last executing test programs: 33.928851736s ago: executing program 1 (id=2800): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet6(0xa, 0x80002, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x200c8004, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c) sendto$inet6(r2, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffffffffffffffe4, 0xc001, 0x0, 0xffffffffffffff0c) sendmsg$netlink(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)=ANY=[@ANYBLOB="2c0000002e0001e5ff0000000000000008000000", @ANYRES32], 0x2c}], 0x1}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xac, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in=@empty, @in6=@mcast2, @in=@private=0xa010120, @in=@rand_addr=0x64010100, 0x3c, 0x3, 0x0, 0x0, 0xa, 0x2}]}, @policy_type={0xa, 0x10, {0x1}}]}, 0xac}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$packet(0x11, 0x3, 0x300) r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, 0x0) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) r5 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r5, 0x0, 0x0) setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0xfd}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x2}, {0xffffffffffffffff}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in6=@private2, 0x0, 0x0, 0x0, 0xb7, 0xffffffff, 0x20}}, 0xe8) r6 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r6, 0x84, 0x71, &(0x7f0000000180), &(0x7f00000001c0)=0x8) 33.867879916s ago: executing program 1 (id=2801): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) syz_open_dev$video4linux(&(0x7f0000000080), 0x200000000000, 0x80000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) syz_emit_ethernet(0x10c, 0x0, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'crc32\x00'}, 0x58) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmsg$rds(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000400)=""/229, 0xe5}, {&(0x7f0000000500)=""/192, 0xc0}], 0x2, 0x0, 0x0, 0x4801}, 0x80) r5 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f00000006c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000680)={&(0x7f0000000480)={0x124, r5, 0x8, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_PUBL={0x34, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xc3}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8f42}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10}]}, @TIPC_NLA_LINK={0x88, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffbccf}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xec}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1c}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x4}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}]}, @TIPC_NLA_MEDIA={0x54, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x81}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x44085}, 0x20004015) 32.953394611s ago: executing program 1 (id=2803): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}}, 0x0, 0x32, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000140), 0xffffffffffffffff) (async) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000840)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000ac0)={0x20, r2, 0x1, 0x0, 0x0, {}, [{{0x8, 0x1, r3}, {0x4}}]}, 0x20}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000180)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff, @void, @value}, 0x94) (async) keyctl$KEYCTL_PKEY_VERIFY(0x1c, 0x0, &(0x7f0000000080)=ANY=[@ANYRES16=r0], 0x0, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000740)={0x58, 0x0, 0x2, 0x101, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x14, 0x4, @private0}}}]}]}, 0x58}}, 0x0) (async) keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000080)=' hash=', 0x0) 32.473003441s ago: executing program 1 (id=2805): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e0000000500000000001c00028004000100140003800c00018008"], 0x48}, 0x1, 0x0, 0x0, 0x20004084}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendto$packet(r0, 0x0, 0x0, 0x20080005, &(0x7f0000000080)={0x11, 0x18, r4, 0x1, 0x8, 0x6, @broadcast}, 0x14) 31.787204816s ago: executing program 1 (id=2806): socket$inet_udp(0x2, 0x2, 0x0) socket$key(0xf, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x29, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0, r4}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r5 = getpid() r6 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r6, 0x0, &(0x7f0000000300)={0x84, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r7, 0x5b23, 0x0) sched_setscheduler(r5, 0x2, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) 28.453035621s ago: executing program 0 (id=2817): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) epoll_create1(0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="00000400514403001c001280090001007866726d000000000c0002800800020001000000140003007866726d3000"/56], 0x50}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0xd0}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x38}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000340)) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r6}, 0x10) socket(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r7, 0x107, 0x12, &(0x7f0000000080)=0x9, 0x4) 27.944581841s ago: executing program 1 (id=2818): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000006d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) recvfrom$inet6(r1, 0x0, 0x0, 0x20, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)='T', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)="5f4845e454d045d203b51ec84adda9702a85314388328a9934ea95b377eaf6652c94a72c1fc38109250cf80f377e581bab151fd0a09650d110b5dc5c9aa4c90e4b5701e4", 0x44}], 0x1}}], 0x2, 0xc8000) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701000000000000850000006d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async) socket$inet6(0xa, 0x2, 0x0) (async) bind$inet6(r1, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c) (async) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c) (async) recvfrom$inet6(r1, 0x0, 0x0, 0x20, 0x0, 0x0) (async) sendmmsg$inet6(r1, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)='T', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)="5f4845e454d045d203b51ec84adda9702a85314388328a9934ea95b377eaf6652c94a72c1fc38109250cf80f377e581bab151fd0a09650d110b5dc5c9aa4c90e4b5701e4", 0x44}], 0x1}}], 0x2, 0xc8000) (async) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) (async) 27.471520998s ago: executing program 0 (id=2821): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000100000000000000030000008500000027000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_usb_connect$hid(0x3, 0x0, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000007100)=[{{&(0x7f00000003c0)=@abs={0x87c9fe6ea8f17c2f, 0x0, 0x4e22}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000180)="53519774517492ebcf6f90858059ba6b0a669cb61de221421e2a88c57c7387a05fe406eb326584669004", 0x2a}, {&(0x7f0000000440)="256f151ccd2f87d167a643bc4f2a84b0550aeb3ceb60c3eacdcda57453e998944d0c62be0a68faa7949af01c943431c0b6a40ce44991bc6c08e071c4f060b7e3ffb7f662ccfb", 0x46}, {&(0x7f00000004c0)="7e26a0bdbc08a136323329cc38c8f2799548de82679bfe2e187257a1b5f01a8535a056c312eb03cf30bd48a9f4412d4d1b067e1eb5c55830bcb32822f379e8ee45de28dede0a4e5a4ae8ed801536918970e259799183f60b33f16476c4f9fabea50fb741621bb7e00976d33bd240caac9b4f43991b71469f8bb4219aa43746e0ec6657ae2a62b66867b0f7bc9072c2ecb9d6d4a5228e1005e196f64aade7d186732b6c41ba9a81804df8a0eef92963f9ca1e5d760c80e13201", 0xb9}], 0x3, 0x0, 0x0, 0x1}}, {{&(0x7f0000000580)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001bc0)=[{&(0x7f0000000600)="78b7c1618ce1e00e1b8187a085e761286a9e53f46a0302cb9a6185640188594452e8de6acadc638681cc735c4f13d95bebb4d62ff795ceaa68b8059de28ec8a431d9e5a909439a1c2c8d08e112a993fc8dad5c", 0x53}, {&(0x7f0000000680)="8ec8e5132b94ecd08f863ce62ccdcd8e0592f75a40d6fe6b26ffe32f096860179481a410aec7ce1aee5639a17537bf1b74bff4051d5eaeb087ced05b4e4c7b66688eaf4a89f9e8d83d2bc346c098af68461f3fd99612eed8c417abb8f87391f127d8580c6dbb8f7f7884a52ba0945c7881c861db8c3139a6b47b8640770ee83bd18fcf3d9d1c5d1b471f860517f66c7b0a27101132c8cf0ffd445eff8a90ebaff5ba71b6992b091b38f5a71cfcc7411907f30d54e13421622a137d0051affa3dff6f0445d4d838f939d6bb556dc384f0835b86066cec00b8a63c66950708f39058d60e222c58623b453edf5145da", 0xee}, {&(0x7f0000000780)="f3197dd5d2cd6960304a749635d48df4ef2718c9f341d59461ca3221afb3e783dbd548d135fde67724212c02c101ff4fbb37043e8968bad72fdf55f4fac917fb94389b727ac31baba7d45f4233f4c8bcabf1272fe99777a200631839d0b3166597a722a12bafd8f2c361639c84aa9b6b164ffc2140062f051232b1371729574958950b3590af096766ca83547e7366c6dc1249c80c476f373eec699af0a06c32ddc3c1a214e0561605c596bc58588733eb3186e56d9a10d9aadfae4223ab5df5954625d733d0416219e20e73aaf1a4cf6f5bbe4b9dc5942517cd54", 0xdb}, {&(0x7f0000000880)="894d04509b3b1e8520cbbf4ae6c2ae7d1f7204a97ea65be5291c9f0684f27d1573728ad75459fe0751d0697cc8cb5fa675b851c94046c91c0ebdd8e70cd62316b49c0f70aeb94edaa2fefeff1d278cb3b5b21d3d5aacd3be572bca0d0097cd9d6585d188ab608d9c4116c2e4b684ec8f97c1634d3d3854098cbfdc81b9084b768ee4e938f90841932b7430adc0e288bf42df4aaad2b78dfb3e5e2eaa8e316a13af2d637090d21fab2d2fe9413c1a972fbdd8ee6843d304aa9d5fa10840bb139ae826bbe130a877bdce3e07993ab5155708", 0xd1}, {&(0x7f0000000980)="4cba8aec1e82d94c862e6cc09fa772c4c899d4465f278563d822d415d3354da1b4e167b348c507", 0x27}, {&(0x7f00000009c0)="d022736c314be8f085437a10ab584463be33a3181c42eeb8993acd4052c561dc2e2a88478216db47756ae36e7a9f9114de2c0a2ee4407180631a40467786788f0d78ad69c5a5aa75682c47213bd839bbd1601524a1554586f1481378b9546de0ab7c37113823a946ac8b6493915f14088a5ef63b94f3b403c3c9e280f514299018366b8bdbe1221006be69bc095118eeddd96b7d0c0102ec4917278d3e62cf6f956f", 0xa2}, {&(0x7f0000000a80)="937c08b4737363805bad4f3369626b6567ae193ada835d0e3e3536e3af2a521189dbbe971f554534004a73afdc569417e2101a3fef60cfa120d30b692bbca0a204c9776a63dee2e33de90ad8072cb5f76ee508a0044c715a379aef4b2b5f2ccb59d64490701baf908b98021637e94f7f7b14f537f57bb8fc15f234032b6581dbdde40298f050d206e882ba35b55d737809fb48e286448d4d29e2b5c03b21a0750a17a551a47c592885fa2381b1481dc583f1483a", 0xb4}, {&(0x7f0000000b40)="ee8fae308d5aad1a743d91640c1213d3c39f161c5dcaef3cbab7ca042cd6a7049a1551921dfed18013e84db30b14994cfdbedf88378eefbc551c28eb2d147c42a415283b0592767aeebabb50c7ec15268c5b895b234a22605b0e3f4fc60b", 0x5e}, {&(0x7f0000000bc0)="80f37bec98ef33f310c83cb67cf04641c4c322c57b708e9f4fc230c823de32c6ed0996e93dc140cd11eb52ae6b63907d61025bcbab0a064b75bb5673a9c20c8c716f531d88358f25874105b3cd3335b39651321e09044d950f2cdaee2dd0bcb8d046ac9cff5da431b0238cb20633835137ca078c0b2647a928986feeb7722a1f8c17ef7ad45cd03741a3d08f41aec9f1254bb6cb94716f4129eb7f58996a839eab28cb45f41e7968ad73768cb50cfdb733f26c643173ca5c63f52a9ed9526598247c4546e512725295ff3f6f0f4422a42c2a30be282cb5c18468b0cd4b5b11d2754ded01e4f8b462009190187436b71bddd0f99b1bb617d03440ad98da65ce7afa3c35d85b5c5a840555ecdb2b9f309d85897dd9e2d48327a8148b0599fce65a6a55db5930064c70c160c9ef32e0e784dedce67055bbcd42cffd3569d5f8a2f24cd197cb0ec9be9ac77d70cae70c426839c1a2bc7ff39bf7d4a17ce0372a4174e9cd35e1495b15d770cec4f9447204bd0243f688f393758742ca637b12d6d4a32443333348acc84b729f02d2cd9956670896eff7a689533f1d4943d4dbb308008b1597e12ac03cc8186e7bef7449fa0f37ae3f022e449df47da2ab6b076d0912a968f597c9b24ea841658e1beeab584e1bdeb1faa4598b7b4edee1c6b39d924b86e1eb6be0c8a2bfd929b95549a58397cc99ce9e4902bd385348cc8d69d32547c90e5e5349362b5461994cbfacae286e91169a00c89716124e0981c383303a45ef17a77baa63e76b745c1fa09fe5f9a43af38c6a48ed5b6898ad8dde6b7484fdac19e178e6d0a987fd20c5217efc85fe7ca8f4e2ed6f25cdd917447c68257dc25bb4ae3bacb3e7abbf1158f8d17d6b06370b93b052d8fa649aa196e7d87739f2c6992d3349336086729478cedfa25335a5800edf3e4ff73d07c913ac94da26c8d75bb4782c36afdb8023fd110710669f52be33a0e578564cf5f25da9c03001ca56e44a3e60d3754d180955b19e8abe41ddb1f401be115b7641b054458d19cbe4650a5986577490cc1f1e6d22747d8eb8973cac7fdd4f0acbaa588253bfcd442fbf97dec3bcc36b6baccad4819a678a583a36728fc714938e4a8c37251111474debd65c80123ae9ac118e799007a5d566701fd5d0a860256cd424296bfbb1b86ff227f47162fc505cfa29c50214238f61cea5b5fd2efea0dec7aab99f874d777f3ab181503e48f42a22c6f3701b98c3024cd98e910f2fda90c04b17f1f4b8d7d65b1364c4b79e48bcc46390c8c7bffb18cead0982ef16752f84a7fd4ec78195a0073d4b1da8fce9bebb7793fab8d6425f897a18346cc82d847cfc03343c4984506c879f7dfbfb4fc61ab9eca11bc4ed040e4c6c3dd2d55ab7187b856888732de38411e43dad865cce16448221dfe480d37b55010010abb3ad1562f248d67d7d1acd2e1dd7401a1822392548f79db9dc7bddff9a0d085ab8e80e5735dceea47a34c130ce3c4116bcd4f4d8a726d1695f622c9dd100d99db6378af2552c2e99f15b485b8bb6994a1ffe968d7a73107f488408c1c63e732035a3a4c6b72fd53a6b59702cf9ff33595302771469654db0bc0895d5b249e7555a4334a38976a156deb219f35439f4f79b4fecdfebb6d7ee5d12cae87dadb11306e0695241fc3c4cbda832b026f052989e724f49c97b4b4c801148fc1f388ccecac3d600f3fc2035999e1437b5c4e75474ed95d4f4d5b2a84fbc5bff38f155f65fea68b0a1c41955b6b49d3b80b671325ccc4b914a640adba9d36493f0238ca4c4649729f017fc05ac582e2fcd2e36bf8734d01373fa593d1cd0d801cf034f96660d1596cf08279e84325f283dfae07da8d0f16309d466ade557e5b5328c4d9d8dfe85481d353f9c4ec56c852329756969d555f815c9a9bc518997f5db6806a315ca5719e1394055ae081ce7858202de8be16d794851976093a68fe2bbc114c6e89d8faf397a7794fea7dff255c484d0016cd2ad34901b76bc4fd2efc3fd9919646f74154be7678f5d4f39bf59e0aa016f00092f545620ccae8b4ee7ad55eef377651c09e951c9c2ccbbc3ca4c5e8080f8ec89c9700f95e337e577a3c8c5f4c2e43438acc6e98d897eabd0c0c4f08f9db2244df8796984156d8562a7bd6fcde662e17449e011e6a07bb010afb0991f76637fdc2a24a8ed3e6536d246633af663440331d447af43dd8d8958787ecafe9f5d81c70238eacd15a3927ecc6610d03b35c04b76cb914794906a69caf2e013aa6ba342086afc1ac06fc91a6e8633d529177f374840eb4627d71fb7b5cc1c831ec64ff09f107ef31cd08c07b7f48dddbac79a38a35637f6119454d65e1efcd7d19bdc7537d60be4d6f72a45b1f32e613a088c5f27d9622a0dd105ab5ea55d47b818fbfcee895c66af146611fffdcd00dfa514c7c05f2a918b251eb748e7e1af41f5ee79866e370185cb6190751433b3dbc32c90123f1265749651d8ccdcbdbd8f12d01424639dd7eb9c48934e6d7503967d1c778ff5b6b541bd9f35889710086b58b22a3ec52b5d66b2c4ac30e83c67ea393a80cf2744de87dd796e870b4b8e6a51d9d725a9fa57939ae9899169d4c15e89c53168c7514083ca41cdff83d7422d08815296dbd66cf067f4fd59ed7f85d70e02cd321f6602c7199ef9e89cbcf35c5de892ab429a2863f7af2086b91cb2e92cdce6bfa7381d774f30b545b1d50b858ab9fd4277bde4db69790a09ea6c9964cf2024936c16a7329c63b068da6898cb0f5e8474f0831f7c9669fb86c7ac005d836f14de27c9b115b7314d9682ffac8cc0138e0f12f68a2431b5017209fba797df859eb300e5ccff2dab54e63a9804b54895dac4a35b8822c368409cc975d721fe86e65f0bca2d353bd507ed2e18777396874ccbe5158263cc0c87e3de86037fd175bb148f8eee2921758ef98f69bc60d7c203f0dfbc28166c541d374dff0d729f8a869e0f3784d63e6aa94d81f9717483d6beabd24c67ad092de98b6e50bda40e7cca32a7c177e8a078a4adf30df5e857ea2df2da0da567fdebe55c22932037608ebcda5a8677b6ec50279f51b7bb106af3de1fa9744ec00acdfc1b5582114045d62fc9d3bf517545d244fde9fe16040811298f9087d717fcb6d1369cb092af4b46a6c56037aaf69b4e1fc7a24acbc7ad730f255c1ae681a1bfe842235fb97326f9b6e44608081f790814206ee0cc437354bc74bee5bcc329725c47149cd20c41a7bcb327ce695a286ec7e6f9112ef01dfb746fbb717a419b4cd505ba2ff71d875d47abf677a0a88283546ec48dc8f96e4afb294b9014b98bb2eba22c4245808d67d542024530bf674521f9f50a8e2043b3afe93be722201fd2b817c3848fef91fa66b361878d244c3eb6819c76bb165739bb8f5e052829ac4da98de95bf72e23d7ba5436b99482e16c73f0a8b0fe711138b466d4b21a129f75e19173131544d59c5ca571eaf81802d7cd7ff298b019c1976c0ba040afb96a432c317d6ed52507d54349f6924ef0b5f69e6ef3900df098ddf2e95f899aa2a5bcd5d8e45533f7a39332b75d799235b157049a172ee5442c243b2ea12ae471988411fe8c08449b6498e7298a66185826dadb37b0ad67e16ac51bad37464affc423f48e93fa6fb26031d99c396c873272e8e3570466bbb830156d5aa2809bd25e83f65d6a6c25a77e0cfefc0f178f4264df98253b31f78d16672c789e8b67f327a7e1eb6fcd2c8ca62912bab4691c5ef526bfe72f3af72676ddc64cc9e4eb5a30d32194079ff68d8b124d4a1e4c2f4a9f3b4638f7a6bbcef126c899105fcf00d7fea4c0f0b6239dfc97d6c49e5889597d49c3628ae487981b94482ef1d8970146eb633bd0af3cbe968cca14cc172850320ef0203f72572d0f34c71e569bf94bdb9a53c10113c86d7f54b84c70d73f87f2cd5b27909f659eeb81b2dc2cab3a9c03ae725a1c286f2a1b5ced0feef39f2a44dd81fafda20d4cad8d2877b0627e150ff81177e8425db228118a7ce5e23ce64ee3eb97d85ec11c256f5735b71fee29f25b2a07b7bedae2b1e7fab362aa9f15da72a3653e37af98fc3b81bde1ccdab9b5c126adc20d3d3834d21b534707e69062ef8edbfc9ebd49881b99ce2c2faab7aaca2c7a1627587f84be89bcc3698c6ede8542e522cf9964d8873c98da3206bafc8ade737a3c274836c669cbde401e3646f9f799cb7ed66750ab8112abc178a82b356186e71ad418938148a9b67ffde440fc6cffb28cc693f8511b2819f440d59edb9cda7b36a17a05ca88fed7eb1edab84f8bfb72ff85d9a534bb8dff8ae9defdd45fce3aa5e43a3b482724c624c43d74d02e65f2cc4231c288678e4f9eac0a6d710efe69d2c71422f0d61e0afe52340bad670408f533f5901afbe9057f85e2a223bccfec0b5664b05726b4af4a55a080f7f542369c030706ed169bde471c3899ec71306d82d21331e3640b24fa24019490f9d75a29efa8fe5080529a9107aab3577d21d56c501d7b61b7d23ab4621da08d2230e0d2df8895f1182b3d5f3ceaf2d4e2ac5147771871d6844baf6a746b9a95b019a472c93db0633f0756463446de28e46766f80b7c906366357bc81f6eceea1c90c1df404bf65acd118da2da2db76190749fa81952a6459b3975483fe010e4139381360592a1cd64995ea6ecf6d95c107bb1959d81717cf859e588e36628c036eab3c23effcf837719fc5d260a28d80bfe152f8bd9bd8d9c34a578efde185d914d71c100d749e90e2db9044a2ecf5e6f6918d062b24a49676bc0450778b0fe4b4c6e51aa42e663335260e9e6584ef351116ba5c71e63f4fc048e7e7161161be66ed27bcf7fa1595b156da20f33faa508e11ab8dc17ba88cc6534d678558e9eee557f9788758dd2976ff228dd5478cb95daefbbb591708fa47bd6dd74165d963920e301e07354f29466178a242a2cc1427226e2abfe10cbb6860f3dd696356c03e106234293982a3193652580c939fa6433b8195ec4097f16907b1a11b8b3fa47b244390df1d9e2dd766c7b033b6bee578dcfa87f3c590a9842da7cdc32efd1f5dcfa87fced2cf28ea41b5e300e9c89461d0488dbd281172d2d98f941660695d7be8adbc3832ad9b5b529e64e8dbab4380d84123b05a1d2e8e518d8de027d5a59e1699da908e605d667f5aa24044c0fcd85f2528ce58a0d87f97724265b287d5843deadd68aa6cb824ca33b88ded2251a50419a90f17077776514c0d71ae161aa10d64dad6d32b572d2e5b9b91b794b6eda61d6fc39cdb38746b947c95d4b6d0dcb77f3c2bc7e862b83c2f2160e02cec6a7a3b6141157b9feb8603c8bb9ba25989d9c158aa94e901d511816e78aedb28ed94d5641bef550fd6b47c74321575c2b450697a2f4b622ab54f0b705038d95a698fabb517fc75d2e8de1e1e69dd01b07fc0098e5309f9912ef890ec3bb5ad3385cd405048d509328096c3acdfff9b91a08fc45d3d12c4e28bad07327f9c897097766a32d69c9c6132afe68c65e72cd47b9448aa5ddd2056b468c04ceb85f8dd60b77061f1b84df5fbcefd9104cc482f9814731525b69012783579d2f4f33347b6d726a86941742ff28c5921aa13c64728b114172d9db7ea5316a5eeea67851cac2e039fff7b699213217ec31691ac597dc2c0b18e29c0006e730a09f18509c7f79713e1126b07b8bba0234542c2ae93c99227336b56ab3ce6c5b6f70855ec306b255792d45321bf65227916c7629dc080e71d6ccce908cbfef94241cbceced361b01bb2812835b9e813165ce6299c6", 0x1000}], 0x9, &(0x7f0000002140)=[@rights={{0x18, 0x1, 0x1, [r4, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0x0, 0xffffffffffffffff}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, r0, r0, r2, r4, 0xffffffffffffffff, r1, r1]}}, @cred={{0x1c, 0x1, 0x2, {r3}}}, @rights={{0x28, 0x1, 0x1, [r1, r4, r5, 0xffffffffffffffff, 0xffffffffffffffff, r5]}}, @rights={{0x18, 0x1, 0x1, [r2, r0]}}, @rights={{0x20, 0x1, 0x1, [r0, r1, r0, r2]}}, @cred={{0x1c, 0x1, 0x2, {r3, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x128, 0x40400c4}}, {{&(0x7f0000002280)=@file={0x0, './file1\x00'}, 0x6e, &(0x7f00000023c0)=[{&(0x7f0000002300)="2e3f34ea7787675fc4c9df7e2528bf57618600d36f56c6fe6aa30b87b3d73b525494142156f81ed69b63e46a4c388d5f1e7fa22fc9a1f3a9c768e69d2fd87b4d2cad881ea83204c670583c9f0374297cf3cd07f585b05b1b80af09fc8320cffcee226b153808c84ab491a52eefcbb7fb510b6aec6759febc6c198e57a98652913e04b7a65e5310ca787f054660aae061c41469f51c257424bb3dfd7b05486e3550d12dc309227048e4f7bbe8a7f9a2da407f", 0xb2}], 0x1, &(0x7f0000002400)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r2, r5, r4]}}], 0x30, 0x1}}, {{&(0x7f0000002440)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000047c0)=[{&(0x7f0000004500)="f99fce5abc27709a50e53fc930ab97371f1545d8222f6c3935978383ca877bd7eee79ae834b471ef", 0x28}, {&(0x7f0000004540)="3104f99d157bb8b946aa1cf4aeddfe73bf726057c76d3ed2c70544246e79aaffabc8636c029af7e6aff797e71377617aa912bff937f984f794393d69d1a81f876da8276e30566796ff412a8840ea7f9d37e5c333432705b3d462aaab54440c20628984e51ec21b984b81e96ad3f25cf5475a06224ecb9b33fb696abf0803ab198c5f3957d59adc7044c6619595e1fd49ad311d3f0aa4703dc38b22f5dbcd114dcbc0c89d2016f82d20ec5806c68c5fc798f11bace165a7d5954425f469167d2ed884562b142f228d3869a065600f8257ee7beaf394dada133221b4a76c443933059d29c8c3b8a767344857167aaf27aaf54961d3f501d8def9981a9cb20695", 0xff}, {&(0x7f0000004640)="9b69902fcb54ac080faec32be4e124aa0b110eda2f61746fedcc68510fb129a9626bad1f6c0d5c6d2520a3ca7944f721ce7fc123453b8cb542bb3b95aa52865235369314aeb63127328712e495f1f99110e560b7122488887c6d22604a8f05368a55fd9b716e4bbd30072b47e9e5fb1c965ff1e958380ddfbdc20f27f039b164c449d8b3b66712051024ce2941ee19d470463898fb8d12ab3b889d95f2a3d64623c18a0bf4567c5e", 0xa8}, {&(0x7f0000004700)="f62f340bb7e3377d55beef0de643e44cd4841c7779dcbe21123c3469420b18e775bd50aa0d0cb630135e441fa63e83547845b79a38c41628adfc99def5d025d8791d2f70f36f12a033cf64462878837a3652567aa3a23f6c50fd7bda73204d443419c82fd78247cadfef1a8cfc95f3a9c568552be2ccd7f8ca1ba3baa3d5f38006555f3ec75c8a654ceec6ca84ddbf7189094375a2b9059ed6691d5dbc227cf1d3182e1c0dcd0c247baf97ebe598226663e3c6f5f32e2660", 0xb8}], 0x4, &(0x7f0000004800)=[@cred={{0x1c, 0x1, 0x2, {r3}}}, @cred={{0x1c}}], 0x40, 0x200080c0}}, {{0x0, 0x0, &(0x7f0000005c40)=[{&(0x7f0000004840)="eb229a124a69b893950596c2fbbc55d1f5d728b53556803206dd0cce2a6d39bbf0eece614da986f58b9db5125a30fe", 0x2f}, {&(0x7f0000004940)="8cbf98a2cf6d5d1e05a93cc382f7aead33a0777994bbff14b189c92b913ed707ea137e9695ad3df7187a2be3b0d93adcc9218994dca5598828b88da060222880e89512e68ffa4c223503701d61c488da20b7ddbec3a43614157b5f4133ecf11d109783913a14004454dcdc4c3b5e45b0cb81994dbe30655e7a02c66e866db657a967567cb0008bdc857f1e298f8ae64ec26aacb156ad2f7e07efe92be0ceb1fb54f8017addc26579da3d56d5cdd3f501081d8ad6acaac714f6e25a00909635b626f63f42910cc766c27933086921f020cc98aba39ff8a3bd4034f1a6fe90916e70222c25918adf08b74e274c6564759b49019b89f98b", 0xf6}, {&(0x7f0000004a40)="8458346ee89fe6cf01980d2fb6e49ca4a77ab8ed978812f3728a7cc7173a3c37a657690a4ae77c5726895ecdb7bc5284fe8259f78b198965dd5c962052f67826183b1cdcac3900ab4a8f6c5e51b952a74501706913b3c858a9d87ed4486cc2ef70e69e0eaeca5a9da7b7a215338bbd84f3336d7a132781c9ba5c25071cf516acc5", 0x81}, {&(0x7f0000004b00)="c010529888356dbed1b803092a0f8169869d12db1f16565385e93b8ce841054f55ac8bb87eb09afe8cc94de10fe5bc1680c2bf25d1fdcd7372a962b102cb00c6cae4cc3c5832caec7022b11992198533fc00238229f2bc9a7b7a0a8f389abb317210c9dc8896b12dbeeed9accc1da3879c3b9bac37c15ee8ed9bef563f9728542a2043d106309aafacd5f29ff994906c1d5ffbe2cafae685f7ce176ed7aeb624c9ba8f6d0c1a55c9afb69f11cdab4a98f56c828ea29041f163", 0xb9}, {&(0x7f0000004bc0)="7fbbd82bec62413f9a33dcc927300247518674d8cd9b0762f8f31561eaee6e640275ff4eb10a3f87f14ba8eb3166726c2c336996bd5cfefa15204c5e14483c464e1ec4ab521a12944850f2d345140d91d7a9a870f49dda74211d1112185ae1bc97cb70a3920786a7ee05a551a0a81e3efd06a3cad72fcd42953d743e34a1dec8405019a8079dd356a96337e274b6fd3f8e4e065e0b7bb04ed5a5f0fb52ce9cb3df009ff3ea54a98bd9a5a2bc2558008aad612a4517c0d2348839ec5f5c3df5c895f8fe7138989094aeb29f214e67762cac1464fc492b29605bdcdc4577c0ccd5f9f92426a1d486f1220c8bf24d5e9090a2df18d714e9862718afba4d6d6cf6d30273aadb2a64dca4bac822cbd16c74a13ccb203da188ac43da242d68ea9db187a085f45d77b36a09fb0622cc46869316debb6297d6c3fdb2126d13bf266e9e18c3953db47d39b3258474ee041a66cc3bc9a81650c4dc7feff1df7044c9be3a26ccf48554aaf44824038e7c63cc6a0226bd073484565b5f2f806cd9eebe63988e259b14529532cc74fa3752a8c9f126d1fcaeca2cd088678db3ce6b54d78a63c3372508c76f5e1439834363c2b356d8c6c3616a2691fc2fc9a12ff828a660e5e9cbb3b17ff2a37850e522387928a91e04ae520e7e34f7be61917b2511cab11979f8adda2fe11668819325c94d6728d95fee7f2d2126c557afe4dea6076d57edc92b5d118ae7dec50fbecadd793c4718c3f1a6fa4716c510146619b11067c0c3b33865204b5ee459b27475d4d93ddd3dab1b30f212bd72963403e18b1a9a5ef56bc594df2b5165300acd6837c275c57f6bc40d2e3320ffc756b5c56552c06d7c4bf6a1d303b3061b1a23cea89774cc058bac41cc52f0b257411719f066523bcf049bbc56e58e96e2517b28580b5430cfc4c28f31d1ae932ce195479567f0063875f0c15a1c47e31dafdda5a2b068e51b3b6cdf96fc654ad2355695557c1c95126f923304fc2d17a41dce478098d0c59fe2ef6f7e88afbfe60e8d59616c1a07725f54c8fa161b074e67c5c95e9ac8c8f1a7c8ff0ce6aa91643e2684201c1b03dcb95f8e731775d0503054869bcc606de19b2b56a3294bba124e48aa2a39b63110aebcef1733dfa65abec7063a0077deed6fc89c6169778745b48f51ba4c9a0ab236a4405793e64364b8418fd4d8782bef984bdd6cf315d88d49ba87b6a52f6b9882df6ee95897fda4821fd89137bf350eb91716df758b5f49f63f513693352554a611a19e44065abb52473ae537ede652aec0fe532ca88c49f5be8ee77e79f3499259ff43af0b62b8b055844bb0cebd41011d07111ff8c7d30f8f4ee96b6ea30ce830f13440f1ad6ed6c3d2f822e71fbbd077c6b75b578c47248aa8353ffc6954c57d03c113ba7b34e046e0022b5e41d86e0d1ff4cb9e83940136301d36242b8b28cdd0c67c44bfcbe8818a47d473f4ca9f1acab40414a49af2604daf422c4557ad4fdcd595ccc40bf771812352e3d436be00cb6d4c2b9e08eb3aed1704b19057e61da2cb427fdf08d9da599e2174746aa1b5d2617e593df24897e797413066f51af55c6853d1dbe74b139700f2ec472f8a28d9b5ff1da8120b9bd0e8f9f882e9461e37623d59e512be6b132b747072d06fd703b35bb69c8fbf34d3548095e3511743a02aa592d996165df6515d43f95f0da0873364afd2b86e76bbd60c1d4a0837a3f10ac52513e1f6dd38e65e38742eb829fd4424f348ee86efb3384b5db623578ccdab46f23adec24de2b38a6fcb2d1654afd56fa6e75dc928dc47f33197b6c82f673c3caebc3272a7d8e1861b4067f80863cd2cc617f4217dd606646985645cd31fc7e21cb9c2683ae0e68007cc27461ccd658555b2d39951d3ed3e5955338b87fbe189537905cdb49987dfcda2381fe5298976d4e31d2f5efa76b925502dca3028ead64fa96d47cf33b3f7af110220709985b30ee42930f53dd1b624fcf6eb7a400c95a67866d911d5d05fd7e6f2b1e380a0d9c59f99a10f2560c57f23a975af2e969a9f1b55d04f08abccab847b9cf5af933f7e1f22509d139b80c9dc7c3e7b89dfca625455d74608f395412c03204e836696256f09204814cb1c838d1a3f5ac8414a7faf9b35c0d4eb2631af65e456e0fa54d23c309c5035602d7eb85d8716985fe0d15f98b34d738c15b07399d4cf4186350381cbc2c190445029282997e93ca4bed935edb8f376f9ed832455dc228b7b1f6f63de4d116f1fe2e95c91a54adde120008993197953fe4c7f32c440ab7cc6800ce87b3cfed2cfac0b59cb05f0aca5cd359fcc9eb9a5cfe9aef0f04894e52cfe7be99ccd947e75e03c06be51fd462f517819db9bb11990b48b5abbf6b6e88c3833ae63a1c729da82f02fcc0f53afc320b9cd7874fbad47d439e9c45e4711adefd89263edb7e649dc33a19f71f85d03651b656b36e89e0687c7f866a5173188fd727460f1a82e01eb182a722157b1c0c07b372d753473883c8f54fcf1420e24f8e70e6ecf081454800982c7a88480858c2d69528e93a292a427ddc6fe0e49fc0eb38ace0e6f247faa5fb9ab3dc6da06ac49e577a9faa7ee7dc558e153942e619707c7bbdc6c2cc156a4a77ce2aaced16e5a4d252b2fc4fa8fad1672e6541f4c88075e53bbf5c04730e336fbf4a8e7b8743c3f5a2215e058ebec7251d368bdd86ce52ac14975bf0a386f134dc3685cc749b73e52d6ae7afe7cac634cdb1f62cb84044bb22c6e9f57ea0abee642f29871e0b2397c173a4e08a824284eb138dc269704d7fdd66e71676d2567b3f48631e8fc9946d932206bddf9ed35c10f0a7e11114a45966074b9552a84bee4e1e524c62f75d94e71c6788ed8d20adb55a2f88a855f15d93c9a9438075f38caac20d9a8c3133ddebdd7b4e10005851fbc5718c003ac4fbaf0a22e225c80a31b4287ee145f630862151662bac1d662d9f9c02d702b1b5305c0bdc6c4720adf973b1bd678e046a3fd7bb15753f306098bd2c2a422a3aa8ae9766090f279480b9d897eb3001ee8a011a12f82d6f7a47d0bcb352e1cbcf508021bb35a30821316093b100d7cb1a1d2e3b4c06ead8d5dc5ef704fe37b36ac958b6346ce5ce7d83d0896b80083cc0e98642c806debd71cceff91beb8187ec82d767bea09fa1301f02e3e5edeaa5b37d075b67c3d5a155d16b048d9b33063e635146db1954b19ffac87bf5639d08a2a25e04779046ee0843fb59bc9725dfaddd97b159aa1fa7e079e192f0465184453d789d4eae26972f1239612bdcec98055772a96a3219114a1a4f6171a5a7edb691785a28fa8b6ea55e748337310ec87d4c3f90a43184dd2ec488430aa80edec6349c83a33460253c707d1da493fce60eeb573069005d85c75cdb1105348314f0cfd197d19f33519560e09acd37bc2b3a8b6ae80c6ae2c36b14fbad2a53cdb65a16db2fcc3a2d7f5daf4699e6971a484795cae4fe182c55135d9a7993e2052d583d2c1bb27415e0afe4b245db605898a2a62535aedc79ecf0e17c2a778762d54be22508b5b42f4e78552c397fc364a8f86f81aeb768676c929aada18a4a0fde8a2380cc3e8af12f77d4c88a72121bed4d5dd514ee6d1ef789e6a81a7333b520f335af1b564a3491fa75650520c2afd1c1b51aef845514f8fd9a4181d44a5ca63c62ea94a02811a7f4a63b300962b6cc820ff78f95ce4d23aa839c92e583a3f62612334c082d2f01fddc79e272835064c013c8663cf6b4e628c91b3f2b4f202e29dcd724bbb7106dde1958a0928144cde9ec7eebbab3b4fb5bc7250919be7db25bc0acbc5e3807002998b497aff1668f6b9a72d6fc38815e2d5722f8474e251eb2777d860a73475cb5bc1ac6a3e60c4fc606d49224b1abaa6159bd4a311b624712a3c0482dcc3bf424c19e3f8d69532235dc03e04e58cc508fd8f8ed3a478e7eb6269adda5a2414d38e181a29fc1fd7aa7e2d9b52914597eb3585e241a8a5eecd6d3a09d1bcd2a80c469efc40604bb91a3daad5dbbf5eb64b0fd595ae31b78635ed90072a359f67ada589edf1d17409b199db9c5be04d9a1a2bd1220a3a66b597ed0146f1fecac4577a5dd492a0b5341d3cdc39cf627d50f8bef7f7a38c417a5a248b10704538dd3f8623a470c07d735859c864166c4c86a881d8ada464a6f0b5f524697d636225a49d04a5c4a2886fafe8b6150fdd31535c4b1ebbf4fbec02cb3f81e160b6c6dbdce9a74c79c443433fa09a7d68667f91eb990dd100b270b0d1fa7aea6215803310b51f48a81fd36acd27d9bdca3108f9709106eb8834b1fbd3900fbd01a6bd829ffc662ef74448fd614811b98e5c1f764aad36b2594a4ef55a7c3fe8c393f04f95365ae39947312f192fc094f6995aa2b624094674b78d9f773d8d35311eb4453c9ed36c91e47b460d2d077c7eb1ab6990577fa19192ce5cabe9a59e850bf2451766b479442cf93b8b743f502dc3ed4363c2fc0507cdf3c468772d919d73ab9df84f0f4903cd8a5e95abd28356c195c7b7e49e40e8168be13a860313669887cbd00b35d943d0d06f11b46d1ec662369dcede6632fdfee1ebd0d21d7697e1ce513124ea45e42901380408c5e4b1cc0428686e9c99016bc725e10d13e539da6c5c73802316fa14fe4e4f98e935969e6536ef8205b0e390faf926d7f39fa04ba10b93fbdb81ea9e9da8b47bbe7f8089bb9f58122ceba3da963424d8207160c3d2ebd10b5aa0f1ba0e4b56c8c66134dd4d9764310bfdf4506ba25a56334370ba589cefd007011d0ae9b0fd387c911bbee3bc42cc2ca7110acc67a877dbe2d6a2c67ff7a972a99eb16978dbd884f730caa2de7b9d48f521e91ac6a8c57e110c006bfa8a02be3c6553870e01124d0850fb29f7accde4bd7aba54bf4b26b3fdb9f628426d41d190125c1f3c7a15235ef4b432a1f7a22e3f13aa86685c12fb5f1c91278d172cb3f9d3b233ff27ac0bedd81532c70f281b8dd226a45c5d8f19362ae9aa44ae8b130d5a7fdf1f7ea9712a52856014dd4b2dc77ba104b44373026699f8c40ad4f428ca526bffa9e2dcec037cd19ffe57b1b7cf7cd7a168e8355c1f3546659889005fa5b0e61dd6d4bf5689d7df54bd84dfdd5a52616ae046d0b22977b4105e4c8379b41cc8ba38c93413fe7579b3c92ef6bc8f36cf05bd410cf57d38d84183b8a9fb24ec5a072eafb930693ff618102c2d5bcbf3eda7c4f51ac1478b201a3815d580e23c521934f6695974aa66a3221e934833f3f3f3ff4b8f487f2704406695803a75a2f60161ed53a231ae655fb99aece36323e0b9ca251fb3a969e7f94a07ab1b726b0de511dc9c6229220ad48b501331bac6c6779c77543ea86084b22a161e721f5b5c8439072f126ff7c0b162284dccfb23e56019a681bdd8c2da513120122470974c101669b192c8c9cf9592e83b2725c83456cf7c005384e44b23d02241f69cf97e10a571ae1a0eec396ece07259a6011770cfee3e7a59063433bc73da8f6d76e51afb9782f0649c7dceb00e152345d4416c1e110bdd3b44a178547c50977a72ed377ba38008b7507f4789995e4949eff828e2c07d02b902d11e1ea1c86ce4c860138fd8cbc7cf525d9b77f6a21d27432a7f5748a2aadca2e030392f22595663ddda4f037c721633d0bc18333c2274c806f5daad8c83579d475e457620c9681148c5894a3aa17e3730cc574e750a03d5c86d38ed65bad6f2a8e045e8d0e50970e4dd478afc45d8fa48a7c5ff8fbdcecdaaf1bd05fba2ccc6520021ea3f9ddde584221da2ecadfb18cf47b48d34e52381a", 0x1000}, {&(0x7f0000004880)="286511af59f05dadbe9b34fad8fc347e7c87ee2c9a171232f83dcfc9c29dda6d358ae445f7967d1d591b33f4dff0978aa85511f815c45819136b6f71787306f32d7a969f428ce6bff5091c87c943c0a4befdc05086e915dcf87dd8f37ed03b60ef951fc0bc6d8d0199f48a44", 0x6c}, {&(0x7f0000005bc0)="62ec5e59027081ce66c9fae121adf0e17ece3fe5f4aa35370302e3d5ef3dede0bea89d282244e2cc3288aeb4cb35439be5fc2d45593c7e8e792c2ee714a6879e0c640832746fed861185bdd8896ebc514eaf64f2a2038d44", 0x58}], 0x7, &(0x7f0000005d80)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, r5, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r0, r4, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x98, 0xc000}}, {{&(0x7f0000005e40)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000006fc0)=[{&(0x7f0000005ec0)="bb0caefb1ddd658585ea44f3a5fbfe5bda5fa248873c7f212ef184e8295b818f556824d4077ff1ee4086e9d1587bc151151c3ba9a107718d17a6b0f110c5e7555dfa27d3952c1d44188f06ecb6fbb9c1be8c09bc1287644996c84870304ad4d92dab3b242d5737d94117369cc9145efc07c79ba048046e98fb1938", 0x7b}, {&(0x7f0000005f40)="b9c84dafc8c67e6ff62572f5b2d4b66f9c50cd85dd6a", 0x16}, {&(0x7f0000005f80)="e1ef9e90c4923e", 0x7}, {&(0x7f0000005fc0)="dcb275edb8dc6f4bfcab37f3509ba2784896b05a28348c541cc4905b8903819dc55c777e314ac37951d8d54474ca39b7552a2272be0b5cc6a38ced3cccd95c4fa5220f15f3d4b3da0ded6905485fbbdbb6b219e9065103ee97a00336910ae154b7a19d7974b84f6c26881cef20044cb2bf0f92d10c1a52654492e21cc73fe1280ce851fd5371c2bc13edb12e8298001ecf9553bb1c25798c4debf203cdeaaed726a1f9812a762dde655515e4b3c9759a38458f0672bc94ffe28737bc0dd18672e17fe0fd56116596b6d03fb3b5deb9ca3f8b6e95ac3b13ea4a3a3889a54523d5a4d322fd48c380a542131a7c35ae3f08d0a3b7883db4f75503fe3e63ea28cacc7b46cec12ad8577a9a714bf4e1f068ffd72d1dd217de24452d99f330d055449b1eb3bcc6b102749692282abe2f5b6a7616f2945386efd34de8f69818a3e4a25886504751577a2b7002489e6fe168821687c31229e7646329871df80d11438af770dee66e84c3e31f2ae131f1f3d7b62b60c6616fc9e715f9c6d45da59df09a82cb1547d4ea12192055c00f358f01080bba48e8a7e0f11ec090f975547bd04d18432d561fa1b25a2d312a7a8c63523b867abef403dfb51de7bc6f816ffb2e85814833626d6bf7417e44d62c32bb69abe61429071c7d7840571a9ef99b35453421ef1493ee869a7c99d41b93b44af65b3f114d75296ed6db26563424e0638b0c3a2fa438e4a682cd875cefb4391cace757d637595526736e1fc20ba296c8ba1d143afc5a750af11f3b7cca63088fcc5d0c37befbc1354afd8dce9b144077f7a91a3edc71034aac61c900bdac07b4f3b12735f1805e593869ca00c6dadd8b9e165fc9fdb0ca0656b060d5bf1048a9b3bbd38d20390ea31117ffe3bb3cbbf574757c88d84593ba8c6066d29b18d26fd6a8f0adee8805df47d8bcad42fcdb0eec51ae2eca5ddb7c94cc2cadfaffbeb437ab04ca5c165c71a5a1f1cd35600c9644a7f328173869bb2e224370d85fa17447e14491db046e87bd5c851126f3f4729c91b8cf66265a8e3f345445cccc7c33356403b642cfaf14ff26c984c71f609ef9ce82e10bce9f9f9cb5407c6b18d7aad825447fbfaaaba03a81b00e93acc20aa31ec8d6b634af678b0a25ef02be577481855d9fa89107b11ddb6a76b454084db3a201e059bb4385b5f040a1e9184aefb7ff7abdf665aeb8410264c73e2197307fc02c6e04b3ab37b0b3043b4cbbbccdf39ded8ce7d0c8a92b9cddf9c9f0e09dee4fda864ae7ea1017a7aa270e796c1760ea8b6e1c2bcc828eda495d6ab4bbb6112f2f41f440df7f0ab7db044cb2de439102d87140f44440e0bd5449a50810013e2f1ce2b1cb9b2054c4cbd3ff2754e44d6f08ba8a860151d128e817cd7dfd920fcaad59d8afef81a1ddb145205c82f57aa84c01b70e064cad00c54dbb21484c804da7310c6171626e2d58f4ff5382b3da7f4841d50fae55bc8471b0fdda13062f5a6d78e12c15a2e2b8c5863ac5672bb68933f1ded2b227a7e324c4e99df49ca8a27472339718a12db7b0860a689effa9f3b44e55822a1a60db4675c6ca7cd5fcf12f1ef6db0b3086c85e547c773d4318d79663c759d91fa6d0750fdde28377eb07d7eae75cdab9c96718a85cd17fadfafa8698810b1d350ea576453c4ef164c17a2968e0207579e457da060a7269af67396421c1539918e9d5b8a2df293d7c59f0cbd5220bfb9bf04093135aedb1c3bd11bc3d1cbf6eac3754a8870fba1dc859c9f7e0001d418db138fa842f9fedd43bff779be2de8e365a5d8bf442fb6a6e4728d6165e938b9b19d9adc04c79d580f88418044769d3160360fa8e550ceac75acea860793fcbdd7700f44a109f4f5be873ec497d50b4d3ff68c9ec7a2f3803bc6e5899183860f25cfb28f19165d02901ac59b641e2ab18c8f63c77a56a0798cd2bd4bf1df522c7cfa157b18e9e7454fb4070eec9a17c45b237d7f1003e82e161e0ae4c9877c06529cbbf77ce355605fc48a7807cee0df79533ddcdfc651f334ffcdbdf54c590d2254e465f5e873ea8643b3820cd8ed9b77b481f1827a1a3e86f94a868d46d8b4acbed10045d9cf63119477cb2a5eab42637ce3a5c033b8b9f139797072406d08654e17bb6017cd27db3e538140ccca0cf67fb966538eb56ff036a416cdbc15d99ee3562d7a6203ffb711f9a160ba3d36b596d2353c85d7b13af1467c9cfe38a28dbcf33f9b5a9f03736628832e77a909c066017c2c80e325e2695cdc5f86cd155b1b1aeea48fc24b2ab087010a81f840df22149e312d9b15177a8dd6618b3441a4521ea3bcb271de218166ca9cecc4bdf4b4051558ca2a4a3af68b9521bde445efd77be12b76869396a95d28c1e4a9e68484e8fa914c3d2ffa870bada1794903aae45b9e7369b65c826034b30627fdff1ae6bc30c2ada5d3a99935a2efbd8bf6080d99d9b8f65e5bbc006f870c2ad8c311a41fdeee6e013e139f132640f80a47d8d5076972e83e9859a99301913423bde2bca27b805f2e093f8dc4e1834824584264202a0d8a19bbe38688b03bf75da476ea7d74200e49c99ec3cf5bd22063fc3acec807e41792039256c5183893e90c17c845643b4d37149012e428850280842d500e54762b5e26d5e9e31afa387a32cb23ca5f0e6b36b6cdb811fcea333ba9de7a0e1965ce75aaad590ac25d0ebca477b40b03f47b6ef78b0c076e5e999aac2df408b62f5dcfd8c179cb236a2cfb143c7c7643841ef6b26a7c32eeac47f3dfa64703f210ee5ecd3ab0126fcbdc3ad5831eabd5f523d3332f3fac369268547af92061d51aa9e2f587b0a8223d0771e719757cb9ed91246469b6e5290e78312b5fddab8cc243de50f2ae071ae521d7739b16b1d72fc4db63982757985dea314612c712a853f439b44ce31fd1ca70e39c0cd465a29427b8a0b52e0d05f704abfa6357fab35def716b6e169ef9ba8d62c7791e74984bacc1834d0bd73768a59c4e4a3f83a57bf8650252f39434e55f0f76f3d6b661d33b8b4e5d79f0a0d710120926115144c1125afdc8b76982a72769e130b0bf3a9f3d8fb09be3c5a7c085a14a516ae3a65e937ee25da39f35d5f7a36b023f7035370283a2422e561aaa3742462f475b1ac3466a2172f17d4d709498d2f1cad5352fac036647b88673eaf01def37a1c268987701f4b4960a49235716492efe45caaf44f42dec1345c9d0214d61be9556a8206434bb1dc6efa71db85ec5b048d83cd8ff63d8d80e5bb8943e358267e6b53530d6115dc3dcda6db04be94c3cdf07e545f9c7e34d72860f8f5676eba9a6ae1ea8f27374a114a50930dfc7cdae7326e9215f2d94fa713cdff1b4c54bac7077e7708a352b2cd01d686b8c637f0aecbb140499f1949027d5278d19a741eb1400c3ebfce76ed4d63a2ca824c488e3939571531aebe9b198133ba31b1394b008c8935231411207510c0e4bb991b91296df2ee395a81ef541dc2438568bc0cb1083e6509529599c25395043147a0d79f9966985fa0d27d994ee6770ac3e775cffe44b039556a0cf528ae372a7a4959342a5c6e3f76e8d00bbf458d2ce03444d37b465186f2dc5a7a736bff6cb4579ee34e8dab72726af3750a58bff1188050cb44ae91b27ccae98fa6e2784df13c8a113ccaa591419409d70036cc614b6d26c9ea4229f28ff4fa3f5a4c307013d905126509bbfcd66ed3b963db381620b279b4a0ff92d0fb02043018c1201d93850625e57a7ac4bedcd4274686b52acd276462d850f184e5e4e87aff9af9860a5b42640c6a4eba4adac9ce1ec3131542f27d0ee46e360c47649f04091cdb915d28cb32491044013b48e2dee9864a3d807dbf8a64c4b1758a80b129976c18337dd7fa781826711ebe376d39cd60060652d902ecb3e677bd0e7c5ef3327959eea9d7f280c3a83788355e29484fa5b6923f1f60086e9045a62e9cc20aff1da5076391573bd6cfb779c116fe3fdb1d0e7491174b1395fac2111489990b4ae261097e489cfe1e96a952e9e04672f7e5927a2be4b6a638c55115b18cdd697b926c3ec5de5d0b26953679356db52f9bf74e45472fc25a7ce80fff48874a41b3d5b7bd037bb707376d8e890d8982eaeca2040375ba0471783888dcda9b19a2ce228b73bf90f455e12cb08e0219bc11daf88f60f4c5f5ad46f6f976f194eb141fb1d010911cdab07c778429e6970cb2d1083828e618f0d2b0c018e754ee15e3b5703f1075702c8a3ca40e518ed3822e7b0f3db2a89b893a8457e64095ab85d0dc97e3524fe1123b44c818267caa96df27ecaa0b28f4d77f0af8cb4b9956d43909336150add049cdfa5cc9a0271df0dfcd42a20dc46f425f7a3bd80a0f5ad951d4e04f551568b6e57a2d5a62e49223e8f2c2ec25f0f3179b42cfd0febcf5d66e202e100cc48418e102a605c7fd82989daf09bf4d720ab2d851781b28558fe8299a9b64029ce61210e8275a82693bfd559973c6d03e5347fbb5c9200b53f61829cc64eff53fffcb403b1ecac971e4721ad99b83d7e0e65adf980b1f3f83fd59165d0b69a239fad75bb602f3cfe4c44d4fef57c8f0c30bd07ab00f477f2beac72474f125cbadec3dd54d2b85d7c429155c696a9a0c38dad205db2d28f336774e81c97496480eea0096a5d311301a5f7aa393efac2545cdeff7aa7bd55f8a1cae9ffc037e0834f32720904ef907947b34bec05371e1cd6d5bad92acd25320d946884be57620e5bfe75b86eb5a96427d93a6b2dbe7a22e17556accf2eb69df428655624bb095fde373da437957055de53e2514d6c04f2b248c8671474c3363c08c97bb551122deca4588a709f2dc3f53cfc447a90ff51ae8f9a70baa396f0c03464737fb7c4418db5165915f1b0aec99690f0f5edf1adaf6a604058d347b564f4eeead45d949b53ef18174cf8455ad392cf50dac50b1d1fc555443c6013b572e060124a614cb6c7a1308e83e985509add4b3c778f59b85b25eb60ed5085f73decbe47ff5de599d2c30b4328cbb2b0df288287a58d58b0d0397468d9e4903c50673995464ff3e421f7d6c6e2ea4bbf796cf80a8342b642124c6d7e1a8354ef5aa5fea2eff64e752faf79751a0fe6027a208c19888981ebb6ffa6cb26c2cf042c74e6f3d952e368341539a32e41867147521ae420d56d88ad4627dd20fc5f15b311f475975276e2075f287e33be8745154a059d95e63d5922029bfc48014013718a5a3a497ff245dd0ce74d5660c1d022feb380924216c382f769335615dd8ffc208893e1f6ba39ff2d7a8aa0b5532fdeeedfdf76c924c53681643f98ff8dae49562c69071aeed97e40d3d7c9e486b7755849f74ea77531eb375c9d10949ec4c21d7a118b66e359b51f299d5d89e7944e6f8a47f03ccbf40f80bc8bf52cc3e286608e534e3fb0e85e55e4e48806e2ec8135562f01d55c24a139a2e7bb6aed0a6bebb4372ce00d9515efa13036680f9770b07c854c80c9cc22500d2c4799434d77524d1362ed0a609bb059f3fc39c474fbc6ae25eeabb73037238fd150744a383c2151eb1c0168bccb1f5f2cbcc16596d90f0df9bcb56f5db7c228533b58f084d97dceb3f507e4895797bafab1e17567fcabe577f8c392d3cb23a9b66c0d0ec5f89854d84bab91e50ac0aba0d8c67bbbe3de81c60ff6f97c72c7949f0f73fb8f28a86a853088f701699f0be4deb6c372db45aa96f9f66c9d5918b19e7b60e546ebe9cbb9bf12f8f2e70190728ed133586b531e600f7d1482b4155f8270954f5c992d4a5ea594d82fd31797f9843a77977545b169184", 0x1000}], 0x4, &(0x7f0000007080)=[@rights={{0x28, 0x1, 0x1, [r1, r5, 0xffffffffffffffff, r5, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r3}}}], 0x68, 0x40081}}], 0x6, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_mtu(r6, 0x29, 0x17, 0x0, &(0x7f00000000c0)) r7 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00'], 0x20}, 0x1, 0xf00, 0x0, 0x40}, 0x10) syz_init_net_socket$llc(0x1a, 0x1, 0x0) syz_clone3(&(0x7f0000000040)={0x200126000, 0x0, 0x0, 0x0, {0x6}, 0x0, 0x0, 0x0, 0x0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r8, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) 27.208201933s ago: executing program 2 (id=2824): r0 = socket$nl_route(0x10, 0x3, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) read$FUSE(0xffffffffffffffff, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0x0) r2 = landlock_create_ruleset(&(0x7f0000000140)={0x2000}, 0x10, 0x0) landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, 0x0, 0x0) landlock_restrict_self(r2, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x20}}, 0x24008002) bind$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) connect$unix(0xffffffffffffffff, &(0x7f0000000440)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(0xffffffffffffffff, &(0x7f0000000300)=[{{&(0x7f00000004c0)=@llc={0x1a, 0x305, 0x0, 0x0, 0x7, 0x0, @multicast}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000540)="cd674a2153705ed89e19a79d48b62166cb10443dab5f1d66fc2f4e1d6d7280d29527a1ab6d2c845e38e82b93c02cb958d028bff7b7aefff011542c4d220fb59fb9032bc82fd30b20918fbf3d2d81d8658966e86c3914d824eaced5", 0x5b}, {&(0x7f0000000980)="b2998bb397b6e5aab43c7d1149e04ea428342db9a95841c1be565a0fac18685130ae1c0b2163ac958173fed3f34ca1c8c39592fb00976521fd020dd368a5a000fcf1a8d373876fd0357c2d12e3120a6a8ac6489ba2fcae9cc8ab7ac9de692407c7b1a45b6f4a61ba50d60c2f0aa2321d1c1e2a07c50674d475ffeb6efcbf375ab266a5439ac8b124dbc586924c461076f5ba36f7d641c566b86c3e69282c539ec0ff9d175efc05305ef1c82e1f1713a041197f74ece36d388b7b1803d8497071c2799757f13cefac1033a2d1", 0xcc}, {&(0x7f0000000a80)="7bda06330045fab061d887adaf8557ba4c5c875fe6412f2b756b388711252a0b575756d40002d795fc8be0e20b7254f666e4ac9e707a3a872dbccad8fc0e2165177faeecc8d0133bcb07e16a565986a086f277e998b646ba8d011446fc2afb6b7bbb784709714489d0ce8991874a32de25009503296c855e474e8820398046b9037a0763102567a30914fbd0002fe96278ff1af21be22d35e6195870671ca70be4e47532f6cde111c1615e62ea453fdb4850e96e694c1ce7f70f83c3e6e8c7656575bbad9410ddc799c9938323a5e51f881aa5a933ab8f3b573dc7d73e26c2bddcad041f03923ec3e271e386618c1590a10b37d9ccff6e49d1454880dadbc5ae83bc27be53736690763063db4ff1179f0dcefc89882f752611b568acce3ff2b96453ce3fc7b4a87a4dc9db965fb03ed1a99f0e783bcc131bd3a7ebfd4908a2a214d4572c7006a1db339be84e3735f74cf8d7ab684499f9d23382b6e15a68adb2eda9012d8951b97282bcd520668db9baa8a93d50ac93d72df60ae262b5711808ab9e889a672c87d2cabd020a9da4a7126c9d06bbfbc70a125846910c19e17d8d8bad2cd39c7324eef33d73671d7f85f93b92008154597977933460315637e7079fdee3e46e01b13de5f91c562c8b89c862561d8f211c7faefd16f7a66635b04faa4f63404c305a2c0403b790b5a74bc9848d515f8e4df3f814b97d129104be32acbf353f9fd37342bfd130b77c9a121f61e9616a591c258a6b3cb7f62895028e94c704f460caf4dcde7df4d1d5fa93917964f0e59dc4bad9d93f910ab677c3df12c21e82641e3a4ca64ec0eed6937813658e6baf1dadf54eec663dba2893bf7227ff0bacad3f4a5aaaba306566b222fa0f7508e86eb97d2eddbb44e64591991012ff7d3d538328d4b9d6eceed409687fec583cf815a1b4b58e9495fe19be09bf921b89ce8c0e02d6193ab1e865a08103800396c589e32eb1ef08836f9219eb00b5b3d90af399e34a451cc5e77b89150c0834e20c51f45ff98c6d1a56d772458c4369ba2eb489bf89c2f8e6f7d55098284ec4427f23796541455c741fac5db32fadfac0482d6f5fb55a721c6758d0e00783962e9f8bbbba6a514294179f440077951d97f67b37e4bf53ffc0da9c0db58aa83971389ff0054c19a55432f897b8703e7d83f377dc889c4abcc5f396cb0865ea4a9ceb82d3680b91efce9ac99b41fccf8c4dbf22833e6c7f50428dab3f32cd41238894db22665b0f1266ffa5596b864ddeb4cf9c1734cbf8b952a497836242b02077b90a669efb7ba4d336f777ab7d534484adffb67de75077e3cc34100b02973d83cd6885e13558cf1b0c5113526eac823020164355b16ec529eafd4bd394aaf204869dcbc6d954277f7b599491c1ab90cf4939d8c729b68e77b8fa7f85b1294925b6f5bf9b17cf540500d852de23d57b98def34867597eb8c4929f3157eec2ae7c14a2a6e6f2e9baa4729e40d87fe5667a9da03df99f646e99c0a3290c62ceb2acb812fbe5e1d54aa626104c5c5fd90c7abd69fa1c094fd1350ada43613dfe90dd11416bd49c55c7ce57f755feb5251f8a3cbef51528dcc2a64b34dbbba3e631f7a6db480eaaa836476a23adcec7954617e85ed0fe44d803e43cfa39ebe5ea3dc3529457f00d0a8ac3081b5b627505cfa3dcd844b3454a3c92a9c96f8a110bbff3a25af404694d8e310b5ff3833201a3ea300db2df8bef893582be730d62e4b46a9fda9472336cb2ac6e7c975ce693282f5709c69f7fb041165484c2147e19e789e4eaed8e56be4c8d9076033e18ccb218b1c4f895b552803d6ba05a565e276c4021c221fa5762022856ab8a320ca19cb86fad86f02b0fafa220fcb44ce0b3c773cb91ff37850d7fc47033e8b54fcc89e16141d184a8dabb427b77a875ab231b8b9e36cf3b6166c4f1e2688d730f37bed90a81a0202f0e712f2727d85c814b53be15f77860676a71da4690345350c07d2772ddc00762aa6811e377d8387601067fb7d8641c18ea2d36dcd4b2a92a636e313b2e1cf33bc9d07d5ad423c04dc0a1ba25af404f443419d65c450b6c5a9d587e1626986083ba901bdd4b92c0c4558937c552730def9e5689dbdb29fa5b40988407b60e5f6aecbe5743f2ded90d060be13abea8c11b2483770dcb303f68c39e95889a67d5decda119c1a18205d5554f808036a52dee856d8c8e7ef2c903e0578d576418d2681c8bed26a27f1edcfea622553a746044538e2bfbb48e76f8708211aca45929ed148437bfefb99adf99f13fd620dde954fce0bb1bce55cc4a26bbfa7ee79e28ba1a2a569013bf7b35bdb3d37cb167930aeab2e4ce67005742e8c5f15f53f117c4d504317d6f9c9721036d36396dc3a1dcac508f2230d33811837bc3e8b1f56e6ce92038102035efa7ba407f73a603b84802982775afd3d8e56c4ade781ac4682c07da640b3800ae528b95ff5a5f344309ba01fa3f8b1959550b6d72969551b8e6f283938314c60fe59904ea195fa71b6af4b0c7729e5554dedcaae7b97e71ed0c57b72d417d56414b27b641ef7c9fd1236cffad79b524b407793f808e3216311d77bbef4b028c55adb84bf767ecd64b3f1bc8fa69bdff65b2042efd2c1bd9f4108569e2b0bec90c90dff967fb9a32afe83aa115aec22ed16792b1a304ceb5933bd5394b5b7525b3f3b767ddbca0e1f58bbc4281021a45cb1dd175238002a293a3ba8cd2e083b4e00b0a5b91835e8a7724449974656625ec63abe4ce770af26b7c98efcb06caa57f5c2d0e1afab8ed56d431da02a09d94442766944b0014c632c7ba32bf4f4d0c5523392b60d6f17a2cd39de120f5408b516fcfb307dd1a6696ed71cce57118c3905a5c8a254bfab269a31328606736bdf072", 0x800}], 0x3, &(0x7f0000001a80)=[{0xa8, 0x10a, 0x1, "e20c0de94be8a439e3f82ece6e587d2375dd3e1375d209f0e5c919bedebb1aefd97470c9f9d21a6dbdb53e8e068a7506d6d6da2551e743a876abd20654f50708c0cc435061d6781fe9c6592515d5f64f8b38e9ba9b7e1c77899f8f2309b8584a0e4553f229024d2b4b582bafeef74a3a5a7f6c3af5ba4d150a647b03c810c3ae03cc6781f32ecce7b9f189af1ba0c8196caeabe01665"}, {0x28, 0x10c, 0xd6c6, "92aab8e4922f58e278c52d14fe3864921fcebd7b"}], 0xd0}}], 0x1, 0x3ec0) close(0xffffffffffffffff) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) recvmsg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x12161) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc8910610700fa6fa26fa7088c60897d4a6148a1c1e43f00001bde605cbeac671e8e8fdecb035865e362ead91b1979a5ae30705b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd21142525815b91076ccb7b37b41215c184e731fb13d100323b77f613af02b6f3259d6f3ac85da4fe304ecfca2be5f4a8b3910a8f0a88d082ac161c4a3c1132831a88f199f67aca8f4698996d076250b2b75cdc7776b8cab72716149f70efb190007832c6077da0df4c63a226284cd6a2e5ec5bb28f18dd44821065b9758fd159c490421901361244c01bfa0cddbc726f2b4ceace9f9309f507e6a7135b33f418af0a63bfb480c2feced947dae1d7dc19c4f1807b17c559c27be4d18b2e0a3cf26832d7fc97cea307de1852f90317b501bf66473eb6dac986d7b5682abc3a5ea1dabde56b9e3a56ba20a65dc0df39edd5f34ed22a8f0c6594a894901e455d0369e407dae0f4fb4e181415153000000b6b384cb4bbfd4edfd70cd7324de228e1047a61292abe63fc71063a9040bd927779d56ef0f4725dfb3822ce1e24632f7d51a0e65bd5664fcd3e4a0b0388b842115b5689769438f9763a55956288e78b6cad0ff3f310722b4a5cc4f25a69753fcc8ece189808e6f2f71ca2337d0de3a9feaa3f4cd2a2c69d21daec3751aca69f0a6f5b0af65aace6d04dad91c67e57a0f7b8accb3f8d9b787e002e56a7149c2d10a268884e695256ddb9c17853e29689f41667522e693"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000812d1022b9569304bf70d449285d975640634288f996a01bfb0ebb7be2e72038e13f92b9dd863bc916dd36146fccf37501523ea740b1db0b4d4f6e612157ae0ecf236c18295cc60943c42e19d6068a74a082618304fc6dd620e87b17cda1b1c13371a5541a7088e32b4c257cff2cc8ffab51a62583914a1c99a39e5673af49ab5413aad82c2d69cc8cf540c17fe780ee9d0630b889a0f38ee95cb938214380851ac169e8ce53e51c372e3ca5e93e", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48) 26.092808567s ago: executing program 2 (id=2828): socket$inet_dccp(0x2, 0x6, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r1 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r1, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0xfffffe9a, {0xa, 0x4e20, 0x200, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x1}}, 0x24) keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e') r2 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x0, 0x0) openat$cgroup_procs(r3, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) r4 = openat$uhid(0xffffffffffffff9c, &(0x7f00000001c0), 0x802, 0x0) rseq(0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x48}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) socket(0x22, 0x2, 0x4) ioprio_set$pid(0x0, 0x0, 0x2007) write$UHID_INPUT(r4, &(0x7f00000005c0)={0x9, {"a2e3ad21ed0d52f91b5a090987f70e06d038e7ff7fc6e5539b5b43078b089b3b073172090890e0878f0e1ac6e7049b3371959b6e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6b922f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa0b9d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c71568f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897f3411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2de8a50ddefeb12c46342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f02f4cded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x7db}}, 0x1006) fcntl$setownex(r2, 0xf, &(0x7f0000000200)={0x2}) 25.492856062s ago: executing program 2 (id=2831): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) epoll_create1(0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="00000400514403001c001280090001007866726d000000000c0002800800020001000000140003007866726d3000"/56], 0x50}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0xd0}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x38}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000340)) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r6}, 0x10) socket(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r7, 0x107, 0x12, &(0x7f0000000080)=0x9, 0x4) 25.162701337s ago: executing program 2 (id=2832): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) get_mempolicy(0x0, &(0x7f0000000700), 0xfffffffffffffff8, &(0x7f0000ffa000/0x4000)=nil, 0x2) r1 = syz_genetlink_get_family_id$nfc(&(0x7f00000011c0), r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x3, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x5, &(0x7f0000000d00)=@framed={{}, [@map_fd={0x18, 0x0, 0x1, 0x0, r3}]}, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000dc0)={{r2, 0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000500)=r5}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20) pipe(&(0x7f0000000300)={0xffffffffffffffff}) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(r8, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-avx\x00'}, 0x58) r9 = accept4(r8, 0x0, 0x0, 0x0) splice(r7, 0x0, r9, 0x0, 0x1e8640, 0x0) close_range(r8, r7, 0x2) sendmsg$NFC_CMD_GET_DEVICE(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="e9b027bd7000ffdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="323346cab556de37f08279edea205fac5f4a6e2c74595538479ae91626115a302ea851e512ad27ccc19032d470f3f59b791d689c64ceeaeb84c5187e808779"], 0x1c}}, 0x4000084) 24.341015401s ago: executing program 0 (id=2834): mkdir(&(0x7f0000002200)='./file0\x00', 0x0) ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, &(0x7f00000001c0)={0x28, 0x3, 0x0, 0x0, &(0x7f0000000240)="6954d4aee55235b0473a40d907f60fcd76c0395ee5c860611aa5c5bd303edfcaf4b00fd925392193768c6f602f5d9224a2d12d689d974b8497781b456ab906cb4771fed83fcecf05959375199b9014", 0x4f, 0x2}) r0 = syz_open_dev$video4linux(&(0x7f0000000100), 0xffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='pids.current\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000000)={0x1, 0x0, 0xb0ce81821db1894f}) 24.328169671s ago: executing program 0 (id=2835): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, 0x0, 0x0) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc01c7c02, &(0x7f0000000040)={0x80000000, 0x0, 0x0}) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) syz_emit_ethernet(0x52, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004c00004400000000000690780a210104ac1414aa44140a01e000000100000000e000000100000000070804030e00000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="4f00e80090c32ad1321418572c4ec87bade7a21f25fa4dcda215739b2e817883834c67c98afcf594b4"], 0x0) sendmmsg$inet6(r1, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="04", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a40)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720cbaa1b2ef3bf6f8ad001d40702cbdbbf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d239206ddc3509f664052a6c66c62f62a49fde8fbe4c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b059144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f930763df331695024bd1e53369a87caf6894fce811a64dad315402678de7600"/917, 0x395}, {&(0x7f00000004c0)="439e9c06fc666cf70af3a6aec0617798af5a5cf62fc0cccc2529193558277dab", 0x20}], 0x2}}], 0x2, 0x44000) r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000040)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000440)={0x48, 0x2, r6}) ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r6, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, 0x51e}) ioctl$IOMMU_IOAS_UNMAP$ALL(r5, 0x3b86, &(0x7f0000000080)={0x18, r6}) semop(r0, &(0x7f0000000000)=[{}, {0x0, 0x9, 0x2000}], 0x2) semctl$IPC_RMID(r0, 0x0, 0x10) 24.194719694s ago: executing program 2 (id=2836): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x7, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007b00000085000000400000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) getpid() r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYBLOB="12000000020000000800000002000000000000", @ANYRES32, @ANYBLOB="00000000395a7af9172589cd0000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000100), 0x4) r3 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r3, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x2c}}}, 0x1e) connect$pptp(r3, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast2}}, 0x1e) socket$inet_smc(0x2b, 0x1, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000080)) openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) socket(0x1f, 0x3, 0x800003) 23.413624098s ago: executing program 4 (id=2837): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x7, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007b000000850000004000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) getpid() r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYBLOB="00000000395a7af9172589cd0000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000100), 0x4) r4 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r4, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x2c}}}, 0x1e) connect$pptp(r4, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast2}}, 0x1e) socket$inet_smc(0x2b, 0x1, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r2, &(0x7f0000000100), &(0x7f0000000240)=@udp6=r5}, 0x20) ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f0000000080)) r6 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$FUSE(r6, &(0x7f00000014c0)={0x2020}, 0x2020) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 23.411945254s ago: executing program 0 (id=2838): recvmsg(0xffffffffffffffff, 0x0, 0x700) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'team_slave_0\x00'}) socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) socket$igmp(0x2, 0x3, 0x2) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xf}}}, 0x38e, 0x4, 0x9, 0x81}, &(0x7f0000000100)=0x98) setsockopt$inet_sctp6_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f00000001c0)={r5, 0x2}, 0x8) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x200}, &(0x7f0000000040)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x69c780}) io_uring_enter(r6, 0x3e0c, 0x4, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) 23.330429751s ago: executing program 2 (id=2839): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000063a60f7306cb665900000000000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000e3ffffff00"/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000480)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b9a00fe00000000b6090800000000007b9af0ff00000000bf8610000000000007080000f8ffffffbfa40000000000000704", @ANYRES32=r8, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x2c}}, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)=0xfffffbfa, 0x4) r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_BT_FLUSHABLE(r10, 0x112, 0x8, &(0x7f0000000440)=0x5, 0x4) sendmsg$can_bcm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="00000000010000000000000000000000a5976ac6acd45a63feec86d97b26bc84c76171"], 0x48}}, 0x0) sendmsg$can_bcm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="01000000220900"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0002000001"], 0x80}}, 0x0) sendmsg$can_bcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=@newtaction={0xeb0, 0x30, 0xb, 0x0, 0x0, {}, [{0xe9c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80006}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe50, 0x2, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xfffffffe, 0x4, 0x2, 0x7, 0x8}, 0x0, 0x9}, [{0x8000, 0x8, 0x0, 0x7, 0x621, 0x6dc}, {0x7, 0xfffffffc, 0xef, 0x7, 0x9, 0xf}, {0x1, 0x29, 0x5183, 0x10000, 0xfb2, 0x1}, {0xffff0000, 0xba, 0x1, 0x7ab, 0x10000, 0x81}, {0x0, 0x10, 0xffff8a02, 0x7, 0x8, 0x7ff}, {0x7, 0x3, 0x7c, 0xefb9, 0x2, 0x1}, {0x8000, 0x4, 0x1ff, 0x5964, 0x9, 0x15}, {0x1, 0x7, 0x1, 0x2, 0xfc05, 0xfffffffc}, {0x697, 0xb3d, 0x5, 0x2306, 0x6ebb5645, 0x5f6}, {0xff, 0xafcc, 0x80000001, 0xd1a, 0x7, 0xd}, {0x8, 0x10000, 0x0, 0xb4, 0x400, 0x8}, {0x80000000, 0x200, 0x7, 0x2, 0x4, 0x3}, {0x6, 0x25, 0x10000, 0x1, 0x6, 0x9}, {0x1, 0x9, 0x4, 0x3, 0x100, 0x4}, {0x9, 0x6, 0x5, 0x1, 0x3, 0x2}, {0x5, 0x3, 0x13, 0x3, 0x3, 0x9}, {0x3, 0x4000000, 0x6, 0x3, 0x4, 0x9}, {0x5, 0x401, 0x6, 0x3, 0x6, 0xffffff7f}, {0x5, 0x3, 0x7, 0x6, 0xff, 0x80}, {0x8, 0x1, 0x4, 0x2, 0xe4, 0x1}, {0xfc3, 0x1ff, 0xfff, 0x6, 0xc3, 0x7}, {0x3, 0xf, 0xd77, 0x8, 0x25f, 0xa}, {0xdd, 0x5, 0xffff, 0x4, 0x2, 0x7f}, {0x1, 0x1, 0x322, 0x4, 0x5, 0x8}, {0x0, 0x16ca, 0x4, 0x1, 0x43, 0x8}, {0x80, 0x1, 0x6, 0xb, 0x3, 0x6}, {0x80000001, 0x0, 0x3ff, 0x81, 0x4, 0x3ff}, {0x80, 0x10000, 0xfffffffc, 0x7cf, 0x9}, {0xc70, 0x6, 0x80000001, 0x5, 0x6, 0x3}, {0x9, 0xaa28, 0x2, 0xb, 0x2, 0x2}, {0xffffff01, 0x24b, 0x547d9df3, 0x40, 0x7, 0x1200}, {0x1ff, 0xf4e, 0xffff7ae0, 0x0, 0xde, 0x80000000}, {0xd7d, 0x200, 0x4, 0xf9c, 0x8, 0x97e}, {0x9, 0x73, 0x6, 0x5, 0x8, 0xfffffffb}, {0x20, 0x1c9, 0x8, 0x0, 0x1, 0x6}, {0x19, 0x9, 0xfffffffd, 0x8000, 0x7, 0x80}, {0x9, 0xffff0000, 0xa, 0x6, 0x3, 0x4}, {0x5, 0x2, 0xb, 0x8, 0xfffffffc, 0x10}, {0x4, 0x6, 0xf, 0x2, 0x401, 0x4}, {0xc5d, 0xdd1d, 0xfff, 0x1, 0x4, 0x100}, {0x62a, 0x53aa, 0x23, 0x1, 0x471}, {0x80000000, 0x7, 0xe13, 0x8, 0x1, 0x7}, {0x4, 0x7, 0xce8, 0x6, 0x9, 0xe6c00000}, {0x1, 0x4, 0x5, 0xaa19, 0x0, 0x5}, {0x1, 0xc8, 0xfff, 0x8, 0x80000001, 0x6}, {0x10, 0x8, 0x7, 0x8001, 0x101, 0x5}, {0x2, 0x80000000, 0x324, 0x200, 0xac2, 0xef9}, {0x0, 0x1, 0x8000, 0x4, 0x2, 0x8}, {0xff, 0x4f9, 0x8, 0xd, 0x3, 0x4}, {0x3, 0x1, 0x3, 0x6015, 0x5, 0x8}, {0x3, 0x2e2f, 0x43, 0x6, 0x2, 0xcf}, {0xa65, 0x7, 0x30, 0xdf, 0x6, 0x687}, {0x4c5a, 0xcf, 0x8, 0x20a, 0x0, 0x3}, {0x400, 0xf0c, 0xfffffffb, 0x80000001, 0x200, 0x443}, {0xff9, 0x3, 0x8, 0x2c6, 0xfffffff6, 0x6}, {0x10000, 0x6, 0x0, 0x3ff, 0x5, 0x5}, {0x9, 0xb, 0x81, 0xd, 0x8, 0xdb36}, {0x897, 0x4, 0x4, 0x3, 0x2, 0x8fd}, {0x6, 0xfffffe00, 0xfffff971, 0x9, 0x7, 0x8}, {0x2, 0x4, 0x4, 0x1000, 0x3b, 0x8}, {0xab3a, 0x1, 0xffff, 0x4fdd, 0x678940e5, 0x10}, {0x3, 0x3, 0x8, 0x6, 0x1, 0xb}, {0x8, 0xfffffe40, 0xe5c, 0xfffffffc, 0x6581, 0x4}, {0x5, 0xa, 0x9600, 0x6, 0x6b550819, 0x6}, {0x447, 0x9, 0x401, 0xfffffffb, 0x8, 0x1}, {0x3695, 0x7fff, 0x7fff, 0x8, 0x1000, 0x4}, {0x0, 0x2, 0xfe4, 0x8, 0xb, 0xfffffcb2}, {0xe7, 0x2, 0x6, 0x0, 0xfffffffc, 0x1800000}, {0xf63, 0x3, 0x7, 0x9, 0xffffffff, 0x7}, {0x2, 0x3, 0x9, 0x9, 0x3, 0x9}, {0x68, 0x7, 0x8, 0x10, 0xfffffffb}, {0x0, 0x9e61, 0x101, 0x0, 0x1, 0xe}, {0x3, 0x6, 0x8, 0x8, 0x101, 0x4}, {0x4, 0x80000000, 0x3, 0x3, 0x1, 0x9}, {0x10000, 0xd, 0x1, 0x1000, 0x40, 0x10001}, {0x1, 0x8001, 0xaa1, 0xc, 0x6, 0x5}, {0x2, 0x4, 0x1, 0x7, 0x7d5, 0xec}, {0xfffffff7, 0x40, 0x4, 0x9, 0xff, 0x8}, {0xe154, 0x6, 0x2, 0x5, 0xfffffff9, 0x800}, {0x7, 0xf4, 0x7ff, 0x768638fb, 0x9, 0x6}, {0x7, 0x62a4, 0xc, 0x8, 0xb4c1}, {0x3, 0x4, 0x5, 0x3, 0x0, 0x1000000}, {0x2, 0x2, 0x3, 0x0, 0x26, 0x8}, {0x80000001, 0x389, 0x0, 0x8, 0x0, 0x9}, {0xbebd, 0x8598, 0xc0d, 0x3, 0x4, 0x3}, {0x1, 0x80, 0x6d1e0000, 0x0, 0x8, 0x80}, {0xffff, 0x8db, 0x7149, 0x9, 0x2, 0x1}, {0x80000000, 0x7, 0x8001, 0xfffffeff, 0x0, 0x8000}, {0x0, 0x81, 0x33, 0x3, 0x5}, {0xcddb, 0x6, 0x0, 0x95e, 0x1, 0x1}, {0x4, 0x0, 0xdfa8, 0x8, 0x9, 0xc4c}, {0x480, 0x4, 0x8, 0x6, 0x79a, 0x1}, {0x7, 0x1, 0x9, 0xf98, 0x1, 0xfffffffa}, {0x7, 0x200, 0xe3ba, 0x0, 0x5, 0x2}, {0xffff0000, 0x10000, 0xbd6f, 0xd, 0x7, 0x3ff}, {0xfffffff8, 0x4, 0x1, 0x6, 0x7, 0xd70}, {0x6, 0xc0, 0x7fff, 0x6, 0x1, 0x7}, {0x1f, 0x8, 0x0, 0x7fffffff, 0x1000, 0x5}, {0x400, 0x3, 0x8f, 0x6, 0x3ff, 0x5}, {0x83, 0x5fc4, 0x2, 0x64c, 0xc, 0x4}, {0x9, 0x2, 0x2, 0x10, 0x6, 0xc}, {0x3, 0xc, 0xd06, 0x5, 0x80000001, 0x1}, {0x5, 0x7, 0x0, 0x47, 0x200, 0x7f}, {0x573, 0x7fff, 0x8, 0x5, 0x2, 0x80000001}, {0xac, 0x0, 0xfffffffe, 0xd5ba, 0x7fffffff, 0x8001}, {0xfffffffd, 0x1, 0x7ff, 0xf1b, 0x4623, 0x8}, {0x1, 0x9, 0x36ff, 0x7, 0xfffffffb, 0x3}, {0x7ff, 0x2, 0x7fffffff, 0x8, 0x5, 0x3}, {0x1, 0x401, 0x4, 0x793, 0x200}, {0x8001, 0xe, 0x9, 0x6, 0x80, 0x9}, {0x1, 0xfffffffe, 0x80, 0xfffffffc, 0x7, 0x9}, {0x1ff, 0x3, 0x548, 0x8e, 0x5, 0xfffffffe}, {0x8, 0xa5, 0x2, 0x9, 0x2, 0x1}, {0x9, 0x8, 0xa02, 0x80000, 0x0, 0xffffffff}, {0x9, 0x0, 0x5, 0x5, 0xfffffffd, 0x8}, {0x6c, 0x7f, 0x0, 0x7, 0x5, 0xe8e}, {0x6, 0x0, 0xa9180000, 0x3, 0x9, 0x8}, {0x7, 0xa6, 0xe, 0x7ff, 0x1, 0x10001}, {0x6, 0x8, 0x69, 0x2, 0x4, 0x3}, {0x9, 0x7b, 0x0, 0x1ff, 0x0, 0x2}, {0x1, 0xb, 0x12000000, 0x5, 0x90e, 0x54a}, {0x4, 0x3, 0x6, 0x7ff, 0x2, 0x1}, {0xee1, 0x5, 0x1, 0x8, 0x2, 0xfffffff8}, {0x1, 0xe, 0x9, 0x52, 0x4, 0x7}, {0xc, 0x9, 0x9, 0xffff, 0xb239, 0x7fd}, {0x6, 0x7, 0x2, 0x0, 0x4, 0x8}, {0x2, 0x8, 0x9, 0x81, 0x401, 0x8}, {0x2, 0xadc, 0xd, 0xfffffffa, 0x3, 0x3}], [{0x9abf2aa3a6e3f581, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {}, {0x2, 0x1}, {0x5, 0x1}, {0x5}, {0x3, 0x1}, {0x3, 0x1}, {0x4}, {0x2}, {}, {0x2}, {0x2, 0x1}, {0x5}, {0x2, 0x1}, {0x4}, {0x1}, {0x2}, {0x5}, {0x4}, {0x2, 0x1}, {0x5, 0x1}, {0x5}, {0x4}, {0x4, 0x1}, {0x5}, {0x4}, {0x0, 0x1}, {0x4}, {0x2}, {0x5}, {0x7, 0x1}, {}, {0x5, 0x1}, {0x5}, {0x2}, {0x2}, {0x0, 0x1}, {0x3}, {0x6}, {0x3}, {0x2, 0x1}, {0x1}, {0x2}, {0x0, 0x2}, {0x5, 0x1}, {0x5}, {0x2}, {0x5}, {0x5, 0x1}, {0x2}, {0x2, 0x1}, {0x1}, {0x0, 0x1}, {0x2}, {0x1}, {0x3, 0x1}, {0x1}, {0x2}, {}, {0x1, 0x1}, {}, {0x3, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x4}, {0x2}, {0x2, 0x1}, {0x2}, {0x1}, {0x5}, {0x4}, {0x5, 0x1}, {0x5}, {0x5, 0x1}, {0x2}, {0x2}, {0x2, 0x1}, {0x3}, {}, {0x2, 0x1}, {}, {0x4}, {0x1, 0x1}, {}, {0x3}, {0x1}, {0x5, 0x1}, {}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x1}, {0x5}, {0x0, 0x1}, {0x2}, {0x2}, {0x4}, {0x5, 0x1}, {0x4}, {0x0, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x1}, {0xd5928f414eadf620, 0x1}, {0x4}, {0x1, 0x1}, {0x3}, {0x2}, {0x5}, {0x4, 0x1}, {0x2}, {0x3}, {0x3, 0x1}, {0x2}, {0x4, 0x1}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xeb0}}, 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x17\x00'}]}, 0x1c}}, 0x0) 22.335015511s ago: executing program 0 (id=2840): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040341a020800000000000109022400010000000009040000020300000009210000000122050009058103"], 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) recvmmsg(0xffffffffffffffff, &(0x7f0000006a00)=[{{0x0, 0x0, &(0x7f0000006980)=[{0x0}, {&(0x7f0000004e80)=""/160, 0xa0}], 0x2}}, {{0x0, 0x0, &(0x7f0000006640)=[{0x0}, {&(0x7f00000053c0)=""/172, 0xac}, {0x0}, {0x0}, {0x0}, {&(0x7f0000006580)=""/158, 0x9e}], 0x6}}], 0x2, 0x0, 0x0) write$binfmt_misc(r4, &(0x7f0000000300), 0x6) recvmmsg(r4, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1}, 0xe) setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0xf, &(0x7f0000000040)=0x3, 0x4) r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="00220500"], 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r0) syz_open_procfs(0x0, &(0x7f0000000600)='fd/4\x00') 22.248122144s ago: executing program 4 (id=2842): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a310000000005000100070000005c0008801c00078018000180140002"], 0x8c}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080) 22.220426002s ago: executing program 4 (id=2843): socket$kcm(0x10, 0x2, 0x0) r0 = socket(0x2, 0x80805, 0x0) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x3, @local, 'bridge_slave_1\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000040)) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, 0x0, 0x0) r2 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x181a}, {@private=0xa010102, 0x4e20, 0x2, 0xc5, 0x80012d58, 0x12d5c}}, 0x44) 22.187668714s ago: executing program 4 (id=2844): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'wg2\x00'}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x11, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, {}, {}, [@map_fd={0x18, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000240)='syzkaller\x00', 0xffffffff, 0xe7, &(0x7f0000000780)=""/231, 0x40f00, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0x9, 0x0, 0x1000}, 0x10, 0x0, 0x0, 0x7, &(0x7f00000004c0)=[0x1, 0xffffffffffffffff, 0x1, 0x1, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1], &(0x7f00000005c0)=[{0x2, 0x4, 0x4, 0x9}, {0x1, 0x1, 0xd, 0x8}, {0x0, 0x5, 0xa}, {0x4, 0x3, 0x9, 0x8}, {0x3, 0x1, 0x3, 0x7}, {0x1, 0x1, 0xb, 0x7}, {0x1, 0x1, 0x3}], 0x10, 0x3ff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000000c0)='f2fs_filemap_fault\x00', r3, 0x0, 0x9}, 0x18) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast}) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32=r0], 0x48) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000a80)={0xffffffffffffffff, 0x20, &(0x7f0000000a40)={&(0x7f0000000940)=""/231, 0xe7, 0x0, &(0x7f0000000680)=""/63, 0x3f}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x15, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) bind$inet6(r5, &(0x7f0000000000), 0x1c) sendto$inet6(r5, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) r6 = socket$xdp(0x2c, 0x3, 0x0) r7 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885, 0x0, 0x0, 0x28e}, &(0x7f00000001c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0, 0x22008080, 0x1}) io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0xfa) 21.26695014s ago: executing program 4 (id=2846): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r1 = socket$inet(0x2, 0x80001, 0x84) setsockopt$sock_int(r1, 0x1, 0xf, 0x0, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0xce20, @dev={0xac, 0x14, 0x14, 0xd}}, 0x10) (fail_nth: 3) listen(r1, 0x3) r2 = socket$inet(0x2, 0x80001, 0x84) bind$inet(r2, &(0x7f0000000180)={0x2, 0xce20, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10) listen(r2, 0x3) listen(r0, 0x50) 21.072971167s ago: executing program 4 (id=2847): r0 = syz_open_dev$dri(&(0x7f0000000480), 0xf2ef, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000280)="4127b1e0ced1567334890b618cef0980abc39a0f5c8b05f41c4fa34ba8a753a54971974a5347e32668765c0c3a31dbbe76d645c04be965f44c9369d2fb432fb02742649208cad7a140ad28dbc29cb564023d2600478401294bf0c9a3277f56c5a882e27c02c766ccb5f5a099026182b54ade7efaffb6aedce1d269e69cdd1b4e9b0ce05a3c8187b4f6ebf1d4121ac485681030adccc9d47fb1ead7b5c6ec23d70cf174a62e7dfcaafd17a1c0ab21edc55e4999a2ef94573228c6f5236a21f5ed58f8e05fb66c37856cf2d98571240a71c9a332f280874f5a68", 0xd9}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) getsockopt$sock_linger(r1, 0x1, 0xd, 0x0, &(0x7f0000000100)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x0, @local}, {0x2, 0xffff, @broadcast}, 0x200, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x3}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCSIFBR(r3, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000380)={&(0x7f0000000240)='E?O', 0x3}) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x246000, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) r6 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a1121710950b2a17f4f7010203010902240001000000000904fb00026c5d650009050402100000fa000905820240"], 0x0) syz_usb_control_io(r6, 0x0, 0x0) syz_usb_control_io$printer(r6, &(0x7f0000000180)={0x14, &(0x7f00000000c0)={0x40, 0x23, 0x82, {0x82, 0x31, "24e262f73646d09b3d0a5476c74f44c4f89c39ec56686582555cf495e027cfd3d7f8fc8820535ee8e431abfce48dadc24b5bdf3890a2215de891fc195876078da3548dcb247893fa1edb22b902a90b3d94bae3366d4ce94f48d276eb9d90fdef87c99a829db21cfffb78b7cee5f801a708e469c94d03e62941024152ead9bc24"}}, &(0x7f0000000000)={0x0, 0x3, 0x59, @string={0x59, 0x3, "1e7236b4f7ad335d05094f28a273c851472c2ea90106a3beed3e92445dc0efa25f6ae4b0688e82447789d731d9c1bec908b42b7bb07233e859f15946571a37f709444abf480cb58e88b245b70b96392a129dd05d996482"}}}, &(0x7f0000000500)={0x34, &(0x7f00000001c0)={0x40, 0x8, 0x4b, "cd76307794826e86595b2957bf0d5516302859fcdc2459f94115dc66a10d52c5f1243ff364b2d1cba4214c9d4e92641d1b4990f6b684212b1da370ae1f92133d09de826487e73aaf02741c"}, 0x0, &(0x7f0000000300)={0x0, 0x8, 0x1, 0x11}, 0x0, 0x0, &(0x7f0000000440)={0x20, 0x0, 0x1, 0x5}}) syz_usb_control_io$uac1(r6, 0x0, &(0x7f0000000480)={0x44, &(0x7f0000000280)={0x20, 0xc, 0x2, "4714"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r7, 0x3a, 0x1, 0x0, 0x0) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="640000001500010027bd7000fcdbe325200100000000000000000000000060da00000000000000000000ffffac14141c4e2300084e22f7ffffff80a03b000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="b36b6e00020000000c0015005d0735000000000008001f0003000000"], 0x64}, 0x1, 0x0, 0x0, 0x40085}, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r4, 0xc01064ac, &(0x7f0000000000)={0x0, 0x1000, &(0x7f00000004c0)=""/4096}) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000000), &(0x7f0000048000), 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000340)=0x10) setsockopt(r8, 0x84, 0x7f, &(0x7f00000001c0)="020000000d80ffff", 0x8) dup2(r4, r0) 19.771826404s ago: executing program 3 (id=2849): r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885, 0x0, 0x0, 0x28e}, &(0x7f00000001c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0, 0x22008080, 0x1}) io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0xfa) 19.731886261s ago: executing program 3 (id=2850): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x48000}, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x100000, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00'}) sendto$packet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00') (fail_nth: 3) 19.53175938s ago: executing program 3 (id=2851): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r2 = getpid() syz_usb_connect$cdc_ecm(0x2, 0x5c, &(0x7f0000000000)=ANY=[@ANYBLOB="12010100020000102505a1a440000000010109024a00010100000009040000160202ff00052406000005240000000d240f0100000000000000000006240700000009057ffffd74000f000905820200020000030905030240"], 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = epoll_create1(0x0) prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x2) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r3, &(0x7f0000000080)={0x20000001}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8) 16.484766264s ago: executing program 3 (id=2852): io_setup(0x401, &(0x7f0000000340)=0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000240)={0x0, 0x0, 0x0, 'queue0\x00'}) write$sndseq(r1, &(0x7f0000000080)=[{0x26, 0x0, 0x0, 0xfd, @time, {}, {}, @result}], 0x1c) r3 = timerfd_create(0x0, 0x800) io_submit(r0, 0x2, &(0x7f00000001c0)=[&(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7, 0x9, r3, &(0x7f00000005c0)="3e7e07be9d62b5", 0x7, 0x3}]) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = syz_open_dev$vim2m(&(0x7f0000000180), 0x3, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000000)={0x9, 0x2, 0x1}) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) ppoll(&(0x7f0000000080)=[{r5, 0x50}], 0x1, &(0x7f0000000140)={r6, r7+10000000}, &(0x7f0000000200)={[0x7]}, 0x8) ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f00000000c0)=0x2) close_range(r4, 0xffffffffffffffff, 0x0) 16.32072317s ago: executing program 3 (id=2853): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000004c0)='GPL\x00', 0xc58d, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff7, @void, @value}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x5) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket(0x40000000015, 0x5, 0x3) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, 0x0, 0x0) bind$inet6(r1, &(0x7f0000000f80)={0xa, 0x0, 0x0, @loopback, 0xa7a}, 0x1c) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_GET_BYINDEX(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000000f06010100000000000000000200000306000b00ffff00000500010007000000954b6361412253e45021bc566686656a067b50674547735e85746d8b596bb5e46045eadf5b7a026d99635a7259a1a8b4b102df83bf1772dfed96881980a89cef6770be2b3a90ce57409a1bd0ef3f9a11080fe8ffadbcc89ffbf79681ba3bad3f8eb35f5e7c69df0253c17cbc10b69c82a452f53fee2b4ab24be5e836fd76422dad8caeefe9ce2fa3a3bbd9f54a"], 0x24}, 0x1, 0x0, 0x0, 0x2000c005}, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = socket$key(0xf, 0x3, 0x2) syz_usb_connect$uac1(0x0, 0xc1, &(0x7f00000006c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xaf, 0x3, 0x1, 0x0, 0x0, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0x13, 0x24, 0x6, 0x0, 0x0, 0x6, [0x0, 0x0, 0x0, 0x0, 0x2, 0x0]}, @output_terminal={0x9, 0x24, 0x3, 0x0, 0x0, 0x0, 0x3}, @output_terminal={0x9, 0x24, 0x3, 0x0, 0x1ff, 0x4, 0x4}, @selector_unit={0x6, 0x24, 0x5, 0x4, 0x0, "fd"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x6, 0x5, 0x6, '-'}, @as_header={0x7, 0x24, 0x1, 0x9, 0x8, 0x1}, @format_type_ii_discrete={0xb, 0x24, 0x2, 0x2, 0x7f, 0x8884, 0x61, "6c05"}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x4, 0x7, 0x1}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x3, 0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x3ff, 0x0, 0x0, 0x80, {0x7, 0x25, 0x1, 0x0, 0x0, 0xff1d}}}}}}}]}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002eb0e00000000000000000105000600200000000a00000040010000000500e50000070000001f00001a000000030000a95a6e870200010000e9ff070040000200000000050005000000cc580a"], 0x80}}, 0x0) sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0xff80) 15.111570123s ago: executing program 3 (id=2854): ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) epoll_create1(0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="00000400514403001c001280090001007866726d000000000c0002800800020001000000140003007866726d3000"/56], 0x50}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0xd0}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x38}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000340)) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r6}, 0x10) r7 = socket(0x10, 0x3, 0x0) sendto$inet6(r7, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006080a0000000d0085a168d0bf46d32345653600648d270015000a00000849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160016000a0000000000e000e218d1dd3b6ed538f2523250", 0x78, 0x0, 0x0, 0x0) r8 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r8, 0x107, 0x12, &(0x7f0000000080)=0x9, 0x4) 8.012305271s ago: executing program 32 (id=2839): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000063a60f7306cb665900000000000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000e3ffffff00"/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000480)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b9a00fe00000000b6090800000000007b9af0ff00000000bf8610000000000007080000f8ffffffbfa40000000000000704", @ANYRES32=r8, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x2c}}, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)=0xfffffbfa, 0x4) r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_BT_FLUSHABLE(r10, 0x112, 0x8, &(0x7f0000000440)=0x5, 0x4) sendmsg$can_bcm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="00000000010000000000000000000000a5976ac6acd45a63feec86d97b26bc84c76171"], 0x48}}, 0x0) sendmsg$can_bcm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="01000000220900"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0002000001"], 0x80}}, 0x0) sendmsg$can_bcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="02"], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=@newtaction={0xeb0, 0x30, 0xb, 0x0, 0x0, {}, [{0xe9c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80006}}]}, {0x4}, {0xc}, {0xc}}}, @m_pedit={0xe50, 0x2, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0xfffffffe, 0x4, 0x2, 0x7, 0x8}, 0x0, 0x9}, [{0x8000, 0x8, 0x0, 0x7, 0x621, 0x6dc}, {0x7, 0xfffffffc, 0xef, 0x7, 0x9, 0xf}, {0x1, 0x29, 0x5183, 0x10000, 0xfb2, 0x1}, {0xffff0000, 0xba, 0x1, 0x7ab, 0x10000, 0x81}, {0x0, 0x10, 0xffff8a02, 0x7, 0x8, 0x7ff}, {0x7, 0x3, 0x7c, 0xefb9, 0x2, 0x1}, {0x8000, 0x4, 0x1ff, 0x5964, 0x9, 0x15}, {0x1, 0x7, 0x1, 0x2, 0xfc05, 0xfffffffc}, {0x697, 0xb3d, 0x5, 0x2306, 0x6ebb5645, 0x5f6}, {0xff, 0xafcc, 0x80000001, 0xd1a, 0x7, 0xd}, {0x8, 0x10000, 0x0, 0xb4, 0x400, 0x8}, {0x80000000, 0x200, 0x7, 0x2, 0x4, 0x3}, {0x6, 0x25, 0x10000, 0x1, 0x6, 0x9}, {0x1, 0x9, 0x4, 0x3, 0x100, 0x4}, {0x9, 0x6, 0x5, 0x1, 0x3, 0x2}, {0x5, 0x3, 0x13, 0x3, 0x3, 0x9}, {0x3, 0x4000000, 0x6, 0x3, 0x4, 0x9}, {0x5, 0x401, 0x6, 0x3, 0x6, 0xffffff7f}, {0x5, 0x3, 0x7, 0x6, 0xff, 0x80}, {0x8, 0x1, 0x4, 0x2, 0xe4, 0x1}, {0xfc3, 0x1ff, 0xfff, 0x6, 0xc3, 0x7}, {0x3, 0xf, 0xd77, 0x8, 0x25f, 0xa}, {0xdd, 0x5, 0xffff, 0x4, 0x2, 0x7f}, {0x1, 0x1, 0x322, 0x4, 0x5, 0x8}, {0x0, 0x16ca, 0x4, 0x1, 0x43, 0x8}, {0x80, 0x1, 0x6, 0xb, 0x3, 0x6}, {0x80000001, 0x0, 0x3ff, 0x81, 0x4, 0x3ff}, {0x80, 0x10000, 0xfffffffc, 0x7cf, 0x9}, {0xc70, 0x6, 0x80000001, 0x5, 0x6, 0x3}, {0x9, 0xaa28, 0x2, 0xb, 0x2, 0x2}, {0xffffff01, 0x24b, 0x547d9df3, 0x40, 0x7, 0x1200}, {0x1ff, 0xf4e, 0xffff7ae0, 0x0, 0xde, 0x80000000}, {0xd7d, 0x200, 0x4, 0xf9c, 0x8, 0x97e}, {0x9, 0x73, 0x6, 0x5, 0x8, 0xfffffffb}, {0x20, 0x1c9, 0x8, 0x0, 0x1, 0x6}, {0x19, 0x9, 0xfffffffd, 0x8000, 0x7, 0x80}, {0x9, 0xffff0000, 0xa, 0x6, 0x3, 0x4}, {0x5, 0x2, 0xb, 0x8, 0xfffffffc, 0x10}, {0x4, 0x6, 0xf, 0x2, 0x401, 0x4}, {0xc5d, 0xdd1d, 0xfff, 0x1, 0x4, 0x100}, {0x62a, 0x53aa, 0x23, 0x1, 0x471}, {0x80000000, 0x7, 0xe13, 0x8, 0x1, 0x7}, {0x4, 0x7, 0xce8, 0x6, 0x9, 0xe6c00000}, {0x1, 0x4, 0x5, 0xaa19, 0x0, 0x5}, {0x1, 0xc8, 0xfff, 0x8, 0x80000001, 0x6}, {0x10, 0x8, 0x7, 0x8001, 0x101, 0x5}, {0x2, 0x80000000, 0x324, 0x200, 0xac2, 0xef9}, {0x0, 0x1, 0x8000, 0x4, 0x2, 0x8}, {0xff, 0x4f9, 0x8, 0xd, 0x3, 0x4}, {0x3, 0x1, 0x3, 0x6015, 0x5, 0x8}, {0x3, 0x2e2f, 0x43, 0x6, 0x2, 0xcf}, {0xa65, 0x7, 0x30, 0xdf, 0x6, 0x687}, {0x4c5a, 0xcf, 0x8, 0x20a, 0x0, 0x3}, {0x400, 0xf0c, 0xfffffffb, 0x80000001, 0x200, 0x443}, {0xff9, 0x3, 0x8, 0x2c6, 0xfffffff6, 0x6}, {0x10000, 0x6, 0x0, 0x3ff, 0x5, 0x5}, {0x9, 0xb, 0x81, 0xd, 0x8, 0xdb36}, {0x897, 0x4, 0x4, 0x3, 0x2, 0x8fd}, {0x6, 0xfffffe00, 0xfffff971, 0x9, 0x7, 0x8}, {0x2, 0x4, 0x4, 0x1000, 0x3b, 0x8}, {0xab3a, 0x1, 0xffff, 0x4fdd, 0x678940e5, 0x10}, {0x3, 0x3, 0x8, 0x6, 0x1, 0xb}, {0x8, 0xfffffe40, 0xe5c, 0xfffffffc, 0x6581, 0x4}, {0x5, 0xa, 0x9600, 0x6, 0x6b550819, 0x6}, {0x447, 0x9, 0x401, 0xfffffffb, 0x8, 0x1}, {0x3695, 0x7fff, 0x7fff, 0x8, 0x1000, 0x4}, {0x0, 0x2, 0xfe4, 0x8, 0xb, 0xfffffcb2}, {0xe7, 0x2, 0x6, 0x0, 0xfffffffc, 0x1800000}, {0xf63, 0x3, 0x7, 0x9, 0xffffffff, 0x7}, {0x2, 0x3, 0x9, 0x9, 0x3, 0x9}, {0x68, 0x7, 0x8, 0x10, 0xfffffffb}, {0x0, 0x9e61, 0x101, 0x0, 0x1, 0xe}, {0x3, 0x6, 0x8, 0x8, 0x101, 0x4}, {0x4, 0x80000000, 0x3, 0x3, 0x1, 0x9}, {0x10000, 0xd, 0x1, 0x1000, 0x40, 0x10001}, {0x1, 0x8001, 0xaa1, 0xc, 0x6, 0x5}, {0x2, 0x4, 0x1, 0x7, 0x7d5, 0xec}, {0xfffffff7, 0x40, 0x4, 0x9, 0xff, 0x8}, {0xe154, 0x6, 0x2, 0x5, 0xfffffff9, 0x800}, {0x7, 0xf4, 0x7ff, 0x768638fb, 0x9, 0x6}, {0x7, 0x62a4, 0xc, 0x8, 0xb4c1}, {0x3, 0x4, 0x5, 0x3, 0x0, 0x1000000}, {0x2, 0x2, 0x3, 0x0, 0x26, 0x8}, {0x80000001, 0x389, 0x0, 0x8, 0x0, 0x9}, {0xbebd, 0x8598, 0xc0d, 0x3, 0x4, 0x3}, {0x1, 0x80, 0x6d1e0000, 0x0, 0x8, 0x80}, {0xffff, 0x8db, 0x7149, 0x9, 0x2, 0x1}, {0x80000000, 0x7, 0x8001, 0xfffffeff, 0x0, 0x8000}, {0x0, 0x81, 0x33, 0x3, 0x5}, {0xcddb, 0x6, 0x0, 0x95e, 0x1, 0x1}, {0x4, 0x0, 0xdfa8, 0x8, 0x9, 0xc4c}, {0x480, 0x4, 0x8, 0x6, 0x79a, 0x1}, {0x7, 0x1, 0x9, 0xf98, 0x1, 0xfffffffa}, {0x7, 0x200, 0xe3ba, 0x0, 0x5, 0x2}, {0xffff0000, 0x10000, 0xbd6f, 0xd, 0x7, 0x3ff}, {0xfffffff8, 0x4, 0x1, 0x6, 0x7, 0xd70}, {0x6, 0xc0, 0x7fff, 0x6, 0x1, 0x7}, {0x1f, 0x8, 0x0, 0x7fffffff, 0x1000, 0x5}, {0x400, 0x3, 0x8f, 0x6, 0x3ff, 0x5}, {0x83, 0x5fc4, 0x2, 0x64c, 0xc, 0x4}, {0x9, 0x2, 0x2, 0x10, 0x6, 0xc}, {0x3, 0xc, 0xd06, 0x5, 0x80000001, 0x1}, {0x5, 0x7, 0x0, 0x47, 0x200, 0x7f}, {0x573, 0x7fff, 0x8, 0x5, 0x2, 0x80000001}, {0xac, 0x0, 0xfffffffe, 0xd5ba, 0x7fffffff, 0x8001}, {0xfffffffd, 0x1, 0x7ff, 0xf1b, 0x4623, 0x8}, {0x1, 0x9, 0x36ff, 0x7, 0xfffffffb, 0x3}, {0x7ff, 0x2, 0x7fffffff, 0x8, 0x5, 0x3}, {0x1, 0x401, 0x4, 0x793, 0x200}, {0x8001, 0xe, 0x9, 0x6, 0x80, 0x9}, {0x1, 0xfffffffe, 0x80, 0xfffffffc, 0x7, 0x9}, {0x1ff, 0x3, 0x548, 0x8e, 0x5, 0xfffffffe}, {0x8, 0xa5, 0x2, 0x9, 0x2, 0x1}, {0x9, 0x8, 0xa02, 0x80000, 0x0, 0xffffffff}, {0x9, 0x0, 0x5, 0x5, 0xfffffffd, 0x8}, {0x6c, 0x7f, 0x0, 0x7, 0x5, 0xe8e}, {0x6, 0x0, 0xa9180000, 0x3, 0x9, 0x8}, {0x7, 0xa6, 0xe, 0x7ff, 0x1, 0x10001}, {0x6, 0x8, 0x69, 0x2, 0x4, 0x3}, {0x9, 0x7b, 0x0, 0x1ff, 0x0, 0x2}, {0x1, 0xb, 0x12000000, 0x5, 0x90e, 0x54a}, {0x4, 0x3, 0x6, 0x7ff, 0x2, 0x1}, {0xee1, 0x5, 0x1, 0x8, 0x2, 0xfffffff8}, {0x1, 0xe, 0x9, 0x52, 0x4, 0x7}, {0xc, 0x9, 0x9, 0xffff, 0xb239, 0x7fd}, {0x6, 0x7, 0x2, 0x0, 0x4, 0x8}, {0x2, 0x8, 0x9, 0x81, 0x401, 0x8}, {0x2, 0xadc, 0xd, 0xfffffffa, 0x3, 0x3}], [{0x9abf2aa3a6e3f581, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {}, {0x2, 0x1}, {0x5, 0x1}, {0x5}, {0x3, 0x1}, {0x3, 0x1}, {0x4}, {0x2}, {}, {0x2}, {0x2, 0x1}, {0x5}, {0x2, 0x1}, {0x4}, {0x1}, {0x2}, {0x5}, {0x4}, {0x2, 0x1}, {0x5, 0x1}, {0x5}, {0x4}, {0x4, 0x1}, {0x5}, {0x4}, {0x0, 0x1}, {0x4}, {0x2}, {0x5}, {0x7, 0x1}, {}, {0x5, 0x1}, {0x5}, {0x2}, {0x2}, {0x0, 0x1}, {0x3}, {0x6}, {0x3}, {0x2, 0x1}, {0x1}, {0x2}, {0x0, 0x2}, {0x5, 0x1}, {0x5}, {0x2}, {0x5}, {0x5, 0x1}, {0x2}, {0x2, 0x1}, {0x1}, {0x0, 0x1}, {0x2}, {0x1}, {0x3, 0x1}, {0x1}, {0x2}, {}, {0x1, 0x1}, {}, {0x3, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x4}, {0x2}, {0x2, 0x1}, {0x2}, {0x1}, {0x5}, {0x4}, {0x5, 0x1}, {0x5}, {0x5, 0x1}, {0x2}, {0x2}, {0x2, 0x1}, {0x3}, {}, {0x2, 0x1}, {}, {0x4}, {0x1, 0x1}, {}, {0x3}, {0x1}, {0x5, 0x1}, {}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {0x3, 0x1}, {0x1}, {0x5}, {0x0, 0x1}, {0x2}, {0x2}, {0x4}, {0x5, 0x1}, {0x4}, {0x0, 0x1}, {0x4, 0x1}, {0x3, 0x1}, {0x1}, {0xd5928f414eadf620, 0x1}, {0x4}, {0x1, 0x1}, {0x3}, {0x2}, {0x5}, {0x4, 0x1}, {0x2}, {0x3}, {0x3, 0x1}, {0x2}, {0x4, 0x1}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xeb0}}, 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x17\x00'}]}, 0x1c}}, 0x0) 7.0120933s ago: executing program 33 (id=2840): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040341a020800000000000109022400010000000009040000020300000009210000000122050009058103"], 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) recvmmsg(0xffffffffffffffff, &(0x7f0000006a00)=[{{0x0, 0x0, &(0x7f0000006980)=[{0x0}, {&(0x7f0000004e80)=""/160, 0xa0}], 0x2}}, {{0x0, 0x0, &(0x7f0000006640)=[{0x0}, {&(0x7f00000053c0)=""/172, 0xac}, {0x0}, {0x0}, {0x0}, {&(0x7f0000006580)=""/158, 0x9e}], 0x6}}], 0x2, 0x0, 0x0) write$binfmt_misc(r4, &(0x7f0000000300), 0x6) recvmmsg(r4, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1}, 0xe) setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0xf, &(0x7f0000000040)=0x3, 0x4) r6 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="00220500"], 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r0) syz_open_procfs(0x0, &(0x7f0000000600)='fd/4\x00') 6.008897905s ago: executing program 34 (id=2847): r0 = syz_open_dev$dri(&(0x7f0000000480), 0xf2ef, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000080)={&(0x7f0000000280)="4127b1e0ced1567334890b618cef0980abc39a0f5c8b05f41c4fa34ba8a753a54971974a5347e32668765c0c3a31dbbe76d645c04be965f44c9369d2fb432fb02742649208cad7a140ad28dbc29cb564023d2600478401294bf0c9a3277f56c5a882e27c02c766ccb5f5a099026182b54ade7efaffb6aedce1d269e69cdd1b4e9b0ce05a3c8187b4f6ebf1d4121ac485681030adccc9d47fb1ead7b5c6ec23d70cf174a62e7dfcaafd17a1c0ab21edc55e4999a2ef94573228c6f5236a21f5ed58f8e05fb66c37856cf2d98571240a71c9a332f280874f5a68", 0xd9}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) getsockopt$sock_linger(r1, 0x1, 0xd, 0x0, &(0x7f0000000100)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x0, @local}, {0x2, 0xffff, @broadcast}, 0x200, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x3}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCSIFBR(r3, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2}) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f0000000380)={&(0x7f0000000240)='E?O', 0x3}) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x246000, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) r6 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a1121710950b2a17f4f7010203010902240001000000000904fb00026c5d650009050402100000fa000905820240"], 0x0) syz_usb_control_io(r6, 0x0, 0x0) syz_usb_control_io$printer(r6, &(0x7f0000000180)={0x14, &(0x7f00000000c0)={0x40, 0x23, 0x82, {0x82, 0x31, "24e262f73646d09b3d0a5476c74f44c4f89c39ec56686582555cf495e027cfd3d7f8fc8820535ee8e431abfce48dadc24b5bdf3890a2215de891fc195876078da3548dcb247893fa1edb22b902a90b3d94bae3366d4ce94f48d276eb9d90fdef87c99a829db21cfffb78b7cee5f801a708e469c94d03e62941024152ead9bc24"}}, &(0x7f0000000000)={0x0, 0x3, 0x59, @string={0x59, 0x3, "1e7236b4f7ad335d05094f28a273c851472c2ea90106a3beed3e92445dc0efa25f6ae4b0688e82447789d731d9c1bec908b42b7bb07233e859f15946571a37f709444abf480cb58e88b245b70b96392a129dd05d996482"}}}, &(0x7f0000000500)={0x34, &(0x7f00000001c0)={0x40, 0x8, 0x4b, "cd76307794826e86595b2957bf0d5516302859fcdc2459f94115dc66a10d52c5f1243ff364b2d1cba4214c9d4e92641d1b4990f6b684212b1da370ae1f92133d09de826487e73aaf02741c"}, 0x0, &(0x7f0000000300)={0x0, 0x8, 0x1, 0x11}, 0x0, 0x0, &(0x7f0000000440)={0x20, 0x0, 0x1, 0x5}}) syz_usb_control_io$uac1(r6, 0x0, &(0x7f0000000480)={0x44, &(0x7f0000000280)={0x20, 0xc, 0x2, "4714"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r7, 0x3a, 0x1, 0x0, 0x0) sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="640000001500010027bd7000fcdbe325200100000000000000000000000060da00000000000000000000ffffac14141c4e2300084e22f7ffffff80a03b000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="b36b6e00020000000c0015005d0735000000000008001f0003000000"], 0x64}, 0x1, 0x0, 0x0, 0x40085}, 0x0) ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r4, 0xc01064ac, &(0x7f0000000000)={0x0, 0x1000, &(0x7f00000004c0)=""/4096}) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000000), &(0x7f0000048000), 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000340)=0x10) setsockopt(r8, 0x84, 0x7f, &(0x7f00000001c0)="020000000d80ffff", 0x8) dup2(r4, r0) 0s ago: executing program 35 (id=2854): ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) epoll_create1(0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="500000001000010400000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="00000400514403001c001280090001007866726d000000000c0002800800020001000000140003007866726d3000"/56], 0x50}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0xd0}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x38}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000340)) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r6}, 0x10) r7 = socket(0x10, 0x3, 0x0) sendto$inet6(r7, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006080a0000000d0085a168d0bf46d32345653600648d270015000a00000849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160016000a0000000000e000e218d1dd3b6ed538f2523250", 0x78, 0x0, 0x0, 0x0) r8 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r8, 0x107, 0x12, &(0x7f0000000080)=0x9, 0x4) kernel console output (not intermixed with test programs): high-speed USB device number 65 using dummy_hcd [ 640.260611][ T5910] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 640.272368][ T5910] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 640.282846][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 640.291173][ T5910] usb 1-1: Product: syz [ 640.295904][ T5910] usb 1-1: Manufacturer: syz [ 640.313559][ T5910] cdc_wdm 1-1:1.0: skipping garbage [ 640.318792][ T5910] cdc_wdm 1-1:1.0: skipping garbage [ 640.324587][ T5910] cdc_wdm 1-1:1.0: probe with driver cdc_wdm failed with error -22 [ 640.364185][ T8] usb 2-1: no configurations [ 640.368848][ T8] usb 2-1: can't read configurations, error -22 [ 640.413751][ T933] usb 4-1: Using ep0 maxpacket: 16 [ 640.425817][ T933] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 640.435953][ T933] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 640.445728][ T933] usb 4-1: config 1 has no interface number 1 [ 640.451842][ T933] usb 4-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 640.461676][ T933] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 640.472585][ T933] usb 4-1: config 1 interface 2 has no altsetting 0 [ 640.481090][ T933] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 640.491237][ T933] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 640.499264][ T933] usb 4-1: Product: syz [ 640.504121][ T8] usb 2-1: new high-speed USB device number 66 using dummy_hcd [ 640.511722][ T933] usb 4-1: Manufacturer: syz [ 640.517464][ T933] usb 4-1: SerialNumber: syz [ 640.521236][ T2144] usb 1-1: USB disconnect, device number 64 [ 640.664355][ T8] usb 2-1: no configurations [ 640.669005][ T8] usb 2-1: can't read configurations, error -22 [ 640.675613][ T8] usb usb2-port1: attempt power cycle [ 640.752532][ T6359] usb 5-1: USB disconnect, device number 64 [ 640.804103][ T29] audit: type=1326 audit(2000000194.969:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 640.828687][ T29] audit: type=1326 audit(2000000194.969:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 640.856269][ T29] audit: type=1326 audit(2000000194.969:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 640.880094][ T29] audit: type=1326 audit(2000000194.969:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 640.914779][ T29] audit: type=1326 audit(2000000194.969:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 640.938161][ T29] audit: type=1326 audit(2000000194.969:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 640.962256][T14115] Bluetooth: hci0: command 0x0406 tx timeout [ 640.969088][ T29] audit: type=1326 audit(2000000194.969:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 640.993713][ T29] audit: type=1326 audit(2000000194.969:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 641.017825][ T29] audit: type=1326 audit(2000000194.969:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14721 comm="syz.3.2450" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f534bb8cd29 code=0x50000 [ 641.023861][ T8] usb 2-1: new high-speed USB device number 67 using dummy_hcd [ 641.065093][ T8] usb 2-1: no configurations [ 641.069712][ T8] usb 2-1: can't read configurations, error -22 [ 641.172890][ T6359] usb 5-1: new full-speed USB device number 65 using dummy_hcd [ 641.203975][ T8] usb 2-1: new high-speed USB device number 68 using dummy_hcd [ 641.234820][ T8] usb 2-1: no configurations [ 641.240337][ T8] usb 2-1: can't read configurations, error -22 [ 641.248649][ T8] usb usb2-port1: unable to enumerate USB device [ 641.354176][ T6359] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x7F, changing to 0xF [ 641.376116][ T6359] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 641.399292][ T6359] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 29949, setting to 64 [ 641.423041][ T6359] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 641.460831][ T25] usb 3-1: USB disconnect, device number 61 [ 641.492834][ T6359] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 641.524154][ T6359] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 641.542824][ T6359] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 641.550815][ T6359] usb 5-1: SerialNumber: syz [ 641.575385][T14728] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 641.582591][T14728] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 641.673407][T14115] Bluetooth: hci4: command 0x0406 tx timeout [ 641.679436][T14115] Bluetooth: hci2: command 0x0406 tx timeout [ 641.686737][T14115] Bluetooth: hci3: command 0x0406 tx timeout [ 641.692827][T14115] Bluetooth: hci1: command 0x0406 tx timeout [ 641.756348][T14735] FAULT_INJECTION: forcing a failure. [ 641.756348][T14735] name failslab, interval 1, probability 0, space 0, times 0 [ 641.769033][T14735] CPU: 1 UID: 0 PID: 14735 Comm: syz.2.2453 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 641.769055][T14735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 641.769065][T14735] Call Trace: [ 641.769071][T14735] [ 641.769077][T14735] dump_stack_lvl+0x16c/0x1f0 [ 641.769103][T14735] should_fail_ex+0x497/0x5b0 [ 641.769125][T14735] ? fs_reclaim_acquire+0xae/0x150 [ 641.769148][T14735] should_failslab+0xc2/0x120 [ 641.769166][T14735] __kmalloc_noprof+0xcb/0x510 [ 641.769193][T14735] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 641.769227][T14735] hci_alloc_dev_priv+0x1d/0x2820 [ 641.769245][T14735] hci_uart_tty_ioctl+0x37d/0xc10 [ 641.769272][T14735] ? __pfx_hci_uart_tty_ioctl+0x10/0x10 [ 641.769296][T14735] tty_ioctl+0x6ee/0x15d0 [ 641.769323][T14735] ? __pfx_tty_ioctl+0x10/0x10 [ 641.769347][T14735] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 641.769373][T14735] ? __pfx_lock_release+0x10/0x10 [ 641.769398][T14735] ? __fget_files+0x40/0x3a0 [ 641.769426][T14735] ? selinux_file_ioctl+0x180/0x270 [ 641.769447][T14735] ? selinux_file_ioctl+0xb4/0x270 [ 641.769468][T14735] ? __pfx_tty_ioctl+0x10/0x10 [ 641.769493][T14735] __x64_sys_ioctl+0x190/0x200 [ 641.769515][T14735] do_syscall_64+0xcd/0x250 [ 641.769541][T14735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.769565][T14735] RIP: 0033:0x7fb5bbf8cd29 [ 641.769579][T14735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 641.769598][T14735] RSP: 002b:00007fb5bcd97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 641.769616][T14735] RAX: ffffffffffffffda RBX: 00007fb5bc1a6080 RCX: 00007fb5bbf8cd29 [ 641.769629][T14735] RDX: 0000000000000004 RSI: 00000000400455c8 RDI: 0000000000000007 [ 641.769640][T14735] RBP: 00007fb5bcd97090 R08: 0000000000000000 R09: 0000000000000000 [ 641.769652][T14735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 641.769663][T14735] R13: 0000000000000000 R14: 00007fb5bc1a6080 R15: 00007ffebc7e77a8 [ 641.769682][T14735] [ 641.769689][T14735] Bluetooth: Can't allocate HCI device [ 642.302927][T14115] Bluetooth: hci4: unexpected event 0x01 length: 4 > 1 [ 642.313648][T14115] Bluetooth: hci4: SCO packet for unknown connection handle 400 [ 643.372215][ T933] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor [ 643.402728][ T933] usb 4-1: 2:1: invalid format type 0x1002 is detected, processed as PCM [ 643.415180][T14762] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2462'. [ 643.432779][ T933] usb 4-1: 2:1 : unsupported sample bitwidth 0 in 0 bytes [ 643.448329][ T933] usb 4-1: selecting invalid altsetting 0 [ 643.489743][ T933] usb 4-1: USB disconnect, device number 65 [ 643.518407][ T6164] udevd[6164]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 643.816931][ T5909] usb 5-1: USB disconnect, device number 65 [ 644.062940][ T933] usb 4-1: new high-speed USB device number 66 using dummy_hcd [ 644.260014][T14785] FAULT_INJECTION: forcing a failure. [ 644.260014][T14785] name failslab, interval 1, probability 0, space 0, times 0 [ 644.273667][T14785] CPU: 0 UID: 0 PID: 14785 Comm: syz.4.2469 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 644.273690][T14785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 644.273701][T14785] Call Trace: [ 644.273707][T14785] [ 644.273714][T14785] dump_stack_lvl+0x16c/0x1f0 [ 644.273741][T14785] should_fail_ex+0x497/0x5b0 [ 644.273763][T14785] ? lock_release+0x4e2/0x6f0 [ 644.273786][T14785] should_failslab+0xc2/0x120 [ 644.273805][T14785] __kmalloc_noprof+0xcb/0x510 [ 644.273829][T14785] ? __io_alloc_req_refill+0xeb/0x5b0 [ 644.273852][T14785] io_cqring_event_overflow+0xcb/0x6f0 [ 644.273874][T14785] io_req_cqe_overflow+0x101/0x1e0 [ 644.273894][T14785] __io_submit_flush_completions+0x8dc/0x1c70 [ 644.273919][T14785] io_submit_sqes+0xa1c/0x25c0 [ 644.273947][T14785] __do_sys_io_uring_enter+0xd60/0x1670 [ 644.273972][T14785] ? __fget_files+0x206/0x3a0 [ 644.273996][T14785] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 644.274021][T14785] ? fput+0x67/0x440 [ 644.274038][T14785] ? ksys_write+0x1ba/0x250 [ 644.274060][T14785] ? __pfx_ksys_write+0x10/0x10 [ 644.274083][T14785] ? rcu_is_watching+0x12/0xc0 [ 644.274101][T14785] ? rcu_is_watching+0x12/0xc0 [ 644.274120][T14785] do_syscall_64+0xcd/0x250 [ 644.274145][T14785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 644.274168][T14785] RIP: 0033:0x7f49bff8cd29 [ 644.274182][T14785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 644.274201][T14785] RSP: 002b:00007f49c0d5b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 644.274218][T14785] RAX: ffffffffffffffda RBX: 00007f49c01a5fa0 RCX: 00007f49bff8cd29 [ 644.274231][T14785] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000008 [ 644.274242][T14785] RBP: 00007f49c0d5b090 R08: 0000000000000000 R09: 0000000000000000 [ 644.274253][T14785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 644.274264][T14785] R13: 0000000000000000 R14: 00007f49c01a5fa0 R15: 00007ffd92ccb518 [ 644.274281][T14785] [ 644.789144][ T933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 644.930165][ T933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 645.093276][ T25] usb 1-1: new high-speed USB device number 65 using dummy_hcd [ 645.094911][ T933] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 645.145326][ T933] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 645.156091][ T933] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 645.176685][ T933] usb 4-1: config 0 descriptor?? [ 645.256151][ T29] kauditd_printk_skb: 6100 callbacks suppressed [ 645.256169][ T29] audit: type=1400 audit(1999992007.426:6827): avc: denied { ioctl } for pid=14793 comm="syz.4.2472" path="socket:[39395]" dev="sockfs" ino=39395 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 645.295049][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 645.310704][ T25] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 645.321074][ T25] usb 1-1: config 0 has no interface number 0 [ 645.329861][ T25] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 645.340419][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 645.348602][ T25] usb 1-1: Product: syz [ 645.354060][ T25] usb 1-1: Manufacturer: syz [ 645.358668][ T25] usb 1-1: SerialNumber: syz [ 645.369692][ T25] usb 1-1: config 0 descriptor?? [ 645.377044][ T25] smsc95xx v2.0.0 [ 645.674437][ T5909] usb 2-1: new high-speed USB device number 69 using dummy_hcd [ 645.836920][ T5909] usb 2-1: config 0 has no interfaces? [ 645.843197][ T5909] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 645.926361][ T25] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 645.941867][ T25] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 645.945348][ T933] acrux 0003:1A34:0802.0012: unknown main item tag 0x0 [ 645.958570][ T5909] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 645.967121][ T933] acrux 0003:1A34:0802.0012: unknown main item tag 0x0 [ 645.981050][ T5909] usb 2-1: config 0 descriptor?? [ 645.986319][ T933] acrux 0003:1A34:0802.0012: unknown main item tag 0x0 [ 646.004892][ T933] acrux 0003:1A34:0802.0012: unknown main item tag 0x0 [ 646.018717][ T933] acrux 0003:1A34:0802.0012: unknown main item tag 0x0 [ 646.029399][ T933] acrux 0003:1A34:0802.0012: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.3-1/input0 [ 646.051349][ T933] acrux 0003:1A34:0802.0012: no inputs found [ 646.057875][ T933] acrux 0003:1A34:0802.0012: Failed to enable force feedback support, error: -19 [ 646.194694][ T6359] usb 4-1: USB disconnect, device number 66 [ 646.674345][ T29] audit: type=1400 audit(1999992008.846:6828): avc: denied { connect } for pid=14795 comm="syz.1.2473" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 647.665184][ T25] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 647.683948][ T25] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71 [ 647.704892][ T25] usb 1-1: USB disconnect, device number 65 [ 647.721568][ T29] audit: type=1400 audit(1999992009.886:6829): avc: denied { map } for pid=14840 comm="syz.3.2487" path="socket:[39506]" dev="sockfs" ino=39506 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 648.287972][T14861] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2493'. [ 648.366028][ T25] usb 2-1: USB disconnect, device number 69 [ 648.770092][T14866] xfrm1: entered allmulticast mode [ 648.787451][T14872] netlink: 'syz.4.2496': attribute type 2 has an invalid length. [ 648.857409][ T5910] usb 4-1: new high-speed USB device number 67 using dummy_hcd [ 648.870232][T14872] fþ: entered promiscuous mode [ 649.371533][ T5910] usb 4-1: config 1 has an invalid descriptor of length 183, skipping remainder of the config [ 649.382101][ T5910] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 649.393986][ T5910] usb 4-1: config 1 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 649.407246][ T5910] usb 4-1: config 1 interface 0 has no altsetting 0 [ 649.416523][ T5910] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 649.573659][ T25] usb 2-1: new high-speed USB device number 70 using dummy_hcd [ 649.775945][ T933] usb 5-1: new high-speed USB device number 66 using dummy_hcd [ 649.785042][ T5910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 649.793223][ T5910] usb 4-1: Product: syz [ 649.797581][ T5910] usb 4-1: Manufacturer: syz [ 649.802511][ T5910] usb 4-1: SerialNumber: syz [ 649.806197][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 649.819680][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 649.830009][ T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 649.844635][ T25] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 649.854143][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 649.946360][ T25] usb 2-1: config 0 descriptor?? [ 649.951708][ T933] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 649.965028][ T933] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 649.974871][ T933] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 649.988944][ T933] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 649.999137][ T933] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 650.072030][T14887] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2500'. [ 650.357560][ T29] audit: type=1400 audit(1999992012.266:6830): avc: denied { map } for pid=14848 comm="syz.3.2490" path="socket:[39580]" dev="sockfs" ino=39580 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 650.398855][ T5910] usb 4-1: USB disconnect, device number 67 [ 650.405383][ T933] usb 5-1: config 0 descriptor?? [ 651.482921][ T25] usbhid 2-1:0.0: can't add hid device: -71 [ 651.496758][ T25] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 651.497714][ T933] acrux 0003:1A34:0802.0013: unknown main item tag 0x0 [ 651.530941][T14891] FAULT_INJECTION: forcing a failure. [ 651.530941][T14891] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 651.532578][ T25] usb 2-1: USB disconnect, device number 70 [ 651.550172][T14891] CPU: 0 UID: 0 PID: 14891 Comm: syz.0.2501 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 651.550197][T14891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 651.550209][T14891] Call Trace: [ 651.550216][T14891] [ 651.550223][T14891] dump_stack_lvl+0x16c/0x1f0 [ 651.550252][T14891] should_fail_ex+0x497/0x5b0 [ 651.550276][T14891] _copy_from_user+0x2e/0xd0 [ 651.550299][T14891] do_arpt_set_ctl+0xafb/0xf50 [ 651.550323][T14891] ? __pfx_do_arpt_set_ctl+0x10/0x10 [ 651.550343][T14891] ? __pfx_lock_release+0x10/0x10 [ 651.550372][T14891] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 651.550399][T14891] ? trace_irq_enable.constprop.0+0xea/0x140 [ 651.550427][T14891] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 651.550459][T14891] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 651.550487][T14891] nf_setsockopt+0x8a/0xf0 [ 651.550509][T14891] ip_setsockopt+0xcb/0xf0 [ 651.550527][T14891] udp_setsockopt+0x7d/0xd0 [ 651.550551][T14891] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 651.550572][T14891] do_sock_setsockopt+0x222/0x480 [ 651.550598][T14891] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 651.550618][T14891] ? __fget_files+0x40/0x3a0 [ 651.550643][T14891] ? lock_acquire+0x2f/0xb0 [ 651.550670][T14891] __sys_setsockopt+0x1a0/0x230 [ 651.550698][T14891] __x64_sys_setsockopt+0xbd/0x160 [ 651.550724][T14891] ? do_syscall_64+0x9a/0x250 [ 651.550748][T14891] do_syscall_64+0xcd/0x250 [ 651.550772][T14891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.550797][T14891] RIP: 0033:0x7fe57ad8cd29 [ 651.550811][T14891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.550828][T14891] RSP: 002b:00007fe57bc11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 651.550846][T14891] RAX: ffffffffffffffda RBX: 00007fe57afa6080 RCX: 00007fe57ad8cd29 [ 651.550858][T14891] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000008 [ 651.550869][T14891] RBP: 00007fe57bc11090 R08: 0000000000000418 R09: 0000000000000000 [ 651.550879][T14891] R10: 0000000020001180 R11: 0000000000000246 R12: 0000000000000001 [ 651.550890][T14891] R13: 0000000000000000 R14: 00007fe57afa6080 R15: 00007fff4c8f3e08 [ 651.550907][T14891] [ 651.783016][ T933] acrux 0003:1A34:0802.0013: unknown main item tag 0x0 [ 651.789979][ T933] acrux 0003:1A34:0802.0013: unknown main item tag 0x0 [ 651.887871][ T933] acrux 0003:1A34:0802.0013: unknown main item tag 0x0 [ 651.895790][ T933] acrux 0003:1A34:0802.0013: unknown main item tag 0x0 [ 651.975157][T14891] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 651.984025][T14891] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 651.992603][T14891] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 652.345744][ T29] audit: type=1400 audit(1999992014.056:6831): avc: denied { ioctl } for pid=14898 comm="syz.3.2503" path="socket:[40145]" dev="sockfs" ino=40145 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 652.354374][ T933] acrux 0003:1A34:0802.0013: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.4-1/input0 [ 652.388811][ T933] acrux 0003:1A34:0802.0013: no inputs found [ 652.397431][ T933] acrux 0003:1A34:0802.0013: Failed to enable force feedback support, error: -19 [ 652.408347][T14905] netlink: 'syz.3.2503': attribute type 10 has an invalid length. [ 652.419189][T14905] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 652.428611][T14905] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 652.468964][ T933] usb 5-1: USB disconnect, device number 66 [ 652.641622][T14908] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 652.650306][T14908] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 652.658939][T14908] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 653.552658][ T29] audit: type=1400 audit(1999992015.716:6832): avc: denied { accept } for pid=14909 comm="syz.2.2505" lport=41565 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 653.754742][ T29] audit: type=1400 audit(1999992015.716:6833): avc: denied { setopt } for pid=14909 comm="syz.2.2505" lport=41565 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 654.206643][T14928] FAULT_INJECTION: forcing a failure. [ 654.206643][T14928] name failslab, interval 1, probability 0, space 0, times 0 [ 654.219696][T14928] CPU: 1 UID: 0 PID: 14928 Comm: syz.2.2508 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 654.219719][T14928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 654.219731][T14928] Call Trace: [ 654.219737][T14928] [ 654.219744][T14928] dump_stack_lvl+0x16c/0x1f0 [ 654.219774][T14928] should_fail_ex+0x497/0x5b0 [ 654.219797][T14928] ? fs_reclaim_acquire+0xae/0x150 [ 654.219822][T14928] should_failslab+0xc2/0x120 [ 654.219842][T14928] kmem_cache_alloc_lru_noprof+0x73/0x3d0 [ 654.219871][T14928] ? ksys_write+0x12b/0x250 [ 654.219895][T14928] ? sock_alloc_inode+0x25/0x1c0 [ 654.219918][T14928] ? __pfx_sock_alloc_inode+0x10/0x10 [ 654.219938][T14928] sock_alloc_inode+0x25/0x1c0 [ 654.219958][T14928] alloc_inode+0x5d/0x230 [ 654.219977][T14928] sock_alloc+0x40/0x280 [ 654.219994][T14928] ? lock_release+0x4e2/0x6f0 [ 654.220018][T14928] do_accept+0xf8/0x530 [ 654.220042][T14928] ? do_raw_spin_lock+0x12d/0x2c0 [ 654.220059][T14928] ? __pfx_do_accept+0x10/0x10 [ 654.220090][T14928] __sys_accept4+0xfe/0x1b0 [ 654.220114][T14928] ? __pfx___sys_accept4+0x10/0x10 [ 654.220139][T14928] ? __pfx_ksys_write+0x10/0x10 [ 654.220165][T14928] __x64_sys_accept4+0x96/0x100 [ 654.220189][T14928] do_syscall_64+0xcd/0x250 [ 654.220215][T14928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.220240][T14928] RIP: 0033:0x7fb5bbf8cd29 [ 654.220254][T14928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 654.220271][T14928] RSP: 002b:00007fb5bcd76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 654.220289][T14928] RAX: ffffffffffffffda RBX: 00007fb5bc1a6160 RCX: 00007fb5bbf8cd29 [ 654.220302][T14928] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 654.220313][T14928] RBP: 00007fb5bcd76090 R08: 0000000000000000 R09: 0000000000000000 [ 654.220325][T14928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 654.220336][T14928] R13: 0000000000000000 R14: 00007fb5bc1a6160 R15: 00007ffebc7e77a8 [ 654.220354][T14928] [ 655.113105][ T25] usb 1-1: new high-speed USB device number 66 using dummy_hcd [ 656.220467][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 656.231167][ T25] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 656.241633][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.252860][ T6359] usb 5-1: new high-speed USB device number 67 using dummy_hcd [ 656.270708][T14952] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2517'. [ 656.309422][ T25] usb 1-1: config 0 descriptor?? [ 656.464015][ T6359] usb 5-1: Using ep0 maxpacket: 16 [ 656.467902][T14959] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2520'. [ 656.471695][ T6359] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 656.497380][T14959] FAULT_INJECTION: forcing a failure. [ 656.497380][T14959] name failslab, interval 1, probability 0, space 0, times 0 [ 656.498345][ T6359] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 656.510062][T14959] CPU: 0 UID: 0 PID: 14959 Comm: syz.3.2520 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 656.510086][T14959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 656.510097][T14959] Call Trace: [ 656.510104][T14959] [ 656.510110][T14959] dump_stack_lvl+0x16c/0x1f0 [ 656.510139][T14959] should_fail_ex+0x497/0x5b0 [ 656.510164][T14959] should_failslab+0xc2/0x120 [ 656.510183][T14959] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 656.510211][T14959] ? sctp_get_port_local+0xb61/0x1650 [ 656.510234][T14959] ? sctp_get_port_local+0xba4/0x1650 [ 656.510263][T14959] sctp_get_port_local+0xba4/0x1650 [ 656.510289][T14959] ? __pfx_sctp_get_port_local+0x10/0x10 [ 656.510313][T14959] ? sctp_do_bind+0x1d4/0x700 [ 656.510340][T14959] sctp_do_bind+0x223/0x700 [ 656.510367][T14959] sctp_connect_new_asoc+0x5ff/0x790 [ 656.510395][T14959] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 656.510425][T14959] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 656.510445][T14959] sctp_sendmsg+0x1610/0x1eb0 [ 656.510461][T14959] ? avc_has_perm+0x11b/0x1c0 [ 656.510487][T14959] ? __pfx_sctp_sendmsg+0x10/0x10 [ 656.510505][T14959] ? __pfx_sock_has_perm+0x10/0x10 [ 656.510532][T14959] ? trace_irq_enable.constprop.0+0xea/0x140 [ 656.510562][T14959] ? __pfx_sctp_sendmsg+0x10/0x10 [ 656.510579][T14959] inet_sendmsg+0x119/0x140 [ 656.510598][T14959] ____sys_sendmsg+0x98c/0xc90 [ 656.510620][T14959] ? copy_msghdr_from_user+0x10b/0x160 [ 656.510647][T14959] ? __pfx_____sys_sendmsg+0x10/0x10 [ 656.510670][T14959] ? rcu_is_watching+0x12/0xc0 [ 656.510691][T14959] ___sys_sendmsg+0x135/0x1e0 [ 656.510716][T14959] ? sched_clock_cpu+0x6d/0x4d0 [ 656.510740][T14959] ? __pfx____sys_sendmsg+0x10/0x10 [ 656.510766][T14959] ? psi_task_switch+0x203/0x8e0 [ 656.510790][T14959] ? trace_lock_acquire+0x14e/0x1f0 [ 656.510809][T14959] ? finish_task_switch.isra.0+0x160/0xcc0 [ 656.510841][T14959] __sys_sendmmsg+0x201/0x420 [ 656.510859][T14959] ? __pfx___sys_sendmmsg+0x10/0x10 [ 656.510889][T14959] __x64_sys_sendmmsg+0x9c/0x100 [ 656.510906][T14959] do_syscall_64+0xcd/0x250 [ 656.510931][T14959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.510956][T14959] RIP: 0033:0x7f534bb8cd29 [ 656.510971][T14959] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 656.510988][T14959] RSP: 002b:00007f534c995038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 656.511005][T14959] RAX: ffffffffffffffda RBX: 00007f534bda6080 RCX: 00007f534bb8cd29 [ 656.511017][T14959] RDX: 0000000000000001 RSI: 0000000020003a00 RDI: 0000000000000007 [ 656.511028][T14959] RBP: 00007f534c995090 R08: 0000000000000000 R09: 0000000000000000 [ 656.511038][T14959] R10: 000000000004c040 R11: 0000000000000246 R12: 0000000000000001 [ 656.511049][T14959] R13: 0000000000000000 R14: 00007f534bda6080 R15: 00007ffc90172208 [ 656.511066][T14959] [ 657.026932][ T5874] usb 3-1: new high-speed USB device number 62 using dummy_hcd [ 657.039117][ T6359] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 657.061924][ T6359] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 657.071221][ T6359] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 657.080412][ T6359] usb 5-1: Product: syz [ 657.096555][ T6359] usb 5-1: Manufacturer: syz [ 657.101338][ T6359] usb 5-1: SerialNumber: syz [ 657.144614][ T25] lg-g15 0003:046D:C222.0014: hidraw0: USB HID v10.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0 [ 657.199425][ T5874] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 657.215736][ T5874] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 657.321811][ T5874] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 657.372908][ T5874] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 657.393062][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.411479][ T5874] usb 3-1: config 0 descriptor?? [ 657.448004][ T2144] usb 1-1: USB disconnect, device number 66 [ 657.465347][ T6359] usb 5-1: 0:2 : does not exist [ 657.492179][ T6359] usb 5-1: USB disconnect, device number 67 [ 657.538931][ T5825] udevd[5825]: setting owner of /dev/bus/usb/005/067 to uid=0, gid=0 failed: No such file or directory [ 657.805930][ T6164] udevd[6164]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 658.151062][ T5874] acrux 0003:1A34:0802.0015: unknown main item tag 0x0 [ 658.159058][ T5874] acrux 0003:1A34:0802.0015: unknown main item tag 0x0 [ 658.169077][ T5874] acrux 0003:1A34:0802.0015: unknown main item tag 0x0 [ 658.176343][ T5874] acrux 0003:1A34:0802.0015: unknown main item tag 0x0 [ 658.183929][ T5874] acrux 0003:1A34:0802.0015: unknown main item tag 0x0 [ 658.197196][ T5874] acrux 0003:1A34:0802.0015: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.2-1/input0 [ 658.209065][ T5874] acrux 0003:1A34:0802.0015: no inputs found [ 658.217012][ T5874] acrux 0003:1A34:0802.0015: Failed to enable force feedback support, error: -19 [ 658.358682][ T5874] usb 3-1: USB disconnect, device number 62 [ 658.510298][T14978] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 659.492232][T14992] bio_check_eod: 2 callbacks suppressed [ 659.492248][T14992] syz.3.2529: attempt to access beyond end of device [ 659.492248][T14992] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 659.520395][T14992] syz.3.2529: attempt to access beyond end of device [ 659.520395][T14992] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0 [ 659.886054][T14992] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 660.014224][T14992] syz.3.2529: attempt to access beyond end of device [ 660.014224][T14992] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 660.020235][T14999] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2528'. [ 660.144810][ T5874] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 660.147696][T14992] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 660.335269][ T5874] usb 1-1: Using ep0 maxpacket: 8 [ 660.350672][T14992] syz.3.2529: attempt to access beyond end of device [ 660.350672][T14992] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0 [ 660.364904][T14992] syz.3.2529: attempt to access beyond end of device [ 660.364904][T14992] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 660.373830][ T5874] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 660.379936][T14992] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 660.408847][T14992] syz.3.2529: attempt to access beyond end of device [ 660.408847][T14992] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 660.436645][T14992] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 660.439016][ T5874] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 660.456098][ T5874] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 660.466323][ T5874] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 660.480081][ T5874] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 660.489456][ T5874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 660.502411][T14992] syz.3.2529: attempt to access beyond end of device [ 660.502411][T14992] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 660.503506][T15007] FAULT_INJECTION: forcing a failure. [ 660.503506][T15007] name failslab, interval 1, probability 0, space 0, times 0 [ 660.517167][T14992] syz.3.2529: attempt to access beyond end of device [ 660.517167][T14992] nbd3: rw=0, sector=2048, nr_sectors = 8 limit=0 [ 660.527822][T15007] CPU: 1 UID: 0 PID: 15007 Comm: syz.4.2532 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 660.527846][T15007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 660.527858][T15007] Call Trace: [ 660.527865][T15007] [ 660.527872][T15007] dump_stack_lvl+0x16c/0x1f0 [ 660.527902][T15007] should_fail_ex+0x497/0x5b0 [ 660.527925][T15007] ? fs_reclaim_acquire+0xae/0x150 [ 660.527953][T15007] should_failslab+0xc2/0x120 [ 660.527973][T15007] __kmalloc_cache_noprof+0x68/0x410 [ 660.528000][T15007] ? _copy_from_user+0x59/0xd0 [ 660.528026][T15007] copy_mount_options+0x55/0x190 [ 660.528049][T15007] __x64_sys_mount+0x1ad/0x310 [ 660.528067][T15007] ? __pfx___x64_sys_mount+0x10/0x10 [ 660.528086][T15007] ? rcu_is_watching+0x12/0xc0 [ 660.528106][T15007] ? rcu_is_watching+0x12/0xc0 [ 660.528126][T15007] do_syscall_64+0xcd/0x250 [ 660.528153][T15007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.528178][T15007] RIP: 0033:0x7f49bff8cd29 [ 660.528194][T15007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.528211][T15007] RSP: 002b:00007f49c0d5b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 660.528235][T15007] RAX: ffffffffffffffda RBX: 00007f49c01a5fa0 RCX: 00007f49bff8cd29 [ 660.528248][T15007] RDX: 0000000020000b80 RSI: 00000000200003c0 RDI: 0000000000000000 [ 660.528260][T15007] RBP: 00007f49c0d5b090 R08: 0000000020000500 R09: 0000000000000000 [ 660.528272][T15007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 660.528284][T15007] R13: 0000000000000000 R14: 00007f49c01a5fa0 R15: 00007ffd92ccb518 [ 660.528302][T15007] [ 660.629359][T15011] input: syz0 as /devices/virtual/input/input62 [ 660.641825][T15004] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 660.735291][T14992] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 660.744903][ T5874] usb 1-1: GET_CAPABILITIES returned 0 [ 660.750383][ T5874] usbtmc 1-1:16.0: can't read capabilities [ 660.762519][T14992] syz.3.2529: attempt to access beyond end of device [ 660.762519][T14992] nbd3: rw=0, sector=4096, nr_sectors = 8 limit=0 [ 660.800819][T14992] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 660.823649][T14992] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 661.216198][ T933] usb 5-1: new high-speed USB device number 68 using dummy_hcd [ 661.439305][ T933] usb 5-1: Using ep0 maxpacket: 32 [ 661.456564][ T933] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 661.474609][ T933] usb 5-1: config 0 has no interface number 0 [ 661.482781][ T933] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 661.492107][ T933] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 661.500656][ T933] usb 5-1: Product: syz [ 661.506237][ T933] usb 5-1: Manufacturer: syz [ 661.510832][ T933] usb 5-1: SerialNumber: syz [ 661.517850][ T933] usb 5-1: config 0 descriptor?? [ 661.525204][ T933] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 661.727081][ T933] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 661.738747][ T933] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 662.254177][T15039] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15039 comm=syz.1.2543 [ 662.263718][ T5874] usb 5-1: USB disconnect, device number 68 [ 662.266719][ C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 662.282782][T15039] netlink: 'syz.1.2543': attribute type 1 has an invalid length. [ 662.298960][ T5874] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 662.326911][ T5874] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 662.350195][ T5874] quatech2 5-1:0.51: device disconnected [ 662.654516][ T5937] usb 1-1: USB disconnect, device number 67 [ 663.054172][ T29] audit: type=1400 audit(1999992025.226:6834): avc: denied { create } for pid=15046 comm="syz.0.2546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 663.075792][T15048] trusted_key: encrypted_key: insufficient parameters specified [ 663.084810][ T29] audit: type=1400 audit(1999992025.246:6835): avc: denied { setopt } for pid=15046 comm="syz.0.2546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1 [ 663.386182][T14115] Bluetooth: hci4: Unable to find connection with handle 0x00c9 [ 663.982052][T15068] overlayfs: failed to clone upperpath [ 664.813830][ T5937] usb 5-1: new high-speed USB device number 69 using dummy_hcd [ 664.928124][T15088] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2559'. [ 665.122844][ T5937] usb 5-1: Using ep0 maxpacket: 32 [ 665.129382][ T5937] usb 5-1: unable to get BOS descriptor or descriptor too short [ 665.139248][ T5937] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 665.147227][ T5937] usb 5-1: can't read configurations, error -61 [ 665.251766][ T29] audit: type=1400 audit(1999992027.416:6836): avc: denied { setopt } for pid=15091 comm="syz.2.2561" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 665.378996][ T5937] usb 5-1: new high-speed USB device number 70 using dummy_hcd [ 665.473662][T15099] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 666.092846][ T5937] usb 5-1: Using ep0 maxpacket: 32 [ 666.099436][ T5937] usb 5-1: unable to get BOS descriptor or descriptor too short [ 666.130405][ T5937] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 666.140351][ T5937] usb 5-1: can't read configurations, error -61 [ 666.154265][ T5937] usb usb5-port1: attempt power cycle [ 666.256978][T15118] FAULT_INJECTION: forcing a failure. [ 666.256978][T15118] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 666.270256][T15118] CPU: 0 UID: 0 PID: 15118 Comm: syz.0.2568 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 666.270281][T15118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 666.270293][T15118] Call Trace: [ 666.270299][T15118] [ 666.270306][T15118] dump_stack_lvl+0x16c/0x1f0 [ 666.270335][T15118] should_fail_ex+0x497/0x5b0 [ 666.270360][T15118] _copy_from_user+0x2e/0xd0 [ 666.270385][T15118] memdup_user+0x71/0xd0 [ 666.270409][T15118] strndup_user+0x78/0xe0 [ 666.270433][T15118] __x64_sys_mount+0x138/0x310 [ 666.270452][T15118] ? __pfx___x64_sys_mount+0x10/0x10 [ 666.270470][T15118] ? rcu_is_watching+0x12/0xc0 [ 666.270490][T15118] ? rcu_is_watching+0x12/0xc0 [ 666.270509][T15118] do_syscall_64+0xcd/0x250 [ 666.270536][T15118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.270561][T15118] RIP: 0033:0x7fe57ad8cd29 [ 666.270576][T15118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 666.270594][T15118] RSP: 002b:00007fe57bc32038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 666.270619][T15118] RAX: ffffffffffffffda RBX: 00007fe57afa5fa0 RCX: 00007fe57ad8cd29 [ 666.270632][T15118] RDX: 0000000020000080 RSI: 00000000200000c0 RDI: 0000000000000000 [ 666.270643][T15118] RBP: 00007fe57bc32090 R08: 0000000020000900 R09: 0000000000000000 [ 666.270655][T15118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 666.270666][T15118] R13: 0000000000000000 R14: 00007fe57afa5fa0 R15: 00007fff4c8f3e08 [ 666.270683][T15118] [ 666.426630][ C0] vkms_vblank_simulate: vblank timer overrun [ 666.509260][T15102] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 666.519757][T15102] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 666.532047][T15102] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 666.568696][T15102] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 666.578330][T15102] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 666.619012][ T5937] usb 5-1: new high-speed USB device number 71 using dummy_hcd [ 666.787297][T15122] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 666.824892][ T5937] usb 5-1: Using ep0 maxpacket: 32 [ 666.834698][ T5937] usb 5-1: unable to get BOS descriptor or descriptor too short [ 666.911578][ T5937] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 666.922248][T11990] Bluetooth: hci5: Frame reassembly failed (-84) [ 666.938860][ T5937] usb 5-1: can't read configurations, error -61 [ 667.133181][ T5937] usb 5-1: new high-speed USB device number 72 using dummy_hcd [ 667.461346][ T5937] usb 5-1: Using ep0 maxpacket: 32 [ 667.468988][ T5937] usb 5-1: unable to get BOS descriptor or descriptor too short [ 667.480683][ T5937] usb 5-1: unable to read config index 0 descriptor/start: -61 [ 667.489553][ T5937] usb 5-1: can't read configurations, error -61 [ 667.497371][ T5937] usb usb5-port1: unable to enumerate USB device [ 667.600581][T15144] loop2: detected capacity change from 0 to 7 [ 667.608006][T15144] loop2: [POWERTEC] p1 p2 p3 p4 p5 [ 667.613437][T15144] loop2: p1 start 2088088514 is beyond EOD, truncated [ 667.620706][T15144] loop2: p2 start 4265061093 is beyond EOD, truncated [ 667.629354][T15144] loop2: p3 start 89951157 is beyond EOD, truncated [ 667.636186][T15144] loop2: p4 start 297012523 is beyond EOD, truncated [ 667.643385][T15144] loop2: p5 start 1635021614 is beyond EOD, truncated [ 667.737143][T15147] trusted_key: encrypted_key: insufficient parameters specified [ 667.932175][ T5834] Bluetooth: hci0: command 0x0406 tx timeout [ 668.948131][T14115] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 668.955143][T14115] Bluetooth: hci3: command 0x0406 tx timeout [ 668.990818][ T5834] Bluetooth: hci1: command 0x0406 tx timeout [ 668.991209][T14115] Bluetooth: hci4: command 0x0406 tx timeout [ 668.996915][ T5834] Bluetooth: hci2: command 0x0406 tx timeout [ 669.109106][ T29] audit: type=1400 audit(1999992031.276:6837): avc: denied { ioctl } for pid=15165 comm="syz.2.2580" path="socket:[40669]" dev="sockfs" ino=40669 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 670.149924][T15177] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 670.156044][T15177] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 670.162063][T15177] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 670.169744][T15177] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 670.176460][T15177] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 670.216723][ T5834] Bluetooth: hci1: unexpected event 0x01 length: 4 > 1 [ 670.217617][ T5834] Bluetooth: hci1: SCO packet for unknown connection handle 400 [ 670.941596][ T5834] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 671.073143][ T29] audit: type=1400 audit(1999992033.246:6838): avc: denied { ioctl } for pid=15207 comm="syz.3.2592" path="socket:[41246]" dev="sockfs" ino=41246 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 671.500991][ T5834] Bluetooth: hci0: command 0x0406 tx timeout [ 671.656008][T15219] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 672.157564][ T29] audit: type=1400 audit(1999992034.326:6839): avc: denied { mount } for pid=15229 comm="syz.3.2599" name="/" dev="rpc_pipefs" ino=40870 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1 [ 672.233102][ T5834] Bluetooth: hci4: command 0x0406 tx timeout [ 672.233137][ T5839] Bluetooth: hci3: command 0x0406 tx timeout [ 672.239156][ T5834] Bluetooth: hci1: command 0x0406 tx timeout [ 672.245105][T15164] Bluetooth: hci2: command 0x0406 tx timeout [ 672.606151][T15224] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 672.624467][T15224] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 672.630437][T15224] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 672.639621][T15224] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 672.646048][T15224] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 673.366261][T15249] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2605'. [ 673.375218][T15249] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2605'. [ 673.384202][T15249] netlink: 'syz.4.2605': attribute type 13 has an invalid length. [ 673.479554][T15250] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 673.488456][T15250] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 673.498086][T15250] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 673.506965][T15250] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 673.517053][T15250] geneve3: entered promiscuous mode [ 673.522324][T15250] geneve3: entered allmulticast mode [ 673.861350][T15236] Bluetooth: hci0: command 0x0406 tx timeout [ 674.016226][ T29] audit: type=1400 audit(1999992036.176:6840): avc: denied { mount } for pid=15252 comm="syz.2.2606" name="/" dev="autofs" ino=40916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 674.945609][T15236] Bluetooth: hci3: command 0x0406 tx timeout [ 674.952477][T15236] Bluetooth: hci1: command 0x0406 tx timeout [ 674.958594][T14115] Bluetooth: hci4: command 0x0406 tx timeout [ 674.964673][T15236] Bluetooth: hci2: command 0x0406 tx timeout [ 674.987214][ T29] audit: type=1400 audit(1999992037.156:6841): avc: denied { unmount } for pid=5827 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 675.530039][ T29] audit: type=1326 audit(1999992037.696:6842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15285 comm="syz.1.2616" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb15f58cd29 code=0x0 [ 675.555645][T15282] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 675.779600][T15293] overlayfs: failed to resolve './file0': -2 [ 675.809598][T14115] Bluetooth: hci1: unexpected event 0x01 length: 4 > 1 [ 675.810987][T14115] Bluetooth: hci1: SCO packet for unknown connection handle 400 [ 675.852934][ T5874] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 675.993362][ T5874] usb 1-1: device descriptor read/64, error -71 [ 676.251141][ T5874] usb 1-1: new high-speed USB device number 69 using dummy_hcd [ 676.282564][T15306] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2623'. [ 676.413066][ T5874] usb 1-1: device descriptor read/64, error -71 [ 676.654598][ T5874] usb usb1-port1: attempt power cycle [ 676.671736][T15316] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long [ 677.021889][T15324] x_tables: unsorted underflow at hook 3 [ 677.202908][ T5874] usb 1-1: new high-speed USB device number 70 using dummy_hcd [ 677.263387][ T5874] usb 1-1: device descriptor read/8, error -71 [ 677.503407][ T5874] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 677.523784][ T5874] usb 1-1: device descriptor read/8, error -71 [ 677.643048][ T5874] usb usb1-port1: unable to enumerate USB device [ 677.705364][T15336] xt_CT: You must specify a L4 protocol and not use inversions on it [ 677.863109][T15340] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2635'. [ 678.088026][ T29] audit: type=1400 audit(1999992040.256:6843): avc: denied { bind } for pid=15358 comm="syz.1.2642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 678.125443][T15363] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 678.721626][T15374] iommufd_mock iommufd_mock1: Adding to iommu group 1 [ 679.408676][T15385] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2648'. [ 679.598559][T15391] overlayfs: failed to verify upper root origin [ 679.645170][T15391] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2651'. [ 679.733427][ T5909] usb 5-1: new full-speed USB device number 73 using dummy_hcd [ 679.930175][T15412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23217 sclass=netlink_route_socket pid=15412 comm=syz.3.2658 [ 679.966229][ T5909] usb 5-1: config 0 has an invalid interface number: 50 but max is 0 [ 680.048278][ T5909] usb 5-1: config 0 has no interface number 0 [ 680.057440][ T5909] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 680.066727][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 680.082517][ T5909] usb 5-1: Product: syz [ 680.086802][ T5909] usb 5-1: Manufacturer: syz [ 680.102052][ T5909] usb 5-1: SerialNumber: syz [ 680.219089][ T5909] usb 5-1: config 0 descriptor?? [ 680.485197][ T5909] yurex 5-1:0.50: Could not find endpoints [ 680.911585][T15429] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 681.227712][T15437] overlayfs: failed to verify upper root origin [ 681.240700][T15437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2666'. [ 681.256648][ T5909] usb 5-1: USB disconnect, device number 73 [ 681.365629][ T5834] Bluetooth: hci5: sending frame failed (-49) [ 681.371785][T14115] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 681.379401][T15441] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 681.409729][T15444] team0 (unregistering): Port device team_slave_0 removed [ 681.418996][T15444] team0 (unregistering): Port device team_slave_1 removed [ 681.425703][ T29] audit: type=1400 audit(1999992043.586:6844): avc: denied { ioctl } for pid=15445 comm="syz.0.2669" path="/dev/usbmon7" dev="devtmpfs" ino=741 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 681.516007][T15449] FAULT_INJECTION: forcing a failure. [ 681.516007][T15449] name failslab, interval 1, probability 0, space 0, times 0 [ 681.528758][T15449] CPU: 0 UID: 0 PID: 15449 Comm: syz.4.2670 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 681.528782][T15449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 681.528794][T15449] Call Trace: [ 681.528800][T15449] [ 681.528807][T15449] dump_stack_lvl+0x16c/0x1f0 [ 681.528837][T15449] should_fail_ex+0x497/0x5b0 [ 681.528859][T15449] ? fs_reclaim_acquire+0xae/0x150 [ 681.528884][T15449] should_failslab+0xc2/0x120 [ 681.528912][T15449] __kmalloc_noprof+0xcb/0x510 [ 681.528942][T15449] tomoyo_realpath_from_path+0xb9/0x720 [ 681.528964][T15449] ? tomoyo_path_number_perm+0x235/0x590 [ 681.528993][T15449] ? tomoyo_path_number_perm+0x235/0x590 [ 681.529021][T15449] tomoyo_path_number_perm+0x248/0x590 [ 681.529049][T15449] ? tomoyo_path_number_perm+0x235/0x590 [ 681.529078][T15449] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 681.529107][T15449] ? rcu_is_watching+0x12/0xc0 [ 681.529129][T15449] ? preempt_count_add+0x76/0x150 [ 681.529158][T15449] ? __pfx_lock_release+0x10/0x10 [ 681.529182][T15449] ? trace_lock_acquire+0x14e/0x1f0 [ 681.529203][T15449] ? __fget_files+0x40/0x3a0 [ 681.529229][T15449] ? lock_acquire+0x2f/0xb0 [ 681.529252][T15449] ? __fget_files+0x40/0x3a0 [ 681.529277][T15449] ? __fget_files+0x206/0x3a0 [ 681.529302][T15449] security_file_ioctl+0x9b/0x240 [ 681.529315][T15449] __x64_sys_ioctl+0xb7/0x200 [ 681.529328][T15449] do_syscall_64+0xcd/0x250 [ 681.529347][T15449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.529363][T15449] RIP: 0033:0x7f49bff8cd29 [ 681.529371][T15449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 681.529382][T15449] RSP: 002b:00007f49c0d5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 681.529393][T15449] RAX: ffffffffffffffda RBX: 00007f49c01a5fa0 RCX: 00007f49bff8cd29 [ 681.529399][T15449] RDX: 0000000020000080 RSI: 00000000c0109207 RDI: 0000000000000003 [ 681.529406][T15449] RBP: 00007f49c0d5b090 R08: 0000000000000000 R09: 0000000000000000 [ 681.529412][T15449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 681.529419][T15449] R13: 0000000000000000 R14: 00007f49c01a5fa0 R15: 00007ffd92ccb518 [ 681.529428][T15449] [ 681.529446][T15449] ERROR: Out of memory at tomoyo_realpath_from_path. [ 682.113307][ T5909] usb 4-1: new high-speed USB device number 68 using dummy_hcd [ 682.192981][ T5874] usb 3-1: new high-speed USB device number 63 using dummy_hcd [ 682.600543][ T5909] usb 4-1: config 0 has no interfaces? [ 682.606429][ T5909] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 682.614125][ T5874] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 682.627142][T15464] netlink: zone id is out of range [ 682.632243][T15464] netlink: zone id is out of range [ 682.637442][T15464] netlink: zone id is out of range [ 682.642533][T15464] netlink: zone id is out of range [ 682.647654][T15464] netlink: zone id is out of range [ 682.652748][T15464] netlink: zone id is out of range [ 682.657877][T15464] netlink: zone id is out of range [ 682.662998][T15464] netlink: zone id is out of range [ 682.668107][T15464] netlink: zone id is out of range [ 682.673220][T15464] netlink: zone id is out of range [ 682.678762][ T5874] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 682.931592][ T5874] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 682.932325][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 682.944504][ T5874] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 682.944531][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 682.945617][ T5874] usb 3-1: config 0 descriptor?? [ 683.031446][ T5909] usb 4-1: config 0 descriptor?? [ 683.065072][T15469] overlayfs: failed to verify upper root origin [ 683.082961][T15469] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2678'. [ 683.132142][T15476] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2680'. [ 683.295914][T15479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2681'. [ 683.306174][T15479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2681'. [ 685.045850][T15485] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 685.052598][T15485] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 685.059712][T15485] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 685.066373][T15485] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 685.072428][T15485] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 685.205827][ T5874] usbhid 3-1:0.0: can't add hid device: -71 [ 685.247016][ T5874] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 685.278925][ T5874] usb 3-1: USB disconnect, device number 63 [ 685.312255][T15512] overlayfs: failed to clone upperpath [ 685.314387][ T5909] usb 1-1: new high-speed USB device number 72 using dummy_hcd [ 685.360121][T15512] overlayfs: failed to clone upperpath [ 685.397161][T15512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2691'. [ 685.494311][ T5909] usb 1-1: Using ep0 maxpacket: 32 [ 685.521359][ T5909] usb 1-1: New USB device found, idVendor=0b49, idProduct=064f, bcdDevice=ac.b4 [ 685.535857][ T5909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 685.544754][ T5909] usb 1-1: Product: syz [ 685.549714][ T5909] usb 1-1: Manufacturer: syz [ 685.555678][ T5909] usb 1-1: SerialNumber: syz [ 685.571375][ T5909] usb 1-1: config 0 descriptor?? [ 685.642626][ T5909] usb 4-1: USB disconnect, device number 68 [ 685.872057][ T5909] usb 1-1: USB disconnect, device number 72 [ 686.439379][T14115] Bluetooth: hci0: command 0x0406 tx timeout [ 686.483100][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.489600][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.745678][T15535] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 686.752045][T15535] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 686.758384][T15535] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 686.765617][T15535] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 686.771690][T15535] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 686.879300][T15545] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 687.012928][ T5874] usb 4-1: new high-speed USB device number 69 using dummy_hcd [ 687.038775][T15549] overlayfs: failed to verify upper root origin [ 687.191524][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 687.199456][T15549] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2702'. [ 687.301795][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 687.362558][ T5874] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 687.436256][ T5874] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 687.501236][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.583166][ T5874] usb 4-1: config 0 descriptor?? [ 687.773245][T15564] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2698'. [ 687.872578][T15570] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2698'. [ 688.223414][ T5909] usb 5-1: new high-speed USB device number 74 using dummy_hcd [ 688.722923][T14115] Bluetooth: hci0: command 0x0406 tx timeout [ 688.793266][T14115] Bluetooth: hci4: command 0x0406 tx timeout [ 688.795780][ T5834] Bluetooth: hci2: command 0x0406 tx timeout [ 688.813151][T14115] Bluetooth: hci3: command 0x0406 tx timeout [ 688.819264][T14115] Bluetooth: hci1: command 0x0406 tx timeout [ 688.909930][ T5909] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 688.939505][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 688.958839][ T5909] usb 5-1: Product: syz [ 688.998028][ T5909] usb 5-1: Manufacturer: syz [ 689.002993][ T5909] usb 5-1: SerialNumber: syz [ 689.010417][ T5909] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 689.032107][ T5937] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 689.558414][T15592] overlayfs: failed to verify upper root origin [ 689.577749][T15592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2714'. [ 689.673518][ T933] usb 3-1: new full-speed USB device number 64 using dummy_hcd [ 689.990361][T15600] random: crng reseeded on system resumption [ 690.522159][ T5874] usbhid 4-1:0.0: can't add hid device: -71 [ 690.685510][ T5937] usb 5-1: Service connection timeout for: 256 [ 690.692457][ T5937] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services [ 690.720726][ T5937] ath9k_htc: Failed to initialize the device [ 690.728517][ T5937] usb 5-1: ath9k_htc: USB layer deinitialized [ 690.764635][ T933] usb 3-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x7F, changing to 0xF [ 690.777445][ T933] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 690.908071][ T933] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 29949, setting to 64 [ 690.925396][ T933] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 690.936249][ T933] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 690.963503][ T933] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 691.005179][ T5874] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 691.022201][ T5874] usb 4-1: USB disconnect, device number 69 [ 691.034776][ T933] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 691.055703][ T933] usb 3-1: SerialNumber: syz [ 691.068562][T15585] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 691.077765][T15585] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 692.255328][ T2144] usb 5-1: USB disconnect, device number 74 [ 692.321351][T15632] netlink: 1319 bytes leftover after parsing attributes in process `syz.4.2725'. [ 692.423676][T15639] xt_NFQUEUE: number of queues (65532) out of range (got 66665) [ 692.438504][T15639] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=15639 comm=syz.4.2728 [ 692.609475][ T29] audit: type=1400 audit(1999992054.776:6845): avc: denied { setopt } for pid=15654 comm="syz.1.2734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 692.692974][ T5874] usb 4-1: new high-speed USB device number 70 using dummy_hcd [ 692.855384][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 692.866768][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 692.877350][ T5874] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 692.890495][ T5874] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 692.899822][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 692.916016][ T5874] usb 4-1: config 0 descriptor?? [ 693.866381][ T933] usb 3-1: USB disconnect, device number 64 [ 694.788844][T15691] FAULT_INJECTION: forcing a failure. [ 694.788844][T15691] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 694.811625][T15691] CPU: 0 UID: 0 PID: 15691 Comm: syz.0.2745 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 694.811651][T15691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 694.811661][T15691] Call Trace: [ 694.811666][T15691] [ 694.811674][T15691] dump_stack_lvl+0x16c/0x1f0 [ 694.811703][T15691] should_fail_ex+0x497/0x5b0 [ 694.811725][T15691] _copy_from_user+0x2e/0xd0 [ 694.811748][T15691] __sys_bpf+0x21c/0x49c0 [ 694.811765][T15691] ? __pfx_lock_release+0x10/0x10 [ 694.811789][T15691] ? __pfx___sys_bpf+0x10/0x10 [ 694.811806][T15691] ? vfs_write+0x306/0x1150 [ 694.811830][T15691] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 694.811863][T15691] ? fput+0x67/0x440 [ 694.811884][T15691] ? ksys_write+0x1ba/0x250 [ 694.811907][T15691] ? __pfx_ksys_write+0x10/0x10 [ 694.811927][T15691] __x64_sys_bpf+0x78/0xc0 [ 694.811940][T15691] do_syscall_64+0xcd/0x250 [ 694.811972][T15691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 694.811998][T15691] RIP: 0033:0x7fe57ad8cd29 [ 694.812012][T15691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 694.812030][T15691] RSP: 002b:00007fe57bc32038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 694.812041][T15691] RAX: ffffffffffffffda RBX: 00007fe57afa5fa0 RCX: 00007fe57ad8cd29 [ 694.812048][T15691] RDX: 0000000000000094 RSI: 00000000200003c0 RDI: 0000000000000005 [ 694.812054][T15691] RBP: 00007fe57bc32090 R08: 0000000000000000 R09: 0000000000000000 [ 694.812061][T15691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 694.812067][T15691] R13: 0000000000000000 R14: 00007fe57afa5fa0 R15: 00007fff4c8f3e08 [ 694.812076][T15691] [ 694.999742][T15694] wg1 speed is unknown, defaulting to 1000 [ 695.006917][T15694] wg1 speed is unknown, defaulting to 1000 [ 695.013180][T15694] wg1 speed is unknown, defaulting to 1000 [ 695.020687][T15694] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 695.031338][T15694] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 695.060198][T15694] wg1 speed is unknown, defaulting to 1000 [ 695.069105][T15694] wg1 speed is unknown, defaulting to 1000 [ 695.075632][T15694] wg1 speed is unknown, defaulting to 1000 [ 695.082349][T15694] wg1 speed is unknown, defaulting to 1000 [ 695.092291][T15694] wg1 speed is unknown, defaulting to 1000 [ 695.167994][T15697] siw: device registration error -23 [ 695.246236][T15700] siw: device registration error -23 [ 695.246911][ T29] audit: type=1326 audit(1999992057.416:6846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.249778][ T29] audit: type=1326 audit(1999992057.416:6847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.249811][ T29] audit: type=1326 audit(1999992057.416:6848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.249831][ T29] audit: type=1326 audit(1999992057.416:6849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.249847][ T29] audit: type=1326 audit(1999992057.416:6850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.249870][ T29] audit: type=1326 audit(1999992057.416:6851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.249900][ T29] audit: type=1326 audit(1999992057.416:6852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.249929][ T29] audit: type=1326 audit(1999992057.416:6853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.249966][ T29] audit: type=1326 audit(1999992057.416:6854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15698 comm="syz.0.2747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe57ad8cd29 code=0x7ffc0000 [ 695.809552][ T5874] usbhid 4-1:0.0: can't add hid device: -71 [ 695.809626][ T5874] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 695.811108][ T5874] usb 4-1: USB disconnect, device number 70 [ 695.818952][T15711] FAULT_INJECTION: forcing a failure. [ 695.818952][T15711] name failslab, interval 1, probability 0, space 0, times 0 [ 695.818968][T15711] CPU: 0 UID: 0 PID: 15711 Comm: syz.3.2750 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 695.818980][T15711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 695.818987][T15711] Call Trace: [ 695.818991][T15711] [ 695.818995][T15711] dump_stack_lvl+0x16c/0x1f0 [ 695.819014][T15711] should_fail_ex+0x497/0x5b0 [ 695.819028][T15711] ? fs_reclaim_acquire+0xae/0x150 [ 695.819043][T15711] should_failslab+0xc2/0x120 [ 695.819054][T15711] __kmalloc_noprof+0xcb/0x510 [ 695.819071][T15711] ? d_absolute_path+0x137/0x1b0 [ 695.819083][T15711] ? rcu_is_watching+0x12/0xc0 [ 695.819094][T15711] tomoyo_encode2+0x100/0x3e0 [ 695.819108][T15711] tomoyo_encode+0x29/0x50 [ 695.819119][T15711] tomoyo_realpath_from_path+0x19d/0x720 [ 695.819133][T15711] tomoyo_path_number_perm+0x248/0x590 [ 695.819150][T15711] ? tomoyo_path_number_perm+0x235/0x590 [ 695.819168][T15711] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 695.819194][T15711] ? rcu_is_watching+0x12/0xc0 [ 695.819212][T15711] ? preempt_count_add+0x76/0x150 [ 695.819240][T15711] ? __pfx_lock_release+0x10/0x10 [ 695.819255][T15711] ? trace_lock_acquire+0x14e/0x1f0 [ 695.819267][T15711] ? __fget_files+0x40/0x3a0 [ 695.819283][T15711] ? lock_acquire+0x2f/0xb0 [ 695.819296][T15711] ? __fget_files+0x40/0x3a0 [ 695.819311][T15711] ? __fget_files+0x206/0x3a0 [ 695.819326][T15711] security_file_ioctl+0x9b/0x240 [ 695.819339][T15711] __x64_sys_ioctl+0xb7/0x200 [ 695.819352][T15711] do_syscall_64+0xcd/0x250 [ 695.819368][T15711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.819387][T15711] RIP: 0033:0x7f534bb8cd29 [ 695.819396][T15711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 695.819406][T15711] RSP: 002b:00007f534c9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 695.819417][T15711] RAX: ffffffffffffffda RBX: 00007f534bda5fa0 RCX: 00007f534bb8cd29 [ 695.819424][T15711] RDX: 0000000000000000 RSI: 00000000401070ca RDI: 0000000000000003 [ 695.819430][T15711] RBP: 00007f534c9b6090 R08: 0000000000000000 R09: 0000000000000000 [ 695.819437][T15711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 695.819443][T15711] R13: 0000000000000000 R14: 00007f534bda5fa0 R15: 00007ffc90172208 [ 695.819452][T15711] [ 695.819472][T15711] ERROR: Out of memory at tomoyo_realpath_from_path. [ 696.974081][T15731] xt_CT: You must specify a L4 protocol and not use inversions on it [ 697.770116][T15735] tty tty1: ldisc open failed (-12), clearing slot 0 [ 697.901666][T15751] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23217 sclass=netlink_route_socket pid=15751 comm=syz.0.2759 [ 698.326397][T15761] block device autoloading is deprecated and will be removed. [ 698.375956][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 698.375980][ T29] audit: type=1400 audit(1999992060.456:6859): avc: denied { append } for pid=15752 comm="syz.2.2760" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 698.413572][ T933] usb 5-1: new high-speed USB device number 75 using dummy_hcd [ 698.434870][ T29] audit: type=1400 audit(1999992060.456:6860): avc: denied { read } for pid=15752 comm="syz.2.2760" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 698.463580][ T29] audit: type=1400 audit(1999992060.456:6861): avc: denied { open } for pid=15752 comm="syz.2.2760" path="/561/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 698.575935][ T933] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 698.586604][ T933] usb 5-1: New USB device strings: Mfr=223, Product=2, SerialNumber=3 [ 698.594847][ T933] usb 5-1: Product: syz [ 698.599912][ T933] usb 5-1: Manufacturer: syz [ 698.607696][ T933] usb 5-1: SerialNumber: syz [ 698.618707][ T933] usb 5-1: config 0 descriptor?? [ 698.628411][ T933] ch341 5-1:0.0: ch341-uart converter detected [ 698.703935][ T5874] usb 1-1: new high-speed USB device number 73 using dummy_hcd [ 698.863027][ T5874] usb 1-1: Using ep0 maxpacket: 16 [ 698.957703][ T5874] usb 1-1: config 0 has an invalid descriptor of length 210, skipping remainder of the config [ 699.001886][ T5874] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 64863, setting to 1024 [ 699.013697][ T5874] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 699.042300][ T5874] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 699.056911][T15756] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2761'. [ 699.066914][ T5874] usb 1-1: New USB device found, idVendor=0586, idProduct=1500, bcdDevice= 0.00 [ 699.079255][ T5874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 699.090570][ T5874] usb 1-1: SerialNumber: syz [ 699.100155][ T5874] usb 1-1: config 0 descriptor?? [ 699.106541][T15763] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 699.119645][ T5874] omninet 1-1:0.0: required endpoints missing [ 699.286903][ T5937] usb 4-1: new high-speed USB device number 71 using dummy_hcd [ 699.610507][T15779] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 699.745377][ T8] usb 1-1: USB disconnect, device number 73 [ 699.876829][ T5937] usb 4-1: Using ep0 maxpacket: 16 [ 699.891265][ T5937] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 699.902773][ T5937] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 699.915340][ T5937] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 36 [ 699.925363][ T5937] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 699.941266][ T5937] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 699.960631][ T5937] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 699.980889][ T5937] usb 4-1: Manufacturer: syz [ 700.033726][ T5937] usb 4-1: config 0 descriptor?? [ 700.043614][T15789] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 700.412981][ T5874] usb 3-1: new full-speed USB device number 65 using dummy_hcd [ 700.465278][ T933] ch341-uart ttyUSB0: failed to read break control: -71 [ 700.472282][ T933] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 700.485640][ T933] usb 5-1: USB disconnect, device number 75 [ 700.492014][ T933] ch341 5-1:0.0: device disconnected [ 700.498235][T15773] syz.3.2766: attempt to access beyond end of device [ 700.498235][T15773] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 700.528924][T15773] syz.3.2766: attempt to access beyond end of device [ 700.528924][T15773] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0 [ 700.569469][T15773] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 700.582991][ T5937] rc_core: IR keymap rc-hauppauge not found [ 700.589231][ T5937] Registered IR keymap rc-empty [ 700.593638][T15773] syz.3.2766: attempt to access beyond end of device [ 700.593638][T15773] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 700.596411][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 700.625143][T15773] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 700.636376][T15773] syz.3.2766: attempt to access beyond end of device [ 700.636376][T15773] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0 [ 700.659700][T15773] syz.3.2766: attempt to access beyond end of device [ 700.659700][T15773] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 700.660082][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 700.704545][T15773] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 700.705242][T15796] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 700.727444][ T5937] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 700.733785][T15773] syz.3.2766: attempt to access beyond end of device [ 700.733785][T15773] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 700.753869][ T5937] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input63 [ 700.771315][T15773] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 700.785378][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 700.792332][T15773] syz.3.2766: attempt to access beyond end of device [ 700.792332][T15773] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 700.809513][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 700.817748][T15773] syz.3.2766: attempt to access beyond end of device [ 700.817748][T15773] nbd3: rw=0, sector=2048, nr_sectors = 8 limit=0 [ 700.834164][T15773] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 700.834237][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 700.852048][T15773] syz.3.2766: attempt to access beyond end of device [ 700.852048][T15773] nbd3: rw=0, sector=4096, nr_sectors = 8 limit=0 [ 701.014358][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 701.063323][T15773] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 701.066666][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 701.107966][T15773] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 701.123059][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 701.155150][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 701.183092][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 701.214740][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 701.236649][ T5937] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 701.262314][T15811] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23217 sclass=netlink_route_socket pid=15811 comm=syz.4.2773 [ 701.342685][ T5937] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 701.363711][ T5937] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 701.405588][ T5937] usb 4-1: USB disconnect, device number 71 [ 701.640480][T15823] overlayfs: failed to clone upperpath [ 701.670090][T15825] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2780'. [ 701.872868][ T8] usb 5-1: new high-speed USB device number 76 using dummy_hcd [ 701.882622][T15829] fuse: Bad value for 'fd' [ 701.893008][ T2144] usb 1-1: new full-speed USB device number 74 using dummy_hcd [ 702.048075][ T2144] usb 1-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x7F, changing to 0xF [ 702.048274][ T8] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 702.070425][ T2144] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 702.082164][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 702.082541][ T2144] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 29949, setting to 64 [ 702.111192][ T8] usb 5-1: Product: syz [ 702.112256][ T2144] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 702.129208][ T2144] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 702.146560][ T8] usb 5-1: Manufacturer: syz [ 702.152589][ T8] usb 5-1: SerialNumber: syz [ 702.152862][ T2144] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 702.191294][ T2144] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 702.213346][ T2144] usb 1-1: SerialNumber: syz [ 702.262103][T15819] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 702.269410][T15819] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 702.298287][ T8] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 702.314892][ T5937] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 702.479405][T15836] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 702.627802][T15839] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2785'. [ 702.653129][T15839] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2785'. [ 702.665092][ T29] audit: type=1400 audit(1999992064.836:6862): avc: denied { mount } for pid=15838 comm="syz.3.2785" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 702.766671][T15839] mkiss: ax0: crc mode is auto. [ 702.882823][ C1] hrtimer: interrupt took 30283 ns [ 703.134162][T15843] mkiss: ax0: crc mode is auto. [ 703.186656][ T5834] Bluetooth: hci3: unexpected event 0x01 length: 4 > 1 [ 703.347161][T15857] random: crng reseeded on system resumption [ 703.435456][T15861] FAULT_INJECTION: forcing a failure. [ 703.435456][T15861] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 703.470457][T15861] CPU: 1 UID: 0 PID: 15861 Comm: syz.3.2791 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 703.470487][T15861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 703.470498][T15861] Call Trace: [ 703.470504][T15861] [ 703.470511][T15861] dump_stack_lvl+0x16c/0x1f0 [ 703.470543][T15861] should_fail_ex+0x497/0x5b0 [ 703.470568][T15861] _copy_from_user+0x2e/0xd0 [ 703.470594][T15861] __sys_bpf+0x21c/0x49c0 [ 703.470614][T15861] ? __pfx_lock_release+0x10/0x10 [ 703.470639][T15861] ? __pfx___sys_bpf+0x10/0x10 [ 703.470657][T15861] ? vfs_write+0x306/0x1150 [ 703.470684][T15861] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 703.470717][T15861] ? fput+0x67/0x440 [ 703.470735][T15861] ? ksys_write+0x1ba/0x250 [ 703.470759][T15861] ? __pfx_ksys_write+0x10/0x10 [ 703.470786][T15861] __x64_sys_bpf+0x78/0xc0 [ 703.470806][T15861] do_syscall_64+0xcd/0x250 [ 703.470832][T15861] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.470858][T15861] RIP: 0033:0x7f534bb8cd29 [ 703.470872][T15861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.470891][T15861] RSP: 002b:00007f534c9b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 703.470909][T15861] RAX: ffffffffffffffda RBX: 00007f534bda5fa0 RCX: 00007f534bb8cd29 [ 703.470922][T15861] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a [ 703.470933][T15861] RBP: 00007f534c9b6090 R08: 0000000000000000 R09: 0000000000000000 [ 703.470944][T15861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 703.470956][T15861] R13: 0000000000000000 R14: 00007f534bda5fa0 R15: 00007ffc90172208 [ 703.470974][T15861] [ 703.640401][ C1] vkms_vblank_simulate: vblank timer overrun [ 703.677344][ T5937] usb 5-1: Service connection timeout for: 256 [ 703.709299][ T5937] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services [ 703.738008][ T5937] ath9k_htc: Failed to initialize the device [ 703.748232][ T5937] usb 5-1: ath9k_htc: USB layer deinitialized [ 703.818417][T15864] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2790'. [ 703.963827][T15860] wg1 speed is unknown, defaulting to 1000 [ 704.133862][ T8] usb 4-1: new high-speed USB device number 72 using dummy_hcd [ 704.283742][ T8] usb 4-1: Using ep0 maxpacket: 16 [ 704.291112][ T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 704.304928][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 704.330929][ T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 36 [ 704.355836][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 704.389255][ T8] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 704.399030][ T8] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 704.419243][ T8] usb 4-1: Manufacturer: syz [ 704.441837][ T8] usb 4-1: config 0 descriptor?? [ 704.571940][ T29] audit: type=1400 audit(1999992066.736:6863): avc: denied { read } for pid=5178 comm="acpid" name="mouse9" dev="devtmpfs" ino=4075 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 704.595032][ T29] audit: type=1400 audit(1999992066.736:6864): avc: denied { open } for pid=5178 comm="acpid" path="/dev/input/mouse9" dev="devtmpfs" ino=4075 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 704.617814][ C1] vkms_vblank_simulate: vblank timer overrun [ 704.675632][ T5874] usb 1-1: USB disconnect, device number 74 [ 704.689017][ T29] audit: type=1400 audit(1999992066.736:6865): avc: denied { ioctl } for pid=5178 comm="acpid" path="/dev/input/mouse9" dev="devtmpfs" ino=4075 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1 [ 704.762854][ T8] rc_core: IR keymap rc-hauppauge not found [ 704.768880][ T8] Registered IR keymap rc-empty [ 704.780909][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 704.803906][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 704.823175][ T8] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 704.832462][T15883] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23217 sclass=netlink_route_socket pid=15883 comm=syz.1.2799 [ 704.862513][T15867] syz.3.2793: attempt to access beyond end of device [ 704.862513][T15867] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 704.875851][T15867] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 704.884762][ T8] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input64 [ 704.890618][T15885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2800'. [ 704.905002][T15867] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 704.924120][T15867] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 704.933311][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 704.935388][T15867] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 704.964328][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 704.971227][T15867] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 704.981181][T15887] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0 [ 704.989892][T15867] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 704.989918][T15867] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 705.010363][ T933] usb 3-1: new high-speed USB device number 66 using dummy_hcd [ 705.019996][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 705.045278][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 705.063063][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 705.083805][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 705.104102][ T5874] usb 1-1: new high-speed USB device number 75 using dummy_hcd [ 705.106784][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 705.143342][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 705.164297][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 705.284119][ T5874] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 705.298865][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 705.308112][ T5874] usb 1-1: Product: syz [ 705.317151][ T5874] usb 1-1: Manufacturer: syz [ 705.322133][ T5874] usb 1-1: SerialNumber: syz [ 705.347471][ T5874] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 705.380082][ T2144] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 705.470283][ T933] usb 3-1: Using ep0 maxpacket: 32 [ 705.475540][ T8] mceusb 4-1:0.0: Error: mce write urb status = -71 [ 705.482682][ T933] usb 3-1: too many configurations: 129, using maximum allowed: 8 [ 705.491728][ T933] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 705.502060][ T8] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 705.510140][ T933] usb 3-1: config 0 has an invalid interface number: 51 but max is 4 [ 705.518674][ T8] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 705.528636][ T933] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 705.539725][ T933] usb 3-1: config 0 has no interface number 0 [ 705.547771][ T8] usb 4-1: USB disconnect, device number 72 [ 705.555190][ T933] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 63744, setting to 1024 [ 705.567038][ T933] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 705.579143][ T933] usb 3-1: config index 1 descriptor too short (expected 6427, got 27) [ 705.593478][ T933] usb 3-1: config 0 has an invalid interface number: 51 but max is 4 [ 705.601601][ T933] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 705.621829][ T933] usb 3-1: config 0 has no interface number 0 [ 705.633367][ T933] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 63744, setting to 1024 [ 705.653303][ T933] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 705.695140][ T5874] usb 5-1: USB disconnect, device number 76 [ 705.701911][ T933] usb 3-1: config index 2 descriptor too short (expected 6427, got 27) [ 705.725786][ T933] usb 3-1: config 0 has an invalid interface number: 51 but max is 4 [ 705.787737][ T933] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 706.091873][ T933] usb 3-1: config 0 has no interface number 0 [ 706.124448][ T933] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 63744, setting to 1024 [ 706.259114][ T933] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 706.270085][ T933] usb 3-1: config index 3 descriptor too short (expected 6427, got 27) [ 706.290075][ T933] usb 3-1: config 0 has an invalid interface number: 51 but max is 4 [ 706.298365][ T933] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 706.342516][ T933] usb 3-1: config 0 has no interface number 0 [ 706.358526][ T933] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 63744, setting to 1024 [ 706.372505][ T933] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 706.384710][ T933] usb 3-1: config index 4 descriptor too short (expected 6427, got 27) [ 706.479226][T15907] random: crng reseeded on system resumption [ 706.676703][T15907] wg1 speed is unknown, defaulting to 1000 [ 706.967516][ T2144] usb 1-1: Service connection timeout for: 256 [ 706.973801][ T2144] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services [ 707.014528][ T933] usb 3-1: config 0 has an invalid interface number: 51 but max is 4 [ 707.022636][ T933] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 707.031256][ T2144] ath9k_htc: Failed to initialize the device [ 707.033669][ T933] usb 3-1: config 0 has no interface number 0 [ 707.045886][ T933] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 63744, setting to 1024 [ 707.058060][ T933] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 707.069557][ T933] usb 3-1: config index 5 descriptor too short (expected 6427, got 27) [ 707.077848][ T933] usb 3-1: config 0 has an invalid interface number: 51 but max is 4 [ 707.087610][ T933] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 707.096899][ T933] usb 3-1: config 0 has no interface number 0 [ 707.103109][ T933] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 63744, setting to 1024 [ 707.115337][ T933] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 707.128350][ T933] usb 3-1: config index 6 descriptor too short (expected 6427, got 27) [ 707.138653][ T933] usb 3-1: config 0 has an invalid interface number: 51 but max is 4 [ 707.151193][ T2144] usb 1-1: ath9k_htc: USB layer deinitialized [ 707.157393][ T933] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 707.183314][ T933] usb 3-1: config 0 has no interface number 0 [ 707.190262][ T933] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 63744, setting to 1024 [ 707.211363][ T933] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 707.224493][ T933] usb 3-1: config index 7 descriptor too short (expected 6427, got 27) [ 707.234842][ T933] usb 3-1: config 0 has an invalid interface number: 51 but max is 4 [ 707.243825][ T933] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 5 [ 707.252766][ T933] usb 3-1: config 0 has no interface number 0 [ 707.259589][ T933] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 63744, setting to 1024 [ 707.272453][ T933] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 707.286238][ T933] usb 3-1: New USB device found, idVendor=7b2a, idProduct=c150, bcdDevice=ce.6f [ 707.297072][ T933] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 707.307927][ T933] usb 3-1: Product: syz [ 707.312406][ T933] usb 3-1: Manufacturer: syz [ 707.318507][ T933] usb 3-1: SerialNumber: syz [ 707.329997][ T933] usb 3-1: config 0 descriptor?? [ 707.336204][T15879] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22 [ 707.344592][T15914] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2804'. [ 707.442874][ T6359] usb 4-1: new full-speed USB device number 73 using dummy_hcd [ 707.780122][ T6359] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x7F, changing to 0xF [ 707.803046][ T6359] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 707.822936][ T6359] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 29949, setting to 64 [ 707.835047][ T6359] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 707.869885][ T6359] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 708.003711][ T6359] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 708.018084][ T6359] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 708.165740][ T5874] usb 1-1: USB disconnect, device number 75 [ 708.176022][ T6359] usb 4-1: SerialNumber: syz [ 708.189098][T15911] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 708.206901][T15911] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 709.191674][T15935] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23217 sclass=netlink_route_socket pid=15935 comm=syz.0.2810 [ 709.501850][ T5910] usb 3-1: USB disconnect, device number 66 [ 710.355086][T15952] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 711.009969][ T6359] usb 4-1: USB disconnect, device number 73 [ 711.365460][T15961] overlayfs: failed to verify upper root origin [ 711.401478][T15961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2819'. [ 712.509071][T15986] FAULT_INJECTION: forcing a failure. [ 712.509071][T15986] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 712.534618][T15986] CPU: 0 UID: 0 PID: 15986 Comm: syz.4.2826 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 712.534643][T15986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 712.534654][T15986] Call Trace: [ 712.534660][T15986] [ 712.534668][T15986] dump_stack_lvl+0x16c/0x1f0 [ 712.534691][T15986] should_fail_ex+0x497/0x5b0 [ 712.534706][T15986] _copy_to_user+0x32/0xd0 [ 712.534722][T15986] simple_read_from_buffer+0xd0/0x160 [ 712.534737][T15986] proc_fail_nth_read+0x198/0x270 [ 712.534751][T15986] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 712.534763][T15986] ? security_file_permission+0x71/0x210 [ 712.534776][T15986] ? rw_verify_area+0xcf/0x680 [ 712.534791][T15986] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 712.534804][T15986] vfs_read+0x1df/0xbf0 [ 712.534819][T15986] ? __fget_files+0x1fc/0x3a0 [ 712.534834][T15986] ? __pfx___mutex_lock+0x10/0x10 [ 712.534849][T15986] ? __pfx_vfs_read+0x10/0x10 [ 712.534865][T15986] ? __fget_files+0x206/0x3a0 [ 712.534882][T15986] ksys_read+0x12b/0x250 [ 712.534896][T15986] ? __pfx_ksys_read+0x10/0x10 [ 712.534909][T15986] ? __might_fault+0xe3/0x190 [ 712.534923][T15986] ? rcu_is_watching+0x12/0xc0 [ 712.534935][T15986] do_syscall_64+0xcd/0x250 [ 712.534951][T15986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.534966][T15986] RIP: 0033:0x7f49bff8b73c [ 712.534975][T15986] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 712.534985][T15986] RSP: 002b:00007f49c0d5b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 712.534996][T15986] RAX: ffffffffffffffda RBX: 00007f49c01a5fa0 RCX: 00007f49bff8b73c [ 712.535003][T15986] RDX: 000000000000000f RSI: 00007f49c0d5b0a0 RDI: 0000000000000005 [ 712.535010][T15986] RBP: 00007f49c0d5b090 R08: 0000000000000000 R09: 0000000000000000 [ 712.535016][T15986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 712.535023][T15986] R13: 0000000000000000 R14: 00007f49c01a5fa0 R15: 00007ffd92ccb518 [ 712.535033][T15986] [ 712.734150][ C0] vkms_vblank_simulate: vblank timer overrun [ 712.984961][T15236] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 713.008251][T15236] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 713.025527][T15236] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 713.039478][T15236] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 713.047527][T15236] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 713.054622][T15236] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 713.083019][ T29] audit: type=1400 audit(1999992075.246:6866): avc: denied { mounton } for pid=15988 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 713.129626][T12001] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 713.168642][T15988] wg1 speed is unknown, defaulting to 1000 [ 713.175720][ T29] audit: type=1400 audit(1999992075.336:6867): avc: denied { bind } for pid=15994 comm="syz.4.2829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 713.220807][ T29] audit: type=1400 audit(1999992075.336:6868): avc: denied { name_bind } for pid=15994 comm="syz.4.2829" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 713.249619][ T29] audit: type=1400 audit(1999992075.336:6869): avc: denied { node_bind } for pid=15994 comm="syz.4.2829" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 713.250359][T12001] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 713.270950][ T29] audit: type=1400 audit(1999992075.336:6870): avc: denied { connect } for pid=15994 comm="syz.4.2829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 713.270983][ T29] audit: type=1400 audit(1999992075.336:6871): avc: denied { name_connect } for pid=15994 comm="syz.4.2829" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 713.643267][T12001] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 713.675127][T15988] chnl_net:caif_netlink_parms(): no params data found [ 713.684746][ T6359] usb 4-1: new full-speed USB device number 74 using dummy_hcd [ 713.698059][T12001] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 713.729373][T15988] bridge0: port 1(bridge_slave_0) entered blocking state [ 713.737400][T15988] bridge0: port 1(bridge_slave_0) entered disabled state [ 713.744711][T15988] bridge_slave_0: entered allmulticast mode [ 713.751279][T15988] bridge_slave_0: entered promiscuous mode [ 713.758648][T15988] bridge0: port 2(bridge_slave_1) entered blocking state [ 713.766118][T15988] bridge0: port 2(bridge_slave_1) entered disabled state [ 713.774868][T15988] bridge_slave_1: entered allmulticast mode [ 713.781204][T15988] bridge_slave_1: entered promiscuous mode [ 713.797118][T15988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 713.808097][T15988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 713.836060][T15988] team0: Port device team_slave_0 added [ 713.845653][T15988] team0: Port device team_slave_1 added [ 713.854874][ T6359] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x7F, changing to 0xF [ 713.866899][ T6359] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 713.877867][ T6359] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 29949, setting to 64 [ 713.888786][ T6359] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 713.900031][ T6359] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 713.915194][ T6359] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 713.920145][T15988] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 713.924597][ T6359] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 713.924620][ T6359] usb 4-1: SerialNumber: syz [ 713.946140][T16000] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 713.956940][T16000] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 713.965056][T15988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 713.991903][T15988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 714.003796][T12001] bridge_slave_1: left allmulticast mode [ 714.009473][T12001] bridge_slave_1: left promiscuous mode [ 714.016741][T12001] bridge0: port 2(bridge_slave_1) entered disabled state [ 714.026391][T12001] bridge_slave_0: left allmulticast mode [ 714.032036][T12001] bridge_slave_0: left promiscuous mode [ 714.038320][T12001] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.059045][T15988] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 714.066576][T15988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 714.094114][T15988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 714.117411][T12001] batman_adv: batadv0: Removing interface: gretap1 [ 714.168429][T12001] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 714.178807][T12001] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 714.189126][T12001] bond0 (unregistering): Released all slaves [ 714.199030][T12001] bond1 (unregistering): Released all slaves [ 714.210663][T12001] bond2 (unregistering): Released all slaves [ 714.224593][T12001] bond3 (unregistering): Released all slaves [ 714.235038][T12001] bond4 (unregistering): Released all slaves [ 714.257334][T12001] bond5 (unregistering): Released all slaves [ 714.268946][T12001] bond6 (unregistering): Released all slaves [ 714.282638][T12001] bond7 (unregistering): Released all slaves [ 714.307337][T15988] hsr_slave_0: entered promiscuous mode [ 714.315171][T15988] hsr_slave_1: entered promiscuous mode [ 714.320928][T15988] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 714.329390][T15988] Cannot create hsr debugfs directory [ 714.774264][T16025] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 715.112887][ T5834] Bluetooth: hci2: command tx timeout [ 716.510158][ T8] usb 4-1: USB disconnect, device number 74 [ 716.792871][ T25] usb 1-1: new high-speed USB device number 76 using dummy_hcd [ 717.161728][T16053] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 717.304240][ T5834] Bluetooth: hci2: command tx timeout [ 717.455994][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 717.473102][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 717.545650][ T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 717.569637][ T25] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 717.582360][T16058] FAULT_INJECTION: forcing a failure. [ 717.582360][T16058] name failslab, interval 1, probability 0, space 0, times 0 [ 717.595002][T16058] CPU: 1 UID: 0 PID: 16058 Comm: syz.4.2846 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 717.595028][T16058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 717.595039][T16058] Call Trace: [ 717.595045][T16058] [ 717.595052][T16058] dump_stack_lvl+0x16c/0x1f0 [ 717.595082][T16058] should_fail_ex+0x497/0x5b0 [ 717.595104][T16058] ? rcu_is_watching+0x12/0xc0 [ 717.595125][T16058] should_failslab+0xc2/0x120 [ 717.595145][T16058] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 717.595172][T16058] ? lock_acquire+0x2f/0xb0 [ 717.595196][T16058] ? sctp_get_port_local+0x57a/0x1650 [ 717.595221][T16058] ? sctp_get_port_local+0xba4/0x1650 [ 717.595251][T16058] sctp_get_port_local+0xba4/0x1650 [ 717.595278][T16058] ? sctp_bind_addr_match+0x43/0x300 [ 717.595299][T16058] ? __pfx_sctp_get_port_local+0x10/0x10 [ 717.595323][T16058] ? lock_acquire+0x2f/0xb0 [ 717.595345][T16058] ? sctp_bind_addr_match+0x43/0x300 [ 717.595368][T16058] ? sctp_bind_addr_match+0x19d/0x300 [ 717.595390][T16058] sctp_do_bind+0x223/0x700 [ 717.595418][T16058] ? __pfx_sctp_bind+0x10/0x10 [ 717.595444][T16058] sctp_bind+0xa4/0x110 [ 717.595470][T16058] inet_bind_sk+0xdb/0x230 [ 717.595489][T16058] ? __pfx_inet_bind_sk+0x10/0x10 [ 717.595512][T16058] __sys_bind+0x213/0x260 [ 717.595536][T16058] ? __pfx___sys_bind+0x10/0x10 [ 717.595559][T16058] ? __fget_files+0x206/0x3a0 [ 717.595589][T16058] ? __pfx_ksys_write+0x10/0x10 [ 717.595615][T16058] ? rcu_is_watching+0x12/0xc0 [ 717.595635][T16058] __x64_sys_bind+0x72/0xb0 [ 717.595659][T16058] do_syscall_64+0xcd/0x250 [ 717.595686][T16058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.595712][T16058] RIP: 0033:0x7f49bff8cd29 [ 717.595727][T16058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.595745][T16058] RSP: 002b:00007f49c0d5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 717.595764][T16058] RAX: ffffffffffffffda RBX: 00007f49c01a5fa0 RCX: 00007f49bff8cd29 [ 717.595776][T16058] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000004 [ 717.595788][T16058] RBP: 00007f49c0d5b090 R08: 0000000000000000 R09: 0000000000000000 [ 717.595799][T16058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 717.595810][T16058] R13: 0000000000000000 R14: 00007f49c01a5fa0 R15: 00007ffd92ccb518 [ 717.595828][T16058] [ 717.597190][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 717.849117][ T25] usb 1-1: config 0 descriptor?? [ 718.073087][ T8] usb 5-1: new high-speed USB device number 77 using dummy_hcd [ 718.653870][ T25] acrux 0003:1A34:0802.0016: unknown main item tag 0x0 [ 718.690220][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 718.696595][ T8] usb 5-1: config 0 has an invalid interface number: 251 but max is 0 [ 718.696964][ T25] acrux 0003:1A34:0802.0016: unknown main item tag 0x0 [ 718.712883][ T25] acrux 0003:1A34:0802.0016: unknown main item tag 0x0 [ 718.719758][ T25] acrux 0003:1A34:0802.0016: unknown main item tag 0x0 [ 718.727300][ T25] acrux 0003:1A34:0802.0016: unknown main item tag 0x0 [ 718.742066][ T25] acrux 0003:1A34:0802.0016: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.0-1/input0 [ 718.747334][ T8] usb 5-1: config 0 has no interface number 0 [ 718.760229][ T25] acrux 0003:1A34:0802.0016: no inputs found [ 718.760609][ T8] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 718.828134][ T8] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 718.867978][ T25] acrux 0003:1A34:0802.0016: Failed to enable force feedback support, error: -19 [ 718.995182][ T25] usb 1-1: USB disconnect, device number 76 [ 719.004407][ T8] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 719.015315][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 719.024866][ T8] usb 5-1: Product: syz [ 719.030040][ T8] usb 5-1: Manufacturer: syz [ 719.034724][ T8] usb 5-1: SerialNumber: syz [ 719.052172][ T8] usb 5-1: config 0 descriptor?? [ 719.059271][T16062] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 719.067426][T16062] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 719.113059][T16073] FAULT_INJECTION: forcing a failure. [ 719.113059][T16073] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 719.126311][T16073] CPU: 0 UID: 0 PID: 16073 Comm: syz.3.2850 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 719.126332][T16073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 719.126343][T16073] Call Trace: [ 719.126353][T16073] [ 719.126359][T16073] dump_stack_lvl+0x16c/0x1f0 [ 719.126385][T16073] should_fail_ex+0x497/0x5b0 [ 719.126406][T16073] strncpy_from_user+0x3b/0x2d0 [ 719.126427][T16073] getname_flags.part.0+0x8f/0x550 [ 719.126446][T16073] ? bpf_lsm_capable+0x9/0x10 [ 719.126466][T16073] getname+0x8d/0xe0 [ 719.126486][T16073] __x64_sys_acct+0x73/0x220 [ 719.126508][T16073] do_syscall_64+0xcd/0x250 [ 719.126531][T16073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.126553][T16073] RIP: 0033:0x7f534bb8cd29 [ 719.126565][T16073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 719.126580][T16073] RSP: 002b:00007f534c9b6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 719.126596][T16073] RAX: ffffffffffffffda RBX: 00007f534bda5fa0 RCX: 00007f534bb8cd29 [ 719.126607][T16073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000040 [ 719.126617][T16073] RBP: 00007f534c9b6090 R08: 0000000000000000 R09: 0000000000000000 [ 719.126627][T16073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 719.126637][T16073] R13: 0000000000000000 R14: 00007f534bda5fa0 R15: 00007ffc90172208 [ 719.126651][T16073] [ 719.291195][T16062] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 719.298565][T16062] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 719.352855][ T5834] Bluetooth: hci2: command tx timeout [ 719.544234][ T5910] usb 4-1: new full-speed USB device number 75 using dummy_hcd [ 719.695554][ T5910] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x7F, changing to 0xF [ 719.707021][ T5910] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 719.718123][ T5910] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 29949, setting to 64 [ 719.729797][ T5910] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 719.740596][ T5910] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 719.756960][ T5910] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 719.766299][ T5910] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 719.774302][ T5910] usb 4-1: SerialNumber: syz [ 719.780334][T16075] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 719.787764][T16075] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 721.434335][ T5834] Bluetooth: hci2: command tx timeout [ 722.311083][ T5874] usb 4-1: USB disconnect, device number 75 [ 722.772840][ T5910] usb 4-1: new high-speed USB device number 76 using dummy_hcd [ 722.922874][ T5910] usb 4-1: Using ep0 maxpacket: 16 [ 722.929380][ T5910] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 722.941861][ T5910] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 722.955725][ T5910] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 722.965695][ T5910] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 722.973771][ T5910] usb 4-1: Product: syz [ 722.977958][ T5910] usb 4-1: Manufacturer: syz [ 722.982550][ T5910] usb 4-1: SerialNumber: syz [ 723.198363][ T5910] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 723.214111][ T5910] usb 4-1: USB disconnect, device number 76 [ 723.384460][ T5825] udevd[5825]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 724.793919][ T8] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -110 [ 724.804455][ T8] asix 5-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffff92 [ 724.815207][ T8] asix 5-1:0.251: probe with driver asix failed with error -110 [ 726.954594][ T9] kworker/0:1 (9) used greatest stack depth: 20864 bytes left [ 730.899604][T15236] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 730.906788][T15236] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 730.914307][T15236] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 730.922081][T15236] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 730.931002][T15236] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 730.939010][T15236] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 731.933948][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 731.941147][ T5834] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 731.948845][ T5834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 731.957649][ T5834] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 731.965299][ T5834] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 731.972455][ T5834] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 732.897628][T15236] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 732.905926][T15236] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 732.914141][T15236] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 732.921682][T15236] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 732.929151][T15236] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 732.936356][T15236] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 732.953771][ T5834] Bluetooth: hci5: command tx timeout [ 733.992989][ T5834] Bluetooth: hci4: command tx timeout [ 734.952893][ T5834] Bluetooth: hci6: command tx timeout [ 735.034414][ T5834] Bluetooth: hci5: command tx timeout [ 736.072926][ T5834] Bluetooth: hci4: command tx timeout [ 737.032895][ T5834] Bluetooth: hci6: command tx timeout [ 737.113380][ T5834] Bluetooth: hci5: command tx timeout [ 738.152950][ T5834] Bluetooth: hci4: command tx timeout [ 738.906832][T15236] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 738.916062][T15236] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 738.923252][T15236] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 738.930792][T15236] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 738.938255][T15236] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 738.946003][T15236] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 739.112980][ T5834] Bluetooth: hci6: command tx timeout [ 739.193350][ T5834] Bluetooth: hci5: command tx timeout [ 740.234417][ T5834] Bluetooth: hci4: command tx timeout [ 741.033049][ T5834] Bluetooth: hci7: command tx timeout [ 741.192895][ T5834] Bluetooth: hci6: command tx timeout [ 743.112889][ T5834] Bluetooth: hci7: command tx timeout [ 745.192887][ T5834] Bluetooth: hci7: command tx timeout [ 747.273121][ T5834] Bluetooth: hci7: command tx timeout [ 747.433777][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.440059][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 771.941791][T15236] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 771.950497][T15236] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 771.958626][T15236] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 771.967307][T15236] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 771.974904][T15236] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 771.982028][T15236] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 773.992978][ T5834] Bluetooth: hci8: command tx timeout [ 776.074465][ T5834] Bluetooth: hci8: command tx timeout [ 778.152888][ T5834] Bluetooth: hci8: command tx timeout [ 780.232930][ T5834] Bluetooth: hci8: command tx timeout [ 790.966599][T15236] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 790.974995][T15236] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 790.982141][T15236] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 790.989732][T15236] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 790.997638][T15236] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 791.004898][T15236] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 791.965127][T15236] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 791.972439][T15236] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 791.980744][T15236] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 791.988375][T15236] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 791.996767][T15236] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 792.004909][T15236] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 792.963471][ T5834] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 792.970717][ T5834] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 792.978239][ T5834] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 792.985961][ T5834] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 792.993926][ T5834] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 793.001179][ T5834] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 793.032876][T15236] Bluetooth: hci9: command tx timeout [ 794.074269][T15236] Bluetooth: hci10: command tx timeout [ 795.032996][T15236] Bluetooth: hci11: command tx timeout [ 795.112883][T15236] Bluetooth: hci9: command tx timeout [ 796.152855][T15236] Bluetooth: hci10: command tx timeout [ 797.112951][T15236] Bluetooth: hci11: command tx timeout [ 797.193413][T15236] Bluetooth: hci9: command tx timeout [ 798.242918][T15236] Bluetooth: hci10: command tx timeout [ 798.968491][ T5834] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 798.976543][ T5834] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 798.984521][ T5834] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 798.992163][ T5834] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 798.999725][ T5834] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3 [ 799.007977][ T5834] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 799.193370][ T5834] Bluetooth: hci11: command tx timeout [ 799.272971][ T5834] Bluetooth: hci9: command tx timeout [ 800.312953][ T5834] Bluetooth: hci10: command tx timeout [ 801.032973][ T5834] Bluetooth: hci12: command tx timeout [ 801.272904][ T5834] Bluetooth: hci11: command tx timeout [ 803.113660][ T5834] Bluetooth: hci12: command tx timeout [ 805.193375][ T5834] Bluetooth: hci12: command tx timeout [ 807.272918][ T5834] Bluetooth: hci12: command tx timeout [ 808.873788][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.880067][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 832.007456][T15236] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 832.015744][T15236] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 832.023275][T15236] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 832.030922][T15236] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 832.038415][T15236] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3 [ 832.047322][T15236] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 834.073165][ T5834] Bluetooth: hci13: command tx timeout [ 836.152915][T15236] Bluetooth: hci13: command tx timeout [ 836.552930][T15236] Bluetooth: hci2: command 0x0406 tx timeout [ 838.233792][ T5834] Bluetooth: hci13: command tx timeout [ 840.312901][ T5834] Bluetooth: hci13: command tx timeout [ 851.032304][T15236] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 851.040539][T15236] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 851.049049][T15236] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 851.056718][T15236] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 851.065444][T15236] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3 [ 851.072662][T15236] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 852.033122][T15236] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 852.040509][T15236] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 852.047825][T15236] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 852.055776][T15236] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 852.064144][T15236] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3 [ 852.071351][T15236] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 853.038138][ T5834] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 853.045666][ T5834] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 853.053981][ T5834] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 853.061593][ T5834] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 853.069289][ T5834] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3 [ 853.076776][ T5834] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 853.114459][T15236] Bluetooth: hci14: command tx timeout [ 854.162904][T15236] Bluetooth: hci15: command tx timeout [ 855.112904][T15236] Bluetooth: hci16: command tx timeout [ 855.193377][T15236] Bluetooth: hci14: command tx timeout [ 856.232946][T15236] Bluetooth: hci15: command tx timeout [ 857.033785][ T5839] Bluetooth: hci6: command 0x0406 tx timeout [ 857.033961][T15236] Bluetooth: hci4: command 0x0406 tx timeout [ 857.039786][ T5839] Bluetooth: hci5: command 0x0406 tx timeout [ 857.192866][T16144] Bluetooth: hci16: command tx timeout [ 857.273816][T16144] Bluetooth: hci14: command tx timeout [ 858.312889][T16144] Bluetooth: hci15: command tx timeout [ 859.272956][T16144] Bluetooth: hci16: command tx timeout [ 859.353841][T16144] Bluetooth: hci14: command tx timeout [ 859.544405][T15164] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1 [ 859.551704][T15164] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9 [ 859.559862][T15164] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9 [ 859.568234][T15164] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4 [ 859.575762][T15164] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3 [ 859.583051][T15164] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2 [ 860.392904][T15164] Bluetooth: hci15: command tx timeout [ 861.352907][ T5834] Bluetooth: hci16: command tx timeout [ 861.592879][ T5834] Bluetooth: hci17: command tx timeout [ 862.163686][ T5834] Bluetooth: hci7: command 0x0406 tx timeout [ 863.672892][T16144] Bluetooth: hci17: command tx timeout [ 865.752909][T16144] Bluetooth: hci17: command tx timeout [ 867.832862][T16144] Bluetooth: hci17: command tx timeout [ 868.393813][ T30] INFO: task kworker/1:8:6359 blocked for more than 143 seconds. [ 868.401563][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 868.408864][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 868.417554][ T30] task:kworker/1:8 state:D stack:21432 pid:6359 tgid:6359 ppid:2 flags:0x00004000 [ 868.428056][ T30] Workqueue: events disconnect_work [ 868.433300][ T30] Call Trace: [ 868.436566][ T30] [ 868.439474][ T30] __schedule+0x1142/0x5b60 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 868.444011][ T30] ? __schedule+0x114a/0x5b60 [ 868.448795][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.454105][ T29] audit: type=1400 audit(1999992230.616:6872): avc: denied { write } for pid=5811 comm="syz-executor" path="pipe:[4993]" dev="pipefs" ino=4993 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 868.477297][ T30] ? __pfx___schedule+0x10/0x10 [ 868.482158][ T30] ? lock_release+0x4e2/0x6f0 [ 868.487378][ T30] ? schedule+0x298/0x350 [ 868.491713][ T30] ? __pfx_lock_release+0x10/0x10 [ 868.523298][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 868.529398][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.534653][ T30] ? trace_irq_enable.constprop.0+0xea/0x140 [ 868.540642][ T30] schedule+0xe7/0x350 [ 868.545249][ T30] schedule_preempt_disabled+0x13/0x30 [ 868.550788][ T30] __mutex_lock+0x6bd/0xb10 [ 868.555350][ T30] ? disconnect_work+0xa0/0x2a0 [ 868.560195][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 868.565249][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 868.570440][ T30] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 868.576749][ T30] ? process_one_work+0x813/0x1ba0 [ 868.581845][ T30] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 868.587777][ T30] ? disconnect_work+0xa0/0x2a0 [ 868.592621][ T30] disconnect_work+0xa0/0x2a0 [ 868.597297][ T30] process_one_work+0x9c5/0x1ba0 [ 868.602233][ T30] ? __pfx_process_one_work+0x10/0x10 [ 868.607942][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.612685][ T30] ? assign_work+0x1a0/0x250 [ 868.617281][ T30] worker_thread+0x6c8/0xf00 [ 868.621868][ T30] ? __kthread_parkme+0x148/0x220 [ 868.626958][ T30] ? __pfx_worker_thread+0x10/0x10 [ 868.632072][ T30] kthread+0x3af/0x750 [ 868.636650][ T30] ? __pfx_kthread+0x10/0x10 [ 868.641239][ T30] ? lock_acquire+0x2f/0xb0 [ 868.645787][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.650605][ T30] ? __pfx_kthread+0x10/0x10 [ 868.655207][ T30] ret_from_fork+0x45/0x80 [ 868.659617][ T30] ? __pfx_kthread+0x10/0x10 [ 868.664710][ T30] ret_from_fork_asm+0x1a/0x30 [ 868.669474][ T30] [ 868.672480][ T30] INFO: task kworker/u8:17:11991 blocked for more than 143 seconds. [ 868.680466][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 868.687750][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 868.696747][ T30] task:kworker/u8:17 state:D stack:23832 pid:11991 tgid:11991 ppid:2 flags:0x00004000 [ 868.706939][ T30] Workqueue: events_unbound linkwatch_event [ 868.712862][ T30] Call Trace: [ 868.716128][ T30] [ 868.719032][ T30] __schedule+0x1142/0x5b60 [ 868.724054][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.728812][ T30] ? lock_release+0x4e2/0x6f0 [ 868.733508][ T30] ? __pfx___schedule+0x10/0x10 [ 868.738358][ T30] ? lock_release+0x4e2/0x6f0 [ 868.743060][ T30] ? schedule+0x298/0x350 [ 868.747409][ T30] ? __pfx_lock_release+0x10/0x10 [ 868.752521][ T30] ? __mutex_trylock_common+0x78/0x250 [ 868.758359][ T30] ? schedule+0x1fd/0x350 [ 868.762671][ T30] ? lock_acquire+0x2f/0xb0 [ 868.767188][ T30] ? schedule+0x1fd/0x350 [ 868.771511][ T30] schedule+0xe7/0x350 [ 868.775597][ T30] schedule_preempt_disabled+0x13/0x30 [ 868.781051][ T30] __mutex_lock+0x6bd/0xb10 [ 868.785877][ T30] ? linkwatch_event+0x51/0xc0 [ 868.790640][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 868.795680][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.800437][ T30] ? linkwatch_event+0x51/0xc0 [ 868.805220][ T30] linkwatch_event+0x51/0xc0 [ 868.809804][ T30] ? __pfx_linkwatch_event+0x10/0x10 [ 868.815442][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.820192][ T30] process_one_work+0x9c5/0x1ba0 [ 868.825149][ T30] ? __pfx_process_one_work+0x10/0x10 [ 868.830524][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.835314][ T30] ? assign_work+0x1a0/0x250 [ 868.839901][ T30] worker_thread+0x6c8/0xf00 [ 868.845004][ T30] ? __kthread_parkme+0x148/0x220 [ 868.850024][ T30] ? __pfx_worker_thread+0x10/0x10 [ 868.855261][ T30] kthread+0x3af/0x750 [ 868.859338][ T30] ? __pfx_kthread+0x10/0x10 [ 868.863970][ T30] ? lock_acquire+0x2f/0xb0 [ 868.868481][ T30] ? rcu_is_watching+0x12/0xc0 [ 868.873843][ T30] ? __pfx_kthread+0x10/0x10 [ 868.878431][ T30] ret_from_fork+0x45/0x80 [ 868.882860][ T30] ? __pfx_kthread+0x10/0x10 [ 868.887446][ T30] ret_from_fork_asm+0x1a/0x30 [ 868.892189][ T30] [ 868.895223][ T30] INFO: task kworker/u8:26:12000 blocked for more than 143 seconds. [ 868.903720][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 868.910986][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 868.919659][ T30] task:kworker/u8:26 state:D stack:25040 pid:12000 tgid:12000 ppid:2 flags:0x00004000 [ 868.929848][ T30] Workqueue: cfg80211 cfg80211_dfs_channels_update_work [ 868.937127][ T30] Call Trace: [ 868.940400][ T30] [ 868.943345][ T30] __schedule+0x1142/0x5b60 [ 868.947842][ T30] ? __pfx_lock_release+0x10/0x10 [ 868.952890][ T30] ? __pfx_lock_release+0x10/0x10 [ 868.957974][ T30] ? lock_unpin_lock+0x1/0x3e0 [ 868.962714][ T30] ? __pfx___schedule+0x10/0x10 [ 868.967926][ T30] ? lock_release+0x4e2/0x6f0 [ 868.972586][ T30] ? schedule+0x298/0x350 [ 868.976936][ T30] ? __pfx_lock_release+0x10/0x10 [ 868.981967][ T30] ? __mutex_trylock_common+0x78/0x250 [ 868.987454][ T30] ? schedule+0x1fd/0x350 [ 868.991783][ T30] ? lock_acquire+0x2f/0xb0 [ 868.996620][ T30] ? schedule+0x1fd/0x350 [ 869.000929][ T30] schedule+0xe7/0x350 [ 869.005005][ T30] schedule_preempt_disabled+0x13/0x30 [ 869.010461][ T30] __mutex_lock+0x6bd/0xb10 [ 869.014976][ T30] ? lock_acquire+0x2f/0xb0 [ 869.019475][ T30] ? dl_scaled_delta_exec+0xdd/0x2e0 [ 869.025260][ T30] ? cfg80211_dfs_channels_update_work+0xd0/0x640 [ 869.031673][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 869.036937][ T30] ? lock_release+0x4e2/0x6f0 [ 869.041708][ T30] ? sched_clock_cpu+0x6d/0x4d0 [ 869.046582][ T30] ? psi_task_switch+0x203/0x8e0 [ 869.051511][ T30] ? __pfx_lock_release+0x10/0x10 [ 869.056851][ T30] ? lock_release+0x4e2/0x6f0 [ 869.061571][ T30] ? debug_object_deactivate+0x1ef/0x370 [ 869.067222][ T30] ? __pfx_lock_release+0x10/0x10 [ 869.072242][ T30] ? cfg80211_dfs_channels_update_work+0xd0/0x640 [ 869.078667][ T30] ? rtnl_lock+0x9/0x20 [ 869.083343][ T30] cfg80211_dfs_channels_update_work+0xd0/0x640 [ 869.089579][ T30] ? do_raw_spin_unlock+0x172/0x230 [ 869.094795][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.099557][ T30] ? lock_release+0x4e2/0x6f0 [ 869.104271][ T30] ? __pfx_cfg80211_dfs_channels_update_work+0x10/0x10 [ 869.111118][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.116161][ T30] ? process_one_work+0x921/0x1ba0 [ 869.121255][ T30] ? lock_acquire+0x2f/0xb0 [ 869.125769][ T30] ? process_one_work+0x921/0x1ba0 [ 869.130872][ T30] process_one_work+0x9c5/0x1ba0 [ 869.135821][ T30] ? __pfx_process_one_work+0x10/0x10 [ 869.141186][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.146281][ T30] ? assign_work+0x1a0/0x250 [ 869.150853][ T30] worker_thread+0x6c8/0xf00 [ 869.155452][ T30] ? __kthread_parkme+0x148/0x220 [ 869.160469][ T30] ? __pfx_worker_thread+0x10/0x10 [ 869.165678][ T30] kthread+0x3af/0x750 [ 869.169742][ T30] ? __pfx_kthread+0x10/0x10 [ 869.174805][ T30] ? lock_acquire+0x2f/0xb0 [ 869.179312][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.184084][ T30] ? __pfx_kthread+0x10/0x10 [ 869.188667][ T30] ret_from_fork+0x45/0x80 [ 869.193159][ T30] ? __pfx_kthread+0x10/0x10 [ 869.197744][ T30] ret_from_fork_asm+0x1a/0x30 [ 869.202482][ T30] [ 869.205861][ T30] INFO: task kworker/u8:27:12001 blocked for more than 144 seconds. [ 869.214117][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 869.221399][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 869.230103][ T30] task:kworker/u8:27 state:D stack:24104 pid:12001 tgid:12001 ppid:2 flags:0x00004000 [ 869.240544][ T30] Workqueue: netns cleanup_net [ 869.245325][ T30] Call Trace: [ 869.248592][ T30] [ 869.251502][ T30] __schedule+0x1142/0x5b60 [ 869.256031][ T30] ? __switch_to+0x749/0x1190 [ 869.260703][ T30] ? rcu_watching_snap_stopped_since+0x71/0x110 [ 869.267331][ T30] ? __pfx___schedule+0x10/0x10 [ 869.272164][ T30] ? lock_release+0x4e2/0x6f0 [ 869.276994][ T30] ? schedule+0x298/0x350 [ 869.281326][ T30] ? __pfx_lock_release+0x10/0x10 [ 869.286375][ T30] ? __mutex_trylock_common+0x78/0x250 [ 869.291833][ T30] ? schedule+0x1fd/0x350 [ 869.296481][ T30] ? lock_acquire+0x2f/0xb0 [ 869.300964][ T30] ? schedule+0x1fd/0x350 [ 869.305306][ T30] schedule+0xe7/0x350 [ 869.309367][ T30] schedule_preempt_disabled+0x13/0x30 [ 869.314837][ T30] __mutex_lock+0x6bd/0xb10 [ 869.319337][ T30] ? unregister_netdevice_many_notify+0x1a51/0x21a0 [ 869.326253][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 869.331260][ T30] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 869.336575][ T30] ? __pfx___might_resched+0x10/0x10 [ 869.341867][ T30] ? unregister_netdevice_many_notify+0x959/0x21a0 [ 869.348406][ T30] ? unregister_netdevice_many_notify+0x1a51/0x21a0 [ 869.355458][ T30] unregister_netdevice_many_notify+0x1a51/0x21a0 [ 869.361881][ T30] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 869.368754][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.373521][ T30] ? lock_release+0x4e2/0x6f0 [ 869.378175][ T30] ? kernfs_remove_by_name_ns+0xc4/0x130 [ 869.384324][ T30] ? __pfx_lock_release+0x10/0x10 [ 869.389346][ T30] ? trace_irq_enable.constprop.0+0xea/0x140 [ 869.395362][ T30] unregister_netdevice_queue+0x307/0x3f0 [ 869.401073][ T30] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 869.407331][ T30] _cfg80211_unregister_wdev+0x64b/0x830 [ 869.413502][ T30] ieee80211_remove_interfaces+0x34f/0x720 [ 869.419305][ T30] ? __pfx_ieee80211_remove_interfaces+0x10/0x10 [ 869.425646][ T30] ieee80211_unregister_hw+0x55/0x3a0 [ 869.431016][ T30] hwsim_exit_net+0x3ad/0x7d0 [ 869.435733][ T30] ? __pfx_hwsim_exit_net+0x10/0x10 [ 869.440929][ T30] ? ip_vs_sync_net_cleanup+0x72/0xb0 [ 869.446627][ T30] ? __ip_vs_dev_cleanup_batch+0xb1/0x290 [ 869.452326][ T30] ? __pfx_hwsim_exit_net+0x10/0x10 [ 869.457529][ T30] ops_exit_list+0xb0/0x180 [ 869.462025][ T30] cleanup_net+0x5c6/0xbf0 [ 869.466466][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 869.471513][ T30] ? lock_acquire+0x2f/0xb0 [ 869.476361][ T30] ? process_one_work+0x921/0x1ba0 [ 869.481456][ T30] process_one_work+0x9c5/0x1ba0 [ 869.486404][ T30] ? __pfx_process_one_work+0x10/0x10 [ 869.491767][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.496536][ T30] ? assign_work+0x1a0/0x250 [ 869.501124][ T30] worker_thread+0x6c8/0xf00 [ 869.506224][ T30] ? __kthread_parkme+0x148/0x220 [ 869.511241][ T30] ? __pfx_worker_thread+0x10/0x10 [ 869.516420][ T30] kthread+0x3af/0x750 [ 869.520487][ T30] ? __pfx_kthread+0x10/0x10 [ 869.525207][ T30] ? lock_acquire+0x2f/0xb0 [ 869.529717][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.535849][ T30] ? __pfx_kthread+0x10/0x10 [ 869.540425][ T30] ret_from_fork+0x45/0x80 [ 869.544945][ T30] ? __pfx_kthread+0x10/0x10 [ 869.549531][ T30] ret_from_fork_asm+0x1a/0x30 [ 869.554346][ T30] [ 869.557377][ T30] INFO: task syz-executor:15988 blocked for more than 144 seconds. [ 869.566292][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 869.573870][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 869.582530][ T30] task:syz-executor state:D stack:24456 pid:15988 tgid:15988 ppid:1 flags:0x00004006 [ 869.592742][ T30] Call Trace: [ 869.596900][ T30] [ 869.599819][ T30] __schedule+0x1142/0x5b60 [ 869.604353][ T30] ? __pfx___schedule+0x10/0x10 [ 869.609206][ T30] ? lock_release+0x4e2/0x6f0 [ 869.613981][ T30] ? schedule+0x298/0x350 [ 869.618312][ T30] ? __pfx_lock_release+0x10/0x10 [ 869.624336][ T30] ? __mutex_trylock_common+0x78/0x250 [ 869.629783][ T30] ? schedule+0x1fd/0x350 [ 869.634150][ T30] ? lock_acquire+0x2f/0xb0 [ 869.638651][ T30] ? schedule+0x1fd/0x350 [ 869.642989][ T30] schedule+0xe7/0x350 [ 869.647052][ T30] schedule_preempt_disabled+0x13/0x30 [ 869.652486][ T30] __mutex_lock+0x6bd/0xb10 [ 869.657841][ T30] ? nsim_destroy+0x9d/0x710 [ 869.662643][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 869.667701][ T30] ? __pfx_lock_release+0x10/0x10 [ 869.672724][ T30] ? simple_release_fs+0x21/0xc0 [ 869.677975][ T30] ? nsim_destroy+0x9d/0x710 [ 869.682657][ T30] ? rtnl_lock+0x9/0x20 [ 869.687646][ T30] nsim_destroy+0x9d/0x710 [ 869.692046][ T30] ? kfree+0x14f/0x4b0 [ 869.696131][ T30] __nsim_dev_port_del+0x189/0x240 [ 869.701240][ T30] nsim_dev_reload_destroy+0x108/0x4d0 [ 869.706722][ T30] nsim_drv_remove+0x52/0x1d0 [ 869.711414][ T30] ? __pfx_nsim_bus_remove+0x10/0x10 [ 869.718233][ T30] device_remove+0xc8/0x170 [ 869.722748][ T30] device_release_driver_internal+0x44a/0x610 [ 869.728831][ T30] bus_remove_device+0x22f/0x420 [ 869.733856][ T30] device_del+0x396/0x9f0 [ 869.738168][ T30] ? __pfx_device_del+0x10/0x10 [ 869.744507][ T30] device_unregister+0x1d/0xc0 [ 869.749269][ T30] del_device_store+0x346/0x4b0 [ 869.754147][ T30] ? __pfx_del_device_store+0x10/0x10 [ 869.759511][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.764544][ T30] ? trace_lock_acquire+0x14e/0x1f0 [ 869.769740][ T30] ? kernfs_fop_write_iter+0x29e/0x500 [ 869.776280][ T30] ? __pfx_del_device_store+0x10/0x10 [ 869.781634][ T30] bus_attr_store+0x71/0xb0 [ 869.786138][ T30] ? __pfx_bus_attr_store+0x10/0x10 [ 869.791334][ T30] sysfs_kf_write+0x117/0x170 [ 869.796054][ T30] kernfs_fop_write_iter+0x33d/0x500 [ 869.801340][ T30] ? __pfx_sysfs_kf_write+0x10/0x10 [ 869.807356][ T30] vfs_write+0x5ae/0x1150 [ 869.811669][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 869.817490][ T30] ? __pfx_vfs_write+0x10/0x10 [ 869.822265][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 869.827477][ T30] ksys_write+0x12b/0x250 [ 869.831804][ T30] ? __pfx_ksys_write+0x10/0x10 [ 869.838256][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.843153][ T30] ? rcu_is_watching+0x12/0xc0 [ 869.847924][ T30] do_syscall_64+0xcd/0x250 [ 869.852429][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.858376][ T30] RIP: 0033:0x7f3e9758b7df [ 869.864283][ T30] RSP: 002b:00007ffef4575df0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 869.873005][ T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f3e9758b7df [ 869.881177][ T30] RDX: 0000000000000001 RSI: 00007ffef4575e40 RDI: 0000000000000005 [ 869.889180][ T30] RBP: 00007f3e9760f4ad R08: 0000000000000000 R09: 00007ffef4575c47 [ 869.897902][ T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 869.905883][ T30] R13: 00007ffef4575e40 R14: 00007f3e982d4620 R15: 0000000000000003 [ 869.913920][ T30] [ 869.916938][ T30] INFO: task syz.2.2839:16037 blocked for more than 144 seconds. [ 869.925525][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 869.932819][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 869.941468][ T30] task:syz.2.2839 state:D stack:27528 pid:16037 tgid:16032 ppid:5827 flags:0x00004004 [ 869.951640][ T30] Call Trace: [ 869.955767][ T30] [ 869.958694][ T30] __schedule+0x1142/0x5b60 [ 869.963830][ T30] ? __pfx___schedule+0x10/0x10 [ 869.968697][ T30] ? __pfx___schedule+0x10/0x10 [ 869.973589][ T30] ? lock_release+0x4e2/0x6f0 [ 869.978262][ T30] ? schedule+0x298/0x350 [ 869.982629][ T30] ? __pfx_lock_release+0x10/0x10 [ 869.987706][ T30] ? __mutex_trylock_common+0x78/0x250 [ 869.993471][ T30] ? schedule+0x1fd/0x350 [ 869.997789][ T30] ? lock_acquire+0x2f/0xb0 [ 870.002267][ T30] ? schedule+0x1fd/0x350 [ 870.006603][ T30] schedule+0xe7/0x350 [ 870.010669][ T30] schedule_preempt_disabled+0x13/0x30 [ 870.016143][ T30] __mutex_lock+0x6bd/0xb10 [ 870.020655][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 870.026117][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 870.031141][ T30] ? trace_irq_enable.constprop.0+0xea/0x140 [ 870.037151][ T30] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 870.042985][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.047741][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 870.053206][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 870.058133][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 870.063613][ T30] netlink_rcv_skb+0x16b/0x440 [ 870.068376][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 870.073903][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 870.079194][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.084564][ T30] netlink_unicast+0x53c/0x7f0 [ 870.089338][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 870.094660][ T30] netlink_sendmsg+0x8b8/0xd70 [ 870.099423][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 870.104727][ T30] ____sys_sendmsg+0xaaf/0xc90 [ 870.109486][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 870.115276][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 870.120541][ T30] ? try_to_wake_up+0x953/0x1490 [ 870.125496][ T30] ___sys_sendmsg+0x135/0x1e0 [ 870.130172][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 870.135379][ T30] ? __pfx_lock_release+0x10/0x10 [ 870.140399][ T30] ? trace_lock_acquire+0x14e/0x1f0 [ 870.145921][ T30] ? __fget_files+0x206/0x3a0 [ 870.150581][ T30] __sys_sendmsg+0x16e/0x220 [ 870.155212][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 870.160316][ T30] ? __x64_sys_futex+0x1e1/0x4c0 [ 870.165274][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.170034][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.175122][ T30] do_syscall_64+0xcd/0x250 [ 870.179609][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 870.185625][ T30] RIP: 0033:0x7fb5bbf8cd29 [ 870.190026][ T30] RSP: 002b:00007fb5bcd76038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 870.198454][ T30] RAX: ffffffffffffffda RBX: 00007fb5bc1a6160 RCX: 00007fb5bbf8cd29 [ 870.206926][ T30] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 870.214920][ T30] RBP: 00007fb5bc00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 870.222916][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 870.230875][ T30] R13: 0000000000000000 R14: 00007fb5bc1a6160 R15: 00007ffebc7e77a8 [ 870.239419][ T30] [ 870.242444][ T30] INFO: task syz.0.2840:16066 blocked for more than 145 seconds. [ 870.250277][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 870.258319][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 870.266989][ T30] task:syz.0.2840 state:D stack:27880 pid:16066 tgid:16039 ppid:5831 flags:0x00004006 [ 870.277435][ T30] Call Trace: [ 870.280710][ T30] [ 870.284533][ T30] __schedule+0x1142/0x5b60 [ 870.289178][ T30] ? stack_trace_save+0x95/0xd0 [ 870.294119][ T30] ? __kasan_record_aux_stack+0xba/0xd0 [ 870.299664][ T30] ? __call_rcu_common.constprop.0+0x9a/0x870 [ 870.305742][ T30] ? kmem_cache_free+0x31d/0x4c0 [ 870.310678][ T30] ? do_group_exit+0xd3/0x2a0 [ 870.317156][ T30] ? __pfx___schedule+0x10/0x10 [ 870.322016][ T30] ? lock_release+0x4e2/0x6f0 [ 870.327000][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.333445][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.339728][ T30] ? schedule+0x298/0x350 [ 870.344123][ T30] ? __pfx_lock_release+0x10/0x10 [ 870.349150][ T30] ? __mutex_trylock_common+0x78/0x250 [ 870.355181][ T30] ? schedule+0x1fd/0x350 [ 870.359514][ T30] ? lock_acquire+0x2f/0xb0 [ 870.364346][ T30] ? schedule+0x1fd/0x350 [ 870.368656][ T30] schedule+0xe7/0x350 [ 870.372699][ T30] schedule_preempt_disabled+0x13/0x30 [ 870.378191][ T30] __mutex_lock+0x6bd/0xb10 [ 870.382694][ T30] ? tun_chr_close+0x38/0x230 [ 870.387384][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 870.392461][ T30] ? locks_remove_file+0x393/0x5a0 [ 870.397940][ T30] ? __pfx_locks_remove_file+0x10/0x10 [ 870.403595][ T30] ? __pfx_tun_chr_close+0x10/0x10 [ 870.408702][ T30] ? tun_chr_close+0x38/0x230 [ 870.413976][ T30] ? rtnl_lock+0x9/0x20 [ 870.418130][ T30] tun_chr_close+0x38/0x230 [ 870.422608][ T30] __fput+0x3ff/0xb70 [ 870.426970][ T30] task_work_run+0x14e/0x250 [ 870.431560][ T30] ? __pfx_task_work_run+0x10/0x10 [ 870.436720][ T30] do_exit+0xad8/0x2d70 [ 870.440869][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.445655][ T30] ? lock_release+0x4e2/0x6f0 [ 870.450337][ T30] ? get_signal+0x8f7/0x26c0 [ 870.455472][ T30] ? __pfx_do_exit+0x10/0x10 [ 870.460064][ T30] ? do_raw_spin_lock+0x12d/0x2c0 [ 870.465551][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 870.470917][ T30] do_group_exit+0xd3/0x2a0 [ 870.475465][ T30] get_signal+0x24ed/0x26c0 [ 870.479972][ T30] ? __pfx_get_signal+0x10/0x10 [ 870.485138][ T30] ? __pfx_do_futex+0x10/0x10 [ 870.489796][ T30] arch_do_signal_or_restart+0x90/0x7e0 [ 870.495445][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 870.501597][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.506370][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.511125][ T30] syscall_exit_to_user_mode+0x150/0x2a0 [ 870.517092][ T30] do_syscall_64+0xda/0x250 [ 870.521591][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 870.527515][ T30] RIP: 0033:0x7fe57ad8cd29 [ 870.531920][ T30] RSP: 002b:00007fe57bbf00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 870.540336][ T30] RAX: fffffffffffffe00 RBX: 00007fe57afa6168 RCX: 00007fe57ad8cd29 [ 870.548567][ T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe57afa6168 [ 870.556543][ T30] RBP: 00007fe57afa6160 R08: 0000000000000000 R09: 0000000000000000 [ 870.564524][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe57afa616c [ 870.572466][ T30] R13: 0000000000000000 R14: 00007fff4c8f3d20 R15: 00007fff4c8f3e08 [ 870.580967][ T30] [ 870.584024][ T30] INFO: task syz.4.2847:16060 blocked for more than 145 seconds. [ 870.591728][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 870.599127][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 870.608300][ T30] task:syz.4.2847 state:D stack:28920 pid:16060 tgid:16059 ppid:5823 flags:0x00000004 [ 870.618506][ T30] Call Trace: [ 870.621769][ T30] [ 870.624710][ T30] __schedule+0x1142/0x5b60 [ 870.629210][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.634290][ T30] ? lock_release+0x4e2/0x6f0 [ 870.638949][ T30] ? __pfx_lock_release+0x10/0x10 [ 870.643986][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.648743][ T30] ? __pfx___schedule+0x10/0x10 [ 870.653598][ T30] ? lock_release+0x4e2/0x6f0 [ 870.658272][ T30] ? schedule+0x298/0x350 [ 870.662582][ T30] ? __pfx_lock_release+0x10/0x10 [ 870.667959][ T30] ? __mutex_trylock_common+0x78/0x250 [ 870.673446][ T30] ? schedule+0x1fd/0x350 [ 870.677776][ T30] ? lock_acquire+0x2f/0xb0 [ 870.682255][ T30] ? schedule+0x1fd/0x350 [ 870.686606][ T30] schedule+0xe7/0x350 [ 870.690671][ T30] schedule_preempt_disabled+0x13/0x30 [ 870.696453][ T30] __mutex_lock+0x6bd/0xb10 [ 870.701000][ T30] ? cred_has_capability.isra.0+0x192/0x2f0 [ 870.706917][ T30] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 870.713189][ T30] ? ip_rt_ioctl+0xfd/0x15e0 [ 870.717786][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 870.723340][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.728114][ T30] ? bpf_lsm_capable+0x9/0x10 [ 870.732851][ T30] ? security_capable+0x7e/0x260 [ 870.737791][ T30] ? ip_rt_ioctl+0xfd/0x15e0 [ 870.742360][ T30] ip_rt_ioctl+0xfd/0x15e0 [ 870.746791][ T30] ? __pfx_ip_rt_ioctl+0x10/0x10 [ 870.751724][ T30] ? lock_release+0x4e2/0x6f0 [ 870.756825][ T30] ? __might_fault+0xe3/0x190 [ 870.761484][ T30] inet_ioctl+0x347/0x3f0 [ 870.765842][ T30] ? __pfx_inet_ioctl+0x10/0x10 [ 870.770697][ T30] ? tomoyo_path_number_perm+0x190/0x590 [ 870.776335][ T30] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 870.782227][ T30] sock_do_ioctl+0x116/0x280 [ 870.787164][ T30] ? __pfx_sock_do_ioctl+0x10/0x10 [ 870.792255][ T30] ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450 [ 870.798774][ T30] ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450 [ 870.805343][ T30] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 870.812168][ T30] sock_ioctl+0x228/0x6c0 [ 870.816840][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 870.821674][ T30] ? selinux_file_ioctl+0x180/0x270 [ 870.826884][ T30] ? selinux_file_ioctl+0xb4/0x270 [ 870.831987][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 870.836854][ T30] __x64_sys_ioctl+0x190/0x200 [ 870.841620][ T30] do_syscall_64+0xcd/0x250 [ 870.846633][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 870.852531][ T30] RIP: 0033:0x7f49bff8cd29 [ 870.856954][ T30] RSP: 002b:00007f49c0d5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 870.865379][ T30] RAX: ffffffffffffffda RBX: 00007f49c01a5fa0 RCX: 00007f49bff8cd29 [ 870.873872][ T30] RDX: 0000000020000000 RSI: 000000000000890b RDI: 0000000000000006 [ 870.881932][ T30] RBP: 00007f49c000e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 870.889928][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 870.897906][ T30] R13: 0000000000000000 R14: 00007f49c01a5fa0 R15: 00007ffd92ccb518 [ 870.906256][ T30] [ 870.909262][ T30] INFO: task syz.4.2847:16061 blocked for more than 145 seconds. [ 870.917219][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 870.924627][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 870.933470][ T30] task:syz.4.2847 state:D stack:28328 pid:16061 tgid:16059 ppid:5823 flags:0x00000004 [ 870.944334][ T30] Call Trace: [ 870.947604][ T30] [ 870.950508][ T30] __schedule+0x1142/0x5b60 [ 870.955431][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.960199][ T30] ? lock_release+0x4e2/0x6f0 [ 870.964888][ T30] ? __pfx_lock_release+0x10/0x10 [ 870.969908][ T30] ? rcu_is_watching+0x12/0xc0 [ 870.975222][ T30] ? __pfx___schedule+0x10/0x10 [ 870.980070][ T30] ? lock_release+0x4e2/0x6f0 [ 870.984758][ T30] ? schedule+0x298/0x350 [ 870.989080][ T30] ? __pfx_lock_release+0x10/0x10 [ 870.994109][ T30] ? __mutex_trylock_common+0x78/0x250 [ 870.999564][ T30] ? schedule+0x1fd/0x350 [ 871.004409][ T30] ? lock_acquire+0x2f/0xb0 [ 871.008970][ T30] ? schedule+0x1fd/0x350 [ 871.013325][ T30] schedule+0xe7/0x350 [ 871.017390][ T30] schedule_preempt_disabled+0x13/0x30 [ 871.022856][ T30] __mutex_lock+0x6bd/0xb10 [ 871.027358][ T30] ? cred_has_capability.isra.0+0x192/0x2f0 [ 871.033789][ T30] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 871.040032][ T30] ? ip_rt_ioctl+0xfd/0x15e0 [ 871.044654][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 871.049675][ T30] ? rcu_is_watching+0x12/0xc0 [ 871.054443][ T30] ? bpf_lsm_capable+0x9/0x10 [ 871.059113][ T30] ? security_capable+0x7e/0x260 [ 871.064565][ T30] ? ip_rt_ioctl+0xfd/0x15e0 [ 871.069163][ T30] ip_rt_ioctl+0xfd/0x15e0 [ 871.073614][ T30] ? __pfx_ip_rt_ioctl+0x10/0x10 [ 871.078555][ T30] ? lock_release+0x4e2/0x6f0 [ 871.083270][ T30] ? __might_fault+0xe3/0x190 [ 871.087944][ T30] inet_ioctl+0x347/0x3f0 [ 871.092250][ T30] ? __pfx_inet_ioctl+0x10/0x10 [ 871.097457][ T30] ? tomoyo_path_number_perm+0x190/0x590 [ 871.103114][ T30] ? do_raw_spin_unlock+0x104/0x230 [ 871.108362][ T30] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 871.114276][ T30] sock_do_ioctl+0x116/0x280 [ 871.118859][ T30] ? __pfx_sock_do_ioctl+0x10/0x10 [ 871.124472][ T30] ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450 [ 871.130971][ T30] ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450 [ 871.137484][ T30] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 871.144344][ T30] sock_ioctl+0x228/0x6c0 [ 871.148666][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 871.154035][ T30] ? selinux_file_ioctl+0x180/0x270 [ 871.159227][ T30] ? selinux_file_ioctl+0xb4/0x270 [ 871.164347][ T30] ? __pfx_sock_ioctl+0x10/0x10 [ 871.169192][ T30] __x64_sys_ioctl+0x190/0x200 [ 871.173973][ T30] do_syscall_64+0xcd/0x250 [ 871.178483][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.184789][ T30] RIP: 0033:0x7f49bff8cd29 [ 871.189180][ T30] RSP: 002b:00007f49c0d3a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 871.197620][ T30] RAX: ffffffffffffffda RBX: 00007f49c01a6080 RCX: 00007f49bff8cd29 [ 871.205615][ T30] RDX: 0000000020000000 RSI: 000000000000890c RDI: 0000000000000007 [ 871.214202][ T30] RBP: 00007f49c000e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 871.222173][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 871.230156][ T30] R13: 0000000000000000 R14: 00007f49c01a6080 R15: 00007ffd92ccb518 [ 871.238138][ T30] [ 871.241139][ T30] INFO: task syz.3.2854:16085 blocked for more than 146 seconds. [ 871.249231][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 871.256518][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 871.265182][ T30] task:syz.3.2854 state:D stack:27384 pid:16085 tgid:16084 ppid:5821 flags:0x00000004 [ 871.275846][ T30] Call Trace: [ 871.279113][ T30] [ 871.282024][ T30] __schedule+0x1142/0x5b60 [ 871.286547][ T30] ? __pfx___schedule+0x10/0x10 [ 871.291394][ T30] ? lock_release+0x4e2/0x6f0 [ 871.296084][ T30] ? schedule+0x298/0x350 [ 871.300412][ T30] ? __pfx_lock_release+0x10/0x10 [ 871.305762][ T30] ? __mutex_trylock_common+0x78/0x250 [ 871.311202][ T30] ? schedule+0x1fd/0x350 [ 871.315626][ T30] ? lock_acquire+0x2f/0xb0 [ 871.320147][ T30] ? schedule+0x1fd/0x350 [ 871.324519][ T30] schedule+0xe7/0x350 [ 871.328584][ T30] schedule_preempt_disabled+0x13/0x30 [ 871.334541][ T30] __mutex_lock+0x6bd/0xb10 [ 871.339052][ T30] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 871.345324][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 871.350436][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 871.355631][ T30] ? rcu_is_watching+0x12/0xc0 [ 871.360391][ T30] ? lock_release+0x4e2/0x6f0 [ 871.365385][ T30] ? trace_lock_acquire+0x14e/0x1f0 [ 871.370562][ T30] ? bpf_lsm_capable+0x9/0x10 [ 871.375244][ T30] ? security_capable+0x7e/0x260 [ 871.380180][ T30] ? rtnetlink_rcv_msg+0x205/0xea0 [ 871.385323][ T30] ? rtnetlink_rcv_msg+0x372/0xea0 [ 871.390433][ T30] rtnetlink_rcv_msg+0x372/0xea0 [ 871.395884][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 871.401349][ T30] netlink_rcv_skb+0x16b/0x440 [ 871.406129][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 871.411586][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 871.416966][ T30] ? lock_release+0x4e2/0x6f0 [ 871.421646][ T30] ? netlink_deliver_tap+0x1ae/0xd30 [ 871.427286][ T30] netlink_unicast+0x53c/0x7f0 [ 871.432033][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 871.437331][ T30] netlink_sendmsg+0x8b8/0xd70 [ 871.442112][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 871.447422][ T30] __sys_sendto+0x488/0x4f0 [ 871.451926][ T30] ? __pfx___sys_sendto+0x10/0x10 [ 871.457466][ T30] ? lock_acquire+0x2f/0xb0 [ 871.461974][ T30] ? fd_install+0xba/0x750 [ 871.466421][ T30] ? xfd_validate_state+0x5d/0x180 [ 871.471527][ T30] ? rcu_is_watching+0x12/0xc0 [ 871.476304][ T30] __x64_sys_sendto+0xe0/0x1c0 [ 871.481064][ T30] ? trace_irq_enable.constprop.0+0xea/0x140 [ 871.487382][ T30] do_syscall_64+0xcd/0x250 [ 871.491884][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.497806][ T30] RIP: 0033:0x7f534bb8cd29 [ 871.502212][ T30] RSP: 002b:00007f534c9b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 871.510637][ T30] RAX: ffffffffffffffda RBX: 00007f534bda5fa0 RCX: 00007f534bb8cd29 [ 871.518917][ T30] RDX: 0000000000000078 RSI: 00000000200007c0 RDI: 000000000000000b [ 871.526895][ T30] RBP: 00007f534bc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 871.534881][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 871.543384][ T30] R13: 0000000000000000 R14: 00007f534bda5fa0 R15: 00007ffc90172208 [ 871.551353][ T30] [ 871.554394][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 871.563434][ T30] INFO: task syz.3.2854:16086 blocked for more than 146 seconds. [ 871.571153][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 871.578905][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 871.587585][ T30] task:syz.3.2854 state:D stack:27464 pid:16086 tgid:16084 ppid:5821 flags:0x00004004 [ 871.597811][ T30] Call Trace: [ 871.601169][ T30] [ 871.604553][ T30] __schedule+0x1142/0x5b60 [ 871.609049][ T30] ? __pfx_lock_unpin_lock+0x10/0x10 [ 871.614370][ T30] ? __pfx___schedule+0x10/0x10 [ 871.619309][ T30] ? lock_release+0x4e2/0x6f0 [ 871.624018][ T30] ? schedule+0x298/0x350 [ 871.628342][ T30] ? __pfx_lock_release+0x10/0x10 [ 871.633871][ T30] ? schedule+0x1fd/0x350 [ 871.638198][ T30] ? lock_acquire+0x2f/0xb0 [ 871.642677][ T30] ? schedule+0x1fd/0x350 [ 871.647017][ T30] schedule+0xe7/0x350 [ 871.651079][ T30] schedule_preempt_disabled+0x13/0x30 [ 871.656550][ T30] __mutex_lock+0x6bd/0xb10 [ 871.661053][ T30] ? rtnl_newlink+0x5d9/0x1d60 [ 871.666142][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 871.671153][ T30] ? rtnl_link_get_net_capable.constprop.0+0x12d/0x370 [ 871.678018][ T30] ? rtnl_newlink+0x5d9/0x1d60 [ 871.682848][ T30] rtnl_newlink+0x5d9/0x1d60 [ 871.687456][ T30] ? __sanitizer_cov_trace_pc+0x66/0x70 [ 871.693597][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 871.698636][ T30] ? avc_has_perm_noaudit+0x143/0x3a0 [ 871.704054][ T30] ? cred_has_capability.isra.0+0x192/0x2f0 [ 871.709944][ T30] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 871.716201][ T30] ? rcu_is_watching+0x12/0xc0 [ 871.720961][ T30] ? rcu_is_watching+0x12/0xc0 [ 871.726095][ T30] ? lock_release+0x4e2/0x6f0 [ 871.730757][ T30] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 871.735898][ T30] ? __pfx_lock_release+0x10/0x10 [ 871.740919][ T30] ? trace_lock_acquire+0x14e/0x1f0 [ 871.746131][ T30] ? bpf_lsm_capable+0x9/0x10 [ 871.750819][ T30] ? security_capable+0x7e/0x260 [ 871.756139][ T30] ? rtnetlink_rcv_msg+0x205/0xea0 [ 871.761238][ T30] ? lock_acquire+0x2f/0xb0 [ 871.765906][ T30] ? rtnetlink_rcv_msg+0x205/0xea0 [ 871.771023][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 871.776076][ T30] rtnetlink_rcv_msg+0x95b/0xea0 [ 871.781012][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 871.786801][ T30] ? __pfx___schedule+0x10/0x10 [ 871.791652][ T30] netlink_rcv_skb+0x16b/0x440 [ 871.796442][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 871.801987][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 871.807296][ T30] ? rcu_is_watching+0x12/0xc0 [ 871.812074][ T30] netlink_unicast+0x53c/0x7f0 [ 871.817172][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 871.822456][ T30] netlink_sendmsg+0x8b8/0xd70 [ 871.827389][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 871.832689][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 871.838026][ T30] ____sys_sendmsg+0xaaf/0xc90 [ 871.843391][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 871.848873][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 871.854204][ T30] ___sys_sendmsg+0x135/0x1e0 [ 871.858884][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 871.864118][ T30] ? __fget_files+0x206/0x3a0 [ 871.868796][ T30] __sys_sendmsg+0x16e/0x220 [ 871.873890][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 871.878992][ T30] ? rcu_is_watching+0x12/0xc0 [ 871.883771][ T30] do_syscall_64+0xcd/0x250 [ 871.888274][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.894183][ T30] RIP: 0033:0x7f534bb8cd29 [ 871.898587][ T30] RSP: 002b:00007f534c995038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 871.907389][ T30] RAX: ffffffffffffffda RBX: 00007f534bda6080 RCX: 00007f534bb8cd29 [ 871.915399][ T30] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000006 [ 871.923386][ T30] RBP: 00007f534bc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 871.931403][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 871.939739][ T30] R13: 0000000000000000 R14: 00007f534bda6080 R15: 00007ffc90172208 [ 871.947742][ T30] [ 871.950749][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 871.959781][ T30] INFO: task syz.3.2854:16090 blocked for more than 146 seconds. [ 871.967991][ T30] Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 871.975312][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 871.984010][ T30] task:syz.3.2854 state:D stack:27664 pid:16090 tgid:16084 ppid:5821 flags:0x00004004 [ 871.994526][ T30] Call Trace: [ 871.997787][ T30] [ 872.000692][ T30] __schedule+0x1142/0x5b60 [ 872.005222][ T30] ? __pfx___schedule+0x10/0x10 [ 872.010068][ T30] ? lock_release+0x4e2/0x6f0 [ 872.014790][ T30] ? schedule+0x298/0x350 [ 872.019119][ T30] ? __pfx_lock_release+0x10/0x10 [ 872.024670][ T30] ? schedule+0x1fd/0x350 [ 872.029058][ T30] ? lock_acquire+0x2f/0xb0 [ 872.033579][ T30] ? schedule+0x1fd/0x350 [ 872.037903][ T30] schedule+0xe7/0x350 [ 872.041949][ T30] schedule_preempt_disabled+0x13/0x30 [ 872.047422][ T30] __mutex_lock+0x6bd/0xb10 [ 872.051924][ T30] ? rcu_is_watching+0x12/0xc0 [ 872.057042][ T30] ? rtnl_newlink+0x5d9/0x1d60 [ 872.061792][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 872.066835][ T30] ? cap_capable+0xb3/0x250 [ 872.071339][ T30] ? ns_capable+0xd7/0x110 [ 872.075838][ T30] ? rtnl_newlink+0x5d9/0x1d60 [ 872.080607][ T30] rtnl_newlink+0x5d9/0x1d60 [ 872.085538][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 872.090546][ T30] ? trace_irq_enable.constprop.0+0xea/0x140 [ 872.096563][ T30] ? lock_release+0x4e2/0x6f0 [ 872.101236][ T30] ? rcu_preempt_deferred_qs_irqrestore+0x502/0xbd0 [ 872.107850][ T30] ? __pfx_lock_release+0x10/0x10 [ 872.113410][ T30] ? do_raw_spin_lock+0x12d/0x2c0 [ 872.118434][ T30] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 872.123840][ T30] ? rcu_is_watching+0x12/0xc0 [ 872.128595][ T30] ? trace_irq_enable.constprop.0+0xea/0x140 [ 872.134679][ T30] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 872.140482][ T30] ? rcu_preempt_deferred_qs_irqrestore+0x502/0xbd0 [ 872.147435][ T30] ? rcu_is_watching+0x12/0xc0 [ 872.152177][ T30] ? __pfx_rtnl_newlink+0x10/0x10 [ 872.157236][ T30] rtnetlink_rcv_msg+0x95b/0xea0 [ 872.162175][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 872.167660][ T30] ? netlink_rcv_skb+0x10d/0x440 [ 872.172598][ T30] netlink_rcv_skb+0x16b/0x440 [ 872.177675][ T30] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 872.183155][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 872.188446][ T30] ? rcu_is_watching+0x12/0xc0 [ 872.193227][ T30] netlink_unicast+0x53c/0x7f0 [ 872.197989][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 872.203613][ T30] netlink_sendmsg+0x8b8/0xd70 [ 872.208360][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 872.213670][ T30] ? ____sys_sendmsg+0x600/0xc90 [ 872.218602][ T30] ____sys_sendmsg+0xaaf/0xc90 [ 872.223372][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 872.228833][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 872.234733][ T30] ? __schedule+0x3db1/0x5b60 [ 872.239410][ T30] ___sys_sendmsg+0x135/0x1e0 [ 872.244658][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 872.249869][ T30] ? __pfx___schedule+0x10/0x10 [ 872.255417][ T30] ? fdget+0x176/0x210 [ 872.259491][ T30] __sys_sendmsg+0x16e/0x220 [ 872.264283][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 872.269385][ T30] ? __pfx___schedule+0x10/0x10 [ 872.274633][ T30] ? rcu_is_watching+0x12/0xc0 [ 872.279380][ T30] ? rcu_is_watching+0x12/0xc0 [ 872.284849][ T30] do_syscall_64+0xcd/0x250 [ 872.289355][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 872.295507][ T30] RIP: 0033:0x7f534bb8cd29 [ 872.299914][ T30] RSP: 002b:00007f534c953038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 872.308714][ T30] RAX: ffffffffffffffda RBX: 00007f534bda6240 RCX: 00007f534bb8cd29 [ 872.317527][ T30] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000008 [ 872.325792][ T30] RBP: 00007f534bc0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 872.334131][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 872.342249][ T30] R13: 0000000000000001 R14: 00007f534bda6240 R15: 00007ffc90172208 [ 872.350821][ T30] [ 872.353842][ T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings [ 872.363365][ T30] INFO: lockdep is turned off. [ 872.368120][ T30] NMI backtrace for cpu 0 [ 872.368127][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 872.368139][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 872.368146][ T30] Call Trace: [ 872.368149][ T30] [ 872.368154][ T30] dump_stack_lvl+0x116/0x1f0 [ 872.368172][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 872.368185][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 872.368200][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 872.368213][ T30] watchdog+0xf14/0x1240 [ 872.368230][ T30] ? __pfx_watchdog+0x10/0x10 [ 872.368245][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 872.368260][ T30] ? __kthread_parkme+0x148/0x220 [ 872.368271][ T30] ? __pfx_watchdog+0x10/0x10 [ 872.368286][ T30] kthread+0x3af/0x750 [ 872.368298][ T30] ? __pfx_kthread+0x10/0x10 [ 872.368312][ T30] ? __pfx_kthread+0x10/0x10 [ 872.368324][ T30] ret_from_fork+0x45/0x80 [ 872.368337][ T30] ? __pfx_kthread+0x10/0x10 [ 872.368349][ T30] ret_from_fork_asm+0x1a/0x30 [ 872.368364][ T30] [ 872.368368][ T30] Sending NMI from CPU 0 to CPUs 1: [ 872.484230][ C1] NMI backtrace for cpu 1 [ 872.484241][ C1] CPU: 1 UID: 0 PID: 11990 Comm: kworker/u8:16 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 872.484260][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 872.484271][ C1] Workqueue: bat_events batadv_nc_worker [ 872.484299][ C1] RIP: 0010:rcu_is_watching+0x5/0xc0 [ 872.484317][ C1] Code: 01 54 03 e9 51 ff ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 <53> 65 ff 05 0b 54 64 7e e8 ee f5 b5 09 48 c7 c3 e8 7b 03 00 83 f8 [ 872.484332][ C1] RSP: 0018:ffffc90003dbfa88 EFLAGS: 00000247 [ 872.484345][ C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff8195c1bc [ 872.484354][ C1] RDX: fffffbfff20c4763 RSI: 0000000000000008 RDI: ffffffff90623b10 [ 872.484365][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff20c4762 [ 872.484375][ C1] R10: ffffffff90623b17 R11: ffffffff818bacde R12: 0000000000000000 [ 872.484386][ C1] R13: 000000000003d8cc R14: 0000000000000000 R15: 0000000000000000 [ 872.484395][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 872.484411][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 872.484421][ C1] CR2: 000055912467a060 CR3: 000000000df80000 CR4: 00000000003526f0 [ 872.484432][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 872.484441][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 872.484450][ C1] Call Trace: [ 872.484456][ C1] [ 872.484463][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 872.484481][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 872.484502][ C1] ? nmi_handle+0x1ac/0x5d0 [ 872.484523][ C1] ? rcu_is_watching+0x5/0xc0 [ 872.484539][ C1] ? default_do_nmi+0x6a/0x160 [ 872.484556][ C1] ? exc_nmi+0x170/0x1e0 [ 872.484571][ C1] ? end_repeat_nmi+0xf/0x53 [ 872.484595][ C1] ? select_task_rq_fair+0x36e/0x44f0 [ 872.484611][ C1] ? trace_lock_acquire+0x3c/0x1f0 [ 872.484630][ C1] ? rcu_is_watching+0x5/0xc0 [ 872.484645][ C1] ? rcu_is_watching+0x5/0xc0 [ 872.484662][ C1] ? rcu_is_watching+0x5/0xc0 [ 872.484677][ C1] [ 872.484682][ C1] [ 872.484688][ C1] trace_lock_acquire+0x14e/0x1f0 [ 872.484704][ C1] ? debug_object_deactivate+0x1ef/0x370 [ 872.484728][ C1] ? batadv_nc_worker+0x164/0x1060 [ 872.484750][ C1] lock_acquire+0x2f/0xb0 [ 872.484770][ C1] ? batadv_nc_worker+0x164/0x1060 [ 872.484793][ C1] batadv_nc_worker+0x16a/0x1060 [ 872.484815][ C1] ? batadv_nc_worker+0x164/0x1060 [ 872.484840][ C1] ? __pfx_batadv_nc_worker+0x10/0x10 [ 872.484863][ C1] ? rcu_is_watching+0x12/0xc0 [ 872.484878][ C1] ? trace_lock_acquire+0x14e/0x1f0 [ 872.484895][ C1] ? _raw_spin_unlock+0x28/0x50 [ 872.484912][ C1] ? process_one_work+0x921/0x1ba0 [ 872.484933][ C1] ? lock_acquire+0x2f/0xb0 [ 872.484951][ C1] ? process_one_work+0x921/0x1ba0 [ 872.484972][ C1] process_one_work+0x9c5/0x1ba0 [ 872.484994][ C1] ? __pfx_batadv_nc_worker+0x10/0x10 [ 872.485016][ C1] ? __pfx_process_one_work+0x10/0x10 [ 872.485035][ C1] ? rcu_is_watching+0x12/0xc0 [ 872.485053][ C1] ? assign_work+0x1a0/0x250 [ 872.485071][ C1] worker_thread+0x6c8/0xf00 [ 872.485093][ C1] ? __kthread_parkme+0x148/0x220 [ 872.485108][ C1] ? __pfx_worker_thread+0x10/0x10 [ 872.485128][ C1] kthread+0x3af/0x750 [ 872.485146][ C1] ? __pfx_kthread+0x10/0x10 [ 872.485167][ C1] ? lock_acquire+0x2f/0xb0 [ 872.485187][ C1] ? rcu_is_watching+0x12/0xc0 [ 872.485203][ C1] ? __pfx_kthread+0x10/0x10 [ 872.485221][ C1] ret_from_fork+0x45/0x80 [ 872.485239][ C1] ? __pfx_kthread+0x10/0x10 [ 872.485257][ C1] ret_from_fork_asm+0x1a/0x30 [ 872.485278][ C1] [ 872.486255][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 872.850888][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 872.861037][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 872.871078][ T30] Call Trace: [ 872.874340][ T30] [ 872.877257][ T30] dump_stack_lvl+0x3d/0x1f0 [ 872.881848][ T30] panic+0x71d/0x800 [ 872.885730][ T30] ? __pfx_panic+0x10/0x10 [ 872.890130][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 872.895497][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 872.901464][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 872.906825][ T30] ? watchdog+0xd7e/0x1240 [ 872.911230][ T30] ? watchdog+0xd71/0x1240 [ 872.915636][ T30] watchdog+0xd8f/0x1240 [ 872.919870][ T30] ? __pfx_watchdog+0x10/0x10 [ 872.924536][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 872.929723][ T30] ? __kthread_parkme+0x148/0x220 [ 872.934731][ T30] ? __pfx_watchdog+0x10/0x10 [ 872.939397][ T30] kthread+0x3af/0x750 [ 872.943453][ T30] ? __pfx_kthread+0x10/0x10 [ 872.948029][ T30] ? __pfx_kthread+0x10/0x10 [ 872.952605][ T30] ret_from_fork+0x45/0x80 [ 872.957009][ T30] ? __pfx_kthread+0x10/0x10 [ 872.961583][ T30] ret_from_fork_asm+0x1a/0x30 [ 872.966336][ T30] [ 872.969544][ T30] Kernel Offset: disabled [ 872.973848][ T30] Rebooting in 86400 seconds..