last executing test programs: 18.792846483s ago: executing program 4 (id=3044): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x100000, 0x2c, 0x2c, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x3, [{0x11}]}, @restrict, @enum]}}, 0x0, 0x46}, 0x20) 18.588732653s ago: executing program 4 (id=3046): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001300)=ANY=[@ANYRESHEX=r0], 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000005680)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/207, 0xcf}, {&(0x7f00000022c0)=""/220, 0xdc}], 0x3}}], 0x1, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4c841) prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x88b2e4527aff7b7a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) keyctl$clear(0x11, 0xfffffffffffffffd) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r3, &(0x7f0000000140), 0x9) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmsg$inet(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x2, 0x4e60, @empty}, 0x10, &(0x7f0000000280)=[{&(0x7f00000013c0)="ed4e82bdc49c286a117240da75126c6c124490d6e1b548078f21c2fc11144213deecccecf4af153de115e85606196635cc86e4ff71d9588a9cb2aba8fd4b07268cf929808a43aaa7e4b4439293388610fd928d0798bacc3f33eef8267a31465b37f8c5c16d2bb31a7c8bed8dd50596c299dbc4a80c70d3f13ce3cca7301a10769248fa9347cae6ab712db36abae3dece3acffbb18053b17615661d55ad0fcd4799b9f8b390dd43465bf7840fa33567cd5a94db399d6d6d2c942aecc2714b60634c03e6e02b8f8af3d42e5b512cf4e3d0702ea992d18d7457947ebb5a8759f8f6bb85d08fbf02dc9a6b30cb0b6de118b8ffdff41db05d54e8d56c301df18e88080d8e46e9c95a83fabc29e53f09392a731338d6e901ff5447e1e618f92d824bbe38aa972c2c938b63d990c44c6447a09c26aee6b3d37e0bf5a18d25ef95649ecf816f08c74b58affe2b77ce27e8642f08374713aa7d", 0x155}, {&(0x7f00000007c0)="b80d8b0089b7cb61da8d5df472181a26b15679ac7f8c78272d864af732b8b28aa0e1a48cbdf44ccb0e4f2112c22ee96f25a9b1119789158355ab025feb9a844f50cd0c85f365ceda583622fc9f84927e238c2c5fab979ce0e9ecfcb11b749e7ebd7d22afb9611270a35da1ea5c669a26a0f70a238ac146a1fe973c084b5dbcf56506997a21a2072f27a03e323520f7b6391eacf105f808ec8557bcc1e5c52e6a6fcf9c072a5527a9f8c7ef28713c6cebccafc270de073f7504c11aea2450", 0xbe}, {&(0x7f0000000600)="7eaf5fb1b36ff33d10c45c93c9ff37ab09bd57dbcc850d56553b3d4acb92e6fb2178dc510264eb4a5608f3f608735ca6d50347c7f2592d2cfc9aec9f5b2ecb156782d6ddb2a0db5c98ef2da4686ce20b30b791a26685e46ef1688c2b38f01eddf912f20a6710605379d66ccb9f54c8a76c038c43cea0067e52c9ed4cbfff8385a6ac2d858aa9effdf04051c7ee95687af2c67c80b626a85e0fb1d88170e92b3df62001a529aea5b6817906b83604d869aacca56c7eac589695cfe1c4d1780693b33c9bf96c778ea88dc338bcfe71fe0944f3666716521d6c09b627884a395deb06a490f077d2617722096769e31036", 0xef}], 0x3}, 0x44040) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000001340)={0x4, &(0x7f0000001380)=[{0x50, 0x4, 0x0, 0x3}, {0xb1, 0x3, 0x0, 0xbffff038}, {0x6, 0x48, 0x80, 0xffffff81}, {0x5, 0x0, 0x42, 0x1}]}, 0x10) sendmsg$inet(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)="9d", 0x1}], 0x1}, 0x0) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) ioctl$KDSIGACCEPT(r3, 0x4b4e, 0x11) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="189700000000009eb044c4d4240ff0cd3aaaedaed300000000000000000018ea0017202070251a33a5e8bf92000200000701f87d9f00f82e9f913b2ff2c6aa01d42a0e37"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000003}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41100, 0x74, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket$nl_route(0x10, 0x3, 0x0) open_tree(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x9001) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newtclass={0x34, 0x28, 0x200, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0xffff, 0x5e5b76d0e797bfcc}, {0xf, 0x8}, {0x3, 0xf}}, [@TCA_RATE={0x6, 0x5, {0x10, 0x9}}, @TCA_RATE={0x6, 0x5, {0x3, 0xc}}]}, 0x34}}, 0x0) 17.512777676s ago: executing program 4 (id=3051): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000140)='./control\x00', 0x0) mount$afs(0x0, &(0x7f00000000c0)='./control\x00', &(0x7f0000000100), 0x0, &(0x7f0000000180)={[{@dyn}]}) mount$afs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={[{@dyn}]}) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000229000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x10}, @NFTA_META_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}]}], {0x14}}, 0x7c}}, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) chroot(&(0x7f0000000000)='./file0\x00') chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00') umount2(&(0x7f0000000240)='./file0/../file0/../file0\x00', 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4) syz_open_dev$loop(&(0x7f0000000040), 0x7, 0x400c0) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x1d, 0x0, 0x0, 0x8}]}, 0x10) 17.373372826s ago: executing program 4 (id=3053): clock_gettime(0x0, &(0x7f0000004000)={0x0, 0x0}) setitimer(0x0, &(0x7f0000004040)={{0x0, r0/1000+10000}, {0x77359400}}, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000200), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000240)={0x1, @win={{0x7ff}, 0x0, 0x0, 0x0, 0x0, 0x0}}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r2, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000080)={0x0, @pix_mp}) setitimer(0x0, 0x0, &(0x7f0000004100)) 15.780470186s ago: executing program 4 (id=3059): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) r3 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=@ipv6_newnexthop={0x38, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_ENCAP={0x10, 0x8, 0x0, 0x1, @LWT_BPF_XMIT={0xc, 0x3, 0x0, 0x1, @LWT_BPF_PROG_FD={0x8}}}, @NHA_OIF={0x8, 0x5, r4}]}, 0x38}}, 0x0) r5 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r5, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r6 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_DEST_DROPPABLE(r6, 0x10f, 0x81, &(0x7f0000000040)=0x4, 0x4) sendmsg$tipc(r6, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0) close(r5) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000100)='net/netstat\x00') r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x3c, r9, 0x1, 0x0, 0x0, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x3c}}, 0x0) read$FUSE(r7, &(0x7f0000001880)={0x2020}, 0x2020) 6.291240037s ago: executing program 1 (id=3090): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) write$sndseq(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000600)={&(0x7f00000002c0)={0x14, 0x0, 0x204, 0x0, 0x25dfdbfd, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB="02c8000af905000100011302000000d9702fcbe1f5f90034236f538b4f6df0ac1192514fe223364ef04a5071d2787b5d34bdabcaea06981787834772912835507571560092fa"], 0xf) mount$fuse(0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000100000,use']) newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./file0\x00', 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) writev(0xffffffffffffffff, &(0x7f0000001340)=[{&(0x7f0000000a40)='e', 0x1}], 0x1) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r3}, 0x38) 5.071913869s ago: executing program 1 (id=3093): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000000380)={0x2020}, 0x2020) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) sendfile(r1, r0, &(0x7f0000000000)=0x9, 0x2) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r3) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x3c, r4, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}]}, 0x3c}}, 0x0) r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc}, 0x48) close(r6) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r7, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) getdents(r5, &(0x7f0000000140)=""/140, 0x8c) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r8, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}}, 0x0) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, r10, 0x7d243a6ea807936d, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x3}]}, 0x1c}}, 0x0) 4.896859957s ago: executing program 1 (id=3094): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) write$binfmt_aout(r1, &(0x7f00000010c0)=ANY=[], 0x1a3) write$binfmt_misc(r1, &(0x7f0000000640)=ANY=[@ANYRESOCT, @ANYRESOCT, @ANYBLOB="dba67995eef3749a787598fe15a543f38e68c9a91927f0c91e8b"], 0xff79) ioctl$LOOP_CONFIGURE(r0, 0x1277, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 4.892985247s ago: executing program 1 (id=3095): socket$kcm(0x10, 0x400000002, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="b1b00917", @ANYRES16=r0, @ANYBLOB="0100000000000000000001000000000000000741000000140018000000007544703a73797a3100000000"], 0x30}}, 0x800) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x6, 0x9, 0xa, 0x1000, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYRES64=0x0], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x4, @none}, 0xe) connect$bt_l2cap(r2, &(0x7f00000004c0)={0x1f, 0x0, @none}, 0xe) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) recvfrom(r3, &(0x7f0000000200)=""/85, 0x55, 0x21, 0x0, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)) fstat(r2, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(0x0, r4) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="07b1c361395d62422f50bb3f00000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00'}, 0x90) r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@any, 0x2}) prlimit64(0x0, 0xe, &(0x7f0000000340)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2000008) r6 = getpid() sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0) 4.835476268s ago: executing program 2 (id=3096): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001300)=ANY=[@ANYRESHEX=r0], 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000005680)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/207, 0xcf}, {&(0x7f00000022c0)=""/220, 0xdc}], 0x3}}], 0x1, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4c841) prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x88b2e4527aff7b7a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) keyctl$clear(0x11, 0xfffffffffffffffd) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r3, &(0x7f0000000140), 0x9) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmsg$inet(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x2, 0x4e60, @empty}, 0x10, &(0x7f0000000280)=[{&(0x7f00000013c0)="ed4e82bdc49c286a117240da75126c6c124490d6e1b548078f21c2fc11144213deecccecf4af153de115e85606196635cc86e4ff71d9588a9cb2aba8fd4b07268cf929808a43aaa7e4b4439293388610fd928d0798bacc3f33eef8267a31465b37f8c5c16d2bb31a7c8bed8dd50596c299dbc4a80c70d3f13ce3cca7301a10769248fa9347cae6ab712db36abae3dece3acffbb18053b17615661d55ad0fcd4799b9f8b390dd43465bf7840fa33567cd5a94db399d6d6d2c942aecc2714b60634c03e6e02b8f8af3d42e5b512cf4e3d0702ea992d18d7457947ebb5a8759f8f6bb85d08fbf02dc9a6b30cb0b6de118b8ffdff41db05d54e8d56c301df18e88080d8e46e9c95a83fabc29e53f09392a731338d6e901ff5447e1e618f92d824bbe38aa972c2c938b63d990c44c6447a09c26aee6b3d37e0bf5a18d25ef95649ecf816f08c74b58affe2b77ce27e8642f08374713aa7d", 0x155}, {&(0x7f00000007c0)="b80d8b0089b7cb61da8d5df472181a26b15679ac7f8c78272d864af732b8b28aa0e1a48cbdf44ccb0e4f2112c22ee96f25a9b1119789158355ab025feb9a844f50cd0c85f365ceda583622fc9f84927e238c2c5fab979ce0e9ecfcb11b749e7ebd7d22afb9611270a35da1ea5c669a26a0f70a238ac146a1fe973c084b5dbcf56506997a21a2072f27a03e323520f7b6391eacf105f808ec8557bcc1e5c52e6a6fcf9c072a5527a9f8c7ef28713c6cebccafc270de073f7504c11aea2450", 0xbe}, {&(0x7f0000000600)="7eaf5fb1b36ff33d10c45c93c9ff37ab09bd57dbcc850d56553b3d4acb92e6fb2178dc510264eb4a5608f3f608735ca6d50347c7f2592d2cfc9aec9f5b2ecb156782d6ddb2a0db5c98ef2da4686ce20b30b791a26685e46ef1688c2b38f01eddf912f20a6710605379d66ccb9f54c8a76c038c43cea0067e52c9ed4cbfff8385a6ac2d858aa9effdf04051c7ee95687af2c67c80b626a85e0fb1d88170e92b3df62001a529aea5b6817906b83604d869aacca56c7eac589695cfe1c4d1780693b33c9bf96c778ea88dc338bcfe71fe0944f3666716521d6c09b627884a395deb06a490f077d2617722096769e31036", 0xef}], 0x3}, 0x44040) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000001340)={0x4, &(0x7f0000001380)=[{0x50, 0x4, 0x0, 0x3}, {0xb1, 0x3, 0x0, 0xbffff038}, {0x6, 0x48, 0x80, 0xffffff81}, {0x5, 0x0, 0x42, 0x1}]}, 0x10) sendmsg$inet(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)="9d", 0x1}], 0x1}, 0x0) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) ioctl$KDSIGACCEPT(r3, 0x4b4e, 0x11) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="189700000000009eb044c4d4240ff0cd3aaaedaed300000000000000000018ea0017202070251a33a5e8bf92000200000701f87d9f00f82e9f913b2ff2c6aa01d42a0e37"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000003}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41100, 0x74, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = open$dir(&(0x7f0000000780)='./file0\x00', 0x44200, 0x54) open_tree(r5, &(0x7f0000000180)='./file0\x00', 0x9001) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newtclass={0x34, 0x28, 0x200, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0xffff, 0x5e5b76d0e797bfcc}, {0xf, 0x8}, {0x3, 0xf}}, [@TCA_RATE={0x6, 0x5, {0x10, 0x9}}, @TCA_RATE={0x6, 0x5, {0x3, 0xc}}]}, 0x34}}, 0x0) 4.049793385s ago: executing program 0 (id=3098): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee1, &(0x7f0000000100)={0x0, 0x1, 0x2, &(0x7f00000000c0)=0x2000000}) 3.89494507s ago: executing program 1 (id=3100): syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)) r3 = syz_open_dev$ttys(0xc, 0x2, 0x1) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = fcntl$dupfd(r3, 0x0, r4) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSTI(r5, 0x400448c9, &(0x7f0000000000)) 3.894310416s ago: executing program 2 (id=3101): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='maps\x00') read$FUSE(r0, &(0x7f0000005940)={0x2020}, 0x2020) preadv(r0, &(0x7f00000038c0)=[{&(0x7f0000000040)=""/95, 0x5f}], 0x1, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x13, r1, 0x0) read$FUSE(r0, &(0x7f0000003900)={0x2020}, 0x2020) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000040)) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) madvise(&(0x7f00007e5000/0x1000)=nil, 0x1000, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000080)=0xb0000) fanotify_init(0x200, 0x0) r4 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0) r5 = dup(r4) r6 = memfd_create(&(0x7f0000000000)='\x107', 0x0) write$binfmt_elf32(r6, &(0x7f0000000040)=ANY=[], 0x58) r7 = add_key(&(0x7f00000007c0)='big_key\x00', &(0x7f0000000800)={'syz', 0x1}, &(0x7f0000000840)="d5", 0x1, 0xfffffffffffffffd) keyctl$update(0x2, r7, &(0x7f0000000000), 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f00000004c0)={{{@in=@broadcast, @in6=@local}}, {{@in=@broadcast}, 0x0, @in6=@loopback}}, &(0x7f0000000300)=0xe8) r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r8, 0x80045530, &(0x7f0000000040)) ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@my=0x0}) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0) ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r3, 0x7a6, &(0x7f0000000040)) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15) 3.707948222s ago: executing program 0 (id=3103): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000000380)={0x2020}, 0x2020) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) sendfile(r1, r0, &(0x7f0000000000)=0x9, 0x2) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), r3) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x3c, r4, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}]}, 0x3c}}, 0x0) r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xc}, 0x48) close(r6) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r7, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) getdents(r5, &(0x7f0000000140)=""/140, 0x8c) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r8, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}}, 0x0) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, r10, 0x7d243a6ea807936d, 0x0, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x3}]}, 0x1c}}, 0x0) 3.081935396s ago: executing program 0 (id=3104): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) shmget(0x0, 0xa000, 0x2, &(0x7f0000ff3000/0xa000)=nil) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000340)}, 0x20) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="4000000010001fff"], 0x40}}, 0x0) ioctl$USBDEVFS_CLEAR_HALT(r2, 0xc0105502, &(0x7f0000000340)={0x1, 0x1}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r6 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x4, r7}, 0x14) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85823d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2ba9c29faa38c409d32b6b7d6cf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e933119c5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fa62fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120bed64069dcf82d3e5e0361e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a1000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e824d86869ec4ab392b0a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a412a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0daca8d4c1090000000000000084d8223edbccbf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000004f9e02a3b51a97c4b1c1b411cc6bee2a56f29c55a6aac46a0cfc318fae02922a403431d4e5a4396cad2c8dd34037bc041a2ba1505ba2c4889122ca04e85881aad5f8bfc12e6741872aad21bf5301cd4c607ef50a991c410f7c60e45b5c193f813a36d841165b91b5e170f6ba24558df57145eb8142a6ed87c6d5cbae3e52d569996604669a6e9ca1a3689c795970b4bcd00881faff52a6766fafa07ed7d4a49f47d34fd76a394adcb33a270b6a14e74bca7c2ea92dd845d3f774fde1bbea911c1ea76d52f7912e2597e6a33380647ed44956730b5b84662b8e659124379c0d86b1d28fdfa3cd2013103e3048c4ad4f5a4dcd133b2fc8fae3b51e4433cee7c08e67c7d7ed4432045e10f8718e5c163b1704fa2c707b61a1a9f63edfceff1a0cd7baf4a15b2fd607a09d398d73243bdcc664fbd5f582e48af2a18b02f0184a7bdd95ac78241e6749e74b152702333c56588375f806f10578eaae329c4f8dfb83e5524e2c9aa59ce7828bd1f146b2a4150fb2a8ced08e2ffac81e921e8a6f0071361a0acdbd125fb5f5e9ffe98e38508582a496afd30ca460dbfca77915a18b7b9ef6c1d6e13bc12fe43063cfecfafb05bf2339ad61533fbf3e410b403182742fa2d40c402cb83c2fef46a36f17c1abf97b0e2d114bd1472ab4207aa060f9e5d91c4a4911b1a1df47b858be141ab3386f26f561df35678489dc1b9f10eee1b2ab3dfdaedd7e06ff8a127f1743fcb32d7f80d40aebc1ea72edc348f5f9ba4bace97db948c24c679c74cd4336a7233d836082bb0e8b013bd1ee3612cd43cd2a3cb83754bb3408"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0xfffffedf, 0x10, &(0x7f0000000040), 0xffffff95, 0x0, 0xffffffffffffffff, 0xd}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r8, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000700)={r9}, 0x4) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x8, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000500)='syzkaller\x00'}, 0x80) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000f80)={@ifindex, 0xa, 0x1, 0x6, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0x0, &(0x7f0000000580)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000a80)=[0x0, 0x0], &(0x7f0000000c00)=[0x0, 0x0], 0x0}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000fc0)={@cgroup, 0xffffffffffffffff, 0xd, 0x8, 0x0, @prog_fd, r11}, 0x20) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r10, 0xffffffffffffffff, 0x0, 0x26, @val=@tcx={@prog_fd=r10, r11}}, 0x40) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@ifindex=r7, r3, 0x4, 0x28, r4, @prog_id=r9, r11}, 0x20) close_range(r5, 0xffffffffffffffff, 0x0) 2.896766659s ago: executing program 1 (id=3105): syz_emit_ethernet(0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x301000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x7}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = accept$unix(0xffffffffffffffff, &(0x7f0000000000), 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r7 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYRESOCT=r6], 0x0) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r8 = dup(r2) socket$nl_route(0x10, 0x3, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x103) r9 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x848800, &(0x7f0000000380)=ANY=[@ANYBLOB="66643d35d5d7f8fdaa56b5fc215e92737ea52867c085a0754b36beb68cd549ebe4b7ef3fe735cbfa2b158768bb4803b6000000000000008a68a74bfe721c93c087ee06891bc59dde7524363af800"/88, @ANYRESOCT=r2, @ANYBLOB="2c726f6f740e6d6f64653d30303030303030303030303030303031303030303005639d7a395f69643d", @ANYRESDEC=r7, @ANYRESHEX=0x0, @ANYRESDEC=r5, @ANYRESOCT]) r10 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000000)) read$FUSE(r8, &(0x7f0000004200)={0x2020}, 0x2020) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) syz_open_procfs(0x0, 0x0) getdents64(0xffffffffffffffff, 0x0, 0x0) pipe(&(0x7f0000000180)) 2.483877027s ago: executing program 2 (id=3106): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edd9ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2e9a20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928b49ea55bb2c80b9ae30e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846899c6b23c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33694f40000000000005d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b95bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e8"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r1, &(0x7f0000000300)=""/200, 0xc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000700)={{0x8, 0x89}, 'port1\x00', 0x1, 0x4, 0xa, 0x4041005, 0xdeb, 0xfffffffb, 0x6, 0x0, 0x1, 0x2}) tkill(r0, 0x7) 2.369136464s ago: executing program 3 (id=3107): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, 0x0, 0x0) 2.18430801s ago: executing program 3 (id=3108): openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_io_uring_setup(0x5169, &(0x7f0000000380)={0x0, 0x966e, 0x10100, 0x3}, &(0x7f0000000100), &(0x7f0000000000)) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102360, 0x18fd8}], 0x1, 0x0, 0xab1) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f00000002c0)=@ethtool_eeprom={0x43, 0x200}}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000100)={'wg1\x00'}) clock_adjtime(0x3, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x10001, 0x1ff, 0x6, 0x7ff, 0x813, 0x0, 0x7, 0xba, 0x5, 0xff, 0x0, 0x7, 0x0, 0x522, 0x2, 0xff, 0x1, 0x8000000003f, 0xffffffff, 0x80000001, 0x0, 0x40}) r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff) syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x0) pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r5 = socket$unix(0x1, 0x5, 0x0) r6 = dup2(r5, r4) close_range(r6, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000180)={'wg2\x00'}) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) getdents(0xffffffffffffffff, &(0x7f0000000240)=""/118, 0x76) socket$pppl2tp(0x18, 0x1, 0x1) r7 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @dev}, 0x2, 0x200000}}, 0x2e) 2.055510783s ago: executing program 2 (id=3109): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x300, 0x8008000000010, &(0x7f0000000180)="16", 0x1) 1.937925142s ago: executing program 2 (id=3110): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001300)=ANY=[@ANYRESHEX=r0], 0x14}}, 0x0) recvmmsg(r0, &(0x7f0000005680)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/207, 0xcf}, {&(0x7f00000022c0)=""/220, 0xdc}], 0x3}}], 0x1, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4c841) prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x88b2e4527aff7b7a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) keyctl$clear(0x11, 0xfffffffffffffffd) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r3, &(0x7f0000000140), 0x9) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) sendmsg$inet(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x2, 0x4e60, @empty}, 0x10, &(0x7f0000000280)=[{&(0x7f00000013c0)="ed4e82bdc49c286a117240da75126c6c124490d6e1b548078f21c2fc11144213deecccecf4af153de115e85606196635cc86e4ff71d9588a9cb2aba8fd4b07268cf929808a43aaa7e4b4439293388610fd928d0798bacc3f33eef8267a31465b37f8c5c16d2bb31a7c8bed8dd50596c299dbc4a80c70d3f13ce3cca7301a10769248fa9347cae6ab712db36abae3dece3acffbb18053b17615661d55ad0fcd4799b9f8b390dd43465bf7840fa33567cd5a94db399d6d6d2c942aecc2714b60634c03e6e02b8f8af3d42e5b512cf4e3d0702ea992d18d7457947ebb5a8759f8f6bb85d08fbf02dc9a6b30cb0b6de118b8ffdff41db05d54e8d56c301df18e88080d8e46e9c95a83fabc29e53f09392a731338d6e901ff5447e1e618f92d824bbe38aa972c2c938b63d990c44c6447a09c26aee6b3d37e0bf5a18d25ef95649ecf816f08c74b58affe2b77ce27e8642f08374713aa7d", 0x155}, {&(0x7f00000007c0)="b80d8b0089b7cb61da8d5df472181a26b15679ac7f8c78272d864af732b8b28aa0e1a48cbdf44ccb0e4f2112c22ee96f25a9b1119789158355ab025feb9a844f50cd0c85f365ceda583622fc9f84927e238c2c5fab979ce0e9ecfcb11b749e7ebd7d22afb9611270a35da1ea5c669a26a0f70a238ac146a1fe973c084b5dbcf56506997a21a2072f27a03e323520f7b6391eacf105f808ec8557bcc1e5c52e6a6fcf9c072a5527a9f8c7ef28713c6cebccafc270de073f7504c11aea2450", 0xbe}, {&(0x7f0000000600)="7eaf5fb1b36ff33d10c45c93c9ff37ab09bd57dbcc850d56553b3d4acb92e6fb2178dc510264eb4a5608f3f608735ca6d50347c7f2592d2cfc9aec9f5b2ecb156782d6ddb2a0db5c98ef2da4686ce20b30b791a26685e46ef1688c2b38f01eddf912f20a6710605379d66ccb9f54c8a76c038c43cea0067e52c9ed4cbfff8385a6ac2d858aa9effdf04051c7ee95687af2c67c80b626a85e0fb1d88170e92b3df62001a529aea5b6817906b83604d869aacca56c7eac589695cfe1c4d1780693b33c9bf96c778ea88dc338bcfe71fe0944f3666716521d6c09b627884a395deb06a490f077d2617722096769e31036", 0xef}], 0x3}, 0x44040) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000001340)={0x4, &(0x7f0000001380)=[{0x50, 0x4, 0x0, 0x3}, {0xb1, 0x3, 0x0, 0xbffff038}, {0x6, 0x48, 0x80, 0xffffff81}, {0x5, 0x0, 0x42, 0x1}]}, 0x10) sendmsg$inet(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)="9d", 0x1}], 0x1}, 0x0) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) ioctl$KDSIGACCEPT(r3, 0x4b4e, 0x11) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="189700000000009eb044c4d4240ff0cd3aaaedaed300000000000000000018ea0017202070251a33a5e8bf92000200000701f87d9f00f82e9f913b2ff2c6aa01d42a0e37"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000003}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41100, 0x74, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = open$dir(&(0x7f0000000780)='./file0\x00', 0x44200, 0x54) open_tree(r5, &(0x7f0000000180)='./file0\x00', 0x9001) r6 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newtclass={0x34, 0x28, 0x200, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0xffff, 0x5e5b76d0e797bfcc}, {0xf, 0x8}, {0x3, 0xf}}, [@TCA_RATE={0x6, 0x5, {0x10, 0x9}}, @TCA_RATE={0x6, 0x5, {0x3, 0xc}}]}, 0x34}}, 0x0) 1.811900849s ago: executing program 3 (id=3111): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x16) close(r0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r1, 0x0, 0x17, &(0x7f0000000000)=0x3, 0x4) sendto$inet(r1, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10) recvmmsg(r1, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) 1.756189486s ago: executing program 0 (id=3112): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) (async) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}}) (async) read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2092) syz_fuse_handle_req(r0, &(0x7f0000002580)="5536182daefa2fc6ee10a1b2d4e27cff3c3e628d4656f7b27979e371b15b420c01ae674ddb8fff7b2bc41e7c5927065cd32f2ff7908ef7dd74cdc82f3799ab12edbbfd0b8f6d2194d7f72aec3a136e25c7bf733436bf6cbfc94431ad053a2ec4ccac5aaada8a41ac38c0e1849e599dce84e431ac501db105b4484146b338c0ae9124877ccb8273c7fbb32603251e2d66c71398a7a715bcbe5c9d87e41af55f837e2931c4c1b6b7bbc30dfedfe6e61a39e28f66bbe56496745fbe03f6035183257edac4b0fe3087e7f3e79c2152a07341f3ae9ec68e78875b6e12b5a2a1abbcca4d7963be818a7a31290cad5a025ccd05b609c7ac49ea85d49f354c1e76091a917966665e77471005a46a195b290c01bb7ddf4709e94543471d87a0a5047d3631b00862e1e9a00c60b83371cc16ba087463122a892a1b21786fe3d450c7ba97799d88126f09a698a421242e9c67c981ebc576f57ba3df22e0071db74fa22e97b0fbe589894931a4c4e0eda8bb9533c4ce503fba218d0ae43ab4b4d0c705e04442d093ca5299ae8499c6db904bda6c68105bc2a1cd8e16067215476e573745d1e99daa73400567a9978dd7bffb21429479ace30c95afdfaebd7faf74343cd58e14ce6d2fada5a1c665049eeaa717ee681666c8b63c6d54e66df86144f85d80dcaa3ae7a13b58d5f2b607029efbbf8593afc75e0ce0a875a5fbedecb425a22624a0bb8e2fd06212a1fdafb92430d309f8f68504484fb1246f3d7b0893d3dc9d0b6c8d7476b6aea871eb4f32c283e22435fccb221484409cc28a6609dd869b99547fc81b2e517809a5b77783f9fc11b5fe584b9f64c0fec35d3db21ae30d0b8b88d722dea4a376d2a610f0a9d08b311e2ed3ef5d72d0e040e41d3dc45e5a17d740c67db88d95b18c8610fed3302aef0c3c1871ff8a5ae1908bf9668f0bc8e5867f56cc59cd303bafabde6a4034a96ba66b98a910dfaaff712673dcbf84c5354f066126068de620f08be67e6034138dd9a312f9ff197fca56a77bad46e59edfd79dfa3aee4582bfe01ce2201f6569178be7a4bdd28e495114944e538ee7b8f11e0812d9f822cd9760316809eccb9b0bbc5f0630224a1534f88600bbb2af2882562e76d149b44780380b62241829e5734fdfff1a2b3a052f3504dffe04d4632e9fef82762fe1950fbaceeb961464dfe2699f0a898fc8783cfdde45ecc3a16f052c4777beb1fddb080fc802a8cc760d1a0d4606b669e78ee9ba1ac398914ed5096850dedc513e5c71eca19d51af9075151f4ca3d8a841b7b1d205f5f3d223f7e48685daa0836f93017935ad1d942c7392667145ccc1d4700f5d8fb2fc218fd6d70357667d339a28dba3360761857b19f9f91e56a0e0281af1042a409a4e2839f3d21b73a5c352b22e4ff06e563e92c00b48e7f8bcdbbbd398c65331298f779dafe875854e301394b0faac2126138908fa8598b4f5e58ed1ac451eb0187e20077099d12d745fcff0b7fb5e8b9fa65ac617ea6c953e8786229b67a604c46810876650f919e6bc6792db22ec0be29cff94e9c24eb6e1830f890bb4b6bcd74b39060506095b99b95f2a8addfb8dfe11f47479fd23cc7c0701ae00774c430b3b9f52ab2579d47a2c2095365aa569f55a1431f93e651c01f0d67ff9337708a72e352c0e699f14bf07f9b9c056897c78edcf34ade3dfd17a04446d565fb6e7c701a237fe1a3d932371654a43b56e7f5ccdadc0f506d746c3f0047b69c0c174cbbfe092f139c09c0e2e76d9a777142813cb78174630ea8d73301e3343b94856fe610777468a9fb4518a0cf68243a4bd715e38e3431a811f962edb1306d76d89e0aad9be5800e7bebb82ccaec2382c9c114c91aee013acca2d8ddf99465e760bd185453a9eb4e5a78383094603b749c6242ad227124ef4b7ec7506b8a76f714099c954f0b2f2d427af0451a7ea3d1dbfa8a3e644c3640d397de3ce942311deb73fad3a76cba773f416314e81e70bda715b342113a18a249300b43250cb3b3aa46ecabe42d0e8c1dc4be286e539c71f0d1c0b0e1795ae7428a3887f36b79e9c76401a5dd460f45b9d8277e04c7c1e615fb33d0fbc444421f3fd0bff4e045d790610aaa2b62945e4b398024c75680b5e12235c35f5b23ddd99454fe527acad6d08fb37c35d9ecc0a8b10e2c31fac786666eb2ad499ddb7d06c7526fb1c5412f6a0df003410e69b81fe523057b6b73cdecf0e5bc4d3b87757889fe49dbdb3ec79c7eb3a868480fc87528e80400de837cccd4a6345508386ada1833f57a20c56e973569bc7821088d343e80009b7b35390975323d24e764aa6c90d3dd5fdec08ed363dc9ab57de949282994cd3858f829c7e5e9a745261383db27c9c53e9e98e109fda6cbb88649ba40b5067470d73b7471d406e5ea8041f9fa25f5b6c919aef84f7595511141e9f090ee103b20a13b22c9a88348ed6d284c0d7a58326e0c4c9626d9a5390bae2be199b201ea136a9aac76e6125db9bf58f61e6a46f8145a9df1305415989435f51529da03f09a67e3629e6f6cb6b70407d9d848f554f1a7e63602e678e62d3b41b4bf4ddda713ed2c291536d8cc12a16bde144ef56acc17778b1aa8eeeeeb60c781365b615be4435c7158d926351cdb46b89fa82acb384c7318dcb2e51db8bdb223aff2c8f36d9e6b1135ad18f7e0b9d91a76972c3140f8e21dc71422de12a4f5d08624bdaeb983619a5ff82cf788c6b8a5fbf0f78e61ae4058d6e03a3d5130646dfc13686e356a1325434caac94ced659529181561fee7ce4f7e1e7945f119ad8474ea6b00257ceb7af2d9b3f9ad5782cd986f1b097d61bf26a6c48c3ab597e4678d609f3050eec9f3bbea1bc67314407521950526e6d71e34e35392067ac84b66badc82a54bb0dc8ed2f1050711ef2d47af5252075c0441aad6900539fcc649c1b1ffc70a1cc39e0c2136c764ba718d50f4800dc29769c4bc9a2fd0f43eb6ffb717a473ccb14ccd58bd506c4e4a0f4ea1158b59b3d6bf1a2d010c456c1f099bff69add46cc60fd2d9779f603ebb943ab8eb02627ac8aebdd52f25b069f64a61e90fa9ac979cb4c6cf0ebcd070099a1a6e6a747e8989e84afe090390953f988f2dcee405086ce51b1d2d8d249f45899b4e862008d28efad8aa5abd0912fa456aa9d3a918a0dd3420d7c4b04b9e3d65c41a1548b7caeef5fbcededf64697786a0bae73d2c5352658b871c806bd150c91bbf8f4735dddee9cfd3e152b5d44cbcce912a2809760e225b9018fa498c86ccb2359cb0834bcefab92c0468522648fbefbe25cf8d82b897371b5369e8f2972502574c0a3235066969c4d5d67fc312d6631702f66a113d22063ba2ac7d9ab387ad1e115e9c98275f3e0dacd2e8f0843f24687b297bf42bca11b89c6db2fc7026d364486ef2d614bc45d5cff0758d69fd48ea06b8a97667e4d7d30bf7f1c30b62287637f50468bf144fd177fdabcbd0d12b50c9cbd052dcd66993c72f48bd6086412ed5f9af3d44dffdf7c012aadd5cf7bd3b314f236660fa1c0e4773a4e9ccc36fd130ffda59a9bf41f7fbf79e5e3333365a3ed2e7714e50805bc70bc6fd20203cacbbeecb8e01a2ce626756cdbd01c53717c2e7b56b47e21f13209c2bf2b1b251e7a93f8a085dcc61d9ae82303a962441372ff7c0b8b8ba75bbf5b861ff7ddbc9781d40c90ae467bdeddfdf949e9a8b8c9fb7db3a9323d05d15bef19ce2e7634b84ac082d50e84b66f99f34b2f852fefe67faa403e848f3de110eb1d9faefa176c3cacd20c7f87d74e858a1a7bfc2c9e895541f691f99a2b8771c8755300ee74e3d6a048b30d02ca16202ecfc207a0b29302aabc1c5b57c7d0d31d43be5cb1f7230dc238fb701e7037aa00c9b57c6fc85baccaa56754d27b975872051566187b0983d93b9ec052edf3b33f7ddab343eac6f7aed97771e708e40a4cc6797f85d91a0debd5c6169895e895f67a10685af5e0b80b0e728731cbffbff8be603469d03bd47dbca4456108c79c029af16482c5c2590c1e0673c7e943699ea107d906a3e667fe7b2afaeb489548b6a11d9862e86a0b549a42b607ffeda6e3ba0f567b63b0be6edb9098cf3a44e6864c5e99fa5f475acb57e2b7343eb7fe3e8c139b515348b188defd2d3021fd27950d822f6df5f9c93584fd95f3f88c85231943ed4d511249f96447f7903779e4d8c4a680661fe5133d415b862e668441e8077bfb827293a9eb733e914f37a19e01ad4b014ef87ed5a5817ab8123af9fd863090b8e9a50ce29cf706b2182fd79660cbdbb53ba71b750e71a21d0ed01db3335cad91d5cb4d4648f46468b6e51f63e4088386913ae6b6cbf103947c32d25a8a825118cd6ce23f53ffe3c087114700e9a5932faf3d844fc6b323b3e722ed3ed75037bd9a7fd9d256b2b9a168e66802e284853a0d6b47d39675900f02f005050425731f9c2cb329f70d7a5ce2ee256212bf8b2ba9ece0df39c58f0fbac06c4da946787abf19dadb536bddbf7e51d89f22413575e064c6482d936a89d48be159aeb5055feb0577ced6c5334411d1d58a7e6d02eca6164d90fda39685fd619269fea7f21db51f6aa6961250e03c9e00788c178dabeb68f13dea29f8cdcf30478dbca15c4519bb342ba8b201019061bf8317022dbc5673fb4ed92ef1a1dea0a1a00cb3cbca291f7ebcbec27ea5e824f04b82f5644d4368cdf8026550bc2f86b83da6a265357eb548a9eec6622204b3dcd22440fec0e12819ade4ba53b53b1e6ab906fe0cacabb9c15e8b657475a0dad62dbcb1037aa8617787abce24a0aa4cf1b5c85c030a14277832a95d8b29a4ea86fb80148ece147ce4bf386995ac28e1ad1e2072f3f4fce5c05d9bdd0af118815d6ee89aabfa3f8173e6fa59dfa4a8c1ba7641291b3c18c6ccc4c3588d56d169d397facb4e67485610cc68197b3a43fe78b9458dc47e5057d5bc6b8e3b65bf414818b65d41ed7cfd7a35fe79c9851ef39c3e059fb3dffe331a791ce75728efcd58dd9b3ed1c93b128469afa648f4f91de6e39d5bef7a0e69bdf5b2202682d857847a64b33432ea0f33bbfd1948ad0b6c66d853fef1e6c0d712b86c40f79ff4d125baebf2a4b32dfc8bed2a697f745cfeb16303b4f8e866ee0bb6a5eb6c6ce513b5cb84e2b44854c72ed0cf2e838245be8d098a6943d845f5a8c07c1036da86cab0d5be4ce29545fade4323acf2085b7645107dd12d5b3af7bb37be1b291cbd6fe297c4b4a2a23280358711be91f21305c035bf1f57467a1853c999b3fb478b11c49cfac66429a76099633a54689047d66fd8bd6eebea94fc8007d9e2765e2969608a78d0b96d6b30360e81fb9df5262c8ff15f2fd7000756d8cda1db3847d6f793bf803b159344c57b480c87702cb3d1260692a19ebdceb2e05a2fe2eb5ac5cfa76551a04795915bfaba9849a623e46ac1832157d0ea5255b5cacd4efa844b0ce5f2f0e1a9dc4fb115fce2640ec6d03c5fe15b4837bd6e6127349f2b6b0fd61c82c96531714f5b623ce4e4978c4a0c86b3c17f50acdd67d283ec934ed36ba7360a10ffeeb7864113eeaa25cccc66613e0757782381614b8da3cd0a85cef7bc384969517c920e8454a5a0f112d1653b2828e895d0614e5bf4dec0ec863432cce9337ce7c29affa7f29fff97bd54a6947cc68df8fed17850209242c1c67d0d7aced2efec4b3c006678bcb8716e8e9e40d78781fd6cc5b5522b8ed2ec8cecb677849b778c0a2a17817a3dd2278080e109906dd4e99b772d5911893fa09ade4296876921d1e009e714df7e4973ab1d2e593d88ecf2151e97ec66176549d3af66652c8377e162454ce7cc8ab34397d31978e84aea92a3c0a8106a2a31e33a8dfe942819fa1f2c1272d0f3cbd7dae820642cbc00202455ab7fb81857ef050a1965a291001874b38397ed9a8e8106dcfcdfd80d0f5d0ef0d5775e53cc5aeb1d6bc13886f8f3491cd6af5dd77ace3689fa2bf56e9b4d1e4964f8fd8f0a4a8b5d7fb678f0f3adcb4a19b5168ac5aeee6f087af15af3bde52a9be0f550b21b10ce98da70445284d9db9416732e63b6efb3ced984c0df50c11aa677f822af7ad39b8b4c0d236e4b36a00ff73587b39f917d7effbb37b95a96e350a430d544d68623c80bf2cd2d689b4dc41e8ef374c393092a2619055f268fbdcb9de494e6582be90a4798bac801bcac8389c823759860e7c9d692f41ee2a6b9624da3c09a2c8e7cdeaa100ba8ca25a737046d8bb237b9546641cfbb2eac9bbee9e125b14dfabac642e634d32151c06ceb3ddbb3d3f038ab2efdd063152270449ed5eca2655cd0016147ebbd00003eb8cd25297350afbffae43cfd9867543b81da4510850b1afaa199d0477837017e9098bf5b3973efe218a88b3d2bb172fe77278088997758fdc1dbb0b1fb6af2ab9db1ddf3e3fbd8e8dd35f918779ccba75b3cdfa317fc6e3cbeaa8b11ce2a30cc53292bcb9dc2a18ca400c674360c041c97ee6aec1448a025c6b04ae9efb3a01d31e3f897cfd5dc94dac95c88b95a26676cc6153e203535891116a5f4ebf54c71cbbe3215a04c57c7ba874a1e203bc66d8161d5b556f661244d9d405a2e6baaedd0d0e4c7e093c2ac0e5ee83b7ddf91669dd59016f7cb53d19896fcc838dc008da4a5fdc0a4fac1a6d7f49b24bcc01467df04d8a3f3181cc4e811942a53daf784b59186a17756a8f3a41ad93035a893a4ff60dd8f54a533e94cf87864169287804df3aa38dc5ce6021a06c58d48985c562a0f51d8b32879f9fb7d4a1d3d442626810f151b161b7e35f9a0b3bec05979e381140f31c03ee6f5549e6e7f116be5e87e0a9ab71ee632f837e9a0f9ad1b4979304c26bad6e84eff0b5b79b667e3d74e354d04f5b2c237102e41a1a4dcac99cbb911d9484aebe6ab2cb539a1db3e3302fb833a44a2d725e858ea9a65d43bb7661842b655c51a1ff25207956e8c6c71667c79975d69f688dfa34c59771488028e3d7500ba0cb71ae5751a51b568e67bdf2abb63838aba5e5cfbbeaf02285f6cbe58428a92a6fc25abb01f8d55ecbd7cc0ea69cdfb188b79048dbea488493681b0e70234463ca3e425d24e2ae4d800ce3adb04ce69428b5f884f8dc83392c22e456a2e195b86d717ac45003a99ae9a59c94167eb04aba3612528f94dad3360b46bc456fbb78072eb7f96418c71bec09831b0a63e83816ffde0d9909c06e765a666c2c41b20c339e0d39107311830ae9ad912f0a85f2ec5ca66a79798a568dae14f76b6d59e6c0bc0f9ebdff29c0fce58367c9705bd4323d3c3e125cdb13da6e58f3fdb2751401014e393e3fc688f04080a90430e531767a7c4f3187ccb7b90880955e766aba6091c4e8fed36482bb5a63372350dd08fe84bf5afd1a30a0f8f4de7a640fa84b9c0447073a0b39bf875d0377c8a572adefec3e033fb3dad91b22bfe22c01f23f27ab0c6a1ce19d2f4f4235281cbca15dafe50f383ba89a8c46a666b106c1ac534955df71f4c560010934fd3eb68eebd55487defa1e024f75ac30139cd190bde1dc8684936bc23a1882ae469fc4af8730d29658f996f71c219526497918e359228b55849d952f4b2996fe5f45a6cfdf87da93bfada579479b18d05c4e964c85b88a7bfc6e4f2b5d6e98e00635e8bd2ebb9eb40b99a9e9db2f688b2d94b8cc8c5fb2a1928624fa5df1c228e6499d992453772084bcd33dda984d97e3857b6fee43c6666b3206ccfe3af52debe5659dc186edd194b90309213f5c4805f454c7e57bc759377aae9727e484391486be0849c5cdfa99c5a0d0687d6afdce97a32e01d45fef015e7c869ca190219a778b91d881a7b595313fb462e5bf78260c78285d6ccf5e4c50ed56ff28e3f49912773f0a58093f259b5cf4e7f607c51a81576fa95b97bf32d0e2e3511b5d784eba29a15246a97ccf608db456cd70adacc6c31913416f24f38dec3544ac2e88c409b5ff7771d873ea8d7a1868775c8b5502273c784cf945680fb14f143140b56462cd46874ffeacde7bf329fe8369df9c4b95a42535ea56ad6fa260f5c738eb9627f890f4a34f80bf3b8fe568d44c3895029b5f9557f17469a53fe4c0d581eb29029ff162ca906cd0e4bb81138be91a254752bf849232ed7042a82cda1e14dfbfdf74a09c17a9039749c789ab0242ed2d0249231c4ad70c23c805676968bdeb96c2d8886f784ecc3e42e6493e45aa20b6e8ede65c49136c9e9414a4371e3012bf596d55315be17ea9396b1df7f82db27f0d121f8aa66c40365fa686a46f430b4cd336da0d9937d5c26284bdcc6c4e0d5a6acc1be089e1a5d6ec422ad3961fb5c5c9836466c3366e6d3f2686b19b529549cacb6252b0d7a7f5df42ea2961ac59ba0b911311ccc4d83f8611f0c4b071544236037b2863d673303a4e3d428131b07f60eb2cd507dc43503456ce829aed8254bf0b51b38008d42e445acb0effc2ab7e4bc26ad76ffba1220f2e878fe9b5de39bf4f25a9ed468cdb100008ffac6bef401df4817b23463e771a3c834c32993274689c01004eb94b89bc44257b7d2b3936caab6d86937b5bb8f705d00fb6f091711222b6dc25eeaa0e350fe484337396162c86bf7d3a1ab82591ad35d393664617041142c0f8b528e947c092f28c3142493d056bd548910615e7300f041f5d01a2f00138ae5d7849244ef9215f5c9dd874e60ca4ad883f86e71690a510831e35c24de1e0d1261172bf4a8625af958febb7b109c5ca5bfffd4342c43ad02136c6eb117b4a6ea98c07a91279731c1228b01e6be755c1c1d095d3cdfe950ac32eee77327a0e7e342ccfc13c69ab6ab113b18c1abe72d39c03e351986cb3326b8b17ada5884aa7d0a553b0d35e32b8c09f1a4106f5d675a88a1508de4a0e9c598c082ae5b229b75579e39e297b225a852e3f6a7d0990a45fdf68771991acf9b7a5c04bc21a40c57817d500e8ebc6b5919219a4110395817c92bf9eb9c623606d4d98ed68dc0b51a0278b0addce8753f86316158bb4bd6a7a0c4c72b0d17b9545695e54826021a6ac44b4de1b4ea977b20af3c47b8860b0ed29a68c1a883777097d54b162cc58edc0f4de1afbbad7c340a5cd9f2f93133cb2a4babc2a688e2ddd580ef8d9d0846c269c265ce9d978aa233c73aa11eb78d3a67f4e7a3dd035ef5a1f832ada87c7dfa377b77215f8c23b1a78e4a7faa6d0c1a4a28a0ef7b32b36bd566d8c478d0133ab43f9c2a4829624eec535234eb89a177ca8d4e9d2d422f33a24d15044822e4a4c1bca5f470b8c8fde09fb69160297218398da27f4e80dbd480782ee75cecd20ad23fdbcc1d4a0acbc63241c1e2cf1a0b12949e42f707ba06b6fdbd8f336bd72d7f96ddf9ec2b5cfcc4c8da6e1ea573e97eeaea537511ac9fd2ae78eb18cb50c13b595f8b6d65ce8c08e9028fffff6b512080dbbd3fb5e5068538c05f73254969f9727db9bff0c6aeaaf83713812499308792a7fc8318e6b2996bcd1b072641be1eb8e028cbd6b0a5f1fa13bfe35b5cd0d2ca21d9cf8ed97f724ef73ab5a99d65befa38d636f2f827d229479377f25501f3a6ece12cb095549503b2299db7806d32751d4851d62b0c6a91e2e961d475d33a8874c96df52c75bb5a0569e892743937451f75345e0351bfa334d37aa43f01ad1ff984dec164faebc713de31470db5e536a0681a042ced0f9839d9ce89259349075961985171c27c410c99458d4c25614ea1d4252293c4f85b0d2ded9ac560cfd024c199d5f0f4bd47763690ba1bca88b8cc81059bb9fe82c955488523114db8c2caf8a63c0049e90ca524330b57edcf718f6a7aab0efe282079d198cc3c1294f35d1a1bf5f69a8838cfc5d4363f9ca9383f83e4f9576de3fac48866ddcde282e5e4ee3f852a063bd6423ac1fdc6201b1facd6c36609fa2faf96afc1c0b76fff27bce059ad6390fd1e3f735806ce654ed555a78ea8e59fb16ff5ac5ad183aab9de37c3d033b3018d591e7ff1a896de969f561260f797603df5fc232076ccdc2e1fe9fc789253a54af151dd50f89e777c2541591101720c893647bd4b3e6257de85251c9bcd700154e85db2a9e2c4d9d2e531a18bfaa05d16ce75f823e60416b3afebce16555536120d5f554fd13e861d74c4947a62d2d09473d8d75f03d354572b371b02e16f3976b1b0b235582ee38d938fe843b107c77c2acd88f34e1669816eb3867134b1c5fce5afad3c70f9bca972ed494577f2ba6362a6ee6b4720bd86938bb49490982a1b5ce6dd54b79f093ce27051530e1233f03d6641392d4fe7a1f7dcec8ba86d8f32f00f0ad50a29b1e17de07bd0205c0d893532c198f23656f7f5d1d9c0745b7e0b7e8afdd29c8fa1639a06039980d9a5fba11801db4e7868a9b77925a03a770aae3430b1ccbddb8bd766f51fef71ba25cf9184c9cfa6f9921d69066d09a656080f3c5fe475ccab94cdfccd76f3c7dada9236d1be861eb5fe6247ae9f97b7705bb71c375e8b98203c5bd224202c1aa714da47e0daf98fd3eca617f9a255df5dbe98a7520a1e6db9b88af893521f2ecf7fd2b08a7f3c5aeb77ebe6f52739b473840889c41315407477b82242d9a805f9aa200a129c4701d1c88ccd34871f356caf02da9937a88612a9755315914f4e8e1bf471a46c00650457cc06db168e5457fb3f9662994d901a1f58306156979aa795afacc1a7d6111cbea53e97fb71c7bbe44558fb06f8d78ee08e3678b5d218e13f79cf06f1da9f7e128647884589c487147b3edbdaffa16f9388568d3c8caa34a6b944e4f171842cdbb293474fcd5201b7440e05ddcf9e0b476773119516ef45077705e8bab5f877657205bf9eaaa7c86734b1b6c3661dfd4b9eb8590f962e17ad51b44058d558744e5b44cf9db280bff1062b2431d298064f11e7700ba4c8ece6f4df659d4880c4983db0152f1f903023672f6234620134bd5d1d888022da128a527d82e8fa1a562827a4f1592efe3b0bb78060626e8688ef3d5162afe9f1060123dbb1f93b7bdb6ad4ad6e1772bf8705cca424d9c42e4992eb5bef1ec7961bd4260d1e55e863fa9c8e0cb6d28b495fa37b5f59fd18cfcec6319288dd7363821e47ec46664e1994157319eb0d466b42fd9b5fac5ba979a9baf4f699dc539bf77852e18014074f88108b654219e4f9396696c94eb9fb9b360e59920f187029608bed76d09dd006f4033d384cd109726d51850202ba564599dbff7808591f834cc4084db29111de86a70217defa490e39c6e281650d15b1e44bb55164be0f6da58e838bf5f4d7cc2a23b818557ab1fad0fb2253c4da6af41591940b2608f6fa6bc25939ede95317ff96050bbc1f389235caa78adc0d801a56b2fb4cc41e73d5131552985b5af241722e0637f3b88e46b09ea875e5cf66f534666368ff8e46413e5ab557236134afa63478e18328d33b1a235deb2034955cdbb2bfd0e55fd885f380ae8efca1feea985a946519a712df1384f9e024efec61c30a6989aa3b5bd486366f3fccadc0add175c1cf0d2730ab97370eb47bcda4226ee140edbcd9b38b8ee913587125cb185adb4df18e80df2b0ea6e3e87dc8755fe6823ab5ee1feaebb1e6208cf3dd5ad5581f2388be92", 0x2000, &(0x7f0000004dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002280)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async) write$FUSE_INIT(r0, &(0x7f0000004e40)={0x50, 0x0, r1, {0x7, 0x9}}, 0x50) (async) syz_fuse_handle_req(r0, &(0x7f0000006ec0)="61bbdafca822c911b304738006db7b15e0e2831a336f514684b2d6c8a9f3293cca8de24cbdc1d41ab778ac721c42bb6d1f2977dd3bdf4d21260c365cc5eb18be1199bfab890f84bcc26b7c5a86a92b95c03d6533c22f6c114d681c9f24ee22edc8c54e455f222370d0783240373804bc927ec9ad5980a30186dc5c862e8e525a3266e170f08b51a39a7dd0df10e6232561c7cebb178e6150f02031d77244d36f1f75d3c2425aaf0905dfafd7895d0bcf774e69b3b059cd7886d7759d6b30bf7161e6a70d3d9d4c3e8fe0e74d5b45a7eb25d2602506a15ddb22eeddd997d357577e0f570885eacd5ae6f659c8dfd8110bec6afee802658657f3dfe9b713cfacdbf107c541ddbca7ab30d4de95c16364dc24500a433c22bd046a640ca7ebb3cbb2bb6a34408c48c8da3dadfdc0f285fcbfcb52328ca584931cc6c3aec022f70f38904912b448f08634478687a24b06a99b19779048db6907d03e0659d8c5a3ad0c0d7878591224c4a746b00cb022b8539c4e4913c2d68ab86c5efc118dcdd8eb325194b0f581ac2b94244268dcefa94cad95540815b92aff0921d2002f52a3e3e754421a5d15f683e813281e5ea092146cd8dbc61d66f3908e66f521e538ffa88d9ffadcd93068dba8fb80ec38e4fbf1e6a86d16c5ea1928318f0ee3ce2d34d2944b5f78d268eebe95ec40cc6b09fc6337625a0c4e72326407e853bc02b4b617efbac2187bfa6ad99f1dba5e1dda79be8a7e01c2d81ddc99995a269b6c241d24039d223722052d519a2a2377bf1e0192c4f5ed88cf511437079c312e0d2dd4fba061ecabcca57956513da8e1aa17776737372afd2f4c519916d7d30e48d3c0fe0b57f374396aa57abbd4b18660b441b98eef9092abc9646b49591c79b6a44cf51e2a3095d184aaa46fe40a6f2dcf89460b5cc971ebd4cfce52a15b9e2ec808685d4754ff91243ee7c1759d2d86d87d38a424b976dd8d8208d15130c7424dc27fdc3227202640896360079935591e3cbb3b0b69a73559d369618557061ac63655244c89de07503bbcc2ae5feef4b55059335c1a1a9060ca3fafb51e173fb0dc6b82ac361d4ea9223c69e6972a4660bf868e3e2475c9d4c7e260769357ca4d99eb1f71250eff75691b297a4173f7b1cb0949d6fd483ec46209738808fd0f93765811d44df60db91e6e1dfef5f90ee63edfe70a5fd4ae322bd04a312760f47ac452593ffd6bdaebf3fdc9eab668d0ab389d225c6136b15c27a9e520e05972137ff374f823d01ff3913fa8f657dd6c3ba00bc0705cbd3a5517c76b3293ca9124dfc1d6546f7eb9dc5a0316d929fde93471a381d5d89cdbfb2b0e25c8ce76f32a868a461d9c13890152294e825de0eafba15fce2645eaf7b0f8f6c25d182603310a6f0dcfbc5e29e285688da3ee34f6c412e4ea78559e98324f45dd95ae8f41979937ae7677783087e4b252d7d37db8d1c449445d7354834139b1a35e087d6345084d26891afda531af70dde063cb3bc53f7f938d88ebf8189d9baa385d10a12b835f55a94ecfb02c83f7f6b35474060bf6adba6ce09c68401d255670baf8aec4fd2e9aa923dbce180bcbee0490443a6e384fd15a01d588b6858d57ef86238ceed03c3a4594843bdfadc2d40897a07873a643e96280f221332a99dcda25650a4036406cac1c2962b4ac690514133de2098c17f901519eca0b7571dbe9e771d1a9337dfa744911068176e7e3d74e2f2a34e31479d6b048dced6c9b836bfc138436f0bf89ffbc176ea15567dacdcc46f68c7815ccd741a732f8b0d809e8421cfcfe2c702b3f78e7c3d61911ba7ac23568bed03e5c68ec5405b28fb603829f16cb7a51a17c6c7e99940da59ab83c94619ca00143598f305057799b11f535e77d92721b63cc1d6c903b34d560490a2751c5f185b7bb6fc3df307a6b32ad15cb9424e3777859f1892e458a7d860bee9b00586d4b8c6cbe1fecaf96fb6c42815c5a92d35a58c0f768014bf2d2af0798637dd558f71a12378dd2499ee9214add06a634eeccb71736588dac40a24897d1d4344b48201e4bcc81ca5b8e84f69a2c7408b8a65ce656f76c2b8abe083e5c9252b81d094656da5cabfb6d2e2b5b07c431c143aa27580c9da6cf3b6e2c1592da48684f2442b030e6bcf76c8669c09a6d975e6ad64e4e6a3b55fb848dfcc7b132e52b516da2ad4503dc54e3efe53fd989f1b660ee48165bf97c765558dcdd38616289126cda1fc7c25675498c0367f7d0639793a60f0e1315ed5a32dce128b5e369dd42a45606dc22bc04c28a79b2f5f89968e95e29332e32e7f466152cbe0981928365e82dbcd6cc450d707f3b20e5146bfe4561bb711586bbc41e5f06d94da64d9820d153eee649e2611ae98e7ce765a804a858b84cc361073dfecc96dfd59f510db22a9b8724f7d2c1cdc966f9b952ca82f84977bac76fa74fe3675a73fb2a71ae77f0f62d4057cdf5e2104b5f2ee2b5dfa6ed45819c6ee0e7da1bf1ff649f64a935e9ed10ba8c8fc803650808efb84052a88665af5d4d0f1fab19ef6fd5aeab7a67f7ed4750bbda2007f9fed8b199a4b7d585eb9d228f15e3d559d6c81628b91cea4403c2ec0b415963c2f35f493475e7c0022c631f83d9c5179ef4dd34c41759240bbbdce554bd2052e3b5eb11f70065dc6e14824654097fdbdc9c342db82e0226b99c859c1a87eda7f5cb3040a9985dfeb68aa9285466d91a151af35c7975079f46a4150046d7123eba71fc0e3424df0a3c34200b52d91d95ef49d7860eb66df62e1074bb874138b86aff43f5a03375f129a3f578ad26184b4a5071e7545223f043d5e378e65c57e6ded39cf557850382d149b624a95918e8b4bf52f892608b379e0758b82a402985c33d3bdc6b46999701a10547131a3b09a5aea0dac4ec8b9bc8a4b17cde186aad300f8a9b49b76321c3dd433fbce765de0f385b6b0351c1c01cdbc5f9cd8a831100b5de8c47e9fcc6129c0f5f93db7dc790d7863a919dc40c03b35c49db7a454b815f8f4bcc228130725926173b5041ad4faa671ef72251d37e1c5a8622a9ec6fc01b75be1f6e8ef06fd0f87f1990dd4583d30491a333aacad8d6516b7ecaaf661d7c11c4bf1108aeae55b82aeda009ef1fe326e07712668461421042c8579ba80fa23fd02077a0cc1f623ea6a37ca74ee42909c58724995e1fe579c1bebb9698876a368653539884abb5eb6a34ab7ab7edb7214342efa5d4d6bf2fff070a73017631a7b8a09609e4efeacbb9c0683ff61ca313db2d78f8c33288c5fd1ad4e7056f9f67f2a546e5d412836c20242efbd107a30bb50cf82f5417f01e9b0cb1ca75296f673e21e3f8af069d7834d9b4649e0300197df1f11ee6b423579cef5cdee2d099c73e7ae4454b72b211a958fa265f3bf0343df74789791ebaaae2f25b573bac285b00c2aef8d6be1b3ee99b057f464589329d773b59d2f332bc03c172f49f38e31c39068bf3adf63bf5d54443e14e5bfbb1d5db1935136a8b3b0de80df3eda40bf41de0ddefd599e489654b4832784444cff8fe229e5969a5fe592e90239d191569b25de52250e8c80dce2897d5abb27ac7affc5bf2df29c0b5324146ea3528e9c6566722fae108f6cb82d925a0624a4eb8b56e0e8d37f463a653faf920aaf56098b30fa36a22672701732333203256e186bc45c83629aaf6fb537c7c15daa5a498623a107b019dce15c7f4249a7f357c67f99eac1a96b75e56a275033a27dc3fdd85c48a882087b96a6bb62a65849071748b2a06800ef0232ff0c1c2a8566ec68c7ef55a684c5761f966c9573a677308935f52846f14b284150c741e177ffb23157a8674016b6f039150df3e3a8476be1eaed6cb97f7615285d1508a8f62aeea477ef85d4aa76d90a2765d2abb43980c29eb4032b06ef2f36aab0e38b7f393ba03ef678d130e2a612517ea0bd5a7711ea60de507affb263a348c98d8fef328c43f87c00409a134e1eba2d24b3609184ec93d68cda75b24193893da75ceb0058a1ed92c0fdaac99330a4acfa24705d3fe2520d8a8018908e1e9bf2ebacba79c8c67da0fde4ce2de966030fff7330292c6e7db52e0e451c0cdce1dd1682610b0dc340890a8900a818318170ab4f957cbef1a0afebc4ebba84db785409e30d423f86419d10fda93915c44531ebd94aff97a7b987624af7f3d75fd051894cd64d6da46b4424b3475b22ab9eec1d8bd1a8015a1076ba55ab58ec69f80acbe200a1e3efd99921c1609a972fcdecb76e9ca53e3283ec581d76862177295d2b565686bf40dec9a38086f8930dd05b08e7efd7cc6577b2ac05f0740e665e68adeaa0e8b8e57ad98d9b5a5371c1079d07a2659eeda9a1ba0f618732c70efd4b0c638db140c6caa1a58a3403fad7f84dc0ced13f4d5821cfbcb694452988c39daf23f601a3db08205fbf8ea5216af125704667e22643c633502bd76a393c8a176e92c5beb581c4efe4cc2ed478c50a74272cb715e6992a3161ddf846e27d613102b5eeeb763a329ad68dfb6e3a9c1dbb960d087b6aab4a9e1083885898db0c1cf3498395492dcb6a8f1254d4d533cf22ab21303e03ed4e4605de1ebd408cc2ef1fb0099595d9a6592f4c5e26ff93156ab1242b17b92c9279f132a062dd862bea173cc5890df621d992dce2eca5b7e3ced0c1cd870ff545f70094dbbf49e3d5223c80d79219240deef2b2bce0ad2374524c46321cda93c2e7830d016f8bced60045fddd54335589278eb9d8603cfe74cfe6c09d1e73ef8addccbc69534aa598dbc930081cdf8c4e9a90fd993a577b07744b09ab17fc04a958ab4f61f2487a248ea55f78f4262ebfd683ea4f2588f369bedacf345aab596851ca5a8e60680202a1c1122d0fb7d42bfb3f1c979b87872a5b5573032eddd837bd2aff2e797cd68ef9585086d131d84c4872eeb171beabdafb803362aff3b6e2e968d43e61a1b700e5a51c3c4df1546648df167626eec1fd7e2eb52cb8973679822e1b06e2f267f72f4dce766aadfab9b377aa6bc63722c817c3523c6d20c77d84248ad0ca3c76196d0bb70f2b3b7b496aaa47fffe5ad8dfe2ae1e28e8fc29aab834ae1ba95aa53e30345ce8260ca42cf4a8e3a7989f59ab9d6ee2a30b96b731e144f53ff9e7665b90263d575c5f42a92e5e53a50c612af0a1b3b907d472573eea9091619790b5d3a56efbe253fd76ee36f3f5a2d3c340073c311aee56add7d8cf380b2d1624763e761258708511760b1ddc0e6e8948504fc37092417a57e9a3e8a1c361c1245b14c98f5b84a6f9d5f8876cb9944fd47dfbff3fc032bd15081b9c645a58eaae38b3499e55e22821c8a6c7a587a8b726ac3b38025c2222d71b95d816d76d58a45002f0241da0a2f2c9d150102979418f00138d2c5639d115e898da470ff2f4a1333fbb5146f7758afc220ca6895fa5fdfb98b49e3be5131879b15f48c905307b2dc7ffa2b7b3ceb29282ca0492c50b4c701fef646f74a1429f2e1e275946852ebb33b2da347bb0f1b890d4ce37e1d5b1cb252c61e3c46751a539a9c33a12eee0364d3d229b5b21087036219d5d821ebb05082feba108bce7b05e6143f5553ea2a9404d2a0e6f21bc36ff6779107b5a1499462536bf76f464ac43d7ca3561a92ee13c190378af20f6967444d63afdb94c2bcf6fd32a6370bba33ea3d6deabdcba090ca15eb8b468dbd4de9f86b37fd1ee07e78e18c2a09d819a1a712223f810b9394dfc4a2f5be9f6f316c4f4be62e4efceab5873373c7e7b2a86fc5f4e92f6281e097bddb3276bb952211bc8f871a1907c3ecfeec3e6eb3c7dd58ae0e4eb016d0ed14dd0ca79d6777eb29065befff3f278abf6a4df704af53c24b0e50b85c773339f6daddaca12ac0c5295b8832f7da7e6d2f7151691ac787f4cb56f9ef21e5bcb3820d3711f0fd29b0fe3f1b3286dc7c028fb4b4b74474aa3387acfb906dcc3e9453c7cd3c7156114a50744eb9de4884e46bf3fcd0a05e8fe18445ca91a52c060396c529e1bd6370dcaa23b6f31c2d41f82ffd20b4d1178257114d647c29e7f1fd13e5bb58e50e799ea229989b27f2cc1353dbc4d0f5230b49416aaa3c994482c8df9e69957c2038ca7e68f80bd407108fcbe9e9b99a3c39adbb888567f873004983ab3f7ee364473b1f3a5e38e7774241d493c00704c73c4fe956611e32fda53b5cd25d0ec18b3e3458b12899c11bd9846d399f2fd50f21d56d967c317a443f578d00455726304d69c44da6e5d04d786b0cbb3d7bbdffb44d69995bb87c0b0e7a2343e0c9c2c98aa8be33ebf44f019f48fc66cb884278993ea58bd06e3a39b8fbfcba2ff0a36e9dd7d3d0d94b4435cd3d8a9abe18509a48f22dc509b60bcafbc0110e3ab8e0bbe79c2d67c3e8ecc1de58cab4026f56d7b70b78ddc4e5e2209115ca59b2d2c4591ae471e7268568da3774fccdf64727611460b2e17feb855187d1e6f3c2b6ebb99301c1d27160dee3d9e41b4b96d8dbc6e4764622be139dc21bd21f0373dbc804a37dfb1f3860fbbb30f646b652778a9d9831798c251c0488070c56bf1f0794c2152648548d5f3c137c1e1ce9fd67e6da2ce6467bf1aaa454afb948102e5ece44408d24b87cab80772ff5dec0740c3fd9d8bd2eb837d547512d1028e7eeb4365321c50af92175d183cefa790f824f7c89a7e356cd829c0a20eeb325090e69f0b964c244007bcfae61c4786649b234a0f630e9e5248835c2786ec31868465f421060724eb5f701918a382b316378547f67afb3f22656e5cda874616601c5f36d7f88b64b940f4bc25e2221ca7e11f7476f8ca1916c779452a76e8b3bc909679d38ac64d4009a5e330a35f2c4e3c462147a9a17478b64178ce4e76faa452c533b4ca38e99fd15da41dfba4bcf40b845f24a5cb5cb5f9b6148edb943dc020e3885043b3a5b12274c0ed19c5be71a90152aa00b5691f39127a3bedb5cbd857e79871fa5ab4e3f86c5b2b5e37ba232cac99a07f2fc16a920751e80c0b2a11e3f57718715f7f78cf11f4c899202a4e9eff37c73a20b1b6b17537377bf2bccd61d43dabbbdff947f6644b7e4a45cecc538e378118ed158c132f514edb85178aca1d964ee5ff5378b0a58823be37a7f55e3045ff75eca0caa6d740c9f055b6e112c3a1e0a106ee7de1aa5e66df171c7328a076b06be2d411b0249847b5a1edcfa6fb565e54660726bb8bcc91fe4f925fae15a02e62bd929deb7a6282fcb4701fe9ba51dfc17c77f0b7450d86b3db124acb4832af2581c6c5de3f8fbd3f484a582137d9e0c2fcd9cf1e5043b7f61b510d249359a9a64ed1cdafdac9e95a2824ea9d17ccebea1cc290353700b7da3f7a7535d5a406c95ecce0d532488cd87037f160d92cd3e85ee1b4e0a1b314f770768f495c9f50ab88f841da8f6a85495e9c2c4f084b5919aeb60a9ca5466ef95dc15c93e041e06a1047b862a0b98679ded6d1b230628b99fb28ad56cb26c43e39712edb8e1b33dab8dad6f6151aab04c0c626e0a195881bc68c32d1f3ff7db997e6bf061a9c4c5ed673b6a7a25c6d520177ad69b7ac1d0c8032dbcebb0aa48f3c1688e2e10ab96cf2c85faa07b3437e3fc616c5a246b62587a8f21df4831615afcaa79531b0dccaf0aeed5f042f94dcca3b2eaa02102b2a8a3b07ba8a6571df4bf03b7795bec2baec13a148538aba90a9d7f1a3ae76d46fe39eeb73831b7d3886766130be5f769d6e8588d1ae054f2ed4d3cd4a699a7e3fb2ee9e3e7950342185743375bffdd29f3514eb7af5209ea925309772c1bce304513a1ab69b7c745af7d0353d91b24c1e82bdef2d16e13414b53629343c523c3b2f044024bdcc07ce3401f37e5be0e1bb6b65caa4b8b332df585b551452a68c835a31a9e8faedb3db3f0f55162868dfb8cd8d4db8193b7b706665588343b6581c582e6a1ae320a6a310ddcb2ba148c50a121c460b1ff9e639a6c6d0a6893fe0b8b06b88f5323b717b263524471b91bc92c6424fd95ece736bcc80ed7b371251d3a97e8097bd6afeabe94d53df20c28c0dfe9bfb2c42d21b23cd0b9736cdf40338c202cf3d04e578fa32f9761743cce981f2817a55e6160821b896601b829e20e3055f3ccdef24c91a311faf157d08bff00678ccddce368f8c7bed956b4fa0c0df7904234bbebd16aa0a32653acc6b5321e61ee9e58084c6ac8fe27d4cfa8dac58e122e3262dcecb639f3a6c0ee8332b9b080fd9826d4a9487f62562cc9b3fc9409d10566c67cdaaa345e794a1b3a342057b9c0c3943702702676b5e5d5171827e6ec829f2fe8824d931b30938d53420686410810ad4799a7579f2900b9e2ce2c032cf630121e4281faac5a26eb1bd0a999387619e1fed4042315d25d5ec93ad832ef92443c8dc781b428b96f80783712847601632e41abcf01386b71b8b4dcf1c30da6aa636f761573a55fe7831876105f111bcd6f04863b8c049bf185df9f2612ae4af6ee8fc3ba7ec603b91cc6f691191f2be40ed83f183556fc9a125a8333a3b0e3357433005cb7cb7553b1a125bace32a4c86c6794dc081fbe603a1a0cb36c0d1927d00fdcd4d12e1233bac711b0aee69f4812b6ced90375c74d5995672ee79a64e52d2916c29fc399b12ca7ddf0e55789b5b8cf676dfd3ed5a566ea6a7934f9652a7a5c7db2ee29c98f01fad90052c4df530e432acea0f5af7459b017f4f7ca4353ec6dc37de777d60ebec7fd84e25fd642bc454b3807b0fe9f5053e3064cb4d705c7bc3b87f5196734e4ebc4c7b007cb13d7f344cee70ab0eeabe6f9fc946b18af9638acdddddeeb258545047e12886d58a901d31182e1afc77b8223011717a16ef1261c399fde480caba1a9cb8b37abe0e3d5c67f838d9db72b41e331280128a7bbbdc2fead0a94efa63b1b621d6263a76395e53d2c703ee133f2d4b2dafb267417c4f7370c9f80329c08b32cdb83b277893091f75e382fcb5c9cd64206a2b37e3b5f4872ebfd661f1ee4956796746740c89521de80791a4eac38b4d480288c45a08a3a08112391826c1b1d89db2398bd32c6c645b115fe9937dbbf671281f6412ffaf963c247b59ef88c69c775f462692896b643df3da4a0c1bb5c0756e7c59cbf96ef7f9780fa1ad985743bbf0d776c3dca2d61fdaaff3d4cfc13abb433a7fafb5a41d8ea189d3d41edec803d9c7cc5f62fe0047d06dea408547107aa09b98076ec83cebedc089be24c2bbd3a8d31826dc52b404e713ba7d6e679dcbb1d7be86daa567ba73dfd1e2f625468a72a6557e9678dc436187c4ca3822cde70c40cc617d9ab59e38c58c2f9a90334c3f5c995799d00833ca89106123c2fc6db257aa1074ceb10bd61f24b91522eef613286c1567b777dc8e7987979a118381879a9db74c9f1d8a9f6cdccf0d2f3830725f0f8ac35664227cf84cc9d79cf8996f44b68cc0e9b9873c349b960498c6e4eb2c909f8fdd3fdd889940e335fba5161dada90923e59550779efd0479fab415fdf9d7d6b2604edbd6d26600544fea9342537f1c8ba7d1b8bc739003725fd656f9386b53d2528e1cd998cf6ee58e2e44b80f06933baadc87b53159d6c05d85467804b75c5c1258a7ebc7c59eec65278711293f83ea84c205ab5a520929bad2ae3863152dcb2783e85582ba804285fe8d3bfd9fb8f95456aa3213e0291a8013e67dd1cb6c8ebea2e3b9253d3441dab1a4c6564babc96d69f6285b53ca7bb07bbfd87065d76cdcc6e9d5b181d8d748457f08ada427f197925885cd63fb49404369a7b210d715a071e49e8d700bec584cd7f2d9a07bda46d72e1a80221d550a6aa0d496cd4985d06fad0a28ea555368b921001310468406fbefb3fa9b3f3c9c750c6c81ba325b41ddacf21c79b09fc742c69eb253d08a52f15114ff0927c22cdd9cccce269b88fff2e318a6070dcf78d10e666d5b5af3788ea2883378482581f58d9aeea18ffe9fe8c061ff3d758c80d2f3c2c1c0a0bb541bc0a79d755de62021285e97ed0c36b094aca59f3f11ca646625e8b812dac1d8a635722966d96f1a99d854f84d02b7099c27182c6465602b0ab48205d93a24bb9a80a432d351f70dae5a77de8d17fe7d625109e2c8b222198c3d878707308cd4874ab9b7a4780e1dc2b8156e1c3a90ddeb03e04a97ac2e17374faa64239e61db3eaaaa1aad1a9c1f948c349c313a4bd28a91a72ae145d051681d087ea7320836dc45bc2ee20f88425edc597c3877fe0bd38a693b822550b01e0ca70a48f6c178cc7d09dedb86dfc807b5259e4d2726ee856e5951c8d0c4bab64ce1735ae78542872f17a43c0ba6865dbc2b06fcdb383346174bd916be43da98032b33e7d57593f0505f5ef3b76040a6d0fd9aa883110a3ff2931dadc9add0c3737bcda478b40879511035a2a17190bb6f6e440bf53d5ff58fce41985c578d6f41e76b8b78ad8381515861f324c2e56172b94952354c7d63765869d1cfc72e84cf83a762679cc0730dbb6bebf27d04c7c4a0acb4c26810ccdcdd7437f70dfcab0eb5b517159ee7881d17c063a22c31fda52165c0a24d14bef7dfe75eeee54dc46ad270380a97b5c8b2ecfaf56d065c01409d6e56141ecf20b1f74e07c957cdb16789fd943a1f90646957dd26db659419c5beb7d16e97436d6afa89dac7df1c9ffa9ec61a176dfe1caffe7b6f1deb2f6b8ad3aeccd0c7e4ef915802099f645fb76dcf4b5d80d234130a01d708535ac8e70494d56633175330e26cd91f838ea3173593416b32e6025b54e19c356ff67b7d803192693d68a6eb81f72743621a429f21dcb9aeff6dcc027db34699bdde5d1afa2088eb8a188643e34095d77fb595e9344489ea1d99683e1b03ddc7c7ffe846e35760b39928317d28acea8db656d32aa07cc38776ab0e464f06344da70197d50ff702c7de1f3b0e90398c25c3dd26e68fbb0a9ff56dd7a5633ab34955ec93a84c395f9836780a16d295b5bd1786828998c794aed2f89619ea69abb615e72a85d6c596383507fa9444b3ff7944e2ace3b439e2463339d5ee0785979476e773a8d486dff065e9e89fc3dadfc14f6f534c74098ae0c517a42aabc04a0191e1c33c00e9f7b35b8cb5ce8c35940c590368c58e0edddc37abe3c04ab1385fef4b86583cd3d06892116b70a4a6aa7cfa1aacc85f038c89ee7fefd603363322e9e8780eca38d994d722b3d35e56da04dd987660362e085e611e08e6a342444d37c05c66d6cefd0d0b17d95ad128a1a76598b35bb2b10bd967a1a1929d5e4f9bff57124288f478b8b4d6909e14809e90a53460d9bc6b727b6551a08c67023ca0e8b94ea99fc90d4fec62c14e0ddd0c73007471632be3abc73506fb17c23e81a82a1c4e473a358c6706f3c572e75ea192c41282293b8becbbc71c8017ac151791a576e052152a0a948357e8ddbdfed47689c4abde8b54ceda982bb29b7ccec04cc79b7093d9e25f9eff94386621e9c803596f932ab60e8e31c2ebf11f16596c6f71fd2d2e8435d03c637b094ebac49c002f0beb80f6f2fdf7d6803e0b6f2015c8582976379c0dc06d51c35f712e053fd29749afe5ce05865a670b45bde5356f2d5fa67f7af50b944b65b44efb437c51c7cbdad791fa282a2fe31d732e4c7d5e1", 0x2000, &(0x7f0000004bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000004740)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async) chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000003100), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="2800000058591fca3d0345f77b089855f1daf8f838ec3bb10944ef10e8eb72da280e0cf5f1e3a309fcd078c9f9c13a81af00f2cf7905fa6f5564e366015ac9c29ef284c730171d7d99a0f978345987d1981efb85cb36c296140b50984b2dc777e7363e2e34ecdcc249adbe9af48f8ef614f203d55d23e54a9755840bc19517cb9a99df93ee4e1df79680c52f00b69919e8c2facf50a010575146ef35c42a", @ANYRES16=r3, @ANYBLOB="070100000000000000000d00000008000100000000000c0006000000000000000000"], 0x28}}, 0x0) 1.563182855s ago: executing program 0 (id=3113): bpf$MAP_CREATE(0x0, &(0x7f00000009c0), 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x10) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) getsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, &(0x7f00000002c0)) ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8090ae81, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040fadb9001904"], 0x7) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x7, &(0x7f00000002c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x20000000}, 0x90) syz_open_pts(0xffffffffffffffff, 0x80) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) r2 = socket$key(0xf, 0x3, 0x2) r3 = socket$inet6(0xa, 0x6, 0x0) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c) r4 = socket$inet6(0xa, 0x6, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000280)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r5, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="040029bd7000fbdbdf25040000000500370a000900000000000000000005003700010000000000000006000000050029000000000008000300aebb88176373137509f8d8ccc260dfd47a4154c04aaa70ead161013687022e35ac7441f759b3e6d5bb9c9329dc6a245004150b3baad922000775203b012780be3d81cddd4f4dcac0f57c451af20a7a8d74353406462875f8f5892b17303889eaafc37358f1185add58203d424ecd89b0a2d5a293f508c6b0a8b36b9a416053be5fb49a965a1870ac3dd7db8ba1a2079590c3f775883676dc9bd1234c08f6afa39e0212ca8cec14cb267a7ea9dea17a0c634266c585de0a68769e459508f9dcbcdfe8b6d68d800f84df2e5914235a9b97b2fa25072693a850cbf0711183dffcf47205c9b0d36a0e909e065fa84f0a36aaac6144c42689b1a241ed8fc6c20a419522c133350688a14d105a2a2b45debfc76877425c8f0aea3103b4bc4f27760a1b9dfbacc974d8c9a00d59211250004f5b1361f7249713cce6bd4a018b6c96c6", @ANYRES32=r7, @ANYBLOB='\b\x00;\x00\b\x00\x00\x00'], 0x50}, 0x1, 0x0, 0x0, 0x48000}, 0x81) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4) bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @mcast1, 0x4}, 0x1c) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0206000002000c4f669b6109dd230000986569265ecbe2ba201aa34f9cb8b63df2fc655b6001c6304064e073dc7e2363a08721c62376ceddec33ecf214669dc832a899c582d360ba2c3431607883f363e2ad3d048a0ca8695b060f87aeab662e15318717d89eb286771f62920bcce5830e1f843f92a3d0c40e28b01f3ee15bbc638a5e01cfa8a9b6a831a8d800b16f9f480dbecb39180a03"], 0x10}}, 0x0) r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000001680), 0x2, 0x0) write$sequencer(r8, &(0x7f00000016c0)=ANY=[@ANYBLOB='\x00'], 0x1) 1.33590262s ago: executing program 3 (id=3114): syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_dev$ttys(0xc, 0x2, 0x1) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = fcntl$dupfd(r3, 0x0, r4) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSTI(r5, 0x400448c9, &(0x7f0000000000)) 1.22881804s ago: executing program 0 (id=3115): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r1, &(0x7f0000000200)="03", 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) shutdown(r1, 0x1) getsockopt$bt_hci(r1, 0x84, 0x7d, &(0x7f0000003280)=""/4104, &(0x7f0000001080)=0x1008) r2 = syz_open_dev$vcsn(&(0x7f0000000080), 0xf0, 0x0) r3 = io_uring_setup(0x1de0, &(0x7f0000000440)) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000100)={'vcan0\x00', 0x200}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r3, 0x15, &(0x7f0000000000)=[@ioring_restriction_sqe_flags_allowed={0x2, 0xb}], 0x1) syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201fa0031129040b4040210d9810102030109021b0001000000000904"], 0x0) 1.009791362s ago: executing program 2 (id=3116): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) write$sndseq(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000600)={&(0x7f00000002c0)={0x14, 0x0, 0x204, 0x0, 0x25dfdbfd, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB="02c8000af905000100011302000000d9702fcbe1f5f90034236f538b4f6df0ac1192514fe223364ef04a5071d2787b5d34bdabcaea06981787834772912835507571560092fa"], 0xf) mount$fuse(0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX]) newfstatat(0xffffffffffffff9c, &(0x7f00000008c0)='./file0\x00', 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) writev(0xffffffffffffffff, &(0x7f0000001340)=[{&(0x7f0000000a40)='e', 0x1}], 0x1) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r3}, 0x38) 309.425431ms ago: executing program 3 (id=3117): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, 0x0, 0x0) 40.781384ms ago: executing program 3 (id=3118): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edd9ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2e9a20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928b49ea55bb2c80b9ae30e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846899c6b23c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33694f40000000000005d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b95bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e8"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r1, &(0x7f0000000300)=""/200, 0xc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x335}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000700)={{0x8, 0x89}, 'port1\x00', 0x1, 0x4, 0xa, 0x4041005, 0xdeb, 0xfffffffb, 0x6, 0x0, 0x1, 0x2}) tkill(r0, 0x7) 0s ago: executing program 4 (id=3060): setsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x2}, 0x48) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e24}}, 0x10) sendmmsg$unix(r3, &(0x7f0000004400), 0x400000000000203, 0x0) kernel console output (not intermixed with test programs): x9/0x10 [ 908.150593][T16010] ? security_socket_sendmsg+0x87/0xb0 [ 908.156049][T16010] ? __pfx_netlink_sendmsg+0x10/0x10 [ 908.161326][T16010] __sock_sendmsg+0x221/0x270 [ 908.165994][T16010] ____sys_sendmsg+0x525/0x7d0 [ 908.170756][T16010] ? __pfx_____sys_sendmsg+0x10/0x10 [ 908.176043][T16010] __sys_sendmsg+0x2b0/0x3a0 [ 908.180627][T16010] ? __pfx___sys_sendmsg+0x10/0x10 [ 908.185731][T16010] ? vfs_write+0x7c4/0xc90 [ 908.190176][T16010] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 908.196502][T16010] ? do_syscall_64+0x100/0x230 [ 908.201272][T16010] ? do_syscall_64+0xb6/0x230 [ 908.205964][T16010] do_syscall_64+0xf3/0x230 [ 908.210463][T16010] ? clear_bhb_loop+0x35/0x90 [ 908.215139][T16010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.221024][T16010] RIP: 0033:0x7ffa5ab75bd9 [ 908.225462][T16010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 908.245071][T16010] RSP: 002b:00007ffa5b8a0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 908.253484][T16010] RAX: ffffffffffffffda RBX: 00007ffa5ad03f60 RCX: 00007ffa5ab75bd9 [ 908.261447][T16010] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 908.269412][T16010] RBP: 00007ffa5b8a00a0 R08: 0000000000000000 R09: 0000000000000000 [ 908.277371][T16010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 908.285333][T16010] R13: 000000000000000b R14: 00007ffa5ad03f60 R15: 00007fff9ceeaf78 [ 908.293310][T16010] [ 908.353720][T11568] Bluetooth: hci4: command tx timeout [ 909.201377][ T2434] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 909.235819][ T2434] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 909.247393][ T2434] bond0 (unregistering): Released all slaves [ 909.291669][T15956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 909.308990][T15956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 909.342080][T15956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 909.436165][T16016] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2662'. [ 909.788066][T15956] hsr_slave_0: entered promiscuous mode [ 909.811988][T15956] hsr_slave_1: entered promiscuous mode [ 909.820560][T15956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 909.840304][T15956] Cannot create hsr debugfs directory [ 910.046505][ T2434] hsr_slave_0: left promiscuous mode [ 910.057848][ T2434] hsr_slave_1: left promiscuous mode [ 910.076840][ T2434] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 910.089798][ T2434] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 910.113622][T11568] Bluetooth: hci1: command tx timeout [ 910.124329][ T2434] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 910.133171][ T2434] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 910.169684][ T2434] veth1_macvtap: left promiscuous mode [ 910.181254][ T2434] veth0_macvtap: left promiscuous mode [ 910.208154][ T2434] veth1_vlan: left promiscuous mode [ 910.218931][ T2434] veth0_vlan: left promiscuous mode [ 910.434275][T11568] Bluetooth: hci4: command tx timeout [ 911.112012][ T2434] team0 (unregistering): Port device team_slave_1 removed [ 911.211808][ T2434] team0 (unregistering): Port device team_slave_0 removed [ 911.748698][T16050] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2675'. [ 911.934975][T15919] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 911.965395][T15919] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 912.049143][T16059] tty tty20: ldisc open failed (-12), clearing slot 19 [ 912.067487][T15919] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 912.162928][T15919] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 912.523676][T11568] Bluetooth: hci4: command tx timeout [ 912.540481][T15919] 8021q: adding VLAN 0 to HW filter on device bond0 [ 912.553463][ T25] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 912.589862][T15919] 8021q: adding VLAN 0 to HW filter on device team0 [ 912.649414][T15956] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 912.664694][T11204] bridge0: port 1(bridge_slave_0) entered blocking state [ 912.671899][T11204] bridge0: port 1(bridge_slave_0) entered forwarding state [ 912.695206][T11204] bridge0: port 2(bridge_slave_1) entered blocking state [ 912.702390][T11204] bridge0: port 2(bridge_slave_1) entered forwarding state [ 912.728370][T15956] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 912.759350][T15956] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 912.778794][ T25] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 912.790223][ T25] usb 1-1: config 1 has an invalid descriptor of length 144, skipping remainder of the config [ 912.802248][ T25] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 912.824679][T15956] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 912.839094][ T25] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 18, changing to 8 [ 912.852366][ T25] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8279, setting to 1024 [ 912.884265][ T25] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 912.895376][ T25] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 912.904708][ T25] usb 1-1: Product: syz [ 912.909010][ T25] usb 1-1: Manufacturer: syz [ 912.936067][ T25] cdc_wdm 1-1:1.0: skipping garbage [ 912.941280][ T25] cdc_wdm 1-1:1.0: skipping garbage [ 912.968090][T15919] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 912.984551][ T25] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 912.990457][ T25] cdc_wdm 1-1:1.0: Unknown control protocol [ 913.111392][T15956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 913.180193][T15956] 8021q: adding VLAN 0 to HW filter on device team0 [ 913.195892][ T5134] usb 1-1: USB disconnect, device number 37 [ 913.204772][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 913.211866][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 913.267532][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 913.274709][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 913.551403][T15919] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 913.681767][T16096] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2685'. [ 913.695673][T15919] veth0_vlan: entered promiscuous mode [ 913.710629][T15956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 913.745366][T15919] veth1_vlan: entered promiscuous mode [ 913.850490][T15919] veth0_macvtap: entered promiscuous mode [ 913.881540][T15919] veth1_macvtap: entered promiscuous mode [ 913.896456][T15956] veth0_vlan: entered promiscuous mode [ 913.911219][T15919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.923149][T15919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.933748][T15919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.948103][T15919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.958770][T15919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 913.969786][T15919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 913.986639][T15919] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 914.010640][T15956] veth1_vlan: entered promiscuous mode [ 914.058475][T15919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 914.080118][T15919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.092212][T15919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 914.110123][T15919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.121497][T15919] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 914.133057][T15919] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 914.236603][T15919] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 914.384587][T15956] veth0_macvtap: entered promiscuous mode [ 914.545350][T16108] FAULT_INJECTION: forcing a failure. [ 914.545350][T16108] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 914.559849][T16108] CPU: 0 PID: 16108 Comm: syz.1.2689 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 914.570018][T16108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 914.580078][T16108] Call Trace: [ 914.583361][T16108] [ 914.586298][T16108] dump_stack_lvl+0x241/0x360 [ 914.590994][T16108] ? __pfx_dump_stack_lvl+0x10/0x10 [ 914.596204][T16108] ? __pfx__printk+0x10/0x10 [ 914.600815][T16108] should_fail_ex+0x3b0/0x4e0 [ 914.605516][T16108] prepare_alloc_pages+0x1da/0x5d0 [ 914.610646][T16108] __alloc_pages_noprof+0x166/0x6c0 [ 914.615866][T16108] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 914.621592][T16108] ? __walk_iomem_res_desc+0x4de/0x560 [ 914.627078][T16108] alloc_pages_mpol_noprof+0x3e8/0x680 [ 914.632554][T16108] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 914.638541][T16108] ? __phys_addr+0xba/0x170 [ 914.643056][T16108] ? machine_kexec_prepare+0xc26/0xe20 [ 914.648523][T16108] ? alloc_pages_noprof+0xef/0x170 [ 914.653649][T16108] kimage_alloc_pages+0xc8/0x340 [ 914.658605][T16108] kimage_alloc_page+0x88/0x760 [ 914.663479][T16108] kimage_load_segment+0x5f7/0x9f0 [ 914.668611][T16108] do_kexec_load+0x4e5/0x6a0 [ 914.673222][T16108] __se_sys_kexec_load+0x12b/0x160 [ 914.678364][T16108] do_syscall_64+0xf3/0x230 [ 914.682882][T16108] ? clear_bhb_loop+0x35/0x90 [ 914.687573][T16108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 914.693482][T16108] RIP: 0033:0x7f2cab775bd9 [ 914.697904][T16108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 914.717514][T16108] RSP: 002b:00007f2cac590048 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 914.725939][T16108] RAX: ffffffffffffffda RBX: 00007f2cab904038 RCX: 00007f2cab775bd9 [ 914.733914][T16108] RDX: 0000000020000900 RSI: 0000000000000002 RDI: 0000000000000000 [ 914.741887][T16108] RBP: 00007f2cac5900a0 R08: 0000000000000000 R09: 0000000000000000 [ 914.749860][T16108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 914.757849][T16108] R13: 000000000000006e R14: 00007f2cab904038 R15: 00007fff6b66a938 [ 914.766279][T16108] [ 914.769353][ C0] vkms_vblank_simulate: vblank timer overrun [ 914.863579][T15919] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 915.142338][T15919] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 915.151807][T15919] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 915.161872][T15919] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 915.284234][T15956] veth1_macvtap: entered promiscuous mode [ 915.333513][T16115] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 915.356653][T15956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 915.380153][T16115] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 915.383284][T15956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 915.414600][T15956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 915.426091][T15956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 915.431879][T16121] xt_CT: You must specify a L4 protocol and not use inversions on it [ 915.436331][T11568] Bluetooth: hci2: unknown advertising packet type: 0x07 [ 915.455979][T15956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 915.475501][T15956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 915.485827][T15956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 915.496401][T15956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 915.508922][T15956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 915.524196][T15956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 915.535705][T15956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 915.545622][T15956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 915.556548][T15956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 915.566676][T15956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 915.577981][T15956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 915.588801][T15956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 915.599558][T15956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 915.614558][T15956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 915.650812][T15956] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 915.674837][T15956] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 915.693818][T15956] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 915.702760][T15956] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 915.850220][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 915.900122][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 916.004306][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 916.022690][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 916.074610][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 916.115371][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 916.212180][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 916.239794][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 916.259821][ T29] audit: type=1326 audit(2000000016.430:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 916.312836][ T29] audit: type=1326 audit(2000000016.430:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 916.450239][T11568] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 916.468909][ T29] audit: type=1326 audit(2000000016.430:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 917.054227][ T29] audit: type=1326 audit(2000000016.430:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 917.086921][ T29] audit: type=1326 audit(2000000016.430:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 917.109054][ T29] audit: type=1326 audit(2000000016.430:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 917.264388][ T29] audit: type=1326 audit(2000000016.430:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 917.428963][ T29] audit: type=1326 audit(2000000016.430:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 917.562053][ T29] audit: type=1326 audit(2000000016.430:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16134 comm="syz.2.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c30775bd9 code=0x7ffc0000 [ 917.717985][T16165] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2708'. [ 919.126581][T16193] netlink: 'syz.2.2714': attribute type 13 has an invalid length. [ 919.164882][T16193] veth0_macvtap: left promiscuous mode [ 919.172922][T16193] macvtap0: entered promiscuous mode [ 919.239496][T16193] macvtap0: refused to change device tx_queue_len [ 919.623592][ T9816] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 920.032673][ T9816] usb 1-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0 [ 920.164173][ T9816] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 920.175364][ T9816] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 920.202008][ T9816] usb 1-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 920.220690][ T9816] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 920.230410][T16216] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2722'. [ 920.239743][ T9816] usb 1-1: Product: syz [ 920.246017][ T9816] usb 1-1: Manufacturer: syz [ 920.250646][ T9816] usb 1-1: SerialNumber: syz [ 920.283105][ T9816] usb 1-1: config 0 descriptor?? [ 920.296654][ T9816] usb-storage 1-1:0.0: USB Mass Storage device detected [ 920.322478][ T9816] usb-storage 1-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 920.346040][T16218] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 920.367655][ T12] Bluetooth: hci5: Frame reassembly failed (-84) [ 920.501602][ T9816] usb 1-1: USB disconnect, device number 38 [ 921.884504][ T5130] usb 5-1: new high-speed USB device number 55 using dummy_hcd [ 922.290636][ T5130] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 922.301569][ T5130] usb 5-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4 [ 922.313157][ T5130] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 922.313635][ T9816] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 922.363401][T11568] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 922.608026][ T5130] usb 5-1: config 0 descriptor?? [ 922.676002][ T5130] rndis_host 5-1:0.0: probe with driver rndis_host failed with error -22 [ 922.878130][T16235] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 922.944208][T16235] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 922.971885][ T5130] usb 5-1: USB disconnect, device number 55 [ 922.978165][ T9816] usb 1-1: Using ep0 maxpacket: 32 [ 922.994648][ T9816] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 923.105617][ T9816] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 923.123333][ T9816] usb 1-1: Product: syz [ 923.132948][ T9816] usb 1-1: Manufacturer: syz [ 923.143267][ T9816] usb 1-1: SerialNumber: syz [ 923.151363][ T9816] usb 1-1: config 0 descriptor?? [ 923.166614][ T9816] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 923.669211][ T5087] Bluetooth: hci3: command 0x0406 tx timeout [ 923.935843][ T9816] gspca_stk1135: reg_w 0x2 err -110 [ 923.950623][ T9816] gspca_stk1135: serial bus timeout: status=0x00 [ 923.958556][ T9816] gspca_stk1135: Sensor write failed [ 923.964104][ T9816] gspca_stk1135: serial bus timeout: status=0x00 [ 923.970492][ T9816] gspca_stk1135: Sensor write failed [ 923.990103][ T9816] gspca_stk1135: serial bus timeout: status=0x00 [ 924.002362][ T9816] gspca_stk1135: Sensor read failed [ 924.010539][ T9816] gspca_stk1135: serial bus timeout: status=0x00 [ 924.021576][ T9816] gspca_stk1135: Sensor read failed [ 924.040701][ T9816] gspca_stk1135: Detected sensor type unknown (0x0) [ 924.045462][T16258] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2735'. [ 924.058965][ T9816] gspca_stk1135: serial bus timeout: status=0x00 [ 924.074575][ T9816] gspca_stk1135: Sensor read failed [ 924.205244][ T9816] gspca_stk1135: serial bus timeout: status=0x00 [ 924.211657][ T9816] gspca_stk1135: Sensor read failed [ 924.216997][ T9816] gspca_stk1135: serial bus timeout: status=0x00 [ 924.223741][ T9816] gspca_stk1135: Sensor write failed [ 924.229026][ T9816] gspca_stk1135: serial bus timeout: status=0x00 [ 924.235574][ T9816] gspca_stk1135: Sensor write failed [ 924.240937][ T9816] stk1135 1-1:0.0: probe with driver stk1135 failed with error -110 [ 925.723877][ T25] usb 1-1: USB disconnect, device number 39 [ 925.730721][T11204] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 925.968190][T11204] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 926.009432][T11204] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 926.042518][T11204] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 926.076508][T11204] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 926.096698][T11204] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 926.144388][T11204] usb 4-1: config 0 descriptor?? [ 926.311333][T11204] usb 4-1: can't set config #0, error -71 [ 926.339014][T11204] usb 4-1: USB disconnect, device number 50 [ 927.916057][T16298] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 927.930506][ T51] Bluetooth: hci5: Frame reassembly failed (-84) [ 928.013395][T11204] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 928.223336][T11204] usb 2-1: Using ep0 maxpacket: 32 [ 928.247013][T11204] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 928.266477][T11204] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 928.276225][T11204] usb 2-1: Product: syz [ 928.291950][T11204] usb 2-1: Manufacturer: syz [ 928.301827][T11204] usb 2-1: SerialNumber: syz [ 928.320364][T11204] usb 2-1: config 0 descriptor?? [ 928.337655][T16303] IPVS: Scheduler module ip_vs_sip not found [ 928.355630][T11204] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 928.850815][T16310] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 928.859572][T16310] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 929.018377][ T5130] usb 4-1: new high-speed USB device number 51 using dummy_hcd [ 929.027096][T11204] gspca_stk1135: reg_w 0x2 err -110 [ 929.044539][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 929.051348][T11204] gspca_stk1135: Sensor write failed [ 929.057001][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 929.063599][T11204] gspca_stk1135: Sensor write failed [ 929.069174][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 929.076371][T11204] gspca_stk1135: Sensor read failed [ 929.093591][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 929.100180][T11204] gspca_stk1135: Sensor read failed [ 929.105631][T11204] gspca_stk1135: Detected sensor type unknown (0x0) [ 929.114272][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 929.120888][T11204] gspca_stk1135: Sensor read failed [ 929.126496][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 929.133031][T11204] gspca_stk1135: Sensor read failed [ 929.138838][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 929.148611][T11204] gspca_stk1135: Sensor write failed [ 929.154120][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 929.160687][T11204] gspca_stk1135: Sensor write failed [ 929.166831][T11204] stk1135 2-1:0.0: probe with driver stk1135 failed with error -110 [ 929.548933][T16313] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2749'. [ 929.646885][ T5130] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 929.660080][ T5130] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 929.670623][ T5130] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 929.685533][ T5130] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 929.698065][ T5130] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 929.710045][ T5130] usb 4-1: config 0 descriptor?? [ 929.953406][ T5087] Bluetooth: hci5: command 0x1003 tx timeout [ 929.953450][T11568] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 931.023320][ T9816] usb 2-1: USB disconnect, device number 45 [ 931.500423][T16308] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 931.510933][T16308] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 931.796887][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.803414][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.445948][T16344] binder: 16342:16344 ioctl c018620c 20000100 returned -1 [ 932.497051][T16347] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2759'. [ 932.536359][T16347] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2759'. [ 932.808570][ T5130] usbhid 4-1:0.0: can't add hid device: -71 [ 932.830812][ T5130] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 932.841888][ T5130] usb 4-1: USB disconnect, device number 51 [ 932.848212][T16358] netlink: 'syz.1.2765': attribute type 3 has an invalid length. [ 933.038651][ T1104] Bluetooth: hci5: Frame reassembly failed (-84) [ 933.057330][T16362] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 933.812969][ T5087] Bluetooth: hci1: Malformed Event: 0x02 [ 934.654546][T16390] FAULT_INJECTION: forcing a failure. [ 934.654546][T16390] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 934.667811][T16390] CPU: 0 PID: 16390 Comm: syz.4.2776 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 934.677983][T16390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 934.688052][T16390] Call Trace: [ 934.691340][T16390] [ 934.694283][T16390] dump_stack_lvl+0x241/0x360 [ 934.699028][T16390] ? __pfx_dump_stack_lvl+0x10/0x10 [ 934.704273][T16390] ? __pfx__printk+0x10/0x10 [ 934.708887][T16390] ? __pfx_lock_release+0x10/0x10 [ 934.713939][T16390] should_fail_ex+0x3b0/0x4e0 [ 934.718645][T16390] _copy_from_user+0x2f/0xe0 [ 934.720070][T16393] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2777'. [ 934.723244][T16390] drm_ioctl+0x577/0xad0 [ 934.723274][T16390] ? __pfx_drm_setmaster_ioctl+0x10/0x10 [ 934.723308][T16390] ? __pfx_drm_ioctl+0x10/0x10 [ 934.723343][T16390] ? bpf_lsm_file_ioctl+0x9/0x10 [ 934.723364][T16390] ? security_file_ioctl+0x87/0xb0 [ 934.723383][T16390] ? __pfx_drm_ioctl+0x10/0x10 [ 934.723405][T16390] __se_sys_ioctl+0xfc/0x170 [ 934.723430][T16390] do_syscall_64+0xf3/0x230 [ 934.723456][T16390] ? clear_bhb_loop+0x35/0x90 [ 934.723483][T16390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 934.723507][T16390] RIP: 0033:0x7f9929175bd9 [ 934.723525][T16390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 934.723540][T16390] RSP: 002b:00007f9929e79048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 934.723562][T16390] RAX: ffffffffffffffda RBX: 00007f9929303f60 RCX: 00007f9929175bd9 [ 934.723578][T16390] RDX: 0000000000000000 RSI: 000000000000641e RDI: 0000000000000004 [ 934.723591][T16390] RBP: 00007f9929e790a0 R08: 0000000000000000 R09: 0000000000000000 [ 934.723603][T16390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 934.723616][T16390] R13: 000000000000000b R14: 00007f9929303f60 R15: 00007fff2ce4e4a8 [ 934.723645][T16390] [ 934.864059][T16396] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2777'. [ 935.013704][ T5130] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 935.075271][T11568] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 935.083075][ T5087] Bluetooth: hci5: command 0x1003 tx timeout [ 935.236838][ T5130] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 935.246042][ T5130] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 935.267911][ T5130] usb 3-1: config 0 descriptor?? [ 935.288464][T11568] Bluetooth: hci3: unexpected event for opcode 0x0c7b [ 935.292698][T16408] netlink: 'syz.1.2781': attribute type 178 has an invalid length. [ 935.999799][ T5130] usb 3-1: Cannot set MAC address [ 936.023867][ T5130] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 936.057275][ T5130] usb 3-1: USB disconnect, device number 42 [ 936.083650][ T5162] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 936.105973][T16424] Bluetooth: MGMT ver 1.22 [ 936.292506][ T5162] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 936.337077][ T5162] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 936.353114][ T5162] usb 1-1: too many endpoints for config 1 interface 1 altsetting 48: 49, using maximum allowed: 30 [ 936.372398][ T5162] usb 1-1: config 1 interface 1 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 49 [ 936.394523][ T5162] usb 1-1: config 1 interface 1 has no altsetting 0 [ 936.428662][ T5162] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 936.437967][ T5162] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 936.449772][ T5162] usb 1-1: Product: syz [ 936.454696][ T5162] usb 1-1: Manufacturer: syz [ 936.460245][ T5162] usb 1-1: SerialNumber: syz [ 936.495406][ T5162] usb 1-1: selecting invalid altsetting 1 [ 936.506257][ T5162] usb 1-1: selecting invalid altsetting 0 [ 936.573980][ T5132] usb 4-1: new high-speed USB device number 52 using dummy_hcd [ 936.585200][ T5162] usb 1-1: selecting invalid altsetting 0 [ 936.591432][ T5162] cdc_ncm 1-1:1.0: bind() failure [ 936.866818][ T5132] usb 4-1: Using ep0 maxpacket: 16 [ 936.878360][ T5132] usb 4-1: unable to get BOS descriptor or descriptor too short [ 936.902595][ T5132] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 937.092579][ T5132] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 937.115145][ T5132] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 937.134772][ T5132] usb 4-1: Product: syz [ 937.146594][ T5132] usb 4-1: Manufacturer: syz [ 937.158394][ T5132] usb 4-1: SerialNumber: syz [ 937.198792][ T5132] cdc_ether 4-1:1.0: skipping garbage [ 937.210908][ T5132] usb 4-1: bad CDC descriptors [ 937.255861][T11568] Bluetooth: hci3: unexpected event for opcode 0x2039 [ 937.364599][T16446] FAULT_INJECTION: forcing a failure. [ 937.364599][T16446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 937.387621][T16446] CPU: 1 PID: 16446 Comm: syz.1.2793 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 937.397814][T16446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 937.407886][T16446] Call Trace: [ 937.411179][T16446] [ 937.414126][T16446] dump_stack_lvl+0x241/0x360 [ 937.418835][T16446] ? __pfx_dump_stack_lvl+0x10/0x10 [ 937.424155][T16446] ? __pfx__printk+0x10/0x10 [ 937.428771][T16446] ? __pfx_lock_release+0x10/0x10 [ 937.433822][T16446] should_fail_ex+0x3b0/0x4e0 [ 937.438528][T16446] _copy_from_user+0x2f/0xe0 [ 937.443144][T16446] copy_msghdr_from_user+0xae/0x680 [ 937.448372][T16446] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 937.454215][T16446] do_recvmmsg+0x40f/0xae0 [ 937.458647][T16446] ? __pfx_lock_release+0x10/0x10 [ 937.463676][T16446] ? __pfx_do_recvmmsg+0x10/0x10 [ 937.468628][T16446] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 937.474523][T16446] ? ksys_write+0x23e/0x2c0 [ 937.479023][T16446] ? __pfx_lock_release+0x10/0x10 [ 937.484062][T16446] ? vfs_write+0x7c4/0xc90 [ 937.488499][T16446] ? __mutex_unlock_slowpath+0x21d/0x750 [ 937.494155][T16446] ? __fget_files+0x3f6/0x470 [ 937.498856][T16446] __x64_sys_recvmmsg+0x199/0x250 [ 937.503886][T16446] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 937.509436][T16446] ? do_syscall_64+0x100/0x230 [ 937.514201][T16446] ? do_syscall_64+0xb6/0x230 [ 937.518874][T16446] do_syscall_64+0xf3/0x230 [ 937.523377][T16446] ? clear_bhb_loop+0x35/0x90 [ 937.528058][T16446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 937.533944][T16446] RIP: 0033:0x7f2cab775bd9 [ 937.538353][T16446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 937.557949][T16446] RSP: 002b:00007f2cac590048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 937.566368][T16446] RAX: ffffffffffffffda RBX: 00007f2cab904038 RCX: 00007f2cab775bd9 [ 937.574334][T16446] RDX: 0000000000000002 RSI: 0000000020000700 RDI: 000000000000000d [ 937.582297][T16446] RBP: 00007f2cac5900a0 R08: 0000000000000000 R09: 0000000000000000 [ 937.590266][T16446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 937.598239][T16446] R13: 000000000000006e R14: 00007f2cab904038 R15: 00007fff6b66a938 [ 937.606215][T16446] [ 938.233698][ T8] usb 4-1: USB disconnect, device number 52 [ 939.332463][ T4396] Bluetooth: hci5: Frame reassembly failed (-84) [ 939.357408][T16464] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 939.364273][ T9816] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 939.563313][ T9816] usb 2-1: Using ep0 maxpacket: 8 [ 939.577571][ T9816] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 939.596314][ T9816] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 939.647317][ T9816] usb 2-1: config 0 descriptor?? [ 939.841852][ T5162] usb 1-1: selecting invalid altsetting 0 [ 939.852171][ T5162] usbtest 1-1:1.1: probe with driver usbtest failed with error -22 [ 939.868274][ T5162] usb 1-1: USB disconnect, device number 40 [ 940.013384][ T25] usb 4-1: new high-speed USB device number 53 using dummy_hcd [ 940.046552][T16477] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2804'. [ 940.225671][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 940.245575][ T25] usb 4-1: config 167 has too many interfaces: 202, using maximum allowed: 32 [ 940.263244][ T25] usb 4-1: config 167 has 1 interface, different from the descriptor's value: 202 [ 940.299367][ T25] usb 4-1: New USB device found, idVendor=1025, idProduct=005f, bcdDevice=fe.29 [ 940.320540][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 940.332461][ T25] usb 4-1: Product: syz [ 940.338231][ T25] usb 4-1: Manufacturer: syz [ 940.342841][ T25] usb 4-1: SerialNumber: syz [ 940.355310][ T25] dvb-usb: found a 'Unknown USB1.1 DVB-T device ???? please report the name to the author' in warm state. [ 940.373910][ T25] dvb-usb: bulk message failed: -22 (3/0) [ 940.405399][ T25] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 940.415861][ T25] dvbdev: DVB: registering new adapter (Unknown USB1.1 DVB-T device ???? please report the name to the author) [ 940.427920][ T25] usb 4-1: media controller created [ 940.449737][ T25] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 940.468045][ T25] dvb-usb: bulk message failed: -22 (6/0) [ 940.475795][ T25] dvb-usb: no frontend was attached by 'Unknown USB1.1 DVB-T device ???? please report the name to the author' [ 940.489594][ T25] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input39 [ 940.502049][ T25] dvb-usb: schedule remote query interval to 150 msecs. [ 940.509089][ T25] dvb-usb: bulk message failed: -22 (3/0) [ 940.543291][ T25] dvb-usb: Unknown USB1.1 DVB-T device ???? please report the name to the author successfully initialized and connected. [ 940.670550][ T25] dvb-usb: bulk message failed: -22 (1/0) [ 940.676821][ T25] dvb-usb: error while querying for an remote control event. [ 940.863324][T11204] dvb-usb: bulk message failed: -22 (1/0) [ 940.874189][T11204] dvb-usb: error while querying for an remote control event. [ 941.043434][T11204] dvb-usb: bulk message failed: -22 (1/0) [ 941.053370][T11204] dvb-usb: error while querying for an remote control event. [ 941.247011][T11204] dvb-usb: bulk message failed: -22 (1/0) [ 941.252897][T11204] dvb-usb: error while querying for an remote control event. [ 941.453645][ T53] Bluetooth: hci5: command 0x1003 tx timeout [ 941.461243][T11568] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 941.469246][ T25] dvb-usb: bulk message failed: -22 (1/0) [ 941.479919][ T25] dvb-usb: error while querying for an remote control event. [ 941.655627][ T25] dvb-usb: bulk message failed: -22 (1/0) [ 941.778616][ T25] dvb-usb: error while querying for an remote control event. [ 942.140201][ T25] dvb-usb: bulk message failed: -22 (1/0) [ 942.183491][ T25] dvb-usb: error while querying for an remote control event. [ 942.213378][ T9816] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 942.240913][ T9816] asix 2-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 942.281044][ T9816] asix 2-1:0.0: probe with driver asix failed with error -71 [ 942.314269][ T9816] usb 2-1: USB disconnect, device number 46 [ 942.383401][ T5130] dvb-usb: bulk message failed: -22 (1/0) [ 942.389188][ T5130] dvb-usb: error while querying for an remote control event. [ 942.797373][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 942.803649][ T9816] dvb-usb: error while querying for an remote control event. [ 942.868785][T16502] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2812'. [ 942.963559][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 942.970352][ T9816] dvb-usb: error while querying for an remote control event. [ 942.978238][T16513] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2815'. [ 943.038980][ T29] audit: type=1326 audit(2000000043.210:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16519 comm="syz.2.2817" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8c30775bd9 code=0x0 [ 943.143442][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 943.153811][ T9816] dvb-usb: error while querying for an remote control event. [ 943.333776][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 943.340516][ T9816] dvb-usb: error while querying for an remote control event. [ 943.543703][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 943.552289][ T9816] dvb-usb: error while querying for an remote control event. [ 943.716360][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 943.722688][ T9816] dvb-usb: error while querying for an remote control event. [ 943.887134][T11204] dvb-usb: bulk message failed: -22 (1/0) [ 943.892921][T11204] dvb-usb: error while querying for an remote control event. [ 944.011278][T11568] Bluetooth: hci2: unknown advertising packet type: 0x07 [ 944.017731][T16542] xt_CT: You must specify a L4 protocol and not use inversions on it [ 944.055173][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 944.061518][ T9816] dvb-usb: error while querying for an remote control event. [ 944.151507][T16545] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 944.253340][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 944.259128][ T9816] dvb-usb: error while querying for an remote control event. [ 944.314392][T11204] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 944.478511][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 944.508805][ T9816] dvb-usb: error while querying for an remote control event. [ 944.519673][T11204] usb 3-1: Using ep0 maxpacket: 32 [ 944.551134][T11204] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 944.585573][T11204] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 944.607579][T11204] usb 3-1: Product: syz [ 944.619625][T11204] usb 3-1: Manufacturer: syz [ 944.643649][T16559] 9pnet_fd: Insufficient options for proto=fd [ 944.652638][T11204] usb 3-1: SerialNumber: syz [ 944.676280][T11204] usb 3-1: config 0 descriptor?? [ 944.700210][T11204] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 944.719571][T16559] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 944.753302][ T5130] dvb-usb: bulk message failed: -22 (1/0) [ 944.780767][ T5130] dvb-usb: error while querying for an remote control event. [ 945.090520][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 945.112862][ T9816] dvb-usb: error while querying for an remote control event. [ 945.454384][T16563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 945.466760][T16563] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 946.500009][T11204] gspca_stk1135: reg_w 0x2 err -110 [ 946.506768][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 946.520183][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 946.531861][ T9816] dvb-usb: error while querying for an remote control event. [ 946.548823][T11204] gspca_stk1135: Sensor write failed [ 946.577768][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 946.623335][T11204] gspca_stk1135: Sensor write failed [ 946.650250][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 946.704496][T11204] gspca_stk1135: Sensor read failed [ 946.734926][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 946.783448][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 946.789817][T11204] gspca_stk1135: Sensor read failed [ 946.813393][ T9816] dvb-usb: error while querying for an remote control event. [ 946.843563][T11204] gspca_stk1135: Detected sensor type unknown (0x0) [ 946.850207][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 946.881439][T11204] gspca_stk1135: Sensor read failed [ 946.906002][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 946.940547][T11204] gspca_stk1135: Sensor read failed [ 946.973964][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 947.038368][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 947.049420][ T9816] dvb-usb: error while querying for an remote control event. [ 947.082443][T11204] gspca_stk1135: Sensor write failed [ 947.104368][T11204] gspca_stk1135: serial bus timeout: status=0x00 [ 947.174480][T11204] gspca_stk1135: Sensor write failed [ 947.219969][T11204] stk1135 3-1:0.0: probe with driver stk1135 failed with error -110 [ 947.258260][ T9816] dvb-usb: bulk message failed: -22 (1/0) [ 947.273323][ T9816] dvb-usb: error while querying for an remote control event. [ 947.424732][ T9816] usb 4-1: USB disconnect, device number 53 [ 947.562327][ T9816] dvb-usb: Unknown USB1.1 DVB-T device ???? please successfully deinitialized and disconnected. [ 947.754916][T11204] usb 3-1: USB disconnect, device number 43 [ 947.844828][T16590] netlink: 'syz.2.2835': attribute type 27 has an invalid length. [ 947.897915][T11568] Bluetooth: hci3: unknown advertising packet type: 0x07 [ 947.915004][T16595] xt_CT: You must specify a L4 protocol and not use inversions on it [ 948.084779][T16604] tmpfs: Bad value for 'mpol' [ 949.483358][ T8] usb 5-1: new high-speed USB device number 56 using dummy_hcd [ 949.586743][T11568] Bluetooth: hci3: unknown advertising packet type: 0x07 [ 949.607138][T16649] xt_CT: You must specify a L4 protocol and not use inversions on it [ 949.655959][T16653] 9pnet_fd: Insufficient options for proto=fd [ 949.703350][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 949.725412][ T8] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 949.749185][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 949.780644][ T8] usb 5-1: Product: syz [ 949.789049][ T8] usb 5-1: Manufacturer: syz [ 949.811798][ T8] usb 5-1: SerialNumber: syz [ 950.022478][ T8] usb 5-1: config 0 descriptor?? [ 950.030655][ T8] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 950.546191][ T8] gspca_stk1135: reg_w 0x2 err -110 [ 950.790251][ T8] gspca_stk1135: serial bus timeout: status=0x00 [ 950.818276][ T8] gspca_stk1135: Sensor write failed [ 950.852978][ T8] gspca_stk1135: serial bus timeout: status=0x00 [ 950.879148][ T8] gspca_stk1135: Sensor write failed [ 950.923305][ T8] gspca_stk1135: serial bus timeout: status=0x00 [ 950.941409][ T8] gspca_stk1135: Sensor read failed [ 951.057762][T16678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 951.067224][T16678] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 951.628093][ T8] gspca_stk1135: serial bus timeout: status=0x00 [ 951.636504][ T8] gspca_stk1135: Sensor read failed [ 951.641804][ T8] gspca_stk1135: Detected sensor type unknown (0x0) [ 951.653660][ T8] gspca_stk1135: serial bus timeout: status=0x00 [ 951.674851][ T8] gspca_stk1135: Sensor read failed [ 951.688542][ T8] gspca_stk1135: serial bus timeout: status=0x00 [ 951.699995][ T8] gspca_stk1135: Sensor read failed [ 951.708553][ T8] gspca_stk1135: serial bus timeout: status=0x00 [ 951.720470][ T8] gspca_stk1135: Sensor write failed [ 951.727008][ T8] gspca_stk1135: serial bus timeout: status=0x00 [ 951.750055][ T8] gspca_stk1135: Sensor write failed [ 951.767899][ T8] stk1135 5-1:0.0: probe with driver stk1135 failed with error -110 [ 952.018880][T16693] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2860'. [ 952.420403][T16708] dccp_close: ABORT with 1 bytes unread [ 952.526829][T11568] Bluetooth: hci2: unknown advertising packet type: 0x07 [ 952.530845][T16713] xt_CT: You must specify a L4 protocol and not use inversions on it [ 952.726233][ T9816] usb 5-1: USB disconnect, device number 56 [ 952.908789][T16722] Invalid ELF header type: 0 != 1 [ 953.292230][T16740] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2870'. [ 953.405632][T16745] ISOFS: Unable to identify CD-ROM format. [ 954.013445][ T9816] usb 5-1: new high-speed USB device number 57 using dummy_hcd [ 954.231414][ T9816] usb 5-1: New USB device found, idVendor=08ca, idProduct=0104, bcdDevice=a6.74 [ 954.254566][ T9816] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 954.275512][ T9816] usb 5-1: config 0 descriptor?? [ 954.286904][ T9816] gspca_main: sunplus-2.14.0 probing 08ca:0104 [ 954.593762][ T25] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 954.745898][T16774] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8) [ 954.752463][T16774] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 954.763693][T16774] vhci_hcd vhci_hcd.0: Device attached [ 954.784652][T16774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 954.797084][T16774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 954.803377][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 954.807219][T16774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 954.823632][ T9816] gspca_sunplus: reg_r err -110 [ 954.824372][T16774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 954.832785][ T25] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 954.839983][T16774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 954.846400][ T9816] sunplus 5-1:0.0: probe with driver sunplus failed with error -110 [ 954.857962][T16774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 954.873521][T16774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 954.874834][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 954.890598][T16774] vhci_hcd vhci_hcd.0: port 0 already used [ 954.891953][ T25] usb 1-1: Product: syz [ 954.901883][ T25] usb 1-1: Manufacturer: syz [ 954.915550][ T25] usb 1-1: SerialNumber: syz [ 954.937818][T16777] vhci_hcd: connection closed [ 954.938097][ T1104] vhci_hcd: stop threads [ 954.951264][ T1104] vhci_hcd: release socket [ 954.956296][ T1104] vhci_hcd: disconnect device [ 954.956635][ T25] usb 1-1: config 0 descriptor?? [ 954.966438][T11204] vhci_hcd: vhci_device speed not set [ 954.975596][ T25] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 955.612943][ T25] gspca_stk1135: reg_w 0x2 err -110 [ 955.905433][T16798] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 955.915045][T16798] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 955.947829][ T25] gspca_stk1135: serial bus timeout: status=0x00 [ 955.954532][ T25] gspca_stk1135: Sensor write failed [ 955.959938][ T25] gspca_stk1135: serial bus timeout: status=0x00 [ 955.966519][ T25] gspca_stk1135: Sensor write failed [ 955.971912][ T25] gspca_stk1135: serial bus timeout: status=0x00 [ 956.056214][ T25] gspca_stk1135: Sensor read failed [ 956.188037][ T25] gspca_stk1135: serial bus timeout: status=0x00 [ 956.365009][ T25] gspca_stk1135: Sensor read failed [ 956.386805][ T25] gspca_stk1135: Detected sensor type unknown (0x0) [ 956.410748][ T25] gspca_stk1135: serial bus timeout: status=0x00 [ 956.420462][ T25] gspca_stk1135: Sensor read failed [ 956.426114][ T25] gspca_stk1135: serial bus timeout: status=0x00 [ 956.433034][ T25] gspca_stk1135: Sensor read failed [ 956.438548][ T25] gspca_stk1135: serial bus timeout: status=0x00 [ 956.444944][ T25] gspca_stk1135: Sensor write failed [ 956.451775][ T25] gspca_stk1135: serial bus timeout: status=0x00 [ 956.459993][ T25] gspca_stk1135: Sensor write failed [ 956.465923][ T25] stk1135 1-1:0.0: probe with driver stk1135 failed with error -110 [ 956.763690][T11204] usb 5-1: USB disconnect, device number 57 [ 956.929214][ T25] usb 4-1: new high-speed USB device number 54 using dummy_hcd [ 957.113467][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 957.135715][ T25] usb 4-1: config 0 has an invalid interface number: 11 but max is 0 [ 957.144240][ T25] usb 4-1: config 0 has no interface number 0 [ 957.150995][ T25] usb 4-1: config 0 interface 11 has no altsetting 0 [ 957.158326][ T25] usb 4-1: New USB device found, idVendor=1164, idProduct=0622, bcdDevice=5a.16 [ 957.171697][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 957.186720][ T25] usb 4-1: config 0 descriptor?? [ 957.198663][ T25] pvrusb2: Hardware description: Gotview USB 2.0 DVD 2 [ 957.209060][ T25] usb 4-1: selecting invalid altsetting 0 [ 957.215417][ T1960] pvrusb2: Invalid write control endpoint [ 957.296854][ T1960] pvrusb2: Invalid write control endpoint [ 957.310283][ T1960] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 957.338195][ T1960] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 957.355033][ T1960] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 957.367015][ T1960] pvrusb2: Device being rendered inoperable [ 957.380338][ T1960] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 957.390320][ T1960] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_g) [ 957.421224][ T1960] pvrusb2: Attached sub-driver cx25840 [ 957.463155][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 957.473609][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 957.481770][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 957.525050][ T5162] usb 1-1: USB disconnect, device number 41 [ 957.525791][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 957.600352][ T1960] pvrusb2: Module ID 4 (tuner) for device Gotview USB 2.0 DVD 2 failed to load. Possible missing sub-device kernel module or initialization failure within module. [ 957.602349][T16806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2889'. [ 957.637550][ C0] TCP: MD5 Hash mismatch for [::1].2->[::1].2 [.]L3 index 0 [ 957.645503][ C0] TCP: MD5 Hash mismatch for [::1].2->[::1].2 [P.]L3 index 0 [ 957.828256][ T1960] TUNER: Unable to find symbol tda829x_probe() [ 957.852453][ T5162] usb 4-1: USB disconnect, device number 54 [ 957.921872][ T1960] DVB: Unable to find symbol tda9887_attach() [ 957.936029][ T29] audit: type=1326 audit(2000000001.550:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16830 comm="syz.0.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa5ab75bd9 code=0x7ffc0000 [ 957.946182][ T1960] tuner: 1-0043: Tuner 4 found with type(s) Radio TV. [ 957.989656][ T1960] pvrusb2: Attached sub-driver tuner [ 957.990552][ T29] audit: type=1326 audit(2000000001.550:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16830 comm="syz.0.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa5ab75bd9 code=0x7ffc0000 [ 958.016651][ C1] vkms_vblank_simulate: vblank timer overrun [ 958.016940][ T1960] pvrusb2: ***WARNING*** pvrusb2 driver initialization failed due to the failure of one or more sub-device kernel modules. [ 958.036340][ T1960] pvrusb2: You need to resolve the failing condition before this driver can function. There should be some earlier messages giving more information about the problem. [ 958.063468][ T29] audit: type=1326 audit(2000000001.550:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16830 comm="syz.0.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7ffa5ab75bd9 code=0x7ffc0000 [ 958.084959][ C1] vkms_vblank_simulate: vblank timer overrun [ 958.131587][ T29] audit: type=1326 audit(2000000001.550:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16830 comm="syz.0.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa5ab75bd9 code=0x7ffc0000 [ 958.153150][ C1] vkms_vblank_simulate: vblank timer overrun [ 958.206311][ T29] audit: type=1326 audit(2000000001.550:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16830 comm="syz.0.2896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa5ab75bd9 code=0x7ffc0000 [ 958.485582][T16839] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2897'. [ 958.963487][ T25] usb 5-1: new high-speed USB device number 58 using dummy_hcd [ 959.935545][ T25] usb 5-1: New USB device found, idVendor=08ca, idProduct=0104, bcdDevice=a6.74 [ 959.953242][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 959.973712][ T25] usb 5-1: config 0 descriptor?? [ 959.984811][ T25] gspca_main: sunplus-2.14.0 probing 08ca:0104 [ 960.520130][ T25] gspca_sunplus: reg_r err -110 [ 960.538931][ T25] sunplus 5-1:0.0: probe with driver sunplus failed with error -110 [ 960.917507][T16874] binder: 16870:16874 ioctl c0306201 0 returned -14 [ 961.649394][T11204] usb 5-1: USB disconnect, device number 58 [ 962.068865][T16883] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2911'. [ 962.214365][T11204] usb 5-1: new high-speed USB device number 59 using dummy_hcd [ 962.433412][T11204] usb 5-1: Using ep0 maxpacket: 8 [ 962.478139][T11204] usb 5-1: config 0 has an invalid interface number: 11 but max is 0 [ 962.555510][T11204] usb 5-1: config 0 has no interface number 0 [ 962.581784][T11204] usb 5-1: config 0 interface 11 has no altsetting 0 [ 962.622294][T11204] usb 5-1: New USB device found, idVendor=1164, idProduct=0622, bcdDevice=5a.16 [ 962.636462][T11568] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 962.685230][T11204] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 962.718853][T11204] usb 5-1: config 0 descriptor?? [ 962.737287][T11204] pvrusb2: Hardware description: Gotview USB 2.0 DVD 2 [ 962.758100][T11204] usb 5-1: selecting invalid altsetting 0 [ 962.769994][ T1960] pvrusb2: Invalid write control endpoint [ 962.831521][ T1960] pvrusb2: Invalid write control endpoint [ 962.845885][ T1960] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 962.858244][ T1960] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 962.869524][ T1960] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 962.888434][ T1960] pvrusb2: Device being rendered inoperable [ 962.898845][ T1960] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 962.933564][ T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 962.933789][ T1960] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_g) [ 962.959042][ T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 962.969216][ T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 962.977639][ T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 962.979608][ T1960] pvrusb2: Attached sub-driver cx25840 [ 963.014317][ T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 963.030760][ T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 963.120143][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 963.133422][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 963.146020][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 963.158771][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 963.175150][ T1960] pvrusb2: Module ID 4 (tuner) for device Gotview USB 2.0 DVD 2 failed to load. Possible missing sub-device kernel module or initialization failure within module. [ 963.311358][ T1960] TUNER: Unable to find symbol tda829x_probe() [ 963.399075][ T1960] DVB: Unable to find symbol tda9887_attach() [ 963.408481][ T1960] tuner: 1-0043: Tuner 4 found with type(s) Radio TV. [ 963.429201][ T1960] pvrusb2: Attached sub-driver tuner [ 963.446843][T16880] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2912'. [ 963.456053][ T1960] pvrusb2: ***WARNING*** pvrusb2 driver initialization failed due to the failure of one or more sub-device kernel modules. [ 963.469334][ T1960] pvrusb2: You need to resolve the failing condition before this driver can function. There should be some earlier messages giving more information about the problem. [ 963.553391][T11204] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 964.461649][T16892] chnl_net:caif_netlink_parms(): no params data found [ 964.563270][T11204] usb 3-1: Using ep0 maxpacket: 8 [ 964.575657][T11204] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 964.588407][T11204] usb 3-1: config 0 has no interface number 0 [ 964.594655][ T53] Bluetooth: hci2: command 0x0406 tx timeout [ 964.602998][T11204] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 964.614273][T11204] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 964.643541][T11204] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 964.673464][ T5087] Bluetooth: hci4: command tx timeout [ 964.674681][T11204] usb 3-1: config 0 descriptor?? [ 964.713599][T11204] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 964.735889][T16892] bridge0: port 1(bridge_slave_0) entered blocking state [ 964.756196][T16892] bridge0: port 1(bridge_slave_0) entered disabled state [ 964.798902][T16892] bridge_slave_0: entered allmulticast mode [ 964.815301][T16892] bridge_slave_0: entered promiscuous mode [ 964.840599][T16892] bridge0: port 2(bridge_slave_1) entered blocking state [ 964.862862][T16892] bridge0: port 2(bridge_slave_1) entered disabled state [ 964.871674][T16892] bridge_slave_1: entered allmulticast mode [ 964.889584][T16892] bridge_slave_1: entered promiscuous mode [ 965.153427][ T5087] Bluetooth: hci5: command tx timeout [ 965.189885][T16892] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 965.209791][T16925] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 965.219897][T16925] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 965.289844][ T5133] usb 3-1: USB disconnect, device number 44 [ 965.316882][T16892] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 965.332592][ T5133] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected [ 965.953055][ T9816] usb 5-1: USB disconnect, device number 59 [ 966.078836][T16892] team0: Port device team_slave_0 added [ 966.105196][T16892] team0: Port device team_slave_1 added [ 966.232805][T16892] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 966.233596][ T5087] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 966.252441][T16892] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 966.383407][T16892] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 966.415491][T16892] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 966.422480][T16892] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 966.533414][T16892] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 966.656025][T16892] hsr_slave_0: entered promiscuous mode [ 966.701214][T16892] hsr_slave_1: entered promiscuous mode [ 966.731818][T16892] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 966.747518][T16892] Cannot create hsr debugfs directory [ 966.900874][T16946] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 966.907443][T16946] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 966.955973][T16952] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 966.965335][T16946] vhci_hcd vhci_hcd.0: Device attached [ 967.028599][T16946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 967.071336][T16946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 967.110063][T16946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 967.145664][T16946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 967.175150][ T9816] vhci_hcd: vhci_device speed not set [ 967.188174][T16946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 967.208235][T16946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 967.233808][ T5087] Bluetooth: hci5: command tx timeout [ 967.252655][T16946] vhci_hcd vhci_hcd.0: port 0 already used [ 967.269561][ T9816] usb 15-1: new full-speed USB device number 2 using vhci_hcd [ 967.314080][T16892] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 967.333542][T16892] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 967.371265][T16947] vhci_hcd: connection reset by peer [ 967.396186][ T11] vhci_hcd: stop threads [ 967.403471][ T11] vhci_hcd: release socket [ 967.533316][ T11] vhci_hcd: disconnect device [ 967.730480][T16892] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 967.761443][T16892] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 967.816017][T16965] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2929'. [ 968.038384][T16892] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 968.057760][T16892] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 968.171618][T16892] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 968.596296][T16892] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 969.333294][ T5087] Bluetooth: hci5: command tx timeout [ 969.578081][T16892] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 969.645708][T16892] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 969.686886][T16892] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 969.722984][T16892] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 969.926632][T16892] 8021q: adding VLAN 0 to HW filter on device bond0 [ 969.963154][T16892] 8021q: adding VLAN 0 to HW filter on device team0 [ 969.980357][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 969.987584][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 970.006560][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 970.013734][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 970.073337][T11204] usb 4-1: new high-speed USB device number 55 using dummy_hcd [ 970.094963][T16892] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 970.214300][ T5133] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 970.263382][T11204] usb 4-1: Using ep0 maxpacket: 32 [ 970.275481][T11204] usb 4-1: config 0 has an invalid interface number: 223 but max is 0 [ 970.291999][T11204] usb 4-1: config 0 has no interface number 0 [ 970.317874][T11204] usb 4-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=10.fe [ 970.347198][T11204] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 970.375459][T11204] usb 4-1: Product: syz [ 970.379761][T11204] usb 4-1: Manufacturer: syz [ 970.389685][T16892] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 970.395518][T11204] usb 4-1: SerialNumber: syz [ 970.406777][T11204] usb 4-1: config 0 descriptor?? [ 970.415146][ T5133] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 970.430085][ T5133] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 970.441804][ T5133] usb 3-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 4.00 [ 970.448904][T16892] veth0_vlan: entered promiscuous mode [ 970.451302][ T5133] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 970.480330][ T5133] usb 3-1: config 0 descriptor?? [ 970.488383][T16892] veth1_vlan: entered promiscuous mode [ 970.525080][T16892] veth0_macvtap: entered promiscuous mode [ 970.539288][T16892] veth1_macvtap: entered promiscuous mode [ 970.557560][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 970.568880][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.579183][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 970.597835][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.616349][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 970.627474][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.638067][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 970.653539][ T8] usb 5-1: new high-speed USB device number 60 using dummy_hcd [ 970.678240][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.688678][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 970.700721][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.732043][T16892] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 970.738398][ T5133] usbhid 3-1:0.0: can't add hid device: -71 [ 970.768390][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 970.780356][ T5133] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 970.783492][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.807250][ T5133] usb 3-1: USB disconnect, device number 45 [ 970.820907][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 970.838370][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.849613][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 970.860465][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 970.872297][ T8] usb 5-1: config 0 has an invalid interface number: 11 but max is 0 [ 970.883481][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.899840][ T8] usb 5-1: config 0 has no interface number 0 [ 970.910052][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 970.925637][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.927709][ T8] usb 5-1: config 0 interface 11 has no altsetting 0 [ 970.941757][T16892] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 970.956797][T16892] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 970.959744][ T8] usb 5-1: New USB device found, idVendor=1164, idProduct=0622, bcdDevice=5a.16 [ 970.968852][T16892] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 970.984480][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 971.134572][T16996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 971.389435][T16996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 971.403577][ T5087] Bluetooth: hci5: command tx timeout [ 971.422910][ T8] usb 5-1: config 0 descriptor?? [ 971.484889][T16892] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 971.493831][T16892] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 971.503340][T16892] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 971.513094][T16892] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 971.517576][ T8] pvrusb2: Hardware description: Gotview USB 2.0 DVD 2 [ 971.544163][ T8] usb 5-1: selecting invalid altsetting 0 [ 971.562665][ T1960] pvrusb2: Invalid write control endpoint [ 971.679919][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 971.695083][ T1960] pvrusb2: Invalid write control endpoint [ 971.697657][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 971.707394][ T1960] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 971.724205][ T1960] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 971.731809][ T1960] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 971.744841][ T1960] pvrusb2: Device being rendered inoperable [ 971.750854][ T1960] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 971.759260][ T1960] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_g) [ 971.767981][ T1960] pvrusb2: Attached sub-driver cx25840 [ 971.802321][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 971.813304][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 971.821403][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 971.822978][ T1053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 971.831415][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 971.853310][ T1960] pvrusb2: Module ID 4 (tuner) for device Gotview USB 2.0 DVD 2 failed to load. Possible missing sub-device kernel module or initialization failure within module. [ 971.870909][ T1053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 972.038586][ T1960] TUNER: Unable to find symbol tda829x_probe() [ 972.081502][ T1960] DVB: Unable to find symbol tda9887_attach() [ 972.090563][ T1960] tuner: 1-0043: Tuner 4 found with type(s) Radio TV. [ 972.101303][ T1960] pvrusb2: Attached sub-driver tuner [ 972.127307][ T1960] pvrusb2: ***WARNING*** pvrusb2 driver initialization failed due to the failure of one or more sub-device kernel modules. [ 972.143844][T16988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2935'. [ 972.164364][ T1960] pvrusb2: You need to resolve the failing condition before this driver can function. There should be some earlier messages giving more information about the problem. [ 972.394046][T17019] sctp: [Deprecated]: syz.0.2940 (pid 17019) Use of int in max_burst socket option deprecated. [ 972.394046][T17019] Use struct sctp_assoc_value instead [ 972.433629][ T9816] vhci_hcd: vhci_device speed not set [ 972.647881][ T25] usb 5-1: USB disconnect, device number 60 [ 972.796971][ T5130] usb 4-1: USB disconnect, device number 55 [ 976.240187][T17076] sctp: [Deprecated]: syz.0.2957 (pid 17076) Use of int in max_burst socket option deprecated. [ 976.240187][T17076] Use struct sctp_assoc_value instead [ 978.723080][ T29] audit: type=1326 audit(2000000002.650:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17104 comm="syz.1.2967" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea7c175bd9 code=0x0 [ 978.797996][ T1053] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 979.297110][ T1053] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 980.087982][ T1053] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 980.240538][T17128] FAULT_INJECTION: forcing a failure. [ 980.240538][T17128] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 980.315569][ T1053] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 980.333405][T17128] CPU: 0 PID: 17128 Comm: syz.0.2974 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 980.343590][T17128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 980.353658][T17128] Call Trace: [ 980.356949][T17128] [ 980.359889][T17128] dump_stack_lvl+0x241/0x360 [ 980.364592][T17128] ? __pfx_dump_stack_lvl+0x10/0x10 [ 980.369805][T17128] ? __pfx__printk+0x10/0x10 [ 980.374416][T17128] ? __pfx_lock_release+0x10/0x10 [ 980.379459][T17128] should_fail_ex+0x3b0/0x4e0 [ 980.384163][T17128] _copy_to_user+0x2f/0xb0 [ 980.388594][T17128] rng_dev_read+0x3be/0x6d0 [ 980.393106][T17128] ? mark_lock+0x9a/0x350 [ 980.397448][T17128] ? __pfx_rng_dev_read+0x10/0x10 [ 980.402493][T17128] ? security_file_permission+0x7f/0xa0 [ 980.408055][T17128] ? rw_verify_area+0x52a/0x6b0 [ 980.412933][T17128] vfs_readv+0x6c2/0xa90 [ 980.417202][T17128] ? __pfx_rng_dev_read+0x10/0x10 [ 980.422238][T17128] ? __pfx_vfs_readv+0x10/0x10 [ 980.427024][T17128] ? __fget_files+0x29/0x470 [ 980.431640][T17128] __x64_sys_preadv+0x1c7/0x2d0 [ 980.436508][T17128] ? __pfx___x64_sys_preadv+0x10/0x10 [ 980.441903][T17128] ? do_syscall_64+0x100/0x230 [ 980.446685][T17128] ? do_syscall_64+0xb6/0x230 [ 980.451384][T17128] do_syscall_64+0xf3/0x230 [ 980.455906][T17128] ? clear_bhb_loop+0x35/0x90 [ 980.460604][T17128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 980.466516][T17128] RIP: 0033:0x7ffa5ab75bd9 [ 980.470944][T17128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 980.490567][T17128] RSP: 002b:00007ffa5b8a0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 980.499003][T17128] RAX: ffffffffffffffda RBX: 00007ffa5ad03f60 RCX: 00007ffa5ab75bd9 [ 980.506997][T17128] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000003 [ 980.514981][T17128] RBP: 00007ffa5b8a00a0 R08: 0000000000000000 R09: 0000000000000000 [ 980.522965][T17128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 980.530942][T17128] R13: 000000000000000b R14: 00007ffa5ad03f60 R15: 00007fff9ceeaf78 [ 980.538937][T17128] [ 980.546144][ T53] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 980.559776][ T53] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 980.568724][ T53] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 980.577459][ T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 980.585218][ T53] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 980.592621][ T53] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 981.219474][ T1053] bridge_slave_1: left allmulticast mode [ 981.225255][ T1053] bridge_slave_1: left promiscuous mode [ 981.250657][ T1053] bridge0: port 2(bridge_slave_1) entered disabled state [ 981.282254][ T1053] bridge_slave_0: left allmulticast mode [ 981.301071][ T1053] bridge_slave_0: left promiscuous mode [ 981.311410][ T1053] bridge0: port 1(bridge_slave_0) entered disabled state [ 981.433305][ T930] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 981.629982][ T930] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 981.645564][T17154] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2980'. [ 981.652095][ T930] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 981.690821][ T930] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 981.711295][ T930] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 981.731058][ T930] usb 1-1: config 0 descriptor?? [ 982.154611][ T930] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 982.164688][ T930] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0 [ 982.196210][ T930] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0005/input/input40 [ 982.439116][ T53] Bluetooth: Frame is too long (len 10, expected len 9) [ 982.674935][ T53] Bluetooth: hci4: command tx timeout [ 983.020530][ T930] cm6533_jd 0003:0D8C:0022.0005: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 983.046996][ T930] usb 1-1: USB disconnect, device number 42 [ 983.119318][ T1053] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 983.141375][ T1053] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 983.288338][ T1053] bond0 (unregistering): Released all slaves [ 983.314600][T17151] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2979'. [ 984.774629][ T53] Bluetooth: hci4: command tx timeout [ 984.925841][T17178] netlink: 'syz.1.2987': attribute type 1 has an invalid length. [ 985.739254][T17132] chnl_net:caif_netlink_parms(): no params data found [ 985.971601][T17188] FAULT_INJECTION: forcing a failure. [ 985.971601][T17188] name failslab, interval 1, probability 0, space 0, times 0 [ 985.986754][T17188] CPU: 1 PID: 17188 Comm: syz.1.2990 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 985.996933][T17188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 986.007069][T17188] Call Trace: [ 986.010339][T17188] [ 986.013266][T17188] dump_stack_lvl+0x241/0x360 [ 986.017944][T17188] ? __pfx_dump_stack_lvl+0x10/0x10 [ 986.023135][T17188] ? __pfx__printk+0x10/0x10 [ 986.027727][T17188] ? __pfx___might_resched+0x10/0x10 [ 986.033017][T17188] ? __asan_memset+0x23/0x50 [ 986.037620][T17188] should_fail_ex+0x3b0/0x4e0 [ 986.042315][T17188] ? security_inode_alloc+0x28/0x120 [ 986.047607][T17188] should_failslab+0x9/0x20 [ 986.052106][T17188] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 986.057486][T17188] security_inode_alloc+0x28/0x120 [ 986.062599][T17188] inode_init_always+0x947/0xc70 [ 986.067536][T17188] ? __pfx_sock_alloc_inode+0x10/0x10 [ 986.072909][T17188] new_inode_pseudo+0x9e/0x1e0 [ 986.077673][T17188] do_accept+0x16e/0x6c0 [ 986.081916][T17188] ? __pfx_do_accept+0x10/0x10 [ 986.086690][T17188] __sys_accept4+0x11e/0x1c0 [ 986.091279][T17188] ? __pfx___sys_accept4+0x10/0x10 [ 986.096384][T17188] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 986.102726][T17188] ? do_syscall_64+0x100/0x230 [ 986.107502][T17188] __x64_sys_accept4+0x9a/0xb0 [ 986.112274][T17188] do_syscall_64+0xf3/0x230 [ 986.116782][T17188] ? clear_bhb_loop+0x35/0x90 [ 986.121463][T17188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.127352][T17188] RIP: 0033:0x7fea7c175bd9 [ 986.131765][T17188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 986.151371][T17188] RSP: 002b:00007fea7cefa048 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 986.159785][T17188] RAX: ffffffffffffffda RBX: 00007fea7c303f60 RCX: 00007fea7c175bd9 [ 986.167747][T17188] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 986.175707][T17188] RBP: 00007fea7cefa0a0 R08: 0000000000000000 R09: 0000000000000000 [ 986.183670][T17188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 986.191631][T17188] R13: 000000000000000b R14: 00007fea7c303f60 R15: 00007ffdf60861e8 [ 986.199616][T17188] [ 986.203969][ C1] vkms_vblank_simulate: vblank timer overrun [ 987.303557][ T53] Bluetooth: Frame is too long (len 10, expected len 9) [ 987.311132][ T53] Bluetooth: hci4: command tx timeout [ 987.499213][T17132] bridge0: port 1(bridge_slave_0) entered blocking state [ 987.564858][T17132] bridge0: port 1(bridge_slave_0) entered disabled state [ 987.582237][T17132] bridge_slave_0: entered allmulticast mode [ 987.635339][T17132] bridge_slave_0: entered promiscuous mode [ 987.666554][T17206] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2994'. [ 987.911220][ T1053] hsr_slave_0: left promiscuous mode [ 988.441149][ T1053] hsr_slave_1: left promiscuous mode [ 988.723606][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 988.747121][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 988.777846][T17224] FAULT_INJECTION: forcing a failure. [ 988.777846][T17224] name failslab, interval 1, probability 0, space 0, times 0 [ 988.778174][ T1053] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 988.826008][ T1053] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 988.845025][T17224] CPU: 0 PID: 17224 Comm: syz.1.2999 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 988.855196][T17224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 988.865337][T17224] Call Trace: [ 988.868599][T17224] [ 988.871526][T17224] dump_stack_lvl+0x241/0x360 [ 988.876219][T17224] ? __pfx_dump_stack_lvl+0x10/0x10 [ 988.881417][T17224] ? __pfx__printk+0x10/0x10 [ 988.886017][T17224] ? __pfx___might_resched+0x10/0x10 [ 988.891295][T17224] ? dynamic_dname+0x141/0x1b0 [ 988.896082][T17224] should_fail_ex+0x3b0/0x4e0 [ 988.900781][T17224] ? tomoyo_encode+0x26f/0x540 [ 988.905583][T17224] should_failslab+0x9/0x20 [ 988.910087][T17224] __kmalloc_noprof+0xd8/0x400 [ 988.914850][T17224] tomoyo_encode+0x26f/0x540 [ 988.919439][T17224] ? __pfx_sockfs_dname+0x10/0x10 [ 988.924454][T17224] tomoyo_realpath_from_path+0x59e/0x5e0 [ 988.930086][T17224] tomoyo_path_number_perm+0x23a/0x880 [ 988.935541][T17224] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 988.941167][T17224] ? tomoyo_path_number_perm+0x208/0x880 [ 988.946792][T17224] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 988.952767][T17224] ? sb_end_write+0xe9/0x1c0 [ 988.957358][T17224] ? vfs_write+0x7c4/0xc90 [ 988.961776][T17224] ? __pfx_vfs_write+0x10/0x10 [ 988.966552][T17224] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 988.972525][T17224] security_file_ioctl+0x75/0xb0 [ 988.977455][T17224] __se_sys_ioctl+0x47/0x170 [ 988.982046][T17224] do_syscall_64+0xf3/0x230 [ 988.986546][T17224] ? clear_bhb_loop+0x35/0x90 [ 988.991225][T17224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 988.997115][T17224] RIP: 0033:0x7fea7c175bd9 [ 989.001522][T17224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 989.021119][T17224] RSP: 002b:00007fea7cefa048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 989.029528][T17224] RAX: ffffffffffffffda RBX: 00007fea7c303f60 RCX: 00007fea7c175bd9 [ 989.037488][T17224] RDX: 0000000000000000 RSI: 000000000000890b RDI: 0000000000000003 [ 989.045446][T17224] RBP: 00007fea7cefa0a0 R08: 0000000000000000 R09: 0000000000000000 [ 989.053408][T17224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 989.061370][T17224] R13: 000000000000000b R14: 00007fea7c303f60 R15: 00007ffdf60861e8 [ 989.069342][T17224] [ 989.093482][T17224] ERROR: Out of memory at tomoyo_realpath_from_path. [ 989.173799][ T1053] veth1_macvtap: left promiscuous mode [ 989.196987][ T1053] veth0_macvtap: left promiscuous mode [ 989.213546][ T1053] veth1_vlan: left promiscuous mode [ 989.224130][ T1053] veth0_vlan: left promiscuous mode [ 989.273345][ T5132] usb 5-1: new high-speed USB device number 61 using dummy_hcd [ 989.393317][ T5087] Bluetooth: hci4: command tx timeout [ 989.697522][ T5132] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 989.743647][ T5132] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 989.766388][ T5132] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 989.809938][ T5132] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 989.857112][ T5132] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 989.906520][ T5132] usb 5-1: config 0 descriptor?? [ 990.222123][ T5162] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 990.443238][ T5162] usb 2-1: Using ep0 maxpacket: 32 [ 990.483340][ T5162] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 990.492878][ T5162] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 990.513411][ T5162] usb 2-1: Product: syz [ 990.517639][ T5162] usb 2-1: Manufacturer: syz [ 990.532078][ T5162] usb 2-1: SerialNumber: syz [ 990.564521][ T5162] usb 2-1: config 0 descriptor?? [ 990.582384][ T5162] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 990.764478][T17218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 990.775568][ T5133] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 990.994671][T17218] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 991.008689][ T1053] team0 (unregistering): Port device team_slave_1 removed [ 991.053555][T17237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 991.062718][T17237] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 991.105029][ T5133] usb 3-1: Using ep0 maxpacket: 8 [ 991.110454][ T5162] gspca_stk1135: reg_w 0x2 err -110 [ 991.121126][ T1053] team0 (unregistering): Port device team_slave_0 removed [ 991.134408][ T5133] usb 3-1: config 0 has an invalid interface number: 11 but max is 0 [ 991.142787][ T5162] gspca_stk1135: serial bus timeout: status=0x00 [ 991.154487][ T5162] gspca_stk1135: Sensor write failed [ 991.159958][ T5133] usb 3-1: config 0 has no interface number 0 [ 991.166542][ T5162] gspca_stk1135: serial bus timeout: status=0x00 [ 991.173083][ T5133] usb 3-1: config 0 interface 11 has no altsetting 0 [ 991.180067][ T5162] gspca_stk1135: Sensor write failed [ 991.185611][ T5133] usb 3-1: New USB device found, idVendor=1164, idProduct=0622, bcdDevice=5a.16 [ 991.195032][ T5162] gspca_stk1135: serial bus timeout: status=0x00 [ 991.201542][ T5133] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 991.210319][ T5162] gspca_stk1135: Sensor read failed [ 991.215896][ T5162] gspca_stk1135: serial bus timeout: status=0x00 [ 991.224078][ T5162] gspca_stk1135: Sensor read failed [ 991.229462][ T5162] gspca_stk1135: Detected sensor type unknown (0x0) [ 991.240170][ T5133] usb 3-1: config 0 descriptor?? [ 991.246610][ T5162] gspca_stk1135: serial bus timeout: status=0x00 [ 991.254863][ T5162] gspca_stk1135: Sensor read failed [ 991.262130][ T5162] gspca_stk1135: serial bus timeout: status=0x00 [ 991.271529][ T5133] pvrusb2: Hardware description: Gotview USB 2.0 DVD 2 [ 991.278486][ T5162] gspca_stk1135: Sensor read failed [ 991.284639][ T5133] usb 3-1: selecting invalid altsetting 0 [ 991.290578][ T5162] gspca_stk1135: serial bus timeout: status=0x00 [ 991.299625][ T1960] pvrusb2: Invalid write control endpoint [ 991.300945][ T5162] gspca_stk1135: Sensor write failed [ 991.311099][ T5162] gspca_stk1135: serial bus timeout: status=0x00 [ 991.318069][ T5162] gspca_stk1135: Sensor write failed [ 991.323604][ T5162] stk1135 2-1:0.0: probe with driver stk1135 failed with error -110 [ 991.381669][ T1960] pvrusb2: Invalid write control endpoint [ 991.388363][ T1960] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 991.397808][ T1960] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 991.405530][ T1960] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 991.416055][ T1960] pvrusb2: Device being rendered inoperable [ 991.422178][ T1960] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 991.429531][ T1960] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_h) [ 991.438250][ T1960] pvrusb2: Attached sub-driver cx25840 [ 991.538438][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 991.553047][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 991.565869][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 991.574342][ T1960] pvrusb2: Attempted to execute control transfer when device not ok [ 991.582525][ T1960] pvrusb2: Module ID 4 (tuner) for device Gotview USB 2.0 DVD 2 failed to load. Possible missing sub-device kernel module or initialization failure within module. [ 991.656310][ T1960] TUNER: Unable to find symbol tda829x_probe() [ 991.727942][ T1960] DVB: Unable to find symbol tda9887_attach() [ 991.734348][ T1960] tuner: 1-0043: Tuner 4 found with type(s) Radio TV. [ 991.734861][T17243] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3002'. [ 991.741412][ T1960] pvrusb2: Attached sub-driver tuner [ 991.755500][ T1960] pvrusb2: ***WARNING*** pvrusb2 driver initialization failed due to the failure of one or more sub-device kernel modules. [ 991.769494][ T1960] pvrusb2: You need to resolve the failing condition before this driver can function. There should be some earlier messages giving more information about the problem. [ 992.291938][ T5132] usbhid 5-1:0.0: can't add hid device: -71 [ 992.303695][ T5132] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 992.314443][ T5132] usb 5-1: USB disconnect, device number 61 [ 992.521480][T17132] bridge0: port 2(bridge_slave_1) entered blocking state [ 992.534913][T17132] bridge0: port 2(bridge_slave_1) entered disabled state [ 992.542636][T17132] bridge_slave_1: entered allmulticast mode [ 992.557706][T17132] bridge_slave_1: entered promiscuous mode [ 992.596892][T17228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2997'. [ 992.796825][T17132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 993.257286][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.272770][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.312155][T17132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 993.525801][T11204] usb 2-1: USB disconnect, device number 47 [ 993.663943][ T5162] usb 3-1: USB disconnect, device number 46 [ 993.678290][T17132] team0: Port device team_slave_0 added [ 993.707630][T17132] team0: Port device team_slave_1 added [ 993.882422][T17132] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 993.889928][T17132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 994.370267][T17132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 994.420088][T17132] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 994.429500][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 994.478927][T17132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 994.567734][T17132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 994.733646][T17132] hsr_slave_0: entered promiscuous mode [ 994.752280][T17132] hsr_slave_1: entered promiscuous mode [ 994.780947][T17132] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 994.814418][T17132] Cannot create hsr debugfs directory [ 995.014570][T17271] FAULT_INJECTION: forcing a failure. [ 995.014570][T17271] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 995.030133][T17271] CPU: 0 PID: 17271 Comm: syz.1.3009 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 995.040319][T17271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 995.050379][T17271] Call Trace: [ 995.053674][T17271] [ 995.056608][T17271] dump_stack_lvl+0x241/0x360 [ 995.061303][T17271] ? __pfx_dump_stack_lvl+0x10/0x10 [ 995.066519][T17271] ? __pfx__printk+0x10/0x10 [ 995.071109][T17271] ? __pfx_lock_release+0x10/0x10 [ 995.076142][T17271] should_fail_ex+0x3b0/0x4e0 [ 995.080818][T17271] _copy_from_user+0x2f/0xe0 [ 995.085413][T17271] copy_msghdr_from_user+0xae/0x680 [ 995.090651][T17271] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 995.096463][T17271] __sys_sendmsg+0x23d/0x3a0 [ 995.101049][T17271] ? __pfx___sys_sendmsg+0x10/0x10 [ 995.106154][T17271] ? vfs_write+0x7c4/0xc90 [ 995.110590][T17271] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 995.116909][T17271] ? do_syscall_64+0x100/0x230 [ 995.121672][T17271] ? do_syscall_64+0xb6/0x230 [ 995.126353][T17271] do_syscall_64+0xf3/0x230 [ 995.130855][T17271] ? clear_bhb_loop+0x35/0x90 [ 995.135548][T17271] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 995.141461][T17271] RIP: 0033:0x7fea7c175bd9 [ 995.145896][T17271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 995.165493][T17271] RSP: 002b:00007fea7cefa048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 995.173896][T17271] RAX: ffffffffffffffda RBX: 00007fea7c303f60 RCX: 00007fea7c175bd9 [ 995.181855][T17271] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 995.189827][T17271] RBP: 00007fea7cefa0a0 R08: 0000000000000000 R09: 0000000000000000 [ 995.197804][T17271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 995.205762][T17271] R13: 000000000000000b R14: 00007fea7c303f60 R15: 00007ffdf60861e8 [ 995.213756][T17271] [ 995.220708][ T5132] usb 1-1: new high-speed USB device number 43 using dummy_hcd [ 995.229676][T17268] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3007'. [ 995.744951][ T5132] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 995.763436][ T5132] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0 [ 995.815753][ T5132] usb 1-1: New USB device found, idVendor=05ac, idProduct=821a, bcdDevice=eb.66 [ 995.833212][ T5132] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 995.841224][ T5132] usb 1-1: Product: syz [ 995.861055][ T5132] usb 1-1: Manufacturer: syz [ 995.865711][ T5132] usb 1-1: SerialNumber: syz [ 995.880701][ T5132] usb 1-1: config 0 descriptor?? [ 995.983405][ T5162] psmouse serio2: Failed to reset mouse on : -5 [ 995.995519][T17283] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3013'. [ 996.183891][ T5132] usb 1-1: USB disconnect, device number 43 [ 996.274967][T17132] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 996.289516][T17132] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 996.306571][T17132] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 996.340912][T17132] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 996.545144][T17132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 996.600013][T17132] 8021q: adding VLAN 0 to HW filter on device team0 [ 996.630802][ T5130] bridge0: port 1(bridge_slave_0) entered blocking state [ 996.637992][ T5130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 996.664993][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state [ 996.672195][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 997.113231][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 997.921173][T17314] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3020'. [ 998.050639][T17132] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 998.151437][T17132] veth0_vlan: entered promiscuous mode [ 998.285020][T17132] veth1_vlan: entered promiscuous mode [ 998.424922][T17132] veth0_macvtap: entered promiscuous mode [ 998.493581][T17132] veth1_macvtap: entered promiscuous mode [ 998.540716][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 998.563431][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.598401][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 998.639365][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.653609][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 998.676363][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.703322][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 998.726353][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.746473][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 998.766626][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.789431][T17132] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 998.842506][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 998.871905][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.885451][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 998.906319][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.931487][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 998.963281][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 998.983298][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 999.007277][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 999.027953][T17132] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 999.039393][T17132] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 999.052113][T17132] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 999.073084][T17132] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 999.103562][T17132] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 999.257815][T17132] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 999.267160][T17132] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 999.664418][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 1000.151398][ T5162] misc userio: Buffer overflowed, userio client isn't keeping up [ 1000.278606][T17351] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3031'. [ 1000.319941][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1000.343881][ T8] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 1000.399269][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1000.481732][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1000.496627][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1001.566056][ T8] usb 2-1: config 10 has too many interfaces: 60, using maximum allowed: 32 [ 1001.575542][ T8] usb 2-1: config 10 has an invalid descriptor of length 171, skipping remainder of the config [ 1001.613591][ T8] usb 2-1: config 10 has 0 interfaces, different from the descriptor's value: 60 [ 1001.647274][ T8] usb 2-1: New USB device found, idVendor=1799, idProduct=011b, bcdDevice=ba.b6 [ 1001.663322][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1001.679486][ T8] usb 2-1: Product: syz [ 1001.684772][ T8] usb 2-1: Manufacturer: syz [ 1001.689478][ T8] usb 2-1: SerialNumber: syz [ 1001.928947][ T8] usb 2-1: USB disconnect, device number 48 [ 1002.303835][ T5162] input: PS/2 Generic Mouse as /devices/serio2/input/input41 [ 1002.616978][ T5162] psmouse serio2: Failed to enable mouse on [ 1004.067185][ T5087] Bluetooth: hci2: ACL packet for unknown connection handle 200 [ 1004.245631][ T25] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 1004.473270][ T25] usb 2-1: Using ep0 maxpacket: 8 [ 1004.491490][ T25] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 1004.522351][ T25] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1004.557128][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1004.628338][ T25] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1004.677003][ T25] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1004.686282][T17408] FAULT_INJECTION: forcing a failure. [ 1004.686282][T17408] name failslab, interval 1, probability 0, space 0, times 0 [ 1004.706390][ T25] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1004.706487][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1004.816290][T17408] CPU: 1 PID: 17408 Comm: syz.3.3049 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 1004.826489][T17408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1004.836552][T17408] Call Trace: [ 1004.839842][T17408] [ 1004.842777][T17408] dump_stack_lvl+0x241/0x360 [ 1004.847476][T17408] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1004.852689][T17408] ? __pfx__printk+0x10/0x10 [ 1004.857304][T17408] should_fail_ex+0x3b0/0x4e0 [ 1004.861999][T17408] ? rtnl_newlink+0xf2/0x20a0 [ 1004.866690][T17408] should_failslab+0x9/0x20 [ 1004.871209][T17408] kmalloc_trace_noprof+0x6c/0x2c0 [ 1004.876339][T17408] ? __pfx_rtnl_newlink+0x10/0x10 [ 1004.881381][T17408] rtnl_newlink+0xf2/0x20a0 [ 1004.885902][T17408] ? __kernel_text_address+0xd/0x40 [ 1004.891142][T17408] ? __mutex_trylock_common+0x183/0x2e0 [ 1004.896720][T17408] ? __pfx___might_resched+0x10/0x10 [ 1004.902017][T17408] ? __pfx_rtnl_newlink+0x10/0x10 [ 1004.907058][T17408] ? __pfx___mutex_trylock_common+0x10/0x10 [ 1004.912971][T17408] ? rcu_is_watching+0x15/0xb0 [ 1004.917756][T17408] ? trace_contention_end+0x3c/0x120 [ 1004.923066][T17408] ? __mutex_lock+0x2ef/0xd70 [ 1004.927772][T17408] ? rcu_read_unlock+0x87/0xa0 [ 1004.932556][T17408] ? do_syscall_64+0xf3/0x230 [ 1004.937250][T17408] ? rtnetlink_rcv_msg+0x842/0x1180 [ 1004.942467][T17408] ? __pfx_lock_release+0x10/0x10 [ 1004.947506][T17408] ? __pfx___mutex_lock+0x10/0x10 [ 1004.952553][T17408] ? __pfx_rtnl_newlink+0x10/0x10 [ 1004.957572][T17408] rtnetlink_rcv_msg+0x89b/0x1180 [ 1004.962597][T17408] ? rtnetlink_rcv_msg+0x208/0x1180 [ 1004.967792][T17408] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1004.973261][T17408] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1004.979248][T17408] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1004.985572][T17408] ? __local_bh_enable_ip+0x168/0x200 [ 1004.990932][T17408] ? lockdep_hardirqs_on+0x99/0x150 [ 1004.996130][T17408] ? __local_bh_enable_ip+0x168/0x200 [ 1005.001491][T17408] ? dev_hard_start_xmit+0x773/0x7e0 [ 1005.006768][T17408] ? __dev_queue_xmit+0x2d2/0x3d30 [ 1005.011873][T17408] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 1005.017591][T17408] ? __dev_queue_xmit+0x2d2/0x3d30 [ 1005.022699][T17408] ? __dev_queue_xmit+0x16c9/0x3d30 [ 1005.027900][T17408] ? __dev_queue_xmit+0x2d2/0x3d30 [ 1005.033016][T17408] ? ref_tracker_free+0x643/0x7e0 [ 1005.038043][T17408] netlink_rcv_skb+0x1e3/0x430 [ 1005.042804][T17408] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1005.048258][T17408] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1005.053555][T17408] ? netlink_deliver_tap+0x2e/0x1b0 [ 1005.058748][T17408] netlink_unicast+0x7ea/0x980 [ 1005.063512][T17408] ? __pfx_netlink_unicast+0x10/0x10 [ 1005.068786][T17408] ? __virt_addr_valid+0x183/0x520 [ 1005.073900][T17408] ? __check_object_size+0x49c/0x900 [ 1005.079179][T17408] ? bpf_lsm_netlink_send+0x9/0x10 [ 1005.084291][T17408] netlink_sendmsg+0x8db/0xcb0 [ 1005.089060][T17408] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1005.094341][T17408] ? __import_iovec+0x536/0x820 [ 1005.099189][T17408] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1005.104462][T17408] ? security_socket_sendmsg+0x87/0xb0 [ 1005.109933][T17408] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1005.115225][T17408] __sock_sendmsg+0x221/0x270 [ 1005.119897][T17408] ____sys_sendmsg+0x525/0x7d0 [ 1005.124672][T17408] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1005.129963][T17408] __sys_sendmsg+0x2b0/0x3a0 [ 1005.134553][T17408] ? __pfx___sys_sendmsg+0x10/0x10 [ 1005.139661][T17408] ? vfs_write+0x7c4/0xc90 [ 1005.144128][T17408] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1005.150449][T17408] ? do_syscall_64+0x100/0x230 [ 1005.155213][T17408] ? do_syscall_64+0xb6/0x230 [ 1005.159894][T17408] do_syscall_64+0xf3/0x230 [ 1005.164399][T17408] ? clear_bhb_loop+0x35/0x90 [ 1005.169077][T17408] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.174969][T17408] RIP: 0033:0x7fac35575bd9 [ 1005.179379][T17408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1005.198982][T17408] RSP: 002b:00007fac362a0048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1005.207392][T17408] RAX: ffffffffffffffda RBX: 00007fac35703f60 RCX: 00007fac35575bd9 [ 1005.215354][T17408] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004 [ 1005.223315][T17408] RBP: 00007fac362a00a0 R08: 0000000000000000 R09: 0000000000000000 [ 1005.231274][T17408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1005.239238][T17408] R13: 000000000000000b R14: 00007fac35703f60 R15: 00007ffec4106198 [ 1005.247219][T17408] [ 1005.250362][ C1] vkms_vblank_simulate: vblank timer overrun [ 1005.575088][ T25] usb 2-1: usb_control_msg returned -32 [ 1005.581897][ T25] usbtmc 2-1:16.0: can't read capabilities [ 1005.718616][T17419] sp0: Synchronizing with TNC [ 1005.737469][T17419] 9pnet_virtio: no channels available for device syz [ 1005.764977][T17418] [U] è [ 1006.827071][ T5087] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 1006.829910][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 1007.232746][ T5162] usb 2-1: USB disconnect, device number 49 [ 1007.428878][ T51] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1007.639004][ T51] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1008.296771][ T51] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1008.490022][ T51] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1008.582572][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1008.590868][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1008.605761][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1008.625597][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1008.634198][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1008.641549][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1008.695092][ T29] audit: type=1326 audit(2000000000.450:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17451 comm="syz.1.3063" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea7c175bd9 code=0x0 [ 1008.827010][ T51] bridge_slave_1: left allmulticast mode [ 1008.835387][ T51] bridge_slave_1: left promiscuous mode [ 1008.841243][ T51] bridge0: port 2(bridge_slave_1) entered disabled state [ 1008.869926][ T51] bridge_slave_0: left allmulticast mode [ 1008.876044][ T51] bridge_slave_0: left promiscuous mode [ 1008.884229][ T51] bridge0: port 1(bridge_slave_0) entered disabled state [ 1010.247769][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 1010.753427][ T5087] Bluetooth: hci0: command tx timeout [ 1011.677776][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1011.689551][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1011.700990][ T51] bond0 (unregistering): Released all slaves [ 1011.717842][T17469] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3069'. [ 1011.881918][ T29] audit: type=1326 audit(2000000000.690:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17496 comm="syz.1.3075" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea7c175bd9 code=0x0 [ 1011.913982][ T783] usb 4-1: new high-speed USB device number 56 using dummy_hcd [ 1012.030694][T17504] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 1012.073636][ T29] audit: type=1326 audit(2000000000.880:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17503 comm="syz.0.3077" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffa5ab75bd9 code=0x0 [ 1012.253528][ T783] usb 4-1: Using ep0 maxpacket: 8 [ 1012.272219][ T783] usb 4-1: config 0 has too many interfaces: 33, using maximum allowed: 32 [ 1012.293985][T17449] chnl_net:caif_netlink_parms(): no params data found [ 1012.301578][ T783] usb 4-1: config 0 has an invalid interface number: 38 but max is 32 [ 1012.320591][ T783] usb 4-1: config 0 has an invalid descriptor of length 27, skipping remainder of the config [ 1012.340048][ T783] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 33 [ 1012.359540][ T783] usb 4-1: config 0 has no interface number 0 [ 1012.365970][ T783] usb 4-1: too many endpoints for config 0 interface 38 altsetting 77: 139, using maximum allowed: 30 [ 1012.377294][ T51] hsr_slave_0: left promiscuous mode [ 1012.379767][ T783] usb 4-1: config 0 interface 38 altsetting 77 has 0 endpoint descriptors, different from the interface descriptor's value: 139 [ 1012.396082][ T783] usb 4-1: config 0 interface 38 has no altsetting 0 [ 1012.403336][ T783] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 1012.412584][ T51] hsr_slave_1: left promiscuous mode [ 1012.414770][ T783] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1012.427218][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1012.445408][ T783] usb 4-1: config 0 descriptor?? [ 1012.446786][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1012.465339][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1012.475611][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1012.502968][ T51] veth1_macvtap: left promiscuous mode [ 1012.508806][ T51] veth0_macvtap: left promiscuous mode [ 1012.516307][ T51] veth1_vlan: left promiscuous mode [ 1012.521595][ T51] veth0_vlan: left promiscuous mode [ 1012.712767][T17514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1012.724577][T17514] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1012.867227][ T5087] Bluetooth: hci0: command tx timeout [ 1013.043669][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 1013.945961][T17524] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3081'. [ 1014.234745][ T51] team0 (unregistering): Port device team_slave_1 removed [ 1014.321651][ T51] team0 (unregistering): Port device team_slave_0 removed [ 1014.923393][ T5087] Bluetooth: hci0: command tx timeout [ 1015.132597][T17517] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3080'. [ 1015.160005][ T783] usb 4-1: string descriptor 0 read error: -71 [ 1015.175756][ T783] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 1015.210511][ T783] gspca_vc032x: reg_r err -71 [ 1015.216380][ T783] vc032x 4-1:0.38: probe with driver vc032x failed with error -71 [ 1015.248524][T17533] FAULT_INJECTION: forcing a failure. [ 1015.248524][T17533] name failslab, interval 1, probability 0, space 0, times 0 [ 1015.269492][ T783] usb 4-1: USB disconnect, device number 56 [ 1015.289940][T17533] CPU: 1 PID: 17533 Comm: syz.1.3083 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 1015.300127][T17533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1015.310195][T17533] Call Trace: [ 1015.313486][T17533] [ 1015.316431][T17533] dump_stack_lvl+0x241/0x360 [ 1015.321139][T17533] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1015.326362][T17533] ? __pfx__printk+0x10/0x10 [ 1015.330979][T17533] ? ovl_lookup_layer+0x417/0x510 [ 1015.336017][T17533] should_fail_ex+0x3b0/0x4e0 [ 1015.340704][T17533] ? ovl_lookup+0x8b2/0x2a60 [ 1015.345286][T17533] should_failslab+0x9/0x20 [ 1015.349785][T17533] __kmalloc_noprof+0xd8/0x400 [ 1015.354546][T17533] ovl_lookup+0x8b2/0x2a60 [ 1015.358980][T17533] ? __pfx_ovl_lookup+0x10/0x10 [ 1015.363829][T17533] ? __pfx_lock_acquire+0x10/0x10 [ 1015.368850][T17533] ? d_alloc+0x142/0x190 [ 1015.373096][T17533] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1015.378297][T17533] ? _raw_spin_unlock+0x28/0x50 [ 1015.383145][T17533] ? d_alloc+0x142/0x190 [ 1015.387391][T17533] lookup_one_qstr_excl+0x11f/0x260 [ 1015.392588][T17533] filename_create+0x297/0x540 [ 1015.397352][T17533] ? __pfx_filename_create+0x10/0x10 [ 1015.402643][T17533] do_linkat+0x1a2/0x6f0 [ 1015.406882][T17533] ? __phys_addr_symbol+0x2f/0x70 [ 1015.411902][T17533] ? __pfx_do_linkat+0x10/0x10 [ 1015.416666][T17533] ? getname_flags+0x1fe/0x4f0 [ 1015.421425][T17533] __x64_sys_link+0x86/0xa0 [ 1015.425922][T17533] do_syscall_64+0xf3/0x230 [ 1015.430443][T17533] ? clear_bhb_loop+0x35/0x90 [ 1015.435125][T17533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1015.441017][T17533] RIP: 0033:0x7fea7c175bd9 [ 1015.445422][T17533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1015.465020][T17533] RSP: 002b:00007fea7cefa048 EFLAGS: 00000246 ORIG_RAX: 0000000000000056 [ 1015.473426][T17533] RAX: ffffffffffffffda RBX: 00007fea7c303f60 RCX: 00007fea7c175bd9 [ 1015.481386][T17533] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020000200 [ 1015.489351][T17533] RBP: 00007fea7cefa0a0 R08: 0000000000000000 R09: 0000000000000000 [ 1015.497315][T17533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1015.505272][T17533] R13: 000000000000000b R14: 00007fea7c303f60 R15: 00007ffdf60861e8 [ 1015.513246][T17533] [ 1016.113698][T17449] bridge0: port 1(bridge_slave_0) entered blocking state [ 1016.120870][T17449] bridge0: port 1(bridge_slave_0) entered disabled state [ 1016.171192][T17449] bridge_slave_0: entered allmulticast mode [ 1016.201431][T17449] bridge_slave_0: entered promiscuous mode [ 1016.215359][T17449] bridge0: port 2(bridge_slave_1) entered blocking state [ 1016.222532][T17449] bridge0: port 2(bridge_slave_1) entered disabled state [ 1016.236162][T17449] bridge_slave_1: entered allmulticast mode [ 1016.242966][T17449] bridge_slave_1: entered promiscuous mode [ 1016.268145][ T783] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 1016.308811][T17449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1016.340167][T17449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1016.405602][T17449] team0: Port device team_slave_0 added [ 1016.417512][T17449] team0: Port device team_slave_1 added [ 1016.463414][ T783] usb 1-1: Using ep0 maxpacket: 8 [ 1016.481909][ T783] usb 1-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 1016.499050][ T783] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1016.509773][ T783] usb 1-1: Product: syz [ 1016.520661][ T783] usb 1-1: Manufacturer: syz [ 1016.533136][ T783] usb 1-1: SerialNumber: syz [ 1016.562439][ T783] usb 1-1: config 0 descriptor?? [ 1016.578307][ T783] gspca_main: sq905-2.14.0 probing 2770:9120 [ 1016.664603][T17449] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1016.671573][T17449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1016.697786][T17449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1016.711661][T17449] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1016.718692][T17449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1016.766601][T17449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1016.993480][ T5087] Bluetooth: hci0: command tx timeout [ 1017.149870][T17537] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1017.303713][ T783] gspca_sq905: sq905_command: usb_control_msg failed 2 (-110) [ 1017.316665][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 1017.330144][ T783] sq905 1-1:0.0: probe with driver sq905 failed with error -110 [ 1017.575539][ T783] usb 1-1: USB disconnect, device number 44 [ 1017.739467][T17449] hsr_slave_0: entered promiscuous mode [ 1017.780787][T17449] hsr_slave_1: entered promiscuous mode [ 1018.986656][T17449] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1019.006233][T17449] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1019.027281][T17449] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1019.066169][ T53] Bluetooth: hci4: unexpected Set CIG Parameters response data [ 1019.082695][T17449] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1019.327196][T17449] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1019.380407][T17449] 8021q: adding VLAN 0 to HW filter on device team0 [ 1019.463857][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state [ 1019.471042][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1019.490832][ T5132] bridge0: port 2(bridge_slave_1) entered blocking state [ 1019.497947][ T5132] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1019.908476][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 1020.535930][ T29] audit: type=1326 audit(2000000002.060:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17602 comm="syz.0.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa5ab75bd9 code=0x7fc00000 [ 1020.660257][ T29] audit: type=1326 audit(2000000002.170:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17602 comm="syz.0.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffa5ab6cc27 code=0x7fc00000 [ 1020.758110][ T29] audit: type=1326 audit(2000000002.170:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17602 comm="syz.0.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffa5ab115c9 code=0x7fc00000 [ 1020.820542][ T29] audit: type=1326 audit(2000000002.170:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17602 comm="syz.0.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ffa5ab1168f code=0x7fc00000 [ 1020.862816][ T29] audit: type=1326 audit(2000000002.170:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17602 comm="syz.0.3104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7ffa5ab75bd9 code=0x7fc00000 [ 1020.922595][T17449] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1021.335819][ T783] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 1021.533278][ T783] usb 2-1: device descriptor read/64, error -71 [ 1021.753937][ T5087] Bluetooth: hci2: unexpected event for opcode 0x0419 [ 1021.823564][ T783] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 1021.884538][T17449] veth0_vlan: entered promiscuous mode [ 1021.930340][T17449] veth1_vlan: entered promiscuous mode [ 1022.006117][T17449] veth0_macvtap: entered promiscuous mode [ 1022.014058][ T783] usb 2-1: device descriptor read/64, error -71 [ 1022.019045][T17449] veth1_macvtap: entered promiscuous mode [ 1022.040769][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1022.051276][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.063093][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1022.074578][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.085544][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1022.096851][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.110673][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1022.121363][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.131415][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1022.142485][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.153734][ T783] usb usb2-port1: attempt power cycle [ 1022.155161][T17449] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1022.306707][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1022.317854][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.328230][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1022.341026][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.353240][ T5162] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 1022.386754][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1022.399023][ T5087] Bluetooth: Frame is too long (len 10, expected len 9) [ 1022.442906][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.457159][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1022.468473][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.491888][T17449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1022.520953][T17449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1022.545411][T17449] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1022.548928][ T5162] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1022.557532][T17449] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1022.591054][T17449] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1022.609863][ T5162] usb 1-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=81.d9 [ 1022.642914][T17449] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1022.657327][ T5162] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1022.689270][T17449] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1022.705148][ T783] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 1022.719860][ T5162] usb 1-1: Product: syz [ 1022.736080][ T5162] usb 1-1: Manufacturer: syz [ 1022.768081][ T5162] usb 1-1: SerialNumber: syz [ 1022.776703][ T783] usb 2-1: device descriptor read/8, error -71 [ 1022.830428][ T5162] usb 1-1: config 0 descriptor?? [ 1022.925644][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1022.942180][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1022.995328][ T7397] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1023.010052][ T7397] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1023.072842][ T5162] usb 1-1: USB disconnect, device number 45 [ 1023.083312][ T783] usb 2-1: new high-speed USB device number 53 using dummy_hcd [ 1023.143954][ T783] usb 2-1: device descriptor read/8, error -71 [ 1023.155289][ T5087] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 1023.165141][ T5087] Bluetooth: hci4: Injecting HCI hardware error event [ 1023.175467][ T53] Bluetooth: hci4: hardware error 0x00 [ 1023.195365][ T53] ------------[ cut here ]------------ [ 1023.201641][ T53] ida_free called for id=8192 which is not allocated. [ 1023.213851][ T53] WARNING: CPU: 0 PID: 53 at lib/idr.c:525 ida_free+0x370/0x420 [ 1023.221607][ T53] Modules linked in: [ 1023.225877][ T53] CPU: 0 PID: 53 Comm: kworker/u9:0 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 1023.236292][ T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1023.246568][ T53] Workqueue: hci4 hci_error_reset [ 1023.251811][ T53] RIP: 0010:ida_free+0x370/0x420 [ 1023.257096][ T53] Code: 10 42 80 3c 28 00 74 05 e8 2d 33 88 f6 48 8b 7c 24 40 4c 89 fe e8 60 a0 17 00 90 48 c7 c7 60 5f eb 8c 89 de e8 71 f5 e7 f5 90 <0f> 0b 90 90 eb 3d e8 15 c7 25 f6 49 bd 00 00 00 00 00 fc ff df 4d [ 1023.277073][ T53] RSP: 0018:ffffc90000bd7960 EFLAGS: 00010246 [ 1023.283271][ T53] RAX: 737db1f542107f00 RBX: 0000000000002000 RCX: ffff888015fc1e00 [ 1023.291257][ T53] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1023.300020][ T53] RBP: ffffc90000bd7a58 R08: ffffffff81585742 R09: fffffbfff1c39994 [ 1023.308609][ T53] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: ffffc90000bd79a0 [ 1023.317599][ T53] R13: dffffc0000000000 R14: ffff888077a580a0 R15: 0000000000000246 [ 1023.325807][ T53] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 1023.334863][ T53] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1023.341467][ T53] CR2: 00007fac3625ed58 CR3: 000000005fec2000 CR4: 00000000003506f0 [ 1023.349553][ T53] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1023.357621][ T53] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1023.365905][ T53] Call Trace: [ 1023.369211][ T53] [ 1023.372157][ T53] ? __warn+0x163/0x4e0 [ 1023.376559][ T53] ? ida_free+0x370/0x420 [ 1023.380927][ T53] ? report_bug+0x2b3/0x500 [ 1023.385599][ T53] ? ida_free+0x370/0x420 [ 1023.389963][ T53] ? handle_bug+0x3e/0x70 [ 1023.394471][ T53] ? exc_invalid_op+0x1a/0x50 [ 1023.399173][ T53] ? asm_exc_invalid_op+0x1a/0x20 [ 1023.404813][ T53] ? __warn_printk+0x292/0x360 [ 1023.409611][ T53] ? ida_free+0x370/0x420 [ 1023.414527][ T53] ? __pfx_ida_free+0x10/0x10 [ 1023.419237][ T53] ? synchronize_rcu+0x11b/0x360 [ 1023.424355][ T53] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1023.430367][ T53] hci_conn_del+0x746/0xc40 [ 1023.434994][ T53] hci_conn_hash_flush+0x18e/0x240 [ 1023.440138][ T53] hci_dev_close_sync+0x911/0xf60 [ 1023.445272][ T53] hci_error_reset+0x12c/0x3f0 [ 1023.450065][ T53] ? process_scheduled_works+0x945/0x1830 [ 1023.455876][ T53] process_scheduled_works+0xa2c/0x1830 [ 1023.461679][ T53] ? __pfx_process_scheduled_works+0x10/0x10 [ 1023.467948][ T53] ? assign_work+0x364/0x3d0 [ 1023.472571][ T53] worker_thread+0x86d/0xd50 [ 1023.477440][ T53] ? __kthread_parkme+0x169/0x1d0 [ 1023.482497][ T53] ? __pfx_worker_thread+0x10/0x10 [ 1023.487786][ T53] kthread+0x2f0/0x390 [ 1023.491881][ T53] ? __pfx_worker_thread+0x10/0x10 [ 1023.497112][ T53] ? __pfx_kthread+0x10/0x10 [ 1023.501727][ T53] ret_from_fork+0x4b/0x80 [ 1023.506820][ T53] ? __pfx_kthread+0x10/0x10 [ 1023.511441][ T53] ret_from_fork_asm+0x1a/0x30 [ 1023.516772][ T53] [ 1023.519815][ T53] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1023.527101][ T53] CPU: 0 PID: 53 Comm: kworker/u9:0 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0 [ 1023.537173][ T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1023.547243][ T53] Workqueue: hci4 hci_error_reset [ 1023.552295][ T53] Call Trace: [ 1023.555581][ T53] [ 1023.558516][ T53] dump_stack_lvl+0x241/0x360 [ 1023.563213][ T53] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1023.568428][ T53] ? __pfx__printk+0x10/0x10 [ 1023.573047][ T53] ? vscnprintf+0x5d/0x90 [ 1023.577397][ T53] panic+0x349/0x860 [ 1023.581316][ T53] ? __warn+0x172/0x4e0 [ 1023.585490][ T53] ? __pfx_panic+0x10/0x10 [ 1023.589938][ T53] ? ret_from_fork_asm+0x1a/0x30 [ 1023.594901][ T53] __warn+0x346/0x4e0 [ 1023.598915][ T53] ? ida_free+0x370/0x420 [ 1023.603268][ T53] report_bug+0x2b3/0x500 [ 1023.607616][ T53] ? ida_free+0x370/0x420 [ 1023.611975][ T53] handle_bug+0x3e/0x70 [ 1023.616144][ T53] exc_invalid_op+0x1a/0x50 [ 1023.620660][ T53] asm_exc_invalid_op+0x1a/0x20 [ 1023.625531][ T53] RIP: 0010:ida_free+0x370/0x420 [ 1023.630483][ T53] Code: 10 42 80 3c 28 00 74 05 e8 2d 33 88 f6 48 8b 7c 24 40 4c 89 fe e8 60 a0 17 00 90 48 c7 c7 60 5f eb 8c 89 de e8 71 f5 e7 f5 90 <0f> 0b 90 90 eb 3d e8 15 c7 25 f6 49 bd 00 00 00 00 00 fc ff df 4d [ 1023.650082][ T53] RSP: 0018:ffffc90000bd7960 EFLAGS: 00010246 [ 1023.656142][ T53] RAX: 737db1f542107f00 RBX: 0000000000002000 RCX: ffff888015fc1e00 [ 1023.664104][ T53] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1023.672062][ T53] RBP: ffffc90000bd7a58 R08: ffffffff81585742 R09: fffffbfff1c39994 [ 1023.680031][ T53] R10: dffffc0000000000 R11: fffffbfff1c39994 R12: ffffc90000bd79a0 [ 1023.687996][ T53] R13: dffffc0000000000 R14: ffff888077a580a0 R15: 0000000000000246 [ 1023.695969][ T53] ? __warn_printk+0x292/0x360 [ 1023.700741][ T53] ? __pfx_ida_free+0x10/0x10 [ 1023.705413][ T53] ? synchronize_rcu+0x11b/0x360 [ 1023.710354][ T53] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1023.716334][ T53] hci_conn_del+0x746/0xc40 [ 1023.720834][ T53] hci_conn_hash_flush+0x18e/0x240 [ 1023.725943][ T53] hci_dev_close_sync+0x911/0xf60 [ 1023.730969][ T53] hci_error_reset+0x12c/0x3f0 [ 1023.735743][ T53] ? process_scheduled_works+0x945/0x1830 [ 1023.741479][ T53] process_scheduled_works+0xa2c/0x1830 [ 1023.747050][ T53] ? __pfx_process_scheduled_works+0x10/0x10 [ 1023.753045][ T53] ? assign_work+0x364/0x3d0 [ 1023.757653][ T53] worker_thread+0x86d/0xd50 [ 1023.762270][ T53] ? __kthread_parkme+0x169/0x1d0 [ 1023.767307][ T53] ? __pfx_worker_thread+0x10/0x10 [ 1023.772414][ T53] kthread+0x2f0/0x390 [ 1023.776491][ T53] ? __pfx_worker_thread+0x10/0x10 [ 1023.781609][ T53] ? __pfx_kthread+0x10/0x10 [ 1023.786194][ T53] ret_from_fork+0x4b/0x80 [ 1023.790603][ T53] ? __pfx_kthread+0x10/0x10 [ 1023.795186][ T53] ret_from_fork_asm+0x1a/0x30 [ 1023.799956][ T53] [ 1023.803184][ T53] Kernel Offset: disabled [ 1023.807580][ T53] Rebooting in 86400 seconds..