffffffffffffff) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f00000000c0)=0x1, 0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = request_key(&(0x7f00000002c0)='cifs.idmap\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000340)='/dev/input/mice\x00', 0xfffffffffffffff9) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000940)='/dev/uhid\x00', 0x802, 0x0) r4 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT2(r4, &(0x7f0000000000), 0x6) sendfile(r3, r4, &(0x7f0000d83ff8)=0x3, 0x5983) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_LINK_STATS(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x30, r6, 0x23f, 0x0, 0x0, {{}, 0x0, 0xb, 0x0, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) sendmsg$TIPC_CMD_SET_NETID(r4, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2010}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r6, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0x8}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) r7 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$negate(0xd, r2, 0x49b, r7) unshare(0x60020000) pipe(&(0x7f0000001300)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r8, &(0x7f0000000140)=ANY=[], 0x4240a2a0) write$P9_RSETATTR(r8, &(0x7f00000004c0)={0x7, 0x1b, 0x2}, 0x7) 14:22:47 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, 0x0, 0x0) [ 412.852192][ T32] audit: type=1804 audit(1571494967.895:73): pid=12773 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/77/file0/bus" dev="ramfs" ino=34918 res=1 14:22:47 executing program 2: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="948e3fa292000007000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000800030000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50}}, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f00000000c0)) r1 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r1, &(0x7f0000000140)=[{0x6, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x218fe53f1794f59, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$HIDIOCINITREPORT(r0, 0x4805, 0x0) setsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f0000000000)=0x9, 0x4) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) [ 412.964054][T12771] IPVS: ftp: loaded support on port[0] = 21 [ 413.032226][ T3380] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 413.098500][T11495] usb 5-1: new high-speed USB device number 7 using dummy_hcd 14:22:48 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, 0x0, 0x0) [ 413.352336][T11495] usb 5-1: Using ep0 maxpacket: 8 [ 413.422344][ T32] audit: type=1804 audit(1571494968.465:74): pid=12784 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/78/file0/bus" dev="ramfs" ino=34955 res=1 [ 413.512041][T11495] usb 5-1: config 0 has an invalid interface number: 2 but max is 0 [ 413.520190][T11495] usb 5-1: config 0 has no interface number 0 [ 413.526482][T11495] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 8 [ 413.536322][T11495] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 8 [ 413.546257][T11495] usb 5-1: New USB device found, idVendor=0582, idProduct=0003, bcdDevice=f7.ee 14:22:48 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, 0x0, 0x0) [ 413.555437][T11495] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.602090][ T3380] usb 1-1: Using ep0 maxpacket: 16 14:22:48 executing program 1: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='ip6_vti0\x00 \x00', 0x10) connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @initdev}, 0x10) write$binfmt_elf32(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="4ef27f454c4600000033006c0000000000003800000000000000000000000000200000000000000000000000b54044539a1d79dc77a2034ed248bc6215279c2c88e3a4f41521b82a1d0c3c4b608c0150246249002554cbbfa7efd843165a0f870000000000006d614449328ae3e85ec615497d85cf8131138c66a6f17aaafda3ffa9244841d8444f4bd74d79311d8eaa6cd0c4812a5c1e2f3c0e9adeb63cd30bbec4a7d09486eed66be32502a96135c14df70f190d3d587e38c990dfafe18f3382c50000000000000000000000000e41cca7e56835e6b8027783a2043f439ac0225efba964e1b8118c3fb3d74321906bdebcbae0adb94d37e025649add64aeeb5d7298dd4ce9663139139a909e17860e551e28f4c42755985c02c8100bd857087c419997a5cfe6c2f0b00fb2544c1a6910f4d8cab9320038210911e9e7c065748786815cf2b973593147bb0db7636b1863eae17e6082ec908e307b335d5b89bce886f1db43cd5199e3ab0faf712f28c7af57173f99bf3e4fde2e2434d3ea2a17666b390000000000000000000047ff3364b84df4da969b40f538e074a254b492"], 0x38) [ 413.699880][ T32] audit: type=1804 audit(1571494968.745:75): pid=12789 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/79/file0/bus" dev="ramfs" ino=34980 res=1 [ 413.745636][ T3380] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 413.756774][ T3380] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 1, skipping [ 413.766394][ T3380] usb 1-1: config 1 interface 1 has no altsetting 0 [ 413.796963][T11495] usb 5-1: config 0 descriptor?? 14:22:48 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0), 0x0) 14:22:49 executing program 1: mlock(&(0x7f0000ffa000/0x3000)=nil, 0x3000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000000)=0x9, 0xb, 0x0) madvise(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x12) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8002, &(0x7f0000000040)=0x7fffffff, 0x7, 0x0) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x800, 0x0) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000000c0), &(0x7f0000000100)=0x4) [ 413.982553][ T3380] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 413.991690][ T3380] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.999867][ T3380] usb 1-1: Product: syz [ 414.004498][ T3380] usb 1-1: Manufacturer: syz [ 414.009154][ T3380] usb 1-1: SerialNumber: syz [ 414.049905][ T32] audit: type=1804 audit(1571494969.095:76): pid=12798 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/80/file0/bus" dev="ramfs" ino=34165 res=1 [ 414.094466][ T3380] cdc_ncm 1-1:1.0: skipping garbage [ 414.099892][ T3380] cdc_ncm 1-1:1.0: bind() failure [ 414.214711][ T31] usb 5-1: USB disconnect, device number 7 14:22:49 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0), 0x0) 14:22:49 executing program 4: syz_usb_connect(0x4, 0x7e, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xa7, 0xc3, 0x21, 0x8, 0x1608, 0x304, 0x225, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xc, 0x0, 0x2, 0x90, 0xec, 0xeb, 0x0, [], [{{0x9, 0x5, 0x7}}, {{0x9, 0x5, 0x2, 0x2}}]}}]}}]}}, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000000)='(@ppp1/\x00', 0x0, 0xffffffffffffffff) socket$inet6_udplite(0xa, 0x2, 0x88) [ 414.312676][ T3380] cdc_mbim: probe of 1-1:1.1 failed with error -71 [ 414.402322][ T3380] usb 1-1: USB disconnect, device number 20 [ 414.414840][ T32] audit: type=1804 audit(1571494969.465:77): pid=12809 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/81/file0/bus" dev="ramfs" ino=34184 res=1 14:22:49 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KVM_ENABLE_CAP_CPU(r5, 0x4008ae89, &(0x7f00000000c0)={0x7b, 0x5, [0x3b, 0x0, 0x40000020, 0x4], [0xc1]}) [ 414.922182][ T31] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 415.122481][T11495] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 415.172130][ T31] usb 5-1: Using ep0 maxpacket: 8 [ 415.292749][ T31] usb 5-1: config 0 has an invalid interface number: 12 but max is 0 [ 415.301083][ T31] usb 5-1: config 0 has no interface number 0 [ 415.307487][ T31] usb 5-1: config 0 interface 12 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 415.317439][ T31] usb 5-1: New USB device found, idVendor=1608, idProduct=0304, bcdDevice= 2.25 [ 415.326863][ T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.339126][ T31] usb 5-1: config 0 descriptor?? [ 415.382334][T11495] usb 1-1: Using ep0 maxpacket: 16 [ 415.384465][ T31] io_ti 5-1:0.12: required endpoints missing [ 415.522390][T11495] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.533566][T11495] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 1, skipping [ 415.543271][T11495] usb 1-1: config 1 interface 1 has no altsetting 0 [ 415.612019][ T5] usb 5-1: USB disconnect, device number 8 [ 415.702309][T11495] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 415.711513][T11495] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 415.720012][T11495] usb 1-1: Product: syz [ 415.724349][T11495] usb 1-1: Manufacturer: syz [ 415.729019][T11495] usb 1-1: SerialNumber: syz [ 415.774226][T11495] cdc_ncm 1-1:1.0: skipping garbage [ 415.779593][T11495] cdc_ncm 1-1:1.0: bind() failure 14:22:50 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/tcp6\x00') r1 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r1, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, 0x0, 0x0) timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) open(0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x800454cf, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) signalfd(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) sendmmsg$inet(r1, &(0x7f00000085c0)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000540), 0x1}], 0x1}}, {{0x0, 0xfffffffffffffda9, &(0x7f0000001c40), 0x10000042, 0x0, 0x3e7}}, {{0x0, 0x33a, 0x0}}], 0x120, 0xfa2a9dc01d15bf7a) preadv(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/169, 0x2aa}], 0x1, 0x0) 14:22:50 executing program 5: r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) sendto$inet(r1, &(0x7f0000000200)="e9899bb4a5d7c5378392794f2905108bee5c1c7ae40f2f789ec21eca11e63fc4a8a230004145c850c36c4ad8fe4b8530c0af494530ed632af973f445f01410c9f9307ec25518e8e751928e834616ae2c7ae31c7b1a5d20bcf8f653adabe24e076e75f304bbd078a6cdfde4ceda460269a2617118ea50d4ceae7f004e7c9bea3810111eb27d406666ac6a29417536de8c710071ae8f046cce6267b7555606e9dba8aded0fafe3c3ce2eadd3c3320aa37264b4acaac3104a5bd4eb1eb846e2a97f9835e5fca91411dc9081f1bc89a08f70416c16", 0xd3, 0x4000, &(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10) listen(r0, 0x2) r2 = accept4(r0, 0x0, 0x0, 0x400) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) connect$inet(r3, &(0x7f0000000100)={0x2, 0x4e22, @multicast1}, 0x10) write(r2, &(0x7f00000001c0)="c9", 0x1) write$binfmt_elf64(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="7f"], 0x1) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000140)={0x4}, 0x10) r4 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x81}, 0x8) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x4000, 0x0) ioctl$IOC_PR_CLEAR(r5, 0x401070cd, &(0x7f0000000300)) shutdown(r2, 0x1) 14:22:50 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0), 0x0) 14:22:50 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f0000000080)={0x9, 0x5}) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xfc09a9a3b32936de, 0x10010, r2, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 14:22:50 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0xffffffffffffffca, &(0x7f0000000080)={0x0, 0x41}}, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x20500, 0x0) bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfb, 0x40008}, 0xc) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd53, &(0x7f0000000080)=[{&(0x7f000000dfaa)="5500000019007f5300fe01b2a4a280930a800000000000000000000039000900350002000000000019000500fe800010000000dc1338d544132000000083de448daa7227c43ab8220000064fab91d00000000060", 0x55}], 0x15b}, 0x0) r2 = socket(0x10, 0x200080002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140), 0x492492492492805, 0x0) [ 415.904091][ T32] audit: type=1804 audit(1571494970.955:78): pid=12822 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/82/file0/bus" dev="ramfs" ino=34238 res=1 [ 415.952377][T11495] cdc_mbim: probe of 1-1:1.1 failed with error -71 14:22:51 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{0x0}], 0x1) [ 416.012988][T11495] usb 1-1: USB disconnect, device number 21 [ 416.056580][T12834] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 416.224834][ T32] audit: type=1804 audit(1571494971.275:79): pid=12841 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/83/file0/bus" dev="ramfs" ino=35149 res=1 14:22:51 executing program 0: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe3, 0x11, 0xd7, 0x10, 0x4348, 0x5523, 0x403a, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x56, 0x0, 0x0, 0x4f, 0x19, 0x6d}}]}}]}}, 0x0) r1 = dup(0xffffffffffffffff) mq_getsetattr(r1, &(0x7f0000000040)={0x9, 0x937a, 0x6, 0x8, 0x1, 0x7, 0x6, 0x6}, &(0x7f0000000180)) syz_usb_control_io(r0, 0x0, &(0x7f0000000080)={0xac, &(0x7f0000000140)={0x0, 0x0, 0x2, "d6c0"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 14:22:51 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{0x0}], 0x1) [ 416.413648][T11559] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 416.500196][ T32] audit: type=1804 audit(1571494971.545:80): pid=12851 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/84/file0/bus" dev="ramfs" ino=34372 res=1 14:22:51 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000380)={r0}) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e20, 0x4, @dev={0xfe, 0x80, [], 0x1a}}}}, &(0x7f0000000480)=0xfffffffffffffe3a) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000004c0)={r4, @in6={{0xa, 0x4e20, 0x800, @local, 0x7}}, 0x361, 0xfff, 0x8000, 0x20, 0xcf}, 0x98) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="122100001e78060023398a713798000000010902240001000000000904bd0002d085180009050b02000000000009058a020000000000"], 0x0) 14:22:51 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{0x0}], 0x1) [ 416.660098][T11559] usb 5-1: Using ep0 maxpacket: 8 [ 416.712085][T11495] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 416.741804][ T32] audit: type=1804 audit(1571494971.785:81): pid=12860 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/85/file0/bus" dev="ramfs" ino=34398 res=1 [ 416.792284][T11559] usb 5-1: config 0 has an invalid interface number: 12 but max is 0 [ 416.800514][T11559] usb 5-1: config 0 has no interface number 0 [ 416.806816][T11559] usb 5-1: config 0 interface 12 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 416.816735][T11559] usb 5-1: New USB device found, idVendor=1608, idProduct=0304, bcdDevice= 2.25 [ 416.826011][T11559] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.885282][T11559] usb 5-1: config 0 descriptor?? [ 416.929111][T11559] io_ti 5-1:0.12: required endpoints missing [ 416.963734][T11495] usb 1-1: Using ep0 maxpacket: 16 [ 417.002382][ T31] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 417.082505][T11495] usb 1-1: config 0 has an invalid interface number: 86 but max is 0 [ 417.090664][T11495] usb 1-1: config 0 has no interface number 0 [ 417.097034][T11495] usb 1-1: New USB device found, idVendor=4348, idProduct=5523, bcdDevice=40.3a [ 417.106377][T11495] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.116024][T11495] usb 1-1: config 0 descriptor?? [ 417.154669][T11495] ch341 1-1:0.86: ch341-uart converter detected [ 417.167406][T11559] usb 5-1: USB disconnect, device number 9 [ 417.292160][ T31] usb 2-1: device descriptor read/64, error 18 14:22:52 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000440)=@nat={'nat\x00', 0x19, 0x2, 0x250, [0x20000700, 0x0, 0x0, 0x200008f0, 0x20000920], 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000d00000000000000088e69726c616e3000bc0b0000000000000069705f767469300000000000000000007379000000000000000000000000000076657468305f746f5f626f6e64000000aaaaaaaaaabb000000000000ffffffffffff000000000000000070000000e0000000180100006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa240000ffffffff000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000000000000000000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000ffffffff000000001f000000000000006803626f6e645f736c6176655f310000000073797a6b616c6c65723000000000000079616d3000000000000000000000000062707130000000000000000000000000aaaaaaaaaa00000000000000aaaaaaaaaabb000000ff000000007000000070000000a80000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaaaa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff00000000"]}, 0x2c8) 14:22:52 executing program 3 (fault-call:7 fault-nth:0): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:52 executing program 5: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x542, 0x0) openat$cgroup_type(r0, &(0x7f0000000080)='cgroup.type\x00', 0x2, 0x0) r1 = syz_usb_connect(0x0, 0xce, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x68, 0xa4, 0xa, 0x40, 0xc45, 0x608c, 0x52d9, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xc2, 0x0, 0x0, 0x5d, 0xbe, 0x2b}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, &(0x7f0000001c80)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a79c900000100923710"], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) 14:22:52 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") r1 = socket$inet(0x10, 0x2, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r3, 0xc0605345, &(0x7f0000000240)={0x1, 0x2, {0xfffffffffffffffb, 0x3, 0x8, 0x0, 0xfffffffe}}) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="24000000190007041dfffd946f61050002f80200fe02000000010800080012000400ff7e280000001100ffffba16a0aa1c0900000000000012000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) [ 417.538530][ T32] audit: type=1804 audit(1571494972.585:82): pid=12873 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/86/file0/bus" dev="ramfs" ino=34431 res=1 [ 417.543411][T12873] FAULT_INJECTION: forcing a failure. [ 417.543411][T12873] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 417.574194][T12873] CPU: 1 PID: 12873 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 417.582134][T12873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.592239][T12873] Call Trace: [ 417.592301][T12873] dump_stack+0x191/0x1f0 [ 417.592355][T12873] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 417.592426][T12873] should_fail+0xa3f/0xa50 [ 417.600085][T12873] should_fail_alloc_page+0x1fb/0x270 [ 417.615918][T12873] __alloc_pages_nodemask+0x3c1/0x60c0 [ 417.616206][T11495] usb 1-1: failed to send control message: -71 [ 417.621444][T12873] ? is_bpf_text_address+0x47d/0x4b0 [ 417.627868][T11495] ch341-uart: probe of ttyUSB0 failed with error -71 [ 417.632898][T12873] ? __kernel_text_address+0x24f/0x350 [ 417.632963][T12873] ? unwind_get_return_address+0x8c/0x130 [ 417.651193][T12873] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 417.657341][T12873] ? arch_stack_walk+0x29a/0x3e0 [ 417.662592][T12873] ? stack_trace_save+0x1b0/0x1b0 [ 417.667673][T12873] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 417.674186][T12873] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 417.680121][T12873] alloc_pages_current+0x68d/0x9a0 [ 417.685638][T12873] kmalloc_order_trace+0x94/0x3f0 [ 417.690698][T12873] ? __msan_get_context_state+0x9/0x20 [ 417.696190][T12873] __kmalloc+0x2e6/0x430 [ 417.700466][T12873] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 417.706562][T12873] ? kmsan_get_metadata+0x39/0x350 [ 417.711701][T12873] kmalloc_array+0x6d/0xe0 [ 417.716156][T12873] rw_copy_check_uvector+0x1ea/0x650 [ 417.721483][T12873] import_iovec+0x19f/0x660 [ 417.726032][T12873] do_readv+0x2de/0x710 [ 417.730230][T12873] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 417.736156][T12873] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 417.742248][T12873] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 417.748179][T12873] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 417.754123][T12873] __se_sys_readv+0x9b/0xb0 [ 417.758675][T12873] __x64_sys_readv+0x4a/0x70 [ 417.763403][T12873] do_syscall_64+0xb6/0x160 [ 417.767939][T12873] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 417.773848][T12873] RIP: 0033:0x459a59 [ 417.777788][T12873] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 417.797852][T12873] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 417.806290][T12873] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 417.814286][T12873] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 417.822622][T12873] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 417.830793][T12873] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 417.838796][T12873] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 417.885294][T11495] usb 1-1: USB disconnect, device number 22 [ 417.892721][T11495] ch341 1-1:0.86: device disconnected 14:22:53 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f00000002c0)={0x0, 0xffffff88, &(0x7f0000000280)={&(0x7f0000000080)={0x68, r1, 0x5, 0x0, 0x0, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0xf02, @media='ib\x00'}}}}, 0x68}}, 0x0) [ 417.930097][T12869] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. 14:22:53 executing program 3 (fault-call:7 fault-nth:1): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 418.024179][ T31] usb 2-1: device descriptor read/64, error 18 [ 418.075768][ T32] audit: type=1804 audit(1571494973.125:83): pid=12882 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/87/file0/bus" dev="ramfs" ino=34450 res=1 [ 418.102874][T12882] FAULT_INJECTION: forcing a failure. [ 418.102874][T12882] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 418.116096][T12882] CPU: 1 PID: 12882 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 418.116110][T12882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.116116][T12882] Call Trace: [ 418.116152][T12882] dump_stack+0x191/0x1f0 [ 418.116200][T12882] should_fail+0xa3f/0xa50 [ 418.146166][T12882] should_fail_alloc_page+0x1fb/0x270 [ 418.151559][T12882] __alloc_pages_nodemask+0x3c1/0x60c0 [ 418.157036][T12882] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 418.163394][T12882] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 418.169388][T12882] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 418.175553][T12882] ? prep_new_page+0x792/0x9b0 [ 418.180344][T12882] ? get_page_from_freelist+0x11d3/0x19f0 [ 418.186116][T12882] kmsan_alloc_page+0xc3/0x370 [ 418.190891][T12882] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 418.196803][T12882] __alloc_pages_nodemask+0x149d/0x60c0 [ 418.202361][T12882] ? is_bpf_text_address+0x47d/0x4b0 [ 418.207737][T12882] ? __kernel_text_address+0x24f/0x350 [ 418.213219][T12882] ? unwind_get_return_address+0x8c/0x130 [ 418.218951][T12882] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 418.225005][T12882] ? arch_stack_walk+0x29a/0x3e0 [ 418.229930][T12882] ? stack_trace_save+0x1b0/0x1b0 [ 418.235012][T12882] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 418.241091][T12882] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 418.246987][T12882] alloc_pages_current+0x68d/0x9a0 [ 418.252105][T12882] kmalloc_order_trace+0x94/0x3f0 [ 418.257119][T12882] ? __msan_get_context_state+0x9/0x20 [ 418.263188][T12882] __kmalloc+0x2e6/0x430 [ 418.267517][T12882] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 418.273603][T12882] ? kmsan_get_metadata+0x39/0x350 [ 418.278813][T12882] kmalloc_array+0x6d/0xe0 [ 418.283344][T12882] rw_copy_check_uvector+0x1ea/0x650 [ 418.288728][T12882] import_iovec+0x19f/0x660 [ 418.293319][T12882] do_readv+0x2de/0x710 [ 418.297594][T12882] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 418.303589][T12882] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 418.311210][T12882] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 418.316954][T12882] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 418.322867][T12882] __se_sys_readv+0x9b/0xb0 [ 418.327385][T12882] __x64_sys_readv+0x4a/0x70 [ 418.331985][T12882] do_syscall_64+0xb6/0x160 [ 418.336499][T12882] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 418.342402][T12882] RIP: 0033:0x459a59 [ 418.346297][T12882] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 418.366256][T12882] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 418.374681][T12882] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 418.382654][T12882] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 418.390624][T12882] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 418.398599][T12882] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 418.406561][T12882] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 418.419807][T11559] usb 6-1: new high-speed USB device number 2 using dummy_hcd 14:22:53 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x6) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) setsockopt$inet6_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "99488fb4d04a1cd9", "80324ec47b1e57478a3bb5bc5687abbc9e6cc14396e03fe3466229c157103edd", "d68fd67b", "27d29d0a362379f7"}, 0x38) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000300)={@mcast2}, 0x20) 14:22:53 executing program 3 (fault-call:7 fault-nth:2): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 418.582268][ T31] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 418.625957][ T32] audit: type=1804 audit(1571494973.675:84): pid=12892 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/88/file0/bus" dev="ramfs" ino=35262 res=1 [ 418.661934][T12892] FAULT_INJECTION: forcing a failure. [ 418.661934][T12892] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 418.675273][T12892] CPU: 0 PID: 12892 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 418.683161][T12892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.693201][T12892] Call Trace: [ 418.696490][T12892] dump_stack+0x191/0x1f0 [ 418.700815][T12892] should_fail+0xa3f/0xa50 [ 418.705243][T12892] should_fail_alloc_page+0x1fb/0x270 [ 418.710614][T12892] __alloc_pages_nodemask+0x3c1/0x60c0 [ 418.716070][T12892] ? apic_timer_interrupt+0xa/0x40 [ 418.721191][T12892] ? vfs_readv+0x280/0x280 [ 418.725605][T12892] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 418.731579][T12892] ? prep_new_page+0x792/0x9b0 [ 418.736347][T12892] ? get_page_from_freelist+0x11d3/0x19f0 [ 418.742077][T12892] kmsan_alloc_page+0x131/0x370 [ 418.746929][T12892] __alloc_pages_nodemask+0x149d/0x60c0 [ 418.752465][T12892] ? is_bpf_text_address+0x47d/0x4b0 [ 418.757765][T12892] ? __kernel_text_address+0x24f/0x350 [ 418.763230][T12892] ? unwind_get_return_address+0x8c/0x130 [ 418.768940][T12892] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 418.774992][T12892] ? arch_stack_walk+0x29a/0x3e0 [ 418.779918][T12892] ? stack_trace_save+0x1b0/0x1b0 [ 418.784955][T12892] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 418.790840][T12892] alloc_pages_current+0x68d/0x9a0 [ 418.795951][T12892] kmalloc_order_trace+0x94/0x3f0 [ 418.800969][T12892] ? __msan_get_context_state+0x9/0x20 [ 418.806416][T12892] __kmalloc+0x2e6/0x430 [ 418.810649][T12892] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 418.816706][T12892] ? kmsan_get_metadata+0x39/0x350 [ 418.821816][T12892] kmalloc_array+0x6d/0xe0 [ 418.826313][T12892] rw_copy_check_uvector+0x1ea/0x650 [ 418.831602][T12892] import_iovec+0x19f/0x660 [ 418.836109][T12892] do_readv+0x2de/0x710 [ 418.840268][T12892] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 418.846155][T12892] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 418.852210][T12892] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 418.857956][T12892] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 418.863854][T12892] __se_sys_readv+0x9b/0xb0 [ 418.868353][T12892] __x64_sys_readv+0x4a/0x70 [ 418.872933][T12892] do_syscall_64+0xb6/0x160 [ 418.877435][T12892] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 418.884013][T12892] RIP: 0033:0x459a59 [ 418.887988][T12892] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 418.907854][T12892] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 418.916252][T12892] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 418.924211][T12892] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 418.932167][T12892] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 418.940126][T12892] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 418.948084][T12892] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 418.965518][ T3380] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 419.083324][T11559] usb 6-1: config 0 has an invalid interface number: 194 but max is 0 [ 419.091697][T11559] usb 6-1: config 0 has no interface number 0 [ 419.098079][T11559] usb 6-1: New USB device found, idVendor=0c45, idProduct=608c, bcdDevice=52.d9 [ 419.107822][T11559] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.118774][T11559] usb 6-1: config 0 descriptor?? [ 419.175580][T11559] gspca_main: sonixb-2.14.0 probing 0c45:608c [ 419.182323][ T31] usb 2-1: device descriptor read/64, error 18 [ 419.232073][ T3380] usb 1-1: Using ep0 maxpacket: 16 14:22:54 executing program 0: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x40000, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000080)={'icmp\x00'}, &(0x7f00000000c0)=0x1e) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x1b3404, 0x0) 14:22:54 executing program 2: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f00000016c0)=[{{&(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1ce3005a6945080000003d0000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac1414aa00000000180000000000000000000000070000000144040800000000"], 0x38}}], 0x1, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) r2 = socket$inet(0x2, 0x3, 0x1) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000001300)={{{@in=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6}}, &(0x7f0000001400)=0xe8) sendmmsg$inet(r0, &(0x7f0000003980)=[{{&(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x7f}, 0x10, &(0x7f00000011c0)=[{&(0x7f0000000080)="6e837d80e4fec03071b4b7eada61a88086dbefd348b97c1acb92e6cc795522c076f644507378c2c28de29af2b4ed2036f4ab91e195a350a575299eebe291d12912775a898cfdb68e4a6c23be2a8ff9a09dd1a3366ec385f84352349a21a45fef5619940f8b1c62ce820898cd704fc080209cec32eb63001bdae0cf197593006db4fd53e7c4ad5e2285b2b127e6530709bfc26b26db60f603ecfd5202ac", 0x9d}, {&(0x7f0000000140)="3b1acd15a2a4c3fd099b41f4fe49245d12a2ae248620414c6b500f4159ce4723ce4c28d27aaa2e67b5e6e3373a50a6fa23928f6f27d9cf6ef06ed54f55d6a9c0beb50bb055e974604cafa437e7cecf04293bc4a979c5ab37f56abb8ffa8e7b439ba2f28b76e4976728e60dafd19512f40eebfa06c8f2cf27a52e66a0eaa117dfffd8a854907b7e3411a446437eea3cbc04858d4d30c1938c637682fc00e57b50f71a0c88988df81cd0d20b79a67440ffce13fed4effcd9d34a96884794ccaac72cc41144f524d95808daabf705ce529563e7344f598dbc8ae1da9219d69fcca276d9e12f37f7ab58b343e8cd8b930ea9c64c8ba2bff12aa9f885c3c4a36c5df031f8d54bedb8a9b77c6a7af4849c2227f8005032aee80d4f3ac75ecd5bfd20a551e92dcf9db6adf4523233b3e224766a3b089c1caca0d9c61d6ec9d1d9d12f9030e486326d50dba342097aa8bf0ce6b4ed37cc4f8fb9709f12fba421287cbddb91dfc3f2c44ee0e26fde62dab46166480b440b572f7d2a18605227f1af2bfe576a7c14ae0210970123aed09503adb7c8485d01331509a76c8b6afccc8fa4439f9531250c68d6f6cb45b55da846d938a0b2f43ede4c70836fb5475dacd10711ae834c93e3d2b02d4b87018063a93d4c31a21b975afd723fa4eaeea6254d278fc98ba838a8c81c4f496c7bcc4606f7d6c14e07ba76d2889c2082522fca5e5cbc202020d518a0767f74161b43ed549d0dfbc1d42e430e73b0ed09b1049b99e48c79418d0fdb4e11b78f57d395cf1d1c7e40413e1b18329ed288d5224ca847e3912b688ef060ca0bc35e78cf96af24e0daef539b0b62936453c8a1940c261f148122cfba4c6ff452b77a3b53f0a26b4dd9d07e3f044a13059b4c337e1fbba9fc853594331686015de4dfff44896241562622eaf9ec3b88d27f886ff9fe256cac6e757e540e561d896af41c2fa2e49a5fa86dda5ada9ed1140eeb3500455837c21cd343a480b5c3e3d7ab55c3f62e41e3fb1f9a7d535cd5a1d7d37aeea26b05c01c4c0a4b6f28d57ca651493032250f8ae4944f18f668695ba9b2bfee78cd2c8147cddc5b8f5204cba46df38dcbd53e9f5c8b331ff5c5157a49c90b9e63d7bafe6439bfd2192468e8cbb8c8b5a80a6aec79f06175dc69680a9b986aeaec6b6eeabff419226d5310def785cbbdefd73c558c5778f431b051f4b4bce43c933a1c82d00ce728e7f91a3c1bd0321b8991c3423b7a221fecfb5801a1f24199204ba08bf22ab9ab0ea201c0faee7e663101df2066c13d3050c327db24024ec815633371e75607712c5a8b6376c191eaa2bd3153615cad4aa39d108e297cf0c051ca60583a394c9e4c9fedb1f77dc997dbfab99d0a28184ffcaf32edfb38fd7db4a65a403b669cae2c566d6da3fb814a83a519bc8964a90b7e85327ce931bb46fcc2c952297ac574255e3f5f27ee671d97bea66421fac21b39dcc3873b5ab451399cdc504ee0d8c702c77542c6d1cb8c020c1507300655572c1796a88db5a76fdaf632f9b50499991ea586b75408133731f36345ab0dfbd49940dbadfe79d8fb884e34f875ad784e0cd226d169cad72729e7d7297e92e0166cf66ccb2a258136b722764fbb7d0732fb3b0c0f90f9c6d6683e681ecc3469d5c34140d349d010ca0f79e4704bce502e911aceeb399cd1e5773a440e603af212d3bfbfdf2b17569e11c1d1b3753016f9b997f0c70864d0e063bc183a28b87951e860a489fd2afbe95285f63fd39e5c2fd5fe0d16ccfa7d87e0f6fc8162266089eab428ecf512f47f70f052873107b8b7629b0f9c7005615e2a972172bf04d4a013f6724d4b5defad76ce80c338659f42d0fcbf9b33901daa7f7b80d86fe85d2b24d8694d1541bf6ef707cd31533a51c57f02933df9d6e6da94ea80168e041d8f0287012f6913f78b045d74ab1288688b269d0b801af206a3d0c7ed9084a9cc6d13224c6f9a74693affe3e63b633d64fa3ad4de3884f3da2940220eef401df3e49c6445a8a7fae3b342d7282712e656d628d31f3759158dffa24bce71c8c3c281dee30f83a71dd8651f93bd151a4763da0beefcdaaf5d32df30d4040d2d985003f5129992b94afef02c03480a64e26388f3ea219f777c902deb32a55c0011cfacf2fdd931191bc392eb1367e3d869978ce376179ead87fc973da243b3e3de515c557229391960c6b3298bef5bab0ca2213f00a869ca15f4cba7306c8aec50b49bf202eabbd4310ed250dabbbc3f0c97898191460c48978b431310c35695fc46d04ab17e7c6fb51de39c5e3da991537942ed41e7281ed1318e4aabc196a5d5a3a267ea2446dace434040ad173c715c70cf358965134066006b4714ea1742b8959111d17d6cee2b62b520721cc4f4d9b61189221b9ab0bb3214a6a61cd3340ebaf01704801eb03110164ed644431e4111cf5404b4784e7f45024df7bd3ba7fb5ecfd078ba27003194e902a624c08b34cb4c3f02212a8b7f21672f9422153eceb727c933bd6a6f8847a0a6d0a2f02b503f61c6c1e813ceeb003acc3022c81eca7c6b4ba25643b603260d580f55b8e4fad80bf4463a329de941296f41c51814255e8b81e489a693c6fe47509d6f4029487f8a9aff19b7b651b8eec84c5b1de29f95813eaa7d3b1e3d17fc336598f55d4eb4a96b5a4eef82d113477abdd0fdad65f48c39608f32850e7ea75dca6ff9fb4518739f278557d7f879c3bbc1868724ce8794a89ed67a5400d4f87314463e52937d1493a50f7642d405f79fa089aac91168b9998a5285ada84736711a512f5b9d99e18d23849b11b7d5e1dd3b67c8edebaf25f1a0744fedb8b945e6343220790cf599a4afb03e1ada5bd50c119564dd7e1967b085aac9246f32643e57bb35fb95a5dffae96b1780fd88e9ec75416bb4eed11e44d5448f31a75020ce89453c1081a5875a487d06a1e8e356e25d1d825134fecd1d8dd8f37c9cda6d2db84c2afa78ad5175a284012324f4ea79f5fa6f51f9f47287733132d279e4a402303033877a2b79f755482bc31bd4549e76197cd4afaa0a1b9593675048843cd36a197c095087348de1c959477ad925d7c9555b4aafe10a7589e35a89e6cbc99e777dc593bb580925eeaa1f12df43e809366adb3b9964c7c612217e2b60b7a156dc4a1afe425456fb80b37057df3791e233b0f705ff3f00ccb26a5f6955f7158ef577d8245dbbe4ae56b3b5b5ee24015ad14b74d80e9e076b211b9e697c907b4728d6893d948fa28acc1f5b845683d90a5b2af043b686bce37b071c489013d6bf30b960acc6be2522f94e920e77aa9e178bc5ed386e5075ff146f7d3735d2e5fc061da8b71d813ed03fb763739e0309014fcd8bf8b29f7685330df4896ac59bba1ce625bf915aba336f87ff1ed3b4b0d424f94efe03e5771b4d99ff2fe9292d64f32ffd77adbb9e5056c731519172f47d98822da167db091916885d2046c22ac346097fa3c9397b0a8e4099ab41d59316f9955f65283d96b3a22ac95c29dc774da12cc82aef42cf221402a34f3ea7325f26daf780f2cf8db68ab2397ed587945c522dac3c1d72df27520a4258e218b3d6147c9ca7acf2638285d108b58ae69715a00f9e08552332ac7a975e726f74301bd1d29f9ba64e292ddc51cd03cb8df5f35c8b868ddc9813e0681618d41e71f11126f9a64c5becafc697483b4bc8bc90d24aab3efa2e08f424af528958920adef7926bfb27d08531c37a08dcd2a6024260bd84c8209d929a5ff14a8df11153b110fc879b1491af9f9077ffb8a76ff3823a1a6109cfa38b3fc099533ae712400b8a81768131757bd92c284944cd2cff9faccac37da64eb951ab9d18ab8215303b20bdb65b78983bc1ef3bc1131390e6d8c4472d1cd991a134ecfcceede5307e7aed661d0078d4fa5e65b57c53ecd47b7b9d78a3e34708275c6f80e4fab457fb5e5eb1ae775c1d28e7680aac932823acb72a53da0f58ffb517512da4e3e8f872efce807c4a376c1dea44cef9c2be2a11ca0d65ecd0e2effc49a9e14da8ac3a5d7029a4539085cddc64c64ac8806dcc3400e689ff1e03073f9a067a4cfe296fc917611ebe844d98357316404dbc06e80d5206cd1ca98fb7730ffde2d58c33567f0d9e8badc87fa75a7616670d931e05e712e1c95c3362d2b7d298de0a0d2f510d0b0e00089a781f198a542f168b6fbaf83d12a82a2d9eb2b34b18e38cbde3d03501ef7955bc2f46c53f84b992a11547b0eb5807e375edd2526e30763be0e6c840bbfdbd952c20bf08bd8285fbfdd70e5de26d1c6394ad34734ab42ce6cee45ec8f91420a6444b23114172f7de04417682bea56830514195983276a9a458d5feb7c3b0bfb33f38959669ba7bf7000dc470bf91fa49a63a793c3ffe46724901665d70f1e75d6dc3b17cb3d35c1bcb7e33cfb9c256518faef8ac04b6d08c2063867f0a156226a6caf56ac220d88201881006dfb870bcc7da71cae2edad9ec02b7a182924d96cb74fdde0a1ec4fafd958c14c736929123ba417ba3ade2c80e1b190f6f939da6fa88f4e827e6ae11955d6ece1df55ba3f02c880143e3aa6b96f1d7a99efcf7da351fe23e477c520c05f63e51396be74427659c1e12530ce4683b369f9c1e7dfa2f7079d71e2e62f2ee24fda4a7bd55ec765cfabffc956d6bfe20f171ae864e49e950a280da073fd71b4fae4fe75c3d79d4d930574bddf8ba3601971b2a27c5cc4a9ea7c57876e38bcb8e8bbd67b0adedc8cd0daca83658869dd318b3e5d26affbc17b34d7a1f57b995e1d7ce1fae894cba575eb0dec33b756cf2379922d6b70ceadacd6df150f6264b543103eaa5eef727ea6800dbbf0c4bc6afafa00d45f34bbf334f75b0fb0e6705deb3c45268f11a94fa64b27898239f75c14b5317518bcb99809817b8185a6adeeade590dd8338f973afcee988f9b6e043c4a00343fd143e8c9bfef32a7e8862bf572bcda0bceb2633097133e15a9badf3b6e3f3b1226c3cc11db437f78d3e6165889b7cda8b431305c9be700ac0f13d5e345ce6597cdef83f85e93553f86d612f9d08542d908f113c48be73268400bb548430e5edef1893cd935944f976712db9a8ca5d0aa95fd2b17c3ceb87fea918a3802977d439a00afc4cd9974c08608540ec8f6dac7a8a44a8f6ee7f8bcedc4a7ebde676f51b8fd916c9872c80e311bb9745a53838969cc20f43440956bfb3bb3ab4fad3ee69122fab133de9c837e8c5c92f6aba91cfa9daf56d71375956232f71c349ad360dec7e6d0023fffae59d04768fe46ff4cc694b6890b685315211c610752df0a540a9dfc3691a9109617bb86953cb80bbb4badc18fd66e0e0d81d488d3a7054f17929a27611e9121f31097406b502565dda34a8e0d9d8ef16240d1f13f57f94b6b5faeca2544b3ddaecda47144a163c3b13bbe1c1bf99276ff9b2dc7eaa36f724ab34e10f5f2d35394644601f3a98c7a461328eed8f757e74c8bdf4e022a18b44ea4c57d94fee1fd2b72c8c677ecba54d320005daa74ba2ee22c84395580678d19018204ed1038ff2893f904463bb5c39cdb9dc6c1c3e440b0b8772d509f747b5945a45ad8c9acc778f7b6ca3f68a76decd459fff85ddc04e51a0c5f7546dc8e141ca6b562945122cd5f0814deea44396cad892f4580e0f32b13c6c28f02211da659a16f83e70cb9594b6c60a20b3d74f95b227854477d682ce1de6b26353a0e0f06fae100f587691c7487a34ca7f97e302227849c238739459296689bbe7786f1994cdb162545974bdd1fbcdf8865c18eeae6e9b713d", 0x1000}, {&(0x7f0000001700)="cc1d0cb44e59395051477dbfb3c4a5f85c7134a977d6b40fd168ea81920f90d4f43816022e49e9109ef4aba1c76c0bb229227d7c9f7c1687fd512198bff8e0c4f48bc1c46424212b2b408ac3dc9e9b5b84f8e09dad340860a254690d452913f34494157548a84b5260866fc56037ba7c39401aa06602f115660bc1e97821ca21a71feccd6d5fb07ed741ebd91c2ac9afd7e1b186c219426c85726145a9d0e1091f6f3f33649a5f25a3ef5b7b848ef3446dd4b2cd285aa87728aa593c47c78a4850f07a04f4a24161c45d3bc22d3f0d6a93e7161d1ee56f89cb651b8247b2ccb4f7ba3d7d77b5a4d08190796cc13359325d9ff66d2bdb44d865fc5d67e786ac8584e271fbe92c9cc1ce72d8b5024736b2493571d7350a0ef42c6945e3a0949dc341e9aca5fe694fdeb24879d393b2409949faed19598b231eb87fcd8491de9119d23d18fd11553211749fa66cd599e4bb0b08d5d700a037dc0cec0024ea4c984d3702a31795d1df3d42b2b496437e70575363cead3cec0a7de04e16e444d5ff78711963bc2babec3d6c3f5aaf094bd8f7ad0f9db772ba91b183b2e9367c0a4d91f26d39b8fe94aa5b8cd44465d49c5a219964d2fa8f9e681801100b99c08f9a7ab643deaa15deee02bcd536f409be5606b4f4e7057bd26f8601c4e219827c91ae308b3c83e5002639f4218f60947488bd3644a9e2c10e807c6375e8877cf3e4969f858f187f0541dfef5d3ace337c1b624c8e0324d238c24fe953b64f8b85155399fc99c47715fa7ea23d799e5a315be53d75b42b3ce26c7256fc0ab247280b6900d2b6d491c8a4b7eb6ae121dd059b6315a0369f5a2944e1800f11e3410b2ab1d818bd24313af088248aacb3e99044f4bf6cac1aed49e1b1a52c3347a5d35265906966fcf625fda8718cf0de515088299bee9602394233ea8f8dd81aa8ea0fcd826fd402db94e6bdf10e75c5d51766d18ad30ae6ed07f54cb0f5e2898fe78f9fb5aeda1ba3dbf0c89e71d56bd17b0cd3bbd1e345ac06f3550e7ebfae15d4e0fe26a1c154642b5047c8ec9eff434c2b688fe211ff9d286cacac55663831767da72c75780e7d2033236bbef16c166f37526a5153b872277d6a89499a8295bec56b53c793f7c6139a87ad2416e48f99f0a83baf19b8aae69ec5e3bebfc15026e652a07bf32ce0e0b3ed02cf69cbe5a05b6908f640e1b0d6a10ab448d2c9a7898a1f45869b1fcbf6ea125458c5132a77be74e749f0f22e3f2e1cf26a6e4c47865485de6b11ab843d2794f91f00c7fae56d9c607d83bf881a43b6273f1081bde3695b66b3eca7586b54a78a35faadb48da51bd55846d4a21271f3aaf13260126d659ed42deaa0b8cc4437ff648c2507003fe202845b1607ad59d117b5561940d0f37ded1f8e0ff099435f95692ec9faeecb8e0ec358340ef6dcd4f9b1231a0990de1dd5c89a10934783f880f0bb3ad48b97160cfe6f07ace53834337658b1fcb1e9ee9649fc6896612a3940c03da341ebc47a5f3acd0ec9359a9b4c903d9960204720337732ffb8d12093e6721e5435d8e31c97495eb43a605d1663eb57e5bfca36faef980ebfe7f2b69167ee160546c3ecd7ae48aa6d588e46d3660aa7519940cb5770800e680728bdd15a6b08c87ea36c91fb92964d8df0b07e9003d147ef054f6d6f165214882cd22e200860ee8659467ffb9c5346d09c4dd5b69b193bb9df3e7e33937d770e929b957d56a51bf05761240a8148d8e9997dea6332ac31f95a65cf4c6981523c0556ca5d0794a76ac9f98e6c8322c7522483d3ed6d83d6b409bb4efde2c634c8f4b4cee26e77f831706268f0e0af8818899433ee627a4a21632a4dc5e61912e39caed7a609e2292d0884a5c0798fa86e89b638b8ff6e537721eaea1b208f323a197c6388ea8f80e58b88d6024576d028247dcce94caa50cab28010910f58dbd56d84c9d555586d54f71da14c425081e7645c3fda0271acc30b2e409f41407181f315f3f87cee37ea89e807068a38b94fa6eea18f192c58ef64f60c0deebf772e41deb34ef9cfb6e74a6f5763aff802eb2a368677f3d1087811788c0597bc1f3dbbaea12e7caf44b3775325c82486abb73daf8d00eba3eda244dd3f901b2ccc16112e770964f9a61766f7c54ccf28096c7fbb7d096e88528bd4246042582b7a33a7cb0e09e71b37645a2591a743b6684739e75ec014ce8a66970e3796db8067545dc094987a88814a60462dd121fd21c03c6dc58dfc2323f9208672c44e898042b2e94ca1e6c9684143aff8ae74549d2917ee7514ab049911c3a85e9f9d560a18ab1cfebda4877edc62c98d0e001704c10ea2b83f2d07551f3ee5b3eb48abe6e2119e9cff18a5b29888868d7b6c5009a71b8e618435154f5732a91c7e3989f08a6f39d413ae6d6231d3808d566ba3f9d88b57429ea6df8e811e455eef726fe0f4a1bb9e758ef817cb64e927d5b00514ad838f14acd6cd48847fcfc3a6d78c8ed4750e09f908b321900ed6d8d22669babdc690bf7adaabe9ac66d466dc9ee4b1363eaedc866a5c0fabd15320fd969efc16807c82a92223d416a3d8592524bbc5fbe2cf64b56530bfe1c7bb18b8deb36a01d24724c645ac81dcb02f9396537339261607cbcd22a48decf3aff2f6e615dba4c686d6b924bd7d72fd91acda74a91d92dde5d0e48ca43609742c993e4e256e93acdf0a6137eea8e207af8e732813faa16fe648c12257345ea3e3a52c7af119709949579c6e6b1dd48272a2ae0a9f8a23237e164b13b6fadadf09ac62f50ab114083b2221befe3814b2e3119cae4779675c542c97f71333859ec092a140f3564550e195a0e63bbc23faa5886815218607c27788919b0db8d16d86d64dde91db34c2169e222661a286871be4c7929e98fc9b79deb9499193341bbe3815d5a1d0db6dc526cf5873d420245d58b7b9b5dcb8c522aafe5867d74c6ac9a17dabcf7302aa6fcf505952d204be074b34e5abc97c2f495088c0ebc3e8d3757c63bf5ce0b9e294113956742f611154f24b226148826fd48fbdd45c21d7978f39f090ddf0567a3ca5e5b3160acd17abc274beb57acc54407885e9b93809293481b0704ad3360f357345e4455055e416a8f4b6fa33cc59e5eb3e65d7ad61837a211702a8c8a2119993c250adc8be823ea84ab900225d3007f9c6a83dda9ade3ff212b4b308870a14945a9e4c32726a51abdb4c26d567e4ede0ad4699d344aa8720f5b81fc8a29623fcbda6ea64eb7b8a050fd7cf1c4a6e962a4c908893750614714f6b8b762353dd188498d713b17a7aaeaa84b59571960b3ab5c8703f39094b3308bdce626048dace80cca1eb561b2d6f790939a4e811b469d8037be3e1db97da729ea068900ceec32b34aa982abc3a521b4770931f67be1a7b96651f00b4315188ea1e78c9fff27eb2e1a973c4b0f0b45dac55d8d226dff20b1572f7d2883064a12829b74c137907bd316b95e838bccbd424a971e93dda0395e972324404d70d8f0a919ffa522f9f0ffbe34aaaf2305495c0203ba687e27e1f6686b73cea1c7cf6702894cf3d3b6830b5501fe14a6db31a26ae54786d53d6b6b1d3aad656107e26cc66966fb13b894f19646d55b74c352b944343ec21ad6f0f74a1c444f427ecfb1a89e3248690b8e84ac99d455818b12097e4f3d27880750f98cc5db1720c1bee9ddbfbe6522cac21f0859439de92b3482a44d624d7d06b698e857259dcf17b4e0ae46e66ffafd78f3aa6016afcbf5e6c10369c040aeba80dbdc7dfb3e8f44f28bc184c00e48e8e73ef6a86435e0de90b3dc6d63eebaaf1d719b8f5dd8d516d602d1f588342f52f4c5ee877b6dad464494cf2a5e7956402c8a9f453695eb51f8b310463547d4f14590a19d44398f7222ff152140fcee1ec746c1dbbe23a2b20e573b076b5e32dc731367053cee8ac903baceaf4e910b6c052e9ee5a4916cb1d2465fae563aee198bafc02288fedfe0534210032ef559c79ef26c6c5f1cfd86338d35de55586b570bfbd3c5f47829c71a6fb3ce7142b7f57602525647b854b2b65d3a06cfde70ddb135ccb3ec8031de768157343dfd333daf3bac3ca3ec0ff876c68f2e66d48d48e1254f270ede3e101521d262edcfd2afb6717cd1c077f6e0fc9f8875af0e2237040e5d079592d979ed4dd518ae20c1f4357e32ea4908e9115a7da9f261f18ba2bbe78050e110bfdcb7699d1086a37acce33c741c9524db44703e9b583b1d6598f3673411e10a3b1d067fcc424ca1298caaabe29198875ea7f0c4d691c14014d94cd1ddfe16bd2ee89cd3b4c839c95d639dda42d42dcff4c4db965643607621874f1bd7fd79305e2a041ced7e4233eb177822d2e472d66fa8e0fc6c0fa851ff4ac74d37171b821246e23580f046d3704d5d64574794a63ff93e1ce900b245094af0cb14507aee8386551142818d951bdc48de606a294d88244b4ceace2f41a5d82f3572718818bf62a1cafabdf081bb7e402b418366515d0dd1bdc014bb46db5134631b4137420308ea6aeec59d3715733080c4281eb6549853cafd838dc0fb94033dc7767822242da40ebb1c4feef8424b943ea5eeb03864bd55b083708190f3b08d9c8acc612ab21583986ba8d9d7e664dfe52f50704f3d98c8048c50859a10bba15446d78965ff5bdd324a708bef324ad8613bd6fbd404fb6ec94cfc692c52297c51ce41db164969aac0a4bcc6c65e01ee611e93548256dd246312b6272530a819b0172df2488297f62dbd0c9670c6818928e53abe44209e1d4cfc5e89bfe360b47994362f6f43b40ccc2791cdb11e699fb0b8e1e7a065ccb4cf98bc7bbe978c08f0f959093deb765b4009c3891944da9b91d19e85aee2efe7a950065bd8b77a13f1460b9018776d858c3167634c516396c953098c04c9662471aea41e04c6b8fd44b0a85094db19baff2b80b10e9acfaf7a6b62881aaae4232d11e0dd27e9778abb4d841cd05d969fb89e43532157652d6f5d02b3421751adf94769cb00dbe4b1d77ab239fa3c8b7de0a2bd1279df8efe8bad4fc0aac06d05df944c0c2eab19cb39425c86c88b7e988f4fe077261f8e9d98f6f31d1f86780502fbc2125fc9b536005218ce7188d6a976afc3dfa3dfec8abb58ae8caa49577e97eefd216fbda86f873f9259a6e0f452d586c5abed4dbdb398a7542ae44aea0a402cadc344f02a418d29e94001b472aa2301cca78326ba5efd63cfc8a22ed7e26af85bb2c3d09201a2ad63a0dc812870d7f02386a9261bd15b85ec4b89569446964e8660be3d2c77f734418d1269eaa8a5ff33bfea4d9529577e0e3084d017f4792e7d26993dc04221028411facc75eed12da3ac5b6804b91e219ed11aa20b56a463e52ea455ca807e96af15cc3c823063967e8f4e316cb8d9f63116c25e0779016e73a8b68d0d567503cf73ee4ecf18121f73445e6a3f587117f284eb85e12f1bffd1716ae6ad2b2855681ddf350a1060abc599f8b499aa6550c2680c1a40db35c7255df06f7130d192d2047c061689c9186aec53aa9609ab5e3b766e924fbd9fd1eff20e06ba1f71da727a745df5aaaefce3641156de9b50108e7b96eed8d5bcd928e1d82b406a761b66084b4a24f59f679ecc795569bae6dd5bb7d17aae756d2679e36a09ea856591a55b8f3d53506e280c377f27dcdd30d92be1e2df1eaa31626af24766569612b0774c1bfb3b680e4ca7866b63d96223bf882304eaa42f3ee7797c53c57bf5ff19b1b758783797980bd7217007fc83d37822b3df2250f3df07a47345f72eb1798246c5e1ec0", 0x1000}, {&(0x7f0000001140)="22f7243762c87c1d79bea1ed261fc3a02fcab2dc5f4faa5f534d2d28215a9cd6f52f2d8d0040c882b18aa3520d30357da66d675ed766115179abc948788317de2e9af2d8f5dfcde2", 0x48}], 0x4, &(0x7f0000001200)}}, {{&(0x7f0000001240)={0x2, 0x4e23, @local}, 0x10, &(0x7f00000012c0)=[{&(0x7f0000001280)="1ed2acf0d705916018c94431664f791f0ec52f896711f432dd69ceeed78eefff46d984f8570b8dcb1b4b5fbb324a80051a2c8bcd48c890e8a11b4e0fa8936f29", 0x40}], 0x1, &(0x7f0000001440)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x5}}, @ip_retopts={{0x18, 0x0, 0x7, {[@generic={0x83, 0x5, "7938d0"}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @rand_addr=0x8, @rand_addr=0x8001}}}], 0x50}}, {{&(0x7f00000014c0)={0x2, 0x200, @loopback}, 0x10, &(0x7f0000003880)=[{&(0x7f0000002700)="dcdc464aef09da6b079fd5733ac4712def175d3f5e7f6785288b7df42a9af92b9dbfb9b6fc2aee8fa4c4d67253b8683af985d7810f69fef7db9c50fbba0b620667c443d02fd2db54b634bb3d0c9099aa9025c981def85318dcdcb3a53cfeb50d1bc8516126d6abc447c036a7a10e22ad4935e555d000a1fe6d24527d11947f546a56383fe154f977b7cc50575189811b5d1f9f0bee7bbd97c2a900000000406a8e9131bf8b48e6644f14a565f09f8d6bba1dd31fb6f5a6e42845c393e0f7d30e70086d394fc04e00"/212, 0xd4}, {&(0x7f0000001500)="e098e1ae938e92e356c7df0e00bc346f83b93b06a2cd26d4ed88d89269510667c42a949fb9c9eda78c7b110c9c89b035dfb3127326492d36d3af1896057ed639cf9d", 0x42}, {&(0x7f0000001600)="d1e621c215225e08ba6b701ee8af6712ce14a3a9223b1d16f9233b4a0cbaa1025d6b69f967417e8f4b03f03dd0a6fd6b40697053ddaaeb30f19df5eafead98ac82f071e6c9a6aa75349334dd5aed1dcefe1c4103244d3b0d3833e1dd4eff4af7aa6754ccccc0940e9220683898631f533f26b38c4e093b652c328f1bf7006419d789cfb307c4759eab6fd81716b66a7e9d57a19f64af2213505978e7", 0x9c}, {&(0x7f0000002800)="e260e300e3b72df0badc47b38d8023a80f98f4210eaac9a7a8198739911202d1326109f6713062ebdc456a6b81abe4c86fb12d06578567f55708109ebb72a713910bd4bc35484db1a246f374378ef60c3a4c97e45ac0ca44254cef", 0x5b}, {&(0x7f0000001580)="70c6a61f01cde0141d727fa4f691a3176802994433", 0x15}, {&(0x7f0000002880)="afd3a7f3355c16e8a8dce027739d81865ed159461627caf959779da5970d0902bd62b6ee1dadaf394667346e943e4c2f24f4da39cb09fd89d321d370f31e61fd27e608f49b185d68d8e24869f748dec3dd04373826c286a124729db012a24e52a441a477911744d4e85eda5ea22c1a5192da6a380786454fb33e71aa703460d9d0465497fe87b4f4c95ba67d2469bd67b51048eafc1ec0a7e5c6fdf1829149199d82c0ba7e4521b1d3a1b9a418488b64e20889fd13fef15d635923bce2245490d06ed95803012e2a8723ef8af19894e8b72680a0ee74eed0170c0430984076521c6d6797edd89c7d518aed3220a655632d0393e555de9d01cb6d88c13205a0cf206c84b8e6d72a84c5fc912b2789dacba4b08fdb62b91652ee4ba906fc60255918c72360aedb525f9912408b4d24891a0e59eb6723fd61c1ac6db161a467ed65c62973b1739ba696a570f2b991b633835b2fa07465b9010dcfeab05c0ca16b1ae1f4fe5b7471cf404227cf091a0c0990d1338da868cee8ebd2539f44cff50ac53cc2cb072ef184f2e85fc0621b57fd0683467ae7ccdbe1a1129859c3be288d0ba2c3497ccbd96cc0f1dc7164454f5e09aeab15e123b7dd84d126e1df58a496959f4834bb8c2ef6f2c27d30ac8b962c19066f1949301b17e49505c1462c91fd430aca77da18d5230d2bf96de8317cf7a343d64aaf4a7a59c0256122e1542e511e0ad61c1b1fe6f09fd3fece92b7a43602bafdb1ee2368820e4d35aebe317e0f41c0fcb8a07a1e2bbd667f567ec231a9730abb0e16d4e569496bd45fd86fa8e4535e34a6dbc0d812d187538db22e857b0bd845ce694217b20e993eb425cc7d4ce2570323d5d17ba2a9e9af1224fa8d27c9ec3a3b14833f6a28b8e0cc6717230ec6f28722ab5517072f5206c233821b252fb917fc96112b7b5814bbcfb4817d5425ec8c3a16002a44ba845a01510c9ceb6b0fdafc6f3e517b91328f8d840694a2024b5323a6f9678cc6e3ab85830c73f5286f0a803c42d27ea9303427a1e0ec6ffd5f5a0618d0e40fe1403c82e5afe9f8b35453b473f8d97d08d429ebef797a9594260491c8f56b2b2c62de053b29df92342694d3301a114453f8f6bbb1b70b3507709456b5ef52930a323cc0a057c667c667409ca71469ef43ca6ab0efbe3884c5e07252fbef7162bbd358077f7ec50b1256f219fbb95ed9de3e1014bfb8ce549c775cfeb4416c9c780b2a6adcafa748f192e6df858fe7ce91f593b60e841fe640910f9be9f0d59e043af86b198ba03e1d20ddee45a8b6d8b49c0367679b6f81eb592dc86f32b7c220c80674616bb400b0548c01a0d0013714a435b70df377b6cd5f0d3671e00d92beb80298a8910f247335d8fb8b75e1525e1a83ef5479163832eb3b12ae2ec6c56608f09642f8def3f343da42d2f4b28621799a00400e3df49b769dcf7f4d64996ee5468d303fd784443f3ce5b480d2f0fc5243bd5ee0bf75327c5b50605f100306d129a24747e3253b768add86d107372810f382ec3154097191de1bb57d37761b3c3753e26cb5dcc79c2a219d754832881df6395badd0e316e8730d39e2aafdacdd0da3cc64efd10f9a294b221dc37be9aeb9e99b5abee809ed4b865aa4baa534104c1178402d93f1fb9f2670cf591f0ad89ad0dbc170f39c51c6b9af1ebb88600729b696ed167b593127960a87e5c65c5f7d2b41deb79758b47762d21b72ab20c4b659b19b1a40a3079b22b9b04b364a9e8469b0cba0d616fa578351a27d10a564dcb771709e46f249e7d223daa91fd921d8a517bf4d03df7f7ef042fc386c0a7c7bec0cddfaa80475730d0ed1c8f6ccfd72cb94c5e1d9d09762e2de1c0c99d4a7d8c7c9d1d5e8e43cfd989233ddb9343af8ca8333b7e184967ca3ae6ae1e9786593d932d629075ec54552138efa404b442827cc5d024903cb2df31609a07494662231633b40040aaabca3274a26fef6a399bf5bd89af642a4f0de3b74b0cead256e5a4061c28550498af39bc393fd6f9fc13ccfb1c4f373634d9a15e13215f363e0194fa0cd82498f6bc2730df89ac7711ce96f6541b2f2b630dcd877235dd187c959dae827a82a3e93fdf2b9ea03a1b37ac5ddd1815ad1b2a384128e4e4f71420a9ef55009bdf6f4e99d2c077b31ada9cc4452e1f1899f1f115704da9dcae7df963910ccc0fe586c801ec043334c113f3389df8394c70812abe4ed1c6387aece961b5ca3e9550fa892ed58c06f6bb357972c40e00a08d3204eacc659f844c125d13bc36226aa245fd84f9761f103631265d3e76fcbc47efc95c59f7828682591d15967a4e146893fb1e273e9fa9dc7d824811223b0728166fa1c02384e2ccf2045e0063ffdd56dcd8276b043acd9dea1a85b8b956b34162f653f70d33aae3aa7f3a3a8848e8c8f9e85eb105d13ba32ea9d3bc71f84e36bbc9ca4a41e0ba577d515e94e5f36514d1b0152f99bf20c0c8b7065b498d1309576c5eda2ac5f1e14edc4f3060b64735671d813546cae58280b12e5606643a60ebcad98bbe790db39d75f6231695c4bbbc6b61cdee9a0f92a640bd818c76318b2d0cf533933ef5411c898e524fac437cfa33464943852ad26333846e6fc79ff4f672ce38fd5d014cf900f099dde26fc51bbf271877078d26599cae8fb1165062aa24f1a4ccfcefb7fdeff72b1e118d03af209a397686ef566985d651e497eb1ddec2290fe8083ce459f9fed52e70b95ae7ffe8d50e0f18267c7ebc914bd20826ce97031e1912c243e717ada32b49ccaf95c8178ce6a1385f262cfbf00aace9158bd919cf4b1d2a821551b007707238e8e2760c4efca1c0248109470c1e85679f53dfa3dc7a96a9f327be5b1c7761e217a1f6961b036aacfbed52994a5cafed8d7a40ceef58681a1bc092461862de88d367a7f21a6b481584d56c0cfc7731c4f02eba28e9302477280f3bde5c040708e5745cec10d233690088b8e76b6a55596ea722847f3e388c3f030d22e97f0ba70f4380558eb0b077ebd9bd461ea8e68c51c6312f64c243a60b2fcd3dab4bb0fbe73abc0105e801ce03bb267dff545a821e2e6d6f7bffaef1cc3fdb3b909079e8d5a70d97a506deb3626dcccdfce5cf0dfb5fd2cc5e64924b3a73803ae2b3a6844e144390793d2949036a445624afe791bc78e2221f0f7d33917c4bb3664e2f058d1099f0586ee4e9a8045d62d232779a5f5894463fc3df7ec228ef19aafbfbec34778b3aa8073824840dad6704633aa3450df5fd935eae4e476b179d11933578e765c8f1c4c0840b38b5944ec810a115449d21e233fb259f92d623f0f2efec4696a043e9b2a850e53fdf059717e927006041d33706e6c424b7ecd7f94821b19ab07c3857cb3a23cb1ce02153294da97c92da2d1c13f7ce640551dfd05ca47da238bd380f1e0ec1e64c5bdd4eca218d4c18e43fefa434ed42da9d4988cd9ba7d77c5174b6b3012a81550fc449ab68307eef5865469502181bac635e56abdf559429ba76eb3355e1b8a4c7120fec0914192e7315f85d761ce136f3616f64462cfb40dd132b9895fec3ad2742ad980e294ce44f4999d8509bd94391f3328152fbd2824f4169443eec05eb40d570558d0412aadb7a9943bad97c1b9bbb50925e3fda491d2582e444870d74745717a7ce8c5b04c08f984cd1fb16109a759bcf3a5999f7baa970eee5cb5a10ac1d301f78578baa664410645942541cee3a220e89cb3eb266d7fe4a6183b0021a761245f81f4f04f13b17b033444f8baf3649b5f7d68cd43acc37875c1d4349716ecc579e696dc0f2e6213f3285f9e5883a3952c12a62c075c040b1e7adedcb9374a4f322e5067eaed5e3f4eb8d59845222bdb8b70f3fb27fade4074579f3f569b96d0f925ba75a5ad9ebbd870bfce86204cd5bacf4fb53da841be05f34209c6d7150c3ced84b19be4c8f1b3797bb037852e33e11e70ef3f1e6eea0a7040e37006fe0185060f722550b9fcde68a16897b7bc8340c114236fe6bf3c67cf3dce65ff1dff089fffc532b3f348251882879c037cd55d6d4097b9eb0d7f721cb931a7dfd57de36d4a8e29c00d944ce548d730fc5c82c1b648bf32590fc179c7dd661ba553e85492d104ca8547b4cf8bfdb2b29a797a58b70f6a4cde30fe8443e8cf51ffdfe6a670d1b1a062cf032bcebb0296d6251bc33d5000e04ec98c99027b5c8fb1f422279d18aa4a3bcd737861c55caa38cccd6a4bda572a706a12e18b6aa49b5b54c0b6233a209df8bb1ebc5b98f45c54a16117d3494648269e7fa7f6d4848c5a0deeed8e91def83ca2850dd920ebdd5e63eec6b96549c9e64ff8035b8eccac7b20e5b6e80d65759387bf0b8c2b06185670bcf6de48aa1a9404ef5bf9f3eddab8b57c158153fc54ce6b969e35e3ac047cf56162d7530c96656c7da7125354fcc6ddfcb8f13b848b538992892fb0f351da08ebada0966e833f5550820d44fce58801b55203e0f576dcee4b6e11899621d1af79cc523662d622b48cfd3f6344f72315f5621e675c724663fd1d35a5f277abbbd38b3f104d5c3870bd5fe070c5c369d81da03bf8f66521540e21bf434a3f31d2ddbfdb883e18c91f748bb362e6040b5d2b4e5e3b296bdceb6d472583249800f7b43d1ef07dcc607131e091902f0b491a1a48aeaf5974ab3a91a706942d072ff0390094bb993bfd47c100ebb6d92328ae951d17214f3628269eb1d9f4d4eed857ab56a9e3346054d3fc16aacc82a2af2769e2b153ee57b94fdc5f1ac87a0e268d6f4c643791a4968d718ae03ea9831a88324fe689eff15f5620f623c28bda2bf9be1b28e07aa2fa3d9403c91321f94fdb8df1bc13bbbf3c3c33b92375dbb4a10b417667264fdc3618561aabe0ee953fd1b719cb176916ca6bd9a57fc7004774f97262a3b520477fc5d51ad6664cd14d299e40d5ce390e69ccbda3a8b8a1c120ec99d3e8fb2b5075e3cdd6fe255ff0931a266f91df53c4607dee00896514817e86b5e25ec988089bda6fb130f5d52377e69d250fd091df9c639c009b9326063064de5898ae90a83e38d393236324defc5217d7193e05d40870bf22c6486112eff518e0f86e4cbfa13b08291b7e8f3043980dce90ca802d1c739058af9f28d743113e3d2cf89c14f639f7d2349e54d51b147bfedd432fcd461b9a4baacc1c08e7094fecb42f52d540585a7b85ef6f06fa11b0a6298e560e2ab949212fd02c786a0cd26b3a672d50c32c982dac114f94691e20c3ca637a1e48ccb78bfe58e56a8ba1348e6dd8adce824713ebf8d3c4c62471b1649e274174d0124f05cac9b726d939d63fd743517963ba4fcae7a49d29c3d63f9db3de71073fc051df5f9547309f0de678a6f3b67678ed7a2e63cd5d389773e9d349ba3cce6b99f8a457226d81de4a71dc355c2cc9505ac37d71605790df4e0519508f14b2fc4c5993d76ea355b1d911f25f5757cff47dfc7384ad4d6d6f1a44771c22da29aa0f822ead40168f27f7d52bbf0e97e19e4d5322e8deab72f15d5aeced866c474e88e0fe6761a684c555150fb9777e2c14071b860284ef45b67c26660d03667bfcdf09347059de475da6675a8a5deeabe227d0f3edb272db9fd4ee84bf28bfe7a09f8bb3f5261f7622d86a85fb5b0710acb95698caa7dcfff3bdf01b175cc90d25a23d36ae83adefc0e38dd94519ca3bb265161819ecc30702672b935293038eb59673723fc3583f34054ca6c303baa82095dbfdbf4d2b87025626b290100981e25192faf56315d2310ad68d896a02bb9441b3ce0ba3f3bbab7d8b46aa6f6a95", 0x1000}], 0x6, &(0x7f0000003900)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x5}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x80}}, @ip_retopts={{0x20, 0x0, 0x7, {[@cipso={0x86, 0x10, 0xfffffff9, [{0xa, 0xa, "24fda241a42b7504"}]}]}}}], 0x50}}], 0x3, 0x40c4910) [ 419.382808][ T3380] usb 1-1: config 0 has an invalid interface number: 86 but max is 0 [ 419.392736][ T3380] usb 1-1: config 0 has no interface number 0 [ 419.399110][ T3380] usb 1-1: New USB device found, idVendor=4348, idProduct=5523, bcdDevice=40.3a [ 419.408371][ T3380] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 419.419947][ T3380] usb 1-1: config 0 descriptor?? [ 419.470197][ T3380] usb 1-1: can't set config #0, error -71 [ 419.480443][ T3380] usb 1-1: USB disconnect, device number 23 [ 419.572603][ T31] usb 2-1: device descriptor read/64, error 18 [ 419.693193][ T31] usb usb2-port1: attempt power cycle 14:22:55 executing program 3 (fault-call:7 fault-nth:3): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:55 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000040)={0x66e, 0xb, 0x2, "d697d7d351c3a7ea57f6536c3985c5f8ed8e731cc84e158bb3e93e849fb7d14b", 0x20363159}) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") r2 = socket(0x10, 0x3, 0x0) write(r2, &(0x7f000018efdc)="140000004e001f0014f9f4070009040002000710", 0x14) 14:22:55 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0xf0b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0x24, 0x2, [@IFLA_VTI_LOCAL={0x8, 0x4, @multicast2}, @IFLA_VTI_REMOTE={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @vti_common_policy=[@IFLA_VTI_OKEY={0x8}, @IFLA_VTI_FWMARK={0x8}]]}}}]}, 0x50}}, 0x0) r1 = syz_open_dev$cec(&(0x7f00000000c0)='/dev/cec#\x00', 0x1, 0x2) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000100)={r4, 0x7, 0x8, 0x6, 0x5, 0x7fffffff}, &(0x7f0000000140)=0x14) [ 420.022897][ T32] audit: type=1804 audit(1571494975.075:85): pid=12913 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/89/file0/bus" dev="ramfs" ino=35327 res=1 [ 420.073457][T12913] FAULT_INJECTION: forcing a failure. [ 420.073457][T12913] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 420.086913][T12913] CPU: 1 PID: 12913 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 420.094875][T12913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.104998][T12913] Call Trace: [ 420.108360][T12913] dump_stack+0x191/0x1f0 [ 420.112770][T12913] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.118775][T12913] should_fail+0xa3f/0xa50 [ 420.123288][T12913] should_fail_alloc_page+0x1fb/0x270 [ 420.128744][T12913] __alloc_pages_nodemask+0x3c1/0x60c0 [ 420.134270][T12913] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 420.140397][T12913] ? __module_address+0x68/0x5e0 [ 420.145374][T12913] ? is_bpf_text_address+0x3c5/0x4b0 [ 420.150705][T12913] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 420.156803][T12913] ? is_bpf_text_address+0x47d/0x4b0 [ 420.162147][T12913] ? __kernel_text_address+0x24f/0x350 [ 420.167648][T12913] ? unwind_get_return_address+0x8c/0x130 [ 420.173392][T12913] ? arch_stack_walk+0x29a/0x3e0 [ 420.178379][T12913] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.184308][T12913] alloc_pages_current+0x68d/0x9a0 [ 420.189462][T12913] __page_cache_alloc+0x95/0x320 [ 420.194425][T12913] pagecache_get_page+0xaf1/0x1220 [ 420.199570][T12913] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.205504][T12913] filemap_fault+0x2632/0x2b70 [ 420.210312][T12913] ? kmsan_get_metadata+0x39/0x350 [ 420.215461][T12913] ? generic_file_read_iter+0x3e70/0x3e70 [ 420.221203][T12913] handle_mm_fault+0x71f5/0x9f70 [ 420.226188][T12913] ? filemap_fault+0x2b70/0x2b70 [ 420.231181][T12913] do_user_addr_fault+0x905/0x1510 [ 420.236355][T12913] __do_page_fault+0x1a2/0x410 [ 420.241148][T12913] do_page_fault+0xbb/0x500 [ 420.245702][T12913] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 420.251100][T12913] page_fault+0x4e/0x60 [ 420.255293][T12913] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 420.261909][T12913] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 420.281531][T12913] RSP: 0018:ffff88806112fb28 EFLAGS: 00010202 [ 420.287705][T12913] RAX: ffffffff849a5356 RBX: ffff88804fa58000 RCX: 0000000000003320 [ 420.295704][T12913] RDX: 0000000000003b60 RSI: 0000000020001000 RDI: ffff88804fa58840 [ 420.303694][T12913] RBP: ffff88806112fb98 R08: 0000000000000001 R09: ffff88806112f4ac [ 420.311680][T12913] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 420.319666][T12913] R13: 0000000000000000 R14: ffff8881a96ea7e8 R15: 0000000000003b60 [ 420.327699][T12913] ? stack_trace_save+0x1b0/0x1b0 [ 420.332757][T12913] ? _copy_from_user+0xd6/0x230 [ 420.337651][T12913] ? _copy_from_user+0x116/0x230 [ 420.342629][T12913] rw_copy_check_uvector+0x2a1/0x650 [ 420.348909][T12913] import_iovec+0x19f/0x660 [ 420.353486][T12913] do_readv+0x2de/0x710 [ 420.357686][T12913] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.363725][T12913] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 420.369841][T12913] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 420.375605][T12913] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.381566][T12913] __se_sys_readv+0x9b/0xb0 [ 420.386112][T12913] __x64_sys_readv+0x4a/0x70 [ 420.390730][T12913] do_syscall_64+0xb6/0x160 [ 420.395272][T12913] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 420.401214][T12913] RIP: 0033:0x459a59 [ 420.405136][T12913] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 420.424858][T12913] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 420.433309][T12913] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 420.441310][T12913] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 420.449305][T12913] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 420.457297][T12913] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 420.465285][T12913] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:22:55 executing program 2: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) shutdown(r0, 0x0) write$P9_RWRITE(0xffffffffffffffff, &(0x7f0000000000)={0xb, 0x77, 0x1, 0x5}, 0xb) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @rand_addr="fb783f75d4daa3ee6a8fb16688072970"}]}, &(0x7f0000000180)=0x10) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000480)={r1}, 0x8) 14:22:55 executing program 1: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r1, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4008ae89, &(0x7f0000000100)={0x7c, 0x0, [0x4b564d01, 0x0, 0x11e]}) sendmmsg$inet6(r0, &(0x7f0000005a80)=[{{&(0x7f0000000040)={0xa, 0x4e1e, 0x0, @local}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000080)='`', 0x1}], 0x1, 0x0, 0x144}}], 0x1, 0x5b6156946f3e7bdc) 14:22:55 executing program 0: syz_usb_connect(0x0, 0x48, &(0x7f0000001b80)={{0x12, 0x1, 0x0, 0x7e, 0x26, 0xf6, 0x20, 0x1519, 0x452, 0xca9a, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x36, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x54, 0x0, 0x4, 0xe, 0x73, 0x8d, 0x0, [], [{{0x9, 0x5, 0x8}}, {{0x9, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x20}}, {{0x9, 0x5, 0xc}}, {{0x9, 0x5, 0xee73dd15b2b98c8d}}]}}]}}]}}, 0x0) 14:22:55 executing program 3 (fault-call:7 fault-nth:4): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 420.620556][ T3380] usb 6-1: USB disconnect, device number 2 [ 420.700012][ T32] audit: type=1804 audit(1571494975.745:86): pid=12924 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/90/file0/bus" dev="ramfs" ino=34548 res=1 [ 420.728229][T12924] FAULT_INJECTION: forcing a failure. [ 420.728229][T12924] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 420.741476][T12924] CPU: 1 PID: 12924 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 420.749465][T12924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.759533][T12924] Call Trace: [ 420.762848][T12924] dump_stack+0x191/0x1f0 [ 420.767618][T12924] should_fail+0xa3f/0xa50 [ 420.772072][T12924] should_fail_alloc_page+0x1fb/0x270 [ 420.777468][T12924] __alloc_pages_nodemask+0x3c1/0x60c0 [ 420.782950][T12924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.788873][T12924] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 420.794867][T12924] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 420.801118][T12924] ? prep_new_page+0x792/0x9b0 [ 420.805894][T12924] ? get_page_from_freelist+0x11d3/0x19f0 [ 420.811643][T12924] kmsan_alloc_page+0xc3/0x370 [ 420.816413][T12924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.822314][T12924] __alloc_pages_nodemask+0x149d/0x60c0 [ 420.827852][T12924] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 420.833916][T12924] ? __module_address+0x68/0x5e0 [ 420.838846][T12924] ? is_bpf_text_address+0x3c5/0x4b0 [ 420.844130][T12924] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 420.850202][T12924] ? is_bpf_text_address+0x47d/0x4b0 [ 420.855491][T12924] ? __kernel_text_address+0x24f/0x350 [ 420.860961][T12924] ? arch_stack_walk+0x240/0x3e0 [ 420.865912][T12924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.871892][T12924] alloc_pages_current+0x68d/0x9a0 [ 420.877098][T12924] __page_cache_alloc+0x95/0x320 [ 420.882038][T12924] pagecache_get_page+0xaf1/0x1220 [ 420.887139][T12924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 420.893041][T12924] filemap_fault+0x2632/0x2b70 [ 420.897907][T12924] ? kmsan_get_metadata+0x39/0x350 [ 420.903114][T12924] ? generic_file_read_iter+0x3e70/0x3e70 [ 420.908835][T12924] handle_mm_fault+0x71f5/0x9f70 [ 420.913858][T12924] ? filemap_fault+0x2b70/0x2b70 [ 420.919152][T12924] do_user_addr_fault+0x905/0x1510 [ 420.924281][T12924] __do_page_fault+0x1a2/0x410 [ 420.929039][T12924] do_page_fault+0xbb/0x500 [ 420.933535][T12924] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 420.938902][T12924] page_fault+0x4e/0x60 [ 420.943049][T12924] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 420.949630][T12924] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 420.969227][T12924] RSP: 0018:ffff88806106fb28 EFLAGS: 00010202 [ 420.975285][T12924] RAX: ffffffff849a5356 RBX: ffff888061410000 RCX: 0000000000003320 [ 420.983244][T12924] RDX: 0000000000003b60 RSI: 0000000020001000 RDI: ffff888061410840 [ 420.991204][T12924] RBP: ffff88806106fb98 R08: 0000000000000001 R09: ffff88806106f4ac [ 420.999167][T12924] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 421.007144][T12924] R13: 0000000000000000 R14: ffff8881a96ea7e8 R15: 0000000000003b60 [ 421.015122][T12924] ? stack_trace_save+0x1b0/0x1b0 [ 421.020139][T12924] ? _copy_from_user+0xd6/0x230 [ 421.024990][T12924] ? _copy_from_user+0x116/0x230 [ 421.029924][T12924] rw_copy_check_uvector+0x2a1/0x650 [ 421.035297][T12924] import_iovec+0x19f/0x660 [ 421.039805][T12924] do_readv+0x2de/0x710 [ 421.044048][T12924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 421.049940][T12924] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 421.055998][T12924] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 421.061717][T12924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 421.067613][T12924] __se_sys_readv+0x9b/0xb0 [ 421.072110][T12924] __x64_sys_readv+0x4a/0x70 [ 421.076691][T12924] do_syscall_64+0xb6/0x160 [ 421.081201][T12924] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 421.087078][T12924] RIP: 0033:0x459a59 [ 421.090961][T12924] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 421.110639][T12924] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 421.119128][T12924] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 421.127098][T12924] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 421.135055][T12924] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 421.143027][T12924] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 14:22:56 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_hsr\x00'}) sendmsg$nl_route(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[]}, 0x1, 0x0, 0x0, 0x4}, 0x0) [ 421.151418][T12924] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:22:56 executing program 2: socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x40, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, @ipip={{0xc, 0x1, 'ipip\x00'}, {0x10, 0x2, [@tunl_policy=[@IFLA_IPTUN_ENCAP_DPORT={0x8}], @tunl_policy=[@IFLA_IPTUN_COLLECT_METADATA={0x4}]]}}}]}, 0x40}}, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x143040, 0x20) ioctl$KVM_GET_DEBUGREGS(r0, 0x8080aea1, &(0x7f00000000c0)) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f0000000040)=0x55f) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = eventfd(0x6) dup2(r1, r2) 14:22:56 executing program 5: r0 = syz_open_dev$dspn(&(0x7f0000000040)='\x00`\x00\x00\x00\t\x00\x00#\x00', 0x1, 0x20001) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) getpeername(r0, &(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000100)=0x80) sendfile(0xffffffffffffffff, r2, &(0x7f0000000200), 0x8) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000001, 0x13, r1, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$inet6_dccp_buf(r2, 0x21, 0xe, &(0x7f0000000280)=""/113, &(0x7f0000000300)=0x71) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$UFFDIO_UNREGISTER(r4, 0x8010aa01, &(0x7f0000000240)={&(0x7f0000708000/0x3000)=nil, 0x3000}) r5 = accept4$vsock_stream(r3, &(0x7f00000000c0)={0x28, 0x0, 0x2711}, 0x10, 0x0) ioctl$int_in(r0, 0x800000c0045009, &(0x7f0000000080)) fsetxattr$security_smack_transmute(r5, &(0x7f0000000340)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000380)='TRUE', 0x4, 0x0) 14:22:56 executing program 3 (fault-call:7 fault-nth:5): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 421.322161][T11495] usb 1-1: new high-speed USB device number 24 using dummy_hcd 14:22:56 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$int_in(0xffffffffffffffff, 0xc0000800005000, 0x0) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000140)={[0x1f, 0xffffffff, 0x8, 0x9ed, 0x0, 0x7, 0xb, 0x2, 0x7, 0x1ce, 0x10001, 0xffffffffffff8000, 0x6, 0x3, 0x8], 0x0, 0x1040}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00'}) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) readahead(r1, 0x1, 0xffffffffffffffff) unshare(0x40000400) r2 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x880) ioctl$KVM_GET_CLOCK(r2, 0x8030ae7c, &(0x7f0000000080)) 14:22:56 executing program 4: r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e0000001e000507ed0080648c6394f21131d200100003402c00000001000080000000011400f88000f01700d0bd", 0x2e}], 0x1}, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x20500, 0x0) ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0) 14:22:56 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/userio\x00', 0x136202, 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl(r0, 0x40, &(0x7f0000000240)="0800b5055e0bcfe87b0071ced240809acb668dffb0a70ad7563d1f334436722552025e5a30f73272550f87018b1a304e0e5937070e95fa3bb78a9d85f60ce3685f435c98781c128a2e43f55b182ce611c4607c918de589e203259eeb58067dd47fd69b30b93562c4c57ca7e9f0feecd4caf3e78c15063ddc72a882868a7db11c40c21fe53be87d6a5fe522343c4471cb6e06c82674f6a508808d4ec61b51653a0e425c9a365a74ecba2a7304fc06cec9ef701672c7fc1048001a1182fe73fe4fed9f2ae659bc565ef88e299bdfaefabcddb13c3c48") r1 = socket$inet(0x10, 0x80003, 0x0) sendmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="24000000150007041dfffd946f6105000200000a1f0000030028080008000a00e9110000280000001100ffffba16a0aa1c0900000000000012000000000000eff24d8238cfa47e23f7efbf54", 0x4c}], 0x1}, 0x0) [ 421.490629][ T32] audit: type=1804 audit(1571494976.535:87): pid=12948 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/91/file0/bus" dev="ramfs" ino=35459 res=1 [ 421.520608][T12948] FAULT_INJECTION: forcing a failure. [ 421.520608][T12948] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 421.536094][T12948] CPU: 0 PID: 12948 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 421.543971][T12948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.554014][T12948] Call Trace: [ 421.557304][T12948] dump_stack+0x191/0x1f0 [ 421.561630][T12948] should_fail+0xa3f/0xa50 [ 421.566056][T12948] should_fail_alloc_page+0x1fb/0x270 [ 421.571420][T12948] __alloc_pages_nodemask+0x3c1/0x60c0 [ 421.576875][T12948] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 421.582771][T12948] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 421.588754][T12948] ? prep_new_page+0x792/0x9b0 [ 421.593525][T12948] ? get_page_from_freelist+0x11d3/0x19f0 [ 421.599373][T12948] kmsan_alloc_page+0x131/0x370 [ 421.604239][T12948] __alloc_pages_nodemask+0x149d/0x60c0 [ 421.609789][T12948] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 421.615858][T12948] ? __module_address+0x68/0x5e0 [ 421.620787][T12948] ? is_bpf_text_address+0x3c5/0x4b0 [ 421.626072][T12948] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 421.632130][T12948] ? is_bpf_text_address+0x47d/0x4b0 [ 421.637421][T12948] ? __kernel_text_address+0x24f/0x350 [ 421.642877][T12948] ? arch_stack_walk+0x240/0x3e0 [ 421.647903][T12948] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 421.653790][T12948] alloc_pages_current+0x68d/0x9a0 [ 421.658905][T12948] __page_cache_alloc+0x95/0x320 [ 421.663850][T12948] pagecache_get_page+0xaf1/0x1220 [ 421.668959][T12948] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 421.674866][T12948] filemap_fault+0x2632/0x2b70 [ 421.679629][T12948] ? kmsan_get_metadata+0x39/0x350 [ 421.684738][T12948] ? generic_file_read_iter+0x3e70/0x3e70 [ 421.690447][T12948] handle_mm_fault+0x71f5/0x9f70 [ 421.695381][T12948] ? filemap_fault+0x2b70/0x2b70 [ 421.700324][T12948] do_user_addr_fault+0x905/0x1510 [ 421.705444][T12948] __do_page_fault+0x1a2/0x410 [ 421.710203][T12948] do_page_fault+0xbb/0x500 [ 421.714963][T12948] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 421.720500][T12948] page_fault+0x4e/0x60 [ 421.724656][T12948] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 421.731228][T12948] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 421.751006][T12948] RSP: 0018:ffff88805fa2fb28 EFLAGS: 00010202 [ 421.757087][T12948] RAX: ffffffff849a5356 RBX: ffff88805c8a0000 RCX: 0000000000003320 [ 421.765049][T12948] RDX: 0000000000003b60 RSI: 0000000020001000 RDI: ffff88805c8a0840 [ 421.773006][T12948] RBP: ffff88805fa2fb98 R08: 0000000000000001 R09: ffff88805fa2f4ac [ 421.780968][T12948] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 421.789189][T12948] R13: 0000000000000000 R14: ffff8881a96ee468 R15: 0000000000003b60 [ 421.797166][T12948] ? stack_trace_save+0x1b0/0x1b0 [ 421.802179][T12948] ? _copy_from_user+0xd6/0x230 [ 421.807025][T12948] ? _copy_from_user+0x116/0x230 [ 421.811961][T12948] rw_copy_check_uvector+0x2a1/0x650 [ 421.817684][T12948] import_iovec+0x19f/0x660 [ 421.822192][T12948] do_readv+0x2de/0x710 [ 421.826359][T12948] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 421.832263][T12948] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 421.838339][T12948] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 421.844063][T12948] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 421.849954][T12948] __se_sys_readv+0x9b/0xb0 [ 421.854456][T12948] __x64_sys_readv+0x4a/0x70 [ 421.859037][T12948] do_syscall_64+0xb6/0x160 [ 421.863545][T12948] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 421.869786][T12948] RIP: 0033:0x459a59 [ 421.873819][T12948] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 421.893434][T12948] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 421.902016][T12948] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 421.910062][T12948] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 421.918637][T12948] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 421.927474][T12948] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 421.935435][T12948] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 421.982985][T11495] usb 1-1: Using ep0 maxpacket: 32 [ 421.999727][T12926] kvm [12925]: vcpu0, guest rIP: 0xfff0 ignored wrmsr: 0x11e data 0x0 [ 422.024534][T12954] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 422.032747][T12954] netlink: 10 bytes leftover after parsing attributes in process `syz-executor.4'. [ 422.060210][T12952] IPVS: ftp: loaded support on port[0] = 21 14:22:57 executing program 3 (fault-call:7 fault-nth:6): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:57 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x2e6, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56a, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x22}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000002c0)={0x2c, &(0x7f00000003c0)=ANY=[@ANYBLOB="0000220000002200f22fea542b2368bdf1cbd052f37fec00"/40], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x72, 0x2000) 14:22:57 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000080)=0x400000000008002, 0x4) setsockopt$inet6_int(r0, 0x29, 0x3e, &(0x7f00000003c0)=0x3, 0x4) sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000400)="8122f0126b069798c4974d76a800843360d64d3746b948091dccc951673ae22189d21ee42b5ce8ab8612161e11256192bc2fe33243a7098662c0faa8e5906c4030a54a15a5c46f1b434fc97b064881acfa13dd74e25567cf4212376a787626b3cfd9bb03c1cf735fbaba5f87d80e008293b69a98be3caac5059b120680950738a2d8f22980f18b1fa214800585171aa955c5872bea9b56fe7dfc2f243fcb87ce49f0c2846b6912181051ddffef4efcbad81b16258abf1b9571a3446167ec2162d03cf5af279cf3f818fe440621fa73154a1dd13b793c294115d5fed15aac1d3a7f7e477a4b3370d0bbd34c5dbb650baf315d7c336195f5246f24d88f2b0b3a41a16cc052cf4e93dcdc7ddfae2b2f533655e8967aba12edd2d827d1f67c3fdc2ee7f4388bcba59db511fc5ff4126cefc500b992fa62e7d73162bd4ef0f0f739ce8e4db05694f5c639072f4b53476cc01bad7d3d87286cbc3a912337f580992adfb97dd8e6b94f4f17d72adb141d42fe7c1894d24546cd4efe5fb258002b742bd7f9a9e6c72b2113d2fcbbbed6ee210700cd80c52868cba441f1b928414b8d02cef609d7ba4baaea247359c80a0f52c2dffa0d45657538b0ae0d390cfe0a370c038cdf2d7f95295f16b1160277b83eff71f2fb5fb73f0e89cf48a6c479f963affa38cd5d3bac156662d66542ad2b932214d9e2ea323f5515b8b21a4affc221a6af1700cdb608a165e1c3997cafb60e2fff1b4df8b687e8454711f5e2b19e09536c3cc20d1324a6050690559fddf6640e13289e22d523db0dd41398646ecde132ab8cd1243db1bc80438a28a8aafe0dad21f8a795179b4814cdc3ca740cf61388423d9e90a98dc00580d1de9adff505cc8ab607b41f9f02596ce4a17c424e0064874e3679fda12f79d51075d06a268d07e807dcdb296f34a87593f763a3665b6238a518966aecd7e7e790ba342f8acd3afce2d37dba0fb3792c36aac34081350591b9b6100734e9986b696dc0e40d0bbaa0ba2678ebbc40ef65b1c41d830cc077a14ae424dfa8cb2d2ce4c9ab4a90140c05bfc0f847d60314e35e058a8179b2616c049c67559b516d25099019394ebfdc7fcb2e2657762436d78408fae39bd771ff3b11fc20527ae05e4656fc04ac121e9d890dfe864f4ee81adc8f26f98a149f8d9270186e0994acc9a85ff520d3d9916409080586d3a6e0ef6762b7d3b5384f4f8eb8fa64662f25f04ba278a03b4a4ade2bd4184abc7b92dda8a3d5161ed233b47eee927fc43db76a6944958eaf3ec56540e030dce47860dc935e66c162605b9535b832701f366eafa4de4aaa10277610b6e39fbed7a811780bc8afb5c8b4acf37abbb937095ecb515712bee0837fb11e268bfb57d583e7f71dc16eec5939e3b349a0eda30dd013eb206f9b0ba514c045210f0d8cab4d0d1ee50c0bf7d893e2020e967a44f1c028883c260f99d43b925c794a01dc8e4cff7b5f158f24715ac2695ff8aebc81d63be8ee877fb3229b4963fb9bc83c2fdb4a29040acff5675c0c576ae649ab9cb5b0bf801f3c528dac2878707ca257c31e4c5fe3f25eb8427a88a865d6bf0e283887a488e3116ee2e4376a9c866e814dac7636e62d5317a98eb787a138e73df1c28223334780cc7b2ce65c53a1c4b65bd111ca03ceb26370e2e95236651ee19865bbeb043b0965ce0f82533dcbd0ceb93304317a19ea41be9969b4ae468c2c7fdc29e357a5a7a5ba953f63fa2eda593963cbaff2d3550ce0e807ff549f899d864e59f76ded2c95796021eb9025ca5dd8b545a6e284130266074d665db77af96493359ed9193c95c4128fc5d68c518af76bec5e32006791cedacd4c128a5136c526b769e91ffa9c302bfb7d90d8e36afd703bedac0b0a8c739a3c93481f7b71075c072ef2b05560097361cb18632e1faeb1990ec40aa0b605ee192c14d7d23ea9304455effd2cac771ffa53d78c2e36325e0f0cac83c7ad4653e4737c99a7c1fc2d0abd8ce232ff29c82c40949fbf368bdadc5eb2", 0x599}], 0x1}}], 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000040), 0x4) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0xffffffffffffff38, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e20, 0x3ff, @local, 0xec}, 0xffffffffffffffbe) shutdown(r0, 0x0) recvfrom$inet6(r0, 0x0, 0xffffffffffffff7b, 0x10003, 0x0, 0x456) [ 422.442548][ T32] audit: type=1804 audit(1571494977.485:88): pid=12964 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/92/file0/bus" dev="ramfs" ino=34692 res=1 [ 422.476257][T12964] FAULT_INJECTION: forcing a failure. [ 422.476257][T12964] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 422.489941][T12964] CPU: 1 PID: 12964 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 422.497874][T12964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.507976][T12964] Call Trace: [ 422.511328][T12964] dump_stack+0x191/0x1f0 [ 422.515721][T12964] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 422.521764][T12964] should_fail+0xa3f/0xa50 [ 422.526272][T12964] should_fail_alloc_page+0x1fb/0x270 [ 422.531714][T12964] __alloc_pages_nodemask+0x3c1/0x60c0 [ 422.537251][T12964] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 422.543209][T12964] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 422.549334][T12964] ? memcg_check_events+0x74/0xf20 [ 422.554507][T12964] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 422.560464][T12964] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 422.566750][T12964] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 422.572808][T12964] alloc_pages_current+0x68d/0x9a0 [ 422.578004][T12964] __page_cache_alloc+0x95/0x320 [ 422.583016][T12964] pagecache_get_page+0xaf1/0x1220 [ 422.588198][T12964] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 422.594166][T12964] filemap_fault+0x2632/0x2b70 [ 422.599028][T12964] ? generic_file_read_iter+0x3e70/0x3e70 [ 422.604824][T12964] handle_mm_fault+0x71f5/0x9f70 [ 422.609821][T12964] ? filemap_fault+0x2b70/0x2b70 [ 422.614849][T12964] do_user_addr_fault+0x905/0x1510 [ 422.620051][T12964] __do_page_fault+0x1a2/0x410 [ 422.624879][T12964] do_page_fault+0xbb/0x500 [ 422.629448][T12964] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 422.634886][T12964] page_fault+0x4e/0x60 [ 422.639103][T12964] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 422.645933][T12964] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 422.665683][T12964] RSP: 0018:ffff88805f5efb28 EFLAGS: 00010202 [ 422.671797][T12964] RAX: ffffffff849a5356 RBX: ffff888061454000 RCX: 0000000000002320 [ 422.679816][T12964] RDX: 0000000000003b60 RSI: 0000000020002000 RDI: ffff888061455840 [ 422.687837][T12964] RBP: ffff88805f5efb98 R08: 0000000000000001 R09: ffff88805f5ef4ac [ 422.695944][T12964] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 422.703971][T12964] R13: 0000000000000000 R14: ffff8881b58f09a8 R15: 0000000000003b60 [ 422.712039][T12964] ? stack_trace_save+0x1b0/0x1b0 [ 422.717158][T12964] ? _copy_from_user+0xd6/0x230 [ 422.720619][T12967] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 422.722093][T12964] ? _copy_from_user+0x116/0x230 [ 422.722152][T12964] rw_copy_check_uvector+0x2a1/0x650 [ 422.722211][T12964] import_iovec+0x19f/0x660 [ 422.722280][T12964] do_readv+0x2de/0x710 [ 422.731651][T12967] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 422.736541][T12964] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 422.736590][T12964] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 422.736630][T12964] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 422.736672][T12964] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 422.736734][T12964] __se_sys_readv+0x9b/0xb0 [ 422.788717][T12964] __x64_sys_readv+0x4a/0x70 [ 422.793376][T12964] do_syscall_64+0xb6/0x160 [ 422.797954][T12964] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 422.804408][T12964] RIP: 0033:0x459a59 [ 422.808335][T12964] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 422.828044][T12964] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 422.836494][T12964] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 422.844481][T12964] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 422.852553][T12964] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 422.860630][T12964] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 422.868706][T12964] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 422.879802][T11495] usb 1-1: config 0 has an invalid interface number: 84 but max is 0 [ 422.888065][T11495] usb 1-1: config 0 has no interface number 0 [ 422.894730][T11495] usb 1-1: New USB device found, idVendor=1519, idProduct=0452, bcdDevice=ca.9a [ 422.903888][T11495] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 422.962448][T12956] IPVS: ftp: loaded support on port[0] = 21 [ 422.980994][T11495] usb 1-1: config 0 descriptor?? [ 423.024875][T11495] cdc_acm 1-1:0.84: Zero length descriptor references [ 423.032061][T11495] cdc_acm: probe of 1-1:0.84 failed with error -22 [ 423.064168][ T31] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 423.226186][T11495] usb 1-1: USB disconnect, device number 24 [ 423.322087][ T31] usb 2-1: Using ep0 maxpacket: 8 [ 423.442833][ T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 423.455120][ T31] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 423.468222][ T31] usb 2-1: New USB device found, idVendor=056a, idProduct=005d, bcdDevice= 0.00 [ 423.477534][ T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.490414][ T31] usb 2-1: config 0 descriptor?? [ 423.976287][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x2 [ 423.984355][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 423.991445][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 423.998662][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.005841][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.013110][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.016204][T11495] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 424.020163][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.034798][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.041871][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.049026][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.056190][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.063348][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.070418][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.077671][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.084707][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.091718][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.102073][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.109098][ T31] wacom 0003:056A:005D.0004: unknown main item tag 0x0 [ 424.118723][ T31] wacom 0003:056A:005D.0004: hidraw0: USB HID v0.00 Device [HID 056a:005d] on usb-dummy_hcd.1-1/input0 [ 424.175774][ T5] usb 2-1: USB disconnect, device number 22 [ 424.272164][T11495] usb 1-1: Using ep0 maxpacket: 32 [ 424.392293][T11495] usb 1-1: config 0 has an invalid interface number: 84 but max is 0 [ 424.400625][T11495] usb 1-1: config 0 has no interface number 0 [ 424.407551][T11495] usb 1-1: New USB device found, idVendor=1519, idProduct=0452, bcdDevice=ca.9a [ 424.416798][T11495] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.426859][T11495] usb 1-1: config 0 descriptor?? [ 424.474222][T11495] cdc_acm 1-1:0.84: Zero length descriptor references [ 424.481193][T11495] cdc_acm: probe of 1-1:0.84 failed with error -22 [ 424.675070][ T31] usb 1-1: USB disconnect, device number 25 14:22:59 executing program 4: syz_usb_connect(0x0, 0xbc, &(0x7f0000002c40)=ANY=[@ANYBLOB="000100001c00f540c0070515146500000001090222000100000000090487000103011200094500000000000000070581bb6e86a9"], 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) r1 = getpgid(0xffffffffffffffff) ptrace$cont(0xffffffffffffffff, r1, 0x0, 0x4) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4) 14:22:59 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f0000000280)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000029fcc)={{0x0, 0x2, 0x0, 0xffefffffffffffff}}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x6, 0x200) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$RTC_UIE_OFF(r5, 0x7004) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x2}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000100)={r6, 0x101}, 0xffffffffffffffee) r7 = fcntl$dupfd(r2, 0x0, r1) r8 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r8, 0x80006040045010, &(0x7f0000000140)=0x3) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r8, 0x28, &(0x7f0000000180)}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r9 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vga_arbiter\x00', 0x4080, 0x0) write$FUSE_NOTIFY_POLL(r9, &(0x7f0000000240)={0x18, 0x1, 0x0, {0xff}}, 0x18) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) 14:22:59 executing program 3 (fault-call:7 fault-nth:7): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:22:59 executing program 5: getxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@random={'system.', 'cgroupppp0\xbccgroupposix_acl_accesseth1vboxnet1lo+%\x00'}, &(0x7f0000000100)=""/39, 0x27) syz_emit_ethernet(0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6080000000383a0800000000000000000000000000000000ff0200001000000000000000000000010200b3780000000060000100e9cd6c0000000000000000000000000000000000fe02545e3fd470224d6366d7e49700000000000000000000000000010200000000000000"], 0x0) [ 424.833497][ T32] audit: type=1804 audit(1571494979.885:89): pid=12988 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/93/file0/bus" dev="ramfs" ino=34763 res=1 [ 424.863223][T12988] FAULT_INJECTION: forcing a failure. [ 424.863223][T12988] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 424.876464][T12988] CPU: 1 PID: 12988 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 424.884372][T12988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.894431][T12988] Call Trace: [ 424.897737][T12988] dump_stack+0x191/0x1f0 [ 424.902089][T12988] should_fail+0xa3f/0xa50 [ 424.906548][T12988] should_fail_alloc_page+0x1fb/0x270 [ 424.911938][T12988] __alloc_pages_nodemask+0x3c1/0x60c0 [ 424.917405][T12988] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 424.923305][T12988] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 424.929283][T12988] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 424.935430][T12988] ? prep_new_page+0x792/0x9b0 [ 424.940198][T12988] ? get_page_from_freelist+0x11d3/0x19f0 [ 424.945926][T12988] kmsan_alloc_page+0xc3/0x370 [ 424.950686][T12988] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 424.956580][T12988] __alloc_pages_nodemask+0x149d/0x60c0 [ 424.962121][T12988] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 424.968006][T12988] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 424.974062][T12988] ? memcg_check_events+0x74/0xf20 [ 424.979864][T12988] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 424.985759][T12988] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 424.992023][T12988] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 424.997927][T12988] alloc_pages_current+0x68d/0x9a0 [ 425.003042][T12988] __page_cache_alloc+0x95/0x320 [ 425.007979][T12988] pagecache_get_page+0xaf1/0x1220 [ 425.013084][T12988] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 425.019098][T12988] filemap_fault+0x2632/0x2b70 [ 425.023891][T12988] ? generic_file_read_iter+0x3e70/0x3e70 [ 425.029599][T12988] handle_mm_fault+0x71f5/0x9f70 [ 425.034534][T12988] ? filemap_fault+0x2b70/0x2b70 [ 425.039480][T12988] do_user_addr_fault+0x905/0x1510 [ 425.044614][T12988] __do_page_fault+0x1a2/0x410 [ 425.049394][T12988] do_page_fault+0xbb/0x500 [ 425.054156][T12988] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 425.059610][T12988] page_fault+0x4e/0x60 [ 425.063759][T12988] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 425.070875][T12988] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 425.093336][T12988] RSP: 0018:ffff88805ecafb28 EFLAGS: 00010202 [ 425.099393][T12988] RAX: ffffffff849a5356 RBX: ffff88805ecfc000 RCX: 0000000000002320 [ 425.107443][T12988] RDX: 0000000000003b60 RSI: 0000000020002000 RDI: ffff88805ecfd840 [ 425.115433][T12988] RBP: ffff88805ecafb98 R08: 0000000000000001 R09: ffff88805ecaf4ac [ 425.123394][T12988] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 425.131363][T12988] R13: 0000000000000000 R14: ffff8881a96ee468 R15: 0000000000003b60 [ 425.139342][T12988] ? stack_trace_save+0x1b0/0x1b0 [ 425.144357][T12988] ? _copy_from_user+0xd6/0x230 [ 425.149204][T12988] ? _copy_from_user+0x116/0x230 [ 425.154138][T12988] rw_copy_check_uvector+0x2a1/0x650 [ 425.159423][T12988] import_iovec+0x19f/0x660 [ 425.164062][T12988] do_readv+0x2de/0x710 [ 425.168220][T12988] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 425.174113][T12988] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 425.180171][T12988] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 425.185882][T12988] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 425.191766][T12988] __se_sys_readv+0x9b/0xb0 [ 425.196267][T12988] __x64_sys_readv+0x4a/0x70 [ 425.200846][T12988] do_syscall_64+0xb6/0x160 [ 425.205343][T12988] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 425.211237][T12988] RIP: 0033:0x459a59 [ 425.215126][T12988] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:22:59 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$TUNSETOWNER(r2, 0x400454cc, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) socket$can_raw(0x1d, 0x3, 0x1) ioctl$KVM_REINJECT_CONTROL(0xffffffffffffffff, 0xae71, &(0x7f0000000040)={0x20}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffffc) r4 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x3, 0x2) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r5, 0x402c5342, &(0x7f0000000400)={0xffffffff, 0x7, 0x1, {}, 0x200}) getsockopt$TIPC_DEST_DROPPABLE(r4, 0x10f, 0x81, &(0x7f00000002c0), &(0x7f0000000300)=0x4) ioctl$KVM_NMI(r3, 0xae9a) r6 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$RTC_EPOCH_SET(r6, 0x4008700e, 0x570) ioctl$int_in(r6, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000200)={[0x4, 0x9, 0xffffffffffffffff, 0x200, 0xda0, 0x0, 0x4, 0x1, 0x3, 0x9, 0x6, 0x9, 0x0, 0x1, 0x0, 0x2], 0x4, 0x8}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000e000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000480)="b805000000b9b288d3560f01c10ff6f2b8010000000f01c10f5c98ea97c83ec4e178537d0f3e801003f30f09b884b400000f23d00f21f835300000020f23f8c4e249acb9fd2f0000c4e1f8137b0e", 0xfffffffffffffd41}], 0xaaaaaaaaaaaac1b, 0x2, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r7 = socket$inet(0x2, 0x4, 0x6) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r7, 0x84, 0x15, &(0x7f00000003c0)={0x1}, 0x1) r8 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r8, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KVM_ENABLE_CAP_CPU(r8, 0x4068aea3, &(0x7f0000000340)={0x7b, 0x0, [0xffffffffffffff7f, 0x3, 0x1]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 425.234721][T12988] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 425.243125][T12988] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 425.251099][T12988] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 425.259062][T12988] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 425.267022][T12988] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 425.274998][T12988] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 425.287224][T11495] usb 2-1: new high-speed USB device number 23 using dummy_hcd 14:23:00 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VFIO_SET_IOMMU(r3, 0x3b66, 0x6) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) r4 = socket$inet6(0xa, 0x1, 0x0) listen(r4, 0x0) io_setup(0x7, &(0x7f0000000140)=0x0) bpf$MAP_CREATE(0x2, &(0x7f0000000040)={0x0, 0x0, 0x77fffb, 0x0, 0x0, 0x0}, 0x3c) io_submit(r5, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x12f}]) [ 425.452016][ T5] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 425.532387][T11495] usb 2-1: Using ep0 maxpacket: 8 14:23:00 executing program 3 (fault-call:7 fault-nth:8): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 425.652314][T11495] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 425.663905][T11495] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 425.677155][T11495] usb 2-1: New USB device found, idVendor=056a, idProduct=005d, bcdDevice= 0.00 [ 425.686467][T11495] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 14:23:00 executing program 2: syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000044f1b08480b03209007000000000000000001000000000904cf0001cbd41f00090504000000000000"], 0x0) 14:23:00 executing program 1: move_pages(0x0, 0x2, &(0x7f00000006c0)=[&(0x7f0000000000/0x2000)=nil, &(0x7f0000004000/0x2000)=nil], &(0x7f0000000040)=[0x1], 0x0, 0x0) ioctl$sock_inet6_udp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) mlock2(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1) [ 425.825555][T11495] usb 2-1: config 0 descriptor?? [ 425.862557][ T5] usb 5-1: config 0 has an invalid interface number: 135 but max is 0 [ 425.870957][ T5] usb 5-1: config 0 has no interface number 0 [ 425.877362][ T5] usb 5-1: config 0 interface 135 altsetting 0 endpoint 0x81 has an invalid bInterval 169, changing to 11 [ 425.888937][ T5] usb 5-1: config 0 interface 135 altsetting 0 endpoint 0x81 has invalid maxpacket 1646, setting to 1024 [ 425.900460][ T5] usb 5-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=65.14 14:23:00 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x7, 0x20000) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) tee(r0, r1, 0x8, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000180)={@loopback, @loopback, 0x0}, &(0x7f00000001c0)=0xc) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x18, 0x12, @ppp={{0x8, 0x1, 'ppp\x00'}, {0xc, 0x2, {0x8, 0x1, r3}}}}]}, 0x38}}, 0x0) fcntl$dupfd(r2, 0x0, r2) r5 = socket$inet(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000100)=0x7f6, 0x4) sendto$inet(r5, 0x0, 0x0, 0x0, &(0x7f0000cd2ff0)={0x2, 0x4e21}, 0x10) recvmmsg(r5, &(0x7f0000000080), 0x400000000000384, 0x12001, 0x0) [ 425.909812][ T5] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.943931][T11495] usb 2-1: can't set config #0, error -71 [ 425.955614][ T32] audit: type=1804 audit(1571494981.005:90): pid=13013 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/94/file0/bus" dev="ramfs" ino=35660 res=1 [ 425.967589][T13010] FAULT_INJECTION: forcing a failure. [ 425.967589][T13010] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 425.992060][T13010] CPU: 0 PID: 13010 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 425.999936][T13010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.010004][T13010] Call Trace: [ 426.013300][T13010] dump_stack+0x191/0x1f0 [ 426.017642][T13010] should_fail+0xa3f/0xa50 [ 426.022157][T13010] should_fail_alloc_page+0x1fb/0x270 [ 426.027614][T13010] __alloc_pages_nodemask+0x3c1/0x60c0 [ 426.033070][T13010] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.038961][T13010] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 426.045025][T13010] ? prep_new_page+0x792/0x9b0 [ 426.049793][T13010] ? get_page_from_freelist+0x11d3/0x19f0 [ 426.055519][T13010] kmsan_alloc_page+0x131/0x370 [ 426.060376][T13010] __alloc_pages_nodemask+0x149d/0x60c0 [ 426.066090][T13010] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.072687][T13010] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 426.079179][T13010] ? memcg_check_events+0x74/0xf20 [ 426.084543][T13010] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.090446][T13010] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 426.096889][T13010] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.102782][T13010] alloc_pages_current+0x68d/0x9a0 [ 426.107916][T13010] __page_cache_alloc+0x95/0x320 [ 426.112873][T13010] pagecache_get_page+0xaf1/0x1220 [ 426.117974][T13010] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.123877][T13010] filemap_fault+0x2632/0x2b70 [ 426.128662][T13010] ? generic_file_read_iter+0x3e70/0x3e70 [ 426.134376][T13010] handle_mm_fault+0x71f5/0x9f70 [ 426.139317][T13010] ? filemap_fault+0x2b70/0x2b70 [ 426.144266][T13010] do_user_addr_fault+0x905/0x1510 [ 426.149479][T13010] __do_page_fault+0x1a2/0x410 [ 426.154239][T13010] do_page_fault+0xbb/0x500 [ 426.158740][T13010] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 426.164112][T13010] page_fault+0x4e/0x60 [ 426.168269][T13010] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 426.174863][T13010] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 426.194555][T13010] RSP: 0018:ffff88805f02fb28 EFLAGS: 00010202 [ 426.200794][T13010] RAX: ffffffff849a5356 RBX: ffff88805ee44000 RCX: 0000000000002320 [ 426.209209][T13010] RDX: 0000000000003b60 RSI: 0000000020002000 RDI: ffff88805ee45840 [ 426.217173][T13010] RBP: ffff88805f02fb98 R08: 0000000000000001 R09: ffff88805f02f4ac [ 426.225139][T13010] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 426.233097][T13010] R13: 0000000000000000 R14: ffff8881a96ee468 R15: 0000000000003b60 [ 426.241075][T13010] ? stack_trace_save+0x1b0/0x1b0 [ 426.246178][T13010] ? _copy_from_user+0xd6/0x230 [ 426.251035][T13010] ? _copy_from_user+0x116/0x230 [ 426.255977][T13010] rw_copy_check_uvector+0x2a1/0x650 [ 426.261270][T13010] import_iovec+0x19f/0x660 [ 426.265795][T13010] do_readv+0x2de/0x710 [ 426.269952][T13010] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.275837][T13010] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 426.281896][T13010] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 426.287605][T13010] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.293493][T13010] __se_sys_readv+0x9b/0xb0 [ 426.297996][T13010] __x64_sys_readv+0x4a/0x70 [ 426.302584][T13010] do_syscall_64+0xb6/0x160 [ 426.307076][T13010] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 426.312957][T13010] RIP: 0033:0x459a59 [ 426.316928][T13010] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 426.336539][T13010] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 426.345025][T13010] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 426.352983][T13010] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 426.360940][T13010] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.368895][T13010] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 426.376852][T13010] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 426.422443][T11495] usb 2-1: USB disconnect, device number 23 [ 426.475043][ T5] usb 5-1: config 0 descriptor?? 14:23:01 executing program 3 (fault-call:7 fault-nth:9): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 426.673827][ T31] usb 3-1: new high-speed USB device number 13 using dummy_hcd 14:23:01 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_MON_GET(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x14, r1, 0x1}, 0x14}}, 0x0) sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80204010}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)={0x130, r1, 0x10, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x40, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x4}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9e99}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x100}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffb}]}, @TIPC_NLA_SOCK={0x44, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xffffffff}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x50, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7ff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2d40}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7fff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}]}, @TIPC_NLA_MON={0x3c, 0x9, [@TIPC_NLA_MON_REF={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x68e561ed}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x101}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xfffff245}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7ea}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xb5b}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x800}, 0x4) openat$tun(0xffffffffffffff9c, &(0x7f0000000440)='/dev/net/tun\x00', 0x800000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6b}]}, &(0x7f0000000180)='GPL\x00u\xf1\x85y*_\xb2\xf0S\xfe\x8e\xdfj\a\x19\v\xc2\x8c\x891\xf9D\xe1\x13\xc4)W\xd1}3\x9d\x10\xad\ac\xdc\x81\xe2\xa9\x8d\xdf\x98u1\xc1\xc5\xa8\xe7\xd4[\xb7\xfa\xd3Z\x9a\xa4\xd6\x8e@\x1f\xdc\xa1\xf0e\x9b\xed.\xbf\xd2\xc2\xcdg\x9fvt\",\xe1[\xb1u\xc2f.j\x84qg(h\xba\xe0\x1a[\x11o\xf7\x7f\x05]\x1c1\x9dL(n\xce\xeb\vvRa\xb2\xd1f\x1b3\xe6Xy\x10e\xe8\xb2\xbf\xc0\xce\x7f\xfa\xaf\xe9mt2\xa8PA\x88\xf8\xff\xff\xffL\xfc\x16\xf1\x9b\xe96\x10K\x02\xee\xb2=\xd2[\xca\x0f\xd4\x10ML,\x9cJ\x88(_\xf3\xfa\xd2\xdd\xac\x18\x94>\x1f\x17\xc0\xabg;e\xa1qf\xcds\x8a\xa6\"\x9b\x97\xa5\xe2c\"G\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xae\xee\x8d\xbc\xd3\x93*\x1e,\xcd\f\x1d+U;\xb1\xbf8\x1b\xb4\xbc\x19_W\x84a;\x0e\x8flu\xd8\xc7\xa0_\"\xba\xa5Y\xaau\x91Br\xe2\b\x94\x1f\xcb)m*\xf6\xc5h\xb99\x0e\x93D\xb1\xfa\xadI\x1e\xdbt%C\xcdQ9t\xa2X\x9bM\x18\x86\x02\xd5cr`o\xd0ky\xea|\xd0\xbfz\xeb\x8d5B\xdc\"d\x87\xe4H{/\xbdA\x16\xd8\xf1t~\xa2\xc9\x1e\xe9T7\r9\b\xbc\xdb\x8a\xd15(\x1e\x99!\x9e)\x8eQ\xc4\\\x03\xfe\x14\xa0', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 426.808174][ T32] audit: type=1804 audit(1571494981.845:91): pid=13029 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/95/file0/bus" dev="ramfs" ino=35708 res=1 [ 426.815419][T13029] FAULT_INJECTION: forcing a failure. [ 426.815419][T13029] name failslab, interval 1, probability 0, space 0, times 1 [ 426.842825][T13029] CPU: 0 PID: 13029 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 426.850740][T13029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.861084][T13029] Call Trace: [ 426.864417][T13029] dump_stack+0x191/0x1f0 [ 426.868779][T13029] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.874707][T13029] should_fail+0xa3f/0xa50 [ 426.879189][T13029] __should_failslab+0x264/0x280 [ 426.884161][T13029] should_failslab+0x29/0x70 [ 426.888782][T13029] kmem_cache_alloc+0xd6/0xd10 [ 426.893587][T13029] ? kmsan_get_metadata+0x39/0x350 [ 426.898726][T13029] ? xas_create+0xa61/0x2460 [ 426.903435][T13029] xas_create+0xa61/0x2460 [ 426.907900][T13029] xas_store+0x1b8/0x2970 [ 426.912287][T13029] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.918301][T13029] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 426.924588][T13029] __add_to_page_cache_locked+0x5f5/0x1140 [ 426.930442][T13029] ? workingset_activation+0x2f0/0x2f0 [ 426.935931][T13029] add_to_page_cache_lru+0x1a9/0x460 [ 426.941345][T13029] pagecache_get_page+0xcce/0x1220 [ 426.946487][T13029] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 426.952422][T13029] filemap_fault+0x2632/0x2b70 [ 426.957411][T13029] ? generic_file_read_iter+0x3e70/0x3e70 [ 426.963165][T13029] handle_mm_fault+0x71f5/0x9f70 [ 426.968131][T13029] ? filemap_fault+0x2b70/0x2b70 [ 426.973117][T13029] do_user_addr_fault+0x905/0x1510 [ 426.978364][T13029] __do_page_fault+0x1a2/0x410 [ 426.983161][T13029] do_page_fault+0xbb/0x500 [ 426.987697][T13029] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 426.993105][T13029] page_fault+0x4e/0x60 [ 426.997288][T13029] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 427.004702][T13029] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 427.024324][T13029] RSP: 0018:ffff88818906fb28 EFLAGS: 00010202 [ 427.030410][T13029] RAX: ffffffff849a5356 RBX: ffff88805bec0000 RCX: 0000000000002320 [ 427.038395][T13029] RDX: 0000000000003b60 RSI: 0000000020002000 RDI: ffff88805bec1840 [ 427.046381][T13029] RBP: ffff88818906fb98 R08: 0000000000000001 R09: ffff88818906f4ac [ 427.054367][T13029] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 427.062442][T13029] R13: 0000000000000000 R14: ffff8881a96ea7e8 R15: 0000000000003b60 [ 427.070462][T13029] ? stack_trace_save+0x1b0/0x1b0 [ 427.075523][T13029] ? _copy_from_user+0xd6/0x230 [ 427.080412][T13029] ? _copy_from_user+0x116/0x230 [ 427.085476][T13029] rw_copy_check_uvector+0x2a1/0x650 [ 427.090797][T13029] import_iovec+0x19f/0x660 [ 427.095341][T13029] do_readv+0x2de/0x710 [ 427.099540][T13029] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 427.105464][T13029] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 427.111556][T13029] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 427.117312][T13029] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 427.123254][T13029] __se_sys_readv+0x9b/0xb0 [ 427.127783][T13029] __x64_sys_readv+0x4a/0x70 [ 427.132572][T13029] do_syscall_64+0xb6/0x160 [ 427.137102][T13029] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 427.143014][T13029] RIP: 0033:0x459a59 [ 427.146934][T13029] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 427.167252][T13029] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 427.176988][T13029] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 427.184981][T13029] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 427.192992][T13029] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 427.200999][T13029] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 427.209005][T13029] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 427.272302][ T31] usb 3-1: Using ep0 maxpacket: 8 [ 427.322358][ T31] usb 3-1: no configurations [ 427.327149][ T31] usb 3-1: can't read configurations, error -22 [ 427.347232][T11495] usb 5-1: USB disconnect, device number 10 [ 427.512421][ T31] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 427.772300][ T31] usb 3-1: Using ep0 maxpacket: 8 [ 427.812194][ T31] usb 3-1: no configurations [ 427.817088][ T31] usb 3-1: can't read configurations, error -22 [ 427.824355][ T31] usb usb3-port1: attempt power cycle [ 428.141961][T11559] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 428.502157][T11559] usb 5-1: config 0 has an invalid interface number: 135 but max is 0 [ 428.510398][T11559] usb 5-1: config 0 has no interface number 0 [ 428.516752][T11559] usb 5-1: config 0 interface 135 altsetting 0 endpoint 0x81 has an invalid bInterval 169, changing to 11 [ 428.528151][T11559] usb 5-1: config 0 interface 135 altsetting 0 endpoint 0x81 has invalid maxpacket 1646, setting to 1024 [ 428.539635][T11559] usb 5-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=65.14 [ 428.548848][T11559] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.557831][ T31] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 428.566383][T11559] usb 5-1: config 0 descriptor?? [ 428.801978][ T31] usb 3-1: Using ep0 maxpacket: 8 [ 428.809356][T11495] usb 5-1: USB disconnect, device number 11 [ 428.842231][ T31] usb 3-1: no configurations [ 428.846966][ T31] usb 3-1: can't read configurations, error -22 14:23:03 executing program 3 (fault-call:7 fault-nth:10): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:03 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x1) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x511, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast2}, 0x1c) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) recvmmsg(r1, &(0x7f0000003d40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x40000000000035b, 0x2000, 0x0) 14:23:03 executing program 5: r0 = socket$inet6(0x10, 0x3, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x200000, 0x0) write$FUSE_DIRENT(r1, &(0x7f0000000040)={0x108, 0xfffffffffffffff5, 0x4, [{0x3, 0x100000000, 0x0, 0x4bd}, {0x3, 0x100000001, 0x13, 0x200, 'posix_acl_accessGPL'}, {0x5, 0x7, 0x5, 0xfff, '\'ppp1'}, {0x6, 0x8, 0x1d, 0x3, 'user)posix_acl_access--ppp0$\xce'}, {0x5, 0x8, 0x3c, 0x7ff, 'posix_acl_accessvmnet0selfmime_typeppp0user!posix_acl_access'}]}, 0x108) sendmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000000340)="5500000018007f5f00fe01b2a4a280930206000100000008020b00000a000600350028001400000019000f40000000000022de1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4fab91d400", 0x55}], 0x1}, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x0) 14:23:03 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x101000) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) setsockopt$sock_int(r2, 0x1, 0x4, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet6_tcp_int(r1, 0x6, 0xa, &(0x7f0000000040)=0x3, 0x4) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) 14:23:04 executing program 4: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="340000001000010400"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000140012000c00010062726964676500000300020092ab29e6bc90313f5c14a8d5d4534e466f18e765b4fd2a0e0ffabd5f884b8215627962f7a4aab6691329692afb3fdcc3e7378871f430fe0e63a139f8432b7c88d952fec2b4b0543063914575e89dce08917ef4c83982304f91f231dc1ecf62c4bf0541ff2b5060b6a4d69b9403c96422fd8632e43e946636599dedd725bcd83c8971198e43a29e4b1c15388e01dee5bf7c4e128ff5b5c146c15db0684e76186c1d4209d8b4158f7b359d8efa69231277e09c47884e9fb0b010687409fc6fa73c91c9504b4460a91a865e0897f10dc1c1e0edc0d560f18478d67cc5cf8dbb0ee5003f6cc7185e99bc93bcb9eb76abba12076a8d07773b076c853092edeb3f4224c4e770006630b3a7e43c7e4c90ce6a20fac946584d406aa1cc75103f746d1f026456e44c9a39c62eecdb8bb82ca275e24c5c9095cbc8a6701a2447f9f6e6e4a372717366f176f0e4df46e9e28ede8a00e2a8b3dcf13c4751bedf6b54a17a3ce76e2d908dc99f448bcc3b3eb44ac16331c1cedd4c55b5334cfdef7b07feba4331cb29b7291ee855c6efe13201ad5409b9de5ef35a55ff24da2d94d86098b4af7a223a8c9b5eedde627772aec0dd4355f69572d2110be284"], 0x34}}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x801}, [@IFLA_LINKINFO={0x1c, 0x12, @bridge={{0xc, 0x1, 'bridge\x00'}, {0xc, 0x2, [@IFLA_BR_GROUP_FWD_MASK={0x8, 0x4}]}}}]}, 0x3c}}, 0x0) [ 428.956584][T13042] netlink: 'syz-executor.5': attribute type 6 has an invalid length. [ 428.965228][T13042] netlink: 'syz-executor.5': attribute type 15 has an invalid length. [ 428.973664][T13042] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.5'. [ 428.989665][ T32] audit: type=1804 audit(1571494984.035:92): pid=13047 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/96/file0/bus" dev="ramfs" ino=35953 res=1 [ 429.006421][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 429.017877][ T31] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 429.034356][T13047] FAULT_INJECTION: forcing a failure. [ 429.034356][T13047] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 429.047896][T13047] CPU: 1 PID: 13047 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 429.055837][T13047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.065932][T13047] Call Trace: [ 429.065997][T13047] dump_stack+0x191/0x1f0 [ 429.066056][T13047] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.066133][T13047] should_fail+0xa3f/0xa50 [ 429.073778][T13047] should_fail_alloc_page+0x1fb/0x270 [ 429.089462][T13047] __alloc_pages_nodemask+0x3c1/0x60c0 [ 429.095018][T13047] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.101337][T13047] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 429.107556][T13047] ? memcg_check_events+0x74/0xf20 [ 429.112702][T13047] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.118719][T13047] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 429.125303][T13047] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.131409][T13047] alloc_pages_current+0x68d/0x9a0 [ 429.136567][T13047] __page_cache_alloc+0x95/0x320 [ 429.141549][T13047] pagecache_get_page+0xaf1/0x1220 [ 429.146693][T13047] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.152629][T13047] filemap_fault+0x2632/0x2b70 [ 429.157441][T13047] ? generic_file_read_iter+0x3e70/0x3e70 [ 429.163184][T13047] handle_mm_fault+0x71f5/0x9f70 [ 429.168165][T13047] ? filemap_fault+0x2b70/0x2b70 [ 429.173152][T13047] do_user_addr_fault+0x905/0x1510 [ 429.178319][T13047] __do_page_fault+0x1a2/0x410 [ 429.183119][T13047] do_page_fault+0xbb/0x500 [ 429.187657][T13047] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 429.193063][T13047] page_fault+0x4e/0x60 [ 429.197254][T13047] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 429.203869][T13047] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 429.223752][T13047] RSP: 0018:ffff88805efcfb28 EFLAGS: 00010202 [ 429.229839][T13047] RAX: ffffffff849a5356 RBX: ffff888061454000 RCX: 0000000000001320 [ 429.237835][T13047] RDX: 0000000000003b60 RSI: 0000000020003000 RDI: ffff888061456840 [ 429.245833][T13047] RBP: ffff88805efcfb98 R08: 0000000000000001 R09: ffff88805efcf4ac [ 429.254082][T13047] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 429.262165][T13047] R13: 0000000000000000 R14: ffff8881b58f27e8 R15: 0000000000003b60 [ 429.270199][T13047] ? stack_trace_save+0x1b0/0x1b0 [ 429.275253][T13047] ? _copy_from_user+0xd6/0x230 [ 429.280137][T13047] ? _copy_from_user+0x116/0x230 [ 429.285117][T13047] rw_copy_check_uvector+0x2a1/0x650 [ 429.290438][T13047] import_iovec+0x19f/0x660 [ 429.294990][T13047] do_readv+0x2de/0x710 [ 429.299191][T13047] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.305128][T13047] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 429.311218][T13047] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 429.316980][T13047] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.322992][T13047] __se_sys_readv+0x9b/0xb0 [ 429.327533][T13047] __x64_sys_readv+0x4a/0x70 [ 429.332147][T13047] do_syscall_64+0xb6/0x160 [ 429.336680][T13047] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 429.342584][T13047] RIP: 0033:0x459a59 [ 429.346509][T13047] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 429.367437][T13047] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 429.375886][T13047] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 429.383968][T13047] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 429.391959][T13047] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 429.399952][T13047] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 14:23:04 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x10031, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x5, 0x202100) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x6d, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x7d, &(0x7f0000000000), 0x8) r4 = dup2(r1, r3) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) dup3(r4, r2, 0x0) [ 429.408032][T13047] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 429.439013][T13054] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 14:23:04 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000180)={0xffffff99, {{0xa, 0x4e20, 0xfffffff8, @loopback, 0x6}}, 0x1, 0x5, [{{0xa, 0x4e23, 0x1, @local, 0xd4}}, {{0xa, 0x4e21, 0x24e, @empty, 0x3}}, {{0xa, 0x4e23, 0x5, @mcast1, 0x1}}, {{0xa, 0x4e24, 0x8, @loopback, 0x2}}, {{0xa, 0x4e21, 0xcf13, @loopback}}]}, 0x310) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) syz_emit_ethernet(0x66, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaac3e6aaaaaa00000000000086dd60b4090000303aff80024300602d48000000000000000000000186019078ff070452d30060b680fa000000000000000000ba9c3ef6678b7e34ffffff00000000000000000000ffff0000000000000000000000000000000020ef7da49ba72c23562cb8120ce61cb40e45158c280478300bf5f317be9a1e2d3b7065829c1d1011252949858c04385c42c6b20bdb11d0a9764bba1258b49e5d6e5d4c808f2c753856d1cd415ca5488d889cbbae443bfbe200295355463ec55e102663ca143364d5ab67b57f078df31bd14a018d1c0533dfc1928fdec6cc168a86db95d88c2702ec9b52003dfeda7e4acb61eb48ed700a77ccfd7536ba7a4048c61675068ef46add53209180eb8e120bb20983d629f94152d6b4558823cd95ec52e4bd22bb14ebebe58f5f5a292ce7a78a28072b207451ce5ce2c470601861ebcce8af0a027547d257771c2e063bbe4406676a94caa108c3555c91fa8c6478be5fed89178e8388d37d5d10822d60cec6d10c4cbd40d92aa5e4477b8b0c14b805c691"], 0x0) [ 429.491527][T13042] netlink: 'syz-executor.5': attribute type 6 has an invalid length. [ 429.500003][T13042] netlink: 'syz-executor.5': attribute type 15 has an invalid length. [ 429.508409][T13042] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.5'. 14:23:04 executing program 3 (fault-call:7 fault-nth:11): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:04 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) open(0x0, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$P9_RSTAT(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) write(0xffffffffffffffff, 0x0, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x0) [ 429.703937][ T32] audit: type=1804 audit(1571494984.755:93): pid=13062 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/97/file0/bus" dev="ramfs" ino=35995 res=1 [ 429.736141][T13062] FAULT_INJECTION: forcing a failure. [ 429.736141][T13062] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 429.749380][T13062] CPU: 1 PID: 13062 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 429.757255][T13062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.767309][T13062] Call Trace: [ 429.770597][T13062] dump_stack+0x191/0x1f0 [ 429.774933][T13062] should_fail+0xa3f/0xa50 [ 429.779354][T13062] should_fail_alloc_page+0x1fb/0x270 [ 429.784740][T13062] __alloc_pages_nodemask+0x3c1/0x60c0 [ 429.790198][T13062] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.796091][T13062] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 429.802067][T13062] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 429.808210][T13062] ? prep_new_page+0x792/0x9b0 [ 429.812977][T13062] ? get_page_from_freelist+0x11d3/0x19f0 [ 429.818790][T13062] kmsan_alloc_page+0xc3/0x370 [ 429.823547][T13062] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.829432][T13062] __alloc_pages_nodemask+0x149d/0x60c0 [ 429.834968][T13062] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.840856][T13062] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 429.846910][T13062] ? memcg_check_events+0x74/0xf20 [ 429.852013][T13062] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.857899][T13062] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 429.864088][T13062] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.869974][T13062] alloc_pages_current+0x68d/0x9a0 [ 429.875088][T13062] __page_cache_alloc+0x95/0x320 [ 429.880105][T13062] pagecache_get_page+0xaf1/0x1220 [ 429.885204][T13062] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 429.891109][T13062] filemap_fault+0x2632/0x2b70 [ 429.895882][T13062] ? generic_file_read_iter+0x3e70/0x3e70 [ 429.901587][T13062] handle_mm_fault+0x71f5/0x9f70 [ 429.906605][T13062] ? filemap_fault+0x2b70/0x2b70 [ 429.911637][T13062] do_user_addr_fault+0x905/0x1510 [ 429.916756][T13062] __do_page_fault+0x1a2/0x410 [ 429.921523][T13062] do_page_fault+0xbb/0x500 [ 429.926021][T13062] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 429.931388][T13062] page_fault+0x4e/0x60 [ 429.935546][T13062] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 429.942120][T13062] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 429.961711][T13062] RSP: 0018:ffff88806186fb28 EFLAGS: 00010202 [ 429.967766][T13062] RAX: ffffffff849a5356 RBX: ffff88805f258000 RCX: 0000000000001320 [ 429.976081][T13062] RDX: 0000000000003b60 RSI: 0000000020003000 RDI: ffff88805f25a840 [ 429.984042][T13062] RBP: ffff88806186fb98 R08: 0000000000000001 R09: ffff88806186f4ac [ 429.992016][T13062] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 429.999984][T13062] R13: 0000000000000000 R14: ffff8881b58f6468 R15: 0000000000003b60 [ 430.007971][T13062] ? stack_trace_save+0x1b0/0x1b0 [ 430.012985][T13062] ? _copy_from_user+0xd6/0x230 [ 430.017855][T13062] ? _copy_from_user+0x116/0x230 [ 430.022807][T13062] rw_copy_check_uvector+0x2a1/0x650 [ 430.028113][T13062] import_iovec+0x19f/0x660 [ 430.032629][T13062] do_readv+0x2de/0x710 [ 430.036791][T13062] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.042686][T13062] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 430.048741][T13062] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 430.054452][T13062] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.060945][T13062] __se_sys_readv+0x9b/0xb0 [ 430.065440][T13062] __x64_sys_readv+0x4a/0x70 [ 430.070028][T13062] do_syscall_64+0xb6/0x160 [ 430.074528][T13062] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 430.080411][T13062] RIP: 0033:0x459a59 [ 430.084296][T13062] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 430.103980][T13062] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 430.112397][T13062] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 430.120356][T13062] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 430.128312][T13062] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 430.136270][T13062] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 430.144227][T13062] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:05 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10) r1 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000003600)='tunl0\x003;\xb6n\\\x9d\x8f\xdf\x00', 0x10) sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x2, 0x4e21, @loopback}, 0x10) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") sendto$inet(r1, &(0x7f0000000080), 0xfe7a, 0x0, &(0x7f00000001c0), 0x10) 14:23:05 executing program 1: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41bf, 0xa03e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10006, 0x80011, r0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00') r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_ENUMAUDOUT(r2, 0xc0345642, &(0x7f00000000c0)={0x7, "f4c3636ae9217c57c2a0aa8382ced8d1652147a5b845e110b0e4124f9b807ff1", 0x1c39a32cf87363a6, 0x2}) process_vm_writev(0x0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/21, 0x15}], 0x10000000000000ca, 0x0, 0x0, 0x0) writev(r1, &(0x7f0000000080), 0x5b) ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000000040)={0x80, 0x81, 0x5, 0x9, 0x8000}) 14:23:05 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @remote}, 0x10) setsockopt$sock_int(r0, 0x1, 0x2000000012, &(0x7f0000000000)=0x7ffffffffa, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0800b5055e0bcfe87b0071") getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$sock_inet_SIOCGIFDSTADDR(r2, 0x8917, &(0x7f0000000100)={'tunl0\x00', {0x2, 0x4e22, @rand_addr=0x1}}) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e22}, 0x0) sendto$inet(r0, &(0x7f0000001ac0)="8c5e9e81e0f7ab32", 0x1192aca8268c9077, 0x4, 0x0, 0xfe5f) recvfrom$inet(r0, &(0x7f0000000040)=""/6, 0xffffffffffffff1e, 0x0, 0x0, 0xfffffffffffffe3d) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000006c0)={0x30, r4, 0x13, 0x0, 0x0, {{}, 0x0, 0x5, 0x0, {0x14}}}, 0x30}}, 0x0) setxattr$trusted_overlay_redirect(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='trusted.overlay.redirect\x00', &(0x7f0000000340)='./file0\x00', 0x8, 0x2) sendmsg$TIPC_CMD_SHOW_STATS(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000080}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r4, 0x100, 0x70bd28, 0x25dfdbfb, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040091}, 0x4000000) remap_file_pages(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0xcab, 0x200000) 14:23:05 executing program 3 (fault-call:7 fault-nth:12): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 430.480503][ T32] audit: type=1804 audit(1571494985.525:94): pid=13083 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/98/file0/bus" dev="ramfs" ino=36041 res=1 [ 430.512896][T13083] FAULT_INJECTION: forcing a failure. [ 430.512896][T13083] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 430.526139][T13083] CPU: 1 PID: 13083 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 430.534031][T13083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.544075][T13083] Call Trace: [ 430.547360][T13083] dump_stack+0x191/0x1f0 [ 430.551779][T13083] should_fail+0xa3f/0xa50 [ 430.556203][T13083] should_fail_alloc_page+0x1fb/0x270 [ 430.561567][T13083] __alloc_pages_nodemask+0x3c1/0x60c0 [ 430.567046][T13083] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.572950][T13083] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 430.578933][T13083] ? prep_new_page+0x792/0x9b0 [ 430.583724][T13083] ? get_page_from_freelist+0x11d3/0x19f0 [ 430.589455][T13083] kmsan_alloc_page+0x131/0x370 [ 430.594326][T13083] __alloc_pages_nodemask+0x149d/0x60c0 [ 430.599889][T13083] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.605802][T13083] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 430.611872][T13083] ? memcg_check_events+0x74/0xf20 [ 430.616983][T13083] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.622875][T13083] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 430.629029][T13083] ? kmsan_get_metadata+0x39/0x350 [ 430.634135][T13083] ? kmsan_internal_set_origin+0x6a/0xb0 [ 430.639761][T13083] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 430.646709][T13083] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.652599][T13083] alloc_pages_current+0x68d/0x9a0 [ 430.657710][T13083] __page_cache_alloc+0x95/0x320 [ 430.662646][T13083] pagecache_get_page+0xaf1/0x1220 [ 430.667757][T13083] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.673650][T13083] filemap_fault+0x2632/0x2b70 [ 430.678424][T13083] ? generic_file_read_iter+0x3e70/0x3e70 [ 430.684131][T13083] handle_mm_fault+0x71f5/0x9f70 [ 430.689066][T13083] ? filemap_fault+0x2b70/0x2b70 [ 430.694018][T13083] do_user_addr_fault+0x905/0x1510 [ 430.699241][T13083] __do_page_fault+0x1a2/0x410 [ 430.704002][T13083] do_page_fault+0xbb/0x500 [ 430.708504][T13083] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 430.713876][T13083] page_fault+0x4e/0x60 [ 430.718025][T13083] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 430.724603][T13083] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 430.744217][T13083] RSP: 0018:ffff888188b4fb28 EFLAGS: 00010202 [ 430.750271][T13083] RAX: ffffffff849a5356 RBX: ffff88805d2b0000 RCX: 0000000000001320 [ 430.758239][T13083] RDX: 0000000000003b60 RSI: 0000000020003000 RDI: ffff88805d2b2840 [ 430.766208][T13083] RBP: ffff888188b4fb98 R08: 0000000000000001 R09: ffff888188b4f4ac [ 430.774211][T13083] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 430.782268][T13083] R13: 0000000000000000 R14: ffff8881b58f6468 R15: 0000000000003b60 [ 430.790247][T13083] ? stack_trace_save+0x1b0/0x1b0 [ 430.795263][T13083] ? _copy_from_user+0xd6/0x230 [ 430.800111][T13083] ? _copy_from_user+0x116/0x230 [ 430.805143][T13083] rw_copy_check_uvector+0x2a1/0x650 [ 430.810457][T13083] import_iovec+0x19f/0x660 [ 430.814965][T13083] do_readv+0x2de/0x710 [ 430.819122][T13083] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.825008][T13083] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 430.831846][T13083] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 430.837670][T13083] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 430.843576][T13083] __se_sys_readv+0x9b/0xb0 [ 430.848087][T13083] __x64_sys_readv+0x4a/0x70 [ 430.852678][T13083] do_syscall_64+0xb6/0x160 [ 430.857176][T13083] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 430.863066][T13083] RIP: 0033:0x459a59 [ 430.866952][T13083] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 430.886542][T13083] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 430.894949][T13083] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 430.902911][T13083] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 430.910867][T13083] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 430.918833][T13083] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 14:23:05 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000100)={@link_local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x30, 0xffffff3a, 0xf0ffff, @ipv4={[0x3580], [], @multicast2}, @mcast2, {[], @icmpv6=@time_exceed={0xffffff88, 0x0, 0x0, 0x0, [0x9, 0x4], {0x0, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x2], [], @broadcast}, @remote}}}}}}}, 0x0) [ 430.926803][T13083] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:06 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="8b73e2f52bd940506075b336efdf552a2f835764f3262288134a81a880f82d84e82dbd6aa89b5831d8f02b7d21a1c7a9eca4156ab4233bb9bac10992924e7df80217b0885c9ee6c0bfe77ab7e175a8b2b783b97a76f0bab8055003f1305f78f7d8776ec4c2a9d7c3fd29898c4d859344327241e20ce99da7b51bd3bb36cd6fef9a82fc79b767feb69f49419331b7d78e37d7d58cc94b8d3e8c617b"], 0x14}}, 0x1) r4 = syz_open_dev$dspn(&(0x7f0000000040)='9\xf5\xf7 W\x01Xm\"\xed', 0x80028004, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KDSKBLED(r4, 0x4b65, 0x3) 14:23:06 executing program 0: r0 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x3, 0x40) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000340)=0x9) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000300)=0x1) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r2, 0xc004743e, &(0x7f00000001c0)=""/246) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ppp\x00', 0x0, 0x0) r4 = socket$inet6(0xa, 0x3, 0xf7) r5 = dup2(r3, r4) r6 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) r7 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$int_in(r7, 0x5452, &(0x7f0000000140)=0x3) bind$vsock_stream(r6, &(0x7f0000000100)={0x28, 0x0, 0x2710, @hyper}, 0x10) ioctl$EVIOCGPROP(r5, 0xc004743e, &(0x7f0000000000)=""/246) dup3(r1, r2, 0x0) 14:23:06 executing program 3 (fault-call:7 fault-nth:13): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:06 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup(r0) ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SIOCGIFHWADDR(0xffffffffffffffff, 0x8927, &(0x7f0000000000)) sendmsg$IPVS_CMD_GET_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000005d00)={&(0x7f0000000080)=ANY=[@ANYBLOB="48010000000007e708de2a53045f8abc32920b454776de000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012000c00010167726574617000ea18000200180003000000000008000e0000000000041200"], 0x48}}, 0x0) 14:23:06 executing program 4: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100009e3af6400120083319bb000000011902120001aea674e215cab720d0480000d005bf77e93ab9000009041d0000ffffff00"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f00000001c0)={0x0, 0x0, 0x3, "44d5ae"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000b00)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x4, '\x00\x00\x00I'}, 0x0, 0x0, 0x0, 0x0}) [ 431.439410][ T32] audit: type=1804 audit(1571494986.485:95): pid=13106 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/99/file0/bus" dev="ramfs" ino=36899 res=1 [ 431.446330][T13106] FAULT_INJECTION: forcing a failure. [ 431.446330][T13106] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 431.475395][T13106] CPU: 0 PID: 13106 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 431.483340][T13106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.493459][T13106] Call Trace: [ 431.496798][T13106] dump_stack+0x191/0x1f0 [ 431.501171][T13106] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 431.507112][T13106] should_fail+0xa3f/0xa50 [ 431.511591][T13106] should_fail_alloc_page+0x1fb/0x270 [ 431.517009][T13106] __alloc_pages_nodemask+0x3c1/0x60c0 [ 431.522508][T13106] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 431.528435][T13106] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 431.534536][T13106] ? memcg_check_events+0x74/0xf20 [ 431.539682][T13106] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 431.545610][T13106] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 431.551854][T13106] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 431.557798][T13106] alloc_pages_current+0x68d/0x9a0 [ 431.562971][T13106] __page_cache_alloc+0x95/0x320 [ 431.567934][T13106] pagecache_get_page+0xaf1/0x1220 [ 431.573074][T13106] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 431.579003][T13106] filemap_fault+0x2632/0x2b70 [ 431.583885][T13106] ? generic_file_read_iter+0x3e70/0x3e70 [ 431.589676][T13106] handle_mm_fault+0x71f5/0x9f70 [ 431.594667][T13106] ? filemap_fault+0x2b70/0x2b70 [ 431.599659][T13106] do_user_addr_fault+0x905/0x1510 [ 431.604821][T13106] __do_page_fault+0x1a2/0x410 [ 431.610666][T13106] do_page_fault+0xbb/0x500 [ 431.615204][T13106] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 431.620611][T13106] page_fault+0x4e/0x60 [ 431.624812][T13106] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 431.631424][T13106] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 431.651224][T13106] RSP: 0018:ffff8881b6adfb28 EFLAGS: 00010202 [ 431.657312][T13106] RAX: ffffffff849a5356 RBX: ffff88818c088000 RCX: 0000000000000320 [ 431.665309][T13106] RDX: 0000000000003b60 RSI: 0000000020004000 RDI: ffff88818c08b840 [ 431.673300][T13106] RBP: ffff8881b6adfb98 R08: 0000000000000001 R09: ffff8881b6adf4ac [ 431.681303][T13106] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 431.689318][T13106] R13: 0000000000000000 R14: ffff8881a96ec628 R15: 0000000000003b60 [ 431.697430][T13106] ? stack_trace_save+0x1b0/0x1b0 [ 431.702495][T13106] ? _copy_from_user+0xd6/0x230 [ 431.707380][T13106] ? _copy_from_user+0x116/0x230 [ 431.712351][T13106] rw_copy_check_uvector+0x2a1/0x650 [ 431.717679][T13106] import_iovec+0x19f/0x660 [ 431.722228][T13106] do_readv+0x2de/0x710 [ 431.726426][T13106] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 431.732362][T13106] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 431.738463][T13106] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 431.744210][T13106] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 431.750128][T13106] __se_sys_readv+0x9b/0xb0 [ 431.754665][T13106] __x64_sys_readv+0x4a/0x70 [ 431.759280][T13106] do_syscall_64+0xb6/0x160 [ 431.763818][T13106] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 431.769743][T13106] RIP: 0033:0x459a59 [ 431.773668][T13106] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 431.793288][T13106] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 431.801726][T13106] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 431.809714][T13106] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 431.817709][T13106] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 431.825704][T13106] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 14:23:06 executing program 5: syz_genetlink_get_family_id$tipc2(&(0x7f0000000640)='TIPCv2\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000500), 0xc, 0x0}, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x0, 0x14d42) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) accept$alg(r4, 0x0, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/zero\x00', 0x101000, 0x0) ioctl$int_in(r5, 0x5452, &(0x7f0000000140)=0xffffffffffffffff) ioctl$EVIOCSABS2F(r3, 0x401845ef, &(0x7f0000000380)={0xfffffff7, 0x3, 0xffffffff, 0x6, 0x101, 0x9a0d}) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000580)=""/143, &(0x7f0000000340)=0xfee5) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r6 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x4000, 0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r6, 0x10e, 0x8, &(0x7f0000000480)=0x51, 0x4) r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_ARM_SET_DEVICE_ADDR(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000440)={0x59a9, 0xd000}) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$KVM_RUN(r7, 0xae80, 0x0) r8 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000780)=ANY=[@ANYRES16=r8, @ANYBLOB="dad6859e9fbf7e1a55bcb9ddbecc621025cdc02a223d7fabd0fad49aa1177b168e032debb41cf5f11f33e443502da771aaf8c369fac2cf043dc4d90000000000000000000000004df6e5ab6ff3898e37df23617977eafe1bbe2685b37a099a5de42e98ccfb19d55d07eb2f78bbe00abec367396b017cb52bc2997a62500d814674c3a3ea68cf669dca584dcebfe5"], 0x2}}, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$KVM_NMI(r7, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000880)) ioctl$KVM_RUN(r7, 0xae80, 0x0) [ 431.833795][T13106] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:07 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xb8ec530850c051f3}, 0xc, &(0x7f0000000100)={&(0x7f0000000800)={0x220, r4, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x2c, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'rose0\x00'}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}, @TIPC_NLA_NET={0x24, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x10001}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}]}, @TIPC_NLA_BEARER={0xa4, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'veth0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xb50}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x7, @dev={0xfe, 0x80, [], 0x2a}, 0x10000}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x5, @rand_addr="924283df23425f8259a66ec38d531ff0", 0x7}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'veth0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @empty}}, {0x14, 0x2, @in={0x2, 0x4e20, @loopback}}}}]}, @TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}]}, @TIPC_NLA_LINK={0x100, 0x4, [@TIPC_NLA_LINK_PROP={0x4c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfc}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xcac}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x11}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}]}, 0x220}, 0x1, 0x0, 0x0, 0x20000000}, 0x44880) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r5 = socket$inet6(0xa, 0x802, 0x0) setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000068fe8)="ff0204000000000100000000000000000000000000000205", 0x18) setsockopt$inet6_opts(r5, 0x29, 0x3b, &(0x7f00000001c0)=@dstopts={0x0, 0x20, [], [@pad1, @generic={0x0, 0xe8, "598bab59c2e4e90d163e4f565546167977dec9b224c6a511389dbea81a53f70b2d65231691cee211c076d2555166abc0f35a5da072af3feaf0b57adfb2baf9119d697e94f4571f8cb0b05bc920bef5637bab78b0f79c50d9c7d676cd1d76d14634f5546ac1a30c366fe0d903a7cbb388ff4db23964899edcbc45e530715015d2b87e23d45d4fb8d1e7465ac3a872b129815f8416dfdf9349b5f244557942f54fc2bded2346fa5aa1bef59717f348e9aacce3d0b059ebc7266283c29e3d55877f5096c3177e9f652eb85c16c70a4c8863d3ddef0cb68784c31fbddcd5c81bbb47c614c98394bf1e7f"}, @calipso={0x7, 0x8}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}, 0x108) sendto$inet6(r5, &(0x7f0000000380)="2d0c0ed1f8c6928a8e451e361043911a8c07b18eb6e10b13376aa334e26c78eef079efefa81191915e17caac41246e2a54fa94ba5e962ba950897dbb1ec4e84a2372f51cd3b704538cdb9f8e3842c743d81e2e3016d6c12dc590149037f65192bbc9f565e4e783c3594c3bd2fcd5b64f088a6686c2a661e18d51510f94b542a74158a4105474394299f70f6ba18ce69e004454716e9d533185e2a807c831bb9130503b2227d600a1fcff007c1a8057935f06826e1372d2657ca1d408562fa2821a100f37cf41f1fd01f7e4363ddf770b310c9dbea117a1aa504f242663dfa24f6bd31455075a88941f6ad1ac96f8993c8cd995a23a75898c39960a7c37cc70f6c2cbff77044963044902d0490b387907ef9e7c618c3c4d7b6a6649f62c4466125f4084bc3f9a26731f635bb051158ba977b526bd70ef4b2de4af819b6cef65c1a1a6ee9984cc1d8c0fb6ba109eb90176e7164bbce22f5bbf2b404a7f67abaa0bf9f2f6cbd339df30a390c79e28f6843c2d9045619e976305791c078fd1d7ad9e854dcf301731feec1b0ea7c6b050ab66e9699f7804d633b628a63740c2cee94c384dc404ed22e5b7610e1ea2504b37622725261bc030b050764201156b75b250386f3cf3b721fc5cdffe777667d1fb3a3f7f72f44d4743ac7f5f3fa8a0044faf81eca4f7a1e0d7a81eb38a35b4002af216d5f23e8a4a359982797d26328a05d095482e0357a5010a9d17aab2bf8984b1822971b683c44d3b520901a61663f7a6e151708c5e61a14a189e16913a1c90c956f6d4a54ccce7f42b7c6f28be691cefa300c21210c9db2b124abaf0551c1a9615ee612d7d3f5e9ea0359b604ed5222f83f6e7438374b9ea044a775bc3f9c63613aa80acadde4d179a47c5a90aa0e475b61d7fed723028c11c44c849b34002029819072ec743db4f7599c9c58b999acfd9de86732f0829c092c73470838a11c16a667ddadaaf4faa47769f5699a1ddf32c1d8b0b0344f4099db115feeb22c5bbda9ff5fe9a190289ad300d0b2ca9793c92e490c669878adca48fcbe03486a350f4d65e1295f5125d8ac6ba536670925b4352f719158aeb329983f598a78a1d65d717b641762a0a7eab712000e2620b9ec1926041f774c24f33373f3f858e6f28b27f0f11a3000bf29a3dc57971dc6cfb9d6b4cdcffd561065ffd29062157a6a8c839a2fd87995514c21dc7f2bdc612dd6115666676e044a8a1707fa698c8dc12cd0057737fd1f023504d40a49f290c25779866bf46d3516d7af5f717bf96495c2adcdbefdcbe5e0c709ee035381801a3a987b38bfbe4cfea0630aa687f8c1082e5249b68a28ac75501dd469c1b2e960ab361315114badff33b0f14c74c1ede0b83717e29a266496e25a441e7d698c04a09aacf0d3099051e9754f7be5bd71063a6325c949c9d3eb282dbd08dae1ed2db9db8da4c347bac746ba9690b9e9ed2ba816a6db84ac5da61759b98610e5ada56d4130b6e637286e97c23e887d2dd9c4b1e3486ae883a2041ae73dfdf43d53df1155676b1f27ba829a525727a799ccf83d18fa9d626356ee37fdd245c9027273bf1f73cfaa289a4f22b6ccf867b42779506d3cbe92ac41c96b1", 0x479, 0x0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @mcast1}, 0x1c) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0x17000) 14:23:07 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3c) syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0xe7, 0x488801) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c) sendmsg(r0, &(0x7f00000000c0)={0x0, 0xa2, 0x0}, 0xc100) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000fc0)="3a9a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2013ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb08ad0491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ee091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db2d6e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d9f44f059a5dd10c0971608f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca116f8f11416e5c1bd5499636ddae25fc49709f0309cf5c0bf8e432160c258d14223b3b0d009b09858645773dd97e68a9531072713cff077b2e73e03ed4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243f33e7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147eebe8b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff72b53e2622d6e8b4a4c815fb2ea90ef63e141209dd29254e5ab5bde9c6817b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0efa4d9d3c42e1ba282847d476cef0228b6a1422aba08e5f3c1cd279bb20dcf3e90f80a4a8ac093de9f0d9c11a540aff2de27437787bbed317439cafb71e7f92b7e02cbadb076f04ba2cb8c96aeef53c74d9036c922b1b24a79228e833abc661b5630caa45389341cb8ddf277fd916141023fb53c0d155faf6fdfb593e22db25c4f8afdcd90d437672ebe975f4a5f445bbdd845505fcfea702a42d821d3dc11720de0009e83161e5a089d09184346606e126842de54e85e20aa5bac874367a8690d09d6ee61278bd424eabe824ff22693b0cece9e4d935f28bb7efd85afb1642a363d583eb01f48f25784f80002b163bd3da724b0391dac7c23f76b5c5c6319f7aab18a486d5607f68ce2f83d2a6a8a13f8ecdb845b8af96230f063019ff113698c720403bbf6202b2d50800000000000000d538fc1fa57518769bd3bfc11e743b4e56b01f17483a152abcca0bd84a1011bd703a494150176d17322cf10307d259999622b76ac6a86407c9ed281ae29b9b569b382d3f39fe4d07706c96c41a565437d9edb1cb532d900efe54f518044bba5fa5791c1797c569a3d6c21342d92f4b104a3d957cf85e617c46ac97b6785a455ce7765eb80a02de4dffde0207061e1afb61e777379b202707f0f49edcf21a186eae3371280d89aabb3bd53408b4cb2a8e42f9f4d0bc11d766eb51940f5e92559b91954649f2786fb6683e19ca5f609c40e327876f5515aeefce0f390d3fd557aabcb091b04131f3edc1ed80a2d5a812786530a302ab54f7e1f3a6bca852722d1af85ceab2e6565733b31f76d795b1a603a780564b181ebadb0028c03d0c2c2831ce3a83369bf4ec61f802633e719040dac86c9c26e01bdad8", 0x4d9}], 0x1}, 0x0) [ 432.152104][T11495] usb 5-1: new high-speed USB device number 12 using dummy_hcd 14:23:07 executing program 1: r0 = memfd_create(&(0x7f00000000c0)='\x00'/10, 0x0) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="2321202e2f66476c65af0920"], 0xc) pipe(&(0x7f0000000080)={0xffffffffffffffff}) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000100)) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 14:23:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[]}}, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r2, 0x5386, &(0x7f0000000080)) syz_genetlink_get_family_id$net_dm(&(0x7f0000000100)='NET_DM\x00') r3 = dup3(0xffffffffffffffff, r1, 0x80000) ioctl$EVIOCGREP(r3, 0x80084503, &(0x7f0000000140)=""/133) 14:23:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040)=0x96d1, 0x4) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0xfffffffffffffffd, 0x0, 0x0, 0x4cb]}) write$P9_RLINK(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x47, 0x1}, 0x7) request_key(&(0x7f00000000c0)='.request_key_auth\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)='user,@*GPL*\x00', 0x0) pipe2(&(0x7f0000000180), 0x0) pipe(&(0x7f00000000c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$RTC_WKALM_RD(r3, 0x80287010, &(0x7f00000001c0)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:23:07 executing program 3 (fault-call:7 fault-nth:14): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:07 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc) getsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000180)={@multicast1, @loopback}, &(0x7f00000001c0)=0x8) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f00000000c0)={0x2, {{0x2, 0xfffd, @broadcast}}}, 0x88) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x24b) openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340)='/dev/hwrng\x00', 0x1, 0x0) bind$unix(r2, &(0x7f0000000240)=@abs={0x3, 0x0, 0x4e23}, 0x6e) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f00000002c0)='trusted.overlay.opaque\x00', &(0x7f0000000300)='y\x00', 0x2, 0x1) [ 432.514171][T11495] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 25 [ 432.523161][T11495] usb 5-1: can't read configurations, error -22 14:23:07 executing program 1: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x800, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f00000000c0)={0x0, 0x6}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000280)=ANY=[@ANYRES32=r2, @ANYBLOB="7a0000008f3978798a7fc6541d1118c0523c841b39e6ecc885037011fbde8407ad0f14d09c2e828bceefe429aa823a0359ec372793fba8e5e47a0ed035a60537af48d12547bb829e58575247309b667d501e8ad4812e8bd147f5129342ab29c36743d3eb7579ca2a01982150c15d6a57718da996bb6ea7128998003cd2be"], &(0x7f00000001c0)=0x82) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) close(r3) creat(&(0x7f0000000240)='./file0\x00', 0x10) io_setup(0x4, &(0x7f0000000500)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) bpf$MAP_CREATE(0x2, &(0x7f0000000040)={0x0, 0x0, 0x77fffb, 0x0, 0x0, 0x0}, 0x2c) io_submit(r4, 0x1e09328e, &(0x7f0000000040)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000800000000001, 0x0, r3, 0x0, 0x12f}]) [ 432.714034][ T32] audit: type=1804 audit(1571494987.765:96): pid=13143 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/100/file0/bus" dev="ramfs" ino=37099 res=1 [ 432.722273][T13143] FAULT_INJECTION: forcing a failure. [ 432.722273][T13143] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 432.748803][T13143] CPU: 0 PID: 13143 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 432.756719][T13143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 432.766823][T13143] Call Trace: [ 432.770147][T13143] dump_stack+0x191/0x1f0 [ 432.774600][T13143] should_fail+0xa3f/0xa50 [ 432.779076][T13143] should_fail_alloc_page+0x1fb/0x270 [ 432.784473][T13143] __alloc_pages_nodemask+0x3c1/0x60c0 [ 432.789963][T13143] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 432.795893][T13143] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 432.802188][T13143] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 432.808358][T13143] ? prep_new_page+0x792/0x9b0 [ 432.813343][T13143] ? get_page_from_freelist+0x11d3/0x19f0 [ 432.819250][T13143] kmsan_alloc_page+0xc3/0x370 [ 432.824029][T13143] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 432.829931][T13143] __alloc_pages_nodemask+0x149d/0x60c0 [ 432.835519][T13143] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 432.841420][T13143] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 432.847505][T13143] ? memcg_check_events+0x74/0xf20 [ 432.852679][T13143] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 432.858695][T13143] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 432.865231][T13143] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 432.871317][T13143] alloc_pages_current+0x68d/0x9a0 [ 432.876444][T13143] __page_cache_alloc+0x95/0x320 [ 432.881382][T13143] pagecache_get_page+0xaf1/0x1220 [ 432.886549][T13143] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 432.892492][T13143] filemap_fault+0x2632/0x2b70 [ 432.897630][T13143] ? generic_file_read_iter+0x3e70/0x3e70 [ 432.903449][T13143] handle_mm_fault+0x71f5/0x9f70 [ 432.909784][T13143] ? filemap_fault+0x2b70/0x2b70 [ 432.914768][T13143] do_user_addr_fault+0x905/0x1510 [ 432.920015][T13143] __do_page_fault+0x1a2/0x410 [ 432.924789][T13143] do_page_fault+0xbb/0x500 [ 432.929341][T13143] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 432.934719][T13143] page_fault+0x4e/0x60 [ 432.938996][T13143] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 432.945926][T13143] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 432.965854][T13143] RSP: 0018:ffff88818ca2fb28 EFLAGS: 00010202 [ 432.972065][T13143] RAX: ffffffff849a5356 RBX: ffff8881959a8000 RCX: 0000000000000320 [ 432.980166][T13143] RDX: 0000000000003b60 RSI: 0000000020004000 RDI: ffff8881959ab840 [ 432.988261][T13143] RBP: ffff88818ca2fb98 R08: 0000000000000001 R09: ffff88818ca2f4ac [ 432.996230][T13143] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 433.004377][T13143] R13: 0000000000000000 R14: ffff8881b58f6468 R15: 0000000000003b60 [ 433.012481][T13143] ? stack_trace_save+0x1b0/0x1b0 [ 433.017679][T13143] ? _copy_from_user+0xd6/0x230 [ 433.022555][T13143] ? _copy_from_user+0x116/0x230 [ 433.027562][T13143] rw_copy_check_uvector+0x2a1/0x650 [ 433.032863][T13143] import_iovec+0x19f/0x660 [ 433.037478][T13143] do_readv+0x2de/0x710 [ 433.041753][T13143] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 433.047830][T13143] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 433.053907][T13143] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 433.059817][T13143] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 433.065723][T13143] __se_sys_readv+0x9b/0xb0 [ 433.070234][T13143] __x64_sys_readv+0x4a/0x70 [ 433.075078][T13143] do_syscall_64+0xb6/0x160 [ 433.079670][T13143] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 433.085770][T13143] RIP: 0033:0x459a59 [ 433.089667][T13143] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 433.109579][T13143] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 433.118763][T13143] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 433.127525][T13143] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 433.135508][T13143] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 433.143474][T13143] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 433.155881][T13143] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 433.172228][T11495] usb 5-1: new high-speed USB device number 13 using dummy_hcd 14:23:08 executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f00000001c0)='./file0\x00', 0x0, 0x7a00, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$UHID_DESTROY(r0, &(0x7f0000000280), 0x4) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) write$FUSE_INTERRUPT(r0, &(0x7f00000002c0)={0x10, 0x0, 0x2}, 0x10) accept$alg(r1, 0x0, 0x0) r2 = openat$cgroup_procs(r0, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) r3 = gettid() write$cgroup_pid(r2, &(0x7f0000000980)=r3, 0x11) write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, &(0x7f0000000300)={0x31, 0x3, 0x0, {0x1, 0x10, 0x0, 'em0{user$trusted'}}, 0x31) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)) 14:23:08 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x8800000000000001, 0x8010000000000084) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000040)={0x0, @in, 0x0, 0x0, 0xffffffdfffff8001, 0x0, 0x11}, 0x98) sendmmsg$inet6(r0, &(0x7f0000005a80)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000100)='X', 0x2468d}], 0x1}}], 0x1, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000140)={0x1, 0x6, 0xfffffeb8}) [ 433.574446][T11495] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 25 [ 433.583541][T11495] usb 5-1: can't read configurations, error -22 [ 433.613818][T11495] usb usb5-port1: attempt power cycle [ 434.342104][T11495] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 434.702283][T11495] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 25 [ 434.711781][T11495] usb 5-1: can't read configurations, error -22 [ 434.862078][T11495] usb 5-1: new high-speed USB device number 15 using dummy_hcd 14:23:09 executing program 0: syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) 14:23:09 executing program 3 (fault-call:7 fault-nth:15): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:09 executing program 1: r0 = socket$inet6(0xa, 0x801, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00a\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'bridge0\x00\xff\xff\xfd\xfd\x00', 0xb779ef21efb66f11}) setxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='security.capability\x00', &(0x7f0000000100)=@v2={0x2000000, [{0xff, 0x1}, {0x1, 0x8}]}, 0x14, 0x8790a9e27ad2c056) 14:23:09 executing program 5: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f000001f000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0) r0 = getpid() rt_tgsigqueueinfo(r0, r0, 0x16, &(0x7f0000000000)) ptrace(0x10, r0) ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000100)={&(0x7f0000001300)=""/4096, 0x1000}) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000000)) ptrace(0x10, r1) ptrace$getregset(0x4204, r1, 0x2, &(0x7f0000000100)={&(0x7f0000001300)=""/4096, 0x1000}) r2 = syz_open_procfs(r1, &(0x7f0000000140)='numa_maPw\x00k`I\xd07\xd4\x8e\xbfQ\xbe\xfd\xa6\f[S&\xc6\x86H\x8a\x94\b\x98\x9ej/\xa2\xbe\xf1g-P\xc1\xc3\b\xd3v\xab\xe6\x8c\xfa\xd9\xee\x99\x02\xdfi\xda\x1d\x1cF\'\x1b\x9a\x1d\xe2\a\x7fr\xb9T\x80=b\x05M\xe7\xd6\xca+\xf5D\x107\xa4\x13\xf4\x04\x8b\x82(\xc1\xf2]\xce\x19\xbd\xdb\xf4\xb6\t\x00\xa5\x1a|\xfb %H!\xa7[n\xb5\xf1\x92k&\x06\xeb\xc1\xb3\xd3\x87-d\xda\xeb\x1cx\x06\xe4u\xd9j\xa1\xa4\x03\x10\x7f\xe7\xc1\xa7.\x04\xdd\xaf~\xb2d\x0f\xef@\xb7\xb3\x0e\xe0\xeb3\xa7\xaf\xd8\x98c\x96\x0fK\x16\x1f') readv(r2, &(0x7f0000000080)=[{&(0x7f0000001400)=""/4096, 0x5a0}], 0x1) 14:23:10 executing program 2: pipe(&(0x7f00000015c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x2124, 0x4) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000140)={0x4a5, 0x8000010}) close(r2) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syz_tun\x00', 0x0}) bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, r5}, 0x14) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) setsockopt$packet_int(r4, 0x107, 0x10000000f, &(0x7f0000000000)=0x8002, 0xa47e) splice(r0, 0x0, r2, 0x0, 0x10003, 0x0) 14:23:10 executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000054c0)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r6, @ANYBLOB="00000000ffffffff00000000080001007366710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef6700"/96], 0x74}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=@newtfilter={0x44, 0x2c, 0x701, 0x0, 0x0, {0x0, r6, {}, {}, {0x3}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x14, 0x2, [@TCA_TCINDEX_HASH={0x8, 0x1, 0x106a}, @TCA_TCINDEX_MASK={0x8}]}}]}, 0x44}}, 0x0) sendmsg$inet(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x2, 0x4e24, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @loopback, @rand_addr=0x2}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r1, @remote, @multicast2}}}], 0x40}, 0x0) [ 435.000979][T13172] mmap: syz-executor.5 (13172) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 435.006795][T13173] bridge0: port 2(bridge_slave_1) entered disabled state [ 435.022937][T13173] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.044556][ T32] audit: type=1804 audit(1571494990.095:97): pid=13175 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/101/file0/bus" dev="ramfs" ino=36318 res=1 [ 435.076249][T13167] FAULT_INJECTION: forcing a failure. [ 435.076249][T13167] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 435.090262][T13167] CPU: 1 PID: 13167 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 435.098398][T13167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 435.109266][T13167] Call Trace: [ 435.112610][T13167] dump_stack+0x191/0x1f0 [ 435.117095][T13167] should_fail+0xa3f/0xa50 [ 435.121822][T13167] should_fail_alloc_page+0x1fb/0x270 [ 435.127746][T13167] __alloc_pages_nodemask+0x3c1/0x60c0 [ 435.133993][T13167] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.140991][T13167] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 14:23:10 executing program 5: syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@broadcast, @empty=[0xf002, 0xe0000000e0000000, 0x4305000000000000, 0xf0ffff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x70}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x5, 0x2, 0x0, 0x0, 0x0, 0x6, {0x5, 0x4, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x21, 0x0, @local={0xac, 0x14, 0x14, 0xd}, @dev}}}}}}, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x1}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cpuset.effective_cpus\x00', 0x26e1, 0x0) socket$alg(0x26, 0x5, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, 0x0, 0x0) socket$inet6(0xa, 0x9, 0x7fc) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x6) r1 = bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffdc1) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x422, 0x0) getsockname$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @broadcast}, &(0x7f00000001c0)=0x10) clock_gettime(0x0, &(0x7f0000000000)) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, 0x0, 0x0) write(r3, &(0x7f0000000180)="2000000012005f0214f9f4070000000040000000000000000000000001000000", 0xffffffffffffff16) ioctl$sock_netdev_private(r3, 0x0, &(0x7f0000000100)="cf9f6117619af0348bd6a5ebc65af4d1") lsetxattr(&(0x7f0000fc0000)='./file1\x00', &(0x7f0000000000)=@known='user./yz\xff', &(0x7f0000fc0000)='//selinux\x00\x00\x01\x01', 0x19a, 0x0) ioctl(r1, 0x10000, &(0x7f0000000140)="153f6234488dd25d766070") socketpair$unix(0x1, 0x7, 0x0, 0x0) r4 = socket(0x11, 0x0, 0x8) r5 = syz_open_dev$amidi(0x0, 0xfff, 0x111600) ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000000800)=0x0) ioctl$sock_FIOSETOWN(0xffffffffffffffff, 0x8901, &(0x7f0000000440)=r6) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x10}) ioctl$RTC_WKALM_RD(r5, 0x80287010, &(0x7f00000002c0)) setsockopt$IP_VS_SO_SET_DELDEST(r4, 0x0, 0x488, &(0x7f0000000080)={{0x0, @empty, 0x4e24, 0x3, 'lblcr\x00', 0x1e}, {@remote, 0x4e21, 0x7, 0xffff, 0x7f, 0x2}}, 0x44) memfd_create(&(0x7f0000000c40)='memory.events\x00\xf0\xb5zCw/Z3\xac\xa2\xd2\xc4\x1c~\xf9M\xe7\xd2R\xe9\x1f\x99 >\xa7\xfe\xb6\xcbQH\xf5\xee\xdfL\xbev\x98\'\x14\xbd\"\xcfT\xde\xe7\x11+\xa5\x9b\xbdMy\xc7\x9b\x9a\x8d\xf5\x978\xb8\x8e>X\xeaq\x9a\xc4\x90\x14\xf5\xae\x90\v\x06\x86\xd1\x1d\x82n\xfa7\xe7}\xc9\xf1u\xee\xb9\xf2\ar\xc8\xeb\x15\x93\xf7\xd5\x14\x8dD\x88\xe4\xca3\x032f\x11%s\xc28\x94\xb9\xd8\xa2\x86\x8c\xf9\xa3;G\x90\xef\xbf\xd9\xb5j}\xec\xc9\x1f&r\xb9I\xba`\xc0\xfen\xf0\xe8\x03\xf0\xee\x82\xbd5b=\xd9\xda^\xb7k`\xedz\x86P\xba\xc9\v\x1fgt\xbaN\xfe7)\xd5\xa4\xf9\xc0\xfa\f_\x15\xd5\xe2v\r)\xa6\xdc\xe3B\x17\xb2\xb2\a\xad\xe6\xa0*\x95\xb2\x91,^\xed3o\x1di\x14\x81>\xa8\xdcb\xe7\x8a\xfc', 0x0) [ 435.147377][T13167] ? prep_new_page+0x792/0x9b0 [ 435.152749][T13167] ? get_page_from_freelist+0x11d3/0x19f0 [ 435.159067][T13167] kmsan_alloc_page+0x131/0x370 [ 435.164072][T13167] __alloc_pages_nodemask+0x149d/0x60c0 [ 435.171235][T13167] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.177528][T13167] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 435.184049][T13167] ? memcg_check_events+0x74/0xf20 [ 435.189766][T13167] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.196687][T13167] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 435.203593][T13167] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.210851][T13167] alloc_pages_current+0x68d/0x9a0 [ 435.216628][T13167] __page_cache_alloc+0x95/0x320 [ 435.222373][T13167] pagecache_get_page+0xaf1/0x1220 [ 435.227663][T13167] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.233671][T13167] filemap_fault+0x2632/0x2b70 [ 435.238478][T13167] ? generic_file_read_iter+0x3e70/0x3e70 [ 435.244318][T13167] handle_mm_fault+0x71f5/0x9f70 [ 435.249576][T13167] ? filemap_fault+0x2b70/0x2b70 [ 435.255009][T13167] do_user_addr_fault+0x905/0x1510 [ 435.260328][T13167] __do_page_fault+0x1a2/0x410 [ 435.265378][T13167] do_page_fault+0xbb/0x500 [ 435.271182][T13167] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 435.277461][T13167] page_fault+0x4e/0x60 [ 435.281985][T13167] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 435.290855][T13167] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 435.312223][T13167] RSP: 0018:ffff888188b3fb28 EFLAGS: 00010202 [ 435.319772][T13167] RAX: ffffffff849a5356 RBX: ffff8881937c4000 RCX: 0000000000000320 [ 435.328135][T13167] RDX: 0000000000003b60 RSI: 0000000020004000 RDI: ffff8881937c7840 [ 435.336612][T13167] RBP: ffff888188b3fb98 R08: 0000000000000001 R09: ffff888188b3f4ac [ 435.345058][T13167] R10: 000000000000000e R11: ffffffff81840bb0 R12: 0000000000000000 [ 435.353490][T13167] R13: 0000000000000000 R14: ffff8881a96ec628 R15: 0000000000003b60 [ 435.362189][T13167] ? stack_trace_save+0x1b0/0x1b0 [ 435.368373][T13167] ? _copy_from_user+0xd6/0x230 [ 435.374485][T13167] ? _copy_from_user+0x116/0x230 [ 435.379966][T13167] rw_copy_check_uvector+0x2a1/0x650 [ 435.385845][T13167] import_iovec+0x19f/0x660 [ 435.392893][T13167] do_readv+0x2de/0x710 [ 435.403657][T13167] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.412569][T13167] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 435.420816][T13167] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 435.430587][T13167] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.438456][T13167] __se_sys_readv+0x9b/0xb0 [ 435.444210][T13167] __x64_sys_readv+0x4a/0x70 [ 435.450295][T13167] do_syscall_64+0xb6/0x160 [ 435.456166][T13167] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 435.469795][T13167] RIP: 0033:0x459a59 [ 435.475823][T13167] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 435.496118][T13167] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 435.504935][T13167] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 435.513769][T13167] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 435.523621][T13167] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 435.532896][T13167] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 435.540963][T13167] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:10 executing program 3 (fault-call:7 fault-nth:16): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 435.655502][T13179] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.663601][T13179] bridge0: port 2(bridge_slave_1) entered forwarding state [ 435.672868][T13179] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.681765][T13179] bridge0: port 1(bridge_slave_0) entered forwarding state [ 435.694207][T13179] device bridge0 entered promiscuous mode [ 435.705520][T13180] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 435.825200][ T32] audit: type=1804 audit(1571494990.875:98): pid=13189 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/102/file0/bus" dev="ramfs" ino=36352 res=1 14:23:10 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB="726b1259e6d5c7a02c9076dc8f3127cf5832cf2358256554"], 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890c, 0x0) add_key$user(0x0, 0x0, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x15) socket$nl_route(0x10, 0x3, 0x0) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) socket$inet(0x2, 0x80805, 0x0) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000001300)) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x0, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000c00010076657468000000000100"/36, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r3 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x842, 0x4) ioctl$DRM_IOCTL_SET_VERSION(r3, 0xc0106407, &(0x7f00000001c0)={0x3, 0x0, 0x7, 0x4}) [ 435.872251][T13189] FAULT_INJECTION: forcing a failure. [ 435.872251][T13189] name failslab, interval 1, probability 0, space 0, times 0 [ 435.887065][T13189] CPU: 1 PID: 13189 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 435.895841][T13189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 435.906448][T13189] Call Trace: [ 435.910101][T13189] dump_stack+0x191/0x1f0 [ 435.914924][T13189] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.921245][T13189] should_fail+0xa3f/0xa50 [ 435.925857][T13189] __should_failslab+0x264/0x280 [ 435.931409][T13189] should_failslab+0x29/0x70 [ 435.936637][T13189] kmem_cache_alloc+0xd6/0xd10 [ 435.942166][T13189] ? kmsan_get_metadata+0x39/0x350 [ 435.949010][T13189] ? __anon_vma_prepare+0xa5/0xae0 [ 435.956110][T13189] ? kmsan_internal_set_origin+0x6a/0xb0 [ 435.962995][T13189] __anon_vma_prepare+0xa5/0xae0 [ 435.968187][T13189] ? __msan_poison_alloca+0x158/0x1b0 [ 435.975257][T13189] wp_page_copy+0xa45/0x26d0 [ 435.980236][T13189] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.986207][T13189] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 435.994090][T13189] ? memcg_check_events+0x74/0xf20 [ 435.999698][T13189] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 436.006088][T13189] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 436.012677][T13189] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 436.020152][T13189] do_wp_page+0x1e8c/0x37f0 [ 436.025060][T13189] ? kmsan_internal_set_origin+0x6a/0xb0 [ 436.031353][T13189] handle_mm_fault+0x46e3/0x9f70 [ 436.037961][T13189] do_user_addr_fault+0x905/0x1510 [ 436.044483][T13189] __do_page_fault+0x1a2/0x410 [ 436.049841][T13189] do_page_fault+0xbb/0x500 [ 436.054673][T13189] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 436.061786][T13189] page_fault+0x4e/0x60 [ 436.066971][T13189] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 436.074584][T13189] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 436.096485][T13189] RSP: 0018:ffff88818ca2f778 EFLAGS: 00010206 [ 436.103638][T13189] RAX: ffffffff8496408c RBX: ffff8881b58f4628 RCX: 0000000000001000 [ 436.113575][T13189] RDX: 0000000000001000 RSI: ffff888061219000 RDI: 0000000020002300 [ 436.124264][T13189] RBP: ffff88818ca2f7e8 R08: 0000000000000000 R09: 0000000000000000 [ 436.133190][T13189] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 436.145180][T13189] R13: ffff888061219000 R14: ffff88818ca2f780 R15: 0000000020002300 [ 436.156241][T13189] ? copyout+0xcc/0x1f0 [ 436.161305][T13189] ? copyout+0x113/0x1f0 [ 436.166455][T13189] copy_page_to_iter+0x6dc/0x1910 [ 436.174266][T13189] generic_file_read_iter+0x2979/0x3e70 [ 436.181920][T13189] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 436.188819][T13189] ? find_get_pages_range_tag+0xe60/0xe60 [ 436.195297][T13189] do_iter_readv_writev+0xa16/0xc30 [ 436.201917][T13189] ? find_get_pages_range_tag+0xe60/0xe60 [ 436.209080][T13189] do_iter_read+0x30b/0xe10 [ 436.214130][T13189] ? import_iovec+0x4ad/0x660 [ 436.220815][T13189] do_readv+0x37f/0x710 [ 436.227288][T13189] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 436.234650][T13189] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 436.241956][T13189] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 436.248911][T13189] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 436.255704][T13189] __se_sys_readv+0x9b/0xb0 [ 436.260270][T13189] __x64_sys_readv+0x4a/0x70 [ 436.265278][T13189] do_syscall_64+0xb6/0x160 [ 436.271038][T13189] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 436.277933][T13189] RIP: 0033:0x459a59 [ 436.281885][T13189] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 436.306015][T13189] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 436.316249][T13189] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 436.327353][T13189] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 436.342894][T13189] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 436.351408][T13189] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 436.360897][T13189] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:11 executing program 1: creat(&(0x7f0000000000)='./bus\x00', 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) close(r0) r1 = socket$netlink(0x10, 0x3, 0xa) connect$netlink(r1, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x14800008}, 0xc) r2 = open(&(0x7f00000000c0)='./bus\x00', 0x2, 0x0) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x2) ftruncate(r3, 0x208200) sendfile(r0, r2, 0x0, 0x80000000001d) 14:23:11 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000080)=0x4) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="d80000001000050700"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32, @ANYBLOB="0c000200aaaaaaaaaaaa0000a40012001000010069703665727370616e00000090000200140006000000000000000000000000000000000014000700fe88000000000000000000000000000114000700fe80000000000000000000000000002314000700fe880000000000000000000000000001080013000100000004001200080010004e22000008001800030000000800020081000000080011004e1d0000080010004e220000080009000100e1a23be0644f40bd77603d6fc7512fa75597eeaa9e4f240f97a7fa363c10c4232d6943672f299d5aa5dc5c51345f6da897336ecb3d3f40e021d4cabc44dd2f303958b962229b8721916e75c60197f6b03bb82da10700002b7ee2b9e6e0f88e7c755cce6d79cf0864971dfca6502d66701377f4734f763ff88cdad8cda60d788b40330f22a0b02bc8917f852429a231e4866913"], 0xd8}}, 0x0) 14:23:11 executing program 0: syz_emit_ethernet(0x56, &(0x7f0000000100)={@local, @empty, [], {@canfd={0xd, {{0x0, 0x1, 0x1, 0x1}, 0x29, 0x6, 0x0, 0x0, "8c0515d4873d9ca5696a26599eb506d7897e1304c18e1e8a4c291a4407525c6b0f1ac86f1da6f322894ddbff4e1f6cc741717cc2b39ad264d2e9d5ccabffe6ee"}}}}, 0x0) creat(&(0x7f0000000180)='./file0\x00', 0x8) openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x1, 0x0) write(0xffffffffffffffff, &(0x7f00000000c0)="44c947f1c5dfb15096cbd1bc11b676cfb1ad3042b7faa4", 0x17) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) syz_open_dev$sndpcmc(&(0x7f00000001c0)='/dev/snd/pcmC#D#c\x00', 0x1f, 0x102042) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VHOST_GET_VRING_ENDIAN(r0, 0x4008af14, &(0x7f0000000040)={0x0, 0x9}) [ 436.622938][ T3380] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 436.669187][T13198] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. 14:23:11 executing program 4: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000000)=[0x5, 0x3f]) syz_usb_connect(0x1, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x16, 0x96, 0xd5, 0x2008, 0xc72, 0xc, 0xcf68, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xdc, 0x0, 0x1, 0x3c, 0x4e, 0xe1, 0x0, [], [{{0x7, 0x5, 0x8}}]}}]}}]}}, 0x0) r1 = getpid() rt_tgsigqueueinfo(r1, r1, 0x16, &(0x7f0000000000)) ptrace(0x10, r1) ptrace$getregset(0x4204, r1, 0x2, &(0x7f0000000100)={&(0x7f0000001300)=""/4096, 0x1000}) r2 = syz_open_procfs(r1, &(0x7f00000000c0)='smaps_rollup\x00') r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000054c0)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff00000000080001007366710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef6700"/96], 0x74}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000002c00010700"/20, @ANYRES32=r7, @ANYBLOB="00020000005055efa5aaf50200080400000010ddff0700050683e86f85c964db69e602001a000000"], 0x44}}, 0x0) r8 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r8, 0x80006040045010, &(0x7f0000000140)=0x3) r9 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) recvfrom(r9, &(0x7f0000003f80)=""/59, 0x3b, 0x8102, 0x0, 0x0) accept4$packet(r8, &(0x7f0000001840)={0x11, 0x0, 0x0}, &(0x7f0000001880)=0x14, 0x80000) accept4$packet(0xffffffffffffffff, &(0x7f0000003e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000003ec0)=0x14, 0x7ffbcee82ecaa4f8) sendmmsg$sock(r2, &(0x7f0000004ec0)=[{{&(0x7f0000000180)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x1, 0x1, 0x4}}, 0x80, &(0x7f00000014c0)=[{&(0x7f0000000200)="fcdacb12a41620ffbf0f201ef9932b71b18cc8383ec7667dea509b47952c732a4f7c2cb3b44c5ef895e1b7a51f1abf1b6d41991c4ede3282e4f9297118613e8eb5eaa511a553adf5692ea49797c19037d50eabad7346fe13c2eb11e96d76", 0x5e}, {&(0x7f0000000280)="bc32dfe2bd87715cd3c3fc76847b4ca2107fa3a238cb5dcf19bd319ccd722d384a3a26ec1277c0b6e881e12893841d1bf18b0eafe5f378047894fa59f13efebf563a1771406039e21f7a5d53bf3bd9e9ca915610aeb06aa230a0b9fe11cc4271d515edf5b3b8a1985eeacbd140a9efcdcbce4947bddc4b38d24a565af814c9ab200594df1d32756b5ca2e0161681f8af8152bdd96cf754ef9a9b7fd1e07399fef81c36f10e898e162efc879ba420c0041333a764376f3a99f993e1d338d88c8ba1febfbe6a1f2c6ca1625dc48b9c54318f976d0faa6c7e70b9c7eca885069a762e65ef1ba5b6fa066416913701a8b7f7502e4c882f48457561462722f61262212a196e10c063a44e22e3b6776e453c189682939dd201e21e93a5f54c9a0f01393b96228dbc608e8acb929b8c860a0773e5888939fe76d7970ff5a9d6c13aec5f17cdb29e058fcb1d040a7494e3858b9169a93be64811938b1a4819a9ce1797645d18509358e66c77bf8b27c4ab3eb5a4760705eb907f7036b64b3c7ea271bbacc6383c3e7e4985cc55e6358acc9a440050e4f52c189fe05dc0f0942d2a2a2adcf4fc184190c7f8ecb362a784bf64dd2fee58a385b3f465bf63138897f9d8ca29c20f18eaf660f673f1efa11294199df6d4ed257a9fc072e3bab0277c9120f0642e6569c996d70f8c907f19bfbe5b129cc8ec93eb55ba49912f127ebaa45fa492c262d262a92f0755957f40ba4e68c3efea635836773e4ef5ea6978e2eb9995b9444a37dffcca97c4d539c50f0bb57c42d258e401bf3f4588b33cabfcca15c0f119f62edce7f3df063ca78c6b66f80ffa0bc540f89c1852b62eee77ea89638848c4488bf96dba6e674f16bf9d241ab9a8e400bb895fb5b68634f027f437d97700df9df41762513558b79774d003bf8cad38d4e82132f64dfd614f4026c9ca5a9a3a6755358c518100d71d4353690413f56d4b0cc7f1fb6a288c6d60b95002d6b345dc4d573d548cc4aa2ee5c840e9a696f80c57d6c64298c8be474a99265ec5bdfb68cd43ad142bce859bc63dfd89d071b7eb3ed6c0eac6a9280f50f932585a0bb8fedda174e4d1788eb7ae23db6464b8c669c709d2e4c901e877537993daf365eda922c256a3abf058472d047f3fca2451b259e14c7a3b508bc2e24a15a62caaa8c27489b8ba45aa9f4573aca5810c1020657f5e252d69404d63ca837dc9193a1479d5015c4167749ae565e630c67b1fca58e55efa4fd8010d44635aac2653f53e068e77eaee3f8118cf7dadff3e4c5c8968d7f38d3ae8454e616d350aef1fa47aeb73edb1fd145107d5e424ab545cc343754d9e4720dd9c48f0c6116b0068710dbedf65ae5e7229b3b4310cf706a64cbb4ac7ded7ad8b420fe6ad873afc966ccf344ad51f4b0feeaff3d116346b5f16a1f195e5e28d72ebbe1ac9f1672866c56dcf2dcf9db9d7790bcf94105e108748645c849195d9a3348b174ea7fca58e27c8de53bd6ac857baf18a8ae89330d0c8521323c182c88665a07fc4be256fa3f98abb7bf0b95b06cbd0a482a1a52842f4963badca44014c75bc1d00180c4a13cf72f2c7298d2d82ffc08d1d18eb41b9039d6caf4c3fab3751de12c85080c57fc0690237e1289213ae3bd2536e102869264e22074db73076f3bdc3cc47c3bf306653b745bfe66c4025eddaccd42e19ea2a69bbe3100604b4423f7fbf6d87349c210bcf6ebb58b5872db3088deb2c25a84c71c8483f1a64e5a61adba869e56f0685eab0612a2f0c0643da84b6b047c7a9ce41b7567dcc6c49703ef0199ae18e06997ef7272137648e4a09026d32f67b1dd4107a971fca08e263e66b88e41234c3cd25b2b4c1e6229d4d6370df8f90a23c87331fb41a00039115013b23b04659edcc312056d1d6ad960c0067bdc148f5e05ae5c8913cdb7f052eda219eb4f90034fbf374dd21ae157ada2c6b40db7d7102d93839fc9a0d572e6b771406b0f2dfa6a7adbf2e05f0ea9b8f980b1747904aead172c3e3845b63e39e701e1c69143cd311e8c3acbf08fcda1639317071c9d0cf50cbd3156aec4fad8e88b75e4a9e4853fea43fbc40526d784e28a566f03403536779f02d690a30b7947216623a11801be652ff40332d5ae5fd769789a8a732cb8feec1a3ef65185254a448b9c0a0666b24b9b4a4087be0bd51452214c5ef3e514a0fcc956e411500d63bd013d9325eec2b93efdf457d3c319617187780eab9817f17ec908b6f7165ad3411f81a8b260e0bbb7ef5d3660ff14009d352571ca56f8fbdc606395f49995527c95924eaaeba4e2a12972ff5b2f910fe6e31fdc581499858780673fb524a05f17a123d810c98cbb88cf76662641120f501fc99e1c3a7f9bad181b1ce774f3c0f5cca3cb63444748ceeb39ce0622fb343f2bfc29157316a4d958df0c15471973339497cbbdd9f424393fca3976f4e6e1ba6cf4a8c574bf16a538cfceb89be5661f0f6e6b6b3c3bd69b1d256fb1ddff267c68572637aa669095a4df763a44da3c142df4c67d8981f463380895ca53d3f2f711de8da8a91d5df9dc4ab0c2f23fdd105909cf98c605d197e87ed23c943b4dfc9bb40fedbab5df4db2efaaa62e34c71c0815deff13e6c2f7917c09876b43f31ebc23fe135f54fc312fbc240b07f2f31226e34e6223fee86e5e73d9ded93a25794fb4f9f0882cac9c2316237d716e07c87534332894e6e4a0c3aec9598a0ad76d10aa3dfbd93cbeb6da7f769f37a135b19b143f2ce8fd81911a2585f658450a4cc1e1332978f293d1d2a8e1ce59109d4e1a7b8c2c55325de2bb73c063b2e9e027414c7edbeb7d87c402d09fac6dac6822257c22a32fef9b199597de68719576279388631a08535804d352ebadebc5010832f9aaf368c8e2db51955f43eba87d431b3a91c362964f25c9e6dd90a33c6f78dbbbb302e8835159bdd1718847e4ba338f5c49f4df3d94d47e8921edb5eb5cb4203cdc019c2fe5d340f5b548f6059e3fa68298fbb802c2dd2687cd8eaca5888ebab62a64c59af04681a76a2fd01c45245e85d73376c4fba1b5329539ec4ce726b6e2ead8b3315baa808af9f686d2ef9f4073efcb308665bdb97a95dfa46d5bf6feb96caedc94f49e0410e065b3483e7ae71cee9625d4d9f1f4a01a2f8baab19fdf109c1ece5ba3bd44c204015f5907805df6c390c5dab9de59eb28e50411f1915b196d38589706574a7906d0ce6d0c77fbb3885d22cb9ca334a27f536c429b42db6eeba7515112434ea1590e9920042d046c1f2e1a0d924baa5daa966d5eec01ead6f86bb796df7eeff36dc28784f6cc7d748137c1ff389a197c9a1d7dbdf3c991eac78620a5c8a209ee3affecdc57c50b566486683cb58ab2c7200a233219bc346d00227dac760ae5cc522152afacaa5d386ec3722384dc91326a6c5fbd3c9e2e2e1ead39486cd420977f39652a3972eab6c0959e927f1e8a3b21182b5dfee7b51f72f3b1f37df729b2f1f123a77c081aecccbc03d8d6145a281be868b65a655e257f02850e332875de8ee359b1140154c911144b6af7c6d3783f856f67217cc4911f5887aa8b7d7d1344b2ffeb7f123b99154665174dd0c6c1183e81f42e979c3ae0715ab46cb6c8baa8c7a8668f6d340e886499f522e4ec306fa22f366e2ea88098645067f04dbf6ac15d804d863d5e59b2d3e94f5ad25f7fafcb7eefb71c489017b1175d18de31f7e50ba2f3e58741f504cfd988baac04e58c26c4ede49abeb649dd4f5b080710120b0ba2907524f6c63072b8bcc23fe1b35cf56dc2188866103b4756d37d42ae02cab24119f0bbfa6812eddace2ceb5d42852514b1ee59bfb6c86cc57475c0044f74272dc98d957a5e0b2b0684d0a48ef7419ea6bc2636ce45419246f41f57cbc457fc04addab8eb3558f5c770bff85b0b086b2040d7dae43fa1d45597058841cd6ec6684ef661f0b46c4feeed5844e812f2f9104be26dcb9837f1db59b551e1b726cb86b07f05a47ac1165634a66166d2da24725a065e7dc02d46c03da277b6e031cf0b26c6bc157c215e4f0a464a38e85fd56f81dee156cb921b6aef96955b56506e388b57b2dfc0fd4a7cb3f04d80a14b514e4e36c0e62dac6610ebcbf94d5de42546c90ae906cdd463dae196b264cab8786a9ea2600bef21f809883ba2334f85d48a548e860ce747fd468f6d86cf3810487044d382a6b1fe4393a37026c9984262017c76e9b0243d20a97aff38973449a7593785c2028a7078d77c8fb660d128a44e5356837f2d18c3b5dbc0a08a3630b7b9314c08d709d2824e2454e08fda347d8569c3b281b4d53076d4b59fb372e59a145736bb7163a81e436ce48207ea1426909c43fd5a88443bcab17e0f7a0d9f9f81e125cd3b237d5614895d1c3fe5c633d5866b6b279ed468b1b80475eff665a1262c938b5d24d4a908da77c36d7dab5fc0ee941a7a6c01f732b8b06d566394d2625712e3edb04257fed96ab9082978e3c7cdab6adf7e82365b43d0b829ad00135ba4f7b379af3224cbdb2f562d261838b5f0cc00b9ceb30b37646a8b11d31b04c44170c72624985f5a5f5d9f8eb443c33c65dc1587ab81c7cc4e4f750c55bf174ff61735a009f18c7bb1821f4aa24ffc47de6c7c8842fd393599ac7179bdd6866656dbbc93ba646f97231e7ea354f871c1a9ed4670e9f7bd507b1fa23314ff592f63c383794a219aa4ec94b9ef37aa0353a1fcb1098c9eaea3240163894988cad2c6d30242ac1a9b3fea0949d3d1f9a43d6c9a1102941944c6d481b8274840f684bd614faac9632a0fc73056335ecccdf02c9e843fb974b386611f6fe66066cbaba35c5fb2b25ded50e80aa2148d3f1b92d15cc76eaec6988c953ac19be25deb4dde2c293afcb55273fdbb87a86b7c1b4a12610d2f9afd712f1225583e8d0b87ba94d212dc4bea2dface09b5d1624143801bf44098136f05034aacde40ca0582017326c2432401a2b398479cd2f07b05e05aef1e03746ddc6e1263e6d9f31aaa9afa3e686bba3af6c1614befc10f9250eae4ecd8a3dbb7aaff04a9edb6c39d68c6a52c84086f2d8b50c091d94a7576f0d5a65d73a7a67acb15a4252bee38df033ad963ff3b7a05662b32ea6244a1edc71e394a423f5b6fd067008a93700489a2d58965711ae52657792bc511825bb5d660587fe3048ff9d9feb556e3c918e8e12536d81ff7e7d7c8106ae31749fa870767ffa0a6e806fe289edef784afb41cb10cb8ae97fadbf4eb11e9a17aa752262371a93943b80f65670a78739b8e1e1c9237ddadbe31f444064ba6e582d5d9dccc765ebf5c8ede431cd6ab3b50297644a39aa30fd1f0da6b5dee7df3a507c9bdcd5fbcee0630d56a5ce694407139d313c6bad80e58cd359939a79d68811cf23bc0ab570af8371ec5626b2bfc6db2dc0466925bbc02fd3c3b020a5ca43891fa86c9de92bab43f9a36f9d9a045ae2f099cb6e6ecec0d7d9922f67c97b36fce2e2526d19755fc3238b33b0fd7a464201b28442df9e5ddfc93cb06f3858f3de868865b4cc2dfd66b129276c288ddf82681b4e54a23dbe93d261aaec6937f362b732c4c8311f7d19c86967aec11de7c60d2c559de3b01e34302a23e029818cb5699585a2da6d9a12c0420cbcfa391c8c2e848aae0d2f8d41d2b39653e3adeb6fa4aec1cced661dd77a6b7ca676b16cbe34ca5787fc2be620edcbba404e15d5fed5891d774f77a6e80c762f7e3193f8f9755b4fb9b7bd61902e627ee5aa22bf8eca5ee5de92be52df3caa6c84bdcf5971e2879f6657d79d744114cb03064e", 0x1000}, {&(0x7f0000000100)}, {&(0x7f0000001280)="2969c44165c414e4ca73af4f2978c883d05650dd8413cfa92113d28aeaa0f7d01c60aef71eb659108e08e8d62d8d8c011100fb1a67d3f74ac4bb77563c27c03390ac289b9a44eb", 0x47}, {&(0x7f0000001300)="335f175d14cf07956d845989df3476452187d9d829a9ba7a7739fb7f13052ebcf6d6efa765725f711235b91fcb1add684231e5e99e383188d314eb2d3093e8d3b98dfe04c3de38317f496426b99f784b5242488cea8f350c60d541705382a952e97dfe32c015396e669c55f7ec8355a8260c66a540d68106996790cf55a72fc65fd040a199e90239f654a85a284d19493d6e1bd8936a4d4cf9e28685d2266de4daa06f948263b86ea172237c0f27f315fcb70fae4e04514d9f8a5972e236b7bc50b4404a7ca3782689d2e81aa2fbc404c32ceb064dc3", 0xd6}, {&(0x7f0000001400)="5d3429e238ee28276fbb260ca55002ec8151b151d2e6171ab7f9ea974271c0836d06bdf9aa098a97a5178290e6ee50dcfc5f4b64916cfd60530784fafefbb2d96627c8267a39d1281120a44797777a5250cc2ae6dc8065b9d9b942147fe7bf3435c1edcfc89523aa43e3692b7dd78f689c509c9d69ebdcb13f1563b8900b359730738c93e12c57cdbb5e96e08dcdf3a03237eb5cbcb99db4a1afc2fbf134b7882f05bca5aea13c6e3339bc422387a03aca91b3af7f29bc7cc9", 0xb9}], 0x6, &(0x7f0000001540)=[@mark={{0x14, 0x1, 0x24, 0x7}}, @mark={{0x14, 0x1, 0x24, 0xe63}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x9}}, @mark={{0x14, 0x1, 0x24, 0x8}}, @txtime={{0x18, 0x1, 0x3d, 0x8179}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}], 0xc0}}, {{&(0x7f0000001600)=@ll={0x11, 0x1b, r7, 0x1, 0xc9, 0x6, @broadcast}, 0x80, &(0x7f0000001740)=[{&(0x7f0000001680)="57683c1f4743a0e7d3e5495c208181564cfb84c7c788819f8c7b5fdc697d2548746180bc17d87996ca170722011412e2932d0d34461d518cd43a8185983d90bba3e348712d60af57482bde302b4f8ea07dc15c729c4f9b2cea9d20e0a4a44938ceea4e5dec7f5fbc947aec34163b05da165efbeb2d0c987d79a2a7b2001bcd90776c07933d9b7e188c73d93215841055aae4047f77bf35c94928fd6355", 0x9d}], 0x1, &(0x7f0000001780)=[@txtime={{0x18, 0x1, 0x3d, 0xfffffffffffffffe}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @mark={{0x14, 0x1, 0x24, 0x7ff}}, @timestamping={{0x14}}, @timestamping={{0x14}}], 0x78}}, {{&(0x7f00000018c0)=@ll={0x11, 0xf7, r10, 0x1, 0x1, 0x6, @dev={[], 0x1f}}, 0x80, &(0x7f00000019c0)=[{&(0x7f0000001940)="b5ce80995e32d66d1bde587123c0ed91d52391582e550527a3ee7d10e0750d76aecf12fa4783dfb6436ebd7612da81f71ca4c69aec0290d64406a6ff8a86064fd7889325af93875369e7109b3b0b7595dc6785122f831b483c7295d213a1feb3873e1ada7c30a5687411d002", 0x6c}], 0x1, &(0x7f0000001a00)=[@timestamping={{0x14, 0x1, 0x25, 0x4}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}], 0x30}}, {{&(0x7f0000001a40)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x2, {0xa, 0x4e20, 0x6, @ipv4={[], [], @broadcast}, 0x7fff}}}, 0x80, &(0x7f0000002c00)=[{&(0x7f0000001ac0)="0697fff8e1dd7986dbae902e8a2d24fc2ba10da21072cb5bb4a127b455cd7bf088ad443773ffd8b5e6d621767a5fe9163c6db85973582abd639caf65dc95db9a8402aebd81080d8f7c8e30117c493c734cc0c8b9f7c297a00c5cf91a81e9252690", 0x61}, {&(0x7f0000001b40)="f520991770d53722a0d9a02b311090ea7c0f0a432776eba31d6adfc579d76a50479f3a216cbc083ecf4988d1681a09f0d2a803b9773c070be2a59383b7fafc11dc4713f8edcd8a8cd84944d4b4c2b794c86e3023ad92be967a76444b61d51298b3dd958bbebbdffaa4a52a54bf810fe8795b05c9a3f7ffb59307d42f1207c87d3c9d690577cc62b302336cda275a6e7ddedfb3db8f13ca7088f5a798e3ce24c67805a8fcf8c46c555bb6a95294482670e15f84938436cabf791a2fcd4f5326ee5cb1bc0f6efba4013950e0f3121099f202f845dd952c81927543d8ae09b66c4039ac5f4c0cdf90c9e3124c4ea2dbe29292a8454e80eabd41b045244f90405ee30397aab6ec75908b0841e123028ecd45fccd33a109931cf85ec7a3c369e0da1fedd57e174c6ca822479a3c563bf34c4d7b8f8b94f8f5714404b65c2207a08f64b08dff0f4005c474c0b0252ce1ead06a2cbb9f841caebb1c61fcda9c020ac7de38b6eb410323a0344449893f92e5b5c8db219b0b9d983dd617486cc440c112e52c7f0104542afd4f8c1c9afadea68f1be724ad04408241f88f69b87e09ab76b6ba517585ef30117ef8c60f821413748c3a89d5ab70275e3ef303d64cc9b14e00be70befb86fcaed6ba109cb132b265c41cbc0197e200c4c7d7e142e252f1b28c6c9b9fde0fda1652c6bf63a8f2f96c76e2c12f6996ce01664a3e7352e5a1d3c3700b2f20fc1018486fd44150f09de36f56cef35e58132ae559833169d046c64144d5821a772a09965748dddf3022394e781893e1b3fbd284b72335c158e9b1ce56881f07222807ed8e4029a8e3d0598626472e0b6c3a1f455de5d7b6e40478c68ac5d3105a53d05cf502280bad93f443ee42f913b8eec7bd9f230f0217fd35fd67164307c8a6d70d209f1ad5df49b1e48e303979415b35dff4209f51f4dbb76b62fb1c9bd2cb0f1a41d33d6d41c1403e25eb742318adc68cf43c11715827ac276ad0149467502103e31e5795ced899c75cc33962f285b142dd8e40afb9fa30a26185c2786344b3c6fa44bb6a3cc06f906c1f772ef2da4b9f486e58467616bfe47b8abe272e03235c1cf490089b0c11b422f49eb456c7cf92629fa290a3168b3f2113dd615afc146336397744796a39c8398ab21846f9bc7fda30f7e7969d6373fbd7649fc044c4b5960371d79c3b7b43779bd79ff1e06ab732b290bae842b45d1ed1fe1a81fcc528873e09d944b24a7593be66dca3764b2e2499c691ec87b2e2196c5a467f60100e57dc7a4af6644ab08df3ab3cfc39ebdbc37cc122756fae62728d3f797e05d0f6901a4d813cc545e326027f39498ee770161b703f77099f78f4102c7746b8e20bd67e7ba4560eef884906dcb22ca526384b4fe39856e0bdc6465ec88d8cf0d43e5e77891f55481518c60f8a02fba53c4230b3c2c515b27729e1e1a5665e0459436657f16d5aeba3fa6d50362f4f8c411760f2405abae90dd024e0f025b0059e89a3ff50d44309daa8fc22aac0611ec3ec44791bc9352cf7a663d969c2f35d4b833f3dd8e9e0021345352a40fa6ec2aa0ff40a56577870feeb4ea6bbd4b00a28d98c74028057ccb20a2b112f562eabe21eacb8a8da1f0bf48e4a15d9de07ad0da2760279f6b426d62afaac4e0e4152e5c8318d9dd334a732a039acfacd650327791ced25a5f2cff6d5a9a199abb39e4a2ddc67d03286b58bd0a8fa12da8c1aeadc733e271dd36c4c8ebaee23e5660d76812fe58192a18b0b579f8d0da45803b247d76624c2e208c54bf680d709e9c1d0c95efec97dfb0cb47813e3aa5dce0bbf7e156d20048655f19c145505be1425904e8078c9499407120ecb82e49d7f718f2535b8880f3254b069945e43e3ab62477c18e3ae09ce74ab3c2ebf9b0e0415e5be3000e3588aa4bc63c5db075b9d3efd93f197844f00a0e68fd0f3516ffe921ec7038412f1638a2520e0ed5a129c7f9c8b782e04a696e30cd31d09738953430f185823fc224458d42d19fd2e20d7c42de7d26dea0f941799d1015f4c0f5206077bcca3643a0eafeaaa3b104cecadcfbb592baca70ee7a72c14a6a7bb1aa879c6d16ce54115e4d02a1e8f0fd6b650d7490f7539d013a5854f66fa1534a345771cce5da93077f6ec3b984a4ac90add43df76c399889a32906a37d835fa550eb9b761e3ac7f064341efdb7a931df4ebb57bd69986ad980d26cde6ad41cd4b76f63066ccfc1c1f57848f5c14a7351142a6a9db751850deefef1af7c75ceccfd47fa0a6f4a1030352e48c724bb9c197b341571571f3c6f80b02cd9e456b41665ff68263ebe204df3aa39b54e00622a1fb3fa97eba44decdda705b4901d1120b183b093f8ac90248af718b09f6c7c9d4a8172f539174ed324e3bff380783c0217e23476c25ab57ca11a85dcffb425abad1fd16fb8522faddaa0c9b3951f7e5fcf6d6a947ce2e2cffda99b15825d6feeac68a98728a14bf6020d95f753468eedd635e7ac011ee3084397bb04a13492376f52a3f4e5bfb7d641f298c754545182e0e04bdfb64e93e7b6a286514d871e1adf359e794c9b4de05bbce1198d58c6da90fd692ef14c1a480055ab488d4d1263459ec78604b4d8fbeab63db2ee9224b8e15f4ed81419adb32e7b43b10779f65d691a549ffa4bd1ffe10065c9f56f61690a273bf6d8392f74c4efc9fe2f44a29568bef4402dbb42c98e64db266d7c5a3a1128b65df36425311218bdaefa845b5bd6d5fb7212338d2d1bc5badbac891d5cee98ed5605475cc77d60b9fc5130fde5e5f7bb73903aafa576bf8372dc24db1584df0c41a8098135e67cf2d7c26ab0a817c93612275d2d5c3e2e66ccf61985f522ed5a3f196873604b9f50778736288c6a290464d2efbfdc49cd34db1a95f58767dfda60bf1bf358b1409d4c8859131c6fec95ee8a70cf72622963c0cbc948c8927b92a54790ac9c3d5e6eda1a8ac42bd8158e50828e4d4490655c0af9e09746bab76bbd60a7cc586aae6fc2679b22c29d2f46bb01bca340dc352eb144671f4739049062dac23c4623fffe2d73273eb01451e4959f3312b04731ce24c23c296a04cbc5511fef8d4841d76a9c60d0cd6e548bc66daf7872142013b82a24b9514893d0e05abc3263c24b649cdf9738a29891041a447541a6ed77aa4a9e53055753e54e2dfa21c088935fb064c1733e5eead98f66f7e5e5f65eecfc3192f4d39b722bc85d3ecec781b84346eef63972b6d08695d29346583b9853fb82d0efb338306e9e9fc6bf885c60f6cf9a249f4031a297394f92c2deb9ce098af4225c06b8d289ca8112c17d40bd2bfd3ef62e2ba7f5213c02cb569396bea9c355b2109968aa61cfb18f7f659690ec5b69fd3f9c1806a96eac416d187e1e4af375c416b91e13b2e8fefcf9a5a459e362966c485281fe8cc77ddd0e18a297f305198b764a01cfad7d70d5e1a97b2315e28a5b71d49f6f08dc51da15f8db77fe7f8a492e9589aecda353da874d3ba08f73c4cfa41b06ba52f870daa69e2244c2b13e923ef891acbfdd0ae27d94b66bcd419869e2f59ab012e99e4bb5749a17082ad6c23dcd6870038fdd5a6c0b2708779a9b2c27402f6248274a7f724be4ad8dfe228b8f46cfa57963fbe7daa32fb9090df7d401dda91e381a0230016f2dd3107a4276596a65b671a37ae7ac5414a04b0c62b69d0cbed0abcfecb87ffec97edb92ca351fb410cad27b6b1c23c9f3d24e0a3adce84915c2c37624847f3f41d06e1126849325137fd683df5b5d50713f5ee8300e1d39c57df048c7897db918068357235225812b147a2f7cc56daab4eff661ef24063a75e9e53bde03643efe1b9861fd843c092b5a166489b271e24136266e41f1e4515826ce045e55972a8e17d5be350926b3624fbee35b4b9ce2d44644c0dea1c97db8b5fe94729a2590550dad9b665aa60c6faf7be84abe3b32bcdbee62b74792fb3bccfbc9ed7cd2de2f571c2fc4cfd57898c3432881f6a1d60e30121addb9b421ef60a993a861297180a75353ac4ae959218e6c661434009a027d83853bb5a4b8553f45e89b60cd92b2f19c7c9f579a288edaa8f8feab7001a71cc5ba88f3a7c684a760b50eb1746f6257ddd0db2a9020898461634ce40ccb9048a00845b5d4c4d7aab91616923a172e8aca531a9c04d61c5f38816b98f6ce763403c24d517ddd864c507ceac35904596eb34c140fbd7ed4d7a996cb4d68fadfea66f25f2d10440fd4c8c2b5e6daeff09c399c2258aaf2650b0fcd01580b4b84717a6c1a7d6bb8b1ef173cc069544f7ad75b5e4c54ebcb3d56337f7a5443a0c36af037e6d83f357b787bddb250a716babb5b78bbe5dd2ca9f9704fa464ba1e8eaecae0ef68eaec22ebbbb4032884d42ac0f140bd1cb255ce9f4da4762605efed5de8fbcd9f40841944680aa1c9b89aa10a986a4779831d2858bf1332f77bf4ab2a9c27a8b6a7c99ac701e37860f764bf351ae846184a776c0e0b5c9cd95494187b55c5b4ecf8394ec1ae63a35e433a9eb0b2e27eaf203a8b495e340db2e65eb779872d19b7a8b3a6b81f2539db97b03d41c6cdf76d058ea858b7cb990e9d5cd6a768fe190c48d341a84dce2b3a7cbadb3e0b9d86f25223c3e658982e03474c2f5f7479aa4f8270606553d7468f11134207c8adbe400e86cd2c0e83f23e04093f61393a72528f51a522920172ee9341bc5bccedbc12e16a8f81dcf5802442f85cd1199d6a9047354377fdcea54b9f4836645cffea161c4d2be1df16ffa00b592a6f91cfe2768a6b0bcd33b04eabb65aed8ae94f56639ba023952ca2b8ecfc75769f6d5fb1ea74beea2422ac8015d59b4bb74a50f77e3f309cedff93da2a46f5a4c15fe8920a3a29d81591b3cdc64ae53b7bcf02009e4629c7ab27b2a7a3e845b82245fea823577569d121e994cb55a95043e61684a3d0279e5fa10dc0a9ed3eccf30c5fb19f239a36190dc68d0d7e0fa4a4783418b93cd267a30b9ab238061cf38b3641535bc729de8d0c7f2a582a65c6e9a29f05bf15aecfa8e6bf603d4d875745ca15ff2c2d84c32d98e9574b326d67e2bd5d3a3fd164394eb95d5eebd9632c234e2c1adc66e13f585482ec5b144384867d3bf61582bc4043350f26a08713b9a0c0777d55cece2c332e9f7053ff862075cdde24de31c7c13f4cbe14924c79b5ddb2d02785a91718af62df035ff3b720c20829458f071ea85a63d7114a34544a16a839b9d25a522c48a1f2bc6efe61c696020cf5545008c915ba17d9c3a6283324679c9151125f6e3fa5d97c604e8940508c8d682b407fde18e464e100cff0c3ec7b9edd2c7d7aeea033197eb80e9c73d7eb5277fc069f983165aaafe191867b0a7a2d2100e27b940616aee8f57294ddb67db4e0738652732cb10a3210b6e1ef4e06bc46ae62cc56eece109af7ed8ad92e13b172f4bac5ed8af921f7f4981904c0d0c6698313130c871ce497dba6b49127b0d51e7cf03ad797e0729623a733930900178b8895f321a42a7b8e37c3d91b825e8ec77bdc9bfa3ac710dd846d2ef759b04030a42fe6ea5340cf9ca7e3f8d582cb7ef308f03898f5a4e303565840884a6f72b98cc45a86a6291922a0826ab8a706825fd61f8643fb6fa1a2c7c828d15865f4738fbf6bc60cd608b3902e93b31c73be003d0145e49ae26eb678d5b528bdb03e67dcea3a9400b5748ac6ac0bb81e4d730d0c5d0a68de341d43b5bda35dc3c08d5ca225eea539e53360fac6dd024a0c8acb673aba16cbb8be42c14b2ac713a525e847f8e023951655d587ba0735d5648b6026c", 0x1000}, {&(0x7f0000002b40)="7fc9eba7836ba7de58dc540a68ee0deeb51763f65f43cbd8d04f98f96557ab61811cf2c9df8aa3fd7790420e5a6dec7d4070adac0996e1d45a815c6a127659c08639aa8dbbf1b2ed5984dbae500afc983242e6c0fe1c501a4b6fa8002186925a3b0afab760b001c13bed64b59fa3f80ed88814e1799ecd6f58665984c49049dcbb54fb9a9b44c1b891e73e81ea44bc9629adff5925de8aeaf368ac2b54780ab02baeaaaf019d46175ec9b43a94429e55779f5ceaa2ff68720e6f5cd7efb928", 0xbf}], 0x3, &(0x7f0000002c40)=[@txtime={{0x18}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @mark={{0x14, 0x1, 0x24, 0xfff}}, @txtime={{0x18, 0x1, 0x3d, 0x10000}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}], 0x78}}, {{&(0x7f0000002cc0)=@isdn={0x22, 0xf5, 0xb, 0x7, 0x8}, 0x80, &(0x7f0000003dc0)=[{&(0x7f0000002d40)="90809f76695887de3a16441a7dd91b4a15f116b56c904aa926937f5c1574627224495f167c0fc6f4737ba25fa7201f970ccc6fac49f32c650bd9c6987a7381a0b78de392b81a288bc23f1eeb4396d7e446a28fe829656984932971b4275aaee3ab2b52c130418f695e27b108d932524e04288487b422a9c37dcf8cd534b94c1c761602eb4e55b3cf5d70d01ee2e4f6ab8c83743778d82dfce6a17d5ffb4ba9e868083686452b145425eef773ef29c21e3ebc257828ef8ef673cf4dfa443e1ed1f8a3a7d4c16faa840f6a3a08291c98248ae10fa774119d38d28e297dd64edb274b2ac73b8345b08ecaf443445910870ebda78055f15aad6166537d6eadd13bb33cc2b5badf44673592b8218ea3b635bc7ce8c84ce02a1409c2114615e04d80a92e56c5521046c627e52e684a7e735fb61177806ec2eae0ea953b2759d352c28b5398b19bc0fb9f9e9f5d374a170975bbf21deb3c0e588d85e20af62058a4a897630f8e376c950d47dc707e7b1c16689c98c38f4821730d673aadbfaa6e30ddb4cf211b4e663fc6a73b0e119a2fa2a6c95de7c3aef5e5378729decc3a31593db731c52e01f3698a1b566a7c2caf0647421aabeef784627c2e9f9597f89575bc1c5948b7ddd8d8f1503161340399e7362daa81b7894d5f3d1adc75c3bfccba6674dfdfddaa43b8d256cab9ccab671a0a7151f929216162cf9a8132a16f98d11a383a6b5130568fa1c5bf3008b803ef6f902adb1fa05ddfadda430215f97d5dde863af953b33e8f8c390d42869d8bc8e3b0573d5e8974898a5b23f18b82142c63a5ab2d67f1e0f289f888ff18e4353ce15f55a6ea9ab16ab354d9b0324ad6947a063b929354949636c89b262574fa73eebd897ac4fac8b73e33da5bcc93ef7f888de6f8d90b58e86880e2dc0d66cb8dc8ea803ecd644193a4d18001a78c0eb0435e57407a7bc81d70f9c747ca10d1093e8359c0ae58665dee1e44c71ea4875de9f36e6c6d1e3814cbda56509d702ae7c3c145ded06cff829c6f1fbe3668bde504ad44ac6c06de012e9a8aac94a6a3c365f2f85417558270b4b8f74819c8f61002737a877f6f4c75b7f58979a690985bef59f55fe47920e58514940d2a4cf622c16833d2b0e00f0863bc447e0b3e15168169674aa0c8c5dcc75ec836bf5ceb67ef2edb1f79e2cf251754506736e4939c3b204d2c82584b8e53f04b066ec6b670ef1e220a61c9de189f460cfb3fd5000c50f6ee03de747fa89ff9dae23b06c27a1d1d134fccd5418ede246143a54b064f35990466679cf639d3fdbb0a36e0b98d191b8231da8e60e132442fb84cbe96836c357b427d88d356a25304bd6822b479a0a193e8f81bed73a4ca8ec3433bbaeff982b7fdb58e92457b068815fb0ba0079b93e2602c36abc62ad77d3059650b63af6295075b62eb1588587957e7c500e07a96b827550bbf0d8b0a237474c8ce3e531d1e697f03d1c9a4578a20713b06557849a2ac3cbd521235b775c811c3342d506ce9eb5bfe404c223f31083dd7f87c8a614845f4e3809732921894e22777f6d841270440da449ec09987f2d6ceb6aed4768c9f5dd9e8ec53132053be71b626011afa41aabea88bf2e34821f4bd32df928aef41b71c030be2ac3b607fc7cea52b745a71d9415fcbea0216edc6ba786af5e1c66b57488e80315bfdd3ee6b1d9aed6fc26ccb8bf813350bf4610222521089a7c70e97111e0a1e3e792a316396a3362a1c58e2c0d22ca67f265b5633bb437ddf7b90090e77fac65ee2957cc69969f11bd1b0c56ec94f98aad924bd67164ec107a20f8324805c0f4f9f4467b8ce3e64d357667fbc68ad2bd0d24218fb25b731c1898b87b7189da3faa728919b22ca16be2772193c40ef815575ac31cea939db941956f23aff6fe7acecc6afe09b5d6f83b5609a775434502ada315cd8387a6a53c9a6748d50fc9449122d826f2aa508c9d671197dbf6e01e8204aa0b594778e35ecaa22bac60c483761535f0ad3b448fad58f097cf8cb6aaae3fbbc6b2ebed30693d354a86776203a694cd15957b48b420e49c4a3d7e1707c616b9aa5dc0db80f7a2336aaa4985942063437032ea30677aba58316babe04f820b530f3deb4c0497ae92d234fb15108c2cca75d82f1dc8146e22cff474af8816819753554b384744dac3e254ffb94c76225e353ea82833d491f98567a23af130d08671b316fe0f7bb4f816d300c78ba93167dd3eb1f3ae9bf3f1a1afd93a32c10a33432a3be5df91f54a9c4036ac7fe86ce113c32599b709b74b8dd4f87c76104d38bb0c115f327aa0b6b5a85df3f749f4ef92b168b9789bc48aa4556f4531f6a836889c5a2eeaa76132e6c8ff52576b0310ed5e2e4e4782147a86207e84b79409e2b58865d15913fc9738a142b5d823fc522346207fffb0bd4ad99472710a72c401b87082b2a17e16b23ad8f2af490d020dd50cbdd27b35024e2de35977ba164fbf169e2c12ef5b962c286219d6a40599f7cff9809281abb532a8cef39b367f588871fc877d2a3ed9d2bba7f78a5f555578493d0412346e0183737388407882965483663732a4b4ce131b6619961293d3f6cfebe679afc4f9e10549ad68c9e16ea49391668ffb579c84d9115c4f286c18c69ce9b95da2fa9e4c273149c15a0234335288bf4603e801e98393a5ed767a56b8b5aee25e84a8d2ac7d307b1b012b6b84a1ee3484d20154400c2e3faeffb47fc1f8b53db61151d8f506f5b114a9b22e100b70ebe78fdce1381a7d2ee95373fef7ec6b5f5e1cbf1da41c7bf655537b49c9e5aaecc5ac8a27f61fd95db7122d5afb0452d10f50089fbe9e21c911314db70d571c75a12145d73dfa8ea7dcedcf5c405c41d2bbb0385c3dfba518c484e3b160aabbd6c10bcee10fc91030f741db4c7e2ded353bae0edb240029cf0f50761effc61a089509d6a16c2dccf92c70ebd606976d96aebd5f1cff7ec75669181de6e334ab27fb115e67dc25f05ebdf4e6bbd47cc2af3e94597a6c894db0e455b9f37c2be811f0927dbe80a116fa86477c5069720ab0f32aa5e1875135ce972e56f0d87bdcacf1da49a0f98f7e0806c4328348b353e1d310c5f2f5efe568626ff9e7c2ec24ab1d4806ac65353d9220fd06a341e3310aa2e137287f1d12f9950990bcba03fdba91d8bd65d34c6a7fed9f486aec7b5e6455517114cc5b8f2e8fadca63d3975e81bbb6b13b86779d74208c346ea46b855acd2335b05d6e69136f70e7a201c8c2233bdfacdf94df3e5af0e87145e4a6cb2bd671b909ba943b913b7a15dcf4eea0afd6b9c4b1060d02d9081c5273f3fc83fc83ca1c14cf5f8734b332b09aec94b370860a437b3561989e0a6eb215b6dcb54db996d68100ab199b953d4d7f3dd1043fc96d7e2c361470d81039bb224ca93ffa466ea401320429676318ddd0d3cfb94d55a7e8b8fcfd7acbd12af24db0b462565cc6c43aa6333ce6c1f822e716da19d3dd3abd4adc174c2490de88c084ac95725e07e642c3968f0eec233149f5daa2771e8ae320bc02b300701f60597268e65c4f3aab69e303c7757108facd0cdabfd33666a5b110fa8b2e1e342d8c5c98d514931d8fa6327c38a22dd2ba547a25476ceaaa147ddada8d4276e37fef9e6d18103feaed40ec00c583ae7c324b2b9f8390d86099bf2993e1f2a368c510e157cfafffdf49735f37c6140a55c36fdb1072252dc9a15a0f5e076412729ef0f73e777f30ce568166da8a6d12ee2012c062b386497877d64a20dc10dd6079bb9d1b063fddd848a22c5fd380389658baf856b1c5041d10102eff0d45d84eeed468416657faa4b4e837c443d3e3ff01d5726bec5d67ab2ea050a691fadbb8a40763d979487826b529c429d8208a4ac1f4ec6cce9614dbb666e3ea81154668839abc008b95a1b46c6a71f1c14a2ec71038c54f15e82698dba4e9611bce39b39c338050bc82f3fc69aba0f662fd9e081bf0687133e26ca9b9f4eb700e59af24760c47ab3ffa5e11c2838afdd4225c07a039e38c27a9e8fd50c09d5680b322f6d71eb67a03e8e25975660aa8c261a06dcc98a83fe98b56a11acfeaecbbe6a04eb477db507b3f58638a0eb8787176d50a2490b9b951b34edd9deb50a5257b55942404b99b9e8a080272326a85b2178ae34d7eaa3dbaece9a2995eaf3f28db9c9b1a5ca77c53359f2031ef6fb623b08898e9db792bc1fc524e1fea49d0524e329614c8b237a995f44e3c3f4b7a3227282927d1d8681942b5e642eb3e44f1f86a356d0eae1c671504b8dce86b1d41f42e1439676a654dd13d8a6d6957ecbda2752114d0fd379562aeeac371e81657edb66caaa31d9a3489bdb14735b2fd1af3cc16c8a09d0df391ea42fc8d8b6a7efa8cd06e7bd6ea224e7531427e963dfe5431bc511292d9d866e4946733c454dc01cc1dc3e3f9665d3a4f980a866085c6d0a5ddea19317d448c98e6474d3c138ed9c95a932e9d12bd55e96cd164d945bae85a54f9b30dd1d991ae3c2e89fc2638d3e787df5fa44d2c76ea91b1abd65c78657040042ed669edaacc3315e886755333316ffae56d29a1710f307a413d771a46232789d109f09af2bab8cf86c4c43d753c52b8d52b65bdf30e7c147660278b1f87a1d4b4fcee97f72b0e987f3b11c52a8ec2e065656fe16b3214c90be768632a431cf891a8d0cd3875f262a52dabc0a1a18706873cd9950d0dcd9b14187a0133966a640e8c96e2aca062eb1b5f9b1da53e8e0bb50d6b94086d90b9e0681c8fb553107b2a7c527fc3f2e1abb46067882d2b51e52661b8b1ff0fb04940a4e02315c558514444a5f95136a933bb8cd37354e8b1ce429a755fb12652db32bd4a7d2e0e4f56dad9cd1d1b67abf06c52bd6806f00a8eed4f257bc29efefcbbe08cd95bdacea695d9a8261ec06007cc4498be28c34ce8ac5ebfe5344bd70300d5426bf371e5d7d635d86909e4893f22b9beedff5057b8339a6ba3d9c058a4202bfa4f830950676270c9efb60580be8f0c124f05f2d5207ef2a7cb8199c45d37be63fd51b5991f97e1b895808b63f438b20b28fbb32cf861cd6acd1f7695dcbc758fe9f347b64fb8cee66f994b4a0cd68e5a91395cce3c4c66a5d9a892f35e1950518387daab9cb9d16470a8c13a8924fdaa10adc99c77d59fba23bd5e605b03a12e1a0d4e3022e26df71b60e9c3322166fccdd982600b7eee793fb7127deef6a8a7c74f7bb1625b508e0749f412e0669d2c450a0e7ccb2dc4fc1b924cba2a969a5101a9c3411d21c7179c6066f632c110cc8ea5799eb29ffc26e265b6cae678521b7963f6ad561a29a34c8e2a93244f24541c254e051474f8f32e4276b5ee1868749748444a0ac60563fd4205fed2a04654ce371ad8b01baf9d30da57c72c84db8487bf55f6f3f6e8d05297c4bface3bd01972eb1b07e8cb19339a4b105b531afcc515c133d0df262586d87d8361ca170b2f51655f08b7b1e8ce97e056fb06d0e196a28eb2173392b0e9d04a72b62893b257c025acb10f219b2dfa2bd8a36609d60d453cab23e20b65cf299afb11588af71dfbb8454c75fbbf304293e84e75a9b78206433e66e8805c125d029fd893e81c64d05cd77666fb6e49664dabdf348731ce1a82a7997477034c01e73f86e8afe228e2cfba8777eea79169c20a046d7a133d253fddae2f745f578191eea86734bd5705225b4ffe09f795462e0f5c5e19991822a74a4effe42060e95ee771240d5d08b8742d33749fb81269c4102bac32d2fb0a8f5b16e89b3c5bbf13a6f83712d99ad4afc3ea352b6de14ae7ec7b", 0x1000}, {&(0x7f0000003d40)="8f519149986b4552a9d1e2df0287ee09dbbb1a3db70985e16322dd07c56489bc045fe76cd62fc350e32ef0eb3fecc8f4d2f6cfe0ba075e0f68036c8f46310fd288731ab6a62f2babf336b16b1c2f87bb65c8770b323fb8b737c692f8c6d9b08896", 0x61}], 0x2, &(0x7f0000003e00)=[@timestamping={{0x14, 0x1, 0x25, 0x2}}, @mark={{0x14, 0x1, 0x24, 0x1000}}, @mark={{0x14, 0x1, 0x24, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x2f9d}}], 0x60}}, {{&(0x7f0000003f00)=@xdp={0x2c, 0x8, r11, 0x24}, 0x80, &(0x7f0000003f80), 0x0, &(0x7f0000003fc0)=[@txtime={{0x18, 0x1, 0x3d, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x9}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}], 0x48}}, {{0x0, 0x0, &(0x7f0000004380)=[{&(0x7f0000004040)="b0314ec038810407e96c35885c15c631ddeab80973fc2b4fa5d985b40090dbca1e78a4ed86004fe6197f18d8273c3db8fbbc52a47b8516ab0a63b62cc20d7d58c96fda3f85258ccf6036c3f419306d4d6423e432e390e7fa7836d03d41c1890f387d6000bae9185fc5b68482ca32cac9d59f750d726d9129965e89ab63b48da41070c7563e2029946338e44e675d82022945748f229f71485f453f460dbf372b4dd027fc47eb58643f8fb44af4c2dee4e0dafcb27fd4f2c032fa991bf2398698f1f659caea5b95dd3dae400e44601421f0c17a8f2c26c3afaa3da5ae1e5c46051c6e7956d62b30583f44da1df9457ab818", 0xf1}, {&(0x7f0000004140)="1248e46d87a2f188546cd6d25f4e3514b22814f829655d688002c62e55818e26379e7d735050bae167909df8fff76c5fa2e7742f9ba6c1c43be940bef200475f75fd", 0x42}, {&(0x7f00000041c0)="834123dd95b751f520fc2f52aaf976038bf4a5d429413bafce91368e842f8465a664d2507749066586ca2e81e274075b6195b8af66cee618f0f28d332f89d1722f7a94ad76649dc5e02fd0245b09cd8555712fa39ac6663fe4208b40734c9676ae1fd1c96e80e3927ad6bd278de4c4f231281f4994ad4007", 0x78}, {&(0x7f0000004240)="b4517139c8626cbc10584b9ae83fc16888af9743a461ea845bdf027b6be7c53985f1b9a546401ad055766fe7a964dc31355b516ea3e0ef10ca4de4026be5e6858915e4e78f06d7d2e4d2f6034f6b025782eaac47254c99243e0bc7299d77205d18df7bf2ef", 0x65}, {&(0x7f00000042c0)="e9ef9bc78338fda4c84b1bc0ec25cbb01e97a0c635aaaab68495578f6ebd8faeb4fde5d141efc71a4923554e551989374ff872fe42cb6b3cc4eec100d1cc336383e61bf26cfe8fc9b7938b18f09b2fc1e817a826f11e8f3e2bac3119e1e01696488b30ec5ebdde788e8215a2508b07a2d0eb2f5f5a1784aa553b0613303c82343c21f28fd61a23a5b1cc43accd39a2390137bce4", 0x94}], 0x5, &(0x7f0000004400)=[@timestamping={{0x14, 0x1, 0x25, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @txtime={{0x18, 0x1, 0x3d, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0x3}}, @mark={{0x14}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}], 0xa8}}, {{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f00000044c0)="8412eb323d0459af861dde2b8f812dd778982d1ef3fed0a7a4b1b4e326fccf017931d393e12d70e27a23774450cb95c2b7d6dd4b1d812b75aadf41be688c5ec5a4b81ff6420bb8adbdb8a02fd336f4fd108c89fec729ca8cfbc5fe92d4e90d659dbc34ae0081e1b4ee96d348da88f42fb6fd5d7c31d9622d90dcf146a1dea425cad14c78e01e65d8e7ea652e34b4664a157173fa24c7683507dc69aa7c9752850fa81e5d7e3225a0dbcdc0a2a5527f884922eda61d54767d7a8d2592aee537873c24805647d7554fb1099e25e1565e7d5ca25e6850b22ae051a953310cf3b14a3e216ad1a52d9cc2", 0xe8}, {&(0x7f00000045c0)="8f7a1ed0aeb9bcd6b1f53bd4d89e23656ae092ae5378e702692e718fdee75e83135db0e7004ec3f70bbe7e78a646fccbfefc59f0aeba0a1304dc1a8cb56b96e2dc026f917d428139bdf8957ee11c4285e4016124e15d9f169fb4a531c3b84e412b43c36b60400fa0e52fc7fc715303f9ba0028ac63e5baf0652ffc851cfb9fa6eda29e37f16808a11b348a97c69c7e9caa1bbf5beb3205685fd4b4c40f75b6298b6be0e96b4f67486dd5f8fde1cbd6af58c21da4021199a9709eed1383f6f4", 0xbf}, {&(0x7f0000004680)="9b2ef24c4552c81302c87c2f4a8b4f51594f64598b11b4c06677cbcccfa7afcafedda9867ef0ec930bc5164f82d5d288653d796fc9a1ee310745b6f9414482f3f40a5a712f40fa10d0dacedcf8c3d525c3a9009a1879b52984be", 0x5a}, {&(0x7f0000004700)="ae6d0cb17dddb2d2ff861384ac96f2189b054799d2da8f25dd1bb16f4bbc5213366d37fd90ac92c181bfbe2a2a141265595146e342356300e9416347622f180b8e6a1bf03c460397fd63d489bf0af0597c4e797dabef732b42dee98976838f312e883b2e0025fc12d8e364ffa329cdaf82ccea72a0b0223b9c8348a46c11ea13c2ed76b18212c1105186e100296eeeb6759218caa68e246f5e8a788ea6bb9a6b06838eb61ab48e9a97709a68790e49f486d61e6700cbaf81f4524af5b7b613029366d846880562b707428d239308a8bd16488d6e23a77ad2f7d00af8e3ad01b5b00987eeaf52eae3c3c5b5993d4d", 0xee}, {&(0x7f0000004800)="c01a467a1a028f8dbe2d3570b59c9d9b6827a54cf32388bf9609a0013978a1815d524339b9023329465d68d35d9f903d7d5ca5172f7dee8d2ecddb509c65a6454261e848cecefd9326ed5bed41f7d1f5d46f1791fbf139b1df7d372000537e766ffcca43b42e06002cd56468a669746cd9ff607dfab36a37005c622fbc7f5a2f2be22cdcbb2f0f16b5fef0b40fc0b08c853c7befe2325bf99419c785885470f8c44e9a93dfb2d8b0052b13c3e1bd30e2b956832be69dc4548e5275fff9be932606ac3b1a006e7f00c76d1f8475adf0e22875555969d4519c28dde1bc5434b0adae253331bb0bcb17dbf65232", 0xec}, {&(0x7f0000004900)="49822977da730fc340ccc808d9af83b10d73272bf1c1ec935462b2c91d33419497475c4838c65f5458a1c1f5b2a0ff27ecedc2770aa67e343c7ffc806bcd091f504b5b30edbf38f21fbc51237f23e07563c5e2991e87f81eddbe3513924adea92838376b43b9fd0ef7a3f7c729c93abaa71b9718182c146aefdb633b219bef02eb82217aa7f6862d8d13b181fa5abe047ab373d13b0d209186e970a81e82d0b5c8662872d86e7cb0cfd4df2904c6751901d3687fb052e31b9c5cdc7bf79d94e3da13b48be19777b03b848fea1db43b3a7e5b", 0xd2}], 0x6, &(0x7f0000004a80)=[@mark={{0x14, 0x1, 0x24, 0x9ba4}}, @txtime={{0x18, 0x1, 0x3d, 0x26ae042e}}, @txtime={{0x18, 0x1, 0x3d, 0x42}}, @txtime={{0x18, 0x1, 0x3d, 0x6}}], 0x60}}, {{&(0x7f0000004b00)=@vsock, 0x80, &(0x7f0000004c80)=[{&(0x7f0000004b80)="9d2360a745f3cb5d51f9db20c021bf3464614dd005fee26e4eb95a6fc3741a8a349c2a42df7f5b8404eeca2cd76728c76ab6ae5d14e84754a7a29678acc5a2938dc5334b7c6d5d8577caa39088138b2068deba7fd868922fc329b535d080d9917febb492ec096bbce49258736024adca6a427eb18645498bcc25d9687dc666d523cfc1e30c3bb4d301f87b65749a3c705f3ec65a34aa29af73eb7c85df9aebfb81d6598b01b8fbadbf53c5c144842815f8294f7140a66c10d7bd2fcc6afb986bed71eafa7ba18c95fa1a94fc7c4b1b0a52d7def83f0f9d77dc10e8f7908628a7137ebcb4fd270949e000a0478678e95918fe8e10679027", 0xf7}], 0x1, &(0x7f0000004cc0)=[@mark={{0x14, 0x1, 0x24, 0x8001}}], 0x18}}, {{0x0, 0x0, &(0x7f0000004e00)=[{&(0x7f0000004d00)="9e05eeac52d1461660bcecbef387f7cb7b637d0c9e017e51a2edbbe578b6a3c336fca12e5a6882084190e0d845424eff5b4b720e4fa185570af0df0b08c6e939e37c848353cde0755041b3f86506883974606e1cd59947e6d5a2915594f2e72bd3fc8b318fe45432e704a616a553d89cc01e965c76a6a2b84511c68bb778e599a12c8d1a8b087dee53c2e546cb898a6ff153fd79e7337db98dbcbb6eb31a6c9c486cc50efba8bf0f4fc1636f7713fad7d86cf567570b232e514d2f95932b3eb564b4ce855996a5b63f86858902268f0c7b715d55b697", 0xd6}], 0x1, &(0x7f0000004e40)=[@timestamping={{0x14, 0x1, 0x25, 0x1}}, @txtime={{0x18, 0x1, 0x3d, 0x426}}, @txtime={{0x18}}], 0x48}}], 0xa, 0x10000800) 14:23:11 executing program 3 (fault-call:7 fault-nth:17): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 436.821585][T13204] netlink: 'syz-executor.5': attribute type 16 has an invalid length. [ 436.831978][T13204] netlink: 'syz-executor.5': attribute type 24 has an invalid length. [ 436.840316][T13204] netlink: 'syz-executor.5': attribute type 2 has an invalid length. [ 436.849243][T13204] netlink: 'syz-executor.5': attribute type 17 has an invalid length. [ 436.858395][T13204] netlink: 'syz-executor.5': attribute type 16 has an invalid length. 14:23:12 executing program 2: pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f00000000c0)) r2 = socket$inet6(0xa, 0x803, 0x8) openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200000, 0x0) sendmsg$nl_netfilter(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x118, 0xd, 0xb, 0x421, 0x70bd27, 0x25dfdbfd, {0x4, 0x0, 0x7}, [@generic="69004b659e15cc35b458b3ede50c7d82951da2f41659944631e3d22c14d0d3595815b3cc264d1b36ffce08cf5b17c658a4078d2f2145d8d5b5174a7d99295d2aa314e2a0dbaa00647b1ae4690ea682620892bd2b9d62b8ead913f741ef63d37ec992e22a0481b0ae255f056eebbe17b9513a6edb98a0862dca09310bdea7fb45a83a2344a98d51946650041f4eead4a957f144d5151468231f67f5eaba747c7f469a911520d4ef0e40fd6179183747d24e56200e688d02d0cbee942b5c1b2d2fbca227e74663092ccd72186641711f0c14f264f5de89290abaac3bcff95c3db8e93e0c002a428ea50505286eea1e580449", @typed={0x8, 0x45, @ipv4=@loopback}, @typed={0x8, 0x47, @ipv4=@empty}]}, 0x118}, 0x1, 0x0, 0x0, 0x400}, 0x81) mmap(&(0x7f0000000000/0x8000)=nil, 0x8000, 0x2000000, 0x4000050, 0xffffffffffffffff, 0x0) getsockopt$inet6_int(r2, 0x29, 0x4, 0x0, &(0x7f0000000040)=0xffffffffffffffca) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r3, 0x810c5701, &(0x7f0000000300)) 14:23:12 executing program 5: bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x10) r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000390300"/20, @ANYRES32=r2, @ANYBLOB="0000200fb600000000001c001200140001006272696467655f736c6176650000000004003d3f04162ab101d961dd5b6a658394bf30286c1181fbfa0a089e4c51236ccc373f696f50a96afdcd5b400e25bd6c5c5d05ffe4a6ad3115eb22d8ccacf7e33617ae9e7d155e7f62e7df5f4c98ce6df3c502b00bb0c90c60968e6ada5972276aebb26fd130893370ef0fc92a4ce0fcadba48bc477317cb0080c0d2e4b0d2a13169c4755badd3da6f8928b2b1e777673eaa725253a52dc938c875c2e5c0a4d557e87eaa1a4a940dc2a73b1c77d43efc365cf4e4dd59dcfedb2b93ebe44aad6b47592223774adb324eef8793d2e1126d"], 0x3c}}, 0x0) [ 437.260765][T13220] FAULT_INJECTION: forcing a failure. [ 437.260765][T13220] name failslab, interval 1, probability 0, space 0, times 0 [ 437.274863][T13220] CPU: 0 PID: 13220 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 437.282917][T13220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.293671][T13220] Call Trace: [ 437.297033][T13220] dump_stack+0x191/0x1f0 [ 437.301693][T13220] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 437.307966][T13220] should_fail+0xa3f/0xa50 [ 437.312463][T13220] __should_failslab+0x264/0x280 [ 437.317455][T13220] should_failslab+0x29/0x70 [ 437.322384][T13220] kmem_cache_alloc+0xd6/0xd10 [ 437.327296][T13220] ? __anon_vma_prepare+0x1bf/0xae0 [ 437.333182][T13220] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 437.339598][T13220] __anon_vma_prepare+0x1bf/0xae0 [ 437.344733][T13220] ? __msan_poison_alloca+0x158/0x1b0 [ 437.350552][T13220] wp_page_copy+0xa45/0x26d0 [ 437.355525][T13220] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 437.361570][T13220] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 437.367696][T13220] ? memcg_check_events+0x74/0xf20 [ 437.373218][T13220] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 437.379445][T13220] do_wp_page+0x1e8c/0x37f0 [ 437.384003][T13220] ? kmsan_internal_set_origin+0x6a/0xb0 [ 437.390021][T13220] handle_mm_fault+0x46e3/0x9f70 [ 437.395259][T13220] do_user_addr_fault+0x905/0x1510 [ 437.400677][T13220] __do_page_fault+0x1a2/0x410 [ 437.405494][T13220] do_page_fault+0xbb/0x500 [ 437.410655][T13220] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 437.416087][T13220] page_fault+0x4e/0x60 [ 437.420526][T13220] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 437.427903][T13220] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 437.448692][T13220] RSP: 0018:ffff88818c44f820 EFLAGS: 00010206 [ 437.455058][T13220] RAX: ffffffff8496408c RBX: ffff8881a96ea7e8 RCX: 0000000000001000 [ 437.463648][T13220] RDX: 0000000000001000 RSI: ffff8881a8072000 RDI: 0000000020002300 [ 437.471867][T13220] RBP: ffff88818c44f890 R08: 0000000000000000 R09: 0000000000000000 [ 437.480263][T13220] R10: 0000000000000000 R11: ffffffff81e0ad01 R12: 0000000000001000 [ 437.488495][T13220] R13: ffff8881a8072000 R14: ffff88818c44f828 R15: 0000000020002300 [ 437.497145][T13220] ? shmem_file_llseek+0xce1/0xdc0 [ 437.502590][T13220] ? copyout+0xcc/0x1f0 [ 437.506799][T13220] ? copyout+0x113/0x1f0 [ 437.511697][T13220] copy_page_to_iter+0x6dc/0x1910 [ 437.516960][T13220] shmem_file_read_iter+0xa10/0x1140 [ 437.523260][T13220] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 437.530863][T13220] ? shmem_file_llseek+0xdc0/0xdc0 [ 437.537727][T13220] do_iter_readv_writev+0xa16/0xc30 [ 437.543692][T13220] ? shmem_file_llseek+0xdc0/0xdc0 [ 437.549921][T13220] do_iter_read+0x30b/0xe10 [ 437.555439][T13220] ? import_iovec+0x4ad/0x660 [ 437.561856][T13220] do_readv+0x37f/0x710 [ 437.567064][T13220] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 437.574969][T13220] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 437.581904][T13220] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 437.588261][T13220] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 437.594224][T13220] __se_sys_readv+0x9b/0xb0 [ 437.598775][T13220] __x64_sys_readv+0x4a/0x70 [ 437.604516][T13220] do_syscall_64+0xb6/0x160 [ 437.609826][T13220] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 437.615858][T13220] RIP: 0033:0x459a59 [ 437.620167][T13220] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 437.641815][T13220] RSP: 002b:00007fb00e423c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 437.652023][T13220] RAX: ffffffffffffffda RBX: 00007fb00e423c90 RCX: 0000000000459a59 [ 437.661889][T13220] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 437.672210][T13220] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 437.680863][T13220] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4246d4 [ 437.690178][T13220] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 437.715481][T11495] usb 5-1: new low-speed USB device number 16 using dummy_hcd 14:23:12 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, &(0x7f0000000000), &(0x7f00000000c0)=0xc) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0xfb) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x4e21}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) accept$packet(0xffffffffffffffff, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, 0x0, 0x40000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_genetlink_get_family_id$tipc(0x0) sendmsg$TIPC_CMD_GET_REMOTE_MNG(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0) accept$inet6(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x0) socket$unix(0x1, 0x0, 0x0) mknod$loop(0x0, 0x0, 0x1) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) recvfrom$inet(r3, &(0x7f00000001c0)=""/243, 0xf3, 0x4000, &(0x7f0000000140)={0x2, 0x4e24, @loopback}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0xffffffffffffffff, 0x4) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x7fff, 0x80000001}, 0x14) shutdown(r0, 0x1) [ 437.799693][T13224] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. 14:23:12 executing program 3 (fault-call:7 fault-nth:18): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 437.866749][T13227] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. [ 437.991932][ T32] audit: type=1804 audit(1571494993.035:99): pid=13233 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/104/file0/bus" dev="ramfs" ino=37313 res=1 [ 437.997845][T13233] FAULT_INJECTION: forcing a failure. [ 437.997845][T13233] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 438.035200][T13233] CPU: 0 PID: 13233 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 438.043818][T13233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 438.054816][T13233] Call Trace: [ 438.058325][T13233] dump_stack+0x191/0x1f0 [ 438.062843][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.069356][T13233] should_fail+0xa3f/0xa50 [ 438.075460][T13233] should_fail_alloc_page+0x1fb/0x270 [ 438.082225][T13233] __alloc_pages_nodemask+0x3c1/0x60c0 [ 438.089046][T13233] ? page_fault+0x4e/0x60 [ 438.094136][T13233] ? copy_user_enhanced_fast_string+0xe/0x30 [ 438.101247][T13233] ? copy_page_to_iter+0x6dc/0x1910 [ 438.107568][T13233] ? generic_file_read_iter+0x2979/0x3e70 [ 438.114265][T13233] ? do_iter_readv_writev+0xa16/0xc30 [ 438.120503][T13233] ? do_iter_read+0x30b/0xe10 [ 438.126291][T13233] ? do_readv+0x37f/0x710 [ 438.131026][T13233] ? __se_sys_readv+0x9b/0xb0 [ 438.136193][T13233] ? __x64_sys_readv+0x4a/0x70 [ 438.142325][T13233] ? do_syscall_64+0xb6/0x160 [ 438.147671][T13233] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 438.154917][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.161848][T13233] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 438.168514][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.175121][T13233] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 438.181523][T13233] ? __rb_insert_augmented+0xba8/0x1140 [ 438.187758][T13233] ? vma_interval_tree_augment_rotate+0x3a0/0x3a0 [ 438.195112][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.201251][T13233] alloc_pages_vma+0xc9d/0x18c0 [ 438.206174][T13233] wp_page_copy+0x464/0x26d0 [ 438.212099][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.218478][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.225059][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.233664][T13233] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 438.243604][T13233] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 438.252209][T13233] do_wp_page+0x1e8c/0x37f0 [ 438.257190][T13233] ? kmsan_internal_set_origin+0x6a/0xb0 [ 438.263845][T13233] handle_mm_fault+0x46e3/0x9f70 [ 438.270775][T13233] do_user_addr_fault+0x905/0x1510 [ 438.277136][T13233] __do_page_fault+0x1a2/0x410 [ 438.282730][T13233] do_page_fault+0xbb/0x500 [ 438.287752][T13233] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 438.293564][T13233] page_fault+0x4e/0x60 [ 438.297900][T13233] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 438.305845][T13233] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 438.328676][T13233] RSP: 0018:ffff888187b3f778 EFLAGS: 00010206 [ 438.335142][T13233] RAX: ffffffff8496408c RBX: ffff8881a96ee468 RCX: 0000000000001000 [ 438.344673][T13233] RDX: 0000000000001000 RSI: ffff88818ca8f000 RDI: 0000000020002300 [ 438.353948][T13233] RBP: ffff888187b3f7e8 R08: 0000000000000000 R09: 0000000000000000 [ 438.362459][T13233] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 438.372417][T13233] R13: ffff88818ca8f000 R14: ffff888187b3f780 R15: 0000000020002300 [ 438.381308][T13233] ? copyout+0xcc/0x1f0 [ 438.386461][T13233] ? copyout+0x113/0x1f0 [ 438.391790][T13233] copy_page_to_iter+0x6dc/0x1910 [ 438.397410][T13233] generic_file_read_iter+0x2979/0x3e70 [ 438.403574][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.410512][T13233] ? find_get_pages_range_tag+0xe60/0xe60 [ 438.416814][T13233] do_iter_readv_writev+0xa16/0xc30 [ 438.424288][T13233] ? find_get_pages_range_tag+0xe60/0xe60 [ 438.431348][T13233] do_iter_read+0x30b/0xe10 [ 438.436326][T13233] ? import_iovec+0x4ad/0x660 [ 438.441346][T13233] do_readv+0x37f/0x710 [ 438.445599][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.452196][T13233] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 438.459660][T13233] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 438.466830][T13233] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 438.473212][T13233] __se_sys_readv+0x9b/0xb0 [ 438.477779][T13233] __x64_sys_readv+0x4a/0x70 [ 438.483018][T13233] do_syscall_64+0xb6/0x160 [ 438.487985][T13233] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 438.494808][T13233] RIP: 0033:0x459a59 [ 438.499489][T13233] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 438.519868][T13233] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 438.528678][T13233] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 14:23:13 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000500), 0xc, 0x0}, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000440)=0x4018) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000580)=""/143, &(0x7f0000000340)=0xfee5) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000007c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="a0"], 0x2}}, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000180)=0x400, 0x4) 14:23:13 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280)='proc\x00', 0x0, 0x0) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x0, 0x0) accept4$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14, 0x800) mount(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x100000, 0x0) clone(0x41060000, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x756c2aaba88b5643, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/udplite\x00') open(&(0x7f0000000600)='./bus\x00', 0x2, 0x0) getsockopt$netlink(r1, 0x10e, 0x0, &(0x7f00000002c0)=""/142, &(0x7f0000000180)=0x8e) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') preadv(r2, &(0x7f0000000940)=[{&(0x7f0000000040)=""/42, 0x2a}, {&(0x7f00000008c0)=""/106, 0x5b}, {&(0x7f00000007c0)=""/242, 0xf2}, {&(0x7f0000001380)=""/239, 0xfc36}], 0xc7, 0x0) [ 438.538413][T13233] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 438.547072][T13233] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 438.555449][T13233] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 438.564481][T13233] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:13 executing program 2: r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000004c0)={{0x12, 0x1, 0x0, 0x1e, 0x95, 0xcd, 0x10, 0x12cf, 0x7111, 0x4808, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x80, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, [], [{{0x7, 0x5, 0x84, 0xb}}]}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0xac, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000000500)={0xac, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, &(0x7f0000000000)={0x20, 0x21, 0x46, {0x46, 0x1, "98438e32f19873a69a766ec62dc58d72de4178d56d2839b657dd36538251b7f7a3dc94610dd279416f1c2984489f4881e5099731dce71fdfd47153351ac1c4cdb99db847"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x40c}}, &(0x7f0000000100)={0x0, 0x22, 0x21, {[@global=@item_012={0x2, 0x1, 0x4, 'm1'}, @local=@item_012={0x0, 0x2, 0xa}, @local=@item_4={0x3, 0x2, 0x4, "8a190ae6"}, @main=@item_4={0x3, 0x0, 0x8, "54ed2856"}, @global=@item_012={0xfffffe39, 0x1, 0x8, "942c"}, @global=@item_012={0x2, 0x1, 0x2, "9469"}, @local=@item_4={0x3, 0x2, 0x2, "1b94c07f"}, @main=@item_012={0x1, 0x0, 0xc, 'e'}, @local=@item_4={0x3, 0x2, 0x2, "01772c40"}, @global=@item_012={0x0, 0x1, 0xb}]}}, &(0x7f0000000140)={0x0, 0x21, 0x9, {0x9, 0x21, 0x800, 0x9c, 0x1, {0x22, 0xf53}}}}, &(0x7f0000000400)={0x2c, &(0x7f00000001c0)={0x20, 0x78106c7e58d7f63b, 0x8c, "c14d29b929ca87620b816ab02b77bf87c25b390b47d1737b73cec6844ef24c4ba86fe129603a86cedf1881cfb45c448522edff27cbe9e95728a87fa7e8232d4792aabf7760ceada60607d449990557778ab91c33c25a27fd3effe952763ed5cf06d74a99dd5e69db982488e762b363e0a5c13668ccc201a4cdffdd7181d33025ca432ac0a8b4aface5286a9a"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0xff}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000300)={0x20, 0x1, 0xba, "0554166d7b7f4debeeff2918d281f2f3ff88ec9eedbe9e05b9cb83a0ea52637c88f553e60c5f672efa03cccaf2ae93f6d46a299553f53e5a5987820966ad46e2f8ed38e82f4a3663f331b877696f1a978a972d0593c1bcae2b74c38a01c00354d2e60c5e99df2f5c4b17d29e62f492acfa73842f9f0750566b3bef75f8af5fb299b122a3639b606529b607e8f00a21f2365cc07939c4cbf801ee35e3ec39c9183a7c73d83d9621bfe9e577219fda921f7502020b469dea155210"}, &(0x7f00000003c0)={0x20, 0x3, 0x1, 0x64}}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_connect(0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x0) [ 438.652283][T11495] usb 5-1: config 0 has an invalid interface number: 220 but max is 0 [ 438.660783][T11495] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 438.671430][T11495] usb 5-1: config 0 has no interface number 0 [ 438.678487][T11495] usb 5-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=cf.68 [ 438.688486][T11495] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.756837][T11495] usb 5-1: config 0 descriptor?? 14:23:13 executing program 3 (fault-call:7 fault-nth:19): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:13 executing program 0: syz_usb_connect(0x0, 0x52, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xfc, 0xde, 0x62, 0x8, 0x499, 0x105b, 0xd870, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x1, 0x42, 0x58, 0xb, 0xff, [@uac_as={[@format_type_i_continuous={0x8}]}, @cdc_ncm={{0x5}, {0x5}, {0xd}, {0x6}}], [{{0x7, 0x5, 0x1, 0x13}}]}}]}}]}}, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000100)={[0x81, 0xead, 0x8001, 0x3, 0xffffffff80000000, 0x0, 0x0, 0x2, 0x9, 0x8, 0x0, 0x8, 0x110, 0xfffffffffffffffa, 0x1, 0x7], 0x4000, 0x100400}) [ 438.929580][T13247] IPVS: ftp: loaded support on port[0] = 21 [ 438.950124][ T32] audit: type=1804 audit(1571494993.995:100): pid=13254 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/105/file0/bus" dev="ramfs" ino=37352 res=1 [ 438.956937][T13254] FAULT_INJECTION: forcing a failure. [ 438.956937][T13254] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 438.994243][T13254] CPU: 0 PID: 13254 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 439.002151][T13254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 439.012410][T13254] Call Trace: [ 439.015752][T13254] dump_stack+0x191/0x1f0 [ 439.020217][T13254] should_fail+0xa3f/0xa50 [ 439.024989][T13254] should_fail_alloc_page+0x1fb/0x270 [ 439.030466][T13254] __alloc_pages_nodemask+0x3c1/0x60c0 [ 439.036015][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.041919][T13254] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 439.048056][T13254] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 439.054379][T13254] ? prep_new_page+0x792/0x9b0 [ 439.059509][T13254] ? get_page_from_freelist+0x11d3/0x19f0 [ 439.065346][T13254] kmsan_alloc_page+0xc3/0x370 [ 439.070117][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.076561][T13254] __alloc_pages_nodemask+0x149d/0x60c0 [ 439.082525][T13254] ? page_fault+0x4e/0x60 [ 439.086955][T13254] ? copy_user_enhanced_fast_string+0xe/0x30 [ 439.093030][T13254] ? copy_page_to_iter+0x6dc/0x1910 [ 439.098231][T13254] ? generic_file_read_iter+0x2979/0x3e70 [ 439.103946][T13254] ? do_iter_readv_writev+0xa16/0xc30 [ 439.109320][T13254] ? do_iter_read+0x30b/0xe10 [ 439.114001][T13254] ? do_readv+0x37f/0x710 [ 439.118329][T13254] ? __se_sys_readv+0x9b/0xb0 [ 439.123002][T13254] ? __x64_sys_readv+0x4a/0x70 [ 439.127857][T13254] ? do_syscall_64+0xb6/0x160 [ 439.132532][T13254] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 439.138792][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.144893][T13254] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 439.151171][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.157073][T13254] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 439.163233][T13254] ? vma_interval_tree_augment_rotate+0x3a0/0x3a0 [ 439.169776][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.175743][T13254] alloc_pages_vma+0xc9d/0x18c0 [ 439.180961][T13254] wp_page_copy+0x464/0x26d0 [ 439.185903][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.191813][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.197788][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.203689][T13254] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 439.209852][T13254] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 439.215871][T13254] do_wp_page+0x1e8c/0x37f0 [ 439.220383][T13254] ? kmsan_internal_set_origin+0x6a/0xb0 [ 439.226029][T13254] handle_mm_fault+0x46e3/0x9f70 [ 439.231124][T13254] do_user_addr_fault+0x905/0x1510 [ 439.236349][T13254] __do_page_fault+0x1a2/0x410 [ 439.241212][T13254] do_page_fault+0xbb/0x500 [ 439.245803][T13254] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 439.251283][T13254] page_fault+0x4e/0x60 [ 439.255445][T13254] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 439.262038][T13254] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 439.281643][T13254] RSP: 0018:ffff8881a6acf778 EFLAGS: 00010206 [ 439.287765][T13254] RAX: ffffffff8496408c RBX: ffff8881a96ea7e8 RCX: 0000000000001000 [ 439.296168][T13254] RDX: 0000000000001000 RSI: ffff8881a7586000 RDI: 0000000020002300 [ 439.304137][T13254] RBP: ffff8881a6acf7e8 R08: 0000000000000000 R09: 0000000000000000 [ 439.312352][T13254] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 439.320323][T13254] R13: ffff8881a7586000 R14: ffff8881a6acf780 R15: 0000000020002300 [ 439.328423][T13254] ? copyout+0xcc/0x1f0 [ 439.332595][T13254] ? copyout+0x113/0x1f0 [ 439.336967][T13254] copy_page_to_iter+0x6dc/0x1910 [ 439.342019][T13254] generic_file_read_iter+0x2979/0x3e70 [ 439.347803][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.353698][T13254] ? find_get_pages_range_tag+0xe60/0xe60 [ 439.359547][T13254] do_iter_readv_writev+0xa16/0xc30 [ 439.365387][T13254] ? find_get_pages_range_tag+0xe60/0xe60 [ 439.371126][T13254] do_iter_read+0x30b/0xe10 [ 439.375634][T13254] ? import_iovec+0x4ad/0x660 [ 439.380325][T13254] do_readv+0x37f/0x710 [ 439.384623][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.390525][T13254] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 439.396860][T13254] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 439.402578][T13254] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 439.408849][T13254] __se_sys_readv+0x9b/0xb0 [ 439.413359][T13254] __x64_sys_readv+0x4a/0x70 [ 439.417971][T13254] do_syscall_64+0xb6/0x160 [ 439.422480][T13254] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 439.428579][T13254] RIP: 0033:0x459a59 [ 439.432478][T13254] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 439.453686][T13254] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 439.462328][T13254] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 439.470473][T13254] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 439.478533][T13254] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 439.490940][T13254] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 439.498927][T13254] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 439.531034][T13211] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'. [ 439.584145][ T3380] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 439.655072][ T5] usb 5-1: USB disconnect, device number 16 [ 439.663608][T11495] usb 1-1: new high-speed USB device number 26 using dummy_hcd 14:23:14 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg$alg(r2, &(0x7f0000000cc0)=[{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000000c0)="dbee7dd3066e735ff4304f7e5c60de452cb93d929dd8ebef4006eb0a3e", 0x1d}, {&(0x7f0000000100)="37d27985", 0x4}, {&(0x7f0000000140)="b3778a1abc5fd9aa75feb0e3da9cc2c65f9d3b7450555f44e9d340c5bedb12a8244549dd6845475090bbd4b3ba976afb8956212a4521c2b83e3cc7eac8601800539d92b8b8610a17ba872e700afe1a1cd7368993dc2876ab1ff7b7c3e9891eafe3f39c96a609a90d5bf1669e52824d1aaca78b1e8302a306a5bd3aa01705598e504897c6d13d6c43b2c2100d9c07eb534d4e6f5efd339a7ec4f987ed5a8555634368ef6df272b8eb9d7bb525b4e4a28f737fd9ddcb7dd0107d17069cfc73ca8e832ce05388c47b399bb5b5bece32b3e4b2591952f79be89efc9d13f58f042086157a7b5a6122cb9d644933af7907", 0xee}, {&(0x7f0000000240)="e6934a19636b0c4a0926cc4f4fe3447f9a8735b66eb78620154e0cb2ffb8ea662c010ae1117deac33650ed67f6d5a9b227233fe461513dc9f18050da8e77412ab01439c192efc98b6515c0ebe22b65a36f3b9b39165768bd75ec10bbeda7d482f2f5ea0a0092a67d37d84dfbdf8048a7a97d7ea5706a21d4e25efa97d4fe97790ef534b8f6cb0677b262f447e83dbcc2be30231ebfd461c4e8ab1b1d1c09ceef224fc09d3e19ad6e7197e59a878676c147960cd0", 0xb4}, {&(0x7f0000000300)="c47ceba37310d60e6898ab4d843280709215db3c25cf1ef0e4adaddb0bc478924b470e1d0c82b41fed75ea68dca3bef814d1271eaca832d87eee33", 0x3b}, {&(0x7f0000000340)="f1d37849aae4d43de6a965e96ba81d523acac2539c577b4f6296a55136acc6a81fc337d55494617a96f7dbe69c660e6c66d4863f", 0x34}, {&(0x7f0000000380)="737daf7186fdc0af10ae2252639b1d93cd97ca2e0c2e209e58a06e19b76e54564802d7365aff9295227035f644a3a75ec3ce1ba6a95b45daf0055ba090ee", 0x3e}, {&(0x7f00000003c0)="db5b4b0d0db24ae4aa08a52e1ab2eabea5dfe6e31dced404b453f414a81cd6aa7c23dcc3eb5e7aff465bc24b661d8cb2e3c712e4e87645e177139e8cd3737b351c5c6b82db0821a856d4359de1a2e3b4a45ead4ada733447d2a4327c40d42c91bfba01052e51572d40db61f8", 0x6c}, {&(0x7f0000000440)="72e9ca9870cb31deafca1e5086e7252266100468853cbca549e671bb25dec32598fb8027ee4d308527b2b5cc0037046a2aa02a1154565e1bd63ed7457878503b1eded6157f2f022a96b99ddb3d7250072c081923bb39252b89a6018a3cfd6f7ff1582f098bd9f45b97afabc066582b21b353ac44a9678f4269f505b84c67e85b7c8db6bdc9a419f6002ebb3e1c11f3f641084eb52ddf11b491772671ee9ca171f25742884d17eec3c7cf6d3ff61b82a9bf6758070922012f25427e447565", 0xbe}], 0x9, &(0x7f0000000680)=[@iv={0xe8, 0x117, 0x2, 0xd3, "f0fcadf06ac9d1c1d70c5100b81787374d80218c9c4935898a9d8f60230a9e4f616de508b34fd30b0debdd8164fc4c072ac980e39f68a7879177d7a92b2838c8f73ae6472233b88ec4ecfb16fc2fac89c894eaf0b2108f07fba105412c340027b745dafabff655e2520a794bac0fbcc7bdfb1e580a637731b8a3aa14403809c2bda1da909c46d0ec21b59d1f5a0ec283c35a3bc7a22904e4e95b7fd3bc4bf68f0e2416c8e982bad3b15aaa17b1c9d61e3cdd67284d6b28f46a4b2c68085db995b05285e17c34b75954a4e237be123308f4766b"}, @iv={0xd8, 0x117, 0x2, 0xc4, "669193b0726d8c39e3345293ee7e1a65fd65113bda14eea1c9c8850ec6ff72ea22d0da14af4f408a9564352ac15ad0945b36b3c9bbcaae262201d38391cf619fbf16647e6b15ced3bd3192935a1291f8e9c578fcd7fc3c7e56ac5c14b7cab2bbf40225c0d59b2743e33024f99d8598f35cbc2fad4d81264e05fbb355b4e68e7df603f4e278adfac44290723ed9cb68c6ae1cdb6f1d3b5e88a08302c0678251932bf3c4f5ee2df00abc07a23130652aaf95f3728dd03bd3fb3a0ff10ef907d177a8c9a04f"}, @iv={0x20, 0x117, 0x2, 0x9, "25a6334ff539ea92c1"}, @iv={0xe0, 0x117, 0x2, 0xcb, "0f7ee5e4c0b37ccbcac95faf5a3de0b2757f431232f0c56b6d628fdb0238282c6fb55709326f0dec0e6d5b20537a30d1a5e001159428b338f7a0017cb2a0a403e3b89e76a65c9f6d78bf78241cf0396380bacb6d1eaa54a27a6a5eae1daa8828053562a3edcf3eccc56c2b4fd64ca89d9b25385865e3eba6ed7a92fe1cdddb275875ad1d1d88ea11a447eb8ab769d861196dc9537e06a4c34ad77f991ffbeb1da76995037f4aec532628c2c71638d221b1599c6dcd22f6f761461eaf603fcd1046e230c482fb901094cb76"}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}], 0x2f0, 0x20000000}, {0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000500)="522a3d12e7d02214cfced236266a4936fc640cc33149d7561b3b89056db69c66703fb6af6fc739e5ebfb21c8762cd051aa1ae4e86bc1a5c58956053d90ea2bc12b53cffaaec08ac56df25234f0ccd783f68f13f52cafc79f09a1f0409be56fc43b10d817ec0e74be432b80978aff83b774ea6c356bc384", 0x77}, {&(0x7f0000000980)="deefa1940e976c95433ce73209a3b7cad61215d3556e3ebf5c837f9051a7e960072fa04d80d2e44b8c6dd86111af8f5664ad718c9ac502e60051da7eff226251881d7b143c2e5c6a1c478cb28a4a4a69bbf0d5ffccf7a91f98e480161480f957234ceb9bdd7c07c28fcff57a8930a7bd6e77a34c7b5bb10482b38d236aa65c6eff64c83591660cbf9ca83416a7b27bd7c626c4f8b43d9e950d6d36e06da8acc32b8e65d4b8cb5c4b69087787febde599318dfa4f2f496134824621aea0054eb2aa3ea3e5490baf32ba67eb2b2928161c81f80285d959b23610d69cdff1f0f01c8846a67d9c1357f1ca22e63ba8cf71814abae1eb597fce61b60b", 0xfa}, {&(0x7f0000000a80)="5e5004a50b63997d689b359ee800358ce4f00338bfa2171351aa9e8609a85495987eb902ff3e8488ad78712e6a6f8efeadc73dda3701452d81e778743fa6d002132c42f608b155", 0x47}, {&(0x7f0000000b00)="a8439fbf523d77467e41c180fbcf079b7a1571e9061ce9f867144419db352f9a97eed7b0468340d0d0a3ccea86c116d56ca67b75e2f41b2fc39b4a", 0x3b}, {&(0x7f0000000b40)="2878ce8c6dc5326b563014d8d8c5e2a35ab98ac6406c7eed264b9bd2b1446c6249401ee0fac05d09306fc2fbfdb0172d54392a6d6000d9cd1c6d46d8ff9e41325f0ee32f1257b579161bed02e3f70eb68a51ac0abd57d4f444fa3bbbbad7a3fd2b83ef48f7a6bff4c0bec252aeb0f0b4997764b5fc6bbe92c40afa87b7707d52c9bf851026d2a0c7335a72cd1c3733ea27837f1e09aaa6fa163af541c8aaced93fa5799835ca331a028bd1edf3cb16087f3d8b665b1a372e074fb87e761d700a6991", 0xc2}], 0x5, 0x0, 0x0, 0x40000}], 0x2, 0x40) sendmsg$nl_route(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_OPERSTATE={0x8, 0x28}, @IFLA_LINKINFO={0x25, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x15, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x50}}, 0x0) [ 439.715925][T13256] IPVS: ftp: loaded support on port[0] = 21 [ 439.823128][T13261] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. [ 439.877065][T13263] netlink: 17 bytes leftover after parsing attributes in process `syz-executor.1'. [ 439.902702][T11495] usb 1-1: Using ep0 maxpacket: 8 [ 439.932053][ T3380] usb 3-1: Using ep0 maxpacket: 16 [ 440.022604][T11495] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 440.031254][T11495] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 440.041655][T11495] usb 1-1: config 0 has no interface number 0 [ 440.048569][T11495] usb 1-1: config 0 interface 67 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 440.059877][T11495] usb 1-1: New USB device found, idVendor=0499, idProduct=105b, bcdDevice=d8.70 [ 440.069540][T11495] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.074309][ T3380] usb 3-1: config 0 has an invalid interface number: 128 but max is 0 [ 440.080593][T11495] usb 1-1: config 0 descriptor?? [ 440.086443][ T3380] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 440.103178][ T3380] usb 3-1: config 0 has no interface number 0 [ 440.109544][ T3380] usb 3-1: config 0 interface 128 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 440.120894][ T3380] usb 3-1: New USB device found, idVendor=12cf, idProduct=7111, bcdDevice=48.08 [ 440.130358][ T3380] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.147414][ T3380] usb 3-1: config 0 descriptor?? [ 440.221383][T13268] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'. [ 440.402475][ T3380] radio-si470x 3-1:0.128: DeviceID=0x41cf ChipID=0x8481 [ 440.442643][T11495] usb 1-1: string descriptor 0 read error: -71 [ 440.456438][T11495] usb 1-1: invalid MIDI in EP 0 [ 440.462970][T11495] snd-usb-audio: probe of 1-1:0.67 failed with error -12 [ 440.475985][ T31] usb 5-1: new low-speed USB device number 17 using dummy_hcd [ 440.505345][T11495] usb 1-1: USB disconnect, device number 26 [ 440.622455][ T3380] radio-si470x 3-1:0.128: software version 65, hardware version 207 14:23:15 executing program 3 (fault-call:7 fault-nth:20): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:15 executing program 1: r0 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000140), &(0x7f0000000300)=0x18) r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000039542f108c07021047e6000000010902240001000000000904db00010a04c80009210003000000810009050a00000000000003f0afdc0a5c1aa7f091e22771a776868238520ff38068566d29acd233134c457404ff87ee1d268946bd4d3812510e552cd7281c524591cf13749cef7a636fe8333aa3375bf73d4ee75a0b57df80d54a41c91aac5b35faeac55c28029add48809faaf8606f4036a77ed0dd9c176a4385f895830e01b7a7f7c646eb507fbef7047e1d3fc6fe92a51a2fb09f6643068290ca5131379791bdf1b6a88eb1c88b0d368bf8507d4e384a38d7f16eae524a39603d84608258e1f5132f1b2c62626161e749a2dacc4a070000001d671b58fee0224776b16f00"/282], 0x0) syz_usb_control_io$printer(r1, &(0x7f00000002c0)={0x14, &(0x7f0000000340)=ANY=[@ANYBLOB="00000200000000007a29176e4973eff71a6e6802ee6da0d8ff44196b59a56262da7edd8792847293710cd639c1c40f792067ebe454cda8b93153ed0111ffc5d6d253f3f6c93790078ba7b011630c68d9026111d5de0387930fe7998d943516c9f963da890974dadbbd7c4c199ce4639097bd35c25cd6851b51cb198974c24aed553ed3ff87701cc16280b28be19bc1915c7fd81467a084e951b88369bc11e4e16c2d836a7c775d3c8881069fc7b3fe42cb31d473a616e504b07001813f9a5a3ee70a35d4ce1132bbee434e83278b76"], 0x0}, 0x0) syz_usb_control_io(r1, &(0x7f0000000440)={0xfffffffffffffe3e, 0x0, 0x0, 0x0, &(0x7f00000007c0)={0x0, 0x22, 0xf, {0xf, 0x29, 0x0, 0x0, 0x0, 0x0, '\x00', "022000"}}, 0x0}, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) r2 = syz_usb_connect(0x3, 0x2395, &(0x7f0000000800)={{0x12, 0x1, 0x200, 0x9d, 0x5f, 0x52, 0x20, 0x7b8, 0xb21b, 0x7c08, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2383, 0x1, 0xfd, 0x8, 0x80, 0xff, [{{0x9, 0x4, 0x37, 0x40, 0xa, 0x29, 0xdb, 0xd4, 0x0, [], [{{0x9, 0x5, 0x7, 0x0, 0x11f, 0x0, 0x1, 0x1, [@generic={0xbc, 0x30, "293c9a4cea7ab24fbc09ad7ada47bb590fdfc29fa44ba583e541fda356b0b3a89515afd32b5ffa6e5aa46aa2bd456f46cea5383876265c780e4215b3f0fe5defa0198dea5df317aebce32e4d112ec1bdc126d30bee72a7ec14d421baa28c1cdde245d76380e601cfb1bdf53b52416c065086e9be353c26c239ffd5972e5423e74e8ac203e8e8a87fb70b914665fb3fde2a19c84cee75c5e74bafab7abeadf7f5097ce1cd71c2c8842501a0c425031a0b2887119a1050e3dcb43f"}, @generic={0xc, 0x0, "c8d3521601ef7005ad20"}]}}, {{0x9, 0x5, 0xb, 0x0, 0x12c, 0x7, 0x7, 0x1f}}, {{0x9, 0x5, 0xa, 0x0, 0x1e8, 0x4, 0x6, 0x4}}, {{0x9, 0x5, 0x0, 0x1e, 0x330, 0x1, 0x6, 0x2, [@generic={0xc7, 0xc, "19b69602b587d3707965c7ff06cc7c3b22f7d95217ccaa83fc9539d2518fd358ea22436ec2461bb0e018bfbca8051f6421b887f8b7da979623b94f203dfabd049ef2bce5cd6b73677f8f64e6d4be34b51cf50fc561c57cb188405f1d63662feb8ae543240fdd55b40131f47a567f9ba4ce3e659a3589ae6e2851c8e7713dd73e850c5ca900ca1e2945314036e6823052878487a0e44d22915782a4673ef22a0c44123f21aed803870370b09f085e0e15010e53ef391e686fc11206601f3b08a96e6eb67659"}, @generic={0x17, 0x5, "9060fc981040c8caf898e18852a3626e7bc7cda77a"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x9a, 0x2, 0x6, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x3f}, @uac_iso={0x7, 0x25, 0x1, 0x742a53a90ff97e15, 0x0, 0x4}]}}, {{0x9, 0x5, 0xdce0f64c962b368e, 0x7a6bb298570936f0, 0x3db, 0x1, 0xe9, 0xb5, [@generic={0x1002, 0xa, "29968375d154648cdb2bffd10e6dd06c62be1522c767ad5d618f6538a624fc565b3d26e9a113c9f41b6851340d80b020f8f6ee357238c39d59d80a715f1a8a4854908279ff6c474df3929c012597c0ac06ba7c42e66d594ef42c281c3c27932e560dc1b1dbdee8009e77ea9743caecd8933e0498d9b66417a339c7d96408e9c46506e313cd55376c3f854ee71185c1134e0ad8143ccd246fafc273ae4c26cc33ab9fe3a8da46242926955e5125ebf0faa1312389dd89cad40becef66bad521c4468f71d10bcd145f9869276d04ba6b0e2453ea9eda8aa425d661240e9e757b920fe395c9f96a5b3789c2142adab1298950e7632c428259c4284336bdf38c6843d29dd9399b05cd269bd43db215a75ae86e6269d404a4ac4eae1f99c1172a1eb185227bbd28e6cbcf15e8881c133dba200faa5e63e35f1867e6d84e1e9f80e830af5cddc3f4a7ede093699d6b36dbcb1288b4aee5e02f58d13337b7acdf7a4bc2ddfb34d2c18111288d5ac75da6eb96bc7f1ff432eeb21c6e0cfb21eb6162f3320ad375ea1b0a09ec9b2ad9ac27879a4047096e2106f7627b7e7fa6fdc0140dc484ffa9e0734be3267e03b2acccb5968e45b10002e3e2ef9297dc0bb87b36fa0afd9a46b4eada21db14d3b7e8fe9c5e7367a9feec99d8748fe6ac27952e28986f391868abf60fb5879222331f68434145cc310569946ffd845bc4ee85733b84a58d8076a17c9acb1b458f8fe3ed8a61630425a6f7160a0258282e6d57337f743fff7698a878ad57be620dfe546dd9f91e4ea78fb34174c18900ad322078397ad42a0af822f88ed0c59bed4307176aedbe0ae22b6655f84be9cb2eb19a4322b3f5a90b297f3945bb33fc3209c619b0e6ae81f21efc396fde73b8f2926d81a341f2faa6099646b8a738d65d2f2e6b1282ec29f909e722dfa762c4a69b39c6b2cfefd0c9826e8d4d45550e1b81cb9480c0147f00418f4dcd99d753a620eed460e3ed9b0663dbe1cbe38d0a81744f83680f8d480133206a4ff1c414dbad1bf0e760c37a4bbdcb42d145b4143493391bef3ce679122da5781b7f644a05d080453576ede4afdadfafb8982319b9151470643626d6b10a542b476ed60735f54ab90f4ea7f375f7b1c52a6a9ac14f9c71129e8e9992ea1473331cd32e1f861c9dcae96b0801e471891d9cac4b4b14d80cd2a2c2cabc8d363aa55153f808d1aa379380adc05be41bc66c221fe7be08e1c7429d0b225813e02e24e5936a5396f420f137616cd1fcb046e3043ef45c400ea6ab3cc3509c580aecf65e208d11247ccfae5342324906bcfe8e10bf3acb6112d21492c458a37faf639de51e798dc5c76046e0439e0fb4d203115ff627311a04c6da6b1c630c9039528efd3aef892b6dd5b2779a1961beec4e2a743b8cefee88d5a28a28a8cce96cc3c3a44cc433ba32534d28b4c0e623f3a1f15b42fd68fcb29c35dcc3bc9fe4b2bdc29f4a30ff2572914b6a6e33c01d65f42f4c2282aabf1df4e61782b651f161918a39b95046e9e5ca9aaa0ec8b2fb960b82e8a4665153a584e00b2e373a064d06f91a21070f3a994b4857474f4b322eb3d5716d988798b498c1f4e4b2e602dc32d06e7b47152b601446b6dd0b98f1bc59db7ba4f67851ea62f9ea55b01361b0f1baa58e3ea18e6187df2511ed5b947b027bc623bb7a542b94399c114d14746d12f7d9fa8a687dfb55f5c8876e64ccfee8a859191bab968ce1102c8fc5912db00c73f0d2ae19c487856a1c5d170915277f0b3536114cb85ad8e83563c3126aa50f2dd2d6ff338b274e87727af8724f57fa1008fa5be0b586c6d40e3c33c128b3416f8b3395a488eb86fc18c95fc302c09489a52d55b27475f5f95af7b734f33dd0432011365e58da0ddc47dafd010ebda362d0edce85da2200bad69188dae0a00e27014dee6c22d3ebb957f913e715e6fdbe923d3bc1254e09af7e7d1d0155875afa434874cd7de26da7109cd727ddb4a15c3a093c97b29d72b3d54f6ff5ad64ef76afaac47d94eeb44b64f3579585eacd8e67f0d953799a3329a2f0cd7b91cf2054cfbf2c8c258bbf15e75c6d31303ad93416c1b89349453ef300eae08145fb22ce3cc36cb1a0b77d18729860c241739410b2e42eee286a33c22e6df96f13021ddd2bc24735c988082c2b67adcacf69331fec0ca260455d3be04ccb1d7821b2f4e02f818721a715cca718ac4ce8942cc4a065b264afa84fc5f1197bd5f0fc554e92c394b6801f4a276c93745875214168447ead0124e62e7d9804efa6e66ed18048af952089b72e6f286e9777abcd81926a69ffb6eb1ebe09c77d1498f79ad2a89d09c23d6133b699741db13d3a664ab6a71cc6f234ea71c9852ac7eec8896f3fda168b50257c7c371cc19d026b8bb9e7d81a15fc182219cfc0799c2d5de38be4e7b06e0014edc5e28a70f23c00aa44a591c16747c441be4db4f99942700d620b48af5ed6e4f35e8cf4d00b83d13d9ed69e73323cbe9c02b1676e22acc272332e399ff186bc4faf4a58d41cc88eeb157ee401e63d9c615dc1a43e787b2237e1600d1a76751f5c9a520368bb2fea770a5a4dfa4a2d1ead8826f936dd3d7999a09fb47313cb29362ebae14f3085ea177b6084c8d4e16fdaf8325cd05786c31a306e3a1a7ee18c4c34b5f012fd61f63d68e289420a75d60f7d027e65a2589f5e0ff11d9dfea43fd6a5bb2290dcd79ab72e5c4dca5e75b1d629b0f46bd4e63178368dd7b952244b0ef84d115f27c9fc862cd210c7e4102a477d360ead4977e20b9ae0e82609811eec0ed226b98c834344e14a7625eb302562f77461088ef39287043fe8da3635c4a7ae665e51d0c02025aebf4652ecf6898265126144400130352d15864937afd1ac514d165ac5b832ad3fc295297944ff5783d9ec49a197595e0c6a4da42d7363282172a901abaaac5c111677ced20abf649a8e53ee483c75e59ad8961166fcced62aa1989297a07fec2db15199a102f4936af1e84e49a098ed34598b47100aaaf7e3245ec37e21562c4e4f5b47bddf26ea871502bc307583a83249110bca2c1decdc241b2bb18aeccb23af56cf02ad4d8e9c96d59e66ccd4f006c020e280df94fbfd964468c44a0772e07b0c85ba770b798c915100060e37ce067481a5e86dc759b7a5a5a524f545649e054ae8ddf5a0ddf5d64f3a51841d15ec7e5339624d63dcfc6b911246c959dc3eab5bafcc6a1f35703390253f9949906489d5d1a2127205b982d3fe46ab8de91c06309b4550d2ea7b11c7b288239bbd91277204298d32c43a0e49de86a2419e039e2bb4ebf2b42276d56c43441cb80f685ac6d6a5b7fd1ef18f5e5e711a7a13bc384bc94d2598d087910fbb3f5912b31b6650421f5e52a4ddc2c50416d78cae6b195b7285ad6c08b98762d63fa059378d5c6ad2bddc3bc13d8b7ebdeb1aec8d037f435b39e9d9a612d55bf9692a238d6bd7226a9b2be47b497ee5062351e450518b89f4c3f0b98c2e5a679bef876537e11b968a6647c43f2f7da34e62fc4ba0b090b78c1abe7d455b360b47fdc4545455bba3488c1ccb459918672c12ec3c4c713a48b2ae13238d8cf1d766f8774190691664aed3187918838293b8ee3c1f76627450bae1cd5aef3cc82f1d7529b728ca052d391d633ce1bca2cb5336cb677c07084c5e344ff029399b17d8d1182a45ddec7862eab0996288d4263c04644166ceaeacb2cc2e39623052d49e60a14fa729428283791ed1e91d9decd47371065275b08fc9871eb6d57dca0c669b70369818b8bd88e5e9d58d7b63890e81ebfd6a4d052b3cdc7c41d64f9079c7fa610086659991aa5707bf0347ab67f299e817503ebd70c46c8fbf4e6d31cc2ea7bb3e19a9ddd299ff6ee89cb18c1de5bd45b4b3873c6253698d314c553139d4c3e6a57ee9c29b81b837aa596a7761bdd1ea907704ab8aa5f6daab67dc6eb6cdf9e6dd420c921dc991420f2123d15a9bb000e9220b759b1f26de9106a9d48299c7250b26ebe31a3928a8271195e16d5413bb8d552d14ee0a2ebd4132b70cdd1cd854e154fa5b41aeab982bed95cbae5da12bf468f1399b45cc0ae60a9619f965d64ef4a5f0a4804fc43f34f3e503501b4aed8b6cae59ddc7d44c084dfbe54f74f70f2f9879e8b5b957bae3f1e4c6a89209dd0f3a37446da97b990b4c63e7a6cd2a39fa65c513dbd0f4d99a3266aeefeae17475bcbfb163dfcff0d746955667a74cac9b33b78fff9023bf339d113236e306336aa932044f57466c77a12413635d85167d4110f10e2030a54e6ed7d4ef25eeb073a8fd2c1dd46a92ddbd2fc570cae8f577fb4f261626d1db56f4e5c275d91edd362ece9586e1ba4bcf3d7b8a6d49221637cb3da1000266ea1ec0834d22e59612c6bcb6a37034f8a6ed8348a1286b19670fe210d15d7b26fa03da4a1e38ef0914a0538e430defc2cf25b8de6c31a6d4e3bb5e7f55e76f5d4522698c2ad2e8a2f5c4561a405f611d1e2f70bb1421c64402155672db92fb2b102dc5efc63985405f8c37a0c547e90847e41c8cfb9f7aab3323ec26afa6575915fc94208924aa316ca0c91471c6a7ff2d3ccb853b4d4f8c311c9efe4135dcfea0d9f5e4812bdb1853ff11e4465887aed994b0671e99d1543dcc8262f08d35401cf9f205ad22e4488281cb463b2eeb9c717c9dff519ce986ef36d9428fd675dc2995256997b80ab3ff46b6b8c0eb83b5912ac325b2f11c955df6e00ba02f864fa2e780c999702a8fd7c9be07a0f5698f973674f2bd21e6cc3b90af7e5124296ca3ff57faa95efa56a9df148e9b765455d162df4900ec31d6e657ace5ac0d9f32d1f0498a3808e2a7be06c7d41b740d4eef4ccb3e0fc4990ead1cb03a347a870a4430c45129693481d257436b61e5c1b96d43e5d1cde311d921b38692e174f281343479e73b5841a5a09c1425c2f57262402093ae1aeffaf82612906d94c18be6342021ced556973c189ecaf7dc09092807eed4da34f623ea47eb78f99900af4292ca797710b1a2af637704c7d09908ce4c685dd9ab7b4d1e43e846de220c22c437a4e24cee3c7d5dfbabf58aa56ea565b3702a7cd03e04b74f33fd45b8500e42e92e3cf55b96f850ff0728e55af875f2c6440c942cf6f5410d18d9b016c1250fdd060e49e1e310963fe48edb9b268fbb4a602f1d6b7446f0cda52f3ba5c14830abc548a2beda0a0e0c1425426c8dc7ea020f6cd3f7822bf8de894469d41ddbf86cafd01961f55aacd469d253ab69722df8c778667a94829c91b46814c9dc0bbcbc478d030abcec267a7442caa0d136c2a6ed12e619e22c2461fe1b6a0d3152b884aaadbd810391f0bd7d2cd1ccf6dfa915a4dc36f09c9b99516f10a58ad8351956ccdd9b13b93682767f8b3e408209f626af5774168a5cd5d2509db46d28f31ecbe189e6fd55acb9be0cfcb8a5ca0c4f0102291d993dc9ae799aaa37c0826c463fa954aca7ac5658b66117449d40ffe8d799965b8f2dea351d826918728f3992ecb949bab6113f78c2d85f15de015e978b7b055fe5ca6affcd18261eb11102b95170cac6d575284636835def262877d95b6febfb93da6f6804ec1fc671f2dd69d282d80543221202c29d90e55e3eac722ee1a28d3a47c1963d83e72478d4d6152d50c222c575ea2c7ca643048b1e32dd1e9c908eef3c92d37d2759eed73f0408b2ef774beffc89eb2b28d336de1a7f410550e8bd821a113f0c6eb8614b540123dadaf6059f251e6df195da728a4c91a25d3b9eaa7e25935736fd126db233043e2ba09792cd5730fc72"}, @generic={0x1002, 0x11, "3e5e8fa3d6f84ed3cb4f7a917a30b1407023d1ff743079e14d43918641c9aa7334148489a2cb979e432e5ab0444d8291b25011a60c31dd4eac21493ab27b5e85fb4992f435032f836009b7822100c6953c6dc7f39c632866abc2a3cc8c5777b62a7cec9b04da2c787933c81640356a6008976447918b2b6f6f2dd17abee7e5a3adde1705fc39631f1b9c4da7a6844d8a793c2b83714ade017acc5f834a089021765c6e2d970b65b8d1abe1e8c5d34edea3663e4e68fa4b9fe8a369c67b9e2a06171fc36ece1af567746f92a753ba12ecf1d56949b2ddc7e6a8dfc163cbbe82faeb5341719a22c2b02259a9a34e96084ee9ea3fa9676b4b0ecc78c8b23ee9f6ab2b3e87b174fa7c91fb8d508291fc990edeeb1c10a667e80b50f820478759dac6e54c59c29b0fcacb515ee81b5e76e3014012af9843d84e0d1dcf6d9b334e44a8410ac527316907af9e4ad5b762a59929668430904ae2bded905dc15c4c2d50c898658b61316512a10055fa634ef99db6607f2894475a32e2d9917866563f1d42fa9ef2f3757cc148f1d946440af77ad25df699cd163bb226f77bb12ba9041bd9067e9c104edb4aab19a1ea11944dc1e291402243a2c0529b3b2f9a07103cada94d8f61d229d862508c0769dbb95807fc89f0240790e01db8040554f0e6002c41ce9363a3917473046a8f033a38a1d3b04aad7606e6854f3e56655d34c1807327ea7a792ee5fa3ec93526669ff242f2a99ba38976aefee5a7bacec32f9d113d9e5ec6a89f2bb8a7f57908596c9c897db4a1dc52f9e8b97cbb602bd07367f019403cdfbd2dbdd630840b303d20cf378c6f49d89d937f6165799614aa7e98ecd9d888f627068998b5883c0aee3c8cfd6ec0eb6a65ff91aa475fe591dc3b2cf96dd1cae408cb5fdef976113441bdb4d9d1d0930b44ff2552ca6e693b13f8bf697d751cf0ebced145bf122faffdd32c709a5746ce7238737641f56ebd6d76680b03eb5e7ddb271ecf38cccf0446db3d7b9db541b2d6f35e5447d27d5d8227c39efcb5dba0f52141f400385552acfb74348ba67ef917d4ee6f75eed1c9134d42c9c24a0cb8da0d124c3d21e9374e2307105e178d29c8e1293099266c9eece23e1d4909c85e115791a36559174c7617e9b0fd2f73c8105b7cf39e4fd43b6c252a1e836808e34dec1caa6a9e1509cf1e09703e032b7b88249809e5fdfcd3e27b09c5e2b8aed089128dfcf26106e7963c7b31fab7c3a507ce6e72a406815d52769567c4530d442d010e5c7698bdcdad3bb210faade4797d4ba3adec17467ed0740bf88213da583375682c0268b83ff3759e5993e4f94c8035b18f334f70f10b4a017c3833bdd22fa39e8518414a6820bb6f06c2636a8611238151b2125d476b9d1b5abe975333a64b6f1f9c39abc3a28d1f3d7159ab746e0c5cf31af7b4077e56ff900d91241a0966af391b8f90bbdaa89a04ab548b2ffc7dcd64e87951843f5f60b5b9aca6effcf2ba8c80252ed57aa53a4519d2faec66a238ae5c6a5f6c3d5c1816f2cbc3d66ca1d0eff708dfd876a4c7fecece167ee934726be8c004733e919f7d97297da4aa6d1fd6d21a236373d5befc6e7d5b3747371072a4ad2fca17344db8cf597e6c44328615671e0fdbcaee00121b662f603d15ba8b18d6c48d41152bcb50368ca1a73b22d432f847839fa0ac9868cbeb77ebb3d7cea6987d63be8b6277311cdb21530ace6718705a5e2d98476f3d239d22d1c14ee5e4fdd327a44db4ddd88c48735271017bc8c3469f041f76ed2a51a39833cb9e3a8d0675bfbc62f69db28d49974340511c0649a6b1daaac69ae7546097537dddf12e894dfd3143b49eef09d167561b4c0631b77e975f7cdafd6afb5e7ce35a46015ffe83b1fd3d4436fbf472ef0da79738e7b1bd0b67b291a3bc70c4dbab5a1146dec8d2f226b86d8a49db86f08cfb80af8dd2f8529645a1fe9425534686d49eb8fd3eb81045b1f2080636dc6d8fd8db76ccbbfaa5e200e54ae843228ec8c02625653c5a7b00f50d837b23497d4d5abf252a2de093ac4b856ace7bb215c63f4407d12ecc2affa9658e50169b758a79afca2fad7f149f39bc5c2ff5c1e2efc17c736d99cdacd5c2ff0cc24b67cb23e01dc47ea1ca8062565daf8abc06c5bef51eed920e4216141017f80005a9d70e9bf8a0a3464568355abb8982acd9caccf4cf846b763ab2fcdc27fecda4268f3bf102f53279f26db9a14a76025a90e38ad86cff188effe9357ad79895bd2f04c85379e33b0bc2253e1d7ab590a769e1fb6a9bb1309bb83b6267429e35e18bce415a932cd56f84ad9bc1bd18ded40b836e5a5f6928de5637b1f6fa5baa3b154f3840601fde2b1432b680f70cda00234210c88637e12b283702fa17d716ab198e2f98b01e2e4415d01fc7f4dc5191a232b1bfc6a8e52fa01e254bc81d934b205c82e5161621f5923f00bea5d40cab4ee2ad9aec54775e789648ecf28cb6ad61061576d7e3917d74989bd5d51b72f2aba5e0de6c359a422f0c968e21aee5175dad00e0ca50e6da91e1b6c0a880c4ec7c958ae5699f3920a904f497d2eda65dcd2cd49b5ce7f5c5d5684b434b64226bc7f85089d7e7f206a096bb6e7e22024acee2548c5334c25f2e0408ab6701ea385562cf678d07eab0ca7f8835ba2d42da3eac214d87a1fad74d93e629012af29579de4b1e4cc2b5226cb6f14f5fad22b03b619ebb609020a776b6b48cf4655708b7f8a97f42bf1e62dc1270fab7f2004df031eaa7006ee99e378fea939ed448db86c5e940de8fe700373b898d513db8d8822e2d326f537bdd813764c64a5d42e692a631219e1355da05d8f1f2c6ab0be819debb8910b80f71045a972e37dacfd83c2ac73b9b3c20ecf8748da859503fbb6ff800a00396637bd5db571cf9f02a982c23ec45e79c7fb204918a1c4ff9976061060e3aaf984cb834493db0f401e3683fbcee500ec980c372aa2b4b500eaf8a36ead86e4e5589bd8603ed191d09df09108cd8737ae6420576421520a46806930f64fdc808304d301900d943bf3dd91ca50ba1f0d2f2183589496f0d27cfcf1925b4d04e137f3ba89026573bc56107b293c63a0bba791f2090ab318c258922860c804b23637ecbe1871b2feab04799692eec9c86583109a1d99af72d32d3b6d3a9c7207d6db4fe6badd2fc46a63011c35bf1888d9b9831d215332e5f22f4985735cbe791417c3f6a0dbc58e8ffa1ab2f2b29a642c1f2e438a90655af064d85e9666cc27859c98135bc183c8185aae2e1ee21b8c648e8c50499fa2620398c3c4af4af09035b099112f1044f2ff15ca5e5430fa1fa8e27f7c44f7d352f3daaaf456e5532c534a047f55b0d800066c2005b2f17c944a4e997b8c91d920fc703203db6106da2c460c1d4e62d03bea1685483299a4967674151f7340d97ab31659aa6487aa6fdd7c7b8ed9ed58dba714a3b9611763ea7350685dc3f4c94d65ec8acd594e8528e3f7dd84d259957998e0fc278e8dce8d82a4e2f95600f50ea17f322d8164f39232853085735c0c3f95724692fb2f5e66c3f23d76b219e225bf3c8e04d24faace91ebc3fa788cac022c479fd504fdf4a29515fde1c7c7db70fdbffee9b6116d0a7b0aa901cc8939af4834e280bae4fada10740c9b87046a58ebe3d8265101c542719c4c6473bfdc1707d7b73cef025d0a717b1e397eae2f716dbfc45bec3fe98b2b39e99fb1fe7ab6c090c83ec6f3690ce01558c3f6ae9b6d951a57e705330b7ccdb08646d9321398bfff19b4d61a355553f4412c566714952b738c9b58a38d4f9ffb4fa854072be8bad14cdda6336cbb4c7588b2a98c920ddc921d47181eae48dfdbec40ce02c65b2e03dd1bc626d5ccd7482824e903ab9fb0195a3d2dce6a5f009787e489539530f27f10fc7e3b7400c16408992a1a4cdebc8273e8ee48343faeb7bcb689279dae8bdfb7b74145e0567623eddcf53ba56e6ace7000ad19b02aea81c406637ac67675775691d88fd9d29d8ba4c6ab6bfc1ccc73a22d2d3cecc1a5506ab778b6d8c4cbed000de5699a9efbf4b96dc7b6a5ce46516d2a999d8b71223571cf05343cbf6b7862c70e86a4059a498d642027596b1ba8ff6ea5831aeea97838a4957a66a3b8434876d920cf600b5a10cfd68ba4172183b3c90fc6aa6b15ed05704cab6a13baf5c1d0cc52c336220f678490376a1fb365d593b2f96fcff550e4de63718ca86a0ca7c04884a2f897695768d29733b2db5017a88cdcf10212d3657697b93f85a645518cd6d264d0c315a70b3562de58574c297574189b417d4ce2d27672e5f3e3504bd4f04232a790070580ab4274f38b16ad10f5d67ec45e43a8c0268aa53e4f66f5fe8e7b9732dfcd7b2a07688967f5b794d806cc221c57ce011812a79b919f13169d5c7ba3b0c3d2c72cc16adc980149f1e25d90282c8acfef31fa63c8c215e62672288e40109710273986d0b52a6f6a6228d87b811f10435b59ed69c691a00e39ba43a05d2b62b613bfb8ffd34297907999889e6330fc47ce948fb2a2bbeed8b0a2db6cd11bd63416841e6c1cc7c38f41be10a5edee701b9f19830aee3ab08b949c972c064fe55e14db7cfeef21b2c1f3bd03440170a91da020aae62ff3b1f514edb2b23244f653ffbbedbc5e6af932d0ba305411f4cc02be0b12515b8929a429cfa8e0c3e7b705ff8c5f0870c286009753f39e9b02837c57c383719d930758227347db93461c867881c3c22a5557999423cce8ca97da67b2048daca98be706a403037acce37050672b226f76582402fbf4e580bb4268708950445f095867c8f133384df69e40689cd46d9fd2239085e6d39bd8b92a926b268ab45d572a91b60c3ab8a24e2e9ab509f6b5e9768315422b56e73061f28bdd6d9c6681c49f3fa79e5ef3133d6f25a5a5864b2580e90d5c035a3056ddf35157f32bc84b2b884036465034b4bb7837fd7fcf30ec7609d3afea3a2fb20aafc81e02aa55e3a2a7650b48ccddc2a40ccac9ed86ac4efd417775be14a46d1d58320bc43c6747c00950cb03ad0cf38a440433974e328c710eff0f47dcb908a0c938abe4630debb0eadf2dc0dfe89687226bdae52a6ac73468f31f00bf5038ddb619720d003b0357d0aaa9267af621c99dad8172f7675bf4f0c8008c282b9ecc4a305322ddae185369a86fe7ec3718385b597df13492b952946f14d9f709a70254e1f928b36f02ce218a8684654f231b98f81d853df34db54cd2368e02f6dabea5fc9bdd2cae517b15962bef77d28ae135d552fa3f074319c5e92189fbff2b3fb82f04d79ffa13f7a6cf33de3be870777513788189fc7d758af2a26f1ecbc5c3cbcb83476d39078e26181d5a3dda7ced7d55ebcdcbaa29363a37ee94c16b4103a054995e7d494efaec2a381889717578f39c488fe2a8840f8388a2891442eae20a5fa35d2a5920b7319a839bdf08cf5896175d875161ed1d73bcc2dad413ea0730401bfb90108abae65e07fcc361828dd40a193deabc997e51038b6366cf082685a06b9c8548b2e52e94f1d02518ff8683402fdf81e61eeae97a3fb3db8ac22abbc7a14184a6204c59fc918811c2aced2eeb5a7afc85896825bb2eba515e09caf600aa1202da9cc9ac538649918dc3be3ef653c70f8c14a99f188220c5089ddd49b65ea33e9e10ab819eda54c239e5c98020cbe9453fcc37882cb6076a1491ab19d03a0345d753a81740fedd17c119e45e70d57a0d46bf8a93683364416e4c7f694ac378344d6ec865d1d64d97d498a02945fa1fa992ca3808483d9248d"}]}}, {{0x9, 0x5, 0x5, 0x0, 0x3b5, 0x1f, 0x7b, 0x80}}, {{0x9, 0x5, 0xf, 0x2, 0x381, 0x40, 0x4c, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x81, 0x2}]}}, {{0x9, 0x5, 0x0, 0x0, 0x64, 0x9, 0x0, 0x7, [@generic={0x92, 0xf, "d40d85aa05306a0e86ab5ffed5a12cee1a9a07317a778777391796edf9d91bcdfae65204a0dee8229316517ef8e41fef07e67ed30e926c7b79335f7f0a51aa668d16e694c3aab79498f58480dedc21eb12b469d303a93276567f6839c907a4ddf01d3e28fbfe0fa5df2186ec1c520cf47bb46dc4f8244cc45028f876734a1876bc23cb31450df3e2d9a19bd9a61073c1"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x2, 0x4}]}}, {{0x9, 0x5, 0xe, 0xc, 0x3c2, 0x9, 0xf7, 0x0, [@generic={0xb8, 0xffb4229a2111d2e3, "b589aebf6ea0a067a6495ae16a97277085fc10e2942001b71a52b7b5b4c63abce166202ffc8fb5c67c9bbd748865fd01ca685f4da7b0ac67ce21f3386894234a2825cfc3716c0f75765c0b26ae8746d2feed3274f6e3e6d9e224878b8a9ad47d41408ea3c43fe32838d04b764b6dd5e1e61ab1783f2c8f881b2dbf93a07ecb0d8094c3966445a91bc2e8aa40b566b2605e43614e1b023a8f0d902795058264b4d397842934d48f40097608f97a0beb634c15d8e3d085"}, @uac_iso={0x7, 0x25, 0x1, 0x183, 0x8, 0x735}]}}]}}]}}]}}, &(0x7f0000000580)={0xa, &(0x7f0000000480)={0xa, 0x6, 0x311, 0x7, 0x4, 0x7, 0xff}, 0x16, &(0x7f00000004c0)={0x5, 0xf, 0x16, 0x2, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0xff, 0x79, 0xffff}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0xe, 0x9, 0x800}]}, 0x3, [{0x1002, &(0x7f0000002bc0)=@string={0x1002, 0x3, "22a63dcd135854ceab7a6f3fa1483cb096efd89cc1caab5fb7d6b4c62552a3c0a13492d037406f1315598544b758415b3d24d6a64c692a2d204c4668f8de31ab40e182c1f521632711d75fc82a14f18be9dacd033a15f5e0b2e9e737da3a598140f83b3af0d06e5446e6d1c1e70aa35f23bc2e28a9a79859107c0adbeeeb2d71220def5c3aefc90d9a59f40df6626656dcb5a5fde3157f9f4bdd050e036a57b91353d9f3c5d5a97385d280dcb1a7fbac7c3c7414ed89a0dbe4717891a3e4ca68d64d8088effa3134e9858f598f63fcb45104107a53153596076fc9410ab043daa4570689c64db6ebfe47901ebdf94bfd827262e68bd7786bdd22bb6ab2fed6da2313483e2d832f69133ed03bab7dc3a0dd76d0c1883edcdab6b8ca365dfb68a36483b5e9d8307945053c8c694fd3121161429b391a9122d9ab3cca0b40c73bd57b3fdbf0f9031edef35b0927cf190d2d3af6a7ff5cb295ec8d0ed82a318a61983c95429c252d4e5d75d6340f5ca9fecaee506db296fbf61cdc8cb8cfaf197f9a430a95114c303222f4e4fa4b1c7d8ef1b00536272c8666147a703ada27a8dba6836c3ec12ba2a91f1d16ea86a2c701bbfebd6e9cdc6f165fda3733df2012f516aeb7cb81a5151fa65e48254b28270dff3c658d89fef7f4ab3fd4e9db6e6847cd3a5ee03f7c1f52802f9bfaff3944b94509308fc54ca50fdeb546604295ea97aa4fab4e361e93b83fb1f76e1fcce10b1cb6ce1226323971b6e9c7ee11b074b275a4634e3289594d275733725281c02c7591768de0d493e9b3e2401fe51873af74008666dc04f1f1fbcfe71d32d5c0b55e2e98de8237294abac55913bd3117a730d478c3bb58b0804166fc4e79736d3af78814310366d18c0633299c5962006a9fff8021a5f2050e0c7561d07027f074bdbe19b0e17b775d536f3b4df2294d28cfd333c62b4990ae77ebda3965ee1834c481506f78d720835b08054dc5c1fb4941b43af75e6c4ac45c45abf81aeac37219d3dddf75283d6e2f23682414375598300d2cc2c879c8048f0433e2e03ed5be2382e05cc355fbbf9d5d35a9fe6a90fecd99e324549af61994b1352212ea909714e6c3c03bbfbf6f9cb02a8811049749e16936560120636d5a3c79217e75ad28047ab4dea247bfef559721747c02c49ad0cd9700532d8a7ee8fb725edddf637131e7626cf1b37c5dce1d8a52cf30ab9ad97177d70c0567935ef99594bf3af4b884a6a53a4bf9348b37fa3133ab75db119e7a3efd0a34e0169142c093ec2d7411cbe29bb93b3714deb949406d113862c5f0fd990aaae4995550ae78631c0b367b63c57b3222dddf7c3b86c4056aef4fb1705ac4ed95a5267df9313d14aa6ebfc6379222ec8e5a6366a0e9fe7aa734695eb52368ef2ca65b6063131db34192c64749354353ee4fdfdd7fff3f0d09891a7b418fc1a18766fe1addb447bc4bc56b4cfd8a087f00c4b055f3cce5154325dfa745cbb2456550df65cde5d676b13811978646f7bf55f9150fad2f25558fe6bc7a63625af35ac2993f1ff09121aec0bc0aa4015c5c4cf93c69332f5bb5f3c7760ec0dd35998b856cbc0fc68baa1eb13cc750a7849d0945761d7d25e7a74533ed6a5ce7f5d7c3a4475be36a6c84b56ba251a215071ed19d1e94f9d162a6ab5fdce912524877be2c290faea1667242d1edc1f489db1c42d42f541baac1359533b2664fdc88368ad35e20e338d43e78d82a463a848bc75366312cb123cd9677aad95fc5b7b3c7de93696fdc02b96ea298a9261ccfd44a6aa303aecf9e600fdc8ebb951b7cfb6f9d7ffd57c95939a5fc22bddefd92ff3a78a7ea5923e2020c7d470fad01378267ec4b880d9b9ec5ffff0797f97a23aa276ea3bf0e88350aebad07d142a4b209c0391dfea414e111069465a5dffd43be1e485581379c559a8f8b3fbf89a48726b1f74212d11b69516e9f845e8af5849e70594af5096c394f9daeb6fa1d3186fd86be6db2d15af746661cf25cf1e410c6971e83949cf204dfe8867a06731f39155b4c5c1c068f6c3040850fd10dd175bf3a2a3b89f82d39f436a3ee6bc6336c61e822a9678d4db03e817089ec370df416d42fbf5e951a156c7fb354eac9c1798296fb347dc36f72b6b9c3ebbca5416071eefff37222b91c6fcaa6055d9a23b6d97f2f04f9545c47027d1b130a1e5a96af1e4d7cfc39dd8d5ea3954bd32e38c17f94df9e25e48b60f6ac7b3c0d463f232410c150b128f69a196d3468654c1de313d7cdc9032221a5e94b7d734f1a77e805f70f18fa7da453ef1b8faee0e76ebee4468547705eece411e555f78cbc14ad072676a897059e007e95937f2ca455a7c903c138b0c2ee42af00d5c04d80642946537fd37d6001804cd64cd86cbf543e03205ab8c2b38d84258ea94285aa757c96615489c55035eb212307fb1d91eb060e4ac097f798beb8e413e7dfb6bb6eb70a6b2d99c7e5b3355784b45df3481f02ccda79761a4100879921eb56a68cdec99754331ac87695d21862199fd5cef78ad72f1b280221c41f8fb29b94c65224ffd31b535e5814ff1e7d97b1ce7a5afbe3cd3af2ab9ce072b1cbd77cbf920eb3c488d3fa11cbd60759f76d56549cd3fef2eb03a42ac08e2bb008bb05dd8f821bf22e7e7ad178d2c182b5c5da38086a977357a2770d70c4d7ddf9eb3d4c8dde796df85ded6fa09440eef08e2d65a48df49614f471feb533a464ff7e9c2b79a7c800cf37a7804638f8f82e5c08a702f2326de980707e7791411386e03bf2b76903135d4c75dcf05f082714b0cd68cc2a319b2e8da4675be1ba8759c1a76686131689776895b5a064d20e5693c9e2fce8426b3dc8d9e06b21dcfa9b7377114fd858e59aeb5d0d130d45e06f209cf1c9c5c6f424e4b0502157e3c5129d72eaada644b6c4026aa5202f5ab95632a1075bf9be85e7f5c5bbeca6c43d9fed219d06874e12b8fdf95141b7f5de317f2b66885487355a840778d53b49be12ba5913fadd3370e1eaf6174d79ab9b7bafc06378b338f5715d827326d51ac4ffd1d9e45763014692a41e73464d5135818e36117bc69ff902d8fc12532cf5379b6ccb3aace3b019a7d6442327accdbdd134e70178968adbd79d01aba368dee144abcf57c17ada3865f8996bfb1be5302f158f1cd92628e759e293e63add43190d6aa85925e0d739c2a4353c6dfae1381ded41d40bdbbae08d39a145788fa7810f2b541762611189bebd9c56406ca129d0e84be3d0a3165c05f5a320c0a0926b6e1963219b3e415d56796d76a0574204e81a99907c98ad53018499623edfe83ecc3e1158c3c9b1c9f1158e8ca09fdb1bc2544b15e5258a1bec31731492413e8e001dd5d1f3671d1f8a8e9fcfee6a0d61202c5a2fe1f1680b9ffc13f93812993a4d174487b69cb30b11c4bbdb8725f3975bb0a0533e5247ce818450bb53b8ff1c0cfd4ec91f2e8a28ccfdeac7e95b85eca5f2c1670daad69b1c4b0105b2535dd678d71277839488b859516f797d65ea94a71ee3d8c158ee32dbdc05092fd3f9de1b6c621cfa529420454751347a7bcb34a83acf4ce61976ec2e33a2eb6f115ee1b7b918ba7bd3dc891834bae77d7088d5dd17d3570995cefa0a2f3b14e88180280a0cda034dd4b673a97bd1947fc8c8a71c3b822f4bcdda6feafae1c9575bde9cc690801fa3932225bb96393ac610ee3ed295200e400634ef91caf6f9ad7d99778f39659aed3e0a25064a3e8722d821aeaf9d0e9f96b95b42033adec026d12f20ff921708d526a82c0e0aa2342993cbf06dee1e9f8175229b01d680a8824c6393857c4ea6db8d64ffcc7ad591734997309c3864d61da764e5add475bf03321998a7ff05bb45411bb88613634f7e5deed886393b8a2abc89fa16dcc5954e9829ea6581023b3cc39f80d6fa504c5681087a6d527edee39a4b96f94159a56170b367a073757c3097321dc27357ca983dce30159ebb905106afb32719df5e505c52cc80ad6f94d1e3ce34f3a39b372fcdb2af3e9928b32976bb10563d610c71c2e2d511c495a70f23079c1320364ec33994fc8907648cfb5d73af5e5cdbb1c96d91fe6a26ad836f528ff3ac2e2036664fa76a60db1d363d039a101aa96afe28b44390c712bfaaded716b1bc71b17f1769d6183a982294a18379aab1a86de01412d2982e7e47e268323e13b08f6221475e6825e7d09133cb66a85130408e68d3b2d7974e7209573e3ac6ee734ca36429119439c5022ee7adad4dbab59a0d9b6218983bf0cac1f127dec89abed2b84dbb422f859b05d5418e8392200527b6a405569e1577bb1b9e0c6dc21894e3094300e65c585962da832706334f69c478091df513470827153f24dabf090596935dc33af0faea648631edbf15a911f9adca0a29accd1ca1b62306be970157a872dc873df78a10e1107bc0860f35d0b60ca660211a4bb5a2c2e060d8e78ce31844592251426f153d7db6193e4d9a23e84208b8e678b1763bde6a0af477448bec3eeac7f05b60cb49410b78b84601ac9d3a09daf6059da9bbb8c627c3a83440eae233f10351a42d4f8d87e89d21d0dea789109ee0d6f75f4d6a7e71d68cae9b6ec7b041f56087345c11a0109a7dc929510cca36593193ccdc0b040d56da5bc557cf372e2e08052a0f6942664a79c9713e7a3a991ed5b501e9abb0cef2835e9bdbb829ed9c873a4edb923845705370ec09a20c761a7f04585e1e20c442beb963cc14f7670bce998143b240fbaed4d5e6ca2be1f5ed24557bed9fc3f48d40eca36145034c13a319209a7f99bd52549042b14dd34c3ba498fe855d4013f3a4d2a82781a4e32f522fe9703213e60f8b0ea5c37694b5751dc31d84d24f9ae773403dbe2072d66b95b64b9fef08e0c605ce81edf8b0adaac66d2461f1512e7f555a22e2ecfe426ef28ea40e47b4239a7206911c9caba18201bccadbd3fdd97891cefeffddef60454a36d37c84a8820ce6a758066def6585852899f307ef77274c393bdad124340d716c2cef70ac8786008b033238e34900c6368471f1d275a45e2a59d35fc1980144bd85931c77177744b49e29438cdcc434d5ac5733d0730b5ec6bc906ecc1e0a5344078645cbcd11fd74547168760f0047be644235d91ec44992a79e17e7242572bf5b502e2d4786ae45135a054a5aea291bd53b398b07806be8734bf44ebaa993fdfad908844746430d9720319e9af6765a57ffaf57eda61991a439213acfa56f0727a4b5c00eb0908439ea892b9b8238b25701c2f5c677c75c76f4ca80eea434d74f35ddb2d73db425102f884c205cb9a73067eea78c0b27561fd675bffce4f217fa4791ec3c2612b4b7400796d5d8f7c171b2e78e9dfa51729397f034e0c0e55072dbfe7fa8be29f8d776e4ab1a39aa1a27e4b597702fbb4176e56629e69ba5f48611f9d96f97753cd1e2e4fea26ff9a30bef118e4da326e02266da85813d4c6931bef7436af1d58718c95ba4254f9d2020128a5222a86cc2cb23a996a4170572cdce849b23978ebad121d9b105f9da74a80701fd20cae54921cc83f3e7e12478f767747efb5af058f216586a683aaeec5c18f9cdc60600a7daab1899aa6890f79d093fab05c27bff5bd01b1628f4faebf5c767aa4d4f9c34e67feed53f3f9c594dd69b80471b08090dc4c816bb933c325cac76f0a57b105d4d92d36c7b728ca318637ad5b7181acc1a956b2a341aa7109ccc962bd4af675073d8b2de016b8f426060bac855a2c8d35f8b479ddea72e09b2642c2dfefe194cdbc474261a0dc84f286f99d932e335"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x4ceae8e7ddc6651d}}, {0x11, &(0x7f0000000540)=@string={0x11, 0x3, "d3520065733bafd14544eca5cc208f"}}]}) syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000180)={0x14, &(0x7f0000000080)={0x0, 0x0, 0xfffffffffffffeb1, {0x83, 0x0, "b24aa67be06392dec5ec2f69d14c0a0dc2760482eef164105b1bf2b7c520b255b46b463f23edcaea567e9a16183e7094d5ef0a11614603f866fea4c5b27c20d604248b2e7af1bcc34c6ad8aa3681ae7e1108283b1db6b33555b8334846248ea81b7da87e439d6de347f215b0c99fd9756e4c0de3270d5ecd9d94ad5c785dc01a57"}}, 0x0}, 0x0) 14:23:15 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="b40000000000000061117800000020009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x5e) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000340)='IPVS\x00') sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000640)={&(0x7f00000008c0)=ANY=[@ANYBLOB="bd000000", @ANYRES16=r1, @ANYBLOB="000100000000fedbdf250b00000034000200080006002231000008000400fca34a7a08000900ff07000008000b0000000000080009000000000008000e004e20000014000100080006006c63000008000600727200003c000100080001000a000000080004004e2400000c000700090000002400000014000300ffffffff00000000000000000000000008000b0073697000080005000900000008000400ff0700000800040000000080"], 0xb0}}, 0x8081) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000240)={0x0, 0x5, 0x20, 0x7fffffff, 0xff}, &(0x7f0000000280)=0x18) sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xec, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}]}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x29}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @loopback}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2ff9cc34257d9623}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x5eeb}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffffffff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xae1f}]}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x4}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8}]}]}, 0xec}, 0x1, 0x0, 0x0, 0x8000}, 0x80) 14:23:15 executing program 4: r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$inet6(0xa, 0x1, 0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet(0x2, 0xa, 0x2) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0x1, 0x0) r2 = dup(r1) mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0xa0012, r2, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000012c0)={{{@in6=@initdev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f00000013c0)=0xe8) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000001400)={'vcan0\x00', r3}) ioctl$GIO_UNIMAP(0xffffffffffffffff, 0x4b66, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000003740), 0x142d743, 0x0) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000480)=ANY=[], 0x0) unshare(0x60000000) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x10, 0xffffffffffffffff, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000100)={{{@in=@empty, @in6=@remote}}, {{@in=@multicast2}, 0x0, @in6=@ipv4={[], [], @dev}}}, &(0x7f0000000080)=0xfffffffffffffdeb) r4 = syz_open_dev$dri(0x0, 0x1, 0x0) r5 = dup(r4) mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0xa0012, r5, 0x0) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r5, 0x84, 0x4, &(0x7f0000000040)=0x8, 0x4) dup(0xffffffffffffffff) r6 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r6, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000000)={0x0, @empty, @initdev}, &(0x7f0000000200)=0xc) [ 440.832292][ T3380] radio-si470x 3-1:0.128: submitting int urb failed (-90) [ 440.912425][ T32] audit: type=1804 audit(1571494995.955:101): pid=13281 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/106/file0/bus" dev="ramfs" ino=37425 res=1 [ 440.916268][T13281] FAULT_INJECTION: forcing a failure. [ 440.916268][T13281] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 440.948120][T13281] CPU: 0 PID: 13281 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 440.956116][T13281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.966262][T13281] Call Trace: [ 440.969592][T13281] dump_stack+0x191/0x1f0 [ 440.973961][T13281] should_fail+0xa3f/0xa50 [ 440.978575][T13281] should_fail_alloc_page+0x1fb/0x270 [ 440.984246][T13281] __alloc_pages_nodemask+0x3c1/0x60c0 [ 440.989749][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 440.995816][T13281] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 441.002173][T13281] ? prep_new_page+0x792/0x9b0 [ 441.008512][T13281] ? get_page_from_freelist+0x11d3/0x19f0 [ 441.008553][T13281] kmsan_alloc_page+0x131/0x370 [ 441.008578][T13281] __alloc_pages_nodemask+0x149d/0x60c0 [ 441.008594][T13281] ? page_fault+0x4e/0x60 [ 441.008610][T13281] ? copy_user_enhanced_fast_string+0xe/0x30 [ 441.008624][T13281] ? copy_page_to_iter+0x6dc/0x1910 [ 441.008661][T13281] ? generic_file_read_iter+0x2979/0x3e70 [ 441.019865][T13281] ? do_iter_readv_writev+0xa16/0xc30 [ 441.030013][T13281] ? do_iter_read+0x30b/0xe10 [ 441.030027][T13281] ? do_readv+0x37f/0x710 [ 441.030040][T13281] ? __se_sys_readv+0x9b/0xb0 [ 441.030052][T13281] ? __x64_sys_readv+0x4a/0x70 [ 441.030066][T13281] ? do_syscall_64+0xb6/0x160 [ 441.030102][T13281] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 441.041980][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.078929][T13284] IPVS: ftp: loaded support on port[0] = 21 [ 441.083137][T13281] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 441.083158][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.083177][T13281] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 441.083199][T13281] ? vma_interval_tree_augment_rotate+0x3a0/0x3a0 [ 441.083229][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.083251][T13281] alloc_pages_vma+0xc9d/0x18c0 [ 441.083283][T13281] wp_page_copy+0x464/0x26d0 [ 441.083300][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.083339][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.147020][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.153139][T13281] ? mem_cgroup_charge_statistics+0x7cd/0x1680 [ 441.159296][T13281] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 441.165370][T13281] do_wp_page+0x1e8c/0x37f0 [ 441.169881][T13281] ? kmsan_internal_set_origin+0x6a/0xb0 [ 441.175533][T13281] handle_mm_fault+0x46e3/0x9f70 [ 441.180500][T13281] do_user_addr_fault+0x905/0x1510 [ 441.185635][T13281] __do_page_fault+0x1a2/0x410 [ 441.190406][T13281] do_page_fault+0xbb/0x500 [ 441.194915][T13281] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 441.200292][T13281] page_fault+0x4e/0x60 [ 441.204536][T13281] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 441.211266][T13281] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 441.230960][T13281] RSP: 0018:ffff888189abf778 EFLAGS: 00010206 [ 441.237031][T13281] RAX: ffffffff8496408c RBX: ffff8881a96ea7e8 RCX: 0000000000001000 [ 441.245005][T13281] RDX: 0000000000001000 RSI: ffff88818c1c3000 RDI: 0000000020002300 [ 441.252983][T13281] RBP: ffff888189abf7e8 R08: 0000000000000000 R09: 0000000000000000 [ 441.260958][T13281] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 441.268938][T13281] R13: ffff88818c1c3000 R14: ffff888189abf780 R15: 0000000020002300 [ 441.276942][T13281] ? copyout+0xcc/0x1f0 [ 441.281114][T13281] ? copyout+0x113/0x1f0 [ 441.285472][T13281] copy_page_to_iter+0x6dc/0x1910 [ 441.290656][T13281] generic_file_read_iter+0x2979/0x3e70 [ 441.296243][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.302136][T13281] ? find_get_pages_range_tag+0xe60/0xe60 [ 441.307857][T13281] do_iter_readv_writev+0xa16/0xc30 [ 441.313163][T13281] ? find_get_pages_range_tag+0xe60/0xe60 [ 441.318882][T13281] do_iter_read+0x30b/0xe10 [ 441.323515][T13281] ? import_iovec+0x4ad/0x660 [ 441.328207][T13281] do_readv+0x37f/0x710 [ 441.332512][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.338413][T13281] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 441.344488][T13281] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 441.350212][T13281] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.356153][T13281] __se_sys_readv+0x9b/0xb0 [ 441.360668][T13281] __x64_sys_readv+0x4a/0x70 [ 441.365283][T13281] do_syscall_64+0xb6/0x160 [ 441.369793][T13281] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 441.375693][T13281] RIP: 0033:0x459a59 [ 441.379593][T13281] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 441.399562][T13281] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 14:23:16 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="5500000018007fafb72d1cb2a4a280930206000000a843096c2623690f00080004000c0816000b770000a3c728f1c46b7b31afdc1338d544", 0x38}], 0x1}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000001e0009010e0000000000000007003401000000000808bac05e4900001800d70a00590c627cb2e75bb7b567eb84d38832095bc7d7c6bab7b09a33ef83b10e280a2f9c25c2a626f4ec125d3e11a24807f11ce5862e9a5039c77d06df3d5ad3663e55dfd87f2e76b26a9b98e7874e4ef29a2b48dc3cf0014dc16e42c076a2d2eafc6a4760ad9c7cd8d33704f7ab35b01826cdb40395b700550c455844e5632c4764cabd0f6d1ba7068f2d5231"], 0x1}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) [ 441.407987][T13281] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 441.415969][T13281] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 441.423940][T13281] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 441.432124][T13281] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 441.440224][T13281] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 441.452932][ T3380] radio-si470x 3-1:0.128: si470x_set_report: usb_control_msg returned -110 [ 441.463703][ T3380] radio-si470x: probe of 3-1:0.128 failed with error -22 [ 441.624487][T11495] usb 2-1: new high-speed USB device number 24 using dummy_hcd 14:23:16 executing program 5: clone(0x4000000006ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='coredump_filter\x00') exit(0x0) sendfile(r0, r0, 0x0, 0x1) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x641846, 0x0) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000080)=0x4) 14:23:16 executing program 3 (fault-call:7 fault-nth:21): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 441.784126][T11559] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 441.839054][ T32] audit: type=1804 audit(1571494996.885:102): pid=13299 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/107/file0/bus" dev="ramfs" ino=36730 res=1 [ 441.882148][T13299] FAULT_INJECTION: forcing a failure. [ 441.882148][T13299] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 441.895728][T13299] CPU: 1 PID: 13299 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 441.902820][T11495] usb 2-1: Using ep0 maxpacket: 16 [ 441.903776][T13299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.919075][T13299] Call Trace: [ 441.922450][T13299] dump_stack+0x191/0x1f0 [ 441.926880][T13299] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.932986][T13299] should_fail+0xa3f/0xa50 [ 441.937491][T13299] should_fail_alloc_page+0x1fb/0x270 [ 441.942942][T13299] __alloc_pages_nodemask+0x3c1/0x60c0 [ 441.948484][T13299] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.954613][T13299] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 441.960869][T13299] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.966853][T13299] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 441.973108][T13299] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.979222][T13299] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 441.985208][T13299] alloc_pages_vma+0xc9d/0x18c0 [ 441.990262][T13299] wp_page_copy+0x464/0x26d0 [ 441.990352][T13299] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 441.990403][T13299] do_wp_page+0x1e8c/0x37f0 [ 442.001160][T13299] ? kmsan_internal_set_origin+0x6a/0xb0 [ 442.011453][T13299] handle_mm_fault+0x46e3/0x9f70 [ 442.016543][T13299] do_user_addr_fault+0x905/0x1510 [ 442.021770][T13299] __do_page_fault+0x1a2/0x410 [ 442.026613][T13299] do_page_fault+0xbb/0x500 [ 442.031329][T13299] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 442.036780][T13299] page_fault+0x4e/0x60 [ 442.041021][T13299] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 442.047776][T13299] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 442.067642][T13299] RSP: 0018:ffff8881aa39f778 EFLAGS: 00010206 [ 442.073756][T13299] RAX: ffffffff8496408c RBX: ffff8881a96e89a8 RCX: 0000000000000300 [ 442.081837][T13299] RDX: 0000000000001000 RSI: ffff8881ac7e3d00 RDI: 0000000020003000 [ 442.089837][T13299] RBP: ffff8881aa39f7e8 R08: 0000000000000000 R09: 0000000000000000 [ 442.097837][T13299] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 442.105835][T13299] R13: ffff8881ac7e3000 R14: ffff8881aa39f780 R15: 0000000020002300 [ 442.113864][T13299] ? copyout+0xcc/0x1f0 [ 442.118062][T13299] ? copyout+0x113/0x1f0 [ 442.122531][T13299] copy_page_to_iter+0x6dc/0x1910 [ 442.128241][T13299] generic_file_read_iter+0x2979/0x3e70 [ 442.133961][T13299] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 442.139889][T13299] ? find_get_pages_range_tag+0xe60/0xe60 [ 442.146287][T13299] do_iter_readv_writev+0xa16/0xc30 [ 442.151578][T13299] ? find_get_pages_range_tag+0xe60/0xe60 [ 442.157336][T13299] do_iter_read+0x30b/0xe10 [ 442.161888][T13299] ? import_iovec+0x4ad/0x660 [ 442.166620][T13299] do_readv+0x37f/0x710 [ 442.170880][T13299] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 442.176993][T13299] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 442.183191][T13299] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 442.189041][T13299] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 442.195100][T13299] __se_sys_readv+0x9b/0xb0 [ 442.199800][T13299] __x64_sys_readv+0x4a/0x70 [ 442.204498][T13299] do_syscall_64+0xb6/0x160 [ 442.209109][T13299] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 442.215214][T13299] RIP: 0033:0x459a59 [ 442.219214][T13299] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 442.238939][T13299] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 442.247562][T13299] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 442.255564][T13299] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 442.263565][T13299] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 442.271571][T13299] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 14:23:17 executing program 5: ioctl$TIOCGRS485(0xffffffffffffffff, 0x542e, &(0x7f0000000000)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_emit_ethernet(0xffb6, &(0x7f000000a000)={@broadcast=[0xff, 0xe0], @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0xd, 0x0, 0xfec3, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @udp={0x0, 0x883e, 0xffffca88}}}}}, 0x0) [ 442.279661][T13299] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 442.412450][T11495] usb 2-1: config 0 has an invalid interface number: 219 but max is 0 [ 442.421330][T11495] usb 2-1: config 0 has no interface number 0 [ 442.427869][T11495] usb 2-1: New USB device found, idVendor=078c, idProduct=1002, bcdDevice=e6.47 [ 442.437466][T11495] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.449632][T13307] ip_tunnel: non-ECT from 172.20.255.187 with TOS=0x1 [ 442.531430][T11495] usb 2-1: config 0 descriptor?? [ 442.556497][T13310] ip_tunnel: non-ECT from 172.20.255.187 with TOS=0x1 [ 442.570664][ T3380] usb 3-1: USB disconnect, device number 17 14:23:17 executing program 3 (fault-call:7 fault-nth:22): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:17 executing program 0: syz_usb_connect(0x0, 0xe8, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000017284b08d30b5505440c000000010902d60001000000000904f000000e01000008240600008290ae05240000000d240f010000000009000000001524120000a317a88b045e4f01a607c0ffcb7e392a1524120000a317a88b045e4f01a607c0ffcb7e392a08240700000000000c241b0000000000000000001524120000a317a88b045e4f01a607c0ffcb7e392a5700b199e38ae197f606559e88db12b08f6ca4ae9ec980fdadda0ec1cc12b57d5063eb91f4968e55127d3c5ed081b9e99447b7b85bdcb7a05c68028133bc87da7c7d41b2d7874ee424c484edc74503589272f92494d4a19c35879dbe301e8f628e70e8cfbd9e0145534902c3ad1a48cec3cb1a8d6acea1123b254a713a9441f376c517ca28f2f4aec7bf89429bbac297cfb3c9f70c16bfc390a57b1df97df24bd052b4afcc3cf31a02b06b5f5e73a00aa4b3f1094ba369e4e6fbec93b4b4cb918650298f3b40226353f6172c47fef245ef2dfc5c1c79df91bc91bdba44ded02e4f2d3616c1a2f7cff93488d3bb3d743e42d42182a396380b750de0cd11e4dd54eedb30441f85b2fa57bffddd2648"], 0x0) r0 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000100)={'syz'}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000240)=@chain={'key_or_keyring:', 0x0, ':chain\x00'}) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000040)=@chain={'key_or_keyring:', 0x0, ':chain\x00'}) r1 = socket(0x2, 0x3, 0x7) connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10) getsockopt$sock_buf(r1, 0x1, 0x1c, &(0x7f0000e530e9)=""/16, &(0x7f00000001c0)=0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @ip6gre={{0xc, 0x1, 'ip6gre\x00'}, {0x14, 0x2, [@gre_common_policy=[@IFLA_GRE_ENCAP_DPORT={0x8, 0xc}], @gre_common_policy=[@IFLA_GRE_LINK={0x8, 0x1, r4}]]}}}]}, 0x44}}, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000400)=@report={0x230, 0x20, 0x100, 0x70bd27, 0x25dfdbff, {0x0, {@in=@empty, @in6=@loopback, 0x4e23, 0x20, 0x4e20, 0x8000, 0x0, 0x80, 0x140, 0x2b, r4, r5}}, [@algo_auth={0x114, 0x1, {{'sha224-avx2\x00'}, 0x650, "47310c336c6217a7ba9340369dae4ccede788c7497b4ee18ef67b49e8471a6b4a10980df28f7e4bea97d9548a26bcd6725b8472c0d9e7396408d6876bd8c35181b7999d5e48bfc5dc902aeb75b1c59e70d236777a2eee97bdb86c71d0246d4ef12a2f9f4227f12e8862788ba8aff269a088e64d3f220d681aef008e25d2c08125f66d2c5df3ab780f096066be10bd6e78c1d7a958038066d46ed967bc742aa0f5c135c787340787a802207cf37bedda30a57e3e44a23f9a02c2e96bd6461502ef62f89767715e73e9f35"}}, @algo_auth_trunc={0x6c, 0x14, {{'wp384\x00'}, 0xf8, 0x0, "31f2ae94281c7c993d01169cfb0a9b3d1af50ab43a9b5d1272887143389f15"}}, @algo_aead={0x64, 0x12, {{'authenc(sha3-512,ctr(camellia))\x00'}, 0xa8, 0x100, "f25fe45c182b394967e1fbc7b0a0c4a658da746611"}}]}, 0x230}, 0x1, 0x0, 0x0, 0x834c9fed93b9419f}, 0x40) r6 = getegid() keyctl$chown(0x4, r0, r5, r6) r7 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x101100, 0x0) r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f0000000040)={r8}) 14:23:17 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x7, 0x218480) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0xd000, 0x18000}) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x2000000000000074, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = accept$alg(r2, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000480)={0x205d, &(0x7f0000000400)}, 0xfffffffffffffe40) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1da9, 0x4) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$EVIOCGUNIQ(r4, 0x80404508, &(0x7f00000002c0)=""/207) setsockopt$netlink_NETLINK_PKTINFO(r4, 0x10e, 0x3, &(0x7f00000000c0)=0x7f, 0x4) recvmsg(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffec, &(0x7f0000001dc0)=[{&(0x7f00000004c0)=""/189, 0xbd}, {&(0x7f0000000080)=""/62, 0xfffffffffffffdd2}], 0x2}, 0x0) sendto$inet(r0, &(0x7f0000000180)="20268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba5c0fe3ac47b61db6b4c41bd1a5259e62506cda287b857aac", 0x8293, 0x4000002, 0x0, 0x27) 14:23:17 executing program 5: r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x100, 0x200000) ioctl$KVM_RUN(r0, 0xae80, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000000000843553130000000000001090224000100000000090405000903000000092100000001222900090581030000000000"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$IPT_SO_GET_REVISION_MATCH(r2, 0x0, 0x42, &(0x7f00000001c0)={'IDLETIMER\x00'}, &(0x7f0000000300)=0x1e) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x0, &(0x7f0000000140)=0x3) ioctl$VIDIOC_G_JPEGCOMP(r3, 0x808c563d, &(0x7f0000000240)) r4 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) accept$packet(r0, &(0x7f0000001980)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000019c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000001a00)={'team0\x00', r5}) syz_usb_control_io(r1, &(0x7f0000000200)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x29, {0x29, 0x0, "0c53a260298b58b1743f7f0f72a48fc93cedee42366a179660567a17e17f7cbb49c4256e41feea"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) r6 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$VIDIOC_G_PARM(r6, 0xc0cc5615, &(0x7f0000000340)={0x6b070ba5e11a0eca, @raw_data="8e82f1146bfeb2b2d48c4521e1e39053cf434c3ebb7f388aa2276e856a7584081860ed7709c2dfc0b95b9eaac10185f24c7a2bfc55c9a8dba95a328295d0778ef3ac6a03fe7e8da79f903e088589eaf9034ef985244afedf471cfcb33bfb36444a9bb9691997d642d0e93bebbcc8a0b141fc131858787cedbb78b633f89dd9e7f5ccb6fb1856847460a5b89e04f3e5eb83345d3c287df716856b26b8da876df5b1e05b7b567c76b953ca43e8222e16f7a1db906d89381c91ddf5952acff4285d16507a454809b651"}) ioctl$int_in(r6, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r6, 0x81785501, &(0x7f00000000c0)=""/234) [ 442.837177][ T32] audit: type=1804 audit(1571494997.885:103): pid=13321 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/108/file0/bus" dev="ramfs" ino=36785 res=1 [ 442.869175][T13321] FAULT_INJECTION: forcing a failure. [ 442.869175][T13321] name fail_page_alloc, interval 1, probability 0, space 0, times 0 14:23:17 executing program 4: socket$inet6(0xa, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x2}}, 0x20) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) write$RDMA_USER_CM_CMD_REJECT(r3, &(0x7f00000001c0)={0x9, 0xe1, 0xfa00, {r2, 0x5d, "3a4d9e", "38c6bcadc1cfc89caf33e141df8bae23e2f6844a0281bcc13781083e61a17456e9b9a3abb451b5a3043a7655cf3cded35a264452fdbcc8725e817c3753f69e769754a322b917481bb5e70700fb8444bbbb1da554c64762f7a6dccc4d2ab510cd67ad5e78f2aea994cfd4ce8a0af1a1629d9e590c218497a069f87b9f0f5e406ff453d4829393973a38f8f4aa3c4e24b1da0ef4e2bce12e3a9cc002f73e9c7aacbed94475e70998ee3429a32845e5c423095d897da4282e050a34930325c95762dbbdd24c549c1ee6f6b8983b9533201428171ab045fb5bf77b25e357f9b2468a05529533d470a75e2325675c0466d1bdab6fdf2c00"}}, 0x110) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000000)={0x0, 0x2, 0x3f}, 0xc) r4 = userfaultfd(0x100000) ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f0000000300)={0x1, 0x0, {0x3f, 0x6d, 0xffff, 0x81}}) r5 = socket$caif_stream(0x25, 0x1, 0x1) r6 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r7 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) sendmmsg$sock(r5, &(0x7f0000003e80)=[{{&(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, r6, {0x2, 0x4e21, @empty}, 0x0, 0x2, 0x4, 0x2}}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000003c0)="c5c14a581ae87da80275f07a62608be76cddab1b6ea5d23e0959a1d8cbd00bbf420b6ff8960b6db60fd654fbbcba0ebf70ceeecc227c43145341d5020922f06648ca1aa99dae4de4daf5f4d78ef4d8ab5a11f34bd17e79521f64417b89b3cc9dce669ec5e457f2e8d721cc412af61b65629aa91db00dd9a6450f5e74a7866250c9613b6239312b0f255593721e20db5ae9c8fa51fb3f0dfc30c093a4be", 0x9d}, {&(0x7f0000000480)="92bc92844156674f9f84172caee685c1ffcd188fc1b18ce8c2aaa67cc54fda8f6c6d8244ac5c8f8df7cf18a54294b3d4d2b8b24dbf03fdca7862bb36f6cf582c54bfaff543a9d5b35f19545257a1f9201a50b33ae0542181286489d1972daab5772341a83a3f0d741b5a31ca727ede0bdd669a53a8f89ab8c33a3e31ce859d5bade9797a4abd20", 0x87}, {&(0x7f0000000540)="53fe3d52c56b30bbb3dbc49706b2c6fe4e81e98af1bd521ab9efcf692baa14746a6dc1b19d7b9cfa48ce9d20123fbb20ff4d358063cb73868128e55d8005ea78f2cbb841a9c3d0394a2ff6", 0x4b}, {&(0x7f00000005c0)="58b92fd89a332c965656835af32efbb020f11b9235f845018b82c4932fe1f4a832bac589b52f15b45a550f6ccc4f604e7bc78b097dcfcd6697f3de0c926f0c8e1caa120f6b619045630c6731398eb233b83c727de2709004838ac1102d2cdb384424b29dfaa5253261603e991de41dca356ace60767d16ae40135bbc5d4cfebd2e734962a162b00430a5c516974ebd42c9949e521d672ac4b67bf3bf4daca842a4f0162cc511740f7393a44dbf6ab2af6dd5a74b4ff0e41885bc2ea8f75d9f72f01875c48a55fdd381bcd9fb9c1ff4e77400c470a38f84b0bded8e5dfcc2cfb22eddacd1d82b4e633ce7", 0xea}, {&(0x7f00000006c0)="1bc815b5ac9a61aec167d0a81fa2f0cdb89b8a5e8c50bd9bc300eccf3f31e03a637471c0adb5ec92a9f29d644522a5d737424ff1f6f425b4265f8dcba52c62417cc6ce9d2691547e8edb6fc54da0e1ea46a280b2bd4315bc4a6d9bcd35b9c3648458e4b0e8eb3c0587c6f2df0c29173e1334f74317b1190445c15a65bfedfb41593b018dd897d0bed5ff0efa5bb13ad82be04d8bc80e8d2d9604a96ad2989d12c59c9e41459ff7482724afd2493587c723377fec6f1064", 0xb7}, {&(0x7f0000000780)="963139bfa01cdd399f11bd9559c078e547c825e06350bc352b12280b9d1aa81d39d835b27151cc11fe8c456bcd658375182435f6ba50bda11d4cfed15c9e4e45fcd4ff95c99c0936ea0d5fa81f50b6372cc9d73bfb5a51d48c4ff3dd69e64c1d15b92299ecadeebac7d6b28a8d10612e31a8831af67840163b700f2e9f76846645b71e35f10f02e256c35b63b5d651a1fc881374ca8254bb81ef9c74c7d5e2594ff64776863e6b4c8cf8a588fb56660d3dd41765af82c66eb09ee0c18570321d1d4863671d463ac355e95eaae61249464cdd2a521ddc36016ebc53614d00d4895a630ac87e89397a5c1417d28c5dfafc9b9d49df2a0d1f", 0xf7}, {&(0x7f0000000880)="53540a59d96c87bb397a6f157957f0bc5eedf3d432fc7a21f249edccf7157dc4c45a8ffee6ab47a706befe476e876b95e089821b31565d4d33f110be50893f71d5a70d2f1588a6be", 0x48}, {&(0x7f0000000900)="080d006ab1ea51eec3c812fc78c7bfe275444cdbdb248b6e31c4c6aabf6e24fa660d014162f73f2c5acb64a2d2e7ca90494c60aae04c7715e30e35b0ed817eb7166c288b3b3480d22ffb342432467b32b4deb51034702d3be125b4dee3db752be54a69702d8afe23883db2026e9837433edaf6aa18496224bf5653dd7d06f89f13f6382f5d54cc542e62cf82636b", 0x8e}], 0x8, &(0x7f0000000a40)=[@timestamping={{0x14, 0x1, 0x25, 0x20}}, @mark={{0x14, 0x1, 0x24, 0x23}}, @mark={{0x14, 0x1, 0x24, 0x7fffffff}}, @timestamping={{0x14, 0x1, 0x25, 0xc57}}, @txtime={{0x18, 0x1, 0x3d, 0x4}}], 0x78}}, {{&(0x7f0000000ac0)=@ethernet={0x6468f0957b507686}, 0x80, &(0x7f0000000c40)=[{&(0x7f0000000b40)="04a133", 0x3}, {&(0x7f0000000b80)="1fcb4c94e551b98249719a076d78f138958c623a0eed8b4608f9a3555c941965fef4a6a35940972a28bb1333a46eb6181fdac030e5d103d55aeecb8510cdef3453c55aeff47012b23f8decd9c24ef3e6bb5e44353767dbbfafe45d98717d4ce7170c8ed0a0d174b79c39136a6d955ad477053dd785591c5c5b4aedf04c19dd99582659e6e33bce75b78974890d901e2074", 0x91}], 0x2, &(0x7f0000000c80)=[@txtime={{0x18, 0x1, 0x3d, 0x800}}, @txtime={{0x18}}, @mark={{0x14, 0x1, 0x24, 0x9}}, @mark={{0x14, 0x1, 0x24, 0x2}}, @mark={{0x14, 0x1, 0x24, 0x8001}}, @timestamping={{0x14, 0x1, 0x25, 0x3}}, @mark={{0x14, 0x1, 0x24, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x10001}}], 0xd8}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r7, {0x2, 0x4e23, @broadcast}, 0x0, 0x0, 0x2, 0x1}}, 0x80, &(0x7f0000000e80)=[{&(0x7f0000000e00)="df1a474d3f1add2970e8741a27060eeb8391a91d06ca9f5982854e32bcc74cfe4e1656e1d7732639736b7d79f1a1c6c1e3e55ea999761ff628ff864beed67d32788e1d570fa15cb1045016738050e7d3f5193cd8c47ce8", 0x57}], 0x1, &(0x7f0000000ec0)=[@mark={{0x14, 0x1, 0x24, 0x80000001}}, @timestamping={{0x14, 0x1, 0x25, 0x1}}, @txtime={{0x18, 0x1, 0x3d, 0xffffffff}}, @mark={{0x14, 0x1, 0x24, 0xc6}}, @timestamping={{0x14, 0x1, 0x25, 0x80000000}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}], 0x90}}, {{0x0, 0x0, &(0x7f0000001300)=[{&(0x7f0000000f80)="b22e3ae4dee9e9b568a3f332362b74254eac9b98be2629f853e6d3d0faba647c3b222be1e791d2016c595a47847ca5115801c6cd5c1f555a05dad149f6f23816826bb923bfdb30717616d4c9dc389ccc59f3e09547ca4d5adb752789c477b8f4288f42", 0x63}, {&(0x7f0000001000)}, {&(0x7f0000001040)="2634f1b77f3f311d44e1c9bbd372ced269f00047f65f0c1ee9ef2f2112f5791803a9f7e0b60971b4b55a32dabe22eea1431f858510e50b69a359f57ca14a663fadd02bf53a49600012817454f5fbb2dd85d37b75703c1a52ab20c167e7a6171e56908fd274", 0x65}, {&(0x7f00000010c0)="cb2229fff903310a566a5978ddeaa582", 0x10}, {&(0x7f0000001100)="51ff24a05641af8cad6635d0c89f74f211afe508e296e7f324a9e8832e70c370dadaac8ceb657e58af311170723456a3cce1276a4177a67ce61c6bf8f09537bdca62538d89b1997c28f14f95de62cb1f5be31b6cc1d85cf17809bbab1de53e9cf0dd088a1c9de64b474332d9a338bf69290532197eb85f2b53a3574cf4c4785e9cc63dafa1", 0x85}, {&(0x7f00000011c0)="4ea069184f52d15ae08d9d7af2cb45cb15b82fcc8ac04b07564b5e1bf92a3fdfa7358adc9405dc562f77fca29a080dfca81dc28490c8cdac49e88e29e1a784b8efb20f79868e14a6861ccf45f85005a889", 0x51}, {&(0x7f0000001240)="a137efa737a2bc4ef894eecf4df27a2606e46a3bb64b1d166efe71d8dc118f40bd80b396432700111d8de713777fa88afe04a88eb80ec6719fa457056e84da5b0a3c0bf16c0351accac67b459dbe1f087a566f49bc", 0x55}, {&(0x7f00000012c0)="bf64f39cafbed26e2277856c164d310f3e3791e254aa9954c9aa049049e02f9a5f529993eb472ffd906d", 0x2a}], 0x8, &(0x7f0000001380)=[@txtime={{0x18, 0x1, 0x3d, 0x1ff}}, @timestamping={{0x14, 0x1, 0x25, 0x70}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @timestamping={{0x14}}, @txtime={{0x18, 0x1, 0x3d, 0x5}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @mark={{0x14, 0x1, 0x24, 0x1ff}}], 0xd8}}, {{&(0x7f0000001480)=@pppoe={0x18, 0x0, {0x4, @random="8e09d34d13c9", 'veth1_to_team\x00'}}, 0x80, &(0x7f0000003ac0)=[{&(0x7f0000001500)="8ea727aca664f6ca7335d1df4c0c474d289b3260e872b96fd2ea3445ea1c78705e147697436a9e09304830a8a63708c9b58639caaf346c2d41bd28c864cf9a8200ab7aa9708eb8e89536c6acfe9910f6148b4eacc4351a18f6518ee58344f618b38d556616a1553c136c235d8a112e58fa242f0275061e6fd04d3fb8e4db6e8cb05fe667b52e319d41f1b5dad871b39a18d73162e0cf8050f3c5101252e23944a185661a7f3c65a89109c03f501b760830568f6e8185db0edf47fa2018f79d05601d813b79af470734282ca6b4cc4f5eb16ef74c91f5b28924cc6c7034191a5e81e87f7a7efc1263eed1b2c2c0b93b304d279ad85348432ef12a875c48fc07069a909c081f50e2303f8cd20366e86d0ded7f852f37c202dc16bb7904b9ef4406b752a0657a662b199a268d8c91dee1f1cffbdbb446e49c3a5b7fe99ac1f68ada249513d644a100b1f856755795ef90e58957f7d9c469b8f7c83c6c5188929eec4c44034a4e5f3e27159f6f516a130cc4c4fd76e38ff749d9f5021f33d6119f42fe8140ff486d5623185a80f10e86125e33e701a3b6adc3206d8ee32f00df561ed6cf224f794fcdf228d0d7a0521063ecdbe5ac662b9cc94cbc088968c94f201e96e86456df202933134ecbd47c2233a8f6cc20d2e74475c34cd2e64caf2f22bfa86d37a8765059a525d38b3ede56919fca9736b18abc33a445427c4c168a643fc19708c972b29addc2dd72b659d96913d8f00169ba3f91e6b4fdbd70e20229012a8d838f7c428e1f16747e20e9c1cd61a40a655b0037d916aff2ee56318a6e3e2854c09a45dc5a9ecf6732063ffc71be931149a2e018ef147a401240df643f1e8db0049d3eba342c2d9a1cb85ecfe0c6877fa5ebbd08ce111249e4596ee3846bd83a94b94e2e017a2225aac56adfda54c9374bef33b49b97e14122e4c1a908130aae9172316e965856333ae1c811d56ba9257be7849367c444b7b65ae44929177a304bc20880d9dcb9e0651479f7a71b43c6ebda5cfe90fa805306b0b0eaaee408dd34d60118e1b6b402acbfbe62c93b96dad01777f7a04d6b36e6de20179b322530b1b5edef65c4ae0582cc678d9394955006894e4dc07a24bdfd8aaef6dec930592b7b180147c60ee1a4713c3160da7022da15842eccb2ec83e5b33a031f4e4a2485e358139ac7e762b4af106dbbbc66c22c13e2880a4cc956c37a0247020b4e2f1968f2c2492ea04c4378284d712d9d12e03b5f40974ae8a69ed5a8a3d5981828e41f52e9216937a0d676384fd45366b3eedb9eea685cf90bc06bbbf5b9feeadc0e8f91346593ee5698b8d3518f926a018856dcea665f94c284c27467fd22b0ad6fca46c3bb7c63b308216ef10ded14f114daba515acedfd8133c251939a59c83c53348b222a95400451436c248e2cc0980ea84c4384e459732ad9f1580a00ab9294a6745e9c91d42d738ee84047717d297dd52b73c21cc376d4b1b88ac297dfaa6e6aa7880d4c8ef9179ace19fd596512c12bf8ec59399f52d53a05ff00947a7ca5066ded4f28577c1c30acba3eae680d50fa08bb7df0a64aecb3974ac7c546e8c9ec67d66cd293b0d1d536c5bdafc5099d3a884a8fd2b5ebd257a514e9cbb21a25c7eee60aebf66c7879675047aa27e84e4562bffd05b26f60701a78dfda7274e34b7f98937c32b1200672cb34d0f337feea78048dfd40096781d136f1c436e9fc611101794f9b17be392552d85a255982dd215d4cec6480d7704f25ce527a9ab6208bccb7cf4899e7e1b006e02dde773f9e7e34a03ea77e506be3ed652905d7bb2591b1d8f827f79fbbe74802ac586a1aedece092d80d49dbb82179b7fa762949f5d2b93f501324ce743c3a3eff068d503e43a720127cf9f42645bc6a7b3ca282d2aa144799645b4ecb56a9a87e417bf4148062b3f296b55e2dba5fdc81b9836c3fe055065e58c301659cc0842cd5bf8daec86f78a8a26c5bb1432368c3427cbb2d5ef4bb6dfd0cff957db2bbfbe9536278b4aa04c31a41a028bb6c44e9e2762dcf8f1f3e73310d60774bc64f4c0d43b30bdc245528e87a515476a38027d299c72b0f0aee92c1879bfc58f400d2f23aafe07a85bff3b9786238667ed46ae8675eb16f47e0c6e9cbf45c6d946c39916854a4d7018c488b4f55973d5ff58dfec77052d4d7739598330b8574dd1415418b3579dc07ab2510642ee62bc9731d73550e872994b6de189f50cac8f05b071bc3c4ff0b8f972ce156e72017c684073b69c1db506e3c7026ce4d604ad3d92b133b5acf263ef8911c8f25401360ba4410e62268732d0498200a44466df1c149ab275887a3a261d9d52d84c9f05f6853d7341a2536d5bc07a1ba0729db307ccdd60398b409a83e4ac0c24705947e5736689e69c055f3d26c4f26724ce2ea0abcf74360268afd0fd4be1dc107b2139b8624c7301ad238f6e8d9ba5f981a344345216fd45f659eeda47e93ef310142bfb2fd18028ed68561a66021f1d998ae28fc5326bcc1716c5d93265a4c0ec54d6eeeae84a3c43d6a8dcf09ab45d8627230f8c5eda1f85762c4b39f0fb4dccc76914aff3dfc468b4547363ccead4448f423986706323fd466712b5ee00fafe09752c591c1e440cbb35edfc6c938a726f7f4628e7af83000009cd3ee772a215db00ceef2ce60ec710f271098bc3b1c98260d12ae2bc40f59060501d20bc265c025fc4772f51d3b30e302850ea3a1b0f42f5e7ee127725dcc66e828f195e05ce635aba97068e642c84141a2a61f8dadaf3cfc98b26cb2ea3309e679219d443caccf7bc4305373507b915b58a7cf835dd846406135a275f88a5ad19955356b92cb82f785c1ec8d3354210cdaa17e395cf3cd3ea9165f80b738db587bf8005aad35dd980b7270f63bd0afdf8ea086c197d504897c2251807fe8928366496affcc7bf2aa03828d18b1034605864b2afc1dc0cd598385af2e66cc4b38f0aeaf0703c31d6f0c0fc5b7a187c53d6af7433c7d344cc0f43de676bb52480bda2f2c5076071c85e329fecddd1773963516fa0caefe61c54e6a28483ce41c244784c7a256d60b337067bcb2fd941fd41d9122c69b661b2d080b37f428cad81fe3dbe5c3b977883689d8a2f2d2cc08d71ef74f062b20cf50bee4cb281c71c0e26e21db5fa10e69810d7ed4c5261737a2167365e3b23e7e1926eb98db2702ed6b30862c9973bd30aa17a55fd7acce365273535c6f36c33850dd995aa086eb927bcdace873cddb4af3a747702fd6bb0b3797a27a4d3d97408a8f4ee2978138e0849dac618e73bb709abe33527c62a8ef7b6d10990319f0cf47db7366ec8e4fe0ea742a2a6c0d508080469b882df4fc2df1992290789fa1ec19b232bc87390dd55853b5335201baa32b7f78d1bab425d017158574f4c2e838055bd0dbe7153fdc373544cbc6c9159facb48c567ed3822b426106221beb5b0993aa76a9fc9754153b32fd90d2a722b8e0ced9ff88bfec19b7d6ad149ceab16bfab504d0e302d368ecc586216053db2dae538d55a7a91b98d18b2a5ce7e7c70b7c3f3942d42e2c1c49741245dba3d82ab58c2c08c41c1a156269d427dd9da30bbf8b4f17bd9403b65f541933a9456c7ee1c1368fad78d82d3511dd3a8622fac7e3a603fa6a62e091845934e6a6f9fd1304bad2c243131284492c5d2fcf56c9fbd1d060a94af6bd8a78c0a28c2bce9cf84509b7f09a30af4ccb9bf253776fca9f2996a61c4f56d044a9e9a97d4dae6d39f79c2328e857e8ed63f8ea76db3716441f5dd0f951a346a9365070754160b5824b97e8e98cfa6b3562726040d997966f132263aacd3b2ebb2bf1001d25df08ba0593603e4b745c817022763a0e06f3f3ad1eb540badb07f7f3e7030d8aa407375f14a3c2adfa8679adf3bf92c06eb5a06c088bd5929bb54fd06642ccb3cde2fa8be3ebfc30783e0029daa6d8d131cf0532c0b410319ee429f94e5f97e14515d995982e31ea79aceac556931f6eda14cd2dd69c5e9c1f39ca9b56ed2cdb948c7bc5628ad91071aa82a7f7cf18a8d5680639f053bdf945f07db4cf48e6937c97640377203856192d100ddc2d01b2ff06edc5ee64688775c31b1a6884661142aace367106c5f2fa6207dc4c53f6bad4fef7c9467ecaaa21486d8b006a78fa86a7b10252a04d6c0a82b21656e9739f42200d5dbefec567dcdb45b99caccc4e3a1816b5beba81afb96910544e8188acd7cb127c385fe7775959b4e53565d84bc8aa2f6315f06ff4e0ab1f0d795bf7d072ec1c833fe09ae7ddd6cdaee2cf865be5fe5264f86efab914c707b0e6885ea80ec78695028de883949d6933177b798ff3eabfc40cc03cd01da8ac00a662fc8292b1108e9a691144cde289a05b78037349f7b320bb2c43f7b7b81b45b5b3c514929ff8ab0ea55ef74c8de406ca3daabc81002d82560927da035b62e788f71674368856ef529edddc59df8c64170fc6572f6de8befc6e01d15fa2f82ce7930a991c0a9e743a6b6138d39be66101330ae0b7e803b2ac18b1ddcca58199e83029dfb4727981630bfb3419850b82b8d315322c3a750715af98f6172996d1bbe0142c18c941ad5bcaf9d8700e0309fdcbdf271a11c2aeaf61484f5046bdbddfac311f521cc97d341f42033b89e17f7dfead68960527a46c297d85431349300f33a91de2551184c8932c35d7dfe308c103be3da0c8dd2a0530d96cd0261d9bb941897073f797ce794d8b17d8059c8303a3fd9089da1025226d070bcb37808d6fee387228ea63cbac80bedfbd07987198726793079d2bdc96fae5d7354ca7cead931edc8b8632fe46763ab6ce3d54b14720d86b9a001def1d848957793494d307366ea06bfc9bbf4b5b0a211b2a3e4f0a146e9f2597dff0ff137bd2d36643ee3029dbd048ce21f4065a0207de3a6a40e2ded396672885f0b19b5214612982d7afba9604391a00637b8e370ec922340f56220166d6e70fb2b421cde44a87ea5f5de476a42601db092d6a1b6987cdc1ce1848a6c7b7131f2c2d817b4c95fd903858f18def989362d6a321914a6088dcd5ecdb81d326090ac03f4a42e59ee834218a49a08608c3350589eca822b6851b42f1918d522aa35aadced9426bb2e70315ef0b74708c965d5015cd44e4d288e6734ce63a1e608b4f5c3a9739d396c4b88ef9f72a666a8e222e6a8f7e8a64ae8fcf4a271302c73b4a3fce8346585f6a3dfb1433a37b2cba9eb8483ed9474a02e4e04b1aa9b8982f1d46eb8f52c1e9267fe402df29013f1e42eea65e1ac860c76d0e2bdae65cd06650880d2e3405534121f34809530a2ebe07d89f9f77abe3fd9da9e77601c56221c8fcd17d5f96a1b15f1b9260bb2d61755b4a1e255a918020e8fb8268d53e9c29b47711df47d81f0957b9fe32186b4a30a4722828c594d1a170491b7e23aa2a0daa88863c27a864076a98c5f107aaac77b6569b2922b2f3a1e231ed6970ba97db71e466c23c08797432eaff22a0ef6ef4109ecd00ec8df5945681048c640a75a44ac979834287f81bc8e5a6f6042c63721007ff66cd11a379cd8982b834cb3f37b8275f33ec5ea0723a3910d3a7970a5f09b38d599b1e5dfbfd419f01d42d454cdfb1154f3a948eca9044ce838cd292fbfab9d7aa5f1fc9819808666a72209e5afae9e99c25400508961a913ab761d3036496fe47d4f232b7f269141064ed1a3cad256d18f6e0e078d094d056167db1fde10457dbae7ab0e0006930010fd0b541664a5d9a082e07c40f19155e391dfcce2dbad123e72612795a4a88c1d88f83c021561", 0x1000}, {&(0x7f0000002500)="6be54792003a1726cb42a711616cd4ae0da9806c0bac757ee81ac2a6a78591d6d3addf14026640d96cc72d49f5e722bc3c64b425b23a5ea57f27e104e20485d827b95dcbf72827bfcade88aedfb0addb310d4f1a5c128c92a256e324f42324c6c09d7ab57c3334e3d8e743d32140766a2d3bbc52bcaae25c23a550cc89ccfb54e056101dc4d137250c3a29cf58e6a241d2d654ded3b08a1fd5dd2582551017df5d4820091ff80d0dcbec0895569581699ee94c7d031b44d7e9d2d43231a4490346c70a306acb79b9197a8f4e554465030f3c", 0xd2}, {&(0x7f0000002600)="f8a0eaeaccf44cc83aaad879120d4034859024eff08301ca8785268f574c23af3fbbb19844d462ad915294a67346c9243dbdbf74d9ba8b0f5852621244bfe60961576e48e8d2742836653fca239b3a93175f4c953dce6489fc2fa9d8e23c973a8fb92a9b070f9f67e965a3acd2df5408d4c01248896f04866e5dd2f23fbdee83da63c960a4871112a22b341ba8b6db7a6c8c37591dbc4cd7864e5300dfc1998b133fdd6090058a3f4500fd02716a6c45e6b8d84c65af3d9d9895db", 0xbb}, {&(0x7f00000026c0)="20658a12df8051e7c1688d0f22c38f64ae4d33f25156f7dea478c2e23216fa20b934a244c000466f7d89945b6c71c28cdd8b3d94b47dda6e0c07ca562fe2059b2421870e4d0ee776a1a249eeadf0b841a27bf3c5c91aa97891c66e2ba670929393a6dba8990a9f9e219a8ddb867718b8f6365ab5d9e2ce8d44472be076bf2599d80b2b8b8f633eac115d9ec76169a04e0deb6ac8328e27f817f2e21e114dca292e3aa3146aa1aba2743d297f0f2619d4ceed1e2099f77de3bcb1a55cc6cb42", 0xbf}, {&(0x7f0000002780)="265cb84f4b9fd1db2a41c8b73ad1be299a002f0c07b5e87ee65139de9b14c287f0ea75521cc463d2695d2201e0f3c3ffccedaca58ed9fa7262013d62b6961da6a48c38002e6992412271bd940bf2b6498c49dcbe09ffc6711568413012aac0c1dac694a83a1bd3c79d89a2d090af9ced68861da7441a90beffff88a82d1549876d9ab75acda6f8d9031f3686f3235ff559ad1a8738b6ce87458bc0834496145305129ba73f2ccea2de4d89ef919cb38cb4e873851235f4b61bf67a6fc396bb127a319facb600bfe8902e273ec95603a484e5a50af38d0155c2a2d79dc0320905", 0xe0}, {&(0x7f0000002880)="ff8273c1529cbb97235a0b5db4cac8045b24ad6cfbc3500e66723c830da9d0b8ddcbe0914d04390239120c9bc49ee6d1920ad7ae2a2e8c530d7720db1f80094917de7bdd1fe3251b5c79d5a7d9e73c7fb221804d5f011235043d772e52b9f788b3b42d41e4d706ae10410a9ff166b7d4c27032f0009ef563fd52fa7591ac56a980461b12699d4983e9e7ee242d4e111fb26487f35916f1898191293bb02d46e7aeacce5ad5bffd01fa12995a304046e71d0a0b", 0xb3}, {&(0x7f0000002940)="dece5d451388ea08392e6b6ef91f5b97684e50e8f3e3474557699285e4a591841064830f4bd155d174e8baf490be891188673dfca121f9a62faf791ac3078a3ec0112dd9ed788bb2d1f38d8094304b4370928fdf63adfccb546f5c78143a307e422b2ab7eeb2385c64d2a3f94547f9", 0x6f}, {&(0x7f00000029c0)="271f6973ddc382b2866b0f27bc2e7bf828d3ea17c6502d49103e1c344df18ff5f45b850b45e7b2987010f66dc03df573e685a80f4bee51dd2b5495be76df11394fd90c654d7253ee069771dfe7409dd2f086c8ebc64e1f072061410e1a4166ad9ece10231092db62b0352e99f8bad6271efea9751418c3643c76c7595cb738f269755429079dd9ec7688a741bcd7fc5fb7902f40ffbc794615869c4c66022c73d950fc5d1533e4f8386b356a34c3d89861faa9b5bd0ddaffa3ae58ac431a27e0f433ac383adcef", 0xc7}, {&(0x7f0000002ac0)="854ebe889a30955245298f935e897c20139d0baa7546045039e3d238cd592b444f1c75d604f4d626f3b6b30f67fcaf8946b6197d0731bdc66a7a6621d0e9e5d9eefc63f052b98abedb7bee0f632e69872af7b8eb56b9c27fd78e9babf6383c9d4072f7f0c82db626658b979a9ab21be4d1480a7bd419cef1e35cda13f2ad01d9c19181c7ee78ab8c5c190e1d2b30b9e728bee32142d7e4fc218d8aac20b211f8106c3ca6957424bea92fa31adbf3412c134e7d1ed532a1f4a6825d51977685bcc3275b6fec3d30e1a4a6e3ff268ca0a3c98b19c3850ca0c23021a6b6913bb647769cea5b6529c5d4c58d096bdd653e537e9e087e47c2804f1fd603cf2d8d632ba2b2c234a3a8711e6e5c6581c49dc9fb2f5b0dbb8a94422fad7569d57b7c938864a40ce978d28b18d923eb0c6739c82463abb3de2555dcca0a3afc0a78fa81942fd73a29e18b410898c04bdb0a8bde7598770eeb578fb62ce0d4221dbedd492c8fb53578fc8393b0f762416d9e83b9d0cd8bb66782580d19d46256eb0af72a2f1f01c64ca7ffd0bca31cb93fe696a64720bb68cb8e169715ff3adc91cfb29bc90fe5ed5e1a6baace14e8ddb8f530f02e2d5e5ecc9c89d0a9caef1756b24c03379ad48b7291bbb84a04f271ae2fc3cb1b7b3a066ca83c163c46f11936ed2d241183b0cbb695759369aef670c6bdb19df85591de510804f8d6f7d61fe5ce8e9b6ded7758dea666c029c534eec73369032b85ff69fa270d1ec64876fa3e6d3a25703cec320a1b4225726fac31e21b90022fd4cba6385d52238875ef57d0049fa5fe8f986f8b768650867fc848d7091ca9da4072f2620ad6bfed40d29c3bf7366064c45600a81bede1fb556f6881a63bfd5cc99a5fabbf01d4cd93ca9b0ec7c9c808ec4262bb5b597e00cf8771bee8ba8171e5387fce7e64c53a370a3d8a29cb70944384abbb8519d47291ed4940bf3839c6c1c8d04418dcea815daf93d3f032cd31a0244e26fa52b03534618ab208cd31d57fa450608c5fac9ba6df06635b319c8cadfc01f5e454c87256550e4467a7144dd066d20e8e7972b5f638a29078cfaaae65923773c62dc3a2059bf0fbd80fbaafbb6b952e11475a67ac2286863eb926c753e06e563857efc26c2c7620cb0edeeffb55afb717bb0455931662c31ed2d879cbbf270c622226e9157f5b353543f2239c9716b64df6d56f5c829776646d484b8d02a6960b7cf52e4aa65361d8c0328fbfd1128a3d5e1c8e71bf44e3fd39c36200d584d77d4b19aef17fd603488fee2cb4a02087103823893bcb92eab86a4eb04920626159c06c5dfa83e547150740080c5170024a3b45b447b40a081d0965c87bf641cdc8ab8ce2e49e1d3257a9039abd578cd17f076b85978b4d95aa33fc51d746f1f85f5c1c50b8601eecfa0278bd4815c8900b7b6ac7ad33e6def603702432bec5ec793848869dd4f098c069fed70cc35fd3fd96d78d911df1a248dc46548446de26eac9915e591dd1b54a09d4a2015a4c17924e9436b48563634eef1f619fc70c452dab25b24c04dd2074bbcb2d0aa9102f105bf81dbf356429c3d1b0e09af576bc1d0e209ba44b4acbdf6799cd4af6fdcda329423ea444e5c09bfd316f7bf1dc2dcc62d08c3aa3a260740069982da60ee12aa1d38f9d494fdaa2ed8d7dc4242b970d60bea25184a29c0761448e233b826c3719adad3097bedc7e766b045e0cf98cf02b379b24b036b1441b652e63daa100cf9c7920ac80ade4fc20b2efdd1f12e82afe083a0c0949354f2ba5e28a56146f5c2596535af6eb47b86a97bb41f3d14ea9dfeefcb5f773a61730c931ec0302ddc864baa63631a7e0ca8d9a9efb5bea5a26adcb0cef1ccffa707ab1c6f9d4a76a869765383d5f812de6e696819f034f306c5ac1ea8bc3c9ca0b633cf0c872d59abf9f601bebef9455f01f6930c0421dd65dd3fdfeb9b0313d397e806b4b302487047775cdbd2bd28884062eecadb94d352593ecae6a1a65b0cf79ec2dc52ba8f3e9d1b864a39d66c0324c7a355754b27103508ae90ef97e841e95102a15dadb798ee3d01b25e8fa060a4fadd291c9d18de92d47f85383f8969db1052ad6719737ea0cbaa95b689433eb077d6504e7b21f4be94b6a9f8383f573ea4c6790fea622204e8743069ff302a09edcee03ecb76e30c98291d73f3e014ff872a30cb2f61b8aef9436b0c0ff90af7cf945282dd1ca8955469f455363ff89cd2857f6882d6962913263983cb1792e6dcb880deacc06c6a2e71e995c4c7b2f5fa4de9767935aacd6226e1d72a1c0cd7b876faf8d5e4fd30826feefdb8755beeef676f320161a6d35608f1baa53791980d304b22a570e5096d6cfea8fe01d9259a93047f9d0df83bacaa034cd7eb4a0efda8cf4d170d69e0f84056880bedb7cfe7a85de6884c2ccfc6e4a1f73224256ce75ab208b97f887af7f746770b4da6ea31cf7c98e9775b72b6bec3d38449494cf20811cb39e639abb99f54dfdc90834549fab0c13c8ddc11f78e8b3ee5e25e20168108bbb95b482def1d8c7a93bfb64e42dff2a8659ef87dd77b329961cbd77bafdd1b0063ee647c18ab9e7e67143ab14ab5c1fca2ea0670275f31ff2385f203cbd0576087057686acc3f6ce27200a5d34f55df225a292b5df6421485a304e5c71be6d168b63c3a9bd2d7659118b9f097ad7473b16b26b38eae5c2f97bb51e3598df2d2de7a3cc8384150abeba5c3f4cb47ccd95994dda5b6cf142f6bbcc70328db4833962a3d3a44a55663fe988917dddfa2feca6c3075ff2a6ff4fdd5aefae52f3ac7fc3fe295cafb28fa50b05cc1d639c1db44139b6ffd7c3c9f3af839e19c90cab016c4bd09a3dad506a3e9130d81fce5acc5a78835531f3c93b3befc55ae89f700be85cc2e4b0987e231737cbbf32b7eeb6634249852fa17c1c2af454a11b7bec9fb13421dcfd6ca36212cba6e7ce5d442473e29f3016be5227c1a5d4b297ab044d2ea7a89b26c1476a3e8ac4a6ca34d031d2b90a6efaed3df60e4129f82c2534297908af3aeeece825286f2fd586a2798c784402cced283976521c735eadcd6a1447cf47cfa2df4b09397451f0bb0837aff47ddcefb9bd98d5c64d330bf5454b6a55f5b808dd468707be7ec27a80673b0c7f0d7135cb3c2c804be65059f4d8e305c1940389cfe1a4a7b52949df15c235bdd17ac17f65916d24dcacadc94daeceb3252643246cd66cb80578b928acdd7c481f64778d3430fa385578a02e80df0b71d9b4697b95888bc518f3afacf33685f858151c99d9528fa0474c94a309f4b0a835fbcd317c76187769c1ee96708804d6171cb6e88bb13037ab5c1898ffe0288e1abd8e48cf6b8e3eb854fb1ebd586c40dafab99029b2003d4c9caadb27d2e0999d2ad6f98c8767c1a5b48f7cc81ecd99b8718686a6118649e0ffdadfb291a2ed7aecb02b688b96a09a9cddbe146fca0d0e4e3f7f1ee4de6e8f2b881dc11278cea57b0479a3a08bb005d0aa78015337611cf8bb877cfe8ed1380cdb3428ed8db66042a72e6331854e0beaffdb213c0409b83cdcee7f82eb206cd35ed2ae32e01d619dfe4584704017810be962361b3458010f81a015afcd288485bb36ed2016deebe308c1d29a60d3b0f6f67e28a0cba244d1145c2294d8592008a202a0afa659e67171bc4c59079ab6135a084f27a901d1eceb94f54679b80af7dbb7932b996111f7a6e495ec2b7ed8ec3428675aac72f69e02b04c98a6ca1e7dafd3be2d54549d9def7a3897d52775084bed93069953dbd6b0069af8a382c60a659ae8a4be8eddea4e73e35983991597e7a93d06c616d00a1cc6d9caa358566f4f756928bcf8b4a6e95640664f0ce943c25252a1445b77bfd9ff66d1968a012fc8c69d357cb079bc239a745513b74067d251d6a269f5fa630f9446acb7e75a7f399d988b504bc9000c8fbdba8c14a4ced419eae5d2e49b3e8da8032d460664b417eea781859a5db9085ef6aca78ba746f03bae182c85ec6d28c3fe0f1abcba1140eb571bb69d46585ad44dd74c9d7279e7b7c4d65d87c4a7e0e74db97dd44763dca7a70deade281511586b620e7f20b42078851f63b8c58974db25801470e7790ab50762dc76375019a848c86dbfcdbe2a931a4415bc79ba37b8dcb8482c6409bb55d253becf4fa9183c8ca3600d44a490e622ed8ac5ab84d2ca3523912ef52e30d7895584d0d45e42ec3268095bad418e0ccdc56987f36e47031840a39ba9942efa25333ae1765eb96686cea34c4e90ac90e56acf35220032d9bbfa9f04b72b3794f3898fe4d2ba8e781fed5d4274383d5e0d52985e99f88f2b649c191b402cec952c53a4885f9fb831589eed4be70f2c1931eef292930940754d858def88727b19192bce8cc8939b9c05834d2697b9ec72175b156eda2336da6728f7a960d15c95eab4e3cf25b2fd75579dd0fee020c612b2eb55ebddb9c526f8388a92f4dbeb0d989bee5fabde5b47758653d567ddf72365d31511574bbc3c3d11118dc86fb0cb42c09e0c2deb768401d4530e3fbe01fa7d7b5580bc3b4e0d82f66b6af5205c3401cc5e9ccd427968b650926a1b3956983235d87b7ed71e9f74d92217c95d253c2a2229f725d2e87f9aed6818a3f581b200ce9716c83665445f2a516946b42b954593f99d1f708416233f93a4acaed4749bb9a06feeff715832b345a3a1c3bd9676ba4b4d05835ecf81a3a9026f127f3f4660af2c48399f1f02ff18ee7bafd5c95ebe9f6c4eb6a3b4da613cce476ad451bb8321c8ffc827d248bd7aa7a5d157750d67a6de7ed6a2f484f34dac7844eb377bcd998efda36b00a2ada445b2f81f6da44885a3a4e608cbc39fb421d9f5078915c511dabcd492594680431de6b8b94e3f1c606b69a22ffa1389be93f7b0178591904852b41ed2b43d8fb89a621c55b90868598da5cd83b96f91758c2f2598e14375851426322d9ee8cac179e315ee5e0b0eac0fdb988f6757d298efd5f3e03f704fde93a15d8bb527e319dc225f4b5405bf8dd6bfd062e1f7bf37a60de79a5e72c0699521e24ab949b46e98d2dd866dca109a74be31dbb3c04c1ef2e53fc08b6bd0423ebb4c867710354f42a68e0ca4727152257af19025eda64b677f1830bb342de3c17c81805fbf6975f3e98f0fc7db4b6804737e3047cf960ffedfd33f64d795c640d6fdf20780ae0e8dc954ea079b2055f92ea5d4b39f8fe98b54ef11515c96db18bce55b5641417f4ca4550e20b4e441ea6e4870a7ec83b6dad7d32ad0a9548b3a8ea07c87230b332f755446024a855f7e15a1943a521e8e98cb383f18a45e5427377af47be1fa247a680a23317d31c520e2717993154ca03957da494421202ff35b87d4cc787960615f96bf22f01e5c0c8f17e18d898ae1499a3459c8df5b404a120dddf5e8632a3cc66a1bac2ad15d26e79b5af109dc1e79c22965b893a29c194bdcc1508ce253e8400a6bfabd95d7681193bc2154885de33828300d6309981a5be045ef403f1f921baaad765f2dcaf341f097b39f530e1292cdf39b817bab56f3f4d6730b0539b1b29d79a62f22e2cbc435cd83bb29b06da0389420784a4cae32bdb4e7b2b87e653b2ab8600ffbf329df50aa25b78e1fc6a778a6b9b3d6ad41a2862ab965572b5cbc2f48284840330a012195017a60b7ab64508bb1cfe4145d1170b236d7f6543190daa5d3512a01f90d3036b81ba62bfe6f7f9338f69f0c81f584dab023686a86f211288860918b99a57b81e846371d6811671c50c34861002b61dc2f0d32155365ffed523128e", 0x1000}], 0x9, &(0x7f0000003b80)=[@timestamping={{0x14, 0x1, 0x25, 0x8}}, @timestamping={{0x14, 0x1, 0x25, 0x80000000}}, @timestamping={{0x14, 0x1, 0x25, 0xffffff80}}], 0x48}}, {{&(0x7f0000003c00)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e21, @broadcast}, 0x0, 0x4, 0x3, 0x3}}, 0x80, &(0x7f0000003e00)=[{&(0x7f0000003c80)="dae87d51d79b6092046b8b2ece58ca9d167fdebd0e0192bcdbc2be05988dfa896bf19f82", 0x24}, {&(0x7f0000003cc0)="8e5866161ae084aacedb8fa7c56ebaced06a1ca7fc79fc2e3929dfe1ffd8d6bd5ec9de3cd6fab5fa0699f2d720945a7407", 0x31}, {&(0x7f0000003d00)="b20bfe2ddfa4f65560b3feb942fce0e810a07f32925af88fe71004e6826d225dd32f2f63441c6c171a920a23bf26a3c42beee688678099ae2c0437da0481d48797ada663cc743da33325a1cf1c1ecebcc1a3a2202b4f3795682bc577956e622b686a1bf9c3e3d8bdad08b950891a085501060fc119947abd857537580c890f6c0d7f4d2a84f806c14addbe8f4b890d7430dff7697ac92937721c09b6349fa9698b8a0a72ad26ef5c7eeb49c5c5ba10d3b0255c8b4baa0c8b49b8795622", 0xbd}, {&(0x7f0000003dc0)="f9a88307db3bd8677be0a55c1cf6048353c264a20358912f248395d8dc68b6dc97331b46c016606edb48f2bba401039e4dba7e5b233d1ad803b982ae2350", 0x3e}], 0x4, &(0x7f0000003e40)=[@txtime={{0x18, 0x1, 0x3d, 0x1}}], 0x18}}], 0x6, 0x10044000) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) mremap(&(0x7f0000364000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000a62000/0x1000)=nil) close(r4) [ 442.882956][T13321] CPU: 1 PID: 13321 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 442.882982][T13321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 442.882990][T13321] Call Trace: [ 442.883040][T13321] dump_stack+0x191/0x1f0 [ 442.901408][T13321] should_fail+0xa3f/0xa50 [ 442.913649][T13321] should_fail_alloc_page+0x1fb/0x270 [ 442.919147][T13321] __alloc_pages_nodemask+0x3c1/0x60c0 [ 442.924653][T13321] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 442.931516][T13321] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 442.937550][T13321] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 442.943894][T13321] ? prep_new_page+0x792/0x9b0 [ 442.948861][T13321] ? get_page_from_freelist+0x11d3/0x19f0 [ 442.954784][T13321] kmsan_alloc_page+0xc3/0x370 [ 442.959559][T13321] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 442.965858][T13321] __alloc_pages_nodemask+0x149d/0x60c0 [ 442.971424][T13321] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 442.978024][T13321] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 442.984215][T13321] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 442.990118][T13321] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 442.996494][T13321] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 443.002486][T13321] alloc_pages_vma+0xc9d/0x18c0 [ 443.008491][T13321] wp_page_copy+0x464/0x26d0 [ 443.013123][T13321] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 443.019731][T13321] do_wp_page+0x1e8c/0x37f0 [ 443.024327][T13321] ? kmsan_internal_set_origin+0x6a/0xb0 [ 443.030061][T13321] handle_mm_fault+0x46e3/0x9f70 [ 443.035205][T13321] do_user_addr_fault+0x905/0x1510 [ 443.040655][T13321] __do_page_fault+0x1a2/0x410 [ 443.045659][T13321] do_page_fault+0xbb/0x500 [ 443.050442][T13321] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 443.055910][T13321] page_fault+0x4e/0x60 [ 443.060264][T13321] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 443.067179][T13321] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 443.087037][T13321] RSP: 0018:ffff888196c6f778 EFLAGS: 00010206 [ 443.093114][T13321] RAX: ffffffff8496408c RBX: ffff8881b58f09a8 RCX: 0000000000000300 [ 443.101286][T13321] RDX: 0000000000001000 RSI: ffff8881a5185d00 RDI: 0000000020003000 [ 443.109403][T13321] RBP: ffff888196c6f7e8 R08: 0000000000000000 R09: 0000000000000000 [ 443.117385][T13321] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 443.125358][T13321] R13: ffff8881a5185000 R14: ffff888196c6f780 R15: 0000000020002300 [ 443.133773][T13321] ? copyout+0xcc/0x1f0 [ 443.138010][T13321] ? copyout+0x113/0x1f0 [ 443.142400][T13321] copy_page_to_iter+0x6dc/0x1910 [ 443.148155][T13321] generic_file_read_iter+0x2979/0x3e70 [ 443.153825][T13321] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 443.159950][T13321] ? find_get_pages_range_tag+0xe60/0xe60 [ 443.165675][T13321] do_iter_readv_writev+0xa16/0xc30 [ 443.171147][T13321] ? find_get_pages_range_tag+0xe60/0xe60 [ 443.176906][T13321] do_iter_read+0x30b/0xe10 [ 443.181524][T13321] ? import_iovec+0x4ad/0x660 [ 443.186305][T13321] do_readv+0x37f/0x710 [ 443.190479][T13321] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 443.196883][T13321] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 443.203048][T13321] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 443.208787][T13321] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 443.214690][T13321] __se_sys_readv+0x9b/0xb0 [ 443.219481][T13321] __x64_sys_readv+0x4a/0x70 [ 443.224160][T13321] do_syscall_64+0xb6/0x160 [ 443.228670][T13321] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 443.234696][T13321] RIP: 0033:0x459a59 [ 443.238679][T13321] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 443.258724][T13321] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 443.267148][T13321] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 443.275122][T13321] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 443.283411][T13321] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 443.291385][T13321] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 443.299511][T13321] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 443.485403][ T5] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 443.548999][T11495] gtco 2-1:0.219: Failed to get HID Report Descriptor of size: 129 [ 443.557600][T11495] gtco: probe of 2-1:0.219 failed with error -5 [ 443.607922][T11495] usb 2-1: USB disconnect, device number 24 [ 443.667441][T11559] usb 1-1: Using ep0 maxpacket: 8 [ 443.773380][ T5] usb 6-1: Using ep0 maxpacket: 8 [ 443.804390][T11559] usb 1-1: config 0 has an invalid interface number: 240 but max is 0 [ 443.812973][T11559] usb 1-1: config 0 has no interface number 0 [ 443.819369][T11559] usb 1-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= c.44 [ 443.828988][T11559] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.876334][T11559] usb 1-1: config 0 descriptor?? [ 443.904202][ T5] usb 6-1: config 0 has an invalid interface number: 5 but max is 0 [ 443.913054][ T5] usb 6-1: config 0 has no interface number 0 [ 443.920785][ T5] usb 6-1: config 0 interface 5 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 443.933459][ T5] usb 6-1: config 0 interface 5 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 443.947022][ T5] usb 6-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00 [ 443.956407][ T5] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.985962][ T5] usb 6-1: config 0 descriptor?? [ 444.162334][T11559] usb 1-1: string descriptor 0 read error: -71 [ 444.169230][T11559] uvcvideo: Found UVC 0.00 device (0bd3:0555) [ 444.177170][T11559] uvcvideo: No valid video chain found. [ 444.190855][T11559] usb 1-1: USB disconnect, device number 27 [ 444.352113][ T3380] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 444.496734][ T5] uclogic 0003:5543:3031.0005: unknown main item tag 0x5 [ 444.504781][ T5] uclogic 0003:5543:3031.0005: unknown main item tag 0x4 [ 444.512482][ T5] uclogic 0003:5543:3031.0005: unknown main item tag 0x4 [ 444.519871][ T5] uclogic 0003:5543:3031.0005: item fetching failed at offset -1635081047 [ 444.529341][ T5] uclogic 0003:5543:3031.0005: parse failed [ 444.535793][ T5] uclogic: probe of 0003:5543:3031.0005 failed with error -22 [ 444.592173][ T3380] usb 2-1: Using ep0 maxpacket: 16 [ 444.712287][ T3380] usb 2-1: config 0 has an invalid interface number: 219 but max is 0 [ 444.720713][ T3380] usb 2-1: config 0 has no interface number 0 [ 444.727249][ T3380] usb 2-1: New USB device found, idVendor=078c, idProduct=1002, bcdDevice=e6.47 [ 444.736668][ T3380] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 444.758002][T11526] usb 6-1: USB disconnect, device number 3 [ 444.803364][ T3380] usb 2-1: config 0 descriptor?? [ 444.915932][ T5] usb 1-1: new high-speed USB device number 28 using dummy_hcd 14:23:20 executing program 3 (fault-call:7 fault-nth:23): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:20 executing program 2: getsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000080)=0x4) r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dlm-control\x00', 0x28000, 0x0) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000002c0)=0x1000000) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$sock_inet_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000300)) r4 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r5 = socket$inet6(0x10, 0x3, 0x0) r6 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$VIDIOC_TRY_FMT(r6, 0xc0d05640, &(0x7f0000000100)={0x8, @sliced={0x9, [0x5, 0x9, 0x7fff, 0x6, 0x6, 0x2, 0x6, 0x1, 0x3bae, 0x2, 0x6, 0x400, 0x7e, 0x7, 0x8, 0x7, 0x6, 0xfff8, 0xd563, 0x8001, 0x4, 0x6, 0x6, 0x3, 0x2, 0x7668, 0x1c5c, 0x0, 0x0, 0x40, 0x133, 0x1ff, 0x166, 0xfff8, 0x4, 0x8, 0xc8f, 0x0, 0x7, 0x80, 0x800, 0xfffd, 0xffff, 0x100, 0x5, 0x0, 0x4, 0x7], 0x3}}) sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r7 = syz_usb_connect$hid(0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x0) syz_usb_control_io$hid(r7, 0x0, 0x0) r8 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000340)={0x6, 0x1, 0xffff, 0x1, 0x0}, &(0x7f00000003c0)=0x10) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r8, 0x84, 0x7c, &(0x7f0000000400)={r9, 0x8, 0x5b}, &(0x7f0000000440)=0x8) syz_usb_control_io(r7, &(0x7f00000006c0)={0x2c, &(0x7f0000000480)=ANY=[@ANYBLOB="005a590000003b00c6af356bb46028150d2f81cddc101a52e7a61e040c5e09fc7e4e6eefa70d34f57a4c8595703eaa5310ace48ded9d7f89cbbc3a8356"], 0x0, 0x0, 0x0, 0x0}, 0x0) [ 445.132413][ T3380] gtco 2-1:0.219: Failed to get HID Report Descriptor of size: 129 [ 445.140750][ T3380] gtco: probe of 2-1:0.219 failed with error -5 [ 445.156708][ T32] audit: type=1804 audit(1571495000.205:104): pid=13343 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/109/file0/bus" dev="ramfs" ino=37559 res=1 [ 445.162332][ T5] usb 1-1: Using ep0 maxpacket: 8 14:23:20 executing program 1: syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x17, 0x18, 0x66, 0x8, 0xa257, 0x2013, 0x7af3, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xaa, 0x36, 0x2c}}]}}]}}, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/V6|\xc2\x00\x05\xfa\xff\xf5', 0x7, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) write$UHID_INPUT2(r0, &(0x7f0000000040)={0xc, 0x7, "874d66a4f5bcc8"}, 0xd) r1 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/Dsp#\x00', 0x28000, 0x400000) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0x401) [ 445.211696][T13343] FAULT_INJECTION: forcing a failure. [ 445.211696][T13343] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 445.225109][T13343] CPU: 1 PID: 13343 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 445.233098][T13343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 445.243173][T13343] Call Trace: [ 445.247003][T13343] dump_stack+0x191/0x1f0 [ 445.251371][T13343] should_fail+0xa3f/0xa50 [ 445.255845][T13343] should_fail_alloc_page+0x1fb/0x270 [ 445.261251][T13343] __alloc_pages_nodemask+0x3c1/0x60c0 [ 445.266745][T13343] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.272678][T13343] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 445.278686][T13343] ? prep_new_page+0x792/0x9b0 [ 445.283489][T13343] ? get_page_from_freelist+0x11d3/0x19f0 [ 445.289263][T13343] kmsan_alloc_page+0x131/0x370 [ 445.294144][T13343] __alloc_pages_nodemask+0x149d/0x60c0 [ 445.299712][T13343] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.308590][T13343] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 445.314766][T13343] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.320683][T13343] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 445.326868][T13343] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.332768][T13343] alloc_pages_vma+0xc9d/0x18c0 [ 445.337631][T13343] wp_page_copy+0x464/0x26d0 [ 445.343102][T13343] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 445.349083][T13343] do_wp_page+0x1e8c/0x37f0 [ 445.353577][T13343] ? kmsan_internal_set_origin+0x6a/0xb0 [ 445.359208][T13343] handle_mm_fault+0x46e3/0x9f70 [ 445.364170][T13343] do_user_addr_fault+0x905/0x1510 [ 445.369288][T13343] __do_page_fault+0x1a2/0x410 [ 445.374054][T13343] do_page_fault+0xbb/0x500 [ 445.378551][T13343] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 445.383924][T13343] page_fault+0x4e/0x60 [ 445.388069][T13343] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 445.394782][T13343] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 445.414463][T13343] RSP: 0018:ffff8881856ff778 EFLAGS: 00010206 [ 445.420603][T13343] RAX: ffffffff8496408c RBX: ffff8881a96ee468 RCX: 0000000000000300 [ 445.431080][T13343] RDX: 0000000000001000 RSI: ffff8881aafddd00 RDI: 0000000020003000 [ 445.439071][T13343] RBP: ffff8881856ff7e8 R08: 0000000000000000 R09: 0000000000000000 [ 445.447051][T13343] R10: 0000000000000000 R11: ffffffff81d4e001 R12: 0000000000001000 [ 445.455025][T13343] R13: ffff8881aafdd000 R14: ffff8881856ff780 R15: 0000000020002300 [ 445.463090][T13343] ? find_get_pages_range_tag+0xe51/0xe60 [ 445.468803][T13343] ? copyout+0xcc/0x1f0 [ 445.472954][T13343] ? copyout+0x113/0x1f0 [ 445.477279][T13343] copy_page_to_iter+0x6dc/0x1910 [ 445.482401][T13343] generic_file_read_iter+0x2979/0x3e70 [ 445.487976][T13343] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.493859][T13343] ? find_get_pages_range_tag+0xe60/0xe60 [ 445.499572][T13343] do_iter_readv_writev+0xa16/0xc30 [ 445.504774][T13343] ? find_get_pages_range_tag+0xe60/0xe60 [ 445.510496][T13343] do_iter_read+0x30b/0xe10 [ 445.514995][T13343] ? import_iovec+0x4ad/0x660 [ 445.519674][T13343] do_readv+0x37f/0x710 [ 445.523832][T13343] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.529719][T13343] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 445.535783][T13343] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 445.541492][T13343] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.547380][T13343] __se_sys_readv+0x9b/0xb0 [ 445.551893][T13343] __x64_sys_readv+0x4a/0x70 [ 445.556489][T13343] do_syscall_64+0xb6/0x160 [ 445.561004][T13343] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 445.566888][T13343] RIP: 0033:0x459a59 [ 445.570897][T13343] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 445.590666][T13343] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 445.599076][T13343] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 445.607040][T13343] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 445.615107][T13343] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 445.623597][T13343] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 445.631555][T13343] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 445.652244][ T5] usb 1-1: config 0 has an invalid interface number: 240 but max is 0 [ 445.660577][ T5] usb 1-1: config 0 has no interface number 0 [ 445.666887][ T5] usb 1-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= c.44 [ 445.676853][ T5] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 445.698313][ T3380] usb 2-1: USB disconnect, device number 25 14:23:20 executing program 3 (fault-call:7 fault-nth:24): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 445.715697][ T5] usb 1-1: config 0 descriptor?? [ 445.856703][ T32] audit: type=1804 audit(1571495000.905:105): pid=13354 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/110/file0/bus" dev="ramfs" ino=37594 res=1 [ 445.859607][T13354] FAULT_INJECTION: forcing a failure. [ 445.859607][T13354] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 445.892288][T13354] CPU: 0 PID: 13354 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 445.900214][T13354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 445.910389][T13354] Call Trace: [ 445.913720][T13354] dump_stack+0x191/0x1f0 [ 445.918095][T13354] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.924198][T13354] should_fail+0xa3f/0xa50 [ 445.928751][T13354] should_fail_alloc_page+0x1fb/0x270 [ 445.934160][T13354] __alloc_pages_nodemask+0x3c1/0x60c0 [ 445.939657][T13354] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.945583][T13354] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 445.951790][T13354] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.957727][T13354] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 445.963938][T13354] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.969884][T13354] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 445.975812][T13354] alloc_pages_vma+0xc9d/0x18c0 [ 445.980709][T13354] wp_page_copy+0x464/0x26d0 [ 445.985359][T13354] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 445.991368][T13354] do_wp_page+0x1e8c/0x37f0 [ 445.995900][T13354] ? kmsan_internal_set_origin+0x6a/0xb0 [ 446.001580][T13354] handle_mm_fault+0x46e3/0x9f70 [ 446.006585][T13354] do_user_addr_fault+0x905/0x1510 [ 446.011752][T13354] __do_page_fault+0x1a2/0x410 [ 446.016557][T13354] do_page_fault+0xbb/0x500 [ 446.021094][T13354] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 446.026583][T13354] page_fault+0x4e/0x60 [ 446.030784][T13354] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 446.037400][T13354] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 446.057552][T13354] RSP: 0018:ffff8881a283f778 EFLAGS: 00010206 [ 446.063641][T13354] RAX: ffffffff8496408c RBX: ffff8881a96ee468 RCX: 0000000000000300 [ 446.071627][T13354] RDX: 0000000000001000 RSI: ffff888182f1bd00 RDI: 0000000020004000 [ 446.079616][T13354] RBP: ffff8881a283f7e8 R08: 0000000000000000 R09: 0000000000000001 [ 446.087607][T13354] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 446.095599][T13354] R13: ffff888182f1b000 R14: ffff8881a283f780 R15: 0000000020003300 [ 446.103608][T13354] ? copyout+0xcc/0x1f0 [ 446.107804][T13354] ? copyout+0x113/0x1f0 [ 446.112088][T13354] copy_page_to_iter+0x6dc/0x1910 [ 446.117163][T13354] generic_file_read_iter+0x2979/0x3e70 [ 446.122806][T13354] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.128729][T13354] ? find_get_pages_range_tag+0xe60/0xe60 [ 446.134473][T13354] do_iter_readv_writev+0xa16/0xc30 [ 446.139718][T13354] ? find_get_pages_range_tag+0xe60/0xe60 [ 446.146589][T13354] do_iter_read+0x30b/0xe10 [ 446.151123][T13354] ? import_iovec+0x4ad/0x660 [ 446.155843][T13354] do_readv+0x37f/0x710 [ 446.160135][T13354] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.166064][T13354] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 446.172171][T13354] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 446.177951][T13354] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.183873][T13354] __se_sys_readv+0x9b/0xb0 [ 446.188405][T13354] __x64_sys_readv+0x4a/0x70 [ 446.193025][T13354] do_syscall_64+0xb6/0x160 [ 446.197561][T13354] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.203473][T13354] RIP: 0033:0x459a59 [ 446.207397][T13354] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 446.227023][T13354] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 446.235586][T13354] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 446.243576][T13354] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 14:23:21 executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100000000008, 0x926, 0x3333, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x22}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000040)={0x0, 0x0, 0x22, {0x22, 0x0, "bedc2a5443640a789bdd51ea6221d59bc578290bb75545b86415f523b546d3b9"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0xea, 0x0) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000100)={0x0, 0x0, 0x0, {0x0, 0x10001}, {0x46, 0x1}, @period={0x0, 0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0}}) r1 = syz_open_dev$hidraw(0x0, 0x0, 0x101) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, &(0x7f00000000c0)=0xfffffffc, 0x4) write$hidraw(r1, &(0x7f0000000080)='\x00', 0x1e8) [ 446.251569][T13354] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 446.259562][T13354] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 446.267553][T13354] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 446.333363][ T5] usb 1-1: string descriptor 0 read error: -71 [ 446.339752][ T5] uvcvideo: Found UVC 0.00 device (0bd3:0555) [ 446.347315][ T5] uvcvideo: No valid video chain found. [ 446.356103][T11526] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 446.368898][ T5] usb 1-1: USB disconnect, device number 28 14:23:21 executing program 3 (fault-call:7 fault-nth:25): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 446.502799][ T3380] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 446.564413][ T32] audit: type=1804 audit(1571495001.615:106): pid=13361 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/111/file0/bus" dev="ramfs" ino=37610 res=1 [ 446.565676][T13361] FAULT_INJECTION: forcing a failure. [ 446.565676][T13361] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 446.599236][T13361] CPU: 0 PID: 13361 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 446.607151][T13361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 446.617224][T13361] Call Trace: [ 446.620547][T13361] dump_stack+0x191/0x1f0 [ 446.624910][T13361] should_fail+0xa3f/0xa50 [ 446.629361][T13361] should_fail_alloc_page+0x1fb/0x270 [ 446.634758][T13361] __alloc_pages_nodemask+0x3c1/0x60c0 [ 446.640239][T13361] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.646160][T13361] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 446.652172][T13361] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 446.658358][T13361] ? prep_new_page+0x792/0x9b0 [ 446.663159][T13361] ? get_page_from_freelist+0x11d3/0x19f0 [ 446.668932][T13361] kmsan_alloc_page+0xc3/0x370 [ 446.673724][T13361] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.679646][T13361] __alloc_pages_nodemask+0x149d/0x60c0 [ 446.686267][T13361] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.692186][T13361] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 446.698365][T13361] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.704281][T13361] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 446.711172][T13361] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.717280][T13361] alloc_pages_vma+0xc9d/0x18c0 [ 446.722154][T13361] wp_page_copy+0x464/0x26d0 [ 446.726800][T13361] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 446.734032][T13361] do_wp_page+0x1e8c/0x37f0 [ 446.738551][T13361] ? kmsan_internal_set_origin+0x6a/0xb0 [ 446.744209][T13361] handle_mm_fault+0x46e3/0x9f70 [ 446.749196][T13361] do_user_addr_fault+0x905/0x1510 [ 446.754345][T13361] __do_page_fault+0x1a2/0x410 [ 446.759128][T13361] do_page_fault+0xbb/0x500 [ 446.763657][T13361] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 446.769049][T13361] page_fault+0x4e/0x60 [ 446.773229][T13361] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 446.779918][T13361] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 446.799883][T13361] RSP: 0018:ffff888182a4f778 EFLAGS: 00010206 [ 446.801196][T13364] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.4'. [ 446.805958][T13361] RAX: ffffffff8496408c RBX: ffff8881b58f6468 RCX: 0000000000000300 [ 446.805968][T13361] RDX: 0000000000001000 RSI: ffff8881829d8d00 RDI: 0000000020004000 [ 446.805978][T13361] RBP: ffff888182a4f7e8 R08: 0000000000000000 R09: 0000000000000001 [ 446.805987][T13361] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 446.805997][T13361] R13: ffff8881829d8000 R14: ffff888182a4f780 R15: 0000000020003300 [ 446.806026][T13361] ? copyout+0xcc/0x1f0 [ 446.806045][T13361] ? copyout+0x113/0x1f0 [ 446.806070][T13361] copy_page_to_iter+0x6dc/0x1910 [ 446.806112][T13361] generic_file_read_iter+0x2979/0x3e70 [ 446.806173][T13361] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.806211][T13361] ? find_get_pages_range_tag+0xe60/0xe60 [ 446.885886][T13361] do_iter_readv_writev+0xa16/0xc30 [ 446.891132][T13361] ? find_get_pages_range_tag+0xe60/0xe60 [ 446.896876][T13361] do_iter_read+0x30b/0xe10 [ 446.901408][T13361] ? import_iovec+0x4ad/0x660 [ 446.906119][T13361] do_readv+0x37f/0x710 [ 446.910315][T13361] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.916234][T13361] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 446.922313][T13361] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 446.928051][T13361] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 446.933968][T13361] __se_sys_readv+0x9b/0xb0 [ 446.938497][T13361] __x64_sys_readv+0x4a/0x70 [ 446.943108][T13361] do_syscall_64+0xb6/0x160 [ 446.947626][T13361] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 446.953539][T13361] RIP: 0033:0x459a59 [ 446.957444][T13361] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 446.977061][T13361] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 446.985492][T13361] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 446.993479][T13361] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 447.001468][T13361] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 14:23:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040), 0x4) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) listen(r0, 0x400000001ffffffd) epoll_create1(0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mounts\x00') epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x1, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r4, 0x25, 0x0, 0x0, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev}]}, 0x28}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000054c0)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r8, @ANYBLOB="00000000ffffffff0001007366710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef6700"/96], 0x74}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000002c00010700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000030000000c000100070000006465780014000200080001016a1000000800020000000000"], 0x3}}, 0x0) sendmsg$FOU_CMD_DEL(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r4, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@FOU_ATTR_IFINDEX={0x8, 0xb, r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x28008080}, 0x40000812) socket$tipc(0x1e, 0x8000000005, 0x0) r9 = socket$tipc(0x1e, 0x8000000005, 0x0) shutdown(r9, 0x2) r10 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x200000, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) r11 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r11, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) accept$unix(r10, &(0x7f0000000080)=@abs, &(0x7f0000000180)=0x6e) r12 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r12, &(0x7f0000003d40)=[{{0x0, 0xffffffbf, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}], 0x4000000000000d0, 0x0) [ 447.009483][T13361] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 447.017473][T13361] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 447.062186][T11526] usb 6-1: Using ep0 maxpacket: 8 [ 447.122512][T11526] usb 6-1: device descriptor read/all, error -71 14:23:22 executing program 5: syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef420000000109021b00017600000009040000010209bd00070581070001000000bf52cf6794a9d3"], 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_open_dev$char_usb(0xc, 0xb4, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x10000191, 0x0, 0xffffffffffffff81}, 0x0) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r4 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r5 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000040)=[r2, r3, r4, r5], 0x4) r6 = syz_usb_connect$hid(0x0, 0xb7, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100000000008, 0x1e5e, 0x313, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x22}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r6, 0x0, 0x0) syz_usb_control_io(r6, &(0x7f0000000080)={0x25, &(0x7f0000000300)=ANY=[@ANYBLOB="0900740000007400bedc2a54436408789bdd5545b86415f523b546d3b92ca2240969fe2b"], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_disconnect(r6) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x0, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="1201fe0009003c0800240042ef420000000109021b00017600000009040000010209bd6e740581070001000000bf52cf6794a9d3"], 0x0) [ 447.183821][ T5] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 447.212319][ T3380] usb 2-1: Using ep0 maxpacket: 8 14:23:22 executing program 3 (fault-call:7 fault-nth:26): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 447.352460][ T3380] usb 2-1: New USB device found, idVendor=a257, idProduct=2013, bcdDevice=7a.f3 [ 447.361632][ T3380] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.396213][ T3380] usb 2-1: config 0 descriptor?? [ 447.431209][ T32] audit: type=1804 audit(1571495002.475:107): pid=13372 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/112/file0/bus" dev="ramfs" ino=37959 res=1 [ 447.446433][ T5] usb 1-1: Using ep0 maxpacket: 8 [ 447.489642][T13372] FAULT_INJECTION: forcing a failure. [ 447.489642][T13372] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 447.502925][T13372] CPU: 0 PID: 13372 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 447.510836][T13372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 447.520911][T13372] Call Trace: [ 447.524060][T13364] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.4'. [ 447.524240][T13372] dump_stack+0x191/0x1f0 [ 447.537869][T13372] should_fail+0xa3f/0xa50 [ 447.542342][T13372] should_fail_alloc_page+0x1fb/0x270 [ 447.547759][T13372] __alloc_pages_nodemask+0x3c1/0x60c0 [ 447.553238][T13372] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 447.559325][T13372] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 447.565326][T13372] ? prep_new_page+0x792/0x9b0 [ 447.570125][T13372] ? get_page_from_freelist+0x11d3/0x19f0 [ 447.575938][T13372] kmsan_alloc_page+0x131/0x370 [ 447.581411][T13372] __alloc_pages_nodemask+0x149d/0x60c0 [ 447.586958][T13372] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 447.592842][T13372] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 447.598997][T13372] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 447.604895][T13372] ? __msan_metadata_ptr_for_store_4+0x13/0x20 [ 447.611054][T13372] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 447.616939][T13372] alloc_pages_vma+0xc9d/0x18c0 [ 447.621792][T13372] wp_page_copy+0x464/0x26d0 [ 447.626389][T13372] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 447.632349][T13372] do_wp_page+0x1e8c/0x37f0 [ 447.636833][T13372] ? kmsan_internal_set_origin+0x6a/0xb0 [ 447.642463][T13372] handle_mm_fault+0x46e3/0x9f70 [ 447.647401][T13372] do_user_addr_fault+0x905/0x1510 [ 447.652507][T13372] __do_page_fault+0x1a2/0x410 [ 447.657262][T13372] do_page_fault+0xbb/0x500 [ 447.661766][T13372] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 447.667164][T13372] page_fault+0x4e/0x60 [ 447.671321][T13372] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 447.677907][T13372] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 447.683859][ T3380] usb 2-1: USB disconnect, device number 26 [ 447.697599][T13372] RSP: 0018:ffff888185d2f778 EFLAGS: 00010206 [ 447.697612][T13372] RAX: ffffffff8496408c RBX: ffff8881b58f27e8 RCX: 0000000000000300 [ 447.697620][T13372] RDX: 0000000000001000 RSI: ffff888182d5ad00 RDI: 0000000020004000 [ 447.697628][T13372] RBP: ffff888185d2f7e8 R08: 0000000000000000 R09: 0000000000000001 [ 447.697636][T13372] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 447.697645][T13372] R13: ffff888182d5a000 R14: ffff888185d2f780 R15: 0000000020003300 [ 447.697701][T13372] ? copyout+0xcc/0x1f0 [ 447.753569][T13372] ? copyout+0x113/0x1f0 [ 447.757805][T13372] copy_page_to_iter+0x6dc/0x1910 [ 447.763514][T13372] generic_file_read_iter+0x2979/0x3e70 [ 447.769060][T13372] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 447.774931][T13372] ? find_get_pages_range_tag+0xe60/0xe60 [ 447.780628][T13372] do_iter_readv_writev+0xa16/0xc30 [ 447.785825][T13372] ? find_get_pages_range_tag+0xe60/0xe60 [ 447.791528][T13372] do_iter_read+0x30b/0xe10 [ 447.796010][T13372] ? import_iovec+0x4ad/0x660 [ 447.800705][T13372] do_readv+0x37f/0x710 [ 447.804858][T13372] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 447.810739][T13372] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 447.816795][T13372] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 447.822580][T13372] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 447.828462][T13372] __se_sys_readv+0x9b/0xb0 [ 447.832948][T13372] __x64_sys_readv+0x4a/0x70 [ 447.837519][T13372] do_syscall_64+0xb6/0x160 [ 447.842001][T13372] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 447.847883][T13372] RIP: 0033:0x459a59 [ 447.851781][T13372] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 447.871463][T13372] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 447.879853][T13372] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 447.887900][T13372] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 447.895848][T13372] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 447.903797][T13372] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 447.911749][T13372] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:23 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xffffffff, 0x3a1000) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000080)={0x800, {{0xa, 0x4e22, 0x0, @remote, 0x1000}}, {{0xa, 0x4e20, 0x7, @mcast1, 0x4}}}, 0x108) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cachefiles\x00', 0x30000, 0x0) shutdown(r1, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @mcast2, 0x2f5}}, 0x0, 0x0, 0x4000, 0x0, 0x91}, 0x98) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000040)=[@in={0x2, 0x0, @dev}], 0x10) [ 448.004242][ T5] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 448.015694][ T5] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 448.028939][ T5] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00 [ 448.038176][ T5] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 14:23:23 executing program 3 (fault-call:7 fault-nth:27): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 448.070659][ T5] usb 1-1: config 0 descriptor?? 14:23:23 executing program 4: r0 = socket$kcm(0x10, 0x2, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x128000, 0x0) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000000)) r2 = request_key(&(0x7f0000000180)='id_legacy\x00', &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000200)='em1ð1securityvmnet0)bdev!mime_type\x00', 0xfffffffffffffffd) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, r2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x200, 0x0) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) r6 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r6, 0x80006040045010, &(0x7f0000000140)=0x3) r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/pfkey\x00', 0x40000, 0x0) ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000002c0)={0x100000, &(0x7f0000000240), 0x2, r7, 0xd}) r8 = getpid() rt_tgsigqueueinfo(r8, r8, 0x16, &(0x7f0000000000)) ptrace(0x10, r8) ptrace$getregset(0x4204, r8, 0x2, &(0x7f0000000100)={&(0x7f0000001300)=""/4096, 0x1000}) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) r10 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r11 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) kcmp$KCMP_EPOLL_TFD(r8, r9, 0x7, r10, &(0x7f0000000380)={r5, r11, 0x3f}) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r5) sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)}, 0x4000000) [ 448.170808][ T32] audit: type=1804 audit(1571495003.215:108): pid=13383 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/113/file0/bus" dev="ramfs" ino=38015 res=1 [ 448.198224][T13383] FAULT_INJECTION: forcing a failure. [ 448.198224][T13383] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 448.212121][T11526] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 448.221319][T13383] CPU: 1 PID: 13383 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 448.229259][T13383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 448.239362][T13383] Call Trace: [ 448.242723][T13383] dump_stack+0x191/0x1f0 [ 448.247135][T13383] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 448.253118][T13383] should_fail+0xa3f/0xa50 [ 448.257630][T13383] should_fail_alloc_page+0x1fb/0x270 [ 448.263086][T13383] __alloc_pages_nodemask+0x3c1/0x60c0 14:23:23 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) close(r0) syz_open_dev$usbfs(&(0x7f0000001280)='/dev/bus/usb/00#/00#\x00', 0x1a9f, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x480b75594570cc50, 0x0, 0x0, 0xfffffcc5) [ 448.268623][T13383] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 448.274601][T13383] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 448.280745][T13383] ? unlock_page_memcg+0x7a/0x1c0 [ 448.285820][T13383] ? kmsan_get_metadata+0x128/0x350 [ 448.291053][T13383] ? __msan_instrument_asm_store+0x98/0x150 [ 448.296980][T13383] ? wp_page_copy+0x2469/0x26d0 [ 448.301907][T13383] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 448.307842][T13383] alloc_pages_vma+0xc9d/0x18c0 [ 448.313087][T13383] handle_mm_fault+0x38f5/0x9f70 [ 448.318068][T13383] ? generic_file_read_iter+0x3e70/0x3e70 [ 448.323836][T13383] do_user_addr_fault+0x905/0x1510 [ 448.329015][T13383] __do_page_fault+0x1a2/0x410 [ 448.333813][T13383] do_page_fault+0xbb/0x500 [ 448.338353][T13383] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 448.343759][T13383] page_fault+0x4e/0x60 [ 448.347948][T13383] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 448.354569][T13383] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 448.374227][T13383] RSP: 0018:ffff888185dff778 EFLAGS: 00010206 [ 448.380344][T13383] RAX: ffffffff8496408c RBX: ffff8881b58f6468 RCX: 0000000000000300 [ 448.388357][T13383] RDX: 0000000000001000 RSI: ffff888185cadd00 RDI: 0000000020005000 [ 448.396361][T13383] RBP: ffff888185dff7e8 R08: 0000000000000000 R09: 0000000000000002 [ 448.404365][T13383] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 448.412360][T13383] R13: ffff888185cad000 R14: ffff888185dff780 R15: 0000000020004300 [ 448.420388][T13383] ? copyout+0xcc/0x1f0 [ 448.424576][T13383] ? copyout+0x113/0x1f0 [ 448.428854][T13383] copy_page_to_iter+0x6dc/0x1910 [ 448.433936][T13383] generic_file_read_iter+0x2979/0x3e70 [ 448.439712][T13383] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 448.445652][T13383] ? find_get_pages_range_tag+0xe60/0xe60 [ 448.451408][T13383] do_iter_readv_writev+0xa16/0xc30 [ 448.456659][T13383] ? find_get_pages_range_tag+0xe60/0xe60 [ 448.462423][T13383] do_iter_read+0x30b/0xe10 [ 448.466958][T13383] ? import_iovec+0x4ad/0x660 [ 448.471678][T13383] do_readv+0x37f/0x710 [ 448.475947][T13383] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 448.481877][T13383] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 448.487970][T13383] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 448.493726][T13383] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 448.499648][T13383] __se_sys_readv+0x9b/0xb0 [ 448.504186][T13383] __x64_sys_readv+0x4a/0x70 [ 448.508832][T13383] do_syscall_64+0xb6/0x160 [ 448.513408][T13383] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 448.519423][T13383] RIP: 0033:0x459a59 [ 448.523354][T13383] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 448.552301][T13383] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 448.560755][T13383] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 448.569182][T13383] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 448.577173][T13383] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 448.585164][T13383] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 448.593275][T13383] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 448.684149][T13389] Unknown ioctl 44609 14:23:23 executing program 2: syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0) syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000380)={0x2c, &(0x7f0000000280)={0x0, 0x0, 0x26, {0x26, 0x0, "bedc2a5432640a789bdd51ea6221d59bc578290bb75545b864096dfe3b4f3657a976e0df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) [ 448.752019][T11526] usb 6-1: Using ep0 maxpacket: 8 [ 448.865951][ T5] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor [ 448.877440][T11526] usb 6-1: config 118 has an invalid descriptor of length 0, skipping remainder of the config [ 448.887947][T11526] usb 6-1: config 118 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 448.899195][T11526] usb 6-1: New USB device found, idVendor=2400, idProduct=4200, bcdDevice=42.ef [ 448.908404][T11526] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.912039][ T3380] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 448.932985][ T5] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0006/input/input12 [ 448.990689][T11526] hub 6-1:118.0: ignoring external hub [ 449.034466][ T5] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 449.058274][T11526] cdc_wdm 6-1:118.0: cdc-wdm0: USB WDM device [ 449.084704][ T5] usb 1-1: USB disconnect, device number 29 [ 449.182413][ T3380] usb 2-1: Using ep0 maxpacket: 8 [ 449.302455][ T3380] usb 2-1: New USB device found, idVendor=a257, idProduct=2013, bcdDevice=7a.f3 [ 449.311741][ T3380] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 449.361124][ T3380] usb 2-1: config 0 descriptor?? [ 449.385916][T11495] usb 6-1: USB disconnect, device number 5 14:23:24 executing program 3 (fault-call:7 fault-nth:28): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:24 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/iidiC#D#\x00', 0x2, 0x40) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001400)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) pause() ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) read(r1, 0x0, 0x0) ioctl$SG_GET_COMMAND_Q(r0, 0x2270, &(0x7f0000000080)) dup2(r0, r2) lseek(r0, 0x0, 0x3) [ 449.606045][T11495] usb 2-1: USB disconnect, device number 27 [ 449.679288][ T32] audit: type=1804 audit(1571495004.725:109): pid=13409 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/114/file0/bus" dev="ramfs" ino=37728 res=1 [ 449.682325][T13409] FAULT_INJECTION: forcing a failure. [ 449.682325][T13409] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 449.714117][T13409] CPU: 0 PID: 13409 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 449.722012][T13409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 449.735305][T13409] Call Trace: [ 449.738592][T13409] dump_stack+0x191/0x1f0 [ 449.743490][T13409] should_fail+0xa3f/0xa50 [ 449.747948][T13409] should_fail_alloc_page+0x1fb/0x270 [ 449.753417][T13409] __alloc_pages_nodemask+0x3c1/0x60c0 [ 449.758881][T13409] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 449.764777][T13409] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 449.770759][T13409] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 449.776931][T13409] ? prep_new_page+0x792/0x9b0 [ 449.781700][T13409] ? get_page_from_freelist+0x11d3/0x19f0 [ 449.787431][T13409] kmsan_alloc_page+0xc3/0x370 [ 449.792371][T13409] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 449.798370][T13409] __alloc_pages_nodemask+0x149d/0x60c0 [ 449.804035][T13409] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 449.810076][T13409] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 449.816137][T13409] ? unlock_page_memcg+0x7a/0x1c0 [ 449.821350][T13409] ? kmsan_get_metadata+0x128/0x350 [ 449.826544][T13409] ? __msan_instrument_asm_store+0x98/0x150 [ 449.832425][T13409] ? wp_page_copy+0x2469/0x26d0 [ 449.837286][T13409] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 449.843186][T13409] alloc_pages_vma+0xc9d/0x18c0 [ 449.848069][T13409] handle_mm_fault+0x38f5/0x9f70 [ 449.853040][T13409] ? generic_file_read_iter+0x3e70/0x3e70 [ 449.858757][T13409] do_user_addr_fault+0x905/0x1510 [ 449.863881][T13409] __do_page_fault+0x1a2/0x410 [ 449.868666][T13409] do_page_fault+0xbb/0x500 [ 449.873174][T13409] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 449.878535][T13409] page_fault+0x4e/0x60 [ 449.882853][T13409] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 449.889447][T13409] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 449.909053][T13409] RSP: 0018:ffff888186b4f778 EFLAGS: 00010206 [ 449.915116][T13409] RAX: ffffffff8496408c RBX: ffff8881a96ea7e8 RCX: 0000000000000300 [ 449.923094][T13409] RDX: 0000000000001000 RSI: ffff888181bd7d00 RDI: 0000000020005000 [ 449.931077][T13409] RBP: ffff888186b4f7e8 R08: 0000000000000000 R09: 0000000000000002 [ 449.939038][T13409] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 449.947603][T13409] R13: ffff888181bd7000 R14: ffff888186b4f780 R15: 0000000020004300 [ 449.955591][T13409] ? copyout+0xcc/0x1f0 [ 449.959755][T13409] ? copyout+0x113/0x1f0 [ 449.963998][T13409] copy_page_to_iter+0x6dc/0x1910 [ 449.969072][T13409] generic_file_read_iter+0x2979/0x3e70 [ 449.974674][T13409] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 449.980584][T13409] ? find_get_pages_range_tag+0xe60/0xe60 [ 449.987162][T13409] do_iter_readv_writev+0xa16/0xc30 [ 449.992378][T13409] ? find_get_pages_range_tag+0xe60/0xe60 [ 449.998092][T13409] do_iter_read+0x30b/0xe10 [ 450.002586][T13409] ? import_iovec+0x4ad/0x660 [ 450.007257][T13409] do_readv+0x37f/0x710 [ 450.011411][T13409] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 450.017298][T13409] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 450.023454][T13409] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 450.029164][T13409] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 450.035051][T13409] __se_sys_readv+0x9b/0xb0 [ 450.039550][T13409] __x64_sys_readv+0x4a/0x70 [ 450.044135][T13409] do_syscall_64+0xb6/0x160 [ 450.048631][T13409] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.054517][T13409] RIP: 0033:0x459a59 [ 450.058405][T13409] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:23:25 executing program 5: r0 = socket$unix(0x1, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap(&(0x7f0000600000/0x4000)=nil, 0x4000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') readv(r2, &(0x7f0000000040)=[{&(0x7f0000002400)=""/4096, 0x10b6}], 0x1) 14:23:25 executing program 1: syz_usb_connect(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="120100003ee7ed40b82227604e210000000109022d0001000000000904320000020a0000052406000005240000000da40f01000000000000000000042413d96319cb4d106569a787a5d2873b0a34aaec598a98cbf0e7407544299722469374bf1ad793624ec346c71624aeff140caa1dd465da0e4ca0814815a971132541a2b3941e9d53163f4c07d34e99aad130b7d8a5387fe8485837da95277994cecfcd447ec6672e3057aa11cc1a80053ec1f21bf056aa"], 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4) [ 450.078137][T13409] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 450.086567][T13409] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 450.094571][T13409] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 450.102555][T13409] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 450.110536][T13409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 450.118617][T13409] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:25 executing program 0: syz_usb_connect(0x0, 0x24, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100007ca10c08e30502055ce68000000109021200010000000009048e0000090088001c92f5fbff6cf942e99998325d7f030bc99a9d0fe5439a218a423ce414b8e68b32c7c4104a1c12e8b513418acc0d2213f471b5657e098fbcc939cdbd3e13167e000000000000800991b904537f9c87b1e2d9908c1a89d6ffb6c1e17bb1efada246e6e1b5913f874f7dde083d28c33b99799970cda01a4a51462ecda26e41a136f34cedf1c006f587f71a42de1de9d7e462ebf65f55e6a1ecaf7bdd43e63896bbbefb3637f95beb5029f28da5058475f024287ea67c05588852"], 0x0) setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, &(0x7f0000000000)='$\x00', 0x2) r0 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2) ioctl$VT_RELDISP(r0, 0x5605) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) 14:23:25 executing program 2: r0 = socket(0x10, 0x3, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="5500000018007f01480500b2a4a280930206000100a843096c2623692500060013000103bd48a3c728f1c46bc3f6431efdb1e88831afdc1338d54400fd9b84136ef75afb83de448daa7227c43ab8220000bf0cec40", 0x55}], 0x1, 0x0, 0x0, 0x46020000}, 0x0) sendmmsg$alg(r0, &(0x7f0000001340)=[{0x0, 0x0, &(0x7f0000001200)=[{&(0x7f0000000040)="4bbe3e79b58e567b06b7be259fb69f4f9596e471f1bf65ceab69e2ac8f0df25f610da0dfe79b6d3d970c06caefc6ebb0ff4966dbc4e64900bd0af887b14965a2e5f478899c5bcfba4e24a98ff23388f0d31409b08def8b660a105767dd23a1867a97dc49fa3034468ff32cf9fdee7d7597100fedc5a8c48a6295195f7aa2856a5fbc1ae3589102d659faaf511b35ba2e79c40bca3caf416d3b7bcc9f7e1d040515aec8fc7c61be02fb43d10a51abfd8c8144bf26dfa17995e540eeae882c00878ed371ddbe3e12f9263dc65d16ed074def14d9dc0c1ea5d9e14a99726bcbb73145f7c356a08e2ec7ed20b0ecedb076cf336dbafcd67ed780b1a6d2de7e8921", 0xff}, {&(0x7f0000000200)="1713a6427793ca670e51abd87f9a550425037e3d7cf6e1e3a44ae06405a7ab31a38db9f68baca59b78c0bdd85feecd84240d966cafe2a844bb086967fe88b574269836e65df20453406cd8240de47450b0c2ce5a03689c62004d3748cc3a216265ccc80cd67a0d4867c80a6ea690261348a51960d6c523d306862969b36217f203a0977dd8095df4cd098d266714384e546e498dfcb7379ded64f6e93afe49b3188af367d1e88a477f9d0742f424d2b40761d66d71f886246d990cb8ab8c4777d7f041413348b2513d0e2d672269a9890601789ff2720ff276b5c9325c2579d02d0f7a4d0b40d6068f484ff79d03b98b0f53bdf2ccb4f44453379daedf8a8b3a9c1112a509503b4f40c433f2ca8d1ecb10d79962257e0aab0aa31a51177a2a37855a22c7cc032c0a3e5aee2081ba425e7de17b4e90028147719d227b52c67f43f95ab50d430138b05d97c72373fd0efccad84e3fc368f6e601d1d8ca2458a3b2ca655024d60a205a889f04d79762d106d4568c2eda82e3f0f5f6d6fdcd079ec6f22f41879d6dd22a9ef64d1519b3ab7dcec786e17e9614557b7f52f3c84c09b1d8f1ca18484bdce02ddf987fd90d135363a57a7fcedcf9e1af5dc1a9c96fbcaefd01910ab401ebb21e6a888a2e429d56659c9806cb96deccb1b8b1b3d28225c36c5e937b764c6dbe4392eb8460d6ea849b6abebcba46bba2a50e6653fcb2b181888cb47cf5c7f7c54fa4e39b3a60cf4a617bb38b3aee912afec9f1347a586090a8ce16ab5c4cbcd1082091219f068f04149279c8a1ae4ec67ca925a652c6b205b51d6faa157d2332335e4e984b8534393fcfd98d8df4a80b8fdc20e906013b2510711ac6d28ed00538ada95864795dc8b548a3cd1bb7edc5a56804097e429474938e4d18da801d5cb0b2ce35ec9a8cc2d4899cf06946b28d33075e4b9dce27d21504ade3d382ea54c254a35fd73d9db974a64ccd81e4aedc2e642765bafb7079202cb251f9db2560a9bacb6839ef830554176268cfd8d4f23947d43bec4535a0f7fd1a7010298aabd53ede18c70bd17a32b5ec9033ade95b233a7b2583aa89030e8ed28fa4448d3a40ad505b78ce67b9e35efa26747bec655e5b5c8e2882d8a73aa3bde6d4ed40cf392c30149e23e16691216e091e6b3e3387d252ed4718d6bd138edf840977b4dd0fcca0c3a90b52c159730f3c5e09c17669d10d2e23d6c0d04b5274e2dec944e8d0c3ceea7624cd4cfda9d34044dd39dba852ffc1d38fb1e323d80f70d147c22b1f938986c3c1a111560fdcde1b5bc78ff9d22e21fb6bde851d8a97dff1a2f70f24fb2bd148abcbf1aa6444714cc969eb269a1ec8b87af0671fc4cb22d7a23f367c323cbfc88b0244d0ac5a8dd3ddcb1a5780b8986fd8b57635959e00d5a10372e8865dedee97c203687dde9807257e062b2731a765d0bca96cfccd34db0f8d163abbb9553397feeda9880ea06c9e263d98025719ca357d65bb7468ae285f2d0acfe6e58ad1c5d83e43d2a9887db2b9f187eadf0396c4e64dc4259de4558b2a82c57256b3c4329c7227d24a9acac51a5aeb761f9d765a8cda4d0def040456cf111b4d6c488ef321214cfedeafd16ff443b1c1f74842d6b4761b14542f8c01af42fb39749ec76294c6759ca1b01e1f0e3fd54539db4d76c7572ec6b9f15c3e8efbee486b79a730a51d54f71725d49aad86ec44e431d384d1db62c42a16001dcea199d0f383411643a6afc292e6dac567e49f803cbb025c0095d21dc5350df1397ccd26b5a433fc9b89ffd1860747882f367a47d2fabc1569d8081661b11af179405acf8709e502893050b8ca4f198aebbc7b62217351a3101e1a5bd9077c91fed0f7636a90084d3ad27c1ddd3887fc526651a322d2d00665cf3b5d43bab2085e8e2f6603a70e673e1903b1b5d0913fe64dbc4198da5d4e35ab01f962efde58ff5a083cd1986cdd136f384834637ff0bb2d6c78db94ca679a5bc509e5b39c113e2e6fe2d5956b243d46988a1d729bcb3436144e27bcb69e1fa7555521aa28d3fc1e0b7608e2e69f3820ca3e0217fb1eb5f7cdfb768f506800f170c9daf5ee19827d49bb2f5b56a1d1cf8436056ff43af877f49891c612f3f9667ebe32632e9cf186782906007ca36d56a5aefce090d580334ffb47b1101181b81396b177a93e975332a5181ba68807133c4c87ae7b84dd9fdb78973f83d56aa9f51bdba2f159c167eeb822e9ff53e8e0cb75e8ade448ab5550affcda69bdc36f681a1eb3da8a6f3bedaf911069920ace4d19f64adf300e89b5610e6977ca10ab15d1e591e01f5621097596cb715b3cde340f9ace8d0595985d5f559ccdea42cee4a1f65cc3adfa8b145202ad5aa2a5de2e6e9263665603c6194ee56c595272016b356e72fec54dfaa86b01ecef5311477aa0efeb6f422ee8942a137e3d7379862eb943076eca2fd14539430583718a4cf04e79ab64e35c343f410472310a17ece3d9669170a37cf4b069365928a6b96f03206f51823cdcc6cbb104537643fa9c1d5ea0581e1ed16e7bba74eee1b52fd6b02abb851157c5849816d6eba077646ad8666388cc49267670cefbd955c67b196b8802b667583e61e82a732445ffe9bafe90aaf59e1ec4787c06542fd60446c341ee22653b09c1ea82c0a94e26d26b13e4afcb113c597169593c6af36c01fb6063df20ff1bccdcd2842ae9e86f827a563a0d16175f8cd58dfbc7f05eea07bcbeecc1da7e5915144c2e3724d2b3c072e13c7129446bc4e4332c1cf5f3d3986b75b3210600b2e5130a3b40465f3a25ff1241dc90ce446f9c362466c2805c51e3b2ce621dc2f729f89c4920ce0d6c1ecc4f56d60116bda311cb1715d770966e51af77004c025da5d99142d825edf8484e0fc425cb97247f5ae73cd494eaf3ae64c4da1f769b76d4169e69f14ac556e2a6a0a08a1faa9f94d50e3fc7712c8c7147e9a0ddd558c2c5c01a0e01950ecc4e2dfad89dec305358dfb68aef2befc7b3568e69fa703bcb1e521374c3b7644158bc5a5af266cca3d35cf38f9adb4fd62de6a75f6c5d469519f94de2f07cedc9d6aaf17c3f811158dc34ca8aa614e83b576345cb22bafb5f0be2253cf7a2591bae7724d90a74b408c95101fbc0488e65be8ec0fa32bc08747a4e9a943a866dbee443814798b2e62008071d80d20cb8bb76043321dbab1dd3da07f9967a028f6a9e20c754c5bfe170f2b40dee4bce29b012fcfbbde839676cc0692b19fd8130c20870bde4e5734bc8ab9f82fd44c415410990c9afb3103bd95367ef115053d15e6c34927e1d27e466a5a55bd8adf6cd36e02f97ee1936848efbc91450433aa337a45e2ac2076f46fc3fb97184455abdb586bd311a48ee6e6d2f1faa678e43a133c24f73ec09528f599c8dcdcee9b29919712e6d84167878236857f50a66867cc73a97be0ec3f42a90bb8f691cddc9d1b444f016797ef6e96a963e1cf5fdcb5ae8241261d57518581a24845e2b9027795d6271b813fb6fb0bdcab3d3c2a50e6e61d0d1726fc643f861e6e4a7d7ff2ef26fba45a7616898cdb3fcdb8b4769bb7c3b35cd3e4037f20aaaa86703c186d8ed97275d0c892e4318f7843ee344131e81e923f3386ce72ca52c50f396470ff155c92e7e24deebe62630dbb5dbc344a3ff3a401bd1a53f8155ab76898c55d4d1af22411f02f59be01e0e5e41ee7ca7bb63ec0330856df02ff328a0c6e12927b3d0128953d52b0f09ccebd6d0fc4aaa32530603968256e6e013eec8165b7ffb79365097872a9362a5c863703af7bf19ae097cc011cef7a4c0170df87796bd7c9313ee0e23389ce31cb6ef51d69e6ab1ec9620e23fc8b366ae4941494dc80b20ec930d3eb27b5c45b0e3776c38f822e3f468d11abccbaa79c712831abe436d9df5e49c477831dfcd0cd8125a34c69853ecf7c91aacc1e7e37af1aae7c765325c52f6d39e7a9861fb3352158ccda3fa64e0f49b0e4c3717fee24ce248863aa48ca2844077e3ee6a29efa1207beb88d1ce7db03a0cb0c5bd91d1072e37f835add0fc5e753e733cad505d552fb270200657643c4e420973c8b47c5011c26b303a4ad06b75e8feed6da7589cb492cbe0dfab5776d9834738bb9e5ad1778a58ce400ebf735c97cc45356721b96655b728acd2cdd7a3842a0548ba460c6d09cc13a4b5e7e4eaab5800e82d294e12d60cc7d9f71fcbb74c39e63f0b2a18f6a8c25ae3c56fa11dde135a11a2d41c7961f4b4564ec220555cb29f85aed40a80043a06e1d47c0eda008741e223f1eb7bda0fc8a9f41abc1f340686f5d3f79c94a1c350a36125a13cb9302640ddcce487e803bd62fdb63a1be600500e79544d7799ebf93421dd3e560dc75f3286aea016951b48dfb2fb035511ea53b4ae2151870422c287ffc0ec6a7fb4112e555e850309c3409f684c3794437db474a05b07fd96b632a7de44fb63ac4f92a10bcd73d550a6b04459ccb98f69206bd59a4c85eda82813f0d00020a458a72623a2c48aad2d651b12e30df9b478687284b7bccc30f0e10cfd7d82ef18c2871fa128d9546aaff849ba5f19d3e81a31c5f1182152efd9b836ee8dc832540b2264f549d715eec7a40c04151876a4b3606940f1b6c2e490bd73b0d08412b7dd8746012b77387bbafbf9208fddf8cfeccf7fe5a23afee3f270cc443d0708cb436ca26a118ae7ed6a3f2e018ff845837b81e48cef270e2dd5b00fdd4f91c379ce615c96bf5dccbaaf910ddc298aaf5813d971d9fa9932bad4d989e6d496974bcd42c920c18633acbbcabb1674f6890717419bf4a846096cca6ff59df25f20d60edcdeb0a8f37194cb3ab09787d2e00aafe366918457afbb5b8a4a3de6dd0c3172578b94c53b6c00d830f9e16d803a2d551e64b7f5a9f3c2a66313ec0f42833827b416c3e20ceb7fa110e76461b9d13222364fd41e79ea17d6df32948acb8ebbe7089f6c49b4d6e4baba97e14603a1b59c44de03501b4fa04795e51bc389750d71f896d061ab1d189cb869467ea82797e2e2cf004837e54248cda0af0774c7a427ecb7ad0ff14cd5f0b94ac36408bf540429acad9429808fb0c422f47131152397d59387610ba06f228a075da06fe6202c6de70b6bcaddd1f4b573e1593765b0e055bb95cbe5140cca9d827d0091b6cb5154379d185d1bd5700c6e1c3b153242383d8178c18ccef26f87d1f3532c7a06d65fea5804f66a0b80c46fd275c529edd10f16ed40246e45d7a46afd38e9321e1bc50c39b616c270239bb7f9a15aebbae1664cba167aacfd85e7027c3846d6c6b6db29b61eea0a8235d4b7c6a95d1d7e82b4d75ba1924e3abe87238b61445af8dc52dd39b9cea27e0dcdaa68e267a8fa5dc26880c7dac97c0663a8c829bd3ded76e47d4e8d2ddb0dfaa9b5e7c96ec1ea1f0184f7da9ca2943a928800c8da5ce1d6edddd0cf61e0268e27a8d78c965dcb77691ff685aa184734bdc8380de7d5c8840115843e24f0302c953bd8e2b227c3a7726e1382a34698ccedd602bf5207517f603b5dcfc9c9077d96e1c085085df938f4bf4927ff4b85159f0efe148199adc41cc971a0d0baa3a27f65218417a6486832f5aab5d1b0199d8da1985d241e3dc643e8108772de431e608b3f93cf350060e5e6cdc0eac37e3bdeb12bef2b6202fc7d5bf4001fe7776c7b84f4dc591ce5a2948cd1a9907ed5bde66b3f988967cd62e8465bb3504daac509c409696d75cd4f68e7a27425ce7aae07ae18e81d95fd18c1795e29bb9d6fe01a4fb70bacf664a28ca7605a79ad7d1ee20d17a19ba0e3206ed6", 0x1000}], 0x2, &(0x7f0000001240)=[@assoc={0x18, 0x117, 0x4, 0x3}, @assoc={0x18, 0x117, 0x4, 0xffffffff}, @iv={0xa0, 0x117, 0x2, 0x85, "a5469ae02609eeda2d4cf90f556c6f11d54a5fdd19d88cc182f447c11ad1772f5b3c8ce996dcb9800a490aa67673b74a68e58e656d9cdd7686f62e3e370d4a4f1c9fb9c0c75a45c8445d6222e4a15373a88ffc4938937f2f2aa4318357a42a7c403fdc2daadd06916b38d2b6503e607592a2a4cf106ffad0c2d5ff9282d8b3f69c7ea9e1a1"}, @op={0x18, 0x117, 0x3, 0x1}], 0xe8, 0x4}], 0x1, 0x0) 14:23:25 executing program 3 (fault-call:7 fault-nth:29): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 450.345133][ T32] audit: type=1804 audit(1571495005.395:110): pid=13425 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/115/file0/bus" dev="ramfs" ino=38216 res=1 [ 450.374490][T13425] FAULT_INJECTION: forcing a failure. [ 450.374490][T13425] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 450.388685][T13425] CPU: 1 PID: 13425 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 450.396576][T13425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 450.406648][T13425] Call Trace: [ 450.409968][T13425] dump_stack+0x191/0x1f0 [ 450.414332][T13425] should_fail+0xa3f/0xa50 [ 450.418792][T13425] should_fail_alloc_page+0x1fb/0x270 [ 450.424181][T13425] __alloc_pages_nodemask+0x3c1/0x60c0 [ 450.429653][T13425] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 450.435764][T13425] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 450.441795][T13425] ? prep_new_page+0x792/0x9b0 [ 450.446575][T13425] ? get_page_from_freelist+0x11d3/0x19f0 [ 450.452324][T13425] kmsan_alloc_page+0x131/0x370 [ 450.457271][T13425] __alloc_pages_nodemask+0x149d/0x60c0 [ 450.462845][T13425] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 450.468751][T13425] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 450.474832][T13425] ? unlock_page_memcg+0x7a/0x1c0 [ 450.479871][T13425] ? kmsan_get_metadata+0x128/0x350 [ 450.485154][T13425] ? __msan_instrument_asm_store+0x98/0x150 [ 450.491046][T13425] ? wp_page_copy+0x2469/0x26d0 [ 450.495914][T13425] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 450.501811][T13425] alloc_pages_vma+0xc9d/0x18c0 [ 450.506678][T13425] handle_mm_fault+0x38f5/0x9f70 [ 450.511626][T13425] ? generic_file_read_iter+0x3e70/0x3e70 [ 450.517350][T13425] do_user_addr_fault+0x905/0x1510 [ 450.522472][T13425] __do_page_fault+0x1a2/0x410 [ 450.527249][T13425] do_page_fault+0xbb/0x500 [ 450.531749][T13425] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 450.537130][T13425] page_fault+0x4e/0x60 [ 450.541280][T13425] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 450.547872][T13425] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 450.567470][T13425] RSP: 0018:ffff88810491f778 EFLAGS: 00010206 [ 450.573548][T13425] RAX: ffffffff8496408c RBX: ffff8881b58f4628 RCX: 0000000000000300 [ 450.581524][T13425] RDX: 0000000000001000 RSI: ffff888180419d00 RDI: 0000000020005000 [ 450.589493][T13425] RBP: ffff88810491f7e8 R08: 0000000000000000 R09: 0000000000000002 [ 450.597461][T13425] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 450.605441][T13425] R13: ffff888180419000 R14: ffff88810491f780 R15: 0000000020004300 [ 450.613430][T13425] ? copyout+0xcc/0x1f0 [ 450.617591][T13425] ? copyout+0x113/0x1f0 [ 450.621837][T13425] copy_page_to_iter+0x6dc/0x1910 [ 450.626870][T13425] generic_file_read_iter+0x2979/0x3e70 [ 450.632443][T13425] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 450.638328][T13425] ? find_get_pages_range_tag+0xe60/0xe60 [ 450.644039][T13425] do_iter_readv_writev+0xa16/0xc30 [ 450.649262][T13425] ? find_get_pages_range_tag+0xe60/0xe60 [ 450.654980][T13425] do_iter_read+0x30b/0xe10 [ 450.659481][T13425] ? import_iovec+0x4ad/0x660 [ 450.664691][T13425] do_readv+0x37f/0x710 [ 450.668938][T13425] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 450.674841][T13425] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 450.680899][T13425] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 450.689739][T13425] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 450.695653][T13425] __se_sys_readv+0x9b/0xb0 [ 450.700238][T13425] __x64_sys_readv+0x4a/0x70 [ 450.704821][T13425] do_syscall_64+0xb6/0x160 [ 450.709321][T13425] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 450.715201][T13425] RIP: 0033:0x459a59 [ 450.719085][T13425] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 450.738688][T13425] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 14:23:25 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) write$binfmt_misc(r0, &(0x7f0000000280)=ANY=[], 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2061, 0x0) fcntl$setlease(r1, 0x400, 0x4) r2 = shmget$private(0x0, 0x13000, 0x0, &(0x7f0000feb000/0x13000)=nil) r3 = shmat(r2, &(0x7f0000fed000/0x4000)=nil, 0x4000) shmdt(r3) add_key$user(&(0x7f0000000740)='user\x00', 0x0, &(0x7f00000004c0), 0x0, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000400), &(0x7f0000000080)=""/92, 0x5c, 0x0) socket$netlink(0x10, 0x3, 0x0) r4 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x2) ioctl$BLKDISCARD(r4, 0x1277, &(0x7f0000000080)) r5 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r5, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) sendmmsg$inet6(r5, &(0x7f0000005ec0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="5800000000000000290000003700000000070000000000000738000000000c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000088000000000000002900000036000000000d000000000000006743d6af40b886efa748987dc4d936debd7c3500bb7f84ccc7dc058a8146fc9340f966c72be1145ab4a2c514f23e4eeea89c2feb2a5ef08cc34a4a23a649850cf733c939ba05e403e1927165426a5e275aa055ee16098747b570907b7f2a42df5e78979ccafd9f2f00000000000000280000000000000829000000370000000001000000000000040100c20400000000c20400000000001400000000000000290000004300000000000000000000002000000000000000290000003700000000000000000000000401000000000000380000000000000029000000040000000003000000000000000100c91000000000000000000000ffff00000000010200000000000000000064647b8fd9d6b82257e29787fee173ac40cb42c64a64fbe251d6a9b774bf192298f8ca7734bf00720097f88757264f7397c6af12f5272353688b8eeb568228a9bb77d6344ada5251c285e2024aff706b2b3f685fa50b6937369e7ea52741f5680c2b6e4d54edfd1f20ee6d65b8d368cc1b1b07dcab2f422ee0699fe6dc250fd5cb42da27fe8bf0c3b91270a16705f3293299"], 0x178}}], 0x2, 0x0) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) [ 450.747116][T13425] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 450.755102][T13425] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 450.763067][T13425] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 450.771048][T13425] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 450.779012][T13425] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 450.852182][T11495] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 450.860309][ T5] usb 1-1: new high-speed USB device number 30 using dummy_hcd 14:23:25 executing program 4: r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x74, 0x1a, 0xde, 0x8, 0x586, 0x341f, 0xe797, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x5c, 0x0, 0x2, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0x8a}}, {{0x9, 0x5, 0x1}}]}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="46fc7fbf129d68030f8c01a7df0f8b18f3b01b2b7a9f58d9f701b5000100000000000000"], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000d40)={0x2c, &(0x7f0000000080)={0x0, 0x0, 0xc7, "4450c8f751775bd5abc3912977a960374a9194dfcbf16777da0273ef0bf314bdff63af95593c307a2b3e63a8cbdeb0cf9cc26e8fa6288dab2266a226ec05663279ef6b987a38bd56aaba23e6d851279af2ffb2ced5a13a451ce687f5ba6b06fb6406fd044882556be404fb5a3eda240a6877522b8fbbefbd7440ef227302a79d0cff5da8ed13bea283885fde24e845a291f0ad3e503a00e3b5e62c96035f35f25fe8b572fb8c74df3fd48d957894850643b2e7f96091f444c000dcd160b327323a70df2eaa7299"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000f40)={0x2c, &(0x7f0000000300), 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001a40)={0x2c, &(0x7f0000001300)=ANY=[], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000005300)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="83000000009d14e6"], 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$cec(&(0x7f00000001c0)='/dev/cec#\x00', 0x2, 0x2) setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, &(0x7f0000000200)=0x1, 0x4) 14:23:26 executing program 5: r0 = syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x2, 0xa0001) write$binfmt_elf64(r0, &(0x7f0000000680)=ANY=[@ANYBLOB="7f454c46000000000000000000000000000000009730164df68993778dadaf3efaab0000000100d200000000000000000000000000400038000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000099d91a14361998ad56f4b6a5f0e79800000000000000000000ed0000000000000000000000003286000000000000000071d23d140000680abcc8160b92b70406f582f1900000000000000000000000000000000000000000000000e6ff38d3e8bc8c4766bcfe18bf1000000000000000000000000000000000000000e387aed6946de3ad5c62644b1d0000000000000000000000000000000000000000000000000000000000000000000200000000000000000000002000000000000000000000000000000000000000002a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000034000"/448], 0x1c0) mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x3, &(0x7f0000c87000/0x2000)=nil) r1 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write(r0, &(0x7f00000001c0)='(', 0x20000339) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) sync_file_range(r2, 0x8001, 0x1c00000000, 0x4) r3 = socket$inet6(0x10, 0x6, 0x0) ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000100)={&(0x7f0000aab000/0x4000)=nil, 0xffff, 0x4, 0x20, &(0x7f0000ffc000/0x3000)=nil, 0x9}) sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140), 0x307, 0x0, 0x186}, 0x2400c081) getsockopt$inet_sctp6_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) 14:23:26 executing program 3 (fault-call:7 fault-nth:30): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 451.058583][ T32] audit: type=1804 audit(1571495006.105:111): pid=13439 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/116/file0/bus" dev="ramfs" ino=37775 res=1 14:23:26 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x10100d, 0x0) r1 = memfd_create(&(0x7f0000000180)=')\\\x00', 0x0) write$binfmt_aout(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="00bf18020003"], 0x6) write$binfmt_misc(r1, &(0x7f00000001c0)={'syz0'}, 0x4) sendfile(r0, r1, &(0x7f0000000000), 0x40) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000000)={r6}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000080)={r6, 0x8001, 0x10}, &(0x7f0000000100)=0xc) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000140)={0x4, 0x1, 0xbcb, 0x6000000, r7}, &(0x7f0000000200)=0x10) [ 451.114683][ T5] usb 1-1: Using ep0 maxpacket: 8 [ 451.118549][T13439] FAULT_INJECTION: forcing a failure. [ 451.118549][T13439] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 451.134236][T13439] CPU: 1 PID: 13439 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 451.142197][T13439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 451.152303][T13439] Call Trace: [ 451.155680][T13439] dump_stack+0x191/0x1f0 [ 451.160093][T13439] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.166107][T13439] should_fail+0xa3f/0xa50 [ 451.170632][T13439] should_fail_alloc_page+0x1fb/0x270 [ 451.176088][T13439] __alloc_pages_nodemask+0x3c1/0x60c0 [ 451.181621][T13439] ? do_syscall_64+0xb6/0x160 [ 451.186361][T13439] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.192622][T13439] ? get_page_from_freelist+0x11d3/0x19f0 [ 451.198453][T13439] ? kmsan_get_metadata+0x39/0x350 [ 451.203655][T13439] ? kmsan_internal_set_origin+0x6a/0xb0 [ 451.209464][T13439] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.215468][T13439] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.221441][T13439] alloc_pages_current+0x68d/0x9a0 [ 451.226656][T13439] __page_cache_alloc+0x95/0x320 [ 451.231668][T13439] pagecache_get_page+0xaf1/0x1220 [ 451.234199][T11495] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 451.236881][T13439] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.245046][T11495] usb 2-1: config 0 has no interface number 0 [ 451.250850][T13439] filemap_fault+0x2632/0x2b70 [ 451.257286][T11495] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=21.4e [ 451.261793][T13439] ? generic_file_read_iter+0x3e70/0x3e70 [ 451.270964][T11495] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 451.277125][T13439] handle_mm_fault+0x8043/0x9f70 [ 451.277214][T13439] do_user_addr_fault+0x905/0x1510 [ 451.277287][T13439] __do_page_fault+0x1a2/0x410 [ 451.286322][ T5] usb 1-1: config 0 has an invalid interface number: 142 but max is 0 [ 451.290211][T13439] do_page_fault+0xbb/0x500 [ 451.290277][T13439] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 451.295486][ T5] usb 1-1: config 0 has no interface number 0 [ 451.300190][T13439] page_fault+0x4e/0x60 [ 451.329171][T13439] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 451.335828][T13439] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 451.355511][T13439] RSP: 0018:ffff88818047f778 EFLAGS: 00010206 [ 451.361652][T13439] RAX: ffffffff8496408c RBX: ffff8881b58f09a8 RCX: 0000000000000300 [ 451.369688][T13439] RDX: 0000000000001000 RSI: ffff888189ca1d00 RDI: 0000000020005000 [ 451.377722][T13439] RBP: ffff88818047f7e8 R08: 0000000000000000 R09: 0000000000000002 [ 451.385747][T13439] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 451.393861][T13439] R13: ffff888189ca1000 R14: ffff88818047f780 R15: 0000000020004300 [ 451.401914][T13439] ? copyout+0xcc/0x1f0 [ 451.406110][T13439] ? copyout+0x113/0x1f0 [ 451.410742][T13439] copy_page_to_iter+0x6dc/0x1910 [ 451.415829][T13439] generic_file_read_iter+0x2979/0x3e70 [ 451.421556][T13439] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.427655][T13439] ? find_get_pages_range_tag+0xe60/0xe60 [ 451.433432][T13439] do_iter_readv_writev+0xa16/0xc30 [ 451.438698][T13439] ? find_get_pages_range_tag+0xe60/0xe60 [ 451.444550][T13439] do_iter_read+0x30b/0xe10 [ 451.449093][T13439] ? import_iovec+0x4ad/0x660 [ 451.453815][T13439] do_readv+0x37f/0x710 [ 451.458209][T13439] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.464141][T13439] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 451.470498][T13439] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 451.476254][T13439] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.482177][T13439] __se_sys_readv+0x9b/0xb0 [ 451.487236][T13439] __x64_sys_readv+0x4a/0x70 [ 451.491866][T13439] do_syscall_64+0xb6/0x160 [ 451.496416][T13439] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 451.502323][T13439] RIP: 0033:0x459a59 [ 451.506246][T13439] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 451.525871][T13439] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 451.534314][T13439] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 451.542315][T13439] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 451.550310][T13439] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 451.558299][T13439] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 451.566294][T13439] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 451.593990][ T5] usb 1-1: New USB device found, idVendor=05e3, idProduct=0502, bcdDevice=e6.5c [ 451.603332][ T5] usb 1-1: New USB device strings: Mfr=128, Product=0, SerialNumber=0 [ 451.611602][ T5] usb 1-1: Manufacturer: syz [ 451.624266][ T5] usb 1-1: config 0 descriptor?? [ 451.640450][T11495] usb 2-1: config 0 descriptor?? [ 451.663830][ T5] hub 1-1:0.142: ignoring external hub 14:23:26 executing program 3 (fault-call:7 fault-nth:31): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 451.677587][ T5] gl620a 1-1:0.142 usb0: register 'gl620a' at usb-dummy_hcd.0-1, Genesys GeneLink, 9e:ff:85:36:55:64 [ 451.694205][T11495] cdc_ether 2-1:0.50: skipping garbage [ 451.699844][T11495] usb 2-1: bad CDC descriptors [ 451.705467][T11495] usb 2-1: unsupported MDLM descriptors 14:23:26 executing program 5: r0 = socket$inet6(0xa, 0x801, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0xae, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaa81192bce5e2ffb86dd6007000000780600fe8000000000000000000d00000000aafe8000000000000000000000004000aa00004e20", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="e0c2000090780000fe06e2d4c3d9051e0000000000000000000000000000000000000000000000000000000013120000008080000000400000000100008005220000000000000000000000000000000000000000000000000000000000000000080a00"/108], 0x0) [ 451.741989][ T3380] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 451.797413][ T32] audit: type=1804 audit(1571495006.845:112): pid=13451 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/117/file0/bus" dev="ramfs" ino=38275 res=1 [ 451.849129][T13451] FAULT_INJECTION: forcing a failure. [ 451.849129][T13451] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 451.862903][T13451] CPU: 1 PID: 13451 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 451.870837][T13451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 451.880927][T13451] Call Trace: [ 451.884275][T13451] dump_stack+0x191/0x1f0 [ 451.889467][T13451] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.895477][T13451] should_fail+0xa3f/0xa50 [ 451.900091][T13451] should_fail_alloc_page+0x1fb/0x270 [ 451.905554][T13451] __alloc_pages_nodemask+0x3c1/0x60c0 [ 451.911135][T13451] ? __do_page_fault+0x1a2/0x410 [ 451.916178][T13451] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.922161][T13451] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 451.928301][T13451] ? xas_load+0x8d7/0x930 [ 451.932745][T13451] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.938735][T13451] alloc_pages_current+0x68d/0x9a0 [ 451.943950][T13451] __page_cache_alloc+0x95/0x320 [ 451.948961][T13451] generic_file_read_iter+0x1e3e/0x3e70 [ 451.954650][T13451] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.960622][T13451] ? find_get_pages_range_tag+0xe60/0xe60 [ 451.966400][T13451] do_iter_readv_writev+0xa16/0xc30 [ 451.971659][T13451] ? find_get_pages_range_tag+0xe60/0xe60 [ 451.977433][T13451] do_iter_read+0x30b/0xe10 [ 451.982000][T13451] ? import_iovec+0x4ad/0x660 [ 451.986730][T13451] do_readv+0x37f/0x710 [ 451.990935][T13451] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 451.996866][T13451] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 452.002963][T13451] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 452.008713][T13451] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 452.014642][T13451] __se_sys_readv+0x9b/0xb0 [ 452.019195][T13451] __x64_sys_readv+0x4a/0x70 [ 452.023823][T13451] do_syscall_64+0xb6/0x160 [ 452.028360][T13451] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 452.034267][T13451] RIP: 0033:0x459a59 [ 452.038190][T13451] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 452.057900][T13451] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 452.066342][T13451] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 452.074340][T13451] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 452.082502][T13451] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 452.090505][T13451] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 452.098496][T13451] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 452.117909][ T5] usb 1-1: USB disconnect, device number 30 [ 452.124625][ T5] gl620a 1-1:0.142 usb0: unregister 'gl620a' usb-dummy_hcd.0-1, Genesys GeneLink 14:23:27 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x0, 0x100) ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000080)={0x2, @pix={0x0, 0xffffffe1, 0xb5315258, 0x2, 0xe6a3, 0x1, 0xa, 0x6, 0x1, 0x4, 0x0, 0x58d04557637a8bc}}) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sysinfo(&(0x7f0000000000)=""/22) ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x401) sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xffffffffffffffd3, &(0x7f0000000680), 0x1000000000000194}, 0x0) syz_open_dev$adsp(&(0x7f0000000280)='/dev/adsp#\x00', 0x1, 0x200) r3 = socket$inet(0x10, 0x2, 0x0) socketpair(0x4, 0x40000, 0x6, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$sock_inet_sctp_SIOCINQ(r5, 0x541b, &(0x7f0000000240)) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r4, 0x110, 0x4, &(0x7f0000000200)=0x1, 0x4) ioctl$sock_ifreq(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00\xeej\x01\x0f\'@\x00', @ifru_flags=0x814a010000000016}) [ 452.242097][ T3380] usb 5-1: Using ep0 maxpacket: 8 [ 452.328932][ T5] usb 2-1: USB disconnect, device number 28 [ 452.388261][ T3380] usb 5-1: config 0 has an invalid interface number: 92 but max is 0 [ 452.396542][ T3380] usb 5-1: config 0 has no interface number 0 [ 452.402868][ T3380] usb 5-1: New USB device found, idVendor=0586, idProduct=341f, bcdDevice=e7.97 [ 452.412103][ T3380] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 452.496591][ T3380] usb 5-1: config 0 descriptor?? [ 452.702229][T11495] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 452.755481][ T3380] rtl8192cu: Chip version 0x10 [ 452.942337][T11495] usb 1-1: Using ep0 maxpacket: 8 [ 453.062234][T11495] usb 1-1: config 0 has an invalid interface number: 142 but max is 0 [ 453.071496][T11495] usb 1-1: config 0 has no interface number 0 [ 453.142061][ T5] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 453.153786][T11495] usb 1-1: New USB device found, idVendor=05e3, idProduct=0502, bcdDevice=e6.5c [ 453.163090][T11495] usb 1-1: New USB device strings: Mfr=128, Product=0, SerialNumber=0 [ 453.171285][T11495] usb 1-1: Manufacturer: syz [ 453.178555][T11495] usb 1-1: config 0 descriptor?? [ 453.223074][T11495] hub 1-1:0.142: ignoring external hub [ 453.234256][T11495] gl620a 1-1:0.142 usb0: register 'gl620a' at usb-dummy_hcd.0-1, Genesys GeneLink, 9e:ff:85:36:55:64 [ 453.422325][ T3380] rtl_usb: rx_max_size 15360, rx_urb_num 8, in_ep 1 [ 453.429570][ T3380] usb 5-1: This Realtek USB WiFi dongle (0x0586:0x341f) is untested! [ 453.437942][ T3380] usb 5-1: Please report results to Jes.Sorensen@gmail.com [ 453.524641][ T5] usb 2-1: config 0 has an invalid interface number: 50 but max is 0 [ 453.533814][ T5] usb 2-1: config 0 has no interface number 0 [ 453.540121][ T5] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=21.4e [ 453.549509][ T5] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 453.577642][ T5] usb 2-1: config 0 descriptor?? [ 453.602526][T11495] usb 1-1: USB disconnect, device number 31 [ 453.609104][T11495] gl620a 1-1:0.142 usb0: unregister 'gl620a' usb-dummy_hcd.0-1, Genesys GeneLink [ 453.624406][ T5] cdc_ether 2-1:0.50: skipping garbage [ 453.630127][ T5] usb 2-1: bad CDC descriptors [ 453.636405][ T5] usb 2-1: unsupported MDLM descriptors [ 453.828273][T11559] usb 2-1: USB disconnect, device number 29 [ 453.894632][ T3380] usb 5-1: Unsupported USB TX end-points [ 453.900489][ T3380] usb 5-1: Fatal - failed to identify chip [ 453.907433][ T3380] rtl8xxxu: probe of 5-1:0.92 failed with error -524 14:23:29 executing program 5: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00000000c0)="3e0000004e001f00ff03ce35588605000a04f5110800010042342d7992dc73394155db72f3bf01e284a9d174e26b0201000208fd028001cba800b6f7f796276f3345baf37f54de5a860ba362b6eac407f8fff1111c3a", 0x56) r1 = socket$inet6(0x10, 0x3, 0x0) r2 = socket(0x2, 0x3, 0x7) connect$inet(r2, &(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10) getsockopt$sock_buf(r2, 0x1, 0x1c, &(0x7f0000e530e9)=""/16, &(0x7f00000001c0)=0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000010500"/20, @ANYRESDEC=0x0, @ANYBLOB="000000001f000000000000000c00010069703667726500001400020008000c000000000008000100", @ANYRES32=r5], 0x4}}, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000400)=@report={0x230, 0x20, 0x100, 0x70bd27, 0x25dfdbff, {0x0, {@in=@empty, @in6=@loopback, 0x4e23, 0x20, 0x4e20, 0x8000, 0x0, 0x80, 0x140, 0x2b, r5, r7}}, [@algo_auth={0x114, 0x1, {{'sha224-avx2\x00'}, 0x650, "47310c336c6217a7ba9340369dae4ccede788c7497b4ee18ef67b49e8471a6b4a10980df28f7e4bea97d9548a26bcd6725b8472c0d9e7396408d6876bd8c35181b7999d5e48bfc5dc902aeb75b1c59e70d236777a2eee97bdb86c71d0246d4ef12a2f9f4227f12e8862788ba8aff269a088e64d3f220d681aef008e25d2c08125f66d2c5df3ab780f096066be10bd6e78c1d7a958038066d46ed967bc742aa0f5c135c787340787a802207cf37bedda30a57e3e44a23f9a02c2e96bd6461502ef62f89767715e73e9f35"}}, @algo_auth_trunc={0x6c, 0x14, {{'wp384\x00'}, 0xf8, 0x0, "31f2ae94281c7c993d01169cfb0a9b3d1af50ab43a9b5d1272887143389f15"}}, @algo_aead={0x64, 0x12, {{'authenc(sha3-512,ctr(camellia))\x00'}, 0xa8, 0x100, "f25fe45c182b394967e1fbc7b0a0c4a658da746611"}}]}, 0x230}, 0x1, 0x0, 0x0, 0x834c9fed93b9419f}, 0x40) fsetxattr$security_capability(r4, &(0x7f0000000000)='security.capability\x00', &(0x7f0000000140)=@v3={0x3000000, [{0x10001, 0x1}, {0x800, 0xca}], r7}, 0xa, 0x2) r8 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r8, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f0000000280)=0x3) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x5000000, 0x2010, r1, 0x0) 14:23:29 executing program 2: r0 = socket$inet(0x2, 0x802, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f00006cdffb)="8907040000", 0x5) recvfrom$inet(r0, &(0x7f0000000140)=""/203, 0x18, 0x100, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x8) arch_prctl$ARCH_GET_CPUID(0x1011) sendmmsg(r0, &(0x7f0000005c00)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e20, @multicast1}, 0x80, 0x0}}, {{&(0x7f00000035c0)=@in={0x2, 0x4e20}, 0x80, 0x0}}], 0x2, 0x0) 14:23:29 executing program 3 (fault-call:7 fault-nth:32): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:29 executing program 0: syz_usb_connect(0x0, 0x368, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000867b3708f71d002535a9000000010902120001000000000904d70000b4fc5d00248d8e257e7f5d9313a66d26eb298868968134a0b4e239f78218"], 0x0) [ 453.955985][ T3380] usb 5-1: USB disconnect, device number 18 [ 454.003486][ T32] audit: type=1804 audit(1571495009.055:113): pid=13496 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/118/file0/bus" dev="ramfs" ino=39053 res=1 [ 454.011320][T13496] FAULT_INJECTION: forcing a failure. [ 454.011320][T13496] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 454.038284][T13496] CPU: 0 PID: 13496 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 454.046184][T13496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 454.056255][T13496] Call Trace: [ 454.059571][T13496] dump_stack+0x191/0x1f0 [ 454.063949][T13496] should_fail+0xa3f/0xa50 [ 454.068408][T13496] should_fail_alloc_page+0x1fb/0x270 [ 454.073803][T13496] __alloc_pages_nodemask+0x3c1/0x60c0 [ 454.079302][T13496] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 454.085233][T13496] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 454.091239][T13496] ? prep_new_page+0x792/0x9b0 [ 454.096146][T13496] ? get_page_from_freelist+0x11d3/0x19f0 [ 454.101908][T13496] kmsan_alloc_page+0x131/0x370 [ 454.106796][T13496] __alloc_pages_nodemask+0x149d/0x60c0 [ 454.112361][T13496] ? do_syscall_64+0xb6/0x160 [ 454.117064][T13496] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.123156][T13496] ? get_page_from_freelist+0x11d3/0x19f0 [ 454.128970][T13496] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 454.134907][T13496] alloc_pages_current+0x68d/0x9a0 [ 454.140060][T13496] __page_cache_alloc+0x95/0x320 [ 454.145029][T13496] pagecache_get_page+0xaf1/0x1220 14:23:29 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000005380)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x93a, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x22}}}}]}}]}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800b5055e0bcfe87b0071") r2 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x0, 0x1a547ed5c71eb06}}, 0x20) r3 = syz_open_dev$mice(&(0x7f0000000480)='/dev/input/mice\x00', 0x0, 0x0) ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f00000004c0)={0x400000000000000, 0x5000, 0x7f, 0x74ae57952125d78, 0x13}) r4 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x200000008002) r5 = dup2(r4, r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x8, 'queue1\x00', 0x3}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, &(0x7f0000000100)={{0x3, 0x0, @descriptor="ab0dedafd8baef23"}}) write$sndseq(r2, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}], 0xffffff76) syz_usb_control_io$hid(r0, 0x0, 0x0) r6 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r6, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$IOC_PR_RESERVE(r6, 0x401070c9, &(0x7f0000000300)={0x1ff, 0x32d6, 0x1}) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="00222200000007040eccf7027c040720001700a00b0000001497f3191a4a251ec4791702fd180000"], 0x0}, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) write$FUSE_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x18, 0x0, 0x4, {0x84e3}}, 0x18) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r6, 0xc0506617, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000000000000e6830bb465ce860b859c1e369947fcd84f1702f3329e66340ccb66e6d0a5e19a6c00000000000000000000fcffffffffffffff000000000000000000000000000000000000000000eaedf06d9bed2d66737eecb8b5cb9af6db4abdd12c14de8d3a6b6f940240d0f9b36748881f74c3406e17eb32fb2b4deb632b1668909856a670d9f37fccc2f8fa44b70a3280e78687612506df1787b648949a4deeea6fe3a5e4a62de78943ecacf55714db349fdef6a6546926"]) r9 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r9, 0x80006040045010, &(0x7f0000000140)=0x3) r10 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r10, 0x80006040045010, &(0x7f0000000140)=0x3) r11 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r11, 0x80006040045010, &(0x7f0000000140)=0x3) prctl$PR_GET_ENDIAN(0x13, &(0x7f0000000400)) ioctl$VHOST_GET_FEATURES(r11, 0x8008af00, &(0x7f00000002c0)) [ 454.150164][T13496] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 454.156097][T13496] filemap_fault+0x2632/0x2b70 [ 454.160908][T13496] ? generic_file_read_iter+0x3e70/0x3e70 [ 454.166640][T13496] handle_mm_fault+0x8043/0x9f70 [ 454.166690][T13496] do_user_addr_fault+0x905/0x1510 [ 454.166732][T13496] __do_page_fault+0x1a2/0x410 [ 454.166757][T13496] do_page_fault+0xbb/0x500 [ 454.166779][T13496] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 454.166800][T13496] page_fault+0x4e/0x60 [ 454.166818][T13496] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 454.166833][T13496] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 454.166842][T13496] RSP: 0018:ffff88817f83f778 EFLAGS: 00010206 [ 454.166856][T13496] RAX: ffffffff8496408c RBX: ffff8881a96ea7e8 RCX: 0000000000000300 [ 454.166866][T13496] RDX: 0000000000001000 RSI: ffff8881849ffd00 RDI: 0000000020005000 [ 454.166874][T13496] RBP: ffff88817f83f7e8 R08: 0000000000000000 R09: 0000000000000002 [ 454.166884][T13496] R10: 0000000000000000 R11: ffffffff81d4e001 R12: 0000000000001000 [ 454.166893][T13496] R13: ffff8881849ff000 R14: ffff88817f83f780 R15: 0000000020004300 [ 454.166928][T13496] ? find_get_pages_range_tag+0xe51/0xe60 [ 454.176995][T13496] ? copyout+0xcc/0x1f0 [ 454.202340][T13496] ? copyout+0x113/0x1f0 [ 454.228022][T13496] copy_page_to_iter+0x6dc/0x1910 [ 454.243956][T13496] generic_file_read_iter+0x2979/0x3e70 [ 454.244030][T13496] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 454.259969][T13496] ? find_get_pages_range_tag+0xe60/0xe60 [ 454.305190][T13496] do_iter_readv_writev+0xa16/0xc30 [ 454.310420][T13496] ? find_get_pages_range_tag+0xe60/0xe60 [ 454.316145][T13496] do_iter_read+0x30b/0xe10 [ 454.320648][T13496] ? import_iovec+0x4ad/0x660 [ 454.325425][T13496] do_readv+0x37f/0x710 [ 454.329583][T13496] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 454.335471][T13496] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 454.341529][T13496] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 454.347238][T13496] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 454.353127][T13496] __se_sys_readv+0x9b/0xb0 [ 454.357637][T13496] __x64_sys_readv+0x4a/0x70 [ 454.362229][T13496] do_syscall_64+0xb6/0x160 [ 454.366722][T13496] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 454.372603][T13496] RIP: 0033:0x459a59 [ 454.376489][T13496] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 454.396112][T13496] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 454.404611][T13496] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 454.412586][T13496] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 454.420556][T13496] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 454.428514][T13496] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 454.436491][T13496] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 454.612423][ T31] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 454.812096][T11559] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 454.819925][ T3380] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 454.852250][ T31] usb 1-1: Using ep0 maxpacket: 8 [ 454.972453][ T31] usb 1-1: config 0 has an invalid interface number: 215 but max is 0 [ 454.980778][ T31] usb 1-1: config 0 has no interface number 0 [ 454.987006][ T31] usb 1-1: New USB device found, idVendor=1df7, idProduct=2500, bcdDevice=a9.35 [ 454.996214][ T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.005872][ T31] usb 1-1: config 0 descriptor?? [ 455.052368][T11559] usb 2-1: Using ep0 maxpacket: 8 [ 455.062856][ T3380] usb 5-1: Using ep0 maxpacket: 8 [ 455.092473][ T31] msi2500 1-1:0.215: Registered as swradio16 [ 455.098568][ T31] msi2500 1-1:0.215: SDR API is still slightly experimental and functionality changes may follow [ 455.182274][T11559] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 455.193804][T11559] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 455.206881][T11559] usb 2-1: New USB device found, idVendor=093a, idProduct=8001, bcdDevice= 0.00 [ 455.216099][T11559] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.225176][ T3380] usb 5-1: config 0 has an invalid interface number: 92 but max is 0 [ 455.234088][ T3380] usb 5-1: config 0 has no interface number 0 [ 455.240342][ T3380] usb 5-1: New USB device found, idVendor=0586, idProduct=341f, bcdDevice=e7.97 [ 455.249589][ T3380] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.259304][T11495] usb 1-1: USB disconnect, device number 32 [ 455.259530][T11559] usb 2-1: config 0 descriptor?? [ 455.271343][ T3380] usb 5-1: config 0 descriptor?? 14:23:30 executing program 3 (fault-call:7 fault-nth:33): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:30 executing program 2: r0 = memfd_create(&(0x7f00000000c0)='\x14Ym1\xa9\xa22\x0fN\xcb\xa2\xba\xe5\xf4\x97\x00\x04\x00\x00', 0x0) write(r0, &(0x7f0000000040)="06", 0x3d1) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r1, 0x10d, 0x8a, 0x0, &(0x7f0000000000)=0xfffffcf2) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcs\x00', 0x20000, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000100)={0xf000000, 0x8, 0x1ff, [], &(0x7f0000000080)={0xa30904, 0x3e, [], @ptr=0xfff}}) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) msgget(0x0, 0x102) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000340)=ANY=[@ANYBLOB="2c965d8720d4a454af7e04b0f4eff3d8b4422ed949443467d3a753cb41eed2a9edd68f283c983d6d47080323b433bc205d9bc965bd867e2bbc76506cc6004c3e6c8a972e9987ff952dcb008208c4953b958800ea0bf3502f20d21462ff49978612796d5fe3c2e84e9e9634ba46d5c97e", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) r6 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f0000000300)=ANY=[@ANYBLOB="010000005c33514a6b8d47bcd8f4", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) r9 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r10 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r11 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vsock\x00', 0x400, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r11, 0x84, 0x18, &(0x7f00000002c0)={r8}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x73, &(0x7f0000000140)={r8, 0x2, 0x0, 0x3, 0x96}, &(0x7f0000000200)=0x18) r12 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r12, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_S_CTRL(r12, 0xc008561c, &(0x7f00000003c0)={0x401, 0x401}) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000000)={r5}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f00000001c0)={r5, 0x200, 0xd38c}, 0x8) 14:23:30 executing program 4: r0 = io_uring_setup(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, [], {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/11, 0x4000}, {&(0x7f0000000000)=""/91}, {&(0x7f0000000100)=""/60}, {&(0x7f0000000180)=""/56, 0x24d}, {&(0x7f0000001640)=""/4096, 0xfffffffffffffc94}], 0x200000000000023c) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000002, 0x2010, r1, 0x0) 14:23:30 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000200)={0xfffffffffffffffc}, &(0x7f0000000240)) [ 455.508457][ T32] audit: type=1804 audit(1571495010.555:114): pid=13518 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/119/file0/bus" dev="ramfs" ino=38425 res=1 [ 455.545888][T13518] FAULT_INJECTION: forcing a failure. [ 455.545888][T13518] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 455.559918][T13518] CPU: 1 PID: 13518 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 455.567875][T13518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 455.577981][T13518] Call Trace: [ 455.581352][T13518] dump_stack+0x191/0x1f0 [ 455.585769][T13518] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 455.591777][T13518] should_fail+0xa3f/0xa50 [ 455.596294][T13518] should_fail_alloc_page+0x1fb/0x270 [ 455.601753][T13518] __alloc_pages_nodemask+0x3c1/0x60c0 [ 455.610524][T13518] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 455.616593][T13518] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 455.622744][T13518] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 455.628881][T13518] ? __list_add_valid+0xb8/0x430 [ 455.633911][T13518] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 455.640082][T13518] ? free_unref_page_commit+0x31c/0x730 [ 455.645745][T13518] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 455.651747][T13518] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 455.657725][T13518] alloc_pages_vma+0xc9d/0x18c0 [ 455.662684][T13518] handle_mm_fault+0x38f5/0x9f70 [ 455.667715][T13518] ? generic_file_read_iter+0x3e70/0x3e70 [ 455.673529][T13518] do_user_addr_fault+0x905/0x1510 [ 455.678762][T13518] __do_page_fault+0x1a2/0x410 [ 455.683610][T13518] do_page_fault+0xbb/0x500 [ 455.688191][T13518] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 455.693647][T13518] page_fault+0x4e/0x60 [ 455.697891][T13518] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 455.704539][T13518] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 455.727045][T13518] RSP: 0018:ffff8881827bf778 EFLAGS: 00010206 [ 455.733192][T13518] RAX: ffffffff8496408c RBX: ffff8881b58f27e8 RCX: 0000000000000300 [ 455.741286][T13518] RDX: 0000000000001000 RSI: ffff88817f9f9d00 RDI: 0000000020005000 [ 455.749279][T13518] RBP: ffff8881827bf7e8 R08: 0000000000000000 R09: 0000000000000002 [ 455.757709][T13518] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 455.765730][T13518] R13: ffff88817f9f9000 R14: ffff8881827bf780 R15: 0000000020004300 [ 455.773761][T13518] ? copyout+0xcc/0x1f0 [ 455.777950][T13518] ? copyout+0x113/0x1f0 [ 455.782228][T13518] copy_page_to_iter+0x6dc/0x1910 [ 455.787306][T13518] generic_file_read_iter+0x2979/0x3e70 [ 455.792931][T13518] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 455.798866][T13518] ? find_get_pages_range_tag+0xe60/0xe60 [ 455.804615][T13518] do_iter_readv_writev+0xa16/0xc30 [ 455.809945][T13518] ? find_get_pages_range_tag+0xe60/0xe60 [ 455.815695][T13518] do_iter_read+0x30b/0xe10 [ 455.820231][T13518] ? import_iovec+0x4ad/0x660 [ 455.824962][T13518] do_readv+0x37f/0x710 [ 455.829167][T13518] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 455.835092][T13518] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 455.841187][T13518] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 455.846939][T13518] __se_sys_readv+0x9b/0xb0 [ 455.851475][T13518] __x64_sys_readv+0x4a/0x70 [ 455.856104][T13518] do_syscall_64+0xb6/0x160 [ 455.860639][T13518] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 455.866553][T13518] RIP: 0033:0x459a59 [ 455.870488][T13518] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 455.890117][T13518] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 455.898556][T13518] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 455.906555][T13518] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 455.914556][T13518] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 455.922559][T13518] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 455.930551][T13518] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:31 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$ALG_SET_AEAD_AUTHSIZE(r1, 0x117, 0x5, 0x0, 0x9) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0800b5055e0bcfe87b0071") setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='veth1_to_bridge\x00', 0x10) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x3) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e23, @local}}, [0x3, 0x98e9b81, 0x101, 0xfffe, 0x1, 0x1, 0x100, 0x3, 0x10001, 0xaa, 0x0, 0xfffffffffffffff9, 0x100000001, 0x9, 0x7fffffff]}, &(0x7f00000000c0)=0x100) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000280)={r4, @in={{0x2, 0x4e22, @remote}}, 0x5, 0x100, 0x4, 0x7, 0x99}, 0x98) r5 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) write$apparmor_exec(r5, &(0x7f0000000000)={'stack ', 'u\x00'}, 0x7) close(r2) execve(&(0x7f0000000700)='./file0\x00', 0x0, 0x0) [ 456.013560][T11559] hid (null): invalid report_count 1243224563 [ 456.019831][T11559] hid (null): unknown global tag 0xc [ 456.049654][T11559] hid-sensor-hub 0003:093A:8001.0007: unknown main item tag 0x0 14:23:31 executing program 5: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) mmap$usbfs(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x8, 0x110, r0, 0x24) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1b1c, 0x1b34, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000180)={r3, 0x1, 0x100000000, 0xfffff000}) syz_usb_control_io(r2, &(0x7f0000000540)={0x2c, &(0x7f0000000400)={0x0, 0x0, 0x33, {0x33, 0x0, "90861c9b5edf0ef70a3e257eef9f911bdeb7c22db7b1ae26c9d6080ec08dd0465102cbd7b197d2a1996b20e8db2d431626"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) r4 = syz_open_dev$hidraw(&(0x7f0000000080)='/dev/hidraw#\x00', 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, 0x0) r5 = getpid() rt_tgsigqueueinfo(r5, r5, 0x16, &(0x7f0000000000)) ptrace(0x10, r5) ptrace$getregset(0x4204, r5, 0x2, &(0x7f0000000100)={&(0x7f0000001300)=""/4096, 0x1000}) move_pages(r5, 0x4, &(0x7f00000000c0)=[&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil], &(0x7f0000000100)=[0x6, 0x3, 0x6bb7, 0x3f, 0x2, 0x1f], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xd71270a0e481ceff) 14:23:31 executing program 3 (fault-call:7 fault-nth:34): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 456.057914][T11559] hid-sensor-hub 0003:093A:8001.0007: invalid report_count 1243224563 [ 456.066467][T11559] hid-sensor-hub 0003:093A:8001.0007: item 0 4 1 9 parsing failed [ 456.074905][T11559] hid-sensor-hub 0003:093A:8001.0007: parse failed [ 456.081732][T11559] hid-sensor-hub: probe of 0003:093A:8001.0007 failed with error -22 [ 456.093082][ T3380] rtl8192cu: Chip version 0x10 [ 456.237344][ T32] audit: type=1804 audit(1571495011.285:115): pid=13536 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/120/file0/bus" dev="ramfs" ino=38461 res=1 [ 456.262581][T11495] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 456.266460][T13536] FAULT_INJECTION: forcing a failure. [ 456.266460][T13536] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 456.283835][T13536] CPU: 1 PID: 13536 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 456.291729][T13536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 456.301814][T13536] Call Trace: [ 456.305286][T13536] dump_stack+0x191/0x1f0 [ 456.309635][T13536] should_fail+0xa3f/0xa50 [ 456.314278][T13536] should_fail_alloc_page+0x1fb/0x270 [ 456.319669][T13536] __alloc_pages_nodemask+0x3c1/0x60c0 [ 456.325136][T13536] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 456.331037][T13536] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 456.337013][T13536] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 456.343167][T13536] ? prep_new_page+0x792/0x9b0 [ 456.347958][T13536] ? get_page_from_freelist+0x11d3/0x19f0 [ 456.353688][T13536] kmsan_alloc_page+0xc3/0x370 [ 456.358447][T13536] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 456.364331][T13536] __alloc_pages_nodemask+0x149d/0x60c0 [ 456.369871][T13536] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 456.375848][T13536] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 456.382027][T13536] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 456.388100][T13536] ? __list_add_valid+0xb8/0x430 [ 456.393052][T13536] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 456.399129][T13536] ? free_unref_page_commit+0x31c/0x730 [ 456.404696][T13536] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 456.410587][T13536] alloc_pages_vma+0xc9d/0x18c0 [ 456.415453][T13536] handle_mm_fault+0x38f5/0x9f70 [ 456.420405][T13536] ? generic_file_read_iter+0x3e70/0x3e70 [ 456.426129][T13536] do_user_addr_fault+0x905/0x1510 [ 456.431252][T13536] __do_page_fault+0x1a2/0x410 [ 456.436015][T13536] do_page_fault+0xbb/0x500 [ 456.440538][T13536] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 456.445908][T13536] page_fault+0x4e/0x60 [ 456.450063][T13536] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 456.456727][T13536] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 456.476332][T13536] RSP: 0018:ffff88817be1f778 EFLAGS: 00010206 [ 456.482400][T13536] RAX: ffffffff8496408c RBX: ffff8881a96ec628 RCX: 0000000000000300 [ 456.490365][T13536] RDX: 0000000000001000 RSI: ffff88817be9ed00 RDI: 0000000020005000 [ 456.498330][T13536] RBP: ffff88817be1f7e8 R08: 0000000000000000 R09: 0000000000000002 [ 456.506292][T13536] R10: 0000000000000000 R11: ffffffff81d4e001 R12: 0000000000001000 [ 456.514255][T13536] R13: ffff88817be9e000 R14: ffff88817be1f780 R15: 0000000020004300 [ 456.522239][T13536] ? find_get_pages_range_tag+0xe51/0xe60 [ 456.527961][T13536] ? copyout+0xcc/0x1f0 [ 456.532113][T13536] ? copyout+0x113/0x1f0 [ 456.536353][T13536] copy_page_to_iter+0x6dc/0x1910 [ 456.541647][T13536] generic_file_read_iter+0x2979/0x3e70 [ 456.547221][T13536] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 456.553108][T13536] ? find_get_pages_range_tag+0xe60/0xe60 [ 456.558843][T13536] do_iter_readv_writev+0xa16/0xc30 [ 456.564063][T13536] ? find_get_pages_range_tag+0xe60/0xe60 [ 456.569885][T13536] do_iter_read+0x30b/0xe10 [ 456.574390][T13536] ? import_iovec+0x4ad/0x660 [ 456.579097][T13536] do_readv+0x37f/0x710 [ 456.583257][T13536] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 456.589143][T13536] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 456.595204][T13536] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 456.600916][T13536] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 456.606804][T13536] __se_sys_readv+0x9b/0xb0 [ 456.611320][T13536] __x64_sys_readv+0x4a/0x70 [ 456.615913][T13536] do_syscall_64+0xb6/0x160 [ 456.620420][T13536] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 456.626313][T13536] RIP: 0033:0x459a59 [ 456.630206][T13536] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 456.649805][T13536] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 456.658207][T13536] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 456.666254][T13536] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 456.674215][T13536] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 456.682184][T13536] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 456.690144][T13536] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:31 executing program 3 (fault-call:7 fault-nth:35): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:31 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) recvfrom(r0, &(0x7f0000000000)=""/117, 0x75, 0x2000, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="340000001500951f00000000000000000a000000", @ANYRES32=0x0, @ANYBLOB="140002000000000000000000de000000000000010800080000000000"], 0x34}}, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f0000000080), 0x492492492492751, 0x0) [ 456.856778][ T31] usb 2-1: USB disconnect, device number 30 [ 456.864649][T11559] usb 6-1: new high-speed USB device number 6 using dummy_hcd 14:23:32 executing program 4: bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000040)={0x0, 0x5}, 0x0) clone(0x80000400, &(0x7f0000000000)="881f0d6fededba0edfd5fb8c7c2f38fdbf37668bc6809ab85de9f0db286ac0e08f36d4e5cfeffa93", &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="83200c1ac6cfe21cfde241bf65ddbfe16b9d4e24119c3c616ba3f42d93db16b3fefdc6555452c492d2ecee0412aba8fd6663aaf325bef1df2f32dded4f70cb5644073535bf44fd24") keyctl$read(0xb, 0xfffffffffffffffd, &(0x7f0000000280)=""/4, 0x4) [ 456.942171][T11495] usb 1-1: Using ep0 maxpacket: 8 [ 457.036674][ T32] audit: type=1804 audit(1571495012.085:116): pid=13552 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/121/file0/bus" dev="ramfs" ino=38492 res=1 [ 457.078650][T13552] FAULT_INJECTION: forcing a failure. [ 457.078650][T13552] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 457.091902][T13552] CPU: 1 PID: 13552 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 457.099789][T13552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 457.110103][T13552] Call Trace: [ 457.113502][T13552] dump_stack+0x191/0x1f0 [ 457.117835][T13552] should_fail+0xa3f/0xa50 [ 457.122279][T13552] should_fail_alloc_page+0x1fb/0x270 [ 457.127645][T13552] __alloc_pages_nodemask+0x3c1/0x60c0 [ 457.133137][T13552] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 457.139027][T13552] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 457.145003][T13552] ? prep_new_page+0x792/0x9b0 [ 457.149776][T13552] ? get_page_from_freelist+0x11d3/0x19f0 [ 457.155593][T13552] kmsan_alloc_page+0x131/0x370 [ 457.160458][T13552] __alloc_pages_nodemask+0x149d/0x60c0 [ 457.166007][T13552] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 457.171985][T13552] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 457.178567][T13552] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 457.184728][T13552] ? __list_add_valid+0xb8/0x430 [ 457.189673][T13552] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 457.195732][T13552] ? free_unref_page_commit+0x31c/0x730 [ 457.201293][T13552] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 457.207199][T13552] alloc_pages_vma+0xc9d/0x18c0 [ 457.212057][T13552] handle_mm_fault+0x38f5/0x9f70 [ 457.217012][T13552] ? generic_file_read_iter+0x3e70/0x3e70 [ 457.222756][T13552] do_user_addr_fault+0x905/0x1510 [ 457.227894][T13552] __do_page_fault+0x1a2/0x410 [ 457.232657][T13552] do_page_fault+0xbb/0x500 [ 457.237155][T13552] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 457.242959][T13552] page_fault+0x4e/0x60 [ 457.247108][T13552] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 457.254293][T13552] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 457.274453][T13552] RSP: 0018:ffff88818235f778 EFLAGS: 00010206 [ 457.280514][T13552] RAX: ffffffff8496408c RBX: ffff8881b58f6468 RCX: 0000000000000300 [ 457.288488][T13552] RDX: 0000000000001000 RSI: ffff88818240fd00 RDI: 0000000020005000 [ 457.296455][T13552] RBP: ffff88818235f7e8 R08: 0000000000000000 R09: 0000000000000002 [ 457.304425][T13552] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 457.312441][T13552] R13: ffff88818240f000 R14: ffff88818235f780 R15: 0000000020004300 [ 457.320418][T13552] ? copyout+0xcc/0x1f0 [ 457.324681][T13552] ? copyout+0x113/0x1f0 [ 457.329036][T13552] copy_page_to_iter+0x6dc/0x1910 [ 457.334077][T13552] generic_file_read_iter+0x2979/0x3e70 [ 457.339656][T13552] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 457.345554][T13552] ? find_get_pages_range_tag+0xe60/0xe60 [ 457.351361][T13552] do_iter_readv_writev+0xa16/0xc30 [ 457.357025][T13552] ? find_get_pages_range_tag+0xe60/0xe60 [ 457.362750][T13552] do_iter_read+0x30b/0xe10 [ 457.367248][T13552] ? import_iovec+0x4ad/0x660 [ 457.371942][T13552] do_readv+0x37f/0x710 [ 457.376351][T13552] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 457.382241][T13552] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 457.388845][T13552] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 457.395805][T13552] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 457.402489][T13552] __se_sys_readv+0x9b/0xb0 [ 457.407003][T13552] __x64_sys_readv+0x4a/0x70 [ 457.411591][T13552] do_syscall_64+0xb6/0x160 [ 457.416103][T13552] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 457.421995][T13552] RIP: 0033:0x459a59 [ 457.425884][T13552] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 457.445667][T13552] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 457.454080][T13552] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 457.462072][T13552] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 457.470235][T13552] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 457.478215][T13552] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 457.486296][T13552] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 457.535036][T11559] usb 6-1: Using ep0 maxpacket: 8 [ 457.552371][ T3380] rtl_usb: rx_max_size 15360, rx_urb_num 8, in_ep 1 [ 457.559480][ T3380] usb 5-1: This Realtek USB WiFi dongle (0x0586:0x341f) is untested! [ 457.567906][ T3380] usb 5-1: Please report results to Jes.Sorensen@gmail.com 14:23:32 executing program 0: syz_emit_ethernet(0x2a, &(0x7f0000000040)={@random="eb8483e313c1", @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0xf401, 0x0, @remote={0xac, 0x1c}, @empty}, @igmp={0x5, 0x0, 0x0, @broadcast}}}}}, 0x0) [ 457.662691][T11495] usb 1-1: unable to read config index 0 descriptor/all [ 457.663101][T11559] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 457.669866][T11495] usb 1-1: can't read configurations, error -71 [ 457.681075][T11559] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 457.700206][T11559] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00 14:23:32 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000000080)={0x1ff, 0x1f, 0x80, 0x4a50b440b9451fa6}) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$int_in(r3, 0xd64a, &(0x7f00000000c0)=0x1a5) setsockopt$sock_int(r2, 0x1, 0x28, &(0x7f0000000100)=0xfffffffffffff001, 0x4) sendmmsg(r1, &(0x7f0000007fc0), 0x0, 0x88) 14:23:32 executing program 2: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000100)={0x401, 0x9, 0x4, 0x2000000, {0x0, 0x2710}, {0x2, 0x1, 0xca, 0x9, 0x3, 0x0, "7abd24b1"}, 0x10000, 0x1, @fd=r0, 0x4}) r2 = syz_open_dev$video(&(0x7f0000000180)='/dev/video#\x00', 0x1ff, 0x0) dup3(r1, r2, 0x0) mbind(&(0x7f0000483000/0x3000)=nil, 0x3000, 0x1, &(0x7f0000000000)=0x9, 0x8, 0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup3(r4, r3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x402, 0x0) [ 457.709426][T11559] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.719412][ T3380] usb 5-1: Unsupported USB TX end-points [ 457.725367][ T3380] usb 5-1: Fatal - failed to identify chip [ 457.731699][ T3380] rtl8xxxu: probe of 5-1:0.92 failed with error -524 14:23:32 executing program 3 (fault-call:7 fault-nth:36): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 457.819573][ T3380] usb 5-1: USB disconnect, device number 19 [ 457.982048][T11559] usb 6-1: config 0 descriptor?? 14:23:33 executing program 0: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x48640, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) r4 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000200)=[@in={0x2, 0x4e22, @loopback}, @in6={0xa, 0x4e21, 0x0, @dev={0xfe, 0x80, [], 0x18}, 0x5}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e21, 0x400, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8001}, @in6={0xa, 0x4e24, 0x2, @local, 0x69}, @in6={0xa, 0x4e21, 0x200, @ipv4={[], [], @rand_addr=0xb4a}}, @in={0x2, 0x4e24, @local}], 0xa0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000340)={0x4, 0x3, 0x4, 0x1000, &(0x7f0000ffd000/0x1000)=nil}) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000000)={r3}, &(0x7f0000000040)=0x8) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000300)=ANY=[@ANYBLOB="c473d5dd7dc1fb9c8842878fab52e0a2d3f5baec958b983e19c2a6031beb49250000000ca7fa", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f0000000000)={r7}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000040)={r3, 0x8, 0xffff, 0x4, 0x7, 0x4, 0x9, 0x401, {r7, @in6={{0xa, 0x4e23, 0x80000000, @empty, 0x3ff}}, 0x9, 0x7, 0x1, 0x0, 0x1f}}, &(0x7f0000000100)=0xb0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={r9, @in6={{0xa, 0x4e22, 0x20, @local, 0x3}}, 0x100, 0x400}, 0x90) r10 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r10, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r10, 0x84, 0x19, &(0x7f00000002c0)={r8, 0x7}, 0x8) getpid() [ 458.132146][ T32] audit: type=1804 audit(1571495013.175:117): pid=13576 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/122/file0/bus" dev="ramfs" ino=39215 res=1 [ 458.133663][T13576] FAULT_INJECTION: forcing a failure. [ 458.133663][T13576] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 458.167455][T13576] CPU: 0 PID: 13576 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 458.175406][T13576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 458.185518][T13576] Call Trace: [ 458.188897][T13576] dump_stack+0x191/0x1f0 [ 458.193314][T13576] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 458.199283][T13576] should_fail+0xa3f/0xa50 [ 458.203792][T13576] should_fail_alloc_page+0x1fb/0x270 [ 458.209252][T13576] __alloc_pages_nodemask+0x3c1/0x60c0 [ 458.214781][T13576] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 458.220817][T13576] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 458.226764][T13576] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 458.232879][T13576] ? memcg_check_events+0x74/0xf20 [ 458.238031][T13576] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 458.243988][T13576] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 458.249916][T13576] alloc_pages_vma+0xc9d/0x18c0 [ 458.254825][T13576] handle_mm_fault+0x38f5/0x9f70 [ 458.259803][T13576] ? generic_file_read_iter+0x3e70/0x3e70 [ 458.265570][T13576] do_user_addr_fault+0x905/0x1510 [ 458.270733][T13576] __do_page_fault+0x1a2/0x410 [ 458.275530][T13576] do_page_fault+0xbb/0x500 [ 458.280065][T13576] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 458.285478][T13576] page_fault+0x4e/0x60 [ 458.289664][T13576] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 458.296365][T13576] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 458.315993][T13576] RSP: 0018:ffff88817a82f778 EFLAGS: 00010206 [ 458.324861][T13576] RAX: ffffffff8496408c RBX: ffff8881a96ea7e8 RCX: 0000000000000300 [ 458.332855][T13576] RDX: 0000000000001000 RSI: ffff88817a86fd00 RDI: 0000000020006000 [ 458.340844][T13576] RBP: ffff88817a82f7e8 R08: 0000000000000000 R09: 0000000000000003 [ 458.348842][T13576] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 458.356921][T13576] R13: ffff88817a86f000 R14: ffff88817a82f780 R15: 0000000020005300 [ 458.364936][T13576] ? copyout+0xcc/0x1f0 [ 458.369140][T13576] ? copyout+0x113/0x1f0 [ 458.373423][T13576] copy_page_to_iter+0x6dc/0x1910 [ 458.378542][T13576] generic_file_read_iter+0x2979/0x3e70 [ 458.384196][T13576] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 458.390150][T13576] ? find_get_pages_range_tag+0xe60/0xe60 [ 458.395904][T13576] do_iter_readv_writev+0xa16/0xc30 [ 458.401243][T13576] ? find_get_pages_range_tag+0xe60/0xe60 [ 458.406998][T13576] do_iter_read+0x30b/0xe10 [ 458.411550][T13576] ? import_iovec+0x4ad/0x660 [ 458.416270][T13576] do_readv+0x37f/0x710 [ 458.420584][T13576] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 458.426517][T13576] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 458.432611][T13576] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 458.438446][T13576] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 458.444418][T13576] __se_sys_readv+0x9b/0xb0 [ 458.448968][T13576] __x64_sys_readv+0x4a/0x70 [ 458.453598][T13576] do_syscall_64+0xb6/0x160 [ 458.458134][T13576] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 458.464045][T13576] RIP: 0033:0x459a59 [ 458.467987][T13576] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 458.487637][T13576] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 458.496086][T13576] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 458.504084][T13576] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 458.512077][T13576] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 458.520071][T13576] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 458.528065][T13576] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:33 executing program 3 (fault-call:7 fault-nth:37): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:33 executing program 4: stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000600)) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000280)='/proc/capi/capi20\x00', 0x200, 0x0) getegid() lstat(0x0, &(0x7f0000000700)) socketpair$unix(0x1, 0x5, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) socket$alg(0x26, 0x5, 0x0) getgid() syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0) r0 = socket$rxrpc(0x21, 0x2, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000440)='/dev/vbi#\x00', 0x0, 0x2) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f0000000480)='\x00', 0x0, 0xffffffffffffffff) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f0000000140), 0x4) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, r2, 0x0) r3 = request_key(&(0x7f00000002c0)='cifs.idmap\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000340)='/dev/input/mice\x00', 0xfffffffffffffff9) r4 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$negate(0xd, r3, 0x5, r4) unshare(0x60020000) pipe(&(0x7f0000001300)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r7 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r8 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) write$binfmt_misc(r5, &(0x7f0000000900)=ANY=[@ANYRESDEC], 0x14) r9 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000580)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x4400) fsetxattr(r9, &(0x7f0000000080)=@known='com.apple.system.Security\x00', &(0x7f0000000100)='/dev/input/mice\x00', 0x10, 0x0) r10 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) fcntl$F_SET_FILE_RW_HINT(r10, 0x40e, &(0x7f0000000040)=0x3) write$P9_RSETATTR(r5, &(0x7f00000004c0)={0x7, 0x1b, 0x2}, 0x7) [ 458.864199][ T32] audit: type=1804 audit(1571495013.915:118): pid=13585 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/123/file0/bus" dev="ramfs" ino=38582 res=1 [ 458.886566][T11559] usbhid 6-1:0.0: can't add hid device: -71 [ 458.892891][T11559] usbhid: probe of 6-1:0.0 failed with error -71 [ 458.906846][T11559] usb 6-1: USB disconnect, device number 6 [ 458.930632][T13589] IPVS: ftp: loaded support on port[0] = 21 [ 458.966821][T13585] FAULT_INJECTION: forcing a failure. [ 458.966821][T13585] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 458.980484][T13585] CPU: 1 PID: 13585 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 458.988435][T13585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 458.998715][T13585] Call Trace: [ 459.002166][T13585] dump_stack+0x191/0x1f0 [ 459.006551][T13585] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 459.012487][T13585] should_fail+0xa3f/0xa50 [ 459.016973][T13585] should_fail_alloc_page+0x1fb/0x270 [ 459.022381][T13585] __alloc_pages_nodemask+0x3c1/0x60c0 [ 459.027874][T13585] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 459.034085][T13585] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 459.040025][T13585] ? __msan_metadata_ptr_for_load_1+0x10/0x20 [ 459.046120][T13585] ? xas_load+0x8d7/0x930 [ 459.050504][T13585] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 459.056606][T13585] alloc_pages_current+0x68d/0x9a0 [ 459.061762][T13585] __page_cache_alloc+0x95/0x320 [ 459.066738][T13585] generic_file_read_iter+0x1e3e/0x3e70 [ 459.072372][T13585] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 459.078288][T13585] ? find_get_pages_range_tag+0xe60/0xe60 [ 459.084036][T13585] do_iter_readv_writev+0xa16/0xc30 [ 459.089280][T13585] ? find_get_pages_range_tag+0xe60/0xe60 [ 459.095025][T13585] do_iter_read+0x30b/0xe10 [ 459.099561][T13585] ? import_iovec+0x4ad/0x660 [ 459.104280][T13585] do_readv+0x37f/0x710 [ 459.108484][T13585] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 459.114419][T13585] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 459.120514][T13585] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 459.126275][T13585] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 459.132197][T13585] __se_sys_readv+0x9b/0xb0 [ 459.136732][T13585] __x64_sys_readv+0x4a/0x70 [ 459.141346][T13585] do_syscall_64+0xb6/0x160 [ 459.145884][T13585] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 459.151812][T13585] RIP: 0033:0x459a59 [ 459.155750][T13585] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 459.175392][T13585] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 459.183840][T13585] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 459.191836][T13585] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 459.199824][T13585] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 459.207817][T13585] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 459.215808][T13585] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 459.461254][T13590] IPVS: ftp: loaded support on port[0] = 21 [ 459.702170][T11526] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 459.962071][T11526] usb 6-1: Using ep0 maxpacket: 8 [ 460.102261][T11526] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 460.113494][T11526] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 460.130616][T11526] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00 [ 460.139800][T11526] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.149522][T11526] usb 6-1: config 0 descriptor?? 14:23:35 executing program 1: r0 = socket$inet6(0xa, 0x801, 0x0) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x40, 0x0) write$FUSE_NOTIFY_POLL(r1, &(0x7f0000000080)={0x18, 0x1, 0x0, {0x8}}, 0x18) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1a) listen(r0, 0x0) syz_emit_ethernet(0xfffffffffffffe85, &(0x7f00000000c0)={@local, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x64, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x19, 0x2, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0x28}, @timestamp={0x8, 0xa}, @exp_fastopen={0xfe, 0x0, 0xf989, "f01f56a86547"}, @eol, @md5sig={0x13, 0x12, "5a4b1b9d4e1e000000020004008000"}, @mss={0x2, 0x4}, @window={0x3, 0x3}, @sack={0x5, 0x16, [0x4, 0x0, 0x0, 0x0, 0xfffffff7]}]}}}}}}}}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) fstatfs(r2, &(0x7f0000000180)=""/41) 14:23:35 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0xffffffffffffff06, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[]}}, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) bind$unix(r1, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e23}, 0x6e) 14:23:35 executing program 2: syz_usb_connect$hid(0x0, 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000000000040ac050e02f646aef80001090224000101000000090400000903010200092100000001220000090581030700000000"], 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_G_SLICED_VBI_CAP(r0, 0xc0745645, &(0x7f0000000080)={0x1780, [0x5, 0x20, 0x1, 0xc3, 0x8000, 0x401, 0x6e7, 0x4, 0x5, 0x8, 0x1e, 0x81, 0x1f, 0x7, 0x2, 0xff80, 0x1, 0x4b, 0x3, 0x2, 0x0, 0x40, 0x7, 0x19, 0x8, 0x1, 0x4, 0x3, 0x2, 0x4, 0x101, 0x6, 0x81, 0x8f8f, 0x7, 0x3, 0x7, 0x8, 0x1, 0x81, 0x1, 0x8, 0x1000, 0x9, 0x1, 0x4, 0xff, 0x3f], 0x8}) r1 = syz_usb_connect(0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0x3, 0x4) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000000), &(0x7f0000000100)=0x4) syz_usb_disconnect(r1) r3 = syz_open_dev$evdev(&(0x7f0000001b80)='/dev/input/event#\x00', 0xea, 0x0) ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f00000001c0)) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r6, 0x80006040045010, &(0x7f0000000140)=0x3) sendmsg$key(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x2, 0x13, 0x3f, 0x2, 0x4, 0x0, 0x70bd29, 0x25dfdbfc, [@sadb_spirange={0x2, 0x10, 0x4d2, 0x4d4}]}, 0x20}}, 0x8842) 14:23:35 executing program 5: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000c77f1e101097307735b80000000109021200010000000009041d00003a5d5400b2096436419c47a7a817ffc16350ee7ee25081a92e7fe347eef784e94394dfc882f0c1d308d62adeff8c803e5ce9f34e11ec41141935e360e536bfb358709f6c54520a8a8333a3b30518cd98dbba3b9d14a93f4cc1b2ff2c6d2c1469f52c81749f4ee11a3636873e74566af7bb107d871262156d98a7393aafd2a4ff8ce38d9e15b12e7038643104eb0db16e98e9caf99ca541a851ffe7c7cb9b4c70e8a6b89f48b5455962a6fa4f90521f3155a10ef9fb09457f2b11bc3b77b35a96b02dce786fff4129896ed79ba95ab518d69866bba3a4115dc187f90b19226882d748951a05a60b9ba46baee147"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000003380)={0xac, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080), 0x8001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) ioctl$USBDEVFS_BULK(r1, 0xc0185502, &(0x7f0000000080)={{0x3e}, 0xf0, 0x4, 0x6a, 0x1, &(0x7f0000000000)="3dbfc8ad392df845684047ada6fb37ad6800b3fe6e8b05c400266ad9e1e423443f9c3eb228890eecd51274b975a78b5cde6685c25e74c372a89be599d69854e1e86be5ce6c53260e75b7d33d94129f045cc4daa75dc4a78c39ae646dc893fa5f5a55dc01f9a580006d15"}) 14:23:35 executing program 3 (fault-call:7 fault-nth:38): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:35 executing program 4: r0 = mq_open(&(0x7f0000000000)='md5sumeth1wlan0{cgroupmime_type@\x00', 0x842, 0x0, 0x0) read(r0, &(0x7f00000000c0)=""/101, 0x65) mq_notify(r0, &(0x7f0000000300)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000180)=0x1) ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000040)={0x6, "4dd1bee6a521d13b3fa0f7b2d970e015f8816d4381e9631f974a6fa1674d26c2", 0x4, 0x1}) sendfile(r0, r0, 0x0, 0x3) openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x400, 0x0) [ 460.484344][T11526] usbhid 6-1:0.0: can't add hid device: -71 [ 460.490588][T11526] usbhid: probe of 6-1:0.0 failed with error -71 [ 460.509036][T11526] usb 6-1: USB disconnect, device number 7 [ 460.600964][ T32] audit: type=1804 audit(1571495015.645:119): pid=13612 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/124/file0/bus" dev="ramfs" ino=39334 res=1 [ 460.612630][T13612] FAULT_INJECTION: forcing a failure. [ 460.612630][T13612] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 460.635892][T13612] CPU: 0 PID: 13612 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 460.643785][T13612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 460.653857][T13612] Call Trace: [ 460.657171][T13612] dump_stack+0x191/0x1f0 [ 460.661529][T13612] should_fail+0xa3f/0xa50 [ 460.665976][T13612] should_fail_alloc_page+0x1fb/0x270 [ 460.671552][T13612] __alloc_pages_nodemask+0x3c1/0x60c0 [ 460.677063][T13612] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 460.682979][T13612] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 460.689161][T13612] ? prep_new_page+0x792/0x9b0 [ 460.693961][T13612] ? get_page_from_freelist+0x11d3/0x19f0 [ 460.699724][T13612] kmsan_alloc_page+0x131/0x370 [ 460.704640][T13612] __alloc_pages_nodemask+0x149d/0x60c0 [ 460.710212][T13612] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 460.716299][T13612] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 460.722199][T13612] ? memcg_check_events+0x74/0xf20 [ 460.727309][T13612] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 460.733226][T13612] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 460.739206][T13612] alloc_pages_vma+0xc9d/0x18c0 [ 460.744073][T13612] handle_mm_fault+0x38f5/0x9f70 [ 460.749018][T13612] ? generic_file_read_iter+0x3e70/0x3e70 [ 460.754741][T13612] do_user_addr_fault+0x905/0x1510 [ 460.759866][T13612] __do_page_fault+0x1a2/0x410 [ 460.764729][T13612] do_page_fault+0xbb/0x500 [ 460.769227][T13612] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 460.775303][T13612] page_fault+0x4e/0x60 [ 460.779453][T13612] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 460.786280][T13612] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 460.805895][T13612] RSP: 0018:ffff88817ba8f778 EFLAGS: 00010206 [ 460.811951][T13612] RAX: ffffffff8496408c RBX: ffff8881a96ee468 RCX: 0000000000000300 [ 460.819911][T13612] RDX: 0000000000001000 RSI: ffff88817fa12d00 RDI: 0000000020006000 [ 460.827870][T13612] RBP: ffff88817ba8f7e8 R08: 0000000000000000 R09: 0000000000000003 [ 460.835830][T13612] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 460.843880][T13612] R13: ffff88817fa12000 R14: ffff88817ba8f780 R15: 0000000020005300 [ 460.851868][T13612] ? copyout+0xcc/0x1f0 [ 460.856025][T13612] ? copyout+0x113/0x1f0 [ 460.860266][T13612] copy_page_to_iter+0x6dc/0x1910 [ 460.865406][T13612] generic_file_read_iter+0x2979/0x3e70 [ 460.870979][T13612] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 460.876865][T13612] ? find_get_pages_range_tag+0xe60/0xe60 [ 460.882575][T13612] do_iter_readv_writev+0xa16/0xc30 [ 460.887779][T13612] ? find_get_pages_range_tag+0xe60/0xe60 [ 460.893501][T13612] do_iter_read+0x30b/0xe10 [ 460.897994][T13612] ? import_iovec+0x4ad/0x660 [ 460.902676][T13612] do_readv+0x37f/0x710 [ 460.906835][T13612] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 460.912772][T13612] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 460.918848][T13612] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 460.924570][T13612] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 460.930460][T13612] __se_sys_readv+0x9b/0xb0 [ 460.934961][T13612] __x64_sys_readv+0x4a/0x70 [ 460.939542][T13612] do_syscall_64+0xb6/0x160 [ 460.944125][T13612] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 460.950007][T13612] RIP: 0033:0x459a59 [ 460.953895][T13612] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 460.973497][T13612] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 460.982093][T13612] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 460.990054][T13612] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 460.998028][T13612] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 461.005990][T13612] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 461.013951][T13612] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:36 executing program 3 (fault-call:7 fault-nth:39): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:36 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$HIDIOCGRAWPHYS(r0, 0x80404805, &(0x7f0000000040)) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VFIO_IOMMU_GET_INFO(r1, 0x3b70, &(0x7f00000000c0)={0x10}) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000240)='EP\xd4\x00\x1f\x91\xeb/W\xb72$C0%\x03\x9c0\x96\xb2\fkC\x93H\xbfh\x9c\b`\x857\xd6\">c\xad\xc0bO\xba\xe2\xe1\t5\x9d\xcei\"2L\xcc\x13\x16\vh\xca\xe6C\x06\x97%\x9d\xd5-\x1fs\xe1j\xdc5\x92\xd0)%\xdf\xfa\xe8^\x9c\xd29\x8clg\xc8\x7f\xb5\xb1&\x02\xf1E\xb4\x84\xbeE\x91)f\xe8\xb7\xe2\xf6`i\xc5m\xd7l\x1d\xc1\x12\x01<:kM\xe9\x99\xcd\xcd\xc8\x85Z\xee47\xdc\xc8u\x80\xcf\xbeTo\xbb\xfb\xc0\xebV\xd8\xbb\xbe\xa2\x90J|s\xc2', 0x1, 0xc3, &(0x7f0000000480)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) [ 461.347231][T13625] FAULT_INJECTION: forcing a failure. [ 461.347231][T13625] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 461.360727][T13625] CPU: 1 PID: 13625 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 461.368670][T13625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 461.378932][T13625] Call Trace: [ 461.382270][T13625] dump_stack+0x191/0x1f0 [ 461.386661][T13625] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 461.392619][T13625] should_fail+0xa3f/0xa50 [ 461.397105][T13625] should_fail_alloc_page+0x1fb/0x270 [ 461.402690][T13625] __alloc_pages_nodemask+0x3c1/0x60c0 [ 461.408237][T13625] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 461.414185][T13625] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 461.420385][T13625] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 461.426319][T13625] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 461.432420][T13625] ? memcg_check_events+0x74/0xf20 [ 461.437569][T13625] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 461.443509][T13625] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 461.449438][T13625] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 461.455640][T13625] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 461.461613][T13625] alloc_pages_vma+0xc9d/0x18c0 [ 461.466515][T13625] handle_mm_fault+0x38f5/0x9f70 [ 461.471502][T13625] ? shmem_write_end+0x920/0x920 [ 461.476488][T13625] do_user_addr_fault+0x905/0x1510 [ 461.481916][T13625] __do_page_fault+0x1a2/0x410 [ 461.486734][T13625] do_page_fault+0xbb/0x500 [ 461.491277][T13625] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 461.496704][T13625] page_fault+0x4e/0x60 [ 461.500896][T13625] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 461.507525][T13625] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 461.527246][T13625] RSP: 0018:ffff88817aa4f820 EFLAGS: 00010206 [ 461.533341][T13625] RAX: ffffffff8496408c RBX: ffff8881b58f27e8 RCX: 0000000000000300 [ 461.541331][T13625] RDX: 0000000000001000 RSI: ffff88817b36ed00 RDI: 0000000020007000 [ 461.549320][T13625] RBP: ffff88817aa4f890 R08: 0000000000000000 R09: 0000000000000004 [ 461.557329][T13625] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 461.565338][T13625] R13: ffff88817b36e000 R14: ffff88817aa4f828 R15: 0000000020006300 [ 461.573368][T13625] ? copyout+0xcc/0x1f0 [ 461.577557][T13625] ? copyout+0x113/0x1f0 [ 461.582013][T13625] copy_page_to_iter+0x6dc/0x1910 [ 461.587102][T13625] shmem_file_read_iter+0xa10/0x1140 [ 461.592494][T13625] ? shmem_file_llseek+0xdc0/0xdc0 [ 461.597657][T13625] do_iter_readv_writev+0xa16/0xc30 [ 461.602921][T13625] ? shmem_file_llseek+0xdc0/0xdc0 [ 461.608062][T13625] do_iter_read+0x30b/0xe10 [ 461.612602][T13625] ? import_iovec+0x4ad/0x660 [ 461.617332][T13625] do_readv+0x37f/0x710 [ 461.621540][T13625] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 461.627472][T13625] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 461.633585][T13625] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 461.639334][T13625] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 461.645257][T13625] __se_sys_readv+0x9b/0xb0 [ 461.649796][T13625] __x64_sys_readv+0x4a/0x70 [ 461.654426][T13625] do_syscall_64+0xb6/0x160 [ 461.658962][T13625] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 461.664874][T13625] RIP: 0033:0x459a59 [ 461.668801][T13625] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 461.689471][T13625] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 461.697914][T13625] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 461.705904][T13625] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 461.713892][T13625] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 461.721883][T13625] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 461.729872][T13625] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 461.746619][T11526] usb 6-1: new high-speed USB device number 8 using dummy_hcd 14:23:36 executing program 4: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x18800, 0x0) read$usbfs(r0, &(0x7f0000000040), 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000140)={@broadcast, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x70}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x5, 0x4, 0x0, 0x0, 0x0, 0x6, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4788, 0x0, @local, @dev, {[@timestamp={0x8, 0x2c, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast2]}, {[@multicast1]}, {}, {[@loopback]}, {}]}]}}}}}}}, 0x0) 14:23:36 executing program 2: r0 = socket$key(0xf, 0x3, 0x2) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000040)=[@in={0x2, 0x4e21, @remote}, @in6={0xa, 0x4e23, 0x0, @remote, 0x80000001}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e21, @remote}, @in6={0xa, 0x4e24, 0x9, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xd8}], 0x68) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="021000000a000000000010ec0000920008001200ce840404460bb100006c004007000000b4cb8cb61b1205000b41bbc2e0e82efd273aa2768a790297c1060c612b4300010034f5000000393300000000a3160a534f18dd0d444e100a9c5a28162feba4c431ce6254084eace6e4c5585ba2d77202e47320f439661bff009dddd1f457399fcab3001bb1cc4ca78794880a7299ea50dd9114c9ba5c9175ada67600c99e25977f0811f4eff2ec4995a3a2d5fdc2b24b7d940279b836cd19095a98a8399103b6f6958079110fdf20171b39faf21574243927b0302b2bebb67914bebe6d876692cf5159929cea97a1ba8938972cb036b8778b231c46cb8a98361d6f338b53c6f4668ed244c60aa1f43eb84507a7825971cceb1dec777f8d63b128"], 0x50}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x4000054, 0x0) 14:23:37 executing program 0: seccomp(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x100000006, 0x0, 0x0, 0x40007fc00000}]}) r0 = socket$unix(0x1, 0x2, 0x0) pwrite64(r0, &(0x7f0000000000)="2d1a679bace6d15dd96d65835ac52c34f7ad08e5c886ef30a7c83b53038abc1b38543ecc10ad7f9146c3a77425350be38d609955e855c8e6fec5513dfaad6e1d142c5bf3d44d64e64c6225c0315ae30fae5bea1532674419b70f", 0x5a, 0x26) [ 461.994114][T11526] usb 6-1: Using ep0 maxpacket: 16 14:23:37 executing program 4: write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x16c, 0x4) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000780)={@in={{0x2, 0x0, @local}}, 0x0, 0x9, 0x2, "a77760f5a7645bc43c241d69912dda0c63c2a66726f8cfafd6c8fe2c98de7ba44947a79015f0fe57917cb62a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef2818a179"}, 0xd8) pipe(0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) setregid(0x0, 0x0) lchown(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0) msgctl$IPC_SET(0x0, 0x1, 0x0) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) ioctl$TIOCMIWAIT(r1, 0x545c, 0x0) ioctl$GIO_FONTX(0xffffffffffffffff, 0x4b6b, &(0x7f0000000000)=""/191) recvmsg(r0, &(0x7f0000000240)={0x0, 0xfffffffffffffd83, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x5801}], 0x1}, 0x100) write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd) 14:23:37 executing program 3 (fault-call:7 fault-nth:40): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 462.127496][T11526] usb 6-1: config 0 has an invalid interface number: 29 but max is 0 [ 462.135819][T11526] usb 6-1: config 0 has no interface number 0 [ 462.142285][T11526] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=b8.35 [ 462.151437][T11526] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 462.195937][ T32] audit: type=1804 audit(1571495017.245:120): pid=13647 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/126/file0/bus" dev="ramfs" ino=39405 res=1 [ 462.200503][T13647] FAULT_INJECTION: forcing a failure. [ 462.200503][T13647] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 462.230754][T13647] CPU: 0 PID: 13647 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 462.238657][T13647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 462.248721][T13647] Call Trace: [ 462.252031][T13647] dump_stack+0x191/0x1f0 [ 462.256447][T13647] should_fail+0xa3f/0xa50 [ 462.260867][T13647] should_fail_alloc_page+0x1fb/0x270 [ 462.266234][T13647] __alloc_pages_nodemask+0x3c1/0x60c0 [ 462.271691][T13647] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 462.277707][T13647] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 462.283860][T13647] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 462.290001][T13647] ? prep_new_page+0x792/0x9b0 [ 462.294787][T13647] ? get_page_from_freelist+0x11d3/0x19f0 [ 462.300515][T13647] kmsan_alloc_page+0xc3/0x370 [ 462.305448][T13647] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 462.311347][T13647] __alloc_pages_nodemask+0x149d/0x60c0 [ 462.316989][T13647] ? do_syscall_64+0xb6/0x160 [ 462.321654][T13647] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 462.327733][T13647] ? get_page_from_freelist+0x11d3/0x19f0 [ 462.333479][T13647] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 462.339366][T13647] alloc_pages_current+0x68d/0x9a0 [ 462.344479][T13647] __page_cache_alloc+0x95/0x320 [ 462.349407][T13647] pagecache_get_page+0xaf1/0x1220 [ 462.354512][T13647] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 462.360407][T13647] filemap_fault+0x2632/0x2b70 [ 462.365200][T13647] ? generic_file_read_iter+0x3e70/0x3e70 [ 462.370909][T13647] handle_mm_fault+0x8043/0x9f70 [ 462.375872][T13647] do_user_addr_fault+0x905/0x1510 [ 462.380993][T13647] __do_page_fault+0x1a2/0x410 [ 462.385756][T13647] do_page_fault+0xbb/0x500 [ 462.390253][T13647] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 462.395624][T13647] page_fault+0x4e/0x60 [ 462.399773][T13647] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 462.406365][T13647] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 462.426083][T13647] RSP: 0018:ffff88817e07f778 EFLAGS: 00010206 [ 462.432144][T13647] RAX: ffffffff8496408c RBX: ffff8881a96e89a8 RCX: 0000000000000300 [ 462.440108][T13647] RDX: 0000000000001000 RSI: ffff888183739d00 RDI: 0000000020006000 [ 462.448070][T13647] RBP: ffff88817e07f7e8 R08: 0000000000000000 R09: 0000000000000003 [ 462.456043][T13647] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 462.464091][T13647] R13: ffff888183739000 R14: ffff88817e07f780 R15: 0000000020005300 [ 462.472070][T13647] ? copyout+0xcc/0x1f0 [ 462.476222][T13647] ? copyout+0x113/0x1f0 [ 462.480459][T13647] copy_page_to_iter+0x6dc/0x1910 [ 462.485492][T13647] generic_file_read_iter+0x2979/0x3e70 [ 462.491064][T13647] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 462.496987][T13647] ? find_get_pages_range_tag+0xe60/0xe60 [ 462.502701][T13647] do_iter_readv_writev+0xa16/0xc30 [ 462.507930][T13647] ? find_get_pages_range_tag+0xe60/0xe60 [ 462.513754][T13647] do_iter_read+0x30b/0xe10 [ 462.518268][T13647] ? import_iovec+0x4ad/0x660 [ 462.522957][T13647] do_readv+0x37f/0x710 [ 462.527119][T13647] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 462.533029][T13647] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 462.539094][T13647] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 462.544814][T13647] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 462.550708][T13647] __se_sys_readv+0x9b/0xb0 [ 462.555221][T13647] __x64_sys_readv+0x4a/0x70 [ 462.559803][T13647] do_syscall_64+0xb6/0x160 [ 462.564300][T13647] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 462.570182][T13647] RIP: 0033:0x459a59 [ 462.574080][T13647] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 462.593821][T13647] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 462.602323][T13647] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 462.610295][T13647] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 462.618437][T13647] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 462.626401][T13647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 462.634371][T13647] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 462.664333][T11526] usb 6-1: config 0 descriptor?? 14:23:37 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x4, &(0x7f0000000080)=[{0x0, 0x2, 0x81, 0x80000001}, {0x100, 0x7, 0x0, 0x2ad6}, {0x6, 0x9, 0xd2, 0x8}, {0x5, 0x7, 0x8, 0xfffffffd}]}, 0x10) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$RNDZAPENTCNT(r1, 0x5204, &(0x7f0000000100)=0x81) sendto$inet(r1, &(0x7f00000004c0)="7c7d381bec710b02a6d191bca8f75874f11dd18194f064c4125bbeeeabf9786a5115ee068bb196ba34e2b5cdcec04d2fb633dbb4bc50bd3dba8d61a376c599155e9385090bcdd943ff05c9e8fc55ee6471eca50f7dbb4629cd6330eb0b61d62cfc28b4c1c19cf6c99423c4a71919edcfa08e87b6075f76e93c4df480e9d47833a946dabf89a504f81e2c452d71ef56f98cd628335f04f36c5057761f523aba483ea9b559c4211264e591d75dd1fbca2c142755b8ec6edf90ba2e9d30006c3da24b524e505a3c7d68dd04d3a6b349fe34de5d584ee383ac8b3123a94608cb938ace1747a6a96cee4b92745e86d117400ac1ddf29502ea1dcf66413b79ad2b2412256bd635ce31beb78a769836a34e69304934c0593fcf88a65e33048a614843aee17fdc0faa0c6dade0f0bb4036559e8f98e777e43557d84a0afd89dcae1cdcd37a266847d2dbb50f590bd57a1628cbeee91645329df4716ada5ad33f6a6f3964741b5f4fbb4e2fd712f90e8a0ad58eebf496f66f2a1d3d2dd526a4420642567bcc34daee8a1eef6479276ab82271167557d5c7a8b44b5067decfacb06526ca09e3dc3d14c51069bcac3762317eebe2d6fab2ad77e880b83fb1652535eaba62441c3d9e98c11f6966e12d66d4a831fd95df2ed14f4c16d81fb27b3fe97d393dd71b2f8268d09f26b6f37d1e7ccffb7b67a33ead819b22ca3a4e690e955a7fa166b9be61fe27e4882f7f1e3e07a5fef66b90e231aa57abe1639f60c625d607db43f997c904a0ed5ac4ce380f6e1fbccf3f396c79306f824e3059823a02feab5b2f22169f605c8d8d3e678be367b2261c86036290929210f295068af97c697a69476b213231a3a8f7173c6c177b36c3e42a82469cf44020134133d0e8b9838240df00e39d8221c0d772108af3730253710dafa7e8963f475ca9f2dacae17dbc877409dddfd2768e8f506ca7b7a906538b3bf689ecbbcf0c393720dd236e925418deffaf736e13de4a4d63760d3e4ed78a02d2a3f3a6f83708a5b4d6ae50a82165a7dcbaed5bf4500ef74cf8a9b0d8d333caad4463e16cc40b770e6a9d71b68a44ba10589872a2ae87afcc26c6df9024abb68e0f774e6c0774435d1d4f3e74e2a141bede328be6d514bf687206796fd53bb9a151e6ad874d788ce8787e173ab2479e568112229d5ecde0a4b8080c193fb61c0c14aba14b7a5cf47fa3049192d73841f2d9985ec450c77d0c9fc19dcad3abb27c2b7a71002c4f564b40f778c37a72c5aa5e554701aecdf332ee111f0f2111d9c777c8d2dafa0be2709967a290df26eb3318eebb72f556b5b5c755e00a48aa708b4e0f7cc7e7f869aa3fe722183fb7005656d9a809ffe34b302f672d43203f0c75f61e9d8b510c1f7308b81380a4535637ac927ec5e79c82cc1e8fd0c1be96bd7ca362a1a744b7edc6f8a80fd7a2dc17a7ea5829f2d681b8ae709b1c5c98603e6cbdd080f35aed3815f15bb09af368c8f32da7386dd56d5670c4f1f76f7177806f902d7ea2bef5c63aa85b84b3acac56e924bab74cae046c0a07f44e13b519eadd0402ae4567991c49b34d638bbaa66fdb6d13d285d3a9dc12bdaaaa908843c9242383f00aa6b466ddd2c497a4a616a54a462f1b5e5bf11e8e5aae163593b9ac31238fc5c94fde27766df010ca6b5034ef66d724606738736d54011ac8ac65294ec3ab81cb648a5d40ae43be5b73901592bd80b325bfff34d6c1bb1ee5fc6a3946f34a19c81c40161c19e8ebaf830040ef1279405d62c31caa677bba67f2b102fd2043d1c521918e5d97000c8d4932a09b5b76d92f369424957da2ae6262ddd2a093a528352c0ea195d1de2e7174775feddf2ce35f3da851ae2330a98825f63b6be7d3a070767b222d1f149918d519543a5deb22cfb0b541bee4583457e6775a9b4c06277b572512d7a778aad8576f2a437577a55ccc1765430f93de873771347f53bc7fd9fa1707f961fc1f8c31c901a856ae6ac51e651cd9e44c346cdf5fb8f630f3b769d7e7d9960d71e8c87c32102d44462c23972f82df7f790a5080885d489a08239ebd5bb81672e593f101ee5703e7226fd293e196fc014b0e9106260d410d2e80e075154a75cd3a7f9858c214989b3a4bc7961073052d38f80dc15cc7b7b7e5533a694434b6110a0b998edde51aecdbb5c71cd64655b2770a5538b9bdeeabd83ec028a03f647d9fbaee1a623428793caf2719783ed0fdfe224fb181ec550c7cb8356b5c1b596736b14edb7c2de8fe6598880cf84741bcf0d658af9295f79dff9266879e7b3a67f330d734fd1e45f376f8fdfc0fd48373c3d5433996dbe813f66a004a042d579ec02dd1f0ff6462268c2955475088cbeb596b9004b13992d5d55128bae5a0c43568ffe0193648dcb1e740666d44f2e08b5b859ee2670f1530f38b94bcb479352de204c4f6f063ca5b6c8df648996e76c01c751c35ca127b87d72c1586fabe68c198f0b4a8ab705471288ddcd193a4a523e46f135204f4372760039ba5bd86e0f63d02635df54b2e8edc45ba73dcb288b72bd3b7ffb82ca9c56ea71a517917f59971d37ee64d4c7b6e5efdfdc05d77011f9b85b65854a827739204cb68309457b9e8ada650f170ffce4cda1bf8870683d4229ea3ffde794d2bd02bb91a9a55de41c97d1f8b502df16d762fc9fbab33f9dc155692b4069db1eb1bab240b9da5a561a1354aba9883bb15f755a7a89cb35087484953c82c6b4c35c7fc9fd0697ea7df857241aa58ec967df8a401defba4841d69bfe55774d195e2d862988b7f1b99593534dc0d0daa858cd55057ac22f788c80b693c362b6fb787db45880e4f93cf72dfa8a7e53772682af19c4b7aa2d3a2b4f505cf1461a2a148289264c4ab2ab1170cacec456231397e54849bca289d0559008e83ecbb3de536b17b02162bf2246e4b1dd4a557bb13cb35403afbe8761841a803d9a4f38e59a9ef3f73120bd2453c9e34dd796cec4461bf5a9bdcdb35c290b1f56e0218a827e4228743602d3e188ddfbc2c81e5f86629e197489061f008564c1eb5d9493fd8c9ac3757693b0fb099960370f5e92f17ee9a42c49d4a6ea2a484f1e6cba7ee9038cd2cc004c4f51a87399624cff61469b2cd4f089818aa3b97b6dd22d3404f8995105f2b9f5a360b784d40f3e376b9c40bdbd65fa860028f5d2f796d72e9f5be7bf6d69a5cd9799649f6dd5a3b9b8d9643b0308dd9961a7f29de70ac581fc9483e7b1a56311b67090bb4d61f065d3e5489888effa9b68cb60d9caa8f535577612c09e9414f435ecbe75ec5847350859952c4a8c39c84a1b340e367529fb7d242eaf84bc635ba5138b1315dac851548ff8236cc1106b7b0f629acb186e26da414a4655aff5862bc2b00921553634e4637042adcfb2012b5f6446097bbe4ae8ebed4d0fbe9c1a756897a29cb050325c4ad37c7a9f7b4e03d2e4c1f4d5cc59e10a3aaf266aaf431a2288b512a41d73ca6bddd12e925480b47ca3c25dd96024944403add8769a3edf7eb0414d569720131bd00c4d95ad6d3531221cee0f5fa8028a5e0b700e2fd4d06643092793306f6a50bb6d09e7e360f2901de9249a686a6e7c35d405001f6573dfa049c1f1a0545b54740e27df852d59f8472ca992e93d7f3212cec201a7fc450e6ec4278b89dfeda03377c60956347cc27d6519afbb0e3070d74984cb61230541392e98a4d891220fd348743c669095c062eb701710d28b79028149b90bc3168c702d698f7e813a6226829012528f668162b8e16010ea1347de97f2df3261237234161353d13a0c159f4150bf7d138c098327d036ff9927f6d9d773abc03872679cd80fdc7c8b1e27263048d43862af332d980c02d5980638bdf645649528623d4aaf8525f7bfbaf6d22d12518ca93f64d3823caaeb2b1d9fb69371c4396e684eda9253fd6de2a981640237b9d2c6befaae9227945daf586ddd9e390a2432c2ab13a75b7199c9a109991ad49e819a092d4b0e2bef25b55cf4b579f0d1d5389e118d2b3be7ca44c9cfffc024bc87b8153ae1565b0eba293bc56fa0d17bc6fdcdd151db4abd6963e794bbda525254d2daf7ef10395e36c535a5e784ede74e1d01267ba04d608cf4c7c4018b713444748e77663ad65eb4c6075d32b526a516886c15074f0138951943b87419143c977c8c57707a9b4d4f5e6e3ac513fdb40b1237072ca8f2a8985419102a46a884173b37d4f257f06df346dc687d8be04e6a64255f4c5efd4247ca0b768b6bc60765c077c683541b4370d09ba843d1ebbe7bf211d70770328cdd4765f11c2132fd124d315d00cf7810474efce4209a7ce70cfcf937bfc1363508181b263f0c208d9ad8af766d6180bb962e0db4a771817ecd5108c96e9864b31f38c12d01031fae4f0a79c03e7b3a8b8fdccf27cb6fde4481681e684418e98b6e1479e7326988b4ecc99ddbca8675a327d7d02d78b0da71b7d8a28b31a101e9a29229a9b41f547314a81558532543369dfc26da92c39d29309972ed3b9dc6502e92764ac508ce8cd9835ad98a10febc36c59a1b01f8d4855f9ccdb586091f73ee615e31733950545490e299f2acc0138b13cd1ba1640fa4473dc7b7f25bd77eff2db902fb0d9e32cdd0e598182dbf1e3c5b01da0e7e3b08689932bbeca6a7ec7d7cf63ae9949158d2080ba4fee7a73215f53e4fd88fdcf32584a4de35009be4ab65762314697ea549bc3026dfbbc41bdd0e50c92c8460c5b5fd15fa15f287787b5114efd1c9c30e280cb5ec4b9b334fee3cd887c072c7591ca74944529268987e395e332a0329a11b3062bcfa7bad372ac68247756b73acf7bf64a18315f80f7cd8e179384d4f6c0bc0f5fd895d90379f0f86df23b4f139aba2b992838f0d0d8b67cc169ac77024d145d45433969c70896a67d5eb9674958aa764bcb4d4de68202e6a45f5544b39583a94acd5cf675649241745c651109e6165b76e3a400d4d0842e7dea722a84428d5b53df2d8ba9c44f68afbb811b2a4cb29f5ecd729565437800375f322bad274e4f0b32687e3e73adba7bb5ee7589c6b091f384df1804f962f1568967103e43e6d59a726257e8f3b77cdf3aef4a7e9097f1b7c85dd0e0bd5e884dc24f28bd6962dc3994e2145f85906f968c1bd784f0049e3cd5c8e180097543de4a9037fd9a64df45a03daa2bfe77b1d8ecd96ea269e1478128e30a0b55f45fcb143a5e90e859725d21313d19e2d8a8d98eac9cc1ccd149a6485fe10af70602c87d2336330341562f81dbe1a9cea5a8f9786791bf18cefbe286d2d120a94f3419a4f645b615f18832f333a87f63ff04bd2f6dfc603020ab5c64de7a919e872cdcb652ad4353686be0a837d76ab393f1d8a92444bd8ed9bc2f0cbb938e92ebb314ff4869e8c281603800dd5e59d29c1ab057ed7b81a7f42aa86cc460bd258991d2af4af3bad3d5d9301d50e050b63534ac6cc96255b21f6155c030da47dbcf48ab8f13d3775b9ef07239a44eb3a66e7b2835a5ffaf46fc8e9b03fe61db3754f41e30d53064a471beee2a4f3b03e05d594067485f6a55e5b2c396a9fcf5e156d9e21f83c3c23e2de4b57de424c8dc3a00f1945b46baf0bab913bd4aa9c4cef426a5f52bdd7e42982f0e60fb94dfeec48e7fd0aa99c7fe78d69c58a765688c6488db99aa01a3731ffaca8941a644cc1174ac705c3114310c3ca16453b39f4df11697420463bd1c407f84f23ee2f48197f51e18056548fd7f0193199908af2030555b84202691d2eb1f006875839b24386912ce6791c19338cd2b864ec3e05bb94079", 0x1000, 0x4000, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4, 0x810, r2, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000440)={@link_local={0x1, 0x80, 0xc2, 0x4888, 0x5800f000}, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "8368ad", 0x30, 0x3a, 0x0, @remote, @local, {[], @icmpv6=@pkt_toobig={0x3, 0x0, 0x0, 0x0, {0x0, 0x6, "80183d", 0x0, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}}}, 0x0) 14:23:37 executing program 3 (fault-call:7 fault-nth:41): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 462.890745][ T32] audit: type=1804 audit(1571495017.935:121): pid=13656 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/127/file0/bus" dev="ramfs" ino=38737 res=1 [ 462.906493][T13656] FAULT_INJECTION: forcing a failure. [ 462.906493][T13656] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 462.925558][T13656] CPU: 0 PID: 13656 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 462.933446][T13656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 462.943500][T13656] Call Trace: [ 462.946795][T13656] dump_stack+0x191/0x1f0 [ 462.951125][T13656] should_fail+0xa3f/0xa50 [ 462.955639][T13656] should_fail_alloc_page+0x1fb/0x270 [ 462.961003][T13656] __alloc_pages_nodemask+0x3c1/0x60c0 [ 462.966460][T13656] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 462.972353][T13656] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 462.978327][T13656] ? prep_new_page+0x792/0x9b0 [ 462.983098][T13656] ? get_page_from_freelist+0x11d3/0x19f0 [ 462.988916][T13656] kmsan_alloc_page+0x131/0x370 [ 462.993762][T13656] __alloc_pages_nodemask+0x149d/0x60c0 [ 462.999297][T13656] ? do_syscall_64+0xb6/0x160 [ 463.005204][T13656] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 463.011272][T13656] ? get_page_from_freelist+0x11d3/0x19f0 [ 463.017018][T13656] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 463.022997][T13656] alloc_pages_current+0x68d/0x9a0 [ 463.028114][T13656] __page_cache_alloc+0x95/0x320 [ 463.033305][T13656] pagecache_get_page+0xaf1/0x1220 [ 463.038428][T13656] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 463.044324][T13656] filemap_fault+0x2632/0x2b70 [ 463.049101][T13656] ? generic_file_read_iter+0x3e70/0x3e70 [ 463.054811][T13656] handle_mm_fault+0x8043/0x9f70 [ 463.059766][T13656] do_user_addr_fault+0x905/0x1510 [ 463.064888][T13656] __do_page_fault+0x1a2/0x410 [ 463.069653][T13656] do_page_fault+0xbb/0x500 [ 463.074237][T13656] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 463.079605][T13656] page_fault+0x4e/0x60 [ 463.083757][T13656] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 463.090336][T13656] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 463.110038][T13656] RSP: 0018:ffff88817cacf778 EFLAGS: 00010206 [ 463.116098][T13656] RAX: ffffffff8496408c RBX: ffff8881a96ee468 RCX: 0000000000000300 [ 463.124062][T13656] RDX: 0000000000001000 RSI: ffff88817a027d00 RDI: 0000000020006000 [ 463.132025][T13656] RBP: ffff88817cacf7e8 R08: 0000000000000000 R09: 0000000000000003 [ 463.140085][T13656] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 463.148134][T13656] R13: ffff88817a027000 R14: ffff88817cacf780 R15: 0000000020005300 [ 463.156114][T13656] ? copyout+0xcc/0x1f0 [ 463.160265][T13656] ? copyout+0x113/0x1f0 [ 463.164508][T13656] copy_page_to_iter+0x6dc/0x1910 [ 463.169542][T13656] generic_file_read_iter+0x2979/0x3e70 [ 463.175117][T13656] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 463.181015][T13656] ? find_get_pages_range_tag+0xe60/0xe60 [ 463.186724][T13656] do_iter_readv_writev+0xa16/0xc30 [ 463.191931][T13656] ? find_get_pages_range_tag+0xe60/0xe60 [ 463.197642][T13656] do_iter_read+0x30b/0xe10 [ 463.202139][T13656] ? import_iovec+0x4ad/0x660 [ 463.206820][T13656] do_readv+0x37f/0x710 [ 463.210980][T13656] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 463.216868][T13656] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 463.222938][T13656] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 463.228661][T13656] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 463.234549][T13656] __se_sys_readv+0x9b/0xb0 [ 463.239047][T13656] __x64_sys_readv+0x4a/0x70 [ 463.243641][T13656] do_syscall_64+0xb6/0x160 [ 463.248169][T13656] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 463.254051][T13656] RIP: 0033:0x459a59 [ 463.257938][T13656] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 463.277546][T13656] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 463.285947][T13656] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 463.293907][T13656] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 463.301882][T13656] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 463.309841][T13656] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 463.317800][T13656] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 463.326802][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 463.333268][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 463.372419][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 463.378698][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 463.385289][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 463.391538][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 463.398027][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 463.404293][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 463.435883][T11526] usb 6-1: Cannot read MAC address [ 463.441547][T11526] MOSCHIP usb-ethernet driver: probe of 6-1:0.29 failed with error -71 [ 463.512628][T11526] usb 6-1: USB disconnect, device number 8 [ 464.122160][T11559] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 464.372016][T11559] usb 6-1: Using ep0 maxpacket: 16 [ 464.492190][T11559] usb 6-1: config 0 has an invalid interface number: 29 but max is 0 [ 464.500427][T11559] usb 6-1: config 0 has no interface number 0 [ 464.506840][T11559] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=b8.35 [ 464.516109][T11559] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.525668][T11559] usb 6-1: config 0 descriptor?? 14:23:39 executing program 4: r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000280)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000004, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) recvfrom$inet6(r2, &(0x7f0000001840)=""/31, 0x1f, 0x100, 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x375) keyctl$get_persistent(0x3, r4, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000140)={0x8be, 0x24, [0xc183, 0x7fffffff, 0x5, 0x19, 0x58c01e65, 0x7, 0x800, 0x80000001, 0x3ff]}) keyctl$get_persistent(0x3, 0x0, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0x375) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x375) keyctl$get_persistent(0x3, r7, 0x0) lstat(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lsetxattr$system_posix_acl(0x0, &(0x7f00000003c0)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {0x1, 0xe}, [{0x2, 0x7, r4}, {0x2, 0x1}], {}, [{0x8, 0x4, r8}, {0x8, 0x0, 0xffffffffffffffff}], {0x10, 0x2}, {0x20, 0x2}}, 0x44, 0x2) r9 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/dlm-control\x00', 0x1a1200, 0x0) linkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', r9, &(0x7f0000000080)='./file0\x00', 0x1000) unshare(0x40000000) r10 = open(&(0x7f00000000c0)='./file0\x00', 0x2000, 0x1c0) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x2400, 0x9) 14:23:39 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000280)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000004, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) recvfrom$inet6(r1, &(0x7f0000001840)=""/31, 0x1f, 0x100, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x375) keyctl$get_persistent(0x3, r3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) keyctl$get_persistent(0x3, 0x0, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r5, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x24, r6, 0x1010, 0x609d25, 0x25dfdc01, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x3c}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0xa040080}, 0x8000) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0x375) r7 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0x375) keyctl$get_persistent(0x3, r8, 0x0) lstat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r10 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r10, 0x29, 0x2d, &(0x7f0000000440)={0xa097, {{0xa, 0x4e24, 0x81, @mcast1, 0x3}}}, 0x88) lsetxattr$system_posix_acl(0x0, &(0x7f00000003c0)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {0x1, 0xe}, [{0x2, 0x7, r3}, {0x2, 0x1}], {}, [{0x8, 0x4, r9}, {0x8, 0x0, 0xffffffffffffffff}], {0x10, 0x2}, {0x20, 0x2}}, 0x44, 0x2) r11 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/dlm-control\x00', 0x1a1200, 0x0) linkat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', r11, &(0x7f0000000080)='./file0\x00', 0x1000) unshare(0x40000000) r12 = open(&(0x7f00000000c0)='./file0\x00', 0x2000, 0x1c0) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x2400, 0x9) 14:23:39 executing program 3 (fault-call:7 fault-nth:42): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:39 executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000406a056a00400000000001090224000100000000090400000603010000092100000001220600090581030000000000ddbe8afb9245079cb97a9bcc83eebead67e11920eceb8fd6f019f66105eb0110c1a752a7e777b267c070aa2a03a370fa92d7ec339c37e826389b8d07c13c3e266e082dc9496ae067621b69b36f206ab126de4190f85476fb89b11a23afd93351bdcea95c333adc5d76fe5dab900d20ffd9e053590f3e8a58592b4cb1487e64ab3588664f57715b8e98d270594b18418a9f16efba4b2709f74e1e73b402ac5fc75ad931d1b4f9ca137578"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x6, {[@local=@item_4={0x3, 0x2, 0x0, "32b15adf"}, @global=@item_012={0x0, 0x1, 0x2}]}}, 0x0}, 0x0) 14:23:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x404e03, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x10, 0x4, 0x4, 0x231, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa, 0x300, 0x1800, 0x6000000], 0x0, r1}, 0x3c) 14:23:39 executing program 5: r0 = syz_usb_connect$hid(0x0, 0xb7, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100000000008, 0x1e5e, 0x313, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x22}}}}]}}]}}, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r2, 0x0, 0x211, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) sendto$inet(r2, &(0x7f00000012c0)="32268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, 0x0) ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, &(0x7f0000000100)={{0x2, 0x0, 0x30, 0x3, 0x80000001}, 0x3, 0xffffffff, 'id1\x00', 'timer0\x00', 0x0, 0x5, 0x8, 0x5, 0x2}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000440)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="00004500000055297e07806b2fef839c2670121f485dd7d1b330d5a36b83e9ad4ce9b9892dff05"], 0x0, 0x0, 0x0, 0x0}, 0x0) [ 464.942662][T11559] usb 6-1: Cannot read MAC address [ 464.948136][T11559] MOSCHIP usb-ethernet driver: probe of 6-1:0.29 failed with error -71 [ 465.045846][T13685] FAULT_INJECTION: forcing a failure. [ 465.045846][T13685] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 465.059499][T13685] CPU: 0 PID: 13685 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 465.067437][T13685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 465.077536][T13685] Call Trace: [ 465.079665][T13680] IPVS: ftp: loaded support on port[0] = 21 [ 465.080889][T13685] dump_stack+0x191/0x1f0 [ 465.080944][T13685] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 465.081010][T13685] should_fail+0xa3f/0xa50 [ 465.101616][T13685] should_fail_alloc_page+0x1fb/0x270 [ 465.107072][T13685] __alloc_pages_nodemask+0x3c1/0x60c0 [ 465.112621][T13685] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 465.118667][T13685] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 465.124801][T13685] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 465.130920][T13685] ? __list_add_valid+0xb8/0x430 [ 465.135933][T13685] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 465.137577][ T32] audit: type=1804 audit(1571495020.085:122): pid=13685 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/128/file0/bus" dev="ramfs" ino=39517 res=1 [ 465.142056][T13685] ? free_unref_page_commit+0x31c/0x730 [ 465.142116][T13685] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 465.142206][T13685] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 465.169351][T13685] alloc_pages_vma+0xc9d/0x18c0 [ 465.186026][T13685] handle_mm_fault+0x38f5/0x9f70 [ 465.191076][T13685] ? generic_file_read_iter+0x3e70/0x3e70 [ 465.193659][T11559] usb 6-1: USB disconnect, device number 9 [ 465.196882][T13685] do_user_addr_fault+0x905/0x1510 [ 465.196955][T13685] __do_page_fault+0x1a2/0x410 [ 465.212674][T13685] do_page_fault+0xbb/0x500 [ 465.217253][T13685] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 465.222689][T13685] page_fault+0x4e/0x60 [ 465.226900][T13685] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 465.233540][T13685] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 465.253804][T13685] RSP: 0018:ffff88817973f778 EFLAGS: 00010206 [ 465.260534][T13685] RAX: ffffffff8496408c RBX: ffff8881a96ea7e8 RCX: 0000000000000300 [ 465.268539][T13685] RDX: 0000000000001000 RSI: ffff88817e390d00 RDI: 0000000020006000 [ 465.276813][T13685] RBP: ffff88817973f7e8 R08: 0000000000000000 R09: 0000000000000003 [ 465.284908][T13685] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 465.292921][T13685] R13: ffff88817e390000 R14: ffff88817973f780 R15: 0000000020005300 [ 465.301242][T13685] ? copyout+0xcc/0x1f0 [ 465.305538][T13685] ? copyout+0x113/0x1f0 [ 465.309837][T13685] copy_page_to_iter+0x6dc/0x1910 [ 465.315064][T13685] generic_file_read_iter+0x2979/0x3e70 [ 465.320738][T13685] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 465.326676][T13685] ? find_get_pages_range_tag+0xe60/0xe60 [ 465.332447][T13685] do_iter_readv_writev+0xa16/0xc30 [ 465.337716][T13685] ? find_get_pages_range_tag+0xe60/0xe60 [ 465.343478][T13685] do_iter_read+0x30b/0xe10 [ 465.348066][T13685] ? import_iovec+0x4ad/0x660 [ 465.352815][T13685] do_readv+0x37f/0x710 [ 465.357049][T13685] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 465.363001][T13685] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 465.369118][T13685] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 465.375413][T13685] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 465.381366][T13685] __se_sys_readv+0x9b/0xb0 [ 465.386730][T13685] __x64_sys_readv+0x4a/0x70 [ 465.394349][T13685] do_syscall_64+0xb6/0x160 [ 465.398920][T13685] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 465.404853][T13685] RIP: 0033:0x459a59 [ 465.408803][T13685] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 465.428585][T13685] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 465.437170][T13685] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 14:23:40 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, 0x0) [ 465.445207][T13685] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 465.453226][T13685] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 465.461256][T13685] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 465.469967][T13685] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 465.526884][T13686] IPVS: ftp: loaded support on port[0] = 21 [ 465.572178][T11493] usb 2-1: new high-speed USB device number 31 using dummy_hcd 14:23:40 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$caif_stream(0x25, 0x1, 0x0) recvfrom(r3, 0x0, 0x0, 0x0, 0x0, 0x0) 14:23:40 executing program 3 (fault-call:7 fault-nth:43): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 465.792179][T13691] IPVS: ftp: loaded support on port[0] = 21 14:23:40 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x28001, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$int_in(r0, 0x800000c0045002, &(0x7f0000000100)) ioctl$int_in(r0, 0x800060c0045002, &(0x7f0000000140)=0x3fffd) [ 465.870619][T11559] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 465.886348][ T32] audit: type=1804 audit(1571495020.935:123): pid=13702 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/129/file0/bus" dev="ramfs" ino=38858 res=1 [ 465.925403][T13698] IPVS: ftp: loaded support on port[0] = 21 [ 465.941672][T13702] FAULT_INJECTION: forcing a failure. [ 465.941672][T13702] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 465.954916][T13702] CPU: 1 PID: 13702 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 465.962799][T13702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 465.973106][T13702] Call Trace: [ 465.976409][T13702] dump_stack+0x191/0x1f0 [ 465.981271][T13702] should_fail+0xa3f/0xa50 [ 465.985694][T13702] should_fail_alloc_page+0x1fb/0x270 [ 465.991074][T13702] __alloc_pages_nodemask+0x3c1/0x60c0 [ 465.996550][T13702] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 466.002442][T13702] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 466.008419][T13702] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 466.014578][T13702] ? prep_new_page+0x792/0x9b0 [ 466.019444][T13702] ? get_page_from_freelist+0x11d3/0x19f0 [ 466.025189][T13702] kmsan_alloc_page+0xc3/0x370 [ 466.029949][T13702] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 466.035841][T13702] __alloc_pages_nodemask+0x149d/0x60c0 [ 466.041394][T13702] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 466.047368][T13702] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 466.053434][T13702] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 466.059507][T13702] ? __list_add_valid+0xb8/0x430 [ 466.064638][T13702] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 466.070695][T13702] ? free_unref_page_commit+0x31c/0x730 [ 466.076257][T13702] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 466.082147][T13702] alloc_pages_vma+0xc9d/0x18c0 [ 466.087003][T13702] handle_mm_fault+0x38f5/0x9f70 [ 466.091944][T13702] ? generic_file_read_iter+0x3e70/0x3e70 [ 466.097669][T13702] do_user_addr_fault+0x905/0x1510 [ 466.102794][T13702] __do_page_fault+0x1a2/0x410 [ 466.107571][T13702] do_page_fault+0xbb/0x500 [ 466.112069][T13702] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 466.117438][T13702] page_fault+0x4e/0x60 [ 466.121588][T13702] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 466.128166][T13702] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 466.147784][T13702] RSP: 0018:ffff88817cf9f778 EFLAGS: 00010206 [ 466.153843][T13702] RAX: ffffffff8496408c RBX: ffff8881b58f27e8 RCX: 0000000000000300 [ 466.161809][T13702] RDX: 0000000000001000 RSI: ffff888178438d00 RDI: 0000000020006000 [ 466.169774][T13702] RBP: ffff88817cf9f7e8 R08: 0000000000000000 R09: 0000000000000003 [ 466.177737][T13702] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 466.185703][T13702] R13: ffff888178438000 R14: ffff88817cf9f780 R15: 0000000020005300 [ 466.193682][T13702] ? copyout+0xcc/0x1f0 [ 466.197834][T13702] ? copyout+0x113/0x1f0 [ 466.202087][T13702] copy_page_to_iter+0x6dc/0x1910 [ 466.207119][T13702] generic_file_read_iter+0x2979/0x3e70 [ 466.212691][T13702] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 466.218574][T13702] ? find_get_pages_range_tag+0xe60/0xe60 [ 466.224480][T13702] do_iter_readv_writev+0xa16/0xc30 [ 466.229696][T13702] ? find_get_pages_range_tag+0xe60/0xe60 [ 466.235405][T13702] do_iter_read+0x30b/0xe10 [ 466.242952][T13702] ? import_iovec+0x4ad/0x660 [ 466.248933][T13702] do_readv+0x37f/0x710 [ 466.253095][T13702] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 466.259072][T13702] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 466.265130][T13702] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 466.270853][T13702] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 466.276742][T13702] __se_sys_readv+0x9b/0xb0 [ 466.281419][T13702] __x64_sys_readv+0x4a/0x70 [ 466.286002][T13702] do_syscall_64+0xb6/0x160 [ 466.290508][T13702] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 466.296489][T13702] RIP: 0033:0x459a59 [ 466.300555][T13702] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 466.320149][T13702] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 466.328551][T13702] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 466.336512][T13702] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 466.344475][T13702] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 466.352444][T13702] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 466.360402][T13702] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 466.382755][T11493] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 466.393851][T11493] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 466.406892][T11493] usb 2-1: New USB device found, idVendor=056a, idProduct=006a, bcdDevice= 0.40 [ 466.416108][T11493] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 14:23:41 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in6={0xa, 0x4e22, 0x0, @ipv4={[0x0, 0x0, 0x0, 0xfec0000000000000], [], @dev={0xac, 0x14, 0x14, 0x19}}}, @in={0x2, 0x0, @remote}], 0x2c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000040)=[@in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e22, 0x0, @loopback}], 0x2c) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c) recvmmsg(r0, &(0x7f00000004c0), 0x400000000000251, 0x0, 0x0) r2 = syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x2, 0x2) ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r2, 0xc0385720, &(0x7f0000000100)={0x0, {0x77359400}, 0x9, 0xb7b}) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x1000000000004e24, 0x0, @ipv4={[], [], @loopback}}, 0x1c) setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000040)=0x4, 0x4) sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0) [ 466.447256][T11493] usb 2-1: config 0 descriptor?? [ 466.482940][T11559] usb 6-1: Using ep0 maxpacket: 8 14:23:41 executing program 3 (fault-call:7 fault-nth:44): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:41 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key(&(0x7f0000000940)='big_key\x00', 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb3, &(0x7f0000000200)) [ 466.652901][T11559] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 466.664661][T11559] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 466.677888][T11559] usb 6-1: New USB device found, idVendor=1e5e, idProduct=0313, bcdDevice= 0.00 [ 466.687167][T11559] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 466.769685][T11559] usb 6-1: config 0 descriptor?? 14:23:41 executing program 2: gettid() r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0xf0, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x401c5820, &(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0xf0, 0x0) [ 466.827394][ T32] audit: type=1804 audit(1571495021.875:124): pid=13718 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/130/file0/bus" dev="ramfs" ino=39633 res=1 [ 466.860764][T13718] FAULT_INJECTION: forcing a failure. [ 466.860764][T13718] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 466.874048][T13718] CPU: 0 PID: 13718 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 466.881964][T13718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 466.892118][T13718] Call Trace: [ 466.895429][T13718] dump_stack+0x191/0x1f0 [ 466.899787][T13718] should_fail+0xa3f/0xa50 [ 466.904243][T13718] should_fail_alloc_page+0x1fb/0x270 [ 466.909643][T13718] __alloc_pages_nodemask+0x3c1/0x60c0 [ 466.915130][T13718] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 466.921139][T13718] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 466.927155][T13718] ? prep_new_page+0x792/0x9b0 [ 466.931963][T13718] ? get_page_from_freelist+0x11d3/0x19f0 [ 466.937726][T13718] kmsan_alloc_page+0x131/0x370 [ 466.942607][T13718] __alloc_pages_nodemask+0x149d/0x60c0 [ 466.948276][T13718] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 466.954265][T13718] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 466.960339][T13718] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 466.966406][T13718] ? __list_add_valid+0xb8/0x430 [ 466.971343][T13718] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 466.977400][T13718] ? free_unref_page_commit+0x31c/0x730 [ 466.982962][T13718] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 466.988851][T13718] alloc_pages_vma+0xc9d/0x18c0 [ 466.993714][T13718] handle_mm_fault+0x38f5/0x9f70 [ 466.998745][T13718] ? generic_file_read_iter+0x3e70/0x3e70 [ 467.004469][T13718] do_user_addr_fault+0x905/0x1510 [ 467.009595][T13718] __do_page_fault+0x1a2/0x410 [ 467.014356][T13718] do_page_fault+0xbb/0x500 [ 467.018853][T13718] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 467.024230][T13718] page_fault+0x4e/0x60 [ 467.028381][T13718] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 467.034962][T13718] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 467.054641][T13718] RSP: 0018:ffff88817cc0f778 EFLAGS: 00010206 [ 467.060961][T13718] RAX: ffffffff8496408c RBX: ffff8881a96ec628 RCX: 0000000000000300 [ 467.069010][T13718] RDX: 0000000000001000 RSI: ffff88817bf7fd00 RDI: 0000000020006000 [ 467.076970][T13718] RBP: ffff88817cc0f7e8 R08: 0000000000000000 R09: 0000000000000003 [ 467.084932][T13718] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 467.092910][T13718] R13: ffff88817bf7f000 R14: ffff88817cc0f780 R15: 0000000020005300 [ 467.100888][T13718] ? copyout+0xcc/0x1f0 [ 467.105043][T13718] ? copyout+0x113/0x1f0 [ 467.109283][T13718] copy_page_to_iter+0x6dc/0x1910 [ 467.114319][T13718] generic_file_read_iter+0x2979/0x3e70 [ 467.119887][T13718] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 467.125772][T13718] ? find_get_pages_range_tag+0xe60/0xe60 [ 467.131480][T13718] do_iter_readv_writev+0xa16/0xc30 [ 467.136858][T13718] ? find_get_pages_range_tag+0xe60/0xe60 [ 467.142576][T13718] do_iter_read+0x30b/0xe10 [ 467.147161][T13718] ? import_iovec+0x4ad/0x660 [ 467.151847][T13718] do_readv+0x37f/0x710 [ 467.156020][T13718] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 467.161909][T13718] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 467.167964][T13718] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 467.173675][T13718] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 467.179565][T13718] __se_sys_readv+0x9b/0xb0 [ 467.184067][T13718] __x64_sys_readv+0x4a/0x70 [ 467.188649][T13718] do_syscall_64+0xb6/0x160 [ 467.193163][T13718] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 467.199053][T13718] RIP: 0033:0x459a59 [ 467.202938][T13718] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 14:23:42 executing program 0: perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) add_key(&(0x7f0000000940)='big_key\x00', 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb3, &(0x7f0000000200)) [ 467.222553][T13718] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 467.230958][T13718] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 467.238921][T13718] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 467.246882][T13718] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 467.254859][T13718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 467.262835][T13718] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 467.670357][T11493] wacom 0003:056A:006A.0008: Unknown device_type for 'HID 056a:006a'. Assuming pen. [ 467.681672][T11493] input: Wacom Bamboo1 4x6 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:006A.0008/input/input13 [ 467.712638][T11493] wacom 0003:056A:006A.0008: hidraw0: USB HID v0.00 Device [HID 056a:006a] on usb-dummy_hcd.1-1/input0 [ 467.731781][T11493] usb 2-1: USB disconnect, device number 31 [ 467.879020][T11559] hid-generic 0003:1E5E:0313.0009: hidraw0: USB HID v0.00 Device [HID 1e5e:0313] on usb-dummy_hcd.5-1/input0 [ 468.076931][T11559] usb 6-1: USB disconnect, device number 10 [ 468.202217][T11493] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 468.612297][T11493] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 468.623696][T11493] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 468.637255][T11493] usb 2-1: New USB device found, idVendor=056a, idProduct=006a, bcdDevice= 0.40 [ 468.646530][T11493] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.653876][T11493] usb 2-1: config 0 descriptor?? 14:23:43 executing program 1: r0 = open(&(0x7f0000000140)='./file0\x00', 0xfc, 0x0) fcntl$setlease(r0, 0x400, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) open(&(0x7f0000000280)='./file1\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x2) link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file1\x00') 14:23:43 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc2c45512, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0}) [ 468.898340][T11493] usbhid 2-1:0.0: can't add hid device: -71 [ 468.904786][T11493] usbhid: probe of 2-1:0.0 failed with error -71 [ 468.934356][T11493] usb 2-1: USB disconnect, device number 32 [ 468.942714][T11526] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 469.181932][T11526] usb 6-1: Using ep0 maxpacket: 8 [ 469.302192][T11526] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 469.313390][T11526] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 469.326520][T11526] usb 6-1: New USB device found, idVendor=1e5e, idProduct=0313, bcdDevice= 0.00 [ 469.335879][T11526] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.345545][T11526] usb 6-1: config 0 descriptor?? 14:23:44 executing program 4: syz_open_dev$sndseq(&(0x7f00000001c0)='/dev/snd/seq\x00', 0x0, 0x0) syz_open_dev$sndseq(0x0, 0x0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = timerfd_create(0x0, 0x0) timerfd_settime(r2, 0x3, 0x0, 0x0) write(r1, &(0x7f00000001c0), 0xfffffef3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000180)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 14:23:44 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$loop(0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0xff}, 0x20) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000000c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0), 0x4) r1 = socket$inet6(0xa, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0), 0x4) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, 0x0, 0x0) sendmmsg(r0, &(0x7f0000007300)=[{{&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x3, 0x1, 0x1}}, 0x80, &(0x7f0000000540)=[{0x0}, {0x0}, {&(0x7f0000000140)}, {&(0x7f0000000240)="b66b9c3a057067a212", 0x9}, {&(0x7f0000000280)="dd03987386aad03e7d803fd11a49a749a86a6f5ad66a", 0x16}, {&(0x7f00000002c0)="cb", 0x1}, {&(0x7f0000000380)="5df3f617792cd8eb618fe7fc9edf079bf592f9988bc037d8ed7c63bc49335ddc66501c1231ce986bd0b583a89e0574c4ac2e5ee78f2adbf59e542eed9f4d25daa4b4ac2e65c3a830c28fc0a3a733bf3b886641cdb71fafc45f169ad467f3d4daebc77f394d9902c835a0583957d67ade7ac123a246354391b97f1a2854c2d9771b635d38608309ecb1a8066518ce7c4fc02574cb12a91e416f", 0x99}, {&(0x7f0000000440)="0fe1017774d23999aecb6b9605a976694c2dfdc128640da232658e64e0d06f73a32e7c65c8a0500c3f5f0d4d20108d6424878303fcea93ccfdb569ac4004015d977604b6afeba4c30bd6f63c6847f947ed1ec8c14bc2ba94bd02fa669681ae0621f41b07c9e406f0f9041d28a48ef08e7299757ba3e821e58be3ba825720a7c2e2979fafa8bcedfed134eadad3618a47", 0x90}], 0x8, &(0x7f0000000600)=[{0x10, 0x0, 0x80000001}, {0x10, 0x110, 0xfffffe5b}], 0x20}}, {{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f0000000900)}, {0x0}, {&(0x7f0000001980)}, {&(0x7f00000019c0)="86c33eb1e0a63cec207172bf4312250fb8e09a8cc697320419529b07ca0cb678b78e6d3abb98a8505108656245093413d858a34d388a2112a4d9e9bb5ffcfbcf7dfdddaf9ef4dd7fd5e8f1d6913317d67e7abcb53d03976477a98654663e52c37dd8fa5e9bfc2a0515d8c7c44cdef5021ac5b301496358e82790a41db7422235a8377100d777b1f819ce1236d4c52a972d0a1c375f600e5339a2", 0x9a}, {&(0x7f0000001a80)="e78ae2b2847bde526af9bd37e3c2e883c115367a7eab939767f2da1c1fa33bd28edcad42c7848d5c18b2b33fb27bf187810d0f3a5051a1baa21a9fe75742acbc89e60d92deb2d4be5637760ac4cb8896fa95d077220a72e38feb73b69302dae9a3860ac5bb822a28d32e9a137d10d2b815ba1bd9d31ca0fd81f9f70d7867df18fa9cd76b5987f2023dde2afc26468697529ca10e5fde4476de42110f3f06acce1f74c83bcecb53d110f037bb51dd6e486c17dda79109d019b9fbd44995f6dad0", 0xc0}, {&(0x7f0000001b80)}], 0x6}}, {{0x0, 0x0, 0x0}}, {{&(0x7f00000058c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @multicast1}, 0x0, 0x3, 0x3}}, 0x80, 0x0, 0x0, &(0x7f0000005b80)=[{0x50, 0x19, 0x0, "eaf13312dc7761cef019b19118ea3ab72372554c54f86ce87ceafa86037be49c7088eed2a6253b79a64dc7e559dd1f465b3038648d1cbd46774d"}], 0x50}}, {{0x0, 0x0, 0x0}}], 0x5, 0x400c880) 14:23:44 executing program 3 (fault-call:7 fault-nth:45): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:44 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc2c45512, &(0x7f00000001c0)={0x7, 0x0, 0x0, 0x0, 0x0}) 14:23:44 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil) 14:23:44 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x20, 0x1d, 0x829, 0x0, 0x0, {0x2, 0x1000000, 0x1000000}, [@nested={0xc, 0x1, [@typed={0x8, 0x0, @uid}]}]}, 0x20}, 0x1, 0xffffff7f0e000000}, 0x0) [ 469.636411][ T32] audit: type=1804 audit(1571495024.675:125): pid=13753 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/131/file0/bus" dev="ramfs" ino=40034 res=1 [ 469.687787][T13753] FAULT_INJECTION: forcing a failure. [ 469.687787][T13753] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 469.702144][T11526] usbhid 6-1:0.0: can't add hid device: -71 [ 469.702173][T13753] CPU: 1 PID: 13753 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 469.702214][T13753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 469.708451][T11526] usbhid: probe of 6-1:0.0 failed with error -71 [ 469.716126][T13753] Call Trace: [ 469.716180][T13753] dump_stack+0x191/0x1f0 [ 469.716229][T13753] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 469.716299][T13753] should_fail+0xa3f/0xa50 [ 469.746295][T13753] should_fail_alloc_page+0x1fb/0x270 [ 469.756091][T13753] __alloc_pages_nodemask+0x3c1/0x60c0 [ 469.761293][T11526] usb 6-1: USB disconnect, device number 11 [ 469.761647][T13753] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 469.773547][T13753] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 469.779530][T13753] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 469.785674][T13753] ? memcg_check_events+0x74/0xf20 [ 469.790866][T13753] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 469.796897][T13753] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 469.802882][T13753] alloc_pages_vma+0xc9d/0x18c0 [ 469.807828][T13753] handle_mm_fault+0x38f5/0x9f70 [ 469.812865][T13753] ? generic_file_read_iter+0x3e70/0x3e70 [ 469.818684][T13753] do_user_addr_fault+0x905/0x1510 [ 469.823909][T13753] __do_page_fault+0x1a2/0x410 [ 469.828759][T13753] do_page_fault+0xbb/0x500 [ 469.833381][T13753] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 469.838914][T13753] page_fault+0x4e/0x60 [ 469.843138][T13753] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 469.849792][T13753] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 469.869463][T13753] RSP: 0018:ffff888180aef778 EFLAGS: 00010206 [ 469.875599][T13753] RAX: ffffffff8496408c RBX: ffff8881b58f6468 RCX: 0000000000000300 14:23:44 executing program 5: [ 469.883633][T13753] RDX: 0000000000001000 RSI: ffff8881837e9d00 RDI: 0000000020007000 [ 469.891665][T13753] RBP: ffff888180aef7e8 R08: 0000000000000000 R09: 0000000000000004 [ 469.899693][T13753] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 469.907727][T13753] R13: ffff8881837e9000 R14: ffff888180aef780 R15: 0000000020006300 [ 469.915769][T13753] ? copyout+0xcc/0x1f0 [ 469.919958][T13753] ? copyout+0x113/0x1f0 [ 469.924276][T13753] copy_page_to_iter+0x6dc/0x1910 [ 469.929357][T13753] generic_file_read_iter+0x2979/0x3e70 [ 469.934982][T13753] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 469.940930][T13753] ? find_get_pages_range_tag+0xe60/0xe60 [ 469.946679][T13753] do_iter_readv_writev+0xa16/0xc30 [ 469.951924][T13753] ? find_get_pages_range_tag+0xe60/0xe60 [ 469.957666][T13753] do_iter_read+0x30b/0xe10 [ 469.962203][T13753] ? import_iovec+0x4ad/0x660 [ 469.966926][T13753] do_readv+0x37f/0x710 [ 469.971216][T13753] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 469.977149][T13753] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 469.984140][T13753] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 469.989890][T13753] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 469.995832][T13753] __se_sys_readv+0x9b/0xb0 [ 470.000381][T13753] __x64_sys_readv+0x4a/0x70 [ 470.004999][T13753] do_syscall_64+0xb6/0x160 [ 470.009533][T13753] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 470.015483][T13753] RIP: 0033:0x459a59 [ 470.019518][T13753] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 470.039233][T13753] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 470.047701][T13753] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 470.055779][T13753] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 470.063780][T13753] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 470.071776][T13753] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 470.079781][T13753] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:45 executing program 1: 14:23:45 executing program 2: 14:23:45 executing program 2: 14:23:45 executing program 5: 14:23:45 executing program 1: 14:23:45 executing program 4: 14:23:45 executing program 0: 14:23:45 executing program 2: 14:23:45 executing program 1: 14:23:45 executing program 3 (fault-call:7 fault-nth:46): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:45 executing program 5: [ 470.723733][ T32] audit: type=1804 audit(1571495025.775:126): pid=13793 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/132/file0/bus" dev="ramfs" ino=39829 res=1 [ 470.737016][T13793] FAULT_INJECTION: forcing a failure. [ 470.737016][T13793] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 470.758634][T13793] CPU: 0 PID: 13793 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 470.766571][T13793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 470.776646][T13793] Call Trace: [ 470.779973][T13793] dump_stack+0x191/0x1f0 [ 470.784341][T13793] should_fail+0xa3f/0xa50 [ 470.789587][T13793] should_fail_alloc_page+0x1fb/0x270 [ 470.794984][T13793] __alloc_pages_nodemask+0x3c1/0x60c0 [ 470.800473][T13793] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 470.806399][T13793] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 470.812398][T13793] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 470.818571][T13793] ? prep_new_page+0x792/0x9b0 [ 470.823377][T13793] ? get_page_from_freelist+0x11d3/0x19f0 [ 470.829129][T13793] kmsan_alloc_page+0xc3/0x370 [ 470.833983][T13793] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 470.839884][T13793] __alloc_pages_nodemask+0x149d/0x60c0 [ 470.845431][T13793] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 470.852109][T13793] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 470.858020][T13793] ? memcg_check_events+0x74/0xf20 [ 470.863123][T13793] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 470.869033][T13793] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 470.874959][T13793] alloc_pages_vma+0xc9d/0x18c0 [ 470.879819][T13793] handle_mm_fault+0x38f5/0x9f70 [ 470.884767][T13793] ? generic_file_read_iter+0x3e70/0x3e70 [ 470.890492][T13793] do_user_addr_fault+0x905/0x1510 [ 470.895714][T13793] __do_page_fault+0x1a2/0x410 [ 470.900475][T13793] do_page_fault+0xbb/0x500 [ 470.904975][T13793] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 470.910341][T13793] page_fault+0x4e/0x60 [ 470.914494][T13793] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 470.921094][T13793] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 470.940864][T13793] RSP: 0018:ffff88817864f778 EFLAGS: 00010206 [ 470.946921][T13793] RAX: ffffffff8496408c RBX: ffff8881a96ee468 RCX: 0000000000000300 [ 470.955405][T13793] RDX: 0000000000001000 RSI: ffff88817993fd00 RDI: 0000000020007000 [ 470.963368][T13793] RBP: ffff88817864f7e8 R08: 0000000000000000 R09: 0000000000000004 [ 470.971331][T13793] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 470.979381][T13793] R13: ffff88817993f000 R14: ffff88817864f780 R15: 0000000020006300 [ 470.987374][T13793] ? copyout+0xcc/0x1f0 [ 470.991526][T13793] ? copyout+0x113/0x1f0 [ 470.995774][T13793] copy_page_to_iter+0x6dc/0x1910 [ 471.000812][T13793] generic_file_read_iter+0x2979/0x3e70 [ 471.006386][T13793] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 471.012273][T13793] ? find_get_pages_range_tag+0xe60/0xe60 [ 471.018014][T13793] do_iter_readv_writev+0xa16/0xc30 [ 471.023218][T13793] ? find_get_pages_range_tag+0xe60/0xe60 [ 471.028928][T13793] do_iter_read+0x30b/0xe10 [ 471.033423][T13793] ? import_iovec+0x4ad/0x660 [ 471.038103][T13793] do_readv+0x37f/0x710 [ 471.042265][T13793] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 471.048154][T13793] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 471.054213][T13793] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 471.059953][T13793] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 471.065841][T13793] __se_sys_readv+0x9b/0xb0 [ 471.070870][T13793] __x64_sys_readv+0x4a/0x70 [ 471.075578][T13793] do_syscall_64+0xb6/0x160 [ 471.080074][T13793] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 471.085962][T13793] RIP: 0033:0x459a59 [ 471.089852][T13793] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 471.109466][T13793] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 14:23:45 executing program 2: [ 471.117878][T13793] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 471.126025][T13793] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 471.134003][T13793] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 471.142093][T13793] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 471.150164][T13793] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:46 executing program 0: 14:23:46 executing program 1: 14:23:46 executing program 5: 14:23:46 executing program 4: 14:23:46 executing program 2: 14:23:46 executing program 1: 14:23:46 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000480)='./cgroup.cpu\x00', 0x200002, 0x0) fchdir(r0) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) truncate(&(0x7f0000000140)='./bus\x00', 0x10000) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) lseek(r1, 0x0, 0x2) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) lsetxattr(&(0x7f0000000040)='./bus\x00', &(0x7f0000000080)=@random={'user.', './cgroup.cpu\x00'}, &(0x7f0000000100)='nodev^@\x00', 0x8, 0x2) sendfile(r1, r2, 0x0, 0x8000fffffffe) ioctl$int_out(r2, 0x5460, &(0x7f00000000c0)) 14:23:46 executing program 0: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000), 0x2c) r0 = socket$kcm(0xa, 0x2, 0x73) sendmsg$kcm(r0, &(0x7f00000003c0)={&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0}, 0x0) 14:23:46 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') fchdir(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) quotactl(0x2080000202, &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000040)='-') 14:23:46 executing program 3 (fault-call:7 fault-nth:47): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:46 executing program 1: r0 = socket$inet6(0xa, 0x40000080806, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040), 0x4) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x404e20}, 0x1c) listen(r0, 0x400000001ffffffd) r1 = socket$inet6(0xa, 0x6, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r3, &(0x7f0000000500)={0x0, 0x9000000, &(0x7f00000004c0)={&(0x7f0000000480)={0x30, 0x0, 0x805, 0x0, 0x0, {{}, 0x0, 0x5, 0x0, {0x14}}}, 0x30}}, 0x0) sendmsg$TIPC_CMD_GET_LINKS(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, 0x0, 0x2, 0x70bd27, 0x25dfdbfe, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x8}}, [""]}, 0x24}}, 0x772f7411d24aeaea) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) keyctl$clear(0x7, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r4 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r4, &(0x7f0000003d40)=[{{0x0, 0xffffffbf, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}}], 0x4000000000000d0, 0x0) 14:23:46 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/protocols\x00') r1 = open(&(0x7f0000000140)='./file0\x00', 0x129041, 0x0) perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r1, r0, 0x0, 0x4000000000db) 14:23:46 executing program 4: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = socket$inet6(0x10, 0x3, 0x0) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) write$P9_RREAD(r4, &(0x7f0000000000)={0x39, 0x75, 0x1, {0x2e, "8ba7c5c4de401e6ae85b0b5ac38986ecfca667580f397d9543e93df0aa137f1ab8fb939aeb898e09f8b3e3b9d8ab"}}, 0x39) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) syz_usb_connect(0x2, 0x2, &(0x7f0000000280)=ANY=[@ANYRES16, @ANYRES32=r3], 0x0) 14:23:46 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.usage_sys\x00\xc7\xec\xac\xd9&{\x0f\x96\xad\xd1\x8fl![\x8f\xb9\f\xca\x1d\xc2{\xee\xb7\x03K\x0f\xa6\xaa;\xf6\x89\xf7b^\xa5\xafI\r\xc4\x9f\v\xf2\x1c\xdc\xddp2\xb7\xbb\x1b\xfev\xea\xed\xe0\xaa\xe8\xceR`\xbb\xf2\xed;pC\x19\xbfn\x16\xaa\x199\xfe.Q\xebvB\xd2\x19&l?\x87\x17H\x1f.\xdbA\x1b\xafz\xe3\xdc};*\xec\xfe\xfa\xfb/\x18g\x80y\xfe\x89', 0x26e1, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) close(r0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000480)={'nr0\x01\x00', 0x4005}) write$cgroup_pid(r0, 0x0, 0x0) [ 471.968439][ T32] audit: type=1804 audit(1571495027.015:127): pid=13839 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/133/file0/bus" dev="ramfs" ino=40219 res=1 [ 472.012224][T13839] FAULT_INJECTION: forcing a failure. [ 472.012224][T13839] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 472.025476][T13839] CPU: 1 PID: 13839 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 472.034070][T13839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 472.044224][T13839] Call Trace: [ 472.047886][T13839] dump_stack+0x191/0x1f0 [ 472.052253][T13839] should_fail+0xa3f/0xa50 [ 472.056705][T13839] should_fail_alloc_page+0x1fb/0x270 [ 472.062113][T13839] __alloc_pages_nodemask+0x3c1/0x60c0 [ 472.067914][T13839] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 472.073836][T13839] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 472.079854][T13839] ? prep_new_page+0x792/0x9b0 [ 472.084745][T13839] ? get_page_from_freelist+0x11d3/0x19f0 [ 472.090505][T13839] kmsan_alloc_page+0x131/0x370 [ 472.095411][T13839] __alloc_pages_nodemask+0x149d/0x60c0 [ 472.100988][T13839] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 472.107001][T13839] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 472.112923][T13839] ? memcg_check_events+0x74/0xf20 [ 472.118054][T13839] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 472.124029][T13839] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 472.131866][T13839] alloc_pages_vma+0xc9d/0x18c0 [ 472.136764][T13839] handle_mm_fault+0x38f5/0x9f70 [ 472.141749][T13839] ? generic_file_read_iter+0x3e70/0x3e70 [ 472.147635][T13839] do_user_addr_fault+0x905/0x1510 [ 472.152792][T13839] __do_page_fault+0x1a2/0x410 [ 472.157582][T13839] do_page_fault+0xbb/0x500 [ 472.162804][T13839] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 472.168199][T13839] page_fault+0x4e/0x60 [ 472.172374][T13839] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 472.178973][T13839] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 472.198764][T13839] RSP: 0018:ffff8881842bf778 EFLAGS: 00010206 [ 472.204862][T13839] RAX: ffffffff8496408c RBX: ffff8881b58f09a8 RCX: 0000000000000300 [ 472.213028][T13839] RDX: 0000000000001000 RSI: ffff88817cd8dd00 RDI: 0000000020007000 [ 472.221016][T13839] RBP: ffff8881842bf7e8 R08: 0000000000000000 R09: 0000000000000004 [ 472.228997][T13839] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 472.237160][T13839] R13: ffff88817cd8d000 R14: ffff8881842bf780 R15: 0000000020006300 [ 472.245432][T13839] ? copyout+0xcc/0x1f0 [ 472.250074][T13839] ? copyout+0x113/0x1f0 [ 472.254433][T13839] copy_page_to_iter+0x6dc/0x1910 [ 472.259497][T13839] generic_file_read_iter+0x2979/0x3e70 [ 472.265537][T13839] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 472.271445][T13839] ? find_get_pages_range_tag+0xe60/0xe60 [ 472.277181][T13839] do_iter_readv_writev+0xa16/0xc30 [ 472.282412][T13839] ? find_get_pages_range_tag+0xe60/0xe60 [ 472.288143][T13839] do_iter_read+0x30b/0xe10 [ 472.292677][T13839] ? import_iovec+0x4ad/0x660 [ 472.297390][T13839] do_readv+0x37f/0x710 [ 472.301600][T13839] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 472.307509][T13839] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 472.313611][T13839] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 472.319357][T13839] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 472.325272][T13839] __se_sys_readv+0x9b/0xb0 [ 472.329799][T13839] __x64_sys_readv+0x4a/0x70 [ 472.334404][T13839] do_syscall_64+0xb6/0x160 [ 472.338922][T13839] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 472.344822][T13839] RIP: 0033:0x459a59 [ 472.348739][T13839] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 472.368346][T13839] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 472.376762][T13839] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 472.384726][T13839] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 472.392689][T13839] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 472.400652][T13839] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 472.408615][T13839] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:48 executing program 3 (fault-call:7 fault-nth:48): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:48 executing program 2: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x80000, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r4 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r5 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r6 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r7 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) open_by_handle_at(r1, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYPTR], @ANYPTR64=&(0x7f0000000540)=ANY=[@ANYBLOB="9279114fb91f570108edc82a01a881f19176cc92de58566024cade59a813e82507e09a030e8e2d502de448b57aac689255a32d1e19f745baefdd2adf0c3e150375767d6ff3c2e2a0122edb5b119a3bc1a4ecbc18d482fa7443a37174ecfb236841ad1b5c2aca9525544f6ded1e0caced0ca594285a1d07fae80d3f529a669fe0e588c18f53f67ea64f1f2c13cdef874dfec82a357f21120d82", @ANYRESDEC=r7, @ANYPTR64=&(0x7f0000000280)=ANY=[@ANYRESOCT=r6], @ANYRES64], @ANYBLOB="a704a39585320ec15e100cd429cfd0f446c443a484008bbda2a08b813eba2f6912be6c482b793901ae250156f455ed5ad5530afc23071ea07a8fe371be6872088cafe187efcc1a00451b075cf637f9935ca4efe77d803d1917390f1ca010c7f03496eb209d6791ce2133f1e8724f8425970dfbbe642e7261a68e79ccd9946861d0e543c66818c70c4540bd07575df24bfd2198a000daa2ed95d9b8e69fb2f251792dce9e7fb0d1f5b83702db5654b4b5cf0919df09d343e4111978817255c2b09b268e110a070caa1b28baeb9770c6b14930784a8371b81d3d494979b47a914f45f93cbb2bd3ae0baa9ed2c147ad13c81c5cd0247e85b73a", @ANYRESOCT=0x0], 0x400) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'eql\x00\x00\x04\x00\x00\x00\x03\x00\x00\x00\xf2\a\x00', 0x10005812}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r9, 0x0, r9) unshare(0x40000000) [ 473.083088][T13859] IPVS: ftp: loaded support on port[0] = 21 14:23:48 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000280)={{{@in=@broadcast, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000080)=0xe8) fstat(r3, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x1000000000013) [ 473.263686][T13859] IPVS: ftp: loaded support on port[0] = 21 [ 473.265490][T13860] FAULT_INJECTION: forcing a failure. [ 473.265490][T13860] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 473.283173][T13860] CPU: 0 PID: 13860 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 473.291115][T13860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 473.301207][T13860] Call Trace: [ 473.304553][T13860] dump_stack+0x191/0x1f0 [ 473.308933][T13860] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 473.314871][T13860] should_fail+0xa3f/0xa50 [ 473.319352][T13860] should_fail_alloc_page+0x1fb/0x270 [ 473.324822][T13860] __alloc_pages_nodemask+0x3c1/0x60c0 [ 473.330352][T13860] ? __kernel_text_address+0x24f/0x350 [ 473.335864][T13860] ? unwind_get_return_address+0x8c/0x130 [ 473.342061][T13860] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 473.348165][T13860] ? arch_stack_walk+0x29a/0x3e0 [ 473.353150][T13860] ? stack_trace_save+0x1b0/0x1b0 [ 473.358223][T13860] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 473.364458][T13860] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 473.370414][T13860] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 473.376367][T13860] alloc_pages_vma+0xc9d/0x18c0 [ 473.381281][T13860] shmem_alloc_and_acct_page+0x771/0x1170 [ 473.387073][T13860] shmem_getpage_gfp+0x1ae2/0x3f80 [ 473.392269][T13860] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 473.398198][T13860] shmem_fault+0x537/0x9e0 [ 473.402663][T13860] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 473.408581][T13860] ? shmem_write_end+0x920/0x920 [ 473.413548][T13860] handle_mm_fault+0x8043/0x9f70 [ 473.418565][T13860] do_user_addr_fault+0x905/0x1510 [ 473.423728][T13860] __do_page_fault+0x1a2/0x410 [ 473.428525][T13860] do_page_fault+0xbb/0x500 [ 473.433076][T13860] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 473.438506][T13860] page_fault+0x4e/0x60 [ 473.442706][T13860] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 473.449335][T13860] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 473.469140][T13860] RSP: 0018:ffff8881842bf820 EFLAGS: 00010206 [ 473.475230][T13860] RAX: ffffffff8496408c RBX: ffff8881b58f09a8 RCX: 0000000000000300 [ 473.483304][T13860] RDX: 0000000000001000 RSI: ffff88817b127d00 RDI: 0000000020008000 [ 473.491293][T13860] RBP: ffff8881842bf890 R08: 0000000000000000 R09: 0000000000000005 [ 473.499287][T13860] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 473.507278][T13860] R13: ffff88817b127000 R14: ffff8881842bf828 R15: 0000000020007300 [ 473.515293][T13860] ? copyout+0xcc/0x1f0 [ 473.519478][T13860] ? copyout+0x113/0x1f0 [ 473.524012][T13860] copy_page_to_iter+0x6dc/0x1910 [ 473.529099][T13860] shmem_file_read_iter+0xa10/0x1140 [ 473.535655][T13860] ? shmem_file_llseek+0xdc0/0xdc0 [ 473.540787][T13860] do_iter_readv_writev+0xa16/0xc30 [ 473.546030][T13860] ? shmem_file_llseek+0xdc0/0xdc0 [ 473.551166][T13860] do_iter_read+0x30b/0xe10 [ 473.555697][T13860] ? import_iovec+0x4ad/0x660 [ 473.560413][T13860] do_readv+0x37f/0x710 [ 473.564617][T13860] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 473.570539][T13860] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 473.576631][T13860] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 473.582379][T13860] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 473.588300][T13860] __se_sys_readv+0x9b/0xb0 [ 473.592856][T13860] __x64_sys_readv+0x4a/0x70 [ 473.597495][T13860] do_syscall_64+0xb6/0x160 [ 473.602045][T13860] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 473.607972][T13860] RIP: 0033:0x459a59 [ 473.611901][T13860] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 473.631529][T13860] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 473.639979][T13860] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 473.648151][T13860] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 473.656141][T13860] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 473.664217][T13860] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 473.672295][T13860] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:48 executing program 3 (fault-call:7 fault-nth:49): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:48 executing program 2: syz_usb_connect$cdc_ecm(0x0, 0x8b, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000020000402505a1a4400001020301090279000101002000090400000002060000052406000005240000000d240f010000000000000000001524120000a317a88b045e4f01a607c0ffcb7e392a0c241b0000000000000000000c24120000a317a88b045e4f01a607c0ffcb7e392a08241c000000000009058103d701032003090582020000000000090503020000000000dd17c2d323b59a1508d16f339856950adfbe8e79ba103e2c5e4eb570802d9c6c3ffaa69ebf4af88af09b0c76a64a824862374b2ed6e41c38d94eaf064ceef3a68e55fe902583ca4885f77b19ca610941a201839ff1fa884274a606597e6fd3ca2de232eac8a7da12b91526d006a9b00733379418e7c1351520d8d6eb7f26348a723ac88897df339523cb3b356fa7ba76425a876cd27f45b346ed9fc606cdd5ba4f608b09f2bee9c0b2971e703a70707d0c8eecc1d06532f589ffded7fa71d529cb97aa8af3c7bc0ac2875a4fd6989558f34acc3e28f8ac08cf9c14a960b894364c048bd5734b155a12ecae4c5915febac16431c70e92b2a14d9655941a29faa366606d395a53117f8be27144e97fa21cfd100425b0"], &(0x7f0000000000)={0xa, &(0x7f00000000c0)={0xa}, 0xa6, &(0x7f0000000900)={0x5, 0xf, 0xa6, 0x4, [@ptm_cap={0x3}, @generic={0x59, 0x10, 0x0, "135bb8f1ab282196046fce86df921d524df18aaf4f5c259ee2445f06e1f97307a31ec079adaf5eb56382fc2c150e39f73c322a8830708f924842dbe3d7a1d270a5569558da39ec10061d4edd20d4080ce6c625026b6d"}, @wireless={0x2}, @generic={0x2e, 0x10, 0x0, "2e6e02b0c5966bd4ffd27349a5bc5c2465a2566fa7711c5f5df2864a378e8f05e2b463cc4a812bea75c5e54eb56eb8ca28eda774ca00b3"}]}, 0x8, [{0x1d2, &(0x7f00000009c0)=@string={0xdc, 0x3, "48b30fa75a2eef9d56b6bc53aec224d51c94b97dea85875f65e4a57e3b84e6f313bc1ab1f88c6806a7b5f49ce253e61ef8f6e3f95ea3de0a9a8f01cc149c5a14d5b206da9b579a747877ecb07d97dcdbcf4cecee3f86c6ba1edca5fa915d96596e8b8509291a26cff9ee563e4871223750045a8425069a97089e44f962242a535cf8f0a50764e65e6ebf77da35e2bc573c71e757ed0d114d2348edaf3ccaf1453df4842359c92d2130b64eaaae7dbed3127746e6d3b62e6508c2f7b68c213ada75fac345fab7ff77730e0e3c9dca021ac125d1f5d88596df5397"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4}}, {0x4, &(0x7f0000000b80)=@string={0x0, 0x3, "fa7c9433e5f63831138fe7eda646c46d1e7d529ec8cfa239cf5b4a44596196f1624e623517cb915e94434761feb2d3578d300893a9a110fa18037debd42dd747d83d700178a340881178e19cfdf1d159ea567eaf5711c1bc37c8e7ec608f859b6b7ebb5bbad0265e10c27e4b2dd0c4bfc57f39e4fdbad04818f85079e188fa9d9e3c9385365cadb78233bc01eeae"}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4}}, {0x4, &(0x7f0000000500)=@lang_id={0x4}}, {0x4, &(0x7f0000000540)=@lang_id={0x4}}, {0x7, &(0x7f0000000580)=@string={0x7, 0x3, "4cbc2a3510"}}, {0x34a, &(0x7f00000005c0)=@lang_id={0x4}}]}) [ 473.905442][ T32] audit: type=1804 audit(1571495028.955:128): pid=13869 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/135/file0/bus" dev="ramfs" ino=40344 res=1 [ 473.943990][T13869] FAULT_INJECTION: forcing a failure. [ 473.943990][T13869] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 473.957243][T13869] CPU: 1 PID: 13869 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 473.965130][T13869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 473.975171][T13869] Call Trace: [ 473.978456][T13869] dump_stack+0x191/0x1f0 [ 473.982783][T13869] should_fail+0xa3f/0xa50 [ 473.987202][T13869] should_fail_alloc_page+0x1fb/0x270 [ 473.992568][T13869] __alloc_pages_nodemask+0x3c1/0x60c0 [ 473.998024][T13869] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.003919][T13869] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 474.009891][T13869] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 474.016042][T13869] ? prep_new_page+0x792/0x9b0 [ 474.020813][T13869] ? get_page_from_freelist+0x11d3/0x19f0 [ 474.026541][T13869] kmsan_alloc_page+0xc3/0x370 [ 474.031295][T13869] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.037179][T13869] __alloc_pages_nodemask+0x149d/0x60c0 [ 474.042737][T13869] ? do_syscall_64+0xb6/0x160 [ 474.047406][T13869] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 474.053472][T13869] ? get_page_from_freelist+0x11d3/0x19f0 [ 474.059215][T13869] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.065107][T13869] alloc_pages_current+0x68d/0x9a0 [ 474.070223][T13869] __page_cache_alloc+0x95/0x320 [ 474.075161][T13869] pagecache_get_page+0xaf1/0x1220 [ 474.080269][T13869] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.086162][T13869] filemap_fault+0x2632/0x2b70 [ 474.091105][T13869] ? generic_file_read_iter+0x3e70/0x3e70 [ 474.096812][T13869] handle_mm_fault+0x8043/0x9f70 [ 474.101798][T13869] do_user_addr_fault+0x905/0x1510 [ 474.106928][T13869] __do_page_fault+0x1a2/0x410 [ 474.111687][T13869] do_page_fault+0xbb/0x500 [ 474.118104][T13869] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 474.123468][T13869] page_fault+0x4e/0x60 [ 474.127616][T13869] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 474.134189][T13869] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 474.153953][T13869] RSP: 0018:ffff8881842bf778 EFLAGS: 00010206 [ 474.160004][T13869] RAX: ffffffff8496408c RBX: ffff8881b58f6468 RCX: 0000000000000300 [ 474.167968][T13869] RDX: 0000000000001000 RSI: ffff88817f924d00 RDI: 0000000020007000 [ 474.176449][T13869] RBP: ffff8881842bf7e8 R08: 0000000000000000 R09: 0000000000000004 [ 474.184409][T13869] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 474.192628][T13869] R13: ffff88817f924000 R14: ffff8881842bf780 R15: 0000000020006300 [ 474.200605][T13869] ? copyout+0xcc/0x1f0 [ 474.204760][T13869] ? copyout+0x113/0x1f0 [ 474.208997][T13869] copy_page_to_iter+0x6dc/0x1910 [ 474.214034][T13869] generic_file_read_iter+0x2979/0x3e70 [ 474.219603][T13869] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.225487][T13869] ? find_get_pages_range_tag+0xe60/0xe60 [ 474.231195][T13869] do_iter_readv_writev+0xa16/0xc30 [ 474.236411][T13869] ? find_get_pages_range_tag+0xe60/0xe60 [ 474.242162][T13869] do_iter_read+0x30b/0xe10 [ 474.246750][T13869] ? import_iovec+0x4ad/0x660 [ 474.251426][T13869] do_readv+0x37f/0x710 [ 474.255588][T13869] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.261485][T13869] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 474.267649][T13869] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 474.273356][T13869] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.279252][T13869] __se_sys_readv+0x9b/0xb0 [ 474.283752][T13869] __x64_sys_readv+0x4a/0x70 [ 474.288336][T13869] do_syscall_64+0xb6/0x160 [ 474.292831][T13869] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 474.298707][T13869] RIP: 0033:0x459a59 [ 474.302606][T13869] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 474.322208][T13869] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 474.330608][T13869] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 474.338566][T13869] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 474.346527][T13869] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 14:23:49 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x84) r1 = socket$inet6(0x10, 0x0, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) accept$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) r3 = socket(0x2, 0x3, 0x7) connect$inet(r3, &(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10) getsockopt$sock_buf(r3, 0x1, 0x1c, &(0x7f0000e530e9)=""/16, &(0x7f00000001c0)=0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r7 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r7, 0x894b, &(0x7f0000000380)) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x28, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0xe, 0x6}]}, 0x28}}, 0x0) r8 = epoll_create(0x10) r9 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) epoll_ctl$EPOLL_CTL_DEL(r8, 0x2, r9) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000400)=@report={0x230, 0x20, 0x100, 0x70bd27, 0x25dfdbff, {0x0, {@in=@empty, @in6=@loopback, 0x4e23, 0x20, 0x4e20, 0x8000, 0x0, 0x80, 0x140, 0x2b, r6, r10}}, [@algo_auth={0x114, 0x1, {{'sha224-avx2\x00'}, 0x650, "47310c336c6217a7ba9340369dae4ccede788c7497b4ee18ef67b49e8471a6b4a10980df28f7e4bea97d9548a26bcd6725b8472c0d9e7396408d6876bd8c35181b7999d5e48bfc5dc902aeb75b1c59e70d236777a2eee97bdb86c71d0246d4ef12a2f9f4227f12e8862788ba8aff269a088e64d3f220d681aef008e25d2c08125f66d2c5df3ab780f096066be10bd6e78c1d7a958038066d46ed967bc742aa0f5c135c787340787a802207cf37bedda30a57e3e44a23f9a02c2e96bd6461502ef62f89767715e73e9f35"}}, @algo_auth_trunc={0x6c, 0x14, {{'wp384\x00'}, 0xf8, 0x0, "31f2ae94281c7c993d01169cfb0a9b3d1af50ab43a9b5d1272887143389f15"}}, @algo_aead={0x64, 0x12, {{'authenc(sha3-512,ctr(camellia))\x00'}, 0xa8, 0x100, "f25fe45c182b394967e1fbc7b0a0c4a658da746611"}}]}, 0x230}, 0x1, 0x0, 0x0, 0x834c9fed93b9419f}, 0x40) setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@mcast2, @in=@empty, 0x4e23, 0x0, 0x4e23, 0x6, 0x2, 0x80, 0xa0, 0x3b, r2, r10}, {0x8, 0x8001, 0x7, 0x7, 0x2, 0x65, 0x1, 0x3}, {0x7, 0x1, 0x2, 0x348e}, 0x98d, 0x6e6bbf, 0x0, 0x0, 0x8e8da0514f031b65, 0x1}, {{@in6=@dev={0xfe, 0x80, [], 0x1c}, 0x4d2, 0xff}, 0x2, @in6=@remote, 0x3507, 0x2, 0x0, 0xa8, 0x820a, 0x4, 0x9}}, 0xe8) ioctl$VT_ACTIVATE(r8, 0x5606, 0x2) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0xc100) write$binfmt_misc(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="737f1100bf214a5541a09368049c3bec142b7b1c86f841d62e594f1bddb4d6587bab61e1d912c2f8b3e6eb8d987252ee5596ff1769cc9534ab43318a1f9957f25a9a70b47041108e300eebdc50643dac92dafafdeda8591bdccdaf84302ac175a67c60858b610b88c3dd6aaff88d31c08a780782f729d833569b9100b2ac46e1c3bfd2d7564bcf3ecc88fb226273cf067b272908e3bd3651a325148627dee1525a54725064bc9e8307523669481f3b5dfa6509e56fd518016c3fd2acec1ea6687e7a87df4a2485a7100886be4b785bce6313121f34e9a092d36cf343b7b94eb5a4f6e81dd1f5f8f3a4cdad994ebfe89769b8cdd049173c"], 0x10) [ 474.354488][T13869] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 474.362456][T13869] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:49 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xfffffd1d, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="f40000730450474e4be2f9a59e201c515b748b883fb611ecf197fd4af17ffcf93deab05f0012c2c1bb45d029de1bc45ddad2135eaa3d3efdabd5a49befb774f7e18c185757f2d706c61505fc22ddab7317c07534512bd86c7903b327ad113b8250e9b2e0ea112d21aa606fe7ea", @ANYRES16=r0, @ANYBLOB="180026bd7000fcdbdf2505000000bc0004000c00010073797a300000000014000700080001000c0000000800030040000000440007000800030004000000080001000300000008000100100000000800030080000000080001000f00000008000300ff010000080001000300000008000300900000002c000700080003000400000008000400080000000800030007000000080002000400000008000200000000001400010062726f6164636173742d6c696e6b00001400010062726f6164636173742d6c696e6b0000240006000800010007000000080001000000000008000100040000000800010008000000"], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000300)='/dev/swradio#\x00', 0x0, 0x2) ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f0000000340)) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="3000000076000b0f00000000000000000a000000000000000000000008001080010000000c00090000000000", @ANYRES32=0x0], 0x30}, 0x1, 0x0, 0x0, 0x44080}, 0x8800) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mixer\x00', 0x1a1243, 0x0) ioctl$TCGETS2(r3, 0x802c542a, &(0x7f0000000440)) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) getdents(r2, &(0x7f0000000380)=""/111, 0x6f) 14:23:49 executing program 3 (fault-call:7 fault-nth:50): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:49 executing program 0: r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000018c0)={{0x12, 0x1, 0x0, 0xfe, 0x35, 0xc8, 0x20, 0x9710, 0x7730, 0x9f17, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x82, 0x0, 0x0, 0x2b, 0xea, 0x61}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0xac, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000001ec0)={0xac, &(0x7f0000000000)={0x0, 0x0, 0x2, "a1e5"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x28, &(0x7f0000000100)={0x0, 0x0}}, 0x10) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000200)={r1, 0x9, 0x8}, 0x4) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000080), &(0x7f00000000c0)=0x2) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000040)) [ 474.740362][ T32] audit: type=1804 audit(1571495029.785:129): pid=13886 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/136/file0/bus" dev="ramfs" ino=41117 res=1 [ 474.750325][T13886] FAULT_INJECTION: forcing a failure. [ 474.750325][T13886] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 474.775257][T13886] CPU: 0 PID: 13886 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 474.783327][T13886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 474.793384][T13886] Call Trace: [ 474.796677][T13886] dump_stack+0x191/0x1f0 [ 474.801013][T13886] should_fail+0xa3f/0xa50 [ 474.805435][T13886] should_fail_alloc_page+0x1fb/0x270 [ 474.810807][T13886] __alloc_pages_nodemask+0x3c1/0x60c0 [ 474.816354][T13886] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.822246][T13886] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 474.828232][T13886] ? prep_new_page+0x792/0x9b0 [ 474.833000][T13886] ? get_page_from_freelist+0x11d3/0x19f0 [ 474.838732][T13886] kmsan_alloc_page+0x131/0x370 [ 474.843584][T13886] __alloc_pages_nodemask+0x149d/0x60c0 [ 474.849119][T13886] ? do_syscall_64+0xb6/0x160 [ 474.853789][T13886] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 474.859856][T13886] ? get_page_from_freelist+0x11d3/0x19f0 [ 474.865612][T13886] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.871496][T13886] alloc_pages_current+0x68d/0x9a0 [ 474.876619][T13886] __page_cache_alloc+0x95/0x320 [ 474.881551][T13886] pagecache_get_page+0xaf1/0x1220 [ 474.886649][T13886] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 474.892541][T13886] filemap_fault+0x2632/0x2b70 [ 474.897585][T13886] ? generic_file_read_iter+0x3e70/0x3e70 [ 474.903296][T13886] handle_mm_fault+0x8043/0x9f70 [ 474.908246][T13886] do_user_addr_fault+0x905/0x1510 [ 474.913371][T13886] __do_page_fault+0x1a2/0x410 [ 474.918140][T13886] do_page_fault+0xbb/0x500 [ 474.922633][T13886] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 474.927998][T13886] page_fault+0x4e/0x60 [ 474.932146][T13886] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 474.938719][T13886] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 474.958312][T13886] RSP: 0018:ffff8881786ef778 EFLAGS: 00010206 [ 474.964365][T13886] RAX: ffffffff8496408c RBX: ffff8881a96ee468 RCX: 0000000000000300 [ 474.972324][T13886] RDX: 0000000000001000 RSI: ffff8881784e4d00 RDI: 0000000020007000 [ 474.980292][T13886] RBP: ffff8881786ef7e8 R08: 0000000000000000 R09: 0000000000000004 [ 474.988249][T13886] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 474.996208][T13886] R13: ffff8881784e4000 R14: ffff8881786ef780 R15: 0000000020006300 [ 475.004189][T13886] ? copyout+0xcc/0x1f0 [ 475.008338][T13886] ? copyout+0x113/0x1f0 [ 475.012575][T13886] copy_page_to_iter+0x6dc/0x1910 [ 475.017627][T13886] generic_file_read_iter+0x2979/0x3e70 [ 475.023197][T13886] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.029078][T13886] ? find_get_pages_range_tag+0xe60/0xe60 [ 475.034785][T13886] do_iter_readv_writev+0xa16/0xc30 [ 475.039987][T13886] ? find_get_pages_range_tag+0xe60/0xe60 [ 475.045699][T13886] do_iter_read+0x30b/0xe10 [ 475.050205][T13886] ? import_iovec+0x4ad/0x660 [ 475.054883][T13886] do_readv+0x37f/0x710 [ 475.059068][T13886] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.064951][T13886] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 475.071006][T13886] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 475.076979][T13886] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.082879][T13886] __se_sys_readv+0x9b/0xb0 [ 475.087374][T13886] __x64_sys_readv+0x4a/0x70 [ 475.091954][T13886] do_syscall_64+0xb6/0x160 [ 475.096447][T13886] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 475.102334][T13886] RIP: 0033:0x459a59 [ 475.106219][T13886] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 475.125812][T13886] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 475.134258][T13886] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 475.142218][T13886] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 475.150177][T13886] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 475.158136][T13886] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 475.166107][T13886] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:50 executing program 1: r0 = socket$inet6(0x10, 0x4, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x9f2d37e0c3ae5a34, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video36\x00', 0x2, 0x0) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f00000000c0)={0xfffffffffffffeff, 0xbf2, 0x4, 0x0, 0x0, [{0xffffffffffffffff, 0x0, 0x5}, {r1, 0x0, 0x5}, {r2, 0x0, 0x6}, {r3, 0x0, 0x8}]}) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xae, 0x0, 0x53, 0x8, 0x10fd, 0xde00, 0x1, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x46, 0x0, 0x0, 0xd2, 0x7d, 0x50}}]}}]}}, 0x0) 14:23:50 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000380)=0x4, 0x4) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x1007, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000080), 0x4) 14:23:50 executing program 3 (fault-call:7 fault-nth:51): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 475.322863][T11495] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 475.330914][T11526] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 475.420940][ T32] audit: type=1804 audit(1571495030.465:130): pid=13896 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/137/file0/bus" dev="ramfs" ino=40417 res=1 [ 475.452555][T13896] FAULT_INJECTION: forcing a failure. [ 475.452555][T13896] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 475.465994][T13896] CPU: 1 PID: 13896 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 475.473940][T13896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 475.484046][T13896] Call Trace: [ 475.487392][T13896] dump_stack+0x191/0x1f0 [ 475.491785][T13896] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.497905][T13896] should_fail+0xa3f/0xa50 [ 475.503072][T13896] should_fail_alloc_page+0x1fb/0x270 [ 475.508482][T13896] __alloc_pages_nodemask+0x3c1/0x60c0 [ 475.513984][T13896] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 475.519997][T13896] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 475.526095][T13896] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 475.532216][T13896] ? __list_add_valid+0xb8/0x430 [ 475.537228][T13896] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 475.543338][T13896] ? free_unref_page_commit+0x31c/0x730 [ 475.548927][T13896] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.554884][T13896] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.560811][T13896] alloc_pages_vma+0xc9d/0x18c0 [ 475.565706][T13896] handle_mm_fault+0x38f5/0x9f70 [ 475.570706][T13896] ? generic_file_read_iter+0x3e70/0x3e70 [ 475.576490][T13896] do_user_addr_fault+0x905/0x1510 [ 475.581704][T13896] __do_page_fault+0x1a2/0x410 [ 475.586504][T13896] do_page_fault+0xbb/0x500 [ 475.591037][T13896] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 475.596504][T13896] page_fault+0x4e/0x60 [ 475.600709][T13896] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 475.607347][T13896] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 475.627247][T13896] RSP: 0018:ffff888179c9f778 EFLAGS: 00010206 [ 475.633353][T13896] RAX: ffffffff8496408c RBX: ffff8881b58f6468 RCX: 0000000000000300 [ 475.641363][T13896] RDX: 0000000000001000 RSI: ffff88817c8b0d00 RDI: 0000000020007000 [ 475.649471][T13896] RBP: ffff888179c9f7e8 R08: 0000000000000000 R09: 0000000000000004 [ 475.657462][T13896] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 475.665450][T13896] R13: ffff88817c8b0000 R14: ffff888179c9f780 R15: 0000000020006300 [ 475.673477][T13896] ? copyout+0xcc/0x1f0 [ 475.677677][T13896] ? copyout+0x113/0x1f0 [ 475.681958][T13896] copy_page_to_iter+0x6dc/0x1910 [ 475.687033][T13896] generic_file_read_iter+0x2979/0x3e70 [ 475.692673][T13896] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.698591][T13896] ? find_get_pages_range_tag+0xe60/0xe60 [ 475.704335][T13896] do_iter_readv_writev+0xa16/0xc30 [ 475.709590][T13896] ? find_get_pages_range_tag+0xe60/0xe60 [ 475.715419][T13896] do_iter_read+0x30b/0xe10 [ 475.719961][T13896] ? import_iovec+0x4ad/0x660 [ 475.724690][T13896] do_readv+0x37f/0x710 [ 475.728906][T13896] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.734833][T13896] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 475.741881][T13896] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 475.747631][T13896] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 475.753560][T13896] __se_sys_readv+0x9b/0xb0 [ 475.758277][T13896] __x64_sys_readv+0x4a/0x70 [ 475.762890][T13896] do_syscall_64+0xb6/0x160 [ 475.767440][T13896] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 475.773444][T13896] RIP: 0033:0x459a59 [ 475.777422][T13896] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 475.797057][T13896] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 475.805499][T13896] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 475.813490][T13896] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 475.821916][T13896] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 475.829910][T13896] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 475.837896][T13896] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 475.902566][T11495] usb 1-1: Using ep0 maxpacket: 32 14:23:51 executing program 3 (fault-call:7 fault-nth:52): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 476.002978][ T3953] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 476.023151][T11495] usb 1-1: config 0 has an invalid interface number: 130 but max is 0 [ 476.031528][T11495] usb 1-1: config 0 has no interface number 0 [ 476.037929][T11495] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=9f.17 [ 476.047270][T11495] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.056447][T11526] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 476.129054][T11495] usb 1-1: config 0 descriptor?? [ 476.225057][T11526] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 476.234344][T11526] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 476.281450][T13902] FAULT_INJECTION: forcing a failure. [ 476.281450][T13902] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 476.294704][T13902] CPU: 0 PID: 13902 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 476.302603][T13902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 476.312689][T13902] Call Trace: [ 476.316100][T13902] dump_stack+0x191/0x1f0 [ 476.320457][T13902] should_fail+0xa3f/0xa50 [ 476.324914][T13902] should_fail_alloc_page+0x1fb/0x270 [ 476.330312][T13902] __alloc_pages_nodemask+0x3c1/0x60c0 [ 476.335801][T13902] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 476.341735][T13902] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 476.347746][T13902] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 476.353918][T13902] ? prep_new_page+0x792/0x9b0 [ 476.358718][T13902] ? get_page_from_freelist+0x11d3/0x19f0 [ 476.364474][T13902] kmsan_alloc_page+0xc3/0x370 [ 476.369276][T13902] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 476.375191][T13902] __alloc_pages_nodemask+0x149d/0x60c0 [ 476.380780][T13902] ? release_pages+0x15ba/0x15e0 [ 476.385745][T13902] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 476.393068][T13902] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 476.398989][T13902] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 476.405192][T13902] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 476.411108][T13902] alloc_pages_vma+0xc9d/0x18c0 [ 476.415995][T13902] handle_mm_fault+0x38f5/0x9f70 [ 476.420975][T13902] ? shmem_write_end+0x920/0x920 [ 476.425944][T13902] do_user_addr_fault+0x905/0x1510 [ 476.431100][T13902] __do_page_fault+0x1a2/0x410 [ 476.435887][T13902] do_page_fault+0xbb/0x500 [ 476.440417][T13902] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 476.445811][T13902] page_fault+0x4e/0x60 [ 476.449996][T13902] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 476.456603][T13902] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 476.476227][T13902] RSP: 0018:ffff88817cc7f820 EFLAGS: 00010206 [ 476.482315][T13902] RAX: ffffffff8496408c RBX: ffff8881a96e89a8 RCX: 0000000000000300 [ 476.490673][T13902] RDX: 0000000000001000 RSI: ffff8881778a9d00 RDI: 0000000020009000 [ 476.498638][T13902] RBP: ffff88817cc7f890 R08: 0000000000000000 R09: 0000000000000006 [ 476.506597][T13902] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 476.514573][T13902] R13: ffff8881778a9000 R14: ffff88817cc7f828 R15: 0000000020008300 [ 476.522554][T13902] ? copyout+0xcc/0x1f0 [ 476.526708][T13902] ? copyout+0x113/0x1f0 [ 476.530948][T13902] copy_page_to_iter+0x6dc/0x1910 [ 476.535990][T13902] shmem_file_read_iter+0xa10/0x1140 [ 476.541288][T13902] ? shmem_file_llseek+0xdc0/0xdc0 [ 476.546399][T13902] do_iter_readv_writev+0xa16/0xc30 [ 476.551620][T13902] ? shmem_file_llseek+0xdc0/0xdc0 [ 476.556719][T13902] do_iter_read+0x30b/0xe10 [ 476.561213][T13902] ? import_iovec+0x4ad/0x660 [ 476.565917][T13902] do_readv+0x37f/0x710 [ 476.570084][T13902] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 476.576012][T13902] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 476.582111][T13902] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 476.587835][T13902] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 476.593731][T13902] __se_sys_readv+0x9b/0xb0 [ 476.598419][T13902] __x64_sys_readv+0x4a/0x70 [ 476.603000][T13902] do_syscall_64+0xb6/0x160 [ 476.607633][T13902] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 476.613528][T13902] RIP: 0033:0x459a59 [ 476.617436][T13902] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 476.637132][T13902] RSP: 002b:00007fb00e444c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 476.645549][T13902] RAX: ffffffffffffffda RBX: 00007fb00e444c90 RCX: 0000000000459a59 [ 476.653507][T13902] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 476.661469][T13902] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 476.669518][T13902] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4456d4 14:23:51 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0xa2, &(0x7f0000000100)={@local, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x6c, 0x6, 0x0, @dev, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x1b, 0x2, 0x0, 0x0, 0x0, {[@window={0x3, 0x3}, @mss={0x2, 0x4}, @fastopen={0x22, 0x3, "9f"}, @sack={0x5, 0xe, [0x0, 0x0, 0x1]}, @mptcp=@remove_addr={0x1e, 0x27, 0x0, 0x100, "0bb0eaee79cd3e1ff62a69e63df6591d5733e13bf8fab2d8e1bfbd2d96a422a6fc1afb94"}, @sack={0x5, 0x16, [0x0, 0x0, 0x0, 0x0, 0x0]}]}}}}}}}}, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x20003, 0x0) r2 = syz_open_dev$usbmon(0x0, 0x45, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000200)=0x1) ioctl$KDDISABIO(r2, 0x4b37) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000280)) ioctl$sock_SIOCGPGRP(r2, 0x8904, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={r2, 0xc0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=0x6, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xa, 0x2}, 0x0, 0x0, &(0x7f0000000640)={0x3, 0x10, 0x4, 0xfe3}, &(0x7f0000000680), 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=0x6}}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000840)=r3, 0x4) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={r1, 0x10, &(0x7f0000000040)={&(0x7f00000001c0)=""/239, 0xef, r3}}, 0x10) [ 476.677476][T13902] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 476.694394][ T3953] usb 2-1: Using ep0 maxpacket: 8 [ 476.738506][T13905] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 476.757324][T13905] TCP: request_sock_TCPv6: Possible SYN flooding on port 20000. Sending cookies. Check SNMP counters. [ 476.765947][T11526] cdc_ether: probe of 3-1:1.0 failed with error -22 14:23:51 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x8, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000610000000f008100"/24], &(0x7f0000281ffc)='G\xffL\x00'}, 0x48) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) ioprio_set$uid(0x3, r0, 0x6) [ 476.812502][ T3953] usb 2-1: config 0 has an invalid interface number: 70 but max is 0 [ 476.820913][ T3953] usb 2-1: config 0 has no interface number 0 [ 476.827451][ T3953] usb 2-1: New USB device found, idVendor=10fd, idProduct=de00, bcdDevice= 0.01 [ 476.836676][ T3953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 14:23:51 executing program 3 (fault-call:7 fault-nth:53): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 476.958125][ T3953] usb 2-1: config 0 descriptor?? [ 476.984659][T11526] usb 3-1: USB disconnect, device number 18 [ 476.997753][ T32] audit: type=1804 audit(1571495032.045:131): pid=13914 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/139/file0/bus" dev="ramfs" ino=41185 res=1 [ 477.010037][ T3953] go7007 2-1:0.70: The Lifeview TV Walker Ultra is not supported. Sorry! [ 477.036541][T13914] FAULT_INJECTION: forcing a failure. [ 477.036541][T13914] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 477.049794][T13914] CPU: 0 PID: 13914 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 477.057796][T13914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 477.067843][T13914] Call Trace: [ 477.071151][T13914] dump_stack+0x191/0x1f0 [ 477.075477][T13914] should_fail+0xa3f/0xa50 [ 477.079895][T13914] should_fail_alloc_page+0x1fb/0x270 [ 477.085260][T13914] __alloc_pages_nodemask+0x3c1/0x60c0 [ 477.090716][T13914] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 477.096605][T13914] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 477.102582][T13914] ? prep_new_page+0x792/0x9b0 [ 477.107366][T13914] ? get_page_from_freelist+0x11d3/0x19f0 [ 477.113103][T13914] kmsan_alloc_page+0x131/0x370 [ 477.117955][T13914] __alloc_pages_nodemask+0x149d/0x60c0 [ 477.123506][T13914] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 477.129488][T13914] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 477.137390][T13914] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 477.143448][T13914] ? __list_add_valid+0xb8/0x430 [ 477.148384][T13914] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 477.154527][T13914] ? free_unref_page_commit+0x31c/0x730 [ 477.160087][T13914] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 477.165975][T13914] alloc_pages_vma+0xc9d/0x18c0 [ 477.170835][T13914] handle_mm_fault+0x38f5/0x9f70 [ 477.175774][T13914] ? generic_file_read_iter+0x3e70/0x3e70 [ 477.181493][T13914] do_user_addr_fault+0x905/0x1510 [ 477.186614][T13914] __do_page_fault+0x1a2/0x410 [ 477.191375][T13914] do_page_fault+0xbb/0x500 [ 477.195875][T13914] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 477.201239][T13914] page_fault+0x4e/0x60 [ 477.205387][T13914] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 477.212141][T13914] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 477.231803][T13914] RSP: 0018:ffff88817ab0f778 EFLAGS: 00010206 [ 477.237857][T13914] RAX: ffffffff8496408c RBX: ffff8881b58f09a8 RCX: 0000000000000300 [ 477.245820][T13914] RDX: 0000000000001000 RSI: ffff88817bb8ad00 RDI: 0000000020007000 [ 477.253783][T13914] RBP: ffff88817ab0f7e8 R08: 0000000000000000 R09: 0000000000000004 [ 477.261743][T13914] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 477.269704][T13914] R13: ffff88817bb8a000 R14: ffff88817ab0f780 R15: 0000000020006300 [ 477.277938][T13914] ? copyout+0xcc/0x1f0 [ 477.282091][T13914] ? copyout+0x113/0x1f0 [ 477.286328][T13914] copy_page_to_iter+0x6dc/0x1910 [ 477.291361][T13914] generic_file_read_iter+0x2979/0x3e70 [ 477.296943][T13914] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 477.302830][T13914] ? find_get_pages_range_tag+0xe60/0xe60 [ 477.309416][T13914] do_iter_readv_writev+0xa16/0xc30 [ 477.314620][T13914] ? find_get_pages_range_tag+0xe60/0xe60 [ 477.321468][T13914] do_iter_read+0x30b/0xe10 [ 477.325962][T13914] ? import_iovec+0x4ad/0x660 [ 477.330642][T13914] do_readv+0x37f/0x710 [ 477.334820][T13914] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 477.340704][T13914] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 477.346761][T13914] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 477.352469][T13914] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 477.358351][T13914] __se_sys_readv+0x9b/0xb0 [ 477.362848][T13914] __x64_sys_readv+0x4a/0x70 [ 477.367540][T13914] do_syscall_64+0xb6/0x160 [ 477.372039][T13914] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 477.377919][T13914] RIP: 0033:0x459a59 [ 477.382250][T13914] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 477.401851][T13914] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 477.410272][T13914] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 477.418246][T13914] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 477.426216][T13914] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 477.434350][T13914] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 477.442573][T13914] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 477.500424][ T3953] usb 2-1: USB disconnect, device number 33 [ 477.892069][T11526] usb 3-1: new high-speed USB device number 19 using dummy_hcd 14:23:53 executing program 2: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chroot(&(0x7f0000000200)='./file0\x00') chdir(&(0x7f0000000080)='./file0\x00') umount2(&(0x7f0000b1d000)='.', 0x2) unshare(0x8020000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xbef41b84bfff28d0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80000, 0xff) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000080)=@fragment, 0x8) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, 0x0, 0xa808) 14:23:53 executing program 4: sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000000)=ANY=[@ANYRESHEX], 0xffffffce}}, 0x24000000) r0 = socket$key(0xf, 0x3, 0x2) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r2, 0x660c) sendmmsg(r0, &(0x7f0000000180), 0x400024c, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000340)='IPVS\x00') sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000640)={&(0x7f00000008c0)=ANY=[@ANYBLOB="bd000000", @ANYRES16=r3, @ANYBLOB="000100000000fedbdf250b00000034000200080006002231000008000400fca34a7a08000900ff07000008000b0000000000080009000000000008000e004e20000014000100080006006c63000008000600727200003c000100080001000a000000080004004e2400000c000700090000002400000014000300ffffffff00000000000000000000000008000b0073697000080005000900000008000400ff0700000800040000000080"], 0xb0}}, 0x8081) sendmsg$IPVS_CMD_SET_SERVICE(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0xf0, r3, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}]}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@dev={0xac, 0x14, 0x14, 0x25}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@empty}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x14, 0x2}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_DEST={0x4c, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8000}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3ff}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x32}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x400}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xfffff2da}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xfffff585}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x200}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e22}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xfffffc01}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x10000}]}, 0xf0}, 0x1, 0x0, 0x0, 0x40}, 0x0) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) r5 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000280)='/dev/cachefiles\x00', 0x80, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r5, 0xc0945662, &(0x7f0000000380)={0x7132, 0x0, [], {0x0, @reserved}}) write$vnet(r4, &(0x7f00000006c0)={0x1, {&(0x7f0000000440)=""/219, 0xdb, &(0x7f0000000540)=""/155, 0x3, 0x1}}, 0x68) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$RTC_RD_TIME(r4, 0x80247009, &(0x7f0000000240)) 14:23:53 executing program 5: syz_usb_connect(0x0, 0x24, &(0x7f0000000980)={{0x12, 0x1, 0x0, 0x44, 0x43, 0xaf, 0x40, 0x4cc, 0x2533, 0xf0a5, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf4, 0xe9, 0x40}}]}}]}}, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000000)=""/174) 14:23:53 executing program 3 (fault-call:7 fault-nth:54): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 478.046976][ T32] audit: type=1804 audit(1571495033.095:132): pid=13924 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/140/file0/bus" dev="ramfs" ino=41209 res=1 [ 478.050840][T13924] FAULT_INJECTION: forcing a failure. [ 478.050840][T13924] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 478.083055][T13924] CPU: 0 PID: 13924 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 478.083099][T13924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 478.101050][T13924] Call Trace: [ 478.104419][T13924] dump_stack+0x191/0x1f0 [ 478.104488][T13924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 478.114752][T13924] should_fail+0xa3f/0xa50 [ 478.119263][T13924] should_fail_alloc_page+0x1fb/0x270 [ 478.124719][T13924] __alloc_pages_nodemask+0x3c1/0x60c0 [ 478.130274][T13924] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 478.136342][T13924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 478.142408][T13924] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 478.148553][T13924] ? memcg_check_events+0x74/0xf20 [ 478.153781][T13924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 478.159838][T13924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 478.165824][T13924] alloc_pages_vma+0xc9d/0x18c0 [ 478.170838][T13924] handle_mm_fault+0x38f5/0x9f70 [ 478.175872][T13924] ? generic_file_read_iter+0x3e70/0x3e70 [ 478.181718][T13924] do_user_addr_fault+0x905/0x1510 [ 478.187289][T13924] __do_page_fault+0x1a2/0x410 [ 478.192131][T13924] do_page_fault+0xbb/0x500 [ 478.196704][T13924] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 478.202146][T13924] page_fault+0x4e/0x60 [ 478.207096][T13924] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 478.214098][T13924] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 478.233769][T13924] RSP: 0018:ffff88817a84f778 EFLAGS: 00010206 [ 478.239967][T13924] RAX: ffffffff8496408c RBX: ffff8881a96e89a8 RCX: 0000000000000300 [ 478.247982][T13924] RDX: 0000000000001000 RSI: ffff8881835c9d00 RDI: 0000000020008000 [ 478.256061][T13924] RBP: ffff88817a84f7e8 R08: 0000000000000000 R09: 0000000000000005 [ 478.262208][T11493] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 478.264052][T13924] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 478.264083][T13924] R13: ffff8881835c9000 R14: ffff88817a84f780 R15: 0000000020007300 [ 478.264145][T13924] ? copyout+0xcc/0x1f0 [ 478.264188][T13924] ? copyout+0x113/0x1f0 [ 478.264245][T13924] copy_page_to_iter+0x6dc/0x1910 [ 478.301406][T13924] generic_file_read_iter+0x2979/0x3e70 [ 478.307102][T13924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 478.313081][T13924] ? find_get_pages_range_tag+0xe60/0xe60 [ 478.318884][T13924] do_iter_readv_writev+0xa16/0xc30 [ 478.324191][T13924] ? find_get_pages_range_tag+0xe60/0xe60 [ 478.329987][T13924] do_iter_read+0x30b/0xe10 [ 478.334837][T13924] ? import_iovec+0x4ad/0x660 [ 478.339604][T13924] do_readv+0x37f/0x710 [ 478.343879][T13924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 478.349827][T13924] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 478.355936][T13924] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 478.361721][T13924] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 478.368060][T13924] __se_sys_readv+0x9b/0xb0 [ 478.372646][T13924] __x64_sys_readv+0x4a/0x70 [ 478.377310][T13924] do_syscall_64+0xb6/0x160 [ 478.381888][T13924] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 478.387817][T13924] RIP: 0033:0x459a59 [ 478.391755][T13924] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 478.411410][T13924] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 478.419891][T13924] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 478.422092][T11559] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 478.427902][T13924] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 478.427928][T13924] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 478.427953][T13924] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 478.427978][T13924] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 478.852331][T11559] usb 6-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=f0.a5 [ 478.861691][T11559] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.874510][T11559] usb 6-1: config 0 descriptor?? [ 478.913147][T11559] pn533_usb 6-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint [ 478.954417][T11495] usb 1-1: Cannot set autoneg [ 478.959497][T11495] MOSCHIP usb-ethernet driver: probe of 1-1:0.130 failed with error -71 [ 478.962131][T11493] usb 2-1: device not accepting address 34, error -71 [ 478.998231][T11495] usb 1-1: USB disconnect, device number 35 [ 479.165688][T11562] usb 6-1: USB disconnect, device number 12 14:23:54 executing program 0: unshare(0x24020400) unshare(0x24020400) creat(&(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0) r0 = socket$unix(0x1, 0x3, 0x0) connect(r0, &(0x7f0000931ff4)=@un=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f0000000040)) 14:23:54 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10}, {0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1}, {{@in6=@local, 0x0, 0x32}, 0x0, @in=@multicast1}}, 0xe8) r1 = socket$unix(0x1, 0x5, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000000)={0x338, 0x5, 0x4, 0xb1, 0xfff}) sendmmsg(r0, &(0x7f0000000a80)=[{{&(0x7f0000000100)=@in={0x2, 0xc67a}, 0x80, 0x0}}], 0x1, 0x0) 14:23:54 executing program 3 (fault-call:7 fault-nth:55): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:54 executing program 2: socketpair(0xb, 0x1, 0x20, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$FICLONE(r1, 0x40049409, 0xffffffffffffffff) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) pipe2(&(0x7f00000000c0)={0xffffffffffffffff}, 0x80000) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x7, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x1, 0x0, 0x9, 0x9, 0x2, 0x10}, @call={0x85, 0x0, 0x0, 0x50}, @exit, @map={0x18, 0x7, 0x1, 0x0, r2}, @map={0x18, 0x7, 0x1, 0x0, r3}], &(0x7f0000003ff6)='OPL\x00', 0x1, 0xb7, &(0x7f0000000140)=""/183, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0xffffffff}, 0x10}, 0x70) 14:23:54 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) write$binfmt_elf32(r1, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x77, 0x0, 0x6, 0x80, 0x40, 0x0, 0x0, 0xfff, 0x1e0, 0x38, 0x139, 0x1, 0x2, 0x20, 0x2, 0x4, 0x9e, 0x2}, [{0x4, 0x8, 0x0, 0xfffffff8, 0xfffffff8, 0x3, 0xfffffffe, 0x3ff}, {0x6, 0x6ba, 0x1ff, 0x0, 0x7, 0xff, 0x4, 0x7fff}], "ca4bf48b2695414c6378e180a02cd09779204cc22a1684f68c6c6bfb70307699a5", [[], [], []]}, 0x399) ioctl$MON_IOCQ_URB_LEN(r0, 0x9201) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000001000/0x2000)=nil, 0x3) [ 479.772427][ T32] audit: type=1804 audit(1571495034.815:133): pid=13945 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/141/file0/bus" dev="ramfs" ino=40542 res=1 [ 479.795345][T11562] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 479.817638][T13945] FAULT_INJECTION: forcing a failure. [ 479.817638][T13945] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 479.831234][T13945] CPU: 1 PID: 13945 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 479.839131][T13945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 479.850341][T13945] Call Trace: [ 479.853653][T13945] dump_stack+0x191/0x1f0 [ 479.857988][T13945] should_fail+0xa3f/0xa50 [ 479.862415][T13945] should_fail_alloc_page+0x1fb/0x270 [ 479.867790][T13945] __alloc_pages_nodemask+0x3c1/0x60c0 [ 479.873251][T13945] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 479.879142][T13945] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 479.885116][T13945] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 479.891257][T13945] ? prep_new_page+0x792/0x9b0 [ 479.896022][T13945] ? get_page_from_freelist+0x11d3/0x19f0 [ 479.901929][T13945] kmsan_alloc_page+0xc3/0x370 [ 479.906697][T13945] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 479.912586][T13945] __alloc_pages_nodemask+0x149d/0x60c0 [ 479.918130][T13945] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 479.924108][T13945] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 479.930003][T13945] ? memcg_check_events+0x74/0xf20 [ 479.935125][T13945] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 479.941038][T13945] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 479.946927][T13945] alloc_pages_vma+0xc9d/0x18c0 [ 479.951786][T13945] handle_mm_fault+0x38f5/0x9f70 [ 479.956733][T13945] ? generic_file_read_iter+0x3e70/0x3e70 [ 479.962456][T13945] do_user_addr_fault+0x905/0x1510 [ 479.967588][T13945] __do_page_fault+0x1a2/0x410 [ 479.972353][T13945] do_page_fault+0xbb/0x500 [ 479.976850][T13945] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 479.982212][T13945] page_fault+0x4e/0x60 [ 479.986360][T13945] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 479.992939][T13945] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 480.017860][T13945] RSP: 0018:ffff8881ab45f778 EFLAGS: 00010206 [ 480.024004][T13945] RAX: ffffffff8496408c RBX: ffff8881b58f09a8 RCX: 0000000000000300 [ 480.032054][T13945] RDX: 0000000000001000 RSI: ffff88817bb59d00 RDI: 0000000020008000 [ 480.040012][T13945] RBP: ffff8881ab45f7e8 R08: 0000000000000000 R09: 0000000000000005 [ 480.047975][T13945] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 480.055936][T13945] R13: ffff88817bb59000 R14: ffff8881ab45f780 R15: 0000000020007300 [ 480.063926][T13945] ? copyout+0xcc/0x1f0 [ 480.068113][T13945] ? copyout+0x113/0x1f0 [ 480.072368][T13945] copy_page_to_iter+0x6dc/0x1910 [ 480.077426][T13945] generic_file_read_iter+0x2979/0x3e70 [ 480.084064][T13945] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 480.089954][T13945] ? find_get_pages_range_tag+0xe60/0xe60 [ 480.095665][T13945] do_iter_readv_writev+0xa16/0xc30 [ 480.100870][T13945] ? find_get_pages_range_tag+0xe60/0xe60 [ 480.106586][T13945] do_iter_read+0x30b/0xe10 [ 480.111086][T13945] ? import_iovec+0x4ad/0x660 [ 480.115764][T13945] do_readv+0x37f/0x710 [ 480.119924][T13945] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 480.125821][T13945] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 480.131879][T13945] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 480.137591][T13945] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 480.143489][T13945] __se_sys_readv+0x9b/0xb0 [ 480.147996][T13945] __x64_sys_readv+0x4a/0x70 [ 480.152886][T13945] do_syscall_64+0xb6/0x160 [ 480.157383][T13945] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 480.163264][T13945] RIP: 0033:0x459a59 [ 480.167149][T13945] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 480.186743][T13945] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 480.195153][T13945] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 480.203113][T13945] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 480.211087][T13945] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 480.219047][T13945] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 480.227007][T13945] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 480.312661][T11559] usb 6-1: new high-speed USB device number 13 using dummy_hcd 14:23:55 executing program 3 (fault-call:7 fault-nth:56): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:55 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000500)='/dev/loop#\x00', 0x0, 0x100082) r1 = memfd_create(&(0x7f0000000540)='\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00v\x8e\x05\xf7\xc1U\xad}\xc6\x94|W>Zi$Nv8,\n\xa6=W^\xa3Y\x7f\x8b\x17(\'~\xf7k0TM{\xa9-\xcf\x97\x8f\x1f\x81\xdc\x1b\x7f\x8f{4Q\xda\xda\x02\xec\xb4\xf1\xdd\xcc\x8bRA\xda\x89Efn\x00s\xc2Zb\x01\x00M\xbe\xa3z\xab\xd3\xeb\x98\x88\xc4\xc6)A\x9fP\x93zhH\xe0\xd2\x81\xdb\xeeV\x8cM\xe9\xa06\xc2o\x19\"\xf6Iq\xd4\xdf\x97\xfb\xab\x04\xe8\xceI8\xb3\x1d\xcf%\x9bK\xc6\t\x01\xe1\x86a\xfa\xb8\xfb)\x88\xcd+\xc2`\xc2\xf5r5>k\xb0\xa0\x02\xfc\x16MO\x18\x9b\x06\x80b\xd1\x01\x00\x00\x00\x00\x00\x00\x00@\f\fL\xa5{Tk\x940\x17.\xa56.\xe0\x14\x1b=\xf0j\xd25\xe8\x15\xd8\x9e\xea\xd3\xd9G4\t\xc0\x9c.\'\xa9R3z$\xf2\x01\x88\xc0\x13\x12<\xc01j3\xd8\xb4CE7s\xe4\xa0\x9e\xdd\x801\x12M\xee\x13\xce\x9cu(\x8f.\xc83\xc7\xe6j\xf5\xb1\x9a\x00\x00\x00\x00\x00\x00\x00', 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000900)='\f\xd3\x93E;K\x15q\xdaX\x83f7\xca\xb8\xb5\x06\xac~\xa2(\xf9`\xec\x10-J\xdd\xbaJ\xe7\xfc\xe9M\xa2\xff.\r\x1b.gh\x99\x02|k\x10\xed\x94\xf6&\xc77\xf0O\x1bou\x88\xd5n\xfbc\x94H\xf3\x8c\xe1\xd9\xc6\xf7|G\x04\x80\x19\xe8\x1d\xbb8o\xaf\xac}\xef\x1b\xf0\x0f\x8d/\xf0\x8b\x9cg\xdf\xc3h\xfaY\x9e\xe0$pvL\xcb\x1b\xf6\xb9\x96\x1a\x8b{,o\xcb\xf4\xdb\xf2\xf6\x98\xbe\x96\xee\x89\x03\'\x8ag\xb5\xc7H\x8c\x81\xa7\xc0\x06\xd7\xac\xbb\xf1\xfbY9\xae\xdd\xef\xb1$#\xd4\xe3\xc3\xa6\x7f\x01\xe8\xcd|Mwh[\xc4\x12\xb3\xff\x0f\xe6R\xac\xd7\x13/\xd3\x05Y%\xc4Ml\xab\xcb\x1e\x83\xa7\xbc\x94k\x1e\x89\a+\xec\x9a!\x03\xc5zs\xbb\xed\xd8g\xc2\xc1\x93@-C\v7s\xe7\xfdDb0>\x80\xdf\'\xb6\x13') preadv(r2, &(0x7f0000000200)=[{&(0x7f0000000000)=""/165, 0x200000a5}], 0x1, 0x0) r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_procs(r3, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040)=0x100000001, 0x4) syz_open_dev$dspn(&(0x7f0000001f80)='/dev/dsp#\x00', 0x10000000, 0x20800) lsetxattr$security_selinux(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000680)='security.selinux\x00', &(0x7f0000000700)='system\xc2_u:object_r:mail_spool_t:s0\x00\b\x852o\x0e\xcc`\xf7\x13w\xb9\xbb\xf2*xO/o\xe3\xa1\xcc\x9bU\x15\x10 \xcb\xc2\x0f\xed\xf7\xf1+\x94\xcf\xed\xc1=\xe5\xf4\x97\x8auMW\xd3\xab\x8b\xd5\xdc\x13\x02\xf6|\xb1\x10+\xa8)\x87%\x90|\xe0;\xe36\x97T\x03\xf8D\x04\xc9<\x1f\x17+\xe0\xfc{T\x0eP1\x1a\xf0\x16\a<\xa0\"\xb9\xbdsG\x17\xfa`\xd5e3P\xffeGp53\xc8\xc1\xb5\x1en\xdb\x01\r3\xab\xcb\x95\x10\xc8-\xd9\b\t\xcdD\xaf#', 0xa6, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000008c0)='TIPCv2\x00') prctl$PR_SET_FPEMU(0xa, 0x3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3a1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f0000000380)='net/route\x00') setxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f00000003c0)='security.selinux\x00', &(0x7f0000000400)='system_u:object_r:hald_var_lib_t:s0\x00', 0x24, 0x1) r4 = semget$private(0x0, 0x20000000102, 0x0) semop(r4, &(0x7f0000000140)=[{0x0, 0xffffffffffffff89}], 0x1a9) semop(r4, &(0x7f0000000280)=[{0x0, 0x3}, {0x0, 0xfffc}], 0x2) semop(r4, &(0x7f00000000c0)=[{0x0, 0x6}], 0x1) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) semtimedop(r4, &(0x7f0000000100)=[{0x0, 0x1, 0x800}, {0x1, 0x7, 0x2800}, {0x1, 0x3ff, 0x800}], 0x3, &(0x7f0000000180)={r5, r6+30000000}) pwritev(r1, &(0x7f0000000340), 0x0, 0x81806) ioctl(0xffffffffffffffff, 0x40044102, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000840)='./cgroup/syz0\x00', 0x1ff) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000800)=@v1={0x0, @aes128, 0x4, "067b2055450fcc79"}) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r0, 0x0, 0x40fdf) 14:23:55 executing program 2: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB="5000000010000307ebff000600e7000040040000", @ANYRES32=0x0, @ANYRESDEC=0x0, @ANYRES32=0x0, @ANYBLOB="000000003ee42e48d1a77148452e00000000d69a7b65ec5bc80cfc55825be966fccf793528e16b22963b2e262ba525f5eb501af620a20828e9ac9d1daf56299b6481a3d33a7aa2f8a40a2599de03cb1a030209000000000000006a418052131242b95990939812eec1775bf83cb2d6641b2fc22d722d98a64bb4c2402fe3f656ba69456f25ac84049c075073d70091f2ba82b60074bf76c115e454ce88477819b0ce7f1ab3066e7e0db0361fc0ccb8ae88cf515d9098ce555b6692c0df11531ab1ae1379260989c97c32ab4aa9659f042b85ad1761fce5cecf7d299c65917a5da2de6a106b061a883b148ebe4a01f935cf4ca813559fb5e236460400c174651b7b219e37a03d81310e00d75d4a4c37e8845934017af11c93d0c7f9c1731526180c6b45ed29f5ad68f138c938a83a8c17f7fc44059fa50802f58aeb65b8d8453f653fffb166e19d5c28"], 0x5}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0x10, 0x800000000080002, 0x0) sendmmsg$alg(r3, &(0x7f0000000140)=[{0x6815, 0xd2efff7f00000000, &(0x7f0000000100), 0xa, &(0x7f0000000100)}], 0x492492492492805, 0x0) 14:23:55 executing program 0: close(0xffffffffffffffff) openat$rtc(0xffffffffffffff9c, &(0x7f0000000380)='/dev/rtc0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00\x02\x17\x87:\xf4\x03\xdfc\x88,5I\xd7^\xb5D\xf7\xd7\xdb,(\x03\x00\xc2\x06MG\xcd\xe9w\xe5s\x02\xf2\xea\xb6\xabsp\x12xT8\x01\x00\xd4S\xd8F\xab.x|\x8b\x87\xb0\xa2\xf5Y>\xb1 p\x998(\xe63\xcf\x7f\xac\x89F\x03n\x96\x15zsw\x98\xca\xcb3\xb6M=h\x01i.\xa3\xda}\x190~\xe7d6\xa5\x17\xb3\xe9\xd9QV\x0f\xf3\x02\xd6\xc1\xc3n\xcd*R\x9a\x95\x12\x05K\xa0<\xc9\xe3\xed\xab\xc9\x8bK\xb3\x86\xe2\x93f\x92iKA|e\x97k :,J36\x11\xf0\x99\x96\xb7]\xfd\xe3\v\xd8\x98\xc5o\xc6\xde\x80\xf7_\xc9\x8f\xaf\xf9\xd5\xb7ui\xea\xde\xd0\xeb\xd9\xf5_\v\xe2*\xa3\xf4\xab?n\xcb\x19i\x80\x91\xd2\xf6\x14\xfe!!0\x84L\x86\x81\x95,B\x11\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xab*[\xa5\xb217\x93\xf3\x88\x92\xa6\xde\x11\xa2-J\x9d\xc9\xb2\x97\xa3\x88v\x9eR\x155\xc7N!\xdb\"8\xc8I\xb9c\xed\xa7!\t\x85s\xb1\xa5\xa7R2Yf\x1c\xf8\xc2z>\xb1\x9c\x02a\x87\xe9\xb8\xf8\xdcv\xb6\xe4\xa6\n\x0e\x83lM7\xcc?\xea\x19\x99\xce\x1c\x10\xd2lQ(\xc7\xe9\xef\xd2Q\vY\xf58\x10|8}uE\xaf\xb4w;\xbc\xe4\x01\xd8\xf2\xf9u\xc1Dt\'\x84\xb5\xa4\x83\xeft\xfc\xf3\xdd\x870xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write(r0, &(0x7f0000000000)="1f000000010141e20c050054a8c984ca029b189f1b882de4e41a0e982de47a", 0x1f) [ 480.683437][T11559] usb 6-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=f0.a5 [ 480.692738][T11559] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 480.740092][ T32] audit: type=1804 audit(1571495035.785:134): pid=13965 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/142/file0/bus" dev="ramfs" ino=40579 res=1 [ 480.765892][T13965] FAULT_INJECTION: forcing a failure. [ 480.765892][T13965] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 480.779309][T13965] CPU: 1 PID: 13965 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 480.787242][T13965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 480.797312][T13965] Call Trace: [ 480.800625][T13965] dump_stack+0x191/0x1f0 [ 480.804995][T13965] should_fail+0xa3f/0xa50 [ 480.809424][T13965] should_fail_alloc_page+0x1fb/0x270 [ 480.814800][T13965] __alloc_pages_nodemask+0x3c1/0x60c0 [ 480.820257][T13965] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 480.826166][T13965] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 480.832151][T13965] ? prep_new_page+0x792/0x9b0 [ 480.837117][T13965] ? get_page_from_freelist+0x11d3/0x19f0 [ 480.842941][T13965] kmsan_alloc_page+0x131/0x370 [ 480.847798][T13965] __alloc_pages_nodemask+0x149d/0x60c0 [ 480.853342][T13965] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 480.859354][T13965] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 480.865255][T13965] ? memcg_check_events+0x74/0xf20 [ 480.870383][T13965] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 480.876306][T13965] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 480.882382][T13965] alloc_pages_vma+0xc9d/0x18c0 [ 480.887240][T13965] handle_mm_fault+0x38f5/0x9f70 [ 480.892199][T13965] ? generic_file_read_iter+0x3e70/0x3e70 [ 480.897924][T13965] do_user_addr_fault+0x905/0x1510 [ 480.903052][T13965] __do_page_fault+0x1a2/0x410 [ 480.907814][T13965] do_page_fault+0xbb/0x500 [ 480.912313][T13965] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 480.917682][T13965] page_fault+0x4e/0x60 [ 480.921830][T13965] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 480.928409][T13965] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 480.948087][T13965] RSP: 0018:ffff88817962f778 EFLAGS: 00010206 [ 480.954143][T13965] RAX: ffffffff8496408c RBX: ffff8881b58f4628 RCX: 0000000000000300 [ 480.962107][T13965] RDX: 0000000000001000 RSI: ffff888179ec0d00 RDI: 0000000020008000 [ 480.970382][T13965] RBP: ffff88817962f7e8 R08: 0000000000000000 R09: 0000000000000005 [ 480.978352][T13965] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 480.988312][T13965] R13: ffff888179ec0000 R14: ffff88817962f780 R15: 0000000020007300 [ 480.996311][T13965] ? copyout+0xcc/0x1f0 [ 481.000474][T13965] ? copyout+0x113/0x1f0 [ 481.004716][T13965] copy_page_to_iter+0x6dc/0x1910 [ 481.009753][T13965] generic_file_read_iter+0x2979/0x3e70 [ 481.015331][T13965] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 481.021303][T13965] ? find_get_pages_range_tag+0xe60/0xe60 [ 481.027015][T13965] do_iter_readv_writev+0xa16/0xc30 [ 481.032219][T13965] ? find_get_pages_range_tag+0xe60/0xe60 [ 481.037928][T13965] do_iter_read+0x30b/0xe10 [ 481.042434][T13965] ? import_iovec+0x4ad/0x660 [ 481.047113][T13965] do_readv+0x37f/0x710 [ 481.051276][T13965] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 481.057166][T13965] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 481.063223][T13965] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 481.068932][T13965] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 481.074836][T13965] __se_sys_readv+0x9b/0xb0 [ 481.079332][T13965] __x64_sys_readv+0x4a/0x70 [ 481.083913][T13965] do_syscall_64+0xb6/0x160 [ 481.088412][T13965] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 481.094294][T13965] RIP: 0033:0x459a59 [ 481.098265][T13965] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 481.118470][T13965] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 481.126976][T13965] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 481.134947][T13965] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 481.142907][T13965] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 481.150877][T13965] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 481.158836][T13965] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 481.206092][T11559] usb 6-1: config 0 descriptor?? 14:23:56 executing program 5: r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000400)={0x1, @vbi={0x0, 0x0, 0x50323234}}) clone(0x80000, &(0x7f0000000040)="fd1e5c296dfc7c8ce449d44b01e6518b75fc2d9622fc9fe82fc516cafbbd043cf8234f2dc8c3e39514d988caf3a5301635a356027222c423f4a88c54f84b17d92397d9ea47b96250904e561f5263a77fbe7bc1132adaf6f38968c04608064e933d6334d54fd0af4cdca2c1f24e5e0e1499c0eca84fe030667b39fa7837c901ab079d6335e361f9edc69ff44f4fde020daf50dcc26c74e65f2058f9955fa07897e212115395a52dd29aa617ba5a2af8d067551f", &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="3c16685be9a4d8f78f8c0e56aeb7136babb6de8a86ce947fff2939d801c5ceb3412560a63ab238bfc68e33b2b0b6") 14:23:56 executing program 2: r0 = socket(0x1, 0xe, 0xfd) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x1}, 0x10) [ 481.323011][T11559] usb 6-1: can't set config #0, error -71 [ 481.360793][T11559] usb 6-1: USB disconnect, device number 13 14:23:56 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000100)) sendmsg$nl_route(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000800030000000000120012000c000100766574680000000018ec01000a00010000000000f074449edf9d5bc25450138ad5dbdb05991d96ebdabfa2c63d0f13ebab948050e26663253e99614f5e3fe12111497c92b7728bdc8b996425c2a051b5fb1fb5a880a608816cdb3380974ddaf967d7a1a613ff86350cede903f03e543aebdc5d57d1a06d5d69638180ee3c69119380fb68efd2b41ce8a00af2a8ffd47d119414a800e546784fda702d1d9c352ef08feee5e9657b6da19996eb6882f2a67f7611c60f1b8065197d80bc31cfa1daac", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x50}}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4) 14:23:56 executing program 0: r0 = socket(0x10, 0x80002, 0x0) getsockopt$inet6_dccp_int(r0, 0x21, 0x10, &(0x7f00000002c0), &(0x7f0000000380)=0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\t'], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8, 0x1, 'sfb\x00'}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28}}}]}, 0x58}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newtfilter={0x4c, 0x2c, 0x701, 0x0, 0x0, {0x0, r4, {}, {}, {0xc}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0x20, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}, @TCA_BPF_OPS={{0x8}, {0x4}}, @TCA_BPF_FLAGS={0x8}]}}]}, 0x4c}}, 0x0) sendmmsg$alg(r0, &(0x7f0000000140), 0x332, 0x0) r5 = request_key(&(0x7f00000003c0)='rxrpc_s\x00', &(0x7f0000000480)={'syz', 0x3}, &(0x7f00000004c0)='sfb\x00', 0xfffffffffffffffb) keyctl$invalidate(0x15, r5) 14:23:56 executing program 3 (fault-call:7 fault-nth:57): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:56 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x61e, 0x200000) ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f00000000c0)={0x7, 0x2}) syz_emit_ethernet(0x66, &(0x7f0000000100)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x689, 0x3}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2f, 0x86ddffff, @local, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x7, 0x608], {0x0, 0x6, "c5961e", 0x0, 0x3b, 0x0, @mcast1={0x3, 0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x0, 0x0, 0x5]}, @initdev={0xfe, 0x88, [], 0x1, 0x0}}}}}}}}, 0x0) 14:23:56 executing program 4: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) msgsnd(r0, &(0x7f00000004c0)={0x3}, 0x8, 0x0) msgsnd(r0, &(0x7f00000001c0)={0x3, "856722dfc68433136c9a8dbc886058cbb7061660570095a7406376994f9fae99083e9e8ab456061eb9b92f68a0fe0844c38de01fb72bb1db01cca51f6e657c9d5d9895555de2cb1c939a629216e92c2c10ae9a8003f7ff418636615a5785dc13283643a8af94134e71546c0443e6d63c0c275d11c388aa0fe2df5c24319dcfdab93f1d787f700f289fa3"}, 0x92, 0x1000) epoll_wait(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x64dc) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000140)=[{0x4c}, {0x6, 0x0, 0x0, 0x50000}]}) fcntl$getflags(r2, 0x401) [ 481.632661][T14000] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 481.642555][T14000] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.1'. 14:23:56 executing program 5: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x2000000000f, &(0x7f0000f10000)=0xfffffffffffff830, 0x4) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) fcntl$setsig(0xffffffffffffffff, 0xa, 0x7) r2 = socket$netlink(0x10, 0x3, 0x8000000004) connect$unix(r0, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e22}, 0x6e) writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="580000001500add427323b472545b45602117fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1) [ 481.809836][ T32] audit: type=1804 audit(1571495036.855:135): pid=14011 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/143/file0/bus" dev="ramfs" ino=41386 res=1 [ 481.823027][T14011] FAULT_INJECTION: forcing a failure. [ 481.823027][T14011] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 481.845216][T14011] CPU: 0 PID: 14011 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 481.853188][T14011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 481.863294][T14011] Call Trace: [ 481.866670][T14011] dump_stack+0x191/0x1f0 [ 481.871080][T14011] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 481.877036][T14011] should_fail+0xa3f/0xa50 [ 481.881519][T14011] should_fail_alloc_page+0x1fb/0x270 [ 481.886952][T14011] __alloc_pages_nodemask+0x3c1/0x60c0 [ 481.892453][T14011] ? do_syscall_64+0xb6/0x160 [ 481.897256][T14011] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 481.903375][T14011] ? get_page_from_freelist+0x11d3/0x19f0 [ 481.909150][T14011] ? kmsan_get_metadata+0x39/0x350 [ 481.914312][T14011] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 481.920238][T14011] alloc_pages_current+0x68d/0x9a0 [ 481.925412][T14011] __page_cache_alloc+0x95/0x320 [ 481.930408][T14011] pagecache_get_page+0xaf1/0x1220 [ 481.935568][T14011] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 481.941517][T14011] filemap_fault+0x2632/0x2b70 [ 481.946347][T14011] ? generic_file_read_iter+0x3e70/0x3e70 [ 481.952098][T14011] handle_mm_fault+0x8043/0x9f70 [ 481.957713][T14011] do_user_addr_fault+0x905/0x1510 [ 481.962881][T14011] __do_page_fault+0x1a2/0x410 [ 481.967679][T14011] do_page_fault+0xbb/0x500 [ 481.972215][T14011] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 481.977639][T14011] page_fault+0x4e/0x60 [ 481.981839][T14011] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 481.988470][T14011] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 482.008098][T14011] RSP: 0018:ffff88817881f778 EFLAGS: 00010206 [ 482.014199][T14011] RAX: ffffffff8496408c RBX: ffff8881a96ec628 RCX: 0000000000000300 [ 482.022449][T14011] RDX: 0000000000001000 RSI: ffff88817a75bd00 RDI: 0000000020008000 [ 482.030631][T14011] RBP: ffff88817881f7e8 R08: 0000000000000000 R09: 0000000000000005 [ 482.038628][T14011] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 482.046654][T14011] R13: ffff88817a75b000 R14: ffff88817881f780 R15: 0000000020007300 [ 482.055123][T14011] ? copyout+0xcc/0x1f0 [ 482.059319][T14011] ? copyout+0x113/0x1f0 [ 482.063594][T14011] copy_page_to_iter+0x6dc/0x1910 [ 482.068674][T14011] generic_file_read_iter+0x2979/0x3e70 [ 482.074299][T14011] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.080233][T14011] ? find_get_pages_range_tag+0xe60/0xe60 [ 482.085977][T14011] do_iter_readv_writev+0xa16/0xc30 [ 482.091215][T14011] ? find_get_pages_range_tag+0xe60/0xe60 [ 482.096954][T14011] do_iter_read+0x30b/0xe10 [ 482.101485][T14011] ? import_iovec+0x4ad/0x660 [ 482.106203][T14011] do_readv+0x37f/0x710 [ 482.110407][T14011] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.116334][T14011] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 482.122428][T14011] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 482.128188][T14011] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.134123][T14011] __se_sys_readv+0x9b/0xb0 [ 482.138667][T14011] __x64_sys_readv+0x4a/0x70 [ 482.143282][T14011] do_syscall_64+0xb6/0x160 [ 482.147815][T14011] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 482.153727][T14011] RIP: 0033:0x459a59 [ 482.157650][T14011] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 482.177275][T14011] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 482.185803][T14011] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 482.193802][T14011] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 482.201797][T14011] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 482.209799][T14011] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 482.217790][T14011] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:57 executing program 2: r0 = socket$inet6(0xa, 0x801, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x56, &(0x7f00000006c0)={@local, @random="192bce5e2dfb", [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x20, 0x6, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, {[@mptcp=@add_addr={0x1e, 0xa, 0x20, 0xa, 0x0, @multicast2}]}}}}}}}}, 0x0) 14:23:57 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000080)=0x8) sendmmsg$inet6(r0, &(0x7f0000004840)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={[], [], @empty}}, 0x1c, 0x0}}, {{&(0x7f00000000c0)={0xa, 0x0, 0x0, @remote}, 0x1c, 0x0}}], 0x2, 0x0) 14:23:57 executing program 3 (fault-call:7 fault-nth:58): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 482.514189][ T32] audit: type=1804 audit(1571495037.565:136): pid=14027 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/144/file0/bus" dev="ramfs" ino=41435 res=1 [ 482.526352][T14027] FAULT_INJECTION: forcing a failure. [ 482.526352][T14027] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 482.549113][T14027] CPU: 0 PID: 14027 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 482.557272][T14027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 482.567336][T14027] Call Trace: [ 482.570648][T14027] dump_stack+0x191/0x1f0 [ 482.575025][T14027] should_fail+0xa3f/0xa50 [ 482.579470][T14027] should_fail_alloc_page+0x1fb/0x270 [ 482.584964][T14027] __alloc_pages_nodemask+0x3c1/0x60c0 [ 482.590447][T14027] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.596372][T14027] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 482.602384][T14027] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 482.610384][T14027] ? prep_new_page+0x792/0x9b0 [ 482.615167][T14027] ? get_page_from_freelist+0x11d3/0x19f0 [ 482.621180][T14027] kmsan_alloc_page+0xc3/0x370 [ 482.625944][T14027] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.631840][T14027] __alloc_pages_nodemask+0x149d/0x60c0 [ 482.637403][T14027] ? do_syscall_64+0xb6/0x160 [ 482.642072][T14027] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 482.648146][T14027] ? get_page_from_freelist+0x11d3/0x19f0 [ 482.654710][T14027] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.661033][T14027] alloc_pages_current+0x68d/0x9a0 [ 482.666152][T14027] __page_cache_alloc+0x95/0x320 [ 482.671098][T14027] pagecache_get_page+0xaf1/0x1220 [ 482.676212][T14027] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.682128][T14027] filemap_fault+0x2632/0x2b70 [ 482.686902][T14027] ? generic_file_read_iter+0x3e70/0x3e70 [ 482.692614][T14027] handle_mm_fault+0x8043/0x9f70 [ 482.697583][T14027] do_user_addr_fault+0x905/0x1510 [ 482.702722][T14027] __do_page_fault+0x1a2/0x410 [ 482.707483][T14027] do_page_fault+0xbb/0x500 [ 482.711978][T14027] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 482.719341][T14027] page_fault+0x4e/0x60 [ 482.723498][T14027] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 482.730073][T14027] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 482.749703][T14027] RSP: 0018:ffff8881ac69f778 EFLAGS: 00010206 [ 482.755757][T14027] RAX: ffffffff8496408c RBX: ffff8881b58f6468 RCX: 0000000000000300 [ 482.763717][T14027] RDX: 0000000000001000 RSI: ffff88817a461d00 RDI: 0000000020008000 [ 482.772024][T14027] RBP: ffff8881ac69f7e8 R08: 0000000000000000 R09: 0000000000000005 [ 482.780156][T14027] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 482.788117][T14027] R13: ffff88817a461000 R14: ffff8881ac69f780 R15: 0000000020007300 [ 482.796178][T14027] ? copyout+0xcc/0x1f0 [ 482.800329][T14027] ? copyout+0x113/0x1f0 [ 482.804569][T14027] copy_page_to_iter+0x6dc/0x1910 [ 482.809611][T14027] generic_file_read_iter+0x2979/0x3e70 [ 482.815183][T14027] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.821242][T14027] ? find_get_pages_range_tag+0xe60/0xe60 [ 482.826953][T14027] do_iter_readv_writev+0xa16/0xc30 [ 482.832166][T14027] ? find_get_pages_range_tag+0xe60/0xe60 [ 482.837876][T14027] do_iter_read+0x30b/0xe10 [ 482.842394][T14027] ? import_iovec+0x4ad/0x660 [ 482.847075][T14027] do_readv+0x37f/0x710 [ 482.851236][T14027] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.857128][T14027] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 482.865545][T14027] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 482.871269][T14027] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 482.877184][T14027] __se_sys_readv+0x9b/0xb0 [ 482.881683][T14027] __x64_sys_readv+0x4a/0x70 [ 482.886266][T14027] do_syscall_64+0xb6/0x160 [ 482.890762][T14027] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 482.896647][T14027] RIP: 0033:0x459a59 [ 482.900533][T14027] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 482.920126][T14027] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 482.928545][T14027] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 482.936518][T14027] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 482.944476][T14027] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 482.952434][T14027] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 482.960479][T14027] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 14:23:58 executing program 0: ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, &(0x7f0000000000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'netdevsim0\x00', {0x2, 0x4e23, @multicast1}}) r1 = syz_open_dev$sndseq(&(0x7f0000000080)='/dev/snd/seq\x00', 0x0, 0x200000) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r1, 0xc0105303, &(0x7f00000000c0)={0x3, 0x81, 0x81}) setxattr$security_ima(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='security.ima\x00', &(0x7f0000000180)=@ng={0x4, 0xe, "1664"}, 0x4, 0xd8b3d371e9ddb0e3) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000001c0)={0x0, 0x56, "180a1c33fbc4569a25d3af47ef86cea0e8502d66be6670f6e688d5c0458c3c04a767629f8058d687f4e1f64030d12304c92e0693fa214302f7cfb33e0932faee2c323cc5b4b86dc1d24eb18c6331101c77cbfe0a9e53"}, &(0x7f0000000240)=0x5e) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000280)={r2, 0xffffffff}, &(0x7f00000002c0)=0xc) getsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000300), &(0x7f0000000340)=0x4) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x90400, 0x0) r4 = openat$vfio(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vfio/vfio\x00', 0x40, 0x0) r5 = userfaultfd(0x80000) ppoll(&(0x7f0000000400)=[{0xffffffffffffffff, 0x6c52}, {r3, 0x8000}, {r4}, {r5, 0x4}, {r0, 0x8000}], 0x5, &(0x7f0000000440)={0x77359400}, &(0x7f0000000480)={0x4a}, 0x8) r6 = syz_open_dev$swradio(&(0x7f00000004c0)='/dev/swradio#\x00', 0x0, 0x2) ioctl$TUNGETIFF(r6, 0x800454d2, &(0x7f0000000500)) r7 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000540)='/proc/capi/capi20ncci\x00', 0x100, 0x0) openat$cgroup_type(r7, &(0x7f0000000580)='cgroup.type\x00', 0x2, 0x0) r8 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r8, 0x0, 0x30, &(0x7f00000005c0)={0x4, {{0x2, 0x4e22, @local}}, 0x1, 0x4, [{{0x2, 0x4e20, @broadcast}}, {{0x2, 0x4e23, @local}}, {{0x2, 0x4e24, @local}}, {{0x2, 0x4e24, @remote}}]}, 0x290) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000880)={0x0, 0x80, 0x30}, &(0x7f00000008c0)=0xc) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000900)={r9}, &(0x7f0000000940)=0x8) r10 = syz_open_dev$mice(&(0x7f0000000980)='/dev/input/mice\x00', 0x0, 0x28c002) r11 = openat$vcs(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/vcs\x00', 0x200, 0x0) ioctl$UFFDIO_WAKE(r11, 0x8010aa02, &(0x7f0000000a00)={&(0x7f0000ff5000/0xb000)=nil, 0xb000}) r12 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000a40)=@name, &(0x7f0000000a80)=0x10, 0x0) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000b00)={'team_slave_1\x00', 0x0}) recvfrom(r12, &(0x7f0000000ac0)=""/47, 0x2f, 0xc0, &(0x7f0000000b40)=@can={0x1d, r13}, 0x80) r14 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000bc0)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$sock_inet_SIOCSIFADDR(r14, 0x8916, &(0x7f0000000c00)={'ip6gre0\x00', {0x2, 0x4e24, @rand_addr=0x1000}}) r15 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000c40)='/dev/btrfs-control\x00', 0x4200, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r15, 0x84, 0x2, &(0x7f0000000c80)={0x1f, 0x6, 0xffe1, 0xff}, 0x8) 14:23:58 executing program 4: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000680)={{0x12, 0x1, 0x0, 0x4, 0xb2, 0x18, 0x40, 0x17e9, 0x8226, 0x8118, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0) syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000300)={0x0, 0x0, 0x2, {0x2, 0x37385ef6f197895f}}, 0x0, 0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) socket$inet6(0xa, 0x1, 0x9) syz_open_dev$sndtimer(&(0x7f0000000080)='/dev/snd/timer\x00', 0x0, 0x4800) openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x400000, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r4 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000300)={0x0, 0x0, 0x2, "ce07"}, 0x0, 0x0, 0x0, 0x0}) 14:23:58 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") r1 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x10032, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000480)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000300)={{&(0x7f0000012000/0x4000)=nil, 0x4000}, 0x1}) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x6d, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f0000000000), 0x10) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)="11") r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_QUERYCAP(r4, 0x80685600, &(0x7f0000000080)) r5 = dup2(r1, r3) dup3(r5, r2, 0x0) [ 483.173335][T14014] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 483.182777][T14014] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.1'. 14:23:58 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_open_procfs(0x0, &(0x7f00000000c0)='net/ipv6_route\x00') r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r2, 0x800448d2, &(0x7f0000000100)={0x4, &(0x7f0000000400)=[{}, {}, {}, {}]}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x1, 0x0, @pic={0x0, 0xf, 0x0, 0xab, 0xfa, 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000040)=@gcm_256={{0x303}, "cc145dd6b4d27c97", "f055a06b70628ff01fe29b87e578700cf74b4822548e8f731120cdf66e8d9488", "da788e49", "754d151f1e21ec8d"}, 0x38) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x200]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:23:58 executing program 3 (fault-call:7 fault-nth:59): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:58 executing program 1: r0 = socket$kcm(0x10, 0x3, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x10000, 0x0) syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x80, 0x0) ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r1, 0x80845663, &(0x7f0000000140)={0x0, @reserved}) sendmsg$kcm(r0, &(0x7f0000002b00)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000002980)="fb0000006600015bbfa9d345e7eb8d99c1ffffffffffffff43050c000000000000e2d70800000006000008b6000000801d5291636b48880665c2388d902e5ed76b8c674500000000affa33021eb82169b94b59829626cd8bb72935c922974adced71c22b987fa68c7bb731c5f64e93ea793c262f67b56acbb4bac0c47df9d0ca9bd5ad8a04c4437e99c2677d9d3ffd47893808c33b047f720f4e89978112320828c7c1fbab650cdcafa532d3524ea85b198cb49066bf549933875e91431da2f42c88d613be8f1376090e88a06412d5160d7f1b0f47d951f5f7a371a861b9390ddbad53e9b678168ac8d157a656737a7ac0226d366ccec93f9f0700", 0xfb}], 0x1}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)}, 0x1) getsockopt$sock_timeval(r2, 0x1, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x10) 14:23:58 executing program 0: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) socket$packet(0x11, 0x3, 0x300) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0xd, 0xfffffffffffffffe, 0xff95) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) sendto$inet(r0, 0x0, 0xffffffd3, 0x200047ad, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0xc) setsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, &(0x7f0000000080)=0x7, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000640)='illinois\x00', 0x9) syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x1, 0x0) ioctl$CAPI_GET_MANUFACTURER(0xffffffffffffffff, 0xc0044306, 0x0) read(r0, &(0x7f0000000ac0)=""/245, 0x100000394) r2 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x7, 0x40080) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_SUBDEV_S_FMT(r2, 0xc0585605, &(0x7f0000000400)={0x1, 0x0, {0x2, 0x1ff, 0x1010, 0x4, 0x2, 0x0, 0x0, 0xab1ea66834398ee6}}) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/btrfs-control\x00', 0x0, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) sysfs$2(0x2, 0x1, &(0x7f0000000540)=""/232) close(r4) socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e23, 0x5, @mcast2}}}, 0x84) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f00000002c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$dlm_monitor(0xffffffffffffff9c, 0x0, 0x141401, 0x0) socket$netlink(0x10, 0x3, 0x0) sendto$inet(r0, &(0x7f0000000180)="20268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba5c0fe3ac47b61db6b4c41bd1a5259e62506cda287b857aac", 0x8293, 0x4000002, 0x0, 0x27) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) r5 = dup(0xffffffffffffffff) ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r5, 0xc0945662, &(0x7f0000000340)={0x5, 0x0, [], {0x0, @reserved}}) creat(0x0, 0x49) [ 483.422096][T11562] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 483.429947][ T32] audit: type=1804 audit(1571495038.475:137): pid=14049 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/145/file0/bus" dev="ramfs" ino=41505 res=1 [ 483.458778][T14049] FAULT_INJECTION: forcing a failure. [ 483.458778][T14049] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 483.472014][T14049] CPU: 0 PID: 14049 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0 [ 483.479894][T14049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 483.489944][T14049] Call Trace: [ 483.493244][T14049] dump_stack+0x191/0x1f0 [ 483.497572][T14049] should_fail+0xa3f/0xa50 [ 483.501992][T14049] should_fail_alloc_page+0x1fb/0x270 [ 483.507359][T14049] __alloc_pages_nodemask+0x3c1/0x60c0 [ 483.512829][T14049] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 483.518813][T14049] ? kmsan_get_shadow_origin_ptr+0x196/0x4b0 [ 483.524788][T14049] ? prep_new_page+0x792/0x9b0 [ 483.529553][T14049] ? get_page_from_freelist+0x11d3/0x19f0 [ 483.535279][T14049] kmsan_alloc_page+0x131/0x370 [ 483.540213][T14049] __alloc_pages_nodemask+0x149d/0x60c0 [ 483.545751][T14049] ? do_syscall_64+0xb6/0x160 [ 483.550677][T14049] ? entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 483.556832][T14049] ? get_page_from_freelist+0x11d3/0x19f0 [ 483.562576][T14049] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 483.568466][T14049] alloc_pages_current+0x68d/0x9a0 [ 483.573582][T14049] __page_cache_alloc+0x95/0x320 [ 483.578527][T14049] pagecache_get_page+0xaf1/0x1220 [ 483.583627][T14049] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 483.589519][T14049] filemap_fault+0x2632/0x2b70 [ 483.594292][T14049] ? generic_file_read_iter+0x3e70/0x3e70 [ 483.600133][T14049] handle_mm_fault+0x8043/0x9f70 [ 483.605218][T14049] do_user_addr_fault+0x905/0x1510 [ 483.610461][T14049] __do_page_fault+0x1a2/0x410 [ 483.615322][T14049] do_page_fault+0xbb/0x500 [ 483.619828][T14049] ? kmsan_unpoison_pt_regs+0x28/0x30 [ 483.625198][T14049] page_fault+0x4e/0x60 [ 483.629361][T14049] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 483.635942][T14049] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 483.655636][T14049] RSP: 0018:ffff88817bfff778 EFLAGS: 00010206 [ 483.661690][T14049] RAX: ffffffff8496408c RBX: ffff8881a96ec628 RCX: 0000000000000300 [ 483.669653][T14049] RDX: 0000000000001000 RSI: ffff88817c386d00 RDI: 0000000020008000 [ 483.677617][T14049] RBP: ffff88817bfff7e8 R08: 0000000000000000 R09: 0000000000000005 [ 483.685577][T14049] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000001000 [ 483.693541][T14049] R13: ffff88817c386000 R14: ffff88817bfff780 R15: 0000000020007300 [ 483.701520][T14049] ? copyout+0xcc/0x1f0 [ 483.705696][T14049] ? copyout+0x113/0x1f0 [ 483.709943][T14049] copy_page_to_iter+0x6dc/0x1910 [ 483.714984][T14049] generic_file_read_iter+0x2979/0x3e70 [ 483.720560][T14049] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 483.726454][T14049] ? find_get_pages_range_tag+0xe60/0xe60 [ 483.732166][T14049] do_iter_readv_writev+0xa16/0xc30 [ 483.737368][T14049] ? find_get_pages_range_tag+0xe60/0xe60 [ 483.743211][T14049] do_iter_read+0x30b/0xe10 [ 483.747711][T14049] ? import_iovec+0x4ad/0x660 [ 483.755693][T14049] do_readv+0x37f/0x710 [ 483.761066][T14049] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 483.766952][T14049] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 483.773106][T14049] ? prepare_exit_to_usermode+0x19a/0x4d0 [ 483.778903][T14049] ? kmsan_get_shadow_origin_ptr+0x91/0x4b0 [ 483.784789][T14049] __se_sys_readv+0x9b/0xb0 [ 483.789289][T14049] __x64_sys_readv+0x4a/0x70 [ 483.793869][T14049] do_syscall_64+0xb6/0x160 [ 483.798379][T14049] entry_SYSCALL_64_after_hwframe+0x63/0xe7 [ 483.804257][T14049] RIP: 0033:0x459a59 [ 483.808143][T14049] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 483.827734][T14049] RSP: 002b:00007fb00e465c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 483.836138][T14049] RAX: ffffffffffffffda RBX: 00007fb00e465c90 RCX: 0000000000459a59 [ 483.844096][T14049] RDX: 00000000000003b6 RSI: 00000000200007c0 RDI: 0000000000000004 [ 483.852141][T14049] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 483.860098][T14049] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb00e4666d4 [ 483.868664][T14049] R13: 00000000004c6fe7 R14: 00000000004dcba8 R15: 0000000000000005 [ 483.952390][T14058] netlink: 215 bytes leftover after parsing attributes in process `syz-executor.1'. [ 484.008238][T14062] netlink: 215 bytes leftover after parsing attributes in process `syz-executor.1'. 14:23:59 executing program 3 (fault-call:7 fault-nth:60): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 484.194065][ T32] audit: type=1804 audit(1571495039.245:138): pid=14067 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/146/file0/bus" dev="ramfs" ino=40809 res=1 [ 484.216514][T11562] usb 5-1: New USB device found, idVendor=17e9, idProduct=8226, bcdDevice=81.18 [ 484.225831][T11562] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.297722][T11562] usb 5-1: config 0 descriptor?? 14:23:59 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) statfs(&(0x7f0000000000)='./bus\x00', &(0x7f0000000240)=""/71) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:23:59 executing program 1: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xe4, 0xd7, 0x6d, 0x40, 0x61d, 0xc020, 0xcddd, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x8b, 0x0, 0x0, 0x49, 0x96, 0xfd}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000001dc0)={0xac, &(0x7f0000001a80)={0x0, 0x6, 0xfffffffffffffe46, "49ede7"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$TIOCSBRK(r1, 0x5427) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000ec0)={0xac, &(0x7f0000000bc0)={0x0, 0x0, 0x3, "307f7e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) 14:23:59 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x800000000000c5) r1 = socket(0x10, 0x3, 0x9) r2 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x1) ioctl$VIDIOC_G_FMT(r2, 0xc0d05604, &(0x7f0000000100)={0x0, @pix={0x0, 0x5, 0x20385655, 0x9b2f1205ee3b155f, 0x6, 0x400, 0x4, 0x401, 0x2, 0x4, 0x0, 0x3}}) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0x4}, 0x10) write(r1, &(0x7f0000000080)="240000001a005f0014f9f407000904000a00000000000100000000000800020000000000", 0x24) 14:23:59 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x5, 0xffffffffffffffff, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000300)='/dev/full\x00', 0x40000, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r1, 0xc058534b, &(0x7f0000000380)={0x3, 0x7, 0xec7, 0x6, 0x25, 0x9}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000340), 0x2}, 0x0, 0x0, 0xfffffffd}, 0x0, 0xf, r0, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x1, 0x2) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000180)={0x5, @vbi}) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000140)={&(0x7f0000000100)=[0x0, 0x800, 0x61ce], 0x3, 0x2, 0x7fff, 0xff, 0x5, 0x8000, {0x0, 0x3, 0xfff8, 0x6, 0x6, 0x1, 0x4, 0x8000, 0x0, 0x8000, 0x7, 0xd4, 0x6, 0x3, "24c26888281bfdf66453899c22fc5340d43149c8c9a009f5861edb20c023112b"}}) socket$l2tp(0x18, 0x1, 0x1) ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000280)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1}) ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f00000002c0)={0x7fffffff}) r3 = gettid() syz_open_procfs(r3, &(0x7f0000000040)='loginuid\x00') ptrace$cont(0x3, r3, 0x10000, 0x1) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) unshare(0x40000000) [ 484.562220][T11562] udlfb 5-1:0.0: vendor descriptor not available (2) 14:23:59 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000000600)='/dev/snd/seq\x00', 0x0, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000440)='id\x86o2\x00', 0x2, 0x0) r4 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r5 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r6 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r7 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) sendmsg$unix(r0, &(0x7f00000003c0)={&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000000), 0x10000000000001cf, &(0x7f0000000400)=ANY=[@ANYBLOB="3000000421fc284681c2f9dd8e0fdac738b7001565bbed", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r7, @ANYRES32=r5, @ANYRES32=r0, @ANYRES32=r6, @ANYRES32], 0x30, 0x4800}, 0x40380cb) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'por\xff\a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1f\x00\x00\xff\xff\xff\xff\xff\xff\xff\xef\x00\x00\x03\xff\x00\x00\x00\x00\x00\x00\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 0xc3, 0x80003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x4142, 0x0) [ 484.699280][T14087] IPVS: ftp: loaded support on port[0] = 21 [ 484.863316][T11559] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 485.123624][T11562] usb 5-1: Read EDID byte 1 failed: -71 [ 485.142339][T11562] usb 5-1: Read EDID byte 0 failed: -71 [ 485.162795][T11562] usb 5-1: Read EDID byte 0 failed: -71 [ 485.168576][T11562] usb 5-1: Unable to get valid EDID from device/display [ 485.222242][T11559] usb 2-1: config 0 has an invalid interface number: 139 but max is 0 [ 485.230543][T11559] usb 2-1: config 0 has no interface number 0 [ 485.237477][T11559] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=cd.dd [ 485.247039][T11559] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.327075][T11562] usb 5-1: submit urb error: -2 [ 485.337332][T11562] udlfb: probe of 5-1:0.0 failed with error -2 [ 485.347805][T11559] usb 2-1: config 0 descriptor?? [ 485.396728][T11559] ssu100 2-1:0.139: Quatech SSU-100 USB to Serial Driver converter detected [ 485.409651][T11562] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 485.418463][T11562] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 485.442258][T11562] [drm:udl_init] *ERROR* Selecting channel failed [ 485.449740][T11562] [drm:udl_submit_urb] *ERROR* usb_submit_urb error fffffffe [ 485.472763][T11562] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 485.481444][T11562] [drm] Cannot find any crtc or sizes [ 485.487162][T11562] [drm:udl_submit_urb] *ERROR* usb_submit_urb error fffffffe [ 485.499233][T11562] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2 [ 485.506908][T11562] [drm] Initialized udl on minor 2 [ 485.514794][T11562] usb 5-1: USB disconnect, device number 20 [ 485.602432][T11559] ssu100: probe of 2-1:0.139 failed with error -5 [ 485.972137][T11562] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 486.352282][T11562] usb 5-1: New USB device found, idVendor=17e9, idProduct=8226, bcdDevice=81.18 [ 486.361529][T11562] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.371270][T11562] usb 5-1: config 0 descriptor?? 14:24:01 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$rtc(&(0x7f0000000000)='/dev/rtc#\x00', 0x6, 0x20000) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r2, 0x4008af23, &(0x7f00000000c0)={0x0, 0x7f}) r3 = socket(0x2, 0x3, 0x7) connect$inet(r3, &(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10) getsockopt$sock_buf(r3, 0x1, 0x1c, &(0x7f0000e530e9)=""/16, &(0x7f00000001c0)=0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="440000001000010500000000000000000000000055a700e923d92761e03c16b2f3ee50a647e4a25b49433a612b787dd43729ed237128d77172820b70f70758c9e6b38f1885d2eee7af870addf10b5a6ef75cd252770b52a69cc8e06e0045789f26508ca1ac2cb562f12bcd090c548e1e9fc0465d78e07ab8704761b8511b569ce0693e901fe921eb9e14cbb638e6466029621286b8bc533ed20fa5f51992060b771827bd33fd5c1b85ac223904bed996c993e2e2be8397c2b975c2cba0c08f4a6bdd78acd2d4cb73a77686303f5430c3de248eeea51fcd3978690dc48fbed30f843442443083de2df8a16c0fa024f0f0b2e59f", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012000c00010069703667726500001400020008000c000000000008000100", @ANYRES32=r6], 0x44}}, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000400)=@report={0x230, 0x20, 0x100, 0x70bd27, 0x25dfdbff, {0x0, {@in=@empty, @in6=@loopback, 0x4e23, 0x20, 0x4e20, 0x8000, 0x0, 0x80, 0x140, 0x2b, r6, r7}}, [@algo_auth={0x114, 0x1, {{'sha224-avx2\x00'}, 0x650, "47310c336c6217a7ba9340369dae4ccede788c7497b4ee18ef67b49e8471a6b4a10980df28f7e4bea97d9548a26bcd6725b8472c0d9e7396408d6876bd8c35181b7999d5e48bfc5dc902aeb75b1c59e70d236777a2eee97bdb86c71d0246d4ef12a2f9f4227f12e8862788ba8aff269a088e64d3f220d681aef008e25d2c08125f66d2c5df3ab780f096066be10bd6e78c1d7a958038066d46ed967bc742aa0f5c135c787340787a802207cf37bedda30a57e3e44a23f9a02c2e96bd6461502ef62f89767715e73e9f35"}}, @algo_auth_trunc={0x6c, 0x14, {{'wp384\x00'}, 0xf8, 0x0, "31f2ae94281c7c993d01169cfb0a9b3d1af50ab43a9b5d1272887143389f15"}}, @algo_aead={0x64, 0x12, {{'authenc(sha3-512,ctr(camellia))\x00'}, 0xa8, 0x100, "f25fe45c182b394967e1fbc7b0a0c4a658da746611"}}]}, 0x230}, 0x1, 0x0, 0x0, 0x834c9fed93b9419f}, 0x40) setuid(r7) r8 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket$inet6(0xa, 0x1200000002, 0x0) getsockname$netlink(r1, &(0x7f0000000040), &(0x7f0000000080)=0xc) setsockopt$inet6_mtu(r9, 0x29, 0x17, &(0x7f0000000240)=0x4, 0x4) sendto$inet6(r9, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) pipe2(&(0x7f0000000280)={0xffffffffffffffff}, 0x84800) ioctl$VHOST_GET_VRING_BASE(r10, 0xc008af12, &(0x7f00000002c0)) 14:24:01 executing program 0: r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2) ioctl$RNDGETENTCNT(r0, 0x80045200, &(0x7f0000000040)) r1 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000440)={'syz'}, &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r3, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r3, 0x40505330, &(0x7f00000002c0)={{0x4, 0x80}, {0x81}, 0x10001, 0x1, 0x6}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000080)=0x0) sched_setaffinity(r4, 0x8, &(0x7f00000001c0)=0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r1, r1}, &(0x7f00000000c0)=""/83, 0x53, &(0x7f0000000180)={&(0x7f0000000280)={'sha3-256\x00'}}) 14:24:01 executing program 2: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100000000008, 0x926, 0x3333, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x22}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000040)={0x0, 0x0, 0x22, {0xf4, 0x0, "bedc2a5443640a789bdd51ea6221d59bc578290b605545b86415f523b546d3b9"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000080)='Pdev/inpUf\xac\xb0b\x19\xcb\xf5#\x00', 0x4, 0x10801) ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000180)) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x4000, 0x1}) 14:24:01 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x199200, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000180)={0x0, 0x0, [0x3ff0, 0x7, 0x2, 0x101]}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="f2a6bad004b00fee0f090f3036f30f1a970000660f3806581e0f08bad004b0beeef30f2af8baa100b000ee", 0x2b}], 0x1, 0x0, 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000040)=0x96d1, 0x2) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) accept4(0xffffffffffffffff, &(0x7f0000000480)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @dev}}, &(0x7f0000000000)=0x465, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x40000004, 0x0, 0x0, 0x80000001, 0x4cb, 0x0, 0x0, 0x1000], 0x12000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) acct(&(0x7f0000000280)='./file0\x00') ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f00000003c0)=""/23) r4 = socket$inet6(0x10, 0x3, 0x0) r5 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r5, 0x80006040045010, &(0x7f0000000140)=0x3) write$ppp(r5, &(0x7f0000000380)="b689fb984c1cf55a", 0x8) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000100), 0x35f) 14:24:01 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) ioctl$CAPI_INSTALLED(0xffffffffffffffff, 0x80024322) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) bind(r1, &(0x7f0000000240)=@sco={0x1f, {0x20, 0x2, 0x0, 0x8, 0x3f, 0x20}}, 0x80) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 486.670026][ T32] audit: type=1804 audit(1571495041.715:139): pid=14107 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/148/file0/bus" dev="ramfs" ino=41650 res=1 [ 486.692464][ T32] audit: type=1804 audit(1571495041.715:140): pid=14109 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/148/file0/file0/bus" dev="ramfs" ino=41654 res=1 [ 486.715814][T11562] udlfb 5-1:0.0: vendor descriptor not available (-71) 14:24:01 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x3ff, 0x3, 0x1f, 0x5, 0xffffffff}) readv(0xffffffffffffffff, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 486.747018][T11562] usb 5-1: Read EDID byte 0 failed: -71 [ 486.783676][T11562] usb 5-1: Read EDID byte 0 failed: -71 [ 486.815739][T11562] usb 5-1: Read EDID byte 0 failed: -71 [ 486.821698][T11562] usb 5-1: Unable to get valid EDID from device/display [ 486.877715][T14121] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.5'. 14:24:02 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000000)='.\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 486.964837][T11562] usb 5-1: submit urb error: -2 [ 486.977834][T11562] udlfb: probe of 5-1:0.0 failed with error -2 [ 487.062365][T11562] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 487.071509][T11562] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 487.085734][ T32] audit: type=1804 audit(1571495042.135:141): pid=14129 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/150/file0/bus" dev="ramfs" ino=42057 res=1 [ 487.142069][T11559] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 487.155531][T11562] [drm:udl_init] *ERROR* Selecting channel failed [ 487.164162][T11562] [drm:udl_submit_urb] *ERROR* usb_submit_urb error fffffffe 14:24:02 executing program 5: r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x80003) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$dupfd(r1, 0x0, r1) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000000)={r6}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r3, 0x84, 0xf, &(0x7f0000000180)={r6, @in6={{0xa, 0x4e24, 0x80, @loopback, 0x3}}, 0x6833, 0x1, 0x5, 0x2, 0xffffffff}, &(0x7f0000000040)=0x98) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000240)={r7, 0xd22}, 0x8) r8 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r8, 0x80006040045010, &(0x7f0000000140)=0x3) write$cgroup_subtree(r8, &(0x7f0000000000)={[{0x15, 'cpu'}, {0x6, 'rdma'}]}, 0xb) r9 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r9, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x7) r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu\x00', 0x200002, 0x0) r11 = openat$cgroup_int(r10, &(0x7f0000000100)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0) sendfile(r11, r0, 0x0, 0x8000fffffffe) [ 487.213008][T11562] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 487.221879][T11562] [drm] Cannot find any crtc or sizes [ 487.227376][T11562] [drm:udl_submit_urb] *ERROR* usb_submit_urb error fffffffe [ 487.277249][T11562] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 3 [ 487.285512][T11562] [drm] Initialized udl on minor 3 [ 487.329986][T11562] usb 5-1: USB disconnect, device number 21 [ 487.392408][T11559] usb 3-1: Using ep0 maxpacket: 8 [ 487.512722][T11559] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 487.523975][T11559] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 487.537150][T11559] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00 [ 487.546570][T11559] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 487.572890][T11559] usb 3-1: config 0 descriptor?? 14:24:02 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x5) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000007e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000000320000000000000000000000000001000000000000004000"/38, @ANYRES32=0x0, @ANYBLOB="000000001800000000000000290000003600"/28], 0x46}}], 0x1, 0x0) getitimer(0x8d133ace10ef9365, &(0x7f0000000140)) 14:24:02 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f00000001c0)='ramfs\x00', 0x20010, 0x0) chdir(&(0x7f0000000180)='./file0\x00') unlink(&(0x7f0000000240)='./bus\x00') symlink(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='.\x00') r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r1, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000140)={0x3, 0x0, 0x101, 0x1, {0x101, 0xfffffffe, 0xee0b, 0xea7}}) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 487.647680][T11562] usb 2-1: USB disconnect, device number 36 14:24:02 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) r2 = openat$cgroup_ro(r1, &(0x7f0000000140)='pids.events\x00', 0x0, 0x0) readv(r2, &(0x7f00000000c0), 0x30c) 14:24:02 executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) shutdown(r0, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) listen(r1, 0x100000000000012) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) sendmmsg$inet(r0, &(0x7f0000000380)=[{{&(0x7f0000000100)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000002640)=[{&(0x7f00000000c0)="a2", 0x1}], 0x1}}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000140)=[@in={0x2, 0x4e23, @loopback=0xac1414e0}]}, &(0x7f0000000080)=0x10) [ 487.959844][ T32] audit: type=1804 audit(1571495043.005:142): pid=14152 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/152/file0/bus" dev="ramfs" ino=41790 res=1 [ 488.058736][T11559] keytouch 0003:0926:3333.000A: fixing up Keytouch IEC report descriptor [ 488.089846][T11559] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.000A/input/input16 14:24:03 executing program 4: r0 = socket$inet6(0xa, 0x80002, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x400806c, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @local}, 0x1c) sendto$inet6(r0, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r3 = syz_open_dev$media(&(0x7f0000002540)='/dev/media#\x00', 0x5, 0x20000) ioctl$SG_NEXT_CMD_LEN(r3, 0x2283, &(0x7f0000002700)=0x22) sendmmsg(r1, &(0x7f0000002580)=[{{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x4e20, @empty}, 0x0, 0x1, 0x3, 0x3}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000140)="3adb715c28b7f80b91490476e23250a34574a55d532ee778d2963a7e3a5c7446d8af9d8619792a027f543543c78600adbe4105b41124a587ed1e5b7b1e9cf20c406ab9e80c7e33bac84ea76f987669930e316c5b4243dea0b2a8a053039134bb7b6ced1c7680a4af49b4dcefdcf54074bd44bc5169ca06fa", 0x78}, {&(0x7f00000001c0)="870200a354f2d03c6ea947669d1c4aa661375b199d90332d189883a327d614089866a4e626d34a1712774d23da12bd477f50fcc3897797a3a4307cf4b1cd4a0f9f85038d717fde9b3fd059761e68886b17db8326401fceaabc520567ab555d1984ff122bba463ced18f0864b84d34681ae94d78752204b869bafec95dfde0e8e54e98c69a9295c5e2aeff36b21be2c8f1c918e4bd51a330d629e03c4e446b478f199dd83f6fe3209c9ccc431a6", 0xad}, {&(0x7f0000000040)="21525dc7260e9416aa30346d2f", 0xd}, {&(0x7f0000000280)="beed7297c8f623f4493bc354fb84241e234023dbf67120d74c784558dd112c2a1c5a8f98c097cb89f7493da339d2042974a82aa0a23dc0a1aab148f605ce691446c16639d83a5ee7a20c5a4854726ca6e212560fda7b613776dc4cf0d4b06c705eb5b87f366f7d3eb5fdc6d2f1b708150b55dc666724accd99679b29c816eac26d7ba1212be3c29f4c01af105d02d6b0d5e9e9391c05b78ef4d1d667247cf673860bcf23dbfe3d902b3a16a3f1fd25202c2026a6848955", 0xb7}, {&(0x7f0000000340)="6588a84d1b795c06da0b9d1163e32d9c00ce6bb9fc918d496bf80675b481341afec119acbc2acc28547e065e92bbfe1d042ec3ea14edfc99945072fa08a8c542c9ebd634d05dbcb560a585a172c4887d7f52bdd4bdd88d176e4d2a8ee6e24625c1ace25704ec6421e09b16d1e27d00037051e92716a30d4eaa32de343c28dc2630b675cf0d8363d01d717851db46bb24db4a755a04addbccc114f7194013f8c6b1e23673cee7c47f05624f45354944f50f06b82257db08d51e4c8d67dbd981f8dc678599585b199d8998e1d312c943190c4a737cf3da9f63bb16de6f9f14081707a9f4", 0xe3}], 0x5, &(0x7f00000004c0)=[{0x80, 0x105, 0x8, "2257abe1246cb30f2b5528aede3d7a0605be87d1074d79cfa1671efa07409a66949ac958c9638235b50714a991b19cb6c99c1791d7dc77e511f4528d901d29a217d3064f4e949dd4094e0d0385b084210499ec0ec54f97aee820994c8d4dbf1cb57ff1943db3c5d1280d7474135f31"}], 0x80}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000540)="177786ec10d13a91e36a0ee7217ef26cb5b649df451b04c755989e9f073cebd2a131113e06f5a158d79238dd2ed5c197437f0d688577f0910a58cd11c29a4d638a0b1b0e894ebc1aad665a91f128e85bfbd3701d81c28a4eed18e54d7435986ddee359f1d322bf9b15398ac2cd04433d2cd6a175bd7a8b101219dc91399b069c", 0x80}, {&(0x7f00000005c0)="574220635f5b1c612a937108e567b98d24b802842c0c24f0e0810c63605bdb314ee053ef81d0f5821b111363376e72259c3acfb923cf56852802166b79", 0x3d}, {&(0x7f0000000600)="d50108c3baeeb472669e8500caf4e22e7406c528f5b59920159dded5732993db65348923a776adaa4130ba13b54ad8ec569504ffd4369bda961185cb9fdbc529b455aa7443", 0x45}, {&(0x7f0000000680)="5df05c2c12878d2c08212bd0fbab8f2638b34ad27172144904dd6220328a40ac8c9ba1d13b449c39b90448be8d2e", 0x2e}, {&(0x7f00000006c0)="9ae436661de5f1d1f103f6424fdf15a59fd9099b8e18f1fd55af0f69fd046b47f512088471cdb6ed1d8433dc38142f885ac2e0cb4b132082cefa537511e5470d269d21b4b67eb1e831e156d5856c1d896c055d1a94ae90505008d24596ceea48ef12766b35adefd769ad128be52e7ccbe9562aafeec3b70acfd9305606694edd34ae9dfc194285eee054db04964c4960c866d2815865", 0x96}], 0x5, &(0x7f0000000ac0)=[{0x10, 0x11, 0x68a}, {0x88, 0x100, 0x3, "c17f03412638be318de36861217db369c902c1602f1a7a5374900b3f6e9c307560694f2f21117a30c9ff3c25df34e2ca74813309896d9e205baebced254da6fa3f0298670e461d9712e1e7d0b7ac444679aa6620d3f3855a5350d50c4c4bc1e2872e22e92cee0dff45651656741a422867b85a21121505"}, {0x50, 0x0, 0x4518, "baacfb08214c8874d6b437c5469581fd5d5226776f522a074ac375e2e7356534c3e6365f2173602d537edf24ba69e825afbc199f0c237fabf05f"}, {0x88, 0x11a, 0x800, "4690902c1be278ebcad2bab742696b64ed1d73dd83fcce0266d196bc297941776b8a109cf742215a7af88406dd57306f0ac169053d8324df5e1d58879f847d653856a498c47d2d392fd355b6b5222eb4db96f4c4328bcbe3447767e67b398db92ada529b814f754c28ebb8e1a4e684a47187466344"}, {0x48, 0x115, 0x8, "885e7e61ed75008c60b1f8bf4a1b5f52240ca726e2d36753cdfdae55a363aabaa9956fa278338493cbe1ae3e1d262d9f8beb82fa449f"}, {0x40, 0x29, 0x4, "54d7c821624fd89682da1d3617576e36fc80366be05d59194e524b2595d73a5664c24043f91db92d55"}, {0x48, 0xff8e8f122214cc14, 0x9, "55ef795bdf3ff592e7f5cccf3315d353d7b2e24d0f1db3ca82858104872bd89e53b8032ca24883a3e924bf41ea593bfc4a895ae8971561e6"}], 0x240}}, {{0x0, 0x0, &(0x7f0000001d00)=[{&(0x7f0000000d00)="75598b0ab98c9027e75b6f8b6abb54383d35ee93aed4ce21d4625678b5d46ba2a482cd721a29527158449609fe334a28e0558c995e4c3ca95fc0c49349fa689c3e23b3f662b34309100d8de6e4201d9743bd25c3db559cfbb91b39358997aadb31cbb777c1ed8fcb7313bfab6b9293a8d79b423db783ef0f28866c62e6e088c9516cecb4b89c544f4d5f79d5e98db13929f583a26f016738ef1bd16c45f90b830d67dcfa3fb655cea3916aa7444249ccf84d688b7c027a405825db3d50acd8dd836b60d6144e680c06197ca108a2492c70a4ff3d6e37969aecf19b094154430ac90a181d48634a6c6fda42f2d8ab0cd1ef4d813aed6960652fba020a97206f3ed71b2105f2420e47d27b851956cb31fe9a51ca63782bcb35f158f562876a5f1fb52d377057b76716d66090e5eefb65fccebf64455ee5fb0d299aad026eeb51be0663515b9cc51ed266893a050bb48578393665d451dcacc80fee65bd56eee1879c814149a33a72f582589fb79bc1ed4e74f648e4b1f1c1e4822835ed5f4728886c0a270e21fbfb56f5a3bff91b10badb64d2bc6201e0880d30f145fd795b14f79c6dcd971831fb51e4413d08f4a4786d718267695af0af1418bef0bccc50ea6faeccb5bc5979b1d0e3bbcf95e6e51b7a55b6f0f3a1f5fda72a2d471c2df42444710f7b989760091a59774fc55d181d656d19e3ae9f22818084c64978ef59e277b24ca79a8940b486fb07f4586f5a60b337f5d44e5bea4325f4e443348f774f4837ef4143bf586bc0c8d94dc132bb7f32738ce019bd67d41be159e611e975263d9a22786772002d7eb112bf6d4459458cbb50ecab4433da7fb972bc858b19eefad2c5401f61e10494237f79cf79aa271fbd8b15ef1e715c4757d8d1558c066392d04168630d0462192818323421aa6f08ddf9a3855b5da45a16ba3608f484adf8fe18c81e1644e9991bbdd8291e97f358b4c231a9edb52db56c1e77c69f9e80aa3828fa2957e9bc2227d7695c4e60f8c20bf10a6c404888d956501eb6756faf6de7426aa890f6454a06a40231a9de2d4e39f4b1eb99ff99f8352be395bf699b2acc49132264f5f02512ee6e8ebb3825dbc41bd8249c03800dacd64444054837e41f97cbe89dc3f74a3f71864cd6d9a4bfec372db07b55f257b164e28e1676c5493c8baa287d07d444f6234bbebdf546168b1b5d66d1d3655d38b31d568db3971da7dc56dfee527aacfa3f8c1251bd18884c9c28b94a2c17f5ec19e10039d8cadc4cf5fb6da7868832a7e8bebf50f20332523487c74808128cb4d61ba1207268766c2f553f4b792f0ae350bf42bd79fde62e64ed19fbc20cf987807b2e17001f8fd9f60bd4e45faaaf0e0cd612888dedf4a0810cab1a18ce3e4a5dc5c8a377e965cc33ff2b673b9e7e7d154939c62f4b143fa3a46c881903753c4ba17c8cbed6cabc078cc91d95507e3a7333d73937d70dad34b36d13140a08e303aa3bdfa5a8d4a779d8319d4dd364c97b6b2b2a21c28d9a0f8b6cde9b6a2277868db340fb1e15ce68cfc411846f4ccf002940a733db32621f3a494aff88580a3f9b3b179f6cf96233b6e6a6855a61642d0c8db0ee67ce127c2bb1c931786f913e741c8aa0064f788de0e811b6ecdfcf39da13bbb90a3d682c0eb9d47ba26a8b8ef9a734772f9e55ca9cfac77687c39f73435ffa66fe23c758da997325f9e97d9fd64b5bab73cfab6f834efbff563078014ff4d93e1fdd1beee52a4640a70287e0626219ec1fbd3609e419b07d32f7577c92e6721380c75f70b95a890c96b538b41e3dbd7428492c08c2bab072b21e331575c0137f168b8cedb1797e4a4bbd9db13ad276b9e11035a75e0a57d03632df4c5ff99cd867b3c5b1e6187926272ab4e731e09bd98eaad005b71c6223e671c679b737926d4a58097f5369c3ab7da577b295e9a9425ea77c76429f3f3a249a4779ce56733c7b31143a5753ea27920637a87211d5e8d28666de64c875c07bb7e1178a4bf62e5ff387a53e5b3d040e9d44b1c7f089810247c812558bc0a9c0988dd74cb69d7b8dbbb9b2306dcd2dd3c076bccad1139283a6001d37c9ebedd2f3280ab227097334bf6cd428ce7a12f542495a0188cda31b6bd2175b8db0cf724fea459fb2541c1f71f2bdd02c22c209e6cd721db258db89ecf6b4b004d4b8167a06f8f6dbb7bb5b56ae1a22bd7dbd6c399eaf448dc0330fef8198c195d828f959ca73c3c26064ad819141537822260e8090a4150371853d34e7c5dd4d5418a5a43ffd21f810e6eece4d74713f35669922bd68f544f568370660964970ff142ab718ab8acf2080500bdc2fe356b34943079ef1b4adfc1b1022abec6cf5a1bd8b5b81a2d49c3398756d96f24a4364e0e2f33d6fcbcb4615432e5b57694fe0ad50dd9e6ef26e2465b46567035c9f8b4902cad8291263560a74f0ef7098d7f3278e37ed834a7bc07b6196222bce01fa645d63329c273dc810c3ac4d4cbc3a8467f2c47c246ebd42d8e08398e0d030085239fddde3edd42984ba743b8fb797a2a985a85a11d2181857ff5045d14d232acda2941add4451872b8a06c632691dbdd4ede43aeea41dcbdf102bdd67c208d5802a81392cd6dcaf7f22e48b755b03f6551d65fc228a8816f14c9da4a0206659eacede585d3bdf6c38301bd6102f21b2e785cd38322809c30cf4c3f3110fc7bb4bd1c768527e0188019185b33a3a3b26e97b2254fdeb508564cfd6d49105e61cc8e74043b3836f76c14245724d0eac674a51a86cf4a65d38906d4daeafc02cfb5e52c88f34579bb1820d30dbaaa29cdaafe34944a67f85a0d13c892a47c382fe852dc5e05f951f639302c87487f444c1761b3e7bbde71d6b28034a528ba8fa3e920537764414f83f441fa996ed6c91dac8ebc6d4299a8b4fb74074266cfc85c5766afc6525e2e6aa9cfdff6e7d9a3911fcc1ca9ecc054ec5bcebf6dbee01e42fb216373f3c7771c1e64be24238f472d748cf14c7d9df2bf8cff014a15ba27dc5ff3cead81ad4e3639fde435254a4f41f7064d5d64e39f39ac78fde35f8cdadde1e21247c7cbfe83cd3fb755cb5a7e8f0b4a59c3b2c15de65368322c606b35d6134690bc769015cd6c398b69bb2df59ffc16c273e64ac9456649090bae38d4413016d0e1062389cc67096cee4f720c04025156b731a03781c018ee960be0055e51db7823bf8547ca1b1f4e775973c64408ae1af68b4fcc8b8d90098babfcb5824a46958ae46882e32af565fa1bbdb89a78e70a4a568b2395df3a987acf38df8dadc93c4efe78cf095c4a72fe4bf44efac53ad577fafa0a2610b32202b3d7e959d6e60f367c509cd5e896938439829854b2176935baefab949a16ae3c31269fdc51046acf8b5ad09afb3442ca459f344274aa896fbab32ed3b62f02314a078cec1c1057eb21ba0c01e24ce55119e168b81cc035c1220998bc74dfed8dc1ebd7d681b36dfc81108c55e871a0e98210aa9b27e9a662d52f1174e22613d57bb183944cda0c585794319cd867f66a0ea053f2b98cea541386cfca8bb348adff3bfdb0c12ec7ebef21b8b7aad8741249afa273f61400b802749d9e07187c9797b7d592c28ca2463eb24728afa1f72e6c96c32a2764dd64d54a4c0bea0fd040e62e8d6e7fa5700d8fd0464bc6a2484314f8f67a7be26d86a6f6d2dc1d14dd277a7414275da198db714cf033663d4a7a71f81400cb9addbb04ee375f562d3bbc4ec9267185158edd76fa639fd694b01d12fa343c6b1d71ad59240fdc0f0286a99a1deb8ba91470dbcde91dd8938625ea1aed989cb828ca34bb869667c091baa441283453d9803429889925a72132f4111d19195c5372ffdb8a73d01954e9cbc6a3a9fcfa9ee697281023554b72c65b392fcaf38aaa8a37714be6ddee05c65b55f6e97e45d4dbc4a210021a8d0a430904086dcaf90b1af28abd4d181c2fed04e48d7f75b5ba96c077481841f9d7828227b58d47c1a994f08890f807bd71a8bda56740d7f330f845d3985f16b31556ee1fc2e2329fbfd65cb1adb7620664a54854331a575845f4061d1bfeb0edeb5b9c369b30b81cd57898142b4dd87dd36fc8e667278a5e475115b22387c16254cc17576a0753af689f5fe558aa9042ca7f0f8f55e287e1f5975c7026283d6c167200c29dd918b0b68e8c6bc5c81f3e9bc588e9b204477f82b75f3695585c8efe5425f436e98ce67b42b5ef09342dcfcddf6f2537bce56a60be328b266b0edb5d97b40165d7fc61a5185651db3ef70b7a8507a530acb71f9af275592b57f8c03afb2775475f918b160a9cf6bbb8be9f5cf7c0daefe0344cac690773ab39a2f09dd0c686f5281aadaf60f9a596598d242feb57fde9391184abb5fd482cd284d0257812bc45cb4391702b5c696a5829a2665e04ed5bb0a2f3ce87b24bd3667f0ceee8c781f3e59e4d6c46ac0891a98cc80657e323ee70d38a9977bec6d67266782fca9e357d2a41b1c324c5eb0c6f93bb62350d0d85f765d344e89cdfc59ee656f512c224785c5cf3c4632e0376f8f44a80f3a97b46b20066525f6a0db8c60b757bd6300ad1d615030a60726414dcb7b2ac3a1074bd5d6b11fc0a102ce97cc404548dec722f7be94087e26b9bbf26371dddd4415e1f5153a57615e4143af9079a91a06f2292d9396f38553730dfc1bfc951e5af789d7bb36b0b4a34258fe16fdfc25108ede3f93c97cfac3491f77b52f7ea59976a30f222a984368909c8eba50ffa8b1477b8ecb3cc1ed327393efab09a9680ce09a5c401186d44dd6c6b84d523e57f520d5b16b9ae0eb1026f88eb72aee9e3cd4501799b48d43ccde410d3a3644a888fa8a136328d1f9a005fcede2fe820dd6ff576551d82ba18f85e4a2312a9125054dfffb88725a9a19a3a8727a55afc3d67054edfa4a2e7ca8039f237e6efa61d2a34ac0ecee5defa63954b8133dee534cca7226c346c64202295fbe63f0c7ec3817a7c110cd3a14bff78c779cf9e83640d4264a76deee7d45281c3ec925d9fde96df3728021a240281b9dc5a27a3502a8a2126da58cc26978bdc893c40ae2d87e9d6521a623ebdc1394d59bda12daf2186309ad963ad4602375afd0646a08f9e6b0d422d53d7b1ea986448cff71f8502205524600c5ebe843c428137caeb95cdf61569374f17230a3b99252a14321bb65a41ed8f6356070624ada92bec007fb07ab27d1c174aa9ddd2544dae07d34fa27678e1c2baee331ce23d2243ae55503389a5c0b9f69dbe067262b673c588f7273da09092bc45bd6bed7da106348433c3cf6aeadd1d10f993d311e38effed37993118a57f89686d9dc13a07b2095399736a49c1741df7812a1b2ef59fa191418bd10761e1e441bc3e2bc517bdd0b4a14588859eb1ab224205d7d97ab83713413949ed91479e64699e003a7fd7cf937990256bf73bdd532c990ba0a940fefcd83dfca733bd2c6e48cdee22ca2db205bb9ba3a5bc8419fb8fb19de68134241484c0fc8a5ea5d2d9fda5fec35d505a88cff424b32e5ddf34b3f5c51c1430f11cd1353683912ca25a61672fcb7a84f9d68314a43e4b2a2723023b982c290c13c66a172aabb4afc5ab8132e7ab4fe2ae025e642a3f65a59ec9b15a461137e2ee44d62e4d2f79c1d253e28b72dde79b97aaf8592488c74a30baf6bfdb666913a52e77f118c0e47625f14db787e3f586e34a65c731e24ee7fca8f26ded8008379a2a310978e09eef06d800898865521838b3f1965bc0cff9179df34678b2ecbd18dcf2184ac755435492fcc23fca0151a7ed207b6df", 0x1000}, {&(0x7f0000000800)="d7d6", 0x2}, {&(0x7f0000000840)="bcbb3b6b4d8363747c82b9831834f3f0786d85d6db059b878b83080ddba3846a5ac89bc4569b8ee085d1a62f1cfe23361d31391b3f", 0x35}, {&(0x7f0000000880)=';&', 0x2}, {&(0x7f00000008c0)="c7f6fdb2d74f3baa34a155b8d7729f5dc3fc25e4854df1ea4cb1b98adf35b502baaa489791bb2a8f809553f17bec76d25399695326fbca364d5146cd9187787861997206b370223047eb94eaf61f44d5dedacc758f2de7402cc43a666b8e9056e2e1497f7fbcdb351529b12182aa", 0x6e}, {&(0x7f0000000940)="b6d8492452424dee2b395dcfbc0dfcf100bc", 0x12}], 0x6, &(0x7f0000001d80)=ANY=[@ANYBLOB="100100000000000017010000000000005d49b1fd3a68cfa5dbabf399a858cb4de72ec3ed917a13fdb2f36fc537c3ec4f9d0b419b921414c90b173259472545e26cfe41348f13edf866184137575c88b0b20073b0dc5174028427008cbe623196b9e7e349728799ef981611a5aac824d1bd5fd5e637d4e6d8af24e8cca084cb50797bbbe2a0a26e2ed3d09316b50c52994fcb9efb2ed187d4ad8a61c876ada469ee7d06b9f3751b75ca1624f55da51942e09dd7ea73b216e44abbf11c321aa471ec32017c95684316ae7977b50ea928b23075b8b12d514516f7302abe2752d84ecf470c5cfc2173931e7ac7e96a834c319135a6c9de98f1cf1c250d7f590e64c3f4db27369578680b60a9e3c099e70000400000a00000000000000011000000d30100007171b95c942f3778a0bf5c2f2c1eb63289aea290b6ce96f305150d3ca70c2a9990fb7fe3694372584c5472d3d6e4fb94da97257abca739205aeb3d9aa3c3ba4a6c853c2fb77c2be2392f403c05ccfec6b2545523113724a75838488ea1b7c4a3075d5c9a3c02e9b39874761bd1fc1e757500"/417], 0x1b0}}, {{&(0x7f0000001f40)=@caif=@util={0x25, "382107e482fac6d95cdef6733eca5021"}, 0x80, &(0x7f0000000980)=[{&(0x7f0000001fc0)="6a81bdc64bf79f853708b1732b41c3c36236a395224f33b6b0a775d048511d3c2a2cee48d500a697470630c3c84cf6ec66472e7f5714215e768b46ac4e1edc82e693f05111752aacfaaca6a2d34a89503ac62ec0a0e89f64d59607350766780bd1a2d6ba9d72672ba5314375065baf7bd91216526d34ec5c135fe2f7c4140e1f472478d44e958df982423fc3421c018e6cc0850e249d96261832eac013f5f537c9a32b2017445d7046f2880e6ec08ccc1a1d4af941893b60fa24d02f8eacd9474779ca68f22dcd7fe0fc79a6c31b5ad4237345647ae420b5cc8eaf1e8fb6e16247cc2096b5ababe5e917db8e26ea86b6a13c9540df3563aaab9ca33239", 0xfd}], 0x1, &(0x7f00000020c0)=[{0xd0, 0x0, 0x0, "e93722f74d71213b3e1d9c312f746b10b8d65bf7e1478eb3b01e5004efd624de7b46645f062a8fc37bb9e6d02f781e1cb4bb2491c3a391d036ac8610089679eb555dd1437c829c29748d28fce9dcc2dff76294f07da3f5acb260c21d7d07a7ebdc1d2c38913732247b2489e47ec428c7a4d694802399e65d4446ed7db98c570ef477f41145a055edee576d4065aa1e8fc298d1a6e0f66994f61a878da8f7e0fbf284a7974e1face9ce97d5d2c75e6bd063fac8ca55c90392bd"}, {0xb8, 0x113, 0x40c, "de3b7edf762fd4daa9798d7426a7849e477bc099d64ebb05b1606846430a72889c67270bd4504e6e9f348360cb56a1a8a251cc2041d660e29f3037b563282af128edc0c0fc45f468c28a0e3f5a332e71197a7487ab3de9f418726d147098f9cbfb2627263a22000e4b99c32e75bd78920ccf2f00414007c9972955d6c20813bd696a2d14a2fa4fd3e79afca6ff7a41e60459f0c084c88220e5745222a357b3dfd99841d5b0f6d32e"}, {0x60, 0x101, 0x7ff, "25307cc6cb598a6d238a6d89e114dd9b5b0edb2f189ebb4296d1932c34453fffcd97ed5f57c53296e25af71abd9854970226f17d8de730f9eb1fa220c282a46b093dfe6c8fae46695678452fdc1ae52a"}], 0x1e8}}, {{&(0x7f00000022c0)=@nl=@unspec, 0x80, &(0x7f00000024c0)=[{&(0x7f0000002340)="e03ea9cd5710cd750328571ce93ccf912835f15ecc8ae4366d74d3379b217c3b39413b2cc7883e4f31c094612842f1215822bcc6ed4a0da97c365a076f60c5623d70726af256b3edcac4d4653b30d25ab50752e45edfee6cccf3b582c791fdca52fa41981bbcddd1e507ea252728ea18fc741acfa20f0f35a4ebb2663a5b8f84874ec74ee92b6d3c0cf5278cd1d21e9e4ceb62", 0x93}, {&(0x7f0000002400)="8cf1b43ced309d4aae1a859e41938ab792d9a0ccf70d2a6320847573047fdfda542154a89ae37f14affee62eff5a17c063ac63a5551b6dfc8c8512543056a8d267fcb674b03f4e27c6865ffdecc66ff917b4802d98696a045d317c57d4443da72d50880126333485daea79122c8c2060d3a8f8ce25d7", 0x76}, {&(0x7f0000002480)="84d9809397bbaf7d0edaae47e7de810e76711e9f8555e611", 0x18}], 0x3}}, {{0x0, 0x0, &(0x7f0000002500), 0x0, &(0x7f0000002540)}}], 0x6, 0x8000) r4 = open(&(0x7f0000002500)='./file0\x00', 0x400000, 0x10) mmap$usbfs(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x20010, r4, 0x0) ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000000), 0x2) [ 488.273413][T11559] keytouch 0003:0926:3333.000A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 488.502242][T11559] usb 3-1: USB disconnect, device number 20 14:24:04 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000008780)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x505, 0x0, 0x0, {}, [@IFLA_CARRIER={0x8, 0x21, 0x9}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4000) [ 489.302119][T11559] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 489.355776][T14171] netlink: 'syz-executor.0': attribute type 33 has an invalid length. [ 489.552056][T11559] usb 3-1: Using ep0 maxpacket: 8 [ 489.682258][T11559] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 489.693537][T11559] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 489.706515][T11559] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00 [ 489.715730][T11559] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 489.725951][T11559] usb 3-1: config 0 descriptor?? [ 490.024660][T11559] keytouch 0003:0926:3333.000B: fixing up Keytouch IEC report descriptor [ 490.038101][T11559] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.000B/input/input17 14:24:05 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) socket$tipc(0x1e, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="6e61853100022200000100000000000200000000e4dbb67487e9010400ffffff6f00000000000000001b2300000503000018030000cc000000ac010000000000001004d1e00900000000080000f34f8dfac0dc1695c4f8000ae7b8bbb76cab1004000010040002d32379b87c5a00000000469a2246d81751c2f2d3c00f3f72e211777424c9814f1f852110e5d4820b060000006b63012812d04b94d660aab341cfe8d68c22b866cd445d5d0f4d6715ba085900323e000006700000d1c7cfd3f37bbf2c96b98714748223b678487412db8874e0"], 0x1) 14:24:05 executing program 1: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x8, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername(r1, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000100)=0x80) lsetxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.opaque\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x2) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000200)='/proc/capi/capi20\x00', 0x10040, 0x0) getsockopt$inet6_udp_int(r2, 0x11, 0x65, &(0x7f0000000240), &(0x7f0000000280)=0x4) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer2\x00', 0x200000, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000300)='yeah\x00', 0x5) ioctl$VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000000340)={0x33d846c4, 0x34325842, 0x2, @discrete={0x3aa, 0x1f}}) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x200000, 0x0) getpeername$packet(r4, &(0x7f00000003c0), &(0x7f0000000400)=0x14) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) r5 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000440)='/dev/qat_adf_ctl\x00', 0x14002, 0x0) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000600)={&(0x7f0000000480), 0xc, &(0x7f00000005c0)={&(0x7f0000000500)={0x84, r6, 0x10, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7fffffff}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2c, 0x2}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x17}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e20}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1e}]}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x4008850}, 0x800) r7 = openat$cgroup_ro(r0, &(0x7f0000000640)='cpuacct.usage_user\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000740)={0x0, 0xa0, &(0x7f0000000680)=[@in={0x2, 0x4e22, @multicast2}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e23, @empty}, @in6={0xa, 0x4e20, 0x7fff, @mcast2, 0x80000000}, @in6={0xa, 0x4e23, 0x0, @local, 0x7724}, @in6={0xa, 0x4e20, 0xe6c, @loopback, 0x587c4ee2}, @in6={0xa, 0x4e23, 0x9, @empty}]}, &(0x7f0000000780)=0x10) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r7, 0x84, 0x23, &(0x7f00000007c0)={r8, 0x67a}, 0x8) r9 = creat(&(0x7f0000000800)='./file0\x00', 0x10) ioctl$VFIO_SET_IOMMU(r9, 0x3b66, 0x6366cd4b864385d6) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f0000000840)={{0x6, 0x2}, {0xff, 0xf8}, 0x9, 0x1}) ioctl$USBDEVFS_DISCSIGNAL(r4, 0x8010550e, &(0x7f0000000900)={0x9, &(0x7f00000008c0)="25efc35783ff33200e7c47a7a8a1eaa8d29bc5e1df2f86f0ce36d03e44"}) r10 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000940)='/dev/video2\x00', 0x2, 0x0) ioctl$VIDIOC_LOG_STATUS(r10, 0x5646, 0x0) r11 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000980)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_OVERLAY(r11, 0x4004560e, &(0x7f00000009c0)=0x1) r12 = accept4$inet6(r5, &(0x7f0000000a00)={0xa, 0x0, 0x0, @local}, &(0x7f0000000a40)=0x1c, 0x0) ioctl$sock_SIOCOUTQ(r12, 0x5411, &(0x7f0000000a80)) r13 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r14 = syz_open_dev$sg(&(0x7f0000000ac0)='/dev/sg#\x00', 0x9, 0x20) ioctl$LOOP_SET_FD(r13, 0x4c00, r14) 14:24:05 executing program 0: r0 = socket(0x10, 0x803, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000140)=@hci, 0x80, 0x0, 0x0, &(0x7f00000024c0)=""/129, 0xcd}, 0x0) process_vm_writev(0x0, &(0x7f0000000b80)=[{&(0x7f0000000900)=""/124, 0x7c}], 0x1, 0x0, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000740)=[{&(0x7f0000000600)=""/164, 0xa4}], 0x1, 0x0) sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) process_vm_writev(0x0, 0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000c00)=""/251, 0xfb}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) preadv(0xffffffffffffffff, &(0x7f0000000980)=[{&(0x7f00000007c0)=""/108, 0x6c}, {&(0x7f0000000300)=""/14, 0xe}, {&(0x7f0000000840)=""/96, 0x60}, {&(0x7f00000008c0)=""/64, 0x40}], 0x4, 0x0) sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) ioctl$DRM_IOCTL_GET_STATS(0xffffffffffffffff, 0x80f86406, &(0x7f0000002580)=""/4096) clock_gettime(0x5, &(0x7f0000000280)) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000000)={r5}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f00000009c0)={r5, @in6={{0xa, 0x4e24, 0x3, @local, 0xffffffe0}}, [0xfffffffffffffff7, 0x6, 0x1, 0x8, 0xfffffffffffffffe, 0x401, 0x52c, 0x7, 0x9, 0x6, 0x7, 0x8000, 0x20, 0x80, 0x5]}, &(0x7f00000002c0)=0x100) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000780)={r6, 0x8}, 0x8) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x14b}, {&(0x7f00000000c0)=""/85, 0xb}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/120, 0x6c}, {&(0x7f0000000480)=""/60, 0x3dd}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x40d}, {&(0x7f0000000340)=""/22, 0x16}], 0x161, &(0x7f0000000600)=""/191, 0xbf}}], 0x40000000000020a, 0x0, &(0x7f0000003700)={0x77359400}) 14:24:05 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$CAPI_CLR_FLAGS(r1, 0x80044325, &(0x7f0000000000)) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:24:05 executing program 4: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4008ae89, &(0x7f0000000080)={0x3d, 0x0, [0x200000003a, 0x1]}) 14:24:05 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23}, 0x1c) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7c14}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) listen(r0, 0x10001) r1 = socket$inet6_sctp(0xa, 0x800000000000001, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0xff00, @loopback}], 0x1c) [ 490.118699][ T32] audit: type=1804 audit(1571495045.165:143): pid=14178 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/153/file0/bus" dev="ramfs" ino=41879 res=1 [ 490.157338][T11559] keytouch 0003:0926:3333.000B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 490.229147][T11559] usb 3-1: USB disconnect, device number 21 [ 490.518480][ T32] audit: type=1804 audit(1571495045.565:144): pid=14187 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/153/file0/file0/bus" dev="ramfs" ino=42227 res=1 14:24:05 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$inet6(0xa, 0xa, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000140)=@fragment, 0x8) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) r2 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080), &(0x7f00000000c0)=0x4) sendfile(r0, r2, &(0x7f0000000040)=0x100060, 0xa808) 14:24:05 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:24:05 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x0, 0x2) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000054c0)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff00000000080001007366710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef6700"/96], 0x74}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=@newtfilter={0x44, 0x2c, 0x701, 0x0, 0x0, {0x0, r7, {}, {}, {0x3}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x14, 0x2, [@TCA_TCINDEX_HASH={0x8, 0x1, 0x106a}, @TCA_TCINDEX_MASK={0x8}]}}]}, 0x44}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000140)={'vcan0\x00', r7}) r9 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r9, 0x29, 0x22, &(0x7f0000000180)={{{@in=@multicast2, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, &(0x7f0000000280)=0xe8) fstat(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r12 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r12, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SG_GET_RESERVED_SIZE(r12, 0x2272, &(0x7f0000000540)) r13 = accept(r2, &(0x7f0000000580)=@l2, &(0x7f0000000600)=0x80) sendmsg$nl_xfrm(r13, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2121000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)=@getpolicy={0x15c, 0x15, 0x2, 0x70bd27, 0x25dfdbfe, {{@in6=@remote, @in=@rand_addr=0x1, 0x4e23, 0x96d, 0x4e20, 0x0, 0x2, 0x80, 0x20, 0x3c, r8, r10}, 0x0, 0x3}, [@ipv4_hthresh={0x8, 0x3, {0x7, 0x13}}, @policy={0xac, 0x7, {{@in=@empty, @in6=@empty, 0x4e21, 0x517, 0x4e21, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, r11}, {0x43d, 0x8, 0x1, 0xffffffffffffffc1, 0x100, 0x400, 0x0, 0x9}, {0x1, 0x1ff80000000, 0x1, 0xe8}, 0x2, 0x6e6bbd, 0x3, 0x1, 0x7, 0x1}}, @policy_type={0xc, 0x10, {0x3}}, @encap={0x1c, 0x4, {0x68186706f4f39fd2, 0x4e22, 0x4e22, @in6=@dev={0xfe, 0x80, [], 0x22}}}, @mark={0xc, 0x15, {0x35075d, 0x7}}, @ipv6_hthresh={0x8, 0x4, {0x0, 0x12}}, @encap={0x1c, 0x4, {0x4fa820756a275034, 0x4e21, 0x4e21, @in=@empty}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x2000405}, 0x2ed52a939e1f3a63) ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000080)={0x4, 0x40, 0x1ff}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x13, r0, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f00000000c0)='.\x00') 14:24:05 executing program 1: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c) listen(r0, 0x5eb857) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(r2, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) creat(0x0, 0x0) ioctl$ASHMEM_GET_PROT_MASK(0xffffffffffffffff, 0x7706, &(0x7f0000000040)) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r3 = getpid() r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_TRY_DECODER_CMD(r4, 0xc0485661, &(0x7f0000000080)={0x4, 0x1, @stop_pts=0x5}) ptrace$getregset(0x4205, r3, 0x0, &(0x7f0000000000)={0x0, 0x10}) sched_setscheduler(0x0, 0x5, &(0x7f00000002c0)) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x353, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$swradio(0x0, 0x1, 0x2) sendmsg$inet(r1, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0) sendmmsg(r2, &(0x7f0000000c00), 0x4000000000001e6, 0x0) r5 = add_key(&(0x7f0000000100)='rxrpc\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) keyctl$instantiate(0xc, r5, &(0x7f00000001c0)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'trusted:', '/dev/kvm\x00', 0x20, 0x5e913a09, 0x20, [0x31, 0x31, 0x0, 0x39]}, 0x3a, 0xfffffffffffffffd) [ 490.962432][ T32] audit: type=1804 audit(1571495046.005:145): pid=14209 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/154/file0/bus" dev="ramfs" ino=41915 res=1 [ 490.984197][ T32] audit: type=1804 audit(1571495046.035:146): pid=14212 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/154/file0/file0/bus" dev="ramfs" ino=41918 res=1 14:24:06 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$sock_ifreq(r2, 0x300000200008990, &(0x7f00000000c0)={'bond0\x00\x00z\a\x00\x00\x00\x00\x06\x00\x05', @ifru_names='veth1_to_bridge\x00'}) [ 491.130659][T14220] bond0: (slave veth1_to_bridge): slave is up - this may be due to an out of date ifenslave [ 491.157446][T14217] netlink: 'syz-executor.0': attribute type 2 has an invalid length. 14:24:06 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) r1 = socket(0x2, 0x3, 0x7) connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10) getsockopt$sock_buf(r1, 0x1, 0x1c, &(0x7f0000e530e9)=""/16, &(0x7f00000001c0)=0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @ip6gre={{0xc, 0x1, 'ip6gre\x00'}, {0x14, 0x2, [@gre_common_policy=[@IFLA_GRE_ENCAP_DPORT={0x8, 0xc}], @gre_common_policy=[@IFLA_GRE_LINK={0x8, 0x1, r4}]]}}}]}, 0x44}}, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000400)=@report={0x230, 0x20, 0x100, 0x70bd27, 0x25dfdbff, {0x0, {@in=@empty, @in6=@loopback, 0x4e23, 0x20, 0x4e20, 0x8000, 0x0, 0x80, 0x140, 0x2b, r4, r5}}, [@algo_auth={0x114, 0x1, {{'sha224-avx2\x00'}, 0x650, "47310c336c6217a7ba9340369dae4ccede788c7497b4ee18ef67b49e8471a6b4a10980df28f7e4bea97d9548a26bcd6725b8472c0d9e7396408d6876bd8c35181b7999d5e48bfc5dc902aeb75b1c59e70d236777a2eee97bdb86c71d0246d4ef12a2f9f4227f12e8862788ba8aff269a088e64d3f220d681aef008e25d2c08125f66d2c5df3ab780f096066be10bd6e78c1d7a958038066d46ed967bc742aa0f5c135c787340787a802207cf37bedda30a57e3e44a23f9a02c2e96bd6461502ef62f89767715e73e9f35"}}, @algo_auth_trunc={0x6c, 0x14, {{'wp384\x00'}, 0xf8, 0x0, "31f2ae94281c7c993d01169cfb0a9b3d1af50ab43a9b5d1272887143389f15"}}, @algo_aead={0x64, 0x12, {{'authenc(sha3-512,ctr(camellia))\x00'}, 0xa8, 0x100, "f25fe45c182b394967e1fbc7b0a0c4a658da746611"}}]}, 0x230}, 0x1, 0x0, 0x0, 0x834c9fed93b9419f}, 0x40) chown(&(0x7f0000000000)='./bus\x00', r5, 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:24:06 executing program 5: perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000040)={0x0, 0x0, {0x100, 0x9, 0xf7d, 0x5}}) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000c34000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000291000/0x400000)=nil, 0x400000}, 0x0, 0x6000000}) ioctl$VIDIOC_DQEVENT(0xffffffffffffffff, 0x80885659, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r2, 0x40045731, &(0x7f0000000180)=0xecf) 14:24:06 executing program 4: socket$netlink(0x10, 0x3, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/autofs\x00', 0x430000, 0x0) ioctl$MON_IOCQ_RING_SIZE(r4, 0x9205) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r7 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x27fff, 0x2) ioctl$int_in(r7, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r7, 0x40045731, &(0x7f0000000340)=0x2) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000054c0)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r6, @ANYBLOB="00000000ffffffff00000000080001007366710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef6700"/96], 0x74}}, 0x0) ioctl$NBD_DO_IT(r0, 0xab03) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=@newtfilter={0x44, 0x2c, 0x701, 0x0, 0x0, {0x0, r6, {}, {}, {0x3}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x14, 0x2, [@TCA_TCINDEX_HASH={0x8, 0x1, 0x106a}, @TCA_TCINDEX_MASK={0x8}]}}]}, 0x44}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_getnetconf={0x1c, 0x52, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@NETCONFA_IFINDEX={0x8, 0x1, r6}]}, 0xfe22}}, 0x0) [ 491.288226][ T32] audit: type=1804 audit(1571495046.335:147): pid=14228 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/155/file0/bus" dev="ramfs" ino=42300 res=1 14:24:06 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, 0x1c) listen(r0, 0x4000000043) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f000087dffe)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r1, 0x2) r2 = accept4(r0, 0x0, 0x0, 0x0) shutdown(r2, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0xb000) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x98) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0) [ 491.403367][ T32] audit: type=1804 audit(1571495046.405:148): pid=14230 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/155/file0/file0/bus" dev="ramfs" ino=42309 res=1 [ 491.512390][T14239] netlink: 'syz-executor.4': attribute type 2 has an invalid length. 14:24:06 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f00000001c0)) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./bus\x00', r2}, 0x10) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r1, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 491.916289][T14239] netlink: 'syz-executor.4': attribute type 2 has an invalid length. 14:24:07 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x0, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x0, 0x2) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000054c0)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r7, @ANYBLOB="00000000ffffffff00000000080001007366710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef6700"/96], 0x74}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=@newtfilter={0x44, 0x2c, 0x701, 0x0, 0x0, {0x0, r7, {}, {}, {0x3}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x14, 0x2, [@TCA_TCINDEX_HASH={0x8, 0x1, 0x106a}, @TCA_TCINDEX_MASK={0x8}]}}]}, 0x44}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000140)={'vcan0\x00', r7}) r9 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r9, 0x29, 0x22, &(0x7f0000000180)={{{@in=@multicast2, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@initdev}}, &(0x7f0000000280)=0xe8) fstat(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r12 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r12, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SG_GET_RESERVED_SIZE(r12, 0x2272, &(0x7f0000000540)) r13 = accept(r2, &(0x7f0000000580)=@l2, &(0x7f0000000600)=0x80) sendmsg$nl_xfrm(r13, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2121000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)=@getpolicy={0x15c, 0x15, 0x2, 0x70bd27, 0x25dfdbfe, {{@in6=@remote, @in=@rand_addr=0x1, 0x4e23, 0x96d, 0x4e20, 0x0, 0x2, 0x80, 0x20, 0x3c, r8, r10}, 0x0, 0x3}, [@ipv4_hthresh={0x8, 0x3, {0x7, 0x13}}, @policy={0xac, 0x7, {{@in=@empty, @in6=@empty, 0x4e21, 0x517, 0x4e21, 0x80, 0x0, 0x0, 0x20, 0x0, 0x0, r11}, {0x43d, 0x8, 0x1, 0xffffffffffffffc1, 0x100, 0x400, 0x0, 0x9}, {0x1, 0x1ff80000000, 0x1, 0xe8}, 0x2, 0x6e6bbd, 0x3, 0x1, 0x7, 0x1}}, @policy_type={0xc, 0x10, {0x3}}, @encap={0x1c, 0x4, {0x68186706f4f39fd2, 0x4e22, 0x4e22, @in6=@dev={0xfe, 0x80, [], 0x22}}}, @mark={0xc, 0x15, {0x35075d, 0x7}}, @ipv6_hthresh={0x8, 0x4, {0x0, 0x12}}, @encap={0x1c, 0x4, {0x4fa820756a275034, 0x4e21, 0x4e21, @in=@empty}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x2000405}, 0x2ed52a939e1f3a63) ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000080)={0x4, 0x40, 0x1ff}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x4, 0x13, r0, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f00000000c0)='.\x00') [ 492.259121][T14253] netlink: 'syz-executor.0': attribute type 2 has an invalid length. 14:24:07 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c) sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0xc100) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x80, 0x0) ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f00000000c0)=""/173) write$binfmt_aout(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00\x00['], 0x10) 14:24:07 executing program 4: unshare(0x40600) r0 = socket$inet6(0xa, 0x40000080806, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x8}, 0x1c) ioctl$KVM_SET_TSC_KHZ(0xffffffffffffffff, 0xaea2, 0x366) ppoll(&(0x7f0000000200)=[{r0}], 0x1, &(0x7f0000000240), 0x0, 0x0) 14:24:07 executing program 2: r0 = socket$inet(0x2, 0x2000080001, 0x84) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, 0x8) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x2}, 0x8) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f00000001c0)="d6ab2e23051caaaaf59585c6fbbc969d8aa951bcb231138809f64eccd9ccfb6cd65e9e3456c5995087e41e63daa39eed23913e6bb2b74ad6c9da5eae2533ba78412f184f09246b3197502f4a5ad464d80d4f77421a6f1a0508261b4d102cf5f20e0bda33c1b552761f723618fa8bc6c7ba57afd548c2977bf6479ad91748b1555ed8f30927659317e53c76b8b5fbd97342a5745323e633e1cad27ce9b1efb91e846c933d9720e7854af3a283d3a467e6d6c974064d01eeb053b6bb4621ac02614371a93269957f8ac3aa815970a5a868f2df02997ce605e926c3a9384e28bfd2613bf5a0b5c738898b9927fbeb") sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000000140)=@nl=@kern={0x10, 0x0, 0x0, 0x40000000}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000000c0)="b1c0fb303429d0cd9f69055ae12b34ecd7b7497250f207ba6114e50b108a350d6ee437992d52fe636d06e90f9cf5ef0fb85e", 0xf}], 0x1}, 0x44000) r2 = socket(0x2, 0x3, 0x7) connect$inet(r2, &(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10) getsockopt$sock_buf(r2, 0x1, 0x1c, &(0x7f0000e530e9)=""/16, &(0x7f00000001c0)=0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @ip6gre={{0xc, 0x1, 'ip6gre\x00'}, {0x14, 0x2, [@gre_common_policy=[@IFLA_GRE_ENCAP_DPORT={0x8, 0xc}], @gre_common_policy=[@IFLA_GRE_LINK={0x8, 0x1, r5}]]}}}]}, 0x44}}, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000400)=@report={0x230, 0x20, 0x100, 0x70bd27, 0x25dfdbff, {0x0, {@in=@empty, @in6=@loopback, 0x4e23, 0x20, 0x4e20, 0x8000, 0x0, 0x80, 0x140, 0x2b, r5, r6}}, [@algo_auth={0x114, 0x1, {{'sha224-avx2\x00'}, 0x650, "47310c336c6217a7ba9340369dae4ccede788c7497b4ee18ef67b49e8471a6b4a10980df28f7e4bea97d9548a26bcd6725b8472c0d9e7396408d6876bd8c35181b7999d5e48bfc5dc902aeb75b1c59e70d236777a2eee97bdb86c71d0246d4ef12a2f9f4227f12e8862788ba8aff269a088e64d3f220d681aef008e25d2c08125f66d2c5df3ab780f096066be10bd6e78c1d7a958038066d46ed967bc742aa0f5c135c787340787a802207cf37bedda30a57e3e44a23f9a02c2e96bd6461502ef62f89767715e73e9f35"}}, @algo_auth_trunc={0x6c, 0x14, {{'wp384\x00'}, 0xf8, 0x0, "31f2ae94281c7c993d01169cfb0a9b3d1af50ab43a9b5d1272887143389f15"}}, @algo_aead={0x64, 0x12, {{'authenc(sha3-512,ctr(camellia))\x00'}, 0xa8, 0x100, "f25fe45c182b394967e1fbc7b0a0c4a658da746611"}}]}, 0x230}, 0x1, 0x0, 0x0, 0x834c9fed93b9419f}, 0x40) stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) r8 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0, 0x0}, &(0x7f0000000400)=0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fstat(r10, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) keyctl$chown(0x4, 0x0, 0x0, r11) lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f00000002c0)='system.posix_acl_default\x00', &(0x7f0000000440)={{}, {0x1, 0x2}, [{0x2, 0x3, r6}, {0x2, 0x0, r7}], {0x4, 0x4}, [{0x8, 0x2, r9}, {0x8, 0x6, r11}], {0x10, 0x8}, {0x20, 0x4}}, 0x44, 0x3) 14:24:07 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffe000/0x1000)=nil) 14:24:07 executing program 1: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x7, 0x8, 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000040)=0xd511, 0x4) get_mempolicy(0x0, 0x0, 0x0, &(0x7f00004df000/0x4000)=nil, 0x3) 14:24:07 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$LOOP_GET_STATUS64(r1, 0x4c05, &(0x7f0000000140)) r2 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f000014f000)={0x0, 0x281, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x4}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x4000040) setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, 0x0, 0x0) [ 492.767344][ T32] audit: type=1804 audit(1571495047.815:149): pid=14276 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/157/file0/bus" dev="ramfs" ino=43060 res=1 [ 492.789555][ T32] audit: type=1804 audit(1571495047.835:150): pid=14279 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/157/file0/file0/bus" dev="ramfs" ino=43069 res=1 14:24:07 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) move_pages(0x0, 0x5, &(0x7f0000000000)=[&(0x7f0000001000/0x4000)=nil, &(0x7f000000d000/0x2000)=nil, &(0x7f000000d000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil], 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfd77e4ef05f7e1, 0x0, 0x0, 0x35a) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) sendmsg$alg(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="530861b124826e6fa61bb2d3fcf9134cd4c46cdeb32415cab16f", 0x37}], 0x10000000000003e2, 0x0, 0xfffffffffffffe8a}, 0x140) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x0, 0x0, 0xfffffffffffffff6) ioctl$KVM_NMI(r2, 0xae9a) r3 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0x3, 0x40) getsockopt$inet_dccp_buf(r3, 0x21, 0xf, &(0x7f0000000140)=""/6, &(0x7f0000000180)=0x6) ioctl$KVM_RUN(r2, 0xae80, 0x0) 14:24:07 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') mount(&(0x7f0000000240)=ANY=[], &(0x7f00000000c0)='./bus\x00', &(0x7f0000000280)='iso9660\x00', 0x20, &(0x7f0000000000)='ramfs\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:24:07 executing program 5: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x40000, 0x0) ioctl$BLKFLSBUF(r0, 0x1261, &(0x7f0000000300)=0x1000) socket(0x10, 0x80002, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) exit(0x5) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0xfffffff0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@getstats={0x0, 0x5e, 0x4, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, r4}, ["", "", "", "", ""]}, 0x48}}, 0x0) r5 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[]}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000105c02125e840169debe3e58002c000107", @ANYRES32=r4, @ANYBLOB="1300f0ff0000000003000000c6ff01007533320004000200"], 0x30}}, 0x0) r6 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000002c00)={0x1, 0x9, [@local, @local, @random="a75ebe288de6", @local, @dev={[], 0x13}, @dev={[], 0xe}, @random="1683213d2618", @dev={[], 0x16}, @remote]}) r7 = dup(r6) sendmmsg$alg(r7, &(0x7f0000002c40)=[{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000340)="6c9e1002b05f49964ea91564eb88a29925fa8c7e4067739bad6d85c1"}, {&(0x7f00000003c0)="aabe006dca734fe3847abecf59ba7676210eccb4dbfb57f4479c92786e2d90fd1c0602c695dd183a46bbb0dcf7541ddee8dd531fb1e2070d2000918e13990f2919a2cdc1eab58e1bb2efca3f02207f1270d38049e385f15b63635d65255f4fa97f680cbb29a689d1b64c2983c8ed786a8ea3abea693f98883d48198eb4"}, {&(0x7f0000000440)="0c1da32f1ee2d8027515a7739e438566e9e6b5470dc84276981cc58ac3cca8538376bf5ed0338c3e683768c981c8d467bdfee6d46d6c56e841e8d0f354619135816710671e983cd9adb9db68794ef3ab58261708aaf26c4361331c35b5eec77e4f131fb9d5f241590d53b1cfb286ac40727f32670af4a88cc4857743a4d5f8c23118127401e14863d1da41855d4d3125d7726eb634b7d77baba6e3890b8ca989cd832c209d7aa4a91d9226587772f6"}, {&(0x7f0000000500)="8f99547d8c89a6a3d6ff2e44b95b7913c1f958bda1d556d38eb80b73f38460db46bbe5edffa81b5d37487d07be8f2b0bc3ad32bcafaa0f319af8594dac505501b6706222ed21a2da4ac019e674cac15fb6713dce92e34cdc67892820596c3d77004667317525efb60f13f019431b80fa82f04bcbca3d9143a2b8bffc51fb32bc85cbb8da6c55"}], 0x0, &(0x7f0000000600)=[@iv={0x0, 0x117, 0x2, 0x0, "1759d3fa80a381799ac2a73f08ad60d7cf164be041fb0343a676421e5cba8f000f269b90b140e886a667d7bc04aa5c805b29bac510513f8f7af95c490bd8550b96567712833564921f56739d9f9de7b1cdfcba23382fa668960ae9bedbb9761a675c7e3d21320ac96957e952034d8ef21d4df95cd40e1772c180a25ed01823897c12d06d96914ab4c722d84fb83beab6e75380739f3f3abf303d82c35950d124f19e436048112e34d083"}, @op={0x0, 0x117, 0x3, 0x1}, @op={0x0, 0x117, 0x3, 0x60fcb1c03971931c}, @op, @assoc={0x0, 0x117, 0x4, 0xfffffff9}, @op, @assoc={0x0, 0x117, 0x4, 0x1ff}], 0x0, 0x900}, {0x0, 0x0, &(0x7f0000002a00)=[{&(0x7f0000000780)="b3ee014465763c262da1eea8c7170fa6d0643f77ae7242ab23a2f38fa2416f14a5fd7fe5e9e31901d80ac0cebc54df87dc33ef0f60dddc451c8ce992fbfd1466f80d50d8be082afc3e839c47c77704d3de9f7923e185cbcee230c5128da0297353555de7f0a2ba7b613f4491f4ff79e64e63cb8a56c7e34144c4c42755086ac5bf839546cc24760dca8a0687b93c55716c601916aa0159cccfd4542d829fd0caee9203d5a086f2408ba850925c11e379196b92e8a12182220217c449b69d024ac810b2177dc806b07c2a0663381cac7e4c63c9185d194d33cf896df9217c1b4f1a4ee6f11cc9da0403d6b353e486ce913e71680fd725f6193286729676ee16bcaa4d55c61ed8fc9e68854c027319f1fe56bfb2af762226e7355f3ce60214c460fbd21aafdad05f634efdedb4a988b639d605b3f122b876fc4db4724af7ddae4cc55434367692530234d39bfd8214412fe7f38f412389d2688e82255406c4c900069a2445dcbcf12198ee0a190937b783474ed500686a3c7c22a147f1f2ccce8f322fa5c68e996e5a8462207eb6551790605034d62f52cbdde4878fb1e439977f2c31716a553a7b522918df2c838e3526410115393933a549b42947ed7a0ddee0333ca3c28e09b88d0bc1f37dbfd0055fc90631e52147315d9ace2e54f12b3afa77a838d830d0dbcdd52e5a861dabf82e2088e4773bd190fddc528fef3e9b6e2112b110a8499755339cf5e0c2679bdfb4000b9666f552a880c142b2dd056797d19c4e7f515700d31d2ed709460ced5f8cb7529a66fe552e9340a2b42fc9e04d14e1eb841b45679428e02b1fed6d2f28205bd08d1f326cdf7b17eec9ad30f23ff51ee937f4b760b0000a7d2aed6c166a99644512d3b71e6814c38c7eac5a784c5d80c633bfe4826b1587e3700446d253abc2223e06a46bde8be66ef51b7ccbbc0f9eb128f3df594f096080ce5628e80d761ea65552ef21085e83ee2b6cccac02897b9ee806dbf4ae0788f8ba3becf3f42d43fec7f98a714bfc51d0e949852996c4e25f4dfd099854fce8a055e791479da65b90bfe2d9899caaa12a5bdd25ed75e7c0235d85fd2e121ca52ce4eb002114878da59ab1c9cbba584b603e965f6ae5a8c4b223142ffb0325aac8a5eafab2e6e4356667dd6ba433a2a79cd02bc2273c7ada9e44b730d959316af3f599b598728b8549fa5c403b81c6af52c195db83ecd36eb197abf72f0b470064f03dc622f196b4d098ad17de48e65f46642d023076656c7ef5eda41682b612b140283511b2226334b856775a7fb9caf92d67e2f41e18fff658b598f76d135e826b782fbdfaa4032ef24c7db2c2dd8b86d5d51bf1e8141043eb310ee143a04d8e0734a4842f49d7519f51701870d1a9d0eaad08bb82275ce8c55592f8cbcf5f714ea09f9dbaf61517357c4fd576398477513a2129c6c9d8ccfb151c54dcc5c28156df6b5b13b6e8d55d97b8a377c645ed1a5ff9df0148c3306728bb8259c51a3edefe6764c9afaff697455b61599df3d91d971634ac5d8c6d3e97ad467209d00222eed6bb565d02bf157f88c0d63584f9e3333423ba843d95f244f4966e1dbc8f142930bb38ecde04188cfda0afcd8ab241f6a55ef48de43422f0aeeafb76bd698d701a62bd2eb807e5f442d2aac258c7e00a088225930ee74ffdbd0b825fe4e9e69b970a157ae98c168b2277728501282f9c6a6fb2198d3a23aaad2db2cc5bb67342eb858b4c592316a25076f6072ccc3b62adf0e2b0100b1083d3db2ef7b419d4307f5b6645499bef69c07184b23d548dcb6b5bac58a73e0a15d69fdfd7ba52ce7a222e9fe56f2d1feb3625b35fb4edee228b6ee58f55d1dc398b67abffbf00290652ee0d45468b2af19a067eaa9603886427fd29ac0efcf4a1ddb05d413d49c0aedeb3da07ee4c4f17214af014332cdf48db4ca21681604513ad9add7c6269e4e45449ab4829d747bc0faeeeb97efa2574941663fd9e0218478800c55a952f9d3ba88b4229f34c118d95e28da3128e95509857dc98ccfcbe15cd9b0414b64e6096a37a0dabdd094490383ed231b2a67ec21f83dd832c80370dba2ebf73e9f265f5be5c0567ea25e83a88f5131213bfe4767362eaf8cb4f10bab9d32d09b86df47073601345e5c86287dd5394f8f1e281b6259d74663ca15187602e84e234a9cdbd8966ffaf879a8a87c7987c6a5d8f28e96c0b42af285b5f2ecd79c500eebb2292a7bbb7bce0f4224c51fc3855cfa9ad31c1d515692e0be1bdea66d6dd1ce5a32701e2f43fc34479437654e9e1b98f83e1d7a57cb2d3ea616c6cfd10b395890c4ba4ef038becdef7feb72460236a7cc8dec356916f7891ff023e697408f85df98dd95ec512f3354773a9e19eb834b3c7b47054e8cf9631e3bfd307eb5ea5357c6b0beeb5de57e27b46d6a4d1890d9a8195b95efe4a40cf4d3826a75c8ec0c6d0af7d5770bc87440c35ad6afb49262be80a53b3e9e99b0c159625846cd17ca030ffd83090a3ffb043528d639586d09878fcf398f3222d34c61f9360b279e1d87e19c03a185df2522c74fed3b3860b6345382c3b7f8deaaa4437b57965d721d1d2136ef8579cd33ffeb0a5c381f2cd291dd083896bc8c8f177f6287ff4ed6ea4da2c8d281a5e051d75a22e6e181332aab00f83ae3b9c7dce594fe2552ba334870aa610768aece0f3d597911f5dc4a183ac97b9897f585cc91783656324202394821bccd09bd8faa3829a09bc130a0c80c1218b030ad40fe7d625240623db02f461a5674a5cd71be6480409c41b1f8b847d58b8ae05363e9df529e1b32133f2f27ed6de65a62822888b5de61561da89e63b64c5e1540ebea08c953573c59179c467909695dcdc36ac9aab78b3277f5f11f0c856b4c85c9fbdc611ee91774cd4312e1b760143d02b71c4ff5e6592651f609a9d9d9ebd44dd2a60e7a2be469d797159039431a269b2d2e4cc2dc98b79970547457559f022ece3fab783d2cd3960c19a913097ce50902a785549bd78e5d0f05bffca018e570056a4d6d0b3504dbd00673975825ec236085520e85fc088335c7076b15326b3474021a21157204b7fc316545270455f4c7f1569809eb8f4cad1c544f0e13ac9e3db606c00df9a30efb0a7c3037f42ce19882b4c790de8dc6b85d6394ae4fd2fc17c53b4021977b1a997cf2147bb3af214369bad4e42d68bafbbd0412c6fd41fba218bc9c65a1d5938827414c28bf4484405143576d42cf9444078d7e57f64730e196c6db26412cdb4db7cfcb70c93203e1b049cb5bf1b85e656c6e87a754c84a079aaeba6bbf3522bef1018f50d5a4588ea5f0d519e076dc8617cadb77e1b3d76c8690a50999a0719c7051f7506fcefd33036871b19599dd1d8bd8d2923b9fb85574a0cb5fc365abd4e0a1b39e25f81aa2ccba3aa843a5cb102389475f50f486c7a400b9a4e37e15a0570df6e08f0faf246f0c666924aed749d939addbe380e51c4753ee9748b2798a4fe536d0b403fe7597d8fdb19f3cddaa0bf2b723e1bbf9c72d80ea2a5b01d63752ce7b0d5d0de239714e5d45fdd1834562f89abc61396bb2bb900107262fa1f31d69c12c847cfc23cbc9486da652adaf9a3ff17cd5f032f1a2b383c99af2eeea5e6df214156805a571e7632ce849d52323435abbc42d2bd3445e550d6f20e77642ca54d209e6e0d2bd6900008967c396653d5f94a1c18e5157f9580162f813130f21243945a51ea1073e2bd7818f9190a905cd43d629cad9941241993652ecf00f4348f6df4e56d4a56a971476156ba58eca7baf6263dab0a136d61f021b3cd0a05cdc5185ec21b51466dd426c7cee7a14be6395f2bdddeecfd749833ccabae0f2ec431ac0fc938c919befb615a5b18f3a3c855fc6240968b2f4e422c67b0cd42d935add00151c8f293c16e622de47ad4ecdd3bd788181e4439263df4aa5ddc4baa82f9f0266015d1943a9ec9672ccce576c67e4d922bab22a9bd73210a54da82bda77e599b788c5b67a44525751bb4c5df31c31f7118fcad0c208fa9802e3522547bf0e5ae560858e293272762a1c947a65914223f589098f59deb1e61ceffae7b1661ed92601ef94af669ad1073c2a907d791a807696b577e2647cf46cdd595074768685ea1b8b236f7e434184c8495e86eaadbf2945e1735fc64659a8d45ca70e1b5143baf280b18650b695eea1549b8bd4be156d58b845b97066e2ee196ecc1c0ec364fff0d1474198df2d19d836c9d58e8eaa8952082d6ceba32bb18aa220fddabb47d0c6c612ed9d27c8818b206d64e2abd196dcb08fd2d0fa54488eaeab45ae52bd17a5e0f0a9fb987e11ffb70e5884132ff77258b0f7eae2af0ffd0ca38e3d2be8d798429b185d766eee5f499ad2fe69a1938eb65690a49f642d990e0ac8f0694fe94af1193e07f6dc2b58465abff42047c6982c259f3068a2181d3a0e4b9225cf101954c2c7c7750483cc7a2ad92e3c1f1c27b4932868f19dbfe19a8882918e72862c18acdb0f5cb6d98ff0acbb303aa3a1bd5fd9786cdd6428fb0b03a368e4849ffc035a83504fae1d4f399a06a2cd22c21c4a8a0997c3beb8f1a075bfb51a63240e5fe6618101f6847eb264896fe4fd3fc984f398dacf320a09e78a12cc6dcd016df762b47161b88767096cac9d4d1f2291680cf90caf4305522b8d39b67898034bf1275d154d6742c2935d1edba1108af675c83a3d38532902e2934173550fc37413e490bdf088509f374938edf34fe2305b477f4b13e17bc27cece5b00e7ebe12a7f26d76c77dbbcad7cbde7668fad1cd8e837d0d52acb9e002fe7a5f06965923a17fcf7bc6db6ed6749676206b5889c243f099f9d82a522be854a2cec7f3a7d1de3ee78ab05348fc4f8da4c4889002510cdaa5d5975f9a3ba5385bb98b2004274b791bfad30780cd7570a4f59cea1d997b6d2945366c8e1826faf0158be324b1b0e9e0a468caead3821deeda3590f9d976325ade856ec3eddf36db0fe5df08baece471ec1c53fa43687e64b07b9712e2d147390acb0a8cd40e17880de10801a342ee5dbfa28de459fda751e7cbd5e0bb81aaa7c4082b70a19ebf6bd24091016c4db761195a423b6fccc821c02dee51cba170d043d9a21302b03513e435d406b85348e4a713956c9c2fe1df8191955b7e927ad367db100c5a761d7a313380a0b2ce288f058b749c60fe6b828d8efe08a1d4a95aa22ad6d87b8a02d3921932e0dc6d6c4e1068c6899bc6cb430c605b825e387ed386eeedec5707088e1e0461daf36a3ae2acb1b2a7e086553c8c0151c8304cdaa974acfb14bacbb102cac4bcf3625c4324ae49ca390832f0193c34981ae944d952e23218bc856c14af7d4ccbbd02765131b7955eeeb48a8a6715b3878c589465515f40455ef5571bd759350b83263d64a788a8e849c67e14ca4520a3145c3d5c86216e5b8f94cfad6c6c4affd430a1f33ba9ba9c9a3316282f50cf705a966fd692304b544c12e9df848f9d2f4c493e65f2320c61092c6f6cd250f358657ec54c5593ea18f7982969a8481994d14ca5ff9010df1dd2afb784f91b51ce77168af865b768a4778f043fded79d42722c9675574b3a8b661fc4b2e0c6d20b734c13dca751f1e4890688bc7b417b2e6e2a5095f5ab04aaa8b412d58ef708e63f6976e74835496ba2badf00b433125a7579a01c5670400bc1995131e17e134e8f4752f64d0cd8abe6115ce5bed13fdc79f9283c5413358b14fc1300e9381d4f1cc9ed2c26d9073f8a93fce633f235c7bec7c1a0602456d102c475fc01743352a50"}, {&(0x7f0000001780)="9ddf526f060b16e3a46384564d5461df0eeec593f11a2be7791fd44d95a730cd1b1087e7a7979e138052fc83b478ad1b2be8435a7b4814e900016a0022d907760cd3c89451733e76ab369050bb86d12fbf821de72e53f7b41641e0a5062f74db3a84c5fcf715f135739a"}, {&(0x7f0000001800)="4ddec11c00994144447260ffcb5ef1e13ad66c930fd4d8e2644d897269ae8b3c6850873caf75e70b8e8584e0ce6c69d00a523fdc0cb00f51ed19d16b277a998fd9205fcc3a9e5dc9116519e33312afc5a12face714718874b9c24d3faa1041aeca3a106b5c35247bcdcafe21f3cb23aa2680bb342f121d21c04911efda9e8427704cfd8d89bbf1000e9397245440df80ba27b150d2f6b8bde7578c6c62126b4f151b814f3a82e2f3350daa"}, {&(0x7f00000018c0)="33ea9be98f032f7a8de9b36522bc45dba575fbbb4b4770ff73304f3d0f6eb9cbc20cfbcdc2102f3d33afec06897d51ba9c64f8237f009b5865fb33c0e3c8b667d613904e3345a53a16342929be79c63f23b026622e76e34e682d5997e7426ba06f99a9b601c5d2455b6fe23dba59d2c02384c899fa8c5920669fd9327399a8f00677912da9c6dd3eee69a12809067a1c80332f04534cceeada0bc93cab86870fec023f5f7cd55782164d0d0f5392b75a35792df7a4608fcbd284c0e8cebb5f624503eb95af3089a5c58c06957e15d4daaec8b485da6c7fda9e5f4f1839827d3e941c96e4"}, {&(0x7f00000019c0)="44e69ff11ad6c949fb9879817f8eb6518e104ed1066e6da14a07e17f79eb4ed9f8e4f7c2"}, {&(0x7f0000001a00)="a3b583c56d602bc35be1ca4e1ac1f9a39137a84447bd28dcba69a8b3feb37c33ca34b73f2702d0077d3f697a0fad1dcdb27b0b859b62c15f520b5e71121664464d0cb42a756f5d220a382b305f11a3de4e13d5cae0f47e3ffecaf500cc6c18393eee55e847c5e1ea082cc0a384cb3ebcc4d3e2fd8b3ea5ce55ed72dadd4fdea92af8ab8d49c0ed2be3c56d4261563f4be62022b0a80b3ed712cae1f0fdffb0454cbabb39e1007b7c6f98c75bbf6d0f1ef1a83c6f4f998bb43567ad37d2495a386aeb9ead5373d15ea571b154128a754d823eaab91af362e71c8f2c8b78218461fc17ce6e3cf5b00bf0810df8040afd0adcf9c139a92d66a327d903c9101e46197ee2f8d11b90e44884fd73b1c1c0b3ed89c660aa4529955bd578038a982cb1d342165e1890444bb197ab6ab64695d7d074a9b47266d953a2fe36fc51d19b1a7fdf1dcb20a01cb2fbe135fe947ebcbc522a80f74f1405738c9d9822df9682cee9b9f488d0852b3bee3e71fb443ddbdbd10400fb51b50ad610273bdcacaa0e498f766137da210b3f4126bae8a59ac1189411000c3cdc7d069266f9f9976c1fd0058a09d04912d68121257af83a88e4411ce6bc5464efe3c64dc2ca08a9997ac7e1df152d04084a25e5d59c06866946e3022970632fdbfc3aaf9d93da527c1b90f0690371dabd6d4030d1f69af6c823a80c70e9190ecdb9cb078d06cf1b08589cb5641172ee314e8df66efa5ec3b2dfd9a57bc3e5e466cbc06eee4a8a7a4640d587c8378e14302095153573d753a3d2ae2e12d732f5fc60966ff67e4b5bd11d5f21cc0c2335f1f58fa4310f84cd574009bbcae7ff4b998c6a8bf4c52cc025797a6008ae4665b040c8ce6e67e63ca08f2660206238d08dae07f658e624f9f8ba0fa506bc3f23548612545091b6eb5ac7dbfb0a81e6d23de36a924c842cfbbbff0765a1c62b81ac39a010cb922a59a80ffd1e195fd4b03d911580ec1a7bc4a7a01e800a3ca49b2ad0cdce7a836e8c75d7368cb4c113b843ae187ad24776e4d648f00dfbd4feacf0c8281d740bd63ca8bc6676108cb31ae5fc4552fbb2e797f57969f4c72c22fb0e49363aa054628f8817768e5da180c287bd03c25e1b32300d0c1743911a713958372a66df9f9e9c04bc8d57c572f1a9089207b2a462ff50742833ab46e0456eeaad6b87f103774f65ce273b1a8e46cd635898b77e35d895ec9e59879dc2b81adb7ed4ee896877ee81d867042668588b8f469b9e4671f27f68526369767f7ac815d9609ea2c29d6a8fd08b844fba2ea6fca729108b4de388867447bb19d5a187eeefdf4bc74b19aab7785231e699163f861fc63da9ed71c0db77f9b712a12f5adb798054f1e75fb8a083722281068e5aa500e1f50a562f189bbe66adedec9b34c382ef3e35bbed11a5eedc010e0810da2af65b8e166da2425b78c1f180e1d5c6f1671e6acdf4ed6f7c379550b01b9111ded597f804a8fefb0950f855a38aa5890cada2d85e65a29b76f00f40b4f44a4c3592e7c7fabaf11bb895adf75b374dae1748c3d8a93e58c7741c35a4945fee1327b5b5f98ec11e7fa702838c4c8d7c781cf14e06b1ddf98b74c644d54b83a71fe59cedc23814e2be2f57602f3cb57c88ab245bd1111ec4965117807540a8747729ab48561ded1d6e87eef1579073f0209b8b4c5b1f101b3bc88f2f11a218203b13597ad411f40c3e2432d85ae02cfec67f4fed34a48f29125001d819194b71bd08e36fd83a16e15873b02978dfc129e2e0b7543286c1418adf76b9702ed4bed9182e143bc361b6a811ad537ec7398abc13ca07262041c64b515997da505591135706e70b8548b8940f9ab8a08d55b7bbe2aba4117b723573d240dcac17b643e93825287520d54979e366fe0a15b2a13a155eaf5bd3d0f69ad71f0bbe830e5132aa5c9bbf8b90d64d40de11fcd0b65bfd5d5eef554ef050a7961e91e12dcd5004351fb4ac22e30d06978c09d5efbcbcff571002cc62d7b0e77abdaf25a22d5f841bb3d6ff33106f39be84c2c65686175e2495323a5a943d833caf2a0ce5d74154783342cb90f8a507d92217cdd45b33fcbae848043c88e38d178b36ffc238b88d0d1bed33a5970e9264b36b4e98941486966982119ad7817128fe3479330d68258a0ac8e07f6a49c8fe2732d246d05badc8f77adc87dc0c6e2163df3a17de7911dbd907b0139101a2c24b10aa7c7faf6d8cd75ad9f2e501581882bc39a61baf5dbcc4a1ae68ab8ad03139edca99b2eb076b28645d300de7ef67c0680c12268dcb3170ecc6c97512511399108c9f58d44299c8c769b378ff5285d62ec21861c839d2f456f4fd4cec5af88e74356bd3575db1d7f81311c47f84f7a7cdbeca3909f2913ed7fc8654f2687c28b40a5defdb76cdde8b803e8bd8e355f3295726449a3f14da8fc1fb7813e486c03b769a624f5e45c639f4a8898319cd1df762517b7a1898a7ab81181f4612e477bb73b53fc163b269ecff526a2d60a9e429abf70d0b3d32dfbf9ffeb84509601a55c5ec232e03b1d665e8f09aa511572e38d4eb660c6f0743cb8bd0931b30a0f9bdbf6616a5f960c80eac403da351a49b642af5ee3db850fcaf95f0d43d740941fa9cfbd0fd8f1511f62770aa356a47eba91b9f578b0335806427bfe7b6f89cbb3f30469ce2a19538960c0790c064abab7461e1316b2c4981d34db26c0d0fec3d76bb17cf1dabe57606d26733c0bf9ad53b8bebafbc9082da4c18e85b3e63ebf5b1e2716b741e50419aaacc7ceeca8888e63718af2286d2689e161014d919c167f0f90e8141f79d042fddb14c20aa0317a16844ea66847ef9735cd8b6901ba6d7f2e61f0e7ad1289b740d58c907c1cf939d5da014c3dc1789691f10c1a3ece46cab7f320e6c30d3651919343b3c82b98a263b9c2e78a637f4a2f5e195a27e336ffc0c301e63c7574f470814b42033bcd7f980f81ea4b2144dfcb3434fcf07050fe9fdbe0975d322d20d4a6c724666723dba2daa63f6889addf17692b972349179bef0ecfb0554fbb05deb04cb56d75b7bf5570ebfadbe7b9de8aa9e093383afbc55f0e1919ef803a45ac632b4c52591a9771dd7c62cd97086256e7df103f1f8879fd43ed7b628b8e6377d25d04ba5245301c408fe37a58e3c086320dece02639915868fedf1bb4f9ad2528f0f675ef0f029085bd7bb14ebf3f82d2a9da61838784c0d3c9b47185c760c8521583a88c27396bc2028000c100098fa614b3284ea839dfb4d7c8b91bba309a7aae8a5f9e00ec3d1c3cc4e800a632615924720c242f400c09eec8cbd6d71e84a7f65af709c2bd14d87aa37fb6e02d060285bc604ab784aaec0b982571c004d4f1d71af79ec2ebbe10bca47a7b2e1710c03b27ba680c803a651d867a75effc6e11137cbca62ca4ea957f86a0c97c63c2d7e1ffcf6d0193b5c6eb3b80e87894929e8415bd71e13e64bdf1e4aeef4b3394b9b7029ce668b4572edd55641ea66ae9518b35c4bdda2a33f2ccadaeca91d0ef664dbc8e86064844761eba0cddd254910f4e0437aadd8faf6b7fb193b3d23e785be9c1f539c66ab41d87982a08af2c55f60ea5c40ed740438bcf82cc9f3a98ff5e05fbc267d745507289446514daaab65775016ba0cd0bab6aa6f025efa59ba19bc83026660d008d15305c4eb853a41d861b3f124dae35d45aa04710ab7e0cdc100108155478e12f05b027c6097e30f29292f1d959848d6eac383959ae185205d11c15d94e598adeef077fa1b0dccfba6483f343430a704a0d5ca7e9e9b00f4a876b3b6ff395ed67fc8babfc25cdfcf50e19f52b9cec99a337a1266cd5c843c8d78b74960e70811a55554f16cc101fea6bde1d69b0b20b9efd6e35df01fdcdd404e8ae7eec59c92903a321fd59c060812c2bab3246356bc92070ea91b6ac6d0e7192764f23603c9db8855f41de098ea1a3983c1b0fd138383080552f327b060435164dc55c88d49430f7321e4b02a26b4c52c04e17a7f385e065f3ad58d560ecc4446537a5322574aa39c2b52f8ccac492923e2f2568ad963a90f19b0df7d676b7607cb2a9d26f099e1f21dcd81c365ee193b9844c8dd4b32195c0f8c612fdd71755bb30719364423674e15513dea2dca46b6ba3da2a86970ba3ef8057e34e18eed680176293167a28c6287eb10844b740d2623522a0aac5e29ffb62ec42d40f7aca8a4fd3118785aecfd6a82cda9d35afe2730368ea2e91c709dfca44d330e0158398757640fc70bc73d8bbcf0e6bdee7719554ab81446e988a43fb69cd8348732bfb1843e9fb22a46c01c31a4b4efb82975ff82051d4ea8f9d244e8d119e3858a6251273c438671585f473d5ad54579f6aeb0baf76ccc760eea5fca01be218b908e146545fec79949a62c18fad76602ad87c000524d180e46bdd76875e0516ae549777e5902cbb1dc2cb0a4a2a5ddc856d348b99fa15fac920dbb107710b9464dd66116b81ee574c75fad5d370d9455c18b16c0d7d4edee926aac0fabf704e94e491c1a0daa7abd757f297d3fbf0c4241df8ddb5a867612a7fe6d3eccdd454c858e7b6be13cfb0861a65f4d11d4566926c93e3c4607033bde82974b08ed06e41b5bbb16ce3c90d9936ab80a7049d956408c6db8fe69af9cd546dc27bde58e34a22e198ea88f930ea348669b966b2915268578804ed9d22d3dac8d78b5e141677073d5e68b17c3a4fdeb3e05eacfc0a06761fe5d48f6325c54b550661937169404de9c755689fc07a82dc0fcd00ad1e44644b377bc0191cfa8f3c197decbbf7f2a1179f6041b29a1643adab8005ffa8beea7f97592dc85d3b62f1fd75402e82f2d32281047e9e46f1fb3f16b3b9dc57e7252b7db96f17debd401343bb345d9d89b140669e22f1f918bbebca5db57402e0d303b73a4e60e23cc8f2f09fba72b824a0d0a2a024a205705c5cbee0231cc5f881ed344492d6f14647033c07def45ccc5dad057738b2b6b89f3d3d53635b84c9ad6985dbf38ac4b178c70373e51d7c6bf410397e9660b3cfe5d31ecab08599c5ac680439955edbd0d59772bc8d663d5beca83a999c633bf2ba72f5b22893c408fa1aa648974333341f9908c38f8d018daeeb9636c0f01fa9ae071404dd7268eae592855899c7385ace7e45dd5049203a3f8c8f2176e2cd78fc524664bce83e8f52a947f1453c42373a922abd2e4e585ed3fcf36b8184dde32fd6d79ad9a7cdfddddec1f7c1460f25a7f7df32a5d28560d86b8fdda5d8bc69101192f121948865f5c1558b7fb3d654e632632852dc1267785af94767098eb4f7c33d1aed970815592c7a9cc61f7b264c0d643febc781a36ea348b632ea1367412cd6acd12450758db9ba72c6079bed536027ecc3a1f0795b7f1a60839f622cb4109b0f74b9419a64c1d5d1d6079b23a6b9cfdc9f155df2bd631617f955d4f636da789ff1f408a9efc07cab19d011241c3f33748286d589b4ab778a01a4ec79df90300d6124e10a547a7b7cc1cacd74176072e25db0cc8bcc7e7d0e41caa16cd12837ac9ff1ab8891b7816cbe99c69841c3eda478d36f35ccb101f96d7f7c10fb2af0d7b92854ce7eb9d172ceb74a294836487b0c32e80bd7a5242a9781b08201a7b4efefb416f9ac0fe74ff6b2c33ba5398f8fad1997297d9531a74e09ca2a0291b27917fb8b0ce71fa4171fc444e1a6f5488d497089db47ea20e93b1d01666562c11e0c43bea6ceec6cb7ce0197538a84d81b0a7ebe11c5e447ed74bf1047c91dbded50d692c38d12b968d165dc2b2fa4b055722cede26b0761fa83eb87e"}], 0x0, &(0x7f0000002a80)=[@assoc={0x0, 0x117, 0x4, 0x10000}, @op, @iv={0x0, 0x117, 0x2, 0x0, "247845eb05646e547a55dd088b051498296d0175082e34a876b14d6665540e314251aed80d52a9de911ed758aa34"}, @op={0x0, 0x117, 0x3, 0xe231fd784a4967da}, @assoc={0x0, 0x117, 0x4, 0x80000000}, @op={0x0, 0x117, 0x3, 0x3}, @op, @iv={0x0, 0x117, 0x2, 0x0, "62b215e32c43bcf8dfb9e4c77dba8e9c2b58676e3804104bc3d5ed0c7705a6ef9da7b35abfda774c88e801225076e67ba09d1e22f3a32a96e44a576f091a487124eba02807a7ab7752d8609af82d4a3d32b6fc7914b14068a3c4600c9734e1b2e766a1062501ad"}], 0x0, 0x800}], 0x2b0, 0x80) 14:24:08 executing program 1: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0) r1 = syz_open_dev$swradio(&(0x7f0000000740)='/dev/swradio#\x00', 0x1, 0x2) perf_event_open(0x0, 0x0, 0x0, r1, 0x3) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x9fc, 0x0) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000480)='/proc/capi/capi20ncci\x00', 0x8000, 0x0) r4 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) fdatasync(r4) r5 = syz_open_dev$swradio(&(0x7f0000000280)='/dev/swradio#\x00', 0xffffffffffffffff, 0x2) close(r5) r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x111}}, 0x20) r8 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000680)='/proc/capi/capi20ncci\x00', 0x480c00, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r8, 0x4, &(0x7f00000006c0)='/proc/capi/capi20ncci\x00', &(0x7f0000000700)='./file0\x00', r0) write$RDMA_USER_CM_CMD_BIND(r6, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r7, 0x30, 0x0, @ib}}, 0x90) write$RDMA_USER_CM_CMD_QUERY(r5, &(0x7f0000000180)={0x13, 0x10, 0xfa00, {&(0x7f0000000480), r7, 0x2}}, 0x18) write$RDMA_USER_CM_CMD_REJECT(r3, &(0x7f00000004c0)={0x9, 0x108, 0xfa00, {r7, 0x5e, "847684", "7396932954d4115b9095b2cfeddb95479afda1a405f4b85ec35ea23e14424fd93e17abd331e9e077eea2965f019110fca507b304d9deb9c0fbe2801e1f35be1888ef6a68217a09c46e7172686c50599357ed6438894d7e6ffc24eed8d3f080f9efd34bbf516c9d45f0196e12c28a5ae888234e45d72c48aab15449fb7d08f32fe21a4bfdb4bc54ad77bc77e3ee3aa72c4dd6dce98a569a4e07039db97ecb20cb2a1bfeeef4b22b8dece95961e4684f0414b1fde14e9dc30c418b962cc1c9918009ab8219dee7a8c30698f492638c5067a958ea80fd8df701d08a94c4279dfabc30bc1abbd069a45d910deb79989c2f57351b8e8167ab2cd30b47ceea99ca69d6"}}, 0x110) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(0xffffffffffffffff, &(0x7f0000000140)={0x9, 0x108, 0xfa00, {r9, 0xeb, "ed6121", "0144cd0250f34ca7b07915472cd0719e13da163aaf4d978c8c8df1f45a29570e701824fbbd9e1ca4f565138b96f339a5f67c36d6d24b0bf255a5caaf6e5521072ff76b84fa3f0865bf669c750e19842e0f8ea8d15cf45827268b2d2a46b7dcb62f1324ff936f9ef9fd172f610b69d8ff0f8cfb906e6ded837e0f5975172bf2fe880c5b30a6affbb7acfb123974fb65ac6f2e86a6ef52fb99dafd3bb78b75e3fb04768ab142593285c9b774d73aa1bd208eb596eadac041aa80714bce08b5b8af68d9465d32d05809eff8a6cc23d94208a002462d733e623640a0ba4a083ce1ae9d5b36c946d727b792807b123e4e1380ec24576947cbe60f6fb5fe9576730ecb"}}, 0x110) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x1) write$UHID_DESTROY(0xffffffffffffffff, &(0x7f0000000d80), 0x4) unshare(0x40000000) sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000440)={&(0x7f0000000000), 0xc, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB="faffffff", @ANYRES16=0x0, @ANYBLOB="0009ff010000fedbdf250c0000003c000600080001000400000008000100050000000800010009000000040002000400020008000100020000000800010015f72b240400020004000200fc000100100001007564703a73797a32001500000800030081000000100001006574683a697036746e6c3000080003000300000038000400200001000a004e2000000008fe800000000000000000000000000013090000001400020002004e20000000810000000000000000080003000100000038000400200001000a004e2000000081ff020000000000000000000000000001030000001400020002004e21e0000001000000000000000038000400200001000a004e2300000008fe80000000000000bb238900001400020002004e207f00000100000000000000001aff010069623a76657468315f746f5f626f6e6400"/326], 0x14c}, 0x1, 0x0, 0x0, 0x10}, 0x4008011) 14:24:08 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, @veth={{0xc, 0x1, 'veth\x00'}, {0x18, 0x2, @VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x38, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9, 0x1, 'hfsc\x00'}, {0x8}}]}, 0x38}}, 0x0) ioctl$sock_TIOCOUTQ(r3, 0x5411, &(0x7f0000000280)) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=@deltfilter={0x454, 0x28, 0x421, 0x0, 0x0, {0x0, r4, {0x4}}, [@filter_kind_options=@f_cgroup={{0xc, 0x1, 'cgroup\x00'}, {0x424, 0x2, [@TCA_CGROUP_EMATCHES={0x18, 0x3, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, @TCF_EM_META={0x10}}]}, @TCA_CGROUP_POLICE={0x408, 0x2, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x4]}}]}}]}, 0x454}}, 0x0) [ 493.058995][ T32] audit: type=1804 audit(1571495048.105:151): pid=14285 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/158/file0/bus" dev="ramfs" ino=42456 res=1 [ 493.164704][ T32] audit: type=1804 audit(1571495048.195:152): pid=14285 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/158/file0/file0/bus" dev="ramfs" ino=42462 res=1 [ 493.166110][T14289] kvm: emulating exchange as write [ 493.405145][T14297] IPVS: ftp: loaded support on port[0] = 21 14:24:08 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) memfd_create(&(0x7f0000000000)='+\x00', 0x1) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x1fb4, 0x25b, 0x5, 0x20, 0xffffffff}) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b42) readv(r0, &(0x7f00000007c0), 0x0) 14:24:08 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_DQEVENT(r1, 0x80885659, &(0x7f0000000040)={0x0, @frame_sync}) sendmmsg$inet(r0, &(0x7f0000005740)=[{{&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, 0x0}}, {{&(0x7f00000006c0)={0x2, 0x4e20, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000840)=[@ip_retopts={{0x14, 0x0, 0x7, {[@end]}}}], 0x18}}], 0x2, 0x0) [ 493.544064][ T32] audit: type=1804 audit(1571495048.595:153): pid=14307 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/159/file0/bus" dev="ramfs" ino=42514 res=1 14:24:08 executing program 4: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x5, 0x200) io_uring_register$IORING_UNREGISTER_FILES(r2, 0x3, 0x0, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xffe8) socket$inet(0x2, 0x3, 0x29) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000001440)={0x0, 0x0, 0xfffffffffffffffe}, 0x4) r5 = socket$inet6(0x10, 0x3, 0x9) sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={r5}) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='vcan0\x00', 0x10) socket$packet(0x11, 0x3, 0x300) connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) splice(r0, 0x0, r3, 0x0, 0x10005, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) 14:24:08 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) r1 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(r0, r1, &(0x7f0000000040)=0x100060, 0xa808) setsockopt$inet6_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000000)=@ccm_128={{0x304}, "deeddca0b9ea960b", "db3f5a74924bd487e871a79ee344070f", "727c1843", "6983b7db5301feed"}, 0x28) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r2, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/nullb0\x00', 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x400, 0x0) ioctl$USBDEVFS_GET_CAPABILITIES(r4, 0x8004551a, &(0x7f00000001c0)) ioctl$PIO_UNIMAPCLR(r4, 0x4b68, &(0x7f0000000100)={0x7, 0x0, 0x7}) preadv(r3, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0x3ffc00}], 0x1, 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/nullb0\x00', 0x4040, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) r6 = syz_open_procfs(0x0, &(0x7f0000000440)='pagemap\x00') sendfile(0xffffffffffffffff, r6, &(0x7f0000000040)=0x100060, 0xa808) fcntl$addseals(0xffffffffffffffff, 0x409, 0x2) r7 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r7, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$bt_rfcomm_RFCOMM_LM(r7, 0x12, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4) preadv(r5, &(0x7f0000000040)=[{&(0x7f0000000400)=""/4096, 0x3ffc00}], 0x1, 0x0) 14:24:08 executing program 3: ioctl$USBDEVFS_DISCARDURB(0xffffffffffffffff, 0x550b, &(0x7f00000003c0)=0x40) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) write$P9_RREADLINK(r0, &(0x7f0000000340)={0xe, 0x17, 0x2, {0x5, './bus'}}, 0xe) ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f00000000c0)) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') r1 = syz_usb_connect$hid(0x0, 0xb7, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000155e1e13030000000000010902240001000000000904000009000905810300"/54], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000080)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB="0900740000007400bedc2a54436408789bdd5545b86415f523b546d3b92ca2240969fe2b"], 0x0, 0x0, 0x0, 0x0}, 0x0) open_tree(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x900) syz_usb_disconnect(r1) ioctl$TCGETA(0xffffffffffffffff, 0x5405, &(0x7f00000001c0)) creat(&(0x7f0000000100)='./bus\x00', 0x0) r2 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r2, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x8800, 0x100) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r3, 0xc08c5335, &(0x7f0000000240)={0x7, 0x6, 0x8, 'queue1\x00', 0x4}) syz_open_dev$video4linux(&(0x7f0000000140)='/dev/v4l-subdev#\x00', 0x200000000005, 0x100) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r2, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:24:09 executing program 0: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xa9, 0x0, 0x4f, 0x20, 0x2770, 0x913d, 0xe47, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xc3, 0x0, 0x0, 0x49, 0xa9, 0x66}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000005040)={0x2c, &(0x7f0000004e40), 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 14:24:09 executing program 5: pipe(0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000400)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="34fc6fddf268579468a67fdd85da6ce7a6cd798d98ab37eaf9778456ff0f000000000000535540e80e0e7b68eee5c72b51720eb8ad1543d6f45140274cd83725026701b0945a8abf3661bba9a3876e0f3e730207bbeb291d1040562df706e924348af1671498a44af9de14a64af410837fb441000000", @ANYBLOB="de00eed949aeb8eb00000a000000185234e8d7566f90da602bfe86d6066f3e5e406eb79e86fd3e393b0cfb6e5a3e523606e05872dc59fda7de7bc26b2be5c739b44761b5fd8341a6bcbfea1b60a9dc53b9fdfe56f24796ef3e9a31f20e5dce1763f9c1a59fb3cde86e4036"], 0x2}, 0x1, 0x0, 0x0, 0x1}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000005000/0x3000)=nil, 0x3000, 0x0) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) chown(&(0x7f0000000200)='./file0\x00', 0xee01, 0xee00) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000100)={0x0, {{0x2, 0x4e23, @multicast2}}}, 0x88) bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0x23, 0x40000) sendto$inet(r1, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xbf7f, 0x11, 0x0, 0x27) [ 494.632303][T11559] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 494.805371][T14303] IPVS: ftp: loaded support on port[0] = 21 [ 494.957402][T11559] usb 4-1: device descriptor read/64, error 18 [ 494.974590][T11495] usb 1-1: new high-speed USB device number 37 using dummy_hcd 14:24:10 executing program 1: syz_usb_connect(0x0, 0x34, &(0x7f0000001080)={{0x12, 0x1, 0x0, 0x29, 0xa0, 0x11, 0x40, 0x458, 0x5003, 0x7318, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x39, 0x0, 0x1, 0x36, 0x7b, 0xff, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "81bb6e86a9"}]}}]}}]}}]}}, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x800, 0x40000) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$VIDIOC_G_FBUF(r0, 0x8030560a, &(0x7f0000000040)={0x2, 0x22, &(0x7f0000000000)="bf78461e823e32d3afee7dea9b9888510de764cb671e33fc6c09a145e2b1035b85b1bdc5b55bc3", {0x401, 0x9, 0xfc036301, 0x8, 0x7, 0xffff7fff, 0x6, 0x4}}) [ 495.250101][T11495] usb 1-1: Using ep0 maxpacket: 32 [ 495.406685][T11495] usb 1-1: config 0 has an invalid interface number: 195 but max is 0 [ 495.415159][T11495] usb 1-1: config 0 has no interface number 0 [ 495.421436][T11495] usb 1-1: New USB device found, idVendor=2770, idProduct=913d, bcdDevice= e.47 [ 495.431157][T11495] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.510028][T11495] usb 1-1: config 0 descriptor?? [ 495.573161][T11495] gspca_main: sq905c-2.14.0 probing 2770:913d [ 495.597226][T11526] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 495.695650][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 495.698588][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 495.704391][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 495.709209][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 495.964501][T11526] usb 2-1: config 0 has an invalid interface number: 57 but max is 0 [ 495.973040][T11526] usb 2-1: config 0 has no interface number 0 [ 495.979263][T11526] usb 2-1: config 0 interface 57 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 495.990115][T11526] usb 2-1: config 0 interface 57 altsetting 0 endpoint 0x81 has an invalid bInterval 169, changing to 11 [ 496.001683][T11526] usb 2-1: config 0 interface 57 altsetting 0 endpoint 0x81 has invalid maxpacket 1646, setting to 1024 14:24:11 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x400200, 0x0) ioctl$TUNSETPERSIST(r2, 0x400454cb, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000100)={0x0, &(0x7f0000000040)}) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x101002, 0x0) ioctl$EVIOCGPROP(r3, 0xc004743e, &(0x7f00000002c0)=""/246) pwritev(r3, &(0x7f00000000c0)=[{&(0x7f0000000080)="80fd01009341", 0x6}], 0x1000000000000006, 0x0) [ 496.005448][T11559] usb 4-1: device descriptor read/64, error 18 [ 496.013049][T11526] usb 2-1: config 0 interface 57 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 496.032238][T11526] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice=73.18 [ 496.041555][T11526] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 496.093710][T11526] usb 2-1: config 0 descriptor?? 14:24:11 executing program 2: semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000000)=""/63) [ 496.292735][T11559] usb 4-1: new high-speed USB device number 4 using dummy_hcd 14:24:11 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xffffffffffffff4e, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9000000010000507000000000000000000000001", @ANYRES32=0x0, @ANYBLOB="0000000000000000700012000c0001006970697000000000600002000800090089ffffff08000200", @ANYRES16, @ANYBLOB="080010000180000008000400d9000000080011004e20000008001400030000000800050003000000080011004e20000004001300080004000000000008000500ff0000000800140000000000"], 0x90}}, 0x0) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video0\x00', 0x2, 0x0) 14:24:11 executing program 2: r0 = perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x6fff) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) r2 = socket$kcm(0x11, 0x1, 0x0) sendmsg(r2, &(0x7f0000000440)={&(0x7f0000000000)=@nfc={0x103, 0x14}, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)="9cabbf0400cbb140419b80008100254588a8", 0x12}], 0x1}, 0x0) [ 496.395466][T14360] netlink: 'syz-executor.5': attribute type 9 has an invalid length. [ 496.404432][T14360] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 496.412753][T14360] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. [ 496.438733][T11495] usb 1-1: USB disconnect, device number 37 14:24:11 executing program 4: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) syz_usb_connect$hid(0x0, 0x1, &(0x7f0000000180)=ANY=[@ANYRES64], 0x0) r1 = syz_usb_connect(0x0, 0x0, &(0x7f0000000000)=ANY=[], 0x0) syz_usb_disconnect(r1) r2 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x1000000000000ed, 0x400) syz_open_dev$hidraw(0x0, 0x0, 0x0) ioctl$EVIOCGRAB(r2, 0x40044590, &(0x7f00000001c0)) syz_open_dev$usbfs(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x1, 0x72700) prctl$PR_SET_PDEATHSIG(0x1, 0x16) syz_usb_disconnect(r1) r3 = socket$kcm(0x2b, 0x1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$binfmt_script(r3, &(0x7f00000000c0)=ANY=[], 0x10000011b) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) write$P9_RLOCK(r4, &(0x7f0000000100)={0x8, 0x35, 0x2, 0x3}, 0x8) [ 496.552500][T14360] netlink: 'syz-executor.5': attribute type 9 has an invalid length. [ 496.560847][T14360] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 496.571615][T14360] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. [ 496.583464][T11526] aiptek 2-1:0.57: Aiptek using 400 ms programming speed [ 496.583687][T11559] usb 4-1: device descriptor read/64, error 18 [ 496.592333][T11526] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.57/input/input18 [ 496.597801][ T32] audit: type=1804 audit(1571495051.635:154): pid=14321 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/160/file0/bus" dev="ramfs" ino=42675 res=1 [ 496.704654][T11526] usb 2-1: USB disconnect, device number 37 [ 496.706576][ T32] audit: type=1804 audit(1571495051.685:155): pid=14321 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/160/file0/bus" dev="ramfs" ino=42675 res=1 14:24:11 executing program 2: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000000)={r4}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=r4, &(0x7f0000000040)=0x4) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={0x0, 0x2}, &(0x7f0000000100)=0x8) clone3(&(0x7f0000000080)={0x68108600, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0}, 0x40) 14:24:11 executing program 5: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5543, 0x3031, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000200)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="00002900000029000cafa260297958b1"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) mmap$binder(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x1, 0x11, r1, 0x0) [ 497.012467][T11559] usb 4-1: device descriptor read/64, error 18 14:24:12 executing program 2: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$binderN(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x0) r0 = memfd_create(&(0x7f0000000100)='\xc0\x055\xb3\x03\x00\x00\x00\x00\x00\x00\x00P\x9c<\xc9.\x82\xbf\xaf\x8eN\x10\xe4\x1f\xba\x9d\'\x84\xc9c_\xca\x90\xc3\xd9\r', 0x0) write(r0, &(0x7f0000000380)="6963e6424304006da3a74e", 0xb) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xd, 0x11, r0, 0x0) [ 497.133135][T11559] usb usb4-port1: attempt power cycle [ 497.233167][T11562] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 497.242277][T11495] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 497.332126][T11526] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 497.472319][T11562] usb 6-1: Using ep0 maxpacket: 8 [ 497.482116][T11495] usb 1-1: Using ep0 maxpacket: 32 [ 497.592409][T11562] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 497.603940][T11562] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 497.612453][T11495] usb 1-1: config 0 has an invalid interface number: 195 but max is 0 [ 497.616940][T11562] usb 6-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00 [ 497.625443][T11495] usb 1-1: config 0 has no interface number 0 [ 497.634333][T11562] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 497.640407][T11495] usb 1-1: New USB device found, idVendor=2770, idProduct=913d, bcdDevice= e.47 [ 497.657549][T11495] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 497.669084][T11495] usb 1-1: config 0 descriptor?? 14:24:12 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0xc000) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f0000000280)={{0x8000000000000000, 0x2, 0xe2, 0x3, 0xa23d}, 0x3, 0x2}) r1 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) mmap(&(0x7f0000ff3000/0x4000)=nil, 0x4000, 0x800008, 0x1012, r2, 0x2) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 497.696626][T11562] usb 6-1: config 0 descriptor?? [ 497.727369][T11495] gspca_main: sq905c-2.14.0 probing 2770:913d [ 497.742927][T11526] usb 2-1: config 0 has an invalid interface number: 57 but max is 0 [ 497.751315][T11526] usb 2-1: config 0 has no interface number 0 [ 497.757659][T11526] usb 2-1: config 0 interface 57 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 497.769668][T11526] usb 2-1: config 0 interface 57 altsetting 0 endpoint 0x81 has an invalid bInterval 169, changing to 11 [ 497.781682][T11526] usb 2-1: config 0 interface 57 altsetting 0 endpoint 0x81 has invalid maxpacket 1646, setting to 1024 [ 497.793007][T11526] usb 2-1: config 0 interface 57 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 497.806147][T11526] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice=73.18 [ 497.815342][T11526] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 497.832935][ T32] audit: type=1804 audit(1571495052.885:156): pid=14391 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/161/file0/bus" dev="ramfs" ino=42730 res=1 [ 497.837232][T11526] usb 2-1: config 0 descriptor?? [ 497.936176][ T32] audit: type=1804 audit(1571495052.985:157): pid=14391 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/161/file0/file0/bus" dev="ramfs" ino=42733 res=1 14:24:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000040)={0x0, 0x40}, 0x8) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340)='/dev/hwrng\x00', 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) ioctl$KVM_RUN(r3, 0xae80, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x2, &(0x7f0000000000)=0x9, 0x8f7a99bbe5b13b0f) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:24:13 executing program 2: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @rand_addr, 0x3f}, 0x1c) r1 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r0, 0x6) setsockopt(r1, 0x10d, 0x800000000d, &(0x7f0000000040)="02", 0x1) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$sock_netdev_private(r2, 0x89f2, &(0x7f0000000080)="ef115ccf19a0ed816e38aa1d25fcda55ce8acc") connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) [ 498.014375][T11495] gspca_sq905c: sq905c_read: usb_control_msg failed (-71) [ 498.022300][T11495] sq905c 1-1:0.195: Reading version command failed [ 498.029074][T11495] sq905c: probe of 1-1:0.195 failed with error -71 [ 498.108323][T11495] usb 1-1: USB disconnect, device number 38 [ 498.116369][T11526] aiptek 2-1:0.57: Aiptek using 400 ms programming speed [ 498.125256][T11526] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.57/input/input19 [ 498.189046][T11526] usb 2-1: USB disconnect, device number 38 [ 498.195382][ C0] aiptek 2-1:0.57: aiptek_irq - usb_submit_urb failed with result -19 14:24:13 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) ioctl$IMGETCOUNT(r0, 0x80044943, &(0x7f0000000000)) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r1, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) 14:24:13 executing program 4: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x23) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) fcntl$setsig(r1, 0xa, 0x41) ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f0000000000)) syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x1d, 0xd4, 0x38, 0x40, 0x867, 0x9812, 0xbb05, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xd5, 0x0, 0x0, 0x83, 0xa2, 0x82}}]}}]}}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000280)={0x8, 0x30, 0x4, 0x2, 0x7, [{0x7f, 0xba732d000000000, 0x8000, 0x0, 0x0, 0x81}, {0x29d7, 0x0, 0x1, 0x0, 0x0, 0x3206}, {0x10000000000000, 0x5, 0x4, 0x0, 0x0, 0x402}, {0xbad4, 0xfffffffffffffff8, 0x838, 0x0, 0x0, 0xbb13941132ccdd3a}, {0xfff, 0x100000001, 0x4, 0x0, 0x0, 0x1200}, {0x3f, 0xfa, 0xffff, 0x0, 0x0, 0x4}, {0x0, 0x10000, 0xfffffffffffffff9, 0x0, 0x0, 0x6}]}) [ 498.394625][ T32] audit: type=1804 audit(1571495053.445:158): pid=14408 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/162/file0/bus" dev="ramfs" ino=43467 res=1 14:24:13 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r2, 0x80006040045010, &(0x7f0000000140)=0x3) r3 = socket$xdp(0x2c, 0x3, 0x0) fremovexattr(r3, &(0x7f00000001c0)=@random={'system.', '\x00'}) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000000)={{{@in=@dev, @in6=@ipv4={[], [], @empty}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@dev}}, &(0x7f0000000140)=0xe8) setuid(r5) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000440)={0x2, &(0x7f0000000100)=[{0x10000030, 0x0, 0x0, 0x80000fffff024}, {0x16}]}, 0x10) ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000000180)={0x5, 0xff, 0xffff0000, 0x2, 0x8}) mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x10) 14:24:13 executing program 1: r0 = socket$inet6(0xa, 0x20000000003, 0x8000000002c) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f0000000080)=@srh, 0x8) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f0000000100)={0x1}) connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$sock_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000000)) ioctl(r2, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") socket$isdn(0x22, 0x3, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x13) r5 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) sendmsg(r5, &(0x7f0000000800)={0x0, 0x0, 0x0, 0xffffffa8, 0x0, 0xffffffffffffff50}, 0x4000) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = getpid() rt_tgsigqueueinfo(r7, r7, 0x16, &(0x7f0000000000)) ptrace(0x10, r7) ptrace$getregset(0x4204, r7, 0x2, &(0x7f0000000100)={&(0x7f0000001300)=""/4096, 0x1000}) r8 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0}, 0xfffffffffffffffd) getresuid(&(0x7f00000003c0), &(0x7f0000000400)=0x0, &(0x7f0000000440)) r11 = socket(0x2, 0x3, 0x7) connect$inet(r11, &(0x7f0000000100)={0x2, 0x4e23, @remote}, 0x10) getsockopt$sock_buf(r11, 0x1, 0x1c, &(0x7f0000e530e9)=""/16, &(0x7f00000001c0)=0x10) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r13, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r13, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x501, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, @ip6gre={{0xc, 0x1, 'ip6gre\x00'}, {0x14, 0x2, [@gre_common_policy=[@IFLA_GRE_ENCAP_DPORT={0x8, 0xc}], @gre_common_policy=[@IFLA_GRE_LINK={0x8, 0x1, r14}]]}}}]}, 0x44}}, 0x0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$nl_xfrm(r11, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f0000000400)=@report={0x230, 0x20, 0x100, 0x70bd27, 0x25dfdbff, {0x0, {@in=@empty, @in6=@loopback, 0x4e23, 0x20, 0x4e20, 0x8000, 0x0, 0x80, 0x140, 0x2b, r14, r15}}, [@algo_auth={0x114, 0x1, {{'sha224-avx2\x00'}, 0x650, "47310c336c6217a7ba9340369dae4ccede788c7497b4ee18ef67b49e8471a6b4a10980df28f7e4bea97d9548a26bcd6725b8472c0d9e7396408d6876bd8c35181b7999d5e48bfc5dc902aeb75b1c59e70d236777a2eee97bdb86c71d0246d4ef12a2f9f4227f12e8862788ba8aff269a088e64d3f220d681aef008e25d2c08125f66d2c5df3ab780f096066be10bd6e78c1d7a958038066d46ed967bc742aa0f5c135c787340787a802207cf37bedda30a57e3e44a23f9a02c2e96bd6461502ef62f89767715e73e9f35"}}, @algo_auth_trunc={0x6c, 0x14, {{'wp384\x00'}, 0xf8, 0x0, "31f2ae94281c7c993d01169cfb0a9b3d1af50ab43a9b5d1272887143389f15"}}, @algo_aead={0x64, 0x12, {{'authenc(sha3-512,ctr(camellia))\x00'}, 0xa8, 0x100, "f25fe45c182b394967e1fbc7b0a0c4a658da746611"}}]}, 0x230}, 0x1, 0x0, 0x0, 0x834c9fed93b9419f}, 0x40) sendmsg$netlink(r6, &(0x7f00000004c0)={&(0x7f0000000300)=@kern={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000480)=[{&(0x7f0000000840)={0x11c4, 0x39, 0x200, 0x70bd29, 0x25dfdbfe, "", [@nested={0x1ac, 0x83, [@generic="8bf9b58718987db7b25d45faa0dab765b2adf749162e5d879d42c1010a4b8700d2af5a6a251d21c30d2e08876c597e424f6b6149535ac292cdb878881e48730df0b4db6e7538ee979286aef3c6b7b919d1e520b40ce17534bd9ed49fcbded6f7f818d9fffccf4c621c340a3e8ea7500dda354441ae0d083478afc1a700ea2c1b8f6dfece22235c3baed17b04510169038ce9a7640c349f0b5a76a1c2001de05809cf97071dbd412614f8baf57fef934680e17e1ed442ac3239", @typed={0xc, 0x7c, @u64=0x101}, @generic="246b5dd69eb4a42674c1cb0dd418636697e5ed394b7112210aee9c3be7090d6b1bb10ca038de8c2e4d9e947b3d1bf3fda1c2fe7c5514fad1c5e9b7b8ef7ac666f33b6c40b2a3df8d9f4273f020d8d87f4b920c4c882a94f9477530d4543226c5ffcd10916391b9f892d84acfa4af61ba90703680de2a15a5f7c1793d84e2227e564a923c9af104d498a881d5a87aae835913863d6e4c0ddbe8b682b2c455bac7217aba935dfd7c4197747f4392fb6016e00821d35ec2e53d5f0db1e5b2cc3a36f68e7f1f179d932813bb131c87fee2867699", @typed={0x8, 0x2f, @str='\x00'}, @typed={0x8, 0x7e, @ipv4=@multicast1}]}, @generic="82d09100c1cd19a7e3f43a1848f734236a59fa488a33b93e9ee4192595cf638764ac9a1ae11856659be5eef9a4c1afcebfce8bb584a4ca08578b06052fff10309cfdaf6aed34adaecf34621d84ec93a1b066f850437d530b9e94f7d4b03ff60bd4633b43d727e1ed8e147acd4f5802a91b0341b58971694308367b1521915df1f2d000c47486b33f5ea0a6f2d4f257ed0c2405e6b87d45c84aeff68142b64dc59d60f0007ac210d68cf121099d52505ade1ba21b893bbec53334b7633c397054c473c560054e224c69edc72299635b81ad4c1a67ba9423588c35a71540fff2db695d3aeb83aa047e33fa8513cc16aa4d99ca7ac49a408f6a327e5845704266b5bdecf2a89a5987a5fcfcf2f6c1b68af4ba8c0f1fa811daf4dd2836e825512cacd22b00fb33b74e48ac9cb23c48f10b1159e0b0ec1c4b1be24f4249fa2d44cd094460918bd365fdd3d8ee9224c37025252857f32f59817a2e904d52365f301fcd9b0f80d4b5fef0ab0caa7ff766653892e2f45b0d684384b88b43b8a0411123107e3466a74c6f5fa38e7a499d1f0f2d99d8fcdd6ce0259353783c2cd4407286d32a281702887b7cc21d5eeac7472b6d05b4182756f4b62e50882fd1afa9e0c6407bb6f322661c470a4e5dc9b1abb16944a8f69a8b5fd25fb3b0fba6c0b572ae2a265daed4f82acba336b64a4d0d017930604c7fb841cd3c401824ff5aab75987ff51479fe1eaec6ccd87f8c342e27c4187a12a6b9ca14141a02f979348e3535ce87b5ed2500b033ae529f0d73483302115e9e6637f1c1376d5f4930db4f0305279958c33662b5987a8788d1162b2563e55d221d141b804820c6d2e0fc4c9bf6a7f6b957b4fc73285d22ca669b2d9354892695580a076f3d8e8f26cf14c7c9ed9d3e7d0f3d26bea8209d793c5c61f1dfe3df0aeaeb4c1777b62e9580789c303fca978767cba08ed46287da5ab1c1d313363a23785a80dc861b5714329b073d374269ef5cfe7dd6a3bd6502fd2008ac8ae243bc6c7c94d05f5041c972ea4209a25c14a9bb0e111212bd5356ed7ab20d5fba4f2b4466523ef215932d388c035ac61790504cfa7a52a3c8323a2e9dadfcd0769a982f0239dc73f90190e3c86d9e7b898c4072ab08ec617d07ca1b1297e9b6e31aa11da7ba2408c0e3fab54d733a0f6c6f9889e9e2f53f6a68e55cfdf1fa509ff2141d5e77f21fcbf9e0ce415991db20d150cab76ea225441cb8c8a1b2d68fb13405d9ffc6d767058658b38cec594027b527918bc256b7e92b42631706d2db467def692b8841a1f862e77469a12efb24437095be5049eb50a4c0ba43e9c25568218ab6c14c1abc64b0da10b9e2e0a0af45baf72e59708792c5d60c99003fd01a37c4fdc442028e2f001ea33e322bbd0817aa64b9ecf373eeca8b6792fa70a37b59f2159c33a5668afa802b2dec38e08ae2662ecde2ce000f747df57fb871607b2fb8a641b0a9a32bf804e9d87d743c4c2d8eba951e81e7c157cb418f7ad7e3247f26ccd27e679f1178ae8ad1854514dc41c97516d285c83f762e47c24fed6b6fb8ee51cbb61e36588f68400872897945b36b123b0c3dbef84b8514fd681daa5633770995cc82bc283d95ec56d7e8a41766222bdab0fa86baa593ccfbbfef6b9ec61b5f834cf9c416325b1db21a0cfa759f4126cbe021bc298133fda08f041458466084b03e9969b12284bc06dfe06a4b21783fb3347578df2e16753d4d3669c7459dc5fe9d96ff17b994ebd363eedd0f9746012383eb222ca93d7b052f110f9c120196b1d063a9a1834a0403c23a3a3a03c1bdb52a0807ed645431ec01006e1bad5ac1aea968ea5724a719fdbdf0b3c96b8cb624185466082ef525f18507568009990a4e667ed1288bcab583991c34f7cd3a35dee59025f36866293cdee5ff63088630c854c49b5b6dafbb4a1d1504fcc005e9cb1e5ae76993be05ed04430014dde36e4c177f37c0882e4e829ce4a73696a62312812d00c4f259a8843f8dcbbfb884c9e5feb8ba6ab45ae14036cf5bda37500441798c642cfc8f580ead6aacec89bc9f9dbd00edb50a507456326a25e5a81118f35264de866aea266fdd6f919f51fb78058a9c7bfe38e1a362978d5e1fefd629875455802b591cabf1a63f355afe00728a6524e384131da61c342a35530da8c0e6fabbb34d623d8eedc618a25bc4ba820acfe76cb8c8750e14cda1afb4d5a4891a1f31fbaf2d30401a3d8e0aea8e6850f926a7836727d133571d42106e2b6d53f641d96c9cb4f25cb0f33c988ee9e2d669834b1a207393941574bf70e1c93653129754d40fd9622f74bc7d9134b467469a74c185df6d7c968261418f2ea297798dcdff418e8bcabec8597f08265d6379a17a213f79727d2a2ec9536a0d892e9a9c6bc7f83198fc1d312da13f13c9881bba60afe5f4953c97cb9826b05f589cf7abda7cf8393a1f4ddc74dcc1595cb2a6e4750f8c1c1c5741fd578286f8c17cd528ff1156209205dd6351022c243a4e597581186cb28776cfc6fea1b4d49b24cc52ac214e65b711bd362048837bb49259fe80636cd5d21f446dcd3064c4d4036db67f47c69bce3eb25c4b3768f4529aa326b11f49b4441804a4081a9da131908cd3e449d32ca4a2d663682cdf2270c11e235aea7aefe6b8f61eea2e769b4fa79801718b397f74a5809516e3da1e3c8be5fd7b81abf8b6f360ec646f47fcc06a8b5feedbcab4d5936e1b8ab8c298c8ade6df0b9e28cd58414e57e48e76d66192415e31a014a7df9bba0914c9b77393b9f6ee60062265e053473a47319dff18b3543915471978b29a299c0e983b8d43c6e80f2b113d806788a1eac01b12580080c4271276d47f75c5db818b23423e7c8b62d4e1b97b0b7a73451332acdd64743e90d202e6456842e0857c31aa8d3e903bc18a529ad758b52c67efa1462d2c8dcc85ac635eead7c0f88e21dd5fcfb5bf4c09f852fa45fe7c72a149e9a95658cb7b22f87b314aa2d1ef0aaae33d759ca2a31bf1f8c8cee64a4bbf0a8e9e80eccb30a819de0e38dd2d75a6bc378c893b56d1b167e8dd4302f483b94d37c698afc3c5a6042f7730d829f70d9d7b6f5ad5651064b2067242f18609ea8c5d9a26ed051ba427b8773adcc0b5f141937d1c60b938fbc4aa4cc0883a74b12ec884ab80aae7cc8d423516fcc80fc803b8d86651675f4dc9fb9b2787f5481d8bde9dc6de25bc54b50e6da0c94b2651fb69c94270bb79213f4852ef47fca0f3a5d5f530cb6d1727cd9bd9ea130898a573b571bfa6ed90f9f082e8dadaa4daab1ea3e10ae6da88e69c074ad312770309dccc629f8adf33b1fbbbf07b062f02f5e6a3635790329474090aa91bd7045ad5f24c16cd91a624f1a411e7e4d119a0b6084b981210c16ef6c813462d85f70781df52121a347e242f297d4be40bfc71e273ed9b505d3fc38730aeae781240a7df0485a0baeb4966ec5724782c74f12d9c15b718108b65f1e348fbd99ee7945d6c53b93dbd96af243efe1233672194b7d4db6f0a186b0751396c4fe3cb352dbb09c712a2a2e70c8fe4480fee2eccef29fc2c73ffd426bcf2be3ca4c54ffd1a6364a744a0358e8b0b9c5f54363af90a997d3589e0a0a302fcd753df5df9cfe2b6a9076e8c69c485640687d4be3fcb6750d2eca55271d85a42ca0e389b608c75ce76bab6de6f4dadc39711ae44cb3b9a19edc9f7dfba9f0aa45ac371906ff0cc0b838009e5a2d41b956956c385b5964b496d079f297b42cf37f7f48a565026b19f1ce7b3d9d6a24b82f84962ea9fe2b25ff72326803ea70004d092876723a5048a92bfd2bd5110a948bcda2bf3adf584e1f1c9addbf886666c5f68896f1bfd64fbd880532cb5b22f81e3db10c9c0e9325367fbf1392988c7583e1d0d4b1095963a740b68f9456f3cb8b8224992e5c0b8e708408eab5165adb29413bf3fc757c4fcc6779bcdd5393720a5c5aee7b7d50604efc2426b8e3baa303354d78f12fbaefcda11b3a54059dcfdc0829f9fe6344394e5728c190d13ab51f149bdeabb08db2f538ac40ba4d837a70bc5a9602255d5925a54577dbc950a0178a67e4e0d1661eb145693394f75182be3a31660d76c91bfb0587639b00feb4362042fae98be2ef0bd22785fd068d2c92879dc6531f4015dbdbfc8bdc0b12b321f009436fc16e5bb3bc385c50a1edab2ff8c82026e52a7f97136232a4e83a51e51c68446cbb14f59d43de07b6c9faa5810704f6d40349d1a042418653d76212549f7223d4fb8f0b433ba0d0c6da8adf681bb68f1560c0679ae61a7b9568533c4e967d0c2a5266798ec8de048969bcc9909b88cebb4b88460127e90ac583b2b1a69a19f4dce4b337257a9ffff013d60e82f45873eb1a7b282d74a1ccc1048ab156a10666bd514ef4d5cf8142e0119a28f990037ebb7ab31d75cc689993261caf6e3af8af95d3cb9393a9ef58d0c48a0a660cddcb94718afdf219d3733dd5171f07fc2010f30b9233bc71fe5dffe3673f2cb37c26f79000e00dd6275e9372aaa9cd861153df2a6c37717749e380b6d74c244cd445f719730d38433a3406515c23576701cf2f33a5d2b7a7a1bc5fe6a190e74154c3adc17fbbd6073675bbd3cd6a24d9ac7a094f2d4ba02b7feee0889f91a6eabe2c1200217e8d7593b4cb46eac7d8809228b965a979939811ef8c900cdef9f155b7eb7290758619969d9cefd072b019327a7e819b45de065ab465f88bc0ef6796b5f36009e9b6d49e22888c8959e053c9197d347e2268e4044613b4d016338b4a34b2b8efbf88eeaa36694aecb37a35940fe437ca8f84ff7945fd2698170bb929642cf6341a9fb7c0983c9b679d4fa385defb5f6148af1d543788cb94f32731e62e844744e09ad5338f2f3a988653b88217d785430628aa16e1ac26fd2b66182c13893c7381dcc6ff25bcd156eed68c31c5276d3834429186cf2b57e40a5d98cd1f35e85fa0e83f1b4ccd5eaad7b12a4c3e5f80a07b8e0d9d238c49006ff1b29fff89595509179cb75bea033bc181a02e1dfd805bd53ac5c1f456a8f20ab0a0b0c91de3e5408cf5cab6c7c6e1f1fb6235b26300782dc964115d5787955179b510068dc8534b881f9cbe9bc80ad050619b7bb1827b5d1557b564fd135bf17596e2ee8a4dac1908835f99be66e11eaca087648729326e7866f333a026147d5ef2f44f5b7c7dcba76e0a4ec9afe84eb115bdf658d02d69852fb7c0bc12a9fa81a82770e976779ecd50da154c037cfba42d98938fc33c2aa01c2823a0c953922667374d828aa2c8c28143aa07b8c66b665ec7b1f754c0173bcc2fdfea46ebbcfba457c646a26b2a5e2614b4944276fc068da9b02ad82c1c22d69d1b20249dc78b3d5143ce5060be41b55c30a626e2cde603166f29e580d67051803802b14f600e55f62537708d842864f9c845a2cc4961c26fdffcc3b69cf83ea22a9d6957c9334035d383d2cc4e34ffd9dd3124f1ba2b263f1955bb04037707fe8d473b59a1cb1e8dad7bd30108c2b90c70abd7db347207cf9c5433b73fa11a62dc39bb45eb00026872e717aeb8881ef480237098c486917d72c0f6b24bd2022260375560d7b647cbb15662c9d44e2342404d457c8a4e4ab1a4b55798e072c196edca1c29b076ee625b5c6f82c5094a52817e8d8ccdc7ba771b754d0a27c84bd730d0afdfd2148fc2e4a83b6f6fdefc545c6b51d42b6071735315a7fb1a37a26d9d803945ae2decbc2e076fb8b6f16665cc45c8aaf1700d4538c91156995868970857a35248e602169f9bad776dad7f773d1969a", @typed={0x8, 0x21, @fd=r3}]}, 0x11c4}, {&(0x7f0000001a40)={0x1618, 0x16, 0x100, 0x70bd2c, 0x5, "", [@nested={0xb0, 0x56, [@generic="41ba02e63d88072fcdb51f93c7b3dd7a83bce94ad63199de29bd532c0ed80397444356bd13a931bbd414d35b4cb735f45681c997c5c17b8d2128996a80b3b24324a6b7ec0be284225c13941b37d33d1bfdf3bf3884f53a936e22121393be251709163d26b4554ab2ad6610e52e9749ece0b2c0c8e02a782faebc0cbf9c297e318b195c28a90e0c8ee80e7d2762bc4d594e48f86bd107f154c55c397e26cc99d46b87b01c7a9a0fd24e9dbb"]}, @nested={0x1070, 0x35, [@generic="5a95ac158a74ad7c37bda292aac12aeb12e0eb8a7bdc41de46bb4a329cd4f6173f5269bca540661cffd9a03064a53d867a725b3a79bef0c7df4789775692eab94170fcc4644c34cd5d4e2a00fa802d98cf90f6ae6933a4fadf381347d20666699cfe2fb31481e63ebc", @generic="0c86cf315e5e7446e4512cda146c67c72e7966ea3fae4e081731948ae4f9d8a67f676ad7109730d48b8bffdb63f27a95259fc07e981f3f0dfb6ff2f4034da8298487424273eedb8e9f0cd8d6f999111bbd6ae9500aa862ad8c9813a011347561a108ca1734047817d4e4ecab94a3efac3b822c1f65190a4d8b383dc8e8ea9e317d1c70a55ebaf9aa0853c97b4527db97a11ff81b5cabdabc83e01ec9b740893b335aaf8841277228bcfc2c024dd93a264f1ece34e90f023387aa27c4953db93af8e29bac35820871d4da72c09bb17d1b563d7d401ad4543a063c9e67c36ab69fddb3574644f088fc99b8d9c5e3c6e4b08a6a06a7cdf41f57d0d32d5ed15512ea3f45d7fd039e5df3b5c65b0d3909b817fd4ed9d2cc31fc9734feaeb1a15e5928fee571fb6e503e87000088d7cfc99d95c8b4c8ceef5ecffd86e7112a87a5ac7d7b6328c7ae66d45ea0c322d06f870992735ab8dc209cab2ebaade5db6e3ddc68d8d1141b0bdebd3608d950489568b63ff967c946a5562d128154979fefb94aa7984765b041c12c9e68c20b7ae3e6de5d690211ab38cddd0cbd9c11ef934e3e18be567543cd0912eaa1b17867b697f24903138427b8efe47fe75926ab34d8f3964ff92cdbc2d11e7f5be967741ee486b1a6c9e98c01fadf42f0faa60b9507382e38d0d88d13687110a309fbb29f69f8e7377e1cb1dbf10613714634108385588e71b4561888b97f9b3311b2731a1c88afbf365d174f6d5b03331be35ae7da3a1dbd3bd45344286c755624c58df82ad5b0bae89fb26b6a14a3d435cde525f9c99716f64d975fe60c38302be1f0639aec7f83e2ccc5c6dd19e9e08701df862c921518428b173a94e29080e788f947d5040ae13fbb54ca5ae7d5689c6334426d0e36a6643edaded52ab99d802ffa926a4e6f4658c5fecf81ce280e5bb70fc78b0f62e4ac448499145c7c1995730b88a469fb83a7a680eb30b79e83b5528a9c2bf99452cd2bb92c3107b863d405ba4e24842e197b1891f4cc1fa9b798b14f5fbc1503ce166e4846faa5e895ba76ec33709ed94e30eb3539ee25f4f1c1d3b3f229a42b41e7075dd84d19c30f9d4881eabeaca7ad40e83f288aed07465ad647b0d35680915ae2929958de2fdda6dc7f0c64f6905a3b7bef28996372b1f48c88f8afc9b263112ee4a3f467ad5badfbb1ac09aa53021d9e1a8c7f3ddc0c5d8ab34676852cc45adfd06324d1cfb03b943be93f448f63f2155848372c178e2e982957a1fe03ef523a2aa408e2e8d5f07433fddf03d7eb6e332e38add2b0a0aeabb7a03fe7c9d36e1f7464a4df6feb312b2697d11d82bc9d8864214443172afe71e249640c42cc98c3b25fa967c078d3fde7f2536af2fb1c13d00f5a43880cfa73f57499cb1d767f2c5a53206b876cc31395353d1a7e05dfc2a71624076384a6aa093a71895c2fc473b93f4bd9c7a66a28894ae572a73ec60fbf4dbccc011c36497d5add54fba0da1bab11460a48f0aecff42b3685fc497ae7e38d799acf2a84b1718644932e6133c98f5899aa067bada72bf2f09601317fc20ad5a907d9f48fbe7f3704981c08583626d40c1b71eebed1a4cfce25446222722e3dbf2705eb94967b15235c01ca38465981b4ac823c54bc91542c51b8ec8f05a695b9abb61da3d6992cc67719cd3806921445e603db819f0e518dbe6baba033e6517d8ec0f6ec10b15329e736c548b5c2f904d5c3feb2f7b9b84e6fed8188ec8d0d467ed05ddb074054008910563af6f2a63913e1093cf5055fc20812753c7dfcdb224979e323d2db21459ffe2a49645bbc72a020f9f8b232ada46c0c04d6445feaf6ea5c7cf8f4c4b44479c5756a803cf155752fd521f098a1df0c6e77b86c107830f0c1e1a2fd2fb0403a5313b8c32ede32612f8aa070e5e2251ee15e4c68027d7d8e9cc74e609a55961bd8e938dd9b58ef6c17773d11a93de3ac455cf0975eb1c11362ccc4058278264eb69f45b40c861cee04abc813a3e00bb3b73d46276ef3e4265e77c8ddb4411edfb5ca1b73a89afd670664185583a3d61a79366b5392125222f2606534e584d6b983c68a70970a234d3efc8b27f9f097b94b29daa1fdfa251b63f297dc4f5ab6515f40bbb29096ef2f54c1d10e041f58d7747e8a682e9f79eab38fb5f39544478cdc8095b0e1a0bb9134aa0f4a69ac3fc85c9cb2ae86a0ff89cb1e6adafb97bae639a4c889a30951b6622f7adfe6171f3775e1893a8f9634de812a491765316cfc82eea312bf30e3b85c84f537336ccabf4033d560d952e595e5d634a9ab566c824ea6d206a74e56453406f0d8ab7fc73e5a9ff8f72b5824f1894dc0ba6c8792df4d20789ca9a5bb0a03109cb831b9fe2298318728428521ec18895d3a9ae7733a14ea06d67f079deaa20c1ef4cfa4d81f10348d254952a1d65c9623978c883bf322d26c92279e2ec310b1320a04b3aa1b1ca538b9ae56312838d392073d1c4d9984836f3423b2a7a758b7ae29307bac6e3dee4561484a41a64cf7976a3bcb9771a5ac841c7d74867cc6352fc4452202b2387cb47b025f2e7b8820bbc09e9393758da55275a78a75c3887e1623924907a767c1915596ea8721133e36ba34e6a12f8eafd77be1c9a915e8be1f4e76273a7e71be6b9feee1795d9b7f57d059790cc9ea8a98301c4cf3068ede8866574fc3798725eb32f19e38b2c12dfab58deff98cb3c41f34e880ce54c6ab3e585c4b930056068c8814d9957deba60ecb6972f3523651f4b60774e65076b9f9421cbf06559861520953fd9639b2f16cb84965c0b0084812287d38bfb84e99a8ccd57034814f136acb43e9b19090d5b7b4832a0260bb615a443fcb4536d400e635e748d004d6cbabdd2707d9051e2094626a4e5b61385961eefb45b1480a654c1b0d12e611a81000172fcf9679dd2c6915491cdc8579c3ed4c8525ac6d781448b4b1354cde9f68474f70cca6d8b51f5a657e489b66e8237421eb8619dce2e44c3bda8cbd15ae1818061a5ab45ca59db2b593beb416ff066e4d40a973ae08aacac07d984169669d381ed01bd6be25f9b884fe1136fd1e4fae8f3b42549ae13c0de0cdac266f6e3cfeafca1d5e507f10c2a389c84816eef9194bb9f892f101e1dd4238343234850bb1ce08ed0acc27aa63a499894255fb6b68fa57aa43ca40a2c9183811a31a5001403d81a22948060e541453674f82a1c8af1371fff3b5a02c8ee86d814d9b9142899cc961b75dbf313b811d5b82e4eedca12be5c5f27c123d146407426e6b96c57eaa409d1c0ddf2efdd9a3490508e315a328b55d93a72a0f366ec8f337f82bb17c9ca2b64de5400a1b85d0feced0620e9c6a021774fe9063498be12bb7d9542d84bc6c2d2d66d47a4f880672fe62c23335957aa1d77a91d461f7d89671ec93b48170ad6e25fbcfc36b6853110ece0fb813e0a945de5e3c3c1d4acd05b99ebfafa44579c36468d918f641c76edcb51e45b7e0797332460e9f5e39cbc347bad55a99072c33562e7159b136bb44fe1cbe1e3ccd1afcf399aab011baf45c02c97ae79e59988f5c04f83a575707329e57de6f3629be4ff7f0f44467b05fe767a5882e51c3ed067cdf5baff7f75b61d383ec86f89110b0b12d17b874584124b01b4641e5f4297bffa46d7ef65ec9c7f377b4a9eefce3ff566aa787fbd249d7cb551c4ee1e71167ed237ce2c4ba98cb53f35985f5bc67e8ec22e6274002cea103a49b0debc472dc1d931f25c6b3da3c8cf032b61b80021e7638cb21955d9aec83a773c34a6465101ab5a6fbeaab14b41ceab08100069659dc9d1017781d9ea0f0ad37560883ad501e947e97a19b93686ba2c133d190cc939f474c2653d1ce84848bcd364cd23b2dd0d8e4c154f2f77fda46c043a7d9b1a0e15ed93b1a2ecffcae64b9f73d0de9f1ba1892633510cc2a5a20182876d99ced2a3e41051b24042ea10c93dd1f00461ca07600b6e8f178a8fd569fa1790bbc80f87ec039f12f2c8d95598e9e55017e1b7dd9d87a5d0de18379ac87af3c3c9e6c463f4637962f6f6de14379f5e7709e0d485c79fb9b4e39995a6d1ecb6152e6041c8e4f0aca313be567e535e321bf1d1e46ab5321a85e5e5186f1813d39d18a65582fd13489cdf549a823b6b0615c1d1e2b5566c8fa38a6a0f567bd17eb00c2f8b845c5dd69b29e4bad479c2c1da3bde43f1ca82b9d491c6c7052bbd4c10b9a214faff8c72383c64a42c0cf45f03dbef9f973c29cae5a43cce746be02ccc67413a762ad46b82d88696c6efb42b45448d69bb12244a46e3fddcbbd1dcdd7e752c84ff754afad021586c819cfbd6def9d015503573846e292e0e3c0524bbd98747963ae155fefb3b5c062d2b139a9a63f12ae69d77270ac742aaa5477ca6c70fd71b4278aea34516ae34df3932508d5ccfb713e7a9e8f9e610ec4bfb3af1ea5c095fd3ca1e0abfb36a13ee29b6f8f4f5963e4783d470226930f68536c2e74326fcf4c5d64c779ea830f6dcc336731624c890ac6aec7925394e8c05dcda5ac445c7388d3dc619b441072f511b59efefc67af1c34278997027ef23f06cc92e9848ba9062544e92e6bea1f110c60a79834e7b7b56ed4be7afdbf533a7476ebc5f25b3431c59558f94947c6745b0a086631d78ec84e5d97f1cde1a4541ceffb494bae2474acc89a62420e2f8a021425508437715cce8ff64b406b81288a4ca04e39833d49a229aa091567166cb0f79e1ef9c5455247706a52e7338f06221659125a46217087a5f1a13fa8228e644cb5d75561b88a478abffa017cc403651c09ffa5c2f63ab24395c293cd031a589dd2b065c1600bfef389d224a334f8de84157a4bcf51e1a5b12f762eb32869f7f2c130f24deda925d7c1d55a6efcbbf47c70a3d0ce92c851fd45f602c1762c3a52b4154b52a4cf01ce78b0d4dd6bdf14dd17f0e501843e6c3ff2bbd3e8e5d775e9ee5107a3d1555a46ed488cbd701193499978229a3fe686a25e8c70476877f025d847e310878a988d8f91a0e93c2e3172f509282a8fd48d2cc74a8f188fecf0490c9e062fed411cd766e37eaf7f8245d6d530eba687205495b279118bad42f8d03ddd0c337cb10b3fd8054ce24e5d2ab3c364920c6da7ff8d2997da51a0fd0165cbae5b31e2d293cc4a5fe01c73dfab31239c2a1eb0b0def738c2108745ddd3238af99da618fa91ea8a775574b0c36da45b6b24df250f205ee33c87e40507a9172ebbba5d7dbbb91722dbeb585e7de1c25e312e630214330f0c133f3ebbf04f1a854570cc3fd143ef8ce358108636dfe97159d6e050e171e27a73e6761c4d7b836c664948e5fc7cb342184ee3503944a35e20c1d6ef2fba21bfd7cb9b2a3d45fa7bfcc4aca405954d35b1205908c64495d11da456995a67fa29d3a212df4ee3cf71f170d846c4fb17c4cac9815795b98233912ab03513850506d2ce9ec08ce3ec6f0a17a25bf5f51310b03965c622b9e3962f38416541466438214c1356aa67331af53c21d4bc05977ff6797fa5bdedfdae165d80a58e9a2d2e8c6e10a675f3d182a8d49c7a7e40d542792e92afcf2a7371c37cdaefbb243bf4a0df6be061bb0bc2543169316d7f8ab0cb7017eb281e022a8902dbce0561aab861830de7c2c9969ab493e7ed499ff3090d8f0441210c591a2a086706f114d8b120b05b2bdfd3b299d61b37ec4ed4fab49e171b6ffad290feb7369b298aaeab2a70cc774c482b06d4506dae7f14067bf71a45c7571fb9b59e4cca5774f503da44377397864218f8ab1d6f48269b29dfaafeb10df2f32bfb"]}, @generic="f517b204edd298b2ae59cd7fa7d33a34fc068f59724e928f3eaf54d57c6491a45789e298539f81f8a2dcb647912b7940c0ccfdcfd5f5d80b8942881d5d3c421fccf562e9cde10e0e086c9506f99cb5454ac1c2660111ad3bed93ec4cc9016d4f5bbdcf14f24e5404dbd4a79f67517df7f98bfbfbfc4041822ec90a147e7054609f1131faa8228b1c1015ed8ee9b186bae4ad61d1ab0a997ef7ed92f3ed32c5d24397cc41d7b51a95d4e115449652b7d1216197dc9f500694611f98832e1dbeb540460dadb7373c821c221812014cb815b356e2a2d18715c92af42d0b893802b46fc3b324128f365800b8a7393efa0e180928b8", @nested={0x260, 0x4a, [@typed={0x8, 0x7, @u32=0xc9a9}, @typed={0x14, 0x45, @ipv6=@mcast1}, @generic="03e89e70dec79510242bc0b11949192eb97cf54e5178293e485c1e2fcd04c0db0068204c18aecfcfda1a33f7f8a997ebebd726578e4ead1b6590f079ad97ab90669e2517398bc6667b5e47c86cd3df4bfc7976d9bbd3190fab50b2e224a388b9cafd8d8b35978abf5c3ad15f331e8d55d9d8313e2e73ac75345b16", @generic="9b0bc2cd02ea3d000e065f73488fff3779a9256de064759506614cc2d7a18351e3ac44a30c88b55acf91c1dd85d3d03f2f7274c3daa345824f28e6adc6985d82a7536d45401b3d8a4e93e3b8b78d5a330a22b1edbdc3a53dcbe9a2b962a62d201e3b9a22c500546902751ffb3d9096b06ef873d8a018c5606db9ea0dfe9132416aace3c82efe765097a5c863a14091b7d398c84b13a4452e35449039313c", @generic="e186d835aaec9e4381b33e60f97404785761428119f8361d18f6754313a2f65aa4dddf032118e442a2331894de4c454959ea341dcceb73c0c36c0bb8b916ff621efb504ff23e4d7870998de80581a69b2b9581451eb7aed84a8b5a0aa7550c2a169761f58e7b7193786b9744e4aa89ada37757d4fc86f24659c721d949a0ac73663d12b9aa65e3e5611f1cd6caf0d8", @typed={0x14, 0x80, @ipv6=@local}, @generic="1411c25e3c7fd759149ae3ee3917a86fbae99fb8695ad329ccc344324145896398f3b1021043e0aaf66a100f816ffb3a5b48b5f21caf665b530b3a24d6b6d8dde19d44d0180c5bcf368315ae00f7bbb5c96fc387cefcdb2f4a2e654bfcaa0672c7a681fd8cf6569ddd47e3a507445d44cbdf8c90992d1274a4fbb74daa6b23f0b711"]}, @nested={0x194, 0x58, [@generic="8df3e767336b27004b569c8222831a95c77edbe56ec14d4289a4fc948184e4ee2dbcd1032f2e1c9af09fa16b688bc0cdb8bdb60a41819c93b6ce5ecc867eb264bf52", @typed={0xc, 0x8d, @u64=0x5ae}, @typed={0x14, 0x52, @ipv6=@mcast1}, @typed={0x4, 0x26}, @typed={0x14, 0x22, @ipv6=@initdev={0xfe, 0x88, [], 0x1, 0x0}}, @typed={0x14, 0x94, @ipv6=@empty}, @typed={0x8, 0x3b, @pid=r7}, @typed={0x8, 0x61, @u32=0x6}, @generic="8886f2db0f225a82379dd03f5c2ddc5acf6bc57fbca6d5c67bb2d92608d9fdc380d1869eb925c4b7b3d47ef31e9ff7e10fa2617966d09bb3c5d2112a2b166cc410841d78b3db53a384c69d1afec79febf2b230eb6f90a69c5cb8686110060f2a601eb3eb00a4055779c7cae37c9be8b9935612cfdcbfdf30fa68c2ab2c3b8507e18103374bd6c0d064", @generic="570ade833a07e1718543752c178a4a444a7067ab0195cccd6c98f0cd6d0ae40eacd857263630bfa554bc259c985761724249c7a33521e2db73087fdd096c6622a30b4e7a86288b370e2fe5ea79c09ec95d27954824c5d2e7b097e0fecf24c9990b62c01c8620e225b4"]}]}, 0x1618}, {&(0x7f0000000380)={0x18, 0x30, 0x100, 0x70bd2a, 0x25dfdbfd, "", [@typed={0x8, 0x66, @uid=r9}]}, 0x18}, {&(0x7f0000003080)={0x1368, 0x3f, 0x400, 0x70bd2d, 0x25dfdbfb, "", [@nested={0x1174, 0x3b, [@generic, @typed={0x8, 0x2, @u32=0x5}, @generic="314356b085ebf5063933296bfef72992fc4963c5486d8c6b575d73e7d744e62286d3e83cf007e683a0bab162926dc76dbd79d74fa31a51aadc0b5264b7171af179286811577121652c50729fc5bf1e457d335594bb4d37248a34026d9344d6fa968f6d129b6f0770455d698114147db49c63927915d84cf5292298046d48a0a49a5172e2f84fa3a2ef33c99b0cdea09859cb11204c11dd4e77014b726d6276b9ae3a090b3990a02fe1de97e6174dec6ee820efd2bb58bb7951eaf3c67e46cd9b24901517cbdbf80ab2d65be3cd33c0c2addf529c03563ee97e8c35d631a3c97846243ad129e7a59f7706", @generic="d128668dab7ce16b0a32d21870eae71cb159a877b8a00ebbba79247dd2deb6ef170779ada9217215d78784bd3a40c30832152782a6d545624d9e8a182084f2f861d33dc2bdcaa3342fd57495693c785c461df50d4e05868c9db6db252cf622e3ca65ebf2d5f2f48172f1e4ad4cd94686ed18581c0d3e310d128d4eddc6f8da2dc83fed7407aeb54eecb240394a95e7c174ca55d82b0a9395ceea84aa9004f42f2418c405831b56ec0693ff6872ade1ac12e7972bd35325acd9e81cd3678c85c9a1d6bbc507eeee7400d3f1a83a9d8d349175c826e69c4f3b80338e2806a638acefd2169fcb7bf541ff00e31c57eef9f7536f29de3dd51c533079044e586f5affbf97a128e717675d011e5f5f37cc2cafdb70e4a2808887117a5b39b978fd368f2b1db14a8764d1ecdb0336aff0a968faafecbe8ba7117a3add4e9761314367d65bbc6189a1b4a2221af55a09492c90e3ccc5d3f7a013714ed28dbf4f35dae3188d63562160782546c756f60957bbd33d16b5972e488577e076792b18d6b8d73eb07f15a17fd3879f997de4ab50add01e13ebc5c05d439ebd356f53faebac275489e188cfb07badaee679c78ffcf4bb0b4a1592ed6e9573c70e6cc050da1172a1cb5765cb81670e72e3fd7250d5d520caa09b6d4a3319895e7c70194e12bcb1a2b146122bb860b22887765db1c00a13814c946c6711ad7345e5a1ef16e6f3fbd897ebc8f4f05e222e307ef00599cbdcbd767846dc32f251f7fd30003ef71de47a9c4a5805915243e0cdf4ad24ac3e7b7d5cc742425f9e2face4e6b60c0bd4769bba72999dde4315d178c7cc249708750b9fd40385c473de8ac8b96c605ee6aa610b32527f73827e7b81a5a52f391cf7957135db0fc16e33dfbfebd4c8e70eabea448f634050bb9a4e67fb36655899c10a54d702bc77c535d53d2396053043a631f250ae838b0078ce93a905bd3763096e717eefd7d437074b64c29ff3861fd78571350867df6216e6b9f2190d29209760ba2373730ab374210031db3949af03e90a8d1075f9e9687511bcaa63e3f97d256c071f3d354bf680130b20edb5b43a3899119af083689a7ad8e40a62c4c79f0dbf2f179c47150afb174c5158911f957d93313e4dca206651cbefd93adb845176f064703fa2e18dc4145b1cb3cae5ea6b4f72660ebd55df2fadc8020dfb04cbca0be351d773fa97454a7c152593f10834a241fcea9d2bd0dfa82719a32d8a9686d2f0d5d307fb93f8d7ba5f1d2c70ab22b323806273935b0fe2f69bc57250085bd7021b0a52cbf6789dff5c68a9bf701dc6b561a4711ae850ca982ce032c02672f7c6484f96fd4e4b5b53f83a971b7c97d2c89f4f4ff97dcfa25acbf6af595cee3b096451ed57438d5fe50aefc6015f47e0cfc5f24691520d9fe5dd2ce719ce16d4d04e6db997a69de564b795100b4d0607f5d6cfb9e3f9dcfada9b1de270c0854d2bfe0885f72fa8e69934e47437696a6425fb99035687edf9899d272db1e93519017b7166537ee3c2e43eebf68d2602bc028f299f540a153b710ddcbede663700bbda77bc319ac4d19ddee900f7dc63b5d4d841359629c7c43b81aff070ae7eade81d2edcee23ce10a86511c0110432d12af567264bdb61ec84de0b5ca8ed08e9f566df00a34040f59902a699e9ebc3cd71a0f94d689c6e406a23f4711ecb10f1c93b25174fa4b00a37f88ac7dd2131a44945bbd11579d0f1018232568fb1eeccadd761be83d93dbb7623b3045a44a17e9e4ab40c88a5aa88964a6389880bb31fe38c3db77c66903135eb0e6f8d4bc0678354d96e31663947ea21eff91a7abf84f6ccaa06c02e5e9f99ce213cbaf632ba5693de6a9bdee99bffa75e040b97238ed898054d7877881fd5c3e6d7309af4c22976755bcfc98f9f6d4722e474b39309dc40c47595d51d215b5ec291f91600489aac5edf56ab73a9dbffa3b19f049c93cd7020563f914014169313ce85ed42afec35e84e4340eebee9e241951288f49642699849b410efbc0838a9f147143d7a4f042334e0d3ed08f8a6feab65b3f7a71f4814f4e5ade6eb558fb7e679536d51edb3d850e82f4dd724db26155d64f4227a1d4db7650d508a501fafa202b164124c104af41a92bc33563b95030db51ba399a89c7f030142a9e5fff423f9a5d2688087fd579fcd31295e151dce96ff4287b0d2ead6bd7cc18c4025b90a75b14c8824451ca48490d0b86b8f7d7b99a8313b1fa78135ae293ecea6ef6e5f635378f354cade96a086166efd01aa00a6476fc411972f0c016caff45703582d327aba88e0acf9a76f72cff8bc794032527e642b47a231560fff910cddbf73da1a0a69c18e667377de2d8bcab23dc0c4b8bb06442b5e9c3bcd2603d2fcd5d9cebc1444f7256c08ec53c94b60c9e4f688577e14f855c7c054cea5a48ae7e1a6f587c969cb7f607eaa1eac71216d05802795f801566f1b8fc774b740f53d359c381990361e18e1439892c6f9d5695c7b58900a9a5a782c11ee345a885536fdd57eefd0838d4493f6041b7141adcdd97112ee0a979ca3a59e4dfc50d86821e9ddfbf0c8a48ccc6ca3004f8d6ec30f727c48bb647ef95f86049f7dc14b46dc1e94d8bf3a27d086d3b409db58b1d4190978f66b17735b7f91825bfd30b74c590b71374b67aff218ea0561723bb49a1646fc72a8f2ffb0558bb3bad5ce1169c6deb6fa298439babf250dcd34f99a91b43cc47f723d98415993b3ecee674d608d9915f15fac7e30baa0b96b055dc6701a1eba4d824f1e2137eae29ec271eaa6bf8c76ef9f57c6aea4b4a717ff424e808a8a9246fa245c363ba0b7be3c5ec187b580d40615d8a8ed8b576ad307627529d87ecbaec00e277888b02af7a98183020d134dc26ccd85e95e9b61f1c1226380fb34a83a31e677a2d65888dbb2025d973c85c0eb665c5c844f7cf6877c4927fc4348fe3a5fe4ea1ea91923090da018bee2bf157efa2076cb09aa7a1e3239f5a2827122a18edbdec0792353b70a1e0297d40d2d729c3d80f3e27ce922282e59156277da07378eee5fc503c1c3de34c8f4bfd0517224f47a24f6712f374aa5867df844594fa35ac05861405bbbf672c84180229b28d3ea30ed0c382a537205d54a623899bb39ce718fc8eaadbbd8b4511d74724cedc83cd8ffcd319251109169a72000bfc86e03830d50d60ab716914f2c40fd65ac5163e5eb9daf1795ecc72874c576458cc11c1cd34b289337f90a3571ffb24d87c305054de5919d7ec1f4e24de6049ba54181c6dbb11ff0309766ac4a62a22a30039ab2f7025402a6882424ca9cbdad55e367b2cca0df436a3ebc3e6532df8018cb95030200edb2b5cf0776821a5e18a689947aeef81b99af78ba8f2b9f57f01272116822546f286f294bcbcf7045201b7c33d9249981c9e57200977bfe3f72cacfdb1abacb680311504cf7d8663b190dd6a2eedaaafb11adf995ec639b8d1c188aca2b472c15493613a847e14bf81906404646af7e8e9327842a522e56d370e422e8c1897ace4c20f68c4e686470e5f4dfc8ed2d8a80eb681f22fa3085d6fae84da7be42335da33fb0b1220368057dd7eae9a53f7f509b06fc3927b60dda67a4393f4cd77405939995bf7b4f90b900cfd7e1263d37c72f5fefac9ba1d95cf43afd072f6b8f5836f072e6e636d5f4e9245560d1ed97ba133e044aacd94b70c3c22d8b553e230ab24acdb4e617e4fe8e4026f20e8bb32be45b3753098495672185740e7ed98a590c5ad1dc3b8a60489221f8eab43e7adc4bda7286e2075531308778d8b729a08f09462e9afddac3fd7ad1aeb9f9c4d4ee7110b2690ada987cba132d4d6ef785251944e7ee376fd4be2faaf4688ba46a7fcd5454153f1cef786bb544c03a282c68b0bc56de3fb4a630daa7721048868c3b912a55bf800e38b5e309e85aece39fb9b7360ea69ff374df269e430eff20838e189ab278f2a226042e50c21bd7b178a9a40e0bd28489efa696a173aace15c222c06c4de7ddefc2dca7c80cafe0f46eca1940f15953bba19925623e80157f429a0f4c82c11327343ba13a883a4b6e9caf4fff052dbe714f90fd84de495fa166b742ac550225e6c9318551452c3ff31c50a9a64f19a0ef88310d62063ae92ff87b89a4c07e269d2d8b7995bcabe2b6937c82d3fe96517fc5028614ef2aa55809e3fa47036dff30ba44154566b1bcf9b186a4411728eb2538b02243a8a73c66121ed492ff761ad7c6c5d0a2bc5c8adf1492eef6a01fe5b0621094e8e81de4d3aaf64d23bded5a3ef318faaa828dcb14ef904de2774c98e74a52c2baacd63597deb067b1ccfa0a3b8190f8b0686e552b35ccc42b42fa5a3d9b3f0a6e9708cb56400bd129385d01da5d5f8bb88a353448e30e42b7f89c4f4160a8d18791f9dc6b745a323962ec89d9929c817209fcc349dde5dac0fda4c57c2cb2128c242e7acabf38b54c382de4cb4cb73537c42b20d4a6fa50d76cd152b69fc9015c326b6977bb4cb09952ebbb7a4c7d6c0a6a35a679882e6bfc8aa7b5fc9216b0cef58d987a71a6bb871dab709def88c4b3a04469c862bc2ec8fbe984e32e48843b38753d6f2596e2dc9420ad818c593597522681c6c01f78a66e3a017b2058e6c98c709b04bc5f6c607c82273ae192970cc1a0478463b33c7bbdbac81e3b6ee9a9647b519f0361a1ff4b822630640465ef071bcebabcf8f54e9f0469dff9b13bec18f313bfab0221194182164ab507f54e2ed131f7bef1c827087712a70b3806fec8d2bbc1847539977779aa88f744b2bae17ddd7b252c9140e002e0fdb8b83ac481091c46d7f5808c39f047eb805a02d5a7fbe0f2736446c11ebdb7d372e258a9e29240e2f667669ebe49c1149347920e0c135fd841d48ca2f2a5a65d1372dfaa8a80b5e813987bedbd9eceea373451380941fc3529c0a6c1b4dc1dc02eed0da3fdffe6cf80a56884ca21cf4d15b499c96777685ac0ce3c32f5351036b299bb3cd13c5679424ac4392595d82f0699eea3746e272f813e326bf7ce02ec3d67a7873766f850685dfb3fe9bceb826250b4505b20750226a7a2b82837a75ee187480e974381e1d8918af4c5badb30a4c953f749a2d3275199f9c1382732785a4aefdd6c13a4dbed0b14851462b606bf06e2888b94e7aa51d257b0e40f61f4dab9fe5e911614bc2c8cdd5d3bea3d628eb068a333d63552139c21c386932de32b8bc99add725120fe448d7e1f20971432fd9be2de16db24f1391f5f3a0e8b22bd64ce2307e87ed433730eef8e7b7e38f994e4e9a74ec992cded587892831afa9c4ac07567830bbb6dde0ddeee99a769776324d1ce1ed48dcad17dd4551dd86f171611cc35d1ef24a670688e1db1af5db31ea4257177b5dfa7ae464fe0db916a46b667e4310ce998d63cc65016676bf175021b47cba02f5b0c9626f7296da019cbe78cecc5998f9a98098337d9d5b834b8171e9a34180a42015138f92fc635fb898b92e067e5a78f86befa75446062140bf256b07eb397078f2a87d140dc81f174a9af4604dd33ea0bf2d1a2320b40c5f840a9067a5fd1d1b421db7d61a4c93613c99d80974795e05535b663459ddee3ea20daf76b0f6a0f11c66c95f631c7a24d38fc64b599d760992ad096d9e49682666f1eb0a1e564a401c4b3eef16f7937f0345966f3c494a1884e7a9269da6f9a559f20687147767f1fb49f2c9ba66c1a4cd00d07640f01caf4306f3b1e17326bb6a9241de095aa30f933125a33c40fc2cf93c82ea5275fc977239b04edaec5c99e97ef71252d42", @generic="fe7a2c332799df82a51946b270af00741af018f9bab5cd65b1f4642ef34f69d53b796cea0b6ace7353efd78b924c8cc58a5d8e07f63c95782e074f8f1428ceb929f144464d9f7cb27a8e167603ff658a69708e2b5fe34228f90b667ae05a91aeabfad9da69214c414e414afc41a9623f15a0373dd56d0066c1e7236a"]}, @typed={0x8, 0x73, @ipv4=@remote}, @nested={0x1cc, 0x26, [@typed={0x8, 0x26, @uid=r10}, @typed={0x8, 0xe, @u32=0x9}, @typed={0x8, 0x65, @ipv4=@remote}, @typed={0x8, 0x88, @uid=r15}, @typed={0x8, 0x3c, @u32=0x7}, @typed={0x8, 0x47, @fd=r4}, @generic="589386a8d33ccd88e98dac4fd32604c96156793798062d8aab6838f5f8205753132553a5a3423ff8807dc7dcc16809a60923ca636fe71d0c2d312e216b9bd82f75571be30160e81bfbc8e71498fb8b1eaa5485f933b987b8f8bcb52700ee94f77997939fc8f8a45b2d7d5ff8068ddc6707f66e273af8c34297de8eaa578991830c50e873f0e94df19b17b3", @generic="79418baf2935e4183c3b0c3e0efe1e2c5a6311fb68c2b6b93cbe516c5e9114fed76a9ed8a375b017a6cc0a9ac9b9245897aa7e9e6f8461f54d05af990ad06d27bf20f7ebf1cbbabfbd83e90fc59e9b0edadc273ed82cab310c998a5198b1e65b808e7229315bb8ae823522e7fabcd42273172ce3d21fb7d6af1c93d98b820070a8c1ee34a9f98f0ac73b504024c685f72f3bf4eb6b04bf7bc2b5e726a61a2be49ca3e7a1fb27e425d7c98078588834b94b2910a63673b33f29b12bcbeb794c73136daf80f3348e309b6e53a06b865cafdb52ab13180673dac8a9ec1fbeab3c30156b15e54e860220a1952c091a47da86fed7c8509de68d27835c00b21001", @typed={0xc, 0x4d, @u64=0x6}]}, @typed={0x10, 0x5d, @str='/dev/dsp#\x00'}]}, 0x1368}], 0x4}, 0x60048c0) socket$inet6_sctp(0xa, 0x5, 0x84) 14:24:13 executing program 3: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open$dir(&(0x7f0000000000)='./bus\x00', 0x100, 0x80) readlinkat(r1, &(0x7f0000000140)='./file0\x00', &(0x7f0000001800)=""/4096, 0x1000) r2 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r2, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r2, &(0x7f00000007c0)=[{&(0x7f0000000800)=""/4096, 0x1000}], 0x1) [ 498.772416][T11562] usb 6-1: string descriptor 0 read error: -71 [ 498.790463][ T32] audit: type=1804 audit(1571495053.835:159): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/163/file0/bus" dev="ramfs" ino=43553 res=1 [ 498.812608][ T32] audit: type=1804 audit(1571495053.835:160): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/163/file0/bus" dev="ramfs" ino=43553 res=1 [ 498.822059][T11526] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 498.834383][ T32] audit: type=1804 audit(1571495053.865:161): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/163/file0/file0/bus" dev="ramfs" ino=43557 res=1 [ 498.864269][ T32] audit: type=1804 audit(1571495053.895:162): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/163/file0/file0/bus" dev="ramfs" ino=43557 res=1 [ 498.888559][T11562] uclogic 0003:5543:3031.000C: failed retrieving string descriptor #200: -71 [ 498.901037][T11562] uclogic 0003:5543:3031.000C: failed retrieving pen parameters: -71 [ 498.909408][T11562] uclogic 0003:5543:3031.000C: failed probing pen v2 parameters: -71 14:24:14 executing program 0: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0xb8201, 0x0) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000040)=0x54b) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@newlink={0x38, 0x10, 0xf0b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, @gre={{0x8, 0x1, 'gre\x00'}, {0xc, 0x2, [@IFLA_GRE_LOCAL={0x8, 0xe, @rand_addr=0x4000000}]}}}]}, 0x38}}, 0x0) 14:24:14 executing program 3: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000100)='./bus\x00', 0x0) r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0) lsetxattr$security_smack_entry(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='security.SMACK64EXEC\x00', &(0x7f0000000140)='ramfs\x00', 0x6, 0x2) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0xfffffff8}], 0x3b6) [ 498.917850][T11562] uclogic 0003:5543:3031.000C: failed probing parameters: -71 [ 498.925592][T11562] uclogic: probe of 0003:5543:3031.000C failed with error -71 [ 499.044956][T14437] netlink: 'syz-executor.0': attribute type 14 has an invalid length. [ 499.059354][T11562] usb 6-1: USB disconnect, device number 14 [ 499.249307][ T32] audit: type=1804 audit(1571495054.155:163): pid=14441 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/164/file0/bus" dev="ramfs" ino=43580 res=1 [ 499.273839][ T32] audit: type=1804 audit(1571495054.195:164): pid=14443 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/newroot/164/file0/file0/bus" dev="ramfs" ino=42818 res=1 [ 499.282388][T11526] usb 5-1: config 0 has an invalid interface number: 213 but max is 0 [ 499.304695][T11526] usb 5-1: config 0 has no interface number 0 [ 499.310916][T11526] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=bb.05 [ 499.320145][T11526] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.439630][T11526] usb 5-1: config 0 descriptor?? [ 499.518252][T11526] comedi comedi0: Wrong number of endpoints [ 499.524384][T11526] dt9812 5-1:0.213: driver 'dt9812' failed to auto-configure device. [ 499.699368][T11495] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 499.738568][T11526] usb 5-1: USB disconnect, device number 22 [ 499.951993][T11495] usb 6-1: Using ep0 maxpacket: 8 [ 500.082148][T11495] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 500.093254][T11495] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 500.106275][T11495] usb 6-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00 [ 500.115482][T11495] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 500.162662][T11495] usb 6-1: config 0 descriptor?? 14:24:15 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r0, 0x89fb, &(0x7f00000000c0)={'sit0\x00', @ifru_addrs=@in={0x2, 0x4e20}}) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="11dc86055e0bceec7be070") clone(0xa0980000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$can_bcm(0x1d, 0x2, 0x2) 14:24:15 executing program 1: pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r3, 0x1000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071") sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000003300193f00000000000000ff03"], 0x1}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[], 0x4240a2a0) splice(r0, 0x0, r2, 0x0, 0x10003, 0x0) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) getsockname$packet(r4, &(0x7f0000000080), &(0x7f0000000100)=0x14) 14:24:15 executing program 0: r0 = open(&(0x7f0000000040)='./file0\x00', 0x8000, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) flock(r1, 0x2) flock(r2, 0x2) flock(r0, 0x1) r3 = dup2(r2, r2) dup3(r3, r1, 0x0) 14:24:15 executing program 2: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = syz_usb_connect$hid(0x0, 0x1, &(0x7f00000000c0)=ANY=[@ANYPTR64=&(0x7f0000000480)=ANY=[@ANYRES16, @ANYRES16, @ANYRESHEX, @ANYRES32, @ANYRES32, @ANYRES16, @ANYRES16, @ANYPTR=&(0x7f00000003c0)=ANY=[@ANYRES16, @ANYBLOB="b1bb0c9360b9668fcabbce1ee9c98942cee15df0f21051370594c7f6f753b595edcc4edb5271e55a95ac2babf86ec38b238298a6f6c9faa889edd82bfc0b8da01595812a37e62a64ad3b7440118fce057750d45f33323bdab99c0ffbba426768d5b48026328c6c8aa9694ffa88096db25c7fe81e32d8a5b7914b7b56d016b6ec21d868eff4380a9f09ffde879024c8b8dd0f5baa13e3fb2b1aa9cf"]]], 0x0) syz_extract_tcp_res$synack(&(0x7f0000000240), 0x1, 0x0) syz_usb_control_io(r2, 0x0, 0x0) syz_usb_control_io$hid(r2, &(0x7f0000000200)={0xffffffffffffffa8, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x6, {[@local=@item_4={0x3, 0x2, 0x0, "32b15adf"}, @global=@item_012={0xfffffffffffffdac, 0x1, 0x7}]}}, 0x0}, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x3, 0x228002) getsockopt$IPT_SO_GET_REVISION_MATCH(r3, 0x0, 0x42, &(0x7f0000000280)={'HL\x00'}, &(0x7f00000002c0)=0x1e) setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x0, 0xff, 0x6, 0x4}]}, 0x10) [ 500.522369][T11495] usbhid 6-1:0.0: can't add hid device: -71 [ 500.528596][T11495] usbhid: probe of 6-1:0.0 failed with error -71 [ 500.546053][T14463] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 500.562397][T11526] usb 5-1: new high-speed USB device number 23 using dummy_hcd 14:24:15 executing program 0: r0 = socket(0x10, 0x80002, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000480)={'team_slave_0\x00', 0x0}) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="7400000024009b0000000000100000edffff0000", @ANYRES32=r2, @ANYBLOB="00000014f1ffffffffffffff0800010073667100480002001c00000000000080b9a00400000000000000000000030000000033cc3598c9aa8178bdf100424dd00000000000000000000000de7f4687000000000040000000000001009900007c24f5583940ea0e363002e94564838f54825863fe646c248656cb5da45549c5ceffcf034fbd32262c96e574632bd9506374cf559308c1bcdb8ce808ec3007d6c695771d6947eddd541ac28f6b62386aad9b29ccc416a29244e544c9ef3b8444b636cd5270810633f2eb7d7a89d0f3cf2074bb2e180708593e5692929e046e61886dfe7b7bc2cbc705ed95700983ea22eefa47c53252758e28ba5382e15a6383b480de19f886aff40a0cb6088e18f3326fa3a5dcd32cb9515a688b87961591b4671e40cf37feaa14dd00000000007672c400321e6e4daef23cf875a45a0643142ac688f2a10de9d3da5da7ecf526f153140e6740200000b3c3c00b656f9021957cb27486eea0345bdf43b770452e1353b948847af1b8167f7f12dd7e160ab1357707dacc631c885e515d18f9e1797a7304cd27f232de351ba82f19b54b83c3cf584a3dfdff070000d44e20efd73e28c85c3f602e6ff893a5d0fbe9451fac0d80cfd54b4d6c95bc6f82c1d43695be010000000000000064a144b217ea2d383b5e0109b82309b6481bab49d6fb474cee7c43c6008016a882000000000000007854e751c2cf20f2037d1e1d06758b5074bc5c68637c6bb66c83a8b1ac14ad5ba15008346f499f7402f2242b001c6da623f9d788b32c4e7b2559cac607333b15ff53b74e424a3814194f5e1693be8b3b2913e50e8a1e3c97f8e63619b875fec39cfd75ed5641bc1a2866e53fda87a4538c19949f99f319ed55de946fb04ce355353c2d8a630214a9780ae2802013e27cb88c4bfd2d0bd2e2e22a48fdb34bd77d0c64b452f7ea0247275f8324787e5cfbc666ec7f3d6e9b68c1c85e78873c89b842b916e904be4f7dff0e4de1746efd12f96182999d95376503ee71de0b18bce0ee2b476a473ba54e1aaf6ca7bef076a532b84fe69fdc2b1413adaf6ed883831efb35f9"], 0x74}}, 0x0) [ 500.582634][T11495] usb 6-1: USB disconnect, device number 15 14:24:15 executing program 0: syz_usb_connect(0x0, 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000ac889508c71b4110f5f6e06bee33d3a31b5388e597ad0001000000000000"], 0x0) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x0, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x140) ioctl$TCGETX(r1, 0x5432, &(0x7f0000000200)) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000000040)={0x2, 0x1, "87c5cd97fa7d37f7606005873056938adbb1a75c46136bd2c552790459ed106f87a189656dd0b31de54175f7df67b20a5d20e17c1f5c7937994da75b441528c8c9f05fbf3dab1cd88238dab067a9f1de7724148f910f182b10d0cfe38b8cfe5794bf8796faf126380ef1475a90143eb141f64b24ba92f4dbcdd8de5d4cbc83e3348f954a5ec450d34eab82002a5e7bfd501e1f43578937fdc96b8776cda194f6cb7ef5e926eef64c23cbe96b40a639f3002c68f5a685d415f99e4b9812f335400887869efea451749e47d62557d80be94739d9eabe7f6e03ab9e6c26408a3dd0f43a41dff1eda74c295eaff1c684a433a0710b6a4921e35309d204496ff14420"}) [ 500.922219][T11526] usb 5-1: config 0 has an invalid interface number: 213 but max is 0 [ 500.930653][T11526] usb 5-1: config 0 has no interface number 0 [ 500.937069][T11526] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=bb.05 [ 500.946272][T11526] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 500.976000][T11526] usb 5-1: config 0 descriptor?? [ 501.026318][T11526] comedi comedi0: Wrong number of endpoints [ 501.032987][T11526] dt9812 5-1:0.213: driver 'dt9812' failed to auto-configure device. [ 501.231574][T11562] usb 5-1: USB disconnect, device number 23 14:24:16 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") ioctl$void(0xffffffffffffffff, 0x5451) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000140)}) 14:24:16 executing program 5: syz_emit_ethernet(0x66, &(0x7f0000000080)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x689, 0x3}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x3a, 0x86ddffff, @remote={0xfe, 0x80, [0x3, 0x543, 0x700, 0x5, 0x50000000000000d, 0x8848000000f0ffff, 0x0, 0x8dffffff00000000], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x5, [0x7], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0x18, 0x1, [0x0, 0xfffffff5, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x0, 0x0, 0x5]}, @mcast2={0xff, 0x5}}}}}}}}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x5, 0x202040) ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f0000000100)={0x1f, "af1cf4bc18f45feca766f949857213c6c7efebd2878b2516ddc021c231111b30", 0x2, 0x1800, 0x3, 0x1000, 0x16, 0x1}) 14:24:16 executing program 1: syz_genetlink_get_family_id$tipc2(&(0x7f0000000640)='TIPCv2\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000500), 0xc, 0x0}, 0x0) ptrace$setsig(0x4203, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1}) write(0xffffffffffffffff, &(0x7f0000000040)="0f42", 0xfffffffffffffe3f) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000180)) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000440)=0x4018) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000580)=""/143, &(0x7f0000000340)=0xfee5) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000740)={0x3, 0x2, 0xf000, 0x1000, &(0x7f0000000000/0x1000)=nil}) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000540)='/dev/mixer\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfb]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYRES16=0x0, @ANYRESHEX], 0x2}}, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000480)='{{nodev\x00') ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_NMI(r4, 0xae9a) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) r6 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f00000007c0)=ANY=[@ANYBLOB="010000001fc77f992f7dd3f48f0165bc1c2f017e01bfb026e4f1887c0147fd5bd7f4943298558fe668c73ba732f6cff9fac0d88a97e9f139dd3c873a7125e1a8688abfd0b8970027f523f09f0663d0991d3a05f0504fbfb450f16758f1b9cc1dd4639cce0a864651e89cb8f0f56e5246bc094b4528e79bb6e76bad57dde9d694cdbd5956ce3564554919baa55e35136782648088b4ef388b7f3739b2fb5c805775737805edaab54afcfe2c4fd3d602d32259c2b9d2da99af1aaba309c5fbb348009b029e0dca51e75d8641351bb35dd47dea4fff3ebcac9c7b8a9611a2e73dfde2ba2561d431d97c4f27a2eacec5", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f0000000000)={r7}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000680)={0x1, 0x2, 0x7, 0x3, r7}, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001840)={0xffffffffffffffff}) r9 = fcntl$dupfd(r8, 0x0, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)) ioctl$KVM_RUN(r4, 0xae80, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/ppp\x00', 0x749c3dda6e190cff, 0x0) 14:24:16 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x9fc, 0x0) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x1) write$UHID_DESTROY(0xffffffffffffffff, &(0x7f0000000d80), 0x4) unshare(0x40000000) r3 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000240)='X', 0x1, 0xfffffffffffffffe) r4 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r4}, 0x0, 0x95, &(0x7f00000001c0)={&(0x7f0000000100)={'xcbc(anubis-generic)\x00'}, 0x0, 0x70}) keyctl$setperm(0x5, r3, 0x20004200) r5 = syz_open_procfs(0x0, &(0x7f0000000340)='task\x00') getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) r7 = syz_open_procfs(0x0, 0x0) mkdirat$cgroup(r7, &(0x7f0000000040)='0-\x00', 0x1ff) sendto$inet(r1, &(0x7f0000000380)="b4bbf8acf9b11c70140a6c2e98fa2dfdf476c40ed6ad4f9112cca9e080915a6c509656a1dfe57face2e8836d5a23cb5c358e18e28fdb4a60fc31cb3653f463d614d69d7834f2df9c4452cb8f7ea5032952b1c72a096594762966b9058f8aac88bae722f324db9c62e428b74ca1dd4ccc1980cee3fccc0ba1d51ce8625455a1a90683832bf1369ba22f71e116297176bd9fee56bd98fdc82edb42672a286ccd9ceb2c1d1c14ef1553b0f34cb965c501e9f87680c1e99db7d4d350aa86", 0xbc, 0x40000, &(0x7f0000000440)={0x2, 0x4e20, @broadcast}, 0x10) setsockopt$inet6_int(r2, 0x29, 0xc8, &(0x7f0000000480)=0x4, 0x4) perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x6, 0xfb, 0x20, 0xe, 0x0, 0x0, 0x2000, 0x7, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000200), 0x6}, 0x100, 0x1, 0x3, 0x9, 0xfffffffffffffe00, 0xfffff001, 0x7}, r6, 0x9, r7, 0x0) r8 = syz_open_dev$vcsn(&(0x7f0000000880)='/dev/vcs#\x00', 0x3, 0x200) sendto$rxrpc(r8, &(0x7f00000008c0)="f532a4b6fba37ae82373a7c93466977d03c4457c4ad4e49fe0355b5e662487adbe746da96caccf6c89f427372f1cc19531f4a945b7b27425e1d42ee6af1911427ab3469ad383e2c30c656448ee6d9875169380c4a1f3b45a989a5067d5b990a421d770c912a6d6200366a5aa788f45761076695675eea01c466afb3c8426ee2b98799e", 0x83, 0x20000850, &(0x7f0000000980)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e22, 0x6, @loopback, 0xa}}, 0x24) mkdirat$cgroup(r5, &(0x7f0000000040)='0-\x00', 0x1ff) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/prev\x00') write$RDMA_USER_CM_CMD_DESTROY_ID(r9, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000180)}}, 0x18) ioctl$PIO_CMAP(r5, 0x4b71, &(0x7f0000000000)={0x8, 0x10000, 0x1, 0x885, 0xfdc, 0x3f}) 14:24:16 executing program 4: socket$nl_xfrm(0xa, 0x3, 0x87) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) r3 = getpid() rt_tgsigqueueinfo(r3, r3, 0x16, &(0x7f0000000000)) ptrace(0x10, r3) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000380)={0x5c, 0x0, &(0x7f00000002c0)=[@reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x18, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000200)={@ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/182, 0xb6, 0x1}, @ptr={0x70742a85, 0x0, &(0x7f0000000080)=""/50, 0x32, 0x1, 0x1c}, @ptr={0x70742a85, 0x1, &(0x7f00000000c0)=""/55, 0x37, 0x2, 0x18}}, &(0x7f0000000280)={0x0, 0x28, 0x50}}}, @request_death], 0x3, 0x0, &(0x7f0000000340)="a038cb"}) ptrace$getregset(0x4204, r3, 0x2, &(0x7f0000000100)={&(0x7f0000001300)=""/4096, 0x1000}) ioprio_set$pid(0x2, r3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_emit_ethernet(0x56, &(0x7f0000000000)={@empty, @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x20, 0x3b, 0x0, @local, @local, {[@routing={0x0, 0x2, 0x1, 0x0, 0x0, [@ipv4={[], [], @loopback}]}], @udp={0x0, 0x0, 0x8}}}}}}, 0x0) 14:24:16 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc4008a1d232a804c, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001500)={{{@in6=@initdev, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@initdev}}, &(0x7f0000000000)=0xe8) ioctl$TUNSETOWNER(r0, 0x400454cc, r1) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0) rt_sigaction(0x0, &(0x7f0000000180)={0x0, {}, 0x88000000, 0x0}, 0x0, 0x8, &(0x7f00000002c0)) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-monitor\x00', 0x181903, 0x0) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f00000003c0)) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000340)) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00') ioctl$SCSI_IOCTL_GET_IDLUN(r3, 0x5382, &(0x7f0000000100)) semget$private(0x0, 0x0, 0x0) semctl$SEM_INFO(0xffffffffffffffff, 0x7, 0x13, &(0x7f0000000500)=""/4096) close(r2) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000004c0)={0x0, 0x7f, 0x0, 0x0, 0x6, 0xffff, 0x6}, 0x20) r4 = open(&(0x7f0000000400)='./bus\x00', 0x1, 0x0) ioctl$RNDZAPENTCNT(r4, 0x5204, &(0x7f0000000200)=0x43b6) unshare(0x40000000) [ 501.870819][T14496] IPVS: ftp: loaded support on port[0] = 21 14:24:16 executing program 4: r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000180)=0x8) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f00000002c0)={'broute\x00'}, &(0x7f0000000100)=0x78) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, 0x0, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000340)={0xffffffff, 0x0, 0x1, 0x800}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r4, 0x80006040045010, &(0x7f0000000140)=0x3) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r4, 0x111, 0x4, 0x1, 0x4) openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20\x00', 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 502.062947][T14502] IPVS: ftp: loaded support on port[0] = 21 [ 502.648042][T14496] IPVS: ftp: loaded support on port[0] = 21 [ 502.709051][T14509] IPVS: ftp: loaded support on port[0] = 21 14:24:18 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r0, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000040)={0x10001, 0xfffffffe, 0x1}) r1 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000082505a8a440000000000109022400010000000009040000120701030009050102f100000000090582025503000000"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000900)={0xac, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = socket$packet(0x11, 0x3, 0x300) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r7 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r7, 0x80006040045010, &(0x7f0000000140)=0x3) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x4c6, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[]}, 0x1, 0x0, 0x0, 0x200c181}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000054c0)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r6, @ANYBLOB="00000000ffffffff00000000080001007366710048000229c6090032d0ed64f3c3545aaf6e000085a4e4ebb5ef6700"/96], 0x74}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000019c0)={&(0x7f00000002c0)=@newtfilter={0x44, 0x2c, 0x701, 0x0, 0x0, {0x0, r6, {}, {}, {0x3}}, [@filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0x14, 0x2, [@TCA_TCINDEX_HASH={0x8, 0x1, 0x106a}, @TCA_TCINDEX_MASK={0x8}]}}]}, 0x44}}, 0x0) sendto$packet(r2, &(0x7f0000000180)="c815db7dd5b961bdbd59f2a00a365a24ff0afde8548c41fc791106d60776f09e90022225845bab46700bfe988234a72bc48624023c91620f73c66c091970c9aa8d893d6d098ab691db3f80fb26972b5f7c8b1ee04825d1826f1fd850a4c5ab70287ac5ae0462f14198e21d3fde5b43d94cc78cebdf36d3c0b89dc07c18f068e4f97dcdd3037fe6f4130573ff3d76a5a5cc28d12d9a2b6c418e0f649beacdb1930ee47a4f400a25c4ba6cbb32b4a9298c0cc3906d99ef7f8e288af81fc098928ff873a840ba358c8f55b0f2fced0286c1b59e5f10c3925324ce7ce9c969c739b3ae", 0xe1, 0x40000, &(0x7f00000000c0)={0x11, 0x344a77b928f461, r6, 0x1, 0xff}, 0x14) prctl$PR_SVE_GET_VL(0x33, 0x17487) r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r8, 0x0, 0xfed2) 14:24:18 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {0x0, 0x0, 0x5}}, {{@in=@multicast2, 0x0, 0x33}, 0x0, @in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}}}, 0xe8) r4 = socket$key(0xf, 0x3, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_MON_GET(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="0100000000000000000112020000"], 0x14}}, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x1b0, r6, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x120, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @multicast1}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x3, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x401}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x100, @ipv4={[], [], @broadcast}, 0x1}}, {0x14, 0x2, @in={0x2, 0x4e24, @loopback}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @multicast2}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0xf34, @remote, 0x6}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1e6c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x89}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_BEARER_NAME={0xc, 0x1, @l2={'ib', 0x3a, 'eql\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @rand_addr=0xffffffff}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x2, @local, 0x1f}}}}, @TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'ip6erspan0\x00'}}]}, @TIPC_NLA_LINK={0x7c, 0x4, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}]}, 0x1b0}, 0x1, 0x0, 0x0, 0x40}, 0x54008075) sendmsg$key(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0) r7 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x8) 14:24:18 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0xfffffffffffffe63, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES16=r0, @ANYRESHEX=0x0, @ANYBLOB="00000000000000001c0012000c00000000000194293cea647300020000002300020000003d8a4c19ed5af9271c20dc3ca0e123a1f0075c1b64bdc4023ec1708d14745eaae044307e5a5a52835e07f46bed13d50546c9e1953469ac677bf86c88384e084a91a0c06389d7144f9dd9ba71cebf318ebd1838"], 0x3}, 0x1, 0x0, 0x0, 0x60000}, 0x80) r1 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x28001, 0xaf29baf3fb20fc92) getsockopt$inet6_buf(r1, 0x29, 0x22, &(0x7f00000001c0)=""/212, &(0x7f0000000080)=0xd4) ioctl$SIOCGETNODEID(0xffffffffffffffff, 0x89e1, &(0x7f00000002c0)={0x4}) read$eventfd(r1, &(0x7f0000000040), 0x8) ioctl$USBDEVFS_GET_CAPABILITIES(0xffffffffffffffff, 0x8004551a, &(0x7f00000000c0)) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000140)) 14:24:18 executing program 2: r0 = syz_usb_connect(0x1, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000080dd2720e60f0098b83c0000000109021200010000000009049f00007e052200"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) [ 503.532385][T11559] usb 1-1: new high-speed USB device number 39 using dummy_hcd 14:24:18 executing program 4: syz_usb_connect(0x0, 0x2d, &(0x7f0000000280)=ANY=[@ANYBLOB="120100c4ef4d520002f1000000827ff6d78654914edee70c0904541001ff0228b202010000000000497db4b3129a0083c96a3537d135659dab8e168fbec8cddc04d481b71ef4"], 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x28001, 0x2) ioctl$int_in(r1, 0x80006040045010, &(0x7f0000000140)=0x3) ioctl$TUNSETLINK(r1, 0x400454cd, 0x322) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) r2 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000200)="5500000018007fd500fe01b2a4a280930a06000000a84308910000003900080008000a0000dc13382d0060009b7a136ef75afb83de448daa72540d8102d2c55327c43ab8220000060cec4fab91d400000000000000", 0x55}], 0x1}, 0x0) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000000000)={0x5, [0x6, 0x7, 0xfff9, 0x6, 0xfffa]}, &(0x7f0000000100)=0xe) setsockopt$sock_timeval(r0, 0x1, 0x42, &(0x7f0000000040)={0x0, 0x7530}, 0x10) [ 503.773645][T11559] usb 1-1: Using ep0 maxpacket: 8 [ 503.905387][T11559] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 241 [ 503.915496][T11559] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 853 [ 503.925603][T11559] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 503.938741][T11559] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 14:24:19 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x9fc, 0x0) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x1) write$UHID_DESTROY(0xffffffffffffffff, &(0x7f0000000d80), 0x4) unshare(0x40000000) r3 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000240)='X', 0x1, 0xfffffffffffffffe) r4 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r4}, 0x0, 0x95, &(0x7f00000001c0)={&(0x7f0000000100)={'xcbc(anubis-generic)\x00'}, 0x0, 0x70}) keyctl$setperm(0x5, r3, 0x20004200) r5 = syz_open_procfs(0x0, &(0x7f0000000340)='task\x00') getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) r7 = syz_open_procfs(0x0, 0x0) mkdirat$cgroup(r7, &(0x7f0000000040)='0-\x00', 0x1ff) sendto$inet(r1, &(0x7f0000000380)="b4bbf8acf9b11c70140a6c2e98fa2dfdf476c40ed6ad4f9112cca9e080915a6c509656a1dfe57face2e8836d5a23cb5c358e18e28fdb4a60fc31cb3653f463d614d69d7834f2df9c4452cb8f7ea5032952b1c72a096594762966b9058f8aac88bae722f324db9c62e428b74ca1dd4ccc1980cee3fccc0ba1d51ce8625455a1a90683832bf1369ba22f71e116297176bd9fee56bd98fdc82edb42672a286ccd9ceb2c1d1c14ef1553b0f34cb965c501e9f87680c1e99db7d4d350aa86", 0xbc, 0x40000, &(0x7f0000000440)={0x2, 0x4e20, @broadcast}, 0x10) setsockopt$inet6_int(r2, 0x29, 0xc8, &(0x7f0000000480)=0x4, 0x4) perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x6, 0xfb, 0x20, 0xe, 0x0, 0x0, 0x2000, 0x7, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000200), 0x6}, 0x100, 0x1, 0x3, 0x9, 0xfffffffffffffe00, 0xfffff001, 0x7}, r6, 0x9, r7, 0x0) r8 = syz_open_dev$vcsn(&(0x7f0000000880)='/dev/vcs#\x00', 0x3, 0x200) sendto$rxrpc(r8, &(0x7f00000008c0)="f532a4b6fba37ae82373a7c93466977d03c4457c4ad4e49fe0355b5e662487adbe746da96caccf6c89f427372f1cc19531f4a945b7b27425e1d42ee6af1911427ab3469ad383e2c30c656448ee6d9875169380c4a1f3b45a989a5067d5b990a421d770c912a6d6200366a5aa788f45761076695675eea01c466afb3c8426ee2b98799e", 0x83, 0x20000850, &(0x7f0000000980)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e22, 0x6, @loopback, 0xa}}, 0x24) mkdirat$cgroup(r5, &(0x7f0000000040)='0-\x00', 0x1ff) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/prev\x00') write$RDMA_USER_CM_CMD_DESTROY_ID(r9, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000180)}}, 0x18) ioctl$PIO_CMAP(r5, 0x4b71, &(0x7f0000000000)={0x8, 0x10000, 0x1, 0x885, 0xfdc, 0x3f}) [ 503.947931][T11559] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 503.972060][T11526] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 503.994380][T11559] usb 1-1: config 0 descriptor?? [ 504.196594][T14531] IPVS: ftp: loaded support on port[0] = 21 [ 504.342024][T11526] usb 5-1: device descriptor read/64, error 18 [ 504.743196][T11526] usb 5-1: device descriptor read/64, error 18 [ 504.843777][T11559] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 39 if 0 alt 0 proto 3 vid 0x0525 pid 0xA4A8 14:24:19 executing program 2: r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010004637ee008ab0501030001e1ff000109022400010015ba82000009048800023891620009050112000000000009058c0a000000"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0xac, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 14:24:20 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) perf_event_open(0x0, 0x0, 0x0, r0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x9fc, 0x0) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x1) write$UHID_DESTROY(0xffffffffffffffff, &(0x7f0000000d80), 0x4) unshare(0x40000000) r3 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000240)='X', 0x1, 0xfffffffffffffffe) r4 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r4}, 0x0, 0x95, &(0x7f00000001c0)={&(0x7f0000000100)={'xcbc(anubis-generic)\x00'}, 0x0, 0x70}) keyctl$setperm(0x5, r3, 0x20004200) r5 = syz_open_procfs(0x0, &(0x7f0000000340)='task\x00') getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) r7 = syz_open_procfs(0x0, 0x0) mkdirat$cgroup(r7, &(0x7f0000000040)='0-\x00', 0x1ff) sendto$inet(r1, &(0x7f0000000380)="b4bbf8acf9b11c70140a6c2e98fa2dfdf476c40ed6ad4f9112cca9e080915a6c509656a1dfe57face2e8836d5a23cb5c358e18e28fdb4a60fc31cb3653f463d614d69d7834f2df9c4452cb8f7ea5032952b1c72a096594762966b9058f8aac88bae722f324db9c62e428b74ca1dd4ccc1980cee3fccc0ba1d51ce8625455a1a90683832bf1369ba22f71e116297176bd9fee56bd98fdc82edb42672a286ccd9ceb2c1d1c14ef1553b0f34cb965c501e9f87680c1e99db7d4d350aa86", 0xbc, 0x40000, &(0x7f0000000440)={0x2, 0x4e20, @broadcast}, 0x10) setsockopt$inet6_int(r2, 0x29, 0xc8, &(0x7f0000000480)=0x4, 0x4) perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x6, 0xfb, 0x20, 0xe, 0x0, 0x0, 0x2000, 0x7, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000200), 0x6}, 0x100, 0x1, 0x3, 0x9, 0xfffffffffffffe00, 0xfffff001, 0x7}, r6, 0x9, r7, 0x0) r8 = syz_open_dev$vcsn(&(0x7f0000000880)='/dev/vcs#\x00', 0x3, 0x200) sendto$rxrpc(r8, &(0x7f00000008c0)="f532a4b6fba37ae82373a7c93466977d03c4457c4ad4e49fe0355b5e662487adbe746da96caccf6c89f427372f1cc19531f4a945b7b27425e1d42ee6af1911427ab3469ad383e2c30c656448ee6d9875169380c4a1f3b45a989a5067d5b990a421d770c912a6d6200366a5aa788f45761076695675eea01c466afb3c8426ee2b98799e", 0x83, 0x20000850, &(0x7f0000000980)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e22, 0x6, @loopback, 0xa}}, 0x24) mkdirat$cgroup(r5, &(0x7f0000000040)='0-\x00', 0x1ff) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/prev\x00') write$RDMA_USER_CM_CMD_DESTROY_ID(r9, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000180)}}, 0x18) ioctl$PIO_CMAP(r5, 0x4b71, &(0x7f0000000000)={0x8, 0x10000, 0x1, 0x885, 0xfdc, 0x3f}) [ 505.024507][T11526] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 505.052047][ C0] usblp0: nonzero read bulk status received: -71 [ 505.132463][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 505.138807][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 505.145321][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 505.151558][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 505.158017][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 505.164659][ C1] protocol 88fb is buggy, dev hsr_slave_1 [ 505.196151][T11495] usb 1-1: USB disconnect, device number 39 [ 505.213448][T14539] IPVS: ftp: loaded support on port[0] = 21 [ 505.274107][T14514] =====================================================