last executing test programs: 23.152331712s ago: executing program 2 (id=4987): r0 = openat$null(0xffffff9c, &(0x7f0000000000), 0x214782, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000040)={0x2001, 0xb, 0x0, "4fe858777ded413ebd5eebd3d94d31104d1dc6a34eb44b276203989a4411b984"}) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f00000000c0)={0x0, "33a1011ac79158a72427e2e01d0bea867ab16d4c84ca61a96f0c86d1f1ad61ed6f801b14ef0008879b27fa1b4a2360ee009873ee9c7a8e35bf340449f04d00"}, 0x48, 0x0) write(r2, &(0x7f0000000340)="4100000001000a", 0x7) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r4}, 0x10) r5 = gettid() rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) rt_sigtimedwait(&(0x7f0000000040)={[0xfffffffffffffff8]}, 0x0, 0x0, 0x8) r6 = getpid() tgkill(r6, r5, 0xf) ioctl$IOMMU_DESTROY$hwpt(r0, 0x3b80, &(0x7f0000000100)={0x8}) write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12) r7 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r9, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001380)={0x2, 0xd, 0x0, 0x9, 0xf, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x6, 0x32, 0x2, 0x0, 0x0, 0xffffffff, 0x0, @in=@rand_addr=0x2000000, @in6=@private2}}, @sadb_sa={0x2, 0x1, 0x4d2, 0x4, 0x6, 0xca, 0x4, 0x40000001}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}]}, 0x78}}, 0x0) mq_timedsend(r7, &(0x7f0000000380)="5cd7e11f0b98c28ba3346eecbba7180f68456e89d26928a06c2146e9b081a7ecd20ee46f887c5b7c4b9d59638c36d8036ed82c352dc5aeef5694246f118432f8d2467aa8fac3b82113b0b514b782fb33bcd362943978b24c83ea02b4a4f105c6c54a258f2fbf00f2f40852b22c51e4c2efe8ccd9075ef4955ffbde8902e478aa2829bdbd4f4f244189eff0aed3d3fed80f2ea6cfe958a51d419546bda0849c78215b4cee279d6be6292e1261a00e2a48636a612ad58ed112561d7f9b6a028d15c11066d6ec00c2c0363965695c7f915e3c93ebb1bcce00cf215791cc59a91d497ee96d4e4e78e8c79cd4e7e2182e37e55bac9945683007b8936eb863436f54e6c72daf2b3a5c130f895bee516ca1d49167ef5dd83ec7c03936a9d3f18bce9c56330b36a02667dc2a27dbf3d091fc80e7093a3bd477367f51a0a5534582ab2846abd0fbed11f18d05f606c5e09ad649a48cbb96b20ffe4549c4c8bbbf694f320dc0da927a3bb5251276e315ff1a7c34e29592d9666bba7f852d1aa561ffd8ad01b708a4fc626d04355cbbf5187b3d92e9afcf7b6d3343e20179ca72d67dc4bf8423a7ac515b276f41ba795ed05270a1f4c864056e4e49e34e937ca0692f0ac4284f28c38e4cf56bf56a5e491f7eca50bc7ccd8bb092e7c4a97c814e8482627a39acc87a0d58ef96d289129e3e7ad24021b67a7ae66a220816514399c771bbe2243c7e32d7449a5ee926992565d63655df56deb08c346177cba0cf6e8a927354fe9bc425a1e0ed7554d2dcd63a77a78413848d4092519dbf3a1043b4d119693a356fa3ee20a137ef7414926bf007605553d3917f96654b705fcfadfbb708d166a57c6edba14bd18ae87d32b57666825f9b522e6464e363569234bdcdc681c16907f1790262e3c736cb22877d3297d8db1cd9e43ed2c2115d5bc9802a079cae35652f29777530eb65f6b12fdf295978f77b57853be6c90e74f32cbc2e02c25736663feef4352e4e3cd857e52ecdbb14ccb3101b02caec408bcbf048e84c04f67478e6398bdb00b6284e996d302158813b896752976365fe0dd867d0d03fc3174a617d0268a183d508324464a439d59c04468f9da8086616adb407a5348f67634c16f0bdb49d8cf622ad040639ca0a24d291918776e170e0bc97ac64a92fe495f003fdf2db8f0a3a645b0ff725cd00504e96e109e85750a9ef82e2cdf5ae605c461d8183bdb9f2795bf9bbbefe6759dd62ce95d9461a690b0bc1925123404502d892a688cf8acbc08d7d6e278e5ec201a972412c4e79986219d77075cd00ddbf1e87ecd4d14fc34f1754618f61c4dee552c221c6dc8674763529be6cee48798c86b756e9ff769cef21ebd742bc487ff639ccf919545fefadd369f2fc472ea5691584bcb5186538f175e886e660638997df234761a7be1fe2b8a2190b43ade617055e3014a3f38bd53fc752c5a122af640b13c68271b6eb67249baee5cdd44399c4536e522bf5fdd10b181250c4b25ab820c8e47c6e478450a09f2f528abb2d845d7f590c94cfd106b245a94aa3240124b6a67e77d846b11351b69ea8bf9688e2748b1414e12df2ae92161b0833cce4b53c9dfb320ff21b6a44fbc9294891dbaedcfe93ba7b2707de60dd9e688b9be8ca155d20e71b20278bfa9ec123f8a7c7fd3619162f4cf0b188d72e69db66d4603313f2196b6a369b33afe7015d476a96458acf30fc682858fe5eb25c73e355cbd827d9e6ba4ee3daf28255a8a4083d0ae8fe2b46fb7b37272678f6f1702fdf068185ee68fb87da77954c3f69b1edfd11bffc0f4dbfd6d7aa84d96ad2f8359d26dd935de46cfa6d01ffc86c8480c7637ae6cb4b01bab89f05273f7c81dcb289e9104dd46f711c1835899cfc60fa9dc9a9ce3006016f576efead9f390c5f74e33d680dc5d1f16ffacddfde1a167a8a663b4c8633a9e6195c1cb945951a43e294328c280328bd1c4743a06399bb4f979b3030cb2c5ab0d09be93d18490102f452b5ad3f6e850a9ceb07c3760c4147976f30d9cd124ffc76265b8be60995e6f0f9f716931823fe879d99a10abafb5f8ac631a7519576d6255daff62d6ba5ffc4a147f81320a87716d13363c0f00380b32857a36bce61b5441aa36870f17c3703ca3fb35a3f579475149a40fee96cbe700d9e250972c2394b4b2a8fe9aecfca76cce364811ed529464a4edfae97d6c141ae29ac95e947e4e3975d22ea9fae41c8465ab4b2c464561aa84cd9913279c80a58f3fe94098a87d7550aab7123e2c15e266089f27868a92d7651b650b8454f0d5afb42c73eda75e4facf0da630e0b79d39cb47604cb61b9d04c34055f37be818262ef7e0975654b21a184eb875ea8002f25350f8afa8c8f754ec89dc489c8cbd22d7132c997a1ad96ef1ba092057e46b9993e7804b8a28422739ac4185b2547d79db6ca1a82c042b794c2cb726c22e2b6e7b6d454dc885c840c8f4f1f695ee919f4f24f6a6da249f1db094415e598e1b9cf26d018bb57dd66ca59e06311475decbc876cd716fa484269d716e68c4d293d140b21822de2d70e67fda76ea0b17340c116e33b21a3d519e49ac910b0aba160c8750857ca495c7bd89e0779344b67ed22f58dff8c0e08d41cfc5cf82a3a8a811da78edfc0511624eeb56ebdad4d0be70e55c983f383e80d8fb2a2022b07aec33388e9fababd4e3e6fa97792bb1a81b171f969261066ebaa22c03bcd7d02e7101367ccb4f09736de7a3b54b18708749abc18457fa1e0037f5028bc3e8a7106ffa8ae5d9fe8bea14a64dd0d51f9ae14ba7e6191a2932a3845ee17e425cc994e9af060470ca65494b6f19afc673765ac95c9f469aa0fd9821b17de03df3f98941474d8f927cb1760fa6e026a083a5f1fd4c75c08050872ca331f88ca79b17056ed6e15b8ef06ff6411ec7a72b69c84f98c47992488ef8038a20dcad451cead0b87c04248edc2a310e8502099d958bbee36eb0f21ee732e9af6a25fad1f4ca4781be868998368d35f52782cdae3b4114b54736e3ebb036505d8dded405baa54a9ca1d5677a6d697e89cfb7a9c1f7e4f22916dfce78e78f8e6c4109e437276c79ef75cbd25af6b72016077bbd3535a0da876400cb8656d7e0c8779315d82dd9cfaea934b3fdbfa34c7788ac52440838b46b6b3d5124b3746fe5e3b4f401b5d6371a16ee4765d144cfa8489f3772bd44e2ba18a6e69bc61e176363bed125b1f3784c1dad97f64368f4ed0d3b5928d97fb6ac185b7a280d968ae40161ea46f768118b9133f50c0a78ca54dcde3a125af0947f49438303bbf49b6f8e4b7eceed98f4bd1432bedf1013c1445215cea4da0a7c7007a1fbcb6800c94ebe194468f624a75ad6dbb17ed464085555082b2be669a913493453fb07da125c9299f036730ed5e5f6f94f05cadda736dc6755bf11d2da56ad0f081995aabb1cd37b49b5ccb2faffb066654a1c7c574bf62180777bdeeb4c1eceaaca1ad74562e6cd4b40d9de48ec61ddedc88b68392fb3ce7ff0acfe983f9406cdf335fe242472b3cc75f58325e8a4f9ddfdcf885756df7b2d1fb25ef14f3aac80a86c3fff72d44b5b0e42ecb6e3f1947236a4398cff071809ea96383d240da104921543a0eaef99fe42d0eaefb136fd3478b3f7ab3132d23709e1d9b3b871ab4e1f3eadfd28365b2096dbeeda44854eb34d69043f0a893e12f2444762505c5acc5edca83473c23352c29d644cc4bd9633777cdf106f2fe5bac70de822f4cf975b020601073a4ee1b0c743ebd880f4a4c2446afe1c30233ac55afec2a7995f8841ddfece68c7138aad71aae18a575ad29ee543c6b9401fdd19df408b9568afa3854c7c052cc171f0f37542c35fa9d3a866e05850cc6de4b37c8781ed938f2345c99dfedbc5c60d88d33995f69a3a14fb813a5db388f3db1c75c459e7ad3bc87272c48c5df4995fc3b2558c2c4d671a0d0777608c5606ed928191af1d731be3bd1ac90d850203931cf037c465e7e759c19fc43661bb289642dd077a85565aee8821e7ed23dc8fe526d3ede019f4caa6b8101f640e5646c76dcededbbea9f2eb6ce97a6c8168a3c95a64c3e5bc9480fdf4510fc7d19542ae1c5c2c415310641f37bf410e07c411d1192cb1301f73b327c4a3657bd056e41888f30bb8d86a22c378a87e38066daa7ca208b2f3f380bbcc1e6752f1bf12bbdce22e887c265192f8559d06e60c15785a63451003e8e56c4361215ab1855b82ca9d1cd9deecd6a8de27a36ebb6aac5e06d4eaef9556d38989724b937ba612a22e6247e50c6f4c48491d1516e518d05b6f25d1417654e65ea12dbd8e41e3a9eabbe03b2e3477796b36c5d7224ea6ee3cd339d25a6ff70ad5f9d185a63147b4b6d1120c9d355ca57ced26b5d4c25b852ddc63b7d28a9f6dfa54cc85f06f4579bc0a1345864bd2682e7627617c5f63802a91237c11ca92a19b875ea28eb4f8806fbcd245fafc23e1a2210287665367bc85dcad5e2c173105476253b07338b939f6e308230d8ae3d8e55e75e4e11378f88c3f391fcffa921df07077c512837811f7e98e944cfa5643dd16987c44fa2632d4ee2fa4cbecc8ea0f282ccd1ae6f67c455d142b53f825dcb5039f64275cb9bfa9637b6560c5b66ccb4da06b0e6cd79bcf99cb2fe9b23cf03212ca504961e46d252cdcd4f1c696c6a71ae80358dd9f59ef39880412cc0cbd9601277a3a946ea51bdbaf557df293214c139da52f721b13d3f050c0544803872d1ac26e8481f70dc23ea54ca293cf96ba776f6112884a4f614a512711ba37db356cc690124e64ded97fbd69d1b2983a833b7e9ec209b66a6ebc13b52c2e3ead8558a227b014b6fb138cac090960e30a3a63c0c6bdc70e9052c7b9b4d9b16d8cf4cf833b9d9615491e1cb7f503277fad7e9e6f9548f069bec0fa0d17fa8da385095c59f23193eb1cda524d527a098ed641d267a844169069e1f04b5ce61efd2d0a47e86ddb21aa084e5f89c65b726cd9047aa604dff7b29dd83257861d3830d93043f61fa414da821772a17e22dc33f7bd507a1c4109739f4a085a6450181828bffdb7eee965f217b4527e9907fbb27801f823822bbff0f070b8f7883369c83cff73b70b619a1e7a1aa7db3f55ab1b8c109f6555ea2a94993c24868a5812e018e0d88c86462b58a6be861c929d66a1967d632a55d1f6f74e99b9bbec9d492b04704813a0ec69f8f23ea78f6e24233813a656dd4859f7c96dcd26994a3f65065ff860189589194d3c6cb67f8c3e781f67e0c05574abe210d15432613d41d690ad24a600ecf4ab709450e3771ee28c2f3e0c67ffe8a62a145bd8ad97474e9deb30f74359cdfbacd215458e4f77731824458f5df85ba5955aa0eb568297513e4b51387a5e881858f03edc11512680af552049a80909a21d25d16ba607ee797820100d55cdbf17683c488e7aac265119022851ebcad2d4e0e13874c87dd2912dd7677ba05c4adee47f9953ec1d574eead6948aa0dec5783835ee13e6d7c4f2919b4d9fdbefafb7ce98b9c618f87851eed88832c8dbe563e58447e0478a2f5fa9233797a4dd64e93f9c1229490e39de316a78180dee4312077dcbe38e67e3b628aa662e69c561ca50058bab73723bdd0efcc0d768c12b1dd468ae86bddd9146765354d4a75067c20fc1ea51129b33f0d91013e9a244c3f5aa16df506498a34d213ab496ae8fb0fc5d2628e885b6a0a832a82594b80a1795093d", 0xfd1, 0x0, 0x0) mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) dup2(r8, r7) 22.84394333s ago: executing program 2 (id=4989): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00', 0x0}) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000020000000000000000", @ANYRES32=r2], 0x20}}, 0x0) 22.454800146s ago: executing program 2 (id=4991): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2}, 0x10) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2}, 0x10) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r4, 0x2, 0x1, 0x0, &(0x7f0000000140)=[0x0, 0x0], 0x2, 0x0, 0x0, 0x0, 0x0}, 0x40) 22.275129419s ago: executing program 2 (id=4992): syz_open_dev$evdev(&(0x7f0000000a00), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$EVIOCGRAB(r0, 0x400445a0, &(0x7f0000000440)) creat(0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="c80000000002010400000000000000000a0000003c0001800c00028005000100010000002c00018014000300fc00000000000000000000000000000014000400fe8800000000000000000000000000013c0003800c00028005000100000000002c00018014000300fc00000000000000000000000000000014000400000000000000000000000000000000013c0002800c00028005000100000000002c00018014000300fe8000000000000000000000000000bb14000400ff020000000000000000000000000001dca434bda38c8debb471848e24273996e2a4ec02935b7ea8d361fbb01c76227bdd4d47049e886493583398d423b4633090904a7c31f64bd68c751592360c55f877cc16795ada1d90a2816d118cbaffbc3d5097910ce7fb88c17c609fb87d670d69ba84e3a6f843d978c8ccc6a54321c6b2c4707692b2da6564c48918495276ee184885c5f3357168b4d3aa97c14baf27e537446655354950883a471d94c4bb4abbdad3ab13731e400d5853cec460859b666f6f4cb427c3e16cfb3ba88c49021a768a6579482607f9625e8d071d2fe846948630b76f012c11d929163c0d49e212b59274cca6fabc8aa1591b8a440b22de9e1b232222b3a8b6618a0e92ef8f1e0fc29d1f251c81e79952a8ec10006335623bfb5f9370a87d881033f364d685255ac14b6c9cddd342406f82d2c21774ec27357856eed7ec90429e77531af246960266c754b0b50bfe228b289474041ca12f715db62b25970a5c8dc9bb90d4c359e1855e0de8d8d9"], 0xc8}}, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x45b, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a65d173b6e4243326c729163050547d49338a737bc894f487bc9b51e75ac2031ea714ed6c917f13e3cc0ee85a75e9a98a42f9aad6f1e244c1daa06ee55b205e11aa3a2982387210bccd26c5108f2a548b06dd0a0520ca8f99532ab0a4fd8c33f0f01ad40b74ef4e9f0d01b7bbc8aa69296cca1f19d92c5be8ffa3264e3951dd318363e02d36fa69ecaa3978b6c471c9dde0052632d1ebe277982fb0c900dd3f461257ad46a69b8f1e9bc36d8992426aa4adddc024bb74a39539f1cf801502cbd0d7acb8b2c5d9778a8253d2c8746d5b252a32f67c94cb8916a6310c1af0c0eb6f09a07d5020948a9c0f147c01d4a8b3af25686eadef9eaed2623cb012521ab86453e71bf351c130b6d33ffc388afdb5b2b7c16c1002a0640dd73e7a7e6a852dd2c75209d711a50363e46116ad2a14483c3729a81e4ef2fed2f18732f0038e079e561eea96eb665219070f42139c627dd5f185d23fdc316d38eb99826bcb63938d6cd1af3b5274f57009f87854ad98bef03025c32e7aa4a721d28e94ec5feff3a279c2e1c18002e39eaaefec3dfd1eae45a61e4283e8a7ef1eaf70d93a0333a9ff9ef048332f3fcc797076f8c02858548418e34a9967282de2eb4cc6438f0b6c9dcc204cdd732dd88624b39c16e8f80819cb72be6ab07492ed05ade4caf1ae3d723830523e32c02786c50ac1f47b994ed49fc4b9b318a4c86b4f7fb0d3c6a8763ef27cd52936cc55ef5ac50935a7f706464be90ea4b5f894ad92910de17889a6236a4bda8aac5e1daa70a8fcf248360cdd4e86f854f23e3e4792d91c85f1ed6cf7c36bbe9d879fc86b55e55e0566b6451aad55b1"}) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0xc0a85322, &(0x7f0000000100)={{0x0, 0x80}}) setsockopt$RXRPC_MIN_SECURITY_LEVEL(r0, 0x110, 0x4, &(0x7f00000006c0)=0x1, 0x4) tkill(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) syz_usb_connect$cdc_ncm(0x0, 0xa9, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x97, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6, 0x24, 0x1a, 0x9c4c}, [@country_functional={0x10, 0x24, 0x7, 0x80, 0x0, [0x0, 0xfffe, 0x0, 0x0, 0x6]}, @call_mgmt={0x5}, @mdlm_detail={0x26, 0x24, 0x13, 0x0, "d9f62b8b787a06263152755fc26d0ffd3185cc6f4ec2b3ca3f875b6e356f9c5682cf"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x3}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x0, 0x1}}}}}}}]}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 21.897676955s ago: executing program 2 (id=4994): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000027c0)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000002740)=[{&(0x7f0000000140)='W', 0x1}], 0x1}}], 0x2, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000200)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3) shutdown(r0, 0x2) 21.565388029s ago: executing program 3 (id=4997): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet(0x2, 0x1, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xffff8edc, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r3}, 0xc) r4 = socket$nl_rdma(0x10, 0x3, 0x14) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000280)=ANY=[@ANYRES8=r4, @ANYRES8=r0, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x2}}, 0x1c, 0x0, 0x0, 0x0, 0x28}, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='rdma.current\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) preadv(r7, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="680000000714010025bd7000ffdbdf25080001000100000008000100000000000900020073797a32000000000900020073797a3000000000050042000100000008000100010000000900020073797a30000000000900020073797a3000000000080001"], 0x68}}, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x400800, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x301) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000080)={0xa3, 0xd, 0x0, 0x0, 0x59, 0x0, 0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RELOAD(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000250000000e0001006e657464657673696d30000008008a0000000002007833f83c00000000000000", @ANYRES32=r9, @ANYBLOB], 0x3c}}, 0x0) 21.080019028s ago: executing program 3 (id=4999): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200000700000000000000000000008500000041000000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 5) 20.507656341s ago: executing program 3 (id=5002): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2}, 0x10) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2}, 0x10) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r4, 0x2, 0x1, 0x0, &(0x7f0000000140)=[0x0, 0x0], 0x2, 0x0, 0x0, 0x0, 0x0}, 0x40) 20.426806788s ago: executing program 3 (id=5003): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) socket$unix(0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf09000000000000b609010000000000650006000010000018010000646c6c2500000000002020207b9af8ff000000002d9a00000000000037090000f8ffffffb702000008000000b70300000000000015000000060000003d93000000000000b5030000000000008500000076000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) preadv(r2, 0x0, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000140a010200000000000000000200000008000340000000000c82bd2cbc00064000000000000000020900010073797a300000000014000000110001000000000000000000"], 0x5c}}, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) getpid() r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x0, 0x0, 'rr\x00'}, 0x2c) r5 = socket$inet_sctp(0x2, 0x1, 0x84) sendmmsg$inet_sctp(r5, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)="9e", 0x1}], 0x1}], 0x1, 0xfc) 19.953190812s ago: executing program 3 (id=5006): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r2], 0x1c}}, 0x0) 18.612507366s ago: executing program 4 (id=5010): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet(0x2, 0x1, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xffff8edc, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r3}, 0xc) r4 = socket$nl_rdma(0x10, 0x3, 0x14) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000280)=ANY=[@ANYRES8=r4, @ANYRES8=r0, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x2}}, 0x1c, 0x0, 0x0, 0x0, 0x28}, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='rdma.current\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) preadv(r7, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="680000000714010025bd7000ffdbdf25080001000100000008000100000000000900020073797a32000000000900020073797a3000000000050042000100000008000100010000000900020073797a30000000000900020073797a3000000000080001"], 0x68}}, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x400800, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x301) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000080)={0xa3, 0xd, 0x0, 0x0, 0x59, 0x0, 0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RELOAD(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="01000000000000000000250000000e0001006e657464657673696d30000008008a0000000002007833f83c00000000000000", @ANYRES32=r9, @ANYBLOB], 0x3c}}, 0x0) 18.164248626s ago: executing program 4 (id=5012): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = gettid() write$rfkill(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x3, 0x1}, 0x8) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) write$sndseq(r1, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x5}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time}], 0x70) ioctl$TIOCGDEV(r1, 0x80045432, &(0x7f0000000100)) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x200d}}}, 0x7) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) signalfd(0xffffffffffffffff, &(0x7f0000000200)={[0xca]}, 0x8) poll(&(0x7f0000000000), 0x49, 0x2) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="03000074340a7e0be03d552b9b09d599feee46181b0536283bf7a5d1476b06e6fcc97e78cbfc706e70dad1ec9da94e165aef5bc94a5ef9aef5fb9c0c1b0c60557581022dc8a4280f57436949235e64187228eef93f1463cbae21d023bd97a2190100000054fb36e2ae92b5ae59a5fdcc15b6"], 0x78) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x0) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4) syz_emit_ethernet(0x32, &(0x7f00000015c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x10, 0x0, @opaque="0398dae4bc27e62a"}}}}}, 0x0) sched_setscheduler(0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000080)={[{@mpol={'mpol', 0x3d, {'interleave', '', @val={0x3a, [0x0]}}}, 0x4e}]}) 18.044128369s ago: executing program 4 (id=5013): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2}, 0x10) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2}, 0x10) r4 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r4, 0x2, 0x1, 0x0, &(0x7f0000000140)=[0x0, 0x0], 0x2, 0x0, 0x0, 0x0, 0x0}, 0x40) 17.871981025s ago: executing program 4 (id=5014): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000020000000000000000", @ANYRES32=r1], 0x20}}, 0x0) 17.311807976s ago: executing program 4 (id=5018): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0) syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x5, 0x0, @dev, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x8, 0x3, 0x0, [{@empty}, {@private}]}, @ssrr={0x89, 0x7, 0xce, [@broadcast]}, @generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000380)={0x0, 0xa, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, &(0x7f0000000380)='GPL\x00'}, 0x90) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0xffff}, 0x19) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@getneightbl={0x14, 0x42, 0x229}, 0x14}}, 0x0) r2 = socket$inet(0x2, 0x3, 0x33) getsockopt$inet_mreqsrc(r2, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) syz_usb_control_io$hid(r0, &(0x7f0000001140)={0x24, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, &(0x7f0000000080)={0x20, 0xb, 0x49, {0x49, 0x2, "da4d643cb611e529a744cb13b04734a44c92a6680db9261c236e9b5bee4197ba4ea6cf3a99933b25d4678183fb15f278cfa5d4155fd4867b4d525593388552ea846dafb680a82a"}}, &(0x7f0000000100)={0x0, 0x3, 0x6f, @string={0x6f, 0x3, "ff1dec70d5019620c4b0441dad5b9cc7821f7a3f5b528256aaf1d6492290a00723cc78d237a8eeb969043c0632128892b203be809a9d095d1e7d841ebab32e91e36ec70e318a41388b3aa54b77243d7a944a2cbac86b217c81c41c5ad1235e7bdc8ef827de770407d6d3e0a89a"}}, &(0x7f0000000180)={0x0, 0x22, 0x8, {[@main=@item_012={0x1, 0x0, 0xc, "d8"}, @global=@item_4={0x3, 0x1, 0x9, "b9d8c065"}, @local=@item_012={0x0, 0x2, 0x7}]}}, &(0x7f00000001c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1, 0x5, 0x1, {0x22, 0x49f}}}}, &(0x7f0000000440)={0x2c, &(0x7f0000000240)={0x60, 0xf, 0xe2, "1cc51f7ab99a5a12637f33413c49aa2db1b1137f426ace414d169e90e5d55f5921e983d0c3b57a0a51d6bb74fc5dab44a77baa883ffebfd3ee33a77618a638aabadf978e06cceb807a35fe4783a7809ec823acb07c1c62fb80e1139bf7759275f09dfed55a73249dc33a622f7e6b18e9e93cd9aa42742cb1e8d7f382163356202f487fd4ff173d789283cd29d4e5eb7f18804a98c0421efb6767dc49d49ee8007a288befe82480235a3922bcf195c66ebcf3e379986ca9997aacfc4184e23688057b555b33b15cb75931e7c6e837f212270892518b202ad4febd30c0b579a1a6257d"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0x80}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x3}, &(0x7f00000004c0)={0x20, 0x1, 0x9c, "220d21ec235888932dee8c1834334214f1229223aa53258b0d0c8651639f383e30e34d69af38b1612332bddb0eab9cbff3e933534ae13f4419356689dde73211ebd457ce4deed6074ba23739ef82af0924d4670595bc074bad44d73ef72393a572db6b09a191605ea68b4fba31e5fcc8f84222856fb4a6fd360993d081b688574c7b29aebd31fe5f3696ffef13fedcb4a950168a8b856e5240d56cc6"}, &(0x7f0000000400)={0x20, 0x3, 0x1, 0x6}}) 9.569731791s ago: executing program 1 (id=5042): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x1d5) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/diskstats\x00', 0x0, 0x0) preadv(r3, &(0x7f0000000000)=[{&(0x7f00000010c0)=""/4106, 0x100a}], 0x1, 0x7a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000300)={0x1}) ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x5437, 0x0) capset(0x0, &(0x7f0000000280)) fchdir(0xffffffffffffffff) bpf$ENABLE_STATS(0x20, 0x0, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r4 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x1000, @remote, 0x1}, 0x1c) r5 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) 7.763049521s ago: executing program 1 (id=5048): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0) syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x5, 0x0, @dev, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x8, 0x3, 0x0, [{@empty}, {@private}]}, @ssrr={0x89, 0x7, 0xce, [@broadcast]}, @generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, &(0x7f0000000380)='GPL\x00'}, 0x90) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0xffff}, 0x19) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@getneightbl={0x14, 0x42, 0x229}, 0x14}}, 0x0) r2 = socket$inet(0x2, 0x3, 0x33) getsockopt$inet_mreqsrc(r2, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) syz_usb_control_io$hid(r0, &(0x7f0000001140)={0x24, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, &(0x7f0000000080)={0x20, 0xb, 0x49, {0x49, 0x2, "da4d643cb611e529a744cb13b04734a44c92a6680db9261c236e9b5bee4197ba4ea6cf3a99933b25d4678183fb15f278cfa5d4155fd4867b4d525593388552ea846dafb680a82a"}}, &(0x7f0000000100)={0x0, 0x3, 0x6f, @string={0x6f, 0x3, "ff1dec70d5019620c4b0441dad5b9cc7821f7a3f5b528256aaf1d6492290a00723cc78d237a8eeb969043c0632128892b203be809a9d095d1e7d841ebab32e91e36ec70e318a41388b3aa54b77243d7a944a2cbac86b217c81c41c5ad1235e7bdc8ef827de770407d6d3e0a89a"}}, &(0x7f0000000180)={0x0, 0x22, 0x8, {[@main=@item_012={0x1, 0x0, 0x0, "d8"}, @global=@item_4={0x3, 0x1, 0x9, "b9d8c065"}, @local=@item_012={0x0, 0x2, 0x7}]}}, &(0x7f00000001c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1, 0x5, 0x1, {0x22, 0x49f}}}}, &(0x7f0000000440)={0x2c, &(0x7f0000000240)={0x60, 0xf, 0xe2, "1cc51f7ab99a5a12637f33413c49aa2db1b1137f426ace414d169e90e5d55f5921e983d0c3b57a0a51d6bb74fc5dab44a77baa883ffebfd3ee33a77618a638aabadf978e06cceb807a35fe4783a7809ec823acb07c1c62fb80e1139bf7759275f09dfed55a73249dc33a622f7e6b18e9e93cd9aa42742cb1e8d7f382163356202f487fd4ff173d789283cd29d4e5eb7f18804a98c0421efb6767dc49d49ee8007a288befe82480235a3922bcf195c66ebcf3e379986ca9997aacfc4184e23688057b555b33b15cb75931e7c6e837f212270892518b202ad4febd30c0b579a1a6257d"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0x80}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x3}, &(0x7f00000004c0)={0x20, 0x1, 0x9d, "220d21ec235888932dee8c1834334214f1229223aa53258b0d0c8651639f383e30e34d69af38b1612332bddb0eab9cbff3e933534ae13f4419356689dde73211ebd457ce4deed6074ba23739ef82af0924d4670595bc074bad44d73ef72393a572db6b09a191605ea68b4fba31e5fcc8f84222856fb4a6fd360993d081b688574c7b29aebd31fe5f3696ffef13fedcb4a950168a8b856e5240d56cc68e"}, &(0x7f0000000400)={0x20, 0x3, 0x1, 0x6}}) 5.883111286s ago: executing program 1 (id=5056): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x40000001, 0x0, 0x4}, 0x48) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) r1 = inotify_init() readv(r1, &(0x7f0000000440)=[{&(0x7f0000000300)=""/146, 0x92}], 0x1) inotify_add_watch(r1, &(0x7f00000002c0)='.\x00', 0xc2000a22) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='blkio.bfq.io_service_time\x00', 0x275a, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r4, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f0000000040)="0f017715b9800000c00f3235000100000f300f01cb0f01c9b8010000000f01c10f090fc7ab008000000f20e035400000000f22e00f01cf0f01c3", 0x3a}], 0x1, 0x0, 0x0, 0x0) preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = openat$cgroup_ro(r2, &(0x7f00000003c0)='cgroup.stat\x00', 0x275a, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0) write$binfmt_script(r7, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0) preadv(r7, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0x7c}], 0x1, 0xffffffff, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000180)="66b9800000c0bb326635000800000f300f0f1c9af26dbaa000ec672e660f38803d004000000f285473f613f6200f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x47}], 0x1, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sysfs$1(0x1, &(0x7f00000001c0)='sysfs\x00') r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) 4.0395335s ago: executing program 3 (id=5006): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r2], 0x1c}}, 0x0) 3.489255704s ago: executing program 2 (id=4994): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000027c0)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000002740)=[{&(0x7f0000000140)='W', 0x1}], 0x1}}], 0x2, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000200)) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3) shutdown(r0, 0x2) 2.810956287s ago: executing program 1 (id=5059): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r2) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r1, 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r0, r3, 0x1, 0x0, @void}, 0x10) syz_open_dev$dri(0x0, 0x1ff, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="440000000406010100000000ffffffffffffff040500010007"], 0x44}}, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f00007fe000/0x800000)=nil) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e04001220", @ANYRES16], 0x7) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) connect$nfc_llcp(0xffffffffffffffff, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) r6 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000040)=@ethtool_stats}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f0000c5e000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000080)="0fc7acecb2cbd1ba66baf80cb8bf4f3f85ef66bafc0cb04bee0f098fc8208e25dc784c5b00660fda760066ba610066b80a0066ef0f3264f20f51c3b8010000000f01d966ba2000ed", 0x48}], 0x1, 0x18, &(0x7f0000000140)=[@efer={0x2, 0x8000}], 0x1) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2000000000000065, &(0x7f0000000380)=ANY=[@ANYRES32=r6, @ANYRES8, @ANYRESOCT, @ANYRESDEC=r7, @ANYRES64=r0, @ANYRES16=r0], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bind$inet6(r8, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r9 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r9, 0x40045542, &(0x7f0000000040)) syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x90002) syz_open_dev$midi(&(0x7f0000000180), 0x81, 0x810) listen(r8, 0x0) 736.817156ms ago: executing program 0 (id=5060): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000280), 0xfea7) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, 0x0, &(0x7f0000000280)}, 0x20) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000540)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000015000500511b48013d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd"], 0x0}, 0x90) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000280)=""/59}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000480)={0x1, r3}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x63, &(0x7f0000000600)=""/99}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x90) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)={0x1ec, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME={0x1cf, 0x33, @reassoc_resp={{{0x0, 0x0, 0x8}, {}, @broadcast, @device_a, @random="f7ab87594b3f"}, 0x0, 0x0, @random, @val, @void, [{0xdd, 0x6, "8b7668a21729"}, {0xdd, 0x76, "d8a062cc132f8c370fffcfbf6c255947985b88cb9f22e02d96f87d9c0a6796487053adb1a2d1f8ed33d6ef7faf4ba99f81c72edefbc742d2d897c0fb6eb2289c22b03871ec6ddb7398d4b5509078903c634145233d8a7a9a2fc09946ff1a847d43452a17ee7a24318e4ed910599f7ebc8291d4dd5285"}, {0xdd, 0xbf, "95e79490e4be3bd5f39a64947fd4f137cfd9c5eca413775fff8b403d1c6824961df673862737c366f53984496ea72bc7f78d843ce303b67336957356a02e1c5bdcbd4acf120d5d44f07910bdee6eabe82f6c76ecc7c98d5a107f6eab471672d7179671906048fe7622486b35f02bac5c2f9f0c923711e82767b10da5a68b7e74d5ed8477aa43553caa8a6a5244b329c5ea5d533697643fd5f3fa33ac9b1eac2c7f88c0d5c6c9594a701e79960dd7d5ab4df31389e8ac5150470ceda144758f"}, {0xdd, 0x6, "85251095238f"}, {0xdd, 0x60, "a83d63f0d27aa001676fcb9ee526e68baeaffb47b1c3feb502aa94cc0c02fa026b0843067418e349a066eb39770717f632173e6bf4be46c03a8b7d4a3e7be2dd21f3c139c233576a6580ed5368fc27caead9239899776d594603177acb5662b5"}]}}]}, 0x1ec}}, 0x0) sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x78, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x63, 0x5b, "d7714eca28de5024d0ec581650637451a231c9a359db2883971459900802dce5a36c5ea993379721504b148e17535a5be05440d64727089fbe293f7499c387d4df7f9b5bbfa3c781fec9157ba0430202bd95eb556f861c308bdeb14acfc7d1"}]}, 0x78}, 0x1, 0x0, 0x0, 0x5}, 0x40841) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="b400000000000000dd0a0000000000006301a4000000000095000000000000006681fabfa7afdea451352385fd277a26b1928972a90713774dee000000008abeded0f241d9e16380276de7f845fb77f3942b1b2f835d2704d284651cec42865a01e610e1d8ebed3bca771dd8dfc94bf8454e0ba5feb0a8fb9c709340a7"], &(0x7f0000000400)='syzkaller\x00', 0x5, 0xba, &(0x7f000000cf3d)=""/186, 0x0, 0x44, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000440), 0x8}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140), 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002d40)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d68b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced844891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c298774009d8c6a16c7da308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd805deb28c13c1ed1c0d0900846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c568cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f75bd06b4082d43e121861b5cc03f1a3361f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c78974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c21dd8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042"], &(0x7f0000000340)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r5, 0x18000000000002a0, 0xfe, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f0080065e0050000000000002f77fbac141416e000030a44079f03b180006000000000845013f2325f003901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xfffffffe}, 0x2c) 736.515514ms ago: executing program 0 (id=5061): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f00000002c0)={0x3e}) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) write$uinput_user_dev(r0, &(0x7f0000001740)={'syz1\x00'}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0) r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0xf, &(0x7f0000000100)=@ringbuf={{0x18, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5f5e0ff}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0xffc, &(0x7f0000001e40)=""/4092}, 0x90) 736.21974ms ago: executing program 0 (id=5062): r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$l2tp(0x2, 0x2, 0x73) sendto$l2tp(r1, &(0x7f0000000000)="04bace67ff4d317f039b956bbbe91fe404c78dfcaf3bf4dae9f134c9cb59c162756ece7d3eb2b625d72e682cab3ec3137830be2435efe7ec6006f9f2612cd6d72901d419e962f3c7fa1fd49d222cbeb3989bf99d421f91ca4b3c6b4f688998643845bf55fb66ee1729882dfe4c1300915ce0b2197fd66cfc5ea36e", 0x7b, 0x40000, &(0x7f0000000180)={0x2, 0x0, @local, 0x3}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x2}, 0x48) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x13, &(0x7f00000010c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1b) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000040)='signal_deliver\x00', r3}, 0x10) syz_open_procfs$namespace(0xffffffffffffffff, 0xfffffffffffffffe) bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-aes-aesni\x00'}, 0x3d) r4 = accept4(r0, 0x0, 0x0, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r5}, 0x10) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') preadv(r6, &(0x7f0000000040)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x0, 0x0) eventfd(0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x14}}, 0x20004000) write$binfmt_misc(r0, &(0x7f0000000100)={'syz0', "faa36fe9e3035dc4e9d3009bca19227224143694d3c4b35048398f7429778a45b16c9c52020226d019a4fb8c4c677fcc5597225dbb2409441644b495ecfeb1ec6141d522f17a2d15bde1a9e0d8206a394675a5b05a0e4941203e9dbb7d2dcd1f337aab93983c003a6e7029267edac2b97c19"}, 0x76) r7 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800) recvfrom$llc(r7, 0x0, 0x0, 0x0, 0x0, 0x0) 735.981778ms ago: executing program 0 (id=5063): r0 = syz_io_uring_setup(0x6908, &(0x7f0000000340), &(0x7f0000000140), &(0x7f0000000100)) r1 = io_uring_setup(0x0, &(0x7f0000000200)) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x17, 0x20000002, r2) 597.216758ms ago: executing program 1 (id=5064): r0 = socket$nl_generic(0x10, 0x3, 0x10) add_key(&(0x7f0000000040)='rxrpc\x00', 0x0, &(0x7f00000000c0)="00000000e663345a43e5a45eb7043c12e378ce1303000000000000006583f856ba5d77fd7984b1cf", 0x28, 0xfffffffffffffffe) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001a00010000000000000000000a000000000000000000000006"], 0x24}}, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af2502"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x19, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f019"}, {0x21, 0x7, "b8a3e100908f61640000000200fe80ffff00000000000000ff0bc0fe00000000008879e66485201a0015ca83747357a027450004000000"}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a44fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000280), 0x80000, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_int(r3, 0x1, 0xf, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="94000000", @ANYRES16=r2, @ANYBLOB="000226bd7000fbdbdf257600000008000300", @ANYRES32=r4, @ANYBLOB="0c009900ba000000030000000c00580039000000000000000c00580032000000000000000c003a783c9f0430ce1958004b000000000000000c00580066000000000000000c00580009000000000000000c00580045000000000000000c00580046000000000000000c0058f8ff00"/120], 0x94}, 0x1, 0x0, 0x0, 0x20048014}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 544.140903ms ago: executing program 0 (id=5065): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x1f00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)}, 0x50) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500280008005400000060ec970001981100fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef) 464.631775ms ago: executing program 1 (id=5066): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) flock(0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000001000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockopt$bt_BT_POWER(r4, 0x112, 0x9, 0x0, &(0x7f0000000100)) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000b00)=[{{&(0x7f0000000440)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000004c0), 0x0, &(0x7f0000000640)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xffffffffffffffff}}}, @rights={{0x30, 0x1, 0x1, [r2, r3, 0xffffffffffffffff, 0xffffffffffffffff, r4, r3, r2, r2]}}], 0x50, 0x20004800}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f00000006c0)="e9497a7c459e7c4ef89dfea15202792cc998f292c9378ede0045f5f9596615949b2616436a4f710ae287da74a58dbf24d1f663707094bfbcc61bda788b032c108a0df7c7e5445c9e91dcf1cc37027a5362d3887f2ceedcb16c87cb4bfdfc285424c80ce9012c4c992c0a9de002409d8bd02480f6914305f2774741b41f5fc96402fede57e67c60ce7c2798cd032ee7d006", 0x91}, {&(0x7f0000001040)="94da3d6f94dbafdcaf39af9504563a192b6d68e7af46f96c72370f26e74baa790762d72e20f4c0b6bd8cbbe831cb718823f3844d9aff90bbe51927416dfc7516e5e5a83ab8ab7af79aa2909f9501d840389c1895dc63fe9f0ad46c31f9113433e639e828355d32e8423d984070296815f3d250c1184e001c5a7a3e99dc02e1b0a9fa502ee2f1c2f623073673e2f279b301a25b2f71f3c1874ea48a964095bfb02d2ca3b2f0367408234bc562a05ba088340d393ab6439723cc016393ac9058f3178d34c623391a30f68ba5ac5f1cb01de7563007427d703a64132fbf5bf5613e8f2d34ea407707bed4c85709605a222496ecda9b51c20fdd79e1971dab1593e8ea5c65accce711957db72d7e13b036196d97246cef1c8ab4c0465c56b98e4d844fdf75779a1353ca13a4cccabc93b7ed13a34aa6b1cd07e9bdf77a49bc60f779289c6db4916c89a839b3c3a1b20ccc2e31a5c0151cbad89f7ddc17e2f8cda66386125b0ab39d6e823ebc70af35f2a36f90046566759028fefb0f432e8cfcd55c0b7d86ca15cb7acbd1b342374ef468793704ae971d0c98273a3a47563e4e48568fb679627db63dd13791b124049da10c7dee252134b465ed807f31312f900e52a5429988fdef00a41d35924cdd270d9d9193dc2c6421db6c336fb86f4451ae79547534304d3876c9a079a7cae67238cc8d013716721aecad4c94ec2800c3ca93b955a8a0b72b3b9ae1a5f1212ba3dd792c47fbf688beb34998f80b90529b2f6308494891f3ba6787b1e99b811fc5774eb09b79a28138f3550ab12f9cef3c8948311996c2eef2822649875c7c489ab7ddf6886be9dc293a8dd62084c9eedacd61096f1555f1cb9788d92d721c3933e6d2d0eef90a50ad09e1b94de257fadf6cabd26733865a3647e58ab7f774f9fd85f95090cb20c9a58660e4f8f5b034c40a4d5ee03f6643970332c9cad9dc58178e80f2a84c55c67c5647a6a4c3aa3539d0884666165b7e669ca72a18bfa15b98a50124f503b2d6fe0b5b1e5cce6f4fbed7b798e2c1bf1d2617fe7469e29b62be04af1cb0a5a6230ebfc56e2b10e75fa52365f830b3274de6220ff812f78d84a04bfea0f28f5ee44e4f079b45389eb18496f407600e1e2fa2eeaad53ea46aac02b817ba39518b0f64f4cc9ae0a9f7768104077ce586b91989f7c81e61ba90f6126120340bb5e785fdd0fb08e0a50792db83a23a5c3537d0edbfb844049f977a25f33af82edb04717b8058ce35842baa86b836b24665941da3771d8586189eeab1cd804e1d0ee453622005dd0401b3d5f177ad96be445c8d534ec014a899a7bd00f23cf21ff65b211c37810ee1add2aaff7a15924eb2fff234ff94041654f89dd9a9618dabcd8ceba66598b76e474c9e31f5b17fabc0187d50c9dd0e60931d63b7380ebb467adecbb54e5238bbc021eaaa1594659512235c60dff7571f4f148401b2a1531e52e7dbb2d4a38f2944261d92f2f1413a7a8d4de4f36c3c2e9215c5bf222887e38d723f0a0f21198eaee9bc5a7c0d8cef699ec4862e954541ab8f6aaf4e9109b3fcf8d30636435c0a8aba53c1a51a75dcac6c12c098b2a0fa01d0aa6f55afe93552bdf6843758b15094f132a989fc8440bfcfbed90331426ab6a4f121d568d22be9e7cd11f981ceb42207db74fafe9ae4e0fcd7d689698c3981494e8ccf6e3501a72086c8e025e0987288818a61fcab0874e726b8a410ae80fde60590d14a048c5803adfc15b8e1e76d4fd70a847cc8c03228c2338cef50afe3414a232a46414acc8abe04b1aed50311c8e16e0596effbadbe76cfe8171c11981838792b083cb1ebd89fb2a8859c1ac9854e558af8076a79d04e785affbc4ecb9fbfc39417e744ed508b594011c90b9ee1d49c76ba0b49a3aa995709838afc2911a8c10a98bd32958dad844b9cc056290b348d1446c2bcdb49def6152f5653980f5a9fc0460d053b90bb61c734f7d998b35441645c10f7538260e42e0c9656bb40f4ebc04335d6ccce33b3a69d12eb612d25f529514e58e50371c4d917e3884419193d942f0a50cb65faa7d1914a31411425d12e09ca6b39780e468025298030ecad75c5592a860ce663a710734633aba76dbdc784916a2176a7241a9a3ffa865801a48bd299d7a4858ae23869f45262b832c2d1c00485a659dd0dc5c6576faacec8d4aaf8b5e556cedaae50f6f9c9e44218b28ebd56efb1de0c9e47ac9cf012675ef7b617a4d5f66577b311126d039b6ad0b47413c2a75d6ba154364f725d2801990cab320185286e60e7a9413f4b1d13bbbe55702ecf55f2ee8c7ba2bb106aae0ce62f686514a4b7fcb399a4599a7ab6a14d90018088928975aece046289ee5d72776aec3f9d6a938c7005489a4440779b70f84d329f7590546149ecdfbd7acbdc738732054a50b809a80836226e4398dabf580a0cb6bcdd26925a718b4c02ec837a81183e1c282ffd459e3276bd72639636714a9ae956cac066d853ddfdd79dc9422699af7a51ee88a1a6e84f620161ccfba325b679d47b5b144cc4a3759bb144013006c2aca62d22be32a65fc9f72c582ad155002acd7c867fbfff77f6b0ead3e9fd934aaff25edb225729930a3fe971e2737fd7d6fdb99803a362c15044e68efbfbb55d8e321c7053020c5283250a709fa39a2dae449f3d48ffc653d864558ce7c6912119a8f5a4961218bc8595b80496df36d2dfe5f22f57b255f325393979356477466ed91de3b5c0970f016bc3f9e8317535e34804ea95f49044c456e839a509b67fc72c2215a0fe094209c8af59f1ba49eee0942fae1ed75e8abb7d9e379a0565104746783feec7524b23ff572de8d69110919e89132c52348831fe664e577aa72066b88a7e6604eb3e3f2afc92f29474f2957dc3b362b98a71947b1b9f612aad7582dfce232da597f6e489c182730bfb72fb24b473a3e45b268fb6a5a11e83fbdc0c10302397f30532229e1da79a6e8ffd6b259a83f5bc97231962408efcb50d567c5c889cd06d97b4240877a85fbcff3b04e8102935195a7bfd51eddf1b97587f837c1e4d8e3ef890381a7c081ba41c80d3f8b494ec43ae08cfecf3b0baad830cc9455ca641691f598f8f0aeeee48261fa4d97b72190432f4370204d0a41a32fb5e51a8ec94d734db61d812a78e153786d5b91baf9042b91aacb7d5968859205e939790e248c231f804711febc89c85eda2d0bb260df229db398172ce97d4162f7b242bfa1974ed79c8a999d747a5ac4695f70decc752e4a8b90b077019249abf424d866bbc98dcf8b42c56daf76c3663326005617e9f31e3f8d00d3b038c49189a2b22fa11d55a1999f34cdc13681de532d7d197fcead00209bf6860ce341e094f5aae3b29de0bf9247b2f3c31226c862af8b89ce995100d50d54d79d9667fabe1310ace5cdb7923732aaa17b07198824d00039e0d8eb6ef4022ee6605aeefcc7331d3d7ec15d7b848b95ed6233a85590983de6049a32a709e751d06e9a4a6b551c049ce752657b51a4273a3733e48e13ffd8ff1ec5a2b0c40b765f96d2037512eca5eb1c1a9ff3faf65bb6b75bf2bff4386c7e8959eb656323eeb544f40e2f3c7c0b371e6a5022b47fd7a5b000d0af9787f0fc1eea9b8b2cfb1e23fe1fd257473b70caeead094ed716865f82b63137a5372fca5431a2397755264f1df5c7c7eaaaa9ff428d0ea55e34ffef612959cdab7243f4e4c465d8c18ff41a456ba88849ebc55379be729102d06525af44326b387120e10f4b34fa074401b9166de97ee66f91be541808bf5971158c084d5d87bd096a5adb3b70208d918cbc89bac4da4937e249b9112c0d88e5dc989d495ac5bf10db4c9938338f01b89475a8b319001b6911fafcde1584e78151e7dc2e9dfab9d61ea7fe8cfa1550708218e3bcbbecb5e5e4a1e30e5eb6327bdc0819e8aa00a49e35f4af570b2ce2ca3157619f9cbf544a02c0952b4f745e63d2dd99d765f86cd4232cd76189a3a2d4ccd1f753308694b206ca49922851a8ae15870551883fa2e8f679df1a4ea41a446ffee514bc2a612e455456874132808943e2c8d654a1f4f66d1ade752ac24d6551e96cb29c517ffe21e58c23ac02635b2d7894903011d7baba81c898090e31b34776c7f8e0269010e7dcaa9d0ac04cccb1a12fd9d42ca4e6c5a9985736483c6a54d5c4dcded73a6f291b7820ed19bfb26f4de30b991807c641520856215ca98f6be98bdf39efbb5a048dea79f7c5d6c4ac5797df7b8bbf96e2d0844deeea824c58ff8e34194c1dda730465a61f2147fb120d2ffd34e0bcb61fc57ace6d42b851523c6308d56143c1dba4b5fcc29fa888a7a39b09f53d578230076ac7c2595ba0343177d442bb1461610a7f4cdceb47ca1f0405ebe144766db1158fec42ec5d2f0dbc5908c6ab2c58d412946f0e39aa660b275ae7d4a052ddacdeae31eca4666f3e98e6c6f5912df03d7b753e97df32151b01ea4d6233d970fa40d027bec90d718f1b9876e7875d5885992ed1e6d014b812ca2d0930956dbfdb3c0e4cc68215730bcf96f7a1cec75ee60826a6fc847d3c59b60f1e9a8a498e540defde09aea9b3dca4b99b93d2f3cd29cb108af7243d1eb51b2dbe4a6260dc4b03d92f73ff19d87dc2c5715e61eb415546f89d0d386b97c8614cdbbbc64588255e4fe5d6acc2d4b79bb7e4d78e28aeffc8d6a6dbf63894f9ff85bdce84821f1e74dce98bd4483cfe5056a41a0096697d2cd5704cb9dabd98006005defc9133195f9779523d5bc9e2f2b0c1c8972a5b1fa423dea275682927179503197b39524d83699f8bf103ebcd6cc6e7a728fa559e31f9fda64b08394cd8704ccf6265411d14dd0ed23aa3fee702651ac3f6f5e04b33d2f879677722f8946d10b69a6043c254a37d85f12484b6f7eed923a1c3b31431c34f8f470b6955d495fba996b52469c47d416939f9df15b6789b601a887b73e0318be06d09c73c7144e9ad7b9dbe5ee253198928e784857d141de4da7358a8e590e3efb0cbcb79ad9ca9adf348a0fafd9e2ee53992b06d8d4e2ba2e6357e939d8f2d0f866f32129aa750fcdf4469f1082f08037585a47e75cebfad79ee86acf8fed4bf5298f494862fd22fc9a7894a016ac46adef633bd16448951fcc714477f05a6aaaa287dc702fff5a2855d3a209a6281216ad6ba658a106a645d3d14f703702c3f3479ab8f6876bc14feab2a6cf909bc46f1fb4c6ab4bcb307d3c3d65b9c51b9fa2a04c302ecee465f4a54b705cb2015e4d68674df51ad33cbd2e3445656c3b1a730672fbc01dfb389867f6081b263aff3e5b64a024cab9b8cc786e2afeef315109b4f14e0f003dadf499b82bc4407f054edde88e2c4e82c610ac423578dc449e9ade0fa5ea27644a3429a5e84b73267660533d78b10953e6875423eb911948ab36275fc767cabd8b5fc74998c837b88cba94a4be6dc263b23f0ac7e251183262c30843abfac3419220e46299a761862d3c93b16b75a077e441b1b0cc032ae67fcd666cea4f9e2005fa774fc628754dc536d8ee0198ee7c773cb245d0307413e776a0fc0a9eb37defee67c5b89d3ed0c008771780be60c80ccbb5828473279567621bf835cdaca8bbfa916ed35e305a3f755e3e7b5c3aeb6ed89a5645b29a9c29b5d0fad8c6454b6af052530c7cff65fb2ab1c249c72e976dc83ec1da27ba009eafc1ef31272896afdf218a3f78cfdc54fc49a3617561ac7c1d529d6b68f4c8157cc10d71d4fe5aeb6d14e96780afb5a4b1e3297f23d8ba9f67705ae8047f6b1be716e99ac210c3ed51", 0x1000}, {&(0x7f0000002040)="336630dc4bd319ba2ef081bf33e67e879ce0f5bf5c57076bd2bb5d3a6c1befb50882b1c4f13c519b7d3ba18e39556ff0f3b6a08239f84a4b45403b5718ccc060a6e6183a19f86d44be31584e685161889e1a45462b2afa17ab0dfe496c8352555220f44b3fd0e7e3678aad558dd7d194478a8ac5e998c060e2bc83c5a7434a229b1f6e4257c556c9991541c7886bd5e5c4b99a05e2fc3baeab5b9514c3ab3c60ebdaadb2d62176537acdeb913ec1a2c3447ec25843c569b8d132f0e6587be4916ac37f70be64889b7cf35914ec1c864304946e7ff4487ad2305ac6a12168c2fa1e6a53157de40e028ba83a171aa15a4fd4bcca28aa24deea9c1e1052075e78760e3f7ea9764bb70d657bc99065c00499ae64b73a913c2229bb6b9e7559eb1142c81be6449d44e534ba55826de7af5068924d214ca301e13bc3e286d6b8df3eba64192c00d57770fc549926c2ab3cb7527aef924e6278c0d40f7cbdb716b2ea29c057a700dacfe867da0ec03e543366a36e8582b854827ce2a6a81cce39f07079f6ceb8c6589a0336015aa0c477570f4d4d829f3ba8c3b0a667b91b3b3fd731fe5b117ed1ddd0fdd39d27d3d2c6087c6cd4ffc12352d22b1506f8bcdaf9037a3f02143fcbcf5b462719993ebb9cda0058b8ff2be18cb699554725ae53a55af0e5745fd3e4dd33c4d60d1cc89e3b78ad7495ba9308e578bdd547d7132a6a6daed64e39b7f5d96d6da518348cd891c8389f300fde2e6b657dde36fb2ba8b1ef007d688bb8b484349e978a67e8bbc7f7577a3790316205aab6ba321441f082d017d11847f1d330cc8004137d81ee4613c7433acf341317be12330d1886789c46fbeab8aacbdd227b33efc5903cf09e94398609b5170357e23bba2238492c5944e96e26204974f4a51ef91e48375624a9e1632f9650f1bea3e649763cb2b99138b8b63466bcb93416086fd7c008838ca060d018a158aafbd8e7a9e09b713f55195ecf8cc84b01f43ab6939fb44d4ab2cb98c1ca8cda286390bc28e39d5fe6ffe6fd9b78264182a7e27f336b88ed37be7b40b49e0f65b5e118e16f31a2308c4a77d8994f436d6a295bcb37a2336852ec0d31f2551191fbbb42263ed8091be4547559a363af809c93f300f9d18f0f18c538330511d70aadfdfe06cef150090a2389f275e58aa5ae4614ad41626d2c5b92dd1feb8de36f9bf70eb71d2324d0884cbe89d683b879aa5fcecb77afd6a8eb39a1e0aa4e70e45d1a44a4ee5b640595dcb0d602a1f0fab4483c16f510a5a630dcaaac7cbb486cec75d5e1e1dba51ef0356263457d5c9626692fa03ae29dff5df5488b32a5c6b41e31f4ea17eb94781e3576c92027bfa13379e33fc2b8a0dac573bbbccd540f819f84701d5d3cbc83873b23448e8f825232c367c7bd838362d73e0e344a1d1762ea465788e7ed86c32c0ff0799bc61de04386deeb7f970474f795c7e4ad981066c03d5571d22f5f0e6256664c330694dd6156016a3fd817c5b8be54ce11a38e900c532c49481f80e3b572b51da765e5bbe8e0c2d413ebbaef4482d1fe873079938b2704e9f418769796c940b36e2445d8490864b4d051affd6150855eb9e562e7e410dcad0172da7f5adb391e483607256891b8db2e56431fcd8c342a0e92d252005ffef7490a51952800f37bc4c3ad1b9cb9f5daf45e5c936503fca69e15b270aee47b62ad5369159ba4f03343dd70a4d79a65e4b0a8278516b36ffdd3d63ec3f915b59e61fa01cd33095c2ae3ed9e847645a2693ba57413a7301c867424e07411d6a9b03efa353cf30ff6c568b0dad096004ec660a8f60a50cc6fc0913c1ec7dc1b6e88cc1a0844ca10f4967175e4125bfbf4e911867da9c02dee2817bfe0bd40f2122a4ddc38fdc49ebbef4638e41037efd360b5d00cb8a230b26abcb7ca9b9c01c23105b61b463abc5b6a4dcb9ee3bce6f23b8c2781c883a3fa320980b640948b2ea38cd96d9351d7aa28c26966fe7ad811d67f9182f244920e3f301f41b422679887cd7f5f4d43577ea91098388199140c4059b636ad270520de09a8334812ab7112fd182ee5df248dd329568e5dcf7cb0f21184fc554f3c849b82b4c2cdbe1c3e533f14adbd62c789719fc3d1f30c362baaae06a031a9ddb5d9e62b5a8bf94b268344e1c465480a946204d1bb06de4076e493dbf993313b9a296a2e65f9028beb66b2f5201540c79690e751de5141c05a30406cf5cdb786cdc1ea80f78496cb195126cd0904e5e3727db89a121381a7bad0aed13f0f3bd3d3060d5e9acf578f77ba4e3c9438c793a94e30da980e217bec41c90a2b12dc01a009035e315e211258c46beb36e31eeaf02d389d5d189795f66e7ca39e2552a5a5bbcb50fa7252a72259f5ff753765fab0b6a416da2995e43bac72876ea3d0155506da892bc4a89dfe0059d04ecd7667b98f034e817c51775f4164ac169036648246b98c3e736dab2ab265ec035630885bcdd289da2b5f76f86daa82347b4997f197047216d1520a2d74b4009cc9329c597a9c9347f745ef261be2a174296845b03277b64169eb59a22338fcf19538226fde06dad23d93676f9b0eda7b37c8afc469672615d767f65fbc2a413928d714b1b0ae89046dc9383455f79ae0b135016ae6a1980f23e92a57f8cae30d321f31983bb7e72f31d0a656d8634547e40536533b8a4fa1742a8f03b85cd14ef623d097117ee7708c5a15fb694be895f6110d1208ed195b9e0ba9c0434bb5a062c40e94ebf4b06132612508d82a02b7186718646c6d6fb1762b571641628ecea85f2c7fa3d1786ce8ab9bd98a28db98d2707199c310b98f1508801bec1ad1406767e08d45b01f8bb94b7f82a944e7df48e93fc88bec133efc92f7fec5ed0ad078d2c84101303df3b0e55e4b872bebadc3cf537a6223d0dc59a2b60223341087544df618da89051310e69b4cb4a8345140d1bdbef193c8a89159d2bbaeb0bc97ddfe5221632d3819210d92a10ec3cb72e3068ded98dc0814feb9f0bc7936bcff29bbca636eb85d9eed63600fead3c4773f6eba5a026a1de131bcbb0c09cd835a87ab9cc73b8c69a0e33584c04325519f057df0918292766c07587367223755ed7ad9838acaa3002ddc45c57a6e158ac5dc359714a2498f80b8c2d9df5715be3b7fab11669446057ed3f11798df4b8ea1aaa90035820103d78dfb035f44765ebfb6bc619fd2616ed226abfeef988fb9f6930c0c9c5895aa91dd606ed978a8b91f444299f66ca1c73dd3e1cea4704d5cada18d28cf1b8b5c019c4de45fa45779b8242b89e27db1a44d2ed102f766d04aa1bdb8d03cd166c87881bc104db1a1ab8a81c92c8a907b6df4070851406631e437e175f0ea26d544096b2b3a07550e5f94a47f60088a2c23ff59eddf0b9e1baae5686f6cfcda25f9c78947068447e7c559b062dd9961dc3d5a74992b571be349bb233770052e62a14007d99441ea855e7a771a2ea13f0b97e336408cc95fbc1806227c446a2b62b22316079dbd455223bde40ecdd2cc8a79c0505e18b2429c5ca340b5ff4cf1e3e87aa863f5d0f4b19a84c47a4111b46a729031a3f76cab2d0b55d0c3ce6a8cecbc0cddd06b423b4d301cbaa1a1f79009f7ddf3026947037a60d2875da60664dc533d682bf80f07ff1b040dcd0ccba193f745ac37276e877fef4b2995c54cf33741b955aeecee123811b1089e4515edf1f181c4013fb9919980f473c191b877a4b96a86ff06172d70025c0aaab6f21b64c9f4efca77c23241bb2363f7fac32b5a087da20fef033fafa2ff335e874686e0380aad2593bb2c7b38052b6d21ce2c2a85ceb44755d908d87b27ba7658d333677bc24e9a7aa204b6f741800407c77e481f959c26fc06ff1bbc41c1ecdfb2228901a0877716889109ca622b9f68d03de96bab7c0b6b2280c6f7e34edc7d3ad95a84cbb02d2339f64551a001b50cc3a42ad679e8a50a19a3001a862e534d990d8c199852a24bda57c5120d5152b643412089b09fcde2c05cc2b5df7d98c33b4c6a5a262f80c3d85b95a0c6ae0e038fcda56b8540b0976be4e63ea6078a3498ad61096864549e857ecb2fa4bd143a9eab9883cee233dab7624bb8c5360cb7fe5a3ee18d4c54a47764891ea3e93279d17d77666542d3291b19abf9df4eecda7875cfa7374fa40756d48a5060b7039b59ad4e59bac6be73455cd806b9ce57f8b1499a1e8dd60588bb0bed105d9cab607fa97771e7ee89a2d0b1644a9cc1e10c92f3a14878837c329b21aa0125b02de9bad81c508be88efb5e6f56637ac50938caac7a44e045a8638705c9821a1abfe2ac9d7b9b8ca5446e0ebe55bfc8ba30574cce3b0e0cb9756e69d6bb063d0272be79fcc0b030a0ef60902c7a83f71b1f2582cebbe1d90fb77f255cb865f6957de5b51e35e4028a2551b88af61a6540f020b8fa3f359d29381c4299f03b0e6ad6f5c084696ee739d097d9d2afe8ea465f0ccba8a27576d14b7ade31c31e3f22dd121bdaad7c4ab84564ab767f8e2b71f6fe1b6575bd139d6942b19b08f622751339cdafb689fde63c92198ee53b58fefd19894a9ed01ebb067805dfddcc7a7b60106f550304a58ddc1cb52b0d4a1a07529d7be4726b61b1654bd4116c87ae94bba438ecfc1fea887380724ac4a934843874709b1026fdb17c4a28daa75c8ee8e6d765f53249f8289a826b5f81f03d9073931613183ee92620e772c4b69640ccc2f7d594eed1ab33b67c6e8593fcc82ae225e102fd6138a7b678f299f6ddae9684ef626c39665ee57bdaffec549bb4d313b8bf0fa301952fad5e47fedb961c1a4db4c4e2d1b91e433352bf43b3766a62b86f024d9e02c08a84aaee9fe4bc3a3cfca34eeb32531444b30cd6a0e7a39cd8e6185f8535d4accb7c1dbf4116453d3a7486cbc0d0fafec335d52797d9affeada9ace62fb91fee5284c111e5be8af96d389cc421cd6db25195bddb5197a20286325e6aad379051f93154813f49b0344d81231bf34ad8ad35da8164800b4cd69b6f33190894336e8e8fc954fc9b256138209221bff4cbedbc24c1a700e0612be6e09821ff14c01ffeb0558d586fde8ce8f1f33c8e84002d72c8f098d70f525821d954eb77dc66552765519e1886b8adf5139dfdfd528949c6a315e749fc71a2b7ce4e9cddb01aab064802dfc96e6eb673b6bf553aab2fa7da9ebb1c9cbda3514c72998200f1de7394b19d287b49f179dd21326bc3fecfa2b0eb14d76922dcd859617e7109cd0b62ccc4d8688f05de3919be9b37956a385ed11c34a7b55b7c862d5a2c800bf66d2336df786e18d3e819d4a26a30509da158bee95d93c0cda8d0587a04446796443efecc74ef9e6fd7c5e0994e39172a8249965eddca00ce75212a4b9c8990b05d7617778b1c6d772dc1ead43de3d0919219aa21a8583a37f3235e51a9dcc08f1286f33429a084cc5adc8bf64fee2504b94dfc1b66819ba28ae5df866dd7aff9e5b193bd9d02055ebee713c61141e796c6efc8a7d79c63c1ba3de56a84380e24503ac510cbef8fa58b59898f3344cf26a9424688b46261b9abff2a06ccd26d799556c7c1107fd233fe701443472e71d19c1129112022bb78111b5b030235692436765928ddaecd46d0725c49c3eaab702bf1dda6c4c4bc2bbab14cd17dabda97ff680b2f6432824c7797d4e21e0f51c514b057889fbb228e3d4bd244a5b7cf525e2bdc69d8fc787d07e4ccfcc8ef76baab89f20aa214d6420bb0abf8f9d46eecd64ec5b41d1ee1460baf96b0175c598bae20abec9f23f51c76db6a96bb6d9def", 0x1000}, {&(0x7f0000000780)="6b328d16c430615cfb16caaa2d41641cb00f7a3827cfe10fe960fd25b655b37f509ca5cb4bd6d76703a1602188a71a8c14221e0d5235595747df1ad61b04557e91fcd3378823f25d778b432dd9110d5f87b7cbd0f0d1713921b133588f46a7f29b160cd23f4694f11d435a576ea7071fb75ae78f258b2049682ebe0bd827c4777baf38a97425072ff8000087f36efd1a6e1027aa3ee98840abe6a19bc5", 0x9d}, {&(0x7f0000000840)="e0868d332be12d670b26b8560a3ed906c64c00f0269dc3096d641e002f38a962f5b11a0413081b6c04af68b69ef50e16f140411e545561464b6d", 0x3a}], 0x5, &(0x7f0000000a00)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [r3, r3]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [r3, r3, r4, r4, 0xffffffffffffffff, 0xffffffffffffffff, r3]}}], 0xe0, 0x4}}], 0x2, 0x4000000) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r5, 0x400448e4, &(0x7f00000000c0)={0x0, 0x0, '\x00', 0x0, 0x7f}) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r6, @ANYBLOB="ff830500000700ffffff", @ANYRES32], 0x4}}, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x48, r6, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x4}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @multicast}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xffffffff}]}, 0x48}, 0x1, 0x0, 0x0, 0x40001}, 0x8004) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r8 = timerfd_create(0x7, 0x0) clock_settime(0x0, &(0x7f0000000100)={0x77359400}) clock_gettime(0x7, &(0x7f0000000400)) timerfd_settime(r8, 0x0, &(0x7f0000000000)={{0x0, 0x3938700}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)={0x34, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}]}, 0x34}}, 0x0) 454.901496ms ago: executing program 4 (id=5018): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0) syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x5, 0x0, @dev, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x8, 0x3, 0x0, [{@empty}, {@private}]}, @ssrr={0x89, 0x7, 0xce, [@broadcast]}, @generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000000)={0x44, 0x0, &(0x7f0000000380)={0x0, 0xa, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, &(0x7f0000000380)='GPL\x00'}, 0x90) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0xffff}, 0x19) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@getneightbl={0x14, 0x42, 0x229}, 0x14}}, 0x0) r2 = socket$inet(0x2, 0x3, 0x33) getsockopt$inet_mreqsrc(r2, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) syz_usb_control_io$hid(r0, &(0x7f0000001140)={0x24, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, &(0x7f0000000080)={0x20, 0xb, 0x49, {0x49, 0x2, "da4d643cb611e529a744cb13b04734a44c92a6680db9261c236e9b5bee4197ba4ea6cf3a99933b25d4678183fb15f278cfa5d4155fd4867b4d525593388552ea846dafb680a82a"}}, &(0x7f0000000100)={0x0, 0x3, 0x6f, @string={0x6f, 0x3, "ff1dec70d5019620c4b0441dad5b9cc7821f7a3f5b528256aaf1d6492290a00723cc78d237a8eeb969043c0632128892b203be809a9d095d1e7d841ebab32e91e36ec70e318a41388b3aa54b77243d7a944a2cbac86b217c81c41c5ad1235e7bdc8ef827de770407d6d3e0a89a"}}, &(0x7f0000000180)={0x0, 0x22, 0x8, {[@main=@item_012={0x1, 0x0, 0xc, "d8"}, @global=@item_4={0x3, 0x1, 0x9, "b9d8c065"}, @local=@item_012={0x0, 0x2, 0x7}]}}, &(0x7f00000001c0)={0x0, 0x21, 0x9, {0x9, 0x21, 0x1, 0x5, 0x1, {0x22, 0x49f}}}}, &(0x7f0000000440)={0x2c, &(0x7f0000000240)={0x60, 0xf, 0xe2, "1cc51f7ab99a5a12637f33413c49aa2db1b1137f426ace414d169e90e5d55f5921e983d0c3b57a0a51d6bb74fc5dab44a77baa883ffebfd3ee33a77618a638aabadf978e06cceb807a35fe4783a7809ec823acb07c1c62fb80e1139bf7759275f09dfed55a73249dc33a622f7e6b18e9e93cd9aa42742cb1e8d7f382163356202f487fd4ff173d789283cd29d4e5eb7f18804a98c0421efb6767dc49d49ee8007a288befe82480235a3922bcf195c66ebcf3e379986ca9997aacfc4184e23688057b555b33b15cb75931e7c6e837f212270892518b202ad4febd30c0b579a1a6257d"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0x80}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x3}, &(0x7f00000004c0)={0x20, 0x1, 0x9c, "220d21ec235888932dee8c1834334214f1229223aa53258b0d0c8651639f383e30e34d69af38b1612332bddb0eab9cbff3e933534ae13f4419356689dde73211ebd457ce4deed6074ba23739ef82af0924d4670595bc074bad44d73ef72393a572db6b09a191605ea68b4fba31e5fcc8f84222856fb4a6fd360993d081b688574c7b29aebd31fe5f3696ffef13fedcb4a950168a8b856e5240d56cc6"}, &(0x7f0000000400)={0x20, 0x3, 0x1, 0x6}}) 0s ago: executing program 0 (id=5067): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004d0f7b08cdf300000000000000010902120001000000000904"], 0x0) r1 = io_uring_setup(0x17c3, &(0x7f00000002c0)) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) listen(r2, 0x0) recvmmsg(r2, &(0x7f00000050c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_GET_DEVICE(r3, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="040700"/14], 0x14}}, 0x0) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0) r4 = openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="b702000000ecea333eb7ffffec2100ff850000000c0400009500000000"], 0x0}, 0x90) r6 = socket$kcm(0x2, 0x5, 0x84) setsockopt$sock_attach_bpf(r6, 0x84, 0x71, &(0x7f0000000000), 0x8) socket$kcm(0xa, 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0x16, 0x1, 0x0, @prog_fd=r5}, 0x20) r7 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000ac0)="ee", 0x1}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0) close(0xffffffffffffffff) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890c, 0x0) write$uinput_user_dev(r4, &(0x7f0000000f40)={'syz0\x00', {0x0, 0x0, 0x10}, 0x0, [0x0, 0x0, 0x8000, 0x0, 0x3, 0xae6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000], [0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x200000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x45c) write$input_event(r4, &(0x7f00000005c0), 0x18) r8 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt(r8, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r8, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x9) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r8, 0x84, 0x17, &(0x7f00000001c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="00000100fa"], 0x9) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r8, 0x84, 0x19, &(0x7f00000000c0)={0x0, 0x5}, 0x8) kernel console output (not intermixed with test programs): m0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1610.599686][T22244] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1610.608750][T22244] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1610.617627][T22244] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1610.755151][ T5142] gspca_spca508: reg_read err -71 [ 1610.772265][ T5142] gspca_spca508: reg write: error -71 [ 1610.783533][ T5142] spca508 2-1:0.0: probe with driver spca508 failed with error -71 [ 1610.816244][ T5142] usb 2-1: USB disconnect, device number 31 [ 1611.806955][T22251] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1612.094693][T22257] 9pnet_fd: Insufficient options for proto=fd [ 1612.302916][T14472] usb 1-1: new high-speed USB device number 124 using dummy_hcd [ 1613.351935][T14472] usb 1-1: too many configurations: 12, using maximum allowed: 8 [ 1613.434426][ T2820] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1613.473312][ T2820] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1613.600721][T14472] usb 1-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 1613.610996][T14472] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1613.623047][T14472] usb 1-1: config 0 descriptor?? [ 1613.700436][ T2820] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1613.740988][ T2820] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1613.871427][T22268] Cannot find add_set index 0 as target [ 1613.985700][ T2820] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1614.017506][ T2820] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1614.256759][T22275] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(9) [ 1614.263335][T22275] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1614.290370][T22275] vhci_hcd vhci_hcd.0: Device attached [ 1614.310704][ T2820] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1614.349444][ T2820] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1614.378417][T22285] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4678'. [ 1614.426862][T22280] usbip_core: unknown command [ 1614.438985][T22280] vhci_hcd: unknown pdu 875030199 [ 1614.461589][T22280] usbip_core: unknown command [ 1614.481514][ T965] vhci_hcd: stop threads [ 1614.489789][T22251] program syz.0.4668 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1614.518838][T22285] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1614.527804][T22285] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1614.536680][T22285] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1614.545588][T22285] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1614.576517][ T965] vhci_hcd: release socket [ 1614.600577][ T965] vhci_hcd: disconnect device [ 1614.703084][ T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1614.716591][ T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1614.726744][ T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1614.735682][ T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1614.747534][ T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1614.756174][ T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1615.510870][T22286] ip6gretap0 speed is unknown, defaulting to 1000 [ 1615.579205][ T2820] bridge_slave_1: left allmulticast mode [ 1615.585490][ T2820] bridge_slave_1: left promiscuous mode [ 1615.611873][ T2820] bridge0: port 2(bridge_slave_1) entered disabled state [ 1615.636941][ T2820] bridge_slave_0: left allmulticast mode [ 1615.666604][ T2820] bridge_slave_0: left promiscuous mode [ 1615.692251][ T2820] bridge0: port 1(bridge_slave_0) entered disabled state [ 1616.126650][ T5096] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 1616.320999][ T5096] usb 3-1: Using ep0 maxpacket: 8 [ 1616.348863][T14472] usb 1-1: string descriptor 0 read error: -71 [ 1616.359086][ T5096] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1616.385579][T14472] usb 1-1: USB disconnect, device number 124 [ 1616.412279][ T5096] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1616.425297][ T5096] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 1616.448945][ T5096] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1616.463296][ T5096] usb 3-1: config 0 descriptor?? [ 1616.800767][ T53] Bluetooth: hci1: command tx timeout [ 1617.545229][T22318] Cannot find add_set index 0 as target [ 1617.703895][ T29] audit: type=1326 audit(1720472624.485:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22301 comm="syz.2.4682" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1878175bd9 code=0x0 [ 1617.813061][ T5096] usbhid 3-1:0.0: can't add hid device: -71 [ 1617.819159][ T5096] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1617.846889][ T5096] usb 3-1: USB disconnect, device number 38 [ 1618.182903][ T2820] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1618.218880][ T2820] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1618.238425][ T2820] bond0 (unregistering): Released all slaves [ 1618.458304][T22333] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4691'. [ 1618.565198][T22338] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1618.575467][T22338] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1618.585473][T22338] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1618.594560][T22338] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1618.880899][ T53] Bluetooth: hci1: command tx timeout [ 1619.406563][T22346] FAULT_INJECTION: forcing a failure. [ 1619.406563][T22346] name failslab, interval 1, probability 0, space 0, times 0 [ 1619.439583][T22346] CPU: 1 PID: 22346 Comm: syz.3.4695 Not tainted 6.10.0-rc7-syzkaller #0 [ 1619.448067][T22346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1619.458147][T22346] Call Trace: [ 1619.461432][T22346] [ 1619.464362][T22346] dump_stack_lvl+0x241/0x360 [ 1619.469049][T22346] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1619.474254][T22346] ? __pfx__printk+0x10/0x10 [ 1619.478850][T22346] ? ref_tracker_alloc+0x332/0x490 [ 1619.483993][T22346] should_fail_ex+0x3b0/0x4e0 [ 1619.488681][T22346] ? skb_clone+0x20c/0x390 [ 1619.493108][T22346] should_failslab+0x9/0x20 [ 1619.497617][T22346] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1619.502998][T22346] skb_clone+0x20c/0x390 [ 1619.507255][T22346] __netlink_deliver_tap+0x3cc/0x7c0 [ 1619.512625][T22346] ? netlink_deliver_tap+0x2e/0x1b0 [ 1619.517909][T22346] netlink_deliver_tap+0x19d/0x1b0 [ 1619.523047][T22346] netlink_unicast+0x7b8/0x980 [ 1619.527830][T22346] ? __pfx_netlink_unicast+0x10/0x10 [ 1619.533133][T22346] ? __virt_addr_valid+0x183/0x520 [ 1619.538275][T22346] ? __check_object_size+0x49c/0x900 [ 1619.543576][T22346] ? bpf_lsm_netlink_send+0x9/0x10 [ 1619.548705][T22346] netlink_sendmsg+0x8db/0xcb0 [ 1619.553558][T22346] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1619.558874][T22346] ? __import_iovec+0x536/0x820 [ 1619.563757][T22346] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1619.569058][T22346] ? security_socket_sendmsg+0x87/0xb0 [ 1619.574532][T22346] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1619.579822][T22346] __sock_sendmsg+0x221/0x270 [ 1619.584509][T22346] ____sys_sendmsg+0x525/0x7d0 [ 1619.589295][T22346] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1619.594603][T22346] __sys_sendmsg+0x2b0/0x3a0 [ 1619.599215][T22346] ? __pfx___sys_sendmsg+0x10/0x10 [ 1619.604364][T22346] ? vfs_write+0x7c4/0xc90 [ 1619.608826][T22346] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1619.615156][T22346] ? do_syscall_64+0x100/0x230 [ 1619.619932][T22346] ? do_syscall_64+0xb6/0x230 [ 1619.624641][T22346] do_syscall_64+0xf3/0x230 [ 1619.629192][T22346] ? clear_bhb_loop+0x35/0x90 [ 1619.633896][T22346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1619.639823][T22346] RIP: 0033:0x7f8a7bb75bd9 [ 1619.644248][T22346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1619.663857][T22346] RSP: 002b:00007f8a7c892048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1619.672279][T22346] RAX: ffffffffffffffda RBX: 00007f8a7bd03f60 RCX: 00007f8a7bb75bd9 [ 1619.680271][T22346] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005 [ 1619.688259][T22346] RBP: 00007f8a7c8920a0 R08: 0000000000000000 R09: 0000000000000000 [ 1619.696247][T22346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1619.704241][T22346] R13: 000000000000000b R14: 00007f8a7bd03f60 R15: 00007fffb5aecab8 [ 1619.712230][T22346] [ 1619.715342][ C1] vkms_vblank_simulate: vblank timer overrun [ 1619.779502][T22346] netlink: 16126 bytes leftover after parsing attributes in process `syz.3.4695'. [ 1619.827890][T22346] netlink: 105116 bytes leftover after parsing attributes in process `syz.3.4695'. [ 1619.912014][T22347] dummy0: entered promiscuous mode [ 1619.979434][T22347] dummy0: left promiscuous mode [ 1620.189805][T22286] chnl_net:caif_netlink_parms(): no params data found [ 1620.863803][T22364] Cannot find add_set index 0 as target [ 1621.038824][ T53] Bluetooth: hci1: command tx timeout [ 1621.207775][ T2820] hsr_slave_0: left promiscuous mode [ 1621.243195][ T2820] hsr_slave_1: left promiscuous mode [ 1621.263663][ T53] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 1621.270141][ T2820] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1621.317306][T22376] MTD: Attempt to mount non-MTD device "./file0" [ 1621.354073][ T2820] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1621.384842][ T2820] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1621.409269][ T2820] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1621.487727][ T2820] veth1_macvtap: left promiscuous mode [ 1621.495345][ T2820] veth0_macvtap: left promiscuous mode [ 1621.508758][ T2820] veth1_vlan: left promiscuous mode [ 1621.526848][ T2820] veth0_vlan: left promiscuous mode [ 1621.556779][T22380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4705'. [ 1622.158389][ T5142] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 1622.396805][ T29] audit: type=1326 audit(1720472629.157:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22389 comm="syz.4.4707" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9f56b75bd9 code=0x0 [ 1622.407913][ T5142] usb 3-1: Using ep0 maxpacket: 8 [ 1622.437921][ T5142] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 1622.456672][ T5142] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1622.465973][ T5142] usb 3-1: Product: syz [ 1622.470656][ T5142] usb 3-1: Manufacturer: syz [ 1622.475295][ T5142] usb 3-1: SerialNumber: syz [ 1622.491932][ T5142] usb 3-1: config 0 descriptor?? [ 1622.688512][T22395] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4708'. [ 1622.711969][ T5142] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 1622.914002][ T2820] team0 (unregistering): Port device team_slave_1 removed [ 1622.978379][ T2820] team0 (unregistering): Port device team_slave_0 removed [ 1623.118831][ T53] Bluetooth: hci1: command tx timeout [ 1623.540072][ T5142] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 1623.555660][ T5142] usb 3-1: USB disconnect, device number 39 [ 1623.798803][T22286] bridge0: port 1(bridge_slave_0) entered blocking state [ 1623.806141][T22286] bridge0: port 1(bridge_slave_0) entered disabled state [ 1623.813566][T22286] bridge_slave_0: entered allmulticast mode [ 1623.821266][T22286] bridge_slave_0: entered promiscuous mode [ 1623.832187][T22286] bridge0: port 2(bridge_slave_1) entered blocking state [ 1623.853111][T22286] bridge0: port 2(bridge_slave_1) entered disabled state [ 1623.862480][T22286] bridge_slave_1: entered allmulticast mode [ 1623.898864][T22286] bridge_slave_1: entered promiscuous mode [ 1624.208385][T22286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1624.493283][T22286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1624.558159][T18926] usb 1-1: new high-speed USB device number 125 using dummy_hcd [ 1624.649233][T22286] team0: Port device team_slave_0 added [ 1624.675409][T22286] team0: Port device team_slave_1 added [ 1624.892909][T18926] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1624.908129][T18926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1625.101678][T18926] usb 1-1: config 0 descriptor?? [ 1625.280075][ T53] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 1625.389108][ T53] Bluetooth: hci3: Injecting HCI hardware error event [ 1625.514541][ T53] Bluetooth: hci3: hardware error 0x00 [ 1625.757295][T22286] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1625.770061][ T2820] IPVS: stop unused estimator thread 0... [ 1625.790599][T22286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1625.858172][T22286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1625.894497][T22286] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1625.911903][T22286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1625.943407][T22286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1625.952002][T22422] FAULT_INJECTION: forcing a failure. [ 1625.952002][T22422] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1625.975602][T22422] CPU: 1 PID: 22422 Comm: syz.4.4717 Not tainted 6.10.0-rc7-syzkaller #0 [ 1625.984078][T22422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1625.994254][T22422] Call Trace: [ 1625.997564][T22422] [ 1626.000522][T22422] dump_stack_lvl+0x241/0x360 [ 1626.005251][T22422] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1626.010502][T22422] ? __pfx__printk+0x10/0x10 [ 1626.015147][T22422] ? __pfx_lock_release+0x10/0x10 [ 1626.020227][T22422] should_fail_ex+0x3b0/0x4e0 [ 1626.024956][T22422] _copy_from_user+0x2f/0xe0 [ 1626.029587][T22422] copy_msghdr_from_user+0xae/0x680 [ 1626.034852][T22422] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1626.040716][T22422] __sys_sendmsg+0x23d/0x3a0 [ 1626.045357][T22422] ? __pfx___sys_sendmsg+0x10/0x10 [ 1626.050521][T22422] ? vfs_write+0x7c4/0xc90 [ 1626.055035][T22422] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1626.061408][T22422] ? do_syscall_64+0x100/0x230 [ 1626.066236][T22422] ? do_syscall_64+0xb6/0x230 [ 1626.070969][T22422] do_syscall_64+0xf3/0x230 [ 1626.075526][T22422] ? clear_bhb_loop+0x35/0x90 [ 1626.080298][T22422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1626.086275][T22422] RIP: 0033:0x7f9f56b75bd9 [ 1626.090727][T22422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1626.110648][T22422] RSP: 002b:00007f9f578fc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1626.119091][T22422] RAX: ffffffffffffffda RBX: 00007f9f56d03f60 RCX: 00007f9f56b75bd9 [ 1626.127110][T22422] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1626.135205][T22422] RBP: 00007f9f578fc0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1626.143194][T22422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1626.151195][T22422] R13: 000000000000000b R14: 00007f9f56d03f60 R15: 00007ffcd5a2d278 [ 1626.159207][T22422] [ 1626.297689][T22286] hsr_slave_0: entered promiscuous mode [ 1626.305064][T22286] hsr_slave_1: entered promiscuous mode [ 1626.332801][T22286] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1626.359820][T22286] Cannot create hsr debugfs directory [ 1626.396211][T18926] [drm] vendor descriptor length:c3 data:49 02 da 4d 64 3c b6 11 e5 29 a7 [ 1626.405551][T18926] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1626.414411][T18926] [drm:udl_init] *ERROR* Selecting channel failed [ 1626.446211][T18926] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 1626.454490][T18926] [drm] Initialized udl on minor 2 [ 1626.461549][T18926] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1626.485008][T18926] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1626.492666][T14472] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1626.503092][T18926] usb 1-1: USB disconnect, device number 125 [ 1626.509435][T14472] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1626.626210][ T5140] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 1626.673515][T22431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4720'. [ 1626.694997][T22431] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1626.703961][T22431] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1626.713063][T22431] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1626.722805][T22431] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1626.825892][ T5140] usb 5-1: Using ep0 maxpacket: 32 [ 1626.834560][ T5140] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1626.851610][ T5140] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1626.873989][ T5140] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1626.937237][T22433] can: request_module (can-proto-4) failed. [ 1627.006346][ T5140] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 1627.016911][ T5140] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 1627.032852][ T5140] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1627.043100][ T5140] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1627.051753][ T5140] usb 5-1: Product: syz [ 1627.057170][ T5140] usb 5-1: Manufacturer: syz [ 1627.061853][ T5140] usb 5-1: SerialNumber: syz [ 1628.038629][ T53] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 1628.049859][ T5140] cdc_ncm 5-1:1.0: bind() failure [ 1628.059340][ T5140] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 1628.068621][ T5140] cdc_ncm 5-1:1.1: bind() failure [ 1628.085665][ T5140] usb 5-1: USB disconnect, device number 16 [ 1628.144847][T22286] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1628.169413][T22286] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1628.194032][T22286] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1628.219214][T22286] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1628.305286][T14472] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 1628.344966][T22449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4725'. [ 1628.442993][T22286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1628.644956][T14472] usb 4-1: Using ep0 maxpacket: 8 [ 1629.105405][T22286] 8021q: adding VLAN 0 to HW filter on device team0 [ 1629.159385][T14472] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 1629.174170][T14472] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1629.196564][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 1629.203790][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1629.205812][T14472] usb 4-1: Product: syz [ 1629.236755][T14472] usb 4-1: Manufacturer: syz [ 1629.243737][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 1629.250980][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1629.256311][T14472] usb 4-1: SerialNumber: syz [ 1629.292114][T14472] usb 4-1: config 0 descriptor?? [ 1629.351923][T22457] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1629.440832][T22286] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1629.523895][T14472] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 1629.814761][ T5140] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 1629.836397][T22463] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 1630.085925][ T5140] usb 5-1: too many configurations: 12, using maximum allowed: 8 [ 1630.160745][T22286] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1630.254679][ T46] usb 1-1: new high-speed USB device number 126 using dummy_hcd [ 1630.304651][ T5140] usb 5-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 1630.356432][ T5140] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1630.429712][T14472] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 1630.432114][ T5140] usb 5-1: config 0 descriptor?? [ 1630.461629][T22286] veth0_vlan: entered promiscuous mode [ 1630.483462][T14472] usb 4-1: USB disconnect, device number 15 [ 1630.499034][ T46] usb 1-1: too many configurations: 12, using maximum allowed: 8 [ 1630.532344][T22286] veth1_vlan: entered promiscuous mode [ 1630.592700][ T46] usb 1-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 1630.658131][ T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1630.689419][T22286] veth0_macvtap: entered promiscuous mode [ 1630.737468][ T46] usb 1-1: config 0 descriptor?? [ 1630.752700][T22286] veth1_macvtap: entered promiscuous mode [ 1630.837533][T22458] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(9) [ 1630.844121][T22458] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1630.875575][T22458] vhci_hcd vhci_hcd.0: Device attached [ 1630.877824][T22474] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4731'. [ 1630.922561][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1630.965654][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1630.982186][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1631.012627][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.026118][T22458] program syz.4.4727 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1631.085236][T14472] vhci_hcd: vhci_device speed not set [ 1631.090874][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1631.145519][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.183992][T14472] usb 17-2: new full-speed USB device number 12 using vhci_hcd [ 1631.191867][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1631.250412][T22464] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(7) [ 1631.256998][T22464] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 1631.277752][T22464] vhci_hcd vhci_hcd.0: Device attached [ 1631.283996][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.326061][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1631.371317][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.443849][T22286] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1631.487282][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1631.538365][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.606170][T22480] usbip_core: unknown command [ 1631.610801][T22464] program syz.0.4729 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1631.620362][T22480] vhci_hcd: unknown pdu 875030199 [ 1631.620383][T22480] usbip_core: unknown command [ 1631.632446][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1631.653676][ T2839] vhci_hcd: stop threads [ 1631.681573][ T2839] vhci_hcd: release socket [ 1631.693867][ T2839] vhci_hcd: disconnect device [ 1631.700302][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.732374][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1631.757886][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.796763][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1631.861183][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.913581][T22286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1631.928126][T22286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1631.952615][T22286] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1632.011191][T22286] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1632.023373][ T9795] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 1632.045087][T22286] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1632.061797][T22286] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1632.072442][T22286] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1632.431189][ T9795] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1632.598712][T22491] FAULT_INJECTION: forcing a failure. [ 1632.598712][T22491] name failslab, interval 1, probability 0, space 0, times 0 [ 1632.611637][T22491] CPU: 1 PID: 22491 Comm: syz.3.4734 Not tainted 6.10.0-rc7-syzkaller #0 [ 1632.624183][T22491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1632.634277][T22491] Call Trace: [ 1632.637580][T22491] [ 1632.640532][T22491] dump_stack_lvl+0x241/0x360 [ 1632.645261][T22491] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1632.650502][T22491] ? __pfx__printk+0x10/0x10 [ 1632.655146][T22491] ? __pfx___might_resched+0x10/0x10 [ 1632.660913][T22491] should_fail_ex+0x3b0/0x4e0 [ 1632.665636][T22491] ? alloc_bprm+0x81/0xa40 [ 1632.670105][T22491] should_failslab+0x9/0x20 [ 1632.674659][T22491] kmalloc_trace_noprof+0x6c/0x2c0 [ 1632.679843][T22491] alloc_bprm+0x81/0xa40 [ 1632.684141][T22491] ? __phys_addr_symbol+0x2f/0x70 [ 1632.689233][T22491] ? __check_object_size+0x49c/0x900 [ 1632.694569][T22491] ? __might_fault+0xc6/0x120 [ 1632.699296][T22491] do_execveat_common+0x1b3/0x700 [ 1632.704376][T22491] __x64_sys_execve+0x92/0xb0 [ 1632.709100][T22491] do_syscall_64+0xf3/0x230 [ 1632.713645][T22491] ? clear_bhb_loop+0x35/0x90 [ 1632.718451][T22491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1632.724387][T22491] RIP: 0033:0x7f8a7bb75bd9 [ 1632.728833][T22491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1632.748472][T22491] RSP: 002b:00007f8a7b5ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1632.756928][T22491] RAX: ffffffffffffffda RBX: 00007f8a7bd04110 RCX: 00007f8a7bb75bd9 [ 1632.764960][T22491] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 1632.772983][T22491] RBP: 00007f8a7b5ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1632.781001][T22491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1632.789103][T22491] R13: 000000000000006e R14: 00007f8a7bd04110 R15: 00007fffb5aecab8 [ 1632.797135][T22491] [ 1632.991636][ T9795] usb 3-1: New USB device found, idVendor=0bb4, idProduct=0a04, bcdDevice=a3.91 [ 1633.026099][ T9795] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1633.169278][ T9795] usb 3-1: Product: syz [ 1633.176271][ T9795] usb 3-1: Manufacturer: syz [ 1633.180993][ T9795] usb 3-1: SerialNumber: syz [ 1633.207068][ T9795] usb 3-1: config 0 descriptor?? [ 1633.342129][ T2820] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1633.398389][ T2820] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1634.607104][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1635.493050][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1635.597644][ T5140] usb 5-1: string descriptor 0 read error: -32 [ 1635.747450][T22500] netlink: 'syz.3.4736': attribute type 1 has an invalid length. [ 1635.842946][ T46] usb 1-1: string descriptor 0 read error: -32 [ 1635.866082][T22475] vhci_hcd: connection reset by peer [ 1635.913328][ T5140] usb 5-1: USB disconnect, device number 17 [ 1635.929680][ T965] vhci_hcd: stop threads [ 1635.948567][ T965] vhci_hcd: release socket [ 1635.987514][ T965] vhci_hcd: disconnect device [ 1636.082667][T22506] loop0: detected capacity change from 0 to 7 [ 1636.115255][ T46] usb 1-1: USB disconnect, device number 126 [ 1636.134775][T22506] Dev loop0: unable to read RDB block 7 [ 1636.140992][T22506] loop0: AHDI p2 p3 p4 [ 1636.170677][T22506] loop0: partition table partially beyond EOD, truncated [ 1636.194417][T22506] loop0: p2 start 83886080 is beyond EOD, truncated [ 1636.212686][T22506] loop0: p3 start 6514546 is beyond EOD, truncated [ 1636.662365][T14472] vhci_hcd: vhci_device speed not set [ 1637.151019][ T9795] usb 3-1: USB disconnect, device number 40 [ 1637.338834][T22526] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4744'. [ 1637.372937][T22524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4743'. [ 1639.470231][ T9795] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 1639.830596][ T9795] usb 3-1: New USB device found, idVendor=0c45, idProduct=62b0, bcdDevice=46.75 [ 1639.859396][ T9795] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1639.872682][ T9795] usb 3-1: config 0 descriptor?? [ 1640.032121][ T9795] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:62b0 [ 1640.555579][ T9795] gspca_sn9c20x: Write register 1000 failed -110 [ 1640.727243][ T9795] gspca_sn9c20x: Device initialization failed [ 1640.743892][ T9795] gspca_sn9c20x 3-1:0.0: probe with driver gspca_sn9c20x failed with error -110 [ 1642.936106][T22581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4759'. [ 1643.020579][ T9795] usb 3-1: USB disconnect, device number 41 [ 1643.358864][ T46] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 1643.368143][T22593] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4763'. [ 1643.568069][ T46] usb 4-1: Using ep0 maxpacket: 8 [ 1643.589525][ T46] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 1643.614309][ T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1643.637988][ T46] usb 4-1: config 0 descriptor?? [ 1643.862944][ T46] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 1643.981134][T19448] usb 1-1: new high-speed USB device number 127 using dummy_hcd [ 1644.877335][T19448] usb 1-1: device descriptor read/64, error -71 [ 1645.338000][T22624] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4773'. [ 1645.547295][T19448] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 1646.135843][T22629] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4775'. [ 1646.147058][T19448] usb 1-1: device descriptor read/64, error -71 [ 1646.267102][T19448] usb usb1-port1: attempt power cycle [ 1646.390027][ T46] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 1646.416856][ T46] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0306: ffffffb9 [ 1646.435874][ T46] asix 4-1:0.0: probe with driver asix failed with error -71 [ 1646.465648][ T46] usb 4-1: USB disconnect, device number 16 [ 1646.508747][ T53] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 1648.028507][T22665] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4787'. [ 1648.268569][T22669] FAULT_INJECTION: forcing a failure. [ 1648.268569][T22669] name failslab, interval 1, probability 0, space 0, times 0 [ 1648.311597][T22669] CPU: 1 PID: 22669 Comm: syz.1.4788 Not tainted 6.10.0-rc7-syzkaller #0 [ 1648.320168][T22669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1648.330248][T22669] Call Trace: [ 1648.333558][T22669] [ 1648.336519][T22669] dump_stack_lvl+0x241/0x360 [ 1648.341274][T22669] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1648.346522][T22669] ? __pfx__printk+0x10/0x10 [ 1648.351164][T22669] ? netlink_insert+0x10b7/0x14b0 [ 1648.356236][T22669] should_fail_ex+0x3b0/0x4e0 [ 1648.360964][T22669] ? __alloc_skb+0x1c3/0x440 [ 1648.365593][T22669] should_failslab+0x9/0x20 [ 1648.370132][T22669] kmem_cache_alloc_node_noprof+0x71/0x320 [ 1648.375960][T22669] __alloc_skb+0x1c3/0x440 [ 1648.380391][T22669] ? __pfx___alloc_skb+0x10/0x10 [ 1648.385342][T22669] ? netlink_autobind+0xd6/0x2f0 [ 1648.390299][T22669] ? netlink_autobind+0x2b0/0x2f0 [ 1648.395343][T22669] netlink_sendmsg+0x631/0xcb0 [ 1648.400132][T22669] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1648.405437][T22669] ? __import_iovec+0x536/0x820 [ 1648.410314][T22669] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1648.415626][T22669] ? security_socket_sendmsg+0x87/0xb0 [ 1648.421127][T22669] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1648.426443][T22669] __sock_sendmsg+0x221/0x270 [ 1648.431150][T22669] ____sys_sendmsg+0x525/0x7d0 [ 1648.435936][T22669] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1648.441262][T22669] __sys_sendmsg+0x2b0/0x3a0 [ 1648.445881][T22669] ? __pfx___sys_sendmsg+0x10/0x10 [ 1648.451022][T22669] ? vfs_write+0x7c4/0xc90 [ 1648.455500][T22669] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1648.461932][T22669] ? do_syscall_64+0x100/0x230 [ 1648.466721][T22669] ? do_syscall_64+0xb6/0x230 [ 1648.471427][T22669] do_syscall_64+0xf3/0x230 [ 1648.475948][T22669] ? clear_bhb_loop+0x35/0x90 [ 1648.480646][T22669] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1648.486553][T22669] RIP: 0033:0x7f673dd75bd9 [ 1648.490979][T22669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1648.510593][T22669] RSP: 002b:00007f673eb03048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1648.519022][T22669] RAX: ffffffffffffffda RBX: 00007f673df03f60 RCX: 00007f673dd75bd9 [ 1648.527005][T22669] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 000000000000000b [ 1648.534980][T22669] RBP: 00007f673eb030a0 R08: 0000000000000000 R09: 0000000000000000 [ 1648.542987][T22669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1648.550965][T22669] R13: 000000000000000b R14: 00007f673df03f60 R15: 00007ffcad79d7e8 [ 1648.558959][T22669] [ 1649.005557][ T46] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 1650.118156][ T46] usb 2-1: Using ep0 maxpacket: 8 [ 1650.129323][ T46] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 1650.138678][ T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1650.164735][ T46] usb 2-1: Product: syz [ 1650.169040][ T46] usb 2-1: Manufacturer: syz [ 1650.175705][ T46] usb 2-1: SerialNumber: syz [ 1650.226438][ T46] usb 2-1: config 0 descriptor?? [ 1650.441529][ T46] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 1650.546651][ T53] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 1650.556553][ T53] Bluetooth: hci1: Injecting HCI hardware error event [ 1650.570130][ T53] Bluetooth: hci1: hardware error 0x00 [ 1651.267300][T22704] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4796'. [ 1651.338224][ T46] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 1651.376750][ T46] usb 2-1: USB disconnect, device number 32 [ 1651.775075][T22711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4802'. [ 1652.074505][T22723] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4806'. [ 1652.154391][ T46] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 1652.314236][ T9795] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 1652.515682][ T9795] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1652.540209][ T9795] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1652.565904][ T9795] usb 3-1: config 0 descriptor?? [ 1652.574049][ T46] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1652.585301][ T46] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1652.595383][ T46] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1652.595747][T22731] FAULT_INJECTION: forcing a failure. [ 1652.595747][T22731] name failslab, interval 1, probability 0, space 0, times 0 [ 1652.605305][ T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1652.626627][ T53] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 1652.639138][T22731] CPU: 0 PID: 22731 Comm: syz.3.4811 Not tainted 6.10.0-rc7-syzkaller #0 [ 1652.641403][T22715] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 1652.647613][T22731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1652.664819][T22731] Call Trace: [ 1652.668104][T22731] [ 1652.671067][T22731] dump_stack_lvl+0x241/0x360 [ 1652.675795][T22731] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1652.681045][T22731] ? __pfx__printk+0x10/0x10 [ 1652.685701][T22731] should_fail_ex+0x3b0/0x4e0 [ 1652.690442][T22731] ? __alloc_skb+0x1c3/0x440 [ 1652.695194][T22731] should_failslab+0x9/0x20 [ 1652.699746][T22731] kmem_cache_alloc_node_noprof+0x71/0x320 [ 1652.705604][T22731] __alloc_skb+0x1c3/0x440 [ 1652.710069][T22731] ? __pfx___alloc_skb+0x10/0x10 [ 1652.715048][T22731] xfrm_send_acquire+0x14d/0x1240 [ 1652.720093][T22731] ? lockdep_init_map_type+0xa1/0x910 [ 1652.725472][T22731] ? __pfx_xfrm_send_acquire+0x10/0x10 [ 1652.730985][T22731] ? __pfx_lock_release+0x10/0x10 [ 1652.736023][T22731] ? xfrm_init_tempstate+0xa6b/0x1240 [ 1652.741430][T22731] ? km_query+0x30/0x220 [ 1652.745688][T22731] km_query+0x120/0x220 [ 1652.749854][T22731] ? km_query+0x30/0x220 [ 1652.754132][T22731] xfrm_state_find+0x328e/0x4de0 [ 1652.759119][T22731] ? __pfx_validate_chain+0x10/0x10 [ 1652.764340][T22731] ? __lock_acquire+0x1346/0x1fd0 [ 1652.769379][T22731] ? xfrm_state_find+0x42f/0x4de0 [ 1652.774423][T22731] ? __pfx_xfrm_state_find+0x10/0x10 [ 1652.779721][T22731] ? mark_lock+0x9a/0x350 [ 1652.784064][T22731] ? __lock_acquire+0x1346/0x1fd0 [ 1652.789113][T22731] ? __lock_acquire+0x1346/0x1fd0 [ 1652.794155][T22731] xfrm_resolve_and_create_bundle+0x6d2/0x2c80 [ 1652.800346][T22731] ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10 [ 1652.806969][T22731] ? xfrm_sk_policy_lookup+0x7ef/0x840 [ 1652.812442][T22731] ? xfrm_sk_policy_lookup+0x93/0x840 [ 1652.817839][T22731] ? __pfx_lock_release+0x10/0x10 [ 1652.822871][T22731] ? xfrm_expand_policies+0x3fb/0x690 [ 1652.828276][T22731] xfrm_lookup_with_ifid+0x334/0x1ed0 [ 1652.833697][T22731] ? ip_route_output_key_hash+0x226/0x2b0 [ 1652.839429][T22731] ? __pfx_xfrm_lookup_with_ifid+0x10/0x10 [ 1652.845261][T22731] ? ip_route_output_key_hash+0xdf/0x2b0 [ 1652.850905][T22731] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 1652.857017][T22731] ? rcuref_put+0x1e3/0x240 [ 1652.861560][T22731] xfrm_lookup_route+0x3c/0x1c0 [ 1652.866439][T22731] __ip4_datagram_connect+0x96c/0x1260 [ 1652.871957][T22731] __ip6_datagram_connect+0x194/0x1230 [ 1652.877434][T22731] ? __pfx___ip6_datagram_connect+0x10/0x10 [ 1652.883335][T22731] ? ip6_datagram_connect_v6_only+0x55/0xa0 [ 1652.889243][T22731] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 1652.894968][T22731] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1652.900199][T22731] ip6_datagram_connect_v6_only+0x63/0xa0 [ 1652.905937][T22731] __sys_connect+0x2df/0x310 [ 1652.910545][T22731] ? __pfx___sys_connect+0x10/0x10 [ 1652.915682][T22731] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1652.922022][T22731] ? do_syscall_64+0x100/0x230 [ 1652.926810][T22731] __x64_sys_connect+0x7a/0x90 [ 1652.931587][T22731] do_syscall_64+0xf3/0x230 [ 1652.936109][T22731] ? clear_bhb_loop+0x35/0x90 [ 1652.940811][T22731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1652.946742][T22731] RIP: 0033:0x7f8a7bb75bd9 [ 1652.951164][T22731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1652.970787][T22731] RSP: 002b:00007f8a7c892048 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 1652.979219][T22731] RAX: ffffffffffffffda RBX: 00007f8a7bd03f60 RCX: 00007f8a7bb75bd9 [ 1652.987206][T22731] RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000004 [ 1652.995289][T22731] RBP: 00007f8a7c8920a0 R08: 0000000000000000 R09: 0000000000000000 [ 1653.003274][T22731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1653.011259][T22731] R13: 000000000000000b R14: 00007f8a7bd03f60 R15: 00007fffb5aecab8 [ 1653.019291][T22731] [ 1653.490722][ T46] usb 5-1: USB disconnect, device number 18 [ 1653.687392][ T9795] [drm] vendor descriptor length:c3 data:41 02 da 4d 64 3c b6 11 e5 29 a7 [ 1653.700373][ T9795] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1653.886139][ T9795] [drm:udl_init] *ERROR* Selecting channel failed [ 1653.907053][ T9795] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2 [ 1653.932776][ T9795] [drm] Initialized udl on minor 2 [ 1653.951658][ T9795] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1653.975586][ T9795] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 1653.989920][T19448] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1654.003276][ T9795] usb 3-1: USB disconnect, device number 42 [ 1654.019665][T19448] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 1654.284980][T22751] loop0: detected capacity change from 0 to 7 [ 1654.297381][T22751] Dev loop0: unable to read RDB block 7 [ 1654.312925][T22751] loop0: AHDI p1 p2 p3 [ 1654.322197][T22751] loop0: partition table partially beyond EOD, truncated [ 1654.332159][T22751] loop0: p1 start 83886080 is beyond EOD, truncated [ 1654.345500][T22751] loop0: p2 start 6514546 is beyond EOD, truncated [ 1654.463304][T22756] binder: 22755:22756 ioctl 540f 20000280 returned -22 [ 1654.486688][T22756] binder: 22755:22756 ioctl c00c620f 20000180 returned -22 [ 1654.826044][T22764] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4821'. [ 1654.847366][T22763] FAULT_INJECTION: forcing a failure. [ 1654.847366][T22763] name failslab, interval 1, probability 0, space 0, times 0 [ 1654.866465][T22763] CPU: 1 PID: 22763 Comm: syz.3.4822 Not tainted 6.10.0-rc7-syzkaller #0 [ 1654.874938][T22763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1654.885020][T22763] Call Trace: [ 1654.888321][T22763] [ 1654.891271][T22763] dump_stack_lvl+0x241/0x360 [ 1654.895995][T22763] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1654.901228][T22763] ? __pfx__printk+0x10/0x10 [ 1654.905862][T22763] ? __pfx___might_resched+0x10/0x10 [ 1654.911193][T22763] should_fail_ex+0x3b0/0x4e0 [ 1654.915912][T22763] ? __d_alloc+0x31/0x700 [ 1654.920276][T22763] should_failslab+0x9/0x20 [ 1654.924898][T22763] kmem_cache_alloc_lru_noprof+0x71/0x2b0 [ 1654.930659][T22763] __d_alloc+0x31/0x700 [ 1654.934944][T22763] d_alloc_parallel+0xdf/0x1600 [ 1654.939838][T22763] ? __asan_memset+0x23/0x50 [ 1654.944468][T22763] ? __asan_memset+0x23/0x50 [ 1654.949098][T22763] ? lockdep_init_map_type+0xa1/0x910 [ 1654.954505][T22763] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 1654.960340][T22763] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1654.965765][T22763] ? __init_waitqueue_head+0xae/0x150 [ 1654.971171][T22763] proc_fill_cache+0x296/0x420 [ 1654.975970][T22763] ? __pfx_lock_acquire+0x10/0x10 [ 1654.981026][T22763] ? __pfx_proc_ns_instantiate+0x10/0x10 [ 1654.986705][T22763] ? __pfx_proc_fill_cache+0x10/0x10 [ 1654.992022][T22763] ? trace_contention_end+0x3c/0x120 [ 1654.997364][T22763] ? __mutex_lock+0x2ef/0xd70 [ 1655.002115][T22763] ? get_pid_task+0x23/0x1f0 [ 1655.006749][T22763] proc_ns_dir_readdir+0x368/0x470 [ 1655.012000][T22763] iterate_dir+0x57a/0x810 [ 1655.016511][T22763] __se_sys_getdents+0x1ef/0x4d0 [ 1655.021515][T22763] ? __pfx___se_sys_getdents+0x10/0x10 [ 1655.027031][T22763] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1655.033055][T22763] ? __pfx_filldir+0x10/0x10 [ 1655.037693][T22763] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1655.044932][T22763] ? do_syscall_64+0x100/0x230 [ 1655.049750][T22763] ? do_syscall_64+0xb6/0x230 [ 1655.054482][T22763] do_syscall_64+0xf3/0x230 [ 1655.059035][T22763] ? clear_bhb_loop+0x35/0x90 [ 1655.063771][T22763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1655.069801][T22763] RIP: 0033:0x7f8a7bb75bd9 [ 1655.074344][T22763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1655.093992][T22763] RSP: 002b:00007f8a7c892048 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 1655.102720][T22763] RAX: ffffffffffffffda RBX: 00007f8a7bd03f60 RCX: 00007f8a7bb75bd9 [ 1655.110736][T22763] RDX: 00000000000000b8 RSI: 0000000020001fc0 RDI: 0000000000000004 [ 1655.118743][T22763] RBP: 00007f8a7c8920a0 R08: 0000000000000000 R09: 0000000000000000 [ 1655.126749][T22763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1655.132437][T14472] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 1655.134731][T22763] R13: 000000000000000b R14: 00007f8a7bd03f60 R15: 00007fffb5aecab8 [ 1655.134774][T22763] [ 1655.332395][T14472] usb 1-1: Using ep0 maxpacket: 8 [ 1655.352838][T14472] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 1655.388936][T14472] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1655.406273][T14472] usb 1-1: Product: syz [ 1655.426683][T14472] usb 1-1: Manufacturer: syz [ 1655.449812][T14472] usb 1-1: SerialNumber: syz [ 1655.488229][T14472] usb 1-1: config 0 descriptor?? [ 1656.003916][T14472] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 1656.444086][T22790] binder: 22789:22790 ioctl 540f 20000280 returned -22 [ 1656.453504][T22790] binder: 22789:22790 ioctl c00c620f 20000180 returned -22 [ 1656.519842][T22793] usb usb8: usbfs: process 22793 (syz.3.4833) did not claim interface 6 before use [ 1656.858916][T14472] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 1656.886465][T14472] usb 1-1: USB disconnect, device number 4 [ 1657.337056][T22803] Cannot find add_set index 0 as target [ 1657.603960][T22813] FAULT_INJECTION: forcing a failure. [ 1657.603960][T22813] name failslab, interval 1, probability 0, space 0, times 0 [ 1657.629302][T22813] CPU: 1 PID: 22813 Comm: syz.2.4839 Not tainted 6.10.0-rc7-syzkaller #0 [ 1657.637790][T22813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1657.647847][T22813] Call Trace: [ 1657.651198][T22813] [ 1657.654167][T22813] dump_stack_lvl+0x241/0x360 [ 1657.658902][T22813] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1657.664154][T22813] ? __pfx__printk+0x10/0x10 [ 1657.668813][T22813] should_fail_ex+0x3b0/0x4e0 [ 1657.673549][T22813] ? asymmetric_lookup_restriction+0x490/0x560 [ 1657.679753][T22813] should_failslab+0x9/0x20 [ 1657.684305][T22813] kmalloc_trace_noprof+0x6c/0x2c0 [ 1657.689468][T22813] asymmetric_lookup_restriction+0x490/0x560 [ 1657.695495][T22813] ? __pfx_restrict_link_by_key_or_keyring+0x10/0x10 [ 1657.702748][T22813] ? __pfx_asymmetric_lookup_restriction+0x10/0x10 [ 1657.709301][T22813] ? __might_fault+0xaa/0x120 [ 1657.714283][T22813] ? __pfx_lock_release+0x10/0x10 [ 1657.719350][T22813] ? __pfx_asymmetric_lookup_restriction+0x10/0x10 [ 1657.725937][T22813] keyring_restrict+0x1e7/0x670 [ 1657.730934][T22813] ? __might_fault+0xc6/0x120 [ 1657.735671][T22813] ? __pfx_keyring_restrict+0x10/0x10 [ 1657.741092][T22813] ? _copy_from_user+0xa6/0xe0 [ 1657.745932][T22813] ? memdup_user+0x9f/0xc0 [ 1657.750398][T22813] keyctl_restrict_keyring+0x170/0x290 [ 1657.755914][T22813] ? __pfx_lock_release+0x10/0x10 [ 1657.760983][T22813] ? __pfx_keyctl_restrict_keyring+0x10/0x10 [ 1657.767010][T22813] ? vfs_write+0x7c4/0xc90 [ 1657.771486][T22813] __se_sys_keyctl+0x2d4/0xa50 [ 1657.776297][T22813] ? __pfx___se_sys_keyctl+0x10/0x10 [ 1657.781632][T22813] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1657.787670][T22813] ? __fget_files+0x3f6/0x470 [ 1657.792411][T22813] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1657.798449][T22813] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1657.804843][T22813] ? do_syscall_64+0x100/0x230 [ 1657.809670][T22813] ? __x64_sys_keyctl+0x20/0xc0 [ 1657.814573][T22813] do_syscall_64+0xf3/0x230 [ 1657.819135][T22813] ? clear_bhb_loop+0x35/0x90 [ 1657.823867][T22813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1657.829811][T22813] RIP: 0033:0x7f1878175bd9 [ 1657.834272][T22813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1657.853922][T22813] RSP: 002b:00007f1878ea7048 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1657.862387][T22813] RAX: ffffffffffffffda RBX: 00007f1878304038 RCX: 00007f1878175bd9 [ 1657.870408][T22813] RDX: 0000000020001780 RSI: 000000002d00771b RDI: 000000000000001d [ 1657.878426][T22813] RBP: 00007f1878ea70a0 R08: 0000000000000000 R09: 0000000000000000 [ 1657.886440][T22813] R10: 0000000020000500 R11: 0000000000000246 R12: 0000000000000001 [ 1657.894488][T22813] R13: 000000000000006e R14: 00007f1878304038 R15: 00007fffedf4f7a8 [ 1657.902523][T22813] [ 1658.532358][T22819] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4842'. [ 1658.852399][T22827] binder: 22821:22827 ioctl 540f 20000280 returned -22 [ 1658.888886][ T25] kernel write not supported for file /vcs (pid: 25 comm: kworker/1:0) [ 1658.892054][T22827] binder: 22821:22827 ioctl c00c620f 20000180 returned -22 [ 1659.205685][T22839] Cannot find add_set index 0 as target [ 1659.846938][ T29] audit: type=1326 audit(1720472666.645:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1659.884763][ T29] audit: type=1326 audit(1720472666.645:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1659.917049][ T29] audit: type=1326 audit(1720472666.645:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1660.056531][ T29] audit: type=1326 audit(1720472666.645:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1660.082346][T22859] binder: 22858:22859 ioctl 540f 20000280 returned -22 [ 1660.112369][T22859] binder: 22858:22859 ioctl c00c620f 20000180 returned -22 [ 1660.138268][ T29] audit: type=1326 audit(1720472666.645:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1660.234884][ T29] audit: type=1326 audit(1720472666.645:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1660.297444][ T29] audit: type=1326 audit(1720472666.645:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1660.356004][ T29] audit: type=1326 audit(1720472666.645:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1660.369967][T22868] Cannot find add_set index 0 as target [ 1660.409600][ T29] audit: type=1326 audit(1720472666.645:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1660.466939][ T29] audit: type=1326 audit(1720472666.645:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22855 comm="syz.3.4855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a7bb75bd9 code=0x7ffc0000 [ 1660.810178][T22879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4861'. [ 1662.090286][T22898] FAULT_INJECTION: forcing a failure. [ 1662.090286][T22898] name failslab, interval 1, probability 0, space 0, times 0 [ 1662.103081][T22898] CPU: 1 PID: 22898 Comm: syz.3.4865 Not tainted 6.10.0-rc7-syzkaller #0 [ 1662.111528][T22898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1662.121605][T22898] Call Trace: [ 1662.124906][T22898] [ 1662.127862][T22898] dump_stack_lvl+0x241/0x360 [ 1662.132586][T22898] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1662.137825][T22898] ? __pfx__printk+0x10/0x10 [ 1662.142465][T22898] should_fail_ex+0x3b0/0x4e0 [ 1662.147190][T22898] ? kstrdup_quotable+0x1b0/0x5e0 [ 1662.152243][T22898] should_failslab+0x9/0x20 [ 1662.156776][T22898] __kmalloc_noprof+0xd8/0x400 [ 1662.161645][T22898] kstrdup_quotable+0x1b0/0x5e0 [ 1662.166535][T22898] ? lockdep_hardirqs_on+0x99/0x150 [ 1662.171781][T22898] ? __pfx_kstrdup_quotable+0x10/0x10 [ 1662.177205][T22898] ? kstrdup_quotable_cmdline+0x1a6/0x340 [ 1662.182963][T22898] kstrdup_quotable_cmdline+0x2cf/0x340 [ 1662.188554][T22898] __report_access+0x7c/0x380 [ 1662.193285][T22898] ? _raw_spin_unlock_irq+0x23/0x50 [ 1662.198532][T22898] ? lockdep_hardirqs_on+0x99/0x150 [ 1662.203779][T22898] task_work_run+0x24f/0x310 [ 1662.208415][T22898] ? __pfx_task_work_run+0x10/0x10 [ 1662.213602][T22898] ? syscall_exit_to_user_mode+0xa3/0x360 [ 1662.219382][T22898] syscall_exit_to_user_mode+0x168/0x360 [ 1662.225070][T22898] do_syscall_64+0x100/0x230 [ 1662.229702][T22898] ? clear_bhb_loop+0x35/0x90 [ 1662.234423][T22898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1662.240358][T22898] RIP: 0033:0x7f8a7bb75bd9 [ 1662.244803][T22898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1662.264439][T22898] RSP: 002b:00007f8a7b5ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 1662.272892][T22898] RAX: ffffffffffffffff RBX: 00007f8a7bd04110 RCX: 00007f8a7bb75bd9 [ 1662.280898][T22898] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000004206 [ 1662.288899][T22898] RBP: 00007f8a7b5ff0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1662.297066][T22898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1662.305147][T22898] R13: 000000000000006e R14: 00007f8a7bd04110 R15: 00007fffb5aecab8 [ 1662.313169][T22898] [ 1662.317711][T22898] ptrace attach of "./syz-executor exec"[15883] was attempted by "(null)"[22898] [ 1662.759516][T22906] binder: 22904:22906 ioctl 540f 20000280 returned -22 [ 1662.791150][T22906] binder: 22904:22906 ioctl c00c620f 20000180 returned -22 [ 1662.928312][T22911] Cannot find add_set index 0 as target [ 1662.999950][T22914] netlink: 'syz.1.4874': attribute type 12 has an invalid length. [ 1663.020388][T22914] netlink: 'syz.1.4874': attribute type 11 has an invalid length. [ 1663.042747][T22914] netlink: 190580 bytes leftover after parsing attributes in process `syz.1.4874'. [ 1663.368714][ T9795] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 1663.474753][T22929] Bluetooth: MGMT ver 1.22 [ 1663.528947][T22931] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4878'. [ 1663.578414][ T9795] usb 2-1: Using ep0 maxpacket: 16 [ 1663.594306][ T9795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 1663.621804][ T9795] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 1663.631879][ T9795] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1663.642807][ T9795] usb 2-1: config 0 descriptor?? [ 1663.654365][T22933] overlayfs: failed to resolve 'smackfstransmute=': -2 [ 1663.757396][T22935] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4881'. [ 1664.200639][T22942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4882'. [ 1664.555659][T22945] binder: 22944:22945 ioctl 540f 20000280 returned -22 [ 1664.565317][T22945] binder: 22944:22945 ioctl c00c620f 20000180 returned -22 [ 1664.604491][T22947] Cannot find add_set index 0 as target [ 1664.616292][T22914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1664.656423][T22914] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1664.708293][ T9795] hid (null): unknown global tag 0xe [ 1664.713715][ T9795] hid (null): unknown global tag 0xd [ 1664.734552][ T9795] hid (null): report_id 37519 is invalid [ 1664.749944][ T9795] hid (null): invalid report_size -263569936 [ 1664.766300][ T9795] hid (null): invalid report_count 1957831799 [ 1664.782785][ T9795] hid (null): nested delimiters [ 1664.797137][ T9795] hid-generic 0003:0158:0100.001D: unknown main item tag 0x1 [ 1664.828385][ T9795] hid-generic 0003:0158:0100.001D: unexpected long global item [ 1664.871025][ T9795] hid-generic 0003:0158:0100.001D: probe with driver hid-generic failed with error -22 [ 1664.923019][ T9795] usb 2-1: USB disconnect, device number 33 [ 1665.666583][T22968] FAULT_INJECTION: forcing a failure. [ 1665.666583][T22968] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1665.708206][T22968] CPU: 1 PID: 22968 Comm: syz.1.4892 Not tainted 6.10.0-rc7-syzkaller #0 [ 1665.716670][T22968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1665.726742][T22968] Call Trace: [ 1665.730135][T22968] [ 1665.733090][T22968] dump_stack_lvl+0x241/0x360 [ 1665.737814][T22968] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1665.743051][T22968] ? __pfx__printk+0x10/0x10 [ 1665.747688][T22968] ? snprintf+0xda/0x120 [ 1665.751960][T22968] should_fail_ex+0x3b0/0x4e0 [ 1665.756682][T22968] _copy_to_user+0x2f/0xb0 [ 1665.761136][T22968] simple_read_from_buffer+0xca/0x150 [ 1665.766547][T22968] proc_fail_nth_read+0x1e9/0x250 [ 1665.771620][T22968] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1665.777205][T22968] ? rw_verify_area+0x520/0x6b0 [ 1665.782177][T22968] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1665.787756][T22968] vfs_read+0x204/0xbc0 [ 1665.791960][T22968] ? __pfx_lock_release+0x10/0x10 [ 1665.797018][T22968] ? __pfx_vfs_read+0x10/0x10 [ 1665.801735][T22968] ? __fget_files+0x29/0x470 [ 1665.806438][T22968] ? __fget_files+0x3f6/0x470 [ 1665.811164][T22968] ksys_read+0x1a0/0x2c0 [ 1665.815460][T22968] ? __pfx_ksys_read+0x10/0x10 [ 1665.820267][T22968] ? do_syscall_64+0x100/0x230 [ 1665.825069][T22968] ? do_syscall_64+0xb6/0x230 [ 1665.829786][T22968] do_syscall_64+0xf3/0x230 [ 1665.834325][T22968] ? clear_bhb_loop+0x35/0x90 [ 1665.839041][T22968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1665.844968][T22968] RIP: 0033:0x7f673dd746bc [ 1665.849410][T22968] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 1665.869045][T22968] RSP: 002b:00007f673eb03040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1665.877551][T22968] RAX: ffffffffffffffda RBX: 00007f673df03f60 RCX: 00007f673dd746bc [ 1665.885523][T22968] RDX: 000000000000000f RSI: 00007f673eb030b0 RDI: 0000000000000005 [ 1665.893491][T22968] RBP: 00007f673eb030a0 R08: 0000000000000000 R09: 0000000000000000 [ 1665.901475][T22968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1665.909443][T22968] R13: 000000000000000b R14: 00007f673df03f60 R15: 00007ffcad79d7e8 [ 1665.917424][T22968] [ 1666.186214][T22975] binder: 22973:22975 ioctl 540f 20000280 returned -22 [ 1666.239338][T22975] binder: 22973:22975 ioctl c00c620f 20000180 returned -22 [ 1666.362543][T22980] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4897'. [ 1666.470580][T22984] Cannot find add_set index 0 as target [ 1666.494318][ T5140] IPVS: starting estimator thread 0... [ 1666.539215][T22983] IPVS: rr: SCTP 127.0.0.1:0 - no destination available [ 1666.618300][T22985] IPVS: using max 24 ests per chain, 57600 per kthread [ 1666.886909][T22988] random: crng reseeded on system resumption [ 1667.447184][T22996] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4900'. [ 1667.696466][ T9795] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 1667.921177][ T9795] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1667.960456][ T9795] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1667.992038][ T9795] usb 4-1: config 0 descriptor?? [ 1668.453001][ T9795] [drm] vendor descriptor length:c3 data:49 02 da 4d 64 3c b6 11 e5 29 a7 [ 1668.493949][ T9795] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1668.613784][T23014] binder: 23013:23014 ioctl 540f 20000280 returned -22 [ 1668.632578][T23014] binder: 23013:23014 ioctl c00c620f 20000180 returned -22 [ 1668.654728][ T9795] [drm:udl_init] *ERROR* Selecting channel failed [ 1668.745688][ T9795] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 1668.753966][ T9795] [drm] Initialized udl on minor 2 [ 1668.775223][ T9795] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1668.798141][ T9795] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 1668.826599][T19448] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1668.853643][ T9795] usb 4-1: USB disconnect, device number 17 [ 1669.066087][T19448] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 1669.195662][T23025] Cannot find add_set index 0 as target [ 1669.288872][T23027] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4912'. [ 1669.418233][ T1249] ieee802154 phy0 wpan0: encryption failed: -22 [ 1669.425557][ T1249] ieee802154 phy1 wpan1: encryption failed: -22 [ 1670.249385][T23047] binder: 23046:23047 ioctl 540f 20000280 returned -22 [ 1670.318005][T23047] binder: 23046:23047 ioctl c00c620f 20000180 returned -22 [ 1670.731352][T23053] wireguard0: entered promiscuous mode [ 1670.744985][T23053] wireguard0: entered allmulticast mode [ 1670.994932][ T5140] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 1671.048984][T23059] Cannot find add_set index 0 as target [ 1671.187350][ T5140] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1671.200780][ T5140] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1671.244221][ T5140] usb 4-1: config 0 descriptor?? [ 1671.301194][T23063] FAULT_INJECTION: forcing a failure. [ 1671.301194][T23063] name failslab, interval 1, probability 0, space 0, times 0 [ 1671.343792][T23063] CPU: 0 PID: 23063 Comm: syz.1.4926 Not tainted 6.10.0-rc7-syzkaller #0 [ 1671.352283][T23063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1671.362387][T23063] Call Trace: [ 1671.365694][T23063] [ 1671.368650][T23063] dump_stack_lvl+0x241/0x360 [ 1671.373378][T23063] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1671.378626][T23063] ? __pfx__printk+0x10/0x10 [ 1671.383251][T23063] ? ref_tracker_alloc+0x332/0x490 [ 1671.388405][T23063] should_fail_ex+0x3b0/0x4e0 [ 1671.393106][T23063] ? skb_clone+0x20c/0x390 [ 1671.397543][T23063] should_failslab+0x9/0x20 [ 1671.402061][T23063] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1671.407453][T23063] skb_clone+0x20c/0x390 [ 1671.411726][T23063] __netlink_deliver_tap+0x3cc/0x7c0 [ 1671.417043][T23063] ? netlink_deliver_tap+0x2e/0x1b0 [ 1671.422260][T23063] netlink_deliver_tap+0x19d/0x1b0 [ 1671.427418][T23063] netlink_unicast+0x7b8/0x980 [ 1671.432291][T23063] ? __pfx_netlink_unicast+0x10/0x10 [ 1671.437591][T23063] ? __virt_addr_valid+0x183/0x520 [ 1671.442723][T23063] ? __check_object_size+0x49c/0x900 [ 1671.448026][T23063] ? bpf_lsm_netlink_send+0x9/0x10 [ 1671.453157][T23063] netlink_sendmsg+0x8db/0xcb0 [ 1671.457954][T23063] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1671.463267][T23063] ? __import_iovec+0x536/0x820 [ 1671.468153][T23063] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1671.473540][T23063] ? security_socket_sendmsg+0x87/0xb0 [ 1671.479019][T23063] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1671.484323][T23063] __sock_sendmsg+0x221/0x270 [ 1671.489016][T23063] ____sys_sendmsg+0x525/0x7d0 [ 1671.493804][T23063] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1671.499119][T23063] __sys_sendmsg+0x2b0/0x3a0 [ 1671.503735][T23063] ? __pfx___sys_sendmsg+0x10/0x10 [ 1671.508868][T23063] ? vfs_write+0x7c4/0xc90 [ 1671.513349][T23063] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1671.519715][T23063] ? do_syscall_64+0x100/0x230 [ 1671.524663][T23063] ? do_syscall_64+0xb6/0x230 [ 1671.529369][T23063] do_syscall_64+0xf3/0x230 [ 1671.533899][T23063] ? clear_bhb_loop+0x35/0x90 [ 1671.538605][T23063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1671.544526][T23063] RIP: 0033:0x7f673dd75bd9 [ 1671.548963][T23063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1671.568613][T23063] RSP: 002b:00007f673eb03048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1671.577044][T23063] RAX: ffffffffffffffda RBX: 00007f673df03f60 RCX: 00007f673dd75bd9 [ 1671.585910][T23063] RDX: 0000000000000000 RSI: 0000000020000680 RDI: 0000000000000003 [ 1671.593900][T23063] RBP: 00007f673eb030a0 R08: 0000000000000000 R09: 0000000000000000 [ 1671.601892][T23063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1671.609890][T23063] R13: 000000000000000b R14: 00007f673df03f60 R15: 00007ffcad79d7e8 [ 1671.617891][T23063] [ 1671.837818][ T5140] [drm] vendor descriptor length:c3 data:49 02 da 4d 64 3c b6 11 e5 29 a7 [ 1671.851885][T23071] hsr0: entered promiscuous mode [ 1671.881292][ T5140] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1671.919790][T23071] hsr_slave_0: left promiscuous mode [ 1671.927688][T23071] hsr_slave_1: left promiscuous mode [ 1671.964030][T23074] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4930'. [ 1672.035086][ T5140] [drm:udl_init] *ERROR* Selecting channel failed [ 1672.057675][ T5140] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2 [ 1672.072000][ T5140] [drm] Initialized udl on minor 2 [ 1672.078962][ T5140] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1672.117171][T23071] hsr0 (unregistering): left promiscuous mode [ 1672.123674][ T5140] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 1672.131003][ T25] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1672.140258][ T25] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1672.169679][ T5140] usb 4-1: USB disconnect, device number 18 [ 1672.177190][ T25] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 1672.195041][T23075] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4927'. [ 1672.230705][T23075] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4927'. [ 1672.669607][T23081] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4934'. [ 1672.809035][T23087] Cannot find add_set index 0 as target [ 1674.527780][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 1674.527827][ T29] audit: type=1800 audit(1720472680.662:547): pid=23107 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.4939" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1674.852587][T23113] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1675.013124][T14472] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 1675.219135][T14472] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 1675.234325][T14472] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1675.264953][T14472] usb 4-1: config 0 descriptor?? [ 1675.286755][T14472] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 1675.470118][T23122] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4944'. [ 1675.501060][T23122] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4944'. [ 1676.047368][T14472] gspca_cpia1: usb_control_msg 01, error -32 [ 1676.068586][T14472] gspca_cpia1: usb_control_msg 01, error -71 [ 1676.082323][T14472] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0) [ 1676.102824][T14472] usb 4-1: USB disconnect, device number 19 [ 1676.332599][ T5142] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 1676.485243][T23133] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4947'. [ 1676.507781][T23135] Cannot find add_set index 0 as target [ 1676.547625][ T5142] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1676.574448][ T5142] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1676.581190][T23136] IPVS: rr: SCTP 127.0.0.1:0 - no destination available [ 1676.606185][ T5142] usb 1-1: config 0 descriptor?? [ 1677.062642][ T5142] [drm] vendor descriptor length:c3 data:49 02 da 4d 64 3c b6 11 e5 29 a7 [ 1677.100553][ T5142] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1677.277162][ T5142] [drm:udl_init] *ERROR* Selecting channel failed [ 1677.299988][ T5142] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 1677.314090][ T5142] [drm] Initialized udl on minor 2 [ 1677.325175][T23152] macvlan0: entered allmulticast mode [ 1677.330758][T23152] veth1_vlan: entered allmulticast mode [ 1677.346870][ T5142] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1677.357835][ T5142] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1677.365045][T23153] FAULT_INJECTION: forcing a failure. [ 1677.365045][T23153] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1677.391123][ T5140] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1677.413124][ T5142] usb 1-1: USB disconnect, device number 5 [ 1677.418608][T23153] CPU: 0 PID: 23153 Comm: syz.1.4954 Not tainted 6.10.0-rc7-syzkaller #0 [ 1677.422327][ T5140] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1677.427376][T23153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1677.443979][T23153] Call Trace: [ 1677.444422][T23152] pim6reg: entered allmulticast mode [ 1677.447262][T23153] [ 1677.447275][T23153] dump_stack_lvl+0x241/0x360 [ 1677.447319][T23153] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1677.465448][T23153] ? __pfx__printk+0x10/0x10 [ 1677.470069][T23153] ? __pfx_lock_release+0x10/0x10 [ 1677.475199][T23153] should_fail_ex+0x3b0/0x4e0 [ 1677.479902][T23153] fpu__restore_sig+0x1b3/0x11b0 [ 1677.484859][T23153] ? __pfx_fpu__restore_sig+0x10/0x10 [ 1677.490259][T23153] ? __might_fault+0xc6/0x120 [ 1677.495043][T23153] restore_sigcontext+0x675/0x7d0 [ 1677.500088][T23153] ? __pfx_restore_sigcontext+0x10/0x10 [ 1677.505667][T23153] ? __pfx___set_current_blocked+0x10/0x10 [ 1677.511483][T23153] ? __task_pid_nr_ns+0x28/0x450 [ 1677.516436][T23153] __do_sys_rt_sigreturn+0x17f/0x270 [ 1677.521741][T23153] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 1677.527559][T23153] ? do_syscall_64+0x100/0x230 [ 1677.532443][T23153] ? do_syscall_64+0xb6/0x230 [ 1677.537146][T23153] do_syscall_64+0xf3/0x230 [ 1677.541670][T23153] ? clear_bhb_loop+0x35/0x90 [ 1677.546484][T23153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1677.552397][T23153] RIP: 0033:0x7f673dd75bd9 [ 1677.556827][T23153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1677.576439][T23153] RSP: 002b:00007f673eb03048 EFLAGS: 00000246 [ 1677.582520][T23153] RAX: 0000000000001000 RBX: 00007f673df03f60 RCX: 00007f673dd75bd9 [ 1677.590504][T23153] RDX: 000000000000f000 RSI: 00000000200000c0 RDI: 0000000000000004 [ 1677.598654][T23153] RBP: 00007f673eb030a0 R08: 0000000000000000 R09: 0000000000000000 [ 1677.606633][T23153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1677.614666][T23153] R13: 000000000000000b R14: 00007f673df03f60 R15: 00007ffcad79d7e8 [ 1677.622676][T23153] [ 1677.706778][ T25] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 1677.821184][T23158] tun0: tun_chr_ioctl cmd 1074025676 [ 1677.837260][T23158] tun0: owner set to 0 [ 1678.051666][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 1678.061999][ T25] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1678.081398][ T25] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1678.098217][ T25] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1678.134073][ T25] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 1678.161882][ T25] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 1678.184184][ T25] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1678.193552][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1678.202920][ T25] usb 4-1: Product: syz [ 1678.210699][ T25] usb 4-1: Manufacturer: syz [ 1678.219413][ T25] usb 4-1: SerialNumber: syz [ 1678.329511][T23167] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.4957'. [ 1678.456878][ T25] cdc_ncm 4-1:1.0: bind() failure [ 1678.484763][T23170] FAULT_INJECTION: forcing a failure. [ 1678.484763][T23170] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1678.518034][ T25] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 1678.558205][ T25] cdc_ncm 4-1:1.1: bind() failure [ 1678.596964][T23170] CPU: 0 PID: 23170 Comm: syz.0.4957 Not tainted 6.10.0-rc7-syzkaller #0 [ 1678.605450][T23170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1678.615648][T23170] Call Trace: [ 1678.618957][T23170] [ 1678.621639][ T25] usb 4-1: USB disconnect, device number 20 [ 1678.621926][T23170] dump_stack_lvl+0x241/0x360 [ 1678.632533][T23170] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1678.637779][T23170] ? __pfx__printk+0x10/0x10 [ 1678.642937][T23170] ? __pfx_lock_release+0x10/0x10 [ 1678.648013][T23170] should_fail_ex+0x3b0/0x4e0 [ 1678.652767][T23170] _copy_from_iter+0x1f6/0x1960 [ 1678.657673][T23170] ? __virt_addr_valid+0x183/0x520 [ 1678.662835][T23170] ? __pfx_lock_release+0x10/0x10 [ 1678.667902][T23170] ? __alloc_skb+0x28f/0x440 [ 1678.672530][T23170] ? __pfx__copy_from_iter+0x10/0x10 [ 1678.677854][T23170] ? __virt_addr_valid+0x183/0x520 [ 1678.683004][T23170] ? __virt_addr_valid+0x183/0x520 [ 1678.688136][T23170] ? __virt_addr_valid+0x44e/0x520 [ 1678.693270][T23170] ? __check_object_size+0x49c/0x900 [ 1678.698573][T23170] netlink_sendmsg+0x743/0xcb0 [ 1678.703423][T23170] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1678.708731][T23170] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1678.714025][T23170] ? security_socket_sendmsg+0x87/0xb0 [ 1678.719518][T23170] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1678.724837][T23170] __sock_sendmsg+0x221/0x270 [ 1678.729525][T23170] __sys_sendto+0x3a4/0x4f0 [ 1678.734047][T23170] ? __pfx___sys_sendto+0x10/0x10 [ 1678.739114][T23170] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1678.745107][T23170] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1678.751445][T23170] ? exc_page_fault+0x590/0x8c0 [ 1678.756318][T23170] __x64_sys_sendto+0xde/0x100 [ 1678.761117][T23170] do_syscall_64+0xf3/0x230 [ 1678.765650][T23170] ? clear_bhb_loop+0x35/0x90 [ 1678.770349][T23170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1678.776258][T23170] RIP: 0033:0x7f0ee7f7796c [ 1678.780682][T23170] Code: 2a 5a 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5a 02 00 48 8b [ 1678.800384][T23170] RSP: 002b:00007f0ee8d23ed0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1678.808807][T23170] RAX: ffffffffffffffda RBX: 00007f0ee8d23fd0 RCX: 00007f0ee7f7796c [ 1678.816787][T23170] RDX: 0000000000000024 RSI: 00007f0ee8d24020 RDI: 0000000000000003 [ 1678.824770][T23170] RBP: 0000000000000000 R08: 00007f0ee8d23f24 R09: 000000000000000c [ 1678.832746][T23170] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1678.840815][T23170] R13: 00007f0ee8d23f78 R14: 00007f0ee8d24020 R15: 0000000000000000 [ 1678.848807][T23170] [ 1679.024682][T23175] Cannot find add_set index 0 as target [ 1679.765651][T23195] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4965'. [ 1679.903340][T23199] IPVS: rr: SCTP 127.0.0.1:0 - no destination available [ 1680.730818][T23202] FAULT_INJECTION: forcing a failure. [ 1680.730818][T23202] name failslab, interval 1, probability 0, space 0, times 0 [ 1680.790235][T23202] CPU: 0 PID: 23202 Comm: syz.3.4967 Not tainted 6.10.0-rc7-syzkaller #0 [ 1680.798715][T23202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1680.808807][T23202] Call Trace: [ 1680.812121][T23202] [ 1680.815093][T23202] dump_stack_lvl+0x241/0x360 [ 1680.819840][T23202] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1680.825090][T23202] ? __pfx__printk+0x10/0x10 [ 1680.829729][T23202] ? __pfx___might_resched+0x10/0x10 [ 1680.835070][T23202] should_fail_ex+0x3b0/0x4e0 [ 1680.839802][T23202] ? skb_clone+0x20c/0x390 [ 1680.844275][T23202] should_failslab+0x9/0x20 [ 1680.848822][T23202] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1680.854274][T23202] ? __virt_addr_valid+0x183/0x520 [ 1680.859435][T23202] skb_clone+0x20c/0x390 [ 1680.863734][T23202] pfkey_sendmsg+0x445/0x1020 [ 1680.868484][T23202] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 1680.873658][T23202] ? tomoyo_socket_sendmsg_permission+0x288/0x420 [ 1680.880137][T23202] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 1680.886985][T23202] ? __pfx___might_resched+0x10/0x10 [ 1680.892404][T23202] ? __might_fault+0xaa/0x120 [ 1680.897215][T23202] ? __pfx_lock_release+0x10/0x10 [ 1680.902269][T23202] ? __import_iovec+0x536/0x820 [ 1680.907142][T23202] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1680.912446][T23202] ? security_socket_sendmsg+0x87/0xb0 [ 1680.917945][T23202] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 1680.923071][T23202] __sock_sendmsg+0x221/0x270 [ 1680.927763][T23202] ____sys_sendmsg+0x525/0x7d0 [ 1680.932552][T23202] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1680.937868][T23202] __sys_sendmsg+0x2b0/0x3a0 [ 1680.942478][T23202] ? __pfx___sys_sendmsg+0x10/0x10 [ 1680.947604][T23202] ? vfs_write+0x7c4/0xc90 [ 1680.952076][T23202] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1680.958462][T23202] ? do_syscall_64+0x100/0x230 [ 1680.963425][T23202] ? do_syscall_64+0xb6/0x230 [ 1680.968150][T23202] do_syscall_64+0xf3/0x230 [ 1680.972674][T23202] ? clear_bhb_loop+0x35/0x90 [ 1680.977375][T23202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1680.983288][T23202] RIP: 0033:0x7f8a7bb75bd9 [ 1680.987715][T23202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1681.007349][T23202] RSP: 002b:00007f8a7c892048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1681.015796][T23202] RAX: ffffffffffffffda RBX: 00007f8a7bd03f60 RCX: 00007f8a7bb75bd9 [ 1681.023816][T23202] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 1681.031826][T23202] RBP: 00007f8a7c8920a0 R08: 0000000000000000 R09: 0000000000000000 [ 1681.039809][T23202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1681.047790][T23202] R13: 000000000000000b R14: 00007f8a7bd03f60 R15: 00007fffb5aecab8 [ 1681.055795][T23202] [ 1681.408846][T23211] Cannot find add_set index 0 as target [ 1681.602167][T23214] block nbd2: shutting down sockets [ 1682.019593][ T9795] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 1682.229585][ T9795] usb 4-1: Using ep0 maxpacket: 32 [ 1682.251010][ T9795] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1682.270422][ T9795] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1682.309069][ T9795] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1682.357451][ T9795] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 1682.374726][ T9795] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 1682.435000][ T9795] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1682.454879][ T9795] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1682.463556][ T9795] usb 4-1: Product: syz [ 1682.479747][ T9795] usb 4-1: Manufacturer: syz [ 1682.484532][ T9795] usb 4-1: SerialNumber: syz [ 1682.676952][T23236] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4977'. [ 1686.330587][ T9795] cdc_ncm 4-1:1.0: bind() failure [ 1686.355600][ T9795] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 1686.372132][ T9795] cdc_ncm 4-1:1.1: bind() failure [ 1686.385761][ T9795] usb 4-1: USB disconnect, device number 21 [ 1686.503967][T23256] Cannot find add_set index 0 as target [ 1686.816257][T23261] netlink: 2 bytes leftover after parsing attributes in process `syz.4.4980'. [ 1687.297988][T23276] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4988'. [ 1687.938440][T23287] tipc: Started in network mode [ 1687.962905][T23287] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 1688.008555][T23287] tipc: Enabled bearer , priority 0 [ 1688.294084][T23294] Cannot find add_set index 0 as target [ 1688.594073][ T2839] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1688.626050][ T2839] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1688.727796][T19448] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 1688.843084][ T2839] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1688.864780][ T2839] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1688.966596][T19448] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1688.975814][T19448] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1688.982448][T23304] 9pnet_rdma: rdma_create_trans (23304): problem binding to privport: 13 [ 1689.012970][T19448] usb 1-1: config 0 descriptor?? [ 1689.119083][ T2839] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1689.129742][ T46] tipc: Node number set to 11578026 [ 1689.149963][ T2839] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1689.297576][T23308] FAULT_INJECTION: forcing a failure. [ 1689.297576][T23308] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1689.317879][ T2839] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1689.320792][T23309] fuse: Unknown parameter '' [ 1689.342405][T23308] CPU: 1 PID: 23308 Comm: syz.3.4999 Not tainted 6.10.0-rc7-syzkaller #0 [ 1689.351072][T23308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1689.361162][T23308] Call Trace: [ 1689.364468][T23308] [ 1689.365964][ T2839] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1689.367407][T23308] dump_stack_lvl+0x241/0x360 [ 1689.382371][T23308] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1689.387618][T23308] ? __pfx__printk+0x10/0x10 [ 1689.392252][T23308] ? bpf_cgroup_storage_free+0x8f/0xb0 [ 1689.397759][T23308] ? __pfx_lock_release+0x10/0x10 [ 1689.402825][T23308] ? bpf_test_run+0x840/0x910 [ 1689.407562][T23308] should_fail_ex+0x3b0/0x4e0 [ 1689.412295][T23308] _copy_to_user+0x2f/0xb0 [ 1689.416757][T23308] bpf_test_finish+0x30f/0x8b0 [ 1689.421594][T23308] ? __might_fault+0xaa/0x120 [ 1689.426296][T23308] ? __pfx_bpf_test_finish+0x10/0x10 [ 1689.431623][T23308] ? _copy_from_user+0xa6/0xe0 [ 1689.436420][T23308] ? bpf_test_init+0x15a/0x180 [ 1689.441211][T23308] bpf_prog_test_run_xdp+0x905/0x11b0 [ 1689.446616][T23308] ? __pfx_lock_release+0x10/0x10 [ 1689.450873][T19248] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1689.451669][T23308] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 1689.451710][T23308] ? __fget_files+0x29/0x470 [ 1689.451750][T23308] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 1689.465086][T19248] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1689.465324][T23308] bpf_prog_test_run+0x33a/0x3b0 [ 1689.471633][T19248] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1689.475726][T23308] __sys_bpf+0x48d/0x810 [ 1689.485909][T19248] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1689.487702][T23308] ? __pfx___sys_bpf+0x10/0x10 [ 1689.495747][T19248] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1689.498914][T23308] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1689.498951][T23308] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1689.498979][T23308] ? do_syscall_64+0x100/0x230 [ 1689.499017][T23308] __x64_sys_bpf+0x7c/0x90 [ 1689.499053][T23308] do_syscall_64+0xf3/0x230 [ 1689.499088][T23308] ? clear_bhb_loop+0x35/0x90 [ 1689.499126][T23308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1689.499158][T23308] RIP: 0033:0x7f8a7bb75bd9 [ 1689.499181][T23308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1689.499202][T23308] RSP: 002b:00007f8a7c892048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1689.499230][T23308] RAX: ffffffffffffffda RBX: 00007f8a7bd03f60 RCX: 00007f8a7bb75bd9 [ 1689.499249][T23308] RDX: 0000000000000050 RSI: 00000000200000c0 RDI: 000000000000000a [ 1689.499265][T23308] RBP: 00007f8a7c8920a0 R08: 0000000000000000 R09: 0000000000000000 [ 1689.499281][T23308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1689.499296][T23308] R13: 000000000000000b R14: 00007f8a7bd03f60 R15: 00007fffb5aecab8 [ 1689.499330][T23308] [ 1689.711817][T19448] [drm] vendor descriptor length:c3 data:49 02 da 4d 64 3c b6 11 e5 29 a7 [ 1689.720570][T19448] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1689.765495][T19248] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1689.947587][T19448] [drm:udl_init] *ERROR* Selecting channel failed [ 1690.007806][T19448] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2 [ 1690.024892][T19448] [drm] Initialized udl on minor 2 [ 1690.062786][T19448] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1690.074668][T19448] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1690.086304][ T9795] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1690.094415][ T9795] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 1690.115730][T19448] usb 1-1: USB disconnect, device number 6 [ 1690.180662][T23324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5004'. [ 1690.202451][T23324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5004'. [ 1690.249746][T23310] ip6gretap0 speed is unknown, defaulting to 1000 [ 1690.409576][ T2839] bridge_slave_1: left allmulticast mode [ 1690.425705][ T2839] bridge_slave_1: left promiscuous mode [ 1690.426417][T23326] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5005'. [ 1690.431516][ T2839] bridge0: port 2(bridge_slave_1) entered disabled state [ 1690.561265][ T2839] bridge_slave_0: left allmulticast mode [ 1690.585548][ T2839] bridge_slave_0: left promiscuous mode [ 1690.591425][ T2839] bridge0: port 1(bridge_slave_0) entered disabled state [ 1691.057454][T23334] FAULT_INJECTION: forcing a failure. [ 1691.057454][T23334] name failslab, interval 1, probability 0, space 0, times 0 [ 1691.173845][T23334] CPU: 0 PID: 23334 Comm: syz.4.5009 Not tainted 6.10.0-rc7-syzkaller #0 [ 1691.182343][T23334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1691.192440][T23334] Call Trace: [ 1691.195746][T23334] [ 1691.198735][T23334] dump_stack_lvl+0x241/0x360 [ 1691.203465][T23334] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1691.208716][T23334] ? __pfx__printk+0x10/0x10 [ 1691.213356][T23334] ? __pfx___might_resched+0x10/0x10 [ 1691.218699][T23334] should_fail_ex+0x3b0/0x4e0 [ 1691.223431][T23334] ? sctp_association_new+0x8a/0x23f0 [ 1691.228841][T23334] should_failslab+0x9/0x20 [ 1691.233380][T23334] kmalloc_trace_noprof+0x6c/0x2c0 [ 1691.238541][T23334] sctp_association_new+0x8a/0x23f0 [ 1691.243779][T23334] ? sctp_do_bind+0x679/0x950 [ 1691.248517][T23334] sctp_connect_new_asoc+0x2d8/0x6c0 [ 1691.254292][T23334] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1691.260152][T23334] ? sctp_endpoint_lookup_assoc+0xc9/0x250 [ 1691.266004][T23334] __sctp_connect+0x66d/0xe30 [ 1691.270725][T23334] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1691.276738][T23334] ? __pfx___sctp_connect+0x10/0x10 [ 1691.281977][T23334] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1691.288338][T23334] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 1691.293911][T23334] ? security_sctp_bind_connect+0x90/0xb0 [ 1691.299669][T23334] sctp_setsockopt_connectx+0x184/0x2a0 [ 1691.305344][T23334] ? __pfx_sctp_setsockopt_connectx+0x10/0x10 [ 1691.311439][T23334] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1691.316774][T23334] sctp_setsockopt+0x709/0x11c0 [ 1691.321662][T23334] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 1691.327587][T23334] do_sock_setsockopt+0x3af/0x720 [ 1691.332659][T23334] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 1691.338237][T23334] ? __fget_files+0x29/0x470 [ 1691.342865][T23334] ? __fget_files+0x3f6/0x470 [ 1691.347623][T23334] __sys_setsockopt+0x1ae/0x250 [ 1691.352524][T23334] __x64_sys_setsockopt+0xb5/0xd0 [ 1691.357590][T23334] do_syscall_64+0xf3/0x230 [ 1691.362134][T23334] ? clear_bhb_loop+0x35/0x90 [ 1691.366859][T23334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1691.372788][T23334] RIP: 0033:0x7f9f56b75bd9 [ 1691.377230][T23334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1691.396865][T23334] RSP: 002b:00007f9f578fc048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1691.405313][T23334] RAX: ffffffffffffffda RBX: 00007f9f56d03f60 RCX: 00007f9f56b75bd9 [ 1691.413309][T23334] RDX: 000000000000006e RSI: 0000000000000084 RDI: 0000000000000004 [ 1691.421306][T23334] RBP: 00007f9f578fc0a0 R08: 0000000000000010 R09: 0000000000000000 [ 1691.429311][T23334] R10: 0000000020009200 R11: 0000000000000246 R12: 0000000000000001 [ 1691.437328][T23334] R13: 000000000000000b R14: 00007f9f56d03f60 R15: 00007ffcd5a2d278 [ 1691.445349][T23334] [ 1691.807018][T19248] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1691.821449][T19248] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1691.845970][T19248] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1691.877710][T19248] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1691.887187][T19248] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1691.895131][T19248] Bluetooth: hci3: command tx timeout [ 1691.902856][T19248] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1692.206992][T23348] tmpfs: Bad value for 'mpol' [ 1692.626216][ T2839] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1692.647622][ T2839] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1692.660641][ T2839] bond0 (unregistering): Released all slaves [ 1692.860076][T23339] ip6gretap0 speed is unknown, defaulting to 1000 [ 1692.914649][ T46] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 1693.094489][ T784] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 1693.114456][ T46] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1693.142898][ T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1693.185604][ T46] usb 2-1: config 0 descriptor?? [ 1693.200795][ T46] cp210x 2-1:0.0: cp210x converter detected [ 1693.314283][ T784] usb 1-1: Using ep0 maxpacket: 8 [ 1693.334993][ T784] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 1693.358512][ T784] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1693.380656][ T784] usb 1-1: Product: syz [ 1693.390077][T19248] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1693.414415][T19248] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1693.434735][T19248] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1693.454720][T19248] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1693.462747][T19248] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1693.470457][T19248] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1693.471975][ T2839] hsr_slave_0: left promiscuous mode [ 1693.481352][ T784] usb 1-1: Manufacturer: syz [ 1693.488475][ T784] usb 1-1: SerialNumber: syz [ 1693.513778][ T784] usb 1-1: config 0 descriptor?? [ 1693.519068][ T2839] hsr_slave_1: left promiscuous mode [ 1693.533228][ T2839] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1693.541182][ T2839] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1693.549864][ T2839] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1693.557497][ T2839] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1693.590842][ T2839] veth1_macvtap: left promiscuous mode [ 1693.600951][ T2839] veth0_macvtap: left promiscuous mode [ 1693.607797][ T2839] veth1_vlan: left allmulticast mode [ 1693.613187][ T2839] veth1_vlan: left promiscuous mode [ 1693.618783][ T2839] veth0_vlan: left promiscuous mode [ 1693.651892][ T46] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1693.663061][T23355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1693.672699][T23355] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1693.744274][ T784] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 1693.791914][ T2839] pim6reg (unregistering): left allmulticast mode [ 1693.885123][ T46] cp210x 2-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 1693.900780][ T46] cp210x 2-1:0.0: GPIO initialisation failed: -71 [ 1693.912014][ T46] usb 2-1: cp210x converter now attached to ttyUSB0 [ 1693.922743][ T46] usb 2-1: USB disconnect, device number 34 [ 1693.948666][ T46] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1693.959609][ T46] cp210x 2-1:0.0: device disconnected [ 1693.965570][T19248] Bluetooth: hci3: command tx timeout [ 1693.975503][T19248] Bluetooth: hci5: command tx timeout [ 1693.987647][ T2839] macvlan0 (unregistering): left allmulticast mode [ 1694.418771][ T2839] team0 (unregistering): Port device team_slave_1 removed [ 1694.497466][ T2839] team0 (unregistering): Port device team_slave_0 removed [ 1694.857618][ T784] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 1694.892223][ T784] usb 1-1: USB disconnect, device number 7 [ 1695.563502][T19248] Bluetooth: hci0: command tx timeout [ 1695.831581][T23378] tmpfs: Bad value for 'mpol' [ 1696.052466][T19248] Bluetooth: hci5: command tx timeout [ 1696.059655][ T53] Bluetooth: hci3: command tx timeout [ 1696.218075][T23362] ip6gretap0 speed is unknown, defaulting to 1000 [ 1696.239546][T23310] chnl_net:caif_netlink_parms(): no params data found [ 1696.401385][T23339] chnl_net:caif_netlink_parms(): no params data found [ 1696.864309][T23310] bridge0: port 1(bridge_slave_0) entered blocking state [ 1696.881724][T23310] bridge0: port 1(bridge_slave_0) entered disabled state [ 1696.892061][T23310] bridge_slave_0: entered allmulticast mode [ 1696.909509][T23310] bridge_slave_0: entered promiscuous mode [ 1696.994929][T23310] bridge0: port 2(bridge_slave_1) entered blocking state [ 1697.025898][T23310] bridge0: port 2(bridge_slave_1) entered disabled state [ 1697.061557][T23310] bridge_slave_1: entered allmulticast mode [ 1697.079338][T23310] bridge_slave_1: entered promiscuous mode [ 1697.333662][T23310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1697.352121][T23339] bridge0: port 1(bridge_slave_0) entered blocking state [ 1697.364034][T23339] bridge0: port 1(bridge_slave_0) entered disabled state [ 1697.373149][T23339] bridge_slave_0: entered allmulticast mode [ 1697.381918][T23339] bridge_slave_0: entered promiscuous mode [ 1697.393893][T23339] bridge0: port 2(bridge_slave_1) entered blocking state [ 1697.401059][T23339] bridge0: port 2(bridge_slave_1) entered disabled state [ 1697.442367][T23339] bridge_slave_1: entered allmulticast mode [ 1697.450037][T23339] bridge_slave_1: entered promiscuous mode [ 1697.476785][T23310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1697.587034][T23339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1697.612304][ T2839] IPVS: stop unused estimator thread 0... [ 1697.642555][ T53] Bluetooth: hci0: command tx timeout [ 1697.724533][T23339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1697.822085][T23310] team0: Port device team_slave_0 added [ 1697.866433][T23310] team0: Port device team_slave_1 added [ 1697.956479][T23339] team0: Port device team_slave_0 added [ 1697.971060][T23339] team0: Port device team_slave_1 added [ 1698.035253][T23310] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1698.043194][T23310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1698.069960][T23310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1698.111003][T23339] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1698.118431][T23339] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1698.145646][ T53] Bluetooth: hci3: command tx timeout [ 1698.151092][ T53] Bluetooth: hci5: command tx timeout [ 1698.166176][T23339] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1698.179141][T23310] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1698.187475][T23310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1698.215454][T23310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1698.228800][T23339] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1698.236365][T23339] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1698.285572][T23339] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1698.358164][T23362] chnl_net:caif_netlink_parms(): no params data found [ 1698.523564][T23339] hsr_slave_0: entered promiscuous mode [ 1698.541327][T23339] hsr_slave_1: entered promiscuous mode [ 1698.548995][T23339] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1698.557118][T23339] Cannot create hsr debugfs directory [ 1698.669039][T23310] hsr_slave_0: entered promiscuous mode [ 1698.687703][T23310] hsr_slave_1: entered promiscuous mode [ 1698.703487][T23310] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1698.711721][T23310] Cannot create hsr debugfs directory [ 1698.839026][T23424] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 1698.981142][T23362] bridge0: port 1(bridge_slave_0) entered blocking state [ 1698.991264][T23362] bridge0: port 1(bridge_slave_0) entered disabled state [ 1698.998770][T23362] bridge_slave_0: entered allmulticast mode [ 1699.010299][T23362] bridge_slave_0: entered promiscuous mode [ 1699.024168][T23362] bridge0: port 2(bridge_slave_1) entered blocking state [ 1699.031789][T23362] bridge0: port 2(bridge_slave_1) entered disabled state [ 1699.039220][T23362] bridge_slave_1: entered allmulticast mode [ 1699.047938][T23362] bridge_slave_1: entered promiscuous mode [ 1699.136226][T23362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1699.170712][T23362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1699.191619][ T5140] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 1699.261701][T23362] team0: Port device team_slave_0 added [ 1699.271780][T23362] team0: Port device team_slave_1 added [ 1699.366480][T23362] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1699.374491][T23362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1699.400696][ T5140] usb 1-1: Using ep0 maxpacket: 8 [ 1699.406275][T23362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1699.421955][T23362] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1699.429570][T23362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1699.455915][T23362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1699.466945][ T5140] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 1699.476219][ T5140] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1699.490851][ T5140] usb 1-1: Product: syz [ 1699.497046][ T5140] usb 1-1: Manufacturer: syz [ 1699.502264][ T5140] usb 1-1: SerialNumber: syz [ 1699.529612][ T5140] usb 1-1: config 0 descriptor?? [ 1699.605329][T23362] hsr_slave_0: entered promiscuous mode [ 1699.616988][T23362] hsr_slave_1: entered promiscuous mode [ 1699.630865][T23362] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1699.639793][T23362] Cannot create hsr debugfs directory [ 1699.721484][ T53] Bluetooth: hci0: command tx timeout [ 1699.765463][ T5140] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 1699.908062][T23339] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1699.922291][T23339] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1700.082633][T23339] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1700.093883][T23339] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1700.162724][T23443] FAULT_INJECTION: forcing a failure. [ 1700.162724][T23443] name failslab, interval 1, probability 0, space 0, times 0 [ 1700.176491][T23443] CPU: 0 PID: 23443 Comm: syz.1.5039 Not tainted 6.10.0-rc7-syzkaller #0 [ 1700.184955][T23443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1700.195044][T23443] Call Trace: [ 1700.198353][T23443] [ 1700.201312][T23443] dump_stack_lvl+0x241/0x360 [ 1700.206152][T23443] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1700.211234][ T53] Bluetooth: hci5: command tx timeout [ 1700.211989][T23443] ? __pfx__printk+0x10/0x10 [ 1700.222018][T23443] ? ref_tracker_alloc+0x332/0x490 [ 1700.227204][T23443] should_fail_ex+0x3b0/0x4e0 [ 1700.231934][T23443] ? skb_clone+0x20c/0x390 [ 1700.236395][T23443] should_failslab+0x9/0x20 [ 1700.240929][T23443] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 1700.246348][T23443] skb_clone+0x20c/0x390 [ 1700.250640][T23443] __netlink_deliver_tap+0x3cc/0x7c0 [ 1700.255980][T23443] ? netlink_deliver_tap+0x2e/0x1b0 [ 1700.261231][T23443] netlink_deliver_tap+0x19d/0x1b0 [ 1700.266391][T23443] netlink_unicast+0x7b8/0x980 [ 1700.271220][T23443] ? __pfx_netlink_unicast+0x10/0x10 [ 1700.276551][T23443] ? __virt_addr_valid+0x183/0x520 [ 1700.281717][T23443] ? __check_object_size+0x49c/0x900 [ 1700.287049][T23443] ? bpf_lsm_netlink_send+0x9/0x10 [ 1700.292300][T23443] netlink_sendmsg+0x8db/0xcb0 [ 1700.297149][T23443] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1700.302499][T23443] ? __import_iovec+0x536/0x820 [ 1700.307422][T23443] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1700.312752][T23443] ? security_socket_sendmsg+0x87/0xb0 [ 1700.318258][T23443] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1700.323594][T23443] __sock_sendmsg+0x221/0x270 [ 1700.328311][T23443] ____sys_sendmsg+0x525/0x7d0 [ 1700.333131][T23443] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1700.338564][T23443] __sys_sendmsg+0x2b0/0x3a0 [ 1700.343290][T23443] ? __pfx___sys_sendmsg+0x10/0x10 [ 1700.348442][T23443] ? vfs_write+0x7c4/0xc90 [ 1700.352955][T23443] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1700.359322][T23443] ? do_syscall_64+0x100/0x230 [ 1700.364135][T23443] ? do_syscall_64+0xb6/0x230 [ 1700.368866][T23443] do_syscall_64+0xf3/0x230 [ 1700.373426][T23443] ? clear_bhb_loop+0x35/0x90 [ 1700.378243][T23443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1700.384175][T23443] RIP: 0033:0x7f673dd75bd9 [ 1700.388621][T23443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1700.408348][T23443] RSP: 002b:00007f673eb03048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1700.416804][T23443] RAX: ffffffffffffffda RBX: 00007f673df03f60 RCX: 00007f673dd75bd9 [ 1700.424802][T23443] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000003 [ 1700.432821][T23443] RBP: 00007f673eb030a0 R08: 0000000000000000 R09: 0000000000000000 [ 1700.440830][T23443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1700.448835][T23443] R13: 000000000000000b R14: 00007f673df03f60 R15: 00007ffcad79d7e8 [ 1700.456863][T23443] [ 1700.505252][T23339] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1700.516014][T23339] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1700.646063][T23339] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1700.670382][T23339] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1700.990740][ T5140] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 1701.011117][ T5140] usb 1-1: USB disconnect, device number 8 [ 1701.026507][T23339] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1701.044420][T23339] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1701.056208][T23339] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1701.068642][T23339] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1701.311892][T23310] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1701.422491][T23362] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1701.433900][T23362] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1701.481173][T23310] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1701.572056][T23362] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1701.590500][T23362] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1701.612371][T23310] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1701.632185][T23310] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1701.708067][T23362] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1701.727084][T23362] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1701.810504][ T53] Bluetooth: hci0: command tx timeout [ 1701.909381][T23362] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1701.932192][T23362] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1702.084548][T23339] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1702.209211][T23339] 8021q: adding VLAN 0 to HW filter on device team0 [ 1702.287091][ T9795] bridge0: port 1(bridge_slave_0) entered blocking state [ 1702.294360][ T9795] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1702.343195][T19475] bridge0: port 2(bridge_slave_1) entered blocking state [ 1702.350475][T19475] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1702.394188][T23362] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1702.421811][T23310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1702.430467][T23362] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1702.505832][T23362] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1702.569280][T23310] 8021q: adding VLAN 0 to HW filter on device team0 [ 1702.578891][T23362] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1702.594859][T23464] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5047'. [ 1702.649466][T23339] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1702.687923][T14472] bridge0: port 1(bridge_slave_0) entered blocking state [ 1702.695227][T14472] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1702.713336][T14472] bridge0: port 2(bridge_slave_1) entered blocking state [ 1702.720606][T14472] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1702.856841][T23310] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1702.867523][T19448] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 1703.032100][T23362] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1703.084099][T19448] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1703.115456][T23362] 8021q: adding VLAN 0 to HW filter on device team0 [ 1703.119551][T19448] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1703.147253][T19448] usb 2-1: config 0 descriptor?? [ 1703.153548][T23475] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5050'. [ 1703.202816][T19475] bridge0: port 1(bridge_slave_0) entered blocking state [ 1703.210318][T19475] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1703.278341][T23339] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1703.301388][T19475] bridge0: port 2(bridge_slave_1) entered blocking state [ 1703.308616][T19475] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1703.462164][T23310] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1703.546116][T23339] veth0_vlan: entered promiscuous mode [ 1703.605876][T23339] veth1_vlan: entered promiscuous mode [ 1703.797583][T23339] veth0_macvtap: entered promiscuous mode [ 1703.829447][T19448] [drm] vendor descriptor length:b9 data:49 02 da 4d 64 3c b6 11 e5 29 a7 [ 1703.841862][T23310] veth0_vlan: entered promiscuous mode [ 1703.849402][T19448] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 1703.870540][T23339] veth1_macvtap: entered promiscuous mode [ 1703.881422][T19448] [drm:udl_init] *ERROR* Selecting channel failed [ 1703.901397][T23362] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1703.902823][T19448] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2 [ 1703.935792][T19448] [drm] Initialized udl on minor 2 [ 1703.950093][T23310] veth1_vlan: entered promiscuous mode [ 1703.956508][T19448] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1703.978017][T19448] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 1703.987758][T14472] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1703.998512][T19448] usb 2-1: USB disconnect, device number 35 [ 1704.004838][T14472] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 1704.091810][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.119419][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.130872][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.142567][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.153896][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.164845][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.175166][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.187770][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.199595][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.210231][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.221939][T23339] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1704.256257][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1704.272017][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.284760][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1704.296151][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.308358][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1704.319518][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.330005][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1704.341150][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.351307][T23339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1704.362911][T23339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.375076][T23339] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1704.393587][T23310] veth0_macvtap: entered promiscuous mode [ 1704.425265][T23339] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1704.449711][T19475] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 1704.449800][T23339] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1704.466496][T23339] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1704.475589][T23339] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1704.506064][T23310] veth1_macvtap: entered promiscuous mode [ 1704.659210][T19475] usb 1-1: Using ep0 maxpacket: 32 [ 1704.663414][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.667470][T19475] usb 1-1: New USB device found, idVendor=0830, idProduct=0001, bcdDevice=5c.4b [ 1704.682115][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.694869][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.705824][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.728686][T19475] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1704.731321][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.751118][T19475] usb 1-1: config 0 descriptor?? [ 1704.757815][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.761681][T19475] usb 1-1: active config #0 != 1 ?? [ 1704.780193][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.791289][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.801421][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.812151][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.822384][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1704.833062][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.858063][T23310] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1704.894737][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1704.916305][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.928287][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1704.950045][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.968834][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1704.984739][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1704.996416][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1705.018914][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1705.037375][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1705.048335][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1705.070873][T23310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1705.083227][T23310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1705.095314][T23310] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1705.132930][T23310] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1705.154193][T23310] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1705.178699][T23310] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1705.187688][T23310] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1705.238266][T23362] veth0_vlan: entered promiscuous mode [ 1705.313542][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1705.328689][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1705.399648][T23362] veth1_vlan: entered promiscuous mode [ 1705.454823][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1705.489863][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1705.601368][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1705.630616][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1705.796859][ T2839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1705.816757][T23362] veth0_macvtap: entered promiscuous mode [ 1705.823599][ T2839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1705.900377][T23362] veth1_macvtap: entered promiscuous mode [ 1705.929862][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1705.944178][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1705.955675][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1705.966439][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1705.982935][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1705.993652][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.007140][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1706.024023][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.044202][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1706.055056][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.076386][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1706.102453][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.113040][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1706.133730][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.146033][T23362] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1706.174619][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1706.217947][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.258365][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1706.277758][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.302361][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1706.313153][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.335871][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1706.346910][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.357769][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1706.384636][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.399968][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1706.420947][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.433198][T23362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1706.456085][T23362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1706.481949][T23362] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1706.722858][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1706.773147][T23362] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1706.807096][T23362] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1706.837691][T23362] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1706.867792][T23362] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1707.049142][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1707.164542][T19448] usb 1-1: USB disconnect, device number 9 [ 1707.196896][T19248] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1707.213010][T19248] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1707.263337][T19248] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1707.279113][T19248] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1707.289481][T19248] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1707.297681][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1707.314837][T19248] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1707.597426][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1707.695122][T23504] ip6gretap0 speed is unknown, defaulting to 1000 [ 1707.801671][T19248] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1707.816721][T19248] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1707.836101][T19248] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1707.848580][T19248] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1707.861482][T19248] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1707.872026][T19248] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1708.027105][ T2820] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1708.034984][ T2820] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1708.262699][T23513] ip6gretap0 speed is unknown, defaulting to 1000 [ 1708.338692][ T2839] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1708.346571][ T2839] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1708.555440][ T12] bridge_slave_1: left allmulticast mode [ 1708.567065][ T12] bridge_slave_1: left promiscuous mode [ 1708.572912][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1708.594979][ T12] bridge_slave_0: left allmulticast mode [ 1708.606640][ T12] bridge_slave_0: left promiscuous mode [ 1708.612534][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1708.654162][T23519] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5059'. [ 1709.231655][T23525] input: syz1 as /devices/virtual/input/input39 [ 1709.401625][T19248] Bluetooth: hci3: command tx timeout [ 1709.455625][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1709.489141][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1709.508902][ T12] bond0 (unregistering): Released all slaves [ 1709.956436][T19248] Bluetooth: hci5: command tx timeout [ 1815.305855][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1815.312873][ C1] rcu: 0-...!: (1 GPs behind) idle=996c/1/0x4000000000000000 softirq=108734/108735 fqs=0 [ 1815.325006][ C1] rcu: (detected by 1, t=10502 jiffies, g=163389, q=393 ncpus=2) [ 1815.332941][ C1] Sending NMI from CPU 1 to CPUs 0: [ 1815.338183][ C0] NMI backtrace for cpu 0 [ 1815.338200][ C0] CPU: 0 PID: 23545 Comm: syz.1.5066 Not tainted 6.10.0-rc7-syzkaller #0 [ 1815.338218][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1815.338230][ C0] RIP: 0010:timerqueue_del+0x66/0x100 [ 1815.338257][ C0] Code: 00 48 89 df 4c 89 ee e8 98 d8 1f f6 4c 39 eb 0f 84 99 00 00 00 e8 2a d6 1f f6 49 8d 5e 08 49 89 df 49 c1 ef 03 41 80 3c 2f 00 <74> 08 48 89 df e8 c0 41 82 f6 4c 39 2b 74 07 e8 06 d6 1f f6 eb 25 [ 1815.338273][ C0] RSP: 0018:ffffc90000007d28 EFLAGS: 00000046 [ 1815.338290][ C0] RAX: ffffffff8b765096 RBX: ffff8880b942c9d8 RCX: ffff888019f08000 [ 1815.338309][ C0] RDX: 0000000080010001 RSI: ffff888067f83340 RDI: 0000000000000001 [ 1815.338322][ C0] RBP: dffffc0000000000 R08: ffffffff8b765088 R09: 1ffffffff1f583a5 [ 1815.338336][ C0] R10: dffffc0000000000 R11: fffffbfff1f583a6 R12: 1ffff1100cff0668 [ 1815.338350][ C0] R13: ffff888067f83340 R14: ffff8880b942c9d0 R15: 1ffff1101728593b [ 1815.338364][ C0] FS: 00007f673eae26c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 1815.338381][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1815.338394][ C0] CR2: 0000001b33b10ff8 CR3: 000000006e586000 CR4: 00000000003506f0 [ 1815.338410][ C0] DR0: 0004000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1815.338422][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1815.338434][ C0] Call Trace: [ 1815.338444][ C0] [ 1815.338454][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 1815.338485][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1815.338520][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1815.338549][ C0] ? nmi_handle+0x2a/0x5a0 [ 1815.338586][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1815.338607][ C0] ? nmi_handle+0x14f/0x5a0 [ 1815.338634][ C0] ? nmi_handle+0x2a/0x5a0 [ 1815.338661][ C0] ? timerqueue_del+0x66/0x100 [ 1815.338678][ C0] ? default_do_nmi+0x63/0x160 [ 1815.338699][ C0] ? exc_nmi+0x123/0x1f0 [ 1815.338718][ C0] ? end_repeat_nmi+0xf/0x53 [ 1815.338749][ C0] ? timerqueue_del+0x48/0x100 [ 1815.338765][ C0] ? timerqueue_del+0x56/0x100 [ 1815.338785][ C0] ? timerqueue_del+0x66/0x100 [ 1815.338802][ C0] ? timerqueue_del+0x66/0x100 [ 1815.338822][ C0] ? timerqueue_del+0x66/0x100 [ 1815.338840][ C0] [ 1815.338846][ C0] [ 1815.338855][ C0] __hrtimer_run_queues+0x3d0/0xd50 [ 1815.338882][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 1815.338912][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1815.338939][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 1815.338963][ C0] hrtimer_interrupt+0x396/0x990 [ 1815.339003][ C0] __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 1815.339032][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1815.339057][ C0] [ 1815.339063][ C0] [ 1815.339070][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1815.339097][ C0] RIP: 0010:iowrite16+0x37/0x90 [ 1815.339117][ C0] Code: 28 e9 fc 48 81 fb 00 00 04 00 72 0a e8 c2 28 e9 fc 66 89 2b eb 59 48 81 fb 01 00 01 00 72 0d e8 af 28 e9 fc 89 e8 89 da 66 ef 43 8b 2d a1 d7 f5 09 31 ff 89 ee e8 d8 2c e9 fc 85 ed 74 2b e8 [ 1815.339132][ C0] RSP: 0018:ffffc9000efaf928 EFLAGS: 00000287 [ 1815.339147][ C0] RAX: 0000000000000000 RBX: 000000000001c0b0 RCX: 0000000000040000 [ 1815.339159][ C0] RDX: 000000000001c0b0 RSI: 00000000000260ae RDI: 00000000000260af [ 1815.339170][ C0] RBP: 0000000000000000 R08: ffffffff851c89a0 R09: ffff88801f0f5198 [ 1815.339183][ C0] R10: dffffc0000000000 R11: ffffffff851de0e0 R12: dffffc0000000000 [ 1815.339197][ C0] R13: 0000000000002822 R14: dffffc0000000000 R15: ffff88801ea3f200 [ 1815.339213][ C0] ? __pfx_vp_notify+0x10/0x10 [ 1815.339240][ C0] ? virtqueue_kick+0x370/0x5c0 [ 1815.339271][ C0] ? iowrite16+0x31/0x90 [ 1815.339289][ C0] vp_notify+0x57/0x80 [ 1815.339320][ C0] virtqueue_kick+0x39b/0x5c0 [ 1815.339349][ C0] copy_data+0x237/0x370 [ 1815.339378][ C0] ? __pfx_copy_data+0x10/0x10 [ 1815.339404][ C0] ? __pfx___mutex_lock+0x10/0x10 [ 1815.339430][ C0] virtio_read+0xcb/0x200 [ 1815.339457][ C0] ? __pfx_virtio_read+0x10/0x10 [ 1815.339481][ C0] rng_dev_read+0x248/0x6d0 [ 1815.339503][ C0] ? mark_lock+0x9a/0x350 [ 1815.339526][ C0] ? __pfx_rng_dev_read+0x10/0x10 [ 1815.339553][ C0] ? security_file_permission+0x7f/0xa0 [ 1815.339574][ C0] ? rw_verify_area+0x52a/0x6b0 [ 1815.339603][ C0] vfs_readv+0x6c2/0xa90 [ 1815.339631][ C0] ? __pfx_rng_dev_read+0x10/0x10 [ 1815.339654][ C0] ? __pfx_vfs_readv+0x10/0x10 [ 1815.339685][ C0] ? __fget_files+0x29/0x470 [ 1815.339714][ C0] __x64_sys_preadv+0x1c7/0x2d0 [ 1815.339734][ C0] ? __pfx___x64_sys_preadv+0x10/0x10 [ 1815.339753][ C0] ? do_syscall_64+0x100/0x230 [ 1815.339781][ C0] ? do_syscall_64+0xb6/0x230 [ 1815.339808][ C0] do_syscall_64+0xf3/0x230 [ 1815.339835][ C0] ? clear_bhb_loop+0x35/0x90 [ 1815.339862][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1815.339887][ C0] RIP: 0033:0x7f673dd75bd9 [ 1815.339904][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1815.339920][ C0] RSP: 002b:00007f673eae2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 1815.339937][ C0] RAX: ffffffffffffffda RBX: 00007f673df04038 RCX: 00007f673dd75bd9 [ 1815.339951][ C0] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000008 [ 1815.339962][ C0] RBP: 00007f673dde4e60 R08: 0000000000000000 R09: 0000000000000000 [ 1815.339974][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1815.339985][ C0] R13: 000000000000006e R14: 00007f673df04038 R15: 00007ffcad79d7e8 [ 1815.340008][ C0] [ 1815.340176][ C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g163389 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 1815.894744][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1815.904745][ C1] rcu: RCU grace-period kthread stack dump: [ 1815.910647][ C1] task:rcu_preempt state:R running task stack:25840 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 1815.922524][ C1] Call Trace: [ 1815.925825][ C1] [ 1815.928783][ C1] __schedule+0x1796/0x49d0 [ 1815.933374][ C1] ? __pfx___schedule+0x10/0x10 [ 1815.938254][ C1] ? __pfx_lock_release+0x10/0x10 [ 1815.943311][ C1] ? __asan_memset+0x23/0x50 [ 1815.947974][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 1815.953805][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1815.960157][ C1] ? schedule+0x90/0x320 [ 1815.964419][ C1] schedule+0x14b/0x320 [ 1815.968601][ C1] schedule_timeout+0x1be/0x310 [ 1815.973518][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 1815.978941][ C1] ? __pfx_process_timeout+0x10/0x10 [ 1815.984270][ C1] ? prepare_to_swait_event+0x32e/0x350 [ 1815.989871][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 1815.994794][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 1815.999760][ C1] ? __pfx_dyntick_save_progress_counter+0x10/0x10 [ 1816.006317][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 1816.011624][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1816.017568][ C1] ? finish_swait+0xd4/0x1e0 [ 1816.022704][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 1816.027325][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1816.032545][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1816.038566][ C1] ? __kthread_parkme+0x169/0x1d0 [ 1816.043621][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1816.048930][ C1] kthread+0x2f0/0x390 [ 1816.053050][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1816.058304][ C1] ? __pfx_kthread+0x10/0x10 [ 1816.062923][ C1] ret_from_fork+0x4b/0x80 [ 1816.067370][ C1] ? __pfx_kthread+0x10/0x10 [ 1816.071989][ C1] ret_from_fork_asm+0x1a/0x30 [ 1816.076803][ C1] [ 1816.079841][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 1816.086176][ C1] CPU: 1 PID: 2820 Comm: kworker/u8:10 Not tainted 6.10.0-rc7-syzkaller #0 [ 1816.094802][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1816.104896][ C1] Workqueue: events_unbound toggle_allocation_gate [ 1816.111443][ C1] RIP: 0010:smp_call_function_many_cond+0x1860/0x29d0 [ 1816.118245][ C1] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 c9 0c 0c 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 74 08 0c 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 58 08 [ 1816.137963][ C1] RSP: 0018:ffffc90009617700 EFLAGS: 00000293 [ 1816.144057][ C1] RAX: ffffffff818a1e68 RBX: 1ffff11017288c01 RCX: ffff88802b8cda00 [ 1816.152053][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1816.160047][ C1] RBP: ffffc900096178e0 R08: ffffffff818a1e37 R09: 1ffffffff25ee2b0 [ 1816.168147][ C1] R10: dffffc0000000000 R11: fffffbfff25ee2b1 R12: dffffc0000000000 [ 1816.176244][ C1] R13: ffff8880b9446008 R14: ffff8880b953f880 R15: 0000000000000000 [ 1816.184249][ C1] FS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 1816.193205][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1816.199811][ C1] CR2: 00007fe6a0637d60 CR3: 000000000e132000 CR4: 00000000003506f0 [ 1816.207807][ C1] DR0: 0004000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1816.215974][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1816.223967][ C1] Call Trace: [ 1816.227269][ C1] [ 1816.230137][ C1] ? rcu_check_gp_kthread_starvation+0x278/0x310 [ 1816.236505][ C1] ? print_other_cpu_stall+0x1470/0x15a0 [ 1816.242181][ C1] ? __pfx_print_other_cpu_stall+0x10/0x10 [ 1816.248023][ C1] ? __pfx_lock_release+0x10/0x10 [ 1816.253088][ C1] ? kvm_check_and_clear_guest_paused+0x6a/0xd0 [ 1816.259357][ C1] ? rcu_sched_clock_irq+0x9f4/0x10a0 [ 1816.264770][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 1816.270476][ C1] ? hrtimer_run_queues+0x16c/0x460 [ 1816.275714][ C1] ? acct_account_cputime+0x207/0x210 [ 1816.281114][ C1] ? update_process_times+0x1ce/0x230 [ 1816.286525][ C1] ? tick_nohz_handler+0x37c/0x500 [ 1816.291676][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 1816.297170][ C1] ? __hrtimer_run_queues+0x551/0xd50 [ 1816.302573][ C1] ? ktime_get_update_offsets_now+0x3c/0x250 [ 1816.308597][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1816.314436][ C1] ? ktime_get_update_offsets_now+0x22d/0x250 [ 1816.320654][ C1] ? hrtimer_interrupt+0x396/0x990 [ 1816.325821][ C1] ? __sysvec_apic_timer_interrupt+0x110/0x3f0 [ 1816.332008][ C1] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 1816.337841][ C1] [ 1816.340789][ C1] [ 1816.343740][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1816.349931][ C1] ? smp_call_function_many_cond+0x1847/0x29d0 [ 1816.356201][ C1] ? smp_call_function_many_cond+0x1878/0x29d0 [ 1816.362393][ C1] ? smp_call_function_many_cond+0x1860/0x29d0 [ 1816.368582][ C1] ? kmem_cache_alloc_bulk_noprof+0x146/0x770 [ 1816.374681][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 1816.379728][ C1] ? kmem_cache_alloc_bulk_noprof+0x146/0x770 [ 1816.385952][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 1816.392309][ C1] ? __pfx___might_resched+0x10/0x10 [ 1816.397621][ C1] ? __mutex_trylock_common+0x183/0x2e0 [ 1816.403194][ C1] ? __pfx___might_resched+0x10/0x10 [ 1816.408515][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 1816.413567][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 1816.418712][ C1] text_poke_bp_batch+0x352/0xb30 [ 1816.423781][ C1] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 1816.429354][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 1816.434408][ C1] ? arch_jump_label_transform_queue+0x9b/0x100 [ 1816.440685][ C1] text_poke_finish+0x30/0x50 [ 1816.445386][ C1] arch_jump_label_transform_apply+0x1c/0x30 [ 1816.451392][ C1] static_key_enable_cpuslocked+0x136/0x260 [ 1816.457321][ C1] static_key_enable+0x1a/0x20 [ 1816.462143][ C1] toggle_allocation_gate+0xb5/0x250 [ 1816.467450][ C1] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 1816.473457][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1816.479825][ C1] ? process_scheduled_works+0x945/0x1830 [ 1816.485570][ C1] process_scheduled_works+0xa2c/0x1830 [ 1816.491173][ C1] ? __pfx_process_scheduled_works+0x10/0x10 [ 1816.497181][ C1] ? assign_work+0x364/0x3d0 [ 1816.501795][ C1] worker_thread+0x86d/0xd50 [ 1816.506428][ C1] ? __kthread_parkme+0x169/0x1d0 [ 1816.511495][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1816.516715][ C1] kthread+0x2f0/0x390 [ 1816.520818][ C1] ? __pfx_worker_thread+0x10/0x10 [ 1816.526035][ C1] ? __pfx_kthread+0x10/0x10 [ 1816.530650][ C1] ret_from_fork+0x4b/0x80 [ 1816.535094][ C1] ? __pfx_kthread+0x10/0x10 [ 1816.539799][ C1] ret_from_fork_asm+0x1a/0x30 [ 1816.545572][ C1]