last executing test programs: 1m15.25367744s ago: executing program 1 (id=540): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001800)={0xffffffffffffffff}) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x2) bind$unix(r0, &(0x7f00000001c0)=@abs={0x1}, 0xb) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) preadv(r1, &(0x7f0000000500), 0x0, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r1, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x6], [0x10000, 0x0, 0x0, 0x0, 0x5, 0xffffffff], [0x6]], '\x00', [{}, {}, {}, {0x0, 0xffffffff, 0x0, 0x1}, {}, {0x0, 0x7d8}], '\x00', 0x1000}) r2 = eventfd2(0x0, 0x0) open_by_handle_at(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="20000000080000000000000000000000000000000000000000000000000000000000000000000000606cb8d3cc7794cb564f77297fc63713525e81ebc25cf0"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x14}, [@ldst={0x5}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) msgget(0x2, 0x217) write$char_usb(r1, &(0x7f0000000340)="e2c0f1b837a941464b9804ec34297be9bc7328abc35eed9219c492de4702e4f18f230a908d93e53407a280b9a25fe64c21e7c660f01fa5c2c8cfff3b9b5dde8f139d9e63ec626d67f494def918229944d8da1365a9f00eb0e115742cd0c1de7a6ac88acca458dc4f8d0be1e2a49f8b437a5e5c2fbc2e4ee591f17a", 0x7b) msgrcv(0x0, &(0x7f0000000540), 0x26, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) msgsnd(0x0, &(0x7f0000000300)={0x2}, 0x8, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r4, 0x0) syz_emit_ethernet(0x5a, &(0x7f00000003c0)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xe, 0x4, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x2}, @exp_smc={0xfe, 0x6}, @sack_perm={0x4, 0x2}, @md5sig={0x13, 0x12, "254859cb515ea9b037544b36706cfef8"}, @generic={0x4, 0x6, "93ae8887"}]}}}}}}}, 0x0) msgsnd(0x0, 0x0, 0xb9, 0x0) io_uring_setup(0x0, &(0x7f0000000080)) socket(0x2b, 0x1, 0x1) socket$inet6(0xa, 0x2, 0x3a) 1m13.743968858s ago: executing program 1 (id=545): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) ioprio_set$uid(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1458c2, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0xe860c42ced148432) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000340)={0x0, 0x2, {0x1, 0x1, 0x4, 0x1, 0xabac}, 0x20}) openat$random(0xffffffffffffff9c, &(0x7f0000000100), 0x10902, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f00000000c0)=0x1) syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8) read$FUSE(0xffffffffffffffff, 0x0, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r3, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @dev={0xfe, 0x80, '\x00', 0x10}, 0x1}}, 0x24) sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) 1m11.44540534s ago: executing program 1 (id=548): syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="0168c2000000c5aaaaaaaabb080045000030000000000011907800000000ffffffff2f65cd2eeb000000004500000000ffe8"], 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x10) r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="850000009a000000040000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x12, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xa0090199) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r7 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x10000000d]}, 0x8) ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000001"]) dup(r6) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000080)='./file1\x00') r8 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r8, 0x402, 0x8000003d) openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x408) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r3, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r10}, 0x10) 1m11.444181077s ago: executing program 3 (id=549): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) io_setup(0x1, &(0x7f00000004c0)=0x0) socket$nl_route(0x10, 0x3, 0x0) epoll_create1(0x0) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = syz_io_uring_setup(0x24fa, &(0x7f0000000b80)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0) r6 = socket$phonet_pipe(0x23, 0x5, 0x2) socket(0x11, 0x800000003, 0x3af6) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x5, 0x14, 0x0, &(0x7f0000000100)="259a53f271a76d2608fff74588a80a3888ca2f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) setsockopt$PNPIPE_INITSTATE(r6, 0x113, 0x4, &(0x7f0000000040), 0x4) io_submit(r1, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x0, r0, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}]) 1m10.355364655s ago: executing program 1 (id=552): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x14, 0x1, 0x4, 0x3}, 0x14}}, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x38, r2, 0x1, 0x4, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x2}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x38}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080), 0x12) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=@newtclass={0x434, 0x28, 0x4, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xffff, 0xfffe}, {0xf, 0x9}, {0xfff3, 0xd}}, [@c_cbq={{0x8}, {0x408, 0x2, [@TCA_CBQ_RTAB={0x404, 0x6, [0x2, 0x726, 0xfffffffc, 0x0, 0x1dd0, 0x80000001, 0x7, 0x5, 0x6, 0x7fffffff, 0xc6c, 0xc, 0x587, 0x6, 0x1, 0xd55, 0xffff4113, 0x1, 0x5, 0x1000, 0xc, 0x5, 0x0, 0x6, 0x3, 0x8, 0xf3, 0x10008, 0x3, 0x5, 0x2, 0xfffffffc, 0x8, 0x92f, 0x9, 0xfffffff4, 0x80, 0x4, 0x10001, 0x6, 0x0, 0x5, 0xa7, 0xfffffffc, 0x7, 0x2d16, 0x1, 0x81, 0x4, 0x4, 0x5a315d9f, 0x1, 0x4, 0x7, 0x34b832e9, 0x7, 0x7, 0x1, 0xf0d5, 0xd6, 0x400, 0x297, 0x4, 0xfffffff9, 0xf, 0x1, 0x5, 0xb54, 0x8001, 0x5, 0x6, 0x4, 0xc7d, 0x4, 0x2, 0xc, 0x98, 0x5, 0x8, 0x9, 0x3, 0x0, 0xd0f, 0x6, 0x800, 0x46, 0x8d, 0x2, 0x10000, 0x40, 0x8, 0x5, 0x3, 0x62, 0x3, 0x7, 0x8, 0x7cb2b55b, 0x4481, 0x2, 0x8, 0x0, 0xd, 0xb5d, 0x6, 0xffff, 0x3, 0x9, 0x5a, 0x7, 0x6, 0x8, 0x5, 0x8, 0x3, 0x6, 0x222, 0x25f55f75, 0xfff, 0xd, 0xf, 0x7, 0x1, 0x6, 0x0, 0xb8d0333b, 0x669554bd, 0x78, 0x9, 0xe29, 0xfffffff8, 0x4, 0x0, 0xc0000, 0x7, 0xb6ab, 0x7fffffff, 0x8, 0x8, 0x7, 0x3, 0x0, 0x8, 0xdbc7, 0x401, 0x9, 0x2, 0xa019, 0xf5, 0xfffffffb, 0x7, 0x5463, 0x7, 0x80, 0xc, 0x0, 0xb, 0x76d7, 0x4, 0x3, 0x5, 0x8, 0x9e, 0xa017, 0xfffff1c1, 0x7, 0x3, 0x3, 0x1000, 0x7, 0x7, 0x7f, 0x0, 0x7, 0x6, 0x6, 0x2, 0x7120, 0x4, 0x8, 0xe3, 0x7, 0x9, 0x800, 0x3, 0xffffffff, 0x3, 0x140000, 0x0, 0xa, 0x4, 0x7, 0x8, 0xc2dc, 0x3f18, 0x5, 0x7ff, 0x3, 0x3, 0x5, 0x8, 0x8, 0x7, 0x9, 0x4, 0xfffffffc, 0x5, 0xf700, 0x4, 0x200, 0x9, 0x6, 0x0, 0x101, 0x4, 0x8001, 0xa, 0x3, 0xefe, 0x8da, 0x4, 0x9, 0x7, 0x401, 0xf45, 0x1, 0x3, 0x440c, 0x14, 0x10000, 0x59, 0x8e, 0x5, 0x8, 0x2, 0xfffffffd, 0x5, 0x1, 0xfffffff8, 0x1, 0x494, 0x9, 0x0, 0xfffffff0, 0x7, 0x9, 0x9, 0x9, 0x30, 0xc, 0x80, 0x9, 0x3, 0x7, 0x6, 0x58]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x20000000}, 0x240c0010) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x4000) r4 = socket$inet_sctp(0x2, 0x5, 0x84) sendmsg$inet_sctp(r4, &(0x7f0000000580)={&(0x7f0000000000)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000340)="35243fce92f6d9a84c80539295311fd8a2214e7f89aec2ae7227b0a9a1270b396266f3b6397c9c02cba0f3d93568cbfee142271575afeaf612165a0e4d51dea9e0301e154835b17b23646003b3e7475f4c2d050afd1bdcc11066598c0b8f4c56ff0290c29898130e1f3ef04205d91d1753a60f0ee3c2583da359e56d3b0bd245be5009de260321e99db7795d3613efa54809c678ff96bdcde10e", 0x9a}], 0x1, &(0x7f0000000500)=ANY=[@ANYBLOB="1e000000000000008400000008000000ff01000000000000000000000000000118000000000000008400000007000000ac1e00010000000018"], 0x50}, 0x0) r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) flock(r5, 0x2) r6 = open(&(0x7f0000000100)='./file0\x00', 0x108600, 0x10) flock(r6, 0x2) r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) flock(r7, 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f000000040000000800000005"], 0x50) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$FUSE(r8, &(0x7f0000004180)={0x2020}, 0xfffffffa) flock(r5, 0x1) r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r10, 0x4020aeb2, &(0x7f0000000740)) ioctl$KVM_RUN(r11, 0xae80, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a090400000000000000000200fffe0900020073797a32000000000900010073797a30000000004c00048024000180090001006d65746100000000140002800800014000000001080002400000001724000180090001006d6173710000000014000280080002"], 0xa0}, 0x1, 0x0, 0x0, 0x24040800}, 0x0) 1m10.048862871s ago: executing program 3 (id=556): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newtaction={0x14, 0x1c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}}, 0x14}, 0x1, 0x0, 0x0, 0x88000}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="44000300", @ANYRES16=r1, @ANYBLOB="310401080000030000001600000018000180140002006e657464657673696d3000000000000005000300010000000500040001000000050002"], 0x44}}, 0x0) 1m9.832296475s ago: executing program 1 (id=557): socket(0x10, 0x803, 0x0) pipe(&(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000180)=[{0x48, 0x0, 0x0, 0xfffffff7}, {0x6, 0x3, 0xfb}]}) r1 = syz_open_dev$video4linux(&(0x7f0000000080), 0xff, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r1, 0xc040563d, &(0x7f0000000000)={0x0, 0x2}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$igmp6(0xa, 0x3, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') open(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0) 1m8.90797885s ago: executing program 3 (id=559): openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x73, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140400003b0007012cbd700000000000047c000004000000fc0301800600060000350000ef03c88087393eaccfa6e2dafda77a38d47d3e3ceb20bd48977e227afd92a95427cbcd72b5ed7282dc8bd0774a9d898df8ba8e46a3a7b81a6e4bc955346068cccb2fd1f0c1316e6128f3f179a406fdc2413067931b09161ea2c1f62bd87ba395767ed03d1c3a7292974e0cee24c3af2ee45ffd4f92f29e3ba138d933fa4dfdf994ff4c69d2ea7043d86d4a1c755b0204dd76a5def9bdbbc01661c7d08ba636136365c0f58a5b55217edab5c85b8b3aca9ded19d81a86cbcc742c56b48a6524efd556223a65400c09b570011b3f96662232d67a0f4f04dad4219b7288e3e2c5a7968b3c550a2423699576f264c28f41b8bd3c1ccc7b93b8bac80499c51719f2cdad3528f2fc59af2f986a941c89a88d7d59c8083c3f8231996ba8974cd8faeb9e01d2fb81d92a4da454c1125b52561298d69e54ba9cb5e9ed1fd81bf9861c456d57bba1d00da82ef5c0133d967c90eb5e4240c83eafbe89cfc6b9082f08b5312c136985a0ae5bf975520bee1d4e6b5eadc3a71104f13e526ac36802e4803797afc860b0f89aa343b3c79586b3919e16748937523b265a2db7612c9826ff7a255bffe6f496be5e5b1a71201745fc278a0d5476f2d58f8597c42e72f088e648535b81f2e36fa9e81d25ea3b42b5c181476a871969c989fc615c5e66738af976f302f38b478549d6451cdbb518268220720817c0eb9093c44ceea87fceb5ce6c4edc4325b6039ca647799efc0b593fa1e4ddba8307c629e7292dd72a21ec41fc327ba03b33c3bc72eeabeb2f690900110040245e2e00000000aab616e82ac588130c38bbd38accc9fff2d71bb9073e33beea113e6cb79b8c9f32beb1a5bc6b6b2c91c1b0888d8f94c5fbdfcff608f89d61d58c465825a8e1ba743ab790c4e76ea7facc764f11a4ae84e0126a29280dc24b8e7fb6f771d18f82c4c724f766517b328c7eef9292336cfb1cb79fb70963bb6c830fb5eaf268c5cc3b02217f749b75edcdef2f5f7f93120e349302628af90a06548c79c3a9fd0f5fb3900f83a2d0eaffd41f1e8b104f9d7870f05a455b780baa8858d13f33016b9d120372a416f66462008c7fb20c296680e0d82fa32def23b0b90400358004004400558ba7db63193c0a4ab8baaf8758ff191c99bfa2bada54fe976685e32e28a1bda8bdb8368a632ab7c9f0a3363169b460720dbcaafcd419596e8d377a6e70aa379b632b452ea9ed238d7e2cc47adbc272568b2bc8cb0f59cbabecfb9b90193c737d415ecc4fe9f46fc00fc4c21f5bfee64e9872dca974a21083a1e35b5f1aceda55ac168cdc7ca4cebbb2653f1a46a6d054381a51707b6a8d02cb364ef51e46be7faded922b852205"], 0x414}}, 0x0) 1m7.752807434s ago: executing program 1 (id=561): r0 = socket$inet(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0a00000005000000020000000700000002010000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000000000000000000000078ba30bb69e7b64dfaf9debf43e4fd35f19be5f19d1d8f478f3808dd37fc672e469ef88dd4b5ad2ad5f473d8461a97c7302799c4b69a3bd85dea65a71299387f0f6513410d12fc89fadbc6726e7ed5b7edde5ce363255891b807688c05a07d5b0f15474420452b17aee6f4edefcc2e4a68c5b349e4edf1578368f11a32e998796ef73fd7f7b93f7cd5b52673a1f08c7091b0adb783a98f31598e46e34e17e1227446b3520cd001b5167027be18968705c7c5467bef110c55a0aa3c2743d8a5a239ae58db5da49449c19073fa357c6dc7852abf5224778dafe5977877e4c0f348360343e15f5e2b948723", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000703ac020580406709169000000010902120001000000000904"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) mknodat$loop(0xffffffffffffffff, 0x0, 0xc000, 0x0) linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vxcan1\x00', 0x0}) connect$can_bcm(r2, &(0x7f0000000300)={0x1d, r3}, 0x10) sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) sendmsg$can_bcm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="0500"/12, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) socket$unix(0x1, 0x2, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r6}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x8, 0x3, 0x1f8, 0x0, 0x8, 0xfa04, 0xd0, 0x6c02, 0x160, 0x194, 0x194, 0x160, 0x194, 0x3, 0x0, {[{{@uncond, 0x0, 0x98, 0xd0, 0x0, {0x0, 0x74020000}, [@common=@inet=@ecn={{0x28}, {0x0, 0x22}}]}, @common=@inet=@SET3={0x38}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x258) 1m7.018802144s ago: executing program 3 (id=563): socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x99, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) r5 = syz_open_dev$I2C(&(0x7f0000000800), 0x0, 0x0) ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000000140)={&(0x7f0000000000)=[{0x0, 0xaa01, 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0}], 0x2}) 1m3.9979813s ago: executing program 3 (id=571): socket(0x10, 0x803, 0x0) pipe(&(0x7f0000000000)) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000180)=[{0x48, 0x0, 0x0, 0xfffffff7}, {0x6, 0x3, 0xfb}]}) r1 = syz_open_dev$video4linux(&(0x7f0000000080), 0xff, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r1, 0xc040563d, &(0x7f0000000000)={0x0, 0x2}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$igmp6(0xa, 0x3, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') open(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0) 1m0.25793807s ago: executing program 3 (id=583): socket$alg(0x26, 0x5, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat$adsp1(0xffffffffffffff9c, 0x0, 0x8200, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) fanotify_init(0x0, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r3, &(0x7f0000000240)={0x1d, r4}, 0x18) connect$can_j1939(r3, &(0x7f00000000c0)={0x1d, r4, 0x3}, 0x18) bind$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, r4, 0x3}, 0x18) sendmmsg(r3, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000280)='\"', 0x1}], 0x1}}], 0x2, 0x0) 51.823789783s ago: executing program 32 (id=561): r0 = socket$inet(0x2, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="0a00000005000000020000000700000002010000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000000000000000000000078ba30bb69e7b64dfaf9debf43e4fd35f19be5f19d1d8f478f3808dd37fc672e469ef88dd4b5ad2ad5f473d8461a97c7302799c4b69a3bd85dea65a71299387f0f6513410d12fc89fadbc6726e7ed5b7edde5ce363255891b807688c05a07d5b0f15474420452b17aee6f4edefcc2e4a68c5b349e4edf1578368f11a32e998796ef73fd7f7b93f7cd5b52673a1f08c7091b0adb783a98f31598e46e34e17e1227446b3520cd001b5167027be18968705c7c5467bef110c55a0aa3c2743d8a5a239ae58db5da49449c19073fa357c6dc7852abf5224778dafe5977877e4c0f348360343e15f5e2b948723", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000703ac020580406709169000000010902120001000000000904"], 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) mknodat$loop(0xffffffffffffffff, 0x0, 0xc000, 0x0) linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vxcan1\x00', 0x0}) connect$can_bcm(r2, &(0x7f0000000300)={0x1d, r3}, 0x10) sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) sendmsg$can_bcm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="0500"/12, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) socket$unix(0x1, 0x2, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r6}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x8, 0x3, 0x1f8, 0x0, 0x8, 0xfa04, 0xd0, 0x6c02, 0x160, 0x194, 0x194, 0x160, 0x194, 0x3, 0x0, {[{{@uncond, 0x0, 0x98, 0xd0, 0x0, {0x0, 0x74020000}, [@common=@inet=@ecn={{0x28}, {0x0, 0x22}}]}, @common=@inet=@SET3={0x38}}, {{@uncond, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x258) 45.153200295s ago: executing program 33 (id=583): socket$alg(0x26, 0x5, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat$adsp1(0xffffffffffffff9c, 0x0, 0x8200, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) fanotify_init(0x0, 0x0) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r3, &(0x7f0000000240)={0x1d, r4}, 0x18) connect$can_j1939(r3, &(0x7f00000000c0)={0x1d, r4, 0x3}, 0x18) bind$can_j1939(0xffffffffffffffff, &(0x7f0000000040)={0x1d, r4, 0x3}, 0x18) sendmmsg(r3, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000280)='\"', 0x1}], 0x1}}], 0x2, 0x0) 9.016012916s ago: executing program 4 (id=727): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = add_key$fscrypt_v1(&(0x7f0000000140), &(0x7f0000000180)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "66e30e8471c4cad02e5a052c2d261afa6069f8598ba2a10e330f66e6180c09f76867e43acc5d412e34408d07108710b002d771f887ea41cc9bd0ced8518c922d", 0x23}, 0x48, 0xfffffffffffffff8) add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f00000000c0)="ee959bfea4e399d6cab782efee37febbe8a273d6c103ee62bed257b27fb149c8461651bcb7410a029aa6774a596dba04f2cd65d62b8a14650bc2691deaad3bca32f9c62f", 0x44, r1) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000940)={{0xfffe, 0x7f}, 'syz0\x00'}) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12) ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x6) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0x15) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000002c0)=0x7e) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000200)=0x6) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180)=0xef) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='debugfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) lsetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=@known='trusted.overlay.impure\x00', &(0x7f0000000140)='\x00', 0x1, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) ioctl$UI_DEV_CREATE(r0, 0x5501) 8.890115842s ago: executing program 0 (id=728): r0 = socket$igmp6(0xa, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000300)={'team_slave_1\x00', &(0x7f0000000000)=@ethtool_wolinfo={0x5, 0x6, 0x5, "26d5942935ce"}}) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0x58, &(0x7f0000000400)}, 0x10) openat$pidfd(0xffffffffffffff9c, 0x0, 0x6d0180, 0x0) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) getsockname$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) connect$inet6(r5, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000340)=@gcm_256={{0x303}, "1d2208f5ec265570", "95212f25baa0e3d5ec43e2f3c4f8ece4251050d3da0cc29bec584afd989f7996", "066a7ee0", "5203838ccb474782"}, 0x38) recvmmsg(r5, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000b00)=""/81, 0x51}], 0x1}}], 0x1, 0x0, 0x0) 8.392702192s ago: executing program 5 (id=729): unshare(0x2040600) iopl(0x3) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, 0x0, 0x0) recvmsg(r0, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001880)=""/17, 0x11}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) 7.473648328s ago: executing program 0 (id=731): r0 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f0000000540)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}], 0x1, 0x0) (fail_nth: 5) 7.367661301s ago: executing program 2 (id=732): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000b40), 0x2200, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) shutdown(r2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r3, &(0x7f00000008c0), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0) socket$kcm(0x29, 0x7, 0x0) getsockopt$inet6_int(r3, 0x29, 0x8, 0x0, 0x0) r4 = dup3(r2, r1, 0x0) r5 = inotify_add_watch(r4, &(0x7f0000000040)='./file0\x00', 0x10000000) recvmmsg(r2, &(0x7f0000003b80)=[{{&(0x7f00000002c0)=@alg, 0x80, &(0x7f0000000240)=[{&(0x7f0000000340)=""/161, 0xa1}], 0x1, &(0x7f0000000400)=""/192, 0xc0}, 0x9}, {{&(0x7f0000000500)=@phonet, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000580)=""/154, 0x9a}, {&(0x7f0000000640)=""/34, 0x22}, {&(0x7f0000000b80)=""/4096, 0x1000}, {&(0x7f0000003d40)=""/4112, 0x1010}, {&(0x7f0000000940)=""/12, 0xc}], 0x5, &(0x7f0000000740)=""/208, 0xd0}, 0xab}, {{0x0, 0x0, &(0x7f0000002b80)=[{&(0x7f0000000840)=""/105, 0x69}, {&(0x7f0000000900)=""/48, 0x30}, {&(0x7f0000000940)}, {&(0x7f0000000980)=""/51, 0x33}, {&(0x7f00000009c0)=""/151, 0x97}, {&(0x7f0000000a80)=""/188, 0xbc}], 0x6, &(0x7f0000002c00)=""/241, 0xf1}, 0x8}, {{&(0x7f0000002d00)=@alg, 0x80, &(0x7f0000003380)=[{&(0x7f0000002d80)=""/212, 0xd4}, {&(0x7f0000002e80)=""/86, 0x56}, {&(0x7f0000002f00)=""/201, 0xc9}, {&(0x7f0000000680)=""/54, 0x36}, {&(0x7f0000003040)=""/90, 0x5a}, {&(0x7f00000030c0)=""/94, 0x5e}, {&(0x7f0000003140)=""/130, 0x82}, {&(0x7f0000003200)=""/197, 0xc5}, {&(0x7f0000003300)=""/125, 0x7d}], 0x9}, 0x5}, {{&(0x7f0000003440)=@in6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000003800)=[{&(0x7f00000034c0)=""/28, 0x1c}, {&(0x7f0000003500)=""/133, 0x85}, {&(0x7f00000035c0)=""/164, 0xa4}, {&(0x7f0000003680)=""/112, 0x70}, {&(0x7f0000003700)=""/38, 0x26}, {&(0x7f0000003740)=""/151, 0x97}], 0x6, &(0x7f0000003880)=""/124, 0x7c}, 0x9}, {{0x0, 0x0, &(0x7f0000003a80), 0x0, &(0x7f0000003ac0)=""/159, 0x9f}, 0xffffffff}], 0x6, 0x40000000, &(0x7f0000003d00)) inotify_rm_watch(r4, r5) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) truncate(&(0x7f0000000140)='./file0\x00', 0x0) socket$packet(0x11, 0x2, 0x300) 7.199750802s ago: executing program 5 (id=733): socket$kcm(0x11, 0xa, 0x300) r0 = bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0), 0x8) (async) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x2, 0x4, 0x1, 0xbf22, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x5, 0x4, 0x6, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r3, &(0x7f00000001c0), &(0x7f0000000280)=@udp6}, 0x20) (async) dup3(r3, r2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x31, 0xffffffffffffffff, &(0x7f0000000040)) (async) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r3, &(0x7f00000001c0), &(0x7f0000000300)=@udp6=r1}, 0x20) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r5, &(0x7f00000002c0)=ANY=[], 0xc1) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYRESOCT=r0], 0xcc}, 0x1, 0x0, 0x0, 0x24000051}, 0x0) r7 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r7, 0x10d, 0xb0, &(0x7f0000000000), &(0x7f0000000240)=0x4) (async) syz_80211_join_ibss(0x0, &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) (async) remap_file_pages(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000000, 0x7, 0x8000) (async) syz_80211_inject_frame(0x0, &(0x7f0000000440)=ANY=[@ANYRESDEC=r4], 0x1e) (async) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async) syz_80211_inject_frame(&(0x7f0000000100)=@broadcast, &(0x7f0000000880)=ANY=[@ANYBLOB="18ad3d00ffffffffffff080211000000ffffffffffff682a00004001c124ea580f5567d33ccad7d5d6e653cd188191dec27b5fc62d3d5638af5fbf2c1834c6f44bfa935dda8c44869020f904929ea2bd10cc00d25af2ec76ffd3b146c2b27f13e25773399327f66eb17779fff808c20c7a938dc179a8723584bc0dd58df44e6d3e51b7f0320279655270cd09e49f4b9020a4bd8b6254f0aacc07e05b6847741fd99d7aa68e33e4f37463e42eae5ecda8facd0774925ce8c0cb1e7306c9c7f2a35c6379de94afac31c49a3d2476d73d97d3cfaacf89d7bea7a4a161507e5437d6348dca0f459eeccfd235885d6090e7a549c5c40a4030854af2c730ca5de0cafaee8c241c86678c8f2b537883d1bcd97f89d1788490225023d3251926704d8110f7d61636bcc0698a6faf47ccd7c59aa76d18c04693d077ef589b0a4ee80ad6721b85abf025f32132c5ae4fa1915e11bfbb2e4a59c5151670efea64f1fd4064d5b1f9e096ba302819cd1a65d1ada36f7495345d5c2cee250a95e4e6ffb6ebabad1918deb0faffebc113232df11b2a7f5009b0c88a0d5fbb7a52aa3c5c2e11498f411570cce5e4308775f7e7113cf1d4ab5cd8699f746e4646a1df7267d4970cc9e3a528aeaa02181d3adc8bd13adcf4d5c9489d419611d755a1dae7d21423169e535919fffa32e7ed3221641bf2749ead6ac6e7f7bb969ca153c46f215ca6acdce95018caac53f7ee33479f2d842ceb6b0aa4f0f9f9a5b9830fe51efa9357fb3fbd13e82c88b907a1ec20766cf5cf31bd75cc55152a4b488beace87a1f0ab35df7e3914563c94ce1fe82cc4813f6b1808554f4e8ec0e32d07d591c7057e37e2690fb0848b15fa7a59e1d1c27716816af56c09e43572fd6abc7f93a1132b5ffbbf2c0948b7e6965873ccbace3f0f0b537fe9e3f0b487e152b8da94b40cb3968a457d4707003a6d1fe893877130a828a5a66ace5af75d06de3519149aa52109f1a7064ec4df9f481f8c09545f85492c0a455d0b9c9760227c1715429e974bcd6ab64e71bad2c5521eade29628551066db07d056d37f516a00f0d1d26df43b9731290fbeb691c4c277f80a9a398efafaa2afa16ad7eaa96e37269d92154727513460fe668cb0c51819bf4cd6d8c156f7d1dad46dbf1af023f62b18c371f5c02da5664b40db9ab4171b1ac1722ce731d7507ea542435587c2dec0e619f62261096606947a6bd4f54c73595a4e1499c258b76c3b883515ae661e4e7efbf732c5989161cc8340a0f6dc88d96cc66079d8c60669d8ed4fdb885e86b00ed609b749e57e6e0495d316a7a81318662935456ac5554574c8a0cc1651dd0ed2f7796f700cfe569f4a6414278520ab4f7fe54748917d86dc64abf0cec452b571f0541671f5d9245e3cbc96964be38f3a4233b9c2ca1d746616fcc83281cc71581ef2576659f51d1d4123b96382f275e8b8e3aae610438d01795e2b000a0919d77c010d2606c404f793ccdf0e572d7102286350241c27fda99ca822c19c6dbb9934a8ece56d952433ed6cba4cd711294d7cdf6c6a5fda102c3237973050b86edf3093898eddb43acfbe0df0a87eb0120886467b4f4d7570ab8474647aaecf823f7849a8f0be98758023b4beceb5080b6ef568ed02f655072e21996bec3e6872a8f36750240ea585a2ed448c70567d6edcd257482261edd4bd532393f9d5afe9a92e2eb47d4d2f65f6f853b6c791aabfe0956e8ff0db026b60847fd71291429f3ff19210a64450aa90241c928726371e6f3f2f6322c474c3074ff04378e904be24ee4ee7504d0f9bbb6e17363552695ff8c94f9b800bff5feb773880bf42b70b89825d05b3d7b74adcc658fd742097136d37014b3a314c2110932a2c028a6e42b4a1c0af1d8ed2756f636e6e75e04a5051c289b853c074667a076dbe244cc8e2fbbb711afb9b88eacee3c3fb5aa749c20918bf8e84af2f1f5804c94c00dfa54ea41dce6ecd83ae74d73835397d936d1c58173a9f9fc1996ce2403da4e1c5e120cfe0eb281aa85da04709bb4d82075929e5d4db9828758d4bc7e542cb4e4e176487d3f5b9528868824e292718e06c2e0a38bec6f10d35b96aed2b0e021ce6df29bad8c83427813cceeea02575b49a6baf669f6a6bd6adad2998dfffa4f10dd645f579f77849a0337958da6697ec8c026be75934b9aca59283635b3a2e8712603c577139c0a77e619faa508b6005e0ed068b6ecaa696315e93ae88b727c1c7d50804c24d72401455ab5ecc2ac178e519a885e75a82793b02398c6b2ba1ef4252a26f441aef1248dd91a79dc0d14016c2b09bde65572a3e298a642d0ec40663c0213e0a26e59548b427b324e3d8a32e51a776076df28af48057107f5af7d6ea4f075001041f0c34e6cc5a4ffa8a7bf3ee2f9dae445587f5b889d27fa0ec9e3a75395a795e6976dcaf5c09d4d5ea4aff601feace4e4406c7f91307c38da1c6b0ef6e828166b7afa5aa3a8da1eadcb724f14e1e22c5cb2b7d896bef870b11b41c0d13a3cdf08f797c324f16dc6c6ffb6e7cb3184dc119da3775f0cc7b6e5f6d9c756cbedf9afa12a8c908e01e8013f7224c33f9e4192fe2890651bd2a82e49d772e5840556116e16ac4bbde50e5621270054836b68b815c6aefbb7fedd0d7203aa0cad9ba57e0809a61d3c70d1ed744d5e9ea0ec840f010e0876c967bfa94e7fc7e521907e219a5fb0761d3"], 0x70a) (async) bind$bt_hci(r5, &(0x7f0000000080)={0x1f, 0x1, 0x3}, 0x6) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r9 = socket$nl_generic(0x10, 0x3, 0x10) (async) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r9, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r10, @ANYBLOB="d3588b94f7dea7583282a652d302d10100000000000400000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0) (async) syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r9) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r9) 7.198821546s ago: executing program 6 (id=734): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x50) r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r5 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x0, 0x1000000, 0xffffffff, 0x290, 0xffffffff, 0x360, 0xffffffff, 0xffffffff, 0x360, 0xffffffff, 0x3, 0x0, {[{{@ip={@private, @private, 0x0, 0x0, 'bond_slave_1\x00', 'geneve1\x00'}, 0x0, 0x220, 0x290, 0x0, {0x0, 0x1c8}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_batadv\x00', {0x6, 0x0, 0x39, 0x0, 0x0, 0x80000000, 0x3}}}, @common=@inet=@hashlimit1={{0x58}, {'veth0_to_batadv\x00', {0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x23}}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x8001, 0x0, 0x0, 0x0, "4d93300e9ddd69f9a8bf031d5b32564b7a48bc973dff0fa696189af20d33bff9c1ccec6dc08f69478f499163eeff981716ff9cad6ae4abbad2152c5241817082"}}}, {{@ip={@rand_addr=0x64010101, @empty, 0x0, 0x0, 'veth0_vlan\x00', 'netpci0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x4]}, {0x0, [0x0, 0x0, 0x0, 0x5]}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x64}}}}, 0x458) io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0) r6 = socket$isdn_base(0x22, 0x3, 0x0) dup3(0xffffffffffffffff, r6, 0x0) 6.688441999s ago: executing program 0 (id=735): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000800)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)={0x30, r2, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0x9, 0x2}, {0x8, 0x5}, {0x7, 0x5}, {0x40, 0x4}], "2d4728e072c4c655"}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004001}, 0x4008040) 6.683724292s ago: executing program 4 (id=736): socket$tipc(0x1e, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) r1 = syz_clone(0x80040100, &(0x7f00000004c0), 0x0, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close(0xffffffffffffffff) bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe0ec}]}}]}, 0x3c}}, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000410007010000000000000000017c000008000100", @ANYRES32=r1], 0x1c}}, 0x0) ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000080)={'dummy0\x00'}) 5.944459655s ago: executing program 6 (id=737): socket$alg(0x26, 0x5, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r3, 0x3516, 0x500, 0x0, 0x0, 0x0) 5.835252131s ago: executing program 0 (id=738): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x12, 0xffffffffffffffff, 0x29354000) r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0) ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x80002, 0x1, 0x6}) r2 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) socket$inet_udp(0x2, 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r3, 0x0}) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, &(0x7f0000000280)={r4, 0xfffffffd, 0x0, 0x1, 0x7, [0x0], [0x0, 0x0, 0x0, 0x5], [], [0x3, 0x0, 0x20000000]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000200)={r8, 0x0, 0xffffffffffffffff}) setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000000)={0x0, 0x0, r9}) close_range(r0, 0xffffffffffffffff, 0x0) r10 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000016001d0a"], 0x14}}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000240), r10) r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0) ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) 5.834906911s ago: executing program 5 (id=739): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/image_size', 0x20202, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@decl_tag={0x1, 0x0, 0x0, 0x11, 0x5, 0x9}]}}, 0x0, 0x2a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) write$P9_RWALK(r2, &(0x7f0000000000)=ANY=[], 0x9) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/vmcoreinfo', 0x341242, 0x42) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000001c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000200)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={&(0x7f0000000180)=[0x0], 0x1, r6, r5, 0x0, 0x0, 0x0, 0x800, {0x4, 0x1, 0x3, 0x69, 0x200, 0x0, 0x2, 0x5, 0x4cab, 0xe156, 0x0, 0x0, 0x0, 0x0, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}}) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000e47f00000100000000000000", @ANYRES32, @ANYBLOB="ff7c3fc4cc59297e"], 0x48) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$VIDIOC_PREPARE_BUF(r3, 0xc058565d, &(0x7f0000000280)=@fd={0x674a, 0x2, 0x4, 0xc051, 0x8, {0x0, 0x2710}, {0x5, 0x0, 0x1, 0xfa, 0x15, 0x2, "068702e5"}, 0x7, 0x4, {}, 0x9, 0x0, r3}) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="640000000206030000000000000000000000000005000100070000000900020073797a320000000014000780080013400000000008001240000020000500050002000000050004000000000015000300686173683a69702c706f72742c6e6574"], 0x64}}, 0x0) syz_usb_connect(0x2, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0) 5.776025167s ago: executing program 2 (id=740): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0xa00, &(0x7f00000000c0)={&(0x7f00000002c0)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x880}, 0x0) 4.661188921s ago: executing program 2 (id=741): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r1, 0x0, 0xe, 0x0, &(0x7f00000006c0)="000000a9ac780000cf8e6c053229", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {}, {0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x2012}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x20000}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0) r2 = syz_usb_connect$printer(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x141, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0x40, 0x4, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x7, 0x1, 0x3, 0x4, "", {{{0x9, 0x5, 0x1, 0x2, 0x400, 0x2, 0x1}}, [{{0x9, 0x5, 0x82, 0x2, 0x8, 0x1, 0x8}}]}}}]}}]}}, &(0x7f00000001c0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x310, 0x1, 0xf8, 0x3, 0x40, 0x5}, 0x3d, &(0x7f0000000080)={0x5, 0xf, 0x3d, 0x4, [@wireless={0xb, 0x10, 0x1, 0x8, 0x84, 0x1, 0x0, 0x7, 0x8}, @ssp_cap={0x20, 0x10, 0xa, 0x7f, 0x5, 0xfff, 0xf, 0xfffa, [0xc030, 0x30, 0xc000, 0xff00c7, 0xc00f]}, @ptm_cap={0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xd, 0x2, 0x9, 0x7}]}, 0x3, [{0x4, &(0x7f00000000c0)=@lang_id={0x4, 0x3, 0x412}}, {0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x2c0a}}, {0x6a, &(0x7f0000000140)=@string={0x6a, 0x3, "0eed450137e971016bb39f4d2ce02a1b7865ee8c5f696c55e666d3dd7220ebd69498c9913347bf3c51cc07e4888cee09f276feab62d60c9b6d136131cf15f8851fda20627a1a8393f32bc3b96cabdc6a85503d34b0130f7894b2ddb08fd39b2c3c6d8bfe2bf44a68"}}]}) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x800) syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r3) syz_usb_disconnect(r2) 4.660414699s ago: executing program 6 (id=742): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000000)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0xa) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)) r0 = io_uring_setup(0x7058, &(0x7f0000000040)) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r1 = io_uring_setup(0x3f6e, 0x0) io_uring_register$IORING_REGISTER_FILES2(r1, 0xf, &(0x7f0000000380)={0x60, 0x1, 0x0, 0x0, 0x0}, 0x20) syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xa3db, 0x10100}, &(0x7f0000000100), &(0x7f0000000080)) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x64, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x1f}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x64}}, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084) socket$nl_netfilter(0x10, 0x3, 0xc) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) syz_clone(0x0, 0x0, 0x17, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 4.267050252s ago: executing program 4 (id=743): syz_emit_ethernet(0x76, &(0x7f0000000540)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e400ff", 0x40, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, '\x00', 0x0, 0x11, 0x0, @empty, @ipv4={'\x00', '\xff\xff', @loopback}, [], "17c1ff2bbd7f1499f26ff189e3606b5d"}}}}}}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x38, r2, 0x1, 0x0, 0x25dfdbfb, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x4}]}, @ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x38}}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000300)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x4, 0x6, 0x0, @remote, @local}, {0x1, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0xfe}}}}}}}, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$TCSETSW2(r3, 0x402c542c, 0x0) 3.739972344s ago: executing program 4 (id=744): r0 = socket$nl_generic(0x10, 0x3, 0x10) request_key(&(0x7f0000001000)='dns_resolver\x00', 0x0, &(0x7f00000004c0)='\aJ\xa6\xba\xbd\x06\x173\xadMD\x95\xee\xbd4\xabU\xf8\xe7X\xaf\xa3\x17\xd4r\xb1\xd9p|C\xcf\xa8\xa7\xc9\xfb\x02\xf1\x1f^\xaf\xc6\xd1}\x8eY\xa3M|z\xf5*K\xbb.\xaf\x9e\x01b\xb9\xe4a\x95\x0e\xc8\xd8\x98\x8e\x13K\xc45\x13*1\xc0i\xe7\xdd\t\xc7h\xcdPZ.(g$\xc3\xf1\xed\xa5\xdb\xb5,\xcf\xed\'H\xa7\xeb1\x94\xa4n\x98\xa9\xa4\x04\aa\xe0\xd9lLB\x85v]\xc0xd\x8f\xfdP\xc0|}\xc6\x91{\xaf\xc8n\"\x9b\xda\xd3(\xefE\xa0\xc7\n\xdd\xae\xf2\x8d\xd06\x97\x92\xbb4\xbe\x00\xb20mQ<\x1d\x94\xa0\xfe\x02\x8d\xfb\xd1[\xd5\xabX\xe2\x05\x9bL`t\xa5\xde\"\xa7uvs\x04\xe8\xdf\xf4\xf2\xcd\xb2?\xf6{', 0x0) request_key(&(0x7f00000010c0)='dns_resolver\x00', &(0x7f0000001100)={'syz', 0x2}, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'wg1\x00'}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = userfaultfd(0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000400)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}}) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000005c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50) 3.587233165s ago: executing program 5 (id=745): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x5, 0x2, 0x0, 0x2}, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) r5 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$EBT_SO_GET_INFO(r5, 0x0, 0x50, 0x0, &(0x7f0000000280)) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, 0x0, 0x0) sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x4, 0x0, {{@in=@multicast1=0xe0000002, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80}, {0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x40) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) add_key$keyring(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r8, &(0x7f0000000ec0)={&(0x7f0000000d40)={0xa, 0x4e22, 0x832b, @empty, 0x1}, 0x1c, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="2400000000000000800000000000000000008509000100000000020000000000f7a11a1407221791cdb310e760cc4c910b91103c32640729280d6c622a1b97ddc8461c2dc22f79e0e1fcee054581a8e7ba7aa1c6f82507c87d43", @ANYRES32=0x0, @ANYBLOB="000000001800000000000000290000000400"/28], 0x40}, 0x40000) 3.292615964s ago: executing program 4 (id=746): syz_usb_connect(0x4, 0x36, &(0x7f0000000000)=ANY=[], 0x0) 2.78409438s ago: executing program 6 (id=747): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sched_switch\x00', r3, 0x0, 0xffffffffffffffff}, 0x50) syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x0, 0x1000000, 0xffffffff, 0x290, 0xffffffff, 0x360, 0xffffffff, 0xffffffff, 0x360, 0xffffffff, 0x3, 0x0, {[{{@ip={@private, @private, 0x0, 0x0, 'bond_slave_1\x00', 'geneve1\x00'}, 0x0, 0x220, 0x290, 0x0, {0x0, 0x1c8}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_batadv\x00', {0x6, 0x0, 0x39, 0x0, 0x0, 0x80000000, 0x3}}}, @common=@inet=@hashlimit1={{0x58}, {'veth0_to_batadv\x00', {0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x23}}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x8001, 0x0, 0x0, 0x0, "4d93300e9ddd69f9a8bf031d5b32564b7a48bc973dff0fa696189af20d33bff9c1ccec6dc08f69478f499163eeff981716ff9cad6ae4abbad2152c5241817082"}}}, {{@ip={@rand_addr=0x64010101, @empty, 0x0, 0x0, 'veth0_vlan\x00', 'netpci0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x4]}, {0x0, [0x0, 0x0, 0x0, 0x5]}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x64}}}}, 0x458) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140), 0x302, 0x0) r6 = socket$isdn_base(0x22, 0x3, 0x0) dup3(r5, r6, 0x0) 1.590051472s ago: executing program 2 (id=748): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000800)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000340)={0x30, r2, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0xff, 0x2}, {0x8, 0x5}, {0x7, 0x5}, {0x40, 0x4}], "2d4728e072c4c655"}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004001}, 0x4008040) 1.58665909s ago: executing program 6 (id=749): r0 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8002000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x5}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000003900), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r1, &(0x7f0000003a80)={&(0x7f00000038c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000003a40)={&(0x7f0000003940)={0xf4, r2, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x18a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_NAME={0x15, 0x1, @l2={'eth', 0x3a, 'team_slave_1\x00'}}]}, @TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x674e}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0x3c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1ff}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa5}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x40}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}]}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x805}, 0x880) r3 = socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r6) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r6, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r7, 0x0) syz_emit_ethernet(0x4e, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@ack={0x1e, 0x4, 0x1f}]}}}}}}}}, 0x0) sendmsg$sock(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="c7", 0x1}], 0x1}, 0x0) recvmmsg(r5, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000280)=""/165, 0xa5}], 0x1}, 0x9}], 0x1, 0x400100c3, 0x0) r8 = socket(0x2a, 0x2, 0x0) r9 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDENABIO(r9, 0x4b36) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_opts(r10, 0x29, 0x36, &(0x7f00000037c0)=""/188, &(0x7f0000003880)=0xbc) r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) unshare(0x20000400) fallocate(r11, 0x10, 0x100, 0x5) modify_ldt$write(0x1, &(0x7f0000000080)={0x800}, 0x10) modify_ldt$read(0x0, &(0x7f00000000c0)=""/4122, 0x101a) bind$alg(r8, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="44000000100001042abd70000000000000000000", @ANYRES32=r12, @ANYBLOB="28800100000000000500110001000000140003006272696467655f736c4176655f30"], 0x44}, 0x1, 0x0, 0x0, 0x48010}, 0x0) sendmsg$nl_route_sched_retired(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x14e01}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)=@newchain={0x3470, 0x64, 0x406, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, r12, {0xfff2, 0xc}, {0x3, 0x6}, {0x8, 0x10}}, [@f_tcindex={{0xc}, {0x540, 0x2, [@TCA_TCINDEX_ACT={0x53c, 0x7, [@m_vlan={0x84, 0xc, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x4}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x1}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x7, 0x4, 0x6, 0x9, 0x2}, 0x3}}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x3}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}]}, {0x1a, 0x6, "fa487bc182be181e7e7c86fb00a763dce4ea0f8cd6f9"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_skbedit={0x134, 0x13, 0x0, 0x0, {{0xc}, {0x54, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x1ff, 0x200, 0x0, 0x81, 0xfffffffa}}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x10, 0x9}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x9, 0xfff, 0x7, 0x7, 0x8}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfff1}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x6}]}, {0xb7, 0x6, "09abd6d500ee1b130cc7266a14883266da7061f37c0d2b46d7f470f13bfb9ff5aa6e05055256fc3d5e5e5a52fc4b75dd877ff80c396f341305f0b07472438c1e703e775a14a4dc3e4e595a87aa08bd404a15383fc37128dc87f81e05866e8c86abb3da7c5c37f597e33ceb79793719a8c40257c19c97ef3956fed0300c4c6d3efcd2b74c714eab498f9d6f5e768212b3188c540b8ef352abc6e66515f055e5cce908b2a3bee39910ef53ce7575f23e8c3c6920"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_tunnel_key={0x90, 0xd, 0x0, 0x0, {{0xf}, {0x4c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0xfc4, 0x3, 0x3, 0xfffffff0, 0x800}, 0x2}}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x9, 0xb, 0x8, 0x6, 0x2}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @loopback}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, {0x18, 0x6, "f12382a298c3c4e67bc3865a5e609d7390e7c388"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_ct={0xd8, 0x3, 0x0, 0x0, {{0x7}, {0x4c, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x1}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @remote}, @TCA_CT_ZONE={0x6, 0x4, 0x1}, @TCA_CT_ZONE={0x6, 0x4, 0xd5fa}, @TCA_CT_LABELS_MASK={0x14, 0x8, "d2e1b3a2788c5de2e3512e6440a2b22f"}, @TCA_CT_NAT_IPV6_MAX={0x14, 0xc, @private2}]}, {0x65, 0x6, "027f049ca058db143e1dfc4ab886f0fd38c17b775e3c636c76f9119ba22614f4e8417e2837bc2bfd208057256cf554aaffeeb1a75d23d450fcb2c991bb5adf81ed94e81cd304ba91006f51abfae0db731f4361765d22da2069efd56b3177bd00f6"}, {0xc}, {0xc}}}, @m_vlan={0x168, 0x6, 0x0, 0x0, {{0x9}, {0x4c, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x9af}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x1000, 0x4, 0x2, 0x68a143a3, 0x4}, 0x9}}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x3}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x9, 0x2, 0xffffffffffffffff, 0x0, 0x2}, 0x1}}]}, {0xf2, 0x6, "1be7498c8a1f5ea4c0e2f0c6922076b03045572688ef5ed536500eef0425a3db8d5ac13b98a415c4168605518e0e335d5f278cf80be1def0f421e61b563ced744fcc9b5f33e1e6680ec8b782e7197e2ee31c921fe42419b95aef7de643239c926f33476efd83872bf910f6986abb587b0a3e5b51f8320e7c5bf3bc3933ab22080a185d9d02ec277d71c6fa3184d1bb82beda07ca25c1da7b90b5ed7f014bf72ae10011c04f8808b5071f273a507f713b0efc0799b7d3c3428eb015585a27a42da48d28f2835aaf1dedff7f6e251c081c2b20a47868969dfc7a67fdff2e7f26bfbb7f5834dd6134ec4ad2d6b5f2a2"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_bpf={0xb0, 0x11, 0x0, 0x0, {{0x8}, {0x80, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0xc, 0x4, [{0x5, 0x2, 0x40, 0x81}]}, @TCA_ACT_BPF_FD={0x8, 0x5, r0}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0xca, 0x2, 0x0, 0x0, 0x6}}, @TCA_ACT_BPF_OPS={0x24, 0x4, [{0x2, 0x93, 0x4, 0x3}, {0x1000, 0x5, 0x1, 0x5}, {0x100, 0x2, 0x7d, 0x9f7}, {0x9, 0x0, 0xff, 0x6}]}, @TCA_ACT_BPF_OPS={0x24, 0x4, [{0x3, 0x1, 0x8, 0x6}, {0x4, 0xf, 0x6, 0x9}, {0x3, 0x2, 0x97, 0x3f}, {0xe76, 0x4, 0xff, 0x3}]}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}]}, {0xb, 0x6, "724b83414441d5"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @f_rsvp={{0x9}, {0xd78, 0x2, [@TCA_RSVP_ACT={0x4}, @TCA_RSVP_SRC={0x8, 0x3, @broadcast}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x1ff, 0x2, 0x1}, {0x4288, 0x80f, 0xfffffffd}, 0x5c, 0xd, 0x3}}, @TCA_RSVP_ACT={0x448, 0x6, [@m_tunnel_key={0x194, 0x12, 0x0, 0x0, {{0xf}, {0x7c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e21}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e24}, @TCA_TUNNEL_KEY_ENC_DST_PORT={0x6, 0x9, 0x4e21}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @rand_addr=0x64010102}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @mcast2}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @mcast2}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @loopback}]}, {0xea, 0x6, "3cb3e00e8441c298eb41a411bb810d2a730ae24276fe37384ccfea84b2f0c92bed37c12c8e10a410ac0dd253f6590940319fd9f81fbc1719c94a60a3ba3417d8ab33c79b8412a469076632df11131eddb6dde151fcf5372cc5e01035caf11f314b9f9fba06f3176ec36a2a38a9f6e9704bc1a91d93cc58e809193a5187025e221a4b69b5349ad4bbb6ac89d91ce623ab5873b0ac27e41fa49bedfe0150111d026255c2cabdd7783ff353ec796dd1640e8af2eb477bc2a86796646c59f73e7d265ba82bd816e6138b36b26c10907f0d1f85dccf16de3726270c7bf36a63932724d9e91a01b082"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_skbedit={0x154, 0x8, 0x0, 0x0, {{0xc}, {0x5c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x3}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x1}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x7a, 0x5, 0x6, 0x8, 0x3}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xb, 0x8}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x7}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xc, 0xfff0}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x3}]}, {0xd0, 0x6, "d8f9872313d2a968ecac018652903065020488c3bc28ca9759c42d78895f52297f18400a1d190cac4e6e03d651b52ac0261c245954ace752980a031417b1b00817c19b514d0e268fe920d32b0b3b0bb20e6cf708971df9be8bf0899547ede4dcdb3812b68a32380d1348e4c6a3e53bcb86adf2ce59c5fb1ed2e45bdc488b71db56c1901334832b4cd3fe43e254a4c3d3fce33a207867bbc349edabe5efc18d816a78e5eeea4b26cbbd745f06fe6c1bc33cc204da20ede0b1d34cfd0a617b2785256e50e198dc15ccaeeeeff7"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x4}}}}, @m_csum={0xec, 0x18, 0x0, 0x0, {{0x9}, {0x74, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0x80000001, 0x5, 0x7, 0x6}, 0x45}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x82, 0x9, 0x10000000, 0x5, 0x22e}, 0x6}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x7, 0x7fffffff, 0x1, 0x4, 0x2}, 0x18}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x4, 0xe00, 0x6, 0x0, 0x1}, 0x80}}]}, {0x4e, 0x6, "616373fa0bbfd5be0756fb21bc243b7a183de7f5e81a2b6eced3f4bdb03ba5fe02e407da3cdc098cdf371164ab77b16d571681028d63577456a14b63623fdd7ac672333e70aaba54ed62"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_simple={0x70, 0x7, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x9, 0x3, '*.(-\x00'}, @TCA_DEF_DATA={0x9, 0x3, 'vlan\x00'}]}, {0x2c, 0x6, "3799b71f86ebf4f6670282d41fd6e2a95a4f24fc4b53670eb3bfb0929120787ea4f41b39661dbca6"}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}, @TCA_RSVP_CLASSID={0x8, 0x1, {0xfff1, 0xe}}, @TCA_RSVP_CLASSID={0x8, 0x1, {0xe, 0x5}}, @TCA_RSVP_DST={0x8, 0x2, @local}, @TCA_RSVP_POLICE={0x8e8, 0x5, [@TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_RESULT={0x8, 0x5, 0x4}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x3, 0x2, 0x1, 0xb7, 0x35fa, 0x9, 0xfbcd, 0x6, 0x80000000, 0x5, 0xfffffff7, 0x9, 0x8, 0xe, 0x5, 0x7f, 0xff, 0x9, 0x9, 0x52, 0x8, 0x6, 0x3a0, 0x7, 0xc, 0x5, 0x6, 0x10000, 0x7, 0x3, 0x9f, 0x80, 0x6958, 0xce, 0x5, 0x3, 0x8, 0x4, 0x0, 0x5, 0xd722, 0x81, 0x8, 0xfffffff7, 0x4d00, 0xc, 0xaf2, 0x12000, 0x0, 0xdf2, 0x1, 0x80, 0x300, 0x4, 0xfffffffa, 0x0, 0xf, 0x4000, 0xa4c, 0x901, 0x7, 0x6, 0x4, 0x0, 0x9, 0x8, 0x0, 0x0, 0x7f, 0x8, 0xffff, 0x2, 0x1, 0x5, 0x0, 0x5, 0x8, 0x2, 0x3, 0x5, 0x414, 0x80000000, 0xfffffffd, 0x1, 0x5, 0x4, 0x9, 0x5, 0x7, 0x2, 0x8001, 0x9, 0x8, 0x1, 0x4, 0x8, 0x100, 0x800, 0x0, 0x200, 0x3, 0x7, 0x3, 0x5, 0x2, 0x8, 0x7ff, 0x0, 0x8, 0x7, 0xa, 0x0, 0x9, 0x428ec2ea, 0xf7d, 0x40, 0x8f1, 0x20000000, 0x4, 0x2, 0x7, 0x1, 0x6, 0x2, 0x97, 0x80000000, 0x5, 0x2, 0x200, 0xff, 0x8, 0x8, 0xcbc, 0x5, 0x7, 0xcb6, 0x7f, 0x3, 0x6, 0x401, 0xc, 0xfa7, 0xed6e, 0x1, 0xfffffff1, 0x7, 0x1, 0x200, 0x4, 0x3, 0x101, 0x6, 0xffffffff, 0x2, 0x4, 0x1, 0xb09, 0x316, 0x8951, 0x80000001, 0x3, 0x7c, 0x6, 0x3000, 0x4, 0xfffffff6, 0x0, 0x80000000, 0x0, 0xbb66, 0x800, 0x800, 0x8, 0x2, 0x40, 0x6, 0x8, 0xf0a, 0xd, 0x7f, 0x3, 0x6, 0x7, 0xb103, 0x3, 0x2ece, 0x0, 0x4c, 0x8, 0x4, 0x1, 0xf, 0x10a, 0x5, 0xdfcec822, 0xcd5771a, 0x1000, 0x6, 0x5, 0xffff, 0x6, 0x5, 0x7, 0x8, 0x45d9, 0x11cd54ce, 0x278, 0x3, 0x8, 0xa, 0x3, 0x2, 0xffff0000, 0x7afd7806, 0xb, 0x4, 0x4, 0x2, 0x4, 0x4, 0x8, 0x7, 0xba, 0xe43, 0x6, 0x3, 0x7, 0x4, 0x120, 0x1, 0x80, 0x2, 0x1, 0x0, 0xffff, 0xe0a, 0x0, 0x5, 0x0, 0x3ff, 0x6, 0x3, 0x7, 0x3, 0x57, 0x9faa, 0x4, 0x8, 0x4accab96, 0x4, 0x0, 0x9, 0x5, 0x1, 0x5, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x7, 0x20000000, 0x3, 0xfffffeff, 0xfffffffc, {0xff, 0x1, 0x8, 0x9, 0xfffd, 0x40}, {0xf, 0x3, 0x2, 0x9, 0x6cf8, 0x7fff}, 0xe4, 0x4, 0xffff}}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8001, 0x0, 0x18c9, 0x6, 0x7, {0xb, 0x1, 0xff, 0xfffa, 0xa, 0xb1}, {0x9, 0x1, 0x5, 0x200, 0x8, 0xffffffff}, 0x6, 0x7, 0x1000}}, @TCA_POLICE_RATE64={0xc, 0x8, 0x7f}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x10}, @TCA_POLICE_RATE={0x404, 0x2, [0x665, 0x9, 0x5, 0x2, 0x7, 0x6f0cc973, 0x6, 0x5, 0x80000001, 0x7f, 0x7, 0xa27, 0x9, 0xc, 0x5, 0x7, 0x8, 0x81, 0xb8, 0x5cc, 0x4, 0xff, 0x2, 0xff9, 0xfffffffb, 0x6, 0x0, 0x0, 0x800, 0x7, 0x9e, 0x0, 0x1, 0xd, 0x2, 0x4, 0x7cf, 0x1, 0x6, 0x800, 0xe, 0x7, 0xf, 0x8, 0x5, 0xd9, 0x7, 0x1, 0xc00, 0x80000001, 0x1d, 0xffffffff, 0xd, 0x10, 0x6, 0x1, 0x4, 0x1c0, 0x5, 0x9, 0x9, 0x4, 0x7, 0x5, 0x6, 0x1ff, 0x1, 0x9, 0x7, 0x10000, 0x2, 0x800, 0x8, 0xd1f, 0x750, 0x3, 0x101, 0x0, 0x0, 0xc, 0x670, 0x2, 0xffffff0a, 0x9a, 0x800, 0x9, 0x2, 0x5, 0x45f, 0xfffff001, 0x81, 0x4e7, 0x6, 0x80000000, 0x4, 0xa, 0x6, 0x101, 0x9, 0x0, 0x5, 0x800, 0x7, 0x5, 0x6, 0x6, 0x2c, 0x2, 0x8, 0xfffffff7, 0x3, 0xf, 0x0, 0x4, 0x5, 0x80000001, 0x7, 0xad3, 0x8, 0x8, 0xa, 0x7f, 0x2, 0x91, 0x0, 0x9830, 0x68, 0x3, 0xee42, 0x281, 0x9, 0x5, 0x6, 0x48ea6cc4, 0x5, 0xfffffffd, 0x0, 0x2, 0x4, 0x7ff, 0x9, 0x1a5, 0x6, 0x70c, 0x4, 0x56aa, 0x5, 0x4, 0x4, 0x0, 0xe, 0x3, 0x9, 0xfb, 0x16, 0x5, 0x6, 0x0, 0x6, 0x7, 0xffffffff, 0x70, 0x1ff, 0x200, 0x6, 0x5, 0x1d3, 0x1, 0x0, 0x1540177c, 0x7ff, 0xa34, 0x4, 0xb9, 0x1, 0x8, 0x5, 0x1, 0x101, 0x4, 0x27, 0x2, 0x3, 0x3, 0x0, 0x3ff, 0x6, 0x9ea3, 0x9, 0xba, 0x5, 0x3, 0xfffffff8, 0x6, 0x5, 0xd3ac, 0x7, 0x7, 0x168123fb, 0x1, 0x4dcb, 0x7, 0x9, 0xc7, 0x10, 0x9, 0x9, 0xa48d, 0xfffffff7, 0x3, 0xd24f50c, 0x80, 0xf, 0x5, 0x0, 0x4, 0x4, 0x400, 0xe, 0x7, 0xf4, 0x3, 0x8, 0xa6d2, 0x3, 0x262, 0x5, 0x400, 0x10, 0x10, 0x4, 0x5, 0xef95, 0x7, 0x0, 0xfffffff7, 0x14, 0x4, 0x39, 0x3ff, 0x8, 0x40, 0xb64, 0xffff, 0x4, 0x9, 0x4, 0x2, 0x7ff, 0x6, 0xbacf, 0x6d0a, 0x1, 0x1, 0x6, 0x400]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x7, 0x2, 0xfffffff7, 0x6, 0xffffffff, {0x3, 0x0, 0x4, 0x5, 0x400, 0x6}, {0x47, 0x0, 0xf1e, 0x3, 0x3, 0x7}, 0x4, 0xa1, 0xa336}}]}]}}, @f_rsvp6={{0xa}, {0x418, 0x2, [@TCA_RSVP_POLICE={0x414, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x8, 0x71, 0x5, 0x9, 0x4, 0x7, 0x1c66b5f8, 0x1000, 0x2, 0x7, 0x5, 0x9, 0x9, 0x0, 0x9, 0x5, 0x1, 0x5, 0x80000000, 0x0, 0x7, 0x1, 0xc7, 0x677, 0x800, 0x4, 0x215d, 0x65, 0xffff, 0x1, 0x10000, 0xfffffffc, 0x100, 0x6, 0xfffffffc, 0x3, 0x0, 0x6, 0x4, 0xb81, 0x0, 0x5, 0x40, 0xc, 0xffffffff, 0x6, 0x1, 0x9, 0x1, 0x9, 0x5, 0x2, 0x3, 0x3, 0x5, 0xfffffff7, 0x9, 0x5, 0x6e, 0xfffffffd, 0x6, 0xfffffff7, 0xf, 0x3ff, 0x0, 0x2, 0x7fff, 0xe7, 0x4c3, 0x1, 0x5, 0xfffffff8, 0x3, 0x983, 0xba, 0xeb11, 0x8, 0x3, 0xc24, 0x0, 0x1, 0x4, 0xbdba, 0x5, 0x7, 0xffff, 0x80000001, 0x800, 0x58, 0xea, 0x4, 0x0, 0x2, 0x9, 0x359, 0x8, 0x80000001, 0x2, 0x9, 0x2, 0x1ff, 0xfffff0fb, 0x8, 0x4, 0x3daf, 0x0, 0x7fff, 0xfc767e86, 0x4, 0x10, 0x1, 0x4, 0x3ff, 0x3, 0x3, 0xff, 0xb4c, 0x1, 0x0, 0x9b8, 0x1ff, 0x4, 0x1, 0x6ea, 0x0, 0x100, 0x4, 0x8001, 0x4, 0x7f, 0xa, 0x9, 0xfffffb13, 0xffffffff, 0xc, 0x1, 0x5, 0x5, 0x1ff, 0x40, 0x1, 0x21, 0x6767, 0x3, 0xb, 0x3, 0xa, 0x3, 0x8, 0x3, 0x2, 0x0, 0xffffffff, 0x85, 0x6, 0x80000000, 0xaea, 0x5, 0x7, 0x0, 0x0, 0x100, 0x8, 0x8, 0x2c, 0x3, 0xfffffff8, 0x9, 0x9, 0x46687318, 0xfd, 0x8, 0x5, 0x5, 0x3679, 0x6, 0x1, 0xff, 0x722, 0x8, 0x0, 0x3, 0x6, 0xffff, 0x1c18, 0x1, 0xffff, 0x1, 0x8, 0x1, 0x4, 0x90b, 0x3, 0x8000, 0x61, 0xa, 0xffff, 0xd, 0x9b29, 0x8, 0x3, 0x7, 0x5, 0x4, 0x2, 0x5, 0x7768, 0x6, 0x4, 0xb, 0x2, 0x7, 0x5e18, 0x4, 0x5, 0x1000, 0x10000, 0x2, 0xfffffffa, 0x8, 0x6, 0x4, 0x9, 0x40, 0xe, 0x6, 0x3, 0x1, 0x1, 0x8, 0x200, 0xc5, 0x0, 0x7, 0x1, 0x8d3cd252, 0x7fff, 0x7ff, 0x0, 0xf, 0xa, 0x5, 0x8001, 0x81, 0x75e, 0x401, 0x40, 0x5, 0x1, 0x483c, 0xb8, 0x8, 0xfffffffd, 0x10, 0x7fffffff]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}]}]}}, @f_tcindex={{0xc}, {0x308, 0x2, [@TCA_TCINDEX_ACT={0x2fc, 0x7, [@m_skbedit={0x108, 0x7, 0x0, 0x0, {{0xc}, {0x54, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x5}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfff1, 0xd}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x4}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x5, 0x9, 0x2, 0x7fffffff, 0xfffffff8}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x200, 0xbe, 0x10000000, 0xfffffff8, 0xfff}}]}, {0x8a, 0x6, "c5117da25fa04c5595262c63b4064e3f6052bfe5c2f2be4beff24a57dd489b612ae72fa6fbdb7a9dbce594f290c840aded66713433cbe0a5523c3879381678e42ba49ec8c12d7c3ae98c3776b4f84294e149a00ec88d4d4add4a3a7118063259aa70cc692cf93e7fb71c203f61059b8f7b013fab81c68f3d75aba8e37ab71fdd89eb88b5453f"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_gact={0x60, 0xc, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1e14, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1779, 0x3}}]}, {0x1a, 0x6, "923bbe5ce6ebb19f191f902e305a774971f531418e7a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1}}}}, @m_csum={0x54, 0x10, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xfffffc42, 0x5, 0x7, 0x1, 0x7f}, 0x66}}]}, {0xa, 0x6, "ac25351063c5"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x5}}}}, @m_nat={0x9c, 0x19, 0x0, 0x0, {{0x8}, {0x54, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0xfffffffd, 0x743, 0x6, 0x4, 0x100}, @multicast2, @multicast1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x8cac, 0x6, 0x1, 0x8, 0x7}, @multicast1, @broadcast, 0xff000000, 0x1}}]}, {0x24, 0x6, "10dbf3c7e52f918890ec780843fe3e5be42b995f024f9a2c3303f160ca306d08"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_simple={0xa0, 0xa, 0x0, 0x0, {{0xb}, {0x10, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x9, 0x3, 'vlan\x00'}]}, {0x65, 0x6, "d0423ee729d6d6dd8dbd84f534d2cb013a6a7e0052b1b730faf7158353fa593c62bd6699783c3327482b4ebac768ba1c65633e5f09e80023301086988f2dc11721224e85312b019a1ebd77946e924cce81b4c5cfe5f45ddb4cadd007a01ebf9bd7"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}, @TCA_TCINDEX_HASH={0x8, 0x1, 0xe4ea}]}}, @f_rsvp={{0x9}, {0x3c, 0x2, [@TCA_RSVP_CLASSID={0x8, 0x1, {0x7, 0xffff}}, @TCA_RSVP_SRC={0x8, 0x3, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_RSVP_SRC={0x8, 0x3, @private=0xa010100}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x0, 0xc28, 0x2}, {0x4, 0x2, 0x489df2e2}, 0x73, 0x5, 0x6}}]}}, @f_tcindex={{0xc}, {0x108c, 0x2, [@TCA_TCINDEX_CLASSID={0x8, 0x5, {0x1d, 0x4}}, @TCA_TCINDEX_MASK={0x6, 0x2, 0xffff}, @TCA_TCINDEX_POLICE={0x1078, 0x6, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x99f3, 0x7, 0x1, 0x8, 0x7, 0x3, 0x10001, 0xfffffe00, 0x8000, 0x2, 0x8, 0x8, 0x3ff, 0x9, 0x2, 0x1, 0x1, 0x3, 0xfffffffb, 0x3, 0x40, 0x5, 0xfd9e, 0x0, 0x8, 0x8, 0x2, 0x3, 0x6, 0xfffffff9, 0x5, 0xe41, 0x5, 0x2, 0x7ff, 0x10000, 0xffffffff, 0x13, 0x8, 0x6, 0xf5f, 0x47a1, 0x1d261aa1, 0x6, 0x8, 0x4, 0x9, 0xffff, 0x0, 0x100, 0x6, 0x7bf, 0x4, 0x0, 0x6, 0x2, 0x5, 0x9d, 0x0, 0x7ff, 0x8, 0x80000001, 0x3, 0x6, 0x1a7, 0x7, 0x8c7f, 0x1ff, 0x4, 0x81, 0xfffffff8, 0xff800, 0x3, 0x6, 0x9, 0x8, 0xb8df, 0x1960, 0x778, 0xe0000000, 0x8000, 0x9, 0xfffffff8, 0x2, 0x31cd, 0x38, 0x7fff, 0x4, 0x3, 0x3, 0x800, 0x8, 0x3ff, 0xb6f8, 0x5, 0x32c7, 0x0, 0x81, 0x0, 0x5cde7a2d, 0x0, 0x1, 0xfffff446, 0x8, 0x0, 0x1, 0x3, 0x10001, 0x5, 0x7f, 0x1, 0xb34, 0xf, 0x9, 0x7, 0x8, 0x4, 0x8b1, 0x3, 0xf03, 0x6, 0x8000, 0x10001, 0x100, 0x5, 0x0, 0x8, 0xba5f, 0x5, 0x9, 0xe9, 0x10000, 0x0, 0x7, 0xfffffff8, 0xa, 0xba7, 0x9, 0x10, 0x1, 0x6a, 0x7fff, 0x8, 0x600, 0xa, 0xffffff80, 0x3, 0x80000000, 0x1, 0x52600, 0xfffffffb, 0x10000, 0xfffffffd, 0xfffffffe, 0xb92d, 0x38f, 0x1000, 0x18b1dfb, 0x6, 0x1, 0x45d, 0x9, 0x3, 0x3, 0xb90d, 0x3, 0x10001, 0x7, 0xfffffc00, 0xb02, 0x0, 0x6, 0x9, 0x7, 0x1, 0x4, 0x4, 0x400, 0x200, 0x4c, 0xa4, 0xffffffff, 0x33db, 0x401, 0x100, 0xde, 0x3, 0x5, 0x24, 0x0, 0x4, 0x720, 0x400, 0x7fffffff, 0x9, 0x61d2, 0x81, 0x8, 0x8001, 0x6, 0x8, 0xc, 0x0, 0x7, 0x5, 0x5, 0x8, 0xe, 0xfffffff9, 0x9, 0x0, 0x7ff, 0x5, 0x8, 0x2, 0x6, 0x8, 0x0, 0xdb, 0x7f, 0x1, 0x7, 0x57e5, 0x200, 0x1, 0x44, 0x80000001, 0x3, 0x5, 0x6, 0x2, 0x2, 0x5, 0x7a6c, 0x8b, 0x6a130000, 0x9, 0x7fff, 0xfffffffc, 0x3, 0x9, 0xfffffff7, 0xfff, 0x9, 0x40, 0x0, 0x184, 0x2, 0x7f, 0x3, 0x3, 0x3ff, 0x401, 0x2, 0x6]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}, @TCA_POLICE_RESULT={0x8, 0x5, 0x7}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x3, 0x3ff, 0x3487, 0x4, 0x3ff, 0x7, 0x4, 0x7, 0x5, 0x5, 0x7d, 0x5, 0x5, 0x9, 0x1, 0x400, 0x1, 0x6, 0x8, 0x1, 0x200, 0x80000000, 0x8, 0xd, 0x6, 0x1, 0x5, 0x2, 0xffffb8b9, 0x7ff, 0x3, 0x40, 0x6, 0x7fffffff, 0x9, 0x8000, 0x0, 0x7, 0xa9, 0x5, 0x3, 0x7, 0x1d8d, 0x10, 0xfffffff8, 0x0, 0x8001, 0x5, 0x7, 0xfffffff8, 0x8, 0x8, 0x7fffffff, 0x49, 0x1, 0xcf, 0x0, 0x1c000000, 0x3, 0x1000, 0x1, 0x0, 0x101, 0x3, 0x8, 0x4, 0x1, 0x3, 0x101, 0x3, 0x7f, 0x3, 0x5, 0xb9, 0x4, 0x89e4, 0x4, 0xffffff94, 0x5, 0x7fff, 0x1, 0x5, 0x6, 0x8, 0xfffffff7, 0x6a0, 0x3, 0x7, 0x200, 0x2, 0x1, 0x6, 0x9, 0xfffffffe, 0x0, 0xffffffff, 0x2, 0x9, 0x1e2b, 0x2, 0x4, 0x10, 0x2, 0x6, 0x8, 0x2, 0x3, 0x3, 0x7f, 0x1, 0x2, 0xf, 0x6, 0x84, 0x0, 0x101, 0x6, 0xfffffffa, 0x4, 0x1ff, 0xdd, 0xd, 0x4, 0x2, 0x2, 0xd, 0x2, 0x5, 0x2, 0x1, 0x2, 0x800, 0xe9f, 0xfffffff7, 0x7, 0xfffffffd, 0x2, 0x5, 0xfffff001, 0x9, 0x9, 0xa29, 0x72de, 0xb75, 0x1, 0x4, 0x5, 0x8, 0x504, 0xe1, 0x6, 0xef, 0x7fffffff, 0x1, 0x1, 0x4, 0x4, 0xe, 0x3000, 0x3, 0x9, 0x3, 0x4, 0x4, 0x2, 0x13, 0x1, 0xd, 0x40, 0x6, 0x80000001, 0x7, 0x5, 0xffffff01, 0x3, 0xfff, 0x7373, 0xcd5b, 0x8, 0x6, 0x3, 0x6, 0x1, 0x8, 0x7, 0x91, 0xe, 0xbba, 0x7ea, 0x80000001, 0x2, 0x1ff, 0x1, 0xffff, 0x3, 0x0, 0x5, 0x2, 0x6, 0x3, 0x4c1d, 0x6, 0x3, 0x2, 0x3, 0xe, 0xffff, 0x9, 0x4, 0xffffffff, 0x7, 0x4, 0x1, 0xee3, 0x9, 0xd2, 0x4, 0x4, 0x9, 0x3, 0x7f, 0x7ff, 0x10, 0x5, 0x7ff, 0x8, 0x9, 0x8, 0x4, 0x0, 0xfffffff8, 0x8, 0x6, 0x2, 0x1, 0x8, 0x6, 0x8, 0xeecc, 0x1, 0x6, 0xfffffff5, 0x9, 0x3, 0x2, 0x0, 0x5, 0x6, 0x40, 0x800, 0x9e55, 0x0, 0x17, 0xfffffffe, 0x101, 0x501]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x6b44, 0x6, 0x2, 0x6, 0x3, {0x3, 0x1, 0x2, 0x4, 0x3, 0x4}, {0x40, 0x2, 0x9, 0x5, 0x400, 0x5}, 0x6, 0x2, 0x8001}}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x95, 0x3, 0x9, 0x7, 0x9, 0x6, 0x7, 0xfffffffd, 0x3, 0x4, 0x40, 0x1, 0xe, 0x81, 0x3, 0x6, 0x2, 0x4, 0x7, 0xffff043f, 0x7ff, 0x9, 0xfffffeaa, 0x7, 0x2, 0x1, 0x3ff, 0x7, 0xffffffff, 0x9, 0x8, 0x5, 0x0, 0x8, 0x5, 0x101, 0x1, 0xad9, 0x0, 0xa6a, 0xa, 0xfffffffe, 0x7, 0x5, 0xed6, 0x2c, 0xffffffda, 0x5, 0x3, 0x5, 0x4, 0x38, 0x2, 0x6, 0x100, 0x2, 0x7fffffff, 0x3, 0x7, 0x0, 0x3, 0xfffffec2, 0xffff, 0x4, 0x2, 0xf, 0x0, 0x2, 0x6, 0x7, 0x0, 0x5, 0xa94, 0xb, 0x5, 0xa675, 0x10000, 0xcfa7, 0x3, 0x29, 0x10000, 0x8, 0xfff, 0x5, 0xced, 0xec, 0xff, 0x10, 0x9, 0x6, 0x25c2, 0x34f, 0x9, 0x401, 0x6, 0xffffffff, 0xfffffffc, 0x101, 0x1f, 0x7, 0x9ae, 0x5, 0x4, 0x9, 0x4d5, 0x3, 0x2, 0xfffffffe, 0x0, 0x5, 0x9, 0x8, 0x18000000, 0x6, 0x0, 0x3, 0x8001, 0x3, 0x5d4, 0x401, 0xf, 0xe0b, 0x7, 0xff, 0x0, 0x7, 0xfff, 0xfffffffa, 0x0, 0x7, 0x3, 0x7fffffff, 0x7fff, 0x1, 0x0, 0xa1b, 0x7, 0x3, 0x7, 0x6, 0x8, 0x4, 0xff, 0x2, 0x7, 0x3, 0x7f, 0x0, 0x5, 0x17, 0x0, 0xc8, 0x400, 0x75ad173e, 0x6, 0x7, 0x0, 0x7, 0x53, 0x2, 0x2, 0x2, 0x5, 0xda7d, 0x1b55, 0x6, 0x4, 0xfffffff3, 0x679, 0x2, 0x4, 0xfffffff7, 0x9, 0x3, 0x7, 0x2, 0x8, 0x8, 0xf, 0xc, 0x9, 0x1ff, 0x9, 0x0, 0x1, 0x9, 0x9, 0x8, 0x7f7, 0x6, 0x6683, 0x2, 0x2, 0x6, 0x3649dfa4, 0x0, 0x3, 0x3ff, 0x2780, 0x5, 0x9, 0x0, 0xf, 0x6, 0xfffffffd, 0x8d8, 0x5, 0x1, 0x4, 0x14a, 0xf0, 0x8, 0x7, 0x4, 0x4, 0x0, 0x6, 0x8, 0x8000, 0xaa, 0x6ea, 0xfffffffe, 0x5, 0x3cb, 0x8, 0x2, 0x4, 0x3, 0xb9, 0x9, 0xf, 0x6, 0x3, 0x6, 0xfffffe09, 0x1, 0x6, 0x6b6e, 0x304, 0x401, 0x4, 0x6, 0xffffffff, 0xd, 0x6f72ba8c, 0xe, 0x7f, 0x3, 0x40, 0x80000001, 0xe03c, 0x8, 0x0, 0xffffffff, 0x5, 0x7]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xd}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x6, 0x117, 0x5, 0x185b, 0x9, 0x4, 0x4, 0x3, 0x0, 0xf, 0x5, 0x1243, 0x7, 0xbc7, 0x3ffe, 0x7, 0x6, 0x7c8, 0x6478, 0xfff, 0xfffff46a, 0x6, 0x9, 0x80, 0x0, 0x1c, 0x8, 0x9, 0x2, 0x40, 0x0, 0x99, 0x401, 0x0, 0x9, 0x9, 0x1, 0x3, 0x0, 0x5, 0x24, 0xffff8000, 0x0, 0x1, 0xc, 0x200, 0x100, 0x8, 0x0, 0x7fffffff, 0x9, 0x8, 0x1, 0x2, 0x6, 0x7, 0x2, 0x2, 0x1, 0x4, 0x2, 0x48, 0x3, 0x8, 0x6, 0x3, 0x1c, 0xc4b, 0x4, 0xb, 0x10, 0xe, 0x0, 0x0, 0x5, 0x70000, 0x10000, 0x10000, 0x4, 0xb7, 0x6, 0x6, 0x40, 0x3, 0x70ef9f79, 0x9, 0x6, 0x10000, 0x8, 0x200, 0x6, 0xe, 0x6, 0x3, 0x3, 0x9609, 0x1ff, 0xa, 0x2, 0x7fffffff, 0x20000000, 0x3, 0x0, 0x0, 0x4, 0x8, 0x320, 0x0, 0x9, 0x0, 0xe564, 0xfffffc00, 0x6, 0xd, 0x4, 0x1, 0x0, 0x6, 0x9b, 0x200, 0x4, 0x7f, 0x1, 0x29, 0xb, 0x81, 0xe84, 0x6, 0x6, 0x0, 0x6, 0x1, 0x7, 0x2, 0x7, 0x470, 0x2, 0x3, 0x8, 0x0, 0x71, 0xffffffff, 0x8, 0x7ce3, 0x4, 0x3, 0x4, 0x401, 0x3, 0x5455, 0x2000, 0xdb, 0x4, 0x0, 0xffff, 0x3, 0xd, 0x1497, 0x9, 0x4, 0x90f6, 0x7fff, 0x9, 0x4f, 0x7, 0x5, 0x4, 0xc, 0x4, 0x9, 0x3, 0xfffffe01, 0xe, 0xe, 0x1, 0xffffffff, 0x9, 0x3, 0x96, 0x5, 0x6, 0xfffffff8, 0x4, 0x9, 0xf39, 0x5, 0x101, 0x4, 0x8, 0x4, 0x2, 0x5, 0x8, 0x7, 0x1, 0xff, 0xffff0001, 0xfffffffb, 0x9, 0x0, 0x34e0, 0x59, 0xfffffff7, 0x0, 0x2, 0x2, 0x3, 0xffffff7f, 0x2, 0x80, 0x0, 0x101, 0x200, 0x6, 0x8, 0x1000, 0x3, 0xff, 0x7, 0x3, 0xd5b, 0x1, 0xee3a, 0x2, 0x7, 0x1ebf, 0x4, 0x8001, 0x8, 0x65, 0x9, 0xe8, 0x6, 0x2, 0x2, 0x8, 0x479, 0xfff, 0xfffffff0, 0x6, 0xffffffff, 0x6, 0xf, 0x3, 0x0, 0x5, 0xfffffff9, 0x80000001, 0x1, 0xc, 0x1e27b0f1, 0x5, 0x65dc, 0xb4, 0xd0, 0x6]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}]}]}}, @f_rsvp={{0x9}, {0x958, 0x2, [@TCA_RSVP_CLASSID={0x8, 0x1, {0x8, 0xa}}, @TCA_RSVP_CLASSID={0x8, 0x1, {0x2, 0x1}}, @TCA_RSVP_POLICE={0x4c, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xfffffffffffffffc}, @TCA_POLICE_TBF={0x3c, 0x1, {0x400, 0xd0880131db389d9a, 0x7, 0x0, 0x9, {0x8, 0x2, 0xfff7, 0x4, 0x3, 0x5}, {0x81, 0x1, 0x0, 0x2, 0x4, 0x8}, 0x0, 0xfffffffb, 0x1}}]}, @TCA_RSVP_POLICE={0x898, 0x5, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x7ff}, @TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x343, 0xfffff800, 0xfff, 0x2695, 0x1, 0x1, 0x2, 0xe0c7, 0x12903c09, 0x7000, 0x5, 0xfffffff9, 0x5, 0x4, 0x7, 0x7, 0x5, 0x4, 0x4, 0x42c0c107, 0x5, 0x3, 0x2, 0x200, 0x6, 0x3, 0x40, 0xc, 0x1, 0x5, 0x6, 0x40f9, 0x0, 0x9, 0xfffffffd, 0x3, 0x80000000, 0x7fff, 0x9, 0xcc, 0x9, 0xff, 0x2, 0x6, 0xfffffffd, 0x4, 0x54000000, 0xffffffff, 0x6309, 0x4, 0x9, 0x4, 0x4, 0x7, 0x2b2, 0x3, 0x3ff, 0x6, 0x7, 0x4, 0x2, 0x4, 0x8001, 0x40, 0x33dc, 0xc000, 0x6, 0x2, 0x6, 0x26, 0x0, 0x0, 0x1, 0x4c0, 0x10, 0xfffffffe, 0x100, 0x9, 0x1, 0xffffffff, 0xfffffff7, 0x4, 0x6, 0x5, 0x7, 0x8, 0x5, 0x81, 0x9248, 0xce, 0x7fffffff, 0xffff, 0x8, 0x3, 0x9, 0x5, 0xe91, 0x5, 0xfffffff9, 0x0, 0x401, 0x42, 0x4, 0x8, 0x5, 0x1, 0x7, 0x7, 0x4, 0x1, 0x5db, 0x8, 0x6, 0x1, 0xd1c, 0xd, 0x1, 0xa9c, 0x1, 0x7, 0x9, 0xffffff80, 0x3ff, 0x4, 0x8114, 0x4, 0x2, 0x3, 0x3, 0x7fff, 0x8001, 0xf2, 0x800, 0x201, 0x800, 0xffff, 0x8, 0x1000, 0x5, 0x4, 0x7, 0x0, 0x3, 0xc2, 0x40, 0x800, 0xffffffff, 0x2, 0xb, 0x8, 0x3ff, 0x0, 0x2, 0x9, 0x4, 0x6, 0x36e9, 0x80000000, 0xfff, 0x9, 0x94, 0x1, 0x8, 0x3ff, 0x7, 0x101, 0x1, 0x3, 0x1, 0x4100000, 0xff, 0x8, 0x9, 0xffff, 0x9, 0x2, 0xf0000, 0x4, 0x73a5c27e, 0x9, 0x0, 0x6, 0x613, 0xe, 0x64bc, 0x449, 0x8, 0x8, 0x200, 0x7, 0xff, 0x2, 0x2, 0xf, 0x9, 0x200, 0x773, 0x80000001, 0xffffffff, 0x200, 0x80000001, 0x2, 0x75f, 0x100, 0x80000000, 0x5, 0x59, 0x5, 0x0, 0x100, 0xfff, 0x3, 0x9, 0x4, 0x8, 0x5, 0x7, 0x4, 0x0, 0xe50, 0x1, 0x7, 0x9, 0x4, 0xfffffff9, 0x3, 0xeffb, 0x2, 0x400, 0x3ff, 0x7, 0xf9a, 0x9, 0x0, 0x8, 0x7f, 0x6, 0xca, 0xffffffff, 0x6c, 0x7fffffff, 0x4, 0xbd, 0x100, 0x3, 0x5, 0x1, 0x4, 0x6, 0xb, 0x8, 0x6, 0x6, 0x5, 0x5]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xfffffff7, 0x1, 0x7fffffff, 0x401, 0x7a, {0x9, 0x1, 0x5, 0x6, 0x8, 0x8}, {0x7, 0x0, 0x8, 0x1, 0x8f3c, 0x42}, 0x7, 0x7ff, 0x6}}, @TCA_POLICE_TBF={0x3c, 0x1, {0xaf42, 0x1, 0x1, 0x9, 0x180, {0x4, 0x1, 0xf1bd, 0x0, 0x6}, {0x2, 0x2, 0x1, 0x89a, 0x3, 0x200}, 0x3, 0x9581, 0x4b55}}, @TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x180000, 0xc2, 0x7, 0x5b5, 0x9, 0x4, 0x3, 0x7fff, 0x4, 0x2ee, 0x5, 0x0, 0x500, 0x9, 0x8, 0x200, 0x8, 0x3, 0x5, 0x9, 0xe, 0x3, 0x4, 0xfc, 0x8, 0x9, 0x1, 0x0, 0x49, 0x0, 0x0, 0x0, 0x9, 0x2, 0xe3, 0x3, 0xd, 0xe, 0x22, 0x4, 0x81, 0x4, 0xdde, 0x7, 0x101, 0x1, 0x7fffffff, 0x800, 0x2, 0xfffffffe, 0x1000, 0x4, 0x57ad, 0x1c, 0x9, 0x4, 0x9, 0xfff, 0x4, 0x7, 0x29, 0x5c19, 0x401, 0x0, 0x2, 0xc, 0x10, 0xc80, 0x800, 0x5, 0x1800, 0x400, 0x7, 0xfffffffa, 0x1, 0x100, 0x8001, 0x6, 0x260f7791, 0x1, 0x10001, 0x9, 0xa, 0x1, 0xf8b, 0x3, 0xea, 0x0, 0xa, 0x7, 0x200, 0xffff822c, 0x4, 0x7f, 0xffffffff, 0x91, 0x4, 0x2, 0x5, 0x1cbe, 0x4, 0x40, 0x8, 0x40, 0x7cd9d56f, 0x2, 0x2, 0xffffff0f, 0x91, 0x10000, 0x81, 0x80000000, 0x0, 0x7, 0x9, 0x7, 0x2, 0x7, 0x5, 0x51e, 0x1, 0x8, 0x6, 0x9, 0x6, 0x2, 0x1, 0xb6a7, 0xffff, 0x6, 0x5, 0x1d82fd68, 0x6, 0x30000000, 0x100, 0x87, 0x3, 0x5, 0x8, 0x39, 0x9, 0x0, 0x0, 0x6, 0x3, 0x5, 0x1, 0x7, 0xb70, 0x5, 0x8, 0x9, 0x4, 0x7fff, 0x3d9cdc19, 0x0, 0x1, 0x2, 0x3ff, 0xffffff50, 0x5, 0x5, 0x981c, 0x6, 0x101, 0xfff, 0x0, 0x2, 0x9, 0x7ff, 0x0, 0xb, 0x5, 0x80, 0x100, 0x1, 0x100, 0x5, 0x27a4, 0x6, 0x3, 0x2, 0xe, 0x8, 0x7fffffff, 0xfffffff9, 0x0, 0x200, 0x5b7, 0x1, 0x7, 0x3, 0x3, 0x0, 0x2, 0x10000, 0x7b, 0x0, 0x7, 0x1, 0x5, 0x1, 0x1, 0x0, 0x5, 0x9, 0x8, 0x200, 0x7, 0x2, 0x100, 0x6, 0x1, 0x7f, 0xa7, 0x6, 0x0, 0xcab, 0x5, 0x7, 0x1, 0x7, 0xf873, 0x7fffffff, 0x5, 0xaf6d, 0x9, 0xfffffffe, 0x9, 0x8, 0xd, 0x3, 0x262, 0x9, 0x4, 0x7, 0x2, 0x7, 0xfffffff7, 0x5, 0x9, 0x7, 0xb, 0x5, 0x3, 0x8001, 0x2, 0x2, 0x7, 0x6, 0x9, 0x6, 0x4003, 0x6, 0x3]}, @TCA_POLICE_RATE64={0xc, 0x8, 0xdd7}]}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x800, 0x6, 0x7}, {0x80, 0xffff, 0x7}, 0x2e, 0x9, 0x51}}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x6, 0x7, 0xb2c2}, {0x6, 0x3, 0x3ff}, 0xff, 0x1, 0x44}}, @TCA_RSVP_PINFO={0x20, 0x4, {{0xfeac, 0x9da, 0xcd1e636c}, {0x5, 0xfffffffc, 0x9}, 0x62, 0xf, 0x80}}]}}]}, 0x3470}, 0x1, 0x0, 0x0, 0x800}, 0x40045) 1.362410256s ago: executing program 2 (id=750): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) ioprio_set$uid(0x3, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1458c2, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0xe860c42ced148432) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000340)={0x0, 0x2, {0x1, 0x1, 0x4, 0x1, 0xabac}, 0x20}) openat$random(0xffffffffffffff9c, &(0x7f0000000100), 0x10902, 0x0) r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f00000000c0)=0x1) r2 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8) clock_getres(0xfffffffffffffff1, 0x0) r5 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000140)={'fscrypt:', @desc1}, &(0x7f00000001c0)={0x0, "28d7b07d54891881fe02c1203fe49696b9f26f2da4149683f065714f8a61d1f32c99064bbd27b2aa77459cff33a3a98350f1af9d51ed5bef3d63520d260804d0"}, 0x48, 0xfffffffffffffffd) keyctl$revoke(0x3, r5) r6 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r6, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @dev={0xfe, 0x80, '\x00', 0x10}, 0x1}}, 0x24) sendmsg$inet(r6, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000000)={0xf0f03c, 0x2}) r7 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_TIMESTAMP(r7, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4) bind$inet(r7, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r7, 0x0, 0x0, 0x20000f3d, &(0x7f0000000000)={0x2, 0x24e23, @empty}, 0x10) 1.215710948s ago: executing program 4 (id=751): openat$rdma_cm(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000251cdcf78fc97cad000000000000"], 0x48) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) fsetxattr$security_evm(r0, &(0x7f0000000300), &(0x7f0000000380)=@md5={0x1, "319a4a7248ff8959a7163678bbed98ca"}, 0x11, 0x2) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = syz_clone(0x40804800, &(0x7f0000000240)="87c662f6d0b1eb954de4c0df1ad5cdc3a125f4876a7223c7bb7723c412b304d49d", 0x21, 0x0, 0x0, 0x0) r3 = syz_open_procfs(r2, &(0x7f0000000340)='numa_maps\x00') pread64(r3, &(0x7f0000000140)=""/100, 0x64, 0x200) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r5 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) bind$unix(r8, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e) openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) io_setup(0x7, &(0x7f0000000280)) 383.045763ms ago: executing program 5 (id=752): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a\x00', @ANYRES32], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x4a000) r1 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r1, 0x0, 0x0) symlinkat(&(0x7f0000000040)='./file0/../file0\x00', r2, &(0x7f0000000140)='./file0\x00') readlinkat(r2, &(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)=""/204, 0xcc) sendmsg$nl_route(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_delrule={0x24, 0x21, 0x400, 0x70bd28, 0x25dfdbfc, {0x2, 0x0, 0x10, 0x40, 0x40, 0x0, 0x0, 0x6, 0x4}, [@FRA_DST={0x8, 0x1, @multicast2}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x8800) 358.178139ms ago: executing program 0 (id=753): socket$tipc(0x1e, 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) r1 = syz_clone(0x80040100, &(0x7f00000004c0), 0x0, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close(0xffffffffffffffff) bpf$MAP_CREATE(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = socket(0x10, 0x3, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe0ec}]}}]}, 0x3c}}, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000410007010000000000000000017c000008000100", @ANYRES32=r1], 0x1c}}, 0x0) ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000080)={'dummy0\x00'}) 185.217803ms ago: executing program 2 (id=754): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000880) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x61, 0x10, 0x50}, [@ldst={0x6, 0x0, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x275a, 0x0) quotactl_fd$Q_GETINFO(r3, 0xffffffff80000501, 0xffffffffffffffff, 0x0) 117.484239ms ago: executing program 6 (id=755): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a80)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r1, &(0x7f0000000240)=""/48, 0x30) getdents(r1, 0xfffffffffffffffd, 0x58) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea6086416", 0x1d}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r2 = socket$kcm(0x10, 0x400000002, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x5c, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x30, 0x3, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x28, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x22, 0x1, "118c7457ff8f99b8233ba7d81496e1da69279e989c73000065399ef8cd8d"}]}]}]}]}], {0x14, 0x10}}, 0xe0}}, 0x0) sendmsg$inet(r2, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0) syz_usb_connect$uac1(0x0, 0xb1, &(0x7f00000004c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9f, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0xd, 0x24, 0x6, 0x0, 0x0, 0x3, [0x8, 0x0, 0x0]}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0x202, 0x6, 0x8, 0x0, 0x10}, @input_terminal={0xc, 0x24, 0x2, 0x0, 0x0, 0x3}, @feature_unit={0x9, 0x24, 0x6, 0x0, 0x6, 0x1, [0x0]}, @output_terminal={0x9, 0x24, 0x3, 0x3, 0x0, 0x0, 0x5}, @feature_unit={0x9, 0x24, 0x6, 0x5, 0x0, 0x1, [0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x40, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x0, 0x80}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x2}}}}}}}]}}, 0x0) 115.615823ms ago: executing program 0 (id=756): preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x632a, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f00000002c0)=0x6, 0x4) recvmmsg(r0, &(0x7f0000000300)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001fc0)=""/136, 0x88}}], 0x1, 0x2000, 0x0) 0s ago: executing program 5 (id=757): syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x4a000) (fail_nth: 3) kernel console output (not intermixed with test programs): 7112] dump_stack_lvl+0x241/0x360 [ 171.121721][ T7112] ? __pfx_dump_stack_lvl+0x10/0x10 [ 171.126937][ T7112] ? __pfx__printk+0x10/0x10 [ 171.131529][ T7112] ? ref_tracker_free+0x643/0x7e0 [ 171.136559][ T7112] ? __pfx_ref_tracker_free+0x10/0x10 [ 171.141939][ T7112] should_fail_ex+0x3b0/0x4e0 [ 171.146638][ T7112] ? cfg80211_wext_siwscan+0x23f/0x1120 [ 171.152203][ T7112] should_failslab+0xac/0x100 [ 171.156892][ T7112] ? cfg80211_wext_siwscan+0x23f/0x1120 [ 171.162485][ T7112] __kmalloc_noprof+0xd8/0x400 [ 171.167291][ T7112] cfg80211_wext_siwscan+0x23f/0x1120 [ 171.172678][ T7112] ? __pfx_lock_release+0x10/0x10 [ 171.177723][ T7112] ? __might_fault+0xc6/0x120 [ 171.182417][ T7112] ioctl_standard_iw_point+0x788/0xcb0 [ 171.187896][ T7112] ? __pfx_cfg80211_wext_siwscan+0x10/0x10 [ 171.193711][ T7112] ? __pfx_ioctl_standard_iw_point+0x10/0x10 [ 171.199713][ T7112] ? dev_load+0x21/0x1f0 [ 171.203975][ T7112] ? wext_ioctl_dispatch+0x106/0x640 [ 171.209274][ T7112] ? __pfx_lock_release+0x10/0x10 [ 171.214321][ T7112] ? __pfx___mutex_lock+0x10/0x10 [ 171.219354][ T7112] ? full_name_hash+0x93/0xe0 [ 171.224046][ T7112] ioctl_standard_call+0xc7/0x290 [ 171.229082][ T7112] ? __pfx_cfg80211_wext_siwscan+0x10/0x10 [ 171.234891][ T7112] ? __pfx_cfg80211_wext_siwscan+0x10/0x10 [ 171.240702][ T7112] wext_ioctl_dispatch+0x58e/0x640 [ 171.245829][ T7112] ? __lock_acquire+0x1384/0x2050 [ 171.250880][ T7112] ? __pfx_ioctl_standard_call+0x10/0x10 [ 171.256528][ T7112] ? __pfx_ioctl_private_call+0x10/0x10 [ 171.262082][ T7112] ? __pfx_wext_ioctl_dispatch+0x10/0x10 [ 171.267738][ T7112] ? __might_fault+0xc6/0x120 [ 171.272438][ T7112] wext_handle_ioctl+0x15f/0x270 [ 171.277397][ T7112] ? __pfx_wext_handle_ioctl+0x10/0x10 [ 171.282887][ T7112] ? __asan_memset+0x23/0x50 [ 171.287501][ T7112] ? smack_file_ioctl+0x29e/0x3a0 [ 171.292546][ T7112] sock_ioctl+0x17c/0x8e0 [ 171.296902][ T7112] ? __pfx_sock_ioctl+0x10/0x10 [ 171.301781][ T7112] ? __fget_files+0x2a/0x410 [ 171.306394][ T7112] ? __fget_files+0x2a/0x410 [ 171.311010][ T7112] ? __pfx_sock_ioctl+0x10/0x10 [ 171.315886][ T7112] __se_sys_ioctl+0xf5/0x170 [ 171.320499][ T7112] do_syscall_64+0xf3/0x230 [ 171.325021][ T7112] ? clear_bhb_loop+0x35/0x90 [ 171.329716][ T7112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.335632][ T7112] RIP: 0033:0x7fb1e937e759 [ 171.340058][ T7112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.359674][ T7112] RSP: 002b:00007fb1ea185038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 171.368105][ T7112] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937e759 [ 171.376081][ T7112] RDX: 0000000020000000 RSI: 0000000000008b18 RDI: 0000000000000004 [ 171.384055][ T7112] RBP: 00007fb1ea185090 R08: 0000000000000000 R09: 0000000000000000 [ 171.392028][ T7112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 171.400007][ T7112] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 171.408005][ T7112] [ 171.411029][ T7114] CPU: 1 UID: 0 PID: 7114 Comm: syz.0.333 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 171.411121][ C0] vkms_vblank_simulate: vblank timer overrun [ 171.421267][ T7114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 171.421281][ T7114] Call Trace: [ 171.440592][ T7114] [ 171.443537][ T7114] dump_stack_lvl+0x241/0x360 [ 171.446906][ T5882] usb 3-1: USB disconnect, device number 13 [ 171.448224][ T7114] ? __pfx_dump_stack_lvl+0x10/0x10 [ 171.459313][ T7114] ? __pfx__printk+0x10/0x10 [ 171.463926][ T7114] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 171.469417][ T7114] ? __pfx___might_resched+0x10/0x10 [ 171.474732][ T7114] should_fail_ex+0x3b0/0x4e0 [ 171.479436][ T7114] should_failslab+0xac/0x100 [ 171.484130][ T7114] ? subflow_ulp_init+0xcb/0x560 [ 171.489085][ T7114] __kmalloc_cache_noprof+0x6c/0x2c0 [ 171.494372][ T7114] ? do_syscall_64+0xf3/0x230 [ 171.499057][ T7114] subflow_ulp_init+0xcb/0x560 [ 171.503820][ T7114] tcp_set_ulp+0x537/0x5f0 [ 171.508236][ T7114] mptcp_subflow_create_socket+0x761/0xdf0 [ 171.514134][ T7114] ? look_up_lock_class+0x77/0x170 [ 171.519247][ T7114] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 171.525575][ T7114] ? __pfx_register_lock_class+0x10/0x10 [ 171.531212][ T7114] ? mark_lock+0x9a/0x360 [ 171.535546][ T7114] __mptcp_nmpc_sk+0x178/0x800 [ 171.540316][ T7114] ? __lock_acquire+0x1384/0x2050 [ 171.545348][ T7114] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 171.550645][ T7114] mptcp_connect+0x71/0xb20 [ 171.555139][ T7114] ? mark_lock+0x9a/0x360 [ 171.559465][ T7114] __inet_stream_connect+0x262/0xf30 [ 171.564749][ T7114] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 171.571082][ T7114] ? __local_bh_enable_ip+0x168/0x200 [ 171.576451][ T7114] ? lockdep_hardirqs_on+0x99/0x150 [ 171.581643][ T7114] ? __pfx___inet_stream_connect+0x10/0x10 [ 171.587447][ T7114] ? __local_bh_enable_ip+0x168/0x200 [ 171.592816][ T7114] ? inet_stream_connect+0x50/0xa0 [ 171.597923][ T7114] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 171.603647][ T7114] inet_stream_connect+0x65/0xa0 [ 171.608586][ T7114] __sys_connect+0x288/0x2d0 [ 171.613172][ T7114] ? __fget_files+0x2a/0x410 [ 171.617756][ T7114] ? __pfx___sys_connect+0x10/0x10 [ 171.622869][ T7114] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 171.629198][ T7114] ? do_syscall_64+0x100/0x230 [ 171.633976][ T7114] __x64_sys_connect+0x7a/0x90 [ 171.638745][ T7114] do_syscall_64+0xf3/0x230 [ 171.643241][ T7114] ? clear_bhb_loop+0x35/0x90 [ 171.647917][ T7114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.653899][ T7114] RIP: 0033:0x7f014997e759 [ 171.658307][ T7114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.677917][ T7114] RSP: 002b:00007f014a781038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 171.686339][ T7114] RAX: ffffffffffffffda RBX: 00007f0149b35f80 RCX: 00007f014997e759 [ 171.694316][ T7114] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000005 [ 171.702288][ T7114] RBP: 00007f014a781090 R08: 0000000000000000 R09: 0000000000000000 [ 171.710258][ T7114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 171.718224][ T7114] R13: 0000000000000000 R14: 00007f0149b35f80 R15: 00007ffc9dc56628 [ 171.726211][ T7114] [ 171.932012][ T7121] netlink: 'syz.3.334': attribute type 27 has an invalid length. [ 171.946409][ T7116] netlink: 8 bytes leftover after parsing attributes in process `syz.3.334'. [ 171.969575][ T7126] FAULT_INJECTION: forcing a failure. [ 171.969575][ T7126] name failslab, interval 1, probability 0, space 0, times 0 [ 171.996274][ T7126] CPU: 1 UID: 0 PID: 7126 Comm: syz.0.338 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 172.006563][ T7126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 172.016640][ T7126] Call Trace: [ 172.019945][ T7126] [ 172.022894][ T7126] dump_stack_lvl+0x241/0x360 [ 172.027606][ T7126] ? __pfx_dump_stack_lvl+0x10/0x10 [ 172.032837][ T7126] ? __pfx__printk+0x10/0x10 [ 172.037464][ T7126] ? __kmalloc_noprof+0xb0/0x400 [ 172.042438][ T7126] ? __pfx___might_resched+0x10/0x10 [ 172.047761][ T7126] should_fail_ex+0x3b0/0x4e0 [ 172.052472][ T7126] ? __alloc_workqueue+0x10a/0x1f20 [ 172.057699][ T7126] should_failslab+0xac/0x100 [ 172.062400][ T7126] ? __alloc_workqueue+0x10a/0x1f20 [ 172.067622][ T7126] __kmalloc_noprof+0xd8/0x400 [ 172.072412][ T7126] __alloc_workqueue+0x10a/0x1f20 [ 172.077442][ T7126] ? rcu_is_watching+0x15/0xb0 [ 172.082231][ T7126] ? kobject_set_name_vargs+0xce/0x120 [ 172.087713][ T7126] ? kfree+0x4e/0x440 [ 172.091731][ T7126] alloc_workqueue+0xd6/0x210 [ 172.096435][ T7126] ? hci_register_dev+0xe5/0x8b0 [ 172.101400][ T7126] ? __pfx_alloc_workqueue+0x10/0x10 [ 172.106726][ T7126] hci_register_dev+0x20c/0x8b0 [ 172.111621][ T7126] hci_uart_tty_ioctl+0x821/0x9e0 [ 172.116669][ T7126] ? __pfx_hci_uart_tty_ioctl+0x10/0x10 [ 172.122230][ T7126] tty_ioctl+0x998/0xdc0 [ 172.126481][ T7126] ? __pfx_tty_ioctl+0x10/0x10 [ 172.131280][ T7126] __se_sys_ioctl+0xf5/0x170 [ 172.135907][ T7126] do_syscall_64+0xf3/0x230 [ 172.140441][ T7126] ? clear_bhb_loop+0x35/0x90 [ 172.145151][ T7126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.151074][ T7126] RIP: 0033:0x7f014997e759 [ 172.155517][ T7126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.175148][ T7126] RSP: 002b:00007f014a781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 172.183592][ T7126] RAX: ffffffffffffffda RBX: 00007f0149b35f80 RCX: 00007f014997e759 [ 172.191609][ T7126] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000003 [ 172.199583][ T7126] RBP: 00007f014a781090 R08: 0000000000000000 R09: 0000000000000000 [ 172.207556][ T7126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.215536][ T7126] R13: 0000000000000000 R14: 00007f0149b35f80 R15: 00007ffc9dc56628 [ 172.223544][ T7126] [ 172.233018][ T7126] Bluetooth: Can't register HCI device [ 172.450343][ T7121] bond0: (slave bond_slave_0): Releasing backup interface [ 173.134672][ T9] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 173.994258][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 174.036472][ T7154] FAULT_INJECTION: forcing a failure. [ 174.036472][ T7154] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.050409][ T7154] CPU: 0 UID: 0 PID: 7154 Comm: syz.4.348 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 174.060692][ T7154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 174.070770][ T7154] Call Trace: [ 174.074066][ T7154] [ 174.077013][ T7154] dump_stack_lvl+0x241/0x360 [ 174.081717][ T7154] ? __pfx_dump_stack_lvl+0x10/0x10 [ 174.086938][ T7154] ? __pfx__printk+0x10/0x10 [ 174.091561][ T7154] should_fail_ex+0x3b0/0x4e0 [ 174.096278][ T7154] _copy_from_user+0x2f/0xc0 [ 174.100894][ T7154] memdup_user_nul+0x6c/0x100 [ 174.105599][ T7154] smk_write_net6addr+0x141/0x18b0 [ 174.110745][ T7154] ? __pfx_lock_acquire+0x10/0x10 [ 174.115805][ T7154] ? __pfx_smk_write_net6addr+0x10/0x10 [ 174.121366][ T7154] ? rcu_read_lock_any_held+0xb7/0x160 [ 174.126863][ T7154] ? __pfx_smk_write_net6addr+0x10/0x10 [ 174.132427][ T7154] vfs_write+0x2a3/0xd30 [ 174.136699][ T7154] ? fdget_pos+0x254/0x320 [ 174.141132][ T7154] ? __pfx_vfs_write+0x10/0x10 [ 174.145917][ T7154] ? __fget_files+0x2a/0x410 [ 174.150524][ T7154] ? __fget_files+0x395/0x410 [ 174.155225][ T7154] ? __fget_files+0x2a/0x410 [ 174.159842][ T7154] ksys_write+0x18f/0x2b0 [ 174.164199][ T7154] ? __pfx_ksys_write+0x10/0x10 [ 174.169069][ T7154] ? do_syscall_64+0x100/0x230 [ 174.173869][ T7154] ? do_syscall_64+0xb6/0x230 [ 174.178570][ T7154] do_syscall_64+0xf3/0x230 [ 174.183096][ T7154] ? clear_bhb_loop+0x35/0x90 [ 174.187789][ T7154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.193712][ T7154] RIP: 0033:0x7fb1e937e759 [ 174.198126][ T7154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.217744][ T7154] RSP: 002b:00007fb1ea185038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 174.226154][ T7154] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937e759 [ 174.234120][ T7154] RDX: 00000000000000b1 RSI: 0000000020000400 RDI: 0000000000000003 [ 174.242085][ T7154] RBP: 00007fb1ea185090 R08: 0000000000000000 R09: 0000000000000000 [ 174.250053][ T7154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 174.258028][ T7154] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 174.266021][ T7154] [ 174.269135][ C0] vkms_vblank_simulate: vblank timer overrun [ 174.336558][ T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 174.358078][ T5838] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 174.367287][ T5838] Bluetooth: hci3: Injecting HCI hardware error event [ 174.377683][ T5838] Bluetooth: hci3: hardware error 0x00 [ 174.486460][ T7156] binder: 7151:7156 ioctl c0306201 200003c0 returned -22 [ 175.013030][ T5882] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 175.020684][ T9] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 175.031887][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0 [ 175.126166][ T7164] FAULT_INJECTION: forcing a failure. [ 175.126166][ T7164] name failslab, interval 1, probability 0, space 0, times 0 [ 175.139166][ T7164] CPU: 0 UID: 0 PID: 7164 Comm: syz.0.351 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 175.149443][ T7164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 175.159516][ T7164] Call Trace: [ 175.162815][ T7164] [ 175.165762][ T7164] dump_stack_lvl+0x241/0x360 [ 175.170471][ T7164] ? __pfx_dump_stack_lvl+0x10/0x10 [ 175.175697][ T7164] ? __pfx__printk+0x10/0x10 [ 175.180326][ T7164] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 175.185810][ T7164] ? __pfx___might_resched+0x10/0x10 [ 175.191121][ T7164] should_fail_ex+0x3b0/0x4e0 [ 175.195829][ T7164] should_failslab+0xac/0x100 [ 175.200528][ T7164] ? netlbl_mgmt_add_common+0x57/0x1320 [ 175.206099][ T7164] __kmalloc_cache_noprof+0x6c/0x2c0 [ 175.211406][ T7164] netlbl_mgmt_add_common+0x57/0x1320 [ 175.216802][ T7164] ? smack_current_getsecid_subj+0x22/0xf0 [ 175.222631][ T7164] netlbl_mgmt_add+0x312/0x3a0 [ 175.227389][ T7164] ? __nla_parse+0x40/0x60 [ 175.231800][ T7164] ? __pfx_netlbl_mgmt_add+0x10/0x10 [ 175.237082][ T7164] ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290 [ 175.243409][ T7164] genl_rcv_msg+0xb14/0xec0 [ 175.247916][ T7164] ? mark_lock+0x9a/0x360 [ 175.252260][ T7164] ? __pfx_genl_rcv_msg+0x10/0x10 [ 175.257294][ T7164] ? __pfx_lock_acquire+0x10/0x10 [ 175.262349][ T7164] ? __pfx_netlbl_mgmt_add+0x10/0x10 [ 175.267644][ T7164] ? __pfx___might_resched+0x10/0x10 [ 175.272946][ T7164] netlink_rcv_skb+0x1e3/0x430 [ 175.277710][ T7164] ? __pfx_genl_rcv_msg+0x10/0x10 [ 175.282730][ T7164] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 175.288019][ T7164] genl_rcv+0x28/0x40 [ 175.291995][ T7164] netlink_unicast+0x7f6/0x990 [ 175.296774][ T7164] ? __pfx_netlink_unicast+0x10/0x10 [ 175.302071][ T7164] ? __virt_addr_valid+0x183/0x530 [ 175.307185][ T7164] ? __check_object_size+0x48e/0x900 [ 175.312493][ T7164] netlink_sendmsg+0x8e4/0xcb0 [ 175.317271][ T7164] ? __pfx_netlink_sendmsg+0x10/0x10 [ 175.322612][ T7164] ? __pfx_netlink_sendmsg+0x10/0x10 [ 175.327909][ T7164] __sock_sendmsg+0x221/0x270 [ 175.332587][ T7164] ____sys_sendmsg+0x52a/0x7e0 [ 175.337348][ T7164] ? __pfx_____sys_sendmsg+0x10/0x10 [ 175.342619][ T7164] ? __fget_files+0x2a/0x410 [ 175.347216][ T7164] ? __fget_files+0x2a/0x410 [ 175.351823][ T7164] __sys_sendmsg+0x269/0x350 [ 175.356406][ T7164] ? __pfx_lock_release+0x10/0x10 [ 175.361426][ T7164] ? __pfx___sys_sendmsg+0x10/0x10 [ 175.366535][ T7164] ? __pfx_vfs_write+0x10/0x10 [ 175.371310][ T7164] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 175.377649][ T7164] ? do_syscall_64+0x100/0x230 [ 175.382407][ T7164] ? do_syscall_64+0xb6/0x230 [ 175.387073][ T7164] do_syscall_64+0xf3/0x230 [ 175.391581][ T7164] ? clear_bhb_loop+0x35/0x90 [ 175.396282][ T7164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.402187][ T7164] RIP: 0033:0x7f014997e759 [ 175.406593][ T7164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.426191][ T7164] RSP: 002b:00007f014a781038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 175.434602][ T7164] RAX: ffffffffffffffda RBX: 00007f0149b35f80 RCX: 00007f014997e759 [ 175.442574][ T7164] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000004 [ 175.450537][ T7164] RBP: 00007f014a781090 R08: 0000000000000000 R09: 0000000000000000 [ 175.458501][ T7164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 175.466465][ T7164] R13: 0000000000000000 R14: 00007f0149b35f80 R15: 00007ffc9dc56628 [ 175.474436][ T7164] [ 175.477580][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.563780][ T9] usb 2-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5 [ 175.572923][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.588781][ T9] usb 2-1: config 0 descriptor?? [ 175.595817][ T9] usb 2-1: can't set config #0, error -71 [ 175.602883][ T9] usb 2-1: USB disconnect, device number 14 [ 175.623633][ T5882] usb 4-1: Using ep0 maxpacket: 8 [ 175.631741][ T5882] usb 4-1: descriptor type invalid, skip [ 175.639182][ T5882] usb 4-1: descriptor type invalid, skip [ 175.645242][ T5882] usb 4-1: descriptor type invalid, skip [ 175.650993][ T5882] usb 4-1: descriptor type invalid, skip [ 175.657081][ T5882] usb 4-1: descriptor type invalid, skip [ 175.671345][ T7172] FAULT_INJECTION: forcing a failure. [ 175.671345][ T7172] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 175.709585][ T7172] CPU: 0 UID: 0 PID: 7172 Comm: syz.1.352 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 175.720153][ T7172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 175.730231][ T7172] Call Trace: [ 175.733532][ T7172] [ 175.736479][ T7172] dump_stack_lvl+0x241/0x360 [ 175.741188][ T7172] ? __pfx_dump_stack_lvl+0x10/0x10 [ 175.746410][ T7172] ? __pfx__printk+0x10/0x10 [ 175.751029][ T7172] ? __pfx_lock_release+0x10/0x10 [ 175.756088][ T7172] should_fail_ex+0x3b0/0x4e0 [ 175.760800][ T7172] _copy_from_user+0x2f/0xc0 [ 175.765421][ T7172] vmemdup_user+0x149/0x1c0 [ 175.769955][ T7172] path_setxattrat+0x354/0x510 [ 175.774762][ T7172] ? __pfx_path_setxattrat+0x10/0x10 [ 175.780073][ T7172] ? vfs_write+0x730/0xd30 [ 175.784544][ T7172] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 175.790559][ T7172] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 175.796933][ T7172] __x64_sys_fsetxattr+0xbc/0xe0 [ 175.801895][ T7172] do_syscall_64+0xf3/0x230 [ 175.806423][ T7172] ? clear_bhb_loop+0x35/0x90 [ 175.811130][ T7172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.817051][ T7172] RIP: 0033:0x7fba0757e759 [ 175.821487][ T7172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.841102][ T7172] RSP: 002b:00007fba083ca038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 175.849511][ T7172] RAX: ffffffffffffffda RBX: 00007fba07735f80 RCX: 00007fba0757e759 [ 175.857480][ T7172] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 0000000000000003 [ 175.865459][ T7172] RBP: 00007fba083ca090 R08: 0000000000000002 R09: 0000000000000000 [ 175.873449][ T7172] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 175.881433][ T7172] R13: 0000000000000000 R14: 00007fba07735f80 R15: 00007ffe6c8e4078 [ 175.889404][ T7172] [ 175.892516][ C0] vkms_vblank_simulate: vblank timer overrun [ 175.909580][ T5882] usb 4-1: config 1 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 175.920948][ T5882] usb 4-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 175.934788][ T5882] usb 4-1: config 1 interface 0 has no altsetting 0 [ 175.974018][ T5882] usb 4-1: New USB device found, idVendor=0458, idProduct=5014, bcdDevice= 0.40 [ 175.983096][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.991462][ T5882] usb 4-1: Product: syz [ 175.996068][ T5882] usb 4-1: Manufacturer: syz [ 176.000688][ T5882] usb 4-1: SerialNumber: syz [ 176.231549][ T7147] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.243412][ T7147] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.283415][ T5882] usbhid 4-1:1.0: can't add hid device: -71 [ 176.290242][ T5882] usbhid 4-1:1.0: probe with driver usbhid failed with error -71 [ 176.301810][ T5882] usb 4-1: USB disconnect, device number 6 [ 176.480768][ T7191] vcan0: tx drop: invalid da for name 0x0000000000000003 [ 177.663598][ T5838] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 178.052731][ T7203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.364'. [ 178.086161][ T7203] netlink: 152 bytes leftover after parsing attributes in process `syz.1.364'. [ 178.119294][ T7203] netlink: 152 bytes leftover after parsing attributes in process `syz.1.364'. [ 178.402054][ T7220] fuse: Bad value for 'fd' [ 178.518552][ T7222] No such timeout policy "syz0" [ 178.734694][ T7223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.365'. [ 181.174415][ T7251] block device autoloading is deprecated and will be removed. [ 183.005374][ T7283] netlink: 4 bytes leftover after parsing attributes in process `syz.0.382'. [ 183.293630][ T5916] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 183.799194][ T5916] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 183.819713][ T5916] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 183.829733][ T5916] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 183.838922][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 183.958799][ T7277] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 184.494696][ T5842] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 184.504727][ T5842] Bluetooth: hci1: Injecting HCI hardware error event [ 184.583107][ T5916] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 185.705583][ T9] usb 2-1: USB disconnect, device number 15 [ 185.824233][ T7314] netlink: 9 bytes leftover after parsing attributes in process `syz.4.391'. [ 185.853860][ T7314] 0: renamed from hsr0 (while UP) [ 185.885120][ T7314] 0: entered promiscuous mode [ 185.890549][ T7314] A link change request failed with some changes committed already. Interface 70 may have been left with an inconsistent configuration, please check. [ 186.021946][ T7319] netlink: 9 bytes leftover after parsing attributes in process `syz.0.392'. [ 186.065567][ T7319] 0: renamed from hsr0 (while UP) [ 186.105779][ T7319] FAULT_INJECTION: forcing a failure. [ 186.105779][ T7319] name failslab, interval 1, probability 0, space 0, times 0 [ 186.135869][ T7319] CPU: 1 UID: 0 PID: 7319 Comm: syz.0.392 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 186.146241][ T7319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 186.156305][ T7319] Call Trace: [ 186.159577][ T7319] [ 186.162509][ T7319] dump_stack_lvl+0x241/0x360 [ 186.167190][ T7319] ? __pfx_dump_stack_lvl+0x10/0x10 [ 186.172387][ T7319] ? __pfx__printk+0x10/0x10 [ 186.176997][ T7319] ? __kmalloc_node_track_caller_noprof+0xb2/0x440 [ 186.183510][ T7319] ? __pfx___might_resched+0x10/0x10 [ 186.188808][ T7319] should_fail_ex+0x3b0/0x4e0 [ 186.193494][ T7319] should_failslab+0xac/0x100 [ 186.198178][ T7319] __kmalloc_node_track_caller_noprof+0xda/0x440 [ 186.204496][ T7319] ? kobject_rename+0x176/0x410 [ 186.209356][ T7319] ? kobject_rename+0xf2/0x410 [ 186.214141][ T7319] ? kobject_rename+0xf2/0x410 [ 186.218929][ T7319] kstrdup+0x3a/0x80 [ 186.222847][ T7319] kobject_rename+0x176/0x410 [ 186.227546][ T7319] ? __pfx_kobject_rename+0x10/0x10 [ 186.232744][ T7319] ? sysfs_rename_link_ns+0x182/0x1c0 [ 186.238115][ T7319] device_rename+0x16a/0x200 [ 186.242701][ T7319] dev_change_name+0x2bd/0x920 [ 186.247458][ T7319] ? irq_work_queue+0xca/0x150 [ 186.252216][ T7319] ? __wake_up_klogd+0xd5/0x110 [ 186.257059][ T7319] ? do_setlink+0xa4e/0x41f0 [ 186.261641][ T7319] ? __pfx_dev_change_name+0x10/0x10 [ 186.266930][ T7319] ? nla_strscpy+0x100/0x180 [ 186.271510][ T7319] ? __asan_memset+0x23/0x50 [ 186.276093][ T7319] ? nla_strscpy+0x113/0x180 [ 186.280682][ T7319] do_setlink+0xa4e/0x41f0 [ 186.285096][ T7319] ? _printk+0xd5/0x120 [ 186.289243][ T7319] ? __nla_validate_parse+0x2660/0x3090 [ 186.294794][ T7319] ? __pfx__printk+0x10/0x10 [ 186.299374][ T7319] ? __pfx_do_setlink+0x10/0x10 [ 186.304213][ T7319] ? rcu_is_watching+0x15/0xb0 [ 186.308962][ T7319] ? do_trace_netlink_extack+0x8b/0x1f0 [ 186.314515][ T7319] ? __nla_validate_parse+0x27eb/0x3090 [ 186.320059][ T7319] ? __kmalloc_cache_noprof+0x19c/0x2c0 [ 186.325634][ T7319] ? rtnl_newlink+0xf2/0x20a0 [ 186.330318][ T7319] ? __pfx___nla_validate_parse+0x10/0x10 [ 186.336050][ T7319] ? validate_linkmsg+0x71e/0x900 [ 186.341076][ T7319] rtnl_newlink+0x180d/0x20a0 [ 186.345752][ T7319] ? rtnl_newlink+0x461/0x20a0 [ 186.350529][ T7319] ? __pfx_rtnl_newlink+0x10/0x10 [ 186.355568][ T7319] ? __pfx___mutex_trylock_common+0x10/0x10 [ 186.361453][ T7319] ? rcu_is_watching+0x15/0xb0 [ 186.366209][ T7319] ? trace_contention_end+0x3c/0x120 [ 186.371493][ T7319] ? __mutex_lock+0x2ef/0xd70 [ 186.376180][ T7319] ? __pfx_lock_release+0x10/0x10 [ 186.381206][ T7319] ? __pfx_rtnl_newlink+0x10/0x10 [ 186.386223][ T7319] rtnetlink_rcv_msg+0x73f/0xcf0 [ 186.391170][ T7319] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 186.396276][ T7319] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 186.401726][ T7319] ? ref_tracker_free+0x643/0x7e0 [ 186.406743][ T7319] netlink_rcv_skb+0x1e3/0x430 [ 186.411496][ T7319] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 186.416947][ T7319] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 186.422231][ T7319] ? netlink_deliver_tap+0x2e/0x1b0 [ 186.427418][ T7319] netlink_unicast+0x7f6/0x990 [ 186.432178][ T7319] ? __pfx_netlink_unicast+0x10/0x10 [ 186.437452][ T7319] ? __virt_addr_valid+0x183/0x530 [ 186.442551][ T7319] ? __check_object_size+0x48e/0x900 [ 186.447838][ T7319] netlink_sendmsg+0x8e4/0xcb0 [ 186.452585][ T7319] ? mark_lock+0x9a/0x360 [ 186.456908][ T7319] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.462188][ T7319] ? __pfx_netlink_sendmsg+0x10/0x10 [ 186.467464][ T7319] __sock_sendmsg+0x221/0x270 [ 186.472144][ T7319] sock_write_iter+0x2d7/0x3f0 [ 186.476900][ T7319] ? __pfx_sock_write_iter+0x10/0x10 [ 186.482207][ T7319] do_iter_readv_writev+0x600/0x880 [ 186.487407][ T7319] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 186.493118][ T7319] ? bpf_lsm_file_permission+0x9/0x10 [ 186.498477][ T7319] ? security_file_permission+0x74/0x280 [ 186.504100][ T7319] ? rw_verify_area+0x1c3/0x6f0 [ 186.508942][ T7319] vfs_writev+0x376/0xba0 [ 186.513261][ T7319] ? __pfx_lock_acquire+0x10/0x10 [ 186.518274][ T7319] ? __pfx_vfs_writev+0x10/0x10 [ 186.523121][ T7319] ? __pfx_vfs_write+0x10/0x10 [ 186.527874][ T7319] ? __fget_files+0x2a/0x410 [ 186.532453][ T7319] ? __fget_files+0x395/0x410 [ 186.537122][ T7319] ? __fget_files+0x2a/0x410 [ 186.541719][ T7319] do_writev+0x1b6/0x360 [ 186.545960][ T7319] ? __pfx_do_writev+0x10/0x10 [ 186.550733][ T7319] ? do_syscall_64+0x100/0x230 [ 186.555496][ T7319] ? do_syscall_64+0xb6/0x230 [ 186.560170][ T7319] do_syscall_64+0xf3/0x230 [ 186.564666][ T7319] ? clear_bhb_loop+0x35/0x90 [ 186.569336][ T7319] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.575225][ T7319] RIP: 0033:0x7f014997e759 [ 186.579629][ T7319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.599247][ T7319] RSP: 002b:00007f014a781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 186.607654][ T7319] RAX: ffffffffffffffda RBX: 00007f0149b35f80 RCX: 00007f014997e759 [ 186.615619][ T7319] RDX: 0000000000000001 RSI: 0000000020000400 RDI: 0000000000000003 [ 186.623590][ T7319] RBP: 00007f014a781090 R08: 0000000000000000 R09: 0000000000000000 [ 186.631561][ T7319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 186.639525][ T7319] R13: 0000000000000000 R14: 00007f0149b35f80 R15: 00007ffc9dc56628 [ 186.647505][ T7319] [ 186.665950][ T5842] Bluetooth: hci1: command 0x0406 tx timeout [ 186.673388][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 186.683619][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 187.249820][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 187.249837][ T29] audit: type=1326 audit(1732004110.377:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.277648][ T29] audit: type=1326 audit(1732004110.377:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.300592][ T29] audit: type=1326 audit(1732004110.377:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.321812][ C0] vkms_vblank_simulate: vblank timer overrun [ 187.341970][ T2147] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 187.358864][ T29] audit: type=1326 audit(1732004110.377:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.417052][ T29] audit: type=1326 audit(1732004110.377:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.438942][ T29] audit: type=1326 audit(1732004110.377:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.460809][ T29] audit: type=1326 audit(1732004110.377:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.482702][ T29] audit: type=1326 audit(1732004110.377:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.504787][ T29] audit: type=1326 audit(1732004110.377:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.526482][ T29] audit: type=1326 audit(1732004110.377:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7330 comm="syz.0.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f014997e759 code=0x7ffc0000 [ 187.569548][ T5835] Bluetooth: hci1: hardware error 0x00 [ 187.681557][ T7334] netlink: 'syz.1.398': attribute type 2 has an invalid length. [ 187.692178][ T7334] netlink: 'syz.1.398': attribute type 8 has an invalid length. [ 187.706186][ T7334] netlink: 32 bytes leftover after parsing attributes in process `syz.1.398'. [ 187.730871][ T7334] netlink: 'syz.1.398': attribute type 39 has an invalid length. [ 189.372351][ T2147] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 189.881787][ T2147] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 189.892583][ T2147] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 189.902413][ T2147] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.919820][ T5835] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 190.044451][ T7337] openvswitch: netlink: Key type 200 is out of range max 32 [ 190.185036][ T2147] usb 4-1: can't set config #27, error -71 [ 190.233787][ T7356] FAULT_INJECTION: forcing a failure. [ 190.233787][ T7356] name failslab, interval 1, probability 0, space 0, times 0 [ 190.246976][ T2147] usb 4-1: USB disconnect, device number 7 [ 190.287324][ T7359] netlink: 210620 bytes leftover after parsing attributes in process `syz.2.404'. [ 190.299819][ T7356] CPU: 0 UID: 0 PID: 7356 Comm: syz.4.405 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 190.310105][ T7356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 190.320184][ T7356] Call Trace: [ 190.323491][ T7356] [ 190.326443][ T7356] dump_stack_lvl+0x241/0x360 [ 190.331145][ T7356] ? __pfx_dump_stack_lvl+0x10/0x10 [ 190.336369][ T7356] ? __pfx__printk+0x10/0x10 [ 190.340990][ T7356] ? __kmalloc_cache_node_noprof+0x4c/0x300 [ 190.346918][ T7356] ? __pfx___might_resched+0x10/0x10 [ 190.352239][ T7356] should_fail_ex+0x3b0/0x4e0 [ 190.355652][ T7359] openvswitch: netlink: ufid size 2296 bytes exceeds the range (1, 16) [ 190.356975][ T7356] should_failslab+0xac/0x100 [ 190.369906][ T7356] __kmalloc_cache_node_noprof+0x74/0x300 [ 190.375662][ T7356] ? __get_vm_area_node+0x113/0x270 [ 190.380897][ T7356] __get_vm_area_node+0x113/0x270 [ 190.385950][ T7356] __vmalloc_node_range_noprof+0x3a6/0x13f0 [ 190.391877][ T7356] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 190.397445][ T7356] ? mark_lock+0x9a/0x360 [ 190.401813][ T7356] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 190.408173][ T7356] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 190.413726][ T7356] __vmalloc_noprof+0x79/0x90 [ 190.418403][ T7356] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 190.423949][ T7356] bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 190.429317][ T7356] ? bpf_prog_alloc+0x28/0x1b0 [ 190.434092][ T7356] bpf_prog_alloc+0x3a/0x1b0 [ 190.438678][ T7356] bpf_prog_load+0x7f7/0x20f0 [ 190.443364][ T7356] ? __pfx_bpf_prog_load+0x10/0x10 [ 190.448474][ T7356] ? __pfx___might_resched+0x10/0x10 [ 190.453786][ T7356] ? __might_fault+0xc6/0x120 [ 190.458481][ T7356] __sys_bpf+0x4ee/0x810 [ 190.462724][ T7356] ? __pfx___sys_bpf+0x10/0x10 [ 190.467497][ T7356] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 190.473487][ T7356] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 190.479828][ T7356] ? do_syscall_64+0x100/0x230 [ 190.484596][ T7356] __x64_sys_bpf+0x7c/0x90 [ 190.489011][ T7356] do_syscall_64+0xf3/0x230 [ 190.493512][ T7356] ? clear_bhb_loop+0x35/0x90 [ 190.498188][ T7356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.504091][ T7356] RIP: 0033:0x7fb1e937e759 [ 190.508534][ T7356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.528135][ T7356] RSP: 002b:00007fb1ea185038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 190.536565][ T7356] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937e759 [ 190.544534][ T7356] RDX: 0000000000000094 RSI: 0000000020000400 RDI: 0000000000000005 [ 190.552516][ T7356] RBP: 00007fb1ea185090 R08: 0000000000000000 R09: 0000000000000000 [ 190.560502][ T7356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.568477][ T7356] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 190.576459][ T7356] [ 190.579573][ C0] vkms_vblank_simulate: vblank timer overrun [ 190.589487][ T7356] syz.4.405: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 190.607309][ T7356] CPU: 1 UID: 0 PID: 7356 Comm: syz.4.405 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 190.617677][ T7356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 190.627755][ T7356] Call Trace: [ 190.631035][ T7356] [ 190.633963][ T7356] dump_stack_lvl+0x241/0x360 [ 190.638645][ T7356] ? __pfx_dump_stack_lvl+0x10/0x10 [ 190.643842][ T7356] ? __pfx__printk+0x10/0x10 [ 190.648432][ T7356] ? cpuset_print_current_mems_allowed+0x1f/0x350 [ 190.654840][ T7356] ? cpuset_print_current_mems_allowed+0x31e/0x350 [ 190.661337][ T7356] warn_alloc+0x278/0x410 [ 190.665669][ T7356] ? __pfx_warn_alloc+0x10/0x10 [ 190.670517][ T7356] ? __get_vm_area_node+0x113/0x270 [ 190.675717][ T7356] ? __get_vm_area_node+0x261/0x270 [ 190.680919][ T7356] __vmalloc_node_range_noprof+0x3cb/0x13f0 [ 190.686818][ T7356] ? mark_lock+0x9a/0x360 [ 190.691160][ T7356] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 190.697509][ T7356] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 190.703051][ T7356] __vmalloc_noprof+0x79/0x90 [ 190.707725][ T7356] ? bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 190.713267][ T7356] bpf_prog_alloc_no_stats+0x4d/0x4b0 [ 190.718636][ T7356] ? bpf_prog_alloc+0x28/0x1b0 [ 190.723401][ T7356] bpf_prog_alloc+0x3a/0x1b0 [ 190.727990][ T7356] bpf_prog_load+0x7f7/0x20f0 [ 190.732688][ T7356] ? __pfx_bpf_prog_load+0x10/0x10 [ 190.737798][ T7356] ? __pfx___might_resched+0x10/0x10 [ 190.743096][ T7356] ? __might_fault+0xc6/0x120 [ 190.747772][ T7356] __sys_bpf+0x4ee/0x810 [ 190.752022][ T7356] ? __pfx___sys_bpf+0x10/0x10 [ 190.756791][ T7356] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 190.762771][ T7356] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 190.769105][ T7356] ? do_syscall_64+0x100/0x230 [ 190.773872][ T7356] __x64_sys_bpf+0x7c/0x90 [ 190.778284][ T7356] do_syscall_64+0xf3/0x230 [ 190.782781][ T7356] ? clear_bhb_loop+0x35/0x90 [ 190.787470][ T7356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.793364][ T7356] RIP: 0033:0x7fb1e937e759 [ 190.797774][ T7356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.817374][ T7356] RSP: 002b:00007fb1ea185038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 190.825785][ T7356] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937e759 [ 190.833752][ T7356] RDX: 0000000000000094 RSI: 0000000020000400 RDI: 0000000000000005 [ 190.841715][ T7356] RBP: 00007fb1ea185090 R08: 0000000000000000 R09: 0000000000000000 [ 190.849681][ T7356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.857647][ T7356] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 190.865625][ T7356] [ 191.235533][ T7356] Mem-Info: [ 191.238773][ T7356] active_anon:4376 inactive_anon:10007 isolated_anon:0 [ 191.238773][ T7356] active_file:4800 inactive_file:44683 isolated_file:0 [ 191.238773][ T7356] unevictable:768 dirty:157 writeback:0 [ 191.238773][ T7356] slab_reclaimable:9999 slab_unreclaimable:98853 [ 191.238773][ T7356] mapped:27485 shmem:10031 pagetables:852 [ 191.238773][ T7356] sec_pagetables:0 bounce:0 [ 191.238773][ T7356] kernel_misc_reclaimable:0 [ 191.238773][ T7356] free:1333657 free_pcp:716 free_cma:0 [ 191.454013][ T7356] Node 0 active_anon:24204kB inactive_anon:30936kB active_file:19132kB inactive_file:178732kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:100968kB dirty:648kB writeback:0kB shmem:38588kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11196kB pagetables:3288kB sec_pagetables:0kB all_unreclaimable? no [ 191.486852][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.503979][ T7356] Node 1 active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 191.614263][ T7356] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 191.641342][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.743591][ T7356] lowmem_reserve[]: 0 2465 2466 0 0 [ 191.748902][ T7356] Node 0 DMA32 free:1410216kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:14100kB inactive_anon:39904kB active_file:18340kB inactive_file:178680kB unevictable:1536kB writepending:648kB present:3129332kB managed:2552492kB mlocked:0kB bounce:0kB free_pcp:1980kB local_pcp:660kB free_cma:0kB [ 191.779507][ C0] vkms_vblank_simulate: vblank timer overrun [ 191.861586][ T7356] lowmem_reserve[]: 0 0 0 0 0 [ 191.867040][ T7356] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:32kB active_file:792kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 191.894944][ T7356] lowmem_reserve[]: 0 0 0 0 0 [ 191.899710][ T7356] Node 1 Normal free:3913752kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 192.006927][ T5963] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 192.234318][ T7356] lowmem_reserve[]: 0 0 0 0 0 [ 192.287855][ T7356] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 192.308705][ T5963] usb 1-1: device descriptor read/64, error -71 [ 192.534041][ T7356] Node 0 DMA32: 3*4kB (UME) 304*8kB (UM) 169*16kB (UME) 136*32kB (UME) 132*64kB (UME) 25*128kB (UME) 36*256kB (UME) 13*512kB (UME) 6*1024kB (UM) 6*2048kB (ME) 329*4096kB (UM) = 1403036kB [ 192.613547][ T7356] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 192.657470][ T5963] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 192.713586][ T7356] Node 1 Normal: 190*4kB (UME) 62*8kB (UME) 49*16kB (UME) 207*32kB (UME) 89*64kB (UME) 28*128kB (UME) 16*256kB (UME) 7*512kB (UM) 5*1024kB (UM) 2*2048kB (U) 947*4096kB (M) = 3913752kB [ 192.763633][ T7356] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 192.778796][ T7356] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 192.791682][ T7356] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 192.824207][ T5963] usb 1-1: device descriptor read/64, error -71 [ 192.829571][ T7356] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 192.847596][ T7382] overlayfs: missing 'lowerdir' [ 192.859586][ T7356] 58726 total pagecache pages [ 192.870650][ T7356] 0 pages in swap cache [ 192.890853][ T7356] Free swap = 122700kB [ 192.907859][ T7356] Total swap = 124996kB [ 192.922866][ T7356] 2097051 pages RAM [ 192.934309][ T5963] usb usb1-port1: attempt power cycle [ 193.015411][ T7356] 0 pages HighMem/MovableOnly [ 193.073720][ T7356] 427076 pages reserved [ 193.234481][ T7356] 0 pages cma reserved [ 193.284445][ T5963] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 193.317102][ T5963] usb 1-1: device descriptor read/8, error -71 [ 193.704056][ T5963] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 193.954371][ T5963] usb 1-1: device descriptor read/8, error -71 [ 194.140868][ T7393] FAULT_INJECTION: forcing a failure. [ 194.140868][ T7393] name failslab, interval 1, probability 0, space 0, times 0 [ 194.154249][ T7393] CPU: 1 UID: 0 PID: 7393 Comm: syz.3.415 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 194.164524][ T7393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 194.174604][ T7393] Call Trace: [ 194.177903][ T7393] [ 194.180844][ T7393] dump_stack_lvl+0x241/0x360 [ 194.185549][ T7393] ? __pfx_dump_stack_lvl+0x10/0x10 [ 194.190775][ T7393] ? __pfx__printk+0x10/0x10 [ 194.195386][ T7393] ? __kmalloc_noprof+0xb0/0x400 [ 194.200345][ T7393] ? __pfx___might_resched+0x10/0x10 [ 194.205651][ T7393] ? nla_strdup+0x9c/0x140 [ 194.210086][ T7393] should_fail_ex+0x3b0/0x4e0 [ 194.214791][ T7393] ? nla_strdup+0x9c/0x140 [ 194.219224][ T7393] should_failslab+0xac/0x100 [ 194.223917][ T7393] ? nla_strdup+0x9c/0x140 [ 194.228347][ T7393] __kmalloc_noprof+0xd8/0x400 [ 194.233129][ T7393] nla_strdup+0x9c/0x140 [ 194.237389][ T7393] rtnl_linkprop+0x515/0x8b0 [ 194.242003][ T7393] ? mark_lock+0x9a/0x360 [ 194.246354][ T7393] ? __pfx_rtnl_linkprop+0x10/0x10 [ 194.251556][ T7393] ? __pfx_lock_release+0x10/0x10 [ 194.256618][ T7393] ? __pfx___mutex_lock+0x10/0x10 [ 194.261671][ T7393] ? __pfx_rtnl_dellinkprop+0x10/0x10 [ 194.267071][ T7393] rtnetlink_rcv_msg+0x73f/0xcf0 [ 194.272032][ T7393] ? rtnetlink_rcv_msg+0x1a7/0xcf0 [ 194.277169][ T7393] ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70 [ 194.283869][ T7393] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 194.289367][ T7393] netlink_rcv_skb+0x1e3/0x430 [ 194.294149][ T7393] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 194.299642][ T7393] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 194.304976][ T7393] ? __rcu_read_unlock+0xa1/0x110 [ 194.310044][ T7393] netlink_unicast+0x7f6/0x990 [ 194.314844][ T7393] ? __pfx_netlink_unicast+0x10/0x10 [ 194.320158][ T7393] ? __check_object_size+0x489/0x900 [ 194.325470][ T7393] ? __check_object_size+0x48e/0x900 [ 194.330782][ T7393] netlink_sendmsg+0x8e4/0xcb0 [ 194.335587][ T7393] ? __pfx_netlink_sendmsg+0x10/0x10 [ 194.340916][ T7393] ? __pfx_netlink_sendmsg+0x10/0x10 [ 194.346215][ T7393] __sock_sendmsg+0x221/0x270 [ 194.350899][ T7393] ____sys_sendmsg+0x52a/0x7e0 [ 194.355672][ T7393] ? __pfx_____sys_sendmsg+0x10/0x10 [ 194.360954][ T7393] ? __fget_files+0x2a/0x410 [ 194.365545][ T7393] ? __fget_files+0x2a/0x410 [ 194.370152][ T7393] __sys_sendmmsg+0x36a/0x720 [ 194.374853][ T7393] ? __pfx___sys_sendmmsg+0x10/0x10 [ 194.380070][ T7393] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 194.386078][ T7393] ? irqentry_exit+0x63/0x90 [ 194.390678][ T7393] ? finish_task_switch+0x1ea/0x870 [ 194.395880][ T7393] ? finish_task_switch+0x1e5/0x870 [ 194.401084][ T7393] ? __schedule+0x1802/0x4bd0 [ 194.405767][ T7393] ? __mutex_unlock_slowpath+0x21d/0x750 [ 194.411416][ T7393] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 194.417411][ T7393] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 194.423769][ T7393] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 194.430121][ T7393] __x64_sys_sendmmsg+0xa0/0xb0 [ 194.434979][ T7393] do_syscall_64+0xf3/0x230 [ 194.439480][ T7393] ? clear_bhb_loop+0x35/0x90 [ 194.444156][ T7393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.450049][ T7393] RIP: 0033:0x7f1770b7e759 [ 194.454461][ T7393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.474068][ T7393] RSP: 002b:00007f1771a4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 194.482483][ T7393] RAX: ffffffffffffffda RBX: 00007f1770d35f80 RCX: 00007f1770b7e759 [ 194.490451][ T7393] RDX: 0000000004924b68 RSI: 0000000020000140 RDI: 0000000000000004 [ 194.498418][ T7393] RBP: 00007f1771a4b090 R08: 0000000000000000 R09: 0000000000000000 [ 194.506385][ T7393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 194.514359][ T7393] R13: 0000000000000000 R14: 00007f1770d35f80 R15: 00007fff341a1d58 [ 194.522341][ T7393] [ 194.535493][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.542042][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.735313][ T5963] usb usb1-port1: unable to enumerate USB device [ 195.224086][ T5963] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 195.314086][ T7405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.420'. [ 195.433011][ T5963] usb 1-1: config 0 has an invalid interface number: 146 but max is 0 [ 195.453856][ T5963] usb 1-1: config 0 has no interface number 0 [ 195.508594][ T5963] usb 1-1: New USB device found, idVendor=06cd, idProduct=0112, bcdDevice=f8.4f [ 195.518880][ T5963] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.561809][ T5963] usb 1-1: Product: syz [ 195.571506][ T5963] usb 1-1: Manufacturer: syz [ 195.577500][ T5963] usb 1-1: SerialNumber: syz [ 195.607925][ T5963] usb 1-1: config 0 descriptor?? [ 196.785626][ T2147] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 196.819535][ T7433] openvswitch: netlink: Key type 200 is out of range max 32 [ 196.866497][ T5963] keyspan 1-1:0.146: Keyspan 1 port adapter converter detected [ 196.887504][ T5963] keyspan 1-1:0.146: found no endpoint descriptor for endpoint 87 [ 196.909299][ T5963] keyspan 1-1:0.146: found no endpoint descriptor for endpoint 7 [ 196.922446][ T5963] keyspan 1-1:0.146: found no endpoint descriptor for endpoint 81 [ 197.007444][ T5963] keyspan 1-1:0.146: found no endpoint descriptor for endpoint 1 [ 197.016219][ T5963] keyspan 1-1:0.146: found no endpoint descriptor for endpoint 2 [ 197.027819][ T5963] keyspan 1-1:0.146: found no endpoint descriptor for endpoint 85 [ 197.114924][ T2147] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.665750][ T5963] keyspan 1-1:0.146: found no endpoint descriptor for endpoint 5 [ 197.674149][ T2147] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.685299][ T2147] usb 2-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00 [ 197.694955][ T2147] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.704960][ T5963] usb 1-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 197.714573][ T2147] usb 2-1: config 0 descriptor?? [ 197.771055][ T5963] usb 1-1: USB disconnect, device number 11 [ 197.783256][ T5963] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 197.793938][ T5963] keyspan 1-1:0.146: device disconnected [ 197.837649][ T7440] fuse: Unknown parameter '017777777777777777777770x0000000000000003' [ 199.012032][ T2147] uclogic 0003:5543:0042.0002: unknown main item tag 0x6 [ 199.020434][ T2147] uclogic 0003:5543:0042.0002: No inputs registered, leaving [ 199.034276][ T2147] uclogic 0003:5543:0042.0002: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.1-1/input0 [ 199.077637][ T7450] Trying to write to read-only block-device nullb0 [ 199.201157][ T5882] usb 2-1: USB disconnect, device number 16 [ 199.265168][ T7459] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 199.714546][ T7472] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 201.089120][ T7481] trusted_key: encrypted_key: key user:syz not found [ 201.411860][ T7487] netlink: 40 bytes leftover after parsing attributes in process `syz.3.441'. [ 201.428330][ T7487] netlink: 40 bytes leftover after parsing attributes in process `syz.3.441'. [ 201.439163][ T5916] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 201.693832][ T5916] usb 3-1: Using ep0 maxpacket: 16 [ 201.705880][ T5916] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 201.722105][ T5916] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 201.802202][ T5916] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 201.831036][ T5916] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 201.852635][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.873627][ T5916] usb 3-1: Product: syz [ 201.877969][ T5916] usb 3-1: Manufacturer: syz [ 201.898371][ T5916] usb 3-1: SerialNumber: syz [ 202.978311][ T7482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 203.118356][ T7482] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 203.209642][ T5916] usb 3-1: 0:2 : does not exist [ 203.394045][ T6865] usb 3-1: USB disconnect, device number 14 [ 203.683148][ T7514] netlink: 20 bytes leftover after parsing attributes in process `syz.4.450'. [ 204.429282][ T6043] udevd[6043]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 206.203792][ T5882] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 206.775097][ T5882] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 206.786400][ T5882] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 206.820486][ T5882] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 206.879713][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.937689][ T7534] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 206.951509][ T5882] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 207.695936][ T7553] netlink: 8 bytes leftover after parsing attributes in process `syz.2.456'. [ 208.046495][ T8] usb 2-1: USB disconnect, device number 17 [ 209.954809][ T7572] FAULT_INJECTION: forcing a failure. [ 209.954809][ T7572] name failslab, interval 1, probability 0, space 0, times 0 [ 210.020533][ T7572] CPU: 0 UID: 0 PID: 7572 Comm: syz.4.466 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 210.030842][ T7572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 210.040918][ T7572] Call Trace: [ 210.044199][ T7572] [ 210.047127][ T7572] dump_stack_lvl+0x241/0x360 [ 210.051803][ T7572] ? __pfx_dump_stack_lvl+0x10/0x10 [ 210.056996][ T7572] ? __pfx__printk+0x10/0x10 [ 210.061581][ T7572] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 210.067554][ T7572] ? __pfx___might_resched+0x10/0x10 [ 210.072839][ T7572] should_fail_ex+0x3b0/0x4e0 [ 210.077528][ T7572] should_failslab+0xac/0x100 [ 210.082233][ T7572] ? __alloc_skb+0x1c3/0x440 [ 210.086844][ T7572] kmem_cache_alloc_node_noprof+0x71/0x320 [ 210.092659][ T7572] __alloc_skb+0x1c3/0x440 [ 210.097075][ T7572] ? __pfx___alloc_skb+0x10/0x10 [ 210.102011][ T7572] ? netlink_autobind+0xd6/0x2f0 [ 210.106943][ T7572] ? netlink_autobind+0x2b0/0x2f0 [ 210.111991][ T7572] netlink_sendmsg+0x638/0xcb0 [ 210.116758][ T7572] ? __pfx_netlink_sendmsg+0x10/0x10 [ 210.122044][ T7572] ? get_pid_task+0x23/0x1f0 [ 210.126642][ T7572] ? __pfx_netlink_sendmsg+0x10/0x10 [ 210.131928][ T7572] __sock_sendmsg+0x221/0x270 [ 210.136697][ T7572] sock_write_iter+0x2d7/0x3f0 [ 210.141467][ T7572] ? __pfx_sock_write_iter+0x10/0x10 [ 210.146761][ T7572] ? bpf_lsm_file_permission+0x9/0x10 [ 210.152127][ T7572] ? security_file_permission+0x74/0x280 [ 210.157765][ T7572] vfs_write+0xaeb/0xd30 [ 210.162013][ T7572] ? __pfx_sock_write_iter+0x10/0x10 [ 210.167297][ T7572] ? __pfx_vfs_write+0x10/0x10 [ 210.172059][ T7572] ? __fget_files+0x2a/0x410 [ 210.176655][ T7572] ? __fget_files+0x2a/0x410 [ 210.181246][ T7572] ksys_write+0x18f/0x2b0 [ 210.185577][ T7572] ? __pfx_ksys_write+0x10/0x10 [ 210.190426][ T7572] ? do_syscall_64+0x100/0x230 [ 210.195191][ T7572] ? do_syscall_64+0xb6/0x230 [ 210.199862][ T7572] do_syscall_64+0xf3/0x230 [ 210.204361][ T7572] ? clear_bhb_loop+0x35/0x90 [ 210.209036][ T7572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.214931][ T7572] RIP: 0033:0x7fb1e937e759 [ 210.219341][ T7572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.238951][ T7572] RSP: 002b:00007fb1ea185038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 210.247371][ T7572] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937e759 [ 210.255336][ T7572] RDX: 0000000000000024 RSI: 0000000020000000 RDI: 0000000000000003 [ 210.263325][ T7572] RBP: 00007fb1ea185090 R08: 0000000000000000 R09: 0000000000000000 [ 210.271290][ T7572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 210.279256][ T7572] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 210.287235][ T7572] [ 210.290356][ C0] vkms_vblank_simulate: vblank timer overrun [ 211.444912][ T7575] bridge1: the hash_elasticity option has been deprecated and is always 16 [ 211.943554][ T7597] openvswitch: netlink: Key type 200 is out of range max 32 [ 217.384159][ T2147] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 217.583794][ T2147] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 217.605671][ T2147] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 217.629675][ T2147] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 217.664024][ T2147] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.725615][ T7626] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 217.754391][ T2147] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 219.393904][ T5963] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 220.292750][ T2147] usb 1-1: new full-speed USB device number 12 using dummy_hcd [ 220.376468][ T5963] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 220.388741][ T5963] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 220.430621][ T5963] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 220.451909][ T5916] usb 2-1: USB disconnect, device number 18 [ 221.244164][ T5963] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.536157][ T5963] usb 5-1: can't set config #27, error -71 [ 221.544096][ T5963] usb 5-1: USB disconnect, device number 11 [ 222.223325][ T2147] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 222.232970][ T2147] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 222.241482][ T2147] usb 1-1: Product: syz [ 222.246164][ T2147] usb 1-1: Manufacturer: syz [ 222.282681][ T2147] usb 1-1: config 0 descriptor?? [ 222.619619][ T2147] usb 1-1: can't set config #0, error -71 [ 222.666563][ T2147] usb 1-1: USB disconnect, device number 12 [ 224.084906][ T7710] 9pnet_fd: Insufficient options for proto=fd [ 224.173813][ T7710] mmap: syz.4.505 (7710) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 224.733373][ T7715] netlink: 'syz.4.505': attribute type 13 has an invalid length. [ 225.054618][ T7721] FAULT_INJECTION: forcing a failure. [ 225.054618][ T7721] name failslab, interval 1, probability 0, space 0, times 0 [ 225.118257][ T7721] CPU: 0 UID: 0 PID: 7721 Comm: syz.3.508 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 225.128541][ T7721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 225.138588][ T7721] Call Trace: [ 225.141853][ T7721] [ 225.144789][ T7721] dump_stack_lvl+0x241/0x360 [ 225.149461][ T7721] ? __pfx_dump_stack_lvl+0x10/0x10 [ 225.154654][ T7721] ? __pfx__printk+0x10/0x10 [ 225.159262][ T7721] ? __kmalloc_noprof+0xb0/0x400 [ 225.164203][ T7721] ? __pfx___might_resched+0x10/0x10 [ 225.169483][ T7721] ? __mutex_lock+0x2ef/0xd70 [ 225.174163][ T7721] should_fail_ex+0x3b0/0x4e0 [ 225.178871][ T7721] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 225.185148][ T7721] should_failslab+0xac/0x100 [ 225.189853][ T7721] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 225.196126][ T7721] __kmalloc_noprof+0xd8/0x400 [ 225.200927][ T7721] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 225.207035][ T7721] genl_rcv_msg+0x802/0xec0 [ 225.211566][ T7721] ? mark_lock+0x9a/0x360 [ 225.215934][ T7721] ? __pfx_genl_rcv_msg+0x10/0x10 [ 225.221011][ T7721] ? __pfx_lock_acquire+0x10/0x10 [ 225.226066][ T7721] ? __pfx_hwsim_new_edge_nl+0x10/0x10 [ 225.231540][ T7721] ? __pfx___might_resched+0x10/0x10 [ 225.236830][ T7721] netlink_rcv_skb+0x1e3/0x430 [ 225.241601][ T7721] ? __pfx_genl_rcv_msg+0x10/0x10 [ 225.246626][ T7721] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 225.251916][ T7721] genl_rcv+0x28/0x40 [ 225.255897][ T7721] netlink_unicast+0x7f6/0x990 [ 225.260679][ T7721] ? __pfx_netlink_unicast+0x10/0x10 [ 225.265959][ T7721] ? __virt_addr_valid+0x183/0x530 [ 225.271062][ T7721] ? __check_object_size+0x48e/0x900 [ 225.276340][ T7721] netlink_sendmsg+0x8e4/0xcb0 [ 225.281101][ T7721] ? __pfx_netlink_sendmsg+0x10/0x10 [ 225.286379][ T7721] ? __pfx_netlink_sendmsg+0x10/0x10 [ 225.291651][ T7721] __sock_sendmsg+0x221/0x270 [ 225.296344][ T7721] ____sys_sendmsg+0x52a/0x7e0 [ 225.301103][ T7721] ? __pfx_____sys_sendmsg+0x10/0x10 [ 225.306376][ T7721] ? __fget_files+0x2a/0x410 [ 225.310953][ T7721] ? __fget_files+0x2a/0x410 [ 225.315549][ T7721] __sys_sendmsg+0x269/0x350 [ 225.320125][ T7721] ? __pfx_lock_release+0x10/0x10 [ 225.325146][ T7721] ? __pfx___sys_sendmsg+0x10/0x10 [ 225.330252][ T7721] ? __pfx_vfs_write+0x10/0x10 [ 225.335030][ T7721] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 225.341445][ T7721] ? do_syscall_64+0x100/0x230 [ 225.346196][ T7721] ? do_syscall_64+0xb6/0x230 [ 225.350862][ T7721] do_syscall_64+0xf3/0x230 [ 225.355351][ T7721] ? clear_bhb_loop+0x35/0x90 [ 225.360014][ T7721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.365908][ T7721] RIP: 0033:0x7f1770b7e759 [ 225.370312][ T7721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.389912][ T7721] RSP: 002b:00007f1771a4b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 225.398345][ T7721] RAX: ffffffffffffffda RBX: 00007f1770d35f80 RCX: 00007f1770b7e759 [ 225.406306][ T7721] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004 [ 225.414262][ T7721] RBP: 00007f1771a4b090 R08: 0000000000000000 R09: 0000000000000000 [ 225.422217][ T7721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.430182][ T7721] R13: 0000000000000000 R14: 00007f1770d35f80 R15: 00007fff341a1d58 [ 225.438154][ T7721] [ 225.441292][ C0] vkms_vblank_simulate: vblank timer overrun [ 226.513995][ T5963] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 226.674311][ T5963] usb 2-1: Using ep0 maxpacket: 8 [ 226.704541][ T5963] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 226.739774][ T5963] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.748404][ T5963] usb 2-1: Product: syz [ 226.752598][ T5963] usb 2-1: Manufacturer: syz [ 226.757972][ T5963] usb 2-1: SerialNumber: syz [ 226.765416][ T5963] usb 2-1: config 0 descriptor?? [ 227.035598][ T5963] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 227.198947][ T7743] netlink: 104 bytes leftover after parsing attributes in process `syz.3.514'. [ 229.345193][ T5963] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 229.421669][ T6865] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 229.436568][ T5963] usb 2-1: USB disconnect, device number 19 [ 229.599730][ T6865] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 229.758160][ T6865] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 230.303998][ T6865] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 230.315919][ T6865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.327272][ T7767] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 230.356880][ T6865] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 231.167492][ T7783] netlink: 104 bytes leftover after parsing attributes in process `syz.0.527'. [ 231.938883][ T7804] netlink: 8 bytes leftover after parsing attributes in process `syz.2.531'. [ 233.994094][ T9] usb 1-1: new full-speed USB device number 13 using dummy_hcd [ 234.003103][ T7794] netlink: 140 bytes leftover after parsing attributes in process `syz.1.529'. [ 234.111689][ T6865] usb 5-1: USB disconnect, device number 12 [ 235.957604][ T7826] FAULT_INJECTION: forcing a failure. [ 235.957604][ T7826] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 235.957640][ T7826] CPU: 1 UID: 0 PID: 7826 Comm: syz.4.538 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 235.957662][ T7826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 235.957675][ T7826] Call Trace: [ 235.957682][ T7826] [ 235.957692][ T7826] dump_stack_lvl+0x241/0x360 [ 235.957721][ T7826] ? __pfx_dump_stack_lvl+0x10/0x10 [ 235.957743][ T7826] ? __pfx__printk+0x10/0x10 [ 235.957770][ T7826] ? snprintf+0xda/0x120 [ 235.957797][ T7826] should_fail_ex+0x3b0/0x4e0 [ 235.957829][ T7826] _copy_to_user+0x31/0xb0 [ 235.957855][ T7826] simple_read_from_buffer+0xca/0x150 [ 235.957887][ T7826] proc_fail_nth_read+0x1e9/0x250 [ 235.957917][ T7826] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 235.957947][ T7826] ? rw_verify_area+0x55e/0x6f0 [ 235.957970][ T7826] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 235.957998][ T7826] vfs_read+0x1fc/0xb70 [ 235.958025][ T7826] ? fdget_pos+0x254/0x320 [ 235.958047][ T7826] ? __pfx_vfs_read+0x10/0x10 [ 235.958074][ T7826] ? __fget_files+0x2a/0x410 [ 235.958096][ T7826] ? __fget_files+0x395/0x410 [ 235.958115][ T7826] ? __fget_files+0x2a/0x410 [ 235.958162][ T7826] ksys_read+0x18f/0x2b0 [ 235.958188][ T7826] ? __pfx_ksys_read+0x10/0x10 [ 235.958212][ T7826] ? do_syscall_64+0x100/0x230 [ 235.958236][ T7826] ? do_syscall_64+0xb6/0x230 [ 235.958260][ T7826] do_syscall_64+0xf3/0x230 [ 235.958280][ T7826] ? clear_bhb_loop+0x35/0x90 [ 235.958304][ T7826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.958336][ T7826] RIP: 0033:0x7fb1e937d19c [ 235.958355][ T7826] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 235.958370][ T7826] RSP: 002b:00007fb1ea185030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 235.958394][ T7826] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937d19c [ 235.958409][ T7826] RDX: 000000000000000f RSI: 00007fb1ea1850a0 RDI: 0000000000000004 [ 235.958423][ T7826] RBP: 00007fb1ea185090 R08: 0000000000000000 R09: 0000000000000000 [ 235.958436][ T7826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 235.958449][ T7826] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 235.958479][ T7826] [ 236.078441][ T7828] syz.0.539[7828] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 236.080204][ T9] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 236.083009][ T7828] syz.0.539[7828] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 236.087381][ T9] usb 1-1: can't read configurations, error -71 [ 236.533988][ T7828] syz.0.539[7828] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 237.219510][ T7833] netlink: 104 bytes leftover after parsing attributes in process `syz.3.541'. [ 239.985688][ T7857] futex_wake_op: syz.1.548 tries to shift op by 144; fix this program [ 240.954258][ T2147] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 241.125587][ T2147] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 241.136511][ T2147] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.192706][ T2147] usb 5-1: config 0 descriptor?? [ 242.144998][ T2147] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00 [ 242.154227][ T2147] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 242.162526][ T2147] [drm:udl_init] *ERROR* Selecting channel failed [ 242.266977][ T2147] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2 [ 242.273833][ T2147] [drm] Initialized udl on minor 2 [ 242.291685][ T2147] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 242.313112][ T2147] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 242.338592][ T6865] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 242.350297][ T6865] udl 5-1:0.0: [drm] Cannot find any crtc or sizes [ 243.153007][ T2147] usb 5-1: USB disconnect, device number 13 [ 243.794861][ T7900] openvswitch: netlink: Key type 200 is out of range max 32 [ 243.804769][ T6865] usb 3-1: new full-speed USB device number 16 using dummy_hcd [ 243.978219][ T6865] usb 3-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 243.994751][ T6865] usb 3-1: config 253 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 244.031138][ T6865] usb 3-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255 [ 244.051448][ T6865] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 244.064882][ T6865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 244.075876][ T6865] usb 3-1: SerialNumber: syz [ 245.330165][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 245.330212][ T29] audit: type=1326 audit(1732004168.457:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7911 comm="syz.0.564" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f014997e759 code=0x0 [ 246.258092][ T7925] FAULT_INJECTION: forcing a failure. [ 246.258092][ T7925] name failslab, interval 1, probability 0, space 0, times 0 [ 246.271833][ T7925] CPU: 0 UID: 0 PID: 7925 Comm: syz.0.567 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 246.282117][ T7925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 246.292196][ T7925] Call Trace: [ 246.295503][ T7925] [ 246.298448][ T7925] dump_stack_lvl+0x241/0x360 [ 246.303147][ T7925] ? __pfx_dump_stack_lvl+0x10/0x10 [ 246.308368][ T7925] ? __pfx__printk+0x10/0x10 [ 246.312985][ T7925] ? __kmalloc_noprof+0xb0/0x400 [ 246.317945][ T7925] ? __pfx___might_resched+0x10/0x10 [ 246.323253][ T7925] ? preempt_schedule+0xe1/0xf0 [ 246.328138][ T7925] should_fail_ex+0x3b0/0x4e0 [ 246.332853][ T7925] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 246.339116][ T7925] should_failslab+0xac/0x100 [ 246.343824][ T7925] ? genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 246.350087][ T7925] __kmalloc_noprof+0xd8/0x400 [ 246.354889][ T7925] genl_family_rcv_msg_attrs_parse+0xa3/0x290 [ 246.360988][ T7925] genl_rcv_msg+0x802/0xec0 [ 246.365516][ T7925] ? mark_lock+0x9a/0x360 [ 246.369870][ T7925] ? __pfx_genl_rcv_msg+0x10/0x10 [ 246.374923][ T7925] ? _raw_spin_unlock_irqrestore+0x8f/0x140 [ 246.380864][ T7925] ? __pfx_lock_acquire+0x10/0x10 [ 246.385912][ T7925] ? __pfx_ethnl_default_set_doit+0x10/0x10 [ 246.391826][ T7925] ? __pfx___might_resched+0x10/0x10 [ 246.397149][ T7925] netlink_rcv_skb+0x1e3/0x430 [ 246.401948][ T7925] ? __pfx_genl_rcv_msg+0x10/0x10 [ 246.407007][ T7925] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 246.412333][ T7925] ? __netlink_deliver_tap+0x77e/0x7c0 [ 246.417829][ T7925] genl_rcv+0x28/0x40 [ 246.421833][ T7925] netlink_unicast+0x7f6/0x990 [ 246.426644][ T7925] ? __pfx_netlink_unicast+0x10/0x10 [ 246.431955][ T7925] ? __virt_addr_valid+0x183/0x530 [ 246.437091][ T7925] ? __check_object_size+0x48e/0x900 [ 246.442404][ T7925] netlink_sendmsg+0x8e4/0xcb0 [ 246.447208][ T7925] ? __pfx_netlink_sendmsg+0x10/0x10 [ 246.452530][ T7925] ? __pfx_netlink_sendmsg+0x10/0x10 [ 246.457843][ T7925] __sock_sendmsg+0x221/0x270 [ 246.462552][ T7925] ____sys_sendmsg+0x52a/0x7e0 [ 246.467352][ T7925] ? __pfx_____sys_sendmsg+0x10/0x10 [ 246.472661][ T7925] ? __fget_files+0x2a/0x410 [ 246.477280][ T7925] ? __fget_files+0x2a/0x410 [ 246.481901][ T7925] __sys_sendmsg+0x269/0x350 [ 246.486515][ T7925] ? __pfx_lock_release+0x10/0x10 [ 246.491571][ T7925] ? __pfx___sys_sendmsg+0x10/0x10 [ 246.496718][ T7925] ? __pfx_vfs_write+0x10/0x10 [ 246.501533][ T7925] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 246.507887][ T7925] ? do_syscall_64+0x100/0x230 [ 246.512675][ T7925] ? do_syscall_64+0xb6/0x230 [ 246.517380][ T7925] do_syscall_64+0xf3/0x230 [ 246.521906][ T7925] ? clear_bhb_loop+0x35/0x90 [ 246.526609][ T7925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.532531][ T7925] RIP: 0033:0x7f014997e759 [ 246.536966][ T7925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.556593][ T7925] RSP: 002b:00007f014a781038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 246.565031][ T7925] RAX: ffffffffffffffda RBX: 00007f0149b35f80 RCX: 00007f014997e759 [ 246.573019][ T7925] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 246.581008][ T7925] RBP: 00007f014a781090 R08: 0000000000000000 R09: 0000000000000000 [ 246.588995][ T7925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 246.596985][ T7925] R13: 0000000000000000 R14: 00007f0149b35f80 R15: 00007ffc9dc56628 [ 246.605007][ T7925] [ 246.741876][ T6865] rndis_host 3-1:253.0: RNDIS init failed, -71 [ 246.750425][ T6865] rndis_host 3-1:253.0: probe with driver rndis_host failed with error -71 [ 246.788383][ T6865] usb 3-1: USB disconnect, device number 16 [ 247.426800][ T7937] FAULT_INJECTION: forcing a failure. [ 247.426800][ T7937] name failslab, interval 1, probability 0, space 0, times 0 [ 247.440289][ T7937] CPU: 1 UID: 0 PID: 7937 Comm: syz.4.570 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 247.450612][ T7937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 247.460696][ T7937] Call Trace: [ 247.464002][ T7937] [ 247.466953][ T7937] dump_stack_lvl+0x241/0x360 [ 247.471665][ T7937] ? __pfx_dump_stack_lvl+0x10/0x10 [ 247.476889][ T7937] ? __pfx__printk+0x10/0x10 [ 247.481520][ T7937] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 247.487004][ T7937] ? __pfx___might_resched+0x10/0x10 [ 247.492325][ T7937] should_fail_ex+0x3b0/0x4e0 [ 247.497043][ T7937] should_failslab+0xac/0x100 [ 247.501752][ T7937] ? nfnetlink_rcv+0x1265/0x2ab0 [ 247.506715][ T7937] __kmalloc_cache_noprof+0x6c/0x2c0 [ 247.512035][ T7937] nfnetlink_rcv+0x1265/0x2ab0 [ 247.516861][ T7937] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 247.522050][ T7937] ? netlink_deliver_tap+0x2e/0x1b0 [ 247.527269][ T7937] ? skb_clone+0x240/0x390 [ 247.531709][ T7937] ? __pfx_lock_release+0x10/0x10 [ 247.536777][ T7937] ? netlink_deliver_tap+0x2e/0x1b0 [ 247.542004][ T7937] netlink_unicast+0x7f6/0x990 [ 247.546807][ T7937] ? __pfx_netlink_unicast+0x10/0x10 [ 247.552123][ T7937] ? __virt_addr_valid+0x183/0x530 [ 247.557265][ T7937] ? __check_object_size+0x48e/0x900 [ 247.562583][ T7937] netlink_sendmsg+0x8e4/0xcb0 [ 247.567387][ T7937] ? __pfx_netlink_sendmsg+0x10/0x10 [ 247.572707][ T7937] ? __pfx_netlink_sendmsg+0x10/0x10 [ 247.578017][ T7937] __sock_sendmsg+0x221/0x270 [ 247.582725][ T7937] ____sys_sendmsg+0x52a/0x7e0 [ 247.587523][ T7937] ? __pfx_____sys_sendmsg+0x10/0x10 [ 247.592827][ T7937] ? __fget_files+0x2a/0x410 [ 247.597441][ T7937] ? __fget_files+0x2a/0x410 [ 247.602064][ T7937] __sys_sendmsg+0x269/0x350 [ 247.606681][ T7937] ? __pfx_lock_release+0x10/0x10 [ 247.611738][ T7937] ? __pfx___sys_sendmsg+0x10/0x10 [ 247.616890][ T7937] ? __pfx_vfs_write+0x10/0x10 [ 247.621721][ T7937] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 247.628080][ T7937] ? do_syscall_64+0x100/0x230 [ 247.632872][ T7937] ? do_syscall_64+0xb6/0x230 [ 247.637582][ T7937] do_syscall_64+0xf3/0x230 [ 247.642102][ T7937] ? clear_bhb_loop+0x35/0x90 [ 247.646801][ T7937] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.652728][ T7937] RIP: 0033:0x7fb1e937e759 [ 247.657168][ T7937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.676798][ T7937] RSP: 002b:00007fb1ea185038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 247.685250][ T7937] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937e759 [ 247.693244][ T7937] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 247.701240][ T7937] RBP: 00007fb1ea185090 R08: 0000000000000000 R09: 0000000000000000 [ 247.705971][ T7941] QAT: Invalid ioctl 1075883590 [ 247.709211][ T7937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 247.709228][ T7937] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 247.709255][ T7937] [ 247.753296][ T7941] QAT: Invalid ioctl 1075883590 [ 247.783679][ T7941] FAULT_INJECTION: forcing a failure. [ 247.783679][ T7941] name failslab, interval 1, probability 0, space 0, times 0 [ 247.843712][ T7941] CPU: 0 UID: 0 PID: 7941 Comm: syz.2.572 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 247.854017][ T7941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 247.864105][ T7941] Call Trace: [ 247.867406][ T7941] [ 247.870359][ T7941] dump_stack_lvl+0x241/0x360 [ 247.875051][ T7941] ? __pfx_dump_stack_lvl+0x10/0x10 [ 247.880281][ T7941] ? __pfx__printk+0x10/0x10 [ 247.884895][ T7941] ? fs_reclaim_acquire+0x93/0x130 [ 247.890038][ T7941] ? __pfx___might_resched+0x10/0x10 [ 247.895366][ T7941] should_fail_ex+0x3b0/0x4e0 [ 247.900086][ T7941] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 247.905838][ T7941] should_failslab+0xac/0x100 [ 247.910541][ T7941] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 247.916282][ T7941] __kmalloc_noprof+0xd8/0x400 [ 247.921080][ T7941] tomoyo_realpath_from_path+0xcf/0x5e0 [ 247.926670][ T7941] tomoyo_path_number_perm+0x23a/0x880 [ 247.932154][ T7941] ? __lock_acquire+0x1384/0x2050 [ 247.937214][ T7941] ? tomoyo_path_number_perm+0x208/0x880 [ 247.942872][ T7941] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 247.948916][ T7941] ? __fget_files+0x2a/0x410 [ 247.953538][ T7941] ? __fget_files+0x2a/0x410 [ 247.958156][ T7941] security_file_ioctl+0xc6/0x2a0 [ 247.963207][ T7941] __se_sys_ioctl+0x46/0x170 [ 247.967828][ T7941] do_syscall_64+0xf3/0x230 [ 247.972357][ T7941] ? clear_bhb_loop+0x35/0x90 [ 247.977062][ T7941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.982981][ T7941] RIP: 0033:0x7f518c97e35b [ 247.987418][ T7941] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 248.007051][ T7941] RSP: 002b:00007f518d7aa490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 248.015498][ T7941] RAX: ffffffffffffffda RBX: 00007f518d7aabe0 RCX: 00007f518c97e35b [ 248.023494][ T7941] RDX: 00007f518d7aabe0 RSI: 000000004020ae46 RDI: 0000000000000004 [ 248.031489][ T7941] RBP: 0000000000000004 R08: 0000000000000001 R09: 0000000000000023 [ 248.039482][ T7941] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000003 [ 248.047486][ T7941] R13: 0000000020fe8000 R14: 0000000020fe5000 R15: 00000000fec00000 [ 248.055513][ T7941] [ 248.363779][ T7941] ERROR: Out of memory at tomoyo_realpath_from_path. [ 248.581565][ T7941] QAT: Invalid ioctl 1075883590 [ 249.998809][ T7961] fuse: Unknown parameter 'grou00000000000000000000' [ 250.074997][ T7958] QAT: Invalid ioctl 1075883590 [ 250.079976][ T7958] QAT: Invalid ioctl 1075883590 [ 250.103727][ T7958] QAT: Invalid ioctl 1075883590 [ 250.125031][ T7958] QAT: Invalid ioctl 1075883590 [ 250.130004][ T7958] QAT: Invalid ioctl 1075883590 [ 250.170487][ T7958] QAT: Invalid ioctl 1075883590 [ 250.185375][ T7958] QAT: Invalid ioctl 1075883590 [ 250.273956][ T7970] openvswitch: netlink: Key type 200 is out of range max 32 [ 251.649675][ T2147] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 251.814246][ T2147] usb 5-1: Using ep0 maxpacket: 32 [ 251.828688][ T2147] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 251.841738][ T2147] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 251.860941][ T2147] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 251.874604][ T2147] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.887771][ T2147] usb 5-1: config 0 descriptor?? [ 252.318542][ T29] audit: type=1326 audit(1732004175.447:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7976 comm="syz.4.585" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb1e937e759 code=0x0 [ 252.474329][ T7992] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 254.184148][ T5963] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 254.381454][ T5963] usb 1-1: Using ep0 maxpacket: 16 [ 254.595353][ T8007] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 254.644920][ T8007] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 255.020884][ T5963] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.032633][ T2147] usbhid 5-1:0.0: can't add hid device: -71 [ 255.041241][ T2147] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 255.049644][ T5963] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.066844][ T2147] usb 5-1: USB disconnect, device number 14 [ 255.074026][ T5963] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 255.083091][ T5963] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.100466][ T5963] usb 1-1: config 0 descriptor?? [ 255.589649][ T5963] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.0003/input/input8 [ 255.698438][ T8022] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 255.856541][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.863369][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.437862][ T5963] appleir 0003:05AC:8241.0003: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0 [ 256.895323][ T5963] usb 1-1: reset high-speed USB device number 15 using dummy_hcd [ 257.430170][ T8033] netlink: 'syz.4.600': attribute type 1 has an invalid length. [ 257.452670][ T8033] netlink: 244 bytes leftover after parsing attributes in process `syz.4.600'. [ 257.708942][ T5880] usb 1-1: USB disconnect, device number 15 [ 259.709737][ T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 259.732407][ T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 259.742160][ T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 259.757116][ T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 259.768303][ T55] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 259.776960][ T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 260.537487][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.565009][ T8057] chnl_net:caif_netlink_parms(): no params data found [ 260.645547][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.806442][ T8057] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.814101][ T8057] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.821320][ T8057] bridge_slave_0: entered allmulticast mode [ 260.851025][ T8057] bridge_slave_0: entered promiscuous mode [ 260.919725][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.953663][ T8057] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.960783][ T8057] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.998899][ T8057] bridge_slave_1: entered allmulticast mode [ 261.017719][ T8057] bridge_slave_1: entered promiscuous mode [ 261.131421][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.301157][ T8082] netlink: 'syz.0.611': attribute type 4 has an invalid length. [ 261.348560][ T8057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 261.391307][ T8057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 261.587387][ T8057] team0: Port device team_slave_0 added [ 261.627661][ T8057] team0: Port device team_slave_1 added [ 261.736852][ T8089] netlink: 'syz.2.612': attribute type 34 has an invalid length. [ 261.805846][ T8057] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 261.832386][ T8057] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 261.863714][ T55] Bluetooth: hci5: command tx timeout [ 261.909002][ T8057] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 261.930817][ T8057] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 261.940572][ T8057] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 261.967983][ T8057] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 262.110631][ T8057] hsr_slave_0: entered promiscuous mode [ 262.164515][ T8057] hsr_slave_1: entered promiscuous mode [ 262.307811][ T8057] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 262.381367][ T8057] Cannot create hsr debugfs directory [ 262.419370][ T12] vlan2: left allmulticast mode [ 262.453721][ T12] batadv0: left allmulticast mode [ 262.458937][ T12] vlan2: left promiscuous mode [ 262.493659][ T12] batadv0: left promiscuous mode [ 262.500791][ T12] bridge0: port 3(vlan2) entered disabled state [ 262.548839][ T12] bridge_slave_1: left allmulticast mode [ 262.559116][ T12] bridge_slave_1: left promiscuous mode [ 262.566240][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.587015][ T12] bridge_slave_0: left allmulticast mode [ 262.592687][ T12] bridge_slave_0: left promiscuous mode [ 262.610111][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 262.831521][ T8102] kvm: emulating exchange as write [ 263.933817][ T55] Bluetooth: hci5: command tx timeout [ 263.999006][ T8111] netlink: 16 bytes leftover after parsing attributes in process `syz.0.618'. [ 266.054557][ T55] Bluetooth: hci5: command tx timeout [ 266.324579][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 266.340196][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 266.377245][ T12] bond0 (unregistering): Released all slaves [ 266.580123][ T8132] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 266.739169][ T5916] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 266.804554][ T5835] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 266.854539][ T5835] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 266.871541][ T5835] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 266.919735][ T5835] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 266.934528][ T5916] usb 3-1: too many configurations: 241, using maximum allowed: 8 [ 266.935842][ T5835] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 266.952020][ T5835] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 267.042361][ T5916] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 267.051812][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.060527][ T5916] usb 3-1: Product: syz [ 267.064966][ T5916] usb 3-1: Manufacturer: syz [ 267.070481][ T5916] usb 3-1: SerialNumber: syz [ 267.301768][ T5916] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 267.359007][ T9] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 267.722393][ C0] usb 3-1: ath9k_htc: over RX MAX_PKT_NUM [ 267.833233][ T12] hsr_slave_0: left promiscuous mode [ 268.099083][ T5835] Bluetooth: hci5: command tx timeout [ 268.282086][ T12] hsr_slave_1: left promiscuous mode [ 268.316390][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 268.374150][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 268.406090][ T5963] usb 3-1: USB disconnect, device number 17 [ 268.523899][ T9] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive [ 268.532351][ T9] ath9k_htc: Failed to initialize the device [ 268.540875][ T5963] usb 3-1: ath9k_htc: USB layer deinitialized [ 268.606663][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 268.632856][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 268.735602][ T12] veth1_macvtap: left promiscuous mode [ 268.741853][ T12] veth0_macvtap: left promiscuous mode [ 268.747827][ T12] veth1_vlan: left promiscuous mode [ 268.753335][ T12] veth0_vlan: left promiscuous mode [ 269.055604][ T5835] Bluetooth: hci0: command tx timeout [ 269.987485][ T12] team0 (unregistering): Port device team_slave_1 removed [ 270.031542][ T12] team0 (unregistering): Port device team_slave_0 removed [ 270.783138][ T8057] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 270.877264][ T8057] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 270.921680][ T8057] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 270.936856][ T8057] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 271.050810][ T8138] chnl_net:caif_netlink_parms(): no params data found [ 271.135712][ T5835] Bluetooth: hci0: command tx timeout [ 271.224467][ T5916] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 271.287650][ T8138] bridge0: port 1(bridge_slave_0) entered blocking state [ 271.295348][ T8138] bridge0: port 1(bridge_slave_0) entered disabled state [ 271.312897][ T8138] bridge_slave_0: entered allmulticast mode [ 271.331472][ T8138] bridge_slave_0: entered promiscuous mode [ 271.363729][ T5916] usb 1-1: device descriptor read/64, error -71 [ 271.376227][ T8138] bridge0: port 2(bridge_slave_1) entered blocking state [ 271.385707][ T8138] bridge0: port 2(bridge_slave_1) entered disabled state [ 271.402023][ T8138] bridge_slave_1: entered allmulticast mode [ 271.426215][ T8138] bridge_slave_1: entered promiscuous mode [ 271.541036][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.633674][ T5916] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 271.706756][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.738452][ T8138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 271.786913][ T8057] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.799147][ T5916] usb 1-1: device descriptor read/64, error -71 [ 271.827266][ T8057] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.848741][ T8138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 271.925604][ T5916] usb usb1-port1: attempt power cycle [ 271.951398][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.037556][ T8138] team0: Port device team_slave_0 added [ 272.084093][ T8115] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.091241][ T8115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.186237][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.272023][ T8138] team0: Port device team_slave_1 added [ 272.283790][ T5916] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 272.359261][ T3563] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.366447][ T3563] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.422273][ T8057] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 272.461231][ T8057] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 272.484633][ T5916] usb 1-1: device descriptor read/8, error -71 [ 272.665292][ T8138] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 272.684895][ T8138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 272.789230][ T8138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 273.215716][ T5835] Bluetooth: hci0: command tx timeout [ 273.748254][ T8138] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 273.778453][ T8138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 273.808456][ T8138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 274.003856][ T5916] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 274.860184][ T5916] usb 1-1: device descriptor read/8, error -71 [ 274.977430][ T5916] usb usb1-port1: unable to enumerate USB device [ 275.007607][ T12] bridge_slave_1: left allmulticast mode [ 275.013802][ T12] bridge_slave_1: left promiscuous mode [ 275.020008][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.585853][ T5835] Bluetooth: hci0: command tx timeout [ 275.644696][ T8254] openvswitch: netlink: Key type 200 is out of range max 32 [ 275.659105][ T12] bridge_slave_0: left allmulticast mode [ 275.681955][ T12] bridge_slave_0: left promiscuous mode [ 275.718715][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.323287][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 279.334015][ T12] bond0 (unregistering): Released all slaves [ 279.369669][ T8138] hsr_slave_0: entered promiscuous mode [ 279.379782][ T8138] hsr_slave_1: entered promiscuous mode [ 279.388834][ T8138] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 279.398093][ T8138] Cannot create hsr debugfs directory [ 279.406901][ T8253] netlink: 'syz.0.644': attribute type 10 has an invalid length. [ 279.415553][ T8253] netlink: 40 bytes leftover after parsing attributes in process `syz.0.644'. [ 279.426213][ T8253] bridge0: port 3(macvlan1) entered blocking state [ 279.432807][ T8253] bridge0: port 3(macvlan1) entered disabled state [ 279.440490][ T8253] macvlan1: entered allmulticast mode [ 279.446378][ T8253] veth1_vlan: entered allmulticast mode [ 279.452637][ T8253] macvlan1: entered promiscuous mode [ 279.461242][ T8253] bridge0: port 3(macvlan1) entered blocking state [ 279.467871][ T8253] bridge0: port 3(macvlan1) entered forwarding state [ 279.933334][ T8293] FAULT_INJECTION: forcing a failure. [ 279.933334][ T8293] name failslab, interval 1, probability 0, space 0, times 0 [ 279.947060][ T8293] CPU: 1 UID: 0 PID: 8293 Comm: syz.0.652 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 279.957847][ T8293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 279.967913][ T8293] Call Trace: [ 279.971205][ T8293] [ 279.974152][ T8293] dump_stack_lvl+0x241/0x360 [ 279.978853][ T8293] ? __pfx_dump_stack_lvl+0x10/0x10 [ 279.984068][ T8293] ? __pfx__printk+0x10/0x10 [ 279.988676][ T8293] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 279.994686][ T8293] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 280.001079][ T8293] should_fail_ex+0x3b0/0x4e0 [ 280.005780][ T8293] ? skb_clone+0x20c/0x390 [ 280.010211][ T8293] should_failslab+0xac/0x100 [ 280.014905][ T8293] ? skb_clone+0x20c/0x390 [ 280.019334][ T8293] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 280.024729][ T8293] skb_clone+0x20c/0x390 [ 280.028992][ T8293] __netlink_deliver_tap+0x3cc/0x7c0 [ 280.034301][ T8293] ? netlink_deliver_tap+0x2e/0x1b0 [ 280.039510][ T8293] netlink_deliver_tap+0x19d/0x1b0 [ 280.044633][ T8293] netlink_unicast+0x7c4/0x990 [ 280.049434][ T8293] ? __pfx_netlink_unicast+0x10/0x10 [ 280.054785][ T8293] ? __check_object_size+0x48e/0x900 [ 280.060092][ T8293] netlink_sendmsg+0x8e4/0xcb0 [ 280.064885][ T8293] ? __pfx_netlink_sendmsg+0x10/0x10 [ 280.070182][ T8293] ? ____sys_sendmsg+0x406/0x7e0 [ 280.075134][ T8293] ? __sock_sendmsg+0x20/0x270 [ 280.079922][ T8293] ? __pfx_netlink_sendmsg+0x10/0x10 [ 280.085219][ T8293] __sock_sendmsg+0x221/0x270 [ 280.089916][ T8293] ____sys_sendmsg+0x52a/0x7e0 [ 280.094710][ T8293] ? __pfx_____sys_sendmsg+0x10/0x10 [ 280.100006][ T8293] ? __fget_files+0x2a/0x410 [ 280.104621][ T8293] ? __fget_files+0x2a/0x410 [ 280.109237][ T8293] __sys_sendmsg+0x269/0x350 [ 280.113846][ T8293] ? finish_task_switch+0x1e5/0x870 [ 280.119060][ T8293] ? __pfx___sys_sendmsg+0x10/0x10 [ 280.124219][ T8293] ? __pfx___schedule+0x10/0x10 [ 280.129096][ T8293] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 280.135441][ T8293] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 280.141788][ T8293] ? do_syscall_64+0xb6/0x230 [ 280.146481][ T8293] do_syscall_64+0xf3/0x230 [ 280.150996][ T8293] ? clear_bhb_loop+0x35/0x90 [ 280.155696][ T8293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.161608][ T8293] RIP: 0033:0x7f014997e759 [ 280.166035][ T8293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.185654][ T8293] RSP: 002b:00007f014a73f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 280.194095][ T8293] RAX: ffffffffffffffda RBX: 00007f0149b36130 RCX: 00007f014997e759 [ 280.202078][ T8293] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000009 [ 280.210064][ T8293] RBP: 00007f014a73f090 R08: 0000000000000000 R09: 0000000000000000 [ 280.218043][ T8293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 280.226002][ T8293] R13: 0000000000000000 R14: 00007f0149b36130 R15: 00007ffc9dc56628 [ 280.233988][ T8293] [ 280.320701][ T8057] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 280.389819][ T12] hsr_slave_0: left promiscuous mode [ 280.427713][ T12] hsr_slave_1: left promiscuous mode [ 280.544952][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 280.590647][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 280.652215][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 280.661875][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 280.775878][ T12] veth1_macvtap: left promiscuous mode [ 280.837088][ T12] veth0_macvtap: left promiscuous mode [ 280.854817][ T12] veth1_vlan: left promiscuous mode [ 280.861643][ T12] veth0_vlan: left promiscuous mode [ 283.652779][ T8328] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.659'. [ 283.696434][ T8328] FAULT_INJECTION: forcing a failure. [ 283.696434][ T8328] name failslab, interval 1, probability 0, space 0, times 0 [ 283.709537][ T8328] CPU: 0 UID: 0 PID: 8328 Comm: syz.0.659 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 283.719812][ T8328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 283.729893][ T8328] Call Trace: [ 283.733205][ T8328] [ 283.736161][ T8328] dump_stack_lvl+0x241/0x360 [ 283.740872][ T8328] ? __pfx_dump_stack_lvl+0x10/0x10 [ 283.746098][ T8328] ? __pfx__printk+0x10/0x10 [ 283.750714][ T8328] ? __kmalloc_cache_noprof+0x44/0x2c0 [ 283.756203][ T8328] ? __pfx___might_resched+0x10/0x10 [ 283.761519][ T8328] should_fail_ex+0x3b0/0x4e0 [ 283.766232][ T8328] should_failslab+0xac/0x100 [ 283.770928][ T8328] ? genl_start+0x1cb/0x6d0 [ 283.775456][ T8328] __kmalloc_cache_noprof+0x6c/0x2c0 [ 283.780767][ T8328] genl_start+0x1cb/0x6d0 [ 283.785129][ T8328] __netlink_dump_start+0x45c/0x790 [ 283.790340][ T8328] genl_rcv_msg+0x88c/0xec0 [ 283.794847][ T8328] ? mark_lock+0x9a/0x360 [ 283.799180][ T8328] ? __pfx_genl_rcv_msg+0x10/0x10 [ 283.804216][ T8328] ? __pfx_genl_start+0x10/0x10 [ 283.809074][ T8328] ? __pfx_genl_dumpit+0x10/0x10 [ 283.814014][ T8328] ? __pfx_genl_done+0x10/0x10 [ 283.818799][ T8328] ? __pfx_lock_acquire+0x10/0x10 [ 283.823833][ T8328] ? __pfx_tipc_udp_nl_dump_remoteip+0x10/0x10 [ 283.830000][ T8328] ? __pfx___might_resched+0x10/0x10 [ 283.835295][ T8328] netlink_rcv_skb+0x1e3/0x430 [ 283.840058][ T8328] ? __pfx_genl_rcv_msg+0x10/0x10 [ 283.845084][ T8328] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 283.850385][ T8328] ? __netlink_deliver_tap+0x77e/0x7c0 [ 283.855869][ T8328] genl_rcv+0x28/0x40 [ 283.859872][ T8328] netlink_unicast+0x7f6/0x990 [ 283.864657][ T8328] ? __pfx_netlink_unicast+0x10/0x10 [ 283.869949][ T8328] ? __virt_addr_valid+0x183/0x530 [ 283.875064][ T8328] ? __check_object_size+0x48e/0x900 [ 283.880352][ T8328] netlink_sendmsg+0x8e4/0xcb0 [ 283.885132][ T8328] ? __pfx_netlink_sendmsg+0x10/0x10 [ 283.890896][ T8328] ? __pfx_netlink_sendmsg+0x10/0x10 [ 283.896193][ T8328] __sock_sendmsg+0x221/0x270 [ 283.900882][ T8328] ____sys_sendmsg+0x52a/0x7e0 [ 283.905658][ T8328] ? __pfx_____sys_sendmsg+0x10/0x10 [ 283.910948][ T8328] ? __fget_files+0x2a/0x410 [ 283.915614][ T8328] ? __fget_files+0x2a/0x410 [ 283.920236][ T8328] __sys_sendmsg+0x269/0x350 [ 283.924834][ T8328] ? __pfx_lock_release+0x10/0x10 [ 283.929870][ T8328] ? __pfx___sys_sendmsg+0x10/0x10 [ 283.934996][ T8328] ? __pfx_vfs_write+0x10/0x10 [ 283.939783][ T8328] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 283.946118][ T8328] ? do_syscall_64+0x100/0x230 [ 283.950883][ T8328] ? do_syscall_64+0xb6/0x230 [ 283.955566][ T8328] do_syscall_64+0xf3/0x230 [ 283.960069][ T8328] ? clear_bhb_loop+0x35/0x90 [ 283.964749][ T8328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.970651][ T8328] RIP: 0033:0x7f014997e759 [ 283.975068][ T8328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.994685][ T8328] RSP: 002b:00007f014a781038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 284.003101][ T8328] RAX: ffffffffffffffda RBX: 00007f0149b35f80 RCX: 00007f014997e759 [ 284.011076][ T8328] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 284.019054][ T8328] RBP: 00007f014a781090 R08: 0000000000000000 R09: 0000000000000000 [ 284.027026][ T8328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 284.034999][ T8328] R13: 0000000000000000 R14: 00007f0149b35f80 R15: 00007ffc9dc56628 [ 284.042999][ T8328] [ 284.597810][ T12] team0 (unregistering): Port device team_slave_1 removed [ 284.790597][ T12] team0 (unregistering): Port device team_slave_0 removed [ 287.742397][ T8343] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 288.148028][ T8138] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 288.211055][ T8138] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 288.246936][ T8379] FAULT_INJECTION: forcing a failure. [ 288.246936][ T8379] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 288.261215][ T8138] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 288.271221][ T8379] CPU: 0 UID: 0 PID: 8379 Comm: syz.4.675 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 288.281490][ T8379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 288.291542][ T8379] Call Trace: [ 288.294820][ T8379] [ 288.297751][ T8379] dump_stack_lvl+0x241/0x360 [ 288.302436][ T8379] ? __pfx_dump_stack_lvl+0x10/0x10 [ 288.307635][ T8379] ? __pfx__printk+0x10/0x10 [ 288.312227][ T8379] should_fail_ex+0x3b0/0x4e0 [ 288.316910][ T8379] strncpy_from_user+0x36/0x260 [ 288.321765][ T8379] getname_flags+0xf1/0x540 [ 288.326266][ T8379] user_path_at+0x24/0x60 [ 288.330591][ T8379] __se_sys_mount+0x297/0x3c0 [ 288.335269][ T8379] ? __pfx___se_sys_mount+0x10/0x10 [ 288.340464][ T8379] ? do_syscall_64+0x100/0x230 [ 288.345229][ T8379] ? __x64_sys_mount+0x20/0xc0 [ 288.349987][ T8379] do_syscall_64+0xf3/0x230 [ 288.354485][ T8379] ? clear_bhb_loop+0x35/0x90 [ 288.359157][ T8379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.365047][ T8379] RIP: 0033:0x7fb1e937e759 [ 288.369460][ T8379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 288.389071][ T8379] RSP: 002b:00007fb1ea185038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 288.397486][ T8379] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937e759 [ 288.405454][ T8379] RDX: 0000000020000180 RSI: 0000000020000140 RDI: 0000000000000000 [ 288.413417][ T8379] RBP: 00007fb1ea185090 R08: 00000000200003c0 R09: 0000000000000000 [ 288.421381][ T8379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 288.429342][ T8379] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 288.437320][ T8379] [ 288.498164][ T8381] fuse: Bad value for 'user_id' [ 288.506625][ T8381] fuse: Bad value for 'user_id' [ 288.522537][ T8057] veth0_vlan: entered promiscuous mode [ 288.533118][ T8057] veth1_vlan: entered promiscuous mode [ 288.557832][ T8057] veth0_macvtap: entered promiscuous mode [ 288.566694][ T8057] veth1_macvtap: entered promiscuous mode [ 288.582159][ T8057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 288.592963][ T8057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.603029][ T8057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 288.613800][ T8057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.623919][ T8057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 288.634643][ T8057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 288.645845][ T8057] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 288.654662][ T8138] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 288.655834][ T5835] Bluetooth: hci4: command 0x0406 tx timeout [ 289.317067][ T8057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 289.359351][ T8057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 289.386819][ T8057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 289.554184][ T8057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 289.618818][ T8057] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 289.641232][ T8057] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 289.655375][ T8057] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 290.084594][ T8409] netlink: 40 bytes leftover after parsing attributes in process `syz.2.680'. [ 290.250396][ T8057] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.314468][ T8057] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.383597][ T8057] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.392351][ T8057] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.273960][ T2988] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.281828][ T2988] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.292127][ T8428] fuse: Bad value for 'user_id' [ 291.318573][ T8428] fuse: Bad value for 'user_id' [ 291.378734][ T8138] 8021q: adding VLAN 0 to HW filter on device bond0 [ 291.452059][ T8138] 8021q: adding VLAN 0 to HW filter on device team0 [ 291.463892][ T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 291.522840][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.554180][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.561760][ T8115] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.568947][ T8115] bridge0: port 1(bridge_slave_0) entered forwarding state [ 291.696478][ T8115] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.703677][ T8115] bridge0: port 2(bridge_slave_1) entered forwarding state [ 292.340036][ T8138] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 292.357664][ T9] usb 3-1: Using ep0 maxpacket: 8 [ 292.365963][ T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 292.374867][ T9] usb 3-1: config 0 has no interface number 0 [ 292.391261][ T9] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 292.463244][ T9] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 292.837937][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.994559][ T9] usb 3-1: config 0 descriptor?? [ 293.006650][ T9] iowarrior 3-1:0.1: no interrupt-in endpoint found [ 293.392133][ T8138] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 294.327359][ T5882] usb 3-1: USB disconnect, device number 18 [ 295.030268][ T8489] FAULT_INJECTION: forcing a failure. [ 295.030268][ T8489] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 295.062601][ T8489] CPU: 1 UID: 0 PID: 8489 Comm: syz.4.695 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 295.072890][ T8489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 295.082945][ T8489] Call Trace: [ 295.086220][ T8489] [ 295.089152][ T8489] dump_stack_lvl+0x241/0x360 [ 295.093834][ T8489] ? __pfx_dump_stack_lvl+0x10/0x10 [ 295.099026][ T8489] ? __pfx__printk+0x10/0x10 [ 295.103611][ T8489] ? __pfx_lock_release+0x10/0x10 [ 295.108650][ T8489] should_fail_ex+0x3b0/0x4e0 [ 295.113330][ T8489] _copy_from_iter+0x21f/0x1e70 [ 295.118215][ T8489] ? __virt_addr_valid+0x183/0x530 [ 295.123323][ T8489] ? __pfx_lock_release+0x10/0x10 [ 295.128352][ T8489] ? __alloc_skb+0x28f/0x440 [ 295.132942][ T8489] ? __pfx__copy_from_iter+0x10/0x10 [ 295.138229][ T8489] ? __virt_addr_valid+0x183/0x530 [ 295.143337][ T8489] ? __virt_addr_valid+0x183/0x530 [ 295.148442][ T8489] ? __virt_addr_valid+0x45f/0x530 [ 295.153547][ T8489] ? __check_object_size+0x48e/0x900 [ 295.158828][ T8489] netlink_sendmsg+0x73d/0xcb0 [ 295.163603][ T8489] ? __pfx_netlink_sendmsg+0x10/0x10 [ 295.168899][ T8489] ? __pfx_netlink_sendmsg+0x10/0x10 [ 295.174198][ T8489] __sock_sendmsg+0x221/0x270 [ 295.178877][ T8489] ____sys_sendmsg+0x52a/0x7e0 [ 295.183645][ T8489] ? __pfx_____sys_sendmsg+0x10/0x10 [ 295.188921][ T8489] ? __fget_files+0x2a/0x410 [ 295.193509][ T8489] ? __fget_files+0x2a/0x410 [ 295.198100][ T8489] __sys_sendmsg+0x269/0x350 [ 295.202687][ T8489] ? __pfx_lock_release+0x10/0x10 [ 295.207711][ T8489] ? __pfx___sys_sendmsg+0x10/0x10 [ 295.212823][ T8489] ? __pfx_vfs_write+0x10/0x10 [ 295.217603][ T8489] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 295.223931][ T8489] ? do_syscall_64+0x100/0x230 [ 295.228711][ T8489] ? do_syscall_64+0xb6/0x230 [ 295.233399][ T8489] do_syscall_64+0xf3/0x230 [ 295.237897][ T8489] ? clear_bhb_loop+0x35/0x90 [ 295.242591][ T8489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.248486][ T8489] RIP: 0033:0x7fb1e937e759 [ 295.252899][ T8489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.272500][ T8489] RSP: 002b:00007fb1ea185038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 295.280914][ T8489] RAX: ffffffffffffffda RBX: 00007fb1e9535f80 RCX: 00007fb1e937e759 [ 295.288881][ T8489] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 295.296850][ T8489] RBP: 00007fb1ea185090 R08: 0000000000000000 R09: 0000000000000000 [ 295.304824][ T8489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 295.312789][ T8489] R13: 0000000000000000 R14: 00007fb1e9535f80 R15: 00007ffd98f3deb8 [ 295.320784][ T8489] [ 295.352054][ T8138] veth0_vlan: entered promiscuous mode [ 295.363386][ T8492] fuse: Bad value for 'fd' [ 295.403873][ T8138] veth1_vlan: entered promiscuous mode [ 296.518773][ T8138] veth0_macvtap: entered promiscuous mode [ 296.528150][ T8138] veth1_macvtap: entered promiscuous mode [ 296.570929][ T5881] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 296.736904][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 296.747980][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.758313][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 296.766542][ T5881] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 296.769501][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.790928][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 296.802143][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.812649][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 296.824644][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.846159][ T8138] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 296.868877][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 296.880013][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.890523][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 296.894238][ T5881] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 296.916708][ T5881] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 296.916884][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.937602][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 296.937755][ T5881] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 296.961733][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 296.972687][ T8138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 296.984326][ T8138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 297.000042][ T8138] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 297.021238][ T8138] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.030704][ T8138] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.040241][ T8138] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.049822][ T8138] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.129628][ T5881] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 297.139990][ T5881] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 297.149428][ T5881] usb 6-1: Manufacturer: syz [ 297.539915][ T5881] usb 6-1: config 0 descriptor?? [ 297.931009][ T3563] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 297.940012][ T2988] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 297.991073][ T2988] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.019916][ T3563] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 298.404229][ T8556] fuse: Bad value for 'fd' [ 298.428967][ T5881] appleir 0003:05AC:8243.0004: No inputs registered, leaving [ 298.456782][ T5881] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 298.923321][ T8568] FAULT_INJECTION: forcing a failure. [ 298.923321][ T8568] name failslab, interval 1, probability 0, space 0, times 0 [ 298.936210][ T8568] CPU: 0 UID: 0 PID: 8568 Comm: syz.6.710 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 298.946480][ T8568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 298.956554][ T8568] Call Trace: [ 298.959855][ T8568] [ 298.962812][ T8568] dump_stack_lvl+0x241/0x360 [ 298.967520][ T8568] ? __pfx_dump_stack_lvl+0x10/0x10 [ 298.972745][ T8568] ? __pfx__printk+0x10/0x10 [ 298.977375][ T8568] ? fs_reclaim_acquire+0x93/0x130 [ 298.982631][ T8568] ? __pfx___might_resched+0x10/0x10 [ 298.987958][ T8568] should_fail_ex+0x3b0/0x4e0 [ 298.992670][ T8568] ? tomoyo_encode+0x26f/0x540 [ 298.997474][ T8568] should_failslab+0xac/0x100 [ 299.002181][ T8568] ? tomoyo_encode+0x26f/0x540 [ 299.006972][ T8568] __kmalloc_noprof+0xd8/0x400 [ 299.011767][ T8568] tomoyo_encode+0x26f/0x540 [ 299.016392][ T8568] tomoyo_mount_permission+0x356/0xb80 [ 299.021886][ T8568] ? stack_depot_save_flags+0x29/0x830 [ 299.027378][ T8568] ? tomoyo_mount_permission+0x295/0xb80 [ 299.033043][ T8568] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 299.039097][ T8568] ? hook_sb_mount+0x10b/0x420 [ 299.043885][ T8568] ? security_sb_mount+0x22/0x2f0 [ 299.048939][ T8568] security_sb_mount+0xe0/0x2f0 [ 299.053822][ T8568] path_mount+0xb9/0xfa0 [ 299.058087][ T8568] ? kmem_cache_free+0x1a2/0x420 [ 299.063046][ T8568] ? user_path_at+0x44/0x60 [ 299.067585][ T8568] __se_sys_mount+0x2d6/0x3c0 [ 299.072288][ T8568] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 299.078305][ T8568] ? __pfx___se_sys_mount+0x10/0x10 [ 299.083527][ T8568] ? do_syscall_64+0x100/0x230 [ 299.088321][ T8568] ? __x64_sys_mount+0x20/0xc0 [ 299.093111][ T8568] do_syscall_64+0xf3/0x230 [ 299.097641][ T8568] ? clear_bhb_loop+0x35/0x90 [ 299.102344][ T8568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.108266][ T8568] RIP: 0033:0x7f6b1957e759 [ 299.112965][ T8568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.132594][ T8568] RSP: 002b:00007f6b179f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 299.141034][ T8568] RAX: ffffffffffffffda RBX: 00007f6b19736058 RCX: 00007f6b1957e759 [ 299.149030][ T8568] RDX: 0000000020000000 RSI: 0000000020000240 RDI: 0000000020000080 [ 299.157020][ T8568] RBP: 00007f6b179f6090 R08: 0000000000000000 R09: 0000000000000000 [ 299.165016][ T8568] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 299.173009][ T8568] R13: 0000000000000000 R14: 00007f6b19736058 R15: 00007fff99dd2508 [ 299.181022][ T8568] [ 299.689705][ T8582] x_tables: duplicate underflow at hook 4 [ 300.240799][ T47] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 300.425812][ T47] usb 7-1: Using ep0 maxpacket: 16 [ 300.488673][ T47] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 300.546933][ T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.678545][ T47] usb 7-1: Product: syz [ 300.787743][ T47] usb 7-1: Manufacturer: syz [ 300.792640][ T47] usb 7-1: SerialNumber: syz [ 300.862115][ T47] usb 7-1: config 0 descriptor?? [ 300.889790][ T47] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected [ 300.923387][ T5963] usb 6-1: USB disconnect, device number 2 [ 300.947098][ T8613] x_tables: duplicate underflow at hook 2 [ 300.990452][ T47] usb 7-1: Detected FT-X [ 301.093135][ T47] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 301.303709][ T8630] netlink: 'syz.5.723': attribute type 1 has an invalid length. [ 301.839688][ T47] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 302.366442][ T5916] usb 7-1: USB disconnect, device number 2 [ 302.803523][ T5916] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 302.903960][ T5916] ftdi_sio 7-1:0.0: device disconnected [ 303.784445][ T8664] netlink: 32 bytes leftover after parsing attributes in process `syz.6.730'. [ 303.840107][ T47] kernel write not supported for file /12/net/softnet_stat (pid: 47 comm: kworker/1:1) [ 303.852465][ T8659] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 303.923926][ T8659] input: syz0 as /devices/virtual/input/input9 [ 303.935368][ T8668] FAULT_INJECTION: forcing a failure. [ 303.935368][ T8668] name failslab, interval 1, probability 0, space 0, times 0 [ 304.017113][ T8668] CPU: 1 UID: 0 PID: 8668 Comm: syz.0.731 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 304.027415][ T8668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 304.037514][ T8668] Call Trace: [ 304.040815][ T8668] [ 304.043766][ T8668] dump_stack_lvl+0x241/0x360 [ 304.048476][ T8668] ? __pfx_dump_stack_lvl+0x10/0x10 [ 304.053699][ T8668] ? __pfx__printk+0x10/0x10 [ 304.058316][ T8668] ? kmem_cache_alloc_node_noprof+0x49/0x320 [ 304.064322][ T8668] ? __pfx___might_resched+0x10/0x10 [ 304.069646][ T8668] should_fail_ex+0x3b0/0x4e0 [ 304.074362][ T8668] should_failslab+0xac/0x100 [ 304.079059][ T8668] ? __alloc_skb+0x1c3/0x440 [ 304.083664][ T8668] kmem_cache_alloc_node_noprof+0x71/0x320 [ 304.089483][ T8668] __alloc_skb+0x1c3/0x440 [ 304.093908][ T8668] ? __pfx___alloc_skb+0x10/0x10 [ 304.098849][ T8668] alloc_skb_with_frags+0xc3/0x820 [ 304.103959][ T8668] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 304.110291][ T8668] ? __local_bh_enable_ip+0x168/0x200 [ 304.115663][ T8668] sock_alloc_send_pskb+0x91a/0xa60 [ 304.120877][ T8668] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 304.126595][ T8668] ? __pfx_lock_release+0x10/0x10 [ 304.131624][ T8668] ? ip_route_output_key_hash_rcu+0x17d2/0x2390 [ 304.137874][ T8668] ? __asan_memset+0x23/0x50 [ 304.142465][ T8668] ? xfrm_lookup_with_ifid+0x19a0/0x1ee0 [ 304.148096][ T8668] raw_send_hdrinc+0x2a9/0x1670 [ 304.152949][ T8668] ? __pfx_xfrm_lookup_with_ifid+0x10/0x10 [ 304.158758][ T8668] ? __pfx_raw_send_hdrinc+0x10/0x10 [ 304.164051][ T8668] raw_sendmsg+0x19a6/0x2490 [ 304.168641][ T8668] ? raw_sendmsg+0xcff/0x2490 [ 304.173324][ T8668] ? __pfx_raw_sendmsg+0x10/0x10 [ 304.178267][ T8668] ? smack_socket_sendmsg+0x40d/0x540 [ 304.183659][ T8668] ? inet_sendmsg+0x330/0x390 [ 304.188338][ T8668] __sock_sendmsg+0x1a6/0x270 [ 304.193361][ T8668] ____sys_sendmsg+0x52a/0x7e0 [ 304.198145][ T8668] ? __pfx_____sys_sendmsg+0x10/0x10 [ 304.203443][ T8668] ? __fget_files+0x2a/0x410 [ 304.208038][ T8668] ? __fget_files+0x2a/0x410 [ 304.212632][ T8668] __sys_sendmmsg+0x36a/0x720 [ 304.217320][ T8668] ? __pfx___sys_sendmmsg+0x10/0x10 [ 304.222527][ T8668] ? __pfx_lock_release+0x10/0x10 [ 304.227565][ T8668] ? kstrtouint_from_user+0x128/0x190 [ 304.232957][ T8668] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 304.238858][ T8668] ? ksys_write+0x22a/0x2b0 [ 304.243365][ T8668] ? __pfx_lock_release+0x10/0x10 [ 304.248400][ T8668] ? vfs_write+0x730/0xd30 [ 304.252823][ T8668] ? __mutex_unlock_slowpath+0x21d/0x750 [ 304.258484][ T8668] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 304.264471][ T8668] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 304.270797][ T8668] ? do_syscall_64+0x100/0x230 [ 304.275581][ T8668] __x64_sys_sendmmsg+0xa0/0xb0 [ 304.280434][ T8668] do_syscall_64+0xf3/0x230 [ 304.284935][ T8668] ? clear_bhb_loop+0x35/0x90 [ 304.289610][ T8668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.295502][ T8668] RIP: 0033:0x7f014997e759 [ 304.299923][ T8668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.319530][ T8668] RSP: 002b:00007f014a781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 304.327945][ T8668] RAX: ffffffffffffffda RBX: 00007f0149b35f80 RCX: 00007f014997e759 [ 304.335911][ T8668] RDX: 0000000000000001 RSI: 0000000020000440 RDI: 0000000000000003 [ 304.343886][ T8668] RBP: 00007f014a781090 R08: 0000000000000000 R09: 0000000000000000 [ 304.351860][ T8668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 304.359825][ T8668] R13: 0000000000000000 R14: 00007f0149b35f80 R15: 00007ffc9dc56628 [ 304.367805][ T8668] [ 306.453565][ T9] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 306.695435][ T9] usb 6-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 306.705789][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.714278][ T9] usb 6-1: Product: syz [ 306.718609][ T9] usb 6-1: Manufacturer: syz [ 306.723223][ T9] usb 6-1: SerialNumber: syz [ 306.796307][ T9] usb 6-1: config 0 descriptor?? [ 306.985912][ T5916] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 307.020222][ T9] dvb_usb_dtv5100 6-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71 [ 307.093884][ T9] usb 6-1: USB disconnect, device number 3 [ 307.242397][ T5916] usb 3-1: Using ep0 maxpacket: 32 [ 307.267841][ T5916] usb 3-1: config 1 interface 0 altsetting 2 bulk endpoint 0x1 has invalid maxpacket 1024 [ 307.313519][ T5916] usb 3-1: config 1 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 8 [ 307.358908][ T5916] usb 3-1: config 1 interface 0 has no altsetting 0 [ 307.376681][ T5916] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 307.402498][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 307.443012][ T5916] usb 3-1: Product: Ņű덫䶟ᬪ數賮楟啬曦⁲훫颔釉䜳㲿챑貈৮盲꯾홢鬌፭ㅡᗏ藸戠᩺鎃⯳맃꭬櫜傅㐽Ꮀ砏는냝펏ⲛ洼ﺋ桊 [ 307.562913][ T5916] usb 3-1: Manufacturer: Ⰺ [ 307.583222][ T5916] usb 3-1: SerialNumber: syz [ 307.753784][ T8708] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 307.761104][ T8708] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 308.079577][ T5916] usblp 3-1:1.0: usblp0: USB Bidirectional printer dev 19 if 0 alt 2 proto 3 vid 0x0525 pid 0xA4A8 [ 308.148902][ T8732] netlink: 104 bytes leftover after parsing attributes in process `syz.5.745'. [ 308.155475][ T5916] usb 3-1: USB disconnect, device number 19 [ 308.211448][ T5916] usblp0: removed [ 309.823106][ T8749] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 309.933054][ T8749] netlink: 8 bytes leftover after parsing attributes in process `syz.6.749'. [ 309.969059][ T8749] bridge_slAve_0: renamed from lo (while UP) [ 310.975356][ T8767] Bluetooth: MGMT ver 1.23 [ 311.832988][ T8774] FAULT_INJECTION: forcing a failure. [ 311.832988][ T8774] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 311.834601][ T8774] [ 311.834609][ T8774] ====================================================== [ 311.834616][ T8774] WARNING: possible circular locking dependency detected [ 311.834623][ T8774] 6.12.0-syzkaller-00239-gc6d64479d609 #0 Not tainted [ 311.834634][ T8774] ------------------------------------------------------ [ 311.834640][ T8774] syz.5.757/8774 is trying to acquire lock: [ 311.834649][ T8774] ffffffff8e8154c0 (console_owner){-.-.}-{0:0}, at: console_flush_all+0x1a3/0xeb0 [ 311.834700][ T8774] [ 311.834700][ T8774] but task is already holding lock: [ 311.834706][ T8774] ffff8880b873ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 311.834747][ T8774] [ 311.834747][ T8774] which lock already depends on the new lock. [ 311.834747][ T8774] [ 311.834754][ T8774] [ 311.834754][ T8774] the existing dependency chain (in reverse order) is: [ 311.834760][ T8774] [ 311.834760][ T8774] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 311.834783][ T8774] lock_acquire+0x1ed/0x550 [ 311.834806][ T8774] _raw_spin_lock_nested+0x31/0x40 [ 311.834821][ T8774] raw_spin_rq_lock_nested+0x2a/0x140 [ 311.834840][ T8774] task_rq_lock+0xc6/0x360 [ 311.834858][ T8774] cgroup_move_task+0x9b/0x5a0 [ 311.834877][ T8774] css_set_move_task+0x72e/0x950 [ 311.834895][ T8774] cgroup_post_fork+0x256/0x880 [ 311.834912][ T8774] copy_process+0x39e9/0x3d50 [ 311.834932][ T8774] kernel_clone+0x223/0x880 [ 311.834952][ T8774] user_mode_thread+0x132/0x1a0 [ 311.834972][ T8774] rest_init+0x23/0x300 [ 311.834991][ T8774] start_kernel+0x47f/0x500 [ 311.835013][ T8774] x86_64_start_reservations+0x2a/0x30 [ 311.835031][ T8774] x86_64_start_kernel+0x9f/0xa0 [ 311.835049][ T8774] common_startup_64+0x13e/0x147 [ 311.835067][ T8774] [ 311.835067][ T8774] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 311.835090][ T8774] lock_acquire+0x1ed/0x550 [ 311.835111][ T8774] _raw_spin_lock_irqsave+0xd5/0x120 [ 311.835132][ T8774] try_to_wake_up+0xbe/0x14b0 [ 311.835147][ T8774] __wake_up_common_lock+0x130/0x1e0 [ 311.835168][ T8774] tty_port_default_wakeup+0xa6/0xf0 [ 311.835189][ T8774] serial8250_tx_chars+0x6e2/0x930 [ 311.835208][ T8774] serial8250_handle_irq+0x630/0xb80 [ 311.835225][ T8774] serial8250_default_handle_irq+0xd1/0x1f0 [ 311.835246][ T8774] serial8250_interrupt+0xa9/0x1f0 [ 311.835262][ T8774] __handle_irq_event_percpu+0x29a/0xa80 [ 311.835282][ T8774] handle_irq_event+0x89/0x1f0 [ 311.835301][ T8774] handle_edge_irq+0x25f/0xc20 [ 311.835318][ T8774] __common_interrupt+0x136/0x230 [ 311.835338][ T8774] common_interrupt+0xb4/0xd0 [ 311.835357][ T8774] asm_common_interrupt+0x26/0x40 [ 311.835373][ T8774] __sanitizer_cov_trace_pc+0x8/0x70 [ 311.835392][ T8774] mas_next_slot+0x104/0xea0 [ 311.835427][ T8774] mas_find+0x950/0xbb0 [ 311.835441][ T8774] validate_mm+0x104/0x550 [ 311.835461][ T8774] __split_vma+0xabd/0xc50 [ 311.835476][ T8774] vma_modify+0x153a/0x1a80 [ 311.835491][ T8774] vma_modify_flags+0x3a5/0x430 [ 311.835506][ T8774] mprotect_fixup+0x45a/0xaa0 [ 311.835527][ T8774] do_mprotect_pkey+0x8d7/0xd70 [ 311.835542][ T8774] __x64_sys_mprotect+0x80/0x90 [ 311.835563][ T8774] do_syscall_64+0xf3/0x230 [ 311.835580][ T8774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.835603][ T8774] [ 311.835603][ T8774] -> #2 (&tty->write_wait){-.-.}-{2:2}: [ 311.835627][ T8774] lock_acquire+0x1ed/0x550 [ 311.835646][ T8774] _raw_spin_lock_irqsave+0xd5/0x120 [ 311.835667][ T8774] __wake_up_common_lock+0x25/0x1e0 [ 311.835689][ T8774] tty_port_default_wakeup+0xa6/0xf0 [ 311.835709][ T8774] serial8250_tx_chars+0x6e2/0x930 [ 311.835726][ T8774] serial8250_handle_irq+0x630/0xb80 [ 311.835745][ T8774] serial8250_default_handle_irq+0xd1/0x1f0 [ 311.835766][ T8774] serial8250_interrupt+0xa9/0x1f0 [ 311.835781][ T8774] __handle_irq_event_percpu+0x29a/0xa80 [ 311.835801][ T8774] handle_irq_event+0x89/0x1f0 [ 311.835819][ T8774] handle_edge_irq+0x25f/0xc20 [ 311.835836][ T8774] __common_interrupt+0x136/0x230 [ 311.835856][ T8774] common_interrupt+0xb4/0xd0 [ 311.835875][ T8774] asm_common_interrupt+0x26/0x40 [ 311.835890][ T8774] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 311.835911][ T8774] uart_write+0x3e4/0xa40 [ 311.835928][ T8774] n_tty_write+0xd62/0x1230 [ 311.835949][ T8774] file_tty_write+0x546/0x9b0 [ 311.835965][ T8774] vfs_write+0xaeb/0xd30 [ 311.835983][ T8774] ksys_write+0x18f/0x2b0 [ 311.836002][ T8774] do_syscall_64+0xf3/0x230 [ 311.836018][ T8774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.836041][ T8774] [ 311.836041][ T8774] -> #1 (&port_lock_key){-.-.}-{2:2}: [ 311.836064][ T8774] lock_acquire+0x1ed/0x550 [ 311.836084][ T8774] _raw_spin_lock_irqsave+0xd5/0x120 [ 311.836105][ T8774] serial8250_console_write+0x1a7/0x1ed0 [ 311.836125][ T8774] console_flush_all+0x86b/0xeb0 [ 311.836143][ T8774] console_unlock+0x14f/0x3b0 [ 311.836160][ T8774] vprintk_emit+0x730/0xa10 [ 311.836176][ T8774] _printk+0xd5/0x120 [ 311.836191][ T8774] register_console+0xbf5/0xfd0 [ 311.836210][ T8774] univ8250_console_init+0x52/0x90 [ 311.836227][ T8774] console_init+0x1b8/0x6f0 [ 311.836242][ T8774] start_kernel+0x2d8/0x500 [ 311.836262][ T8774] x86_64_start_reservations+0x2a/0x30 [ 311.836280][ T8774] x86_64_start_kernel+0x9f/0xa0 [ 311.836298][ T8774] common_startup_64+0x13e/0x147 [ 311.836315][ T8774] [ 311.836315][ T8774] -> #0 (console_owner){-.-.}-{0:0}: [ 311.836338][ T8774] validate_chain+0x18ef/0x5920 [ 311.836354][ T8774] __lock_acquire+0x1384/0x2050 [ 311.836375][ T8774] lock_acquire+0x1ed/0x550 [ 311.836403][ T8774] console_flush_all+0x7f8/0xeb0 [ 311.836422][ T8774] console_unlock+0x14f/0x3b0 [ 311.836439][ T8774] vprintk_emit+0x730/0xa10 [ 311.836456][ T8774] _printk+0xd5/0x120 [ 311.836470][ T8774] should_fail_ex+0x391/0x4e0 [ 311.836491][ T8774] strncpy_from_user+0x36/0x260 [ 311.836511][ T8774] strncpy_from_user_nofault+0x71/0x140 [ 311.836529][ T8774] bpf_probe_read_compat_str+0xe9/0x180 [ 311.836551][ T8774] bpf_prog_c1796171ffc7efef+0x3e/0x40 [ 311.836564][ T8774] bpf_trace_run4+0x334/0x590 [ 311.836581][ T8774] __traceiter_sched_switch+0x98/0xd0 [ 311.836598][ T8774] __schedule+0x2266/0x4bd0 [ 311.836619][ T8774] preempt_schedule_irq+0xfb/0x1c0 [ 311.836641][ T8774] irqentry_exit+0x5e/0x90 [ 311.836656][ T8774] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 311.836672][ T8774] lock_release+0x658/0xa30 [ 311.836693][ T8774] lock_vma_under_rcu+0x5fd/0x790 [ 311.836711][ T8774] exc_page_fault+0x17b/0x8c0 [ 311.836726][ T8774] asm_exc_page_fault+0x26/0x30 [ 311.836741][ T8774] [ 311.836741][ T8774] other info that might help us debug this: [ 311.836741][ T8774] [ 311.836747][ T8774] Chain exists of: [ 311.836747][ T8774] console_owner --> &p->pi_lock --> &rq->__lock [ 311.836747][ T8774] [ 311.836774][ T8774] Possible unsafe locking scenario: [ 311.836774][ T8774] [ 311.836779][ T8774] CPU0 CPU1 [ 311.836785][ T8774] ---- ---- [ 311.836789][ T8774] lock(&rq->__lock); [ 311.836801][ T8774] lock(&p->pi_lock); [ 311.836813][ T8774] lock(&rq->__lock); [ 311.836826][ T8774] lock(console_owner); [ 311.836837][ T8774] [ 311.836837][ T8774] *** DEADLOCK *** [ 311.836837][ T8774] [ 311.836842][ T8774] 5 locks held by syz.5.757/8774: [ 311.836852][ T8774] #0: ffff88805fa2b148 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x34b/0x790 [ 311.836896][ T8774] #1: ffff8880b873ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 311.836940][ T8774] #2: ffffffff8e939f20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x590 [ 311.836982][ T8774] #3: ffffffff8e815520 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120 [ 311.837021][ T8774] #4: ffffffff8e815130 (console_srcu){....}-{0:0}, at: console_flush_all+0x1a3/0xeb0 [ 311.837064][ T8774] [ 311.837064][ T8774] stack backtrace: [ 311.837072][ T8774] CPU: 1 UID: 0 PID: 8774 Comm: syz.5.757 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 311.837092][ T8774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 311.837102][ T8774] Call Trace: [ 311.837108][ T8774] [ 311.837116][ T8774] dump_stack_lvl+0x241/0x360 [ 311.837137][ T8774] ? __pfx_dump_stack_lvl+0x10/0x10 [ 311.837156][ T8774] ? __pfx__printk+0x10/0x10 [ 311.837178][ T8774] print_circular_bug+0x13a/0x1b0 [ 311.837199][ T8774] check_noncircular+0x36a/0x4a0 [ 311.837220][ T8774] ? __pfx_check_noncircular+0x10/0x10 [ 311.837240][ T8774] ? lockdep_lock+0x123/0x2b0 [ 311.837263][ T8774] ? add_lock_to_list+0x1e8/0x2f0 [ 311.837285][ T8774] validate_chain+0x18ef/0x5920 [ 311.837315][ T8774] ? __pfx_validate_chain+0x10/0x10 [ 311.837335][ T8774] ? sprintf+0xda/0x120 [ 311.837356][ T8774] ? vsnprintf+0x1cc3/0x1da0 [ 311.837384][ T8774] ? info_print_prefix+0x204/0x310 [ 311.837415][ T8774] ? mark_lock+0x9a/0x360 [ 311.837433][ T8774] __lock_acquire+0x1384/0x2050 [ 311.837463][ T8774] lock_acquire+0x1ed/0x550 [ 311.837485][ T8774] ? console_flush_all+0x1a3/0xeb0 [ 311.837509][ T8774] ? __pfx_lock_acquire+0x10/0x10 [ 311.837532][ T8774] ? __pfx_lock_release+0x10/0x10 [ 311.837554][ T8774] ? do_raw_spin_lock+0x14f/0x370 [ 311.837578][ T8774] ? do_raw_spin_unlock+0x13c/0x8b0 [ 311.837599][ T8774] ? console_flush_all+0x511/0xeb0 [ 311.837619][ T8774] ? console_flush_all+0x1a3/0xeb0 [ 311.837641][ T8774] console_flush_all+0x7f8/0xeb0 [ 311.837660][ T8774] ? console_flush_all+0x1a3/0xeb0 [ 311.837683][ T8774] ? console_flush_all+0x1a3/0xeb0 [ 311.837706][ T8774] ? __pfx_console_flush_all+0x10/0x10 [ 311.837727][ T8774] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 311.837751][ T8774] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 311.837778][ T8774] ? this_cpu_in_panic+0x4f/0x80 [ 311.837795][ T8774] ? is_printk_legacy_deferred+0x43/0x50 [ 311.837818][ T8774] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 311.837840][ T8774] console_unlock+0x14f/0x3b0 [ 311.837860][ T8774] ? __pfx_console_unlock+0x10/0x10 [ 311.837880][ T8774] ? this_cpu_in_panic+0x4f/0x80 [ 311.837898][ T8774] ? is_printk_legacy_deferred+0x43/0x50 [ 311.837921][ T8774] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 311.837943][ T8774] vprintk_emit+0x730/0xa10 [ 311.837962][ T8774] ? __pfx_vprintk_emit+0x10/0x10 [ 311.837990][ T8774] _printk+0xd5/0x120 [ 311.838008][ T8774] ? __pfx__printk+0x10/0x10 [ 311.838031][ T8774] should_fail_ex+0x391/0x4e0 [ 311.838055][ T8774] strncpy_from_user+0x36/0x260 [ 311.838079][ T8774] strncpy_from_user_nofault+0x71/0x140 [ 311.838099][ T8774] bpf_probe_read_compat_str+0xe9/0x180 [ 311.838124][ T8774] ? bpf_trace_run4+0x244/0x590 [ 311.838142][ T8774] bpf_prog_c1796171ffc7efef+0x3e/0x40 [ 311.838157][ T8774] bpf_trace_run4+0x334/0x590 [ 311.838176][ T8774] ? psi_group_change+0xb4e/0x1190 [ 311.838197][ T8774] ? __pfx_bpf_trace_run4+0x10/0x10 [ 311.838218][ T8774] ? __pfx_probe_sched_switch+0x10/0x10 [ 311.838239][ T8774] ? tracing_record_taskinfo_sched_switch+0x7b/0x390 [ 311.838258][ T8774] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 311.838277][ T8774] __traceiter_sched_switch+0x98/0xd0 [ 311.838298][ T8774] __schedule+0x2266/0x4bd0 [ 311.838331][ T8774] ? __pfx___schedule+0x10/0x10 [ 311.838355][ T8774] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 311.838383][ T8774] ? preempt_schedule_irq+0xf0/0x1c0 [ 311.838417][ T8774] preempt_schedule_irq+0xfb/0x1c0 [ 311.838440][ T8774] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 311.838464][ T8774] ? reacquire_held_locks+0x3eb/0x690 [ 311.838488][ T8774] irqentry_exit+0x5e/0x90 [ 311.838505][ T8774] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 311.838522][ T8774] RIP: 0010:lock_release+0x658/0xa30 [ 311.838546][ T8774] Code: 3c 3b 00 74 08 4c 89 f7 e8 d5 2f 8b 00 f6 84 24 91 00 00 00 02 75 77 41 f7 c5 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 27 00 00 00 00 4b c7 44 27 08 00 00 00 00 65 48 8b 04 25 [ 311.838561][ T8774] RSP: 0000:ffffc90002e7fc80 EFLAGS: 00000206 [ 311.838576][ T8774] RAX: 0000000000000001 RBX: 1ffff920005cffa2 RCX: ffffc90002e7fd03 [ 311.838589][ T8774] RDX: 1ffff920005cffa0 RSI: ffffffff8c0add80 RDI: ffffffff8c604600 [ 311.838603][ T8774] RBP: ffffc90002e7fdb0 R08: ffffffff942a28a7 R09: 1ffffffff2854514 [ 311.838616][ T8774] R10: dffffc0000000000 R11: fffffbfff2854515 R12: 1ffff920005cff9c [ 311.838630][ T8774] R13: 0000000000000246 R14: ffffc90002e7fd10 R15: dffffc0000000000 [ 311.838651][ T8774] ? mtree_range_walk+0x6fd/0x8e0 [ 311.838675][ T8774] ? lock_vma_under_rcu+0x1dd/0x790 [ 311.838694][ T8774] ? __pfx_lock_release+0x10/0x10 [ 311.838716][ T8774] ? lock_vma_under_rcu+0x34b/0x790 [ 311.838743][ T8774] lock_vma_under_rcu+0x5fd/0x790 [ 311.838763][ T8774] ? lock_vma_under_rcu+0x1dd/0x790 [ 311.838784][ T8774] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 311.838812][ T8774] exc_page_fault+0x17b/0x8c0 [ 311.838832][ T8774] asm_exc_page_fault+0x26/0x30 [ 311.838847][ T8774] RIP: 0033:0x7f83aa5618e0 [ 311.838865][ T8774] Code: Unable to access opcode bytes at 0x7f83aa5618b6. [ 311.838874][ T8774] RSP: 002b:00007f83ab291be8 EFLAGS: 00010216 [ 311.838889][ T8774] RAX: 0000000020000000 RBX: 6666666666666667 RCX: 0000000000000000 [ 311.838901][ T8774] RDX: 00000000000003ff RSI: 0000000020000000 RDI: 00007f83ab291c10 [ 311.838913][ T8774] RBP: 00007f83ab291c10 R08: 0000000000000000 R09: 0000000000000000 [ 311.838925][ T8774] R10: 0000000020000000 R11: 000000000004a000 R12: 0000000000000001 [ 311.838937][ T8774] R13: 0000000000000001 R14: 00007f83aa735f80 R15: 00007fffba4fff28 [ 311.838956][ T8774] [ 313.161425][ T8774] CPU: 1 UID: 0 PID: 8774 Comm: syz.5.757 Not tainted 6.12.0-syzkaller-00239-gc6d64479d609 #0 [ 313.171647][ T8774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 313.181687][ T8774] Call Trace: [ 313.184949][ T8774] [ 313.187866][ T8774] dump_stack_lvl+0x241/0x360 [ 313.192532][ T8774] ? __pfx_dump_stack_lvl+0x10/0x10 [ 313.197798][ T8774] ? __pfx__printk+0x10/0x10 [ 313.202387][ T8774] should_fail_ex+0x3b0/0x4e0 [ 313.207061][ T8774] strncpy_from_user+0x36/0x260 [ 313.211900][ T8774] strncpy_from_user_nofault+0x71/0x140 [ 313.217429][ T8774] bpf_probe_read_compat_str+0xe9/0x180 [ 313.222980][ T8774] ? bpf_trace_run4+0x244/0x590 [ 313.227816][ T8774] bpf_prog_c1796171ffc7efef+0x3e/0x40 [ 313.233259][ T8774] bpf_trace_run4+0x334/0x590 [ 313.237920][ T8774] ? psi_group_change+0xb4e/0x1190 [ 313.243012][ T8774] ? __pfx_bpf_trace_run4+0x10/0x10 [ 313.248190][ T8774] ? __pfx_probe_sched_switch+0x10/0x10 [ 313.253718][ T8774] ? tracing_record_taskinfo_sched_switch+0x7b/0x390 [ 313.260376][ T8774] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 313.266423][ T8774] __traceiter_sched_switch+0x98/0xd0 [ 313.271776][ T8774] __schedule+0x2266/0x4bd0 [ 313.276273][ T8774] ? __pfx___schedule+0x10/0x10 [ 313.281109][ T8774] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 313.287076][ T8774] ? preempt_schedule_irq+0xf0/0x1c0 [ 313.292348][ T8774] preempt_schedule_irq+0xfb/0x1c0 [ 313.297535][ T8774] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 313.303243][ T8774] ? reacquire_held_locks+0x3eb/0x690 [ 313.308600][ T8774] irqentry_exit+0x5e/0x90 [ 313.312996][ T8774] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 313.318436][ T8774] RIP: 0010:lock_release+0x658/0xa30 [ 313.323705][ T8774] Code: 3c 3b 00 74 08 4c 89 f7 e8 d5 2f 8b 00 f6 84 24 91 00 00 00 02 75 77 41 f7 c5 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 27 00 00 00 00 4b c7 44 27 08 00 00 00 00 65 48 8b 04 25 [ 313.343294][ T8774] RSP: 0000:ffffc90002e7fc80 EFLAGS: 00000206 [ 313.349348][ T8774] RAX: 0000000000000001 RBX: 1ffff920005cffa2 RCX: ffffc90002e7fd03 [ 313.357305][ T8774] RDX: 1ffff920005cffa0 RSI: ffffffff8c0add80 RDI: ffffffff8c604600 [ 313.365256][ T8774] RBP: ffffc90002e7fdb0 R08: ffffffff942a28a7 R09: 1ffffffff2854514 [ 313.373213][ T8774] R10: dffffc0000000000 R11: fffffbfff2854515 R12: 1ffff920005cff9c [ 313.381183][ T8774] R13: 0000000000000246 R14: ffffc90002e7fd10 R15: dffffc0000000000 [ 313.389145][ T8774] ? mtree_range_walk+0x6fd/0x8e0 [ 313.394178][ T8774] ? lock_vma_under_rcu+0x1dd/0x790 [ 313.399357][ T8774] ? __pfx_lock_release+0x10/0x10 [ 313.404365][ T8774] ? lock_vma_under_rcu+0x34b/0x790 [ 313.409547][ T8774] lock_vma_under_rcu+0x5fd/0x790 [ 313.414571][ T8774] ? lock_vma_under_rcu+0x1dd/0x790 [ 313.419750][ T8774] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 313.425282][ T8774] exc_page_fault+0x17b/0x8c0 [ 313.429942][ T8774] asm_exc_page_fault+0x26/0x30 [ 313.434770][ T8774] RIP: 0033:0x7f83aa5618e0 [ 313.439172][ T8774] Code: Unable to access opcode bytes at 0x7f83aa5618b6. [ 313.446169][ T8774] RSP: 002b:00007f83ab291be8 EFLAGS: 00010216 [ 313.452215][ T8774] RAX: 0000000020000000 RBX: 6666666666666667 RCX: 0000000000000000 [ 313.460179][ T8774] RDX: 00000000000003ff RSI: 0000000020000000 RDI: 00007f83ab291c10 [ 313.468129][ T8774] RBP: 00007f83ab291c10 R08: 0000000000000000 R09: 0000000000000000 [ 313.476081][ T8774] R10: 0000000020000000 R11: 000000000004a000 R12: 0000000000000001 [ 313.484033][ T8774] R13: 0000000000000001 R14: 00007f83aa735f80 R15: 00007fffba4fff28 [ 313.491991][ T8774] [ 313.495077][ C0] vkms_vblank_simulate: vblank timer overrun [ 313.615981][ T8785] netlink: 60 bytes leftover after parsing attributes in process `syz.6.755'. [ 313.893572][ T5916] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 314.048157][ T5916] usb 7-1: Using ep0 maxpacket: 16 [ 314.103817][ T5916] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7 [ 314.128043][ T5916] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 314.153874][ T5916] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 314.197703][ T5916] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 314.207050][ T5916] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 314.233627][ T5916] usb 7-1: Product: syz [ 314.237849][ T5916] usb 7-1: Manufacturer: syz [ 314.242459][ T5916] usb 7-1: SerialNumber: syz [ 314.470017][ T5916] usb 7-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 314.487976][ T5916] usb 7-1: unit 6 not found! [ 314.529376][ T5916] usb 7-1: USB disconnect, device number 3 [ 317.298222][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.305242][ T1300] ieee802154 phy1 wpan1: encryption failed: -22