last executing test programs: 15.537826369s ago: executing program 4 (id=1819): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000020000000c00000000140000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESOCT=r0, @ANYBLOB="000000000001000800"/28], 0x50) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50100000000fdffffff07000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="010101027f"], 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x0) r2 = socket(0x840000000002, 0x3, 0x100) r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r4, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="180000007a00010600000000010000000700"], 0x18}], 0x1}, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r3, 0x40045542, &(0x7f0000000b00)) syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x40002) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=0x0) r6 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0) syz_usb_control_io(r6, 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x38, [0xb, 0xc95a, 0x1, 0x8, 0xb28, 0x2, 0x80007, 0x83, 0x20000006, 0xca, 0x6, 0x5f, 0x6, 0x5, 0x1, 0x4, 0x20100001, 0x3, 0x0, 0x5, 0x6, 0x9, 0x7, 0x3c5b, 0x1, 0x6, 0x8006, 0x1, 0x5, 0xffffffff, 0x5, 0x4, 0xb, 0x89d2, 0x9, 0x4c74, 0x80000000, 0x40000, 0x0, 0xe, 0xfffffffc, 0x80008071, 0x7, 0x17, 0xd, 0x3, 0xfffffa01, 0x42, 0x8f, 0x4006, 0x6, 0x80000000, 0x0, 0x80007, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x6, 0x6, 0x7, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xffffff81, 0x400, 0x6c7, 0x2, 0xfffffffc, 0x3, 0x0, 0x84, 0x5, 0x2f, 0x2, 0x312, 0xd, 0xffff, 0x2, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ffe, 0x401, 0x802, 0x7, 0xffffb942, 0x1, 0x4, 0x5f31, 0xd, 0x7f, 0x2, 0x4, 0xb, 0x3ff, 0x20009, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xfffe, 0x2, 0x8, 0x9, 0x5, 0x3, 0x8, 0xa6d, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x1], [0x7, 0x408, 0x8004, 0x6, 0xffffffff, 0x100, 0x8f2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x2000000, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x200, 0x7, 0xb, 0x5, 0x2, 0x0, 0x5a9c, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x1fe, 0x7c, 0x3, 0x4, 0x0, 0xffe, 0xa2, 0x7, 0x4000a9, 0x5, 0x7, 0x8c8, 0x2000af, 0xfffffffe, 0x8, 0x7ff, 0x123, 0x4, 0x7, 0xfff, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2004, 0x6, 0x0, 0x7], [0x9, 0xbb33, 0x7, 0x81, 0x8, 0x42c2, 0x3, 0x6, 0x0, 0x7fff, 0x4e7, 0x5, 0x2, 0x8007, 0x4, 0x8000003, 0x101, 0x10000, 0x6, 0x7ffc, 0x81, 0x2000a620, 0x2, 0x7, 0x1, 0x2, 0x5, 0xe7, 0x8, 0x10000018, 0xfffffffe, 0x80000003, 0x6, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x1, 0x7e, 0xda4, 0x9602, 0x7, 0xaf, 0x8, 0x4, 0xffffffff, 0x5, 0x45, 0xc, 0x30b1d693, 0x5, 0x1f40, 0x1, 0x41, 0x6c1b, 0x0, 0x804, 0xac1, 0xb1e, 0xd7, 0x9, 0xffff3441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {0xffffffffffffffff, 0x300}], 0x20000000000000dc, 0x0, 0x0, 0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r5, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x202, 0x0) r7 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffff9}) r8 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r8, &(0x7f0000000540)=[{&(0x7f0000000180)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300", 0x42}], 0x1) r9 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) r10 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802) writev(r10, &(0x7f0000000300)=[{&(0x7f00000000c0)="aefddaf64eb9ee07962c220852f426072a000000000000000000000023af82940a74c6b8e8fc4b7ee3eb945065bfdb1c563a896bf7f2a35a3039dd38bf643849b5d806b8e5007a2057fe14ab407c9a3f103edf17a9f6", 0x56}], 0x1) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000280)=@chain={'key_or_keyring:', r9}) 13.564094494s ago: executing program 2 (id=1822): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002ec0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000001c80)={0x1ff, 0x5, 0x3000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)) 13.399535347s ago: executing program 3 (id=1823): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000040000701fcffffff00000100017c0000040042800c0001800600060065580000100002800c000380"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000780)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000740)={&(0x7f00000001c0)=ANY=[@ANYRES16=r1, @ANYRES64=r0], 0x164}, 0x1, 0x0, 0x0, 0x20008000}, 0x4004010) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000480)=[{&(0x7f00000002c0)='\x00', 0x1}, {0x0}], 0x1) socket$nl_generic(0x10, 0x3, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r3 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180) ioctl$CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, &(0x7f00000000c0)={"218ff100", 0x8, 0x6, 0x2, 0x0, 0x8, "f700", "4500c700", "030600", "fcff7fff", ["50d59404000100", "808e88e2e9ffffffffff00", "0c436d743c97c443084000", '5\x00']}) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="3000000010000100000000020000000008000000", @ANYRES32, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0xffffffffffffffff, @ANYBLOB='\r\x00+'], 0x30}], 0x1}, 0x0) syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000580)=ANY=[@ANYBLOB="12011003020000182505a1a44100010203010902bf0002010650000900000000020d001b052401082400a9b30d2d0f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042406024424"], 0x0) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0) r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000d80)) ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000080)=0x200000000) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r7) sendmsg$NLBL_CALIPSO_C_REMOVE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)=ANY=[@ANYRESHEX=r4, @ANYRES8=r6, @ANYBLOB="010025bd7000ff000008000104000000002437e29f3ba708d3bc4144712566ebf3c4c44b520f12e8a1dbdc4bac2f1e445f2238ea0bbe38924c6002d0ab7979157b479df6a44341c47b4003e0aad7af7a59eb70b71c0491bcf4472c27a7c83ff565ad5fe9"], 0x1c}, 0x1, 0x0, 0x0, 0xdbbca5e2e2fba6f}, 0x800) sendmsg$NLBL_CALIPSO_C_ADD(r6, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="8e31a59b", @ANYRES16=r8, @ANYBLOB="010029bd7000ffdbdf25010000000800010002000000080002000200000008000200020000000800020002000000080002000200000008000100030000000800010002000000080001000300000008000200020000000800010001000000"], 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) dup2(r5, r5) r9 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x483, &(0x7f0000000400)={0x32, @loopback, 0xffff, 0x0, 'none\x00', 0x3a, 0x5, 0x44}, 0x2c) 11.571555785s ago: executing program 1 (id=1826): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000300)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000000c0)={0x0, 0x90, "3ab116e23239252b1abd5f1f193fc702b58845830d5032173ddef5310a500f953ae2291a358fd1036b247f4540fc38e47b28599e500d19888136001d063b9a5f2efb9dc791554483f89bf8d3be745f0916ac22c6e76505d3b2805c51defa556142b27025f350c7cc141395b2193dedacf042e2204972baec5c673c10595a94a5fd3dc7f3b8acb4336e66a3ad55708fd9"}, &(0x7f00000002c0)=0x98) 11.33894409s ago: executing program 2 (id=1827): r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001640), 0x0, 0x0) io_setup(0x2, &(0x7f00000001c0)=0x0) io_submit(r1, 0x1, &(0x7f00000012c0)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x2007, r0, 0x0, 0x0, 0x7, 0x0, 0x6}]) (fail_nth: 2) 10.105476558s ago: executing program 4 (id=1829): r0 = socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = socket$inet(0x2, 0x1, 0x100) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="260a00000000000061101800000000001800000000000000000000000000002fa479be08b39885f4"], &(0x7f0000000000)='GPL\x00'}, 0x80) r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x200e00, 0x0) syz_open_dev$dvb_demux(&(0x7f00000001c0), 0x9, 0x2) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000180)={'veth0_to_bond\x00', 0x100}) r7 = gettid() fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) socket(0x28, 0x1, 0x2) tkill(r7, 0xb) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r1, 0x541c, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)) syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYRESHEX=r2], 0x0) 10.037507267s ago: executing program 1 (id=1830): unshare(0x600) r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) lseek(r0, 0x0, 0x1) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r1, 0x0, 0x0) 10.037353024s ago: executing program 2 (id=1831): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000000d06010200000000000000060500000211000300686173683a69702c706f727400000000050001"], 0x38}, 0x1, 0x0, 0x0, 0x20008040}, 0x40048100) 10.036967312s ago: executing program 3 (id=1832): r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000180)=[{&(0x7f00000001c0)}], 0x1) 9.608147529s ago: executing program 2 (id=1833): r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000980)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = add_key$keyring(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffb) sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, 0x0, 0x4000000) pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) pipe2$watch_queue(&(0x7f00000002c0), 0x80) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000440)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEV(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010627bd7000fedbdf251a00000008000300", @ANYRES32=r8], 0x20}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000) keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045) r9 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x10a6e6, 0x1c080, 0xc, 0x20002f7}) io_uring_enter(r9, 0x2219, 0x7721, 0x16, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0x2, 0xa, 0x2) socket$inet(0x2, 0xa, 0x400) 9.58040992s ago: executing program 3 (id=1834): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="18020000fbffbfff000000000300000018010000786c6c3900000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000a0000008500000006000000850000001100000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f00000003c0)="6f11ba816056a1827a33ae059cf3", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @private=0xa010101}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x36}}, {0x2, 0x4e24, @rand_addr=0x64010100}, 0x1d7, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x4, 0x8}) syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000024917720042322023f77010203010902120001000010000904"], 0x0) r1 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x34, 0x0, @void}, 0x10) bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r1, 0x4) 9.528536645s ago: executing program 1 (id=1835): shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x7fffffff}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r3, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c, &(0x7f0000000640)=[{&(0x7f0000000140)=':', 0x1}], 0x1}}, {{&(0x7f0000000440)={0xa, 0x4e23, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}, 0x1c, &(0x7f0000000100)=[{0x0}], 0x1}}], 0x2, 0x0) shutdown(r3, 0x1) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) sendfile(r3, r4, 0x0, 0xfffa83) 9.295750598s ago: executing program 0 (id=1836): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20000040) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x40000, 0x7c6d, 0xffffffff, 0x8001, "5debca561a5fbf61048955f6f876b2ff", 0x0, 0x2, 0xd0, 0x0, 0xff}) r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000800)={r4, r4, r4}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}}) (fail_nth: 5) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40) socket$nl_xfrm(0x10, 0x3, 0x6) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x60042, 0x0) syz_usb_connect$hid(0x6, 0x0, 0x0, 0x0) write$binfmt_elf64(r5, 0x0, 0x78) 7.275772095s ago: executing program 2 (id=1837): r0 = socket(0x2a, 0x2, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) syz_usb_connect$midi(0x5, 0x31, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000100)="f2435f010008e09f1836008508007b4a414292aedd3321733ac905502aa1c76d6e9351bc3a150dac02e7d8e81edb4dab2d444af45f3a298531e3e661653353e798a539059c17328db4fded34e34935181b12c387ec51137e1d1f3e28568c80bc1e448324a8b3044c0e96a4fce8c551255382", 0x72, 0x1, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x13}}, 0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$inet(0x2, 0x3, 0x100) setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000500)=0x8, 0x4) bind$inet(r4, &(0x7f0000000000)={0x2, 0xffdf, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10) connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10) sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8080}, 0x0) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) 7.212034219s ago: executing program 1 (id=1838): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002ec0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4b564d02, 0xec000000, 0xcd}]}) 5.524524429s ago: executing program 3 (id=1839): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000a00)={0x0, 0x1, 0xa, 0x19, 0x159, &(0x7f0000000600)="dd9354e4d38cbd5905a70124220f434d904a12db558787fd1ad1dfc10545e078ce5eada90748bb90fb3e381f1bca0f2161823a9dbc7646c651d4a1181d2819eff0775358e19f9b450930a70b243f30b7aa3ac7c2c0a1bdbfa8eef5acdeb0e44e18710be23e6f58014d28db1ca6f05fa528b98cf426378b06b13dfd784deceb85a595e45d6098ef6841703771cf75c2f0c950efa7f257aa971f643a9caa4ea62f3a686976b3ab456516c3d38443e33271ef3e55fb09575d6a8944889b2ba43df9f9c2b72c2161caec8e635e45cbe5c22bd4e827d6a8930373ff08d610d19295f63ca51e9fe89175e8b4cc7bd55ad373b516a231a4e1f897274b5af1f91ef3db1039e91670d582036acfcccb992e033777ed435915d2926be2631534fecaec9130c072dd68289aaa6e320553df20f791bed6b49ac38428dca8f362e1a5d60d91391dc5579c20901153867f7d07adb1cda893ace24f938c9355102ae278c14fd097fe69907189f1b0562cf8f95919e95c1863c1aed67363b9218b91103ab10f9eda9a7a86eb0802cbd8982ba9f23581cf927a9ac6970cc0a14d236ae1698fa442bcb421dce158b255c496851db4f7d731245654c8474044c61815e8f596553d5104b174565703cfc9fbbd88d2c29882bd2261cae95a235bff6b27fa8558250b31ff6a48ccb333cb5c9996c4382e09193f905a846c759d65536e88c995f5f14488ed2b3a08248ac9da5673aa28df131ce193ac82138ef0b9eb214a0a4f079402a40c7f04b4ed2381eb524554dcb90189514a36d100bc3dd558010d3347c89c719a6759f14c6d52e9afc30e07ec7b662368306d2c830b9bfa7b6fc4f2a1f1b98b2bab3be890b6db51e698fc114f0587059c61e21045e5f911eeca280cbaff9ffa622a76116bb61e2ff4b45fc3b02b04c131ff5dd41742614ec81dad3a43c61a4e70bf0acdf3a837a805aa7ecb7506a9c05becf77be49c821571fdb38c32fc65dc254a96623706b698451441f0049c87b5e37abe3d687c8f8fd57b39bb011faf830862b745274af312c441dc5e6c55cee7fcfa505aefbf0bde627bfed061e37db0487af9c3fa2020e3ca6a315b4ed8d923b6782c8136127ce733639afc4554845115db5563ae34f0bba57a85a94f1aed562d79f5a7db5c8127f5ea5a1c64ae4c97808def5471e84db2bd0cce8809a19c1027b1098a962d65ea11fb1eff000b6e4133a11a839d588d9f644b3c8f8cd0f4f00218ee94fd634846344aae310f1af219365cd4bf796d80a48021d07bebdaf630b838df10d5f0defad8e7164069873896fb4ec5b57138d373a24f9c2a41f078e8f6046bed1c8635cafd16d5604337557957595687ed6e8e326b9ef6ade64be5c1f4890b4439aa6a70b9d0a6512bb6ab258f7df44429707f5a676ea6e3ad36a17e1683fd7edd330a945fe7acbdc8fbf910a4b0"}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000280)=0x1) ioctl$TIOCGRS485(r0, 0x542e, 0x0) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="042f"], 0x3fc) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x3) r2 = syz_open_dev$vcsn(&(0x7f0000000100), 0xfffffffffffffffa, 0x210400) read$msr(r2, &(0x7f0000000140)=""/5, 0x5) ioctl$TCFLSH(r1, 0x540b, 0x0) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000080)={0x5, 0x4, 0x2, 0x8, 0x6}) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xf}}, [@NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x200}}, @NFT_MSG_NEWFLOWTABLE={0x280, 0x16, 0xa, 0x401, 0x0, 0x0, {0x6, 0x0, 0x3}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0xf4, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0xa4, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syzkaller1\x00'}, {0x14, 0x1, 'netpci0\x00'}, {0x14, 0x1, 'caif0\x00'}, {0x14, 0x1, 'veth0_to_hsr\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'caif0\x00'}, {0x14, 0x1, 'pim6reg\x00'}, {0x14, 0x1, 'veth0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond_slave_1\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xc194}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_virt_wifi\x00'}, {0x14, 0x1, 'veth1_to_batadv\x00'}]}]}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xe8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x44b3}, @NFTA_FLOWTABLE_HOOK_DEVS={0xa4, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg0\x00'}, {0x14, 0x1, 'pim6reg0\x00'}, {0x14, 0x1, 'wg0\x00'}, {0x14, 0x1, 'pim6reg\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'wg1\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'veth0_to_bond\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan1\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x10000}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xa}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7}]}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HOOK={0x54, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syzkaller1\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'vcan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x2bc}}, 0x0) 5.404657775s ago: executing program 0 (id=1840): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x80020}, 0x1c, &(0x7f0000000300)=[{&(0x7f00000034c0)='\x00', 0x1}], 0x1}}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000000c0)={0x0, 0x90, "3ab116e23239252b1abd5f1f193fc702b58845830d5032173ddef5310a500f953ae2291a358fd1036b247f4540fc38e47b28599e500d19888136001d063b9a5f2efb9dc791554483f89bf8d3be745f0916ac22c6e76505d3b2805c51defa556142b27025f350c7cc141395b2193dedacf042e2204972baec5c673c10595a94a5fd3dc7f3b8acb4336e66a3ad55708fd9"}, &(0x7f00000002c0)=0x98) 4.770297725s ago: executing program 4 (id=1841): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000020000000c00000000140000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESOCT=r0, @ANYBLOB="000000000001000800"/28], 0x50) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50100000000fdffffff07000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="010101027f"], 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x0) socket(0x840000000002, 0x3, 0x100) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r3, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="180000007a00010600000000010000000700"], 0x18}], 0x1}, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000b00)) syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x40002) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)) r4 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0) syz_usb_control_io(r4, 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x38, [0xb, 0xc95a, 0x1, 0x8, 0xb28, 0x2, 0x80007, 0x83, 0x20000006, 0xca, 0x6, 0x5f, 0x6, 0x5, 0x1, 0x4, 0x20100001, 0x3, 0x0, 0x5, 0x6, 0x9, 0x7, 0x3c5b, 0x1, 0x6, 0x8006, 0x1, 0x5, 0xffffffff, 0x5, 0x4, 0xb, 0x89d2, 0x9, 0x4c74, 0x80000000, 0x40000, 0x0, 0xe, 0xfffffffc, 0x80008071, 0x7, 0x17, 0xd, 0x3, 0xfffffa01, 0x42, 0x8f, 0x4006, 0x6, 0x80000000, 0x0, 0x80007, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x6, 0x6, 0x7, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xffffff81, 0x400, 0x6c7, 0x2, 0xfffffffc, 0x3, 0x0, 0x84, 0x5, 0x2f, 0x2, 0x312, 0xd, 0xffff, 0x2, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ffe, 0x401, 0x802, 0x7, 0xffffb942, 0x1, 0x4, 0x5f31, 0xd, 0x7f, 0x2, 0x4, 0xb, 0x3ff, 0x20009, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xfffe, 0x2, 0x8, 0x9, 0x5, 0x3, 0x8, 0xa6d, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x1], [0x7, 0x408, 0x8004, 0x6, 0xffffffff, 0x100, 0x8f2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x2000000, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x200, 0x7, 0xb, 0x5, 0x2, 0x0, 0x5a9c, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x1fe, 0x7c, 0x3, 0x4, 0x0, 0xffe, 0xa2, 0x7, 0x4000a9, 0x5, 0x7, 0x8c8, 0x2000af, 0xfffffffe, 0x8, 0x7ff, 0x123, 0x4, 0x7, 0xfff, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2004, 0x6, 0x0, 0x7], [0x9, 0xbb33, 0x7, 0x81, 0x8, 0x42c2, 0x3, 0x6, 0x0, 0x7fff, 0x4e7, 0x5, 0x2, 0x8007, 0x4, 0x8000003, 0x101, 0x10000, 0x6, 0x7ffc, 0x81, 0x2000a620, 0x2, 0x7, 0x1, 0x2, 0x5, 0xe7, 0x8, 0x10000018, 0xfffffffe, 0x80000003, 0x6, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x1, 0x7e, 0xda4, 0x9602, 0x7, 0xaf, 0x8, 0x4, 0xffffffff, 0x5, 0x45, 0xc, 0x30b1d693, 0x5, 0x1f40, 0x1, 0x41, 0x6c1b, 0x0, 0x804, 0xac1, 0xb1e, 0xd7, 0x9, 0xffff3441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {0xffffffffffffffff, 0x300}], 0x20000000000000dc, 0x0, 0x0, 0x0) 4.367158s ago: executing program 1 (id=1842): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000b7403340861a22753635f10203010902120001000000000904"], 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f0000000040)={0x1c, &(0x7f0000000380)=ANY=[@ANYBLOB="010102"], 0x0, 0x0}) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) unshare(0x2040400) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xe468}, 0x94) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x0, 0x10000000, 0xffffffff, 0x2008}}, @TCA_ACT_BPF_FD={0x8, 0x5, r3}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004840}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYRESHEX, @ANYRES32, @ANYBLOB="0000000000000000b7080000000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = epoll_create1(0x80000) r5 = epoll_create1(0x0) syz_usb_control_io$cdc_ncm(r1, &(0x7f0000000500)={0x14, &(0x7f00000003c0)=ANY=[@ANYBLOB="4024920000009230a8196a8f8946586982a681c0ae228459f7b1e0bb2243bdf1e7948ab3665384c1a7da4feac33dcc43879437e2d933c3a68523e7ced28847639c094efc13ea3ae401d431ce189a4070876055f30100000000000000d8ec4905e95bd17277ebf0acee450f3453317fcdc3f6faf9c4bf52612f62f38305019425d33f72f0d73b1d6d471602678869306f921eca5f8ea1fe05"], &(0x7f00000004c0)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000740)={0x44, &(0x7f0000000540)=ANY=[@ANYBLOB="0005310000005fa31f03235864113819cdfb6914484ae1866bcceeb1a5e3543ab3f42b11693c6c6ce5e8fd286a269eaf2384a2e741fe47"], &(0x7f0000000580)={0x0, 0xa, 0x1, 0x40}, &(0x7f00000005c0)={0x0, 0x8, 0x1, 0x10}, &(0x7f0000000600)={0x20, 0x80, 0x1c, {0x3, 0x1ff, 0x6, 0x5, 0xc, 0x4, 0x3, 0x0, 0x4, 0x5, 0x6, 0xc54}}, &(0x7f0000000640)={0x20, 0x85, 0x4, 0x10001}, &(0x7f0000000680)={0x20, 0x83, 0x2}, &(0x7f00000006c0)={0x20, 0x87, 0x2, 0xfffc}, &(0x7f0000000700)={0x20, 0x89, 0x2, 0x1}}) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000140)={0x20000000}) epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r4, &(0x7f0000000200)={0xc000201c}) ioctl$TCSETS(r0, 0x40384708, &(0x7f0000000040)={0x3, 0x1, 0x9, 0x200, 0x1a, "3eccd2000500"}) 4.022430168s ago: executing program 4 (id=1843): sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{0x0}, {0x0}], 0x2}, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$SNDCTL_MIDI_PRETIME(r0, 0xc0046d00, &(0x7f0000000240)=0x1) sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f0000000700)=[{0x0}, {&(0x7f0000000280)="da3b7d7035cdbd35bccc23a2f8164fe26ad17c1668bf60cc412d60d7b02fe70f0d4c385a653d469c0888c116c5e9393ca029", 0x32}, {0x0}, {&(0x7f0000000740)}], 0x4}, 0x41) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48001}, 0x4044050) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0x10}, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) syz_open_dev$dri(&(0x7f0000000180), 0x1, 0xc0400) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x22048090) bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) syz_emit_ethernet(0x6e, &(0x7f0000000780)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x3, 0x6, "269fe0", 0x38, 0x3a, 0x1, @private2, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x4, {0x2, 0x6, "29e4f3", 0x0, 0x2b, 0x1, @private1, @private1={0xfc, 0x1, '\x00', 0x1}, [], "0a06efb2988b900b"}}}}}}}, 0x0) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257", 0xf15}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 3.817848176s ago: executing program 0 (id=1844): r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000180)=[{&(0x7f00000001c0)}], 0x1) 3.204458406s ago: executing program 0 (id=1845): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r1, &(0x7f0000002680)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}], 0x1, 0x0) shutdown(r1, 0x1) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x82, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000580)={0x0, 0x0, 0x6, 0x2, r2}, 0x10) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000280)={r2, 0x5}, 0x8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRESHEX=r1, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES64=r2, @ANYBLOB="0000000000000000000000000000000000e075cca91f6346138a00ba96d5813947ac22a9b661cd0abb3c2f078d4f795c7943ff17eb2cf99b9425c5787176cd02f695b127446b0eb76ce340534870103aff461e58a224752b3d2ed2a7ebe9ebf6fe02db68dd5a1937ac8431f2648c9a7582d164940139b2cd6fb0691ca4314afa43d0479cd643ef3c5f06208774c51e68e9953aa005fa911a4e0d1f54d222ab173df5254ca2456da30362240476a92a9264a749a5de25ae9e705344a23ea244a7247ffffa0236dc326232dadd3491232b3bf289cb513c8546f307099755ab2f106a63f006f8081af4248fe678b94595bdc1cb28c36dbd14413d0e1b938e"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) getsockopt$WPAN_WANTACK(r3, 0x0, 0x0, &(0x7f0000000140), &(0x7f0000000340)=0x4) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r5, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc92b18236457ee3c8", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) sendmmsg$inet6(r0, &(0x7f0000004fc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="140000000000000029000000430000000100ec"], 0x30}}], 0x1, 0x24044010) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) 2.775997632s ago: executing program 3 (id=1846): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000040000100fcff071e04000000010000000800cb8004000880100001800c00108008000100050000000c000200"], 0x38}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_type(r1, &(0x7f0000000040), 0x2, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) write$cgroup_type(r2, &(0x7f0000000280), 0x9) 2.706776462s ago: executing program 0 (id=1847): r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000980)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = add_key$keyring(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffb) sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, 0x0, 0x4000000) pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) pipe2$watch_queue(&(0x7f00000002c0), 0x80) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000440)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEV(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010627bd7000fedbdf251a00000008000300", @ANYRES32=r8], 0x20}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000) keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045) r9 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x10a6e6, 0x1c080, 0xc, 0x20002f7}) io_uring_enter(r9, 0x2219, 0x7721, 0x16, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0x2, 0xa, 0x2) socket$inet(0x2, 0xa, 0x400) 2.469581758s ago: executing program 4 (id=1848): shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x7fffffff}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r3, &(0x7f0000000a80)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c, &(0x7f0000000640)=[{&(0x7f0000000140)=':', 0x1}], 0x1}}, {{&(0x7f0000000440)={0xa, 0x4e23, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}, 0x1c, &(0x7f0000000100)=[{0x0}], 0x1}}], 0x2, 0x0) shutdown(r3, 0x1) r4 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0) sendfile(r3, r4, 0x0, 0xfffa83) 2.156136826s ago: executing program 3 (id=1849): r0 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000001c0)={'team0\x00', 0x0}) truncate(&(0x7f0000000000)='./file0\x00', 0x96f) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x1, &(0x7f0000000280)=0x6) r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01) ioctl$EVIOCSMASK(r3, 0x40104593, &(0x7f0000000140)={0x1, 0x1d, &(0x7f0000000ac0)="e2868f4aefac7a67561422c516dc175845e997f8169837a09b4366393e"}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r3, 0xc8b93000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$9p_virtio(0x0, 0x0, &(0x7f00000004c0), 0x200000, &(0x7f0000000c00)=ANY=[]) chdir(&(0x7f0000000300)='./file0\x00') r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000500)=ANY=[@ANYBLOB], 0x4c}, 0x1, 0x0, 0x0, 0x8800}, 0xc8) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r6, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20) r7 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb) add_key(&(0x7f0000000000)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0x3c0a, r7) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x1) r8 = fsopen(&(0x7f0000000100)='squashfs\x00', 0x1) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0) fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a40)=@newqdisc={0x8c, 0x24, 0xf0b, 0x0, 0xfffffffe, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x9], 0x0, [0x8, 0x404, 0x0, 0x0, 0x40, 0x5, 0x2, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0xfffd, 0x8, 0x0, 0x2000, 0x8e51, 0xe0f, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2]}}]}}]}, 0x8c}}, 0x0) rename(&(0x7f0000000100)='./file0\x00', 0x0) 1.091373401s ago: executing program 2 (id=1850): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000180)=0x5) 856.650456ms ago: executing program 0 (id=1851): epoll_create1(0x80000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) unshare(0x400) pselect6(0x40, &(0x7f0000000300)={0x0, 0x4000000000000000, 0x3, 0x1, 0x4, 0xfffffffffffffffd}, &(0x7f0000000240)={0x17, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x800000000, 0x8000008000000}, 0x0, 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_SETPLANE(r3, 0xc03064b7, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x2, 0x5, 0x5, 0x8, 0xfffffff9, 0x77, 0xfffffffd, 0xff, 0x102}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200), 0x4}) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETAW(r4, 0x5407, &(0x7f0000001500)={0x5, 0xff, 0x0, 0x7f, 0x11, "60da9be1777e1af0"}) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001c80)=ANY=[@ANYBLOB="61157c00000000006113700000000000bfa000000000000007000000080000002d03010000000000870500000000000069163e0000000000bf07000000000000550607000fff0720670600003f000000160300000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3897f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45d4e3b9e41c74a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8e545dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f020000361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e75b99f9632b6ce78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d0000002100000000000020fbce0e69cc9c4e6b2816a5f31f0000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34a3c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000020000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c69396289549e7806e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1fff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf48903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f3b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453b65586f65c7943d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a294ccba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798a9c2dca871073f6bd61940aabc86b94f8cbde4dc70667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d1542c882e672fea96aedf346279ec000000020000000000000000c6427829b65ee55eef70520871b2a26df69559b5a06ad06d3d0183ae3b317478fff42cc48b461c56baea65a66700000000d5559a5bfd8035e0df99b775a2a49e648dc63b496680bfa8e6979f3e2d9c31083ac3af4e5eff4e8a4e4b6d3855939fbe54014e2e367cfd3872ed8831e709538ed1e61be4778839864f88faa8f4453046eb59b6eea0d1538ccbd86cdfd389ef5bb6d49a66ed8b8915eb8e4315437c54f88eac0c74981dfe8c1239af27e714497f475ead5933f66b7f66b15663adbd804c07a4a10d5283a2fd3a0f50c9d1c0b69aa4911b409b6dda3421dbab8302ff09338f815331e3f3dbf7c119cca600b2248e530fe46f66bd8daec3ac4120ca9e23e1bbbfca76c146397b2006c7186da1065746e1641a44c8d9577617bb9f1bc769861624824565774ea1c0e5c75acb7255bc3b6ebf7beba910830877ddc82be039d33dc3742bef24c290e52af147ce4665e9d23caeceb297c3957335103f6fc2fae34f7e12864311a898ead68e5f8238103301acb7bdd9972359aaa4c3cc3021507e79df0dd0183eb1f2f2379451f556bbd4e695f481a7de7659ade66efb5b09b13c6da24dffd88a0162528ea4962ecea6fe6ad61f64606eb79f87ce8bd3834bafc0cb43f3387a7cd63a84bc7915e63b24ee4388607ba11f80b5100f4c74d0f0f34f22b765ba1fd700e0056a1c48cd53f901e006cb078fb56fc0e293b341a3f61310e85e99527ef084025f058b45d271de774905bb20"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48) 272.069µs ago: executing program 1 (id=1852): personality(0xeaffffffffffffff) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) r3 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000c40)={{r4}, &(0x7f0000000bc0), &(0x7f0000000c00)}, 0x20) bpf$PROG_LOAD(0x2, &(0x7f0000000200)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$inet_tcp(0x2, 0x1, 0x0) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x3, 0x0, 0x5}, 0x0, 0x0) mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="16050001000000080002000200"/30], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x404a001) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5c0000000206050000000000000300000000000005000100070000000900020073797a30000000001400078008000840000000dc0800124000000006050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="400100001000ff0f0000fffffedbdf25fe880000000000000000000000000001ac1414bb000000000000000000000000000100004e2200000200000021000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c0000000a01010200000000000000000000000000000000000000009201000000000000060000000000000002000100000000001c250800000000000000000000000000f8ffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000feffffffffffffff02000000fcffffff000000002abd700000350000020000002000000000000000480003006465666c6174650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001f0002000000"], 0x140}, 0x1, 0x0, 0x0, 0x8801}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x30, 0x9, 0xfd, 0x5ae9}, {0x30, 0x7f, 0x4, 0xfefff00c}, {0x6, 0x40, 0x7, 0x2002}]}, 0x10) sendmmsg$inet(r6, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed35", 0x732a}], 0x1}}], 0x400000000000292, 0x0) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) r9 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="3c00000013000100000000000000000807000000", @ANYRES32=r10, @ANYBLOB="36100000000000001c001a801800048014000a80080002"], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$nl_xfrm(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000018000100feffffff0001000000000000000000000000ffffe0000002fc0100000000000000000000000000010001071c4e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac14142500000000000000000000000000000000000000009201000000000000a39b000000000000ffff0000000000001c250800000000000500000000000000fcffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000fefffffffffffffffafffffffcffffff00000000800000000035000002"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000081dd22104c052e000005010203010902120001000000000904000000f704"], 0x0) 0s ago: executing program 4 (id=1853): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000020000000c00000000140000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRESOCT=r0, @ANYBLOB="000000000001000800"/28], 0x50) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005500e50100000000fdffffff07000000", @ANYRES32=r1, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="010101027f"], 0x38}, 0x1, 0x0, 0x0, 0x90}, 0x0) socket(0x840000000002, 0x3, 0x100) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r3, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="180000007a00010600000000010000000700"], 0x18}], 0x1}, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0x40045542, &(0x7f0000000b00)) syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x40002) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)) r4 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0) syz_usb_control_io(r4, 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x38, [0xb, 0xc95a, 0x1, 0x8, 0xb28, 0x2, 0x80007, 0x83, 0x20000006, 0xca, 0x6, 0x5f, 0x6, 0x5, 0x1, 0x4, 0x20100001, 0x3, 0x0, 0x5, 0x6, 0x9, 0x7, 0x3c5b, 0x1, 0x6, 0x8006, 0x1, 0x5, 0xffffffff, 0x5, 0x4, 0xb, 0x89d2, 0x9, 0x4c74, 0x80000000, 0x40000, 0x0, 0xe, 0xfffffffc, 0x80008071, 0x7, 0x17, 0xd, 0x3, 0xfffffa01, 0x42, 0x8f, 0x4006, 0x6, 0x80000000, 0x0, 0x80007, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x6, 0x6, 0x7, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xffffff81, 0x400, 0x6c7, 0x2, 0xfffffffc, 0x3, 0x0, 0x84, 0x5, 0x2f, 0x2, 0x312, 0xd, 0xffff, 0x2, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ffe, 0x401, 0x802, 0x7, 0xffffb942, 0x1, 0x4, 0x5f31, 0xd, 0x7f, 0x2, 0x4, 0xb, 0x3ff, 0x20009, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xfffe, 0x2, 0x8, 0x9, 0x5, 0x3, 0x8, 0xa6d, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x1], [0x7, 0x408, 0x8004, 0x6, 0xffffffff, 0x100, 0x8f2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x2000000, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x200, 0x7, 0xb, 0x5, 0x2, 0x0, 0x5a9c, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x1fe, 0x7c, 0x3, 0x4, 0x0, 0xffe, 0xa2, 0x7, 0x4000a9, 0x5, 0x7, 0x8c8, 0x2000af, 0xfffffffe, 0x8, 0x7ff, 0x123, 0x4, 0x7, 0xfff, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2004, 0x6, 0x0, 0x7], [0x9, 0xbb33, 0x7, 0x81, 0x8, 0x42c2, 0x3, 0x6, 0x0, 0x7fff, 0x4e7, 0x5, 0x2, 0x8007, 0x4, 0x8000003, 0x101, 0x10000, 0x6, 0x7ffc, 0x81, 0x2000a620, 0x2, 0x7, 0x1, 0x2, 0x5, 0xe7, 0x8, 0x10000018, 0xfffffffe, 0x80000003, 0x6, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x1, 0x7e, 0xda4, 0x9602, 0x7, 0xaf, 0x8, 0x4, 0xffffffff, 0x5, 0x45, 0xc, 0x30b1d693, 0x5, 0x1f40, 0x1, 0x41, 0x6c1b, 0x0, 0x804, 0xac1, 0xb1e, 0xd7, 0x9, 0xffff3441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {0xffffffffffffffff, 0x300}], 0x20000000000000dc, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): T11143] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 838.746835][ T36] kauditd_printk_skb: 59 callbacks suppressed [ 838.746851][ T36] audit: type=1326 audit(1780572373.561:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.746902][ T36] audit: type=1326 audit(1780572373.561:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.746941][ T36] audit: type=1326 audit(1780572373.561:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.746981][ T36] audit: type=1326 audit(1780572373.561:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.747018][ T36] audit: type=1326 audit(1780572373.561:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.747061][ T36] audit: type=1326 audit(1780572373.561:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.763531][ T36] audit: type=1326 audit(1780572373.561:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.763586][ T36] audit: type=1326 audit(1780572373.561:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.763626][ T36] audit: type=1326 audit(1780572373.561:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 838.763667][ T36] audit: type=1326 audit(1780572373.561:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11147 comm="syz.1.1498" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 839.718293][ T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 839.846313][ T6009] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 839.994006][ T6009] usb 1-1: Using ep0 maxpacket: 8 [ 840.000922][ T6009] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 840.000958][ T6009] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 840.000975][ T6009] usb 1-1: Product: syz [ 840.000988][ T6009] usb 1-1: Manufacturer: syz [ 840.001000][ T6009] usb 1-1: SerialNumber: syz [ 840.047794][ T6009] usb 1-1: config 0 descriptor?? [ 840.066509][ T6009] gspca_main: se401-2.14.0 probing 047d:5003 [ 840.117035][T11157] netlink: 592 bytes leftover after parsing attributes in process `syz.2.1500'. [ 840.203829][T11158] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1499'. [ 840.479100][ T6009] gspca_se401: Bayer format not supported! [ 840.811728][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 840.859959][T11165] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1503'. [ 841.049779][T11169] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1503'. [ 841.049820][T11169] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1503'. [ 841.675307][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 841.681109][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 842.006266][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 842.191199][T11175] lo speed is unknown, defaulting to 1000 [ 842.196181][T11175] lo speed is unknown, defaulting to 1000 [ 842.276489][T11175] lo speed is unknown, defaulting to 1000 [ 842.319853][T11175] smbdirect: ib_dev[syz0]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 842.319910][T11175] smbdirect: ib_dev[syz0]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 842.319967][T11175] smbdirect: ib_dev[syz0]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 842.477434][T11175] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 842.549200][T11175] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 842.613372][T11175] lo speed is unknown, defaulting to 1000 [ 842.618780][T11175] lo speed is unknown, defaulting to 1000 [ 842.620232][T11175] lo speed is unknown, defaulting to 1000 [ 842.621572][T11175] lo speed is unknown, defaulting to 1000 [ 842.623034][T11175] lo speed is unknown, defaulting to 1000 [ 842.692093][T11177] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1504'. [ 842.716309][ T5741] usb 1-1: USB disconnect, device number 36 [ 843.065841][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 843.365565][T11191] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1509'. [ 843.391419][T11191] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1509'. [ 844.364972][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 844.399772][ T36] kauditd_printk_skb: 109 callbacks suppressed [ 844.399784][ T36] audit: type=1326 audit(1780572379.210:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11194 comm="syz.1.1511" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4e0b0bce59 code=0x0 [ 844.760220][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 845.729430][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 846.745605][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 847.468968][T11208] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1513'. [ 847.998629][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 847.999736][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 848.942263][ T10] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 849.028908][T11225] input: syz0 as /devices/virtual/input/input15 [ 849.072960][ T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 849.078159][T11229] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1519'. [ 849.115919][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 849.123819][ T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 849.123843][ T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 849.152594][ T10] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 849.152623][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 849.152641][ T10] usb 5-1: Product: syz [ 849.152654][ T10] usb 5-1: Manufacturer: syz [ 849.152665][ T10] usb 5-1: SerialNumber: syz [ 849.256069][ T10] usb 5-1: 0:2 : does not exist [ 849.427787][ T10] usb 5-1: 5:0: failed to get current value for ch 0 (-22) [ 850.127563][T11229] bridge0: port 2(bridge_slave_1) entered disabled state [ 850.194999][ T10] usb 5-1: USB disconnect, device number 26 [ 850.273221][ T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 850.304282][T11229] netlink: 'syz.3.1519': attribute type 10 has an invalid length. [ 850.304297][T11229] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1519'. [ 850.591807][ T7726] udevd[7726]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 850.713302][T11241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1522'. [ 850.719652][T11241] block nbd0: not configured, cannot reconfigure [ 850.918074][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 850.968447][T11247] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1523'. [ 850.994977][T11247] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1523'. [ 851.151981][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 851.951628][ T6009] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 851.953139][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 852.022638][T11252] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1525'. [ 852.095575][ T6009] usb 3-1: Using ep0 maxpacket: 32 [ 852.099363][ T6009] usb 3-1: unable to get BOS descriptor or descriptor too short [ 852.124978][ T6009] usb 3-1: config 14 has an invalid interface number: 57 but max is 1 [ 852.124995][ T6009] usb 3-1: config 14 has an invalid interface number: 228 but max is 1 [ 852.125005][ T6009] usb 3-1: config 14 has no interface number 0 [ 852.125014][ T6009] usb 3-1: config 14 has no interface number 1 [ 852.125052][ T6009] usb 3-1: config 14 interface 228 altsetting 5 has a duplicate endpoint with address 0x8, skipping [ 852.125066][ T6009] usb 3-1: config 14 interface 228 altsetting 5 has an endpoint descriptor with address 0xD1, changing to 0x81 [ 852.125079][ T6009] usb 3-1: config 14 interface 228 altsetting 5 endpoint 0x81 has an invalid bInterval 109, changing to 10 [ 852.125092][ T6009] usb 3-1: config 14 interface 228 altsetting 5 endpoint 0x81 has invalid maxpacket 57993, setting to 1024 [ 852.125106][ T6009] usb 3-1: config 14 interface 228 altsetting 5 endpoint 0x9 has an invalid bInterval 122, changing to 10 [ 852.125118][ T6009] usb 3-1: config 14 interface 228 altsetting 5 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 852.125131][ T6009] usb 3-1: config 14 interface 57 has no altsetting 0 [ 852.125139][ T6009] usb 3-1: config 14 interface 228 has no altsetting 0 [ 852.130063][ T6009] usb 3-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=78.13 [ 852.130090][ T6009] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 852.130107][ T6009] usb 3-1: Product: syz [ 852.130119][ T6009] usb 3-1: Manufacturer: syz [ 852.130131][ T6009] usb 3-1: SerialNumber: syz [ 852.560206][T11257] netlink: 'syz.4.1527': attribute type 1 has an invalid length. [ 852.677624][ T6009] legousbtower 3-1:14.57: interrupt endpoints not found [ 853.048823][T11257] 8021q: adding VLAN 0 to HW filter on device bond3 [ 853.060092][ T6009] legousbtower 3-1:14.228: LEGO USB Tower firmware version is 138.15 build 55360 [ 853.109734][ T6009] legousbtower 3-1:14.228: LEGO USB Tower #-160 now attached to major 180 minor 0 [ 853.126704][ T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 853.193045][T11262] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 853.206094][T11262] bond3: (slave batadv1): making interface the new active one [ 853.213971][T11262] bond3: (slave batadv1): Enslaving as an active interface with an up link [ 853.309553][T11269] FAULT_INJECTION: forcing a failure. [ 853.309553][T11269] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 853.309585][T11269] CPU: 0 UID: 0 PID: 11269 Comm: syz.1.1530 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 853.309604][T11269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 853.309615][T11269] Call Trace: [ 853.309621][T11269] [ 853.309629][T11269] dump_stack_lvl+0xe8/0x150 [ 853.309655][T11269] should_fail_ex+0x46b/0x600 [ 853.309683][T11269] _copy_from_user+0x2d/0xb0 [ 853.309701][T11269] video_usercopy+0x36f/0x1450 [ 853.309740][T11269] ? smk_tskacc+0x311/0x3a0 [ 853.309763][T11269] ? __pfx_subdev_do_ioctl_lock+0x10/0x10 [ 853.309786][T11269] ? __pfx_video_usercopy+0x10/0x10 [ 853.309809][T11269] ? smack_file_ioctl+0x2c2/0x360 [ 853.309847][T11269] ? __fget_files+0x2a/0x420 [ 853.309865][T11269] ? __fget_files+0x3a6/0x420 [ 853.309885][T11269] v4l2_ioctl+0x190/0x1e0 [ 853.309910][T11269] ? __pfx_v4l2_ioctl+0x10/0x10 [ 853.309933][T11269] __se_sys_ioctl+0xff/0x170 [ 853.309954][T11269] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 853.309973][T11269] do_syscall_64+0x174/0x580 [ 853.309997][T11269] ? trace_irq_disable+0x3b/0x140 [ 853.310018][T11269] ? clear_bhb_loop+0x40/0x90 [ 853.310039][T11269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 853.310056][T11269] RIP: 0033:0x7f4e0b0bce59 [ 853.310073][T11269] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 853.310087][T11269] RSP: 002b:00007f4e09316028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 853.310107][T11269] RAX: ffffffffffffffda RBX: 00007f4e0b335fa0 RCX: 00007f4e0b0bce59 [ 853.310119][T11269] RDX: 0000200000000100 RSI: 00000000c040564a RDI: 0000000000000003 [ 853.310131][T11269] RBP: 00007f4e09316090 R08: 0000000000000000 R09: 0000000000000000 [ 853.310142][T11269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 853.310152][T11269] R13: 00007f4e0b336038 R14: 00007f4e0b335fa0 R15: 00007ffd8b6e3358 [ 853.310181][T11269] [ 853.656079][T11270] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1522'. [ 853.656688][T11270] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1522'. [ 853.991346][T11275] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 854.189662][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.199873][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 854.468508][T11278] 9pnet_fd: Insufficient options for proto=fd [ 854.762263][T11280] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 854.762292][T11280] overlayfs: failed to set xattr on upper [ 854.762297][T11280] overlayfs: ...falling back to redirect_dir=nofollow. [ 854.762301][T11280] overlayfs: ...falling back to index=off. [ 854.762305][T11280] overlayfs: ...falling back to uuid=null. [ 854.814463][T11281] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 854.814481][T11281] overlayfs: failed to set xattr on upper [ 854.814486][T11281] overlayfs: ...falling back to redirect_dir=nofollow. [ 854.814490][T11281] overlayfs: ...falling back to index=off. [ 854.814494][T11281] overlayfs: ...falling back to uuid=null. [ 854.814519][T11281] overlayfs: conflicting lowerdir path [ 854.982738][ T10] usb 3-1: USB disconnect, device number 32 [ 855.278396][ T10] legousbtower 3-1:14.228: LEGO USB Tower #-160 now disconnected [ 855.530591][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 855.611954][T11291] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1538'. [ 855.846108][ T5609] Bluetooth: hci1: unexpected event for opcode 0x2002 [ 856.012310][T11303] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1539'. [ 856.012439][T11303] bond0: Unable to set up delay as MII monitoring is disabled [ 856.706774][ T36] audit: type=1326 audit(1780572391.509:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11302 comm="syz.1.1540" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4e0b0bce59 code=0x0 [ 856.840486][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.464861][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.478508][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.532928][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 858.914921][ T9679] Bluetooth: hci1: command 0x0406 tx timeout [ 859.767755][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 859.864202][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 859.956227][ T5741] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 860.112744][ T5741] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 860.112772][ T5741] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 860.112790][ T5741] usb 5-1: Product: syz [ 860.112802][ T5741] usb 5-1: Manufacturer: syz [ 860.112814][ T5741] usb 5-1: SerialNumber: syz [ 860.381784][T11317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 860.382391][T11317] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 860.515427][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 860.591086][ T5741] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE [ 860.591146][ T5741] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE [ 860.788027][ T8555] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 862.272301][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 862.273168][ T9679] Bluetooth: hci1: command 0x0406 tx timeout [ 862.283301][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 862.297076][ T10] usb 4-1: new full-speed USB device number 29 using dummy_hcd [ 862.336755][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 862.360098][ T5741] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 862.360150][ T5741] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 862.396341][ T8555] usb 3-1: Using ep0 maxpacket: 16 [ 862.411304][ T8555] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 862.411348][ T8555] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 862.411365][ T8555] usb 3-1: Product: syz [ 862.411377][ T8555] usb 3-1: Manufacturer: syz [ 862.411388][ T8555] usb 3-1: SerialNumber: syz [ 862.479704][ T10] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 862.479730][ T10] usb 4-1: config 0 has no interface number 0 [ 862.479769][ T10] usb 4-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 862.479793][ T10] usb 4-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 862.479811][ T10] usb 4-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 862.479833][ T10] usb 4-1: config 0 interface 1 has no altsetting 0 [ 862.479863][ T10] usb 4-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00 [ 862.479883][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 862.553780][T11337] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1552'. [ 862.581049][T11337] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1552'. [ 862.899052][ T5741] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 862.954949][ T10] usb 4-1: config 0 descriptor?? [ 863.350881][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 863.383223][ T5741] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71 [ 863.528890][ T5741] usb 5-1: USB disconnect, device number 27 [ 863.883190][T11329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 863.883745][T11329] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 865.287845][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 865.430260][ T5610] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 865.437295][ T8555] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 865.485664][ T8555] usb 3-1: USB disconnect, device number 33 [ 865.596120][ T10] uclogic 0003:145F:0212.0007: failed retrieving string descriptor #100: -71 [ 865.596156][ T10] uclogic 0003:145F:0212.0007: failed retrieving pen parameters: -71 [ 865.596168][ T10] uclogic 0003:145F:0212.0007: pen probing failed: -71 [ 865.596179][ T10] uclogic 0003:145F:0212.0007: failed probing parameters: -71 [ 865.596235][ T10] uclogic 0003:145F:0212.0007: probe with driver uclogic failed with error -71 [ 865.655452][ T10] usb 4-1: USB disconnect, device number 29 [ 866.792799][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 868.185462][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 868.562284][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 869.623164][T11359] misc userio: Invalid payload size [ 869.648012][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 870.055884][ T36] audit: type=1107 audit(1780572404.778:992): pid=11362 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='' [ 870.168958][T11365] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1553'. [ 870.190286][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 871.445441][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 871.449108][ T1337] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.502060][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 871.627072][ T10] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 871.627360][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 871.786807][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 871.790736][ T10] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 871.790763][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 871.790773][ T10] usb 4-1: Product: syz [ 871.790779][ T10] usb 4-1: Manufacturer: syz [ 871.790786][ T10] usb 4-1: SerialNumber: syz [ 871.826832][ T6009] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 872.206711][ T6009] usb 1-1: Using ep0 maxpacket: 8 [ 872.210895][ T6009] usb 1-1: New USB device found, idVendor=0c45, idProduct=8003, bcdDevice=f9.64 [ 872.210923][ T6009] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67 [ 872.210940][ T6009] usb 1-1: Product: syz [ 872.210953][ T6009] usb 1-1: Manufacturer: syz [ 872.210965][ T6009] usb 1-1: SerialNumber: syz [ 872.221555][ T6009] usb 1-1: config 0 descriptor?? [ 872.232171][ T6009] gspca_main: sn9c2028-2.14.0 probing 0c45:8003 [ 872.448641][ T6009] gspca_sn9c2028: read1 error -32 [ 872.733097][T11382] batman_adv: batadv0: Adding interface: dummy0 [ 872.733139][T11382] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 872.733238][T11382] batman_adv: batadv0: Interface activated: dummy0 [ 873.003885][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 873.003948][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 873.047384][ T6009] gspca_sn9c2028: read1 error -32 [ 873.236753][ T36] audit: type=1326 audit(1780572407.938:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 873.236814][ T36] audit: type=1326 audit(1780572407.938:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 873.236912][ T36] audit: type=1326 audit(1780572407.938:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 873.236954][ T36] audit: type=1326 audit(1780572407.938:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 873.237050][ T36] audit: type=1326 audit(1780572407.938:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 873.237091][ T36] audit: type=1326 audit(1780572407.938:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 873.237131][ T36] audit: type=1326 audit(1780572407.938:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 873.237236][ T36] audit: type=1326 audit(1780572407.938:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 873.237277][ T36] audit: type=1326 audit(1780572407.938:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 874.258673][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 874.430031][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 874.466060][ T10] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 874.572898][ T10] usb 4-1: USB disconnect, device number 30 [ 874.672347][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 875.057270][ T36] kauditd_printk_skb: 839 callbacks suppressed [ 875.057288][ T36] audit: type=1326 audit(1780572409.868:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.062301][ T36] audit: type=1326 audit(1780572409.868:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.062964][ T36] audit: type=1326 audit(1780572409.868:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.064864][ T36] audit: type=1326 audit(1780572409.868:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.065759][ T36] audit: type=1326 audit(1780572409.868:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.067387][ T36] audit: type=1326 audit(1780572409.878:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.068407][ T36] audit: type=1326 audit(1780572409.878:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.069516][ T36] audit: type=1326 audit(1780572409.878:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.070716][ T36] audit: type=1326 audit(1780572409.878:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.071909][ T36] audit: type=1326 audit(1780572409.878:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11372 comm="syz.0.1556" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ffbc6d8d68e code=0x7ffc0000 [ 875.216855][ T6009] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 875.316765][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 875.368109][ T6009] usb 2-1: Using ep0 maxpacket: 16 [ 875.373391][ T6009] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 875.373419][ T6009] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 875.373436][ T6009] usb 2-1: Product: syz [ 875.373449][ T6009] usb 2-1: Manufacturer: syz [ 875.373462][ T6009] usb 2-1: SerialNumber: syz [ 875.538440][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 875.622243][ T10] usb 1-1: USB disconnect, device number 38 [ 876.346868][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 876.620103][ T5846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 876.752245][ T6009] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 879.359272][ T6009] usb 2-1: USB disconnect, device number 42 [ 879.370345][ T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 879.373300][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 879.707234][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 879.864382][T11417] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1576'. [ 879.914922][T11418] input: syz1 as /devices/virtual/input/input16 [ 880.908987][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 880.930738][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 880.969618][T11425] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.446868][ T6009] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 881.449482][ C1] raw-gadget.0 gadget.1: ignoring, device is not running [ 881.585835][ T6009] usb 2-1: device descriptor read/64, error -32 [ 881.730003][T11425] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.818645][ T6009] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 881.879825][T11425] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.899395][ T8819] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 881.911207][T11425] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.914457][T11425] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 881.987484][ T6009] usb 2-1: Using ep0 maxpacket: 8 [ 882.002142][ T6009] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 882.002257][ T6009] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 882.002285][ T6009] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 882.002307][ T6009] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 882.002328][ T6009] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 882.002368][ T6009] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 882.002388][ T6009] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 882.056905][ T8819] usb 3-1: Using ep0 maxpacket: 16 [ 882.101091][ T8819] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 882.101119][ T8819] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 882.101137][ T8819] usb 3-1: Product: syz [ 882.101149][ T8819] usb 3-1: Manufacturer: syz [ 882.101163][ T8819] usb 3-1: SerialNumber: syz [ 882.310477][ T6009] usb 2-1: GET_CAPABILITIES returned 0 [ 882.310582][ T6009] usbtmc 2-1:16.0: can't read capabilities [ 882.516976][ T8555] usb 2-1: USB disconnect, device number 44 [ 882.849683][ T5741] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 883.007853][T11447] trusted_key: encrypted_key: master key parameter '' is invalid [ 883.779219][ T5741] usb 5-1: Using ep0 maxpacket: 32 [ 883.784851][ T5741] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 883.784892][ T5741] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 883.784930][ T5741] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 883.784951][ T5741] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 883.790108][T11449] bridge0: port 3(batadv1) entered blocking state [ 883.790238][T11449] bridge0: port 3(batadv1) entered disabled state [ 883.790430][T11449] batadv1: entered allmulticast mode [ 883.805378][ T5741] usb 5-1: config 0 descriptor?? [ 883.881331][T11449] batadv1: entered promiscuous mode [ 883.918679][ T5741] hub 5-1:0.0: USB hub found [ 884.103491][ T5741] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 884.127602][ T8819] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 884.132961][ T8819] usb 3-1: USB disconnect, device number 34 [ 884.276954][T10519] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 884.276973][T10519] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 884.552114][ T36] kauditd_printk_skb: 269 callbacks suppressed [ 884.552133][ T36] audit: type=1400 audit(1780572419.348:2120): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="_" object="y" requested=w pid=11459 comm="syz.1.1589" saddr=172.20.20.187 src=20002 daddr=172.20.20.187 dest=20002 [ 884.552584][ T5741] hid-generic 0003:046D:C31C.0008: item fetching failed at offset 0/1 [ 884.553491][ T5741] hid-generic 0003:046D:C31C.0008: probe with driver hid-generic failed with error -22 [ 884.776534][ T31] net_ratelimit: 6 callbacks suppressed [ 884.777805][ T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 884.950378][T11462] binder: 11461:11462 ioctl 4018620d 0 returned -22 [ 885.250814][ T5741] usb 5-1: USB disconnect, device number 28 [ 886.754425][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 886.817985][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 887.787993][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 888.840675][ T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.310268][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.801920][T11507] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1605'. [ 889.879837][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.883507][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 889.917667][ T31] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 890.087486][ T31] usb 1-1: Using ep0 maxpacket: 16 [ 890.134391][T11504] binder: 11502:11504 ioctl 4018620d 0 returned -22 [ 890.479098][ T31] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 890.479127][ T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 890.479145][ T31] usb 1-1: Product: syz [ 890.479157][ T31] usb 1-1: Manufacturer: syz [ 890.479169][ T31] usb 1-1: SerialNumber: syz [ 890.597270][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 892.188550][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 892.190393][ T144] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 892.247767][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 892.364468][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 892.907191][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 893.012138][T11531] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 893.012243][T11531] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 893.812266][ T31] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 893.823407][ T31] usb 1-1: USB disconnect, device number 39 [ 895.387110][ C0] net_ratelimit: 3 callbacks suppressed [ 895.387131][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 895.707271][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 895.947216][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 896.167434][ T12] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 896.173006][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 897.050649][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 897.062800][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 897.064013][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 897.219528][T11544] tipc: Started in network mode [ 897.219554][T11544] tipc: Node identity ac14140f, cluster identity 4711 [ 897.248225][T11544] tipc: New replicast peer: 172.30.0.5 [ 897.266579][T11544] tipc: Enabled bearer , priority 10 [ 897.300742][ T36] audit: type=1400 audit(1780572432.098:2121): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="_" object="y" requested=w pid=11545 comm="syz.0.1616" saddr=172.20.20.187 src=20002 daddr=172.20.20.187 dest=20002 [ 898.847108][ T5741] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 899.027059][ T5741] usb 5-1: Using ep0 maxpacket: 16 [ 899.046609][ T5741] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 899.046635][ T5741] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 899.046657][ T5741] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 1794, setting to 1024 [ 899.046681][ T5741] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024 [ 899.046713][ T5741] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 899.046731][ T5741] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 899.046752][ T5741] usb 5-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 901.024544][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 901.302980][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 901.321173][T11410] tipc: Node number set to 2886997007 [ 901.387087][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 901.388493][ T8555] libceph: connect (1)[c::]:6789 error -101 [ 901.421206][T11564] ceph: No mds server is up or the cluster is laggy [ 901.447678][ T8555] libceph: mon0 (1)[c::]:6789 connect error [ 901.577720][ T5741] usb 5-1: New USB device found, idVendor=104f, idProduct=0004, bcdDevice=c6.c3 [ 901.577756][ T5741] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 901.577774][ T5741] usb 5-1: Product: syz [ 901.616167][ T5741] usb 5-1: config 0 descriptor?? [ 901.731069][ T5741] usb 5-1: can't set config #0, error -71 [ 901.755881][ T5741] usb 5-1: USB disconnect, device number 29 [ 902.037121][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 902.534730][T11579] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 902.534840][T11579] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 903.077228][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 903.079943][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 903.777094][ T31] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 904.570690][ T31] usb 2-1: Using ep0 maxpacket: 16 [ 904.588832][ T31] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 904.588859][ T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 904.588877][ T31] usb 2-1: Product: syz [ 904.588890][ T31] usb 2-1: Manufacturer: syz [ 904.588903][ T31] usb 2-1: SerialNumber: syz [ 904.722587][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 904.723627][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 906.111304][T11613] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1634'. [ 906.111322][T11613] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1634'. [ 906.111330][T11613] FAULT_INJECTION: forcing a failure. [ 906.111330][T11613] name failslab, interval 1, probability 0, space 0, times 0 [ 906.111533][T11613] CPU: 1 UID: 0 PID: 11613 Comm: syz.0.1634 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 906.111545][T11613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 906.111552][T11613] Call Trace: [ 906.111556][T11613] [ 906.111561][T11613] dump_stack_lvl+0xe8/0x150 [ 906.111577][T11613] should_fail_ex+0x46b/0x600 [ 906.111595][T11613] should_failslab+0xa8/0x100 [ 906.111609][T11613] __kmalloc_cache_noprof+0x84/0x690 [ 906.111621][T11613] ? __nla_parse+0x40/0x60 [ 906.111629][T11613] ? tcf_action_init_1+0x1c2/0x740 [ 906.111647][T11613] tcf_action_init_1+0x1c2/0x740 [ 906.111661][T11613] ? __pfx_tcf_action_init_1+0x10/0x10 [ 906.111672][T11613] ? tc_action_load_ops+0x247/0x540 [ 906.111693][T11613] ? __nla_parse+0x40/0x60 [ 906.111704][T11613] tcf_action_init+0x31e/0xb40 [ 906.111720][T11613] ? __pfx_tcf_action_init+0x10/0x10 [ 906.111730][T11613] ? stack_trace_save+0xa9/0x100 [ 906.111753][T11613] ? do_syscall_64+0x174/0x580 [ 906.111767][T11613] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 906.111777][T11613] ? __pfx___nla_validate_parse+0x10/0x10 [ 906.111804][T11613] tc_ctl_action+0x43b/0xc70 [ 906.111822][T11613] ? __pfx_tc_ctl_action+0x10/0x10 [ 906.111836][T11613] ? __lock_acquire+0x6b5/0x2cf0 [ 906.111870][T11613] ? __pfx_tc_ctl_action+0x10/0x10 [ 906.111881][T11613] rtnetlink_rcv_msg+0x77e/0xbe0 [ 906.111896][T11613] ? rtnetlink_rcv_msg+0x1b9/0xbe0 [ 906.111908][T11613] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 906.111919][T11613] ? ref_tracker_free+0x673/0x820 [ 906.111934][T11613] ? __pfx_ref_tracker_free+0x10/0x10 [ 906.111945][T11613] ? __asan_memcpy+0x40/0x70 [ 906.111954][T11613] ? __skb_clone+0x63/0x7a0 [ 906.111971][T11613] netlink_rcv_skb+0x232/0x4b0 [ 906.111985][T11613] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 906.111998][T11613] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 906.112017][T11613] ? netlink_deliver_tap+0x2e/0x1b0 [ 906.112029][T11613] ? netlink_deliver_tap+0x2e/0x1b0 [ 906.112045][T11613] netlink_unicast+0x780/0x920 [ 906.112063][T11613] netlink_sendmsg+0x813/0xb40 [ 906.112080][T11613] ? __pfx_netlink_sendmsg+0x10/0x10 [ 906.112094][T11613] ? unwind_get_return_address+0x4d/0x90 [ 906.112115][T11613] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 906.112128][T11613] ____sys_sendmsg+0x94c/0x9c0 [ 906.112148][T11613] ? __pfx_____sys_sendmsg+0x10/0x10 [ 906.112176][T11613] ? import_iovec+0x73/0xa0 [ 906.112203][T11613] ___sys_sendmsg+0x2a5/0x360 [ 906.112224][T11613] ? __lock_acquire+0x6b5/0x2cf0 [ 906.112247][T11613] ? __pfx____sys_sendmsg+0x10/0x10 [ 906.112301][T11613] ? __fget_files+0x2a/0x420 [ 906.112317][T11613] ? __fget_files+0x3a6/0x420 [ 906.112344][T11613] __x64_sys_sendmsg+0x1c3/0x2a0 [ 906.112369][T11613] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 906.112400][T11613] ? __pfx_ksys_write+0x10/0x10 [ 906.112420][T11613] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 906.112431][T11613] do_syscall_64+0x174/0x580 [ 906.112444][T11613] ? trace_irq_disable+0x3b/0x140 [ 906.112455][T11613] ? clear_bhb_loop+0x40/0x90 [ 906.112467][T11613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 906.112477][T11613] RIP: 0033:0x7ffbc6dcce59 [ 906.112488][T11613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 906.112496][T11613] RSP: 002b:00007ffbc501e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 906.112508][T11613] RAX: ffffffffffffffda RBX: 00007ffbc7045fa0 RCX: 00007ffbc6dcce59 [ 906.112515][T11613] RDX: 0000000000008000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 906.112522][T11613] RBP: 00007ffbc501e090 R08: 0000000000000000 R09: 0000000000000000 [ 906.112528][T11613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 906.112533][T11613] R13: 00007ffbc7046038 R14: 00007ffbc7045fa0 R15: 00007ffd2d8d5538 [ 906.112549][T11613] [ 906.226580][T11616] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1636'. [ 906.457146][ T31] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 906.907594][ C0] net_ratelimit: 3 callbacks suppressed [ 906.907612][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 907.084581][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 907.104357][ T31] usb 2-1: USB disconnect, device number 45 [ 907.331533][ T36] audit: type=1326 audit(1780572442.138:2122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.331584][ T36] audit: type=1326 audit(1780572442.138:2123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.332452][ T36] audit: type=1326 audit(1780572442.138:2124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.332786][ T36] audit: type=1326 audit(1780572442.138:2125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.333158][T11630] random: crng reseeded on system resumption [ 907.336312][ T36] audit: type=1326 audit(1780572442.138:2126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.336725][ T36] audit: type=1326 audit(1780572442.138:2127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.336765][ T36] audit: type=1326 audit(1780572442.138:2128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.358399][ T36] audit: type=1326 audit(1780572442.168:2129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.358451][ T36] audit: type=1326 audit(1780572442.168:2130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.358705][ T36] audit: type=1326 audit(1780572442.168:2131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11627 comm="syz.3.1640" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5767dace59 code=0x7ffc0000 [ 907.537583][T11634] binder: 11632:11634 ioctl c0306201 200000000640 returned -22 [ 907.727458][ T31] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 907.788277][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 907.857069][ T31] usb 2-1: device descriptor read/64, error -71 [ 908.101676][ T31] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 908.107628][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 908.268281][ T31] usb 2-1: device descriptor read/64, error -71 [ 908.377746][ T31] usb usb2-port1: attempt power cycle [ 908.527593][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 908.717074][ T31] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 908.751776][ T31] usb 2-1: device descriptor read/8, error -71 [ 908.997163][ T31] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 909.104804][ T31] usb 2-1: device descriptor read/8, error -71 [ 909.187370][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 909.207623][ T31] usb usb2-port1: unable to enumerate USB device [ 909.547118][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 910.267735][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 910.587098][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 910.827281][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 911.097286][ T5741] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 911.267173][ T5741] usb 5-1: Using ep0 maxpacket: 16 [ 911.277810][ T5741] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 911.277838][ T5741] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 911.277856][ T5741] usb 5-1: Product: syz [ 911.277869][ T5741] usb 5-1: Manufacturer: syz [ 911.277881][ T5741] usb 5-1: SerialNumber: syz [ 912.304602][ C0] net_ratelimit: 1 callbacks suppressed [ 912.304623][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 912.566408][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 912.938661][ T36] kauditd_printk_skb: 193 callbacks suppressed [ 912.938680][ T36] audit: type=1326 audit(1780572447.748:2325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 912.938726][ T36] audit: type=1326 audit(1780572447.748:2326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.009989][ T36] audit: type=1326 audit(1780572447.748:2327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.010094][ T36] audit: type=1326 audit(1780572447.818:2328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.010141][ T36] audit: type=1326 audit(1780572447.818:2329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.010261][ T36] audit: type=1326 audit(1780572447.818:2330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.010959][ T36] audit: type=1326 audit(1780572447.818:2331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.011003][ T36] audit: type=1326 audit(1780572447.818:2332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.011041][ T36] audit: type=1326 audit(1780572447.818:2333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.011079][ T36] audit: type=1326 audit(1780572447.818:2334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11681 comm="syz.0.1654" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 913.167070][T11410] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 913.317060][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 913.337114][T11410] usb 4-1: Using ep0 maxpacket: 16 [ 913.344837][T11410] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 913.344865][T11410] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 913.344884][T11410] usb 4-1: Product: syz [ 913.344897][T11410] usb 4-1: Manufacturer: syz [ 913.344910][T11410] usb 4-1: SerialNumber: syz [ 913.624814][ T5741] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 913.627704][ T31] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 913.663239][ T5741] usb 5-1: USB disconnect, device number 30 [ 913.874889][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 914.068570][ T10] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 914.233730][ T10] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 914.233758][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 914.233776][ T10] usb 1-1: Product: syz [ 914.233789][ T10] usb 1-1: Manufacturer: syz [ 914.233801][ T10] usb 1-1: SerialNumber: syz [ 914.357105][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 914.793404][T11410] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 915.520026][T11706] bridge5: entered promiscuous mode [ 915.520052][T11706] bridge5: entered allmulticast mode [ 915.549873][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 915.624235][T11410] usb 4-1: USB disconnect, device number 31 [ 916.072855][T11715] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 917.067317][T11715] : renamed from bond_slave_0 (while UP) [ 917.316127][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.445400][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.452032][ T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 917.452066][ T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 917.452076][ T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 917.511274][ T10] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71 [ 917.524899][ T10] usb 1-1: USB disconnect, device number 40 [ 917.657243][ T5741] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 917.741796][T11721] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.742583][T11721] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.743141][T11721] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.743832][T11721] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.744171][T11721] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 917.809622][ T5741] usb 3-1: Using ep0 maxpacket: 32 [ 917.811275][ T5741] usb 3-1: config 0 has an invalid interface number: 89 but max is 0 [ 917.811300][ T5741] usb 3-1: config 0 has no interface number 0 [ 917.811332][ T5741] usb 3-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 917.811344][ T5741] usb 3-1: config 0 interface 89 has no altsetting 0 [ 917.813446][ T5741] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4a [ 917.813470][ T5741] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 917.813480][ T5741] usb 3-1: Product: syz [ 917.813487][ T5741] usb 3-1: Manufacturer: syz [ 917.813494][ T5741] usb 3-1: SerialNumber: syz [ 917.823452][ T5741] usb 3-1: config 0 descriptor?? [ 917.884329][ T5741] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89) [ 917.884363][ T5741] em28xx 3-1:0.89: Video interface 89 found: [ 918.178830][T11727] FAULT_INJECTION: forcing a failure. [ 918.178830][T11727] name failslab, interval 1, probability 0, space 0, times 0 [ 918.178870][T11727] CPU: 1 UID: 0 PID: 11727 Comm: syz.4.1667 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 918.178891][T11727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 918.178902][T11727] Call Trace: [ 918.178909][T11727] [ 918.178916][T11727] dump_stack_lvl+0xe8/0x150 [ 918.178942][T11727] should_fail_ex+0x46b/0x600 [ 918.178971][T11727] should_failslab+0xa8/0x100 [ 918.178994][T11727] __kmalloc_noprof+0xdf/0x7b0 [ 918.179014][T11727] ? sock_kmalloc+0xd6/0x160 [ 918.179036][T11727] sock_kmalloc+0xd6/0x160 [ 918.179055][T11727] ____sys_sendmsg+0x1b5/0x9c0 [ 918.179082][T11727] ? __asan_memset+0x22/0x50 [ 918.179100][T11727] ? __pfx_____sys_sendmsg+0x10/0x10 [ 918.179133][T11727] ? import_iovec+0x73/0xa0 [ 918.179162][T11727] ___sys_sendmsg+0x2a5/0x360 [ 918.179185][T11727] ? __lock_acquire+0x6b5/0x2cf0 [ 918.179213][T11727] ? __pfx____sys_sendmsg+0x10/0x10 [ 918.179290][T11727] ? __fget_files+0x2a/0x420 [ 918.179306][T11727] ? __fget_files+0x3a6/0x420 [ 918.179332][T11727] __x64_sys_sendmsg+0x1c3/0x2a0 [ 918.179360][T11727] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 918.179393][T11727] ? __pfx_ksys_write+0x10/0x10 [ 918.179423][T11727] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.179441][T11727] do_syscall_64+0x174/0x580 [ 918.179465][T11727] ? trace_irq_disable+0x3b/0x140 [ 918.179485][T11727] ? clear_bhb_loop+0x40/0x90 [ 918.179507][T11727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.179524][T11727] RIP: 0033:0x7fc40674ce59 [ 918.179541][T11727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 918.179556][T11727] RSP: 002b:00007fc4049a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 918.179577][T11727] RAX: ffffffffffffffda RBX: 00007fc4069c5fa0 RCX: 00007fc40674ce59 [ 918.179589][T11727] RDX: 0000000020002880 RSI: 0000200000001640 RDI: 0000000000000003 [ 918.179601][T11727] RBP: 00007fc4049a6090 R08: 0000000000000000 R09: 0000000000000000 [ 918.179613][T11727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 918.179624][T11727] R13: 00007fc4069c6038 R14: 00007fc4069c5fa0 R15: 00007ffebb93ef98 [ 918.179651][T11727] [ 918.194435][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 918.327914][ T5741] em28xx 3-1:0.89: unknown em28xx chip ID (0) [ 918.351009][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 918.727414][T11728] tipc: Failed to remove unknown binding: 66,0,0/0:3932456854/3932456856 [ 918.727445][T11728] tipc: Failed to remove unknown binding: 66,0,0/0:3932456854/3932456855 [ 918.893314][ T36] kauditd_printk_skb: 107 callbacks suppressed [ 918.893329][ T36] audit: type=1326 audit(1780572453.698:2442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.893365][ T36] audit: type=1326 audit(1780572453.698:2443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.894227][ T36] audit: type=1326 audit(1780572453.698:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.894266][ T36] audit: type=1326 audit(1780572453.698:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.894502][ T36] audit: type=1326 audit(1780572453.698:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.894714][ T36] audit: type=1326 audit(1780572453.698:2447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.894969][ T36] audit: type=1326 audit(1780572453.698:2448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.895309][ T36] audit: type=1326 audit(1780572453.698:2449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.895626][ T36] audit: type=1326 audit(1780572453.698:2450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 918.895660][ T36] audit: type=1326 audit(1780572453.698:2451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11730 comm="syz.0.1668" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 919.351740][ T5741] em28xx 3-1:0.89: reading from i2c device at 0xa0 failed (error=-5) [ 919.351771][ T5741] em28xx 3-1:0.89: board has no eeprom [ 919.417216][ T5741] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67) [ 919.417244][ T5741] em28xx 3-1:0.89: analog set to bulk mode. [ 919.417445][ T10] em28xx 3-1:0.89: Registering V4L2 extension [ 919.459295][ T5741] usb 3-1: USB disconnect, device number 35 [ 919.474387][ T5741] em28xx 3-1:0.89: Disconnecting em28xx [ 919.587922][ T10] em28xx 3-1:0.89: Config register raw data: 0xffffffed [ 919.587947][ T10] em28xx 3-1:0.89: AC97 chip type couldn't be determined [ 919.587960][ T10] em28xx 3-1:0.89: No AC97 audio processor [ 919.773149][ T10] usb 3-1: Decoder not found [ 919.773243][ T10] em28xx 3-1:0.89: failed to create media graph [ 919.773273][ T10] em28xx 3-1:0.89: V4L2 device video103 deregistered [ 920.101763][ T10] em28xx 3-1:0.89: Registering snapshot button... [ 920.319634][ T10] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input17 [ 920.459985][ T10] em28xx 3-1:0.89: Remote control support is not available for this card. [ 920.461279][ T5741] em28xx 3-1:0.89: Closing input extension [ 920.506540][ T5741] em28xx 3-1:0.89: Deregistering snapshot button [ 921.861656][T11410] libceph: connect (1)[c::]:6789 error -101 [ 921.861855][T11410] libceph: mon0 (1)[c::]:6789 connect error [ 921.890433][T11751] ceph: No mds server is up or the cluster is laggy [ 923.581665][ T6009] net_ratelimit: 8 callbacks suppressed [ 923.581684][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 923.762377][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 923.792858][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 923.897943][T11410] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 924.075523][T11410] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 924.075552][T11410] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 924.075571][T11410] usb 5-1: Product: syz [ 924.075583][T11410] usb 5-1: Manufacturer: syz [ 924.075596][T11410] usb 5-1: SerialNumber: syz [ 924.451931][T11771] netlink: 'syz.2.1680': attribute type 1 has an invalid length. [ 924.452016][T11771] netlink: 'syz.2.1680': attribute type 4 has an invalid length. [ 924.452031][T11771] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.1680'. [ 924.589393][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 924.629776][T11771] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1680'. [ 924.906265][T11778] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1681'. [ 924.906297][T11778] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1681'. [ 925.027874][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 925.208777][T11410] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 925.208835][T11410] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 925.208853][T11410] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 925.286193][T11410] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71 [ 925.357302][ T5590] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 925.407158][ T9] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 925.414339][ T5741] em28xx 3-1:0.89: Freeing device [ 925.432650][T11410] usb 5-1: USB disconnect, device number 31 [ 925.507131][ T5590] usb 4-1: Using ep0 maxpacket: 32 [ 925.509789][ T5590] usb 4-1: config 0 has an invalid interface number: 51 but max is 0 [ 925.509814][ T5590] usb 4-1: config 0 has no interface number 0 [ 925.519145][ T5590] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 925.519178][ T5590] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 925.519197][ T5590] usb 4-1: Product: syz [ 925.519210][ T5590] usb 4-1: Manufacturer: syz [ 925.519223][ T5590] usb 4-1: SerialNumber: syz [ 925.542983][ T5590] usb 4-1: config 0 descriptor?? [ 925.559911][ T5590] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 925.597067][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 925.599462][ T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 925.599492][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 925.602344][ T9] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 925.602372][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 925.602390][ T9] usb 1-1: Product: syz [ 925.602403][ T9] usb 1-1: Manufacturer: syz [ 925.602417][ T9] usb 1-1: SerialNumber: syz [ 925.647991][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 925.654638][ T36] kauditd_printk_skb: 94 callbacks suppressed [ 925.654655][ T36] audit: type=1326 audit(1780572460.458:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.656594][ T36] audit: type=1326 audit(1780572460.458:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.663129][ T36] audit: type=1326 audit(1780572460.468:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.665931][ T36] audit: type=1326 audit(1780572460.468:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.666041][ T36] audit: type=1326 audit(1780572460.468:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.670799][ T36] audit: type=1326 audit(1780572460.468:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.673243][ T36] audit: type=1326 audit(1780572460.478:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.673291][ T36] audit: type=1326 audit(1780572460.478:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.675804][ T36] audit: type=1326 audit(1780572460.478:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.680729][ T36] audit: type=1326 audit(1780572460.488:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11780 comm="syz.2.1682" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 925.992228][ T9] usb 1-1: config 0 descriptor?? [ 926.009340][ T9] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 926.009371][ T9] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class) [ 926.112094][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 926.231528][T11778] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 926.231528][T11778] The task syz.3.1681 (11778) triggered the difference, watch for misbehavior. [ 926.536764][ T5590] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 926.653840][ T9] em28xx 1-1:0.0: chip ID is em2870 [ 926.668415][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 926.793673][ T5590] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 926.827300][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 927.751847][ C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 927.752932][ T9] usb 4-1: USB disconnect, device number 32 [ 927.941170][ T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 928.048537][ T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 928.056791][ T9] quatech2 4-1:0.51: device disconnected [ 928.354617][ T5590] usb 1-1: USB disconnect, device number 41 [ 928.360442][ T5590] em28xx 1-1:0.0: Disconnecting em28xx [ 928.385174][T11797] comedi comedi1: 8255: I/O port conflict (0x4,4) [ 928.748278][ T6009] net_ratelimit: 3 callbacks suppressed [ 928.748297][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 928.822188][ T5590] em28xx 1-1:0.0: Freeing device [ 929.094451][T11812] FAULT_INJECTION: forcing a failure. [ 929.094451][T11812] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 929.094484][T11812] CPU: 0 UID: 0 PID: 11812 Comm: syz.3.1689 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 929.094510][T11812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 929.094521][T11812] Call Trace: [ 929.094530][T11812] [ 929.094539][T11812] dump_stack_lvl+0xe8/0x150 [ 929.094566][T11812] should_fail_ex+0x46b/0x600 [ 929.094596][T11812] _copy_from_iter+0x1d3/0x1670 [ 929.094630][T11812] ? trace_kmem_cache_alloc+0x29/0xe0 [ 929.094655][T11812] ? __alloc_skb+0x27d/0x7d0 [ 929.094679][T11812] ? __pfx__copy_from_iter+0x10/0x10 [ 929.094702][T11812] ? kmem_cache_alloc_node_noprof+0x27c/0x6e0 [ 929.094722][T11812] ? __alloc_skb+0x27d/0x7d0 [ 929.094750][T11812] ? netlink_sendmsg+0x650/0xb40 [ 929.094773][T11812] ? skb_put+0x11b/0x210 [ 929.094800][T11812] netlink_sendmsg+0x6c0/0xb40 [ 929.094833][T11812] ? __pfx_netlink_sendmsg+0x10/0x10 [ 929.094867][T11812] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 929.094889][T11812] ____sys_sendmsg+0x94c/0x9c0 [ 929.094919][T11812] ? __pfx_____sys_sendmsg+0x10/0x10 [ 929.094954][T11812] ? import_iovec+0x73/0xa0 [ 929.094982][T11812] ___sys_sendmsg+0x2a5/0x360 [ 929.095006][T11812] ? __lock_acquire+0x6b5/0x2cf0 [ 929.095034][T11812] ? __pfx____sys_sendmsg+0x10/0x10 [ 929.095056][T11812] ? __lock_acquire+0x6b5/0x2cf0 [ 929.095089][T11812] ? kstrtouint+0x6e/0xe0 [ 929.095151][T11812] __sys_sendmmsg+0x282/0x4e0 [ 929.095182][T11812] ? __pfx___sys_sendmmsg+0x10/0x10 [ 929.095216][T11812] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 929.095252][T11812] ? ksys_write+0x248/0x270 [ 929.095276][T11812] ? __pfx_ksys_write+0x10/0x10 [ 929.095304][T11812] __x64_sys_sendmmsg+0xa0/0xc0 [ 929.095329][T11812] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 929.095344][T11812] do_syscall_64+0x174/0x580 [ 929.095368][T11812] ? trace_irq_disable+0x3b/0x140 [ 929.095389][T11812] ? clear_bhb_loop+0x40/0x90 [ 929.095412][T11812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 929.095430][T11812] RIP: 0033:0x7f5767dace59 [ 929.095448][T11812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 929.095463][T11812] RSP: 002b:00007f5765fe5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 929.095484][T11812] RAX: ffffffffffffffda RBX: 00007f5768026090 RCX: 00007f5767dace59 [ 929.095498][T11812] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000004 [ 929.095510][T11812] RBP: 00007f5765fe5090 R08: 0000000000000000 R09: 0000000000000000 [ 929.095521][T11812] R10: 00000000000000fc R11: 0000000000000246 R12: 0000000000000001 [ 929.095533][T11812] R13: 00007f5768026128 R14: 00007f5768026090 R15: 00007ffcfb778cc8 [ 929.095563][T11812] [ 929.264683][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 929.814985][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 930.335445][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 930.467232][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 931.335588][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 931.387271][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 931.493987][ T36] kauditd_printk_skb: 178 callbacks suppressed [ 931.494005][ T36] audit: type=1326 audit(1780572466.298:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.494391][ T36] audit: type=1326 audit(1780572466.298:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.494686][ T36] audit: type=1326 audit(1780572466.298:2736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.494799][ T36] audit: type=1326 audit(1780572466.298:2737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.495049][ T36] audit: type=1326 audit(1780572466.298:2738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.495327][ T36] audit: type=1326 audit(1780572466.298:2739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.495734][ T36] audit: type=1326 audit(1780572466.298:2740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.495785][ T36] audit: type=1326 audit(1780572466.298:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.495949][ T36] audit: type=1326 audit(1780572466.298:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.496156][ T36] audit: type=1326 audit(1780572466.298:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11830 comm="syz.0.1694" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbc6dcce59 code=0x7ffc0000 [ 931.702698][T11834] netlink: 'syz.1.1695': attribute type 39 has an invalid length. [ 932.189307][ T1337] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.437335][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 932.613607][T11841] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1698'. [ 932.618110][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 932.717338][T11841] bond0: Unable to set up delay as MII monitoring is disabled [ 933.467154][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 933.793895][T11870] net_ratelimit: 2 callbacks suppressed [ 933.793913][T11870] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 933.818835][T11870] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 933.819425][T11870] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 933.820168][T11870] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 933.857153][ T6009] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 934.009814][ T6009] usb 3-1: too many endpoints for config 1 interface 0 altsetting 13: 65, using maximum allowed: 30 [ 934.009868][ T6009] usb 3-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 65 [ 934.009883][ T6009] usb 3-1: config 1 interface 0 has no altsetting 0 [ 934.015230][ T6009] usb 3-1: New USB device found, idVendor=5543, idProduct=0081, bcdDevice= 0.40 [ 934.015259][ T6009] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 934.015277][ T6009] usb 3-1: Product: syz [ 934.015290][ T6009] usb 3-1: Manufacturer: syz [ 934.015303][ T6009] usb 3-1: SerialNumber: syz [ 934.670542][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 934.700834][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 934.726681][T11865] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 934.738380][T11865] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 934.739101][T11865] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 935.551362][ T6009] usbhid 3-1:1.0: can't add hid device: -71 [ 935.551509][ T6009] usbhid 3-1:1.0: probe with driver usbhid failed with error -71 [ 935.565971][ T6009] usb 3-1: USB disconnect, device number 36 [ 935.707544][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 935.813251][T11883] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1710'. [ 935.814380][T11885] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1708'. [ 939.485021][ C0] net_ratelimit: 6 callbacks suppressed [ 939.485069][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 939.746930][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 939.833511][T11929] bond0: entered promiscuous mode [ 939.833527][T11929] bond_slave_0: entered promiscuous mode [ 939.833674][T11929] bond_slave_1: entered promiscuous mode [ 939.851515][T11929] team0: entered promiscuous mode [ 939.851538][T11929] team_slave_0: entered promiscuous mode [ 939.851781][T11929] team_slave_1: entered promiscuous mode [ 939.869908][T11929] hsr1: entered promiscuous mode [ 939.870460][T11929] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 940.028940][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 940.047655][T11932] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1724'. [ 941.698596][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 941.722234][ T5590] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 941.731053][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 941.867211][ T5590] usb 1-1: Using ep0 maxpacket: 32 [ 941.870911][ T5590] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 941.870937][ T5590] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 941.871000][ T5590] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 941.875952][ T5590] usb 1-1: New USB device found, idVendor=0e41, idProduct=4241, bcdDevice= 0.40 [ 941.875981][ T5590] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 941.876000][ T5590] usb 1-1: Product: syz [ 941.876013][ T5590] usb 1-1: Manufacturer: syz [ 941.876027][ T5590] usb 1-1: SerialNumber: syz [ 942.077350][ T9] usb 4-1: new full-speed USB device number 33 using dummy_hcd [ 942.247480][ T5590] usb 1-1: unit 2 not found! [ 942.259771][ T9] usb 4-1: config 8 has an invalid interface number: 171 but max is 0 [ 942.259799][ T9] usb 4-1: config 8 has no interface number 0 [ 942.259856][ T9] usb 4-1: config 8 interface 171 has no altsetting 0 [ 942.263493][ T9] usb 4-1: New USB device found, idVendor=04a5, idProduct=300c, bcdDevice=3a.27 [ 942.263534][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 942.263552][ T9] usb 4-1: Product: syz [ 942.263565][ T9] usb 4-1: Manufacturer: syz [ 942.263577][ T9] usb 4-1: SerialNumber: syz [ 942.540422][T11947] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1728'. [ 942.540452][T11947] bond0: Unable to set up delay as MII monitoring is disabled [ 942.618100][ T5590] usb 1-1: USB disconnect, device number 42 [ 942.748284][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 942.748599][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 942.748798][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 942.929997][ T9] gspca_main: spca500-2.14.0 probing 04a5:300c [ 942.998133][T11950] FAULT_INJECTION: forcing a failure. [ 942.998133][T11950] name fail_iommufd, interval 1, probability 0, space 0, times 1 [ 942.998190][T11950] CPU: 1 UID: 0 PID: 11950 Comm: syz.4.1730 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 942.998212][T11950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 942.998224][T11950] Call Trace: [ 942.998232][T11950] [ 942.998240][T11950] dump_stack_lvl+0xe8/0x150 [ 942.998267][T11950] should_fail_ex+0x46b/0x600 [ 942.998297][T11950] iommufd_get_object+0x78/0x4b0 [ 942.998321][T11950] ? __pfx_iommufd_get_object+0x10/0x10 [ 942.998348][T11950] iommufd_test+0x568/0x6160 [ 942.998381][T11950] ? __lock_acquire+0x6b5/0x2cf0 [ 942.998404][T11950] ? __pfx_iommufd_test+0x10/0x10 [ 942.998451][T11950] ? tomoyo_path_number_perm+0x219/0x630 [ 942.998502][T11950] ? tomoyo_path_number_perm+0x219/0x630 [ 942.998529][T11950] ? __might_fault+0xaf/0x130 [ 942.998552][T11950] ? __might_fault+0xaf/0x130 [ 942.998599][T11950] iommufd_fops_ioctl+0x4b8/0x5d0 [ 942.998622][T11950] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 942.998667][T11950] ? __fget_files+0x2a/0x420 [ 942.998689][T11950] ? bpf_lsm_file_ioctl+0x9/0x20 [ 942.998710][T11950] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 942.998728][T11950] __se_sys_ioctl+0xff/0x170 [ 942.998750][T11950] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.998771][T11950] do_syscall_64+0x174/0x580 [ 942.998805][T11950] ? trace_irq_disable+0x3b/0x140 [ 942.998826][T11950] ? clear_bhb_loop+0x40/0x90 [ 942.999011][T11950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.999032][T11950] RIP: 0033:0x7fc40674ce59 [ 942.999051][T11950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 942.999066][T11950] RSP: 002b:00007fc404985028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 942.999131][T11950] RAX: ffffffffffffffda RBX: 00007fc4069c6090 RCX: 00007fc40674ce59 [ 942.999144][T11950] RDX: 0000200000000580 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 942.999156][T11950] RBP: 00007fc404985090 R08: 0000000000000000 R09: 0000000000000000 [ 942.999168][T11950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 942.999179][T11950] R13: 00007fc4069c6128 R14: 00007fc4069c6090 R15: 00007ffebb93ef98 [ 942.999224][T11950] [ 943.097082][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 943.578540][T11949] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 943.670515][ T9] usb 4-1: USB disconnect, device number 33 [ 943.788468][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 944.827227][ C0] net_ratelimit: 1 callbacks suppressed [ 944.827249][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 945.067689][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 945.875887][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 946.531258][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 946.531791][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 948.075107][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 948.077612][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 948.325817][T11982] FAULT_INJECTION: forcing a failure. [ 948.325817][T11982] name failslab, interval 1, probability 0, space 0, times 0 [ 948.325851][T11982] CPU: 0 UID: 0 PID: 11982 Comm: syz.3.1741 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 948.325872][T11982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 948.325883][T11982] Call Trace: [ 948.325891][T11982] [ 948.325898][T11982] dump_stack_lvl+0xe8/0x150 [ 948.325927][T11982] should_fail_ex+0x46b/0x600 [ 948.325958][T11982] should_failslab+0xa8/0x100 [ 948.325983][T11982] __kmalloc_noprof+0xdf/0x7b0 [ 948.326004][T11982] ? xprt_alloc+0x30/0x910 [ 948.326034][T11982] xprt_alloc+0x30/0x910 [ 948.326065][T11982] xs_setup_xprt+0x9e/0x390 [ 948.326097][T11982] xs_setup_local+0x4f/0x5e0 [ 948.326125][T11982] xprt_create_transport+0x166/0x5f0 [ 948.326158][T11982] rpc_create+0x54f/0x970 [ 948.326187][T11982] ? __pfx_rpc_create+0x10/0x10 [ 948.326219][T11982] ? __lock_acquire+0x6b5/0x2cf0 [ 948.326270][T11982] ? do_raw_spin_lock+0x12b/0x2f0 [ 948.326300][T11982] rpcb_create_af_local+0x1c7/0x3d0 [ 948.326332][T11982] ? __pfx_rpcb_create_af_local+0x10/0x10 [ 948.326372][T11982] ? rt_spin_unlock+0x14f/0x200 [ 948.326401][T11982] ? rt_spin_unlock+0x160/0x200 [ 948.326425][T11982] rpcb_create_local+0x268/0x670 [ 948.326446][T11982] ? rt_spin_unlock+0x14f/0x200 [ 948.326469][T11982] ? __pfx_rpcb_create_local+0x10/0x10 [ 948.326492][T11982] ? rt_spin_unlock+0x160/0x200 [ 948.326512][T11982] ? __percpu_counter_init_many+0x358/0x370 [ 948.326535][T11982] ? __svc_create+0x8df/0x9d0 [ 948.326566][T11982] svc_bind+0x1b7/0x230 [ 948.326595][T11982] nfsd_create_serv+0x57f/0x840 [ 948.326626][T11982] ? __pfx_nfsd_create_serv+0x10/0x10 [ 948.326656][T11982] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 948.326682][T11982] ? lockdep_hardirqs_on+0x7a/0x110 [ 948.326706][T11982] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 948.326732][T11982] ? mutex_lock_nested+0x152/0x1d0 [ 948.326752][T11982] ? nfsd_nl_listener_set_doit+0x13e/0x1630 [ 948.326777][T11982] nfsd_nl_listener_set_doit+0x146/0x1630 [ 948.326798][T11982] ? __pfx___nla_validate_parse+0x10/0x10 [ 948.326841][T11982] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 948.326869][T11982] ? __nla_parse+0x40/0x60 [ 948.326890][T11982] ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0 [ 948.326909][T11982] ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0 [ 948.326936][T11982] genl_family_rcv_msg_doit+0x22a/0x330 [ 948.326954][T11982] ? __asan_memcpy+0x40/0x70 [ 948.326973][T11982] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 948.327001][T11982] ? bpf_lsm_capable+0x9/0x20 [ 948.327020][T11982] ? security_capable+0x7e/0x2c0 [ 948.327044][T11982] genl_rcv_msg+0x61c/0x7a0 [ 948.327067][T11982] ? __pfx_genl_rcv_msg+0x10/0x10 [ 948.327083][T11982] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 948.327116][T11982] netlink_rcv_skb+0x232/0x4b0 [ 948.327139][T11982] ? __pfx_genl_rcv_msg+0x10/0x10 [ 948.327159][T11982] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 948.327194][T11982] ? netlink_deliver_tap+0x2e/0x1b0 [ 948.327216][T11982] ? netlink_deliver_tap+0x2e/0x1b0 [ 948.327243][T11982] genl_rcv+0x28/0x40 [ 948.327261][T11982] netlink_unicast+0x780/0x920 [ 948.327294][T11982] netlink_sendmsg+0x813/0xb40 [ 948.327335][T11982] ? __pfx_netlink_sendmsg+0x10/0x10 [ 948.327361][T11982] ? unwind_get_return_address+0x4d/0x90 [ 948.327388][T11982] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 948.327411][T11982] ____sys_sendmsg+0x94c/0x9c0 [ 948.327443][T11982] ? __pfx_____sys_sendmsg+0x10/0x10 [ 948.327491][T11982] ? import_iovec+0x73/0xa0 [ 948.327522][T11982] ___sys_sendmsg+0x2a5/0x360 [ 948.327545][T11982] ? __lock_acquire+0x6b5/0x2cf0 [ 948.327572][T11982] ? __pfx____sys_sendmsg+0x10/0x10 [ 948.327637][T11982] ? __fget_files+0x2a/0x420 [ 948.327654][T11982] ? __fget_files+0x3a6/0x420 [ 948.327684][T11982] __x64_sys_sendmsg+0x1c3/0x2a0 [ 948.327712][T11982] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 948.327748][T11982] ? __pfx_ksys_write+0x10/0x10 [ 948.327777][T11982] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 948.327796][T11982] do_syscall_64+0x174/0x580 [ 948.327820][T11982] ? trace_irq_disable+0x3b/0x140 [ 948.327841][T11982] ? clear_bhb_loop+0x40/0x90 [ 948.327864][T11982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 948.327882][T11982] RIP: 0033:0x7f5767dace59 [ 948.327900][T11982] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 948.327916][T11982] RSP: 002b:00007f5766006028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 948.327937][T11982] RAX: ffffffffffffffda RBX: 00007f5768025fa0 RCX: 00007f5767dace59 [ 948.327951][T11982] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004 [ 948.327963][T11982] RBP: 00007f5766006090 R08: 0000000000000000 R09: 0000000000000000 [ 948.327974][T11982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 948.327986][T11982] R13: 00007f5768026038 R14: 00007f5768025fa0 R15: 00007ffcfb778cc8 [ 948.328018][T11982] [ 949.149050][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 949.160862][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 949.703004][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 949.980197][T12002] bond1: entered promiscuous mode [ 950.187294][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 950.188057][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 950.305667][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 950.403413][T12009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1750'. [ 950.403545][T12009] bond0: Unable to set up delay as MII monitoring is disabled [ 951.253207][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 951.307915][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 952.267208][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 952.364615][T12024] FAULT_INJECTION: forcing a failure. [ 952.364615][T12024] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 952.364691][T12024] CPU: 0 UID: 0 PID: 12024 Comm: syz.0.1755 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 952.364715][T12024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 952.364726][T12024] Call Trace: [ 952.364734][T12024] [ 952.364743][T12024] dump_stack_lvl+0xe8/0x150 [ 952.364770][T12024] should_fail_ex+0x46b/0x600 [ 952.364802][T12024] prepare_alloc_pages+0x22a/0x6b0 [ 952.364834][T12024] __alloc_frozen_pages_noprof+0x12f/0x380 [ 952.364867][T12024] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 952.364896][T12024] ? __pfx_policy_nodemask+0x10/0x10 [ 952.364916][T12024] ? filemap_get_entry+0x378/0x3f0 [ 952.364941][T12024] ? __pfx_filemap_get_entry+0x10/0x10 [ 952.364964][T12024] alloc_pages_mpol+0xd1/0x380 [ 952.364991][T12024] folio_alloc_mpol_noprof+0x3b/0x1e0 [ 952.365024][T12024] shmem_get_folio_gfp+0x644/0x1a80 [ 952.365074][T12024] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 952.365093][T12024] ? do_raw_spin_lock+0x12b/0x2f0 [ 952.365126][T12024] shmem_write_begin+0x166/0x320 [ 952.365154][T12024] generic_perform_write+0x2af/0x8b0 [ 952.365190][T12024] ? __pfx_generic_perform_write+0x10/0x10 [ 952.365211][T12024] ? __rcu_read_unlock+0x83/0xe0 [ 952.365236][T12024] ? rt_spin_unlock+0x160/0x200 [ 952.365257][T12024] ? mnt_put_write_access_file+0xc6/0x100 [ 952.365282][T12024] ? file_update_time_flags+0x406/0x4b0 [ 952.365307][T12024] shmem_file_write_iter+0xfb/0x120 [ 952.365336][T12024] vfs_write+0x629/0xba0 [ 952.365367][T12024] ? __pfx_vfs_write+0x10/0x10 [ 952.365391][T12024] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 952.365417][T12024] ? lockdep_hardirqs_on+0x7a/0x110 [ 952.365443][T12024] ? mutex_lock_nested+0x152/0x1d0 [ 952.365463][T12024] ? fdget_pos+0x252/0x320 [ 952.365489][T12024] ksys_write+0x156/0x270 [ 952.365514][T12024] ? __pfx_ksys_write+0x10/0x10 [ 952.365544][T12024] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 952.365565][T12024] do_syscall_64+0x174/0x580 [ 952.365592][T12024] ? clear_bhb_loop+0x40/0x90 [ 952.365615][T12024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 952.365633][T12024] RIP: 0033:0x7ffbc6dcce59 [ 952.365652][T12024] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 952.365667][T12024] RSP: 002b:00007ffbc4ffd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 952.365688][T12024] RAX: ffffffffffffffda RBX: 00007ffbc7046090 RCX: 00007ffbc6dcce59 [ 952.365702][T12024] RDX: 0000000000000010 RSI: 0000200000000300 RDI: 0000000000000007 [ 952.365713][T12024] RBP: 00007ffbc4ffd090 R08: 0000000000000000 R09: 0000000000000000 [ 952.365725][T12024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 952.365736][T12024] R13: 00007ffbc7046128 R14: 00007ffbc7046090 R15: 00007ffd2d8d5538 [ 952.365768][T12024] [ 952.535633][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 952.828285][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 953.307292][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 953.697169][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 955.867430][ C0] net_ratelimit: 1 callbacks suppressed [ 955.867462][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 955.868072][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 956.004576][T10521] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 956.054180][ T8555] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 956.864285][T12038] ceph: No mds server is up or the cluster is laggy [ 957.036379][ T6009] libceph: connect (1)[c::]:6789 error -101 [ 957.054208][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 957.198399][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 957.236363][ T6009] libceph: mon0 (1)[c::]:6789 connect error [ 957.901706][T12054] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1764'. [ 957.952525][T12054] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1764'. [ 958.117308][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 958.813463][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 958.968122][ T5590] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 959.067554][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 959.147139][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 959.247296][ T9] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 959.277706][ T5590] usb 3-1: Using ep0 maxpacket: 32 [ 959.335808][ T5590] usb 3-1: config 0 has an invalid interface number: 119 but max is 0 [ 959.335839][ T5590] usb 3-1: config 0 has no interface number 0 [ 959.335886][ T5590] usb 3-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 959.335907][ T5590] usb 3-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xD3, changing to 0x83 [ 959.335932][ T5590] usb 3-1: config 0 interface 119 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 959.335954][ T5590] usb 3-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 959.341958][ T5590] usb 3-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 959.341994][ T5590] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 959.342013][ T5590] usb 3-1: Product: syz [ 959.342027][ T5590] usb 3-1: Manufacturer: syz [ 959.342040][ T5590] usb 3-1: SerialNumber: syz [ 959.353346][ T5590] usb 3-1: config 0 descriptor?? [ 959.370287][ T5590] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.119/input/input19 [ 959.647103][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 959.678713][ T9] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 959.678745][ T9] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 959.683735][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 959.683763][ T9] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 959.683782][ T9] usb 4-1: Product: syz [ 959.683794][ T9] usb 4-1: Manufacturer: syz [ 959.766157][T12065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 959.768940][T12065] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 959.849888][ T9] hub 4-1:4.0: USB hub found [ 960.052632][ T9] hub 4-1:4.0: 2 ports detected [ 960.081900][ T6009] usb 3-1: USB disconnect, device number 37 [ 961.032618][ T9] hub 4-1:4.0: set hub depth failed [ 961.034058][ T8819] net_ratelimit: 2 callbacks suppressed [ 961.034077][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 961.226354][ T869] hub 4-1:4.0: hub_ext_port_status failed (err = -71) [ 961.245151][ T9] usb 4-1: USB disconnect, device number 34 [ 961.627607][T10519] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 961.772929][T12077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1771'. [ 962.113310][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 962.712469][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 962.930685][T12092] ceph: No mds server is up or the cluster is laggy [ 962.957497][ T869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 963.148242][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 963.727225][ T9] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 963.805972][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 963.887509][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 963.893043][ T9] usb 1-1: config 0 has an invalid interface number: 64 but max is 0 [ 963.893060][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 963.893070][ T9] usb 1-1: config 0 has no interface number 0 [ 963.893096][ T9] usb 1-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b [ 963.893111][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 963.903384][ T9] usb 1-1: config 0 descriptor?? [ 963.931758][ T9] uvcvideo 1-1:0.64: probe with driver uvcvideo failed with error -22 [ 964.357049][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 964.830093][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 965.500828][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 966.644700][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 966.654101][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 966.720366][ T869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 966.835325][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 966.862323][ T6009] usb 1-1: USB disconnect, device number 43 [ 968.058116][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 968.158044][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 969.145605][T12136] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 969.146815][T12136] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 969.914639][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 969.916833][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 970.205552][T12138] sg_write: data in/out 217088/136 bytes for SCSI command 0x0-- guessing data in; [ 970.205552][T12138] program syz.4.1788 not setting count and/or reply_len properly [ 970.524417][T12147] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1790'. [ 970.573727][T12147] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1790'. [ 971.967220][ T6009] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 972.141645][ T6009] usb 5-1: Using ep0 maxpacket: 8 [ 972.183986][ T6009] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 972.192915][ T6009] usb 5-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.40 [ 972.192945][ T6009] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 972.192964][ T6009] usb 5-1: Product: syz [ 972.192977][ T6009] usb 5-1: Manufacturer: syz [ 972.192990][ T6009] usb 5-1: SerialNumber: syz [ 972.507518][ C1] net_ratelimit: 3 callbacks suppressed [ 972.507540][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 972.512744][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 972.677168][ T6009] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input20 [ 974.275002][ T162] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 974.283754][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 974.309133][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 974.710010][ T4952] bcm5974 5-1:1.0: could not read from device [ 974.789928][ T4952] bcm5974 5-1:1.0: could not read from device [ 975.360620][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 975.899377][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 975.960009][ T4952] bcm5974 5-1:1.0: could not read from device [ 976.176114][ T4952] bcm5974 5-1:1.0: could not read from device [ 976.177729][ T6009] usb 5-1: USB disconnect, device number 32 [ 976.427219][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 976.908662][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 977.307241][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 977.563459][ T36] kauditd_printk_skb: 55 callbacks suppressed [ 977.563478][ T36] audit: type=1326 audit(1780572512.368:2799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.563576][ T36] audit: type=1326 audit(1780572512.368:2800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.566529][ T36] audit: type=1326 audit(1780572512.368:2801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.566589][ T36] audit: type=1326 audit(1780572512.368:2802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.605470][ T36] audit: type=1326 audit(1780572512.408:2803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.605518][ T36] audit: type=1326 audit(1780572512.408:2804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.605556][ T36] audit: type=1326 audit(1780572512.408:2805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.605593][ T36] audit: type=1326 audit(1780572512.408:2806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.605632][ T36] audit: type=1326 audit(1780572512.408:2807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.605669][ T36] audit: type=1326 audit(1780572512.408:2808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12180 comm="syz.2.1795" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f444297ce59 code=0x7ffc0000 [ 977.968643][ T6009] net_ratelimit: 1 callbacks suppressed [ 977.968662][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 978.091351][T12185] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1802'. [ 978.314167][T12196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1803'. [ 978.342535][T12196] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1803'. [ 978.743953][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 979.787970][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 979.974674][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 980.347413][ T869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 981.395975][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 981.418558][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 982.437866][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 982.449774][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 982.660676][T12220] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 983.467422][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 983.796222][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 985.445463][ T1372] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 985.667780][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 985.670028][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 985.906895][ T36] kauditd_printk_skb: 36 callbacks suppressed [ 985.906913][ T36] audit: type=1326 audit(1780572520.708:2845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946115][ T36] audit: type=1326 audit(1780572520.708:2846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946172][ T36] audit: type=1326 audit(1780572520.718:2847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946211][ T36] audit: type=1326 audit(1780572520.718:2848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946249][ T36] audit: type=1326 audit(1780572520.718:2849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946284][ T36] audit: type=1326 audit(1780572520.718:2850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946321][ T36] audit: type=1326 audit(1780572520.718:2851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946360][ T36] audit: type=1326 audit(1780572520.718:2852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946396][ T36] audit: type=1326 audit(1780572520.718:2853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 985.946432][ T36] audit: type=1326 audit(1780572520.718:2854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12229 comm="syz.1.1814" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f4e0b0bce59 code=0x7ffc0000 [ 986.347188][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 987.201619][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 987.327255][T11410] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 987.417582][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 987.627180][T11410] usb 1-1: Using ep0 maxpacket: 8 [ 987.656827][T11410] usb 1-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 987.656870][T11410] usb 1-1: config 0 interface 0 has no altsetting 0 [ 987.656903][T11410] usb 1-1: New USB device found, idVendor=1b1c, idProduct=0a55, bcdDevice= 0.00 [ 987.656925][T11410] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 987.701921][T11410] usb 1-1: config 0 descriptor?? [ 988.747430][ T869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 989.228511][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 989.232065][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 989.257201][ T5741] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 989.548435][T11410] usbhid 1-1:0.0: can't add hid device: -71 [ 989.548554][T11410] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 989.576835][T11410] usb 1-1: USB disconnect, device number 44 [ 989.587809][ T5741] usb 5-1: Using ep0 maxpacket: 8 [ 989.597799][ T5741] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 989.597850][ T5741] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 989.597872][ T5741] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 989.606029][ T5741] usb 5-1: config 0 descriptor?? [ 989.825348][ T5741] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 990.638452][T12255] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 990.766399][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 990.828032][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 991.160933][T12260] sg_write: data in/out 133085482/40 bytes for SCSI command 0xe8-- guessing data in; [ 991.160933][T12260] program syz.4.1819 not setting count and/or reply_len properly [ 991.217361][ T5590] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 991.374751][ T5590] usb 4-1: config 220 has an invalid interface number: 76 but max is 2 [ 991.374770][ T5590] usb 4-1: config 220 has an invalid descriptor of length 255, skipping remainder of the config [ 991.374781][ T5590] usb 4-1: config 220 has no interface number 2 [ 991.374887][ T5590] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 991.374903][ T5590] usb 4-1: config 220 interface 0 has no altsetting 0 [ 991.374912][ T5590] usb 4-1: config 220 interface 76 has no altsetting 0 [ 991.374921][ T5590] usb 4-1: config 220 interface 1 has no altsetting 0 [ 991.380140][ T5590] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 991.380168][ T5590] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 991.380246][ T5590] usb 4-1: Product: syz [ 991.380260][ T5590] usb 4-1: Manufacturer: syz [ 991.380273][ T5590] usb 4-1: SerialNumber: syz [ 991.619093][T12255] IPVS: set_ctl: invalid protocol: 50 127.0.0.1:65535 [ 991.787609][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 991.871103][ T5741] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 991.871957][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 992.097992][ T5590] usb 4-1: selecting invalid altsetting 0 [ 992.120904][ T5590] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 992.120995][ T5590] uvcvideo 4-1:220.0: No valid video chain found. [ 992.198923][T12272] FAULT_INJECTION: forcing a failure. [ 992.198923][T12272] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 992.199033][T12272] CPU: 1 UID: 0 PID: 12272 Comm: syz.2.1827 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 992.199055][T12272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 992.199066][T12272] Call Trace: [ 992.199074][T12272] [ 992.199084][T12272] dump_stack_lvl+0xe8/0x150 [ 992.199112][T12272] should_fail_ex+0x46b/0x600 [ 992.199147][T12272] _copy_from_user+0x2d/0xb0 [ 992.199164][T12272] kstrtouint_from_user+0xd6/0x180 [ 992.199189][T12272] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 992.199223][T12272] proc_fail_nth_write+0x8e/0x210 [ 992.199242][T12272] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 992.199267][T12272] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 992.199288][T12272] vfs_write+0x2a3/0xba0 [ 992.199319][T12272] ? __pfx_vfs_write+0x10/0x10 [ 992.199342][T12272] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 992.199369][T12272] ? lockdep_hardirqs_on+0x7a/0x110 [ 992.199394][T12272] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 992.199419][T12272] ? mutex_lock_nested+0x152/0x1d0 [ 992.199439][T12272] ? fdget_pos+0x252/0x320 [ 992.199466][T12272] ksys_write+0x156/0x270 [ 992.199488][T12272] ? __pfx_ksys_write+0x10/0x10 [ 992.199518][T12272] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 992.199538][T12272] do_syscall_64+0x174/0x580 [ 992.199564][T12272] ? clear_bhb_loop+0x40/0x90 [ 992.199587][T12272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 992.199604][T12272] RIP: 0033:0x7f444293d68e [ 992.199623][T12272] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 992.199639][T12272] RSP: 002b:00007f4440bb4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 992.199665][T12272] RAX: ffffffffffffffda RBX: 00007f4440bb56c0 RCX: 00007f444293d68e [ 992.199678][T12272] RDX: 0000000000000001 RSI: 00007f4440bb50a0 RDI: 0000000000000004 [ 992.199690][T12272] RBP: 00007f4440bb5090 R08: 0000000000000000 R09: 0000000000000000 [ 992.199701][T12272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 992.199713][T12272] R13: 00007f4442bf6128 R14: 00007f4442bf6090 R15: 00007ffd8ce72328 [ 992.199751][T12272] [ 992.220569][ T5590] usb 4-1: selecting invalid altsetting 0 [ 992.220609][ T5590] usbtest 4-1:220.1: probe with driver usbtest failed with error -22 [ 992.253989][ T5590] usb 4-1: USB disconnect, device number 35 [ 992.775400][ T5741] usb 5-1: USB disconnect, device number 33 [ 992.830936][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 993.199415][T12282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1831'. [ 993.629177][ T1337] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.933079][T12295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1833'. [ 994.626490][ C1] net_ratelimit: 1 callbacks suppressed [ 994.626511][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 994.654017][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 995.701556][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 995.704386][ T869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 995.737279][ T6009] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 995.760292][ T5590] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 996.340454][T12304] FAULT_INJECTION: forcing a failure. [ 996.340454][T12304] name failslab, interval 1, probability 0, space 0, times 0 [ 996.340515][T12304] CPU: 0 UID: 0 PID: 12304 Comm: syz.0.1836 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 996.340539][T12304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 996.340550][T12304] Call Trace: [ 996.340559][T12304] [ 996.340567][T12304] dump_stack_lvl+0xe8/0x150 [ 996.340658][T12304] should_fail_ex+0x46b/0x600 [ 996.340692][T12304] should_failslab+0xa8/0x100 [ 996.340708][T12304] __kmalloc_node_noprof+0xe7/0x7f0 [ 996.340721][T12304] ? crypto_create_tfm_node+0x83/0x3f0 [ 996.340739][T12304] crypto_create_tfm_node+0x83/0x3f0 [ 996.340754][T12304] crypto_alloc_tfm_node+0x172/0x3f0 [ 996.340777][T12304] kdf_alloc+0x21/0x100 [ 996.340793][T12304] __keyctl_dh_compute+0x4f9/0xd10 [ 996.340808][T12304] ? __pfx___schedule+0x10/0x10 [ 996.340827][T12304] ? __pfx___keyctl_dh_compute+0x10/0x10 [ 996.340845][T12304] ? lockdep_hardirqs_on+0x7a/0x110 [ 996.340861][T12304] ? irqentry_exit+0x218/0x8b0 [ 996.340882][T12304] ? _copy_from_user+0x8a/0xb0 [ 996.340893][T12304] ? __sanitizer_cov_trace_const_cmp8+0x10/0xa0 [ 996.340908][T12304] keyctl_dh_compute+0x124/0x180 [ 996.340931][T12304] ? __pfx_keyctl_dh_compute+0x10/0x10 [ 996.340947][T12304] ? __se_sys_keyctl+0x435/0x9e0 [ 996.340961][T12304] __se_sys_keyctl+0x44c/0x9e0 [ 996.340972][T12304] ? __pfx___se_sys_keyctl+0x10/0x10 [ 996.340988][T12304] ? irqentry_exit+0x218/0x8b0 [ 996.341002][T12304] ? lockdep_hardirqs_on+0x7a/0x110 [ 996.341016][T12304] ? irqentry_exit+0x218/0x8b0 [ 996.341028][T12304] ? trace_irq_disable+0x3b/0x140 [ 996.341044][T12304] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 996.341064][T12304] ? __x64_sys_keyctl+0x20/0xc0 [ 996.341074][T12304] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 996.341092][T12304] do_syscall_64+0x174/0x580 [ 996.341109][T12304] ? clear_bhb_loop+0x40/0x90 [ 996.341121][T12304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 996.341133][T12304] RIP: 0033:0x7ffbc6dcce59 [ 996.341147][T12304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 996.341156][T12304] RSP: 002b:00007ffbc4ffd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 996.341170][T12304] RAX: ffffffffffffffda RBX: 00007ffbc7046090 RCX: 00007ffbc6dcce59 [ 996.341178][T12304] RDX: 0000000000000000 RSI: 0000200000000800 RDI: 0000000000000017 [ 996.341185][T12304] RBP: 00007ffbc4ffd090 R08: 0000200000000280 R09: 0000000000000000 [ 996.341192][T12304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 996.341198][T12304] R13: 00007ffbc7046128 R14: 00007ffbc7046090 R15: 00007ffd2d8d5538 [ 996.341214][T12304] [ 996.341266][T12304] could not allocate digest TFM handle sha384 [ 997.204185][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 997.205452][T11410] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 997.287655][ T5590] usb 4-1: Using ep0 maxpacket: 32 [ 997.288682][ T5590] usb 4-1: device descriptor read/all, error -71 [ 997.947603][ T5609] Bluetooth: hci3: unexpected event 0x2f length: 1017 > 260 [ 998.149755][T12309] batadv0: mtu less than device minimum [ 998.165238][T12309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 998.172425][T12309] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 999.193241][ T869] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 999.349846][ T869] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 999.349874][ T869] usb 2-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3 [ 999.349891][ T869] usb 2-1: Product: syz [ 999.349902][ T869] usb 2-1: Manufacturer: syz [ 999.349913][ T869] usb 2-1: SerialNumber: syz [ 999.356511][ T869] usb 2-1: config 0 descriptor?? [ 999.412570][ T869] ch341 2-1:0.0: ch341-uart converter detected [ 999.654504][ T869] usb 2-1: failed to receive control message: -121 [ 999.654562][ T869] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -121 [ 1000.347577][ C1] net_ratelimit: 22 callbacks suppressed [ 1000.347597][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1000.348490][ T8819] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1000.923062][T12358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1847'. [ 1001.614188][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1001.615668][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1001.875896][ T869] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1002.193491][ T5741] usb 2-1: USB disconnect, device number 50 [ 1002.214775][ T5741] ch341 2-1:0.0: device disconnected [ 1002.667800][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1002.668952][ T5590] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1002.940201][ T5741] ================================================================== [ 1002.940218][ T5741] BUG: KASAN: vmalloc-out-of-bounds in __list_add_valid_or_report+0x4e/0x130 [ 1002.940257][ T5741] Read of size 8 at addr ffffc9000e341008 by task kworker/0:6/5741 [ 1002.940274][ T5741] [ 1002.940284][ T5741] CPU: 0 UID: 0 PID: 5741 Comm: kworker/0:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 1002.940305][ T5741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1002.940319][ T5741] Workqueue: usb_hub_wq hub_event [ 1002.940346][ T5741] Call Trace: [ 1002.940353][ T5741] [ 1002.940364][ T5741] dump_stack_lvl+0xe8/0x150 [ 1002.940386][ T5741] print_address_description+0x55/0x1e0 [ 1002.940406][ T5741] ? __list_add_valid_or_report+0x4e/0x130 [ 1002.940427][ T5741] print_report+0x58/0x70 [ 1002.940445][ T5741] kasan_report+0x117/0x150 [ 1002.940468][ T5741] ? __list_add_valid_or_report+0x4e/0x130 [ 1002.940494][ T5741] __list_add_valid_or_report+0x4e/0x130 [ 1002.940518][ T5741] kcov_remote_stop+0x457/0x680 [ 1002.940539][ T5741] hub_event+0x49d8/0x4f60 [ 1002.940562][ T5741] ? __lock_acquire+0x6b5/0x2cf0 [ 1002.940593][ T5741] ? __pfx_hub_event+0x10/0x10 [ 1002.940612][ T5741] ? process_scheduled_works+0xa70/0x1860 [ 1002.940634][ T5741] ? process_scheduled_works+0xa70/0x1860 [ 1002.940652][ T5741] ? process_scheduled_works+0xa70/0x1860 [ 1002.940670][ T5741] process_scheduled_works+0xb5d/0x1860 [ 1002.940706][ T5741] ? __pfx_process_scheduled_works+0x10/0x10 [ 1002.940727][ T5741] ? assign_work+0x3d5/0x5e0 [ 1002.940747][ T5741] worker_thread+0xa53/0xfc0 [ 1002.940778][ T5741] kthread+0x388/0x470 [ 1002.940807][ T5741] ? __pfx_worker_thread+0x10/0x10 [ 1002.940825][ T5741] ? __pfx_kthread+0x10/0x10 [ 1002.940847][ T5741] ret_from_fork+0x514/0xb70 [ 1002.940868][ T5741] ? __pfx_ret_from_fork+0x10/0x10 [ 1002.940886][ T5741] ? __switch_to+0xc79/0x1410 [ 1002.940966][ T5741] ? __pfx_kthread+0x10/0x10 [ 1002.940991][ T5741] ret_from_fork_asm+0x1a/0x30 [ 1002.941019][ T5741] [ 1002.941026][ T5741] [ 1002.941031][ T5741] The buggy address belongs to a vmalloc virtual mapping [ 1002.941050][ T5741] Memory state around the buggy address: [ 1002.941061][ T5741] ffffc9000e340f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1002.941072][ T5741] ffffc9000e340f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1002.941085][ T5741] >ffffc9000e341000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1002.941094][ T5741] ^ [ 1002.941104][ T5741] ffffc9000e341080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1002.941115][ T5741] ffffc9000e341100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1002.941124][ T5741] ================================================================== [ 1002.941149][ T5741] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1002.941163][ T5741] CPU: 0 UID: 0 PID: 5741 Comm: kworker/0:6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 1002.941184][ T5741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1002.941196][ T5741] Workqueue: usb_hub_wq hub_event [ 1002.941219][ T5741] Call Trace: [ 1002.941227][ T5741] [ 1002.941234][ T5741] vpanic+0x56c/0xa60 [ 1002.941258][ T5741] ? __pfx_vpanic+0x10/0x10 [ 1002.941282][ T5741] panic+0xc5/0xd0 [ 1002.941302][ T5741] ? __pfx_panic+0x10/0x10 [ 1002.941322][ T5741] ? __list_add_valid_or_report+0x4e/0x130 [ 1002.941344][ T5741] ? rcu_is_watching+0x15/0xb0 [ 1002.941372][ T5741] ? __list_add_valid_or_report+0x4e/0x130 [ 1002.941393][ T5741] check_panic_on_warn+0x89/0xb0 [ 1002.941417][ T5741] ? __list_add_valid_or_report+0x4e/0x130 [ 1002.941438][ T5741] end_report+0x73/0x170 [ 1002.941459][ T5741] ? __list_add_valid_or_report+0x4e/0x130 [ 1002.941479][ T5741] kasan_report+0x128/0x150 [ 1002.941500][ T5741] ? __list_add_valid_or_report+0x4e/0x130 [ 1002.941526][ T5741] __list_add_valid_or_report+0x4e/0x130 [ 1002.941549][ T5741] kcov_remote_stop+0x457/0x680 [ 1002.941572][ T5741] hub_event+0x49d8/0x4f60 [ 1002.941600][ T5741] ? __lock_acquire+0x6b5/0x2cf0 [ 1002.941638][ T5741] ? __pfx_hub_event+0x10/0x10 [ 1002.941662][ T5741] ? process_scheduled_works+0xa70/0x1860 [ 1002.941684][ T5741] ? process_scheduled_works+0xa70/0x1860 [ 1002.941702][ T5741] ? process_scheduled_works+0xa70/0x1860 [ 1002.941721][ T5741] process_scheduled_works+0xb5d/0x1860 [ 1002.941753][ T5741] ? __pfx_process_scheduled_works+0x10/0x10 [ 1002.941775][ T5741] ? assign_work+0x3d5/0x5e0 [ 1002.941802][ T5741] worker_thread+0xa53/0xfc0 [ 1002.941832][ T5741] kthread+0x388/0x470 [ 1002.941855][ T5741] ? __pfx_worker_thread+0x10/0x10 [ 1002.941873][ T5741] ? __pfx_kthread+0x10/0x10 [ 1002.941895][ T5741] ret_from_fork+0x514/0xb70 [ 1002.941915][ T5741] ? __pfx_ret_from_fork+0x10/0x10 [ 1002.941934][ T5741] ? __switch_to+0xc79/0x1410 [ 1002.941959][ T5741] ? __pfx_kthread+0x10/0x10 [ 1002.941982][ T5741] ret_from_fork_asm+0x1a/0x30 [ 1002.942009][ T5741] [ 1002.942983][ T5741] Kernel Offset: disabled