last executing test programs: 8.251959371s ago: executing program 3 (id=484): bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_open_procfs(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$rfkill(0xffffffffffffff9c, &(0x7f00000004c0), 0x81, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37) close(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000001800000001000000000000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r4, r7, 0x5, 0x0, 0x0, @void, @value}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r4}, &(0x7f0000000100), &(0x7f0000000140)=r3}, 0x20) sendmsg(r5, &(0x7f00000029c0)={0x0, 0x17, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1, 0x0, 0x0, 0xa4}, 0x0) 7.239663127s ago: executing program 3 (id=492): iopl(0xb) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) iopl(0x7f) r0 = fsopen(&(0x7f0000000040)='ceph\x00', 0x0) iopl(0xd) iopl(0xf0) iopl(0xce) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000140)={'wlan1\x00'}) r5 = syz_clone3(&(0x7f0000001340)={0x2164c80, &(0x7f0000000180), &(0x7f00000001c0)=0x0, &(0x7f0000000200), {}, &(0x7f0000000240)=""/177, 0xb1, &(0x7f0000000300)=""/4096, &(0x7f0000001300)=[0x0, 0x0, 0xffffffffffffffff], 0x3, {r4}}, 0x58) write$cgroup_pid(r2, &(0x7f00000013c0)=r6, 0x12) iopl(0x1) io_setup(0x6, &(0x7f0000001400)) iopl(0x8) iopl(0xbd) ioctl$FIONCLEX(r0, 0x5450) fsopen(&(0x7f0000001440)='hpfs\x00', 0x1) ioctl$FIBMAP(r2, 0x1, &(0x7f0000001480)=0x3bb) openat$cgroup_pressure(r2, &(0x7f00000014c0)='cpu.pressure\x00', 0x2, 0x0) iopl(0x8) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001500)={0x2, 0x4, 0x8, 0x1, 0x80, r4, 0x8000, '\x00', 0x0, r4, 0x3, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000001600)={&(0x7f0000001580)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000015c0)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, 0xcccccccc}) openat$cgroup_subtree(r2, &(0x7f0000001640), 0x2, 0x0) iopl(0x80) syz_open_dev$amidi(&(0x7f0000001680), 0x2, 0x408001) ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000001740)=@get={0x1, &(0x7f00000016c0)=""/70, 0xfff}) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000005, 0x4010, r3, 0x97eac000) prctl$PR_SCHED_CORE(0x3e, 0x3, r5, 0x1, &(0x7f0000001780)) 6.959609279s ago: executing program 3 (id=495): r0 = mq_open(&(0x7f0000000040)='!selinuxsel\xad\"\x0e\xabx\xb8\xc9\xa8x\x00', 0x1, 0x0, 0x0) mq_notify(r0, &(0x7f0000000200)={0x0, 0x1d, 0x1, @thr={&(0x7f0000000440)="18a21cdb902405a3b554175cfca324b94200fcadc0f9b13f6ff473eef3dfc6ecd91c84149d7cf5f9896ca3bf27b41947667a7caee6a8d6e4f8ab03e98d9929096b050b21dc2607088fa975f027994132a4cd72e1b58916bca8dae0054cdcf3bf21f843851d3ca9b5d467d0a5bac8093a36156c726ff00b9d798622d2b7bd81556ee5246f88670ec4ab12aaa8413af2b54b61365e183abeaa37fbcf50fa85206c38fc6c69080761f893a72dbb04f94d00000000000000005b4a20747c83ae359d15c352986756fe4c99ded678ebdb83116217b313cf00b7a981e9fd3219dd40d8fc6712ea74c25532715e9c926ccd420082383f17af2fec179c82a757285841926bb2aa800ac70500000000000000dd090a78c00a89b68776ff8c74f5861d9ad63aaece1fc2bf090e8ef359b3f8f5e062dbff9d57da7bd5d74f78873927049226bd339281592d02208eb1f16aa7937fdacbf3553c288c719ca1a934a274aa5782b2b01a9b265bd1de6cddb597", &(0x7f0000000400)="561678a09af39ba1b728cef44dfda75c0593fa8c230833dc0d3c760e9f9e48fe6582921a900b46b6e1f03e47d7795433d3684ab2d8"}}) socket$nl_xfrm(0x10, 0x3, 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000380)=@generic={0x0, 0x0, 0x8}, 0x18) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c) r2 = creat(&(0x7f0000000100)='./bus\x00', 0x100) fcntl$setstatus(r2, 0x4, 0x6100) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) setxattr$trusted_overlay_upper(&(0x7f00000003c0)='./bus\x00', &(0x7f00000005c0), &(0x7f0000000600)={0x0, 0xfb, 0x30, 0x0, 0x7, "eeb8bc6f6c2d4d3ef284aa45ec9674fe", "1bcedf589c6c5dc1e7bbf43335accb867fe574295626f5519bfbb2"}, 0x30, 0x1) mkdir(0x0, 0x182) getsockopt$inet_tcp_int(r2, 0x6, 0x1, &(0x7f0000000240), &(0x7f0000000280)=0x4) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) connect$802154_dgram(r2, &(0x7f0000000340)={0x24, @short={0x2, 0x3, 0xfffe}}, 0x14) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, &(0x7f00000000c0)={0x0, 0x6, 0x0, 0x0, 'syz1\x00', 0x1}) syz_open_dev$dri(0x0, 0x0, 0x0) syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SYNC(r4, 0x5001, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) ioctl$SNDCTL_DSP_SETFMT(r4, 0x40045010, &(0x7f0000000300)) socket$inet_icmp_raw(0x2, 0x3, 0x1) 6.096131737s ago: executing program 0 (id=498): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a000000a498fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8) 5.929959375s ago: executing program 0 (id=501): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x7, 0x0, 0x20000000000005e, 0x0, 0x0, 0x8000}) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$VT_GETMODE(r1, 0x5601, 0x0) ioprio_set$pid(0x1, 0x0, 0x0) ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r0, 0x7ac, &(0x7f00000001c0)={&(0x7f00000005c0)={{@my=0x0, 0x200}, {@hyper, 0x7fffffff}, 0x400, "8217b6a7da8765fe4ce7c70cd8109687d68b9975bd5315206fae56046ee77c56ac82b72f6df5fda641b7e2bcc9d0c0b32dc319247820e21ca8a4344ab79a167929a863d20f47f5626826168861d2e3078a7e41155a498f7fcd01240bf9dca23e082e56099133c1023fc40af49f5b2160c93d23a302dfe82f0cb943a26944964f911dfcc5e8cba81741b829f755827339eff67481a2103198d3a6187aaf8df8022cda8d2c2dabce8e0979c371c5baf447d7992c663ec602e71c2d647575b87060f1130b1a8f7d1842c3c5538b801f2415fbb8ce84396d4ae24636fdef7dd558108417a1632f2a5a1ed9f0b85fc2d7aa4b019ff8f68c96724d70c1da80618cc16e8f89468db2cdf166e2b63914a57a0898d9a4e9d7235a7cb05f34f644bb19410a6d729cd635db47f7adb952ddac73d950241697d8fad02e68984ffb42ff4bf5f8522e42e5af6ec45b41766a71c924bfb56364d3530b186a778192a9b959e931d34a802f7a1dd633981bfa5087e22d5a335dcf6509da2b5466cbeef906fbbcf3b4bc9fe1f2256a92f92eb12244cd1d11db4c6bab9c063e70947c3745e6b69c0fc9e453fe566e8b1497a426286f3b1e4f9301141677e75eb4578ebba24c4b28c846309878ec5800fb5b5b217a64ab3818ab031e07be5fbcdf5427b16648fb4ce2c775542f912c5faeae16cfc43634b5f6dd32ddc8559ed740372f79cc8a8d29e6bb48e602a34a2752bad9f2b9ea441e8f195ac6ca0426aae39fefff20309074159ba1a0ddd644a92c92749556be44b3c7723a4ddc408333c683ea23e06f8bc5b0456d9079fd3e0e395d01fe4f6ba0bf92a46a31e25096ece3fffeaa872d23e1c342cc1a0baeda7016b65f499e81caf071075ee4f5edcd32f7a34672ffbe6f5e8407b514ffd3ffd7d1961eadabc2d6bb6f2078d5c45a1208863b9d62fbd9dee4963a84b03ebae3fba1d8bb92bfa6b89aa399482568589ffd0be299c832224bde5d57c1571ea8aba961f41c99af42a76d889284533b7acb402f07159fc3e3a84288aac900e4f08a08d4200c50a8bbca6f85d1bde9d5d1a25ef781542e4a73c42cb823b8c009f5016c664ab1f2eb92448170be54744c41694d0e6ee83d672ea3b47f812d66e059813feca764438aa050b58a11546f2417448f8c73c97285d3949dc44b89dcb00b6ade51a073a283a3473610b2e565870593b05baa1edb7fb0f8622e212db1bf941e8753c5b538bf2da72b7a9ce6b5f22f08572175eb558e5a9b0bfade7afbba2bc9152aa45c994fab3149aea91e4dedfaa32d3f6ae519f0aa0eccb3c14fbabb74c8d763c7b208d4c5fe9e99fa9f580349d24d72236a644c1990e96ded1a77a0852fd29626dce9501450a611ba272761f8d3ff0f2ce2159faafe9a224532654661e45e3a5eb838e39100ba1ed515749cea2ffa9c505852365f57da396a"}, 0x418, 0x5}) r2 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r2, &(0x7f00000047c0)=[{&(0x7f0000000200)=@in={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000300)="b3", 0x1}], 0x1, &(0x7f0000000380)=[@init={0x18, 0x84, 0x0, {0x3d1, 0x6, 0x401, 0xfff}}], 0x18, 0x8114}], 0x1, 0x800) setsockopt$MRT6_ASSERT(r2, 0x29, 0xcf, &(0x7f00000002c0), 0x4) r3 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382) sendfile(r3, r3, 0x0, 0x24002de8) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb380018000000000000007c000000d600000002000000000000000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000080000000000900000000000000000000000902"], 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140)='ramfs\x00', 0x2000, &(0x7f0000000180)='*\x00') mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') open(&(0x7f0000000000)='.\x00', 0x0, 0x0) 5.624959964s ago: executing program 0 (id=503): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0xa500, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) socket$inet_smc(0x2b, 0x1, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) socket$rxrpc(0x21, 0x2, 0x2) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) socket$alg(0x26, 0x5, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) pselect6(0x0, 0x0, 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0) pselect6(0x40, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0) 5.533058928s ago: executing program 4 (id=504): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000001ea30000926d2b91011786bc5bb026cf4e916c22b39a4e2c8783b3cdc61d77b4a11e645ff4f49c663eca67b56f56fd96e175620015b0635a7ac84981d622dbb3fe6f2d74f56fe42865d3174c2ad0e542c66a8d61912a2b118213da69000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000001000010700020100000000320a0000000600010016"], 0x1c}}, 0x0) 5.211273813s ago: executing program 4 (id=506): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@empty, @in6=@loopback, 0x0, 0x40, 0x0, 0x40, 0xa, 0x0, 0x80, 0x2e}, {0x0, 0x5}, {0x7000000}, 0x0, 0x0, 0x1}, {{@in6=@remote, 0x0, 0x6c}, 0x0, @in6=@mcast2, 0x80, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x4}}, 0xe8) 5.0195969s ago: executing program 4 (id=508): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x4000000002) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000840)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={0x0, 0x24}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61157800000000006113700000000000bfa000000000000007000000ee0016055e03010000000000640500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000040600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f000012b000/0x3000)=nil, 0x3000, 0x1000001, 0x80010, r4, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) getpeername$packet(r7, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) r9 = socket$netlink(0x10, 0x3, 0x0) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r10], 0x4c}}, 0x0) ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000240)={@local, @ipv4={'\x00', '\xff\xff', @empty}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xa28700aa, r8}) socket$netlink(0x10, 0x3, 0x0) 4.89377622s ago: executing program 1 (id=509): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x6) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x275a, 0x0) sendmsg$NL80211_CMD_SET_CHANNEL(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x1c, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000001}, 0x80) sendfile(r0, r1, 0x0, 0xf03a0005) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)=0x8) add_key(0x0, 0x0, &(0x7f00000000c0)="f0b1537dd2e101a4294b85c27175ce954cfb242c774012b72a78dd33ee57ea1626e7f74634f5e4947c571b0bec5ed636920b8c857847d94450218d05e2b9d4b977c0275d58c5d216aa11c9b3e1daa41c8b7d39ee720d2bda061bac6140c53da350ddc7e5ce6a0736e53f83b3d175ea1b647295a89cd2e86271665c554022449161c713a32d12ee125109c3d099a6cd76833c90031b5a25f2698859b4b9cb8444e586935de314abb3e9adc3356f80afe578f4433ebb02b8af268c1b4d94c51d10f275899b90be7aaf6847136c1261b5ca760a3a052f5f12b16d1d7fc6e2967d27cbc720c8c2b266761821b571b469d85ebccdac28195ecb0411f7d0113f53be40b310ccc5bac56e29e3c6c6ac3deaef6222809a28d123c4d2e69781e13a", 0x11d, 0xfffffffffffffffd) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', 0x0, 0x2}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xd) madvise(&(0x7f00000e0000/0x4000)=nil, 0x4000, 0x15) 4.147025249s ago: executing program 2 (id=510): r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f00000002c0), 0x0, 0xfffffffffffffffe) keyctl$read(0xb, r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0100000008000000010000000b"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = socket(0x10, 0x3, 0x0) r4 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x11}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x14, 0x2, [@TCA_HHF_ADMIT_BYTES={0x4}, @TCA_HHF_RESET_TIMEOUT={0x8}]}}]}, 0x40}}, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) 4.063497982s ago: executing program 0 (id=511): socket$nl_netfilter(0x10, 0x3, 0xc) (async) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BINDER_SET_MAX_THREADS(r1, 0x40046205, &(0x7f0000000240)=0x6) (async) mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x1fffff, 0x1, 0x11, r1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='svc_xprt_dequeue\x00', r1, 0x0, 0x101}, 0x18) (async) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xffffffffffffffff) (async) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_generic(0x10, 0x3, 0x10) (async) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) (async) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async) r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r5 = shmget(0x3, 0x2000, 0x200, &(0x7f0000ffd000/0x2000)=nil) shmctl$IPC_RMID(r5, 0x0) ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) (async) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000340)=ANY=[@ANYBLOB="5c0000000000000010000040000000e7bc00000000000002e4f997de0c8b814ce87a78691995b125de57e4cb55d5e1d9fed9a13c60c8827c0d035aaf7626420b549e9f02a4a398b866f0195ed6"]) (async) syz_kvm_setup_cpu$x86(r3, r7, &(0x7f00003e1000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) (async) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x40000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0xaf], 0x10000, 0x2400a0}) syz_open_dev$admmidi(0x0, 0x2, 0x83002) (async) io_submit(0x0, 0x0, 0x0) (async) sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0) (async) r8 = epoll_create1(0x80000) (async) r9 = socket$unix(0x1, 0x5, 0x0) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) ioctl$sock_proto_private(r9, 0x8b2c, &(0x7f0000000080)) (async) epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r0, &(0x7f0000000040)={0x20000004}) 4.063133125s ago: executing program 1 (id=512): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0xfe, [0x8, 0x4], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x2}]}]}]}}]}, 0xac}}, 0x4002000) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xe7) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = dup(r5) write$UHID_INPUT(r6, 0x0, 0x0) socket$isdn(0x22, 0x3, 0x4) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000100)={0xffffffffffffffff, r6}, 0xc) timerfd_create(0x7, 0x0) ioctl$sock_ax25_SIOCDELRT(r6, 0x890c, &(0x7f0000000000)={@bcast, @default, 0x7, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}) 4.043489673s ago: executing program 4 (id=513): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x7, 0x0, 0x20000000000005e, 0x0, 0x0, 0x8000}) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$VT_GETMODE(r1, 0x5601, 0x0) ioprio_set$pid(0x1, 0x0, 0x0) ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r0, 0x7ac, &(0x7f00000001c0)={&(0x7f00000005c0)={{@my=0x0, 0x200}, {@hyper, 0x7fffffff}, 0x400, "8217b6a7da8765fe4ce7c70cd8109687d68b9975bd5315206fae56046ee77c56ac82b72f6df5fda641b7e2bcc9d0c0b32dc319247820e21ca8a4344ab79a167929a863d20f47f5626826168861d2e3078a7e41155a498f7fcd01240bf9dca23e082e56099133c1023fc40af49f5b2160c93d23a302dfe82f0cb943a26944964f911dfcc5e8cba81741b829f755827339eff67481a2103198d3a6187aaf8df8022cda8d2c2dabce8e0979c371c5baf447d7992c663ec602e71c2d647575b87060f1130b1a8f7d1842c3c5538b801f2415fbb8ce84396d4ae24636fdef7dd558108417a1632f2a5a1ed9f0b85fc2d7aa4b019ff8f68c96724d70c1da80618cc16e8f89468db2cdf166e2b63914a57a0898d9a4e9d7235a7cb05f34f644bb19410a6d729cd635db47f7adb952ddac73d950241697d8fad02e68984ffb42ff4bf5f8522e42e5af6ec45b41766a71c924bfb56364d3530b186a778192a9b959e931d34a802f7a1dd633981bfa5087e22d5a335dcf6509da2b5466cbeef906fbbcf3b4bc9fe1f2256a92f92eb12244cd1d11db4c6bab9c063e70947c3745e6b69c0fc9e453fe566e8b1497a426286f3b1e4f9301141677e75eb4578ebba24c4b28c846309878ec5800fb5b5b217a64ab3818ab031e07be5fbcdf5427b16648fb4ce2c775542f912c5faeae16cfc43634b5f6dd32ddc8559ed740372f79cc8a8d29e6bb48e602a34a2752bad9f2b9ea441e8f195ac6ca0426aae39fefff20309074159ba1a0ddd644a92c92749556be44b3c7723a4ddc408333c683ea23e06f8bc5b0456d9079fd3e0e395d01fe4f6ba0bf92a46a31e25096ece3fffeaa872d23e1c342cc1a0baeda7016b65f499e81caf071075ee4f5edcd32f7a34672ffbe6f5e8407b514ffd3ffd7d1961eadabc2d6bb6f2078d5c45a1208863b9d62fbd9dee4963a84b03ebae3fba1d8bb92bfa6b89aa399482568589ffd0be299c832224bde5d57c1571ea8aba961f41c99af42a76d889284533b7acb402f07159fc3e3a84288aac900e4f08a08d4200c50a8bbca6f85d1bde9d5d1a25ef781542e4a73c42cb823b8c009f5016c664ab1f2eb92448170be54744c41694d0e6ee83d672ea3b47f812d66e059813feca764438aa050b58a11546f2417448f8c73c97285d3949dc44b89dcb00b6ade51a073a283a3473610b2e565870593b05baa1edb7fb0f8622e212db1bf941e8753c5b538bf2da72b7a9ce6b5f22f08572175eb558e5a9b0bfade7afbba2bc9152aa45c994fab3149aea91e4dedfaa32d3f6ae519f0aa0eccb3c14fbabb74c8d763c7b208d4c5fe9e99fa9f580349d24d72236a644c1990e96ded1a77a0852fd29626dce9501450a611ba272761f8d3ff0f2ce2159faafe9a224532654661e45e3a5eb838e39100ba1ed515749cea2ffa9c505852365f57da396a"}, 0x418, 0x5}) r2 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r2, &(0x7f00000047c0)=[{&(0x7f0000000200)=@in={0x2, 0x4e24, @remote}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000300)="b3", 0x1}], 0x1, &(0x7f0000000380)=[@init={0x18, 0x84, 0x0, {0x3d1, 0x6, 0x401, 0xfff}}], 0x18, 0x8114}], 0x1, 0x800) setsockopt$MRT6_ASSERT(r2, 0x29, 0xcf, &(0x7f00000002c0), 0x4) r3 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382) sendfile(r3, r3, 0x0, 0x24002de8) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb380018000000000000007c000000d600000002000000000000000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000080000000000900000000000000000000000902"], 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140)='ramfs\x00', 0x2000, &(0x7f0000000180)='*\x00') mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') open(&(0x7f0000000000)='.\x00', 0x0, 0x0) 3.973094032s ago: executing program 4 (id=514): socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) ioctl$SNDCTL_SEQ_GETOUTCOUNT(r1, 0x80045104, &(0x7f0000000040)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000100)={0x1, 0x0, [{0x40000071, 0x0, 0x1545a28}]}) syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x92, 0xe5, 0x9e, 0x20, 0x108c, 0x169, 0x75b9, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xdb, 0x0, 0x0, 0xd, 0xfa, 0x0, 0x3}}]}}]}}, 0x0) 3.779436351s ago: executing program 2 (id=515): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x1e, 0x200, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c001000003ff3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"}) 3.441532566s ago: executing program 2 (id=516): ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x20000000002) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0) fcntl$setlease(r1, 0x400, 0x0) fremovexattr(r1, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000200)={r1}, 0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) unshare(0x20020000) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0) r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r5 = open(&(0x7f0000000000)='.\x00', 0x800, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) unlinkat(r5, &(0x7f0000000140)='./file0\x00', 0x200) r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r5, 0x4048aecb, &(0x7f0000000340)=ANY=[@ANYRESOCT=r4]) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 3.078872384s ago: executing program 0 (id=517): r0 = socket$can_raw(0x1d, 0x3, 0x1) socket$igmp(0x2, 0x3, 0x2) bind$inet6(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) r2 = socket$inet6(0xa, 0x803, 0x6) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x1}, 0x1c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$inet6_mptcp(0xa, 0x1, 0x106) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f0000000240)=@nullb, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='v7\x00', 0x0, 0x0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000300)=ANY=[@ANYBLOB="ac00000021000101000000000000000000000004000000000000000000000000ac141400000000000000000000000000000000dfffffffffffffff0000000000", @ANYRES32=0x0, @ANYRES64=r0, @ANYBLOB="000000000000000050001100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ac1414bb0000000000000000000000000000000000000000000000000a0010000200000000000000"], 0xac}}, 0x10) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, 0x0, 0x0) openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r6, 0xaf01, 0x0) r7 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r0, &(0x7f0000000000)) geteuid() ioctl$VHOST_RESET_OWNER(r6, 0xaf02, 0x0) 3.011743543s ago: executing program 1 (id=518): syz_open_dev$tty20(0xc, 0x4, 0x0) r0 = socket$nl_rdma(0x10, 0x3, 0x14) socket$nl_xfrm(0x10, 0x3, 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r4, 0x0, 0x3}, 0x18) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc) mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000340)=ANY=[]) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) tkill(0x0, 0xb) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f000000000000000000000000000039d1c7"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000000214010028bd7000fddbdf250900020073797a3100000000080001000f00000008004400", @ANYRES32, @ANYBLOB="050054000100b2ac08000100000000000900020073"], 0x48}, 0x1, 0x0, 0x0, 0x4000801}, 0x0) 3.003050509s ago: executing program 3 (id=519): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x16, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000611051c50000000095"], &(0x7f0000000040)='syzkaller\x00', 0x6, 0x84, &(0x7f00000000c0)=""/132, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) writev(r0, &(0x7f0000000240)=[{&(0x7f0000001680)='0', 0x1}, {&(0x7f0000000080)='+', 0x1}], 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000002e00)=ANY=[@ANYBLOB="620af8ff0c011021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c767056a982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf9943134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2eed44d69fe32b0142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000070000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6a04006bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17690158969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583584acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb4d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f8957727da5122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0ae500000000000000dc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6eada31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000d58c08acaf30235b918a31d2eca55f74a23641f6022d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7c48de61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e4000000000d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb8434503680300383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718fd02cde45eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff1500000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9ab48620f144ff72ac579e4a5240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df651bc25070b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5500ff49d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e9611d2e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b08faa4bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef6853f35c28bc57665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b0504789d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c5100000000000000000000000000000000000000000000000070a45784f793e88e477e48f7d87acf12a6731eb5350831f500461ed55897f517923c73f731c139464c6383e580ce222a3250dd12ba25f71de8c94f56f418460dff5678c7c3f51ab4ddc29ffdf496bd8c579401c734fd5ac11a1008ce1d63f5b516d92bf5d718b267017b3ecd7200a7db0ef6b3a8e1f22186961f8c86c29b3144aa71d1623f9053dcf2a445c69d0f14b24884e83a94ad02647b8959c4eef7516546040c83e04484d7f2b65456e2da0dcc7f5a9024b8f4d35cbb03da118cb5f25b97894eafca8140fadcac67c5b17efea5a65b9a66cedb68619f2622733254650fe28f8233f40bed514bdfb199bf21cf421f2f70b1a285e86b542947cba56e23c3ae82d62e99d20d803bab995faae7389946ac0773194a5c2dcb3b57f6dcc6cb564e1dc7f0499df2b10bb50b470197ea7e8892c600"/4141], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket(0x10, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x401, 0x8001, 0x10400}, 0xa5, 0x10, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080) r7 = socket(0x10, 0x3, 0x0) r8 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000700)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000009c0)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r9, {}, {0x10, 0xa}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040010}, 0x400c804) r10 = socket$inet(0x2, 0x2, 0x1) connect$inet(r10, 0x0, 0x0) sendmmsg$inet(r10, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d", 0x7}], 0x1}}], 0x1, 0x2004000) r11 = socket$inet_tcp(0x2, 0x1, 0x0) r12 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getpeername$packet(r12, 0x0, 0x0) sendto$inet(r11, 0x0, 0x0, 0x20024094, 0x0, 0x0) 2.173345197s ago: executing program 0 (id=520): syz_open_dev$video4linux(0x0, 0x3, 0x0) (async) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000012c0), 0x0) (async) r0 = socket(0x2a, 0x2, 0x0) (async) socket$packet(0x11, 0x2, 0x300) rseq(&(0x7f0000000200), 0x20, 0x0, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) (async) acct(&(0x7f00000001c0)='./file0\x00') (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x0, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x9, 0xfff1}, {0x2, 0xf}, {0xfff1, 0x4}}}, 0x24}}, 0x48004) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) (async) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000700)=@newtfilter={0x54, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x2}}, [@filter_kind_options=@f_flow={{0x9}, {0x24, 0x2, [@TCA_FLOW_EMATCHES={0x20, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0x10, 0x1, 0x0, 0x0, {{0x2, 0x0, 0x5}, "ed"}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}]}]}}]}, 0x54}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000080)=[{0x45, 0x0, 0x1}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x6, 0xce}]}) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), 0xffffffffffffffff) 1.647996826s ago: executing program 2 (id=521): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000208500000073000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="611570000000000061136c2007ff0f00bfa000000000000007000000ee0016055e03010000000000160500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 1.353556388s ago: executing program 1 (id=522): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x19, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000730124000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0xff0f0000, 0x3, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.199570208s ago: executing program 1 (id=523): r0 = socket(0x2, 0x80805, 0x0) sendmmsg$inet(r0, &(0x7f0000000880)=[{{&(0x7f0000000080)={0x2, 0x0, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000180)={0x2, 0x0, @remote}, 0x69, &(0x7f0000000400)=[{&(0x7f0000000240)="b9", 0x26892}], 0xbb}}], 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) memfd_create(&(0x7f0000000440)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+ \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz\x03\x00\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92 \x00*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\f\xc9\xc5H\x0f;\xd3\xe2\at\x9bJ\xe6\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xee\xdc\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)\xdeA\x1ed\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97\xf6\xb8\xebN\xe2\x18\x04[\xabW}\xb1\xffo\xae~=\x9dd\x9f\x92\xd2[\xb8\xb6\x1a\x02c\xa1\xd1H\xb7@\x06\x96s\xef\xee\x92\xfaC\x15+\x84%h1O\xe2\xb8\xd3\x19R\x00\f\n\x1cpEn\xad\xa7IRf\xc65\x15<}\xb8\x05\xe4\xb7\x9e\xf3\xda\xdavzB\xf8qj\x9e\xe4\xbd\x05\xcfx\xb5\x12\t\xe0\xf2\'f\xf4+\xb3\xdeA6\x10O\xdd\x9c\xf7B', 0x7) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305829, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) dup(r1) r2 = socket$l2tp6(0xa, 0x2, 0x73) sendto$l2tp6(r2, 0x0, 0x0, 0x854, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2}, 0x20) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc0001}]}) socket$can_bcm(0x1d, 0x2, 0x2) r5 = mq_open(&(0x7f00000019c0)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0) mq_getsetattr(r5, &(0x7f0000000140), &(0x7f0000000180)) getresuid(&(0x7f0000000200), &(0x7f0000000280)=0x0, &(0x7f00000002c0)) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x4020, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [{@fowner_eq={'fowner', 0x3d, r6}}, {@subj_type}, {@context={'context', 0x3d, 'system_u'}}]}}) 1.191547894s ago: executing program 3 (id=524): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000fc0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cd0aa7b73340cc2160a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e10d859e8327ef03fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563112f4b391aafe234870072858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5c768a40538be5f76e9c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5be5f6eb2eea0d0df414b315f65112412392191fa83ee830548ef8e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb030621204d3ded6f260af62d91faae95196d5e3ff010000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a30280bc586e79a5dd8076c248e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5ffff000000000000c24411d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d54aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5f7d895de17a10b0a0ea15ccc0d7a830b6eb33b6b21675511d693ef5e3c44bbf71cabc5175d879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2e5a00d2f953a86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c56d0886eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366a9660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e959212181d4bf32ed89c96d421c8171698c49403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef310e10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e15a00adb976064a93e8d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeadc5cf218a6eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041814f60fbbcafa487ee96b368e8769da90b44190e569fe8b1d155d0765baaca5c5548b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751beed5f79de29a67a579150bfb31232d296b9d2977ed027ca90af7088d6466f1501d96a32bfa3cf9ab0dcd626ac9341833e92685af6917ae05473ae4768341426e244159b3c3e002b6f8ee80cbe6e26c816ab92658d956d849cd3a21ebf4b143d338035cd91f087633aa668e0644b05dc5a7937cd5fb62bd08242a858aeeda8c0cbb4fc2478a8155b859e88493f322702277939832bd4a1d8109f98c5a187564c9eb80acc63ac57459593c81ce8998e38ea231b81ebaa6b242ebdf382d70232f1d8e516a8eaf39d09ea40198cf1b72eb5ce5327d3a3861470be47a9a9dbf569e6f6f474fd1448adfd70c4f4a4487edaf193a00a808389a110a4286905ba81309735f6ac5d2ba7ab2be01fa25c11dbb3170258e9d9fed944fd85c03336a49f7016517a1988bc84ee301e167d3cf88c46c4eba6e2bfd099acd2eec5c624679aa7ebab76061a9ca792bffe3d6df4dbe70b5cab6299a51e63826fd0bda4846d06e322ebd745e73da718ba0c93e7567df9ed7ea8d2fdbde44e65a4cd01748b"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x56, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088a81bff886411004048633321fbac14142ce934a0a662079f4b4d2f87e56dca6aab845013f288a81a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000001c40)="beb61ec2ca90080239f2a54e2368fa761313c3a024a98109ba1e2e7b780d03c54b7a83d56fce397842e724674507d531762055fca371ea775f418df7bee236c9b9968146efb3232ae3413b617445e98bb644a892b9337f1a9135d9f30457a8ffb21aef4a95a155fab70a40b086056b0f63331a66b3457c", 0x2}, 0x2c) (fail_nth: 28) 647.213645ms ago: executing program 4 (id=525): syz_usb_connect(0x0, 0x24, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) r1 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x301, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0xff80}], 0x1, 0x0, 0x0, 0x2c}, 0x0) syz_usb_connect$uac1(0x0, 0x99, &(0x7f0000000000)=ANY=[], 0x0) r2 = socket(0x2, 0x5, 0x0) add_key(&(0x7f0000000000)='rxrpc\x00', 0x0, &(0x7f0000000240)="000000000100003299b8f276dc75584a8d87d907005858367d61f49e1639a48f614a54a8192c2876b7f843cd3a3c07288fa0f1e28983b5cdc2e29b6e", 0x3c, 0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e22, 0x7, @mcast2, 0x1000}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000007c0), &(0x7f0000000880)=0x8) syz_emit_ethernet(0x13e, &(0x7f0000000500)=ANY=[@ANYBLOB="e385ac4cc26d40f119aaaadf86dd60cb653e01083afffe800000000000000000000000000000ff02000000000000000000b1b24ae501890090780000000020010000000000000000000000000000fc010000000000000000000000000000041c9595f429ae08a565c9a41d413470a44d2e6f790a3872d50bb14d25344dc5b3a281f175f5ee04aab21301b94d966c72101cf44d89d9f6ee47d77c0d4e53e34b67c542fc6f6f6c60139c43b78286f5bb8f4f11d164af24e2633a45bf4ed944b0ef6a7b7167f73cf54e78686ac09402659c29eb0ce380654c1bb0f65b1556b7a311096b7aab867396997ffab76abca01185b08d1e29ee14d8fe61245487104b1c5205c6adc794af413b92d2d208b86f40983c4819c33b59c1abe2a4b0aa661fcb54e0855d6bb5dd267878ff59bcfc6079e7a50000000000000000050000000086e2a6f83bebe10e031fe7fca1a021ee42c2d655a82df1fec9bf842e1d311637923312fb8388249bc86965ccee81c2872c1f39cdf41358bc8447b11a2231547b22a2f2f6a7766b388392b34070d471c6689452133477cffaa7699abb5631f556278f25490a317cb636749d56eee68defc3f2143eb6563cd275794841b86a1160728edc7b7d361dec98982a7d0b976aed"], 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e0402030c"], 0x7) 535.765662ms ago: executing program 2 (id=526): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'team_slave_0\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f00000001c0)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0x5c, r3, 0x1, 0x0, 0x0, {0x1, 0x6c00000000000000, 0x5c}, [{{0x8, 0x1, r4}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r1}}}]}}]}, 0x5c}, 0x1, 0xf000, 0x0, 0x4044040}, 0x0) 535.506401ms ago: executing program 3 (id=527): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20) sched_setscheduler(0x0, 0x1, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000280)) sched_setscheduler(0x0, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xf7}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000bc0)={0x80, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_PEERS={0x2c, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6"}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x80}, 0x1, 0x0, 0x214e}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0x1}, &(0x7f0000000140), &(0x7f0000000180)}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x9fd, 0x84, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 524.73673ms ago: executing program 1 (id=528): socket$inet6_tcp(0xa, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x9, 0x0, 0x0, 0x7fff0000}, {0x953, 0x3, 0x2, 0x1}]}) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000000)={0x80000000, 0x0, &(0x7f00000001c0)}) setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000001640)=0x4f1d, 0x4) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f0000000240), 0x240820, &(0x7f00000002c0)={[], [{@fowner_gt}, {@dont_appraise}]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f0000000380)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) 0s ago: executing program 2 (id=529): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) (async) r1 = socket$kcm(0xa, 0x922000000003, 0x11) syz_open_procfs(0xffffffffffffffff, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async) getpid() (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) (async) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 32) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (rerun: 32) openat$selinux_avc_cache_stats(0xffffffffffffff9c, 0x0, 0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) (async) setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x60, @mcast1, 0x9}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000340)="f400000000002c00fe8000000000000000000000000000000100"/40, 0x2a}], 0x1}, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f00000000c0)) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x60, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x24, 0x11, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x9}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x10}]}}}]}], {0x14, 0x10}}, 0xa8}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) (async) sched_setaffinity(0x0, 0x53, &(0x7f0000000180)=0x1400200bd2) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) kernel console output (not intermixed with test programs): oot/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfc317e819 code=0x7ffc0000 [ 73.207236][ T6123] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 74.081089][ T29] audit: type=1326 audit(1732421063.977:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.4.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfc317e819 code=0x7ffc0000 [ 74.120052][ T29] audit: type=1326 audit(1732421063.987:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.4.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcfc317e819 code=0x7ffc0000 [ 74.144815][ T29] audit: type=1326 audit(1732421063.987:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.4.39" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfc317e819 code=0x7ffc0000 [ 74.182744][ T5923] kernel read not supported for file /video37 (pid: 5923 comm: kworker/1:6) [ 74.471348][ T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 74.525251][ T5941] usb 5-1: Cannot set MAC address [ 74.530664][ T5941] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 74.671320][ T8] usb 2-1: Using ep0 maxpacket: 8 [ 74.675036][ T5941] usb 5-1: USB disconnect, device number 2 [ 74.714034][ T8] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 74.724260][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 74.814241][ T8] usb 2-1: Product: syz [ 74.818431][ T8] usb 2-1: Manufacturer: syz [ 74.823644][ T8] usb 2-1: SerialNumber: syz [ 74.847727][ T8] usb 2-1: config 0 descriptor?? [ 74.915355][ T6137] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 75.393585][ T8] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 75.756619][ T6144] lo speed is unknown, defaulting to 1000 [ 75.762785][ T6144] lo speed is unknown, defaulting to 1000 [ 75.772889][ T6144] lo speed is unknown, defaulting to 1000 [ 75.789960][ T6144] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 75.816918][ T6144] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 75.887251][ T6145] netlink: 44 bytes leftover after parsing attributes in process `syz.3.57'. [ 75.917279][ T6144] lo speed is unknown, defaulting to 1000 [ 75.927965][ T6144] lo speed is unknown, defaulting to 1000 [ 75.938292][ T6144] lo speed is unknown, defaulting to 1000 [ 75.947911][ T6144] lo speed is unknown, defaulting to 1000 [ 75.958024][ T6144] lo speed is unknown, defaulting to 1000 [ 76.163717][ T2143] cfg80211: failed to load regulatory.db [ 77.253693][ T6160] Cannot find add_set index 1026 as target [ 77.628758][ T55] Bluetooth: hci4: command tx timeout [ 77.948253][ T8] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 77.986735][ T8] usb 2-1: USB disconnect, device number 2 [ 78.497489][ T6175] syz.3.63 uses old SIOCAX25GETINFO [ 78.547871][ T29] kauditd_printk_skb: 20 callbacks suppressed [ 78.547888][ T29] audit: type=1400 audit(1732421069.227:334): avc: denied { create } for pid=6165 comm="syz.3.63" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 78.628042][ T29] audit: type=1400 audit(1732421069.397:335): avc: denied { ioctl } for pid=6165 comm="syz.3.63" path="socket:[8668]" dev="sockfs" ino=8668 ioctlcmd=0x89e9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 78.809104][ T29] audit: type=1400 audit(1732421069.707:336): avc: denied { shutdown } for pid=6165 comm="syz.3.63" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 78.875126][ T29] audit: type=1400 audit(1732421069.777:337): avc: denied { write } for pid=6182 comm="syz.2.69" path="socket:[8779]" dev="sockfs" ino=8779 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 79.145364][ T6190] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 80.379185][ T29] audit: type=1400 audit(1732421070.887:338): avc: denied { listen } for pid=6197 comm="syz.2.73" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 80.437834][ T29] audit: type=1400 audit(1732421071.337:339): avc: denied { read } for pid=6195 comm="syz.0.72" path="socket:[8793]" dev="sockfs" ino=8793 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 80.741631][ T5841] Bluetooth: hci4: command 0x0405 tx timeout [ 80.766979][ T29] audit: type=1326 audit(1732421071.647:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6205 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7257e819 code=0x7ffc0000 [ 80.792728][ T29] audit: type=1326 audit(1732421071.647:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6205 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7257e819 code=0x7ffc0000 [ 80.878124][ T6211] netlink: 28 bytes leftover after parsing attributes in process `syz.4.75'. [ 80.941138][ T29] audit: type=1326 audit(1732421071.657:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6205 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fde7257e819 code=0x7ffc0000 [ 80.973132][ T6204] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.115212][ T6212] use of bytesused == 0 is deprecated and will be removed in the future, [ 81.124306][ T6212] use the actual size instead. [ 81.246344][ T6216] netlink: 8 bytes leftover after parsing attributes in process `syz.1.74'. [ 81.255705][ T6216] netlink: 'syz.1.74': attribute type 3 has an invalid length. [ 81.726988][ T29] audit: type=1326 audit(1732421071.667:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6205 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde7257e819 code=0x7ffc0000 [ 81.815507][ T6204] bond0: (slave rose0): Enslaving as an active interface with an up link [ 82.407191][ T6236] vlan2: entered allmulticast mode [ 82.555439][ T6235] cgroup: fork rejected by pids controller in /syz1 [ 82.724180][ T6260] netlink: 4 bytes leftover after parsing attributes in process `syz.2.87'. [ 83.806089][ T29] kauditd_printk_skb: 59 callbacks suppressed [ 83.806123][ T29] audit: type=1400 audit(1732421074.467:403): avc: denied { ioctl } for pid=6265 comm="syz.0.88" path="/dev/dri/card1" dev="devtmpfs" ino=628 ioctlcmd=0x64a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 83.838560][ C0] vkms_vblank_simulate: vblank timer overrun [ 84.062426][ T29] audit: type=1400 audit(1732421074.517:404): avc: denied { write } for pid=6265 comm="syz.0.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 84.251180][ T29] audit: type=1400 audit(1732421075.137:405): avc: denied { create } for pid=6283 comm="syz.4.91" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 84.271259][ C0] vkms_vblank_simulate: vblank timer overrun [ 85.021239][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 85.021352][ T6261] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 85.620797][ T6261] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 85.629742][ T6261] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 85.638214][ T6261] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 85.644690][ T6261] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 85.652670][ T6261] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 85.658655][ T6261] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 85.665220][ T6261] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 85.673260][ T6261] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 85.680723][ T6261] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 85.687748][ T6261] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 85.841223][ T29] audit: type=1400 audit(1732421076.737:406): avc: denied { unmount } for pid=5837 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 85.923580][ T29] audit: type=1400 audit(1732421076.807:407): avc: denied { create } for pid=6295 comm="syz.2.95" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 86.057569][ T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 86.944105][ T8] usb 1-1: device descriptor read/64, error -71 [ 86.971794][ T53] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.046974][ T29] audit: type=1400 audit(1732421077.947:408): avc: denied { bind } for pid=6299 comm="syz.4.97" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 87.089363][ T53] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.111067][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 87.178346][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 87.220671][ T8] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 87.240981][ T29] audit: type=1400 audit(1732421078.017:409): avc: denied { accept } for pid=6299 comm="syz.4.97" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 87.495298][ T29] audit: type=1400 audit(1732421078.017:410): avc: denied { setopt } for pid=6299 comm="syz.4.97" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 87.683245][ T5841] Bluetooth: hci1: command 0x0c1a tx timeout [ 87.731259][ T55] Bluetooth: hci4: command 0x0405 tx timeout [ 87.737322][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 87.811916][ T6324] input: syz0 as /devices/virtual/input/input5 [ 88.355851][ T29] audit: type=1400 audit(1732421078.817:411): avc: denied { read } for pid=5192 comm="acpid" name="event4" dev="devtmpfs" ino=2746 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 88.446008][ T29] audit: type=1400 audit(1732421078.817:412): avc: denied { open } for pid=5192 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2746 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 88.469970][ C0] vkms_vblank_simulate: vblank timer overrun [ 88.578010][ T53] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.661871][ T6330] capability: warning: `syz.0.103' uses 32-bit capabilities (legacy support in use) [ 89.054278][ T53] batman_adv: batadv0: Interface deactivated: netdevsim0 [ 89.107161][ T5841] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 89.115708][ T5841] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 89.125870][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 89.125884][ T29] audit: type=1400 audit(1732421080.007:414): avc: denied { ioctl } for pid=6337 comm="syz-executor" path="socket:[9002]" dev="sockfs" ino=9002 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 89.185398][ T5841] Bluetooth: hci0: command 0x0c1a tx timeout [ 89.191800][ T5841] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 89.201621][ T5841] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 89.210049][ T5841] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 89.217472][ T5841] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 89.263035][ T29] audit: type=1400 audit(1732421080.157:415): avc: denied { mounton } for pid=6337 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 89.322113][ T29] audit: type=1400 audit(1732421080.227:416): avc: denied { watch } for pid=6339 comm="syz.0.106" path="/23/file1" dev="tmpfs" ino=136 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 89.370007][ T53] batman_adv: batadv0: Removing interface: netdevsim0 [ 89.378994][ T53] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.492307][ T6337] lo speed is unknown, defaulting to 1000 [ 89.759521][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 89.811174][ T55] Bluetooth: hci4: command 0x0405 tx timeout [ 89.817396][ T55] Bluetooth: hci3: command 0x0c1a tx timeout [ 90.142496][ T29] audit: type=1400 audit(1732421081.047:417): avc: denied { create } for pid=6348 comm="syz.0.108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1 [ 90.157705][ T6352] overlay: ./bus is not a directory [ 90.171603][ T6352] overlay: ./bus is not a directory [ 90.343014][ T29] audit: type=1400 audit(1732421081.047:418): avc: denied { unlink } for pid=6348 comm="syz.0.108" name="#1" dev="tmpfs" ino=149 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 90.519430][ T29] audit: type=1400 audit(1732421081.047:419): avc: denied { mount } for pid=6348 comm="syz.0.108" name="/" dev="overlay" ino=143 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 90.587441][ T6366] @: renamed from vlan0 (while UP) [ 90.597330][ T6367] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 90.599614][ T6337] chnl_net:caif_netlink_parms(): no params data found [ 90.619704][ T29] audit: type=1400 audit(1732421081.127:420): avc: denied { shutdown } for pid=6356 comm="syz.4.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 90.639201][ T53] bridge_slave_1: left allmulticast mode [ 90.639254][ T53] bridge_slave_1: left promiscuous mode [ 90.640411][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.671777][ T29] audit: type=1400 audit(1732421081.167:421): avc: denied { unmount } for pid=5833 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 90.740017][ T53] bridge_slave_0: left allmulticast mode [ 90.746261][ T53] bridge_slave_0: left promiscuous mode [ 90.759984][ T29] audit: type=1400 audit(1732421081.217:422): avc: denied { read } for pid=6360 comm="syz.0.110" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 90.761464][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.789668][ T29] audit: type=1400 audit(1732421081.217:423): avc: denied { open } for pid=6360 comm="syz.0.110" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 90.824444][ T5841] Bluetooth: hci0: unexpected event for opcode 0x1003 [ 91.331260][ T5841] Bluetooth: hci2: command tx timeout [ 91.707164][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 91.722959][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 91.741993][ T53] bond0 (unregistering): Released all slaves [ 91.891653][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 91.897715][ T55] Bluetooth: hci4: command 0x0405 tx timeout [ 91.909826][ T6337] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.917332][ T6337] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.925501][ T6337] bridge_slave_0: entered allmulticast mode [ 91.933173][ T6337] bridge_slave_0: entered promiscuous mode [ 91.940597][ T6337] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.947346][ T6391] FAULT_INJECTION: forcing a failure. [ 91.947346][ T6391] name failslab, interval 1, probability 0, space 0, times 0 [ 91.947891][ T6337] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.975716][ T6337] bridge_slave_1: entered allmulticast mode [ 91.988331][ T6337] bridge_slave_1: entered promiscuous mode [ 91.995155][ T6391] CPU: 1 UID: 0 PID: 6391 Comm: syz.4.119 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 91.995179][ T6391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 91.995189][ T6391] Call Trace: [ 91.995195][ T6391] [ 91.995202][ T6391] dump_stack_lvl+0x16c/0x1f0 [ 91.995231][ T6391] should_fail_ex+0x497/0x5b0 [ 91.995256][ T6391] ? fs_reclaim_acquire+0xae/0x150 [ 91.995283][ T6391] should_failslab+0xc2/0x120 [ 91.995303][ T6391] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 91.995322][ T6391] ? getname_flags.part.0+0x4c/0x550 [ 91.995346][ T6391] getname_flags.part.0+0x4c/0x550 [ 92.005857][ T5882] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 92.015675][ T6391] getname_flags+0x93/0xf0 [ 92.015707][ T6391] __x64_sys_rename+0x65/0xa0 [ 92.015723][ T6391] do_syscall_64+0xcd/0x250 [ 92.015745][ T6391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.083592][ T6391] RIP: 0033:0x7fcfc317e819 [ 92.088011][ T6391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.107623][ T6391] RSP: 002b:00007fcfc3efc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 92.116033][ T6391] RAX: ffffffffffffffda RBX: 00007fcfc3335fa0 RCX: 00007fcfc317e819 [ 92.123991][ T6391] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000020000180 [ 92.131952][ T6391] RBP: 00007fcfc3efc090 R08: 0000000000000000 R09: 0000000000000000 [ 92.139929][ T6391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.147882][ T6391] R13: 0000000000000000 R14: 00007fcfc3335fa0 R15: 00007ffc00990fc8 [ 92.155846][ T6391] [ 92.181229][ T5882] usb 1-1: Using ep0 maxpacket: 32 [ 92.191885][ T5882] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 92.201510][ T5882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.209553][ T5882] usb 1-1: Product: syz [ 92.224617][ T5882] usb 1-1: Manufacturer: syz [ 92.244525][ T5882] usb 1-1: SerialNumber: syz [ 92.255477][ T5882] usb 1-1: config 0 descriptor?? [ 92.294289][ T5882] CoreChips 1-1:0.0: probe with driver CoreChips failed with error -22 [ 92.316390][ T6337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.362640][ T6337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.455344][ T6337] team0: Port device team_slave_0 added [ 93.250700][ T6337] team0: Port device team_slave_1 added [ 93.310848][ T6337] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.337152][ T6337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 93.370500][ T6337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.411777][ T5841] Bluetooth: hci2: command tx timeout [ 93.448483][ T53] hsr_slave_0: left promiscuous mode [ 93.557575][ T53] hsr_slave_1: left promiscuous mode [ 93.566123][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 93.573958][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 93.583814][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 93.591377][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 93.604080][ T53] veth1_macvtap: left promiscuous mode [ 93.611370][ T53] veth0_macvtap: left promiscuous mode [ 93.617091][ T53] veth1_vlan: left promiscuous mode [ 93.623344][ T53] veth0_vlan: left promiscuous mode [ 93.628745][ T6408] 9pnet_fd: Insufficient options for proto=fd [ 93.639564][ T6408] input: syz0 as /devices/virtual/input/input6 [ 93.681119][ T5882] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 93.842264][ T5882] usb 4-1: config 0 has an invalid interface number: 63 but max is 0 [ 93.855777][ T5882] usb 4-1: config 0 has no interface number 0 [ 93.863252][ T5882] usb 4-1: config 0 interface 63 has no altsetting 0 [ 93.886687][ T5882] usb 4-1: New USB device found, idVendor=3344, idProduct=22f0, bcdDevice=32.f8 [ 93.896173][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.907169][ T5882] usb 4-1: Product: syz [ 93.911668][ T5882] usb 4-1: Manufacturer: syz [ 93.917324][ T5882] usb 4-1: SerialNumber: syz [ 93.935650][ T5882] usb 4-1: config 0 descriptor?? [ 94.090353][ T53] team0 (unregistering): Port device team_slave_1 removed [ 94.137302][ T53] team0 (unregistering): Port device team_slave_0 removed [ 94.469193][ T6411] xt_connbytes: Forcing CT accounting to be enabled [ 94.477494][ T6411] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 94.500357][ T6411] xt_bpf: check failed: parse error [ 94.586135][ T6337] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.599026][ T6337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.638465][ T6337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.676246][ T5882] usb 1-1: USB disconnect, device number 5 [ 94.862231][ T5841] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 94.870805][ T5841] Bluetooth: hci0: Injecting HCI hardware error event [ 94.883484][ T5841] Bluetooth: hci0: hardware error 0x00 [ 95.124233][ T6419] netlink: 96 bytes leftover after parsing attributes in process `syz.0.126'. [ 95.148033][ T6418] team0: Device vlan0 is already an upper device of the team interface [ 95.163467][ T6416] netlink: 16 bytes leftover after parsing attributes in process `syz.0.126'. [ 95.172897][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 95.172911][ T29] audit: type=1400 audit(1732421086.067:432): avc: denied { write } for pid=6414 comm="syz.0.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1 [ 95.224742][ T6337] hsr_slave_0: entered promiscuous mode [ 95.234914][ T6337] hsr_slave_1: entered promiscuous mode [ 95.491968][ T55] Bluetooth: hci2: command tx timeout [ 95.611228][ T5941] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 95.632127][ T29] audit: type=1800 audit(1732421086.537:433): pid=6431 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.4.131" name="/" dev="fuse" ino=1 res=0 errno=0 [ 95.670651][ T6337] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.688317][ T6337] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.699489][ T6337] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.709631][ T6337] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 95.759006][ T29] audit: type=1400 audit(1732421086.657:434): avc: denied { mounton } for pid=6428 comm="syz.4.131" path="/29/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1 [ 95.785412][ T6337] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.799220][ T6337] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.803596][ T29] audit: type=1400 audit(1732421086.697:435): avc: denied { setopt } for pid=6404 comm="syz.3.122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 95.834963][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.842034][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.855896][ T5941] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 95.856840][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.868286][ T5941] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.872103][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.941800][ T5941] usb 1-1: config 0 descriptor?? [ 95.973865][ T5941] cp210x 1-1:0.0: cp210x converter detected [ 96.003162][ T6337] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 96.072052][ T29] audit: type=1400 audit(1732421086.967:436): avc: denied { sys_module } for pid=6337 comm="syz-executor" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 96.165013][ T6337] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.204986][ T6337] veth0_vlan: entered promiscuous mode [ 96.219443][ T6337] veth1_vlan: entered promiscuous mode [ 96.242924][ T6337] veth0_macvtap: entered promiscuous mode [ 96.253582][ T6337] veth1_macvtap: entered promiscuous mode [ 96.266729][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.277748][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.288149][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.299752][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.310038][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.320913][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.335190][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 96.347556][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.362482][ T6337] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.375926][ T5941] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 96.376287][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.394648][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.405414][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.414096][ T5941] usb 1-1: cp210x converter now attached to ttyUSB0 [ 96.416379][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.438456][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.459086][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.469982][ T6337] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 96.481659][ T6337] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 96.494589][ T6337] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.516286][ T6337] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.525325][ T6337] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.538342][ T6337] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.547853][ T6337] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.607222][ T6231] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.626806][ T6231] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.637503][ T5941] usb 1-1: USB disconnect, device number 6 [ 96.645858][ T5941] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 96.683323][ T5941] cp210x 1-1:0.0: device disconnected [ 96.730444][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.742915][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.757260][ T29] audit: type=1400 audit(1732421087.657:437): avc: denied { mounton } for pid=6337 comm="syz-executor" path="/root/syzkaller.QsNnRD/syz-tmp" dev="sda1" ino=1950 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 96.790998][ T29] audit: type=1400 audit(1732421087.657:438): avc: denied { mount } for pid=6337 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 96.813987][ T29] audit: type=1400 audit(1732421087.687:439): avc: denied { mount } for pid=6337 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 96.847920][ T29] audit: type=1400 audit(1732421087.687:440): avc: denied { mounton } for pid=6337 comm="syz-executor" path="/root/syzkaller.QsNnRD/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 96.875109][ T29] audit: type=1400 audit(1732421087.687:441): avc: denied { mounton } for pid=6337 comm="syz-executor" path="/root/syzkaller.QsNnRD/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=10228 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1 [ 96.933318][ T5841] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 97.611488][ T5841] Bluetooth: hci2: command tx timeout [ 97.702243][ T2143] usb 4-1: USB disconnect, device number 3 [ 97.752057][ T6445] gretap0: entered promiscuous mode [ 97.759633][ T6445] gretap0: left promiscuous mode [ 98.062549][ T6451] Zero length message leads to an empty skb [ 98.347545][ T6455] binder: 6453:6455 ioctl 4018620d 0 returned -22 [ 98.456885][ T6468] siw: device registration error -23 [ 99.443778][ T6485] capability: warning: `syz.0.147' uses deprecated v2 capabilities in a way that may be insecure [ 100.127162][ T6503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.150'. [ 100.212432][ T6506] netlink: 60 bytes leftover after parsing attributes in process `syz.2.153'. [ 100.244038][ T29] kauditd_printk_skb: 13 callbacks suppressed [ 100.311219][ T29] audit: type=1400 audit(1732421091.107:455): avc: denied { append } for pid=6495 comm="syz.2.153" name="iommu" dev="devtmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 100.664559][ T29] audit: type=1400 audit(1732421091.567:456): avc: denied { bind } for pid=6507 comm="syz.4.156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 100.727560][ T6511] SET target dimension over the limit! [ 100.787503][ T6514] netlink: 1 bytes leftover after parsing attributes in process `syz.2.157'. [ 100.829093][ T29] audit: type=1400 audit(1732421091.627:457): avc: denied { write } for pid=6507 comm="syz.4.156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 100.848215][ C0] vkms_vblank_simulate: vblank timer overrun [ 101.785013][ T6523] syz.3.158: attempt to access beyond end of device [ 101.785013][ T6523] nbd3: rw=0, sector=1, nr_sectors = 1 limit=0 [ 101.799447][ T6523] VFS: unable to read V7 FS superblock on device nbd3. [ 101.806537][ T6523] VFS: could not find a valid V7 on nbd3. [ 102.005499][ T5884] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 102.170294][ T29] audit: type=1400 audit(1732421093.067:458): avc: denied { connect } for pid=6517 comm="syz.0.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 102.309657][ T29] audit: type=1400 audit(1732421093.067:459): avc: denied { name_connect } for pid=6517 comm="syz.0.160" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 102.447304][ T29] audit: type=1400 audit(1732421093.177:460): avc: denied { shutdown } for pid=6517 comm="syz.0.160" laddr=fe80::12 lport=59734 faddr=fe80::bb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 102.639696][ T5884] usb 5-1: New USB device found, idVendor=0644, idProduct=800f, bcdDevice=c5.77 [ 102.656921][ T5884] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.689135][ T6531] SET target dimension over the limit! [ 102.718546][ T5884] usb 5-1: Product: syz [ 102.723551][ T29] audit: type=1400 audit(1732421093.257:461): avc: denied { bind } for pid=6529 comm="syz.2.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 102.739508][ T5884] usb 5-1: Manufacturer: syz [ 102.768604][ T5884] usb 5-1: SerialNumber: syz [ 102.795547][ T5884] usb 5-1: config 0 descriptor?? [ 102.808578][ T29] audit: type=1400 audit(1732421093.267:462): avc: denied { write } for pid=5189 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 102.885380][ T29] audit: type=1400 audit(1732421093.267:463): avc: denied { remove_name } for pid=5189 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 102.889522][ T6544] random: crng reseeded on system resumption [ 102.908544][ T29] audit: type=1400 audit(1732421093.267:464): avc: denied { rename } for pid=5189 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 103.046929][ T5884] usb 5-1: USB disconnect, device number 3 [ 103.750379][ T6555] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 103.775578][ T6555] qnx6: wrong signature (magic) in superblock #1. [ 103.790483][ T6555] qnx6: unable to read the first superblock [ 105.416909][ T6544] FAULT_INJECTION: forcing a failure. [ 105.416909][ T6544] name failslab, interval 1, probability 0, space 0, times 0 [ 105.429679][ T6544] CPU: 1 UID: 0 PID: 6544 Comm: syz.3.164 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 105.439910][ T6544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 105.449961][ T6544] Call Trace: [ 105.453221][ T6544] [ 105.456130][ T6544] dump_stack_lvl+0x16c/0x1f0 [ 105.460789][ T6544] should_fail_ex+0x497/0x5b0 [ 105.465537][ T6544] ? fs_reclaim_acquire+0xae/0x150 [ 105.470632][ T6544] should_failslab+0xc2/0x120 [ 105.475305][ T6544] __kmalloc_noprof+0xcb/0x400 [ 105.480057][ T6544] ? d_absolute_path+0x137/0x1b0 [ 105.485087][ T6544] tomoyo_encode2+0x100/0x3e0 [ 105.489771][ T6544] tomoyo_encode+0x29/0x50 [ 105.494185][ T6544] tomoyo_realpath_from_path+0x19d/0x720 [ 105.499804][ T6544] tomoyo_path_number_perm+0x248/0x590 [ 105.505241][ T6544] ? tomoyo_path_number_perm+0x235/0x590 [ 105.510863][ T6544] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 105.516840][ T6544] ? __pfx_lock_release+0x10/0x10 [ 105.521854][ T6544] ? trace_lock_acquire+0x146/0x1e0 [ 105.527127][ T6544] ? lock_acquire+0x2f/0xb0 [ 105.531605][ T6544] ? __fget_files+0x40/0x3a0 [ 105.536178][ T6544] ? __fget_files+0x206/0x3a0 [ 105.540952][ T6544] security_file_ioctl+0x9b/0x240 [ 105.546082][ T6544] __x64_sys_ioctl+0xb7/0x200 [ 105.550749][ T6544] do_syscall_64+0xcd/0x250 [ 105.555255][ T6544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.561129][ T6544] RIP: 0033:0x7f3a71f7e819 [ 105.565520][ T6544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.585119][ T6544] RSP: 002b:00007f3a72df1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 105.593519][ T6544] RAX: ffffffffffffffda RBX: 00007f3a72135fa0 RCX: 00007f3a71f7e819 [ 105.601486][ T6544] RDX: 0000000000000000 RSI: 0000000080083314 RDI: 0000000000000003 [ 105.609432][ T6544] RBP: 00007f3a72df1090 R08: 0000000000000000 R09: 0000000000000000 [ 105.617411][ T6544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.625380][ T6544] R13: 0000000000000000 R14: 00007f3a72135fa0 R15: 00007ffd147fe7d8 [ 105.633355][ T6544] [ 105.637400][ T6544] ERROR: Out of memory at tomoyo_realpath_from_path. [ 105.644749][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 105.644786][ T29] audit: type=1400 audit(1732421096.547:480): avc: denied { ioctl } for pid=6543 comm="syz.3.164" path="/dev/snapshot" dev="devtmpfs" ino=92 ioctlcmd=0x3314 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 105.677694][ T29] audit: type=1400 audit(1732421096.547:481): avc: denied { unmount } for pid=5833 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 106.049196][ T6578] netlink: 'syz.1.174': attribute type 4 has an invalid length. [ 106.104331][ T29] audit: type=1400 audit(1732421096.997:482): avc: denied { create } for pid=6574 comm="syz.1.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 106.160721][ T29] audit: type=1400 audit(1732421097.027:483): avc: denied { connect } for pid=6574 comm="syz.1.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 106.240491][ T6580] sctp: [Deprecated]: syz.2.173 (pid 6580) Use of struct sctp_assoc_value in delayed_ack socket option. [ 106.240491][ T6580] Use struct sctp_sack_info instead [ 106.511122][ T2143] usb 3-1: new full-speed USB device number 4 using dummy_hcd [ 106.663107][ T2143] usb 3-1: not running at top speed; connect to a high speed hub [ 106.744449][ T29] audit: type=1400 audit(1732421097.267:484): avc: denied { write } for pid=6567 comm="syz.4.171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 106.798257][ T2143] usb 3-1: config 1 interface 0 altsetting 14 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 106.811133][ T29] audit: type=1400 audit(1732421097.707:485): avc: denied { open } for pid=6583 comm="syz.3.176" path="/dev/ptyqa" dev="devtmpfs" ino=129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 106.838116][ T2143] usb 3-1: config 1 interface 0 altsetting 14 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 106.849286][ T29] audit: type=1400 audit(1732421097.717:486): avc: denied { ioctl } for pid=6583 comm="syz.3.176" path="" dev="devtmpfs" ino=129 ioctlcmd=0x5431 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1 [ 106.892575][ T2143] usb 3-1: config 1 interface 0 altsetting 14 has 3 endpoint descriptors, different from the interface descriptor's value: 5 [ 106.906118][ T2143] usb 3-1: config 1 interface 0 has no altsetting 0 [ 106.917746][ T2143] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 106.933729][ T2143] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.942632][ T29] audit: type=1400 audit(1732421097.787:487): avc: denied { ioctl } for pid=6585 comm="syz.0.175" path="socket:[11543]" dev="sockfs" ino=11543 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 106.967829][ T2143] usb 3-1: Product: í’²æ…⾈컹í‹ìŽ»ð¿‰‘ë–‹â¼£áš€è‡²ä›¨á²„ì€¼ì¯¶á’²è¤ª [ 106.985439][ T2143] usb 3-1: SerialNumber: â [ 106.993341][ T6580] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 107.000602][ T6580] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 107.154987][ T5841] Bluetooth: hci1: unexpected event for opcode 0x2012 [ 107.210485][ T6580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 107.219742][ T6580] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 107.232914][ T2143] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71 [ 107.310395][ T6599] FAULT_INJECTION: forcing a failure. [ 107.310395][ T6599] name failslab, interval 1, probability 0, space 0, times 0 [ 107.310451][ T6599] CPU: 0 UID: 0 PID: 6599 Comm: syz.3.177 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 107.310473][ T6599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 107.310483][ T6599] Call Trace: [ 107.310490][ T6599] [ 107.310498][ T6599] dump_stack_lvl+0x16c/0x1f0 [ 107.310526][ T6599] should_fail_ex+0x497/0x5b0 [ 107.310553][ T6599] ? fs_reclaim_acquire+0xae/0x150 [ 107.310581][ T6599] should_failslab+0xc2/0x120 [ 107.310602][ T6599] kmem_cache_alloc_node_noprof+0x71/0x310 [ 107.310622][ T6599] ? __alloc_skb+0x2b1/0x380 [ 107.310649][ T6599] ? __alloc_skb+0x88/0x380 [ 107.310682][ T6599] __alloc_skb+0x2b1/0x380 [ 107.310709][ T6599] ? __pfx___alloc_skb+0x10/0x10 [ 107.310739][ T6599] ? find_held_lock+0x2d/0x110 [ 107.310767][ T6599] alloc_skb_with_frags+0xe4/0x850 [ 107.310789][ T6599] ? __pfx_lock_release+0x10/0x10 [ 107.310807][ T6599] ? trace_lock_acquire+0x146/0x1e0 [ 107.310836][ T6599] sock_alloc_send_pskb+0x7f1/0x980 [ 107.310871][ T6599] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 107.310896][ T6599] ? selinux_socket_getpeersec_dgram+0x1a5/0x370 [ 107.310919][ T6599] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 107.310942][ T6599] ? hlock_class+0x4e/0x130 [ 107.310972][ T6599] unix_stream_sendmsg+0x3b9/0x1000 [ 107.311005][ T6599] ? __pfx_unix_stream_sendmsg+0x10/0x10 [ 107.311041][ T6599] ____sys_sendmsg+0xaaf/0xc90 [ 107.311065][ T6599] ? copy_msghdr_from_user+0x10b/0x160 [ 107.311084][ T6599] ? __pfx_____sys_sendmsg+0x10/0x10 [ 107.311117][ T6599] ___sys_sendmsg+0x135/0x1e0 [ 107.311138][ T6599] ? __pfx____sys_sendmsg+0x10/0x10 [ 107.311166][ T6599] ? __pfx_lock_release+0x10/0x10 [ 107.311184][ T6599] ? trace_lock_acquire+0x146/0x1e0 [ 107.311217][ T6599] ? __fget_files+0x206/0x3a0 [ 107.311248][ T6599] __sys_sendmsg+0x16e/0x220 [ 107.311267][ T6599] ? __pfx___sys_sendmsg+0x10/0x10 [ 107.311301][ T6599] do_syscall_64+0xcd/0x250 [ 107.311325][ T6599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.311349][ T6599] RIP: 0033:0x7f3a71f7e819 [ 107.311364][ T6599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.311381][ T6599] RSP: 002b:00007f3a72daf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 107.311400][ T6599] RAX: ffffffffffffffda RBX: 00007f3a72136160 RCX: 00007f3a71f7e819 [ 107.311412][ T6599] RDX: 0000000000000000 RSI: 00000000200029c0 RDI: 000000000000000a [ 107.311423][ T6599] RBP: 00007f3a72daf090 R08: 0000000000000000 R09: 0000000000000000 [ 107.311434][ T6599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 107.311445][ T6599] R13: 0000000000000000 R14: 00007f3a72136160 R15: 00007ffd147fe7d8 [ 107.311468][ T6599] [ 107.576902][ T2143] usb 3-1: USB disconnect, device number 4 [ 108.042227][ T6610] lo speed is unknown, defaulting to 1000 [ 108.288492][ T6613] FAULT_INJECTION: forcing a failure. [ 108.288492][ T6613] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 108.288594][ T6613] CPU: 0 UID: 0 PID: 6613 Comm: syz.0.183 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 108.288617][ T6613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 108.288627][ T6613] Call Trace: [ 108.288634][ T6613] [ 108.288641][ T6613] dump_stack_lvl+0x16c/0x1f0 [ 108.288681][ T6613] should_fail_ex+0x497/0x5b0 [ 108.288712][ T6613] _copy_to_user+0x32/0xd0 [ 108.288734][ T6613] simple_read_from_buffer+0xd0/0x160 [ 108.288760][ T6613] proc_fail_nth_read+0x198/0x270 [ 108.288783][ T6613] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 108.288809][ T6613] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 108.288830][ T6613] vfs_read+0x1df/0xbe0 [ 108.288854][ T6613] ? __fget_files+0x1fc/0x3a0 [ 108.288879][ T6613] ? __pfx___mutex_lock+0x10/0x10 [ 108.288902][ T6613] ? __pfx_vfs_read+0x10/0x10 [ 108.288931][ T6613] ? __fget_files+0x206/0x3a0 [ 108.288963][ T6613] ksys_read+0x12b/0x250 [ 108.288987][ T6613] ? __pfx_ksys_read+0x10/0x10 [ 108.289018][ T6613] do_syscall_64+0xcd/0x250 [ 108.289043][ T6613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.289065][ T6613] RIP: 0033:0x7f571af7d25c [ 108.289080][ T6613] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 108.289098][ T6613] RSP: 002b:00007f571bdc9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 108.289117][ T6613] RAX: ffffffffffffffda RBX: 00007f571b136080 RCX: 00007f571af7d25c [ 108.289130][ T6613] RDX: 000000000000000f RSI: 00007f571bdc90a0 RDI: 0000000000000009 [ 108.289141][ T6613] RBP: 00007f571bdc9090 R08: 0000000000000000 R09: 0000000000000000 [ 108.289152][ T6613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 108.289163][ T6613] R13: 0000000000000000 R14: 00007f571b136080 R15: 00007ffdcf5dcbd8 [ 108.289186][ T6613] [ 108.861671][ T2143] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 109.011363][ T2143] usb 4-1: Using ep0 maxpacket: 32 [ 109.013268][ T2143] usb 4-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31 [ 109.013297][ T2143] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.014923][ T2143] usb 4-1: config 0 descriptor?? [ 109.098869][ T2143] usb 4-1: selecting invalid altsetting 3 [ 109.098900][ T2143] comedi comedi0: could not set alternate setting 3 in high speed [ 109.098909][ T2143] usbduxsigma 4-1:0.0: driver 'usbduxsigma' failed to auto-configure device. [ 109.110165][ T2143] usbduxsigma 4-1:0.0: probe with driver usbduxsigma failed with error -22 [ 109.233822][ T5880] usb 4-1: USB disconnect, device number 4 [ 109.349146][ T29] audit: type=1400 audit(1732421100.247:488): avc: denied { read write } for pid=6625 comm="syz.1.187" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 109.442148][ T29] audit: type=1400 audit(1732421100.247:489): avc: denied { open } for pid=6625 comm="syz.1.187" path="/dev/ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 109.983237][ T6636] Cannot find set identified by id 0 to match [ 110.882944][ T6650] fuse: Unknown parameter '000000000000000000030x0000000000000003' [ 111.171568][ T5841] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 111.171625][ T5841] Bluetooth: hci1: Injecting HCI hardware error event [ 111.173386][ T5841] Bluetooth: hci1: hardware error 0x00 [ 111.454310][ T6660] gtp0: entered promiscuous mode [ 111.454366][ T6660] gtp0: entered allmulticast mode [ 112.235595][ T6598] tty tty1: ldisc open failed (-12), clearing slot 0 [ 112.262979][ T6664] netlink: 8 bytes leftover after parsing attributes in process `syz.2.196'. [ 112.431392][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 112.431406][ T29] audit: type=1326 audit(1732421103.337:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6661 comm="syz.1.195" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f24dfd7e819 code=0x0 [ 112.900155][ T6676] IPv6: NLM_F_CREATE should be specified when creating new route [ 112.930616][ T6679] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.938513][ T6679] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.950758][ T6679] bridge0: entered allmulticast mode [ 113.194685][ T2143] IPVS: starting estimator thread 0... [ 113.252425][ T5841] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 113.351176][ T6693] IPVS: using max 33 ests per chain, 79200 per kthread [ 113.683482][ T6698] loop8: detected capacity change from 0 to 7 [ 113.718323][ T6698] Dev loop8: unable to read RDB block 7 [ 113.753263][ T6698] loop8: unable to read partition table [ 113.759049][ T6698] loop8: partition table beyond EOD, truncated [ 113.801510][ T6698] loop_reread_partitions: partition scan of loop8 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 113.801510][ T6698] ) failed (rc=-5) [ 114.090548][ T29] audit: type=1400 audit(1732421104.987:494): avc: denied { create } for pid=6712 comm="syz.0.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 114.126427][ T29] audit: type=1400 audit(1732421105.027:495): avc: denied { ioctl } for pid=6712 comm="syz.0.213" path="socket:[11922]" dev="sockfs" ino=11922 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 114.163596][ T29] audit: type=1400 audit(1732421105.057:496): avc: denied { set_context_mgr } for pid=6712 comm="syz.0.213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 114.213775][ T6713] warning: `syz.0.213' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 114.491297][ T2143] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 114.546998][ T6722] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 114.671395][ T2143] usb 4-1: Using ep0 maxpacket: 16 [ 115.019590][ T2143] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 115.038905][ T2143] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 115.070952][ T2143] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.138218][ T2143] usb 4-1: config 0 descriptor?? [ 115.150546][ T2143] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input7 [ 115.377136][ T6732] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 115.438689][ T5884] IPVS: starting estimator thread 0... [ 115.509035][ T29] audit: type=1400 audit(1732421106.407:497): avc: denied { write } for pid=6717 comm="syz.3.214" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 115.512792][ T6737] netlink: 'syz.1.222': attribute type 26 has an invalid length. [ 115.561282][ T6734] IPVS: using max 58 ests per chain, 139200 per kthread [ 116.414929][ T29] audit: type=1400 audit(1732421106.407:498): avc: denied { ioctl } for pid=6717 comm="syz.3.214" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 116.416182][ T6744] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 116.481343][ T6744] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.654304][ T29] audit: type=1400 audit(1732421107.557:499): avc: denied { create } for pid=6747 comm="syz.2.223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1 [ 116.824570][ T29] audit: type=1400 audit(1732421107.707:500): avc: denied { getopt } for pid=6745 comm="syz.1.224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 117.336001][ T6754] fuse: Bad value for 'fd' [ 118.131445][ T5192] bcm5974 4-1:0.0: could not read from device [ 118.178238][ T5192] bcm5974 4-1:0.0: could not read from device [ 118.179825][ T2143] usb 4-1: USB disconnect, device number 5 [ 118.287107][ T6776] FAULT_INJECTION: forcing a failure. [ 118.287107][ T6776] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 118.300588][ T6776] CPU: 1 UID: 0 PID: 6776 Comm: syz.2.230 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 118.310826][ T6776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 118.320876][ T6776] Call Trace: [ 118.324154][ T6776] [ 118.327083][ T6776] dump_stack_lvl+0x16c/0x1f0 [ 118.331854][ T6776] should_fail_ex+0x497/0x5b0 [ 118.336545][ T6776] _copy_from_user+0x2e/0xd0 [ 118.341136][ T6776] ____sys_sendmsg+0x8d2/0xc90 [ 118.345906][ T6776] ? __pfx_____sys_sendmsg+0x10/0x10 [ 118.351207][ T6776] ___sys_sendmsg+0x135/0x1e0 [ 118.355887][ T6776] ? __pfx____sys_sendmsg+0x10/0x10 [ 118.361094][ T6776] ? __pfx_lock_release+0x10/0x10 [ 118.366116][ T6776] ? trace_lock_acquire+0x146/0x1e0 [ 118.371331][ T6776] ? __fget_files+0x206/0x3a0 [ 118.376020][ T6776] __sys_sendmsg+0x16e/0x220 [ 118.380612][ T6776] ? __pfx___sys_sendmsg+0x10/0x10 [ 118.385742][ T6776] do_syscall_64+0xcd/0x250 [ 118.390250][ T6776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.396146][ T6776] RIP: 0033:0x7f0568b7e819 [ 118.400557][ T6776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.420184][ T6776] RSP: 002b:00007f0569928038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 118.428612][ T6776] RAX: ffffffffffffffda RBX: 00007f0568d36160 RCX: 00007f0568b7e819 [ 118.436591][ T6776] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004 [ 118.444559][ T6776] RBP: 00007f0569928090 R08: 0000000000000000 R09: 0000000000000000 [ 118.452526][ T6776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 118.460493][ T6776] R13: 0000000000000000 R14: 00007f0568d36160 R15: 00007ffda538fee8 [ 118.468470][ T6776] [ 118.587485][ T5880] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 118.675515][ T5923] IPVS: starting estimator thread 0... [ 118.982640][ T6782] IPVS: using max 28 ests per chain, 67200 per kthread [ 118.993550][ T6786] netlink: 12 bytes leftover after parsing attributes in process `syz.4.235'. [ 119.036900][ T6786] netlink: 'syz.4.235': attribute type 5 has an invalid length. [ 119.058247][ T6786] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.067142][ T6786] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.075992][ T6786] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.084796][ T6786] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.096096][ T6786] vxlan0: entered promiscuous mode [ 119.111766][ T2143] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 119.144995][ T5880] usb 1-1: Using ep0 maxpacket: 8 [ 119.152707][ T5880] usb 1-1: New USB device found, idVendor=0572, idProduct=0320, bcdDevice=9c.be [ 119.165454][ T5880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.174049][ T5880] usb 1-1: Product: syz [ 119.180741][ T5880] usb 1-1: Manufacturer: syz [ 119.203411][ T5880] usb 1-1: SerialNumber: syz [ 119.288203][ T2143] usb 4-1: config 5 has an invalid interface number: 123 but max is 0 [ 119.306492][ T2143] usb 4-1: config 5 has no interface number 0 [ 119.331467][ T2143] usb 4-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 119.531964][ T5880] usb 1-1: config 0 descriptor?? [ 119.539750][ T5880] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 119.553497][ T2143] usb 4-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid maxpacket 72, setting to 64 [ 119.571245][ T5880] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 119.577620][ T5880] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 119.597960][ T2143] usb 4-1: config 5 interface 123 has no altsetting 0 [ 119.669909][ T2143] usb 4-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 119.679784][ T2143] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 119.691225][ T5880] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 119.697589][ T5880] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 119.714239][ T2143] usb 4-1: Product: syz [ 119.718923][ T2143] usb 4-1: Manufacturer: syz [ 119.901051][ T5880] usb 1-1: dvb_usb_v2: found a 'DVBSky T330' in warm state [ 119.916232][ T2143] usb 4-1: SerialNumber: syz [ 120.043612][ T5880] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 120.054223][ T5880] dvbdev: DVB: registering new adapter (DVBSky T330) [ 120.061218][ T5880] usb 1-1: media controller created [ 120.066832][ T5880] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 120.073561][ T5880] usb 1-1: dvb_usb_v2: MAC address: 00:00:00:00:00:00 [ 120.094064][ T5880] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 120.180879][ T6775] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 120.370157][ T29] audit: type=1400 audit(1732421111.267:501): avc: denied { create } for pid=6766 comm="syz.0.229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 120.572760][ T6803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.582428][ T6803] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.746026][ T2143] comedi comedi0: driver 'ni6501' has successfully auto-configured 'ni6501'. [ 120.798354][ T29] audit: type=1400 audit(1732421111.357:502): avc: denied { read write } for pid=6766 comm="syz.0.229" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 120.820726][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.831907][ T2143] usb 4-1: USB disconnect, device number 6 [ 120.847135][ T29] audit: type=1400 audit(1732421111.357:503): avc: denied { open } for pid=6766 comm="syz.0.229" path="/54/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1 [ 120.869851][ C0] vkms_vblank_simulate: vblank timer overrun [ 121.141506][ T29] audit: type=1400 audit(1732421111.887:504): avc: denied { create } for pid=6808 comm="syz.4.242" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 121.251226][ T5923] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 121.628316][ T5923] usb 5-1: Using ep0 maxpacket: 16 [ 121.631358][ T29] audit: type=1400 audit(1732421111.887:505): avc: denied { write } for pid=6808 comm="syz.4.242" name="file0" dev="tmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 121.655562][ C0] vkms_vblank_simulate: vblank timer overrun [ 121.670941][ T29] audit: type=1400 audit(1732421111.887:506): avc: denied { open } for pid=6808 comm="syz.4.242" path="/45/file0" dev="tmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 121.705966][ T6812] QAT: Device 8 not found [ 121.763542][ T5923] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 121.773755][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 121.785122][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 121.794860][ T5923] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 121.804933][ T5923] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 121.840436][ T5923] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 121.868873][ T5882] usb 1-1: USB disconnect, device number 7 [ 121.878509][ T5923] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 121.886795][ T5923] usb 5-1: Manufacturer: syz [ 121.919703][ T5923] usb 5-1: config 0 descriptor?? [ 122.397894][ T6829] FAULT_INJECTION: forcing a failure. [ 122.397894][ T6829] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 122.422554][ T6829] CPU: 1 UID: 0 PID: 6829 Comm: syz.2.246 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 122.432847][ T6829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 122.442893][ T6829] Call Trace: [ 122.446178][ T6829] [ 122.449118][ T6829] dump_stack_lvl+0x16c/0x1f0 [ 122.453804][ T6829] should_fail_ex+0x497/0x5b0 [ 122.458573][ T6829] strncpy_from_user+0x3b/0x2c0 [ 122.463440][ T6829] getname_flags.part.0+0x8f/0x550 [ 122.468540][ T6829] getname_flags+0x93/0xf0 [ 122.472949][ T6829] __x64_sys_rename+0x65/0xa0 [ 122.477611][ T6829] do_syscall_64+0xcd/0x250 [ 122.482105][ T6829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.487985][ T6829] RIP: 0033:0x7f0568b7e819 [ 122.492381][ T6829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.511981][ T6829] RSP: 002b:00007f056996a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 122.520377][ T6829] RAX: ffffffffffffffda RBX: 00007f0568d35fa0 RCX: 00007f0568b7e819 [ 122.528334][ T6829] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000020000180 [ 122.536287][ T6829] RBP: 00007f056996a090 R08: 0000000000000000 R09: 0000000000000000 [ 122.544263][ T6829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 122.552220][ T6829] R13: 0000000000000000 R14: 00007f0568d35fa0 R15: 00007ffda538fee8 [ 122.560197][ T6829] [ 122.572370][ T5923] rc_core: IR keymap rc-hauppauge not found [ 122.578281][ T5923] Registered IR keymap rc-empty [ 122.597849][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 122.639213][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 122.672423][ T5923] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 122.686265][ T5923] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input8 [ 122.708660][ T5882] IPVS: starting estimator thread 0... [ 122.714412][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 122.791760][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 122.821113][ T6835] IPVS: using max 38 ests per chain, 91200 per kthread [ 122.901521][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 122.958724][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 123.560596][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 124.081122][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 124.123221][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 124.151386][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 124.171413][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 124.201393][ T5923] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 124.222349][ T5923] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 124.231979][ T5923] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 124.250688][ T5923] usb 5-1: USB disconnect, device number 4 [ 124.375253][ T25] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 124.557724][ T29] audit: type=1400 audit(1732421115.457:507): avc: denied { unlink } for pid=5829 comm="syz-executor" name="file0" dev="tmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 124.660777][ T6854] netlink: 256 bytes leftover after parsing attributes in process `syz.2.253'. [ 124.712471][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 125.087781][ T25] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 125.164284][ T25] usb 1-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b [ 125.180399][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.194087][ T25] usb 1-1: Product: syz [ 125.198479][ T25] usb 1-1: Manufacturer: syz [ 125.266021][ T25] usb 1-1: SerialNumber: syz [ 125.354871][ T25] usb 1-1: config 0 descriptor?? [ 125.398283][ T6859] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 125.404520][ T6859] [U] J"—e:ÀÆ" [ 125.408283][ T25] gspca_main: stk014-2.14.0 probing 05e1:0893 [ 125.431722][ T25] usb 1-1: selecting invalid altsetting 1 [ 125.527632][ T29] audit: type=1400 audit(1732421116.427:508): avc: denied { setopt } for pid=6860 comm="syz.2.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 125.684596][ T6863] 9pnet_fd: Insufficient options for proto=fd [ 126.236221][ T25] IPVS: starting estimator thread 0... [ 126.591411][ T6872] IPVS: using max 58 ests per chain, 139200 per kthread [ 126.623280][ T6866] netlink: 'syz.2.258': attribute type 21 has an invalid length. [ 126.631055][ T6866] netlink: 128 bytes leftover after parsing attributes in process `syz.2.258'. [ 126.640224][ T6866] netlink: 'syz.2.258': attribute type 5 has an invalid length. [ 126.648068][ T6866] netlink: 'syz.2.258': attribute type 6 has an invalid length. [ 126.655729][ T6866] netlink: 3 bytes leftover after parsing attributes in process `syz.2.258'. [ 126.729036][ T6876] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 126.806676][ T25] usb 1-1: USB disconnect, device number 8 [ 127.040734][ T6889] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 127.065553][ T6889] qnx6: wrong signature (magic) in superblock #1. [ 127.074172][ T6889] qnx6: unable to read the first superblock [ 128.181961][ T6889] Cannot find del_set index 0 as target [ 128.275373][ T6896] netlink: 24 bytes leftover after parsing attributes in process `syz.0.269'. [ 128.360385][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.4.271'. [ 128.411260][ T5941] usb 3-1: new full-speed USB device number 5 using dummy_hcd [ 128.591162][ T5880] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 128.636905][ T6905] syz.4.273 uses obsolete (PF_INET,SOCK_PACKET) [ 128.724720][ T5941] usb 3-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 128.735824][ T5941] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.745460][ T5941] usb 3-1: Product: syz [ 128.749640][ T5941] usb 3-1: Manufacturer: syz [ 128.754990][ T5941] usb 3-1: SerialNumber: syz [ 128.761551][ T5941] usb 3-1: config 0 descriptor?? [ 128.871733][ T5882] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 128.883221][ T5880] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 128.900636][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 10 [ 128.916174][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid maxpacket 8704, setting to 64 [ 128.928137][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 129.123871][ T5882] usb 1-1: config index 0 descriptor too short (expected 19218, got 18) [ 129.132798][ T5882] usb 1-1: config 252 has an invalid descriptor of length 0, skipping remainder of the config [ 129.604159][ T5882] usb 1-1: config 252 has 0 interfaces, different from the descriptor's value: 5 [ 129.617130][ T5882] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 129.629137][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.638016][ T5880] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 129.647146][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.663059][ T5880] usb 4-1: Product: syz [ 129.667952][ T5880] usb 4-1: Manufacturer: syz [ 129.674222][ T5880] usb 4-1: SerialNumber: syz [ 129.780034][ T5880] usb 4-1: config 0 descriptor?? [ 129.844447][ T6927] af_packet: tpacket_rcv: packet too big, clamped from 108 to 4294967272. macoff=96 [ 131.062284][ T6879] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 131.093059][ T6898] tipc: Started in network mode [ 131.098077][ T6898] tipc: Node identity 7f000001, cluster identity 4711 [ 131.106847][ T6898] tipc: Enabled bearer , priority 10 [ 131.119870][ T29] audit: type=1400 audit(1732421122.017:509): avc: denied { connect } for pid=6897 comm="syz.3.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1 [ 131.153406][ T6936] gtp1: entered promiscuous mode [ 131.158414][ T6936] gtp1: entered allmulticast mode [ 131.271995][ T6934] nbd3: detected capacity change from 0 to 8 [ 131.444414][ T5882] usb 1-1: string descriptor 0 read error: -71 [ 131.505841][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 131.514988][ T5882] usb 1-1: USB disconnect, device number 9 [ 131.515953][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 131.528929][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 131.536696][ T6898] block nbd3: shutting down sockets [ 131.538230][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 131.544554][ T29] audit: type=1400 audit(1732421122.017:510): avc: denied { write } for pid=6897 comm="syz.3.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 131.562037][ T5941] peak_usb 3-1:0.0 can0: unable to request usb[type=0 value=1] err=-71 [ 131.581673][ T5941] peak_usb 3-1:0.0: unable to read PCAN-Chip USB firmware info (err -71) [ 131.582194][ T45] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 131.600168][ T45] Buffer I/O error on dev nbd3, logical block 0, async page read [ 131.695007][ T6945] netlink: 28 bytes leftover after parsing attributes in process `syz.4.282'. [ 131.770528][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 131.814812][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 131.909523][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 131.972488][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 131.995193][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 132.014730][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 132.027529][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 132.066843][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 132.087418][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 132.133869][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 132.193417][ T5823] ldm_validate_partition_table(): Disk read failed. [ 132.228226][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 132.239090][ T5923] tipc: Node number set to 2130706433 [ 132.253738][ T5941] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -71 [ 132.279153][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 132.353940][ T5941] usb 3-1: USB disconnect, device number 5 [ 132.379053][ T5823] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 132.443807][ T5823] Buffer I/O error on dev nbd3, logical block 0, async page read [ 132.474118][ T1287] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 132.490162][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.499157][ T29] audit: type=1400 audit(1732421123.397:511): avc: denied { write } for pid=6949 comm="syz.4.284" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 132.522425][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.560324][ T5823] Dev nbd3: unable to read RDB block 0 [ 132.587155][ T5823] nbd3: unable to read partition table [ 132.601049][ T6954] team0: Device vlan2 is already an upper device of the team interface [ 132.618494][ T5823] nbd3: partition table beyond EOD, truncated [ 132.684529][ T29] audit: type=1400 audit(1732421123.517:512): avc: denied { block_suspend } for pid=6940 comm="syz.0.280" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 132.895112][ T5823] ldm_validate_partition_table(): Disk read failed. [ 132.906585][ T5823] Dev nbd3: unable to read RDB block 0 [ 132.950879][ T5823] nbd3: unable to read partition table [ 133.052872][ T5823] nbd3: partition table beyond EOD, truncated [ 133.078235][ T29] audit: type=1400 audit(1732421123.977:513): avc: denied { ioctl } for pid=6949 comm="syz.4.284" path="socket:[13542]" dev="sockfs" ino=13542 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 133.690676][ T6956] : renamed from bond0 (while UP) [ 133.697988][ T6962] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 134.035656][ T6970] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 134.619607][ T29] audit: type=1400 audit(1732421125.167:514): avc: denied { write } for pid=6966 comm="syz.2.288" name="fdinfo" dev="proc" ino=13574 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 134.687942][ T5941] usb 4-1: USB disconnect, device number 7 [ 134.755669][ T29] audit: type=1400 audit(1732421125.167:515): avc: denied { add_name } for pid=6966 comm="syz.2.288" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 134.757492][ T29] audit: type=1400 audit(1732421125.407:516): avc: denied { create } for pid=6966 comm="syz.2.288" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 135.226236][ T29] audit: type=1400 audit(1732421125.417:518): avc: denied { setopt } for pid=6966 comm="syz.2.288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 135.544900][ T29] audit: type=1400 audit(1732421125.417:517): avc: denied { associate } for pid=6966 comm="syz.2.288" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 136.345892][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 136.345905][ T29] audit: type=1400 audit(1732421126.837:520): avc: denied { ioctl } for pid=6986 comm="syz.2.294" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 136.561446][ T6992] FAULT_INJECTION: forcing a failure. [ 136.561446][ T6992] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 136.632646][ T6992] CPU: 1 UID: 0 PID: 6992 Comm: syz.0.295 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 136.642928][ T6992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 136.653172][ T6992] Call Trace: [ 136.656450][ T6992] [ 136.659379][ T6992] dump_stack_lvl+0x16c/0x1f0 [ 136.664086][ T6992] should_fail_ex+0x497/0x5b0 [ 136.668790][ T6992] _copy_from_user+0x2e/0xd0 [ 136.673393][ T6992] kstrtouint_from_user+0xd7/0x1c0 [ 136.678522][ T6992] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 136.684229][ T6992] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 136.689843][ T6992] proc_fail_nth_write+0x84/0x250 [ 136.694860][ T6992] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 136.700482][ T6992] ? ksys_write+0x12b/0x250 [ 136.704970][ T6992] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 136.710583][ T6992] vfs_write+0x24c/0x1150 [ 136.714904][ T6992] ? __fget_files+0x1fc/0x3a0 [ 136.719590][ T6992] ? __pfx___mutex_lock+0x10/0x10 [ 136.724598][ T6992] ? __pfx_vfs_write+0x10/0x10 [ 136.729350][ T6992] ? __fget_files+0x206/0x3a0 [ 136.734028][ T6992] ksys_write+0x12b/0x250 [ 136.738335][ T6992] ? __pfx_ksys_write+0x10/0x10 [ 136.743168][ T6992] do_syscall_64+0xcd/0x250 [ 136.747652][ T6992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.753539][ T6992] RIP: 0033:0x7f571af7d2ff [ 136.757939][ T6992] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 136.777537][ T6992] RSP: 002b:00007f571bdea030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 136.786014][ T6992] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f571af7d2ff [ 136.793966][ T6992] RDX: 0000000000000001 RSI: 00007f571bdea0a0 RDI: 0000000000000004 [ 136.801921][ T6992] RBP: 00007f571bdea090 R08: 0000000000000000 R09: 0000000000000000 [ 136.809966][ T6992] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 136.817910][ T6992] R13: 0000000000000000 R14: 00007f571b135fa0 R15: 00007ffdcf5dcbd8 [ 136.825865][ T6992] [ 136.885644][ T29] audit: type=1400 audit(1732421127.787:521): avc: denied { read } for pid=6993 comm="syz.2.296" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 136.948585][ T7000] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 136.965943][ T29] audit: type=1400 audit(1732421127.787:522): avc: denied { open } for pid=6993 comm="syz.2.296" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 136.995405][ T7000] qnx6: wrong signature (magic) in superblock #1. [ 137.002988][ T7000] qnx6: unable to read the first superblock [ 137.010252][ T29] audit: type=1400 audit(1732421127.817:523): avc: denied { ioctl } for pid=6993 comm="syz.2.296" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 137.112424][ T7001] Cannot find del_set index 0 as target [ 137.185344][ T7004] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 137.998861][ T29] audit: type=1400 audit(1732421128.887:524): avc: denied { read } for pid=7016 comm="syz.3.304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 138.214596][ T29] audit: type=1326 audit(1732421129.117:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.2.306" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0568b7e819 code=0x0 [ 138.241628][ T5923] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 138.421120][ T8] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 138.445040][ T5923] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00 [ 138.457078][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.480478][ T5923] usb 1-1: config 0 descriptor?? [ 138.574131][ T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 138.589644][ T8] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C [ 138.628922][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 10 [ 138.654978][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0 [ 138.671481][ T2143] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 138.686423][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 138.714565][ T5923] usbhid 1-1:0.0: can't add hid device: -71 [ 138.737918][ T8] usb 2-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 138.760998][ T5923] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 138.789908][ T5923] usb 1-1: USB disconnect, device number 10 [ 138.834069][ T2143] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 138.845330][ T2143] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 138.855628][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 138.860130][ T2143] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 138.878164][ T2143] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 138.880675][ T8] usb 2-1: Product: syz [ 138.908571][ T2143] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.309685][ T2143] usb 4-1: config 0 descriptor?? [ 139.666525][ T8] usb 2-1: Manufacturer: syz [ 139.671271][ T8] usb 2-1: SerialNumber: syz [ 139.683551][ T8] usb 2-1: config 0 descriptor?? [ 139.692181][ T8] xbox_remote_probe: endpoint_in message size==0? [ 139.728450][ T2143] plantronics 0003:047F:FFFF.0001: unknown main item tag 0xd [ 139.738288][ T2143] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 139.801486][ T2143] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 139.962964][ T2143] usb 2-1: USB disconnect, device number 3 [ 140.591215][ T7058] SET target dimension over the limit! [ 140.950431][ T7062] netlink: 256 bytes leftover after parsing attributes in process `syz.2.316'. [ 141.091059][ T29] audit: type=1400 audit(1732421131.837:526): avc: denied { bind } for pid=7052 comm="syz.2.316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 141.252067][ T5923] usb 4-1: reset high-speed USB device number 8 using dummy_hcd [ 141.571462][ T5923] usb 4-1: device descriptor read/64, error -32 [ 141.807576][ T5841] Bluetooth: hci2: link tx timeout [ 141.808381][ T29] audit: type=1400 audit(1732421132.707:527): avc: denied { write } for pid=7073 comm="syz.4.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 141.812981][ T5841] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 141.815091][ T5841] Bluetooth: hci2: link tx timeout [ 141.846588][ T5841] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 141.933979][ T29] audit: type=1400 audit(1732421132.787:528): avc: denied { mounton } for pid=7079 comm="syz.0.324" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 141.942683][ T7080] XFS (nullb0): Invalid superblock magic number [ 142.175521][ T29] audit: type=1400 audit(1732421133.067:529): avc: denied { read } for pid=7094 comm="syz.3.327" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 142.261272][ T29] audit: type=1400 audit(1732421133.067:530): avc: denied { open } for pid=7094 comm="syz.3.327" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 142.550820][ T2143] usb 4-1: USB disconnect, device number 8 [ 142.844924][ T29] audit: type=1400 audit(1732421133.327:531): avc: denied { ioctl } for pid=7094 comm="syz.3.327" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 142.884121][ T7099] befs: (nullb0): No write support. Marking filesystem read-only [ 142.975180][ T7099] befs: (nullb0): invalid magic header [ 143.013181][ T7099] netlink: 'syz.1.328': attribute type 16 has an invalid length. [ 143.061831][ T7099] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.328'. [ 143.093117][ T7099] netlink: 4 bytes leftover after parsing attributes in process `syz.1.328'. [ 143.272291][ T7116] FAULT_INJECTION: forcing a failure. [ 143.272291][ T7116] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.285699][ T7116] CPU: 0 UID: 0 PID: 7116 Comm: syz.3.333 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 143.295943][ T7116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 143.305991][ T7116] Call Trace: [ 143.309265][ T7116] [ 143.312181][ T7116] dump_stack_lvl+0x16c/0x1f0 [ 143.316849][ T7116] should_fail_ex+0x497/0x5b0 [ 143.321526][ T7116] _copy_to_user+0x32/0xd0 [ 143.325942][ T7116] simple_read_from_buffer+0xd0/0x160 [ 143.331306][ T7116] proc_fail_nth_read+0x198/0x270 [ 143.336328][ T7116] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 143.341885][ T7116] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 143.347416][ T7116] vfs_read+0x1df/0xbe0 [ 143.351561][ T7116] ? __fget_files+0x1fc/0x3a0 [ 143.356228][ T7116] ? __pfx___mutex_lock+0x10/0x10 [ 143.361243][ T7116] ? __pfx_vfs_read+0x10/0x10 [ 143.365913][ T7116] ? __fget_files+0x206/0x3a0 [ 143.370600][ T7116] ksys_read+0x12b/0x250 [ 143.374850][ T7116] ? __pfx_ksys_read+0x10/0x10 [ 143.379635][ T7116] do_syscall_64+0xcd/0x250 [ 143.384146][ T7116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.390031][ T7116] RIP: 0033:0x7f3a71f7d25c [ 143.394693][ T7116] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 143.414306][ T7116] RSP: 002b:00007f3a72daf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 143.422716][ T7116] RAX: ffffffffffffffda RBX: 00007f3a72136160 RCX: 00007f3a71f7d25c [ 143.430675][ T7116] RDX: 000000000000000f RSI: 00007f3a72daf0a0 RDI: 0000000000000007 [ 143.438658][ T7116] RBP: 00007f3a72daf090 R08: 0000000000000000 R09: 0000000000000000 [ 143.446635][ T7116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.454599][ T7116] R13: 0000000000000000 R14: 00007f3a72136160 R15: 00007ffd147fe7d8 [ 143.462587][ T7116] [ 143.525735][ T7118] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 143.951239][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 144.094638][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.1.334'. [ 144.401421][ T29] audit: type=1400 audit(1732421135.267:532): avc: denied { name_bind } for pid=7121 comm="syz.2.335" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 144.666059][ T7129] syz.2.335: attempt to access beyond end of device [ 144.666059][ T7129] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 144.679852][ T7129] MINIX-fs: unable to read superblock [ 145.293062][ T7134] input: syz0 as /devices/virtual/input/input11 [ 146.174052][ T29] audit: type=1400 audit(1732421137.077:533): avc: denied { write } for pid=7128 comm="syz.1.337" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 146.337660][ T7144] netlink: 8 bytes leftover after parsing attributes in process `syz.0.341'. [ 146.538500][ T29] audit: type=1400 audit(1732421137.327:534): avc: denied { recv } for pid=7137 comm="syz.2.339" saddr=10.128.0.169 src=30006 daddr=10.128.0.48 dest=33520 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 146.989764][ T7150] dvmrp0: entered allmulticast mode [ 147.215877][ T7154] lo speed is unknown, defaulting to 1000 [ 147.324684][ T7161] veth1_macvtap: left promiscuous mode [ 147.330193][ T7161] macsec0: entered promiscuous mode [ 147.342868][ T7161] macsec0: entered allmulticast mode [ 147.400099][ T7162] No control pipe specified [ 147.581400][ T29] audit: type=1326 audit(1732421138.457:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 148.231416][ T29] audit: type=1326 audit(1732421138.457:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 148.254617][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.501244][ T29] audit: type=1326 audit(1732421138.457:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 148.661104][ T8] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 148.810611][ T7169] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 148.901839][ T29] audit: type=1326 audit(1732421138.457:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 148.925042][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.927448][ T7165] 9pnet_fd: Insufficient options for proto=fd [ 148.973549][ T8] usb 3-1: device descriptor read/64, error -71 [ 149.033119][ T29] audit: type=1326 audit(1732421138.457:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 149.150057][ T29] audit: type=1326 audit(1732421138.457:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 149.231216][ T8] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 149.273045][ T29] audit: type=1326 audit(1732421138.457:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 149.311327][ T29] audit: type=1326 audit(1732421138.457:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 149.521129][ T8] usb 3-1: device descriptor read/64, error -71 [ 150.310960][ T29] audit: type=1326 audit(1732421138.457:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 150.353294][ T8] usb usb3-port1: attempt power cycle [ 150.391335][ T7191] Cannot find add_set index 1026 as target [ 150.641178][ T29] audit: type=1326 audit(1732421138.457:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7157 comm="syz.2.347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0568b7e819 code=0x7ffc0000 [ 150.872596][ T7197] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=272 sclass=netlink_route_socket pid=7197 comm=syz.4.356 [ 151.116601][ T7206] No control pipe specified [ 151.185033][ T7209] netlink: 256 bytes leftover after parsing attributes in process `syz.3.357'. [ 151.444465][ T5923] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 151.631895][ T5923] usb 5-1: Using ep0 maxpacket: 16 [ 151.650369][ T5923] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC6, changing to 0x86 [ 151.691966][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 151.707161][ T5923] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 0 [ 151.719860][ T5923] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 151.775714][ T5923] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 151.977941][ T5923] usb 5-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 151.987980][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.016470][ T5923] usb 5-1: Product: syz [ 152.175946][ T5923] usb 5-1: Manufacturer: syz [ 152.180604][ T5923] usb 5-1: SerialNumber: syz [ 152.202024][ T5923] usb 5-1: config 0 descriptor?? [ 152.252158][ T5923] port100 5-1:0.0: NFC: Could not get supported command types [ 152.498813][ T8] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 152.500758][ T7242] No control pipe specified [ 152.576806][ T7244] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 152.588785][ T7244] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 152.621811][ T29] kauditd_printk_skb: 29 callbacks suppressed [ 152.621827][ T29] audit: type=1400 audit(1732421143.527:574): avc: denied { unmount } for pid=5833 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 152.662304][ T8] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 152.671570][ T5882] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 152.683654][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.700641][ T8] usb 2-1: config 0 descriptor?? [ 152.733023][ T7248] netlink: 'syz.0.373': attribute type 10 has an invalid length. [ 152.741528][ T7248] netlink: 40 bytes leftover after parsing attributes in process `syz.0.373'. [ 152.765520][ T7248] bridge0: port 4(veth0_vlan) entered blocking state [ 152.781481][ T7248] bridge0: port 4(veth0_vlan) entered disabled state [ 152.788339][ T7248] veth0_vlan: entered allmulticast mode [ 152.795972][ T7248] veth0_vlan: left allmulticast mode [ 152.806108][ T7248] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 152.832876][ T5882] usb 3-1: unable to get BOS descriptor or descriptor too short [ 152.855763][ T5882] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 152.865081][ T5882] usb 3-1: config 1 has no interface number 1 [ 152.875217][ T5882] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 152.900386][ T5882] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 152.917408][ T8] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00 [ 152.934675][ T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 152.943665][ T5882] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.956484][ T5882] usb 3-1: Product: syz [ 152.960736][ T5882] usb 3-1: Manufacturer: syz [ 152.965878][ T5882] usb 3-1: SerialNumber: syz [ 153.145777][ T8] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2 [ 153.155184][ T8] [drm] Initialized udl on minor 2 [ 153.962731][ T8] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 154.058672][ T8] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 154.096256][ T5883] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 154.115346][ T2143] usb 5-1: USB disconnect, device number 5 [ 154.144047][ T8] usb 2-1: USB disconnect, device number 4 [ 154.154491][ T5883] udl 2-1:0.0: [drm] Cannot find any crtc or sizes [ 154.171262][ T5882] usb 3-1: found format II with max.bitrate = 26774, frame size=2 [ 154.187590][ T5882] usb 3-1: found format II with max.bitrate = 26774, frame size=2 [ 154.224270][ T5882] usb 3-1: failed to enable PITCH for EP 0x82 [ 154.295380][ T5882] usb 3-1: USB disconnect, device number 9 [ 156.121149][ T5883] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 156.146530][ T29] audit: type=1400 audit(1732421147.037:575): avc: denied { egress } for pid=16 comm="ksoftirqd/0" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1 [ 156.169927][ T29] audit: type=1400 audit(1732421147.037:576): avc: denied { sendto } for pid=16 comm="ksoftirqd/0" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1 [ 156.386177][ T5883] usb 5-1: Using ep0 maxpacket: 16 [ 156.442530][ T5883] usb 5-1: config 0 has an invalid descriptor of length 199, skipping remainder of the config [ 156.453004][ T5883] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 156.610926][ T5881] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 156.665929][ T5883] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89 [ 156.675165][ T5883] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.683657][ T5883] usb 5-1: Product: syz [ 156.687834][ T5883] usb 5-1: Manufacturer: syz [ 156.692915][ T5883] usb 5-1: SerialNumber: syz [ 156.699040][ T5883] usb 5-1: config 0 descriptor?? [ 156.785999][ T7317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.389'. [ 156.795329][ T7317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.389'. [ 157.271683][ T7317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.389'. [ 157.280656][ T7317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.389'. [ 157.283604][ T5881] usb 3-1: config 252 has an invalid interface number: 78 but max is 0 [ 157.304987][ T5881] usb 3-1: config 252 has no interface number 0 [ 157.331954][ T5881] usb 3-1: New USB device found, idVendor=066b, idProduct=2202, bcdDevice=39.f8 [ 157.360089][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.383796][ T5883] usb 5-1: USB disconnect, device number 6 [ 157.410123][ T5881] usb 3-1: Product: syz [ 157.425339][ T7317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.389'. [ 157.430384][ T5881] usb 3-1: Manufacturer: syz [ 157.436020][ T7317] netlink: 12 bytes leftover after parsing attributes in process `syz.3.389'. [ 157.456277][ T5881] usb 3-1: SerialNumber: syz [ 157.720862][ T29] audit: type=1400 audit(1732421148.567:577): avc: denied { read } for pid=7329 comm="syz.4.392" laddr=172.20.20.170 lport=20 faddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 158.285585][ T5881] kaweth 3-1:252.78: Firmware present in device. [ 158.296885][ T5881] kaweth 3-1:252.78: Error reading configuration (-71), no net device created [ 158.306031][ T5881] kaweth 3-1:252.78: probe with driver kaweth failed with error -5 [ 158.329883][ T5881] pegasus 3-1:252.78: probe with driver pegasus failed with error -71 [ 158.346535][ T5881] usb 3-1: USB disconnect, device number 10 [ 158.967060][ T7352] netlink: 12 bytes leftover after parsing attributes in process `syz.4.397'. [ 159.535952][ T29] audit: type=1400 audit(1732421150.437:578): avc: denied { name_bind } for pid=7360 comm="syz.3.402" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 160.047630][ T29] audit: type=1326 audit(1732421150.947:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7370 comm="syz.0.405" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f571af7e819 code=0x0 [ 160.462283][ T7384] netlink: 256 bytes leftover after parsing attributes in process `syz.3.407'. [ 163.104890][ T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 163.138165][ T7411] netlink: 134672 bytes leftover after parsing attributes in process `syz.1.416'. [ 163.146753][ T29] audit: type=1400 audit(1732421154.017:580): avc: denied { connect } for pid=7409 comm="syz.1.416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 163.168031][ T7411] openvswitch: netlink: Message has 76 unknown bytes. [ 163.431095][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 163.479705][ T8] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 163.491377][ T8] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83 [ 164.075453][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 164.086552][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 164.321142][ T8] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 164.330215][ T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.405601][ T8] usb 5-1: Product: syz [ 164.412111][ T8] usb 5-1: Manufacturer: syz [ 164.421228][ T8] usb 5-1: SerialNumber: syz [ 164.461165][ T7430] SET target dimension over the limit! [ 164.627972][ T8] usb 5-1: config 0 descriptor?? [ 164.668550][ T8] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input12 [ 166.150933][ T29] audit: type=1400 audit(1732421157.047:581): avc: denied { execute } for pid=7444 comm="syz.0.425" path=2F6D656D66643A59FFFF202864656C6574656429 dev="hugetlbfs" ino=15636 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 166.953249][ T7452] JFS: discard option not supported on device [ 166.966857][ T7452] syz.3.426: attempt to access beyond end of device [ 166.966857][ T7452] loop3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 166.981392][ T7452] syz.3.426: attempt to access beyond end of device [ 166.981392][ T7452] loop3: rw=0, sector=120, nr_sectors = 8 limit=0 [ 166.985134][ T8] imon:send_packet: packet tx failed (-71) [ 166.996079][ T7452] Mount JFS Failure: -5 [ 167.000785][ T29] audit: type=1400 audit(1732421157.827:582): avc: denied { ioctl } for pid=7444 comm="syz.0.425" path="socket:[15635]" dev="sockfs" ino=15635 ioctlcmd=0x8955 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 167.004841][ T7452] jfs_mount failed w/return code = -5 [ 167.099863][ T29] audit: type=1400 audit(1732421157.857:583): avc: denied { mounton } for pid=7451 comm="syz.3.426" path="/73/bus" dev="tmpfs" ino=409 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 167.179634][ T8] imon 5-1:0.0: panel buttons/knobs setup failed [ 167.336878][ T7454] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 167.365829][ T7454] qnx6: wrong signature (magic) in superblock #1. [ 168.042008][ T7454] qnx6: unable to read the first superblock [ 168.393250][ T7476] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING [ 169.035376][ T8] rc_core: IR keymap rc-imon-pad not found [ 169.041790][ T8] Registered IR keymap rc-empty [ 169.046675][ T8] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 169.056791][ T8] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 169.066234][ T8] imon:send_packet: packet tx failed (-71) [ 169.091272][ T8] imon 5-1:0.0: remote input dev register failed [ 169.097794][ T8] imon 5-1:0.0: imon_init_intf0: rc device setup failed [ 169.298784][ T29] audit: type=1400 audit(1732421160.197:584): avc: denied { relabelfrom } for pid=7479 comm="syz.2.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 169.327352][ T29] audit: type=1400 audit(1732421160.217:585): avc: denied { relabelto } for pid=7479 comm="syz.2.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 169.378192][ T8] imon 5-1:0.0: unable to initialize intf0, err 0 [ 169.388139][ T8] imon:imon_probe: failed to initialize context! [ 169.395825][ T8] imon 5-1:0.0: unable to register, err -19 [ 169.463618][ T8] usb 5-1: USB disconnect, device number 7 [ 169.512920][ T29] audit: type=1326 audit(1732421160.417:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7465 comm="syz.3.431" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a71f7e819 code=0x0 [ 169.761184][ T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 170.281577][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.292754][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.303107][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 170.415050][ T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 170.424432][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.447210][ T8] usb 5-1: config 0 descriptor?? [ 171.016328][ T25] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 171.271069][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 171.298412][ T7511] dvmrp0: entered allmulticast mode [ 171.359422][ T25] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 171.374255][ T25] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 171.386228][ T25] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 171.416175][ T8] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd [ 171.425538][ T8] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 171.436040][ T29] audit: type=1400 audit(1732421162.317:587): avc: denied { map } for pid=7481 comm="syz.4.434" path="socket:[15760]" dev="sockfs" ino=15760 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 171.460900][ T25] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 171.479187][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 171.498962][ T29] audit: type=1400 audit(1732421162.317:588): avc: denied { read } for pid=7481 comm="syz.4.434" path="socket:[15760]" dev="sockfs" ino=15760 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 171.504979][ T8] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 171.532024][ T25] usb 4-1: Product: syz [ 171.547816][ T25] usb 4-1: Manufacturer: syz [ 171.568616][ T25] usb 4-1: SerialNumber: syz [ 172.004411][ T25] usb 4-1: 2:1 : format type 0 is detected, processed as PCM [ 172.042882][ T8] usb 5-1: USB disconnect, device number 8 [ 173.518879][ T7536] Cannot find add_set index 1026 as target [ 173.567018][ T7537] ªªªªª»: renamed from hsr0 (while UP) [ 174.145879][ T25] usb 4-1: USB disconnect, device number 9 [ 174.226793][ T7537] netlink: 8 bytes leftover after parsing attributes in process `syz.1.452'. [ 174.276390][ T7535] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 174.331309][ T5882] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 174.487933][ T7551] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 174.781134][ T5882] usb 1-1: Using ep0 maxpacket: 16 [ 174.787475][ T5882] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA5, changing to 0x85 [ 174.807579][ T5882] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 104 [ 174.860768][ T5882] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 174.887207][ T5882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.899398][ T5882] usb 1-1: Product: syz [ 174.914632][ T5882] usb 1-1: Manufacturer: syz [ 174.929481][ T5882] usb 1-1: SerialNumber: syz [ 174.946135][ T5882] usb 1-1: config 0 descriptor?? [ 174.958933][ T7542] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 174.990321][ T5882] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input14 [ 175.091445][ T7558] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 175.486987][ T5880] usb 1-1: USB disconnect, device number 11 [ 175.843133][ T29] audit: type=1400 audit(1732421166.597:589): avc: denied { read } for pid=7570 comm="syz.3.462" laddr=::1 lport=35029 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 177.861023][ T7595] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 178.223355][ T7594] FAULT_INJECTION: forcing a failure. [ 178.223355][ T7594] name failslab, interval 1, probability 0, space 0, times 0 [ 178.272738][ T7594] CPU: 0 UID: 0 PID: 7594 Comm: syz.4.465 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 178.283008][ T7594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 178.293126][ T7594] Call Trace: [ 178.296404][ T7594] [ 178.299327][ T7594] dump_stack_lvl+0x16c/0x1f0 [ 178.303994][ T7594] should_fail_ex+0x497/0x5b0 [ 178.308669][ T7594] ? fs_reclaim_acquire+0xae/0x150 [ 178.313780][ T7594] should_failslab+0xc2/0x120 [ 178.318456][ T7594] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 178.323817][ T7594] ? io_submit_one+0x123/0x1da0 [ 178.328653][ T7594] io_submit_one+0x123/0x1da0 [ 178.333320][ T7594] ? __pfx_io_submit_one+0x10/0x10 [ 178.338407][ T7594] ? __might_fault+0x13b/0x190 [ 178.343149][ T7594] ? lock_acquire+0x2f/0xb0 [ 178.347625][ T7594] ? __might_fault+0xe3/0x190 [ 178.352278][ T7594] ? __x64_sys_io_submit+0x1b2/0x340 [ 178.357550][ T7594] __x64_sys_io_submit+0x1b2/0x340 [ 178.362636][ T7594] ? __pfx___x64_sys_io_submit+0x10/0x10 [ 178.368247][ T7594] do_syscall_64+0xcd/0x250 [ 178.372741][ T7594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.378607][ T7594] RIP: 0033:0x7fcfc317e819 [ 178.382998][ T7594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.402586][ T7594] RSP: 002b:00007fcfc3edb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 178.410981][ T7594] RAX: ffffffffffffffda RBX: 00007fcfc3336080 RCX: 00007fcfc317e819 [ 178.418943][ T7594] RDX: 0000000020000180 RSI: 0000000000000001 RDI: 00007fcfc3eba000 [ 178.426887][ T7594] RBP: 00007fcfc3edb090 R08: 0000000000000000 R09: 0000000000000000 [ 178.434831][ T7594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 178.442777][ T7594] R13: 0000000000000000 R14: 00007fcfc3336080 R15: 00007ffc00990fc8 [ 178.450738][ T7594] [ 179.429077][ T7610] netlink: 8 bytes leftover after parsing attributes in process `syz.1.471'. [ 179.449686][ T7610] netlink: 8 bytes leftover after parsing attributes in process `syz.1.471'. [ 179.617336][ T7616] input: syz1 as /devices/virtual/input/input15 [ 180.027006][ T7623] netlink: 4 bytes leftover after parsing attributes in process `syz.3.475'. [ 180.085047][ T7623] binder: 7622:7623 ioctl c018620c 20000140 returned -1 [ 180.261146][ T29] audit: type=1326 audit(1732421171.157:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7628 comm="syz.1.476" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f24dfd7e819 code=0x0 [ 180.283786][ C1] vkms_vblank_simulate: vblank timer overrun [ 180.285767][ T7632] netlink: 196 bytes leftover after parsing attributes in process `syz.4.477'. [ 180.308196][ T7623] binder: 7622:7623 ioctl 4018aee2 200001c0 returned -22 [ 180.445652][ T7627] overlayfs: failed to resolve './file0': -2 [ 181.546188][ T7669] netlink: 8 bytes leftover after parsing attributes in process `syz.1.486'. [ 181.934648][ T29] audit: type=1400 audit(1732421172.837:591): avc: denied { map } for pid=7683 comm="syz.3.492" path="pipe:[16796]" dev="pipefs" ino=16796 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 181.984837][ T29] audit: type=1400 audit(1732421172.877:592): avc: denied { execute } for pid=7683 comm="syz.3.492" path="pipe:[16796]" dev="pipefs" ino=16796 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 182.925006][ T29] audit: type=1400 audit(1732421173.337:593): avc: denied { getopt } for pid=7690 comm="syz.2.494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 183.153829][ T7701] FAULT_INJECTION: forcing a failure. [ 183.153829][ T7701] name failslab, interval 1, probability 0, space 0, times 0 [ 183.210095][ T7701] CPU: 0 UID: 0 PID: 7701 Comm: syz.2.500 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 183.221802][ T7701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 183.221818][ T7701] Call Trace: [ 183.221824][ T7701] [ 183.238321][ T7701] dump_stack_lvl+0x16c/0x1f0 [ 183.243011][ T7701] should_fail_ex+0x497/0x5b0 [ 183.247709][ T7701] should_failslab+0xc2/0x120 [ 183.252395][ T7701] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 183.257774][ T7701] ? skb_clone+0x190/0x3f0 [ 183.262203][ T7701] skb_clone+0x190/0x3f0 [ 183.266450][ T7701] netlink_deliver_tap+0xabd/0xd30 [ 183.271569][ T7701] netlink_unicast+0x5e1/0x7f0 [ 183.276315][ T7701] ? __pfx_netlink_unicast+0x10/0x10 [ 183.281596][ T7701] netlink_sendmsg+0x8b8/0xd70 [ 183.286342][ T7701] ? __pfx_netlink_sendmsg+0x10/0x10 [ 183.291611][ T7701] ____sys_sendmsg+0xaaf/0xc90 [ 183.296367][ T7701] ? copy_msghdr_from_user+0x10b/0x160 [ 183.301803][ T7701] ? __pfx_____sys_sendmsg+0x10/0x10 [ 183.307072][ T7701] ___sys_sendmsg+0x135/0x1e0 [ 183.311725][ T7701] ? __pfx____sys_sendmsg+0x10/0x10 [ 183.316913][ T7701] ? __pfx_lock_release+0x10/0x10 [ 183.321928][ T7701] ? trace_lock_acquire+0x146/0x1e0 [ 183.327123][ T7701] ? __fget_files+0x206/0x3a0 [ 183.331799][ T7701] __sys_sendmsg+0x16e/0x220 [ 183.336365][ T7701] ? __pfx___sys_sendmsg+0x10/0x10 [ 183.341458][ T7701] do_syscall_64+0xcd/0x250 [ 183.345945][ T7701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.351815][ T7701] RIP: 0033:0x7f0568b7e819 [ 183.356204][ T7701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.375823][ T7701] RSP: 002b:00007f056996a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 183.384259][ T7701] RAX: ffffffffffffffda RBX: 00007f0568d35fa0 RCX: 00007f0568b7e819 [ 183.392235][ T7701] RDX: 0000000000000010 RSI: 0000000020000280 RDI: 0000000000000003 [ 183.400211][ T7701] RBP: 00007f056996a090 R08: 0000000000000000 R09: 0000000000000000 [ 183.408180][ T7701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 183.416157][ T7701] R13: 0000000000000000 R14: 00007f0568d35fa0 R15: 00007ffda538fee8 [ 183.424146][ T7701] [ 183.430577][ T7707] : renamed from bond0 (while UP) [ 183.491458][ T55] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 183.524811][ T29] audit: type=1326 audit(1732421174.397:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.3.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a71f7e819 code=0x7ffc0000 [ 183.600513][ T29] audit: type=1326 audit(1732421174.397:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.3.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a71f7e819 code=0x7ffc0000 [ 183.624357][ T29] audit: type=1326 audit(1732421174.407:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.3.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f3a71f7e819 code=0x7ffc0000 [ 183.647954][ T29] audit: type=1326 audit(1732421174.407:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.3.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a71f7e819 code=0x7ffc0000 [ 183.671161][ C1] vkms_vblank_simulate: vblank timer overrun [ 183.704364][ T29] audit: type=1326 audit(1732421174.407:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.3.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a71f7e819 code=0x7ffc0000 [ 183.728150][ T29] audit: type=1326 audit(1732421174.407:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.3.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a71f7e819 code=0x7ffc0000 [ 183.751300][ C1] vkms_vblank_simulate: vblank timer overrun [ 183.757693][ T29] audit: type=1326 audit(1732421174.407:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7688 comm="syz.3.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a71f7e819 code=0x7ffc0000 [ 184.075984][ T7728] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 184.316735][ T7735] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=7735 comm=syz.1.509 [ 185.094952][ T7739] netlink: 'syz.2.510': attribute type 5 has an invalid length. [ 185.831672][ T5881] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 186.031423][ T5881] usb 5-1: Using ep0 maxpacket: 32 [ 186.052901][ T5881] usb 5-1: config 0 has an invalid interface number: 219 but max is 0 [ 186.063501][ T5881] usb 5-1: config 0 has no interface number 0 [ 186.088861][ T5881] usb 5-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9 [ 186.098320][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.107801][ T5881] usb 5-1: Product: syz [ 186.114664][ T5881] usb 5-1: Manufacturer: syz [ 186.181768][ T7765] VFS: could not find a valid V7 on nullb0. [ 186.193034][ T7765] netlink: 92 bytes leftover after parsing attributes in process `syz.0.517'. [ 186.733624][ T5881] usb 5-1: SerialNumber: syz [ 186.743698][ T5881] usb 5-1: config 0 descriptor?? [ 187.015380][ T7774] lo speed is unknown, defaulting to 1000 [ 187.021482][ T7774] lo speed is unknown, defaulting to 1000 [ 187.029650][ T7774] lo speed is unknown, defaulting to 1000 [ 187.069260][ T7774] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 187.454251][ T7774] lo speed is unknown, defaulting to 1000 [ 187.461171][ T7774] lo speed is unknown, defaulting to 1000 [ 187.468459][ T7774] lo speed is unknown, defaulting to 1000 [ 187.475277][ T7774] lo speed is unknown, defaulting to 1000 [ 187.484214][ T7774] lo speed is unknown, defaulting to 1000 [ 187.566613][ T29] kauditd_printk_skb: 22 callbacks suppressed [ 187.566631][ T29] audit: type=1326 audit(1732421178.437:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7773 comm="syz.0.520" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f571af7e819 code=0x0 [ 187.595927][ C1] vkms_vblank_simulate: vblank timer overrun [ 187.694549][ T7781] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 187.788065][ T5881] etas_es58x 5-1:0.219: Starting syz syz (Serial Number syz) [ 187.810694][ T5881] usb 5-1: USB disconnect, device number 9 [ 187.936433][ T29] audit: type=1326 audit(1732421178.837:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 187.937775][ T7789] FAULT_INJECTION: forcing a failure. [ 187.937775][ T7789] name failslab, interval 1, probability 0, space 0, times 0 [ 187.959658][ C1] vkms_vblank_simulate: vblank timer overrun [ 187.969223][ T29] audit: type=1326 audit(1732421178.857:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 187.972336][ T7789] CPU: 0 UID: 0 PID: 7789 Comm: syz.3.524 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 187.972358][ T7789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 187.972374][ T7789] Call Trace: [ 187.972381][ T7789] [ 187.972389][ T7789] dump_stack_lvl+0x16c/0x1f0 [ 187.972417][ T7789] should_fail_ex+0x497/0x5b0 [ 187.972447][ T7789] should_failslab+0xc2/0x120 [ 187.972467][ T7789] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 187.972486][ T7789] ? skb_clone+0x190/0x3f0 [ 187.972506][ T7789] skb_clone+0x190/0x3f0 [ 187.972525][ T7789] bpf_clone_redirect+0xb2/0x3d0 [ 187.972556][ T7789] bpf_prog_973cd02a7a0e8181+0x5f/0x64 [ 187.972573][ T7789] ? __pfx___lock_acquire+0x10/0x10 [ 187.972595][ T7789] ? __pfx___lock_acquire+0x10/0x10 [ 187.972616][ T7789] ? find_held_lock+0x2d/0x110 [ 187.972642][ T7789] ? bpf_test_timer_enter+0x9d/0x180 [ 187.972663][ T7789] ? __pfx_lock_release+0x10/0x10 [ 187.972681][ T7789] ? trace_lock_acquire+0x146/0x1e0 [ 187.972705][ T7789] ? bpf_test_timer_enter+0x9d/0x180 [ 187.972727][ T7789] ? ktime_get+0x206/0x300 [ 187.972743][ T7789] ? lockdep_hardirqs_on+0x7c/0x110 [ 187.984478][ T29] audit: type=1326 audit(1732421178.857:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 188.001852][ T7789] ? __pfx___cant_migrate+0x10/0x10 [ 188.001881][ T7789] ? bpf_test_timer_continue+0x150/0x3d0 [ 188.001906][ T7789] bpf_test_run+0x49d/0xa90 [ 188.001934][ T7789] ? __pfx_bpf_test_run+0x10/0x10 [ 188.012710][ T29] audit: type=1326 audit(1732421178.857:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 188.022273][ T7789] ? __asan_memset+0x23/0x50 [ 188.025834][ T29] audit: type=1326 audit(1732421178.857:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 188.028477][ T7789] bpf_prog_test_run_skb+0xb8d/0x2270 [ 188.037491][ T29] audit: type=1326 audit(1732421178.857:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 188.037783][ T7789] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 188.042668][ T29] audit: type=1326 audit(1732421178.857:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 188.047777][ T7789] ? fput+0x67/0x440 [ 188.047800][ T7789] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 188.052524][ T29] audit: type=1326 audit(1732421178.857:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 188.056419][ T7789] __sys_bpf+0xfc6/0x49c0 [ 188.061555][ T29] audit: type=1326 audit(1732421178.857:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7786 comm="syz.1.523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24dfd7e819 code=0x7ffc0000 [ 188.066759][ T7789] ? __pfx_lock_release+0x10/0x10 [ 188.066783][ T7789] ? __pfx___sys_bpf+0x10/0x10 [ 188.066806][ T7789] ? vfs_write+0x306/0x1150 [ 188.338161][ T7789] ? __mutex_unlock_slowpath+0x164/0x690 [ 188.343782][ T7789] ? fput+0x67/0x440 [ 188.347654][ T7789] ? ksys_write+0x1ba/0x250 [ 188.352131][ T7789] ? __pfx_ksys_write+0x10/0x10 [ 188.356958][ T7789] __x64_sys_bpf+0x78/0xc0 [ 188.361364][ T7789] ? lockdep_hardirqs_on+0x7c/0x110 [ 188.366542][ T7789] do_syscall_64+0xcd/0x250 [ 188.371028][ T7789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.376918][ T7789] RIP: 0033:0x7f3a71f7e819 [ 188.381342][ T7789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.400974][ T7789] RSP: 002b:00007f3a72df1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 188.409404][ T7789] RAX: ffffffffffffffda RBX: 00007f3a72135fa0 RCX: 00007f3a71f7e819 [ 188.417396][ T7789] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a [ 188.425381][ T7789] RBP: 00007f3a72df1090 R08: 0000000000000000 R09: 0000000000000000 [ 188.433369][ T7789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 188.441354][ T7789] R13: 0000000000000000 R14: 00007f3a72135fa0 R15: 00007ffd147fe7d8 [ 188.449358][ T7789] [ 188.609864][ T7776] Process accounting resumed [ 293.800967][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 293.807931][ C1] rcu: 0-...!: (1 GPs behind) idle=ebe4/1/0x4000000000000000 softirq=21108/21111 fqs=2 [ 293.818605][ C1] rcu: (detected by 1, t=10505 jiffies, g=14113, q=554 ncpus=2) [ 293.826407][ C1] Sending NMI from CPU 1 to CPUs 0: [ 293.826431][ C0] NMI backtrace for cpu 0 [ 293.826440][ C0] CPU: 0 UID: 0 PID: 7797 Comm: syz.1.528 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 293.826455][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 293.826462][ C0] RIP: 0010:kasan_check_range+0x158/0x1a0 [ 293.826484][ C0] Code: 74 11 80 38 00 74 ef 4d 8d 1c 2c 48 85 c0 48 89 c2 75 93 48 89 da 4c 89 d8 4c 29 da e9 2c ff ff ff 5b b8 01 00 00 00 5d 41 5c cc cc cc cc b8 01 00 00 00 c3 cc cc cc cc 48 29 c3 48 89 da 49 [ 293.826497][ C0] RSP: 0018:ffffc90000007d08 EFLAGS: 00000046 [ 293.826509][ C0] RAX: 0000000000000001 RBX: ffff88807c2cb484 RCX: ffffffff8930a300 [ 293.826518][ C0] RDX: ffffed100f859691 RSI: 0000000000000004 RDI: ffff88807c2cb484 [ 293.826526][ C0] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed100f859690 [ 293.826534][ C0] R10: ffff88807c2cb487 R11: 0000000000000001 R12: 0000000000000001 [ 293.826542][ C0] R13: ffff88807c2cb408 R14: 000000007fffffff R15: dffffc0000000000 [ 293.826551][ C0] FS: 00007f24e0bf66c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 293.826566][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 293.826575][ C0] CR2: 000000110c32ee80 CR3: 000000007e55c000 CR4: 00000000003526f0 [ 293.826583][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 293.826591][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 293.826599][ C0] Call Trace: [ 293.826604][ C0] [ 293.826610][ C0] ? nmi_cpu_backtrace+0x1d8/0x390 [ 293.826632][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 293.826652][ C0] ? nmi_handle+0x1a7/0x5c0 [ 293.826667][ C0] ? kasan_check_range+0x158/0x1a0 [ 293.826683][ C0] ? default_do_nmi+0x6a/0x160 [ 293.826701][ C0] ? exc_nmi+0x170/0x1e0 [ 293.826719][ C0] ? end_repeat_nmi+0xf/0x53 [ 293.826738][ C0] ? taprio_set_budgets+0x1a0/0x310 [ 293.826759][ C0] ? kasan_check_range+0x158/0x1a0 [ 293.826775][ C0] ? kasan_check_range+0x158/0x1a0 [ 293.826791][ C0] ? kasan_check_range+0x158/0x1a0 [ 293.826806][ C0] [ 293.826810][ C0] [ 293.826814][ C0] taprio_set_budgets+0x1a0/0x310 [ 293.826835][ C0] advance_sched+0x5e1/0xc60 [ 293.826852][ C0] ? __pfx_advance_sched+0x10/0x10 [ 293.826864][ C0] __hrtimer_run_queues+0x20a/0xae0 [ 293.826883][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 293.826899][ C0] ? read_tsc+0x9/0x20 [ 293.826918][ C0] hrtimer_interrupt+0x392/0x8e0 [ 293.826938][ C0] __sysvec_apic_timer_interrupt+0x10f/0x400 [ 293.826976][ C0] sysvec_apic_timer_interrupt+0x9f/0xc0 [ 293.826991][ C0] [ 293.826995][ C0] [ 293.827000][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 293.827017][ C0] RIP: 0010:lock_acquire.part.0+0x155/0x380 [ 293.827032][ C0] Code: b8 ff ff ff ff 65 0f c1 05 c0 8d 97 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7 [ 293.827043][ C0] RSP: 0018:ffffc90004127c48 EFLAGS: 00000206 [ 293.827054][ C0] RAX: 0000000000000046 RBX: 1ffff92000824f8a RCX: ffffffff816a07ae [ 293.827062][ C0] RDX: 0000000000000001 RSI: ffffffff8b6ce060 RDI: ffffffff8bd0e340 [ 293.827070][ C0] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dc83ae [ 293.827079][ C0] R10: ffffffff96e41d77 R11: 0000000000000000 R12: 0000000000000000 [ 293.827087][ C0] R13: ffff888058ff4c98 R14: 0000000000000000 R15: 0000000000000000 [ 293.827098][ C0] ? hlock_class+0x4e/0x130 [ 293.827117][ C0] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 293.827131][ C0] ? rcu_is_watching+0x12/0xc0 [ 293.827148][ C0] ? trace_lock_acquire+0x146/0x1e0 [ 293.827165][ C0] ? tomoyo_socket_connect_permission+0x150/0x360 [ 293.827182][ C0] ? selinux_netlbl_socket_connect+0x1b/0x40 [ 293.827199][ C0] ? lock_acquire+0x2f/0xb0 [ 293.827211][ C0] ? selinux_netlbl_socket_connect+0x1b/0x40 [ 293.827228][ C0] lock_sock_nested+0x3a/0xf0 [ 293.827241][ C0] ? selinux_netlbl_socket_connect+0x1b/0x40 [ 293.827257][ C0] selinux_netlbl_socket_connect+0x1b/0x40 [ 293.827273][ C0] selinux_socket_connect+0x64/0x80 [ 293.827288][ C0] security_socket_connect+0xc6/0x240 [ 293.827303][ C0] __sys_connect_file+0x8f/0x1a0 [ 293.827322][ C0] __sys_connect+0x14f/0x170 [ 293.827339][ C0] ? __pfx___sys_connect+0x10/0x10 [ 293.827360][ C0] ? rcu_is_watching+0x12/0xc0 [ 293.827378][ C0] __x64_sys_connect+0x72/0xb0 [ 293.827394][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 293.827408][ C0] do_syscall_64+0xcd/0x250 [ 293.827425][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.827440][ C0] RIP: 0033:0x7f24dfd7e819 [ 293.827451][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 293.827463][ C0] RSP: 002b:00007f24e0bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 293.827475][ C0] RAX: ffffffffffffffda RBX: 00007f24dff35fa0 RCX: 00007f24dfd7e819 [ 293.827484][ C0] RDX: 000000000000006e RSI: 0000000020000180 RDI: 0000000000000005 [ 293.827492][ C0] RBP: 00007f24dfdf175e R08: 0000000000000000 R09: 0000000000000000 [ 293.827500][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.827508][ C0] R13: 0000000000000000 R14: 00007f24dff35fa0 R15: 00007ffdbeb8f368 [ 293.827521][ C0] [ 293.828426][ C1] rcu: rcu_preempt kthread starved for 10495 jiffies! g14113 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 294.360065][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 294.370025][ C1] rcu: RCU grace-period kthread stack dump: [ 294.375902][ C1] task:rcu_preempt state:R running task stack:28424 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 294.387656][ C1] Call Trace: [ 294.390930][ C1] [ 294.393864][ C1] __schedule+0xe58/0x5ad0 [ 294.398281][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 294.403489][ C1] ? __pfx___schedule+0x10/0x10 [ 294.408336][ C1] ? schedule+0x298/0x350 [ 294.412658][ C1] ? __pfx_lock_release+0x10/0x10 [ 294.417681][ C1] ? lock_acquire+0x2f/0xb0 [ 294.422176][ C1] ? schedule+0x1fd/0x350 [ 294.426507][ C1] schedule+0xe7/0x350 [ 294.430573][ C1] schedule_timeout+0x124/0x280 [ 294.435427][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 294.440800][ C1] ? __pfx_process_timeout+0x10/0x10 [ 294.446090][ C1] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 294.451893][ C1] ? prepare_to_swait_event+0xf3/0x470 [ 294.457355][ C1] rcu_gp_fqs_loop+0x1eb/0xb00 [ 294.462118][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 294.467398][ C1] ? rcu_gp_init+0xc82/0x1630 [ 294.472071][ C1] ? _raw_spin_unlock_irq+0x2e/0x50 [ 294.477268][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 294.483071][ C1] rcu_gp_kthread+0x271/0x380 [ 294.487744][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 294.492942][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 294.498137][ C1] ? __kthread_parkme+0x148/0x220 [ 294.503168][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 294.508361][ C1] kthread+0x2c1/0x3a0 [ 294.512435][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 294.517629][ C1] ? __pfx_kthread+0x10/0x10 [ 294.522224][ C1] ret_from_fork+0x45/0x80 [ 294.526634][ C1] ? __pfx_kthread+0x10/0x10 [ 294.531219][ C1] ret_from_fork_asm+0x1a/0x30 [ 294.535992][ C1] [ 294.539001][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 294.545312][ C1] CPU: 1 UID: 0 PID: 7800 Comm: syz.2.529 Not tainted 6.12.0-syzkaller-08446-g228a1157fb9f #0 [ 294.555550][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 294.565596][ C1] RIP: 0010:smp_call_function_many_cond+0x458/0x1300 [ 294.572269][ C1] Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 ba 11 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 a7 0c 00 00 8b 43 08 31 [ 294.591869][ C1] RSP: 0018:ffffc90003bd75a8 EFLAGS: 00000293 [ 294.597940][ C1] RAX: 0000000000000000 RBX: ffff8880b86468a0 RCX: ffffffff8182280c [ 294.605993][ C1] RDX: ffff88802f4c2440 RSI: ffffffff818227e6 RDI: 0000000000000005 [ 294.613960][ C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000 [ 294.621922][ C1] R10: 0000000000000001 R11: 0000000000000005 R12: ffffed10170c8d15 [ 294.629909][ C1] R13: 0000000000000001 R14: ffff8880b86468a8 R15: ffff8880b873fd80 [ 294.637882][ C1] FS: 00007f056996a6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 294.646805][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 294.653382][ C1] CR2: 00007f0569948f98 CR3: 0000000021712000 CR4: 00000000003526f0 [ 294.661348][ C1] DR0: 0000000000000008 DR1: 000000000000c24a DR2: 0000000000200002 [ 294.669333][ C1] DR3: 0000000000000008 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 294.677306][ C1] Call Trace: [ 294.680595][ C1] [ 294.683437][ C1] ? rcu_check_gp_kthread_starvation+0x31b/0x450 [ 294.689771][ C1] ? do_raw_spin_unlock+0x172/0x230 [ 294.694972][ C1] ? rcu_sched_clock_irq+0x247a/0x3310 [ 294.700448][ C1] ? timekeeping_advance+0x70a/0xa60 [ 294.705733][ C1] ? __pfx_rcu_sched_clock_irq+0x10/0x10 [ 294.711365][ C1] ? __asan_memcpy+0x3c/0x60 [ 294.715962][ C1] ? cgroup_rstat_updated+0x2a/0xb20 [ 294.721259][ C1] ? rcu_is_watching+0x12/0xc0 [ 294.726025][ C1] ? update_process_times+0x178/0x2d0 [ 294.731393][ C1] ? __pfx_update_process_times+0x10/0x10 [ 294.737109][ C1] ? update_wall_time+0x1c/0x40 [ 294.741956][ C1] ? tick_nohz_handler+0x376/0x530 [ 294.747072][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 294.752530][ C1] ? __hrtimer_run_queues+0x5fb/0xae0 [ 294.757906][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 294.763623][ C1] ? read_tsc+0x9/0x20 [ 294.767696][ C1] ? hrtimer_interrupt+0x392/0x8e0 [ 294.772814][ C1] ? __sysvec_apic_timer_interrupt+0x10f/0x400 [ 294.778966][ C1] ? sysvec_apic_timer_interrupt+0x9f/0xc0 [ 294.784772][ C1] [ 294.787695][ C1] [ 294.790618][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 294.796790][ C1] ? smp_call_function_many_cond+0x47c/0x1300 [ 294.802894][ C1] ? smp_call_function_many_cond+0x456/0x1300 [ 294.808967][ C1] ? smp_call_function_many_cond+0x458/0x1300 [ 294.815036][ C1] ? smp_call_function_many_cond+0x456/0x1300 [ 294.821101][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 294.826125][ C1] ? __pfx_do_sync_core+0x10/0x10 [ 294.831145][ C1] on_each_cpu_cond_mask+0x40/0x90 [ 294.836261][ C1] text_poke_bp_batch+0x22b/0x760 [ 294.841283][ C1] ? __pfx_text_poke_loc_init+0x10/0x10 [ 294.846826][ C1] ? __pfx_text_poke_bp_batch+0x10/0x10 [ 294.852374][ C1] ? rcu_is_watching+0x12/0xc0 [ 294.857135][ C1] ? __SCT__tp_func_sched_wakeup_new+0x8/0x8 [ 294.863114][ C1] text_poke_bp+0xa3/0xd0 [ 294.867443][ C1] ? __pfx_text_poke_bp+0x10/0x10 [ 294.872469][ C1] ? __pfx___mutex_lock+0x10/0x10 [ 294.877489][ C1] ? __SCT__tp_func_sched_wakeup_new+0x8/0x8 [ 294.883571][ C1] __static_call_transform+0x34d/0x770 [ 294.889036][ C1] ? __pfx___static_call_transform+0x10/0x10 [ 294.895018][ C1] ? __SCT__tp_func_sched_wakeup_new+0x8/0x8 [ 294.900994][ C1] ? __pfx___traceiter_sched_switch+0x10/0x10 [ 294.907055][ C1] ? __SCT__tp_func_sched_wakeup_new+0x8/0x8 [ 294.913026][ C1] ? __pfx___traceiter_sched_switch+0x10/0x10 [ 294.919088][ C1] arch_static_call_transform+0x5d/0xb0 [ 294.924630][ C1] ? __SCT__tp_func_sched_wakeup_new+0x8/0x8 [ 294.930605][ C1] __static_call_update+0xee/0x660 [ 294.935716][ C1] ? __pfx___traceiter_sched_switch+0x10/0x10 [ 294.941780][ C1] ? __pfx___static_call_update+0x10/0x10 [ 294.947497][ C1] ? trace_kmalloc+0x2d/0xd0 [ 294.952083][ C1] ? __kmalloc_noprof+0x207/0x400 [ 294.957104][ C1] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 294.963171][ C1] tracepoint_add_func+0xbcb/0xeb0 [ 294.968294][ C1] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 294.974357][ C1] tracepoint_probe_register_prio_may_exist+0xbd/0x110 [ 294.981206][ C1] ? __pfx_tracepoint_probe_register_prio_may_exist+0x10/0x10 [ 294.988661][ C1] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 294.994725][ C1] ? __local_bh_enable_ip+0xa4/0x120 [ 295.000014][ C1] bpf_probe_register+0x189/0x200 [ 295.005046][ C1] bpf_raw_tp_link_attach+0x2cd/0x5f0 [ 295.010417][ C1] ? __pfx_lock_release+0x10/0x10 [ 295.015438][ C1] ? __pfx_bpf_raw_tp_link_attach+0x10/0x10 [ 295.021333][ C1] ? lock_acquire+0x2f/0xb0 [ 295.025835][ C1] ? __fget_files+0x40/0x3a0 [ 295.030437][ C1] ? fput+0x67/0x440 [ 295.034330][ C1] ? __bpf_prog_get+0xa0/0x290 [ 295.039112][ C1] __sys_bpf+0x3a4/0x49c0 [ 295.043439][ C1] ? __pfx_futex_wake+0x10/0x10 [ 295.048289][ C1] ? __pfx___sys_bpf+0x10/0x10 [ 295.053050][ C1] ? kmem_cache_free+0x152/0x4b0 [ 295.058590][ C1] ? putname+0x13c/0x180 [ 295.062827][ C1] ? __put_unused_fd+0x179/0x280 [ 295.067769][ C1] ? do_futex+0x123/0x350 [ 295.072093][ C1] ? __pfx_do_futex+0x10/0x10 [ 295.076775][ C1] ? xfd_validate_state+0x5d/0x180 [ 295.081891][ C1] ? rcu_is_watching+0x12/0xc0 [ 295.086657][ C1] __x64_sys_bpf+0x78/0xc0 [ 295.091071][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 295.096267][ C1] do_syscall_64+0xcd/0x250 [ 295.100770][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.106661][ C1] RIP: 0033:0x7f0568b7e819 [ 295.111070][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.130671][ C1] RSP: 002b:00007f056996a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 295.139084][ C1] RAX: ffffffffffffffda RBX: 00007f0568d35fa0 RCX: 00007f0568b7e819 [ 295.147066][ C1] RDX: 0000000000000010 RSI: 0000000020000080 RDI: 0000000000000011 [ 295.155033][ C1] RBP: 00007f0568bf175e R08: 0000000000000000 R09: 0000000000000000 [ 295.163692][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.171656][ C1] R13: 0000000000000000 R14: 00007f0568d35fa0 R15: 00007ffda538fee8 [ 295.179636][ C1]